From: Chris Friesen <chris.friesen@windriver.com>
To: "Herongguang (Stephen)" <herongguang.he@huawei.com>,
Paolo Bonzini <pbonzini@redhat.com>,
"Han, Huaitong" <huaitong.han@intel.com>,
"hangaohuai@huawei.com" <hangaohuai@huawei.com>,
<stable@vger.kernel.org>
Cc: "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"fangying1@huawei.com" <fangying1@huawei.com>,
"xudong.hao@linux.intel.com" <xudong.hao@linux.intel.com>,
"qemu-devel@nongnu.org" <qemu-devel@nongnu.org>,
"wangxinxin.wang@huawei.com" <wangxinxin.wang@huawei.com>,
"kai.huang@linux.intel.com" <kai.huang@linux.intel.com>,
"rkrcmar@redhat.com" <rkrcmar@redhat.com>,
"guangrong.xiao@linux.intel.com" <guangrong.xiao@linux.intel.com>,
<linux-kernel@vger.kernel.org>
Subject: Re: [Qemu-devel] kvm bug in __rmap_clear_dirty during live migration
Date: Fri, 24 Feb 2017 09:10:11 -0600 [thread overview]
Message-ID: <58B04CD3.7010304@windriver.com> (raw)
In-Reply-To: <58AF9921.6060201@huawei.com>
On 02/23/2017 08:23 PM, Herongguang (Stephen) wrote:
> On 2017/2/22 22:43, Paolo Bonzini wrote:
>> Hopefully Gaohuai and Rongguang can help with this too.
>>
>> Paolo
>>
>> .
>>
> Yes, we are looking into and testing this.
>
> I think this can result in any memory corruption, if VM1 writes its
> PML buffer into VM2’s VMCS (since sched_in/sched_out notifier of VM1
> is not registered yet), then VM1 is destroyed (hence its PML buffer
> is freed back to kernel), after that, VM2 starts migration, so CPU
> logs VM2’s dirty GFNS into a freed memory, results in any memory corruption.
>
> As its severity, this commit
> (http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4e59516a12a6ef6dcb660cb3a3f70c64bd60cfec)
>
> is eligible to back port to kernel stable.
>
Are we expecting that fix to resolve the original issue, or is it a separate
issue that needs fixing in stable?
Chris
next prev parent reply other threads:[~2017-02-24 15:10 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <589C7E96.9060905@huawei.com>
[not found] ` <589D83CE.1090803@huawei.com>
[not found] ` <589DDC05.9010807@windriver.com>
[not found] ` <58AA51D6.6020508@huawei.com>
[not found] ` <1487565495.3740.27.camel@intel.com>
[not found] ` <58AD0094.90304@windriver.com>
[not found] ` <4dd92012-626a-2d80-9adb-0be398f73eb1@redhat.com>
[not found] ` <58AD92AE.6040502@windriver.com>
[not found] ` <6c5567f4-192d-aefd-90e4-89f53479c24e@redhat.com>
2017-02-24 2:23 ` [Qemu-devel] kvm bug in __rmap_clear_dirty during live migration Herongguang (Stephen)
2017-02-24 9:35 ` Herongguang (Stephen)
2017-02-24 9:59 ` Greg KH
2017-02-24 10:00 ` Paolo Bonzini
2017-02-24 10:07 ` Greg KH
2017-02-24 15:10 ` Chris Friesen [this message]
2017-02-24 15:14 ` Paolo Bonzini
2017-02-25 1:44 ` Herongguang (Stephen)
2017-02-27 7:38 ` Huang, Kai
2017-03-13 14:58 ` fangying
2017-03-13 16:57 ` Paolo Bonzini
2017-03-16 1:40 ` Huang, Kai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=58B04CD3.7010304@windriver.com \
--to=chris.friesen@windriver.com \
--cc=fangying1@huawei.com \
--cc=guangrong.xiao@linux.intel.com \
--cc=hangaohuai@huawei.com \
--cc=herongguang.he@huawei.com \
--cc=huaitong.han@intel.com \
--cc=kai.huang@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=rkrcmar@redhat.com \
--cc=stable@vger.kernel.org \
--cc=wangxinxin.wang@huawei.com \
--cc=xudong.hao@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).