lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 14 Jan 2020 17:52:43 +0100
From:   David Hildenbrand <david@...hat.com>
To:     "Kirill A. Shutemov" <kirill@...temov.name>
Cc:     linux-kernel@...r.kernel.org, linux-mm@...ck.org,
        Andrew Morton <akpm@...ux-foundation.org>,
        Michal Hocko <mhocko@...nel.org>,
        Oscar Salvador <osalvador@...e.de>
Subject: Re: [PATCH v1 2/2] mm: factor out next_present_section_nr()

On 14.01.20 17:50, David Hildenbrand wrote:
> On 14.01.20 16:52, Kirill A. Shutemov wrote:
>> On Tue, Jan 14, 2020 at 11:49:19AM +0100, David Hildenbrand wrote:
>>> memmap_init_zone() is called for a physical memory region: pfn + size
>>> (nr_pages)
>>>
>>> The highest possible PFN you can have is "-1(unsigned long) >>
>>> PFN_SHIFT". So even if you would want to add the very last section, the
>>> PFN would still be smaller than -1UL << PFN_SECTION_SHIFT.
>>
>> PFN_SHIFT? I guess you mean PAGE_SHIFT.
> 
> Yes :)
> 
>>
>> Of course PFN can be more than -1UL >> PAGE_SHIFT. Like on 32-bit x86 with
>> PAE it is ((1ULL << 36) - 1) >> PAGE_SHIFT. That's the whole reason for
>> PAE.
> 
> You are right about PAE, but I think you agree that is is a special case.
> 
>>
>> The highest possible PFN must fit into phys_addr_t when shifted left by
>> PAGE_SHIFT and must fit into unsigned long. It's can be -1UL if
>> phys_addr_t is 64-bit.
>>
> 
> Right, and for 32bit, that would mean (assuming something like 12bit
> PAGE_SHIFT) if you have -1 (0xffffffff) that the biggest possible
> address is 0xfffffffffff (44bit). In that case, the existing code would
> already break because "end_pfn" (is actually +1, pointing after the one
> to initialize), would overflow to 0 and you would have an endless loop
> in memmap_init_zone().

Correction: If end_pfn overflows to 0, you would get no loop iteration
at all.

-- 
Thanks,

David / dhildenb

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ