Re: [BUGFIX][PATCH 1/3] fix vread/vwrite to be aware of memory hole

From: KAMEZAWA Hiroyuki
Date: Mon Aug 03 2009 - 05:12:34 EST


On Mon, 3 Aug 2009 17:10:19 +0800
Amerigo Wang <xiyou.wangcong@xxxxxxxxx> wrote:

> On Fri, Jul 31, 2009 at 07:32:15PM +0900, KAMEZAWA Hiroyuki wrote:
> >Amerigo Wang さんは書きました:
> >> On Fri, Jul 31, 2009 at 04:11:28PM +0900, KAMEZAWA Hiroyuki wrote:
> >>>From: KAMEZAWA Hiroyuki <kamezawa.hiroyu@xxxxxxxxxxxxxx>
> >>>
> >>>vread/vwrite access vmalloc area without checking there is a page or not.
> >>>
> >>>In old ages, the caller of get_vm_ara() is only IOREMAP and there is no
> >>>memory hole within vm_struct's [addr...addr + size - PAGE_SIZE]
> >>>( -PAGE_SIZE is for a guard page.)
> >>>
> >>>After per-cpu-alloc patch, it uses get_vm_area() for reserve continuous
> >>>virtual address but remap _later_. There tend to be a hole in valid
> >>> vmalloc
> >>>area in vm_struct lists.
> >>>Then, skip the hole (not mapped page) is necessary.
> >>>This patch updates vread/vwrite() for avoiding memory hole.
> >>>
> >>>Routines which access vmalloc area without knowing for which addr is used
> >>>are
> >>> - /proc/kcore
> >>> - /dev/kmem
> >>>
> >>>kcore checks IOREMAP, /dev/kmem doesn't. After this patch, IOREMAP is
> >>>checked and /dev/kmem will avoid to read/write it.
> >>>Fixes to /proc/kcore will be in the next patch in series.
> >>>
> >>>And, this itself fixes the bug as
> >>># dd if=/dev/kmem of=/dev/null bs=1024 count=1048576 skip=3145728
> >>>can cause panic.
> >>
> >>
> >> What panic? :-) Would you mind to put it here?
> >>
> >It directly reboot ;( and no log.
> >plz try.
>
>
> I tried it on an x86_64 machine, no panic, just:
>
> dd: reading `/dev/kmem': Bad address
>
> Only appears on i386? :)
>
I tested on i386/2cpu server.

Thanks,
-Kame

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/