]> git.baikalelectronics.ru Git - kernel.git/commit
KVM: x86/mmu: Ensure TDP MMU roots are freed after yield
authorBen Gardon <bgardon@google.com>
Thu, 7 Jan 2021 00:19:34 +0000 (16:19 -0800)
committerPaolo Bonzini <pbonzini@redhat.com>
Thu, 7 Jan 2021 23:11:31 +0000 (18:11 -0500)
commitc75fd30290fb5a935c365805e45a5b5f17aad305
tree5f2b41f8c8b04523e628a4599aaa46df9c2e468d
parent9024a9c527097971e66240023dd1b424f89489a8
KVM: x86/mmu: Ensure TDP MMU roots are freed after yield

Many TDP MMU functions which need to perform some action on all TDP MMU
roots hold a reference on that root so that they can safely drop the MMU
lock in order to yield to other threads. However, when releasing the
reference on the root, there is a bug: the root will not be freed even
if its reference count (root_count) is reduced to 0.

To simplify acquiring and releasing references on TDP MMU root pages, and
to ensure that these roots are properly freed, move the get/put operations
into another TDP MMU root iterator macro.

Moving the get/put operations into an iterator macro also helps
simplify control flow when a root does need to be freed. Note that using
the list_for_each_entry_safe macro would not have been appropriate in
this situation because it could keep a pointer to the next root across
an MMU lock release + reacquire, during which time that root could be
freed.

Reported-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Fixes: 56d8cae20031 ("kvm: x86/mmu: Support zapping SPTEs in the TDP MMU")
Fixes: 0eda787794f5 ("kvm: x86/mmu: Support invalidate range MMU notifier for TDP MMU")
Fixes: c63f26e3339f ("kvm: x86/mmu: Support dirty logging for the TDP MMU")
Fixes: 5c53ee5ce54d ("kvm: x86/mmu: Support disabling dirty logging for the tdp MMU")
Signed-off-by: Ben Gardon <bgardon@google.com>
Message-Id: <20210107001935.3732070-1-bgardon@google.com>
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
arch/x86/kvm/mmu/tdp_mmu.c