Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1536678pxb; Mon, 22 Feb 2021 04:46:20 -0800 (PST) X-Google-Smtp-Source: ABdhPJzcdSnU9OCczhPzQ2o2yfxJARc5fE0TuSoA+1Eqf/X9PdFjzZZrje8OYwyGdnbCj+nAaXb/ X-Received: by 2002:aa7:cc98:: with SMTP id p24mr23113175edt.126.1613997980304; Mon, 22 Feb 2021 04:46:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1613997980; cv=none; d=google.com; s=arc-20160816; b=X/CeYhYWl6sV0rxkivCQGQ20D/aDWWG55X0qKgd3/kUv+6trid7iHbY1hZi/N4Wuec +uYAEx4hoJ6LJIaCSYGf/HR/Cbs7Y+RuSL3ivWnt6UFPrD++/kTmeZtT/ECEn3P6zXfj iZwRAkKhUJu7GLFJfyBQtqMFXpE5z2Zm4C3LPd1EYaloe88PXesb8bwK1DRQwhN178z9 Aju5EhgdKlriUxmrBPjJbREVGIdjNXkBtSCVX6WZubttXjzko2umwTjxyTSeF4FK7oGz 80p6ZV1B8HMjoYKzQ/lY2od1PNDj807E1yEs6JnlCyUCUsDafiCT56NrXORb09PQHiGE jHvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=hCktzabuCpeR3yepAZeIZq82boB//fFMQADDcWN4M8A=; b=D3v5/zM1HUb0Xrrx3zIExhYAjYPePckQUu4Vg4XLxuvpop7ZMHVSuszAHC5x8hTZJS aohBy3XObaX4vXhb5qoSn8DR30gvYUfLHLpI8onmnHS37DcJdyVooaV6wzBEpGLoOkuh 5vPVtitjMlx0JfH7cr8wQZ/jdCswYyTv7r1mMjATjt8nC8Boyus2SivpANv4LraZfW1g fJHqeBMIDZdMaNcyH3KZr8NC7PIp6KvJ06X67aTzrUAsw53D0AlGmJhLSiXAE361qvSn f/kfJHWuahtlTXNDVRrhNWNDIz4MSBQe23qeML33ekdCTRGZG6p86UEkytlQMg2AmLz+ I8ow== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=eVJUz5m1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id n11si12087727ejg.99.2021.02.22.04.45.57; Mon, 22 Feb 2021 04:46:20 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=eVJUz5m1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231669AbhBVMpB (ORCPT + 99 others); Mon, 22 Feb 2021 07:45:01 -0500 Received: from mail.kernel.org ([198.145.29.99]:44828 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230511AbhBVMRn (ORCPT ); Mon, 22 Feb 2021 07:17:43 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 4766B64F11; Mon, 22 Feb 2021 12:17:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1613996237; bh=Yz14AulpfbbG8XuSgZKBhel8eTb3ZjDF+Lf+BBilCeU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=eVJUz5m1z0z/d6XmeZKpa7+HL/xmFyyLDLAmY4TcHgLli2uDOqnA1w4rxXdizyWtw sIRoLpvIrsPgbt80QaNtz0fFAxUhIw8i4RS9paNJLVH+pX7m/FqP3dC5p0bqVGbEQN BtwjSDtMzBhtjjAePrFPFzXfnZhYk5UG4IGxF14Y= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Jan Beulich , Juergen Gross Subject: [PATCH 4.19 43/50] Xen/gntdev: correct error checking in gntdev_map_grant_pages() Date: Mon, 22 Feb 2021 13:13:34 +0100 Message-Id: <20210222121026.836074932@linuxfoundation.org> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210222121019.925481519@linuxfoundation.org> References: <20210222121019.925481519@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Jan Beulich commit ebee0eab08594b2bd5db716288a4f1ae5936e9bc upstream. Failure of the kernel part of the mapping operation should also be indicated as an error to the caller, or else it may assume the respective kernel VA is okay to access. Furthermore gnttab_map_refs() failing still requires recording successfully mapped handles, so they can be unmapped subsequently. This in turn requires there to be a way to tell full hypercall failure from partial success - preset map_op status fields such that they won't "happen" to look as if the operation succeeded. Also again use GNTST_okay instead of implying its value (zero). This is part of XSA-361. Signed-off-by: Jan Beulich Cc: stable@vger.kernel.org Reviewed-by: Juergen Gross Signed-off-by: Juergen Gross Signed-off-by: Greg Kroah-Hartman --- drivers/xen/gntdev.c | 17 +++++++++-------- include/xen/grant_table.h | 1 + 2 files changed, 10 insertions(+), 8 deletions(-) --- a/drivers/xen/gntdev.c +++ b/drivers/xen/gntdev.c @@ -348,21 +348,22 @@ int gntdev_map_grant_pages(struct gntdev pr_debug("map %d+%d\n", map->index, map->count); err = gnttab_map_refs(map->map_ops, use_ptemod ? map->kmap_ops : NULL, map->pages, map->count); - if (err) - return err; for (i = 0; i < map->count; i++) { - if (map->map_ops[i].status) { + if (map->map_ops[i].status == GNTST_okay) + map->unmap_ops[i].handle = map->map_ops[i].handle; + else if (!err) err = -EINVAL; - continue; - } if (map->flags & GNTMAP_device_map) map->unmap_ops[i].dev_bus_addr = map->map_ops[i].dev_bus_addr; - map->unmap_ops[i].handle = map->map_ops[i].handle; - if (use_ptemod) - map->kunmap_ops[i].handle = map->kmap_ops[i].handle; + if (use_ptemod) { + if (map->kmap_ops[i].status == GNTST_okay) + map->kunmap_ops[i].handle = map->kmap_ops[i].handle; + else if (!err) + err = -EINVAL; + } } return err; } --- a/include/xen/grant_table.h +++ b/include/xen/grant_table.h @@ -157,6 +157,7 @@ gnttab_set_map_op(struct gnttab_map_gran map->flags = flags; map->ref = ref; map->dom = domid; + map->status = 1; /* arbitrary positive value */ } static inline void