Skip to content

Commit 388a43e

Browse files
olsajiriolsajiri
committed
fix
1 parent 286a582 commit 388a43e

File tree

1 file changed

+41
-12
lines changed

1 file changed

+41
-12
lines changed

arch/x86/kernel/uprobes.c

Lines changed: 41 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -635,7 +635,7 @@ static bool is_reachable_by_call(unsigned long vtramp, unsigned long vaddr)
635635
return delta >= INT_MIN && delta <= INT_MAX;
636636
}
637637

638-
#define MASK_4GB ((1UL << 32) - 1)
638+
#define MASK_4GB ~((1UL << 32) - 1)
639639

640640
static unsigned long find_nearest_page(unsigned long vaddr)
641641
{
@@ -644,37 +644,66 @@ static unsigned long find_nearest_page(unsigned long vaddr)
644644
.align_mask = ~PAGE_MASK,
645645
};
646646
unsigned long low_limit = PAGE_SIZE, high_limit = TASK_SIZE;
647-
unsigned long limit, tramp_low_4GB, tramp_high_4GB;
648-
unsigned long call_end = vaddr + 5, tramp1, tramp2;
647+
unsigned long tramp1 = ~0UL, tramp2 = ~0UL;
648+
unsigned long limit, low_4GB, high_4GB;
649+
unsigned long call_end = vaddr + 5;
649650

650651
if (!check_add_overflow(call_end, INT_MIN, &limit))
651652
low_limit = limit;
652653
if (!check_add_overflow(call_end, INT_MAX, &limit))
653654
high_limit = limit;
654655

655-
tramp_low_4GB = call_end & MASK_4GB;
656-
tramp_high_4GB = tramp_low_4GB + (1UL << 32);
656+
printk("find_nearest_page1 low_limit %lx high_limit %lx\n", low_limit, high_limit);
657657

658-
if (low_limit > tramp_low_4GB) {
659-
info.low_limit = tramp_high_4GB;
658+
low_4GB = call_end & MASK_4GB;
659+
high_4GB = low_4GB + (1UL << 32);
660+
661+
if (low_limit == PAGE_SIZE)
662+
low_4GB = low_limit;
663+
664+
printk("find_nearest_page2 low_4GB %lx high_4GB %lx\n", low_4GB, high_4GB);
665+
666+
#if 0
667+
0 4 8
668+
| | |
669+
'-------^-------'
670+
'-------^-------'
671+
'-------^-------'
672+
#endif
673+
674+
if (low_limit <= low_4GB) {
675+
info.low_limit = low_4GB;
660676
info.high_limit = high_limit;
661677
} else {
662-
info.low_limit = tramp_low_4GB;
663-
info.high_limit = high_limit;;
678+
info.low_limit = high_4GB;
679+
info.high_limit = high_limit;
664680
}
665681

666682
tramp1 = vm_unmapped_area(&info);
683+
printk("find_nearest_page3 tramp1 %lx low_limit %lx high_limit %lx\n", tramp1, info.low_limit, info.high_limit);
667684

668-
if (low_limit > tramp_low_4GB) {
685+
if (low_limit <= low_4GB) {
669686
info.low_limit = low_limit;
670-
info.high_limit = tramp_high_4GB;
687+
info.high_limit = low_4GB;
671688
} else {
672689
info.low_limit = low_limit;
673-
info.high_limit = tramp_low_4GB;
690+
info.high_limit = high_4GB;
674691
}
675692

676693
info.flags = VM_UNMAPPED_AREA_TOPDOWN;
677694
tramp2 = vm_unmapped_area(&info);
695+
printk("find_nearest_page4 tramp2 %lx low_limit %lx high_limit %lx\n", tramp2, info.low_limit, info.high_limit);
696+
697+
tramp1 = IS_ERR_VALUE(tramp1) ? ~0UL : tramp1;
698+
tramp2 = IS_ERR_VALUE(tramp2) ? ~0UL : tramp2;
699+
700+
printk("find_nearest_page5 tramp1 %lx tramp2 %lx\n", tramp1, tramp2);
701+
702+
printk("find_nearest_page6 mask %lx tramp1 %lx tramp2 %lx min %lx\n",
703+
MASK_4GB,
704+
tramp1 & ~MASK_4GB,
705+
tramp2 & ~MASK_4GB,
706+
min(tramp1 & ~MASK_4GB, tramp2 & ~MASK_4GB));
678707

679708
return min(tramp1 & ~MASK_4GB, tramp2 & ~MASK_4GB);
680709
}

0 commit comments

Comments
 (0)