Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp2043568imm; Mon, 16 Jul 2018 00:46:24 -0700 (PDT) X-Google-Smtp-Source: AAOMgpdQhBjoyiZa2ixkWYd5RaAZX3KvKauuRFnoWMXLN31Pw2M3nbGspWiEZaMN32i/cYWtcGWh X-Received: by 2002:a63:b91c:: with SMTP id z28-v6mr14644224pge.22.1531727184073; Mon, 16 Jul 2018 00:46:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531727184; cv=none; d=google.com; s=arc-20160816; b=KNhiYUc7iFn9x5R8j39dAED6I+2j0uurOFvF+vkiNio2lBE/LOq3dw7TuiHuA8ohcN ZrUzthKH9+QGUrpoocBp3jCgOy2v1AgIWAVa4td60CXApsI4+4gPEFPwwxemETbIp1bM sE2qMs4EMhuqqnDTmKjjqHcDRhlpXywO68DjTJWZz48ClQpuDglSBIy+BNoQeTFqmnw2 GuHZrx3frAW+h90olxWw0RqdwbLaQ05gXZ3qWAMeF93O7yPe0hXBbEB0i7bfShbKsojr 48MH6w9UCxmidS34o91d+qVMoNsZamv8+cAiKyIpzIr/giFBI5hrSiBdR83TQSKW/9xY TeKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=jS0+EKkPGeDcO57JDdVMQ32A4fhazHcIzUJNyXBFA4g=; b=XyFrIr8hAKGukop5ncSLroB0aZ8Lx7QV/Dlv6e9Vi4/GiMMCHrMv/+zMl3peazUwyo Do6NeS2WbLt4DbFSdSR52GiRz0O6Z8o1BEHc3wK6rq/BL89SuXWOz/lULgEYUWrdymQw 4gEKY17iznwrE2YjlV9pYLdk4EqmtdZFhz+X+CKWdUI9yuHY6MDiTucwM2ed1bHtMBN2 jXvL23mtulRsQrlmIAE9u5Sm+OcpHarJ1uvLSzez0ieIWCTx1FaTWU3NxOObA4dHoVUy SPuGLPL/HgbmfcEpA42hZmntvCd4T1ZFS+NCvCm/JyQoRRBcg3Ypn5G9iuaSoknMfr+f Us5g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k14-v6si32026795pfd.23.2018.07.16.00.46.09; Mon, 16 Jul 2018 00:46:24 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389351AbeGPIKa (ORCPT + 99 others); Mon, 16 Jul 2018 04:10:30 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:48202 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388522AbeGPIK3 (ORCPT ); Mon, 16 Jul 2018 04:10:29 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id A9331C03; Mon, 16 Jul 2018 07:44:26 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Xavier Deguillard , Nadav Amit Subject: [PATCH 4.4 03/43] vmw_balloon: fix inflation with batching Date: Mon, 16 Jul 2018 09:36:08 +0200 Message-Id: <20180716073512.143167619@linuxfoundation.org> X-Mailer: git-send-email 2.18.0 In-Reply-To: <20180716073511.796555857@linuxfoundation.org> References: <20180716073511.796555857@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.4-stable review patch. If anyone has any objections, please let me know. ------------------ From: Nadav Amit commit 90d72ce079791399ac255c75728f3c9e747b093d upstream. Embarrassingly, the recent fix introduced worse problem than it solved, causing the balloon not to inflate. The VM informed the hypervisor that the pages for lock/unlock are sitting in the wrong address, as it used the page that is used the uninitialized page variable. Fixes: b23220fe054e9 ("vmw_balloon: fixing double free when batching mode is off") Cc: stable@vger.kernel.org Reviewed-by: Xavier Deguillard Signed-off-by: Nadav Amit Signed-off-by: Greg Kroah-Hartman --- drivers/misc/vmw_balloon.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -467,7 +467,7 @@ static int vmballoon_send_batched_lock(s unsigned int num_pages, bool is_2m_pages, unsigned int *target) { unsigned long status; - unsigned long pfn = page_to_pfn(b->page); + unsigned long pfn = PHYS_PFN(virt_to_phys(b->batch_page)); STATS_INC(b->stats.lock[is_2m_pages]); @@ -515,7 +515,7 @@ static bool vmballoon_send_batched_unloc unsigned int num_pages, bool is_2m_pages, unsigned int *target) { unsigned long status; - unsigned long pfn = page_to_pfn(b->page); + unsigned long pfn = PHYS_PFN(virt_to_phys(b->batch_page)); STATS_INC(b->stats.unlock[is_2m_pages]);