Hi Peter, On Wednesday 22 Jun 2022 at 19:19:24 (-0700), Peter Collingbourne wrote: > @@ -677,9 +678,9 @@ static bool stage2_pte_is_counted(kvm_pte_t pte) > /* > * The refcount tracks valid entries as well as invalid entries if they > * encode ownership of a page to another entity than the page-table > - * owner, whose id is 0. > + * owner, whose id is 0, or NOBODY, which does not correspond to a page-table. > */ > - return !!pte; > + return !!pte && pte != kvm_init_invalid_leaf_owner(PKVM_ID_NOBODY); > } I'm not sure to understand this part? By not refcounting the PTEs that are annotated with PKVM_ID_NOBODY, the page-table page that contains them may be freed at some point. And when that happens, I don't see how the hypervisor will remember to block host accesses to the disowned pages. Cheers, Quentin
