• Sean Christopherson's avatar
    KVM: Terminate memslot walks via used_slots · 0577d1ab
    Sean Christopherson authored
    Refactor memslot handling to treat the number of used slots as the de
    facto size of the memslot array, e.g. return NULL from id_to_memslot()
    when an invalid index is provided instead of relying on npages==0 to
    detect an invalid memslot.  Rework the sorting and walking of memslots
    in advance of dynamically sizing memslots to aid bisection and debug,
    e.g. with luck, a bug in the refactoring will bisect here and/or hit a
    WARN instead of randomly corrupting memory.
    
    Alternatively, a global null/invalid memslot could be returned, i.e. so
    callers of id_to_memslot() don't have to explicitly check for a NULL
    memslot, but that approach runs the risk of introducing difficult-to-
    debug issues, e.g. if the global null slot is modified.  Constifying
    the return from id_to_memslot() to combat such issues is possible, but
    would require a massive refactoring of arch specific code and would
    still be susceptible to casting shenanigans.
    
    Add function comments to update_memslots() and search_memslots() to
    explicitly (and loudly) state how memslots are sorted.
    
    Opportunistically stuff @hva with a non-canonical value when deleting a
    private memslot on x86 to detect bogus usage of the freed slot.
    
    No functional change intended.
    Tested-by: default avatarChristoffer Dall <christoffer.dall@arm.com>
    Tested-by: default avatarMarc Zyngier <maz@kernel.org>
    Signed-off-by: default avatarSean Christopherson <sean.j.christopherson@intel.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    0577d1ab
kvm_main.c 116 KB