aboutsummaryrefslogtreecommitdiff
path: root/system/xen/xsa/xsa252.patch
blob: 8615928142a627b1f7b254d36755925c782b6818 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
From: Jan Beulich <jbeulich@suse.com>
Subject: memory: don't implicitly unpin for decrease-reservation

It very likely was a mistake (copy-and-paste from domain cleanup code)
to implicitly unpin here: The caller should really unpin itself before
(or after, if they so wish) requesting the page to be removed.

This is XSA-252.

Reported-by: Jann Horn <jannh@google.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>

--- a/xen/common/memory.c
+++ b/xen/common/memory.c
@@ -357,11 +357,6 @@ int guest_remove_page(struct domain *d,
 
     rc = guest_physmap_remove_page(d, _gfn(gmfn), mfn, 0);
 
-#ifdef _PGT_pinned
-    if ( !rc && test_and_clear_bit(_PGT_pinned, &page->u.inuse.type_info) )
-        put_page_and_type(page);
-#endif
-
     /*
      * With the lack of an IOMMU on some platforms, domains with DMA-capable
      * device must retrieve the same pfn when the hypercall populate_physmap