On Tue, May 16, 2023, David Hildenbrand wrote:
> On 15.05.23 21:07, Sean Christopherson wrote:
> > On Sun, May 14, 2023, Lorenzo Stoakes wrote:
> > > diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> > > index cb5c13eee193..eaa5bb8dbadc 100644
> > > --- a/virt/kvm/kvm_main.c
> > > +++ b/virt/kvm/kvm_main.c
> > > @@ -2477,7 +2477,7 @@ static inline int check_user_page_hwpoison(unsigned long addr)
> > > {
> > > int rc, flags = FOLL_HWPOISON | FOLL_WRITE;
> > > - rc = get_user_pages(addr, 1, flags, NULL, NULL);
> > > + rc = get_user_pages(addr, 1, flags, NULL);
> > > return rc == -EHWPOISON;
> >
> > Unrelated to this patch, I think there's a pre-existing bug here. If gup() returns
> > a valid page, KVM will leak the refcount and unintentionally pin the page. That's
>
> When passing NULL as "pages" to get_user_pages(), __get_user_pages_locked()
> won't set FOLL_GET. As FOLL_PIN is also not set, we won't be messing with
> the mapcount of the page.
Ah, that's what I'm missing.
> So even if get_user_pages() returns "1", we should be fine.
>
>
> Or am I misunderstanding your concern?
Nope, you covered everything. I do think we can drop the extra gup() though,
AFAICT it's 100% redundant. But it's not a bug.
Thanks!
