xen: set error code on failures

Variable rc is reset in the loop, and its value will be non-negative
during the second and after repeat of the loop. If it fails to allocate
memory then, it may return a non-negative integer, which indicates no
error. This patch fixes the bug, assigning "-ENOMEM" to rc when
kzalloc() or alloc_page() returns NULL, and removing the initialization
of rc outside of the loop.

Signed-off-by: Pan Bian <bianpan2016@163.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>

diff --git a/drivers/xen/gntalloc.c b/drivers/xen/gntalloc.c
index 7a47c4c9fb1bbe1278844096fce7ca4afb3ff472..1bf55a32a4b378d7b5f907b73051c8f36eb937f6 100644 (file)
--- a/drivers/xen/gntalloc.c
+++ b/drivers/xen/gntalloc.c
@@ -127,18 +127,21 @@ static int add_grefs(struct ioctl_gntalloc_alloc_gref *op,
        struct gntalloc_gref *gref, *next;
 
        readonly = !(op->flags & GNTALLOC_FLAG_WRITABLE);
-       rc = -ENOMEM;
        for (i = 0; i < op->count; i++) {
                gref = kzalloc(sizeof(*gref), GFP_KERNEL);
-               if (!gref)
+               if (!gref) {
+                       rc = -ENOMEM;
                        goto undo;
+               }
                list_add_tail(&gref->next_gref, &queue_gref);
                list_add_tail(&gref->next_file, &queue_file);
                gref->users = 1;
                gref->file_index = op->index + i * PAGE_SIZE;
                gref->page = alloc_page(GFP_KERNEL|__GFP_ZERO);
-               if (!gref->page)
+               if (!gref->page) {
+                       rc = -ENOMEM;
                        goto undo;
+               }
 
                /* Grant foreign access to the page. */
                rc = gnttab_grant_foreign_access(op->domid,