summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAl Viro <viro@ZenIV.linux.org.uk>2016-07-14 18:54:17 +0200
committerPaolo Bonzini <pbonzini@redhat.com>2016-07-14 19:11:22 +0200
commit506cfba9e726ab6842883fdd567a9a7c467e7492 (patch)
tree7f6f26ce5413b63c066fe974231be881841e8ffa
parent7964218c7d8fe36a79a5e02312b1f3a16a17ee68 (diff)
KVM: don't use anon_inode_getfd() before possible failures
Once anon_inode_getfd() has succeeded, it's impossible to undo in a clean way and no, sys_close() is not usable in such cases. Use anon_inode_getfile() and get_unused_fd_flags() to get struct file and descriptor and do *not* install the file into the descriptor table until after the last possible failure exit. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-rw-r--r--virt/kvm/kvm_main.c13
1 files changed, 11 insertions, 2 deletions
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index dd25346ec356..ce3d8e5be73e 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -3050,6 +3050,7 @@ static int kvm_dev_ioctl_create_vm(unsigned long type)
{
int r;
struct kvm *kvm;
+ struct file *file;
kvm = kvm_create_vm(type);
if (IS_ERR(kvm))
@@ -3061,17 +3062,25 @@ static int kvm_dev_ioctl_create_vm(unsigned long type)
return r;
}
#endif
- r = anon_inode_getfd("kvm-vm", &kvm_vm_fops, kvm, O_RDWR | O_CLOEXEC);
+ r = get_unused_fd_flags(O_CLOEXEC);
if (r < 0) {
kvm_put_kvm(kvm);
return r;
}
+ file = anon_inode_getfile("kvm-vm", &kvm_vm_fops, kvm, O_RDWR);
+ if (IS_ERR(file)) {
+ put_unused_fd(r);
+ kvm_put_kvm(kvm);
+ return PTR_ERR(file);
+ }
if (kvm_create_vm_debugfs(kvm, r) < 0) {
- kvm_put_kvm(kvm);
+ put_unused_fd(r);
+ fput(file);
return -ENOMEM;
}
+ fd_install(r, file);
return r;
}