-stable review patch. If anyone has any objections, please let us know.
---------------------
From: Joerg Roedel <[email protected]>
upstream commit: c5bc22424021cabda862727fb3f5098b866f074d
In the paging_fetch function rmap_remove is called after setting a large
pte to non-present. This causes rmap_remove to not drop the reference to
the large page. The result is a memory leak of that page.
Cc: [email protected]
Signed-off-by: Joerg Roedel <[email protected]>
Acked-by: Marcelo Tosatti <[email protected]>
Signed-off-by: Avi Kivity <[email protected]>
[chrisw: backport to 2.6.29]
Signed-off-by: Chris Wright <[email protected]>
---
arch/x86/kvm/paging_tmpl.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/arch/x86/kvm/paging_tmpl.h
+++ b/arch/x86/kvm/paging_tmpl.h
@@ -314,9 +314,9 @@ static int FNAME(shadow_walk_entry)(stru
return 0;
if (is_large_pte(*sptep)) {
+ rmap_remove(vcpu->kvm, sptep);
set_shadow_pte(sptep, shadow_trap_nonpresent_pte);
kvm_flush_remote_tlbs(vcpu->kvm);
- rmap_remove(vcpu->kvm, sptep);
}
if (level == PT_DIRECTORY_LEVEL && gw->level == PT_DIRECTORY_LEVEL) {