From patchwork Tue Aug 15 12:30:27 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Andrew Cooper <andrew.cooper3@citrix.com>
X-Patchwork-Id: 9901717
Return-Path: <xen-devel-bounces@lists.xen.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	4741460230 for <patchwork-xen-devel@patchwork.kernel.org>;
	Tue, 15 Aug 2017 12:32:43 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3A3C5281B7
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Tue, 15 Aug 2017 12:32:43 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 2EDF728849; Tue, 15 Aug 2017 12:32:43 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED
	autolearn=ham version=3.3.1
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id AE29A281B7
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Tue, 15 Aug 2017 12:32:42 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <xen-devel-bounces@lists.xen.org>)
	id 1dhazX-0003Qe-GF; Tue, 15 Aug 2017 12:30:39 +0000
Received: from mail6.bemta6.messagelabs.com ([193.109.254.103])
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <prvs=3930249d3=Andrew.Cooper3@citrix.com>)
	id 1dhazW-0003QU-2o
	for xen-devel@lists.xen.org; Tue, 15 Aug 2017 12:30:38 +0000
Received: from [193.109.254.147] by server-1.bemta-6.messagelabs.com id
	49/D4-03765-D69E2995; Tue, 15 Aug 2017 12:30:37 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprAIsWRWlGSWpSXmKPExsXitHSDvW7uy0m
	RBrMfs1os+biYxYHR4+ju30wBjFGsmXlJ+RUJrBlzGu+wF/wTrGhc+IO5gXEjbxcjJ4eEgL/E
	xquH2UBsNgF9id0vPjGB2CIC6hKnOy6ydjFycDAL6Eqs+qkBEhYWCJY4MOcWI4jNIqAqsfzHW
	rBWXgFPiZ23PrFBjJSTOH/8JzOIzSngJdF2vo8dxBYCqnl45zwjhK0mca3/EjtEr6DEyZlPWE
	BsZgEJiYMvXjBPYOSdhSQ1C0lqASPTKkaN4tSistQiXSMDvaSizPSMktzEzBxdQwMzvdzU4uL
	E9NScxKRiveT83E2MwNBhAIIdjL+WBRxilORgUhLlXXR2UqQQX1J+SmVGYnFGfFFpTmrxIUYZ
	Dg4lCd51z4FygkWp6akVaZk5wCCGSUtw8CiJ8BqDpHmLCxJzizPTIVKnGHU5Xk34/41JiCUvP
	y9VSpxX/gVQkQBIUUZpHtwIWERdYpSVEuZlBDpKiKcgtSg3swRV/hWjOAejkjCvIsgUnsy8Er
	hNr4COYAI64ko72BEliQgpqQZG/jqvvO3nJQMM0rbFfxPrvrtK2seyInTnF6ni06fPTFTWYjT
	a1HlBdfVrE/6af2xTimckX72oq8G4N57RpXmRaOQ/XdWoTVmPuDUvXgpmPL7k/oPZni3CT7bd
	PBbX5dRw878RT4945dsHM1c+MO/WvuDrtU794p6LL97MPzzp2dNLGfqvFyQyKrEUZyQaajEXF
	ScCAD0dgsyjAgAA
X-Env-Sender: prvs=3930249d3=Andrew.Cooper3@citrix.com
X-Msg-Ref: server-10.tower-27.messagelabs.com!1502800235!88680861!1
X-Originating-IP: [66.165.176.63]
X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor:
	VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni42MyA9PiAzMDYwNDg=\n,
	received_headers: No Received headers
X-StarScan-Received: 
X-StarScan-Version: 9.4.45; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 22349 invoked from network); 15 Aug 2017 12:30:36 -0000
Received: from smtp02.citrix.com (HELO SMTP02.CITRIX.COM) (66.165.176.63)
	by server-10.tower-27.messagelabs.com with RC4-SHA encrypted SMTP;
	15 Aug 2017 12:30:36 -0000
X-IronPort-AV: E=Sophos;i="5.41,377,1498521600"; d="scan'208";a="443835787"
From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xen.org>
Date: Tue, 15 Aug 2017 13:30:27 +0100
Message-ID: <1502800232-26670-2-git-send-email-andrew.cooper3@citrix.com>
X-Mailer: git-send-email 2.1.4
In-Reply-To: <1502800232-26670-1-git-send-email-andrew.cooper3@citrix.com>
References: <1502800232-26670-1-git-send-email-andrew.cooper3@citrix.com>
MIME-Version: 1.0
Cc: Andrew Cooper <andrew.cooper3@citrix.com>
Subject: [Xen-devel] [PATCH 1/6] common/gnttab: Correct error handling for
	gnttab_setup_table()
X-BeenThere: xen-devel@lists.xen.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xen.org>
List-Unsubscribe: <https://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <https://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Simplify the error labels to just "unlock" and "out".  This fixes an erroneous
path where a failure of rcu_lock_domain_by_any_id() still results in
rcu_unlock_domain() being called.

This is only not an XSA by luck.  rcu_unlock_domain() is a nop other than
decrementing the preempt count, and nothing reads the preempt count outside of
a debug build.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---
 xen/common/grant_table.c | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c
index 87131f8..706cd90 100644
--- a/xen/common/grant_table.c
+++ b/xen/common/grant_table.c
@@ -1645,7 +1645,7 @@ gnttab_setup_table(
     XEN_GUEST_HANDLE_PARAM(gnttab_setup_table_t) uop, unsigned int count)
 {
     struct gnttab_setup_table op;
-    struct domain *d;
+    struct domain *d = NULL;
     struct grant_table *gt;
     int            i;
     xen_pfn_t  gmfn;
@@ -1665,7 +1665,7 @@ gnttab_setup_table(
                 " per domain.\n",
                 max_grant_frames);
         op.status = GNTST_general_error;
-        goto out1;
+        goto out;
     }
 
     if ( !guest_handle_okay(op.frame_list, op.nr_frames) )
@@ -1676,13 +1676,13 @@ gnttab_setup_table(
     {
         gdprintk(XENLOG_INFO, "Bad domid %d.\n", op.dom);
         op.status = GNTST_bad_domain;
-        goto out2;
+        goto out;
     }
 
     if ( xsm_grant_setup(XSM_TARGET, current->domain, d) )
     {
         op.status = GNTST_permission_denied;
-        goto out2;
+        goto out;
     }
 
     gt = d->grant_table;
@@ -1700,7 +1700,7 @@ gnttab_setup_table(
                  "Expand grant table to %u failed. Current: %u Max: %u\n",
                  op.nr_frames, nr_grant_frames(gt), max_grant_frames);
         op.status = GNTST_general_error;
-        goto out3;
+        goto unlock;
     }
  
     op.status = GNTST_okay;
@@ -1713,11 +1713,12 @@ gnttab_setup_table(
             op.status = GNTST_bad_virt_addr;
     }
 
- out3:
+ unlock:
     grant_write_unlock(gt);
- out2:
-    rcu_unlock_domain(d);
- out1:
+ out:
+    if ( d )
+        rcu_unlock_domain(d);
+
     if ( unlikely(__copy_field_to_guest(uop, &op, status)) )
         return -EFAULT;