Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1532870pxb; Mon, 22 Feb 2021 04:39:17 -0800 (PST) X-Google-Smtp-Source: ABdhPJwr6wRyXfa152IYJyk+Kr2Rxr0dql24+FSOVK5WGBYpjqx5nU0BvOfgyR84TaEkjhckrewr X-Received: by 2002:a17:906:9b86:: with SMTP id dd6mr21172480ejc.516.1613997557743; Mon, 22 Feb 2021 04:39:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1613997557; cv=none; d=google.com; s=arc-20160816; b=lyuqVJTnKAm7BVR6KnMAyQDLZyNCuBn+dZYyjwxXfBz8e0L6yW020xmPHzYJG1hnB2 lVYF2ONlP4GLpPojJVTDQSl/NUPnxsIXbFKipB7uHtnQIRcXxWsEma2fS/SXwb1uAb4E ImU/Q+iJZEjyixLKbHaVmVVPSEr8mn0aWBCJW4ag4UI0tyMeGyMuzaDSLywX9i9PiGA9 15lZeD8aVC3mFObS1l3UrxsOPYyAl/8VfyeItxkwkFKBfrfUqi6op5d9BXhTC8tyK5aP guEEeXp9DyUoReAksxTiQnKzKV4wZzljeKHoiG1ZjwoY/X+LbHlh/qQl1Tr5L3SvD/FM L6sA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=8VwqpKpWL4P2lZFJYKVpheIjjLak5mviUBIEMHnFCc0=; b=AbOYul0PpDZk0Gi81Lv1cSyArQp1hPZshYUYq2HUTejyopq6tXCemI+eMG2gn3cHUZ v7BDsD246YROiRbN5gjIQwapFjYl3GVt551bZ9UEvfyvpOx3Z9zcPfJrsYLusd/yVDtX Vl2qzhesU7c0Aj2eLvLEDFQMkiPORd71Xr09BoBj2uNm7c/2pdBBYPuarWhYdcqtN1X5 nGIvhBw7+VQ6VAEWj1NN9idzpL2H+fFmHSH9EfJjpCpjwub2RdvzNuGe9JM4i9BcEFVg Ek91gFbGfLJZxPKL7UGYEyZsC7D1wyFYc5a+mlBnSWCjhNVJTKF4dRqJLQ6zen8XMQL1 4WDA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=u2OyXoEG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f7si11751056eja.553.2021.02.22.04.38.52; Mon, 22 Feb 2021 04:39:17 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=u2OyXoEG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231388AbhBVMiK (ORCPT + 99 others); Mon, 22 Feb 2021 07:38:10 -0500 Received: from mail.kernel.org ([198.145.29.99]:44942 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230395AbhBVMQE (ORCPT ); Mon, 22 Feb 2021 07:16:04 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id B223764E67; Mon, 22 Feb 2021 12:15:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1613996144; bh=FStROgOlYTq5osfaBtnqOrJ1fIn4uCCEAua5WE8NwAg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=u2OyXoEGoK5/QMEnNRg7/9i5iTbsIMu/fwxw8gGtbea+7Dbzc1pdceAICsx0amCq8 aZQFMD8QUZZw67K+YQpJppzvrGHbLRZ0w5sFj9KcZ1kFntSPZ6USO+AlDWOpTlV7TS QF8XcafI07jPmCS8v+GuCUSDr1F+AYudyHp2gT8s= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Jan Beulich , Juergen Gross Subject: [PATCH 5.4 07/13] Xen/gntdev: correct error checking in gntdev_map_grant_pages() Date: Mon, 22 Feb 2021 13:13:24 +0100 Message-Id: <20210222121018.448865188@linuxfoundation.org> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210222121013.583922436@linuxfoundation.org> References: <20210222121013.583922436@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Jan Beulich commit ebee0eab08594b2bd5db716288a4f1ae5936e9bc upstream. Failure of the kernel part of the mapping operation should also be indicated as an error to the caller, or else it may assume the respective kernel VA is okay to access. Furthermore gnttab_map_refs() failing still requires recording successfully mapped handles, so they can be unmapped subsequently. This in turn requires there to be a way to tell full hypercall failure from partial success - preset map_op status fields such that they won't "happen" to look as if the operation succeeded. Also again use GNTST_okay instead of implying its value (zero). This is part of XSA-361. Signed-off-by: Jan Beulich Cc: stable@vger.kernel.org Reviewed-by: Juergen Gross Signed-off-by: Juergen Gross Signed-off-by: Greg Kroah-Hartman --- drivers/xen/gntdev.c | 17 +++++++++-------- include/xen/grant_table.h | 1 + 2 files changed, 10 insertions(+), 8 deletions(-) --- a/drivers/xen/gntdev.c +++ b/drivers/xen/gntdev.c @@ -344,21 +344,22 @@ int gntdev_map_grant_pages(struct gntdev pr_debug("map %d+%d\n", map->index, map->count); err = gnttab_map_refs(map->map_ops, use_ptemod ? map->kmap_ops : NULL, map->pages, map->count); - if (err) - return err; for (i = 0; i < map->count; i++) { - if (map->map_ops[i].status) { + if (map->map_ops[i].status == GNTST_okay) + map->unmap_ops[i].handle = map->map_ops[i].handle; + else if (!err) err = -EINVAL; - continue; - } if (map->flags & GNTMAP_device_map) map->unmap_ops[i].dev_bus_addr = map->map_ops[i].dev_bus_addr; - map->unmap_ops[i].handle = map->map_ops[i].handle; - if (use_ptemod) - map->kunmap_ops[i].handle = map->kmap_ops[i].handle; + if (use_ptemod) { + if (map->kmap_ops[i].status == GNTST_okay) + map->kunmap_ops[i].handle = map->kmap_ops[i].handle; + else if (!err) + err = -EINVAL; + } } return err; } --- a/include/xen/grant_table.h +++ b/include/xen/grant_table.h @@ -157,6 +157,7 @@ gnttab_set_map_op(struct gnttab_map_gran map->flags = flags; map->ref = ref; map->dom = domid; + map->status = 1; /* arbitrary positive value */ } static inline void