diff options
author | Hugh Dickins <hugh@veritas.com> | 2009-01-06 17:40:09 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2009-01-06 18:59:07 -0500 |
commit | 22b31eec63e5f2e219a3ee15f456897272bc73e8 (patch) | |
tree | 906e4975a0e2cdef15ef071b4890e3b28e36cf39 | |
parent | 3dc147414ccad81dc33edb80774b1fed12a38c08 (diff) |
badpage: vm_normal_page use print_bad_pte
print_bad_pte() is so far being called only when zap_pte_range() finds
negative page_mapcount, or there's a fault on a pte_file where it does not
belong. That's weak coverage when we suspect pagetable corruption.
Originally, it was called when vm_normal_page() found an invalid pfn: but
pfn_valid is expensive on some architectures and configurations, so 2.6.24
put that under CONFIG_DEBUG_VM (which doesn't help in the field), then
2.6.26 replaced it by a VM_BUG_ON (likewise).
Reinstate the print_bad_pte() in vm_normal_page(), but use a cheaper test
than pfn_valid(): memmap_init_zone() (used in bootup and hotplug) keep a
__read_mostly note of the highest_memmap_pfn, vm_normal_page() then check
pfn against that. We could call this pfn_plausible() or pfn_sane(), but I
doubt we'll need it elsewhere: of course it's not reliable, but gives much
stronger pagetable validation on many boxes.
Also use print_bad_pte() when the pte_special bit is found outside a
VM_PFNMAP or VM_MIXEDMAP area, instead of VM_BUG_ON.
Signed-off-by: Hugh Dickins <hugh@veritas.com>
Cc: Nick Piggin <nickpiggin@yahoo.com.au>
Cc: Christoph Lameter <cl@linux-foundation.org>
Cc: Mel Gorman <mel@csn.ul.ie>
Cc: Rik van Riel <riel@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r-- | mm/internal.h | 1 | ||||
-rw-r--r-- | mm/memory.c | 20 | ||||
-rw-r--r-- | mm/page_alloc.c | 4 |
3 files changed, 15 insertions, 10 deletions
diff --git a/mm/internal.h b/mm/internal.h index 13333bc2eb68..1981bc9454f3 100644 --- a/mm/internal.h +++ b/mm/internal.h | |||
@@ -49,6 +49,7 @@ extern void putback_lru_page(struct page *page); | |||
49 | /* | 49 | /* |
50 | * in mm/page_alloc.c | 50 | * in mm/page_alloc.c |
51 | */ | 51 | */ |
52 | extern unsigned long highest_memmap_pfn; | ||
52 | extern void __free_pages_bootmem(struct page *page, unsigned int order); | 53 | extern void __free_pages_bootmem(struct page *page, unsigned int order); |
53 | 54 | ||
54 | /* | 55 | /* |
diff --git a/mm/memory.c b/mm/memory.c index cda04b19f733..890095f5f36d 100644 --- a/mm/memory.c +++ b/mm/memory.c | |||
@@ -467,21 +467,18 @@ static inline int is_cow_mapping(unsigned int flags) | |||
467 | struct page *vm_normal_page(struct vm_area_struct *vma, unsigned long addr, | 467 | struct page *vm_normal_page(struct vm_area_struct *vma, unsigned long addr, |
468 | pte_t pte) | 468 | pte_t pte) |
469 | { | 469 | { |
470 | unsigned long pfn; | 470 | unsigned long pfn = pte_pfn(pte); |
471 | 471 | ||
472 | if (HAVE_PTE_SPECIAL) { | 472 | if (HAVE_PTE_SPECIAL) { |
473 | if (likely(!pte_special(pte))) { | 473 | if (likely(!pte_special(pte))) |
474 | VM_BUG_ON(!pfn_valid(pte_pfn(pte))); | 474 | goto check_pfn; |
475 | return pte_page(pte); | 475 | if (!(vma->vm_flags & (VM_PFNMAP | VM_MIXEDMAP))) |
476 | } | 476 | print_bad_pte(vma, addr, pte, NULL); |
477 | VM_BUG_ON(!(vma->vm_flags & (VM_PFNMAP | VM_MIXEDMAP))); | ||
478 | return NULL; | 477 | return NULL; |
479 | } | 478 | } |
480 | 479 | ||
481 | /* !HAVE_PTE_SPECIAL case follows: */ | 480 | /* !HAVE_PTE_SPECIAL case follows: */ |
482 | 481 | ||
483 | pfn = pte_pfn(pte); | ||
484 | |||
485 | if (unlikely(vma->vm_flags & (VM_PFNMAP|VM_MIXEDMAP))) { | 482 | if (unlikely(vma->vm_flags & (VM_PFNMAP|VM_MIXEDMAP))) { |
486 | if (vma->vm_flags & VM_MIXEDMAP) { | 483 | if (vma->vm_flags & VM_MIXEDMAP) { |
487 | if (!pfn_valid(pfn)) | 484 | if (!pfn_valid(pfn)) |
@@ -497,11 +494,14 @@ struct page *vm_normal_page(struct vm_area_struct *vma, unsigned long addr, | |||
497 | } | 494 | } |
498 | } | 495 | } |
499 | 496 | ||
500 | VM_BUG_ON(!pfn_valid(pfn)); | 497 | check_pfn: |
498 | if (unlikely(pfn > highest_memmap_pfn)) { | ||
499 | print_bad_pte(vma, addr, pte, NULL); | ||
500 | return NULL; | ||
501 | } | ||
501 | 502 | ||
502 | /* | 503 | /* |
503 | * NOTE! We still have PageReserved() pages in the page tables. | 504 | * NOTE! We still have PageReserved() pages in the page tables. |
504 | * | ||
505 | * eg. VDSO mappings can cause them to exist. | 505 | * eg. VDSO mappings can cause them to exist. |
506 | */ | 506 | */ |
507 | out: | 507 | out: |
diff --git a/mm/page_alloc.c b/mm/page_alloc.c index 3acb216e9a78..755c99a0ac71 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c | |||
@@ -69,6 +69,7 @@ EXPORT_SYMBOL(node_states); | |||
69 | 69 | ||
70 | unsigned long totalram_pages __read_mostly; | 70 | unsigned long totalram_pages __read_mostly; |
71 | unsigned long totalreserve_pages __read_mostly; | 71 | unsigned long totalreserve_pages __read_mostly; |
72 | unsigned long highest_memmap_pfn __read_mostly; | ||
72 | int percpu_pagelist_fraction; | 73 | int percpu_pagelist_fraction; |
73 | 74 | ||
74 | #ifdef CONFIG_HUGETLB_PAGE_SIZE_VARIABLE | 75 | #ifdef CONFIG_HUGETLB_PAGE_SIZE_VARIABLE |
@@ -2597,6 +2598,9 @@ void __meminit memmap_init_zone(unsigned long size, int nid, unsigned long zone, | |||
2597 | unsigned long pfn; | 2598 | unsigned long pfn; |
2598 | struct zone *z; | 2599 | struct zone *z; |
2599 | 2600 | ||
2601 | if (highest_memmap_pfn < end_pfn - 1) | ||
2602 | highest_memmap_pfn = end_pfn - 1; | ||
2603 | |||
2600 | z = &NODE_DATA(nid)->node_zones[zone]; | 2604 | z = &NODE_DATA(nid)->node_zones[zone]; |
2601 | for (pfn = start_pfn; pfn < end_pfn; pfn++) { | 2605 | for (pfn = start_pfn; pfn < end_pfn; pfn++) { |
2602 | /* | 2606 | /* |