diff options
author | Matthew Daley <mattjd@gmail.com> | 2013-10-10 14:10:48 +0000 |
---|---|---|
committer | Stefano Stabellini <stefano.stabellini@eu.citrix.com> | 2013-10-10 14:23:45 +0000 |
commit | a76f48e53382e6f039db6278443e3ce437653302 (patch) | |
tree | 1e9f31249bc29c15225fac0cc720dc9bab653b07 /qemu-seccomp.c | |
parent | a684f3cf9b9b9c3cb82be87aafc463de8974610c (diff) | |
download | qemu-a76f48e53382e6f039db6278443e3ce437653302.zip qemu-a76f48e53382e6f039db6278443e3ce437653302.tar.gz qemu-a76f48e53382e6f039db6278443e3ce437653302.tar.bz2 |
xen_disk: mark ioreq as mapped before unmapping in error case
Commit 4472beae modified the semantics of ioreq_{un,}map so that they are
idempotent if called when they're not needed (ie., twice in a row). However,
it neglected to handle the case where batch mapping is not being used (the
default), and one of the grants fails to map. In this case, ioreq_unmap will
be called to unwind and unmap any mappings already performed, but ioreq_unmap
simply returns due to the aforementioned change (the ioreq has not already
been marked as mapped).
The frontend user can therefore force xen_disk to leak grant mappings, a
per-domain limited resource.
Fix by marking the ioreq as mapped before calling ioreq_unmap in this
situation.
Signed-off-by: Matthew Daley <mattjd@gmail.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Diffstat (limited to 'qemu-seccomp.c')
0 files changed, 0 insertions, 0 deletions