[PATCH] mm/memfd_luo: validate serialized_data before conversion
Pratyush Yadav
pratyush at kernel.org
Thu Jun 11 05:32:51 PDT 2026
On Thu, Jun 11 2026, Tarun Sahu wrote:
> In memfd_luo_finish() and memfd_luo_retrieve(), phys_to_virt() was called
> on args->serialized_data before checking if the physical address is valid.
> Since physical address 0 does not map to virtual NULL (due to direct
Nit: this is only true on ARM64. On x86 physical address of 0 maps to
NULL.
Other than this,
Reviewed-by: Pratyush Yadav (Google) <pratyush at kernel.org>
> mapping offsets), the subsequent check 'if (!ser)' was ineffective at
> catching a missing serialized_data, leading to unsafe dereferences later.
>
> Validate that args->serialized_data is non-zero before calling
> phys_to_virt().
>
> Fixes: b3749f174d68 ("mm: memfd_luo: allow preserving memfd")
> Signed-off-by: Tarun Sahu <tarunsahu at google.com>
[...]
--
Regards,
Pratyush Yadav
More information about the kexec
mailing list