On 6/9/23 21:54, Ammar Faizi wrote:
On Fri, Jun 09, 2023 at 08:20:27PM +0800, Hao Xu wrote:+static __cold int io_register_iowq_fixed_workers(struct io_ring_ctx *ctx, + void __user *arg, int nr_args) + __must_hold(&ctx->uring_lock) +{ + struct io_uring_task *tctx = NULL; + struct io_sq_data *sqd = NULL; + struct io_uring_fixed_worker_arg *res; + size_t size; + int i, ret; + bool zero = true; + + size = array_size(nr_args, sizeof(*res)); + if (size == SIZE_MAX) + return -EOVERFLOW; + + res = memdup_user(arg, size); + if (IS_ERR(res)) + return PTR_ERR(res); + + for (i = 0; i < nr_args; i++) { + if (res[i].nr_workers) { + zero = false; + break; + } + } + + if (zero) + return 0;You have a memory leak bug here. The memdup_user() needs clean up. kfree(res);
True, I'll fix it in v2, thanks.
