Rusty Russell wrote:
> That can't happen, since 0xc100000 is not in the kernel address space.
> 0xc1000000 is though, perhaps that's what you meant?
>
Yes, it is. Though it doesn't actually make any material difference to
my argument.
>> So, in this case the %gs base will be loaded with 0xc100000-0xc0431100 =
>> 0x4bccef00
>>
>
>
> A negative offset, exactly, which can't happen, as I said.
0x4bccef00 is positive. The correct number is 0xc1000000-0xc0431100 =
0xbcef00
The %gs:per_cpu__foo addressing mode still calculates
0xbcef00+0xc0433800, which is still a subtraction. My essential point
is that *all* kernel addresses (=kernel symbols) are negative, so using
them as an offset from a segment base (any segment base) is a
subtraction, which requires a 4G limit.
J
