add_memory() and remove_memory() can only handle a memory range aligned
with section. There are problems when an unaligned range is added and
then deleted as follows:
- add_memory() with an unaligned range succeeds, but __add_pages()
called from add_memory() adds a whole section of pages even though
a given memory range is less than the section size.
- remove_memory() to the added unaligned range hits BUG_ON() in
__remove_pages().
This patch changes add_memory() and remove_memory() to check if a given
memory range is aligned with section at the beginning. As the result,
add_memory() fails with -EINVAL when a given range is unaligned, and
does not add such memory range. This prevents remove_memory() to be
called with an unaligned range as well. Note that remove_memory() has
to use BUG_ON() since this function cannot fail.
Signed-off-by: Toshi Kani <[email protected]>
Acked-by: KOSAKI Motohiro <[email protected]>
Reviewed-by: Tang Chen <[email protected]>
---
v2: Updated the error message.
---
mm/memory_hotplug.c | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
diff --git a/mm/memory_hotplug.c b/mm/memory_hotplug.c
index ca1dd3a..3bb1f39 100644
--- a/mm/memory_hotplug.c
+++ b/mm/memory_hotplug.c
@@ -1069,6 +1069,22 @@ out:
return ret;
}
+static int check_hotplug_memory_range(u64 start, u64 size)
+{
+ u64 start_pfn = start >> PAGE_SHIFT;
+ u64 nr_pages = size >> PAGE_SHIFT;
+
+ /* Memory range must be aligned with section */
+ if ((start_pfn & ~PAGE_SECTION_MASK) ||
+ (nr_pages % PAGES_PER_SECTION) || (!nr_pages)) {
+ pr_err("Section-unaligned hotplug range: start 0x%llx, size 0x%llx\n",
+ start, size);
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
/* we are OK calling __meminit stuff here - we have CONFIG_MEMORY_HOTPLUG */
int __ref add_memory(int nid, u64 start, u64 size)
{
@@ -1078,6 +1094,10 @@ int __ref add_memory(int nid, u64 start, u64 size)
struct resource *res;
int ret;
+ ret = check_hotplug_memory_range(start, size);
+ if (ret)
+ return ret;
+
lock_memory_hotplug();
res = register_memory_resource(start, size);
@@ -1786,6 +1806,8 @@ void __ref remove_memory(int nid, u64 start, u64 size)
{
int ret;
+ BUG_ON(check_hotplug_memory_range(start, size));
+
lock_memory_hotplug();
/*
On Mon, 2013-08-12 at 07:37 +0800, Wanpeng Li wrote:
> On Sat, Aug 10, 2013 at 01:17:32PM -0600, Toshi Kani wrote:
> >add_memory() and remove_memory() can only handle a memory range aligned
> >with section. There are problems when an unaligned range is added and
> >then deleted as follows:
> >
> > - add_memory() with an unaligned range succeeds, but __add_pages()
> > called from add_memory() adds a whole section of pages even though
> > a given memory range is less than the section size.
> > - remove_memory() to the added unaligned range hits BUG_ON() in
> > __remove_pages().
> >
> >This patch changes add_memory() and remove_memory() to check if a given
> >memory range is aligned with section at the beginning. As the result,
> >add_memory() fails with -EINVAL when a given range is unaligned, and
> >does not add such memory range. This prevents remove_memory() to be
> >called with an unaligned range as well. Note that remove_memory() has
> >to use BUG_ON() since this function cannot fail.
> >
> >Signed-off-by: Toshi Kani <[email protected]>
> >Acked-by: KOSAKI Motohiro <[email protected]>
> >Reviewed-by: Tang Chen <[email protected]>
>
> Reviewed-by: Wanpeng Li <[email protected]>
Thanks Wanpeng!
-Toshi
On Sat, 10 Aug 2013 13:17:32 -0600 Toshi Kani <[email protected]> wrote:
> add_memory() and remove_memory() can only handle a memory range aligned
> with section. There are problems when an unaligned range is added and
> then deleted as follows:
>
> - add_memory() with an unaligned range succeeds, but __add_pages()
> called from add_memory() adds a whole section of pages even though
> a given memory range is less than the section size.
> - remove_memory() to the added unaligned range hits BUG_ON() in
> __remove_pages().
>
> This patch changes add_memory() and remove_memory() to check if a given
> memory range is aligned with section at the beginning. As the result,
> add_memory() fails with -EINVAL when a given range is unaligned, and
> does not add such memory range. This prevents remove_memory() to be
> called with an unaligned range as well. Note that remove_memory() has
> to use BUG_ON() since this function cannot fail.
>
> ...
>
> --- a/mm/memory_hotplug.c
> +++ b/mm/memory_hotplug.c
> @@ -1069,6 +1069,22 @@ out:
> return ret;
> }
>
> +static int check_hotplug_memory_range(u64 start, u64 size)
> +{
> + u64 start_pfn = start >> PAGE_SHIFT;
> + u64 nr_pages = size >> PAGE_SHIFT;
> +
> + /* Memory range must be aligned with section */
> + if ((start_pfn & ~PAGE_SECTION_MASK) ||
> + (nr_pages % PAGES_PER_SECTION) || (!nr_pages)) {
> + pr_err("Section-unaligned hotplug range: start 0x%llx, size 0x%llx\n",
> + start, size);
Printing a u64 is problematic. Here you assume that u64 is implemented
as unsigned long long. But it can be implemented as unsigned long, by
architectures which use include/asm-generic/int-l64.h. Such an
architecture will generate a compile warning here, but I can't
immediately find a Kconfig combination which will make that happen.
> + return -EINVAL;
> + }
> +
> + return 0;
> +}
On Wed, 2013-08-14 at 15:09 -0700, Andrew Morton wrote:
> On Sat, 10 Aug 2013 13:17:32 -0600 Toshi Kani <[email protected]> wrote:
>
> > add_memory() and remove_memory() can only handle a memory range aligned
> > with section. There are problems when an unaligned range is added and
> > then deleted as follows:
> >
> > - add_memory() with an unaligned range succeeds, but __add_pages()
> > called from add_memory() adds a whole section of pages even though
> > a given memory range is less than the section size.
> > - remove_memory() to the added unaligned range hits BUG_ON() in
> > __remove_pages().
> >
> > This patch changes add_memory() and remove_memory() to check if a given
> > memory range is aligned with section at the beginning. As the result,
> > add_memory() fails with -EINVAL when a given range is unaligned, and
> > does not add such memory range. This prevents remove_memory() to be
> > called with an unaligned range as well. Note that remove_memory() has
> > to use BUG_ON() since this function cannot fail.
> >
> > ...
> >
> > --- a/mm/memory_hotplug.c
> > +++ b/mm/memory_hotplug.c
> > @@ -1069,6 +1069,22 @@ out:
> > return ret;
> > }
> >
> > +static int check_hotplug_memory_range(u64 start, u64 size)
> > +{
> > + u64 start_pfn = start >> PAGE_SHIFT;
> > + u64 nr_pages = size >> PAGE_SHIFT;
> > +
> > + /* Memory range must be aligned with section */
> > + if ((start_pfn & ~PAGE_SECTION_MASK) ||
> > + (nr_pages % PAGES_PER_SECTION) || (!nr_pages)) {
> > + pr_err("Section-unaligned hotplug range: start 0x%llx, size 0x%llx\n",
> > + start, size);
>
> Printing a u64 is problematic. Here you assume that u64 is implemented
> as unsigned long long. But it can be implemented as unsigned long, by
> architectures which use include/asm-generic/int-l64.h. Such an
> architecture will generate a compile warning here, but I can't
> immediately find a Kconfig combination which will make that happen.
Oh, I see. Should I add the casting below and resend it to you?
(unsigned long long)start, (unsigned long long)size);
Thanks,
-Toshi
On Wed, 14 Aug 2013 17:34:02 -0600 Toshi Kani <[email protected]> wrote:
> > Printing a u64 is problematic. Here you assume that u64 is implemented
> > as unsigned long long. But it can be implemented as unsigned long, by
> > architectures which use include/asm-generic/int-l64.h. Such an
> > architecture will generate a compile warning here, but I can't
> > immediately find a Kconfig combination which will make that happen.
>
> Oh, I see. Should I add the casting below and resend it to you?
>
> (unsigned long long)start, (unsigned long long)size);
I was going to leave it as-is and see if anyone else can find a way of
triggering the warning. But other sites in mm/memory_hotplug.c have
the casts so I went ahead and fixed it.
On Wed, 2013-08-14 at 16:45 -0700, Andrew Morton wrote:
> On Wed, 14 Aug 2013 17:34:02 -0600 Toshi Kani <[email protected]> wrote:
>
> > > Printing a u64 is problematic. Here you assume that u64 is implemented
> > > as unsigned long long. But it can be implemented as unsigned long, by
> > > architectures which use include/asm-generic/int-l64.h. Such an
> > > architecture will generate a compile warning here, but I can't
> > > immediately find a Kconfig combination which will make that happen.
> >
> > Oh, I see. Should I add the casting below and resend it to you?
> >
> > (unsigned long long)start, (unsigned long long)size);
>
> I was going to leave it as-is and see if anyone else can find a way of
> triggering the warning. But other sites in mm/memory_hotplug.c have
> the casts so I went ahead and fixed it.
Thanks!
-Toshi