From: Navid Emamdoost navid.emamdoost@gmail.com
commit a7c46c0c0e3d62f2764cd08b90934cd2aaaf8545 upstream.
In the implementation of __gup_benchmark_ioctl() the allocated pages should be released before returning in case of an invalid cmd. Release pages via kvfree().
[akpm@linux-foundation.org: rework code flow, return -EINVAL rather than -1] Link: http://lkml.kernel.org/r/20191211174653.4102-1-navid.emamdoost@gmail.com Fixes: 714a3a1ebafe ("mm/gup_benchmark.c: add additional pinning methods") Signed-off-by: Navid Emamdoost navid.emamdoost@gmail.com Reviewed-by: Andrew Morton akpm@linux-foundation.org Reviewed-by: Ira Weiny ira.weiny@intel.com Reviewed-by: John Hubbard jhubbard@nvidia.com Cc: Keith Busch keith.busch@intel.com Cc: Kirill A. Shutemov kirill.shutemov@linux.intel.com Cc: Dave Hansen dave.hansen@intel.com Cc: Dan Williams dan.j.williams@intel.com Cc: David Hildenbrand david@redhat.com Signed-off-by: Andrew Morton akpm@linux-foundation.org Signed-off-by: Linus Torvalds torvalds@linux-foundation.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
--- mm/gup_benchmark.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-)
--- a/mm/gup_benchmark.c +++ b/mm/gup_benchmark.c @@ -26,6 +26,7 @@ static int __gup_benchmark_ioctl(unsigne unsigned long i, nr_pages, addr, next; int nr; struct page **pages; + int ret = 0;
if (gup->size > ULONG_MAX) return -EINVAL; @@ -63,7 +64,9 @@ static int __gup_benchmark_ioctl(unsigne NULL); break; default: - return -1; + kvfree(pages); + ret = -EINVAL; + goto out; }
if (nr <= 0) @@ -85,7 +88,8 @@ static int __gup_benchmark_ioctl(unsigne gup->put_delta_usec = ktime_us_delta(end_time, start_time);
kvfree(pages); - return 0; +out: + return ret; }
static long gup_benchmark_ioctl(struct file *filep, unsigned int cmd,