1. 15 2月, 2009 5 次提交
    • S
      KVM: Fix racy in kvm_free_assigned_irq · ba4cef31
      Sheng Yang 提交于
      In the past, kvm_get_kvm() and kvm_put_kvm() was called in assigned device irq
      handler and interrupt_work, in order to prevent cancel_work_sync() in
      kvm_free_assigned_irq got a illegal state when waiting for interrupt_work done.
      But it's tricky and still got two problems:
      
      1. A bug ignored two conditions that cancel_work_sync() would return true result
      in a additional kvm_put_kvm().
      
      2. If interrupt type is MSI, we would got a window between cancel_work_sync()
      and free_irq(), which interrupt would be injected again...
      
      This patch discard the reference count used for irq handler and interrupt_work,
      and ensure the legal state by moving the free function at the very beginning of
      kvm_destroy_vm(). And the patch fix the second bug by disable irq before
      cancel_work_sync(), which may result in nested disable of irq but OK for we are
      going to free it.
      Signed-off-by: NSheng Yang <sheng@linux.intel.com>
      Signed-off-by: NAvi Kivity <avi@redhat.com>
      ba4cef31
    • S
      KVM: Add kvm_arch_sync_events to sync with asynchronize events · ad8ba2cd
      Sheng Yang 提交于
      kvm_arch_sync_events is introduced to quiet down all other events may happen
      contemporary with VM destroy process, like IRQ handler and work struct for
      assigned device.
      
      For kvm_arch_sync_events is called at the very beginning of kvm_destroy_vm(), so
      the state of KVM here is legal and can provide a environment to quiet down other
      events.
      Signed-off-by: NSheng Yang <sheng@linux.intel.com>
      Signed-off-by: NAvi Kivity <avi@redhat.com>
      ad8ba2cd
    • M
      KVM: mmu_notifiers release method · 85db06e5
      Marcelo Tosatti 提交于
      The destructor for huge pages uses the backing inode for adjusting
      hugetlbfs accounting.
      
      Hugepage mappings are destroyed by exit_mmap, after
      mmu_notifier_release, so there are no notifications through
      unmap_hugepage_range at this point.
      
      The hugetlbfs inode can be freed with pages backed by it referenced
      by the shadow. When the shadow releases its reference, the huge page
      destructor will access a now freed inode.
      
      Implement the release operation for kvm mmu notifiers to release page
      refs before the hugetlbfs inode is gone.
      Signed-off-by: NMarcelo Tosatti <mtosatti@redhat.com>
      Signed-off-by: NAvi Kivity <avi@redhat.com>
      85db06e5
    • A
      KVM: Avoid using CONFIG_ in userspace visible headers · 7a0eb196
      Avi Kivity 提交于
      Kconfig symbols are not available in userspace, and are not stripped by
      headers-install.  Avoid their use by adding #defines in <asm/kvm.h> to
      suit each architecture.
      Signed-off-by: NAvi Kivity <avi@redhat.com>
      7a0eb196
    • Y
      KVM: ia64: fix fp fault/trap handler · d39123a4
      Yang Zhang 提交于
      The floating-point registers f6-f11 is used by vmm and
      saved in kvm-pt-regs, so should set the correct bit mask
      and the pointer in fp_state, otherwise, fpswa may touch
      vmm's fp registers instead of guests'.
      
      In addition, for fp trap handling,  since the instruction
      which leads to fp trap is completely executed, so can't
      use retry machanism to re-execute it, because it may
      pollute some registers.
      Signed-off-by: NYang Zhang <yang.zhang@intel.com>
      Signed-off-by: NAvi Kivity <avi@redhat.com>
      d39123a4
  2. 14 2月, 2009 3 次提交
  3. 13 2月, 2009 32 次提交