find_ring_mfn() already holds a page reference when trying to obtain a
writable type reference. We shouldn't make assumptions on the general
reference count limit being effectively "infinity". Obtain merely a type
ref, re-using the general ref by only dropping the previously acquired
one in the case of an error.
Signed-off-by: Jan Beulich <jbeul...@suse.com>
---
I further question the log-dirty check there: The present P2M type of a
page doesn't really matter for writing to the page (plus it's stale by
the time it is looked at). Instead I think every write to such a page
needs to be accompanied by a call to paging_mark_dirty().
---
v2: Re-base.
--- a/xen/common/argo.c
+++ b/xen/common/argo.c
@@ -1426,7 +1426,7 @@ find_ring_mfn(struct domain *d, gfn_t gf
switch ( p2mt )
{
case p2m_ram_rw:
- if ( !get_page_and_type(page, d, PGT_writable_page) )
+ if ( !get_page_type(page, PGT_writable_page) )
ret = -EINVAL;
break;
@@ -1441,7 +1441,8 @@ find_ring_mfn(struct domain *d, gfn_t gf
break;
}
- put_page(page);
+ if ( unlikely(ret) )
+ put_page(page);
return ret;
}
