diff options
Diffstat (limited to 'system/xen/xsa/xsa252.patch')
| -rw-r--r-- | system/xen/xsa/xsa252.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/system/xen/xsa/xsa252.patch b/system/xen/xsa/xsa252.patch new file mode 100644 index 0000000000..8615928142 --- /dev/null +++ b/system/xen/xsa/xsa252.patch @@ -0,0 +1,27 @@ +From: Jan Beulich <jbeulich@suse.com> +Subject: memory: don't implicitly unpin for decrease-reservation + +It very likely was a mistake (copy-and-paste from domain cleanup code) +to implicitly unpin here: The caller should really unpin itself before +(or after, if they so wish) requesting the page to be removed. + +This is XSA-252. + +Reported-by: Jann Horn <jannh@google.com> +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> + +--- a/xen/common/memory.c ++++ b/xen/common/memory.c +@@ -357,11 +357,6 @@ int guest_remove_page(struct domain *d, + + rc = guest_physmap_remove_page(d, _gfn(gmfn), mfn, 0); + +-#ifdef _PGT_pinned +- if ( !rc && test_and_clear_bit(_PGT_pinned, &page->u.inuse.type_info) ) +- put_page_and_type(page); +-#endif +- + /* + * With the lack of an IOMMU on some platforms, domains with DMA-capable + * device must retrieve the same pfn when the hypercall populate_physmap |