mirror of
https://github.com/freebsd/freebsd-src
synced 2024-07-21 18:27:22 +00:00
gntdev: Handle errors from suword32() in gntdev_alloc_gref()
Try to copy out output values before handling errors, and check that we did so successfully. In particular, it doesn't seem sensible to ignore errors here, otherwise userspace won't have any way to refer to the allocations. This is in preparation for annotating copyin() and related functions with __result_use_check. Reviewed by: royger MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D43145
This commit is contained in:
parent
68cc77a3b7
commit
6cdff09c0d
|
@ -383,6 +383,13 @@ gntdev_alloc_gref(struct ioctl_gntdev_alloc_gref *arg)
|
|||
}
|
||||
}
|
||||
|
||||
/* Copy the output values. */
|
||||
arg->index = file_offset;
|
||||
for (i = 0; error == 0 && i < arg->count; i++) {
|
||||
if (suword32(&arg->gref_ids[i], grefs[i].gref_id) != 0)
|
||||
error = EFAULT;
|
||||
}
|
||||
|
||||
if (error != 0) {
|
||||
/*
|
||||
* If target domain maps the gref (by guessing the gref-id),
|
||||
|
@ -401,11 +408,6 @@ gntdev_alloc_gref(struct ioctl_gntdev_alloc_gref *arg)
|
|||
return (error);
|
||||
}
|
||||
|
||||
/* Copy the output values. */
|
||||
arg->index = file_offset;
|
||||
for (i = 0; i < arg->count; i++)
|
||||
suword32(&arg->gref_ids[i], grefs[i].gref_id);
|
||||
|
||||
/* Modify the per user private data. */
|
||||
mtx_lock(&priv_user->user_data_lock);
|
||||
for (i = 0; i < arg->count; i++)
|
||||
|
|
Loading…
Reference in a new issue