| From: Hugh Dickins <hughd@google.com> |
| Subject: mm: userfaultfd: add new UFFDIO_POISON ioctl: fix |
| Date: Tue, 11 Jul 2023 18:27:17 -0700 (PDT) |
| |
| Smatch has observed that pte_offset_map_lock() is now allowed to fail, and |
| then ptl should not be unlocked. Use -EAGAIN here like elsewhere. |
| |
| Link: https://lkml.kernel.org/r/bc7bba61-d34f-ad3a-ccf1-c191585ef851@google.com |
| Signed-off-by: Hugh Dickins <hughd@google.com> |
| Reviewed-by: Axel Rasmussen <axelrasmussen@google.com> |
| Cc: Dan Carpenter <dan.carpenter@linaro.org> |
| Cc: Peter Xu <peterx@redhat.com> |
| Signed-off-by: Andrew Morton <akpm@linux-foundation.org> |
| --- |
| |
| mm/userfaultfd.c | 4 ++++ |
| 1 file changed, 4 insertions(+) |
| |
| --- a/mm/userfaultfd.c~mm-userfaultfd-add-new-uffdio_poison-ioctl-fix |
| +++ a/mm/userfaultfd.c |
| @@ -300,7 +300,10 @@ static int mfill_atomic_pte_poison(pmd_t |
| spinlock_t *ptl; |
| |
| _dst_pte = make_pte_marker(PTE_MARKER_POISONED); |
| + ret = -EAGAIN; |
| dst_pte = pte_offset_map_lock(dst_mm, dst_pmd, dst_addr, &ptl); |
| + if (!dst_pte) |
| + goto out; |
| |
| if (mfill_file_over_size(dst_vma, dst_addr)) { |
| ret = -EFAULT; |
| @@ -319,6 +322,7 @@ static int mfill_atomic_pte_poison(pmd_t |
| ret = 0; |
| out_unlock: |
| pte_unmap_unlock(dst_pte, ptl); |
| +out: |
| return ret; |
| } |
| |
| _ |
