mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-11 21:38:32 +08:00
0b50a2d86d
On i686 PAE enabled machine the contiguous physical area could be large and it can cause trimming down variables in below calculation in read_vmcore() and mmap_vmcore(): tsz = min_t(size_t, m->offset + m->size - *fpos, buflen); That is, the types being used is like below on i686: m->offset: unsigned long long int m->size: unsigned long long int *fpos: loff_t (long long int) buflen: size_t (unsigned int) So casting (m->offset + m->size - *fpos) by size_t means truncating a given value by 4GB. Suppose (m->offset + m->size - *fpos) being truncated to 0, buflen >0 then we will get tsz = 0. It is of course not an expected result. Similarly we could also get other truncated values less than buflen. Then the real size passed down is not correct any more. If (m->offset + m->size - *fpos) is above 4GB, read_vmcore or mmap_vmcore use the min_t result with truncated values being compared to buflen. Then, fpos proceeds with the wrong value so that we reach below bugs: 1) read_vmcore will refuse to continue so makedumpfile fails. 2) mmap_vmcore will trigger BUG_ON() in remap_pfn_range(). Use unsigned long long in min_t instead so that the variables in are not truncated. Signed-off-by: Baoquan He <bhe@redhat.com> Signed-off-by: Dave Young <dyoung@redhat.com> Cc: HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com> Cc: Vivek Goyal <vgoyal@redhat.com> Cc: Jianyu Zhan <nasa4836@gmail.com> Cc: Minfei Huang <mhuang@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|---|---|---|
| .. | ||
| array.c | ||
| base.c | ||
| cmdline.c | ||
| consoles.c | ||
| cpuinfo.c | ||
| devices.c | ||
| fd.c | ||
| fd.h | ||
| generic.c | ||
| inode.c | ||
| internal.h | ||
| interrupts.c | ||
| Kconfig | ||
| kcore.c | ||
| kmsg.c | ||
| loadavg.c | ||
| Makefile | ||
| meminfo.c | ||
| namespaces.c | ||
| nommu.c | ||
| page.c | ||
| proc_net.c | ||
| proc_sysctl.c | ||
| proc_tty.c | ||
| root.c | ||
| self.c | ||
| softirqs.c | ||
| stat.c | ||
| task_mmu.c | ||
| task_nommu.c | ||
| thread_self.c | ||
| uptime.c | ||
| version.c | ||
| vmcore.c | ||