[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] cleanup for __start_xen()


Xiao Guangrong wrote:
> 
> Keir Fraser wrote:
>> On 30/11/2009 17:42, "Ian Jackson" <Ian.Jackson@xxxxxxxxxxxxx> wrote:
>>
>>> I wrote:
>>>> Xiao Guangrong writes ("[Xen-devel] [PATCH] cleanup for __start_xen()"):
>>>>> -        if ( !initial_images_start && (s < e) &&
>>>>> +        if ( !initial_images_start &&
>>>> This is wrong.  s and e are uint64_t so if !(s < e), (e-s) will be
>>>> large and positive.
>>> I see this has already been applied (20523).  It should be reverted, I
>>> think.
>> None of the if() blocks in the loop will make e<s, as that would imply that
>> the block had allocated itself a chunk of memory that starts below s. So it
>> is actually safe to remove the checks, as we know e>=s. But now I look at it
>> I think I broke the module-relocation block some time ago -- it ends up with
>> 'e' being too large by modules_headroom. :-( Will look into that more
>> tomorrow...
>>
> 
> I thinks remove this judgment is very safe, because we have judge it at the 
> begin of this loop:
> 
> for ( i = boot_e820.nr_map-1; i >= 0; i-- )
>     {
>         uint64_t s, e, mask = (1UL << L2_PAGETABLE_SHIFT) - 1;
>       
>       <snip>
> 
>       if ( (boot_e820.map[i].type != E820_RAM) || (s >= e) )  /* NOTICE HERE*/
>             continue;
>       
>       /* it must s < e while run below code, not need check it again ... */
>       ......
> }
> 

And after below if():
 if ( !initial_images_start && (s < e) &&
             ((e-s) >= (modules_length+modules_headroom)) )
        {
            initial_images_end = e;
            e = (e - modules_length) & PAGE_MASK;
            initial_images_start = e;
            e -= modules_headroom;
            initial_images_base = e;
            e += modules_length + modules_headroom;
            for ( j = mbi->mods_count-1; j >= 0; j-- )
            {
                e -= mod[j].mod_end - mod[j].mod_start;
                move_memory(e, mod[j].mod_start, mod[j].mod_end);
                mod[j].mod_end += e - mod[j].mod_start;
                mod[j].mod_start = e;
            }
        }
}

e is moved in [e-(modules_length+modules_headroom), e] range,
so, s is not overrun e too...

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.