Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1521474pxb; Mon, 22 Feb 2021 04:18:57 -0800 (PST) X-Google-Smtp-Source: ABdhPJxTUP4fevPoRyary8hdRK+vjv9zQjXx3SoEJNJ7ouXNkjWyrUxCHo01LMk/82USELZgaKaQ X-Received: by 2002:a17:906:7687:: with SMTP id o7mr21072304ejm.209.1613996336869; Mon, 22 Feb 2021 04:18:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1613996336; cv=none; d=google.com; s=arc-20160816; b=aMrWi8CXufbMuDJgeQ9PPSVJ/Xt/EyVRtTT5jBHv79dkYTYQZN5lvrdsEzTsSoSpe+ 9cQbQE2KFx1l+eDqECGUEgJN1qHOzTsmX0Ih4oKPE+TcaLqeWctgt5isExHRoaYAVhHM U7rkZk7C+U5aumROh3MrHKgyNmlfYoRiugxlhBJVlhUsdvSIugUnmTrWRpSaLkkkVrN8 hUf6LX6iIkeAxHvwaBJWfgqHoGt4hx+4/StYXSC0jZtFvm+B6Atzl4iKXF8jp60AHaJl Zkj5rYiINMPPzWpuVBXM3vTYJV/4OHi7H3fkojXrCaXCKLaJu09TK/mOEDmBVPVVPqZ8 IKGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=Pv7kTsicZksdBgCHmucdvayDRCEA+8ul+ym52DB7Jrc=; b=BtCdlfKHlFobGmFnrw1R2IipaGoNMrHyry+T8K4GYDA4RzGCNktHKJu5WpLcA9X4TE /bown/g/CxhTrzcJQiM/Qn74MHm/MB8Gw4gfhS4bUW+fKPEv5e063z5x/R60P22xXT4f zXNY1UM1xQxVSPoz7l6k2RcjxaCnkTr+EXzGuzZ9TjJZXIeEeJP6iJqH4XT1iYg9/pc1 NXD4fyrFKbVIpVUCFL2e8V53+A4+v6r4rUoJNrKytDsBUe23UxW1qJV6y80UnD6XJ2al 58akGYWSbJGgBZEdH7ba1VgpyM4mPWxGRTpjoHwO9JwwsmzaD4+qBqMmqgTAFPhSL8L7 h25g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=t7svRfeF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v17si12037566ejy.545.2021.02.22.04.18.34; Mon, 22 Feb 2021 04:18:56 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=t7svRfeF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230514AbhBVMRn (ORCPT + 99 others); Mon, 22 Feb 2021 07:17:43 -0500 Received: from mail.kernel.org ([198.145.29.99]:44826 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230135AbhBVMOe (ORCPT ); Mon, 22 Feb 2021 07:14:34 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id D155064E4B; Mon, 22 Feb 2021 12:13:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1613996007; bh=P8dOsg/8lT9BVQdxiQW7fh17THd0WtL4GaIUw8wy3m8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=t7svRfeFF6hrTnwvvplgmrXplhnry8hZqlJYVgLx269AKBfK3vDptfN4+mofcUEu5 onAEkaYp8hPHpIFklbC3G5dtO0OqmM+fD/IO4a49aoKaqtx2A0kx6KZWiGLdV9TIMa 21vQrsjhNZzk6bb5Jkr6aAzaoyieKW2xuPygEwWc= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Jan Beulich , Juergen Gross Subject: [PATCH 5.11 04/12] Xen/gntdev: correct error checking in gntdev_map_grant_pages() Date: Mon, 22 Feb 2021 13:12:56 +0100 Message-Id: <20210222121017.861311432@linuxfoundation.org> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210222121013.586597942@linuxfoundation.org> References: <20210222121013.586597942@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Jan Beulich commit ebee0eab08594b2bd5db716288a4f1ae5936e9bc upstream. Failure of the kernel part of the mapping operation should also be indicated as an error to the caller, or else it may assume the respective kernel VA is okay to access. Furthermore gnttab_map_refs() failing still requires recording successfully mapped handles, so they can be unmapped subsequently. This in turn requires there to be a way to tell full hypercall failure from partial success - preset map_op status fields such that they won't "happen" to look as if the operation succeeded. Also again use GNTST_okay instead of implying its value (zero). This is part of XSA-361. Signed-off-by: Jan Beulich Cc: stable@vger.kernel.org Reviewed-by: Juergen Gross Signed-off-by: Juergen Gross Signed-off-by: Greg Kroah-Hartman --- drivers/xen/gntdev.c | 17 +++++++++-------- include/xen/grant_table.h | 1 + 2 files changed, 10 insertions(+), 8 deletions(-) --- a/drivers/xen/gntdev.c +++ b/drivers/xen/gntdev.c @@ -334,21 +334,22 @@ int gntdev_map_grant_pages(struct gntdev pr_debug("map %d+%d\n", map->index, map->count); err = gnttab_map_refs(map->map_ops, use_ptemod ? map->kmap_ops : NULL, map->pages, map->count); - if (err) - return err; for (i = 0; i < map->count; i++) { - if (map->map_ops[i].status) { + if (map->map_ops[i].status == GNTST_okay) + map->unmap_ops[i].handle = map->map_ops[i].handle; + else if (!err) err = -EINVAL; - continue; - } if (map->flags & GNTMAP_device_map) map->unmap_ops[i].dev_bus_addr = map->map_ops[i].dev_bus_addr; - map->unmap_ops[i].handle = map->map_ops[i].handle; - if (use_ptemod) - map->kunmap_ops[i].handle = map->kmap_ops[i].handle; + if (use_ptemod) { + if (map->kmap_ops[i].status == GNTST_okay) + map->kunmap_ops[i].handle = map->kmap_ops[i].handle; + else if (!err) + err = -EINVAL; + } } return err; } --- a/include/xen/grant_table.h +++ b/include/xen/grant_table.h @@ -157,6 +157,7 @@ gnttab_set_map_op(struct gnttab_map_gran map->flags = flags; map->ref = ref; map->dom = domid; + map->status = 1; /* arbitrary positive value */ } static inline void