On Wed, 03 Jun 2015 17:08:00 +0200
Paolo Bonzini <pbonz...@redhat.com> wrote:
>
>
> On 03/06/2015 16:05, Igor Mammedov wrote:
> >>> > > + rsvd_hva = memory_region_find_rsvd_hva(section->mr);
> >>> > > + if (rsvd_hva.mr) {
> >>> > > + start_addr = rsvd_hva.offset_within_address_space;
> >>> > > + size = int128_get64(rsvd_hva.size);
> >>> > > + ram = memory_region_get_ram_ptr(rsvd_hva.mr);
> >>> > > + } else {
> >>> > > + ram = memory_region_get_ram_ptr(section->mr) +
> >>> > > section->offset_within_region;
> >>> > > + }
> >> >
> >> > I don't think this is needed.
> >> >
> >> > What _could_ be useful is to merge adjacent ranges even if they are
> >> > partly unmapped, but your patch doesn't do that.
> > merging/splitting for adjacent regions is done at following
> > vhost_dev_(un)assign_memory() but it doesn't cover cases with
> > gaps in between.
> >
> > Trying to make merging/splitting work with gaps might be more
> > complicated (I haven't tried though), than just passing known
> > in advance whole rsvd_hva range.
> >
> > More over if/when initial memory also converted to rsvd_hva
> > (aliasing stopped me there for now), we could throw away all
> > this merging and just keep a single rsvd_hva range for all RAM here.
>
> Understood now. This still should be a separate patch. I'm much more
> confident with the other two (e.g. what happens if a malicious guest
> writes to memory that is still MAP_NORESERVE),
it should get SIGSEVG due to access to PROT_NONE.
> so feel free to post
> those without RFC tag. But the vhost one really needs mst's eyes.
ok, I'll split it out.
>
> Paolo
