The copy_to_user() function returns the number of bytes remaining to be
copied, but we want to return -EFAULT if the copy doesn't complete.
Signed-off-by: Wang Qing <wangq...@vivo.com>
---
mm/mempolicy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index ab51132..a116e56
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -1667,7 +1667,7 @@ COMPAT_SYSCALL_DEFINE5(get_mempolicy, int __user *,
policy,
if (!err && nmask) {
unsigned long copy_size;
copy_size = min_t(unsigned long, sizeof(bm), alloc_size);
- err = copy_from_user(bm, nm, copy_size);
+ err = copy_from_user(bm, nm, copy_size) ? -EFAULT : 0;
/* ensure entire bitmap is zeroed */
err |= clear_user(nmask, ALIGN(maxnode-1, 8) / 8);
err |= compat_put_bitmap(nmask, bm, nr_bits);
--
2.7.4
