On Fri, Dec 02, 2022 at 12:08:46PM +0900, Kazuki Takiguchi wrote: > commit 47b0c2e4c220f2251fd8dcfbb44479819c715e15 upstream. > > make_mmu_pages_available() must be called with mmu_lock held for write. > However, if the TDP MMU is used, it will be called with mmu_lock held for > read. > This function does nothing unless shadow pages are used, so there is no > race unless nested TDP is used. > Since nested TDP uses shadow pages, old shadow pages may be zapped by this > function even when the TDP MMU is enabled. > Since shadow pages are never allocated by kvm_tdp_mmu_map(), a race > condition can be avoided by not calling make_mmu_pages_available() if the > TDP MMU is currently in use. > > I encountered this when repeatedly starting and stopping nested VM. > It can be artificially caused by allocating a large number of nested TDP > SPTEs. Now queued up, thanks. greg k-h
