From mboxrd@z Thu Jan  1 00:00:00 1970
From: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Subject: Re: [PATCH v3 7/8] KVM: MMU: Validate all gptes during fetch, not
 just those used for new pages
Date: Tue, 13 Jul 2010 12:27:28 +0800
Message-ID: <4C3BEB30.3000001@cn.fujitsu.com>
References: <1278951351-6300-1-git-send-email-avi@redhat.com> <1278951351-6300-8-git-send-email-avi@redhat.com> <4C3BC68B.5050205@cn.fujitsu.com> <4C3BE8FA.8050607@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: Marcelo Tosatti <mtosatti@redhat.com>, kvm@vger.kernel.org
To: Avi Kivity <avi@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from cn.fujitsu.com ([222.73.24.84]:60293 "EHLO song.cn.fujitsu.com"
	rhost-flags-OK-FAIL-OK-OK) by vger.kernel.org with ESMTP
	id S1750747Ab0GMEb1 (ORCPT <rfc822;kvm@vger.kernel.org>);
	Tue, 13 Jul 2010 00:31:27 -0400
In-Reply-To: <4C3BE8FA.8050607@redhat.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>



Avi Kivity wrote:

>>>           /*
>>>            * Verify that the gpte in the page we've just write
>>>            * protected is still there.
>>>            */
>>>           if (!FNAME(validate_indirect_spte)(vcpu, sptep, sp,
>>> -                           gw, level - 1)) {
>>> -            kvm_release_pfn_clean(pfn);
>>> -            return NULL;
>>> -        }
>>> +                           gw, level - 1))
>>> +            goto out_error;
>>>
>>>      
>> It missed the last mapping check? i only see validate_indirect_spte in
>> 'level>  gw->level' loop.
>>    
> 
> But we check 'level - 1' here, so the final level is included.  It is
> the top level that is not checked in the loop (we check it separately,
> above).
> 

Yeah, you are right!