Commit 3e4d3af501cccdc8a8cca41bdbe57d54ad7e7e73 ("mm: stack based
kmap_atomic()", in 2.6.37-rc1) had three places where range checking
logic was reversed.
Signed-off-by: Chuck Ebbert <[email protected]>
--- a/arch/tile/mm/highmem.c
+++ b/arch/tile/mm/highmem.c
@@ -235,8 +235,8 @@ void __kunmap_atomic(void *kvaddr)
{
unsigned long vaddr = (unsigned long) kvaddr & PAGE_MASK;
- if (vaddr >= __fix_to_virt(FIX_KMAP_END) &&
- vaddr <= __fix_to_virt(FIX_KMAP_BEGIN)) {
+ if (vaddr >= __fix_to_virt(FIX_KMAP_BEGIN) &&
+ vaddr <= __fix_to_virt(FIX_KMAP_END)) {
pte_t *pte = kmap_get_pte(vaddr);
pte_t pteval = *pte;
int idx, type;
--- a/arch/x86/mm/highmem_32.c
+++ b/arch/x86/mm/highmem_32.c
@@ -70,8 +70,8 @@ void __kunmap_atomic(void *kvaddr)
{
unsigned long vaddr = (unsigned long) kvaddr & PAGE_MASK;
- if (vaddr >= __fix_to_virt(FIX_KMAP_END) &&
- vaddr <= __fix_to_virt(FIX_KMAP_BEGIN)) {
+ if (vaddr >= __fix_to_virt(FIX_KMAP_BEGIN) &&
+ vaddr <= __fix_to_virt(FIX_KMAP_END)) {
int idx, type;
type = kmap_atomic_idx();
--- a/arch/x86/mm/iomap_32.c
+++ b/arch/x86/mm/iomap_32.c
@@ -94,8 +94,8 @@ iounmap_atomic(void __iomem *kvaddr)
{
unsigned long vaddr = (unsigned long) kvaddr & PAGE_MASK;
- if (vaddr >= __fix_to_virt(FIX_KMAP_END) &&
- vaddr <= __fix_to_virt(FIX_KMAP_BEGIN)) {
+ if (vaddr >= __fix_to_virt(FIX_KMAP_BEGIN) &&
+ vaddr <= __fix_to_virt(FIX_KMAP_END)) {
int idx, type;
type = kmap_atomic_idx();
On Fri, 2011-06-24 at 02:53 -0400, Chuck Ebbert wrote:
> Commit 3e4d3af501cccdc8a8cca41bdbe57d54ad7e7e73 ("mm: stack based
> kmap_atomic()", in 2.6.37-rc1) had three places where range checking
> logic was reversed.
Where's the oopses to go along with this?
I think its actually correct, since on both x86 and tile we have:
#define __fix_to_virt(x) (FIXADDR_TOP - ((x) << PAGE_SHIFT))
Which flips the address space around, ie, END < BEGIN.
> Signed-off-by: Chuck Ebbert <[email protected]>
>
> --- a/arch/tile/mm/highmem.c
> +++ b/arch/tile/mm/highmem.c
> @@ -235,8 +235,8 @@ void __kunmap_atomic(void *kvaddr)
> {
> unsigned long vaddr = (unsigned long) kvaddr & PAGE_MASK;
>
> - if (vaddr >= __fix_to_virt(FIX_KMAP_END) &&
> - vaddr <= __fix_to_virt(FIX_KMAP_BEGIN)) {
> + if (vaddr >= __fix_to_virt(FIX_KMAP_BEGIN) &&
> + vaddr <= __fix_to_virt(FIX_KMAP_END)) {
> pte_t *pte = kmap_get_pte(vaddr);
> pte_t pteval = *pte;
> int idx, type;
> --- a/arch/x86/mm/highmem_32.c
> +++ b/arch/x86/mm/highmem_32.c
> @@ -70,8 +70,8 @@ void __kunmap_atomic(void *kvaddr)
> {
> unsigned long vaddr = (unsigned long) kvaddr & PAGE_MASK;
>
> - if (vaddr >= __fix_to_virt(FIX_KMAP_END) &&
> - vaddr <= __fix_to_virt(FIX_KMAP_BEGIN)) {
> + if (vaddr >= __fix_to_virt(FIX_KMAP_BEGIN) &&
> + vaddr <= __fix_to_virt(FIX_KMAP_END)) {
> int idx, type;
>
> type = kmap_atomic_idx();
> --- a/arch/x86/mm/iomap_32.c
> +++ b/arch/x86/mm/iomap_32.c
> @@ -94,8 +94,8 @@ iounmap_atomic(void __iomem *kvaddr)
> {
> unsigned long vaddr = (unsigned long) kvaddr & PAGE_MASK;
>
> - if (vaddr >= __fix_to_virt(FIX_KMAP_END) &&
> - vaddr <= __fix_to_virt(FIX_KMAP_BEGIN)) {
> + if (vaddr >= __fix_to_virt(FIX_KMAP_BEGIN) &&
> + vaddr <= __fix_to_virt(FIX_KMAP_END)) {
> int idx, type;
>
> type = kmap_atomic_idx();