VFIO fix for v6.0-rc5

- Fix zero page refcount leak (Alex Williamson) -----BEGIN PGP SIGNATURE----- iQJPBAABCAA5FiEEQvbATlQL0amee4qQI5ubbjuwiyIFAmMaUVMbHGFsZXgud2ls bGlhbXNvbkByZWRoYXQuY29tAAoJECObm247sIsiBl4P/3dXKhitc/ryWcqm0BsH xooWVUglmO7p3KuInJWOkT44a8f13EucKMaBry69G48T+H2d7a/e4qPDzsA84ELq 1XjJHUcvyojblwDnqE5MlC0IM7Pb1vUQ0KbcGdGMfh+hYQZ0mrifmNeXE+a+VFYs KIPlesid4A8+9y431ynWEPQ6GtldigURYj93QPIDfPMGtZVugtNEtUZRN/xvSqrt /AHjcYYFdhFCuy9yDZ255+Hnn4NJ7gctFBT7u2znR5fQntQLyK8z8J8ydfzxMu/+ ifMn/uAV5qIv9p0ir0NrFjTda/TD7Qjli5Tw7LKRqMrhnYmG1Y9BwUMYXeQjYlWV qaeE0lVH1E7a9sqrZy8MfaEZdNbfBcawRUjktNea4fZIGHhMQUU2b96cwesMkomW BlfHKp4Ml3lIGFcCh/LYgNHdevTl0WJ2qqStJqYqMxWBY+4zxAOO/AJen/gJ2qDL qj9FqrdjjVwU67/Rg1he4LcXAeG5rPWut2hXvmv/tsc+KDJ0KbQ618xDvlR1dgH8 7KqZIQxKJ6EX5HlPIGO1vb1KhHLTF4OnHPOznorIyS/9bYwOMcoSN7waLCpCKMan 3n+nx16CmsgBh/hwzSzoe7yviIu0V+MGcMzHE++O1moCd+I5hjTE+nHFk4nhDgcl Pc32wk0ql9nCXCMGjV1t/rNs =Ps/q -----END PGP SIGNATURE----- Merge tag 'vfio-v6.0-rc5' of https://github.com/awilliam/linux-vfio Pull VFIO fix from Alex Williamson: - Fix zero page refcount leak (Alex Williamson) * tag 'vfio-v6.0-rc5' of https://github.com/awilliam/linux-vfio: vfio/type1: Unpin zero pages
2022-09-09 07:44:33 -04:00 · 2022-09-09 07:44:33 -04:00 · 725f3f3b27
parent 83dfc0e2fd 873aefb376
commit 725f3f3b27
1 changed files with 12 additions and 0 deletions
--- a/drivers/vfio/vfio_iommu_type1.c
+++ b/drivers/vfio/vfio_iommu_type1.c
@ -558,6 +558,18 @@ static int vaddr_get_pfns(struct mm_struct *mm, unsigned long vaddr,
 	ret = pin_user_pages_remote(mm, vaddr, npages, flags | FOLL_LONGTERM,
 				    pages, NULL, NULL);
 	if (ret > 0) {
+		int i;
+
+		/*
+		 * The zero page is always resident, we don't need to pin it
+		 * and it falls into our invalid/reserved test so we don't
+		 * unpin in put_pfn().  Unpin all zero pages in the batch here.
+		 */
+		for (i = 0 ; i < ret; i++) {
+			if (unlikely(is_zero_pfn(page_to_pfn(pages[i]))))
+				unpin_user_page(pages[i]);
+		}
+
 		*pfn = page_to_pfn(pages[0]);
 		goto done;
 	}