[PATCH v3 0/8] KVM: Fix mmu_notifier vs. pfncache vs. pfncache races
From: Sean Christopherson
Date: Fri Apr 29 2022 - 17:00:35 EST
Fix races between mmu_notifier invalidation and pfncache refresh, and
within the pfncache itself.
The first two patches are reverts of the patches sitting in kvm/queue,
trying to separate and fix the races independently is nigh impossible.
I assume/hope they can be ignored and the original patches dropped.
I've proven all the races, though I was never able to trigger an actual
error in the race with the mmu_notifier, just a WARN I added on the
hva=>pfn translation being invalid/not-present when accessing memory
via the khva. Hitting the race also required a series of handoffs in the
kernel between the two tasks, i.e. I can't provide any upstream-worthy
test :-(
v3:
- Split the refresh serialization to a separate patch.
- Use a mutex to serialize refrehses. [Lai Jiangshan]
- Add back Cc to stable@ (omitted in v2 because I was less confident
that backporting the mess would be a good idea].
v2:
- https://lore.kernel.org/all/20220427014004.1992589-1-seanjc@xxxxxxxxxx
- Map the pfn=>khva outside of gpc->lock. [Maxim]
- Fix a page leak.
- Fix more races.
v1:
https://lore.kernel.org/all/20220420004859.3298837-1-seanjc@xxxxxxxxxx
Sean Christopherson (8):
Revert "KVM: Do not speculatively mark pfn cache valid to "fix" race"
Revert "KVM: Fix race between mmu_notifier invalidation and pfncache
refresh"
KVM: Drop unused @gpa param from gfn=>pfn cache's __release_gpc()
helper
KVM: Put the extra pfn reference when reusing a pfn in the gpc cache
KVM: Do not incorporate page offset into gfn=>pfn cache user address
KVM: Fully serialize gfn=>pfn cache refresh via mutex
KVM: Fix multiple races in gfn=>pfn cache refresh
KVM: Do not pin pages tracked by gfn=>pfn caches
include/linux/kvm_types.h | 2 +
virt/kvm/pfncache.c | 180 +++++++++++++++++++++++---------------
2 files changed, 113 insertions(+), 69 deletions(-)
base-commit: 2a39d8b39bffdaf1a4223d0d22f07baee154c8f3
--
2.36.0.464.gb9c8b46e94-goog