Re: [PATCH v2] mm/gup.c: Fix return value for __gup_longterm_locked()

Alistair Popple <apopple@xxxxxxxxxx> · Tue, 23 Aug 2022 11:15:29 +1000

Shigeru Yoshida <syoshida@xxxxxxxxxx> writes:

> __get_user_pages_locked() may return the number of pages less than
> nr_pages.  So __gup_longterm_locked() have to return the number of
> pages __get_user_pages_locked() returns if it succeeded, not nr_pages
> requested.

Thanks for fixing this, I've been out the last few days so just catching
up. I think I missed that 'rc' was passed as nr_pages into
check_and_migrate_movable_pages(). Will double check that I don't make
the same mistake in my latest series.

> Fixes: 61c63c2076d9 (mm/gup.c: simplify and fix check_and_migrate_movable_pages() return codes)

I couldn't find that SHA1, I'm guessing due to rebasing, etc. of
mm-unstable? Not sure how that is dealt with, but feel free to also add:

Reviewed-by: Alistair Popple <apopple@xxxxxxxxxx>

> CC: Alistair Popple <apopple@xxxxxxxxxx>
> Reported-by: syzbot+616ff0452fec30f4dcfd@xxxxxxxxxxxxxxxxxxxxxxxxx
> Reviewed-by: John Hubbard <jhubbard@xxxxxxxxxx>
> Signed-off-by: Shigeru Yoshida <syoshida@xxxxxxxxxx>
> ---
>  mm/gup.c | 14 ++++++++------
>  1 file changed, 8 insertions(+), 6 deletions(-)
>
> diff --git a/mm/gup.c b/mm/gup.c
> index 5aa7531a703b..66582203220a 100644
> --- a/mm/gup.c
> +++ b/mm/gup.c
> @@ -2068,22 +2068,24 @@ static long __gup_longterm_locked(struct mm_struct *mm,
>  				  unsigned int gup_flags)
>  {
>  	unsigned int flags;
> -	long rc;
> +	long rc, nr_pinned_pages;
>
>  	if (!(gup_flags & FOLL_LONGTERM))
>  		return __get_user_pages_locked(mm, start, nr_pages, pages, vmas,
>  					       NULL, gup_flags);
>  	flags = memalloc_pin_save();
>  	do {
> -		rc = __get_user_pages_locked(mm, start, nr_pages, pages, vmas,
> -					     NULL, gup_flags);
> -		if (rc <= 0)
> +		nr_pinned_pages =
> +			__get_user_pages_locked(mm, start, nr_pages, pages,
> +						vmas, NULL, gup_flags);
> +		if (nr_pinned_pages <= 0)
>  			break;
> -		rc = check_and_migrate_movable_pages(rc, pages, gup_flags);
> +		rc = check_and_migrate_movable_pages(nr_pinned_pages, pages,
> +						     gup_flags);
>  	} while (rc == -EAGAIN);
>  	memalloc_pin_restore(flags);
>
> -	return rc ? rc : nr_pages;
> +	return rc ? rc : nr_pinned_pages;
>  }
>
>  static bool is_valid_gup_flags(unsigned int gup_flags)