On Mon, Sep 20, 2021, Maciej S. Szmigiero wrote:
> From: "Maciej S. Szmigiero" <maciej.szmigiero@xxxxxxxxxx>
>
> This allows us to return a proper error code in case we spot an underflow.
>
> Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@xxxxxxxxxx>
> ---
> arch/x86/kvm/x86.c | 49 ++++++++++++++++++++++++++--------------------
> 1 file changed, 28 insertions(+), 21 deletions(-)
>
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 97d86223427d..0fffb8414009 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -11511,9 +11511,23 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm,
> const struct kvm_userspace_memory_region *mem,
> enum kvm_mr_change change)
> {
> - if (change == KVM_MR_CREATE || change == KVM_MR_MOVE)
> - return kvm_alloc_memslot_metadata(kvm, new,
> - mem->memory_size >> PAGE_SHIFT);
> + if (change == KVM_MR_CREATE || change == KVM_MR_MOVE) {
> + int ret;
> +
> + ret = kvm_alloc_memslot_metadata(kvm, new,
> + mem->memory_size >> PAGE_SHIFT);
> + if (ret)
> + return ret;
> +
> + if (change == KVM_MR_CREATE)
> + kvm->arch.n_memslots_pages += new->npages;
> + } else if (change == KVM_MR_DELETE) {
> + if (WARN_ON(kvm->arch.n_memslots_pages < old->npages))
> + return -EIO;
This is not worth the churn. In a way, it's worse because userspace can spam
the living snot out of the kernel log by retrying the ioctl().
Since underflow can happen if and only if there's a KVM bug, and a pretty bad one
at that, just make the original WARN_ON a KVM_BUG_ON. That will kill the VM and
also provide the WARN_ON_ONCE behavior that we probably want.
> +
> + kvm->arch.n_memslots_pages -= old->npages;
> + }
> +
> return 0;
> }
>
