Christophe Leroy <christophe.le...@c-s.fr> writes:
> Le 12/12/2018 à 01:23, Michael Ellerman a écrit :
>> Christophe Leroy <christophe.le...@c-s.fr> writes:
>>
>>> This patch implements CONFIG_DEBUG_VIRTUAL to warn about
>>> incorrect use of virt_to_phys() and page_to_phys()
>>>
>>> Below is the result of test_debug_virtual:
>>>
>>> [ 1.438746] WARNING: CPU: 0 PID: 1 at
>>> ./arch/powerpc/include/asm/io.h:808 test_debug_virtual_init+0x3c/0xd4
>>> [ 1.448156] CPU: 0 PID: 1 Comm: swapper Not tainted
>>> 4.20.0-rc5-00560-g6bfb52e23a00-dirty #532
>>> [ 1.457259] NIP: c066c550 LR: c0650ccc CTR: c066c514
>>> [ 1.462257] REGS: c900bdb0 TRAP: 0700 Not tainted
>>> (4.20.0-rc5-00560-g6bfb52e23a00-dirty)
>>> [ 1.471184] MSR: 00029032 <EE,ME,IR,DR,RI> CR: 48000422 XER: 20000000
>>> [ 1.477811]
>>> [ 1.477811] GPR00: c0650ccc c900be60 c60d0000 00000000 006000c0 c9000000
>>> 00009032 c7fa0020
>>> [ 1.477811] GPR08: 00002400 00000001 09000000 00000000 c07b5d04 00000000
>>> c00037d8 00000000
>>> [ 1.477811] GPR16: 00000000 00000000 00000000 00000000 c0760000 c0740000
>>> 00000092 c0685bb0
>>> [ 1.477811] GPR24: c065042c c068a734 c0685b8c 00000006 00000000 c0760000
>>> c075c3c0 ffffffff
>>> [ 1.512711] NIP [c066c550] test_debug_virtual_init+0x3c/0xd4
>>> [ 1.518315] LR [c0650ccc] do_one_initcall+0x8c/0x1cc
>>> [ 1.523163] Call Trace:
>>> [ 1.525595] [c900be60] [c0567340] 0xc0567340 (unreliable)
>>> [ 1.530954] [c900be90] [c0650ccc] do_one_initcall+0x8c/0x1cc
>>> [ 1.536551] [c900bef0] [c0651000] kernel_init_freeable+0x1f4/0x2cc
>>> [ 1.542658] [c900bf30] [c00037ec] kernel_init+0x14/0x110
>>> [ 1.547913] [c900bf40] [c000e1d0] ret_from_kernel_thread+0x14/0x1c
>>> [ 1.553971] Instruction dump:
>>> [ 1.556909] 3ca50100 bfa10024 54a5000e 3fa0c076 7c0802a6 3d454000
>>> 813dc204 554893be
>>> [ 1.564566] 7d294010 7d294910 90010034 39290001 <0f090000> 7c3e0b78
>>> 955e0008 3fe0c062
>>> [ 1.572425] ---[ end trace 6f6984225b280ad6 ]---
>>> [ 1.577467] PA: 0x09000000 for VA: 0xc9000000
>>> [ 1.581799] PA: 0x061e8f50 for VA: 0xc61e8f50
>>>
>>> Signed-off-by: Christophe Leroy <christophe.le...@c-s.fr>
>>> ---
>>> v3: Added missing linux/mm.h
>>> I realised that a driver may use DMA on stack after checking with
>>> virt_addr_valid(), so the new
>>> verification might induce false positives. I remove it for now, will
>>> add it again later in a more
>>> controled way.
>>
>> What is this comment referring to?
>>
>> I can't see any difference to v2 except the linux/mm.h include.
>
> v2 was:
>
>
> @@ -804,6 +806,11 @@ extern void __iounmap_at(void *ea, unsigned long size);
> */
> static inline unsigned long virt_to_phys(volatile void * address)
> {
> + if (IS_ENABLED(CONFIG_DEBUG_VIRTUAL) &&
> + !WARN_ON(IS_ENABLED(CONFIG_HAVE_ARCH_VMAP_STACK) && current->pid &&
> + object_is_on_stack((const void*)address)))
> + WARN_ON(!virt_addr_valid(address));
> +
> return __pa((unsigned long)address);
> }
>
>
> v3 is: (same as v1)
>
>
> @@ -804,6 +806,8 @@ extern void __iounmap_at(void *ea, unsigned long size);
> */
> static inline unsigned long virt_to_phys(volatile void * address)
> {
> + WARN_ON(IS_ENABLED(CONFIG_DEBUG_VIRTUAL) && !virt_addr_valid(address));
> +
> return __pa((unsigned long)address);
> }
Right, sorry I must have been looking at v1 (which was already applied
in my tree).
> The idea in v2 was to detect objects on stack used for DMA before
> activating CONFIG_VMAP_STACK, but if the driver uses virt_addr_valid()
> to decide if it can DMA map it, then we'll get false positives.
> So I think this should be added with a dedicated DEBUG CONFIG option,
> not implicitely.
Sounds good. I'll take v3.
cheers
