lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <55E95130.9030207@suse.com>
Date:	Fri, 4 Sep 2015 10:07:12 +0200
From:	Juergen Gross <jgross@...e.com>
To:	Roger Pau Monné <roger.pau@...rix.com>
Cc:	David Vrabel <david.vrabel@...rix.com>,
	linux-kernel@...r.kernel.org, xen-devel@...ts.xenproject.org,
	Boris Ostrovsky <boris.ostrovsky@...cle.com>
Subject: Re: [Xen-devel] [PATCH] xen/p2m: fix extra memory regions accounting

On 09/04/2015 09:57 AM, Roger Pau Monné wrote:
> El 04/09/15 a les 9.47, Juergen Gross ha escrit:
>> On 09/04/2015 09:37 AM, Roger Pau Monné wrote:
>>> Hello,
>>>
>>> El 04/09/15 a les 7.07, Juergen Gross ha escrit:
>>>> Could you try the attached patch? It should do the job. It is booting
>>>> fine on my laptop, but I think you should try it on the machine with
>>>> the memory ranges not at page boundary.
>>>>
>>>>
>>>> Juergen
>>>>
>>>>
>>>> extramem.patch
>>>>
>>>>
>>>> commit 3d0f8aa4d1b4c9c16a81902a197b5d6a77e182a0
>>>> Author: Juergen Gross <jgross@...e.com>
>>>> Date:   Thu Sep 3 17:44:04 2015 +0200
>>>>
>>>>       xen: switch extra memory accounting to use pfns
>>>>
>>>>       Instead of using physical addresses for accounting of extra memory
>>>>       areas available for ballooning switch to pfns as this is much less
>>>>       error prone regarding partial pages.
>>>
>>> Thanks for taking care of this! I've tested it on the box that has
>>> non-page aligned memory ranges and it works fine, only a couple of
>>> comments below.
>>>
>>>>       Reported-by: Roger Pau Monné <roger.pau@...rix.com>
>>>>       Signed-off-by: Juergen Gross <jgross@...e.com>
>>>>
>>>> diff --git a/arch/x86/xen/setup.c b/arch/x86/xen/setup.c
>>>> index 7a5d566..aa58bc4 100644
>>>> --- a/arch/x86/xen/setup.c
>>>> +++ b/arch/x86/xen/setup.c
>>>> @@ -90,62 +90,65 @@ static void __init xen_parse_512gb(void)
>>>>        xen_512gb_limit = val;
>>>>    }
>>>>
>>>> -static void __init xen_add_extra_mem(phys_addr_t start, phys_addr_t
>>>> size)
>>>> +static void __init xen_add_extra_mem(unsigned long start_pfn,
>>>> +                     unsigned long n_pfns)
>>>
>>> Not very important, but for type consistency this should probably be
>>> xen_pfn_t instead of unsigned long here and below.
>>
>> All of the p2m code is using unsigned long for pfns. I wouldn't mind
>> changing this to use xen_pfn_t instead, but this should be done in a
>> separate patch. I'll put it on my list.
>>
>>>
>>>>    {
>>>>        int i;
>>>>
>>>>        for (i = 0; i < XEN_EXTRA_MEM_MAX_REGIONS; i++) {
>>>>            /* Add new region. */
>>>> -        if (xen_extra_mem[i].size == 0) {
>>>> -            xen_extra_mem[i].start = start;
>>>> -            xen_extra_mem[i].size  = size;
>>>> +        if (xen_extra_mem[i].n_pfns == 0) {
>>>> +            xen_extra_mem[i].start_pfn = start_pfn;
>>>> +            xen_extra_mem[i].n_pfns = n_pfns;
>>>>                break;
>>>>            }
>>>>            /* Append to existing region. */
>>>> -        if (xen_extra_mem[i].start + xen_extra_mem[i].size == start) {
>>>> -            xen_extra_mem[i].size += size;
>>>> +        if (xen_extra_mem[i].start_pfn + xen_extra_mem[i].n_pfns ==
>>>> +            start_pfn) {
>>>> +            xen_extra_mem[i].n_pfns += n_pfns;
>>>>                break;
>>>>            }
>>>
>>> I also noticed this with the original code, why isn't there a case to
>>> prepend to an existing region:
>>>
>>> if (start_pfn + n_pfns == xen_extra_mem[i].start_pfn) {
>>>       xen_extra_mem[i].n_pfns += n_pfns;
>>>       xen_extra_mem[i].start_pfn = start_pfn;
>>> }
>>
>> Processing of memory is done from low to high addresses. This case
>> should never happen. And even if it does, the only downside from
>> not handling this scenario is wasting an additional table entry.
>
> Right, this case would only be useful for xen_del_extra_mem, and as you
> say, the worst that can happen is that we end up using an extra slot.

Even this case should be impossible. It would require two adjacent
regions to be present in xen_extra_mem before calling xen_del_extra_mem
which is impossible as stated above.

>
>>>
>>>>        }
>>>>        if (i == XEN_EXTRA_MEM_MAX_REGIONS)
>>>>            printk(KERN_WARNING "Warning: not enough extra memory
>>>> regions\n");
>>>>
>>>> -    memblock_reserve(start, size);
>>>> +    memblock_reserve(PFN_PHYS(start_pfn), PFN_PHYS(n_pfns));
>>>>    }
>>>
>>> [...]
>>>
>>>> @@ -831,9 +833,11 @@ char * __init xen_memory_setup(void)
>>>>                    chunk_size = min(size, mem_end - addr);
>>>>                } else if (extra_pages) {
>>>>                    chunk_size = min(size, PFN_PHYS(extra_pages));
>>>> -                extra_pages -= PFN_DOWN(chunk_size);
>>>> -                xen_add_extra_mem(addr, chunk_size);
>>>> -                xen_max_p2m_pfn = PFN_DOWN(addr + chunk_size);
>>>> +                pfn_s = PFN_UP(addr);
>>>> +                n_pfns = PFN_DOWN(addr + chunk_size) - pfn_s;
>>>
>>> Should xen_add_extra_mem check for empty ranges and bail out early, or
>>> should the caller make sure it doesn't try to add empty ranges?
>>>
>>> IMHO it's easier and cleaner to add the check to xen_add_extra_mem.
>>
>> This isn't critical at all. Adding an empty range is a nop, as a table
>> entry is regarded to be not used when n_pfns is 0.
>
> Yes, it's just so we can bail out earlier instead of iterating over the
> whole xen_extra_mem for empty ranges. IMHO, I would add a check to
> xen_add_extra_mem so we don't waste cycles.

The question is whether the additional check for each call wouldn't add
more cycles than the early bail out for the rare case would win.

A comment seems to be an appropriate measure. :-)


Juergen

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ