From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Re: KVM: mmu_notifiers release method
Date: Wed, 24 Dec 2008 14:50:57 +0200
Message-ID: <49523031.1000305@redhat.com>
References: <20081210202326.GA7565@dmt.cnet>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Andrea Arcangeli <aarcange@redhat.com>,
	kvm-devel <kvm@vger.kernel.org>
To: Marcelo Tosatti <mtosatti@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx2.redhat.com ([66.187.237.31]:58085 "EHLO mx2.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751057AbYLXMvB (ORCPT <rfc822;kvm@vger.kernel.org>);
	Wed, 24 Dec 2008 07:51:01 -0500
Received: from int-mx2.corp.redhat.com (int-mx2.corp.redhat.com [172.16.27.26])
	by mx2.redhat.com (8.13.8/8.13.8) with ESMTP id mBOCp0pn025082
	for <kvm@vger.kernel.org>; Wed, 24 Dec 2008 07:51:00 -0500
In-Reply-To: <20081210202326.GA7565@dmt.cnet>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

Marcelo Tosatti wrote:
> The destructor for huge pages uses the backing inode for adjusting
> hugetlbfs accounting.
>
> Hugepage mappings are destroyed by exit_mmap, after
> mmu_notifier_release, so there are no notifications through
> unmap_hugepage_range at this point.
>
> The hugetlbfs inode can be freed with pages backed by it referenced
> by the shadow. When the shadow releases its reference, the huge page
> destructor will access a now freed inode.
>
> Implement the release operation for kvm mmu notifiers to release page
> refs before the hugetlbfs inode is gone.
>
>   

I see this isn't it.  Andrea, comments?


> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
>
>
> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> index e7644b9..5bc38b5 100644
> --- a/virt/kvm/kvm_main.c
> +++ b/virt/kvm/kvm_main.c
> @@ -741,11 +741,19 @@ static int kvm_mmu_notifier_clear_flush_young(struct mmu_notifier *mn,
>  	return young;
>  }
>  
> +static void kvm_mmu_notifier_release(struct mmu_notifier *mn,
> +				     struct mm_struct *mm)
> +{
> +	struct kvm *kvm = mmu_notifier_to_kvm(mn);
> +	kvm_arch_flush_shadow(kvm);
> +}
> +
>  static const struct mmu_notifier_ops kvm_mmu_notifier_ops = {
>  	.invalidate_page	= kvm_mmu_notifier_invalidate_page,
>  	.invalidate_range_start	= kvm_mmu_notifier_invalidate_range_start,
>  	.invalidate_range_end	= kvm_mmu_notifier_invalidate_range_end,
>  	.clear_flush_young	= kvm_mmu_notifier_clear_flush_young,
> +	.release		= kvm_mmu_notifier_release,
>  };
>  #endif /* CONFIG_MMU_NOTIFIER && KVM_ARCH_WANT_MMU_NOTIFIER */
>  
>   


-- 
error compiling committee.c: too many arguments to function