The conversion to pin_user_pages() had a bug: it overlooked
the case of allocation of pages failing. Fix that by restoring
an equivalent check.
Reported-by: syzbot+118ac0af4ac7f785a...@syzkaller.appspotmail.com
Fixes: dbfe7d74376e ("rds: convert get_user_pages() --> pin_user_pages()")
Cc: David S. Miller <da...@davemloft.net>
Cc: Jakub Kicinski <k...@kernel.org>
Cc: net...@vger.kernel.org
Cc: linux-r...@vger.kernel.org
Cc: rds-de...@oss.oracle.com
Signed-off-by: John Hubbard <jhubb...@nvidia.com>
---
net/rds/info.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/rds/info.c b/net/rds/info.c
index e1d63563e81c..b6b46a8214a0 100644
--- a/net/rds/info.c
+++ b/net/rds/info.c
@@ -234,7 +234,8 @@ int rds_info_getsockopt(struct socket *sock, int optname,
char __user *optval,
ret = -EFAULT;
out:
- unpin_user_pages(pages, nr_pages);
+ if (pages)
+ unpin_user_pages(pages, nr_pages);
kfree(pages);
return ret;
--
2.26.2
