From: Julien Grall Date: Fri, 9 Aug 2019 12:14:40 +0000 (+0100) Subject: xen/page_alloc: Keep away MFN 0 from the buddy allocator X-Git-Tag: archive/raspbian/4.14.0+80-gd101b417b7-1+rpi1^2~63^2~1756 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=762b9a2d990bba1f3aefe660cff0c37ad2e375bc;p=xen.git xen/page_alloc: Keep away MFN 0 from the buddy allocator Combining of buddies happens only such that the resulting larger buddy is still order-aligned. To cross a zone boundary while merging, the implication is that both the buddy [0, 2^n-1] and the buddy [2^n, 2^(n+1)-1] are free. Ideally we want to fix the allocator, but for now we can just prevent adding the MFN 0 in the allocator to avoid merging across zone boundaries. On x86, the MFN 0 is already kept away from the buddy allocator. So the bug can only happen on Arm platform where the first memory bank is starting at 0. As this is a specific to the allocator, the MFN 0 is removed in the common code to cater all the architectures (current and future). [Stefano: improve commit message] Reported-by: Jeff Kubascik Signed-off-by: Julien Grall Reviewed-by: Jan Beulich Acked-by: Stefano Stabellini Tested-by: Stefano Stabellini Signed-off-by: Stefano Stabellini --- diff --git a/xen/common/page_alloc.c b/xen/common/page_alloc.c index b29c070c3d..438e45ae75 100644 --- a/xen/common/page_alloc.c +++ b/xen/common/page_alloc.c @@ -1770,6 +1770,18 @@ static void init_heap_pages( unsigned long i; bool idle_scrub = false; + /* + * Keep MFN 0 away from the buddy allocator to avoid crossing zone + * boundary when merging two buddies. + */ + if ( !mfn_x(page_to_mfn(pg)) ) + { + if ( nr_pages-- <= 1 ) + return; + pg++; + } + + /* * Some pages may not go through the boot allocator (e.g reserved * memory at boot but released just after --- kernel, initramfs,