1. 05 Nov, 2010 1 commit
    • Michael S. Tsirkin's avatar
      KVM: Write protect memory after slot swap · edde99ce
      Michael S. Tsirkin authored
      I have observed the following bug trigger:
      
      1. userspace calls GET_DIRTY_LOG
      2. kvm_mmu_slot_remove_write_access is called and makes a page ro
      3. page fault happens and makes the page writeable
         fault is logged in the bitmap appropriately
      4. kvm_vm_ioctl_get_dirty_log swaps slot pointers
      
      a lot of time passes
      
      5. guest writes into the page
      6. userspace calls GET_DIRTY_LOG
      
      At point (5), bitmap is clean and page is writeable,
      thus, guest modification of memory is not logged
      and GET_DIRTY_LOG returns an empty bitmap.
      
      The rule is that all pages are either dirty in the current bitmap,
      or write-protected, which is violated here.
      
      It seems that just moving kvm_mmu_slot_remove_write_access down
      to after the slot pointer swap should fix this bug.
      
      KVM-Stable-Tag.
      Signed-off-by: default avatarMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: default avatarAvi Kivity <avi@redhat.com>
      edde99ce
  2. 03 Nov, 2010 6 commits
  3. 02 Nov, 2010 7 commits
  4. 01 Nov, 2010 19 commits
  5. 31 Oct, 2010 7 commits