From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Re: R/W HG memory mappings with kvm?
Date: Wed, 19 Aug 2009 15:14:10 +0300
Message-ID: <4A8BEC92.6070105@redhat.com>
References: <5f370d430907051541o752d3dbag80d5cb251e5e4d00@mail.gmail.com>	 <4A54225F.1050703@redhat.com> <4A551387.3000702@cs.ualberta.ca>	 <5f370d430907081501m60064c7dp23ebd4153c9050f1@mail.gmail.com>	 <C281D880-3FBE-4041-8F6D-006F1A8562D8@cs.ualberta.ca>	 <5f370d430907262256rd7f9fdalfbbec1f9492ce86@mail.gmail.com>	 <4A6DBE54.3080609@cs.ualberta.ca>	 <5f370d430907271432y5283c2cat7673efeed0febe20@mail.gmail.com>	 <4A6EBCB3.4080804@redhat.com>	 <5f370d430907281606j77f0c1a6j5feb081daca187ff@mail.gmail.com> <5f370d430908122107j15acd2c7i96d476e69032fadd@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Cam Macdonell <cam@cs.ualberta.ca>,
	"kvm@vger.kernel.org list" <kvm@vger.kernel.org>
To: Stephen Donnelly <sfdonnelly@gmail.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx2.redhat.com ([66.187.237.31]:54258 "EHLO mx2.redhat.com"
	rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP
	id S1751830AbZHSMOO (ORCPT <rfc822;kvm@vger.kernel.org>);
	Wed, 19 Aug 2009 08:14:14 -0400
In-Reply-To: <5f370d430908122107j15acd2c7i96d476e69032fadd@mail.gmail.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 08/13/2009 07:07 AM, Stephen Donnelly wrote:
>>> A less intrusive, but uglier, alternative is to call
>>> qemu_ram_alloc() and them mmap(MAP_FIXED) on top of that.
>>>        
>> I did try this, but ended up with a BUG on the host in
>> /var/lib/dkms/kvm/84/build/x86/kvm_main.c:1266 gfn_to_pfn() on the
>> line "BUG_ON(!kvm_is_mmio_pfn(pfn));" when the guest accesses the bar.
>>      
> It looks to me from the call trace like the guest is writing to the
> memory, gfn_to_pfn() from mmu_guess_page_from_pte_write() gets
> confused because of the mapping.
>
> Inside gfn_to_pfn:
>
> addr = gfn_to_hva(kvm, gfn); correctly returns the host virtual
> address of the external memory mapping.
>
> npages = get_user_pages_fast(addr, 1, 1, page); returns -EFAULT,
> presumably because (vma->vm_flags&  (VM_IO | VM_PFNMAP)).
>
> It takes then unlikely branch, and checks the vma, but I don't
> understand what it is doing here: pfn = ((addr - vma->vm_start)>>
> PAGE_SHIFT) + vma->vm_pgoff;
>    

It's calculating the pfn according to pfnmap rules.

> In my case addr == vma->vm_start, and vma->vm_pgoff == 0, so pfn ==0.
>    

How did you set up that vma?  It should point to the first pfn of your 
special memory area.

> BUG_ON(!kvm_is_mmio_pfn(pfn)) then triggers.
>    

That's correct behaviour.  We expect a page that is not controlled by 
the kernel here.

> Instrumenting inside gfn_to_pfn I see:
> gfn_to_pfn: gfn f2010 gpte f2010000 hva 7f3eac2b0000 pfn 0 npages -14
> gfn_to_pfn: vma ffff88022142af18 start 7f3eac2b0000 pgoff 0
>
> Any suggestions what should be happening here?
>    

Well, we need to understand how that vma came into being and why pgoff == 0.

-- 
error compiling committee.c: too many arguments to function