Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1541864pxb; Mon, 22 Feb 2021 04:56:21 -0800 (PST) X-Google-Smtp-Source: ABdhPJzx5+sYEIQRHIcVFuz7wpvnSkNGlLUw42LNSojmIDUF4PsLmycptpuGIueFN94pXFZ+FbPT X-Received: by 2002:a17:907:3d8f:: with SMTP id he15mr20445185ejc.238.1613998581500; Mon, 22 Feb 2021 04:56:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1613998581; cv=none; d=google.com; s=arc-20160816; b=AR3ym7FP/wMIZBTuJKrkiZ/AlDZox5RCmJzzWffK7s52Pl3QF+ZK4Ujulx43LV+3G4 Dv6deVzPQmIdrONdijqVEikuWGd3/Pk13Dz8gyGe9xCxxdLhG7d4mNijhL6iHJNupH3I FYIVQwRdZ9pKBRvCnTSoiaf5AMtIT87pbBIjjXFPXhhL6PHkg9yjaAMC4As73hpa6kDY uNtR80+GYjkjV/es17Y1iakOxpOJyg7zIBYFQdb96oBaDfj1zlEpfK4SpatWRHxsOdZ/ bgvV1Juv//69ri22kaoaFXBHW7DOR3Qf46uSwudRiHtwb01ee+YqCOqNq+G/YXuKpzxZ 0K8g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=BW+U2Cg+7MmTp3E28vBNkfyDmtWOZUZ4uiKzjQxtmBc=; b=xZk8wW8vcTMRhP2lrv73Tx87v2hB5H9f89jjlewOCcQg6rekAc4SD2PwBo5K5GILS3 rQGRgqqJrRMjc8uF+1T+WTUcGLnpKdXBRcu2kzcOcO5RkOJjQy8SOM3cHvciSWSHXPrk hCJ0Mx0joBWC7RZoakdqWgW85ZLms9fwHKmvFeIXayEeuQvIEabGLPAZo3UORx0rz6hN /WBusxVW0MFGHhcc3Mh50AETeorAJfEDITXNVi8nnRE5P+C1yl6FwZ/+AKpJ+qSikn0B mzXOV3me8s0eE7g6yPylULbRnQBPbtYhwRx7p090WDzQgwqozzS066VrwuntoQgDVEzG r02g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=ZVX+Na7V; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id ld23si2858630ejb.559.2021.02.22.04.55.58; Mon, 22 Feb 2021 04:56:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=ZVX+Na7V; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230291AbhBVMxF (ORCPT + 99 others); Mon, 22 Feb 2021 07:53:05 -0500 Received: from mail.kernel.org ([198.145.29.99]:47552 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230245AbhBVMSe (ORCPT ); Mon, 22 Feb 2021 07:18:34 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 204A964EF5; Mon, 22 Feb 2021 12:17:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1613996273; bh=EcSu6k2Cq+hzf90YArDfATrgHmc+TcSk7idHTtFlagA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ZVX+Na7VINAg4HLxxGwLJO4J7xZ6aRAWqZXdqKFD4sMq8/vSoyFlY+tcnbOb8d4Jo cJQqTNPXb2O1R/wjISM1+GCsv7AK1JawsXwF5QlBxL6JfT0mKVxGAv0FMJhUhtqNgm EXVglaXSKh3MMQ+JTMWuNVO2V7hfthybkGS0plUU= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Jan Beulich , Juergen Gross Subject: [PATCH 4.19 40/50] Xen/x86: dont bail early from clear_foreign_p2m_mapping() Date: Mon, 22 Feb 2021 13:13:31 +0100 Message-Id: <20210222121026.601141155@linuxfoundation.org> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210222121019.925481519@linuxfoundation.org> References: <20210222121019.925481519@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Jan Beulich commit a35f2ef3b7376bfd0a57f7844bd7454389aae1fc upstream. Its sibling (set_foreign_p2m_mapping()) as well as the sibling of its only caller (gnttab_map_refs()) don't clean up after themselves in case of error. Higher level callers are expected to do so. However, in order for that to really clean up any partially set up state, the operation should not terminate upon encountering an entry in unexpected state. It is particularly relevant to notice here that set_foreign_p2m_mapping() would skip setting up a p2m entry if its grant mapping failed, but it would continue to set up further p2m entries as long as their mappings succeeded. Arguably down the road set_foreign_p2m_mapping() may want its page state related WARN_ON() also converted to an error return. This is part of XSA-361. Signed-off-by: Jan Beulich Cc: stable@vger.kernel.org Reviewed-by: Juergen Gross Signed-off-by: Juergen Gross Signed-off-by: Greg Kroah-Hartman --- arch/x86/xen/p2m.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) --- a/arch/x86/xen/p2m.c +++ b/arch/x86/xen/p2m.c @@ -746,17 +746,15 @@ int clear_foreign_p2m_mapping(struct gnt unsigned long mfn = __pfn_to_mfn(page_to_pfn(pages[i])); unsigned long pfn = page_to_pfn(pages[i]); - if (mfn == INVALID_P2M_ENTRY || !(mfn & FOREIGN_FRAME_BIT)) { + if (mfn != INVALID_P2M_ENTRY && (mfn & FOREIGN_FRAME_BIT)) + set_phys_to_machine(pfn, INVALID_P2M_ENTRY); + else ret = -EINVAL; - goto out; - } - - set_phys_to_machine(pfn, INVALID_P2M_ENTRY); } if (kunmap_ops) ret = HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, - kunmap_ops, count); -out: + kunmap_ops, count) ?: ret; + return ret; } EXPORT_SYMBOL_GPL(clear_foreign_p2m_mapping);