From: Michael Roth <mdroth@linux.vnet.ibm.com>
To: qemu-devel@nongnu.org
Cc: "Michael S . Tsirkin" <mst@redhat.com>,
qemu-stable@nongnu.org, David Hildenbrand <david@redhat.com>
Subject: [PATCH 52/97] virtio-balloon: Use temporary PBP only
Date: Tue, 1 Oct 2019 18:45:31 -0500 [thread overview]
Message-ID: <20191001234616.7825-53-mdroth@linux.vnet.ibm.com> (raw)
In-Reply-To: <20191001234616.7825-1-mdroth@linux.vnet.ibm.com>
From: David Hildenbrand <david@redhat.com>
We still have multiple issues in the current code
- The PBP is not freed during unrealize()
- The PBP is not reset on device resets: After a reset, the PBP is stale.
- We are not indicating VIRTIO_BALLOON_F_MUST_TELL_HOST, therefore
guests (esp. legacy guests) will reuse pages without deflating,
turning the PBP stale. Adding that would require compat handling.
Instead, let's use the PBP only temporarily, when processing one bulk of
inflation requests. This will keep guest_page_size > 4k working (with
Linux guests). There is nothing to do for deflation requests anymore.
The pbp is only used for a limited amount of time.
Fixes: ed48c59875b6 ("virtio-balloon: Safely handle BALLOON_PAGE_SIZE < host page size")
Cc: qemu-stable@nongnu.org #v4.0.0
Suggested-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190722134108.22151-7-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
(cherry picked from commit a8cd64d488325f3be5c4ddec4bf07efb3b8c7330)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
---
hw/virtio/virtio-balloon.c | 21 +++++++++------------
include/hw/virtio/virtio-balloon.h | 3 ---
2 files changed, 9 insertions(+), 15 deletions(-)
diff --git a/hw/virtio/virtio-balloon.c b/hw/virtio/virtio-balloon.c
index 49999d0bbe..bd54e302de 100644
--- a/hw/virtio/virtio-balloon.c
+++ b/hw/virtio/virtio-balloon.c
@@ -34,11 +34,11 @@
#define BALLOON_PAGE_SIZE (1 << VIRTIO_BALLOON_PFN_SHIFT)
-struct PartiallyBalloonedPage {
+typedef struct PartiallyBalloonedPage {
ram_addr_t base_gpa;
long subpages;
unsigned long *bitmap;
-};
+} PartiallyBalloonedPage;
static void virtio_balloon_pbp_free(PartiallyBalloonedPage *pbp)
{
@@ -68,11 +68,11 @@ static bool virtio_balloon_pbp_matches(PartiallyBalloonedPage *pbp,
}
static void balloon_inflate_page(VirtIOBalloon *balloon,
- MemoryRegion *mr, hwaddr mr_offset)
+ MemoryRegion *mr, hwaddr mr_offset,
+ PartiallyBalloonedPage **pbp)
{
void *addr = memory_region_get_ram_ptr(mr) + mr_offset;
ram_addr_t rb_offset, rb_aligned_offset, base_gpa;
- PartiallyBalloonedPage **pbp = &balloon->pbp;
RAMBlock *rb;
size_t rb_page_size;
int subpages;
@@ -149,12 +149,6 @@ static void balloon_deflate_page(VirtIOBalloon *balloon,
rb = qemu_ram_block_from_host(addr, false, &rb_offset);
rb_page_size = qemu_ram_pagesize(rb);
- if (balloon->pbp) {
- /* Let's play safe and always reset the pbp on deflation requests. */
- virtio_balloon_pbp_free(balloon->pbp);
- balloon->pbp = NULL;
- }
-
host_addr = (void *)((uintptr_t)addr & ~(rb_page_size - 1));
/* When a page is deflated, we hint the whole host page it lives
@@ -336,6 +330,7 @@ static void balloon_stats_set_poll_interval(Object *obj, Visitor *v,
static void virtio_balloon_handle_output(VirtIODevice *vdev, VirtQueue *vq)
{
VirtIOBalloon *s = VIRTIO_BALLOON(vdev);
+ PartiallyBalloonedPage *pbp = NULL;
VirtQueueElement *elem;
MemoryRegionSection section;
@@ -344,7 +339,7 @@ static void virtio_balloon_handle_output(VirtIODevice *vdev, VirtQueue *vq)
uint32_t pfn;
elem = virtqueue_pop(vq, sizeof(VirtQueueElement));
if (!elem) {
- return;
+ break;
}
while (iov_to_buf(elem->out_sg, elem->out_num, offset, &pfn, 4) == 4) {
@@ -373,7 +368,7 @@ static void virtio_balloon_handle_output(VirtIODevice *vdev, VirtQueue *vq)
if (!qemu_balloon_is_inhibited()) {
if (vq == s->ivq) {
balloon_inflate_page(s, section.mr,
- section.offset_within_region);
+ section.offset_within_region, &pbp);
} else if (vq == s->dvq) {
balloon_deflate_page(s, section.mr, section.offset_within_region);
} else {
@@ -387,6 +382,8 @@ static void virtio_balloon_handle_output(VirtIODevice *vdev, VirtQueue *vq)
virtio_notify(vdev, vq);
g_free(elem);
}
+
+ virtio_balloon_pbp_free(pbp);
}
static void virtio_balloon_receive_stats(VirtIODevice *vdev, VirtQueue *vq)
diff --git a/include/hw/virtio/virtio-balloon.h b/include/hw/virtio/virtio-balloon.h
index 5a99293a45..d1c968d237 100644
--- a/include/hw/virtio/virtio-balloon.h
+++ b/include/hw/virtio/virtio-balloon.h
@@ -33,8 +33,6 @@ typedef struct virtio_balloon_stat_modern {
uint64_t val;
} VirtIOBalloonStatModern;
-typedef struct PartiallyBalloonedPage PartiallyBalloonedPage;
-
enum virtio_balloon_free_page_report_status {
FREE_PAGE_REPORT_S_STOP = 0,
FREE_PAGE_REPORT_S_REQUESTED = 1,
@@ -70,7 +68,6 @@ typedef struct VirtIOBalloon {
int64_t stats_last_update;
int64_t stats_poll_interval;
uint32_t host_features;
- PartiallyBalloonedPage *pbp;
bool qemu_4_0_config_size;
} VirtIOBalloon;
--
2.17.1
next prev parent reply other threads:[~2019-10-02 0:46 UTC|newest]
Thread overview: 107+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-01 23:44 [PATCH 00/97] Patch Round-up for stable 4.0.1, freeze on 2019-10-10 Michael Roth
2019-10-01 23:44 ` [PATCH 01/97] qcow2: Avoid COW during metadata preallocation Michael Roth
2019-10-01 23:44 ` [PATCH 02/97] qcow2: Add errp to preallocate_co() Michael Roth
2019-10-01 23:44 ` [PATCH 03/97] qcow2: Fix full preallocation with external data file Michael Roth
2019-10-01 23:44 ` [PATCH 04/97] megasas: fix mapped frame size Michael Roth
2019-10-01 23:44 ` [PATCH 05/97] qcow2: Fix qcow2_make_empty() with external data file Michael Roth
2019-10-01 23:44 ` [PATCH 06/97] block: Fix AioContext switch for bs->drv == NULL Michael Roth
2019-10-01 23:44 ` [PATCH 07/97] cutils: Fix size_to_str() on 32-bit platforms Michael Roth
2019-10-01 23:44 ` [PATCH 08/97] Makefile: add nit-picky mode to sphinx-build Michael Roth
2019-10-01 23:44 ` [PATCH 09/97] docs/interop/bitmaps: rewrite and modernize doc Michael Roth
2019-10-01 23:44 ` [PATCH 10/97] spapr/xive: fix EQ page addresses above 64GB Michael Roth
2019-10-01 23:44 ` [PATCH 11/97] kbd-state: fix autorepeat handling Michael Roth
2019-10-01 23:44 ` [PATCH 12/97] usb-tablet: fix serial compat property Michael Roth
2019-10-01 23:44 ` [PATCH 13/97] block/file-posix: Unaligned O_DIRECT block-status Michael Roth
2019-10-01 23:44 ` [PATCH 14/97] iotests: Test unaligned raw images with O_DIRECT Michael Roth
2019-10-01 23:44 ` [PATCH 15/97] s390x/cpumodel: ignore csske for expansion Michael Roth
2019-10-01 23:44 ` [PATCH 16/97] blockdev-backup: don't check aio_context too early Michael Roth
2019-10-01 23:44 ` [PATCH 17/97] block: Drain source node in bdrv_replace_node() Michael Roth
2019-10-01 23:44 ` [PATCH 18/97] iotests: Test commit job start with concurrent I/O Michael Roth
2019-10-01 23:44 ` [PATCH 19/97] iotests.py: do not use infinite waits Michael Roth
2019-10-01 23:44 ` [PATCH 20/97] QEMUMachine: add events_wait method Michael Roth
2019-10-01 23:45 ` [PATCH 21/97] iotests.py: Fix VM.run_job Michael Roth
2019-10-01 23:45 ` [PATCH 22/97] iotests.py: rewrite run_job to be pickier Michael Roth
2019-10-01 23:45 ` [PATCH 23/97] iotests: add iotest 256 for testing blockdev-backup across iothread contexts Michael Roth
2019-10-01 23:45 ` [PATCH 24/97] migration/dirty-bitmaps: change bitmap enumeration method Michael Roth
2019-10-01 23:45 ` [PATCH 25/97] vhost: fix vhost_log size overflow during migration Michael Roth
2019-10-01 23:45 ` [PATCH 26/97] target/ppc: Fix xvabs[sd]p, xvnabs[sd]p, xvneg[sd]p, xvcpsgn[sd]p Michael Roth
2019-10-01 23:45 ` [PATCH 27/97] target/ppc: Fix xvxsigdp Michael Roth
2019-10-01 23:45 ` [PATCH 28/97] target/ppc: Fix xxbrq, xxbrw Michael Roth
2019-10-01 23:45 ` [PATCH 29/97] target/ppc: Fix vsum2sws Michael Roth
2019-10-01 23:45 ` [PATCH 30/97] target/ppc: Fix lxvw4x, lxvh8x and lxvb16x Michael Roth
2019-10-01 23:45 ` [PATCH 31/97] q35: Revert to kernel irqchip Michael Roth
2019-10-01 23:45 ` [PATCH 32/97] vl: Fix -drive / -blockdev persistent reservation management Michael Roth
2019-10-01 23:45 ` [PATCH 33/97] target/i386: add MDS-NO feature Michael Roth
2019-10-01 23:45 ` [PATCH 34/97] target/i386: define md-clear bit Michael Roth
2019-10-01 23:45 ` [PATCH 35/97] docs: recommend use of md-clear feature on all Intel CPUs Michael Roth
2019-10-01 23:45 ` [PATCH 36/97] virtio-pci: fix missing device properties Michael Roth
2019-10-01 23:45 ` [PATCH 37/97] usbredir: fix buffer-overflow on vmload Michael Roth
2019-10-01 23:45 ` [PATCH 38/97] virtio-balloon: fix QEMU 4.0 config size migration incompatibility Michael Roth
2019-10-01 23:45 ` [PATCH 39/97] docs/interop/bitmaps.rst: Fix typos Michael Roth
2019-10-01 23:45 ` [PATCH 40/97] sphinx: add qmp_lexer Michael Roth
2019-10-01 23:45 ` [PATCH 41/97] docs/bitmaps: use QMP lexer instead of json Michael Roth
2019-10-01 23:45 ` [PATCH 42/97] hw/ssi/xilinx_spips: Convert lqspi_read() to read_with_attrs Michael Roth
2019-10-01 23:45 ` [PATCH 43/97] hw/ssi/xilinx_spips: Avoid AXI writes to the LQSPI linear memory Michael Roth
2019-10-01 23:45 ` [PATCH 44/97] hw/ssi/xilinx_spips: Avoid out-of-bound access to lqspi_buf[] Michael Roth
2019-10-01 23:45 ` [PATCH 45/97] ioapic: kvm: Skip route updates for masked pins Michael Roth
2019-10-01 23:45 ` [PATCH 46/97] i386/acpi: show PCI Express bus on pxb-pcie expanders Michael Roth
2019-10-01 23:45 ` [PATCH 47/97] virtio-balloon: Fix wrong sign extension of PFNs Michael Roth
2019-10-01 23:45 ` [PATCH 48/97] virtio-balloon: Fix QEMU crashes on pagesize > BALLOON_PAGE_SIZE Michael Roth
2019-10-01 23:45 ` [PATCH 49/97] virtio-balloon: Simplify deflate with pbp Michael Roth
2019-10-01 23:45 ` [PATCH 50/97] virtio-balloon: Better names for offset variables in inflate/deflate code Michael Roth
2019-10-01 23:45 ` [PATCH 51/97] virtio-balloon: Rework pbp tracking data Michael Roth
2019-10-01 23:45 ` Michael Roth [this message]
2019-10-01 23:45 ` [PATCH 53/97] virtio-balloon: don't track subpages for the PBP Michael Roth
2019-10-01 23:45 ` [PATCH 54/97] virtio-balloon: free pbp more aggressively Michael Roth
2019-10-01 23:45 ` [PATCH 55/97] i386/acpi: fix gint overflow in crs_range_compare Michael Roth
2019-10-01 23:45 ` [PATCH 56/97] tpm: Exit in reset when backend indicates failure Michael Roth
2019-10-01 23:45 ` [PATCH 57/97] tpm_emulator: Translate TPM error codes to strings Michael Roth
2019-10-01 23:45 ` [PATCH 58/97] block/backup: simplify backup_incremental_init_copy_bitmap Michael Roth
2019-10-01 23:45 ` [PATCH 59/97] block/backup: move to copy_bitmap with granularity Michael Roth
2019-10-01 23:45 ` [PATCH 60/97] block/backup: refactor and tolerate unallocated cluster skipping Michael Roth
2019-10-01 23:45 ` [PATCH 61/97] block/backup: unify different modes code path Michael Roth
2019-10-01 23:45 ` [PATCH 62/97] block/backup: refactor: split out backup_calculate_cluster_size Michael Roth
2019-10-01 23:45 ` [PATCH 63/97] backup: Copy only dirty areas Michael Roth
2019-10-01 23:45 ` [PATCH 64/97] iotests: Test backup job with two guest writes Michael Roth
2019-10-01 23:45 ` [PATCH 65/97] util/hbitmap: update orig_size on truncate Michael Roth
2019-10-01 23:45 ` [PATCH 66/97] iotests: Test incremental backup after truncation Michael Roth
2019-10-01 23:45 ` [PATCH 67/97] mirror: Only mirror granularity-aligned chunks Michael Roth
2019-10-01 23:45 ` [PATCH 68/97] iotests: Test unaligned blocking mirror write Michael Roth
2019-10-01 23:45 ` [PATCH 69/97] block/backup: disable copy_range for compressed backup Michael Roth
2019-10-01 23:45 ` [PATCH 70/97] Revert "ide/ahci: Check for -ECANCELED in aio callbacks" Michael Roth
2019-10-01 23:45 ` [PATCH 71/97] qcow2: Fix the calculation of the maximum L2 cache size Michael Roth
2019-10-01 23:45 ` [PATCH 72/97] dma-helpers: ensure AIO callback is invoked after cancellation Michael Roth
2019-10-01 23:45 ` [PATCH 73/97] target/arm: Don't abort on M-profile exception return in linux-user mode Michael Roth
2019-10-01 23:45 ` [PATCH 74/97] xen-bus: Fix backend state transition on device reset Michael Roth
2019-10-01 23:45 ` [PATCH 75/97] pr-manager: Fix invalid g_free() crash bug Michael Roth
2019-10-01 23:45 ` [PATCH 76/97] iotests: add testing shim for script-style python tests Michael Roth
2019-10-01 23:45 ` [PATCH 77/97] vpc: Return 0 from vpc_co_create() on success Michael Roth
2019-10-01 23:45 ` [PATCH 78/97] iotests: Add supported protocols to execute_test() Michael Roth
2019-10-01 23:45 ` [PATCH 79/97] iotests: Restrict file Python tests to file Michael Roth
2019-10-01 23:45 ` [PATCH 80/97] iotests: Restrict nbd Python tests to nbd Michael Roth
2019-10-01 23:46 ` [PATCH 81/97] iotests: Test blockdev-create for vpc Michael Roth
2019-10-01 23:46 ` [PATCH 82/97] libvhost-user: fix SLAVE_SEND_FD handling Michael Roth
2019-10-01 23:46 ` [PATCH 83/97] block/create: Do not abort if a block driver is not available Michael Roth
2019-10-01 23:46 ` [PATCH 84/97] block/nfs: tear down aio before nfs_close Michael Roth
2019-10-01 23:46 ` [PATCH 85/97] blockjob: update nodes head while removing all bdrv Michael Roth
2019-10-01 23:46 ` [PATCH 86/97] curl: Keep pointer to the CURLState in CURLSocket Michael Roth
2019-10-01 23:46 ` [PATCH 87/97] curl: Keep *socket until the end of curl_sock_cb() Michael Roth
2019-10-01 23:46 ` [PATCH 88/97] curl: Check completion in curl_multi_do() Michael Roth
2019-10-01 23:46 ` [PATCH 89/97] curl: Pass CURLSocket to curl_multi_do() Michael Roth
2019-10-01 23:46 ` [PATCH 90/97] curl: Report only ready sockets Michael Roth
2019-10-01 23:46 ` [PATCH 91/97] curl: Handle success in multi_check_completion Michael Roth
2019-10-01 23:46 ` [PATCH 92/97] curl: Check curl_multi_add_handle()'s return code Michael Roth
2019-10-01 23:46 ` [PATCH 93/97] slirp: Fix heap overflow in ip_reass on big packet input Michael Roth
2019-10-01 23:46 ` [PATCH 94/97] slirp: ip_reass: Fix use after free Michael Roth
2019-10-01 23:46 ` [PATCH 95/97] s390: PCI: fix IOMMU region init Michael Roth
2019-10-01 23:46 ` [PATCH 96/97] hw/core/loader: Fix possible crash in rom_copy() Michael Roth
2019-10-01 23:46 ` [PATCH 97/97] scsi: lsi: exit infinite loop while executing script (CVE-2019-12068) Michael Roth
2019-10-02 4:40 ` [PATCH 00/97] Patch Round-up for stable 4.0.1, freeze on 2019-10-10 Thomas Huth
2019-10-03 18:56 ` Michael Roth
2019-10-03 22:43 ` Philippe Mathieu-Daudé
2019-10-07 15:57 ` Alexandr Iarygin
2019-10-08 13:04 ` Philippe Mathieu-Daudé
2019-10-09 14:17 ` Michael Roth
2019-10-09 14:23 ` Philippe Mathieu-Daudé
2019-10-17 22:19 ` Michael Roth
2019-10-11 9:51 ` Anthony PERARD
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191001234616.7825-53-mdroth@linux.vnet.ibm.com \
--to=mdroth@linux.vnet.ibm.com \
--cc=david@redhat.com \
--cc=mst@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-stable@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.