direct-io.hg

changeset 6400:b88c5350de57

This patch fixes Bugzilla #169. (It should fix #187 too -- Keir).

The root cause of bug 169 is, machine_to_phys_mapping, starting from
0xffff800000000000, is mapped using 2M pages. When the system has RAM
no more than 2G, only one 2M page is allocated and only one PDE entry is
created correspondingly, so calling mfn_to_pfn with mfn > 0x80000 will
overflow this 2M page and cause a unable handled kernel paging request.
The mfn > 0x80000 comes from PCI device I/O memory, here from AGP
display card when booting X server. Jun suggested to use something like
get_user() when accessing machine_to_phys_mapping.

Signed-off-by: Xin Li <xin.b.li@intel.com>
author kaf24@firebug.cl.cam.ac.uk
date Thu Aug 25 16:21:19 2005 +0000 (2005-08-25)
parents 85ccfd035658
children 98a6eb458c78 b54144915ae6
files linux-2.6-xen-sparse/include/asm-xen/asm-i386/page.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/page.h
line diff
     1.1 --- a/linux-2.6-xen-sparse/include/asm-xen/asm-i386/page.h	Thu Aug 25 15:53:03 2005 +0000
     1.2 +++ b/linux-2.6-xen-sparse/include/asm-xen/asm-i386/page.h	Thu Aug 25 16:21:19 2005 +0000
     1.3 @@ -65,8 +65,26 @@
     1.4  extern unsigned int *phys_to_machine_mapping;
     1.5  #define pfn_to_mfn(pfn)	\
     1.6  ((unsigned long)phys_to_machine_mapping[(unsigned int)(pfn)] & 0x7FFFFFFFUL)
     1.7 -#define mfn_to_pfn(mfn)	\
     1.8 -((unsigned long)machine_to_phys_mapping[(unsigned int)(mfn)])
     1.9 +static inline unsigned long mfn_to_pfn(unsigned long mfn)
    1.10 +{
    1.11 +	unsigned int pfn;
    1.12 +
    1.13 +	/*
    1.14 +	 * The array access can fail (e.g., device space beyond end of RAM).
    1.15 +	 * In such cases it doesn't matter what we return (we return garbage),
    1.16 +	 * but we must handle the fault without crashing!
    1.17 +	 */
    1.18 +	asm (
    1.19 +		"1:	movl %1,%0\n"
    1.20 +		"2:\n"
    1.21 +		".section __ex_table,\"a\"\n"
    1.22 +		"	.align 4\n"
    1.23 +		"	.long 1b,2b\n"
    1.24 +		".previous"
    1.25 +		: "=r" (pfn) : "m" (machine_to_phys_mapping[mfn]) );
    1.26 +
    1.27 +	return (unsigned long)pfn;
    1.28 +}
    1.29  
    1.30  /* Definitions for machine and pseudophysical addresses. */
    1.31  #ifdef CONFIG_X86_PAE
     2.1 --- a/linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/page.h	Thu Aug 25 15:53:03 2005 +0000
     2.2 +++ b/linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/page.h	Thu Aug 25 16:21:19 2005 +0000
     2.3 @@ -67,8 +67,26 @@ void copy_page(void *, void *);
     2.4  extern u32 *phys_to_machine_mapping;
     2.5  #define pfn_to_mfn(pfn)	\
     2.6  ((unsigned long)phys_to_machine_mapping[(unsigned int)(pfn)] & 0x7FFFFFFFUL)
     2.7 -#define mfn_to_pfn(mfn)	\
     2.8 -((unsigned long)machine_to_phys_mapping[(unsigned int)(mfn)])
     2.9 +static inline unsigned long mfn_to_pfn(unsigned long mfn)
    2.10 +{
    2.11 +	unsigned int pfn;
    2.12 +
    2.13 +	/*
    2.14 +	 * The array access can fail (e.g., device space beyond end of RAM).
    2.15 +	 * In such cases it doesn't matter what we return (we return garbage),
    2.16 +	 * but we must handle the fault without crashing!
    2.17 +	 */
    2.18 +	asm (
    2.19 +		"1:	movl %1,%k0\n"
    2.20 +		"2:\n"
    2.21 +		".section __ex_table,\"a\"\n"
    2.22 +		"	.align 8\n"
    2.23 +		"	.quad 1b,2b\n"
    2.24 +		".previous"
    2.25 +		: "=r" (pfn) : "m" (machine_to_phys_mapping[mfn]) );
    2.26 +
    2.27 +	return (unsigned long)pfn;
    2.28 +}
    2.29  
    2.30  /* Definitions for machine and pseudophysical addresses. */
    2.31  typedef unsigned long paddr_t;