| Message ID | 20230711082931.5402-2-michal.orzel@amd.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | xen/arm: Support for bigger domU passthrough dtbs | expand |
> On 11 Jul 2023, at 09:29, Michal Orzel <michal.orzel@amd.com> wrote: > > Fix the error path in domain_handle_dtb_bootmodule(), so that the memory > previously mapped is unmapped before returning the error code. This is > because the function shall not make assumptions on the way of handling > its error code in the callers. Today we call panic in case of domU > creation failure, so having memory not unmapped is not a bug, but it can > change. > > Similarly, fix prepare_dtb_domU() so that the memory allocated is freed > before returning the error code from domain_handle_dtb_bootmodule(). > > Signed-off-by: Michal Orzel <michal.orzel@amd.com> Reviewed-by: Luca Fancellu <luca.fancellu@arm.com>
Hi, On 11/07/2023 10:15, Luca Fancellu wrote: > > >> On 11 Jul 2023, at 09:29, Michal Orzel <michal.orzel@amd.com> wrote: >> >> Fix the error path in domain_handle_dtb_bootmodule(), so that the memory >> previously mapped is unmapped before returning the error code. This is >> because the function shall not make assumptions on the way of handling >> its error code in the callers. Today we call panic in case of domU >> creation failure, so having memory not unmapped is not a bug, but it can >> change. >> >> Similarly, fix prepare_dtb_domU() so that the memory allocated is freed >> before returning the error code from domain_handle_dtb_bootmodule(). >> >> Signed-off-by: Michal Orzel <michal.orzel@amd.com> > > Reviewed-by: Luca Fancellu <luca.fancellu@arm.com> Acked-by: Julien Grall <jgrall@amazon.com> Cheers,
diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c index d0d6be922db1..f2134f24b971 100644 --- a/xen/arch/arm/domain_build.c +++ b/xen/arch/arm/domain_build.c @@ -3204,7 +3204,7 @@ static int __init domain_handle_dtb_bootmodule(struct domain *d, res = check_partial_fdt(pfdt, kinfo->dtb_bootmodule->size); if ( res < 0 ) - return res; + goto out; for ( node_next = fdt_first_subnode(pfdt, 0); node_next > 0; @@ -3235,7 +3235,7 @@ static int __init domain_handle_dtb_bootmodule(struct domain *d, DT_ROOT_NODE_SIZE_CELLS_DEFAULT, false); if ( res ) - return res; + goto out; continue; } if ( dt_node_cmp(name, "passthrough") == 0 ) @@ -3245,11 +3245,12 @@ static int __init domain_handle_dtb_bootmodule(struct domain *d, DT_ROOT_NODE_SIZE_CELLS_DEFAULT, true); if ( res ) - return res; + goto out; continue; } } + out: iounmap(pfdt); return res; @@ -3326,7 +3327,7 @@ static int __init prepare_dtb_domU(struct domain *d, struct kernel_info *kinfo) { ret = domain_handle_dtb_bootmodule(d, kinfo); if ( ret ) - return ret; + goto err; } ret = make_gic_domU_node(kinfo);
Fix the error path in domain_handle_dtb_bootmodule(), so that the memory previously mapped is unmapped before returning the error code. This is because the function shall not make assumptions on the way of handling its error code in the callers. Today we call panic in case of domU creation failure, so having memory not unmapped is not a bug, but it can change. Similarly, fix prepare_dtb_domU() so that the memory allocated is freed before returning the error code from domain_handle_dtb_bootmodule(). Signed-off-by: Michal Orzel <michal.orzel@amd.com> --- xen/arch/arm/domain_build.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-)