scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2150660

commit 67ff3d0
Author: Michael Kelley <mikelley@microsoft.com>
Date:   Sun Dec 4 11:52:44 2022 -0800

    scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM

    storvsc_queuecommand() maps the scatter/gather list using scsi_dma_map(),
    which in a confidential VM allocates swiotlb bounce buffers. If the I/O
    submission fails in storvsc_do_io(), the I/O is typically retried by higher
    level code, but the bounce buffer memory is never freed.  The mostly like
    cause of I/O submission failure is a full VMBus channel ring buffer, which
    is not uncommon under high I/O loads.  Eventually enough bounce buffer
    memory leaks that the confidential VM can't do any I/O. The same problem
    can arise in a non-confidential VM with kernel boot parameter
    swiotlb=force.

    Fix this by doing scsi_dma_unmap() in the case of an I/O submission
    error, which frees the bounce buffer memory.

    Fixes: 743b237 ("scsi: storvsc: Add Isolation VM support for storvsc driver")
    Signed-off-by: Michael Kelley <mikelley@microsoft.com>
    Link: https://lore.kernel.org/r/1670183564-76254-1-git-send-email-mikelley@microsoft.com
    Tested-by: Dexuan Cui <decui@microsoft.com>
    Reviewed-by: Dexuan Cui <decui@microsoft.com>
    Reviewed-by: Tianyu Lan <Tianyu.Lan@microsoft.com>
    Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>

Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>

Author: esposem

drivers/scsi/storvsc_drv.c

@@ -1828,6 +1828,9 @@ static int storvsc_queuecommand(struct Scsi_Host *host, struct scsi_cmnd *scmnd)
 	ret = storvsc_do_io(dev, cmd_request, get_cpu());
 	put_cpu();
 
+	if (ret)
+		scsi_dma_unmap(scmnd);
+
 	if (ret == -EAGAIN) {
 		/* no more space */
 		ret = SCSI_MLQUEUE_DEVICE_BUSY;