Marcelo Tosatti wrote:
> Mark zapped root pagetables as invalid and ignore such pages during lookup.
>
> This is a problem with the cr3-target feature, where a zapped root table fools
> the faulting code into creating a read-only mapping. The result is a lockup
> if the instruction can't be emulated.
>
> @@ -796,8 +797,10 @@ static void kvm_mmu_zap_page(struct kvm
> if (!sp->root_count) {
> hlist_del(&sp->hash_link);
> kvm_mmu_free_page(kvm, sp);
> - } else
> + } else {
> list_move(&sp->link, &kvm->arch.active_mmu_pages);
> + sp->role.invalid = 1;
> + }
> kvm_mmu_reset_last_pte_updated(kvm)
There's an smp issue here. You're marking a shadow page as invalid, but
it may be currently in use by another vcpu. So the shadow page and the
guest page may be out of sync.
A fix is to send an IPI to all vcpus in such a situation, and request
them to unload the mmu.
Also, we can't rely on memory pressure to flush out the invalid shadow
pages, because for many workloads the shadow cache is large enough (the
"mmu_recycled" counter never increments). So a check for (root_count ==
0 && role.invalid) when decrementing root_count can help to zap those pages.
--
Any sufficiently difficult bug is indistinguishable from a feature.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
kvm-devel mailing list
kvm-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/kvm-devel
