[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] x86/p2m: fix p2m_add_foreign error path


  • To: <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Roger Pau Monne <roger.pau@xxxxxxxxxx>
  • Date: Mon, 4 Jan 2021 10:03:23 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=86gGj19mFSPQz58zG69qlbyEUsYmKnYdN6g1371ZxnU=; b=ho9yD9ohfh6UTUHAfRjtsRtDZYiWd57juXDCLwvv0kRrZD5mVIz9VGvcsOBYYOZUO0XCnmXjHPc2Ze537vo5jHz6FLVbcEaNhug4MhEUvy5NNrh1AIMfLMpgM6AS6L0DC1DzvErl/DZ8OcfdHJqqBoVibvUfFFPsGvxozVYJiBgUB4zPSM4/R4Tm6J7j7/SN6R+VB4XAW9RGmwB+WyGY3X3p8dC2X4iqkEwE2RaS23ni3+VUTjRHs5KmzhxHxmn1nBsDaS6RqFQwsnMdZEEXe8gBCxDXhzVsCbgQhxCX00fHxFdsvrqBU3oTEbBsRIbSyVURutlcYDWMADKZdi3mfw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PlmOXv9KNDF5l6KTp6QA1BOCq2Bk9AiNTr2aQQbQapckb3H/cmW7UDHqE6+7NSoY9L5VGSc09MWOKIO34bHkK2XTVXwt9/LaOV39x9izx2My3gEjO99maeOpUwwVzVgKZNUGHz6NW0Hso9uZJdjAFrmRtbI/stBTVIUCCcnK0gz/GemdXKAo/97YnnZ+nvnwfS0T1LA/WSyW9EzCRwQ3ch9Hz73uCI+uKugBihmJHyr679pa5g01Vzgjj2FgXaqdl1GYCLBB7aZ7hasM6BNUqEWQtFEf3QBwTq8VX84Izus/dxE43XYxDVIWAU2yNi7nr4HsA+2Q5xkZvPfoicUrxw==
  • Authentication-results: esa3.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
  • Delivery-date: Mon, 04 Jan 2021 09:03:46 +0000
  • Ironport-sdr: JgEsT9KnaNcS80TmefozrNmcBkmzE007IH6bq0YDB4Clj8BCbRvVtenw5sda3kmB1q6Ou+XDWo x4yl/b2mbIvixTGRqRzI8P/QGIbubnkTQYX9MZaNW5l57gr2oYNkdZK99MOyed/Yf7Xw8P1yWv Xyd+1mtM5r5K1WVyKwuEh8qvKix0qOVrTlFg7queXpMNP+l/8FzRihKw/WS3ijVlQfDQ1FDLlG C/7Sz8DnK6Dn3ln0xzgk1NjJpgpF6O4Gi21rnCpQlqX4/27zT/+zJnvBD2qIMcnEDZfvIy0fvc Vhw=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

One of the error paths in p2m_add_foreign could call put_page with a
NULL page, thus triggering a fault.

Split the checks into two different if statements, so the appropriate
error path can be taken.

Fixes: 173ae325026bd ('x86/p2m: tidy p2m_add_foreign() a little')
Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
---
 xen/arch/x86/mm/p2m.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index 487959b121..a4ebfc9b21 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -2601,8 +2601,13 @@ static int p2m_add_foreign(struct domain *tdom, unsigned 
long fgfn,
      *     ram_rw | ram_logdirty | ram_ro | paging_out.
      */
     page = get_page_from_gfn(fdom, fgfn, &p2mt, P2M_ALLOC);
-    if ( !page ||
-         !p2m_is_ram(p2mt) || p2m_is_shared(p2mt) || p2m_is_hole(p2mt) )
+    if ( !page )
+    {
+        rc = -EINVAL;
+        goto out;
+    }
+
+    if ( !p2m_is_ram(p2mt) || p2m_is_shared(p2mt) || p2m_is_hole(p2mt) )
     {
         rc = -EINVAL;
         goto put_one;
-- 
2.29.2




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.