Frederic Barrat <fbar...@linux.vnet.ibm.com> writes:
> Fix error path if we can't copy user structure on
> CXL_IOCTL_START_WORK ioctl.
To be clear the error is that returning via the out label will unlock
cxl->status_mutex, which has not been locked.
Please spell it out for me :)
This should be:
Fixes: 0712dc7e73e5 ("cxl: Fix issues when unmapping contexts")
Am I right?
cheers
> diff --git a/drivers/misc/cxl/file.c b/drivers/misc/cxl/file.c
> index 17b433f1ce23..caa44adfa60e 100644
> --- a/drivers/misc/cxl/file.c
> +++ b/drivers/misc/cxl/file.c
> @@ -160,10 +160,8 @@ static long afu_ioctl_start_work(struct cxl_context *ctx,
> /* Do this outside the status_mutex to avoid a circular dependency with
> * the locking in cxl_mmap_fault() */
> if (copy_from_user(&work, uwork,
> - sizeof(struct cxl_ioctl_start_work))) {
> - rc = -EFAULT;
> - goto out;
> - }
> + sizeof(struct cxl_ioctl_start_work)))
> + return -EFAULT;
>
> mutex_lock(&ctx->status_mutex);
> if (ctx->status != OPENED) {
> --
> 2.11.0
