[PATCH v2 10/10] Warn cyclic buffer overrun and correct it if possible

Atsushi Kumagai kumagai-atsushi at mxc.nes.nec.co.jp
Thu Sep 12 02:17:11 EDT 2013 

Hello HATAYAMA-san,

(2013/09/12 11:01), HATAYAMA Daisuke wrote:
> (2013/09/11 17:35), HATAYAMA Daisuke wrote:
>> (2013/09/11 16:51), Atsushi Kumagai wrote:
>>> Hello HATAYAMA-san,
>>>
>>> (2012/11/16 14:02), HATAYAMA Daisuke wrote:
>>>> Clearling bits on cyclic buffer can overrun the cyclic buffer
>>>> according to some combination of MAX_ORDER and cyclic buffer size.
>>>>
>>>> The cyclic buffer size is corrected if possible.
>>>>
>>>> Signed-off-by: HATAYAMA Daisuke <d.hatayama at jp.fujitsu.com>
>>>
>>> I know it's so late, I found that updating pfn_cyclic is missing.
>>> It can cause memory corruption.
>>>
>>
>> Hello Kumagai-san,
>>
>> Reviewed-by: HATAYAMA Daisuke <d.hatayama at jp.fujitsu.com>
>>
>> It might be even better to introduce some kind of helper function that
>> sets up these cyclic-mode-related parameters and then to use it in
>> initial() and check_cyclic_buffer_overrun().
>>
>
> Hello Kumaga-san,
>
> I found one more bug. Could you review it?

Thanks, acked and pushed to devel branch.


Atsushi Kumagai

>
>  From c98375b9af6c19dff88823166eaf13674b4a47ec Mon Sep 17 00:00:00 2001
> From: HATAYAMA Daisuke <d.hatayama at jp.fujitsu.com>
> Date: Thu, 12 Sep 2013 10:35:17 +0900
> Subject: [PATCH] Use divideup() to calculate maximum required bitmap size
>
> Currently, check_cyclic_buffer_overrun() wrongly calculates maximum
> bitmap size required to represent maximum block size managed by buddy
> allocator with roundup(). Then, max_block_size is BITPERBYTE-time
> larger than its correct size. As a result, although the bug never
> affect free-page filtering since roundup(max_order_nr_pages,
> BITPERBYTE) is a multiple of divideup(max_order_nr_pages, BITPERBYTE),
> the following sanity check, (max_block_size > info->bufsize_cyclic),
> and recalculation of info->bufsize_cyclic becomes BITPERBYTE-time
> conservative and inefficient.
>
> Signed-off-by: HATAYAMA Daisuke <d.hatayama at jp.fujitsu.com>
> ---
>   makedumpfile.c | 6 +++---
>   1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/makedumpfile.c b/makedumpfile.c
> index 164b3f1..e66c494 100644
> --- a/makedumpfile.c
> +++ b/makedumpfile.c
> @@ -4078,10 +4078,10 @@ check_cyclic_buffer_overrun(void)
>   {
>       int max_order = ARRAY_LENGTH(zone.free_area);
>       int max_order_nr_pages = 1 << (max_order - 1);
> -    unsigned long max_block_size = roundup(max_order_nr_pages, BITPERBYTE);
> +    unsigned long max_block_size = divideup(max_order_nr_pages,
> +                        BITPERBYTE);
>
> -    if (info->bufsize_cyclic %
> -        roundup(max_order_nr_pages, BITPERBYTE)) {
> +    if (info->bufsize_cyclic % max_block_size) {
>           unsigned long bufsize;
>
>           if (max_block_size > info->bufsize_cyclic) {

More information about the kexec mailing list