As suggested by Dan Carpenter, fortify unpin_user_pages() just a bit, against a typical caller mistake: check if the npages arg is really a -ERRNO value, which would blow up the unpinning loop: WARN and return.
If this new WARN_ON() fires, then the system *might* be leaking pages (by leaving them pinned), but probably not. More likely, gup/pup returned a hard -ERRNO error to the caller, who erroneously passed it here. Cc: Ira Weiny <[email protected]> Cc: Souptick Joarder <[email protected]> Signed-off-by: Dan Carpenter <[email protected]> Signed-off-by: John Hubbard <[email protected]> --- Hi Dan, Is is OK to use your signed-off-by here? Since you came up with this. thanks, John Hubbard NVIDIA mm/gup.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/mm/gup.c b/mm/gup.c index e5739a1974d5..41d082707016 100644 --- a/mm/gup.c +++ b/mm/gup.c @@ -328,6 +328,13 @@ void unpin_user_pages(struct page **pages, unsigned long npages) { unsigned long index; + /* + * If this WARN_ON() fires, then the system *might* be leaking pages (by + * leaving them pinned), but probably not. More likely, gup/pup returned + * a hard -ERRNO error to the caller, who erroneously passed it here. + */ + if (WARN_ON(IS_ERR_VALUE(npages))) + return; /* * TODO: this can be optimized for huge pages: if a series of pages is * physically contiguous and part of the same compound page, then a -- 2.28.0
