[PATCH] powerpc: ppc64 address space capped at 32TB, mmap randomisation disabled
Michel Lespinasse
walken at google.com
Mon Nov 18 14:57:50 EST 2013
On Sun, Nov 17, 2013 at 7:55 PM, Anton Blanchard <anton at samba.org> wrote:
>
> Commit fba2369e6ceb (mm: use vm_unmapped_area() on powerpc architecture)
> has a bug in slice_scan_available() where we compare an unsigned long
> (high_slices) against a shifted int. As a result, comparisons against
> the top 32 bits of high_slices (representing the top 32TB) always
> returns 0 and the top of our mmap region is clamped at 32TB
>
> This also breaks mmap randomisation since the randomised address is
> always up near the top of the address space and it gets clamped down
> to 32TB.
>
> Cc: stable at vger.kernel.org # v3.10+
> Signed-off-by: Anton Blanchard <anton at samba.org>
> ---
>
> diff --git a/arch/powerpc/mm/slice.c b/arch/powerpc/mm/slice.c
> index 3e99c14..7ce9cf3 100644
> --- a/arch/powerpc/mm/slice.c
> +++ b/arch/powerpc/mm/slice.c
> @@ -258,7 +258,7 @@ static bool slice_scan_available(unsigned long addr,
> slice = GET_HIGH_SLICE_INDEX(addr);
> *boundary_addr = (slice + end) ?
> ((slice + end) << SLICE_HIGH_SHIFT) : SLICE_LOW_TOP;
> - return !!(available.high_slices & (1u << slice));
> + return !!(available.high_slices & (1ul << slice));
> }
> }
>
Good catch, sorry about that...
Acked-by: Michel Lespinasse <walken at google.com>
--
Michel "Walken" Lespinasse
A program is never fully debugged until the last user dies.
More information about the Linuxppc-dev
mailing list