[PATCH] mm: data overlapping in page struct

LKML Archive mirror
 help / color / mirror / Atom feed

* [PATCH] mm: data overlapping in page struct
@ 2006-03-07 19:04 Hui Yu
  2006-03-07 19:39 ` Hugh Dickins
  0 siblings, 1 reply; 3+ messages in thread
From: Hui Yu @ 2006-03-07 19:04 UTC (permalink / raw
  To: linux-kernel; +Cc: Andi Kleen, Andrea Arcangeli

This patch is to fix a data overlapping issue in struct page. The
problem was introduced a few months ago by "split page table lock"
change in which mapping is moved into the same union with ptl. Since
private has fixed length (size of unsigned long), depending on config
options, ptl may have larger size than private. In this case, ptl will
overlap to mapping and may overwrite the original data in mapping. 
The simplest way of fixing this is to move mapping out of the union, as
in this patch. There may be better approaches; I'll leave it to the
experts more familiar with this part of code.  

We have discussed this with some of the Novell kernel engineers in the
CC list.

Signed-off-by: Hui Yu <hyu@ati.com>

diff --git a/include/linux/mm.h b/include/linux/mm.h
index 498ff87..edb9a22 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@@ -234,18 +234,18 @@ struct page {
 						 * indicates order in
the buddy
 						 * system.
 						 */
-		struct address_space *mapping;	/* If low bit clear,
points to
-						 * inode address_space,
or NULL.
-						 * If page mapped as
anonymous
-						 * memory, low bit is
set, and
-						 * it points to anon_vma
object:
-						 * see PAGE_MAPPING_ANON
below.
-						 */
 	    };
 #if NR_CPUS >= CONFIG_SPLIT_PTLOCK_CPUS
 	    spinlock_t ptl;
 #endif
 	};
+	struct address_space *mapping;	/* If low bit clear, points to
+					 * inode address_space, or NULL.
+					 * If page mapped as anonymous
+					 * memory, low bit is set, and
+					 * it points to anon_vma object:
+					 * see PAGE_MAPPING_ANON below.
+					 */
 	pgoff_t index;			/* Our offset within mapping. */
 	struct list_head lru;		/* Pageout list, eg. active_list
 					 * protected by zone->lru_lock !

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] mm: data overlapping in page struct
  2006-03-07 19:04 [PATCH] mm: data overlapping in page struct Hui Yu
@ 2006-03-07 19:39 ` Hugh Dickins
  2006-03-07 20:06   ` Andi Kleen
  0 siblings, 1 reply; 3+ messages in thread
From: Hugh Dickins @ 2006-03-07 19:39 UTC (permalink / raw
  To: Hui Yu; +Cc: linux-kernel, Andi Kleen, Andrea Arcangeli

On Tue, 7 Mar 2006, Hui Yu wrote:

> This patch is to fix a data overlapping issue in struct page. The
> problem was introduced a few months ago by "split page table lock"
> change in which mapping is moved into the same union with ptl. Since
> private has fixed length (size of unsigned long), depending on config
> options, ptl may have larger size than private. In this case, ptl will
> overlap to mapping and may overwrite the original data in mapping. 
> The simplest way of fixing this is to move mapping out of the union, as
> in this patch. There may be better approaches; I'll leave it to the
> experts more familiar with this part of code.  

Nak.  We use ->mapping for page cache pages, or pages mapped into
user address space.  We use ->ptl for page table pages of user
address space.  Where is it that you expect a data page to be
used as a page table page at the same time?

This 2.6.16 change was precisely to share that part of the struct
page between mapping and ptl, so as to bring struct page back down
to its 2.6.14 size on the non-DEBUG_SPINLOCK configurations.

Hugh

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] mm: data overlapping in page struct
  2006-03-07 19:39 ` Hugh Dickins
@ 2006-03-07 20:06   ` Andi Kleen
  0 siblings, 0 replies; 3+ messages in thread
From: Andi Kleen @ 2006-03-07 20:06 UTC (permalink / raw
  To: Hugh Dickins, hyu; +Cc: linux-kernel, Andrea Arcangeli

Hugh Dickins <hugh@veritas.com> writes:

> On Tue, 7 Mar 2006, Hui Yu wrote:
> 
> > This patch is to fix a data overlapping issue in struct page. The
> > problem was introduced a few months ago by "split page table lock"
> > change in which mapping is moved into the same union with ptl. Since
> > private has fixed length (size of unsigned long), depending on config
> > options, ptl may have larger size than private. In this case, ptl will
> > overlap to mapping and may overwrite the original data in mapping. 
> > The simplest way of fixing this is to move mapping out of the union, as
> > in this patch. There may be better approaches; I'll leave it to the
> > experts more familiar with this part of code.  
> 
> Nak.  We use ->mapping for page cache pages, or pages mapped into
> user address space.  We use ->ptl for page table pages of user
> address space.  Where is it that you expect a data page to be
> used as a page table page at the same time?

Hui, can you perhaps explain how you use the fields in your code?
Do you perhaps use the spinlocks when the page is mapped into 
an address space?

-Andi

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2006-03-07 20:06 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-03-07 19:04 [PATCH] mm: data overlapping in page struct Hui Yu
2006-03-07 19:39 ` Hugh Dickins
2006-03-07 20:06   ` Andi Kleen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).