[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3] xen/privcmd: fix error exit of privcmd_ioctl_dm_op()

To: Juergen Gross <jgross@xxxxxxxx>
From: Jan Beulich <jbeulich@xxxxxxxx>
Date: Thu, 25 Aug 2022 13:58:59 +0200
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bgLqNjkKvx54cavOvEZwb4BeesXYydDkDbr6VRLbW1U=; b=eftEawJHCc+7OmpwTVHx0WKNPR9L7IWsh3ldhUn657vvZwzgAzB32kfEsx3bF/hTu6XRddL1e+ld8vwjcISIbj9qX5aMhFcIzY7bf0YSxJPwWjV80+vfL0pfuLPzcFHSiNkPPEK/jjGvulWlZi/oMMVw2VLrtXgjh7RoC9irbGKg8ZXJKHiOjDcPJIIrquTrdSyU7ckngELvmYseDHQN8wgi7DwDq3ZUhXpky1BY+jaRuJGazF6/nGKfB/KzlScKLAJbIbtwg0x6BHzXDT9Q196RVTb6ckF01aJldC/VrvM6arMPLnJiTrTEmp/qCVeQLlvcP1rELeC2EX7bJxOu/w==
Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ljN0+Em1UOClojHW31c913QJDSwXBhtcRu4C2CWAHPj+pivzp9SBrB6rWO++HAtTqawUicjTue+FoURNHHxuvhGFjw7nHJCXlri31BfYHzjSuLk3JQHseJWvW/dtau3gS83EpkH5A1r/aZfsq3fG0QNRX6oTkkhlmFAu4rs+W+YDlCSuTz/TbN3c2WWkxGEsFe8TDQpENLwPwDJTaCoZhhmS3B/DPlLfMbVa5C/vCa6bgMCWC3o5aCAvoxZs5XTsO2x2Dv+pVxjl/mPQhyyYgx+gBfT2AlH0/ZnJ/us70V98vI8nSA30lNpACwu1sXs0y0/7kXnlICHJTmQfHm3WaA==
Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Oleksandr Tyshchenko <oleksandr_tyshchenko@xxxxxxxx>, stable@xxxxxxxxxxxxxxx, Rustam Subkhankulov <subkhankulov@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx
Delivery-date: Thu, 25 Aug 2022 11:59:14 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 25.08.2022 13:40, Juergen Gross wrote:
> --- a/drivers/xen/privcmd.c
> +++ b/drivers/xen/privcmd.c
> @@ -581,7 +581,7 @@ static int lock_pages(
>       struct privcmd_dm_op_buf kbufs[], unsigned int num,
>       struct page *pages[], unsigned int nr_pages, unsigned int *pinned)
>  {
> -     unsigned int i;
> +     unsigned int i, off = 0;
>  
>       for (i = 0; i < num; i++) {
>               unsigned int requested;
> @@ -589,19 +589,23 @@ static int lock_pages(
>  
>               requested = DIV_ROUND_UP(
>                       offset_in_page(kbufs[i].uptr) + kbufs[i].size,
> -                     PAGE_SIZE);
> +                     PAGE_SIZE) - off;
>               if (requested > nr_pages)
>                       return -ENOSPC;
>  
>               page_count = pin_user_pages_fast(
> -                     (unsigned long) kbufs[i].uptr,
> +                     (unsigned long)kbufs[i].uptr + off * PAGE_SIZE,
>                       requested, FOLL_WRITE, pages);
> -             if (page_count < 0)
> -                     return page_count;
> +             if (page_count <= 0)
> +                     return page_count ? : -EFAULT;
>  
>               *pinned += page_count;
>               nr_pages -= page_count;
>               pages += page_count;
> +
> +             off = requested - page_count;
> +             if (off)
> +                     i--;
>       }

Initially I thought this would go wrong only on the 3rd iteration, but
meanwhile I think it's wrong already on the 2nd. What I think you need
is

                if (page_count < requested)
                        i--;
                off += page_count;

or with the i++ from the loop header absorbed here

                if (page_count == requested)
                        i++;
                off += page_count;

Plus of course off needs resetting to zero whenever i advances. I.e.

                if (page_count == requested) {
                        i++;
                        off = 0;
                } else {
                        off += page_count;
                }

Jan

Follow-Ups:
- Re: [PATCH v3] xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
  - From: Juergen Gross

References:
- [PATCH v3] xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
  - From: Juergen Gross

Prev by Date: Re: [PATCH] xen/arm: acpi: Support memory reserve configuration table
Next by Date: Re: Backport request
Previous by thread: [PATCH v3] xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
Next by thread: Re: [PATCH v3] xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.