Commit cec422c1 authored Jun 06, 2017 by Frederic Barrat Committed by Michael Ellerman Jun 08, 2017

cxl: Fix error path on bad ioctl



Fix error path if we can't copy user structure on CXL_IOCTL_START_WORK
ioctl. We shouldn't unlock the context status mutex as it was not
locked (yet).

Fixes: 0712dc7e ("cxl: Fix issues when unmapping contexts")
Cc: stable@vger.kernel.org # v3.19+
Signed-off-by: Frederic Barrat <fbarrat@linux.vnet.ibm.com>
Reviewed-by: Vaibhav Jain <vaibhav@linux.vnet.ibm.com>
Reviewed-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>

parent 8c218578

drivers/misc/cxl/file.c

+2 −5

Original line number	Diff line number	Diff line
		@@ -159,11 +159,8 @@ static long afu_ioctl_start_work(struct cxl_context *ctx,

		/* Do this outside the status_mutex to avoid a circular dependency with
		* the locking in cxl_mmap_fault() */
		if (copy_from_user(&work, uwork,
		sizeof(struct cxl_ioctl_start_work))) {
		rc = -EFAULT;
		goto out;
		}
		if (copy_from_user(&work, uwork, sizeof(work)))
		return -EFAULT;

		mutex_lock(&ctx->status_mutex);
		if (ctx->status != OPENED) {