On 3/29/23 16:28, Paolo Bonzini wrote:
On 3/29/23 15:54, Christian König wrote:
KVM tries to grab references to pages in VMAs marked with VM_PFNMAP.
This is illegal and can cause data corruption with TTM pages because
only some of them are actually reference counted.
After some other offlist discussions, I also would like to understand
what you mean by corruption.
First, is it a _host_ corruption or a guest corruption/crash? A guest
crash would be KVM doing exactly what it's meant to do: it detects the
non-reserved, non-refcounted page and refuses to map it into the guest.
On the other hand, if it is a host crash, my understanding is that an
order>0 allocation leaves the tail pages with a zero reference count
(and without a compound_head if, as in this case, __GFP_COMP is unset).
If that's correct, more analysis is needed to understand why
get_page_unless_zero() isn't rejecting the tail pages.
Paolo
Mark all pages allocated by TTM as reserved, this way KVM handles the
PFNs like they would point to MMIO space.
This still results in a warning, but at least no other problem.
What warning is it?
Paolo
Signed-off-by: Christian König<christian.koenig@xxxxxxx>
