[PATCH 3/4] mm/damon/sysfs: check contexts->nr in update_schemes_tried_regions
From: Josh Law
Date: Thu Mar 19 2026 - 12:08:24 EST
damon_sysfs_update_schemes_tried_regions() and its callback
damon_sysfs_schemes_tried_regions_upd_one() access contexts_arr[0]
without verifying nr_contexts >= 1. This can NULL deref if damon_ctx is
non-NULL (preserved after stop) but nr_contexts has been set to 0. Add
the missing check.
Signed-off-by: Josh Law <objecting@xxxxxxxxxxxxx>
---
mm/damon/sysfs.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/mm/damon/sysfs.c b/mm/damon/sysfs.c
index 36ad2e8956c9..ddcdc4e35b27 100644
--- a/mm/damon/sysfs.c
+++ b/mm/damon/sysfs.c
@@ -1731,6 +1731,8 @@ static int damon_sysfs_update_schemes_tried_regions(
if (!ctx)
return -EINVAL;
+ if (sysfs_kdamond->contexts->nr != 1)
+ return -EINVAL;
damon_sysfs_schemes_clear_regions(
sysfs_kdamond->contexts->contexts_arr[0]->schemes);
--
2.34.1