| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <897c31ba-d3bd-b694-8c87-82e784a60c51@arm.com>
Date: Fri, 22 Jan 2021 16:11:25 +0530
From: Anshuman Khandual <anshuman.khandual@....com>
To: David Hildenbrand <david@...hat.com>, linux-mm@...ck.org,
akpm@...ux-foundation.org, hca@...ux.ibm.com,
catalin.marinas@....com
Cc: Oscar Salvador <osalvador@...e.de>,
Vasily Gorbik <gor@...ux.ibm.com>,
Will Deacon <will@...nel.org>,
Ard Biesheuvel <ardb@...nel.org>,
Mark Rutland <mark.rutland@....com>,
linux-arm-kernel@...ts.infradead.org, linux-s390@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH V3 1/3] mm/memory_hotplug: Prevalidate the address range
being added with platform
On 1/22/21 2:48 PM, David Hildenbrand wrote:
>
>> +/*
>> + * Platforms should define arch_get_mappable_range() that provides
>> + * maximum possible addressable physical memory range for which the
>> + * linear mapping could be created. The platform returned address
>> + * range must adhere to these following semantics.
>> + *
>> + * - range.start <= range.end
>> + * - Range includes both end points [range.start..range.end]
>> + *
>> + * There is also a fallback definition provided here, allowing the
>> + * entire possible physical address range in case any platform does
>> + * not define arch_get_mappable_range().
>> + */
>> +struct range __weak arch_get_mappable_range(void)
>> +{
>> + struct range memhp_range = {
>> + .start = 0UL,
>> + .end = -1ULL,
>> + };
>> + return memhp_range;
>> +}
>> +
>> +struct range memhp_get_pluggable_range(bool need_mapping)
>> +{
>> + const u64 max_phys = (1ULL << (MAX_PHYSMEM_BITS + 1)) - 1;
>
> Sorry, thought about that line a bit more, and I think this is just
> wrong (took me longer to realize as it should). The old code used this
> calculation to print the limit only (in a wrong way), let's recap:
>
> Assume MAX_PHYSMEM_BITS=32
>
> max_phys = (1ULL << (32 + 1)) - 1 = 0x1ffffffffull;
>
> Ehm, these are 33 bit.
>
> OTOH, old code checked for
>
> if (max_addr >> MAX_PHYSMEM_BITS) {
>
> Which makes sense, because
>
> 0x1ffffffffull >> 32 = 1
>
> results in "true", meaning it's to big, while
>
> 0xffffffffull >> 32 = 0
>
> correctly results in "false", meaning the address is fine.
>
>
>
> So, this should just be
>
> const u64 max_phys = 1ULL << MAX_PHYSMEM_BITS;
>
> (similarly as calculated in virito-mem code, or in kernel/resource.c)
Should this be 1ULL << MAX_PHYSMEM_BITS - 1 instead ? Currently there are
three usage for this variable in the function.
- if (mhp_range.start > max_phys)
- mhp_range.end = min_t(u64, mhp_range.end, max_phys)
- mhp_range.end = max_phys
mhp_range.end being always inclusive on the higher end and could be maximum
(1ULL << MAX_PHYSMEM_BITS - 1) which is 0xFFFFFFFF instead of 0x100000000
when (1ULL << MAX_PHYSMEM_BITS) is followed for a 32 bit system. This seems
consistent with the default fallback (range.end = -1ULL) defined above.
>
>
>> + struct range memhp_range;
>> +
>> + if (need_mapping) {
>> + memhp_range = arch_get_mappable_range();
>> + if (memhp_range.start > max_phys) {
>> + memhp_range.start = 0;
>> + memhp_range.end = 0;
>> + }
>> + memhp_range.end = min_t(u64, memhp_range.end, max_phys);
>> + } else {
>> + memhp_range.start = 0;
>> + memhp_range.end = max_phys;
>> + }
>> + return memhp_range;
>> +}
>> +EXPORT_SYMBOL_GPL(memhp_get_pluggable_range);
>
>
Powered by blists - more mailing lists