From 99894a799f09cf9e28296bb16e75bd5830fd2c4e Mon Sep 17 00:00:00 2001 From: Avi Kivity Date: Sun, 29 Mar 2009 16:31:25 +0300 Subject: KVM: MMU: Fix off-by-one calculating large page count The large page initialization code concludes there are two large pages spanned by a slot covering 1 (small) page starting at gfn 1. This is incorrect, and also results in incorrect write_count initialization in some cases (base = 1, npages = 513 for example). Cc: stable@kernel.org Signed-off-by: Avi Kivity --- virt/kvm/kvm_main.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 605697e9c4d..28d693a1ee8 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -920,6 +920,7 @@ int __kvm_set_memory_region(struct kvm *kvm, int r; gfn_t base_gfn; unsigned long npages; + int largepages; unsigned long i; struct kvm_memory_slot *memslot; struct kvm_memory_slot old, new; @@ -995,11 +996,8 @@ int __kvm_set_memory_region(struct kvm *kvm, new.userspace_addr = 0; } if (npages && !new.lpage_info) { - int largepages = npages / KVM_PAGES_PER_HPAGE; - if (npages % KVM_PAGES_PER_HPAGE) - largepages++; - if (base_gfn % KVM_PAGES_PER_HPAGE) - largepages++; + largepages = 1 + (base_gfn + npages - 1) / KVM_PAGES_PER_HPAGE; + largepages -= base_gfn / KVM_PAGES_PER_HPAGE; new.lpage_info = vmalloc(largepages * sizeof(*new.lpage_info)); -- cgit v1.2.3 From d24d2c1cc4156102f9df9cd0425d58cabf955519 Mon Sep 17 00:00:00 2001 From: Jes Sorensen Date: Thu, 9 Apr 2009 16:38:14 +0200 Subject: KVM: ia64: fix locking order entering guest Reorder locking as down_read() may return with local interrupts enabled, which means we could go into vti_vcpu_run() with interrupts enabled. This caused random crashes on the Altix as the timer interrupt tried to read a memory mapped clock source, for which the TLB had not yet been reinstated in the exit, before ipsr was retored. Signed-off-by: Jes Sorensen Acked-by: Xiantao Zhang Signed-off-by: Avi Kivity --- arch/ia64/kvm/kvm-ia64.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/arch/ia64/kvm/kvm-ia64.c b/arch/ia64/kvm/kvm-ia64.c index 28af6a731bb..d20a5db4c4d 100644 --- a/arch/ia64/kvm/kvm-ia64.c +++ b/arch/ia64/kvm/kvm-ia64.c @@ -610,20 +610,22 @@ static int __vcpu_run(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run) int r; again: - preempt_disable(); - local_irq_disable(); - if (signal_pending(current)) { - local_irq_enable(); - preempt_enable(); r = -EINTR; kvm_run->exit_reason = KVM_EXIT_INTR; goto out; } + /* + * down_read() may sleep and return with interrupts enabled + */ + down_read(&vcpu->kvm->slots_lock); + + preempt_disable(); + local_irq_disable(); + vcpu->guest_mode = 1; kvm_guest_enter(); - down_read(&vcpu->kvm->slots_lock); r = vti_vcpu_run(vcpu, kvm_run); if (r < 0) { local_irq_enable(); -- cgit v1.2.3 From bf47a760f66add7870fba33ab50f58b550d6bbd1 Mon Sep 17 00:00:00 2001 From: Marcelo Tosatti Date: Sun, 5 Apr 2009 14:54:46 -0300 Subject: KVM: MMU: disable global page optimization Complexity to fix it not worthwhile the gains, as discussed in http://article.gmane.org/gmane.comp.emulators.kvm.devel/28649. Cc: stable@kernel.org Signed-off-by: Marcelo Tosatti Signed-off-by: Avi Kivity --- arch/x86/kvm/mmu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index 2a36f7f7c4c..b6caf1329b1 100644 --- a/arch/x86/kvm/mmu.c +++ b/arch/x86/kvm/mmu.c @@ -1248,7 +1248,7 @@ static struct kvm_mmu_page *kvm_mmu_get_page(struct kvm_vcpu *vcpu, pgprintk("%s: adding gfn %lx role %x\n", __func__, gfn, role.word); sp->gfn = gfn; sp->role = role; - sp->global = role.cr4_pge; + sp->global = 0; hlist_add_head(&sp->hash_link, bucket); if (!direct) { if (rmap_write_protect(vcpu->kvm, gfn)) -- cgit v1.2.3 From 4cd481f68dde99ac416003b825c835f71e364393 Mon Sep 17 00:00:00 2001 From: Jan Kiszka Date: Mon, 13 Apr 2009 11:59:32 +0200 Subject: KVM: Fix overlapping check for memory slots When checking for overlapping slots on registration of a new one, kvm currently also considers zero-length (ie. deleted) slots and rejects requests incorrectly. This finally denies user space from joining slots. Fix the check by skipping deleted slots and advertise this via a KVM_CAP_JOIN_MEMORY_REGIONS_WORKS. Cc: stable@kernel.org Signed-off-by: Jan Kiszka Signed-off-by: Avi Kivity --- include/linux/kvm.h | 2 ++ virt/kvm/kvm_main.c | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/include/linux/kvm.h b/include/linux/kvm.h index 311a073afe8..8cc137911b3 100644 --- a/include/linux/kvm.h +++ b/include/linux/kvm.h @@ -409,6 +409,8 @@ struct kvm_trace_rec { #ifdef __KVM_HAVE_DEVICE_ASSIGNMENT #define KVM_CAP_DEVICE_DEASSIGNMENT 27 #endif +/* Another bug in KVM_SET_USER_MEMORY_REGION fixed: */ +#define KVM_CAP_JOIN_MEMORY_REGIONS_WORKS 30 #ifdef KVM_CAP_IRQ_ROUTING diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 28d693a1ee8..1ecbe2391c8 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -961,7 +961,7 @@ int __kvm_set_memory_region(struct kvm *kvm, for (i = 0; i < KVM_MEMORY_SLOTS; ++i) { struct kvm_memory_slot *s = &kvm->memslots[i]; - if (s == memslot) + if (s == memslot || !s->npages) continue; if (!((base_gfn + npages <= s->base_gfn) || (base_gfn >= s->base_gfn + s->npages))) @@ -1983,6 +1983,7 @@ static long kvm_dev_ioctl_check_extension_generic(long arg) switch (arg) { case KVM_CAP_USER_MEMORY: case KVM_CAP_DESTROY_MEMORY_REGION_WORKS: + case KVM_CAP_JOIN_MEMORY_REGIONS_WORKS: return 1; #ifdef CONFIG_HAVE_KVM_IRQCHIP case KVM_CAP_IRQ_ROUTING: -- cgit v1.2.3 From 7f1ea208968f021943d4103ba59e06bb6d8239cb Mon Sep 17 00:00:00 2001 From: Joerg Roedel Date: Wed, 25 Feb 2009 16:08:31 +0100 Subject: KVM: x86: release time_page on vcpu destruction Not releasing the time_page causes a leak of that page or the compound page it is situated in. Cc: stable@kernel.org Signed-off-by: Joerg Roedel Signed-off-by: Avi Kivity --- arch/x86/kvm/x86.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 8ca100a9eca..a1ecec5c03e 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -4159,6 +4159,11 @@ EXPORT_SYMBOL_GPL(kvm_put_guest_fpu); void kvm_arch_vcpu_free(struct kvm_vcpu *vcpu) { + if (vcpu->arch.time_page) { + kvm_release_page_dirty(vcpu->arch.time_page); + vcpu->arch.time_page = NULL; + } + kvm_x86_ops->vcpu_free(vcpu); } -- cgit v1.2.3 From 888d256e9c565cb61505bd218eb37c81fe77a325 Mon Sep 17 00:00:00 2001 From: Jan Kiszka Date: Fri, 17 Apr 2009 19:24:58 +0200 Subject: KVM: Unregister cpufreq notifier on unload Properly unregister cpufreq notifier on onload if it was registered during init. Signed-off-by: Jan Kiszka Signed-off-by: Avi Kivity --- arch/x86/kvm/x86.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index a1ecec5c03e..7c1ce5ac613 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -2775,6 +2775,9 @@ out: void kvm_arch_exit(void) { + if (!boot_cpu_has(X86_FEATURE_CONSTANT_TSC)) + cpufreq_unregister_notifier(&kvmclock_cpufreq_notifier_block, + CPUFREQ_TRANSITION_NOTIFIER); kvm_x86_ops = NULL; kvm_mmu_module_exit(); } -- cgit v1.2.3