xen/arm: Drop reference on foreign page when guest_physmap_add_entry has failed

When a foreign page is added to the guest p2m, we take a reference on this page.
Currently if the mapping has failed when a leak a reference, this will result
to the guest will foreign guest will became a zombie as soon as it's destroyed.

Signed-off-by: Julien Grall <julien.grall@linaro.org>
Acked-by: Ian Campbell <ian.campbell@citrix.com>

diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c
index 7e8e06ad672cb646f93438d9673f90b5055def25..03a05334beec6b41a3b1475cce21c832e4e74a91 100644 (file)
--- a/xen/arch/arm/mm.c
+++ b/xen/arch/arm/mm.c
@@ -994,6 +994,7 @@ int xenmem_add_to_physmap_one(
     unsigned long mfn = 0;
     int rc;
     p2m_type_t t;
+    struct page_info *page = NULL;
 
     switch ( space )
     {
@@ -1041,7 +1042,6 @@ int xenmem_add_to_physmap_one(
     case XENMAPSPACE_gmfn_foreign:
     {
         struct domain *od;
-        struct page_info *page;
         p2m_type_t p2mt;
         od = rcu_lock_domain_by_any_id(foreign_domid);
         if ( od == NULL )
@@ -1091,6 +1091,14 @@ int xenmem_add_to_physmap_one(
     /* Map at new location. */
     rc = guest_physmap_add_entry(d, gpfn, mfn, 0, t);
 
+    /* If we fail to add the mapping, we need to drop the reference we
+     * took earlier on foreign pages */
+    if ( rc && space == XENMAPSPACE_gmfn_foreign )
+    {
+        ASSERT(page != NULL);
+        put_page(page);
+    }
+
     return rc;
 }