From: Jan Beulich <jbeulich@suse.com>
Date: Tue, 27 Feb 2018 13:03:27 +0000 (+0100)
Subject: memory: don't implicitly unpin for decrease-reservation
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=d798a0952903db9d8ee0a580e03f214d2b49b7d7;p=people%2Froyger%2Fxen.git

memory: don't implicitly unpin for decrease-reservation

It very likely was a mistake (copy-and-paste from domain cleanup code)
to implicitly unpin here: The caller should really unpin itself before
(or after, if they so wish) requesting the page to be removed.

This is XSA-252.

Reported-by: Jann Horn <jannh@google.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
---

diff --git a/xen/common/memory.c b/xen/common/memory.c
index 59d23a2a98..3ed71f8f74 100644
--- a/xen/common/memory.c
+++ b/xen/common/memory.c
@@ -360,11 +360,6 @@ int guest_remove_page(struct domain *d, unsigned long gmfn)
 
     rc = guest_physmap_remove_page(d, _gfn(gmfn), mfn, 0);
 
-#ifdef _PGT_pinned
-    if ( !rc && test_and_clear_bit(_PGT_pinned, &page->u.inuse.type_info) )
-        put_page_and_type(page);
-#endif
-
     /*
      * With the lack of an IOMMU on some platforms, domains with DMA-capable
      * device must retrieve the same pfn when the hypercall populate_physmap