From: Joerg Roedel <joerg.roedel@amd.com>
Date: Thu, 26 Mar 2009 23:05:07 +0000 (+0000)
Subject: KVM: MMU: Fix another largepage memory leak
X-Git-Tag: v2.6.29.1~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=716fd1dac0a807fdc4c750a5f967ffcc9d9ea744;p=thirdparty%2Fkernel%2Fstable.git

KVM: MMU: Fix another largepage memory leak

upstream commit: c5bc22424021cabda862727fb3f5098b866f074d

In the paging_fetch function rmap_remove is called after setting a large
pte to non-present. This causes rmap_remove to not drop the reference to
the large page. The result is a memory leak of that page.

Cc: stable@kernel.org
Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
Acked-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
[chrisw: backport to 2.6.29]
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
---

diff --git a/arch/x86/kvm/paging_tmpl.h b/arch/x86/kvm/paging_tmpl.h
index 9fd78b6e17ad2..c95a67df5906d 100644
--- a/arch/x86/kvm/paging_tmpl.h
+++ b/arch/x86/kvm/paging_tmpl.h
@@ -314,9 +314,9 @@ static int FNAME(shadow_walk_entry)(struct kvm_shadow_walk *_sw,
 		return 0;
 
 	if (is_large_pte(*sptep)) {
+		rmap_remove(vcpu->kvm, sptep);
 		set_shadow_pte(sptep, shadow_trap_nonpresent_pte);
 		kvm_flush_remote_tlbs(vcpu->kvm);
-		rmap_remove(vcpu->kvm, sptep);
 	}
 
 	if (level == PT_DIRECTORY_LEVEL && gw->level == PT_DIRECTORY_LEVEL) {