From aeb46e92f915f19a61d5a8a1f4b696793f64e6fb Mon Sep 17 00:00:00 2001 From: Julien Grall Date: Thu, 19 Mar 2020 13:17:31 +0000 Subject: [PATCH] xen/common: event_channel: Don't ignore error in get_free_port() Currently, get_free_port() is assuming that the port has been allocated when evtchn_allocate_port() is not return -EBUSY. However, the function may return an error when: - We exhausted all the event channels. This can happen if the limit configured by the administrator for the guest ('max_event_channels' in xl cfg) is higher than the ABI used by the guest. For instance, if the guest is using 2L, the limit should not be higher than 4095. - We cannot allocate memory (e.g Xen has not more memory). Users of get_free_port() (such as EVTCHNOP_alloc_unbound) will validly assuming the port was valid and will next call evtchn_from_port(). This will result to a crash as the memory backing the event channel structure is not present. Fixes: 368ae9a05fe ("xen/pvshim: forward evtchn ops between L0 Xen and L2 DomU") Signed-off-by: Julien Grall Reviewed-by: Jan Beulich --- xen/common/event_channel.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/xen/common/event_channel.c b/xen/common/event_channel.c index e86e2bfab0..a8d182b584 100644 --- a/xen/common/event_channel.c +++ b/xen/common/event_channel.c @@ -195,10 +195,10 @@ static int get_free_port(struct domain *d) { int rc = evtchn_allocate_port(d, port); - if ( rc == -EBUSY ) - continue; - - return port; + if ( rc == 0 ) + return port; + else if ( rc != -EBUSY ) + return rc; } return -ENOSPC; -- 2.17.1