Xen project Mailing List

[PATCH 3/6] VT-d: don't leak domid mapping on error path

To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Date: Fri, 12 Nov 2021 10:48:43 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7FtwyADRDx+mGc76WSsZhGw7jgd3KL9ZVlpKovmy4Q4=; b=RJozYg7RCivIdFs94DHiSK8ApqSIl2dR28dwAcPtE4CfTN+M8mKCUqYyixjHuWYk4Ki/bKm90vLysJdSYHdQ8kE/mLG8RFeOdhZ63t7kuIjckZq/K0ho8E5uaHVt5jUT+0TVjXrfeUaeTMv4hyi04RP3Ned9wU89leM14cmkIAd3fwc8/sH4qWOjn16fzfJiCgXn8nXa/hEfB0Nwmz1dUg0cOSNx6cU7ERMDqgjytJ1s5JD3wsUVXB0MnTqJmDuV+KsEQykwWiEpHN0stll+jsiNT3S8w30HJbikpDtkCS1T17cVdOOoJE8dpeb3IrvOCjArcSNGL7nX06OUo4I8Pg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Z4DFr5BKmlXnAyIJG/YHcSUdlcRfbVNwW3lu1qkivLxFuxIUfIJVidYPvVuvIvZzCVxbXgRA6Dp3JosJYunXLsALnJi27hqmhFrndnxTx/32ykoqWOBCKUNCB+GGN/3t5XXepC1/13tDuKv9yHkwKRA7TkfB6gtQb+x7deDcsDwBVNdjW4bzKZW8goHEaN7rYj3u1V0POvWO8cVQcbZuP6eYonI6c8QlOYbPJt2Yj/AdOKI5g5oyWoBA6UWrz3N9E+PlUjH6vXIg9y4mc2cXrHSA471aPVY6AIw6ZPqfBT9Of3Lylb69/NrOkEYFqjsr0Fn2U+MFNnhkzvbBj2A8fg==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: Kevin Tian <kevin.tian@xxxxxxxxx>

Delivery-date: Fri, 12 Nov 2021 09:48:49 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

While domain_context_mapping() invokes domain_context_unmap() in a sub- case of handling DEV_TYPE_PCI when encountering an error, thus avoiding a leak, individual calls to domain_context_mapping_one() aren't similarly covered. Such a leak might persist until domain destruction. Leverage that these cases can be recognized by pdev being non-NULL. Fixes: dec403cc668f ("VT-d: fix iommu_domid for PCI/PCIx devices assignment") Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> --- The Fixes: tag isn't strictly correct, as error handling had more severe shortcomings at the time. But I wouldn't want to blame a commit improving error handling to have introduced the leak. --- a/xen/drivers/passthrough/vtd/iommu.c +++ b/xen/drivers/passthrough/vtd/iommu.c @@ -1518,7 +1518,12 @@ int domain_context_mapping_one( rc = me_wifi_quirk(domain, bus, devfn, MAP_ME_PHANTOM_FUNC); if ( rc ) - domain_context_unmap_one(domain, iommu, bus, devfn); + { + ret = domain_context_unmap_one(domain, iommu, bus, devfn); + + if ( !ret && pdev && pdev->devfn == devfn ) + check_cleanup_domid_map(domain, pdev, iommu); + } return rc; }

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.