From nobody Sun Nov 24 15:50:20 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1722508651; cv=none; d=zohomail.com; s=zohoarc; b=WabTIZmPISbP0mj/A2USaGxxNlOkfmwI4G3wuOtvubXEiuKD7nBYYFveaDIOQLjfpjwMV3wgm3VYUNbi2TnaS+4iljEGWJ/enxjM6a3yZ+SvvvjWBGgFkLIuC/OEt3wFXUmkBDTfChpxnIeqbVAuplQEasfXHjwkWYs7u+qnWak= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1722508651; h=Content-Type:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=kOlVB7WwJCX9drLmyP0GySNt0EHrEKT86ZQ33vsIJ0g=; b=TRk+42J2u9BED17h43pTVbKHS9GUKufHtBzhO86UtHsT4OgICWOFVqhj/zc7hRj5iCAMOBkUmQ3S4QOP/5uHW8KTDDH1iXAU8cJCii8ZAL2CUncT4mIcLbCE/HgyI7D0kTdCw6yrw9BhemTT8vCG0DkpzMUox6KykN36kSyWE3s= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 172250865171286.57046631996877; Thu, 1 Aug 2024 03:37:31 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sZTBW-00030z-DC; Thu, 01 Aug 2024 06:37:26 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sZTBT-0002tp-VU for qemu-devel@nongnu.org; Thu, 01 Aug 2024 06:37:23 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sZTBS-0001qd-6y for qemu-devel@nongnu.org; Thu, 01 Aug 2024 06:37:23 -0400 Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-646-v5c0E_hyMQutuZxE4jXHAg-1; Thu, 01 Aug 2024 06:37:20 -0400 Received: by mail-ed1-f69.google.com with SMTP id 4fb4d7f45d1cf-5a2ceb035f9so2660664a12.0 for ; Thu, 01 Aug 2024 03:37:20 -0700 (PDT) Received: from redhat.com ([2.55.44.248]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5ac63b59cb0sm10049005a12.45.2024.08.01.03.37.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Aug 2024 03:37:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1722508641; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=kOlVB7WwJCX9drLmyP0GySNt0EHrEKT86ZQ33vsIJ0g=; b=E1igy8ugbHygX4jz0tA5aLHhscy/hlNLE/aIAVIC9ATFwdjbPV7VwY2oxZH3SJN6LHHZcr GamgIsY0i5NVfcV7+kLPLacAUg9t689vb877ziHjrP1+IT2N7b1/yDUMxdTl49wtTuASv+ kOSHm6K7xtjtsR7gVOcUMErnysAVT8o= X-MC-Unique: v5c0E_hyMQutuZxE4jXHAg-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722508638; x=1723113438; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=kOlVB7WwJCX9drLmyP0GySNt0EHrEKT86ZQ33vsIJ0g=; b=Oxs4vGXGOLiG4O9ovYz4W+BF77ESZSn8iRqHMu6nJnMnAm/4Uybtr8rLvEAjslw4ab vqfTNhtDBy33DQsgssL04cW74EyvdNecd8FKOJPFNjZsC81P/nUJF7XZGAu7xGMTZAaW E57pv38GtHs+/ucP+yeGjQIUuO3zmkxAAzfojx8nTAoj5idctg4Xbz6QFTRsTmlXlxkK oX6WW+3Up/NU5yFIfOVcxCNVQ2yroUiSMBlj0YgD+5CFub9X3iPi77ia5Qgr5fRFPAeO yehReZ6HH5/tqIrOhvqW0MN2/f1WKfC2X1ZbrEmTd6QvByYQokIuHw2YlB7HmyhJ4S0u fWUA== X-Gm-Message-State: AOJu0YzD7+CmTVuPTDHtvKIzSOVXX0tKc12d98MH1t+D3qHTkDSyp5Gn KRnpeZ8RT7m2Vu6jrg6drj7SClDw3myVJImiV3iQDYLIKMsWyMzkaXc6JTofuuA+Tadd6Ix0tUI VODhkkAxsWCL8RZXl2NJ22K/92Y97nvP1WMWrUO0yodMT/T+uaPiWU3LMlmWWBW4XlPdnNPtwTB 1rpKgcfrz0FTDD217we5iPDsyOPQCtww== X-Received: by 2002:a05:6402:5253:b0:57d:455:d395 with SMTP id 4fb4d7f45d1cf-5b77c28ed64mr760776a12.7.1722508638469; Thu, 01 Aug 2024 03:37:18 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGZtd/mEIqzI1B9QmqIuimkJW+I1NHLRLfmldGQsR4vOaGJA4TqYolkGo9fXOdbmiDQIGGZbA== X-Received: by 2002:a05:6402:5253:b0:57d:455:d395 with SMTP id 4fb4d7f45d1cf-5b77c28ed64mr760733a12.7.1722508637828; Thu, 01 Aug 2024 03:37:17 -0700 (PDT) Date: Thu, 1 Aug 2024 06:37:12 -0400 From: "Michael S. Tsirkin" To: qemu-devel@nongnu.org Cc: Peter Maydell , qemu-stable@nongnu.org, Marcel Apfelbaum , Paolo Bonzini , Richard Henderson , Eduardo Habkost Subject: [PULL 18/19] hw/i386/amd_iommu: Don't leak memory in amdvi_update_iotlb() Message-ID: <9a45b0761628cc59267b3283a85d15294464ac31.1722508478.git.mst@redhat.com> References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Mailer: git-send-email 2.27.0.106.g8ac3dc51b1 X-Mutt-Fcc: =sent Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=mst@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -21 X-Spam_score: -2.2 X-Spam_bar: -- X-Spam_report: (-2.2 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.131, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1722508653566116600 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Peter Maydell In amdvi_update_iotlb() we will only put a new entry in the hash table if to_cache.perm is not IOMMU_NONE. However we allocate the memory for the new AMDVIIOTLBEntry and for the hash table key regardless. This means that in the IOMMU_NONE case we will leak the memory we alloacted. Move the allocations into the if() to the point where we know we're going to add the item to the hash table. Cc: qemu-stable@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2452 Signed-off-by: Peter Maydell Message-Id: <20240731170019.3590563-1-peter.maydell@linaro.org> Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin --- hw/i386/amd_iommu.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c index 6d4fde72f9..87643d2891 100644 --- a/hw/i386/amd_iommu.c +++ b/hw/i386/amd_iommu.c @@ -357,12 +357,12 @@ static void amdvi_update_iotlb(AMDVIState *s, uint16_= t devid, uint64_t gpa, IOMMUTLBEntry to_cache, uint16_t domid) { - AMDVIIOTLBEntry *entry =3D g_new(AMDVIIOTLBEntry, 1); - uint64_t *key =3D g_new(uint64_t, 1); - uint64_t gfn =3D gpa >> AMDVI_PAGE_SHIFT_4K; - /* don't cache erroneous translations */ if (to_cache.perm !=3D IOMMU_NONE) { + AMDVIIOTLBEntry *entry =3D g_new(AMDVIIOTLBEntry, 1); + uint64_t *key =3D g_new(uint64_t, 1); + uint64_t gfn =3D gpa >> AMDVI_PAGE_SHIFT_4K; + trace_amdvi_cache_update(domid, PCI_BUS_NUM(devid), PCI_SLOT(devid= ), PCI_FUNC(devid), gpa, to_cache.translated_addr); =20 --=20 MST