Re: R/W HG memory mappings with kvm?

[Avi Kivity <avi@redhat.com>]

On 08/13/2009 07:07 AM, Stephen Donnelly wrote:
>>> A less intrusive, but uglier, alternative is to call
>>> qemu_ram_alloc() and them mmap(MAP_FIXED) on top of that.
>>>        
>> I did try this, but ended up with a BUG on the host in
>> /var/lib/dkms/kvm/84/build/x86/kvm_main.c:1266 gfn_to_pfn() on the
>> line "BUG_ON(!kvm_is_mmio_pfn(pfn));" when the guest accesses the bar.
>>      
> It looks to me from the call trace like the guest is writing to the
> memory, gfn_to_pfn() from mmu_guess_page_from_pte_write() gets
> confused because of the mapping.
>
> Inside gfn_to_pfn:
>
> addr = gfn_to_hva(kvm, gfn); correctly returns the host virtual
> address of the external memory mapping.
>
> npages = get_user_pages_fast(addr, 1, 1, page); returns -EFAULT,
> presumably because (vma->vm_flags&  (VM_IO | VM_PFNMAP)).
>
> It takes then unlikely branch, and checks the vma, but I don't
> understand what it is doing here: pfn = ((addr - vma->vm_start)>>
> PAGE_SHIFT) + vma->vm_pgoff;
>    

It's calculating the pfn according to pfnmap rules.

> In my case addr == vma->vm_start, and vma->vm_pgoff == 0, so pfn ==0.
>    

How did you set up that vma?  It should point to the first pfn of your 
special memory area.

> BUG_ON(!kvm_is_mmio_pfn(pfn)) then triggers.
>    

That's correct behaviour.  We expect a page that is not controlled by 
the kernel here.

> Instrumenting inside gfn_to_pfn I see:
> gfn_to_pfn: gfn f2010 gpte f2010000 hva 7f3eac2b0000 pfn 0 npages -14
> gfn_to_pfn: vma ffff88022142af18 start 7f3eac2b0000 pgoff 0
>
> Any suggestions what should be happening here?
>    

Well, we need to understand how that vma came into being and why pgoff == 0.

-- 
error compiling committee.c: too many arguments to function