From 32ab625a61034ec42a542e30f52df8f805dafd6e Mon Sep 17 00:00:00 2001 From: Sepherosa Ziehau Date: Fri, 25 Nov 2016 07:24:11 +0000 Subject: [PATCH] hyperv/vmbus: Return EISCONN if the bufring GPADL can't be disconnected. So that the callers of vmbus_chan_open_br() could handle the passed in bufring memory properly. MFC after: 1 week Sponsored by: Microsoft Differential Revision: https://reviews.freebsd.org/D8569 --- sys/dev/hyperv/include/vmbus.h | 11 +++++++++++ sys/dev/hyperv/vmbus/vmbus_chan.c | 28 ++++++++++++++++++++++++++-- 2 files changed, 37 insertions(+), 2 deletions(-) diff --git a/sys/dev/hyperv/include/vmbus.h b/sys/dev/hyperv/include/vmbus.h index 7fe93cea59b..9671c8ee6d4 100644 --- a/sys/dev/hyperv/include/vmbus.h +++ b/sys/dev/hyperv/include/vmbus.h @@ -129,6 +129,17 @@ vmbus_get_channel(device_t dev) return device_get_ivars(dev); } +/* + * vmbus_chan_open_br() + * Return values: + * 0 Succeeded. + * EISCONN Failed, and the memory passed through 'br' is still + * connected. Callers must _not_ free the the memory + * passed through 'br', if this error happens. + * other values Failed. The memory passed through 'br' is no longer + * connected. Callers are free to do anything with the + * memory passed through 'br'. + */ int vmbus_chan_open(struct vmbus_channel *chan, int txbr_size, int rxbr_size, const void *udata, int udlen, vmbus_chan_callback_t cb, void *cbarg); diff --git a/sys/dev/hyperv/vmbus/vmbus_chan.c b/sys/dev/hyperv/vmbus/vmbus_chan.c index 019499264d4..bdd4f31d583 100644 --- a/sys/dev/hyperv/vmbus/vmbus_chan.c +++ b/sys/dev/hyperv/vmbus/vmbus_chan.c @@ -324,7 +324,21 @@ vmbus_chan_open(struct vmbus_channel *chan, int txbr_size, int rxbr_size, error = vmbus_chan_open_br(chan, &cbr, udata, udlen, cb, cbarg); if (error) { - hyperv_dmamem_free(&chan->ch_bufring_dma, chan->ch_bufring); + if (error == EISCONN) { + /* + * XXX + * The bufring GPADL is still connected; abandon + * this bufring, instead of having mysterious + * crash or trashed data later on. + */ + vmbus_chan_printf(chan, "chan%u bufring GPADL " + "is still connected upon channel open error; " + "leak %d bytes memory\n", chan->ch_id, + txbr_size + rxbr_size); + } else { + hyperv_dmamem_free(&chan->ch_bufring_dma, + chan->ch_bufring); + } chan->ch_bufring = NULL; } return (error); @@ -458,7 +472,17 @@ failed: sysctl_ctx_free(&chan->ch_sysctl_ctx); vmbus_chan_clear_chmap(chan); if (chan->ch_bufring_gpadl != 0) { - vmbus_chan_gpadl_disconnect(chan, chan->ch_bufring_gpadl); + int error1; + + error1 = vmbus_chan_gpadl_disconnect(chan, + chan->ch_bufring_gpadl); + if (error1) { + /* + * Give caller a hint that the bufring GPADL is still + * connected. + */ + error = EISCONN; + } chan->ch_bufring_gpadl = 0; } atomic_clear_int(&chan->ch_stflags, VMBUS_CHAN_ST_OPENED);