From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754663AbbFSPTz (ORCPT ); Fri, 19 Jun 2015 11:19:55 -0400 Received: from mx1.redhat.com ([209.132.183.28]:53601 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753275AbbFSPTs (ORCPT ); Fri, 19 Jun 2015 11:19:48 -0400 Message-ID: <55843310.50403@redhat.com> Date: Fri, 19 Jun 2015 17:19:44 +0200 From: Paolo Bonzini User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: "Michael S. Tsirkin" CC: Igor Mammedov , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, andrey@xdel.ru Subject: Re: [PATCH 3/5] vhost: support upto 509 memory regions References: <20150618142455-mutt-send-email-mst@redhat.com> <5582CBA6.5070105@redhat.com> <20150618164559-mutt-send-email-mst@redhat.com> <5582EBA6.1080607@redhat.com> <20150619095515-mutt-send-email-mst@redhat.com> <5583CB62.6030405@redhat.com> <20150619100409-mutt-send-email-mst@redhat.com> <5583D85F.7090200@redhat.com> <20150619120734-mutt-send-email-mst@redhat.com> <5583F28A.9080206@redhat.com> <20150619153248-mutt-send-email-mst@redhat.com> In-Reply-To: <20150619153248-mutt-send-email-mst@redhat.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 19/06/2015 15:34, Michael S. Tsirkin wrote: > On Fri, Jun 19, 2015 at 12:44:26PM +0200, Paolo Bonzini wrote: >> >> >> On 19/06/2015 12:14, Michael S. Tsirkin wrote: >>> On Fri, Jun 19, 2015 at 10:52:47AM +0200, Paolo Bonzini wrote: >>>> >>>> >>>> On 19/06/2015 10:05, Michael S. Tsirkin wrote: >>>>>> No, only destruction of the memory region frees it. address_space_map >>>>>> takes a reference to the memory region and address_space_unmap releases it. >>>>>> >>>>>> Paolo >>>>> >>>>> Confused. So can we call mmap(MAP_NORESERVE) in address_space_unmap >>>>> after we detect refcount is 0? >>>> >>>> No, because in the meanwhile another DIMM could have been hotplugged >>>> at the same place where the old one was. This is legal: >>>> >>>> user guest QEMU >>>> ---------------------------------------------------------------------------------------- >>>> start I/O >>>> '---------------> address_space_map >>>> device_del >>>> '-------------------> receives SCI >>>> executes _EJ0 >>>> '---------------> memory_region_del_subregion >>>> object_unparent >>> >>> So guest started DMA into memory, then ejected this memory while DMA >>> is in progress? >> >> Yes. There is nothing that forbids doing that. > > Can we simply defer the next device_add using a hva until all IO completes? We could, but I/O is just an example. It can be I/O, a network ring, whatever. We cannot audit all address_space_map uses. Paolo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in Please read the FAQ at http://www.tux.org/lkml/ From mboxrd@z Thu Jan 1 00:00:00 1970 From: Paolo Bonzini Subject: Re: [PATCH 3/5] vhost: support upto 509 memory regions Date: Fri, 19 Jun 2015 17:19:44 +0200 Message-ID: <55843310.50403@redhat.com> References: <20150618142455-mutt-send-email-mst@redhat.com> <5582CBA6.5070105@redhat.com> <20150618164559-mutt-send-email-mst@redhat.com> <5582EBA6.1080607@redhat.com> <20150619095515-mutt-send-email-mst@redhat.com> <5583CB62.6030405@redhat.com> <20150619100409-mutt-send-email-mst@redhat.com> <5583D85F.7090200@redhat.com> <20150619120734-mutt-send-email-mst@redhat.com> <5583F28A.9080206@redhat.com> <20150619153248-mutt-send-email-mst@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Cc: Igor Mammedov , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, andrey@xdel.ru To: "Michael S. Tsirkin" Return-path: In-Reply-To: <20150619153248-mutt-send-email-mst@redhat.com> Sender: linux-kernel-owner@vger.kernel.org List-Id: kvm.vger.kernel.org On 19/06/2015 15:34, Michael S. Tsirkin wrote: > On Fri, Jun 19, 2015 at 12:44:26PM +0200, Paolo Bonzini wrote: >> >> >> On 19/06/2015 12:14, Michael S. Tsirkin wrote: >>> On Fri, Jun 19, 2015 at 10:52:47AM +0200, Paolo Bonzini wrote: >>>> >>>> >>>> On 19/06/2015 10:05, Michael S. Tsirkin wrote: >>>>>> No, only destruction of the memory region frees it. address_space_map >>>>>> takes a reference to the memory region and address_space_unmap releases it. >>>>>> >>>>>> Paolo >>>>> >>>>> Confused. So can we call mmap(MAP_NORESERVE) in address_space_unmap >>>>> after we detect refcount is 0? >>>> >>>> No, because in the meanwhile another DIMM could have been hotplugged >>>> at the same place where the old one was. This is legal: >>>> >>>> user guest QEMU >>>> ---------------------------------------------------------------------------------------- >>>> start I/O >>>> '---------------> address_space_map >>>> device_del >>>> '-------------------> receives SCI >>>> executes _EJ0 >>>> '---------------> memory_region_del_subregion >>>> object_unparent >>> >>> So guest started DMA into memory, then ejected this memory while DMA >>> is in progress? >> >> Yes. There is nothing that forbids doing that. > > Can we simply defer the next device_add using a hva until all IO completes? We could, but I/O is just an example. It can be I/O, a network ring, whatever. We cannot audit all address_space_map uses. Paolo