1. Patchew
  2. linux
  3. View series

[PATCH 0/2] mm/damon/core: validate damos_quota_goal->nid

SeongJae Park posted 2 patches 4 days, 6 hours ago 
mm/damon/core.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
[PATCH 0/2] mm/damon/core: validate damos_quota_goal->nid
Posted by SeongJae Park 4 days, 6 hours ago 
node_mem[cg]_{used,free}_bp DAMOS quota goals receive the node id.  The
node id is used for si_meminfo_node() and NODE_DATA() without proper
validation.  As a result, privileged users can trigger an out of bounds
memory access using DAMON_SYSFS.  Fix the issues.

The issue was originally reported [1] with a fix by another author.  The
original author announced [2] that they will stop working including the
fix that was still in the review stage.  Hence I'm restarting this.

[1] https://lore.kernel.org/20260325073034.140353-1-objecting@objecting.org
[2] https://lore.kernel.org/20260327040924.68553-1-sj@kernel.org

Changes from RFC
(https://lore.kernel.org/20260328005412.7606-1-sj@kernel.org)
- fix typo in patch 2: s/MEM/MEMCG/.
- rebase to latest mm-new.

SeongJae Park (2):
  mm/damon/core: validate damos_quota_goal->nid for
    node_mem_{used,free}_bp
  mm/damon/core: validate damos_quota_goal->nid for
    node_memcg_{used,free}_bp

 mm/damon/core.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)


base-commit: 2f8cc7995d75c89079c55a85fc1d3092ffb7bd59
-- 
2.47.3
Re: (sashiko status) [PATCH 0/2] mm/damon/core: validate damos_quota_goal->nid
Posted by SeongJae Park 3 days, 19 hours ago 
Forwarding sashiko.dev review status for this thread.

# review url: https://sashiko.dev/#/patchset/20260329043902.46163-1-sj@kernel.org

- [PATCH 1/2] mm/damon/core: validate damos_quota_goal->nid for node_mem_{used,free}_bp
  - status: Reviewed
  - review: ISSUES MAY FOUND
- [PATCH 2/2] mm/damon/core: validate damos_quota_goal->nid for node_memcg_{used,free}_bp
  - status: Reviewed
  - review: ISSUES MAY FOUND

# hkml [1] generated a draft of this mail.  It can be regenerated
# using below command:
#
#     hkml patch sashiko_dev --thread_status --for_forwarding \
#             20260329043902.46163-1-sj@kernel.org
#
# [1] https://github.com/sjp38/hackermail

Sent using hkml (https://github.com/sjp38/hackermail)
Re: (sashiko status) [PATCH 0/2] mm/damon/core: validate damos_quota_goal->nid
Posted by SeongJae Park 3 days, 18 hours ago 
On Sun, 29 Mar 2026 08:33:45 -0700 SeongJae Park <sj@kernel.org> wrote:

> Forwarding sashiko.dev review status for this thread.
> 
> # review url: https://sashiko.dev/#/patchset/20260329043902.46163-1-sj@kernel.org
> 
> - [PATCH 1/2] mm/damon/core: validate damos_quota_goal->nid for node_mem_{used,free}_bp
>   - status: Reviewed
>   - review: ISSUES MAY FOUND
> - [PATCH 2/2] mm/damon/core: validate damos_quota_goal->nid for node_memcg_{used,free}_bp
>   - status: Reviewed
>   - review: ISSUES MAY FOUND

TL; DR: sashiko shared good findings, but not directly related to this patch
series.  I will separately work on those.


Thanks,
SJ

[...]

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.