On Thu, Feb 11, 2021 at 09:44:07PM +0100, David Hildenbrand wrote: > Let‘s take a look at init-on-free. > > The guest zeroes a page and puts it onto a buddy freelist. Free page > reporting code takes it off that list and reports it to the hypervisor. The > hypervisor discards the physical page and tells the guest he‘s done > processing the page. The guest re-places the page onto the free page list. > > From that point on, the page can be re-allocated inside the guest and is > assumed to be zero. On access, a fresh (zeroed) page is populated by the > hypervisor. The guest won‘t re-zero the page, as it has the guarantee (from > free page reporting) that the page remained zero. > > Write-protecting the unpopulated page won‘t work as discussed.
IMHO no matter if it's init_on_alloc or init_on_free or both, as long as it's inited in some way then it means the guest OS wrote to it. Then wr-protect will work.. MADV_DONTNEED during live snapshot seems to be a separate topic as you mentioned in the other thread. For that, I agree we'd better simply let virtio_balloon_inhibited() to return true for live snapshot too just like postcopy. Thanks, -- Peter Xu