summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorPaul Mackerras <paulus@samba.org>2014-11-03 05:51:58 +0100
committerAlexander Graf <agraf@suse.de>2014-12-15 13:27:24 +0100
commitb4a839009a0842759c0405662637b8f1f35ff460 (patch)
treed6676e6de647c6edc3eb5846dce8128b2318bb31 /security
parentKVM: PPC: Book3S HV: Fix an issue where guest is paused on receiving HMI (diff)
downloadlinux-b4a839009a0842759c0405662637b8f1f35ff460.tar.xz
linux-b4a839009a0842759c0405662637b8f1f35ff460.zip
KVM: PPC: Book3S HV: Fix KSM memory corruption
Testing with KSM active in the host showed occasional corruption of guest memory. Typically a page that should have contained zeroes would contain values that look like the contents of a user process stack (values such as 0x0000_3fff_xxxx_xxx). Code inspection in kvmppc_h_protect revealed that there was a race condition with the possibility of granting write access to a page which is read-only in the host page tables. The code attempts to keep the host mapping read-only if the host userspace PTE is read-only, but if that PTE had been temporarily made invalid for any reason, the read-only check would not trigger and the host HPTE could end up read-write. Examination of the guest HPT in the failure situation revealed that there were indeed shared pages which should have been read-only that were mapped read-write. To close this race, we don't let a page go from being read-only to being read-write, as far as the real HPTE mapping the page is concerned (the guest view can go to read-write, but the actual mapping stays read-only). When the guest tries to write to the page, we take an HDSI and let kvmppc_book3s_hv_page_fault take care of providing a writable HPTE for the page. This eliminates the occasional corruption of shared pages that was previously seen with KSM active. Signed-off-by: Paul Mackerras <paulus@samba.org> Signed-off-by: Alexander Graf <agraf@suse.de>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions