vc_screen: modify vcs_size() handling in vcs_read()

Restore the vcs_size() handling in vcs_read() to what
it had been in previous version.

Fixes: 226fae124b2d ("vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF")
Suggested-by: Jiri Slaby <jirislaby@kernel.org>
Signed-off-by: George Kennedy <george.kennedy@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

diff --git a/drivers/tty/vt/vc_screen.c b/drivers/tty/vt/vc_screen.c
index f566eb1839dc501edb1942f2ea41ab0a9ed75afd..c0a2273bb998b1c1fa294442e0b15c7fbf028c68 100644 (file)
--- a/drivers/tty/vt/vc_screen.c
+++ b/drivers/tty/vt/vc_screen.c
@@ -414,10 +414,8 @@ vcs_read(struct file *file, char __user *buf, size_t count, loff_t *ppos)
                 */
                size = vcs_size(vc, attr, uni_mode);
                if (size < 0) {
-                       if (read)
-                               break;
                        ret = size;
-                       goto unlock_out;
+                       break;
                }
                if (pos >= size)
                        break;