From: Andrew Cooper Date: Tue, 10 Dec 2013 15:16:49 +0000 (+0100) Subject: amd/passthrough: Do not leak domain mappings from do_invalidate_dte() X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~5766^2~4 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=80dbe90a4e6b31f8cb859f7450fa3eed8695fd1d;p=xen.git amd/passthrough: Do not leak domain mappings from do_invalidate_dte() Coverity ID: 1135379 As the code stands, the domain mapping will be leaked on each error path. The mapping can be for a much shorter period of time, and all the relevent information can be pulled out at once. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich Reviewed-by: Suravee Suthikulpanit Tested-by: Suravee Suthikulpanit --- diff --git a/xen/drivers/passthrough/amd/iommu_guest.c b/xen/drivers/passthrough/amd/iommu_guest.c index 952600a9c6..477de208bf 100644 --- a/xen/drivers/passthrough/amd/iommu_guest.c +++ b/xen/drivers/passthrough/amd/iommu_guest.c @@ -424,12 +424,17 @@ static int do_invalidate_dte(struct domain *d, cmd_entry_t *cmd) sizeof(dev_entry_t), gbdf); ASSERT(mfn_valid(dte_mfn)); + /* Read guest dte information */ dte_base = map_domain_page(dte_mfn); gdte = dte_base + gbdf % (PAGE_SIZE / sizeof(dev_entry_t)); gdom_id = get_domid_from_dte(gdte); gcr3_gfn = get_guest_cr3_from_dte(gdte); + glx = get_glx_from_dte(gdte); + gv = get_gv_from_dte(gdte); + + unmap_domain_page(dte_base); /* Do not update host dte before gcr3 has been set */ if ( gcr3_gfn == 0 ) @@ -440,7 +445,6 @@ static int do_invalidate_dte(struct domain *d, cmd_entry_t *cmd) ASSERT(mfn_valid(gcr3_mfn)); - /* Read guest dte information */ iommu = find_iommu_for_device(0, mbdf); if ( !iommu ) { @@ -449,11 +453,6 @@ static int do_invalidate_dte(struct domain *d, cmd_entry_t *cmd) return -ENODEV; } - glx = get_glx_from_dte(gdte); - gv = get_gv_from_dte(gdte); - - unmap_domain_page(dte_base); - /* Setup host device entry */ hdom_id = host_domid(d, gdom_id); req_id = get_dma_requestor_id(iommu->seg, mbdf);