diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2022-09-09 07:44:33 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2022-09-09 07:44:33 -0400 |
| commit | 725f3f3b2708d8f3fe56df8113bfdc7380d52dc9 (patch) | |
| tree | 9cfe787ece112032ba3be8df9ab24e989f3333aa | |
| parent | 83dfc0e2fd008b6fd2df70f6635cc4def41da056 (diff) | |
| parent | 873aefb376bbc0ed1dd2381ea1d6ec88106fdbd4 (diff) | |
| download | linux-725f3f3b2708d8f3fe56df8113bfdc7380d52dc9.tar.gz | |
Merge tag 'vfio-v6.0-rc5' of https://github.com/awilliam/linux-vfio
Pull VFIO fix from Alex Williamson:
- Fix zero page refcount leak (Alex Williamson)
* tag 'vfio-v6.0-rc5' of https://github.com/awilliam/linux-vfio:
vfio/type1: Unpin zero pages
| -rw-r--r-- | drivers/vfio/vfio_iommu_type1.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c index db516c90a97706..8706482665d11c 100644 --- a/drivers/vfio/vfio_iommu_type1.c +++ b/drivers/vfio/vfio_iommu_type1.c @@ -558,6 +558,18 @@ static int vaddr_get_pfns(struct mm_struct *mm, unsigned long vaddr, ret = pin_user_pages_remote(mm, vaddr, npages, flags | FOLL_LONGTERM, pages, NULL, NULL); if (ret > 0) { + int i; + + /* + * The zero page is always resident, we don't need to pin it + * and it falls into our invalid/reserved test so we don't + * unpin in put_pfn(). Unpin all zero pages in the batch here. + */ + for (i = 0 ; i < ret; i++) { + if (unlikely(is_zero_pfn(page_to_pfn(pages[i])))) + unpin_user_page(pages[i]); + } + *pfn = page_to_pfn(pages[0]); goto done; } |