x86-32/pod: fix map_domain_page() leak

The 'continue' in the if() part of the conditional at the end of
p2m_pod_zero_check() was causing this, but there also really is no
point in retaining the mapping after having checked page contents,
so fix it both ways. Additionally there is no point in updating
map[] at this point anymore.

Signed-off-by: Jan Beulich <jbeulich@novell.com>

diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index df992586b812bde038ad4a5745b35d497bd42d35..976b84c200b6c04f5cd374375c246cf7be5468f4 100644 (file)
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -898,12 +898,13 @@ p2m_pod_zero_check(struct domain *d, unsigned long *gfns, int count)
             if( *(map[i]+j) != 0 )
                 break;
 
+        unmap_domain_page(map[i]);
+
         /* See comment in p2m_pod_zero_check_superpage() re gnttab
          * check timing.  */
         if ( j < PAGE_SIZE/sizeof(*map[i]) )
         {
             set_p2m_entry(d, gfns[i], mfns[i], 0, types[i]);
-            continue;
         }
         else
         {
@@ -911,9 +912,6 @@ p2m_pod_zero_check(struct domain *d, unsigned long *gfns, int count)
             p2m_pod_cache_add(d, mfn_to_page(mfns[i]), 0);
             d->arch.p2m->pod.entry_count++;
         }
-
-        unmap_domain_page(map[i]);
-        map[i] = NULL;
     }
     
 }