From mboxrd@z Thu Jan  1 00:00:00 1970
From: Marcelo Tosatti <mtosatti@redhat.com>
Subject: Re: [PATCH] KVM: fix possible coalesced_mmio_ring page leaks.
Date: Tue, 24 Feb 2015 13:44:00 -0300
Message-ID: <20150224164359.GA31733@amt.cnet>
References: <1423717101-9199-1-git-send-email-lixiubo@cmss.chinamobile.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: gleb@kernel.org, pbonzini@redhat.com, kvm@vger.kernel.org
To: Xiubo Li <lixiubo@cmss.chinamobile.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:38479 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1752246AbbBXQo1 (ORCPT <rfc822;kvm@vger.kernel.org>);
	Tue, 24 Feb 2015 11:44:27 -0500
Content-Disposition: inline
In-Reply-To: <1423717101-9199-1-git-send-email-lixiubo@cmss.chinamobile.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On Thu, Feb 12, 2015 at 12:58:21PM +0800, Xiubo Li wrote:
> It forgets to free coalesced_mmio_ring page after the anon_inode_getfd
> fails.
> 
> Signed-off-by: Xiubo Li <lixiubo@cmss.chinamobile.com>
> ---
>  virt/kvm/kvm_main.c | 16 +++++++++++-----
>  1 file changed, 11 insertions(+), 5 deletions(-)
> 
> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> index 8579f18..85e8106 100644
> --- a/virt/kvm/kvm_main.c
> +++ b/virt/kvm/kvm_main.c
> @@ -2784,16 +2784,22 @@ static int kvm_dev_ioctl_create_vm(unsigned long type)
>  		return PTR_ERR(kvm);
>  #ifdef KVM_COALESCED_MMIO_PAGE_OFFSET
>  	r = kvm_coalesced_mmio_init(kvm);
> -	if (r < 0) {
> -		kvm_put_kvm(kvm);
> -		return r;
> -	}
> +	if (r < 0)
> +		goto out_put_kvm;
>  #endif
>  	r = anon_inode_getfd("kvm-vm", &kvm_vm_fops, kvm, O_RDWR | O_CLOEXEC);
>  	if (r < 0)
> -		kvm_put_kvm(kvm);
> +		goto out_mmio_free;

kvm_put_kvm -> kvm_destroy_vm -> kvm_coalesced_mmio_free.