From: Christian Brauner <brauner@kernel.org>
Date: Thu, 4 Jul 2024 15:00:19 +0000 (+0200)
Subject: fs: only copy to userspace on success in listmount()
X-Git-Tag: v6.11-rc1~236^2~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8d42877ad65b02741c9099392a001b7209baa5d4;p=thirdparty%2Flinux.git

fs: only copy to userspace on success in listmount()

Avoid copying when we failed to, or didn't have any mounts to list.

Fixes: cb54ef4f050e ("fs: don't copy to userspace under namespace semaphore") # mainline only
Signed-off-by: Christian Brauner <brauner@kernel.org>
---

diff --git a/fs/namespace.c b/fs/namespace.c
index c53a0ee748c6f..f44e5448c8a0d 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -5401,6 +5401,8 @@ SYSCALL_DEFINE4(listmount, const struct mnt_id_req __user *, req,
 	scoped_guard(rwsem_read, &namespace_sem)
 		ret = do_listmount(ns, kreq.mnt_id, kreq.param, kmnt_ids,
 				   nr_mnt_ids, (flags & LISTMOUNT_REVERSE));
+	if (ret <= 0)
+		return ret;
 
 	if (copy_to_user(mnt_ids, kmnt_ids, ret * sizeof(*mnt_ids)))
 		return -EFAULT;