On Tue, Aug 14, 2012 at 06:34:13PM -0300, Rafael Aquini wrote:

On Tue, Aug 14, 2012 at 11:49:06PM +0300, Michael S. Tsirkin wrote:

quoted

On Tue, Aug 14, 2012 at 05:29:50PM -0300, Rafael Aquini wrote:

quoted

On Tue, Aug 14, 2012 at 11:24:01PM +0300, Michael S. Tsirkin wrote:

quoted

On Tue, Aug 14, 2012 at 05:08:31PM -0300, Rafael Aquini wrote:

quoted

On Tue, Aug 14, 2012 at 10:59:16PM +0300, Michael S. Tsirkin wrote:

quoted

quoted

quoted

quoted

What if there is more than one balloon device?

Is it possible to load this driver twice, or are you foreseeing a future case
where this driver will be able to manage several distinct memory balloons for
the same guest?

Second.
It is easy to create several balloons they are just
pci devices.

 


and it might not be too important to make it work but
at least would be nice not to have a crash in this
setup.

Fair enough. For now, as I believe it's safe to assume we are only inflating one
balloon per guest, I'd like to propose this as a future enhancement. Sounds
good?
 

Since guest crashes when it's not the case, no it doesn't, sorry :(.

Ok, but right now this driver only takes care of 1 balloon per guest,

It does? Are you sure? There is no global state as far as I can see. So
I can create 2 devices and driver will happily create two instances,
each one can be inflated/deflated independently.

quoted

so how
could this approach crash it? 

Add device. inflate. Add another device. inflate. deflate. unplug.
Now you have pointer to freed memory and when mm touches
page from first device, you ge use after free.

quoted

Your point is a good thing to be on a to-do list for future enhancements, but
it's not a dealbreaker for the present balloon driver implementation, IMHO.

Yes it looks like a dealbreaker to me.

Sorry. You're right, I'm wrong.

I'll get back to the scracthpad to overcome this constraint. I believe the way
this patch was at its v4 revision (wrt this particular case) could possibly
address this concern of yours.

Almost. We still have a global balloon_mapping. The only reason for
it to exist seems solely to detect balloon mappings, so it
can just be replaced by a flag in the mapping, or in mapping
ops, or elsewhere. Also, please add APIs to mm so we can
avoid doing internal mm stuff like

INIT_RADIX_TREE(&balloon_mapping->page_tree, GFP_ATOMIC | __GFP_NOWARN);

in the driver. It should be
alloc_address_mapping(&virtio_balloon_aops);
free_address_mapping

Make page->mapping use rcu, and sync rcu in
free_address_mapping.

-- 
MST

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>