bpf: Handle NULL in bpf_local_storage_free.

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

During OOM bpf_local_storage_alloc() may fail to allocate 'storage' and
call to bpf_local_storage_free() with NULL pointer will cause a crash like:
[ 271718.917646] BUG: kernel NULL pointer dereference, address: 00000000000000a0
[ 271719.019620] RIP: 0010:call_rcu+0x2d/0x240
[ 271719.216274] bpf_local_storage_alloc+0x19e/0x1e0
[ 271719.250121] bpf_local_storage_update+0x33b/0x740

Fixes: 7e30a8477b0b ("bpf: Add bpf_local_storage_free()")
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20230412171252.15635-1-alexei.starovoitov@gmail.com

authored by

Alexei Starovoitov and committed by

Andrii Nakryiko 3 years ago 10fd5f70 75dcef8d

1 changed file

expand all

kernel

bpf

bpf_local_storage.c

kernel/bpf/bpf_local_storage.c

··· 157 157 struct bpf_local_storage_map *smap, 158 158 bool bpf_ma, bool reuse_now) 159 159 { 160 + if (!local_storage) 161 + return; 162 + 160 163 if (!bpf_ma) { 161 164 __bpf_local_storage_free(local_storage, reuse_now); 162 165 return;