kvm: make --mem-path memory allocation depend on mmu notifiers

kvm: make --mem-path memory allocation depend on mmu notifiers

[Marcelo Tosatti]

Without mmu notifiers usage of hugepages to back guest memory can cause
memory corruption.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>


diff --git a/qemu/vl.c b/qemu/vl.c
index d0660ab..49cf066 100644
--- a/qemu/vl.c
+++ b/qemu/vl.c
@@ -4664,6 +4664,11 @@ void *alloc_mem_area(size_t memory, unsigned long *len, const char *path)
     void *area;
     int fd;
 
+    if (!kvm_has_sync_mmu()) {
+        fprintf(stderr, "host lacks mmu notifiers, disabling --mem-path\n");
+        return NULL;
+    }
+
     if (asprintf(&filename, "%s/kvm.XXXXXX", path) == -1)
 	return NULL;
 

Re: kvm: make --mem-path memory allocation depend on mmu notifiers

[Anthony Liguori]

Marcelo Tosatti wrote:
> Without mmu notifiers usage of hugepages to back guest memory can cause
> memory corruption.
>   

Really?  Why's that?  Sorry if I missed a previous discussion of this.

Regards,

Anthony Liguori

> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
>
>
> diff --git a/qemu/vl.c b/qemu/vl.c
> index d0660ab..49cf066 100644
> --- a/qemu/vl.c
> +++ b/qemu/vl.c
> @@ -4664,6 +4664,11 @@ void *alloc_mem_area(size_t memory, unsigned long *len, const char *path)
>      void *area;
>      int fd;
>  
> +    if (!kvm_has_sync_mmu()) {
> +        fprintf(stderr, "host lacks mmu notifiers, disabling --mem-path\n");
> +        return NULL;
> +    }
> +
>      if (asprintf(&filename, "%s/kvm.XXXXXX", path) == -1)
>  	return NULL;
>  
> --
> To unsubscribe from this list: send the line "unsubscribe kvm" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>   

Re: kvm: make --mem-path memory allocation depend on mmu notifiers

[Marcelo Tosatti]

On Tue, Jan 13, 2009 at 02:38:33PM -0600, Anthony Liguori wrote:
> Marcelo Tosatti wrote:
>> Without mmu notifiers usage of hugepages to back guest memory can cause
>> memory corruption.
>>   
>
> Really?  Why's that?  Sorry if I missed a previous discussion of this.

https://kerneltrap.org/mailarchive/linux-kvm/2008/12/10/4389914

Re: kvm: make --mem-path memory allocation depend on mmu notifiers

[David S. Ahern]

Marcelo Tosatti wrote:
> Without mmu notifiers usage of hugepages to back guest memory can cause
> memory corruption.
> 
> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
> 
> 
> diff --git a/qemu/vl.c b/qemu/vl.c
> index d0660ab..49cf066 100644
> --- a/qemu/vl.c
> +++ b/qemu/vl.c
> @@ -4664,6 +4664,11 @@ void *alloc_mem_area(size_t memory, unsigned long *len, const char *path)
>      void *area;
>      int fd;
>  
> +    if (!kvm_has_sync_mmu()) {
> +        fprintf(stderr, "host lacks mmu notifiers, disabling --mem-path\n");
> +        return NULL;
> +    }
> +
>      if (asprintf(&filename, "%s/kvm.XXXXXX", path) == -1)
>  	return NULL;
>  

That means you can't use hugepages with RHEL5 as the host OS. That's not
good for me. I've exclusively used hugepages for the past 6 months or
so, the past 2 months with RHEL5 as the host OS without a problem. How
likely is it to occur (theoretically possible or random selection)?

david


> --
> To unsubscribe from this list: send the line "unsubscribe kvm" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 

Re: kvm: make --mem-path memory allocation depend on mmu notifiers

[Marcelo Tosatti]

On Tue, Jan 13, 2009 at 01:57:09PM -0700, David S. Ahern wrote:
> 
> 
> Marcelo Tosatti wrote:
> > Without mmu notifiers usage of hugepages to back guest memory can cause
> > memory corruption.
> > 
> > Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
> > 
> > 
> > diff --git a/qemu/vl.c b/qemu/vl.c
> > index d0660ab..49cf066 100644
> > --- a/qemu/vl.c
> > +++ b/qemu/vl.c
> > @@ -4664,6 +4664,11 @@ void *alloc_mem_area(size_t memory, unsigned long *len, const char *path)
> >      void *area;
> >      int fd;
> >  
> > +    if (!kvm_has_sync_mmu()) {
> > +        fprintf(stderr, "host lacks mmu notifiers, disabling --mem-path\n");
> > +        return NULL;
> > +    }
> > +
> >      if (asprintf(&filename, "%s/kvm.XXXXXX", path) == -1)
> >  	return NULL;
> >  
> 
> That means you can't use hugepages with RHEL5 as the host OS. That's not
> good for me. I've exclusively used hugepages for the past 6 months or
> so, the past 2 months with RHEL5 as the host OS without a problem. How
> likely is it to occur (theoretically possible or random selection)?

What happens is that hugetlbfs quota accounting structures are freed
before the huge pages which kvm holds the last reference for are freed.

So the huge page freeing function may write to memory that might 
have been reallocated for some other purpose.

... but only since

commit c79fb75e5a514a5a35f22c229042aa29f4237e3a
Author: Adam Litke <agl@us.ibm.com>
Date:   Wed Nov 14 16:59:38 2007 -0800

    hugetlb: fix quota management for private mappings

Which is not included in RHEL5 in particular, so one can comment out the
kvm_has_sync_mmu check.