[ 3.8.y.z extended stable ] Patch "macvtap: fix recovery from gup errors" has been added to staging queue

[Kamal Mostafa]

This is a note to let you know that I have just added a patch titled

    macvtap: fix recovery from gup errors

to the linux-3.8.y-queue branch of the 3.8.y.z extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.8.y-queue

This patch is scheduled to be released in version 3.8.13.6.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.8.y.z tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Kamal

------

>From 63a38f56b76a0d84ac43209dc42011787b43c93f Mon Sep 17 00:00:00 2001
From: "Michael S. Tsirkin" <mst at redhat.com>
Date: Sun, 23 Jun 2013 17:26:58 +0300
Subject: macvtap: fix recovery from gup errors

commit 4c7ab054ab4f5d63625508ed6f8a607184cae7c2 upstream.

get user pages might fail partially in macvtap zero copy
mode. To recover we need to put all pages that we got,
but code used a wrong index resulting in double-free
errors.

Reported-by: Brad Hubbard <bhubbard at redhat.com>
Signed-off-by: Michael S. Tsirkin <mst at redhat.com>
Acked-by: Jason Wang <jasowang at redhat.com>
Signed-off-by: David S. Miller <davem at davemloft.net>
Signed-off-by: Kamal Mostafa <kamal at canonical.com>
---
 drivers/net/macvtap.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c
index 0f0f9ce..ba4d38b 100644
--- a/drivers/net/macvtap.c
+++ b/drivers/net/macvtap.c
@@ -535,8 +535,10 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from,
 			return -EMSGSIZE;
 		num_pages = get_user_pages_fast(base, size, 0, &page[i]);
 		if (num_pages != size) {
-			for (i = 0; i < num_pages; i++)
-				put_page(page[i]);
+			int j;
+
+			for (j = 0; j < num_pages; j++)
+				put_page(page[i + j]);
 			return -EFAULT;
 		}
 		truesize = size * PAGE_SIZE;
--
1.8.1.2