From: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
oliver.upton@linux.dev, Will Deacon <will@kernel.org>,
Anup Patel <apatel@ventanamicro.com>,
Andrew Jones <ajones@ventanamicro.com>,
linuxppc-dev@lists.ozlabs.org, regressions@lists.linux.dev
Subject: Re: [PATCH 5/5] KVM: e500: perform hugepage check after looking up the PFN
Date: Thu, 9 Jan 2025 11:07:24 -0800 [thread overview]
Message-ID: <Z4AebPhhcQfGVmNO@google.com> (raw)
In-Reply-To: <20250109133817.314401-6-pbonzini@redhat.com>
On Thu, Jan 09, 2025, Paolo Bonzini wrote:
> @@ -483,7 +383,7 @@ static inline int kvmppc_e500_shadow_map(struct kvmppc_vcpu_e500 *vcpu_e500,
> * can't run hence pfn won't change.
> */
> local_irq_save(flags);
> - ptep = find_linux_pte(pgdir, hva, NULL, NULL);
> + ptep = find_linux_pte(pgdir, hva, NULL, &psize);
> if (ptep) {
> pte_t pte = READ_ONCE(*ptep);
LOL, this code is such a mess. If no ptep is found, IRQs are left disabled. The
bug has existed since commit 691e95fd7396 ("powerpc/mm/thp: Make page table walk
safe against thp split/collapse"), i.e. we didn't accidentally delete a
local_irq_restore() at some point.
@@ -468,14 +469,23 @@ static inline int kvmppc_e500_shadow_map(struct kvmppc_vcpu_e500 *vcpu_e500,
pgdir = vcpu_e500->vcpu.arch.pgdir;
+ /*
+ * We are just looking at the wimg bits, so we don't
+ * care much about the trans splitting bit.
+ * We are holding kvm->mmu_lock so a notifier invalidate
+ * can't run hence pfn won't change.
+ */
+ local_irq_save(flags);
ptep = find_linux_pte_or_hugepte(pgdir, hva, NULL);
if (ptep) {
pte_t pte = READ_ONCE(*ptep);
- if (pte_present(pte))
+ if (pte_present(pte)) {
wimg = (pte_val(pte) >> PTE_WIMGE_SHIFT) &
MAS2_WIMGE_MASK;
- else {
+ local_irq_restore(flags);
+ } else {
+ local_irq_restore(flags);
pr_err_ratelimited("%s: pte not present: gfn %lx,pfn %lx\n",
__func__, (long)gfn, pfn);
ret = -EINVAL;
next prev parent reply other threads:[~2025-01-09 19:07 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-09 13:38 [PATCH 0/5] KVM: e500: map readonly host pages for read, and cleanup Paolo Bonzini
2025-01-09 13:38 ` [PATCH 1/5] KVM: e500: retry if no memslot is found Paolo Bonzini
2025-01-09 19:00 ` Sean Christopherson
2025-01-09 13:38 ` [PATCH 2/5] KVM: e500: use shadow TLB entry as witness for writability Paolo Bonzini
2025-01-09 19:01 ` Sean Christopherson
2025-01-09 13:38 ` [PATCH 3/5] KVM: e500: track host-writability of pages Paolo Bonzini
2025-01-09 13:38 ` [PATCH 4/5] KVM: e500: map readonly host pages for read Paolo Bonzini
2025-01-09 13:38 ` [PATCH 5/5] KVM: e500: perform hugepage check after looking up the PFN Paolo Bonzini
2025-01-09 19:07 ` Sean Christopherson [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-01-12 9:55 [PATCH v2 0/5] KVM: e500: map readonly host pages for read, and cleanup Paolo Bonzini
2025-01-12 9:55 ` [PATCH 5/5] KVM: e500: perform hugepage check after looking up the PFN Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z4AebPhhcQfGVmNO@google.com \
--to=seanjc@google.com \
--cc=ajones@ventanamicro.com \
--cc=apatel@ventanamicro.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=oliver.upton@linux.dev \
--cc=pbonzini@redhat.com \
--cc=regressions@lists.linux.dev \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.