From: Sean Christopherson <seanjc@google.com>
To: David Stevens <stevensd@chromium.org>
Cc: Wanpeng Li <wanpengli@tencent.com>,
kvm@vger.kernel.org, Marc Zyngier <maz@kernel.org>,
Joerg Roedel <joro@8bytes.org>,
linux-kernel@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
Will Deacon <will@kernel.org>,
kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org,
Jim Mattson <jmattson@google.com>
Subject: Re: [PATCH v5 1/4] KVM: mmu: introduce new gfn_to_pfn_page functions
Date: Thu, 30 Dec 2021 19:26:49 +0000 [thread overview]
Message-ID: <Yc4H+dGfK83BaGpC@google.com> (raw)
In-Reply-To: <20211129034317.2964790-2-stevensd@google.com>
On Mon, Nov 29, 2021, David Stevens wrote:
> +static kvm_pfn_t ensure_pfn_ref(struct page *page, kvm_pfn_t pfn)
"ensure" is rather misleading as that implies this is _just_ an assertion, but
that's not true since it elevates the refcount. Maybe kvm_try_get_page_ref()?
> +{
> + if (page || is_error_pfn(pfn))
A comment above here would be very helpful. It's easy to overlook the "page"
check and think that KVM is double-counting pages. E.g.
/* If @page is valid, KVM already has a reference to the pfn/page. */
That would tie in nicely with the kvm_try_get_page_ref() name too.
> + return pfn;
> +
> + /*
> + * If we're here, a pfn resolved by hva_to_pfn_remapped is
> + * going to be returned to something that ultimately calls
> + * kvm_release_pfn_clean, so the refcount needs to be bumped if
> + * the pfn isn't a reserved pfn.
> + *
> + * Whoever called remap_pfn_range is also going to call e.g.
> + * unmap_mapping_range before the underlying pages are freed,
> + * causing a call to our MMU notifier.
> + *
> + * Certain IO or PFNMAP mappings can be backed with valid
> + * struct pages, but be allocated without refcounting e.g.,
> + * tail pages of non-compound higher order allocations, which
> + * would then underflow the refcount when the caller does the
> + * required put_page. Don't allow those pages here.
> + */
> + if (kvm_is_reserved_pfn(pfn) ||
> + get_page_unless_zero(pfn_to_page(pfn)))
> + return pfn;
> +
> + return KVM_PFN_ERR_FAULT;
> +}
_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
WARNING: multiple messages have this Message-ID (diff)
From: Sean Christopherson <seanjc@google.com>
To: David Stevens <stevensd@chromium.org>
Cc: Marc Zyngier <maz@kernel.org>,
Paolo Bonzini <pbonzini@redhat.com>,
James Morse <james.morse@arm.com>,
Alexandru Elisei <alexandru.elisei@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Will Deacon <will@kernel.org>, Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
linux-arm-kernel@lists.infradead.org,
kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org
Subject: Re: [PATCH v5 1/4] KVM: mmu: introduce new gfn_to_pfn_page functions
Date: Thu, 30 Dec 2021 19:26:49 +0000 [thread overview]
Message-ID: <Yc4H+dGfK83BaGpC@google.com> (raw)
In-Reply-To: <20211129034317.2964790-2-stevensd@google.com>
On Mon, Nov 29, 2021, David Stevens wrote:
> +static kvm_pfn_t ensure_pfn_ref(struct page *page, kvm_pfn_t pfn)
"ensure" is rather misleading as that implies this is _just_ an assertion, but
that's not true since it elevates the refcount. Maybe kvm_try_get_page_ref()?
> +{
> + if (page || is_error_pfn(pfn))
A comment above here would be very helpful. It's easy to overlook the "page"
check and think that KVM is double-counting pages. E.g.
/* If @page is valid, KVM already has a reference to the pfn/page. */
That would tie in nicely with the kvm_try_get_page_ref() name too.
> + return pfn;
> +
> + /*
> + * If we're here, a pfn resolved by hva_to_pfn_remapped is
> + * going to be returned to something that ultimately calls
> + * kvm_release_pfn_clean, so the refcount needs to be bumped if
> + * the pfn isn't a reserved pfn.
> + *
> + * Whoever called remap_pfn_range is also going to call e.g.
> + * unmap_mapping_range before the underlying pages are freed,
> + * causing a call to our MMU notifier.
> + *
> + * Certain IO or PFNMAP mappings can be backed with valid
> + * struct pages, but be allocated without refcounting e.g.,
> + * tail pages of non-compound higher order allocations, which
> + * would then underflow the refcount when the caller does the
> + * required put_page. Don't allow those pages here.
> + */
> + if (kvm_is_reserved_pfn(pfn) ||
> + get_page_unless_zero(pfn_to_page(pfn)))
> + return pfn;
> +
> + return KVM_PFN_ERR_FAULT;
> +}
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Sean Christopherson <seanjc@google.com>
To: David Stevens <stevensd@chromium.org>
Cc: Marc Zyngier <maz@kernel.org>,
Paolo Bonzini <pbonzini@redhat.com>,
James Morse <james.morse@arm.com>,
Alexandru Elisei <alexandru.elisei@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Will Deacon <will@kernel.org>, Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
linux-arm-kernel@lists.infradead.org,
kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org
Subject: Re: [PATCH v5 1/4] KVM: mmu: introduce new gfn_to_pfn_page functions
Date: Thu, 30 Dec 2021 19:26:49 +0000 [thread overview]
Message-ID: <Yc4H+dGfK83BaGpC@google.com> (raw)
In-Reply-To: <20211129034317.2964790-2-stevensd@google.com>
On Mon, Nov 29, 2021, David Stevens wrote:
> +static kvm_pfn_t ensure_pfn_ref(struct page *page, kvm_pfn_t pfn)
"ensure" is rather misleading as that implies this is _just_ an assertion, but
that's not true since it elevates the refcount. Maybe kvm_try_get_page_ref()?
> +{
> + if (page || is_error_pfn(pfn))
A comment above here would be very helpful. It's easy to overlook the "page"
check and think that KVM is double-counting pages. E.g.
/* If @page is valid, KVM already has a reference to the pfn/page. */
That would tie in nicely with the kvm_try_get_page_ref() name too.
> + return pfn;
> +
> + /*
> + * If we're here, a pfn resolved by hva_to_pfn_remapped is
> + * going to be returned to something that ultimately calls
> + * kvm_release_pfn_clean, so the refcount needs to be bumped if
> + * the pfn isn't a reserved pfn.
> + *
> + * Whoever called remap_pfn_range is also going to call e.g.
> + * unmap_mapping_range before the underlying pages are freed,
> + * causing a call to our MMU notifier.
> + *
> + * Certain IO or PFNMAP mappings can be backed with valid
> + * struct pages, but be allocated without refcounting e.g.,
> + * tail pages of non-compound higher order allocations, which
> + * would then underflow the refcount when the caller does the
> + * required put_page. Don't allow those pages here.
> + */
> + if (kvm_is_reserved_pfn(pfn) ||
> + get_page_unless_zero(pfn_to_page(pfn)))
> + return pfn;
> +
> + return KVM_PFN_ERR_FAULT;
> +}
next prev parent reply other threads:[~2021-12-30 19:26 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-29 3:43 [PATCH v5 0/4] KVM: allow mapping non-refcounted pages David Stevens
2021-11-29 3:43 ` David Stevens
2021-11-29 3:43 ` David Stevens
2021-11-29 3:43 ` [PATCH v5 1/4] KVM: mmu: introduce new gfn_to_pfn_page functions David Stevens
2021-11-29 3:43 ` David Stevens
2021-11-29 3:43 ` David Stevens
2021-12-30 19:26 ` Sean Christopherson [this message]
2021-12-30 19:26 ` Sean Christopherson
2021-12-30 19:26 ` Sean Christopherson
2021-11-29 3:43 ` [PATCH v5 2/4] KVM: x86/mmu: use gfn_to_pfn_page David Stevens
2021-11-29 3:43 ` David Stevens
2021-11-29 3:43 ` David Stevens
2021-12-30 19:30 ` Sean Christopherson
2021-12-30 19:30 ` Sean Christopherson
2021-12-30 19:30 ` Sean Christopherson
2021-11-29 3:43 ` [PATCH v5 3/4] KVM: arm64/mmu: " David Stevens
2021-11-29 3:43 ` David Stevens
2021-11-29 3:43 ` David Stevens
2021-12-30 19:45 ` Sean Christopherson
2021-12-30 19:45 ` Sean Christopherson
2021-12-30 19:45 ` Sean Christopherson
2021-11-29 3:43 ` [PATCH v5 4/4] KVM: mmu: remove over-aggressive warnings David Stevens
2021-11-29 3:43 ` David Stevens
2021-11-29 3:43 ` David Stevens
2021-12-30 19:22 ` Sean Christopherson
2021-12-30 19:22 ` Sean Christopherson
2021-12-30 19:22 ` Sean Christopherson
2022-01-05 7:14 ` David Stevens
2022-01-05 7:14 ` David Stevens
2022-01-05 7:14 ` David Stevens
2022-01-05 19:02 ` Sean Christopherson
2022-01-05 19:02 ` Sean Christopherson
2022-01-05 19:02 ` Sean Christopherson
2022-01-05 19:19 ` Sean Christopherson
2022-01-05 19:19 ` Sean Christopherson
2022-01-05 19:19 ` Sean Christopherson
2022-01-06 2:42 ` David Stevens
2022-01-06 2:42 ` David Stevens
2022-01-06 2:42 ` David Stevens
2022-01-06 17:38 ` Sean Christopherson
2022-01-06 17:38 ` Sean Christopherson
2022-01-06 17:38 ` Sean Christopherson
2022-01-07 2:21 ` David Stevens
2022-01-07 2:21 ` David Stevens
2022-01-07 2:21 ` David Stevens
2022-01-07 16:31 ` Sean Christopherson
2022-01-07 16:31 ` Sean Christopherson
2022-01-07 16:31 ` Sean Christopherson
2022-01-07 16:46 ` Sean Christopherson
2022-01-07 16:46 ` Sean Christopherson
2022-01-07 16:46 ` Sean Christopherson
2022-01-10 23:47 ` David Stevens
2022-01-10 23:47 ` David Stevens
2022-01-10 23:47 ` David Stevens
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Yc4H+dGfK83BaGpC@google.com \
--to=seanjc@google.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=pbonzini@redhat.com \
--cc=stevensd@chromium.org \
--cc=wanpengli@tencent.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.