diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2014-12-28 16:08:08 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-12-28 16:08:08 -0500 |
| commit | 2ea1e35ab1f7adbae1bae2295529991d95c7f349 (patch) | |
| tree | 480f4f8f282d9474924e4af410e172e7628e4e50 /virt/kvm | |
| parent | 9a6b871d988cac4093a7be99de3cae000abda88b (diff) | |
| parent | dbaff30940d6ef9bfa5f1f0c819cf3344ed3129f (diff) | |
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull KVM fixes from Paolo Bonzini:
"The important fixes are for two bugs introduced by the merge window.
On top of this, add a couple of WARN_ONs and stop spamming dmesg on
pretty much every boot of a virtual machine"
* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
kvm: warn on more invariant breakage
kvm: fix sorting of memslots with base_gfn == 0
kvm: x86: drop severity of "generation wraparound" message
kvm: x86: vmx: reorder some msr writing
Diffstat (limited to 'virt/kvm')
| -rw-r--r-- | virt/kvm/kvm_main.c | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index f5283438ee05..1cc6e2e19982 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c | |||
| @@ -671,6 +671,7 @@ static void update_memslots(struct kvm_memslots *slots, | |||
| 671 | 671 | ||
| 672 | WARN_ON(mslots[i].id != id); | 672 | WARN_ON(mslots[i].id != id); |
| 673 | if (!new->npages) { | 673 | if (!new->npages) { |
| 674 | WARN_ON(!mslots[i].npages); | ||
| 674 | new->base_gfn = 0; | 675 | new->base_gfn = 0; |
| 675 | if (mslots[i].npages) | 676 | if (mslots[i].npages) |
| 676 | slots->used_slots--; | 677 | slots->used_slots--; |
| @@ -687,12 +688,25 @@ static void update_memslots(struct kvm_memslots *slots, | |||
| 687 | slots->id_to_index[mslots[i].id] = i; | 688 | slots->id_to_index[mslots[i].id] = i; |
| 688 | i++; | 689 | i++; |
| 689 | } | 690 | } |
| 690 | while (i > 0 && | 691 | |
| 691 | new->base_gfn > mslots[i - 1].base_gfn) { | 692 | /* |
| 692 | mslots[i] = mslots[i - 1]; | 693 | * The ">=" is needed when creating a slot with base_gfn == 0, |
| 693 | slots->id_to_index[mslots[i].id] = i; | 694 | * so that it moves before all those with base_gfn == npages == 0. |
| 694 | i--; | 695 | * |
| 695 | } | 696 | * On the other hand, if new->npages is zero, the above loop has |
| 697 | * already left i pointing to the beginning of the empty part of | ||
| 698 | * mslots, and the ">=" would move the hole backwards in this | ||
| 699 | * case---which is wrong. So skip the loop when deleting a slot. | ||
| 700 | */ | ||
| 701 | if (new->npages) { | ||
| 702 | while (i > 0 && | ||
| 703 | new->base_gfn >= mslots[i - 1].base_gfn) { | ||
| 704 | mslots[i] = mslots[i - 1]; | ||
| 705 | slots->id_to_index[mslots[i].id] = i; | ||
| 706 | i--; | ||
| 707 | } | ||
| 708 | } else | ||
| 709 | WARN_ON_ONCE(i != slots->used_slots); | ||
| 696 | 710 | ||
| 697 | mslots[i] = *new; | 711 | mslots[i] = *new; |
| 698 | slots->id_to_index[mslots[i].id] = i; | 712 | slots->id_to_index[mslots[i].id] = i; |