This is a note to let you know that I've just added the patch titled
cxl: Fix error path on bad ioctl
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
cxl-fix-error-path-on-bad-ioctl.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From cec422c11caeeccae709e9942058b6b644ce434c Mon Sep 17 00:00:00 2001
From: Frederic Barrat <fbarrat@xxxxxxxxxxxxxxxxxx>
Date: Tue, 6 Jun 2017 11:43:41 +0200
Subject: cxl: Fix error path on bad ioctl
From: Frederic Barrat <fbarrat@xxxxxxxxxxxxxxxxxx>
commit cec422c11caeeccae709e9942058b6b644ce434c upstream.
Fix error path if we can't copy user structure on CXL_IOCTL_START_WORK
ioctl. We shouldn't unlock the context status mutex as it was not
locked (yet).
Fixes: 0712dc7e73e5 ("cxl: Fix issues when unmapping contexts")
Signed-off-by: Frederic Barrat <fbarrat@xxxxxxxxxxxxxxxxxx>
Reviewed-by: Vaibhav Jain <vaibhav@xxxxxxxxxxxxxxxxxx>
Reviewed-by: Andrew Donnellan <andrew.donnellan@xxxxxxxxxxx>
Signed-off-by: Michael Ellerman <mpe@xxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/misc/cxl/file.c | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
--- a/drivers/misc/cxl/file.c
+++ b/drivers/misc/cxl/file.c
@@ -155,11 +155,8 @@ static long afu_ioctl_start_work(struct
/* Do this outside the status_mutex to avoid a circular dependency with
* the locking in cxl_mmap_fault() */
- if (copy_from_user(&work, uwork,
- sizeof(struct cxl_ioctl_start_work))) {
- rc = -EFAULT;
- goto out;
- }
+ if (copy_from_user(&work, uwork, sizeof(work)))
+ return -EFAULT;
mutex_lock(&ctx->status_mutex);
if (ctx->status != OPENED) {
Patches currently in stable-queue which might be from fbarrat@xxxxxxxxxxxxxxxxxx are
queue-4.9/cxl-fix-error-path-on-bad-ioctl.patch
queue-4.9/cxl-avoid-double-free_irq-for-psl-slice-interrupts.patch