Commit Graph

232292 Commits

Author SHA1 Message Date
Marek Lindner
7aadf889e8 batman-adv: remove extra layer between hash and hash element - hash bucket
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:52:00 +01:00
Marek Lindner
39901e7162 batman-adv: separate ethernet comparing calls from hash functions
Note: The function compare_ether_addr() provided by the Linux kernel
requires aligned memory.

Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:50:14 +01:00
Linus Lüssing
9e0b33c221 batman-adv: Fix possible buffer overflow in softif neigh list output
When printing the soft interface table the number of entries in the
softif neigh list are first being counted and a fitting buffer
allocated. After that the softif neigh list gets locked again and
the buffer printed - which has the following two issues:

For one thing, the softif neigh list might have grown when reacquiring
the rcu lock, which results in writing outside of the allocated buffer.
Furthermore 31 Bytes are not enough for printing an entry with a vid
of more than 2 digits.

The manual buffering is unnecessary, we can safely print to the seq
directly during the rcu_read_lock().

Signed-off-by: Linus Lüssing <linus.luessing@ascom.ch>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:50:13 +01:00
Linus Lüssing
43c70ad5ce batman-adv: Increase orig_node refcount before releasing rcu read lock
When unicast_send_skb() is increasing the orig_node's refcount another
thread might have been freeing this orig_node already. We need to
increase the refcount in the rcu read lock protected area to avoid that.

Signed-off-by: Linus Lüssing <linus.luessing@ascom.ch>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:50:12 +01:00
Linus Lüssing
5d02b3cdfa batman-adv: Make bat_priv->curr_gw an rcu protected pointer
The rcu protected macros rcu_dereference() and rcu_assign_pointer()
for the bat_priv->curr_gw need to be used, as well as spin/rcu locking.

Otherwise we might end up using a curr_gw pointer pointing to already
freed memory.

Reported-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Linus Lüssing <linus.luessing@ascom.ch>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:50:10 +01:00
Marek Lindner
f3e0008f01 batman-adv: make broadcast seqno operations atomic
Batman-adv could receive several payload broadcasts at the same time
that would trigger access to the broadcast seqno sliding window to
determine whether this is a new broadcast or not. If these incoming
broadcasts are accessing the sliding window simultaneously it could
be left in an inconsistent state. Therefore it is necessary to make
sure this access is atomic.

Reported-by: Linus Lüssing <linus.luessing@web.de>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:50:09 +01:00
Marek Lindner
0ede9f41b2 batman-adv: protect bit operations to count OGMs with spinlock
Reported-by: Linus Lüssing <linus.luessing@saxnet.de>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:50:08 +01:00
Marek Lindner
ed75ccbe26 batman-adv: Correct rcu refcounting for batman_if
It might be possible that 2 threads access the same data in the same
rcu grace period. The first thread calls call_rcu() to decrement the
refcount and free the data while the second thread increases the
refcount to use the data. To avoid this race condition all refcount
operations have to be atomic.

Reported-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:50:07 +01:00
Marek Lindner
7d2b554826 batman-adv: Correct rcu refcounting for softif_neigh
It might be possible that 2 threads access the same data in the same
rcu grace period. The first thread calls call_rcu() to decrement the
refcount and free the data while the second thread increases the
refcount to use the data. To avoid this race condition all refcount
operations have to be atomic.

Reported-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:50:05 +01:00
Marek Lindner
25b6d3c17e batman-adv: Correct rcu refcounting for gw_node
It might be possible that 2 threads access the same data in the same
rcu grace period. The first thread calls call_rcu() to decrement the
refcount and free the data while the second thread increases the
refcount to use the data. To avoid this race condition all refcount
operations have to be atomic.

Reported-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:50:04 +01:00
Marek Lindner
44524fcdf6 batman-adv: Correct rcu refcounting for neigh_node
It might be possible that 2 threads access the same data in the same
rcu grace period. The first thread calls call_rcu() to decrement the
refcount and free the data while the second thread increases the
refcount to use the data. To avoid this race condition all refcount
operations have to be atomic.

Reported-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:50:03 +01:00
Simon Wunderlich
a4c135c561 batman-adv: protect bonding with rcu locks
bonding / alternating candidates need to be secured by rcu locks
as well. This patch therefore converts the bonding list
from a plain pointer list to a rcu securable lists and references
the bonding candidates.

Signed-off-by: Simon Wunderlich <siwu@hrz.tu-chemnitz.de>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:50:01 +01:00
Marek Lindner
2ae2daf6c3 batman-adv: protect ogm counter arrays with spinlock
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:50:00 +01:00
Marek Lindner
16b1aba849 batman-adv: protect originator nodes with reference counters
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:49:59 +01:00
Marek Lindner
fb778ea173 batman-adv: protect each hash row with rcu locks
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:49:58 +01:00
Marek Lindner
a775eb847a batman-adv: protect neigh_nodes used outside of rcu_locks with refcounting
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:49:57 +01:00
Marek Lindner
1a241a57be batman-adv: free neighbors when an interface is deactivated
hardif_disable_interface() calls purge_orig_ref() to immediately free
all neighbors associated with the interface that is going down.
purge_orig_neighbors() checked if the interface status is IF_INACTIVE
which is set to IF_NOT_IN_USE shortly before calling purge_orig_ref().

Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:49:55 +01:00
Marek Lindner
f987ed6ebd batman-adv: protect neighbor list with rcu locks
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:49:54 +01:00
Marek Lindner
9591a79f28 batman-adv: convert neighbor list to hlist
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:49:53 +01:00
Marek Lindner
a8e7f4bc38 batman-adv: protect neighbor nodes with reference counters
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
2011-03-05 12:49:52 +01:00
Jesper Juhl
8d68921856 batman-adv: Remove two duplicate includes.
Remove duplicate inclusion of "send.h" and "routing.h" from
net/batman-adv/soft-interface.c

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-02-14 23:49:38 +01:00
Linus Lüssing
3878f1f075 batman-adv: Disallow originator addressing within mesh layer
For a host in the mesh network, the batman layer should be transparent.
However, we had one exception, data packets within the mesh network
which have the same destination as a originator are being routed to
that node, although there is no host that node's bat0 interface and
therefore gets dropped anyway. This commit removes this exception.

Signed-off-by: Linus Lüssing <linus.luessing@ascom.ch>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-02-11 23:30:33 +01:00
Linus Lüssing
ee1e884194 batman-adv: Remove duplicate types.h inclusions
types.h is included by main.h, which is included at the beginning of any
other c-file anyway. Therefore this commit removes those duplicate
inclussions.

Signed-off-by: Linus Lüssing <linus.luessing@ascom.ch>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-02-11 23:30:29 +01:00
Marek Lindner
1406206416 batman-adv: Split combined variable declarations
Multiple variable declarations in a single statements over multiple lines can
be split into multiple variable declarations without changing the actual
behavior.

Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-02-11 23:29:00 +01:00
Sven Eckelmann
c2f7f0e7b3 batman-adv: Use successive sequence numbers for fragments
The two fragments of an unicast packet must have successive sequence numbers to
allow the receiver side to detect matching fragments and merge them again. The
current implementation doesn't provide that property because a sequence of two
atomic_inc_return may be interleaved with another sequence which also changes
the variable.

The access to the fragment sequence number pool has either to be protected by
correct locking or it has to reserve two sequence numbers in a single fetch.
The latter one can easily be done by increasing the value of the last used
sequence number by 2 in a single step. The generated window of two currently
unused sequence numbers can now be scattered across the two fragments.

Reported-by: Linus Lüssing <linus.luessing@web.de>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-02-11 00:25:10 +01:00
Sven Eckelmann
091b948306 batman-adv: Merge README of v2011.0.0 release
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-01-31 14:57:13 +01:00
Sven Eckelmann
64afe35398 batman-adv: Update copyright years
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-01-31 14:57:12 +01:00
Sven Eckelmann
1299bdaa1c batman-adv: Remove unused variables
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-01-31 14:57:12 +01:00
Sven Eckelmann
fb86d7648f batman-adv: Remove declaration of batman_skb_recv
batman_skb_recv can be defined in hard-interface.c as static because it is
never used outside of that file.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-01-31 14:57:11 +01:00
Sven Eckelmann
335f94c981 batman-adv: Remove unused definitions
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-01-31 14:57:10 +01:00
Sven Eckelmann
633979b43f batman-adv: Remove dangling declaration of hash_remove_element
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-01-31 14:57:10 +01:00
Simon Wunderlich
74ef115359 batman-adv: remove unused parameters
Some function parameters are obsolete now and can be removed.

Reported-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Simon Wunderlich <siwu@hrz.tu-chemnitz.de>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-01-31 14:57:09 +01:00
Sven Eckelmann
ae361ce19f batman-adv: Calculate correct size for merged packets
The routing algorithm must be able to decide if a fragment can be merged with
the missing part and still be passed to a forwarding interface. The fragments
can only differ by one byte in case that the original payload had an uneven
length. In that situation the sender has to inform all possible receivers that
the tail is one byte longer using the flag UNI_FRAG_LARGETAIL.

The combination of UNI_FRAG_LARGETAIL and UNI_FRAG_HEAD flag makes it possible
to calculate the correct length for even and uneven sized payloads.

The original formula missed to add the unicast header at all and forgot to
remove the fragment header of the second fragment. This made the results highly
unreliable and only useful for machines with large differences between the
configured MTUs.

Reported-by: Russell Senior <russell@personaltelco.net>
Reported-by: Marek Lindner <lindner_marek@yahoo.de>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-01-31 14:57:08 +01:00
Sven Eckelmann
5c77d8bb8a batman-adv: Create roughly equal sized fragments
The routing algorithm must know how large two fragments are to be able to
decide that it is safe to merge them or if it should resubmit without waiting
for the second part. When these two fragments have a too different size, it is
not possible to guess right in every situation.

The user could easily configure the MTU of the attached cards so that one
fragment is forwarded and the other one is added to the fragments table to wait
for the missing part.

For even sized packets, it is possible to split it so that the resulting
packages are equal sized by ignoring the old non-fragment header at the
beginning of the original packet.

This still creates different sized fragments for uneven sized packets.

Reported-by: Russell Senior <russell@personaltelco.net>
Reported-by: Marek Lindner <lindner_marek@yahoo.de>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2011-01-31 14:57:08 +01:00
Linus Torvalds
1bae4ce27c Linux 2.6.38-rc2 2011-01-21 19:01:34 -08:00
Linus Torvalds
13a3cec844 Merge branch 'media_fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6
* 'media_fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6: (101 commits)
  [media] staging/lirc: fix mem leaks and ptr err usage
  [media] hdpvr: reduce latency of i2c read/write w/recycled buffer
  [media] hdpvr: enable IR part
  [media] rc/mceusb: timeout should be in ns, not us
  [media] v4l2-device: fix 'use-after-freed' oops
  [media] v4l2-dev: don't memset video_device.dev
  [media] zoran: use video_device_alloc instead of kmalloc
  [media] w9966: zero device state after a detach
  [media] v4l: Fix a use-before-set in the control framework
  [media] v4l: Include linux/videodev2.h in media/v4l2-ctrls.h
  [media] DocBook/v4l: update V4L2 revision and update copyright years
  [media] DocBook/v4l: fix validation error in dev-rds.xml
  [media] v4l2-ctrls: queryctrl shouldn't attempt to replace V4L2_CID_PRIVATE_BASE IDs
  [media] v4l2-ctrls: fix missing 'read-only' check
  [media] pvrusb2: Provide more information about IR units to lirc_zilog and ir-kbd-i2c
  [media] ir-kbd-i2c: Add back defaults setting for Zilog Z8's at addr 0x71
  [media] lirc_zilog: Update TODO.lirc_zilog
  [media] lirc_zilog: Add Andy Walls to copyright notice and authors list
  [media] lirc_zilog: Remove useless struct i2c_driver.command function
  [media] lirc_zilog: Remove unneeded tests for existence of the IR Tx function
  ...
2011-01-21 16:50:31 -08:00
David Howells
973c9f4f49 KEYS: Fix up comments in key management code
Fix up comments in the key management code.  No functional changes.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-01-21 14:59:30 -08:00
David Howells
a8b17ed019 KEYS: Do some style cleanup in the key management code.
Do a bit of a style clean up in the key management code.  No functional
changes.

Done using:

  perl -p -i -e 's!^/[*]*/\n!!' security/keys/*.c
  perl -p -i -e 's!} /[*] end [a-z0-9_]*[(][)] [*]/\n!}\n!' security/keys/*.c
  sed -i -s -e ": next" -e N -e 's/^\n[}]$/}/' -e t -e P -e 's/^.*\n//' -e "b next" security/keys/*.c

To remove /*****/ lines, remove comments on the closing brace of a
function to name the function and remove blank lines before the closing
brace of a function.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-01-21 14:59:29 -08:00
Linus Torvalds
9093ba53b7 Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6:
  cifs: fix up CIFSSMBEcho for unaligned access
  cifs: fix unaligned accesses in cifsConvertToUCS
  cifs: clean up unaligned accesses in cifs_unicode.c
  cifs: fix unaligned access in check2ndT2 and coalesce_t2
  cifs: clean up unaligned accesses in validate_t2
  cifs: use get/put_unaligned functions to access ByteCount
  cifs: move time field in cifsInodeInfo
  cifs: TCP_Server_Info diet
  CIFS: Implement cifs_strict_readv (try #4)
  CIFS: Implement cifs_file_strict_mmap (try #2)
  CIFS: Implement cifs_strict_fsync
  CIFS: Make cifsFileInfo_put work with strict cache mode
2011-01-21 13:44:07 -08:00
Linus Torvalds
ebe0d80507 Merge branch 'fixes-2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu
* 'fixes-2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu:
  x86,percpu: Move out of place 64 bit ops into X86_64 section
2011-01-21 13:43:21 -08:00
Linus Torvalds
5bf7a6503f Merge branch 'fixes-2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq
* 'fixes-2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq:
  workqueue: note the nested NOT_RUNNING test in worker_clr_flags() isn't a noop
  workqueue: relax lockdep annotation on flush_work()
2011-01-21 13:38:57 -08:00
Linus Torvalds
0f5c2ac58f Merge branch 'irq-cleanup-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
* 'irq-cleanup-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: (37 commits)
  um: Use generic irq Kconfig
  tile: Use generic irq Kconfig
  sparc: Use generic irq Kconfig
  score: Use generic irq Kconfig
  powerpc: Use generic irq Kconfig
  parisc: Use generic irq Kconfig
  mn10300: Use generic irq Kconfig
  microblaze: Use generic irq Kconfig
  m68knommu: Use generic irq Kconfig
  ia64: Use generic irq Kconfig
  frv: Use generic irq Kconfig
  blackfin: Use generic irq Kconfig
  alpha: Use generic irq Kconfig
  genirq: Remove __do_IRQ
  m32r: Convert to generic irq Kconfig
  m32r: Convert usrv platform irq handling
  m32r: Convert opsput_lcdpld irq chip
  m32r: Convert opsput lanpld irq chip
  m32r: Convert opsput pld irq chip
  m32r: Convert opsput irq chip
  ...
2011-01-21 13:38:26 -08:00
Linus Torvalds
cfd74486ea Merge branch 'stable/bug-fixes-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen
* 'stable/bug-fixes-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
  xen: p2m: correctly initialize partial p2m leaf
  xen: fix non-ANSI function warning in irq.c
2011-01-21 13:35:10 -08:00
Linus Torvalds
a1d3f5b70d Merge branches 'fixes' and 'fwnet' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6
* 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6:
  firewire: core: fix unstable I/O with Canon camcorder

* 'fwnet' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6:
  firewire: net: is not experimental anymore
  firewire: net: invalidate ARP entries of removed nodes
2011-01-21 13:34:39 -08:00
Linus Torvalds
7971b96d92 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6:
  ALSA: hda - Fix EAPD to low on CZC P10T tablet computer with ALC662
  ALSA: HDA: Add SKU ignore for another Thinkpad Edge 14
  ALSA: hda - Fix "unused variable" compile warning
  ALSA: hda - Add quirk for HP Z-series workstation
  Revert "ALSA: HDA: Create mixers on ALC887"
  ASoC: PXA: Fix codec address on Zipit Z2
  ASoC: PXA: Fix jack detection on Zipit Z2
  ASoC: Blackfin: fix DAI/SPORT config dependency issues
  ASoC: Blackfin TDM: use external frame syncs
  ASoC: Blackfin AC97: fix build error after multi-component update
  ASoC: Blackfin TDM: fix missed snd_soc_dai_get_drvdata update
  ASoC: documentation updates
  ALSA: ice1712 delta - initialize SPI clock
2011-01-21 13:24:33 -08:00
Linus Torvalds
c745552a82 Merge branch 'devicetree/merge' of git://git.secretlab.ca/git/linux-2.6
* 'devicetree/merge' of git://git.secretlab.ca/git/linux-2.6:
  powerpc/83xx: fix build failures on dt compatible list.
2011-01-21 13:24:16 -08:00
Linus Torvalds
d41ad6df44 Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc: (34 commits)
  powerpc/mpic: Fix mask/unmask timeout message
  powerpc/pseries: Add BNX2=m to defconfig
  powerpc: Enable 64kB pages and 1024 threads in pseries config
  powerpc: Disable mcount tracers in pseries defconfig
  powerpc/boot/dts: Install dts from the right directory
  powerpc: machine_check_generic is wrong on 64bit
  powerpc: Check RTAS extended log flag before checking length
  powerpc: Fix corruption when grabbing FWNMI data
  powerpc: Rework pseries machine check handler
  powerpc: Don't silently handle machine checks from userspace
  powerpc: Remove duplicate debugger hook in machine_check_exception
  powerpc: Never halt RTAS error logging after receiving an unrecoverable machine check
  powerpc: Don't force MSR_RI in machine_check_exception
  powerpc: Print 32 bits of DSISR in show_regs
  powerpc/kdump: Disable ftrace during kexec
  powerpc/kdump: Move crash_kexec_stop_spus to kdump crash handler
  powerpc/kexec: Remove empty ppc_md.machine_kexec_prepare
  powerpc/kexec: Don't initialise kexec hooks to default handlers
  powerpc/kdump: Remove ppc_md.machine_crash_shutdown
  powerpc/kexec: Remove ppc_md.machine_kexec
  ...
2011-01-21 13:23:52 -08:00
Michal Simek
3dece370ec mm: System without MMU do not need pte_mkwrite
The patch "thp: export maybe_mkwrite" (commit 14fd403f21) breaks
systems without MMU.

Error log:

    CC      arch/microblaze/mm/init.o
  In file included from include/linux/mman.h:14,
                   from arch/microblaze/mm/consistent.c:24:
  include/linux/mm.h: In function 'maybe_mkwrite':
  include/linux/mm.h:482: error: implicit declaration of function 'pte_mkwrite'
  include/linux/mm.h:482: error: incompatible types in assignment

Signed-off-by: Michal Simek <monstr@monstr.eu>
CC: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Rik van Riel <riel@redhat.com>
CC: Andrew Morton <akpm@linux-foundation.org>
CC: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-01-21 08:40:30 -08:00
Roland Dreier
db9fd8486b MAINTAINERS: Update Roland Dreier's email address
The cisco.com address will stop working soon, and besides no one can
remember the second "d" in "rolandd" or how to spell "rdreier."

Signed-off-by: Roland Dreier <rolandd@cisco.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-01-21 08:40:30 -08:00
Stefan Bader
8e1b4cf210 xen: p2m: correctly initialize partial p2m leaf
After changing the p2m mapping to a tree by

  commit 58e05027b5
    xen: convert p2m to a 3 level tree

and trying to boot a DomU with 615MB of memory, the following crash was
observed in the dump:

kernel direct mapping tables up to 26f00000 @ 1ec4000-1fff000
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<c0107397>] xen_set_pte+0x27/0x60
*pdpt = 0000000000000000 *pde = 0000000000000000

Adding further debug statements showed that when trying to set up
pfn=0x26700 the returned mapping was invalid.

pfn=0x266ff calling set_pte(0xc1fe77f8, 0x6b3003)
pfn=0x26700 calling set_pte(0xc1fe7800, 0x3)

Although the last_pfn obtained from the startup info is 0x26700, which
should in turn not be hit, the additional 8MB which are added as extra
memory normally seem to be ok. This lead to looking into the initial
p2m tree construction, which uses the smaller value and assuming that
there is other code handling the extra memory.

When the p2m tree is set up, the leaves are directly pointed to the
array which the domain builder set up. But if the mapping is not on a
boundary that fits into one p2m page, this will result in the last leaf
being only partially valid. And as the invalid entries are not
initialized in that case, things go badly wrong.

I am trying to fix that by checking whether the current leaf is a
complete map and if not, allocate a completely new page and copy only
the valid pointers there. This may not be the most efficient or elegant
solution, but at least it seems to allow me booting DomUs with memory
assignments all over the range.

BugLink: http://bugs.launchpad.net/bugs/686692
[v2: Redid a bit of commit wording and fixed a compile warning]

Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2011-01-21 11:24:14 -05:00