From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Tue, 22 Apr 2014 12:45:10 +0000 (+0200)
Subject: x86/EPT: correct double unmap_domain_page() on error path
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~5185
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=75e253bb78f2b7905c20a0caddd8eb2fb77e5eab;p=xen.git

x86/EPT: correct double unmap_domain_page() on error path

c/s 3d90d6e6 "x86/EPT: split super pages upon mismatching memory types"
accidentally introduced an error path where the epte domain page would be
unmapped twice if splitting the superpage failed.

Only unmap the page if the loop is to be continued.  When breaking from the
loop, the page will be unmapped by the subsequent code.

Coverity-ID: 1203047
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---

diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-ept.c
index b0ab3ceba5..8d3051bf53 100644
--- a/xen/arch/x86/mm/p2m-ept.c
+++ b/xen/arch/x86/mm/p2m-ept.c
@@ -351,9 +351,9 @@ bool_t ept_handle_misconfig(uint64_t gpa)
                                              e.sa_p2mt == p2m_mmio_direct);
                 if ( unlikely(emt < 0) )
                 {
-                    unmap_domain_page(epte);
                     if ( ept_split_super_page(p2m, &e, level, level - 1) )
                     {
+                        unmap_domain_page(epte);
                         mfn = e.mfn;
                         continue;
                     }