KVM: MMU: Fix spte leak when freeing an invalid pagekvm-72rc3

An invalid page may still contain sptes, as the current vcpu may not have had the chance to unload its root after the page was marked invalid. Signed-off-by: Avi Kivity <avi@qumranet.com>
author: Avi Kivity <avi@qumranet.com> 2008-07-22 13:13:53 +0300
committer: Avi Kivity <avi@qumranet.com> 2008-07-22 13:16:14 +0300
commit: 70bbede9825e34c997b1bc95cf2fd0a0a6272cf8 (patch)
tree: 8e1f228887c7c709eff78b74be3fcad6659e03b2
parent: fe81c016a766261847540e90da9b1e66176dc356 (diff)
1 files changed, 4 insertions, 6 deletions
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index 33cc39c55657..2b60b7dc231d 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -932,12 +932,10 @@ static void kvm_mmu_unlink_parents(struct kvm *kvm, struct kvm_mmu_page *sp)
 static void kvm_mmu_zap_page(struct kvm *kvm, struct kvm_mmu_page *sp)
 {
 	++kvm->stat.mmu_shadow_zapped;
-	if (!sp->role.invalid) {
-		kvm_mmu_page_unlink_children(kvm, sp);
-		kvm_mmu_unlink_parents(kvm, sp);
-		if (!sp->role.metaphysical)
-			unaccount_shadowed(kvm, sp->gfn);
-	}
+	kvm_mmu_page_unlink_children(kvm, sp);
+	kvm_mmu_unlink_parents(kvm, sp);
+	if (!sp->role.invalid && !sp->role.metaphysical)
+		unaccount_shadowed(kvm, sp->gfn);
 	if (!sp->root_count) {
 		hlist_del(&sp->hash_link);
 		kvm_mmu_free_page(kvm, sp);
author	Avi Kivity <avi@qumranet.com>	2008-07-22 13:13:53 +0300
committer	Avi Kivity <avi@qumranet.com>	2008-07-22 13:16:14 +0300
commit	70bbede9825e34c997b1bc95cf2fd0a0a6272cf8 (patch)
tree	8e1f228887c7c709eff78b74be3fcad6659e03b2
parent	fe81c016a766261847540e90da9b1e66176dc356 (diff)