From mboxrd@z Thu Jan 1 00:00:00 1970 From: Xiubo Li Subject: Re: [PATCH] KVM: fix possible coalesced_mmio_ring page leaks. Date: Thu, 26 Feb 2015 10:29:44 +0800 Message-ID: <54EE8518.60607@cmss.chinamobile.com> References: <1423717101-9199-1-git-send-email-lixiubo@cmss.chinamobile.com> <20150224164359.GA31733@amt.cnet> Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Cc: gleb@kernel.org, pbonzini@redhat.com, kvm@vger.kernel.org To: Marcelo Tosatti Return-path: Received: from cmccmta3.chinamobile.com ([221.176.66.81]:9800 "HELO cmccmta3.chinamobile.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with SMTP id S1753456AbbBZCaN (ORCPT ); Wed, 25 Feb 2015 21:30:13 -0500 In-Reply-To: <20150224164359.GA31733@amt.cnet> Sender: kvm-owner@vger.kernel.org List-ID: On 25/02/2015 00:44, Marcelo Tosatti wrote: > On Thu, Feb 12, 2015 at 12:58:21PM +0800, Xiubo Li wrote: >> It forgets to free coalesced_mmio_ring page after the anon_inode_getfd >> fails. >> >> Signed-off-by: Xiubo Li >> --- >> virt/kvm/kvm_main.c | 16 +++++++++++----- >> 1 file changed, 11 insertions(+), 5 deletions(-) >> >> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c >> index 8579f18..85e8106 100644 >> --- a/virt/kvm/kvm_main.c >> +++ b/virt/kvm/kvm_main.c >> @@ -2784,16 +2784,22 @@ static int kvm_dev_ioctl_create_vm(unsigned long type) >> return PTR_ERR(kvm); >> #ifdef KVM_COALESCED_MMIO_PAGE_OFFSET >> r = kvm_coalesced_mmio_init(kvm); >> - if (r < 0) { >> - kvm_put_kvm(kvm); >> - return r; >> - } >> + if (r < 0) >> + goto out_put_kvm; >> #endif >> r = anon_inode_getfd("kvm-vm", &kvm_vm_fops, kvm, O_RDWR | O_CLOEXEC); >> if (r < 0) >> - kvm_put_kvm(kvm); >> + goto out_mmio_free; > kvm_put_kvm -> kvm_destroy_vm -> kvm_coalesced_mmio_free. > Yes, it is. As in my mind that who use it, it will be whose duty to release it. Thanks, BRs Xiubo