From mboxrd@z Thu Jan  1 00:00:00 1970
From: Marcelo Tosatti <mtosatti@redhat.com>
Subject: Re: missing kvm smp tlb flush in invlpg
Date: Sun, 15 Mar 2009 16:23:42 -0300
Message-ID: <20090315192342.GA6651@amt.cnet>
References: <20090312171843.GU27823@random.random>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: kvm@vger.kernel.org
To: Andrea Arcangeli <aarcange@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx2.redhat.com ([66.187.237.31]:38741 "EHLO mx2.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753055AbZCOTYq (ORCPT <rfc822;kvm@vger.kernel.org>);
	Sun, 15 Mar 2009 15:24:46 -0400
Received: from int-mx2.corp.redhat.com (int-mx2.corp.redhat.com [172.16.27.26])
	by mx2.redhat.com (8.13.8/8.13.8) with ESMTP id n2FJOjUI020391
	for <kvm@vger.kernel.org>; Sun, 15 Mar 2009 15:24:45 -0400
Content-Disposition: inline
In-Reply-To: <20090312171843.GU27823@random.random>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On Thu, Mar 12, 2009 at 06:18:43PM +0100, Andrea Arcangeli wrote:
> From: Andrea Arcangeli <aarcange@redhat.com>
> 
> While looking at invlpg out of sync code with Izik I think I noticed a
> missing smp tlb flush here. Without this the other cpu can still write
> to a freed host physical page. tlb smp flush must happen if
> rmap_remove is called always before mmu_lock is released because the
> VM will take the mmu_lock before it can finally add the page to the
> freelist after swapout. mmu notifier makes it safe to flush the tlb
> after freeing the page (otherwise it would never be safe) so we can do
> a single flush for multiple sptes invalidated.

I think this fix is more expensive than it needs to be, but better than
being unsafe for now.

Acked-by: Marcelo Tosatti <mtosatti@redhat.com>