From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754654AbbFSKoj (ORCPT <rfc822;w@1wt.eu>);
	Fri, 19 Jun 2015 06:44:39 -0400
Received: from mx1.redhat.com ([209.132.183.28]:48568 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751311AbbFSKoa (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Fri, 19 Jun 2015 06:44:30 -0400
Message-ID: <5583F28A.9080206@redhat.com>
Date: Fri, 19 Jun 2015 12:44:26 +0200
From: Paolo Bonzini <pbonzini@redhat.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: "Michael S. Tsirkin" <mst@redhat.com>
CC: Igor Mammedov <imammedo@redhat.com>, linux-kernel@vger.kernel.org,
        kvm@vger.kernel.org, andrey@xdel.ru
Subject: Re: [PATCH 3/5] vhost: support upto 509 memory regions
References: <20150618134040-mutt-send-email-mst@redhat.com> <5582B088.1090207@redhat.com> <20150618142455-mutt-send-email-mst@redhat.com> <5582CBA6.5070105@redhat.com> <20150618164559-mutt-send-email-mst@redhat.com> <5582EBA6.1080607@redhat.com> <20150619095515-mutt-send-email-mst@redhat.com> <5583CB62.6030405@redhat.com> <20150619100409-mutt-send-email-mst@redhat.com> <5583D85F.7090200@redhat.com> <20150619120734-mutt-send-email-mst@redhat.com>
In-Reply-To: <20150619120734-mutt-send-email-mst@redhat.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 19/06/2015 12:14, Michael S. Tsirkin wrote:
> On Fri, Jun 19, 2015 at 10:52:47AM +0200, Paolo Bonzini wrote:
>>
>>
>> On 19/06/2015 10:05, Michael S. Tsirkin wrote:
>>>> No, only destruction of the memory region frees it.  address_space_map
>>>> takes a reference to the memory region and address_space_unmap releases it.
>>>>
>>>> Paolo
>>>
>>> Confused. So can we call mmap(MAP_NORESERVE) in address_space_unmap
>>> after we detect refcount is 0?
>>
>> No, because in the meanwhile another DIMM could have been hotplugged
>> at the same place where the old one was.  This is legal:
>>
>>     user                      guest                 QEMU
>>     ----------------------------------------------------------------------------------------
>>                               start I/O
>>                                   '---------------> address_space_map
>>     device_del
>>         '-------------------> receives SCI
>>                               executes _EJ0
>>                                   '---------------> memory_region_del_subregion
>>                                                     object_unparent
> 
> So guest started DMA into memory, then ejected this memory while DMA
> is in progress?

Yes.  There is nothing that forbids doing that.

Paolo

>>     device_add
>>         '-----------------------------------------> device_set_realized
>>                                                       hotplug_handler_plug
>>                                                         pc_machine_device_plug_cb
>>                                                           pc_dimm_plug
>>                                                             memory_region_add_subregion
>>
>>                                                     I/O finishes
>>                                                       address_space_unmap
>>
>> Surprise removal similarly could be done in QEMU, but it will hold to
>> some resources for as long as the device backends need them.
>>
>> Paolo