[PATCH 4/5] mm: gup: fix potential pgmap refcnt leak in __gup_device_huge()

From: Miaohe Lin
Date: Sat Aug 07 2021 - 05:41:01 EST

Next message: zhouchuangao: "[PATCH] sched/core: Prints the schedule time of the process"
Previous message: Miaohe Lin: "[PATCH 0/5] Cleanups and fixup for gup"
In reply to: Miaohe Lin: "[PATCH 2/5] mm: gup: remove unneed local variable orig_refs"
Next in thread: Andrew Morton: "Re: [PATCH 4/5] mm: gup: fix potential pgmap refcnt leak in __gup_device_huge()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

When failed to try_grab_page, put_dev_pagemap() is missed. So pgmap
refcnt will leak in this case. Also we remove the check for pgmap
against NULL as it's also checked inside the put_dev_pagemap().

Signed-off-by: Miaohe Lin <linmiaohe@xxxxxxxxxx>
Fixes: 3faa52c03f44 ("mm/gup: track FOLL_PIN pages")
---
mm/gup.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/mm/gup.c b/mm/gup.c
index d7e4507de6b1..8c89e614d4aa 100644
--- a/mm/gup.c
+++ b/mm/gup.c
@@ -2253,14 +2253,14 @@ static int __gup_device_huge(unsigned long pfn, unsigned long addr,
pages[*nr] = page;
if (unlikely(!try_grab_page(page, flags))) {
undo_dev_pagemap(nr, nr_start, flags, pages);
+ put_dev_pagemap(pgmap);
return 0;
}
(*nr)++;
pfn++;
} while (addr += PAGE_SIZE, addr != end);

- if (pgmap)
- put_dev_pagemap(pgmap);
+ put_dev_pagemap(pgmap);
return 1;
}

--
2.23.0

Next message: zhouchuangao: "[PATCH] sched/core: Prints the schedule time of the process"
Previous message: Miaohe Lin: "[PATCH 0/5] Cleanups and fixup for gup"
In reply to: Miaohe Lin: "[PATCH 2/5] mm: gup: remove unneed local variable orig_refs"
Next in thread: Andrew Morton: "Re: [PATCH 4/5] mm: gup: fix potential pgmap refcnt leak in __gup_device_huge()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]