mm/gup: Mark lock taken only after a successful retake

It's definitely incorrect to mark the lock as taken even if down_read_killable() failed. This wass overlooked when we switched from down_read() to down_read_killable() because down_read() won't fail while down_read_killable() could. Fixes: 71335f3 ("mm/gup: allow to react to fatal signals") Reported-by: [email protected] Signed-off-by: Peter Xu <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>
mrcsosa · Apr 8, 2020 · c7b6a56 · c7b6a56
1 parent ba84107
commit c7b6a56
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/mm/gup.c b/mm/gup.c
@@ -1329,7 +1329,6 @@ static __always_inline long __get_user_pages_locked(struct task_struct *tsk,
 		if (fatal_signal_pending(current))
 			break;
 
-		*locked = 1;
 		ret = down_read_killable(&mm->mmap_sem);
 		if (ret) {
 			BUG_ON(ret > 0);
@@ -1338,6 +1337,7 @@ static __always_inline long __get_user_pages_locked(struct task_struct *tsk,
 			break;
 		}
 
+		*locked = 1;
 		ret = __get_user_pages(tsk, mm, start, 1, flags | FOLL_TRIED,
 				       pages, NULL, locked);
 		if (!*locked) {