src/setup: unmap mmap'ed sqes pointer with the correct size
If allocating a huge page fails, buf_size will have already been
updated to a different size than the one the sqes pointer was
mapped with. Store the sqes mmap size in sqes_size, and use that
for unmapping.
This fixes a potential crash in applications, if no huge pages are
available and NO_MMAP is used for setup. Notably the reg-fd-only.c
and no-mmap-inval.c test cases were affected by that.
Signed-off-by: Jens Axboe <axboe@kernel.dk>
diff --git a/src/setup.c b/src/setup.c
index 3c144a1..e0571fe 100644
--- a/src/setup.c
+++ b/src/setup.c
@@ -218,7 +218,7 @@
{
unsigned long page_size = get_page_size();
unsigned sq_entries, cq_entries;
- size_t ring_mem, sqes_mem;
+ size_t sqes_size = 0, ring_mem, sqes_mem;
unsigned long mem_used = 0;
void *ptr;
int ret;
@@ -260,7 +260,8 @@
buf_size = huge_page_size;
map_hugetlb = MAP_HUGETLB;
}
- ptr = __sys_mmap(NULL, buf_size, PROT_READ|PROT_WRITE,
+ sqes_size = buf_size;
+ ptr = __sys_mmap(NULL, sqes_size, PROT_READ|PROT_WRITE,
MAP_SHARED|MAP_ANONYMOUS|map_hugetlb,
-1, 0);
if (IS_ERR(ptr))
@@ -285,7 +286,8 @@
MAP_SHARED|MAP_ANONYMOUS|map_hugetlb,
-1, 0);
if (IS_ERR(ptr)) {
- __sys_munmap(sq->sqes, buf_size);
+ if (sqes_size)
+ __sys_munmap(sq->sqes, sqes_size);
return PTR_ERR(ptr);
}
sq->ring_ptr = ptr;
