[PATCH v1 3/7] iommufd: Propagate allocation failure in iommufd_veventq_deliver_fetch()

[Nicolin Chen]

When the kzalloc_obj() fails in iommufd_veventq_deliver_fetch(), it returns
NULL, falsely advertising to userspace that the queue is empty.

Propagate the -ENOMEM properly to the caller.

Fixes: e36ba5ab808e ("iommufd: Add IOMMUFD_OBJ_VEVENTQ and 
IOMMUFD_CMD_VEVENTQ_ALLOC")
Cc: sta...@vger.kernel.org
Signed-off-by: Nicolin Chen <nicol...@nvidia.com>
---
 drivers/iommu/iommufd/eventq.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/drivers/iommu/iommufd/eventq.c b/drivers/iommu/iommufd/eventq.c
index ac485d010a439..f55d173c59f61 100644
--- a/drivers/iommu/iommufd/eventq.c
+++ b/drivers/iommu/iommufd/eventq.c
@@ -264,8 +264,10 @@ iommufd_veventq_deliver_fetch(struct iommufd_veventq 
*veventq)
                /* Make a copy of the lost_events_header for copy_to_user */
                if (next == &veventq->lost_events_header) {
                        vevent = kzalloc_obj(*vevent, GFP_ATOMIC);
-                       if (!vevent)
+                       if (!vevent) {
+                               vevent = ERR_PTR(-ENOMEM);
                                goto out_unlock;
+                       }
                }
                list_del(&next->node);
                if (vevent)
@@ -315,6 +317,12 @@ static ssize_t iommufd_veventq_fops_read(struct file 
*filep, char __user *buf,
                return -EINVAL;
 
        while ((cur = iommufd_veventq_deliver_fetch(veventq))) {
+               if (IS_ERR(cur)) {
+                       if (done == 0)
+                               rc = PTR_ERR(cur);
+                       break;
+               }
+
                /* Validate the remaining bytes against the header size */
                if (done >= count || sizeof(*hdr) > count - done) {
                        iommufd_veventq_deliver_restore(veventq, cur);
-- 
2.43.0