drm/msm: Defer fd_install in VM_BIND ioctl

Avoid fd_install() until there are no more potential error paths, to
avoid put_unused_fd() after the fd is made visible to userspace.

Fixes: 2e6a8a1fe2b2 ("drm/msm: Add VM_BIND ioctl")
Signed-off-by: Rob Clark <robin.clark@oss.qualcomm.com>
Patchwork: https://patchwork.freedesktop.org/patch/665365/

diff --git a/drivers/gpu/drm/msm/msm_gem_vma.c b/drivers/gpu/drm/msm/msm_gem_vma.c
index 3cd8562a51092d4fabf238edc34e922897919465..dc54c693b28da86e643762ec4e8c99afbe2429c2 100644 (file)
--- a/drivers/gpu/drm/msm/msm_gem_vma.c
+++ b/drivers/gpu/drm/msm/msm_gem_vma.c
@@ -1460,12 +1460,8 @@ msm_ioctl_vm_bind(struct drm_device *dev, void *data, struct drm_file *file)
 
        if (args->flags & MSM_VM_BIND_FENCE_FD_OUT) {
                sync_file = sync_file_create(job->fence);
-               if (!sync_file) {
+               if (!sync_file)
                        ret = -ENOMEM;
-               } else {
-                       fd_install(out_fence_fd, sync_file->file);
-                       args->fence_fd = out_fence_fd;
-               }
        }
 
        if (ret)
@@ -1494,10 +1490,14 @@ out:
 out_unlock:
        mutex_unlock(&queue->lock);
 out_post_unlock:
-       if (ret && (out_fence_fd >= 0)) {
-               put_unused_fd(out_fence_fd);
+       if (ret) {
+               if (out_fence_fd >= 0)
+                       put_unused_fd(out_fence_fd);
                if (sync_file)
                        fput(sync_file->file);
+       } else if (sync_file) {
+               fd_install(out_fence_fd, sync_file->file);
+               args->fence_fd = out_fence_fd;
        }
 
        if (!IS_ERR_OR_NULL(job)) {