On 16/04/20 17:59, Peter Xu wrote:
> The index returned by kvm_async_pf_gfn_slot() will be removed when an
> async pf gfn is going to be removed. However kvm_async_pf_gfn_slot()
> is not reliable in that it can return the last key it loops over even
> if the gfn is not found in the async gfn array. It should never
> happen, but it's still better to sanity check against that to make
> sure no unexpected gfn will be removed.
>
> Signed-off-by: Peter Xu <peterx@xxxxxxxxxx>
> ---
> arch/x86/kvm/x86.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index fc74dafa72ff..f1c6e604dd12 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -10308,6 +10308,10 @@ static void kvm_del_async_pf_gfn(struct kvm_vcpu *vcpu, gfn_t gfn)
> u32 i, j, k;
>
> i = j = kvm_async_pf_gfn_slot(vcpu, gfn);
> +
> + if (WARN_ON_ONCE(vcpu->arch.apf.gfns[i] != gfn))
> + return;
> +
> while (true) {
> vcpu->arch.apf.gfns[i] = ~0;
> do {
>
Queued, thanks.
Paolo
