userfaultfd_zeropage: return -ENOSPC in case mm has gone

In the non-cooperative userfaultfd case, the process exit may race with outstanding mcopy_atomic called by the uffd monitor. Returning -ENOSPC instead of -EINVAL when mm is already gone will allow uffd monitor to distinguish this case from other error conditions. Unfortunately I overlooked userfaultfd_zeropage when updating userfaultd_copy(). Link: http://lkml.kernel.org/r/[email protected] Fixes: 96333187ab162 ("userfaultfd_copy: return -ENOSPC in case mm has gone") Signed-off-by: Mike Rapoport <[email protected]> Cc: Andrea Arcangeli <[email protected]> Cc: "Dr. David Alan Gilbert" <[email protected]> Cc: Pavel Emelyanov <[email protected]> Cc: Michal Hocko <[email protected]> Cc: <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>
author: Mike Rapoport <[email protected]> 2017-08-02 13:32:15 -0700
committer: Linus Torvalds <[email protected]> 2017-08-02 17:16:12 -0700
commit: 9d95aa4bada24be35bb94827a55e1d6e243d866e (patch)
tree: 89fc20ba88a75c6da517d88d1f7c9450ac0002e9
parent: 167d0f258fedbfc859ad4105b1ea236818d41bdd (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c
index cadcd12a3d35..2d8c2d848668 100644
--- a/fs/userfaultfd.c
+++ b/fs/userfaultfd.c
@@ -1643,6 +1643,8 @@ static int userfaultfd_zeropage(struct userfaultfd_ctx *ctx,
 		ret = mfill_zeropage(ctx->mm, uffdio_zeropage.range.start,
 				     uffdio_zeropage.range.len);
 		mmput(ctx->mm);
+	} else {
+		return -ENOSPC;
 	}
 	if (unlikely(put_user(ret, &user_uffdio_zeropage->zeropage)))
 		return -EFAULT;
author	Mike Rapoport <[email protected]>	2017-08-02 13:32:15 -0700
committer	Linus Torvalds <[email protected]>	2017-08-02 17:16:12 -0700
commit	9d95aa4bada24be35bb94827a55e1d6e243d866e (patch)
tree	89fc20ba88a75c6da517d88d1f7c9450ac0002e9
parent	167d0f258fedbfc859ad4105b1ea236818d41bdd (diff)