1. Patchew
  2. linux
  3. View series

[PATCH] drm/amdkfd: Replace kmalloc + copy_from_user with memdup_user

Thorsten Blum posted 1 patch 5 months ago 
.../amd/amdkfd/kfd_process_queue_manager.c    | 22 +++++--------------
1 file changed, 6 insertions(+), 16 deletions(-)
[PATCH] drm/amdkfd: Replace kmalloc + copy_from_user with memdup_user
Posted by Thorsten Blum 5 months ago 
Replace kmalloc() followed by copy_from_user() with memdup_user() to
improve and simplify kfd_criu_restore_queue().

No functional changes intended.

Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
 .../amd/amdkfd/kfd_process_queue_manager.c    | 22 +++++--------------
 1 file changed, 6 insertions(+), 16 deletions(-)

diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c b/drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c
index 7fbb5c274ccc..70c17a12cadf 100644
--- a/drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c
+++ b/drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c
@@ -1004,13 +1004,9 @@ int kfd_criu_restore_queue(struct kfd_process *p,
 	if (*priv_data_offset + sizeof(*q_data) > max_priv_data_size)
 		return -EINVAL;
 
-	q_data = kmalloc(sizeof(*q_data), GFP_KERNEL);
-	if (!q_data)
-		return -ENOMEM;
-
-	ret = copy_from_user(q_data, user_priv_ptr + *priv_data_offset, sizeof(*q_data));
-	if (ret) {
-		ret = -EFAULT;
+	q_data = memdup_user(user_priv_ptr + *priv_data_offset, sizeof(*q_data));
+	if (IS_ERR(q_data)) {
+		ret = PTR_ERR(q_data);
 		goto exit;
 	}
 
@@ -1022,15 +1018,9 @@ int kfd_criu_restore_queue(struct kfd_process *p,
 		goto exit;
 	}
 
-	q_extra_data = kmalloc(q_extra_data_size, GFP_KERNEL);
-	if (!q_extra_data) {
-		ret = -ENOMEM;
-		goto exit;
-	}
-
-	ret = copy_from_user(q_extra_data, user_priv_ptr + *priv_data_offset, q_extra_data_size);
-	if (ret) {
-		ret = -EFAULT;
+	q_extra_data = memdup_user(user_priv_ptr + *priv_data_offset, q_extra_data_size);
+	if (IS_ERR(q_extra_data)) {
+		ret = PTR_ERR(q_extra_data);
 		goto exit;
 	}
 
-- 
2.51.0
Re: [PATCH] drm/amdkfd: Replace kmalloc + copy_from_user with memdup_user
Posted by Alex Deucher 5 months ago 
Applied.  Thanks!

Alex

On Tue, Sep 9, 2025 at 11:29 AM Thorsten Blum <thorsten.blum@linux.dev> wrote:
>
> Replace kmalloc() followed by copy_from_user() with memdup_user() to
> improve and simplify kfd_criu_restore_queue().
>
> No functional changes intended.
>
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>  .../amd/amdkfd/kfd_process_queue_manager.c    | 22 +++++--------------
>  1 file changed, 6 insertions(+), 16 deletions(-)
>
> diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c b/drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c
> index 7fbb5c274ccc..70c17a12cadf 100644
> --- a/drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c
> +++ b/drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c
> @@ -1004,13 +1004,9 @@ int kfd_criu_restore_queue(struct kfd_process *p,
>         if (*priv_data_offset + sizeof(*q_data) > max_priv_data_size)
>                 return -EINVAL;
>
> -       q_data = kmalloc(sizeof(*q_data), GFP_KERNEL);
> -       if (!q_data)
> -               return -ENOMEM;
> -
> -       ret = copy_from_user(q_data, user_priv_ptr + *priv_data_offset, sizeof(*q_data));
> -       if (ret) {
> -               ret = -EFAULT;
> +       q_data = memdup_user(user_priv_ptr + *priv_data_offset, sizeof(*q_data));
> +       if (IS_ERR(q_data)) {
> +               ret = PTR_ERR(q_data);
>                 goto exit;
>         }
>
> @@ -1022,15 +1018,9 @@ int kfd_criu_restore_queue(struct kfd_process *p,
>                 goto exit;
>         }
>
> -       q_extra_data = kmalloc(q_extra_data_size, GFP_KERNEL);
> -       if (!q_extra_data) {
> -               ret = -ENOMEM;
> -               goto exit;
> -       }
> -
> -       ret = copy_from_user(q_extra_data, user_priv_ptr + *priv_data_offset, q_extra_data_size);
> -       if (ret) {
> -               ret = -EFAULT;
> +       q_extra_data = memdup_user(user_priv_ptr + *priv_data_offset, q_extra_data_size);
> +       if (IS_ERR(q_extra_data)) {
> +               ret = PTR_ERR(q_extra_data);
>                 goto exit;
>         }
>
> --
> 2.51.0
>
Re: [PATCH] drm/amdkfd: Replace kmalloc + copy_from_user with memdup_user
Posted by Thorsten Blum 4 months, 3 weeks ago 
Hi Alex,

On 9. Sep 2025, at 17:35, Alex Deucher wrote:
> Applied.  Thanks!
> 
> On Tue, Sep 9, 2025 at 11:29 AM Thorsten Blum <thorsten.blum@linux.dev> wrote:
>> 
>> Replace kmalloc() followed by copy_from_user() with memdup_user() to
>> improve and simplify kfd_criu_restore_queue().
>> 
>> No functional changes intended.
>> 
>> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
>> ---

I just learned that calling kfree() on an error pointer doesn't work, so
this patch should probably be reverted/not applied.

Thanks,
Thorsten
Re: [PATCH] drm/amdkfd: Replace kmalloc + copy_from_user with memdup_user
Posted by Alex Deucher 4 months, 3 weeks ago 
On Fri, Sep 12, 2025 at 8:48 AM Thorsten Blum <thorsten.blum@linux.dev> wrote:
>
> Hi Alex,
>
> On 9. Sep 2025, at 17:35, Alex Deucher wrote:
> > Applied.  Thanks!
> >
> > On Tue, Sep 9, 2025 at 11:29 AM Thorsten Blum <thorsten.blum@linux.dev> wrote:
> >>
> >> Replace kmalloc() followed by copy_from_user() with memdup_user() to
> >> improve and simplify kfd_criu_restore_queue().
> >>
> >> No functional changes intended.
> >>
> >> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> >> ---
>
> I just learned that calling kfree() on an error pointer doesn't work, so
> this patch should probably be reverted/not applied.

Thanks for the heads up.

Alex

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.