KVM: MMU: Fix potential memory leak with smp real-mode

When we map a page, we check whether some other vcpu mapped it for us and if so, bail out. But we should decrease the refcount on the page as we do so. Signed-off-by: Izik Eidus <izike@qumranet.com> Signed-off-by: Avi Kivity <avi@qumranet.com>
author: Izik Eidus <izike@qumranet.com> 2007-11-20 11:30:04 +0200
committer: Avi Kivity <avi@qumranet.com> 2008-01-30 17:53:08 +0200
commit: 2065b3727ecdb64450597d70f7e13af00b85dbd8 (patch)
tree: cbfcc78359c7738ee748569bbc6eec39f17a8784 /drivers
parent: 2d2a7b9cff7f6324e69daa3ab76799641a94a0e8 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/drivers/kvm/mmu.c b/drivers/kvm/mmu.c
index 87d8e70fe502..8add4d5c6840 100644
--- a/drivers/kvm/mmu.c
+++ b/drivers/kvm/mmu.c
@@ -907,8 +907,10 @@ static int nonpaging_map(struct kvm_vcpu *vcpu, gva_t v, hpa_t p)
 
 			pte = table[index];
 			was_rmapped = is_rmap_pte(pte);
-			if (is_shadow_present_pte(pte) && is_writeble_pte(pte))
+			if (is_shadow_present_pte(pte) && is_writeble_pte(pte)) {
+				kvm_release_page(pfn_to_page(p >> PAGE_SHIFT));
 				return 0;
+			}
 			mark_page_dirty(vcpu->kvm, v >> PAGE_SHIFT);
 			page_header_update_slot(vcpu->kvm, table, v);
 			table[index] = p | PT_PRESENT_MASK | PT_WRITABLE_MASK |
author	Izik Eidus <izike@qumranet.com>	2007-11-20 11:30:04 +0200
committer	Avi Kivity <avi@qumranet.com>	2008-01-30 17:53:08 +0200
commit	2065b3727ecdb64450597d70f7e13af00b85dbd8 (patch)
tree	cbfcc78359c7738ee748569bbc6eec39f17a8784 /drivers
parent	2d2a7b9cff7f6324e69daa3ab76799641a94a0e8 (diff)