From patchwork Thu Mar 17 16:52:00 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ross Lagerwall <ross.lagerwall@citrix.com>
X-Patchwork-Id: 8613301
Return-Path: <xen-devel-bounces@lists.xen.org>
X-Original-To: patchwork-xen-devel@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork2.web.kernel.org (Postfix) with ESMTP id 804E1C0553
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Thu, 17 Mar 2016 16:54:43 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id AF3A420218
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Thu, 17 Mar 2016 16:54:42 +0000 (UTC)
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id CEA76201F4
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Thu, 17 Mar 2016 16:54:41 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <xen-devel-bounces@lists.xen.org>)
	id 1agb9d-0001ro-0D; Thu, 17 Mar 2016 16:52:09 +0000
Received: from mail6.bemta5.messagelabs.com ([195.245.231.135])
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <prvs=87711cbd2=ross.lagerwall@citrix.com>)
	id 1agb9b-0001r8-Lz
	for xen-devel@lists.xenproject.org; Thu, 17 Mar 2016 16:52:07 +0000
Received: from [85.158.139.211] by server-15.bemta-5.messagelabs.com id
	9F/82-06546-7B0EAE65; Thu, 17 Mar 2016 16:52:07 +0000
X-Env-Sender: prvs=87711cbd2=ross.lagerwall@citrix.com
X-Msg-Ref: server-15.tower-206.messagelabs.com!1458233524!21415516!2
X-Originating-IP: [66.165.176.89]
X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor:
	VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni44OSA9PiAyMDMwMDc=\n,
	received_headers: No Received headers
X-StarScan-Received: 
X-StarScan-Version: 8.11; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 3895 invoked from network); 17 Mar 2016 16:52:06 -0000
Received: from smtp.citrix.com (HELO SMTP.CITRIX.COM) (66.165.176.89)
	by server-15.tower-206.messagelabs.com with RC4-SHA encrypted SMTP;
	17 Mar 2016 16:52:06 -0000
X-IronPort-AV: E=Sophos;i="5.24,350,1454976000"; d="scan'208";a="339998893"
From: Ross Lagerwall <ross.lagerwall@citrix.com>
To: <xen-devel@lists.xenproject.org>
Date: Thu, 17 Mar 2016 16:52:00 +0000
Message-ID: <1458233520-18821-2-git-send-email-ross.lagerwall@citrix.com>
X-Mailer: git-send-email 2.4.3
In-Reply-To: <1458233520-18821-1-git-send-email-ross.lagerwall@citrix.com>
References: <1458233520-18821-1-git-send-email-ross.lagerwall@citrix.com>
MIME-Version: 1.0
X-DLP: MIA1
Cc: Ross Lagerwall <ross.lagerwall@citrix.com>,
	Boris Ostrovsky <boris.ostrovsky@oracle.com>,
	David Vrabel <david.vrabel@citrix.com>
Subject: [Xen-devel] [PATCH 2/2] xen/balloon: Fix crash when ballooning on
	x86 32 bit PAE
X-BeenThere: xen-devel@lists.xen.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xen.org>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, UNPARSEABLE_RELAY
	autolearn=unavailable version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

When ballooning on an x86 32 bit PAE system with close to 64 GiB of memory, the
address returned by allocate_resource may be above 64 GiB.  When using
CONFIG_SPARSEMEM, this setup is limited to using physical addresses < 64 GiB.
When adding memory at this address, it runs off the end of the mem_section
array and causes a crash.  Instead, fail the ballooning request.

Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
---
 drivers/xen/balloon.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/drivers/xen/balloon.c b/drivers/xen/balloon.c
index 12eab50..329695d 100644
--- a/drivers/xen/balloon.c
+++ b/drivers/xen/balloon.c
@@ -152,6 +152,8 @@ static DECLARE_WAIT_QUEUE_HEAD(balloon_wq);
 static void balloon_process(struct work_struct *work);
 static DECLARE_DELAYED_WORK(balloon_worker, balloon_process);
 
+static void release_memory_resource(struct resource *resource);
+
 /* When ballooning out (allocating memory to return to Xen) we don't really
    want the kernel to try too hard since that can trigger the oom killer. */
 #define GFP_BALLOON \
@@ -268,6 +270,19 @@ static struct resource *additional_memory_resource(phys_addr_t size)
 		return NULL;
 	}
 
+#ifdef CONFIG_SPARSEMEM
+	{
+		unsigned long max_pfn = 1UL << (MAX_PHYSMEM_BITS - PAGE_SHIFT);
+		unsigned long pfn = res->start >> PAGE_SHIFT;
+
+		if (pfn > max_pfn) {
+			pr_err("pfn %lu exceeds max_pfn %lu\n", pfn, max_pfn);
+			release_memory_resource(res);
+			return NULL;
+		}
+	}
+#endif
+
 	return res;
 }