From: Baoquan He <bhe@redhat.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Yuntao Wang <ytcoode@gmail.com>,
linux-kernel@vger.kernel.org, kexec@lists.infradead.org,
x86@kernel.org, Andrew Morton <akpm@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Jonathan Corbet <corbet@lwn.net>
Subject: Re: [PATCH 1/3] kexec_file: fix incorrect end value passed to kimage_is_destination_range()
Date: Sat, 16 Dec 2023 10:21:53 +0800 [thread overview]
Message-ID: <ZX0JwbQ59XH5rqm9@MiWiFi-R3L-srv> (raw)
In-Reply-To: <87a5qb4avf.fsf@email.froward.int.ebiederm.org>
On 12/15/23 at 11:46am, Eric W. Biederman wrote:
> Yuntao Wang <ytcoode@gmail.com> writes:
>
> > The end parameter received by kimage_is_destination_range() should be the
> > last valid byte address of the target memory segment plus 1. However, in
> > the locate_mem_hole_bottom_up() and locate_mem_hole_top_down() functions,
> > the corresponding value passed to kimage_is_destination_range() is the last
> > valid byte address of the target memory segment, which is 1 less. Fix
> > it.
>
> If that is true we I think we should rather fix
> kimage_is_destination_range.
It's true wit the current implementation of
kimage_is_destination_range(). Its callers pass the start/end+1
pair. Agree we should fix kimage_is_destination_range() instead and
adjust callers, such as kimage_alloc_normal_control_pages(), and
kimage_alloc_page().
>
> Otherwise we run the risk of having areas whose end is not
> representable, epecially on 32bit.
>
>
> Eric
>
>
> > Signed-off-by: Yuntao Wang <ytcoode@gmail.com>
> > ---
> > kernel/kexec_file.c | 7 +++----
> > 1 file changed, 3 insertions(+), 4 deletions(-)
> >
> > diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
> > index f9a419cd22d4..26be070d3bdd 100644
> > --- a/kernel/kexec_file.c
> > +++ b/kernel/kexec_file.c
> > @@ -435,13 +435,12 @@ static int locate_mem_hole_top_down(unsigned long start, unsigned long end,
> > if (temp_start < start || temp_start < kbuf->buf_min)
> > return 0;
> >
> > - temp_end = temp_start + kbuf->memsz - 1;
> > -
> > /*
> > * Make sure this does not conflict with any of existing
> > * segments
> > */
> > - if (kimage_is_destination_range(image, temp_start, temp_end)) {
> > + if (kimage_is_destination_range(image, temp_start,
> > + temp_start + kbuf->memsz)) {
> > temp_start = temp_start - PAGE_SIZE;
> > continue;
> > }
> > @@ -475,7 +474,7 @@ static int locate_mem_hole_bottom_up(unsigned long start, unsigned long end,
> > * Make sure this does not conflict with any of existing
> > * segments
> > */
> > - if (kimage_is_destination_range(image, temp_start, temp_end)) {
> > + if (kimage_is_destination_range(image, temp_start, temp_end + 1)) {
> > temp_start = temp_start + PAGE_SIZE;
> > continue;
> > }
>
> _______________________________________________
> kexec mailing list
> kexec@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/kexec
>
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
WARNING: multiple messages have this Message-ID (diff)
From: Baoquan He <bhe@redhat.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Yuntao Wang <ytcoode@gmail.com>,
linux-kernel@vger.kernel.org, kexec@lists.infradead.org,
x86@kernel.org, Andrew Morton <akpm@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Jonathan Corbet <corbet@lwn.net>
Subject: Re: [PATCH 1/3] kexec_file: fix incorrect end value passed to kimage_is_destination_range()
Date: Sat, 16 Dec 2023 10:21:53 +0800 [thread overview]
Message-ID: <ZX0JwbQ59XH5rqm9@MiWiFi-R3L-srv> (raw)
In-Reply-To: <87a5qb4avf.fsf@email.froward.int.ebiederm.org>
On 12/15/23 at 11:46am, Eric W. Biederman wrote:
> Yuntao Wang <ytcoode@gmail.com> writes:
>
> > The end parameter received by kimage_is_destination_range() should be the
> > last valid byte address of the target memory segment plus 1. However, in
> > the locate_mem_hole_bottom_up() and locate_mem_hole_top_down() functions,
> > the corresponding value passed to kimage_is_destination_range() is the last
> > valid byte address of the target memory segment, which is 1 less. Fix
> > it.
>
> If that is true we I think we should rather fix
> kimage_is_destination_range.
It's true wit the current implementation of
kimage_is_destination_range(). Its callers pass the start/end+1
pair. Agree we should fix kimage_is_destination_range() instead and
adjust callers, such as kimage_alloc_normal_control_pages(), and
kimage_alloc_page().
>
> Otherwise we run the risk of having areas whose end is not
> representable, epecially on 32bit.
>
>
> Eric
>
>
> > Signed-off-by: Yuntao Wang <ytcoode@gmail.com>
> > ---
> > kernel/kexec_file.c | 7 +++----
> > 1 file changed, 3 insertions(+), 4 deletions(-)
> >
> > diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
> > index f9a419cd22d4..26be070d3bdd 100644
> > --- a/kernel/kexec_file.c
> > +++ b/kernel/kexec_file.c
> > @@ -435,13 +435,12 @@ static int locate_mem_hole_top_down(unsigned long start, unsigned long end,
> > if (temp_start < start || temp_start < kbuf->buf_min)
> > return 0;
> >
> > - temp_end = temp_start + kbuf->memsz - 1;
> > -
> > /*
> > * Make sure this does not conflict with any of existing
> > * segments
> > */
> > - if (kimage_is_destination_range(image, temp_start, temp_end)) {
> > + if (kimage_is_destination_range(image, temp_start,
> > + temp_start + kbuf->memsz)) {
> > temp_start = temp_start - PAGE_SIZE;
> > continue;
> > }
> > @@ -475,7 +474,7 @@ static int locate_mem_hole_bottom_up(unsigned long start, unsigned long end,
> > * Make sure this does not conflict with any of existing
> > * segments
> > */
> > - if (kimage_is_destination_range(image, temp_start, temp_end)) {
> > + if (kimage_is_destination_range(image, temp_start, temp_end + 1)) {
> > temp_start = temp_start + PAGE_SIZE;
> > continue;
> > }
>
> _______________________________________________
> kexec mailing list
> kexec@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/kexec
>
next prev parent reply other threads:[~2023-12-16 2:22 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-15 8:09 [PATCH 0/3] Some bug fixes and cleanups related to kexec Yuntao Wang
2023-12-15 8:09 ` Yuntao Wang
2023-12-15 8:09 ` [PATCH 1/3] kexec_file: fix incorrect end value passed to kimage_is_destination_range() Yuntao Wang
2023-12-15 8:09 ` Yuntao Wang
2023-12-15 17:46 ` Eric W. Biederman
2023-12-15 17:46 ` Eric W. Biederman
2023-12-16 2:21 ` Baoquan He [this message]
2023-12-16 2:21 ` Baoquan He
2023-12-16 4:18 ` [PATCH 1/3 v2] kexec: modify the meaning of the end parameter in kimage_is_destination_range() Yuntao Wang
2023-12-16 4:18 ` Yuntao Wang
2023-12-16 9:29 ` Baoquan He
2023-12-16 9:29 ` Baoquan He
2023-12-16 11:23 ` [PATCH 1/3 v3] " Yuntao Wang
2023-12-16 11:23 ` Yuntao Wang
2023-12-16 12:05 ` [PATCH 1/3 v4] " Yuntao Wang
2023-12-16 12:05 ` Yuntao Wang
2023-12-17 1:02 ` Baoquan He
2023-12-17 1:02 ` Baoquan He
2023-12-15 8:09 ` [PATCH 2/3] kexec_file: fix incorrect temp_start value in locate_mem_hole_top_down() Yuntao Wang
2023-12-15 8:09 ` Yuntao Wang
2023-12-15 8:09 ` [PATCH 3/3] x86/kexec: use pr_err() instead of pr_debug() when an error occurs Yuntao Wang
2023-12-15 8:09 ` Yuntao Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZX0JwbQ59XH5rqm9@MiWiFi-R3L-srv \
--to=bhe@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=ebiederm@xmission.com \
--cc=hpa@zytor.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
--cc=ytcoode@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.