[PATCH 3.2 031/164] scsi: storvsc: Fix a bug in copy_from_bounce_buffer()
From: Ben Hutchings
Date: Sat Aug 01 2015 - 20:42:32 EST
3.2.70-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: "K. Y. Srinivasan" <kys@xxxxxxxxxxxxx>
commit 8de580742fee8bc34d116f57a20b22b9a5f08403 upstream.
We may exit this function without properly freeing up the maapings
we may have acquired. Fix the bug.
Signed-off-by: K. Y. Srinivasan <kys@xxxxxxxxxxxxx>
Reviewed-by: Long Li <longli@xxxxxxxxxxxxx>
Signed-off-by: James Bottomley <JBottomley@xxxxxxxx>
[bwh: Backported to 3.2:
- Adjust filename
- Keep using kmap_atomic()/kunmap_atomic(), not the sg_-prefixed functions]
Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
---
drivers/staging/hv/storvsc_drv.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
--- a/drivers/staging/hv/storvsc_drv.c
+++ b/drivers/staging/hv/storvsc_drv.c
@@ -940,23 +940,24 @@ static unsigned int copy_to_bounce_buffe
if (bounce_sgl[j].length == PAGE_SIZE) {
/* full..move to next entry */
kunmap_atomic((void *)bounce_addr, KM_IRQ0);
+ bounce_addr = 0;
j++;
+ }
- /* if we need to use another bounce buffer */
- if (srclen || i != orig_sgl_count - 1)
- bounce_addr =
+ /* if we need to use another bounce buffer */
+ if (srclen && bounce_addr == 0)
+ bounce_addr =
(unsigned long)kmap_atomic(
sg_page((&bounce_sgl[j])), KM_IRQ0);
- } else if (srclen == 0 && i == orig_sgl_count - 1) {
- /* unmap the last bounce that is < PAGE_SIZE */
- kunmap_atomic((void *)bounce_addr, KM_IRQ0);
- }
}
kunmap_atomic((void *)(src_addr - orig_sgl[i].offset), KM_IRQ0);
}
+ if (bounce_addr)
+ kunmap_atomic((void *)bounce_addr, KM_IRQ0);
+
local_irq_restore(flags);
return total_copied;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/