linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* Does slow_virt_to_phys() work with vmalloc() in the case of 32bit-PAE and 2MB page?
@ 2014-10-28  7:08 Dexuan Cui
  2014-10-28  8:50 ` Dexuan Cui
  0 siblings, 1 reply; 3+ messages in thread
From: Dexuan Cui @ 2014-10-28  7:08 UTC (permalink / raw)
  To: Dave Hansen, Rik van Riel, H. Peter Anvin; +Cc: linux-kernel, linux-mm

Hi all,
I suspect slow_virt_to_phys() may not work with vmalloc() in
the 32-bit PAE case(when the pa > 4GB), probably due to 2MB page(?)

Is there any known issue with slow_virt_to_phys() + vmalloc() +
32-bit PAE + 2MB page?

>From what I read the code of slow_virt_to_phys(), the variable 'psize' is
assigned with a value but not used at all -- is this a bug?


phys_addr_t slow_virt_to_phys(void *__virt_addr)
{
        unsigned long virt_addr = (unsigned long)__virt_addr;
        phys_addr_t phys_addr;
        unsigned long offset;
        enum pg_level level;
        unsigned long psize;
        unsigned long pmask;
        pte_t *pte;

        pte = lookup_address(virt_addr, &level);
        BUG_ON(!pte);
        psize = page_level_size(level);
        pmask = page_level_mask(level);
        offset = virt_addr & ~pmask;
        phys_addr = pte_pfn(*pte) << PAGE_SHIFT;
        return (phys_addr | offset);
}

Thanks,
-- Dexuan


^ permalink raw reply	[flat|nested] 3+ messages in thread
* RE: Does slow_virt_to_phys() work with vmalloc() in the case of 32bit-PAE and 2MB page?
  2014-10-28  7:08 Does slow_virt_to_phys() work with vmalloc() in the case of 32bit-PAE and 2MB page? Dexuan Cui
@ 2014-10-28  8:50 ` Dexuan Cui
  2014-10-29  8:14   ` Dexuan Cui
  0 siblings, 1 reply; 3+ messages in thread
From: Dexuan Cui @ 2014-10-28  8:50 UTC (permalink / raw)
  To: dave.hansen, Rik van Riel, H. Peter Anvin; +Cc: linux-kernel, linux-mm

> -----Original Message-----
> From: owner-linux-mm@kvack.org [mailto:owner-linux-mm@kvack.org] On
> Behalf Of Dexuan Cui
> Sent: Tuesday, October 28, 2014 15:08 PM
> To: Dave Hansen; Rik van Riel; H. Peter Anvin
> Cc: linux-kernel@vger.kernel.org; linux-mm@kvack.org
> Subject: Does slow_virt_to_phys() work with vmalloc() in the case of 32bit-
> PAE and 2MB page?
> 
> Hi all,
> I suspect slow_virt_to_phys() may not work with vmalloc() in
> the 32-bit PAE case(when the pa > 4GB), probably due to 2MB page(?)
> 
> Is there any known issue with slow_virt_to_phys() + vmalloc() +
> 32-bit PAE + 2MB page?
> 
> From what I read the code of slow_virt_to_phys(), the variable 'psize' is
> assigned with a value but not used at all -- is this a bug?
After reading through the code, I think there is no issue here, though the
assignment of 'psize'  should be unnecessary, I think.
 
Thanks,
-- Dexuan


^ permalink raw reply	[flat|nested] 3+ messages in thread
* RE: Does slow_virt_to_phys() work with vmalloc() in the case of 32bit-PAE and 2MB page?
  2014-10-28  8:50 ` Dexuan Cui
@ 2014-10-29  8:14   ` Dexuan Cui
  0 siblings, 0 replies; 3+ messages in thread
From: Dexuan Cui @ 2014-10-29  8:14 UTC (permalink / raw)
  To: dave.hansen, Rik van Riel, H. Peter Anvin
  Cc: linux-kernel, linux-mm, KY Srinivasan, Haiyang Zhang

> -----Original Message-----
> From: owner-linux-mm@kvack.org [mailto:owner-linux-mm@kvack.org] On
> Behalf Of Dexuan Cui
> Sent: Tuesday, October 28, 2014 16:51 PM
> To: dave.hansen@intel.com; Rik van Riel; H. Peter Anvin
> Cc: linux-kernel@vger.kernel.org; linux-mm@kvack.org
> Subject: RE: Does slow_virt_to_phys() work with vmalloc() in the case of
> 32bit-PAE and 2MB page?
> 
> > -----Original Message-----
> > From: owner-linux-mm@kvack.org [mailto:owner-linux-mm@kvack.org] On
> > Behalf Of Dexuan Cui
> > Sent: Tuesday, October 28, 2014 15:08 PM
> > To: Dave Hansen; Rik van Riel; H. Peter Anvin
> > Cc: linux-kernel@vger.kernel.org; linux-mm@kvack.org
> > Subject: Does slow_virt_to_phys() work with vmalloc() in the case of 32bit-
> > PAE and 2MB page?
> >
> > Hi all,
> > I suspect slow_virt_to_phys() may not work with vmalloc() in
> > the 32-bit PAE case(when the pa > 4GB), probably due to 2MB page(?)
> >
> > Is there any known issue with slow_virt_to_phys() + vmalloc() +
> > 32-bit PAE + 2MB page?
> >
> > From what I read the code of slow_virt_to_phys(), the variable 'psize' is
> > assigned with a value but not used at all -- is this a bug?
> After reading through the code, I think there is no issue here, though the
> assignment of 'psize'  should be unnecessary, I think.

Hi all,
Finally it turns out there is a left-shift-overflow bug for 32-PAE here!

pte_pfn() returns a PFN of long (32bits in 32-PAE), then "long << PAGE_SHIFT"
will overflow for PFNs above 4GB.

I'm going to post the below fix in another mail:

@@ -409,7 +409,7 @@ phys_addr_t slow_virt_to_phys(void *__virt_addr)
        psize = page_level_size(level);
        pmask = page_level_mask(level);
        offset = virt_addr & ~pmask;
-       phys_addr = pte_pfn(*pte) << PAGE_SHIFT;
+       phys_addr = (phys_addr_t)pte_pfn(*pte) << PAGE_SHIFT;
        return (phys_addr | offset);
 }

Thanks,
-- Dexuan

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-10-29  8:30 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-10-28  7:08 Does slow_virt_to_phys() work with vmalloc() in the case of 32bit-PAE and 2MB page? Dexuan Cui
2014-10-28  8:50 ` Dexuan Cui
2014-10-29  8:14   ` Dexuan Cui

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).