diff options
author | Avi Kivity <avi@redhat.com> | 2009-03-29 09:31:25 -0400 |
---|---|---|
committer | Avi Kivity <avi@redhat.com> | 2009-04-22 06:52:09 -0400 |
commit | 99894a799f09cf9e28296bb16e75bd5830fd2c4e (patch) | |
tree | 33fa687fa78b3c8b89d032ca11b89443296449a2 /virt/kvm | |
parent | 091069740304c979f957ceacec39c461d0192158 (diff) |
KVM: MMU: Fix off-by-one calculating large page count
The large page initialization code concludes there are two large pages spanned
by a slot covering 1 (small) page starting at gfn 1. This is incorrect, and
also results in incorrect write_count initialization in some cases (base = 1,
npages = 513 for example).
Cc: stable@kernel.org
Signed-off-by: Avi Kivity <avi@redhat.com>
Diffstat (limited to 'virt/kvm')
-rw-r--r-- | virt/kvm/kvm_main.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 605697e9c4dd..28d693a1ee8f 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c | |||
@@ -920,6 +920,7 @@ int __kvm_set_memory_region(struct kvm *kvm, | |||
920 | int r; | 920 | int r; |
921 | gfn_t base_gfn; | 921 | gfn_t base_gfn; |
922 | unsigned long npages; | 922 | unsigned long npages; |
923 | int largepages; | ||
923 | unsigned long i; | 924 | unsigned long i; |
924 | struct kvm_memory_slot *memslot; | 925 | struct kvm_memory_slot *memslot; |
925 | struct kvm_memory_slot old, new; | 926 | struct kvm_memory_slot old, new; |
@@ -995,11 +996,8 @@ int __kvm_set_memory_region(struct kvm *kvm, | |||
995 | new.userspace_addr = 0; | 996 | new.userspace_addr = 0; |
996 | } | 997 | } |
997 | if (npages && !new.lpage_info) { | 998 | if (npages && !new.lpage_info) { |
998 | int largepages = npages / KVM_PAGES_PER_HPAGE; | 999 | largepages = 1 + (base_gfn + npages - 1) / KVM_PAGES_PER_HPAGE; |
999 | if (npages % KVM_PAGES_PER_HPAGE) | 1000 | largepages -= base_gfn / KVM_PAGES_PER_HPAGE; |
1000 | largepages++; | ||
1001 | if (base_gfn % KVM_PAGES_PER_HPAGE) | ||
1002 | largepages++; | ||
1003 | 1001 | ||
1004 | new.lpage_info = vmalloc(largepages * sizeof(*new.lpage_info)); | 1002 | new.lpage_info = vmalloc(largepages * sizeof(*new.lpage_info)); |
1005 | 1003 | ||