This is a note to let you know that I've just added the patch titled s390/cio: return -EFAULT if copy_to_user() fails to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: s390-cio-return-efault-if-copy_to_user-fails.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 51c44babdc19aaf882e1213325a0ba291573308f Mon Sep 17 00:00:00 2001 From: Wang Qing <wangqing@xxxxxxxx> Date: Mon, 1 Mar 2021 20:01:33 +0800 Subject: s390/cio: return -EFAULT if copy_to_user() fails From: Wang Qing <wangqing@xxxxxxxx> commit 51c44babdc19aaf882e1213325a0ba291573308f upstream. The copy_to_user() function returns the number of bytes remaining to be copied, but we want to return -EFAULT if the copy doesn't complete. Fixes: e01bcdd61320 ("vfio: ccw: realize VFIO_DEVICE_GET_REGION_INFO ioctl") Signed-off-by: Wang Qing <wangqing@xxxxxxxx> Signed-off-by: Heiko Carstens <hca@xxxxxxxxxxxxx> Link: https://lore.kernel.org/r/1614600093-13992-1-git-send-email-wangqing@xxxxxxxx Signed-off-by: Heiko Carstens <hca@xxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- drivers/s390/cio/vfio_ccw_ops.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/drivers/s390/cio/vfio_ccw_ops.c +++ b/drivers/s390/cio/vfio_ccw_ops.c @@ -341,7 +341,7 @@ static ssize_t vfio_ccw_mdev_ioctl(struc if (ret) return ret; - return copy_to_user((void __user *)arg, &info, minsz); + return copy_to_user((void __user *)arg, &info, minsz) ? -EFAULT : 0; } case VFIO_DEVICE_GET_REGION_INFO: { @@ -362,7 +362,7 @@ static ssize_t vfio_ccw_mdev_ioctl(struc if (ret) return ret; - return copy_to_user((void __user *)arg, &info, minsz); + return copy_to_user((void __user *)arg, &info, minsz) ? -EFAULT : 0; } case VFIO_DEVICE_GET_IRQ_INFO: { Patches currently in stable-queue which might be from wangqing@xxxxxxxx are queue-4.19/s390-cio-return-efault-if-copy_to_user-fails.patch