On 8/20/21 2:57 PM, Jens Axboe wrote:
> We currently check for ret != 0 to indicate error, but '1' is a valid
> return and just indicates that the allocation succeeded with a wrap.
> Correct the check to be for < 0, like it was before the xarray
> conversion.
>
> Cc: stable@xxxxxxxxxxxxxxx
> Fixes: 61cf93700fe6 ("io_uring: Convert personality_idr to XArray")
> Signed-off-by: Jens Axboe <axboe@xxxxxxxxx>
Gah, included a debug patch, not the fix. Here's the right one.
diff --git a/fs/io_uring.c b/fs/io_uring.c
index 979941bcd15a..a2e20a6fbfed 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -9843,10 +9843,11 @@ static int io_register_personality(struct io_ring_ctx *ctx)
ret = xa_alloc_cyclic(&ctx->personalities, &id, (void *)creds,
XA_LIMIT(0, USHRT_MAX), &ctx->pers_next, GFP_KERNEL);
- if (!ret)
- return id;
- put_cred(creds);
- return ret;
+ if (ret < 0) {
+ put_cred(creds);
+ return ret;
+ }
+ return id;
}
static int io_register_restrictions(struct io_ring_ctx *ctx, void __user *arg,
--
Jens Axboe
