From: Yuntao Wang <ytcoode@gmail.com>
To: linux-kernel@vger.kernel.org, kexec@lists.infradead.org, x86@kernel.org
Cc: Andrew Morton <akpm@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Jonathan Corbet <corbet@lwn.net>,
Eric Biederman <ebiederm@xmission.com>,
Baoquan He <bhe@redhat.com>, Yuntao Wang <ytcoode@gmail.com>
Subject: [PATCH v5 1/3] kexec: modify the meaning of the end parameter in kimage_is_destination_range()
Date: Sun, 17 Dec 2023 11:35:26 +0800 [thread overview]
Message-ID: <20231217033528.303333-2-ytcoode@gmail.com> (raw)
In-Reply-To: <20231217033528.303333-1-ytcoode@gmail.com>
The end parameter received by kimage_is_destination_range() should be the
last valid byte address of the target memory segment plus 1. However, in
the locate_mem_hole_bottom_up() and locate_mem_hole_top_down() functions,
the corresponding value passed to kimage_is_destination_range() is the last
valid byte address of the target memory segment, which is 1 less.
There are two ways to fix this bug. We can either correct the logic of the
locate_mem_hole_bottom_up() and locate_mem_hole_top_down() functions, or we
can fix kimage_is_destination_range() by making the end parameter represent
the last valid byte address of the target memory segment. Here, we choose
the second approach.
Due to the modification to kimage_is_destination_range(), we also need to
adjust its callers, such as kimage_alloc_normal_control_pages() and
kimage_alloc_page().
Signed-off-by: Yuntao Wang <ytcoode@gmail.com>
Acked-by: Baoquan He <bhe@redhat.com>
---
v1->v2:
Fix this issue using the approach suggested by Eric and Baoquan.
v2->v3:
Modify the assignment of eaddr as suggested by Baoquan.
v3->v4:
`eaddr = epfn << PAGE_SHIFT - 1` causes a compilation warning, fix it.
v4->v5:
No changes.
kernel/kexec_core.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c
index be5642a4ec49..e3b1a699f087 100644
--- a/kernel/kexec_core.c
+++ b/kernel/kexec_core.c
@@ -276,8 +276,8 @@ int kimage_is_destination_range(struct kimage *image,
unsigned long mstart, mend;
mstart = image->segment[i].mem;
- mend = mstart + image->segment[i].memsz;
- if ((end > mstart) && (start < mend))
+ mend = mstart + image->segment[i].memsz - 1;
+ if ((end >= mstart) && (start <= mend))
return 1;
}
@@ -370,7 +370,7 @@ static struct page *kimage_alloc_normal_control_pages(struct kimage *image,
pfn = page_to_boot_pfn(pages);
epfn = pfn + count;
addr = pfn << PAGE_SHIFT;
- eaddr = epfn << PAGE_SHIFT;
+ eaddr = (epfn << PAGE_SHIFT) - 1;
if ((epfn >= (KEXEC_CONTROL_MEMORY_LIMIT >> PAGE_SHIFT)) ||
kimage_is_destination_range(image, addr, eaddr)) {
list_add(&pages->lru, &extra_pages);
@@ -716,7 +716,7 @@ static struct page *kimage_alloc_page(struct kimage *image,
/* If the page is not a destination page use it */
if (!kimage_is_destination_range(image, addr,
- addr + PAGE_SIZE))
+ addr + PAGE_SIZE - 1))
break;
/*
--
2.43.0
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
WARNING: multiple messages have this Message-ID (diff)
From: Yuntao Wang <ytcoode@gmail.com>
To: linux-kernel@vger.kernel.org, kexec@lists.infradead.org, x86@kernel.org
Cc: Andrew Morton <akpm@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Jonathan Corbet <corbet@lwn.net>,
Eric Biederman <ebiederm@xmission.com>,
Baoquan He <bhe@redhat.com>, Yuntao Wang <ytcoode@gmail.com>
Subject: [PATCH v5 1/3] kexec: modify the meaning of the end parameter in kimage_is_destination_range()
Date: Sun, 17 Dec 2023 11:35:26 +0800 [thread overview]
Message-ID: <20231217033528.303333-2-ytcoode@gmail.com> (raw)
In-Reply-To: <20231217033528.303333-1-ytcoode@gmail.com>
The end parameter received by kimage_is_destination_range() should be the
last valid byte address of the target memory segment plus 1. However, in
the locate_mem_hole_bottom_up() and locate_mem_hole_top_down() functions,
the corresponding value passed to kimage_is_destination_range() is the last
valid byte address of the target memory segment, which is 1 less.
There are two ways to fix this bug. We can either correct the logic of the
locate_mem_hole_bottom_up() and locate_mem_hole_top_down() functions, or we
can fix kimage_is_destination_range() by making the end parameter represent
the last valid byte address of the target memory segment. Here, we choose
the second approach.
Due to the modification to kimage_is_destination_range(), we also need to
adjust its callers, such as kimage_alloc_normal_control_pages() and
kimage_alloc_page().
Signed-off-by: Yuntao Wang <ytcoode@gmail.com>
Acked-by: Baoquan He <bhe@redhat.com>
---
v1->v2:
Fix this issue using the approach suggested by Eric and Baoquan.
v2->v3:
Modify the assignment of eaddr as suggested by Baoquan.
v3->v4:
`eaddr = epfn << PAGE_SHIFT - 1` causes a compilation warning, fix it.
v4->v5:
No changes.
kernel/kexec_core.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c
index be5642a4ec49..e3b1a699f087 100644
--- a/kernel/kexec_core.c
+++ b/kernel/kexec_core.c
@@ -276,8 +276,8 @@ int kimage_is_destination_range(struct kimage *image,
unsigned long mstart, mend;
mstart = image->segment[i].mem;
- mend = mstart + image->segment[i].memsz;
- if ((end > mstart) && (start < mend))
+ mend = mstart + image->segment[i].memsz - 1;
+ if ((end >= mstart) && (start <= mend))
return 1;
}
@@ -370,7 +370,7 @@ static struct page *kimage_alloc_normal_control_pages(struct kimage *image,
pfn = page_to_boot_pfn(pages);
epfn = pfn + count;
addr = pfn << PAGE_SHIFT;
- eaddr = epfn << PAGE_SHIFT;
+ eaddr = (epfn << PAGE_SHIFT) - 1;
if ((epfn >= (KEXEC_CONTROL_MEMORY_LIMIT >> PAGE_SHIFT)) ||
kimage_is_destination_range(image, addr, eaddr)) {
list_add(&pages->lru, &extra_pages);
@@ -716,7 +716,7 @@ static struct page *kimage_alloc_page(struct kimage *image,
/* If the page is not a destination page use it */
if (!kimage_is_destination_range(image, addr,
- addr + PAGE_SIZE))
+ addr + PAGE_SIZE - 1))
break;
/*
--
2.43.0
next prev parent reply other threads:[~2023-12-17 3:36 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-17 3:35 [PATCH v5 0/3] Some bug fixes and cleanups related to kexec Yuntao Wang
2023-12-17 3:35 ` Yuntao Wang
2023-12-17 3:35 ` Yuntao Wang [this message]
2023-12-17 3:35 ` [PATCH v5 1/3] kexec: modify the meaning of the end parameter in kimage_is_destination_range() Yuntao Wang
2023-12-17 3:35 ` [PATCH v5 2/3] kexec_file: fix incorrect temp_start value in locate_mem_hole_top_down() Yuntao Wang
2023-12-17 3:35 ` Yuntao Wang
2023-12-17 3:35 ` [PATCH v5 3/3] x86/kexec: use pr_err() instead of pr_debug() when an error occurs Yuntao Wang
2023-12-17 3:35 ` Yuntao Wang
2023-12-18 18:24 ` Andrew Morton
2023-12-18 18:24 ` Andrew Morton
2023-12-19 7:29 ` [PATCH] x86/kexec: use pr_err() instead of kexec_dprintk() " Yuntao Wang
2023-12-19 7:29 ` Yuntao Wang
2023-12-19 20:21 ` Andrew Morton
2023-12-19 20:21 ` Andrew Morton
2023-12-20 3:01 ` [PATCH v2] " Yuntao Wang
2023-12-20 3:01 ` Yuntao Wang
2023-12-17 11:55 ` [PATCH v5 0/3] Some bug fixes and cleanups related to kexec Baoquan He
2023-12-17 11:55 ` Baoquan He
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231217033528.303333-2-ytcoode@gmail.com \
--to=ytcoode@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=bhe@redhat.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=ebiederm@xmission.com \
--cc=hpa@zytor.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.