diff for duplicates of <57A029A9.6060303@zoho.com> diff --git a/a/1.txt b/N1/1.txt index 5a8af06..d0643ca 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -4,3 +4,44 @@ this patch is part of https://lkml.org/lkml/2016/7/26/347 and isn't merged in as you advised in another mail, i release this patch against linus's mainline for fixing relevant bugs completely, see test patch attached for verification details + +>From 5a74cb46b7754a45428ff95f4653ad27025c3131 Mon Sep 17 00:00:00 2001 +From: zijun_hu <zijun_hu@htc.com> +Date: Tue, 2 Aug 2016 12:35:28 +0800 +Subject: [PATCH] mm/memblock.c: fix NULL dereference error + +it causes NULL dereference error and failure to get type_a->regions[0] info +if parameter type_b of __next_mem_range_rev() == NULL + +the bugs are fixed by checking before dereferring and initializing idx_b +to 0 + +the approach is tested by dumping all types of region via __memblock_dump_all() +and __next_mem_range_rev() fixed to UART separately, the result is okay after +checking the logs + +Signed-off-by: zijun_hu <zijun_hu@htc.com> +Tested-by: zijun_hu <zijun_hu@htc.com> +Acked-by: Tejun Heo <tj@kernel.org> +--- + mm/memblock.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/mm/memblock.c b/mm/memblock.c +index ff5ff3b..250dd48 100644 +--- a/mm/memblock.c ++++ b/mm/memblock.c +@@ -994,7 +994,10 @@ void __init_memblock __next_mem_range_rev(u64 *idx, int nid, ulong flags, + + if (*idx == (u64)ULLONG_MAX) { + idx_a = type_a->cnt - 1; +- idx_b = type_b->cnt; ++ if (type_b != NULL) ++ idx_b = type_b->cnt; ++ else ++ idx_b = 0; + } + + for (; idx_a >= 0; idx_a--) { +-- +1.9.1 diff --git a/N1/2.hdr b/N1/2.hdr new file mode 100644 index 0000000..73b28bc --- /dev/null +++ b/N1/2.hdr @@ -0,0 +1,5 @@ +Content-Type: text/x-patch; + name="0002-mm-temporary-patch-for-fix-memblock-issue-test.patch" +Content-Transfer-Encoding: 7bit +Content-Disposition: attachment; + filename*0="0002-mm-temporary-patch-for-fix-memblock-issue-test.patch" diff --git a/N1/2.txt b/N1/2.txt new file mode 100644 index 0000000..14147f8 --- /dev/null +++ b/N1/2.txt @@ -0,0 +1,82 @@ +>From df753d7d9426b4d2a5518958d281be2985ccd40d Mon Sep 17 00:00:00 2001 +From: zijun_hu <zijun_hu@htc.com> +Date: Wed, 27 Jul 2016 12:13:37 +0800 +Subject: [PATCH 2/2] mm: temporary patch for fix memblock issue test + +temporary patch for fix memblock issue test + +Signed-off-by: zijun_hu <zijun_hu@htc.com> +--- + arch/arm64/mm/init.c | 7 +++++++ + include/linux/memblock.h | 1 + + mm/memblock.c | 25 +++++++++++++++++++++++++ + 3 files changed, 33 insertions(+) + +diff --git a/arch/arm64/mm/init.c b/arch/arm64/mm/init.c +index d45f862..0db80bb 100644 +--- a/arch/arm64/mm/init.c ++++ b/arch/arm64/mm/init.c +@@ -326,6 +326,13 @@ void __init bootmem_init(void) + + high_memory = __va((max << PAGE_SHIFT) - 1) + 1; + memblock_dump_all(); ++ ++ if (!memblock_debug) ++ __memblock_dump_all(); ++ /* ++ * extern void memblock_patch_verify(void); ++ */ ++ memblock_patch_verify(); + } + + #ifndef CONFIG_SPARSEMEM_VMEMMAP +diff --git a/include/linux/memblock.h b/include/linux/memblock.h +index 3106ac1..c62df1e 100644 +--- a/include/linux/memblock.h ++++ b/include/linux/memblock.h +@@ -340,6 +340,7 @@ bool memblock_is_reserved(phys_addr_t addr); + bool memblock_is_region_reserved(phys_addr_t base, phys_addr_t size); + + extern void __memblock_dump_all(void); ++extern void memblock_patch_verify(void); + + static inline void memblock_dump_all(void) + { +diff --git a/mm/memblock.c b/mm/memblock.c +index e95f95f..5c179ae 100644 +--- a/mm/memblock.c ++++ b/mm/memblock.c +@@ -1652,6 +1652,31 @@ void __init_memblock __memblock_dump_all(void) + memblock_dump(&memblock.reserved, "reserved"); + } + ++void __init_memblock memblock_patch_verify(void) ++{ ++ u64 i; ++ phys_addr_t this_start, this_end; ++ ++ pr_info("in %s: memory\n", __func__); ++ for_each_mem_range_rev(i, &memblock.memory, NULL, NUMA_NO_NODE, ++ MEMBLOCK_NONE, &this_start, &this_end, NULL) ++ pr_info("[%#016llx]\t[%#016llx-%#016llx]\n", ++ i, this_start, this_end); ++ ++ pr_info("in %s: reserved\n", __func__); ++ for_each_mem_range_rev(i, &memblock.reserved, NULL, NUMA_NO_NODE, ++ MEMBLOCK_NONE, &this_start, &this_end, NULL) ++ pr_info("[%#016llx]\t[%#016llx-%#016llx]\n", ++ i, this_start, this_end); ++ ++ pr_info("in %s: memory X reserved\n", __func__); ++ for_each_mem_range_rev(i, &memblock.memory, &memblock.reserved, ++ NUMA_NO_NODE, MEMBLOCK_NONE, ++ &this_start, &this_end, NULL) ++ pr_info("[%#016llx]\t[%#016llx-%#016llx]\n", ++ i, this_start, this_end); ++} ++ + void __init memblock_allow_resize(void) + { + memblock_can_resize = 1; +-- +1.9.1 diff --git a/a/content_digest b/N1/content_digest index 23fe08c..dad94c0 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -20,6 +20,132 @@ "this patch is part of https://lkml.org/lkml/2016/7/26/347 and isn't merged in\n" "as you advised in another mail, i release this patch against linus's mainline\n" "for fixing relevant bugs completely, see test patch attached for verification\n" - details + "details\n" + "\n" + ">From 5a74cb46b7754a45428ff95f4653ad27025c3131 Mon Sep 17 00:00:00 2001\n" + "From: zijun_hu <zijun_hu@htc.com>\n" + "Date: Tue, 2 Aug 2016 12:35:28 +0800\n" + "Subject: [PATCH] mm/memblock.c: fix NULL dereference error\n" + "\n" + "it causes NULL dereference error and failure to get type_a->regions[0] info\n" + "if parameter type_b of __next_mem_range_rev() == NULL\n" + "\n" + "the bugs are fixed by checking before dereferring and initializing idx_b\n" + "to 0\n" + "\n" + "the approach is tested by dumping all types of region via __memblock_dump_all()\n" + "and __next_mem_range_rev() fixed to UART separately, the result is okay after\n" + "checking the logs\n" + "\n" + "Signed-off-by: zijun_hu <zijun_hu@htc.com>\n" + "Tested-by: zijun_hu <zijun_hu@htc.com>\n" + "Acked-by: Tejun Heo <tj@kernel.org>\n" + "---\n" + " mm/memblock.c | 5 ++++-\n" + " 1 file changed, 4 insertions(+), 1 deletion(-)\n" + "\n" + "diff --git a/mm/memblock.c b/mm/memblock.c\n" + "index ff5ff3b..250dd48 100644\n" + "--- a/mm/memblock.c\n" + "+++ b/mm/memblock.c\n" + "@@ -994,7 +994,10 @@ void __init_memblock __next_mem_range_rev(u64 *idx, int nid, ulong flags,\n" + " \n" + " \tif (*idx == (u64)ULLONG_MAX) {\n" + " \t\tidx_a = type_a->cnt - 1;\n" + "-\t\tidx_b = type_b->cnt;\n" + "+\t\tif (type_b != NULL)\n" + "+\t\t\tidx_b = type_b->cnt;\n" + "+\t\telse\n" + "+\t\t\tidx_b = 0;\n" + " \t}\n" + " \n" + " \tfor (; idx_a >= 0; idx_a--) {\n" + "-- \n" + 1.9.1 + "\01:2\0" + "fn\00002-mm-temporary-patch-for-fix-memblock-issue-test.patch\0" + "b\0" + ">From df753d7d9426b4d2a5518958d281be2985ccd40d Mon Sep 17 00:00:00 2001\n" + "From: zijun_hu <zijun_hu@htc.com>\n" + "Date: Wed, 27 Jul 2016 12:13:37 +0800\n" + "Subject: [PATCH 2/2] mm: temporary patch for fix memblock issue test\n" + "\n" + "temporary patch for fix memblock issue test\n" + "\n" + "Signed-off-by: zijun_hu <zijun_hu@htc.com>\n" + "---\n" + " arch/arm64/mm/init.c | 7 +++++++\n" + " include/linux/memblock.h | 1 +\n" + " mm/memblock.c | 25 +++++++++++++++++++++++++\n" + " 3 files changed, 33 insertions(+)\n" + "\n" + "diff --git a/arch/arm64/mm/init.c b/arch/arm64/mm/init.c\n" + "index d45f862..0db80bb 100644\n" + "--- a/arch/arm64/mm/init.c\n" + "+++ b/arch/arm64/mm/init.c\n" + "@@ -326,6 +326,13 @@ void __init bootmem_init(void)\n" + " \n" + " \thigh_memory = __va((max << PAGE_SHIFT) - 1) + 1;\n" + " \tmemblock_dump_all();\n" + "+\n" + "+\tif (!memblock_debug)\n" + "+\t\t__memblock_dump_all();\n" + "+\t/*\n" + "+\t * extern void memblock_patch_verify(void);\n" + "+\t */\n" + "+\tmemblock_patch_verify();\n" + " }\n" + " \n" + " #ifndef CONFIG_SPARSEMEM_VMEMMAP\n" + "diff --git a/include/linux/memblock.h b/include/linux/memblock.h\n" + "index 3106ac1..c62df1e 100644\n" + "--- a/include/linux/memblock.h\n" + "+++ b/include/linux/memblock.h\n" + "@@ -340,6 +340,7 @@ bool memblock_is_reserved(phys_addr_t addr);\n" + " bool memblock_is_region_reserved(phys_addr_t base, phys_addr_t size);\n" + " \n" + " extern void __memblock_dump_all(void);\n" + "+extern void memblock_patch_verify(void);\n" + " \n" + " static inline void memblock_dump_all(void)\n" + " {\n" + "diff --git a/mm/memblock.c b/mm/memblock.c\n" + "index e95f95f..5c179ae 100644\n" + "--- a/mm/memblock.c\n" + "+++ b/mm/memblock.c\n" + "@@ -1652,6 +1652,31 @@ void __init_memblock __memblock_dump_all(void)\n" + " \tmemblock_dump(&memblock.reserved, \"reserved\");\n" + " }\n" + " \n" + "+void __init_memblock memblock_patch_verify(void)\n" + "+{\n" + "+\tu64 i;\n" + "+\tphys_addr_t this_start, this_end;\n" + "+\n" + "+\tpr_info(\"in %s: memory\\n\", __func__);\n" + "+\tfor_each_mem_range_rev(i, &memblock.memory, NULL, NUMA_NO_NODE,\n" + "+\t\t\tMEMBLOCK_NONE, &this_start, &this_end, NULL)\n" + "+\t\tpr_info(\"[%#016llx]\\t[%#016llx-%#016llx]\\n\",\n" + "+\t\t\t\ti, this_start, this_end);\n" + "+\n" + "+\tpr_info(\"in %s: reserved\\n\", __func__);\n" + "+\tfor_each_mem_range_rev(i, &memblock.reserved, NULL, NUMA_NO_NODE,\n" + "+\t\t\tMEMBLOCK_NONE, &this_start, &this_end, NULL)\n" + "+\t\tpr_info(\"[%#016llx]\\t[%#016llx-%#016llx]\\n\",\n" + "+\t\t\t\ti, this_start, this_end);\n" + "+\n" + "+\tpr_info(\"in %s: memory X reserved\\n\", __func__);\n" + "+\tfor_each_mem_range_rev(i, &memblock.memory, &memblock.reserved,\n" + "+\t\t\tNUMA_NO_NODE, MEMBLOCK_NONE,\n" + "+\t\t\t&this_start, &this_end, NULL)\n" + "+\t\tpr_info(\"[%#016llx]\\t[%#016llx-%#016llx]\\n\",\n" + "+\t\t\t\ti, this_start, this_end);\n" + "+}\n" + "+\n" + " void __init memblock_allow_resize(void)\n" + " {\n" + " \tmemblock_can_resize = 1;\n" + "-- \n" + 1.9.1 -74ac8d48f824dd7189c3f32198f6b177c7164ccac46abd7c004f9d4710ac398b +0035fccdaa92f9ad6e8fea88c5c36d0fc295c3f2c05ca99d4966380387c74076
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.