On 8/27/22 16:00, Shigeru Yoshida wrote:
> From: Shigeru Yoshida <yshigeru@xxxxxxxxx>
>
> In __gup_longterm_locked(), it returns uninitialized value if
> __get_user_pages_locked() fails on the first iteration of the loop
> since rc is not initialized.
>
> This patch fixes this issue by properly returning error code if
> __get_user_pages_locked() fails.
>
> Fixes: 11147539df44 (mm/gup.c: Fix return value for __gup_longterm_locked())
> Cc: Alistair Popple <apopple@xxxxxxxxxx>
> Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> Signed-off-by: Shigeru Yoshida <yshigeru@xxxxxxxxx>
> ---
> mm/gup.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/mm/gup.c b/mm/gup.c
> index ad59c796d4d3..66d8619e02ad 100644
> --- a/mm/gup.c
> +++ b/mm/gup.c
> @@ -2110,8 +2110,10 @@ static long __gup_longterm_locked(struct mm_struct *mm,
> nr_pinned_pages = __get_user_pages_locked(mm, start, nr_pages,
> pages, vmas, NULL,
> gup_flags);
> - if (nr_pinned_pages <= 0)
> + if (nr_pinned_pages <= 0) {
> + rc = nr_pinned_pages;
> break;
> + }
> rc = check_and_migrate_movable_pages(nr_pinned_pages, pages);
> } while (rc == -EAGAIN);
> memalloc_pin_restore(flags);
Sorry I didn't catch the 0th loop iteration problem on the
first review of this. Anyway,
Reviewed-by: John Hubbard <jhubbard@xxxxxxxxxx>
thanks,
--
John Hubbard
NVIDIA
