Commit 291f26bc authored by Sheng Yang's avatar Sheng Yang Committed by Avi Kivity

KVM: MMU: Extend kvm_mmu_page->slot_bitmap size

Otherwise set_bit() for private memory slot(above KVM_MEMORY_SLOTS) would
corrupted memory in 32bit host.
Signed-off-by: default avatarSheng Yang <sheng@linux.intel.com>
Signed-off-by: default avatarAvi Kivity <avi@redhat.com>
parent d73fa29a
...@@ -192,9 +192,11 @@ struct kvm_mmu_page { ...@@ -192,9 +192,11 @@ struct kvm_mmu_page {
u64 *spt; u64 *spt;
/* hold the gfn of each spte inside spt */ /* hold the gfn of each spte inside spt */
gfn_t *gfns; gfn_t *gfns;
unsigned long slot_bitmap; /* One bit set per slot which has memory /*
* in this shadow page. * One bit set per slot which has memory
*/ * in this shadow page.
*/
DECLARE_BITMAP(slot_bitmap, KVM_MEMORY_SLOTS + KVM_PRIVATE_MEM_SLOTS);
int multimapped; /* More than one parent_pte? */ int multimapped; /* More than one parent_pte? */
int root_count; /* Currently serving as active root */ int root_count; /* Currently serving as active root */
bool unsync; bool unsync;
......
...@@ -789,7 +789,7 @@ static struct kvm_mmu_page *kvm_mmu_alloc_page(struct kvm_vcpu *vcpu, ...@@ -789,7 +789,7 @@ static struct kvm_mmu_page *kvm_mmu_alloc_page(struct kvm_vcpu *vcpu,
set_page_private(virt_to_page(sp->spt), (unsigned long)sp); set_page_private(virt_to_page(sp->spt), (unsigned long)sp);
list_add(&sp->link, &vcpu->kvm->arch.active_mmu_pages); list_add(&sp->link, &vcpu->kvm->arch.active_mmu_pages);
ASSERT(is_empty_shadow_page(sp->spt)); ASSERT(is_empty_shadow_page(sp->spt));
sp->slot_bitmap = 0; bitmap_zero(sp->slot_bitmap, KVM_MEMORY_SLOTS + KVM_PRIVATE_MEM_SLOTS);
sp->multimapped = 0; sp->multimapped = 0;
sp->parent_pte = parent_pte; sp->parent_pte = parent_pte;
--vcpu->kvm->arch.n_free_mmu_pages; --vcpu->kvm->arch.n_free_mmu_pages;
...@@ -1364,7 +1364,7 @@ static void page_header_update_slot(struct kvm *kvm, void *pte, gfn_t gfn) ...@@ -1364,7 +1364,7 @@ static void page_header_update_slot(struct kvm *kvm, void *pte, gfn_t gfn)
int slot = memslot_id(kvm, gfn_to_memslot(kvm, gfn)); int slot = memslot_id(kvm, gfn_to_memslot(kvm, gfn));
struct kvm_mmu_page *sp = page_header(__pa(pte)); struct kvm_mmu_page *sp = page_header(__pa(pte));
__set_bit(slot, &sp->slot_bitmap); __set_bit(slot, sp->slot_bitmap);
} }
static void mmu_convert_notrap(struct kvm_mmu_page *sp) static void mmu_convert_notrap(struct kvm_mmu_page *sp)
...@@ -2564,7 +2564,7 @@ void kvm_mmu_slot_remove_write_access(struct kvm *kvm, int slot) ...@@ -2564,7 +2564,7 @@ void kvm_mmu_slot_remove_write_access(struct kvm *kvm, int slot)
int i; int i;
u64 *pt; u64 *pt;
if (!test_bit(slot, &sp->slot_bitmap)) if (!test_bit(slot, sp->slot_bitmap))
continue; continue;
pt = sp->spt; pt = sp->spt;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment