Re: 2.6.17-rc5-mm1

[Hugh Dickins]

On Tue, 6 Jun 2006, Christoph Lameter wrote:
> On Tue, 6 Jun 2006, Hugh Dickins wrote:
> 
> > Not really (though the clarity and reassurance of the additional
> > MAX_SWAPFILES test is good).  We went over it a year or two back,
> > and the macro contortions do involve MAX_SWAPFILES_SHIFT: which
> > up to and including 2.6.17 has enforced the MAX_SWAPFILES limit.
> 
> It looks though as if the testers were able to define more than 32 swap 
> devices. So there is the danger of overwriting the memory 
> following the swap info if we do not fix this.
> 
> Where are the macro contortions? No arch uses MAX_SWAPFILES_SHIFT for its 
> definitions and the only other significant use is in swapops.h to 
> determine the shift.

I'll go mad if I try to work it out again: I was as worried as you
when I discovered that test in sys_swapon a year or so ago, apparently
without any check on MAX_SWAPFILES; and went moaning to Andrew.  But
once I'd worked through swp_type, pte_to_swp_entry, swp_entry_to_pte,
swp_entry, I did come to the conclusion that the MAX_SWAPFILES bound
was actually safely built in there.

It's those four in swapops.h, and their concatenation in sys_swapon,
that I meant by "macro contortions"; and I think they are safe (or
were prior to swapless migration's -2), whatever the arch does for
the __ones (which drive me even further insane).

Have you no mercy?  Oh, wasn't it rendered safe by the:

#define SWP_TYPE_SHIFT(e) (sizeof(e.val) * 8 - MAX_SWAPFILES_SHIFT)
static inline unsigned swp_type(swp_entry_t entry)
{
	return (entry.val >> SWP_TYPE_SHIFT(entry));
}

Hugh
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/