summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel De Graaf <dgdegra@tycho.nsa.gov>2011-02-09 21:12:00 +0100
committerKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>2011-02-14 20:16:21 +0100
commitb57c18694ea1641b691fa05ed8af0ce339fa430b (patch)
tree3fb3b050ef993092db69463fa56507f03eb31cf8
parentxen-gntdev: Use map->vma for checking map validity (diff)
downloadlinux-b57c18694ea1641b691fa05ed8af0ce339fa430b.tar.xz
linux-b57c18694ea1641b691fa05ed8af0ce339fa430b.zip
xen-gntdev: Avoid unmapping ranges twice
In paravirtualized domains, mn_invl_page or mn_invl_range_start can unmap a segment of a mapped region without unmapping all pages. When the region is later released, the pages will be unmapped twice, leading to an incorrect -EINVAL return. Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
-rw-r--r--drivers/xen/gntdev.c33
1 files changed, 31 insertions, 2 deletions
diff --git a/drivers/xen/gntdev.c b/drivers/xen/gntdev.c
index 4ca4262d3d19..4687cd557c97 100644
--- a/drivers/xen/gntdev.c
+++ b/drivers/xen/gntdev.c
@@ -282,7 +282,7 @@ static int map_grant_pages(struct grant_map *map)
return err;
}
-static int unmap_grant_pages(struct grant_map *map, int offset, int pages)
+static int __unmap_grant_pages(struct grant_map *map, int offset, int pages)
{
int i, err = 0;
@@ -301,7 +301,6 @@ static int unmap_grant_pages(struct grant_map *map, int offset, int pages)
}
}
- pr_debug("map %d+%d [%d+%d]\n", map->index, map->count, offset, pages);
err = gnttab_unmap_refs(map->unmap_ops + offset, map->pages + offset, pages);
if (err)
return err;
@@ -314,6 +313,36 @@ static int unmap_grant_pages(struct grant_map *map, int offset, int pages)
return err;
}
+static int unmap_grant_pages(struct grant_map *map, int offset, int pages)
+{
+ int range, err = 0;
+
+ pr_debug("unmap %d+%d [%d+%d]\n", map->index, map->count, offset, pages);
+
+ /* It is possible the requested range will have a "hole" where we
+ * already unmapped some of the grants. Only unmap valid ranges.
+ */
+ while (pages && !err) {
+ while (pages && !map->unmap_ops[offset].handle) {
+ offset++;
+ pages--;
+ }
+ range = 0;
+ while (range < pages) {
+ if (!map->unmap_ops[offset+range].handle) {
+ range--;
+ break;
+ }
+ range++;
+ }
+ err = __unmap_grant_pages(map, offset, range);
+ offset += range;
+ pages -= range;
+ }
+
+ return err;
+}
+
/* ------------------------------------------------------------------ */
static void gntdev_vma_close(struct vm_area_struct *vma)