| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 03 Apr 2007 16:26:55 +0200 From: Rene Herman <rene.herman@...il.com> To: Pekka J Enberg <penberg@...helsinki.fi> CC: Linux Kernel <linux-kernel@...r.kernel.org> Subject: Re: mcdx -- do_request(): non-read command to cd!! On 04/03/2007 08:57 AM, Pekka J Enberg wrote: [ re-including linux-kernel ] > Does this change the dd case? > > diff --git a/drivers/cdrom/mcdx.c b/drivers/cdrom/mcdx.c > index f574962..6c613d0 100644 > --- a/drivers/cdrom/mcdx.c > +++ b/drivers/cdrom/mcdx.c > @@ -1248,6 +1248,7 @@ #endif > disk->private_data = stuffp; > disk->queue = mcdx_queue; > add_disk(disk); > + blk_queue_hardsect_size(mcdx_queue, MCDX_CDBLK); > printk(msg); > return 0; > } No, I'm afraid not. It's still the same effect: root@...2:~# dmesg -c >/dev/null root@...2:~# strace -o dd.strace dd if=/dev/mcdx0 of=/dev/null 0+0 records in 0+0 records out 0 bytes (0 B) copied, 0.00438956 seconds, 0.0 kB/s root@...2:~# dmesg >dd.xtrace dd.strace again attached. I've dropped the mutex patch for now and now the xtrace is littered with waitqueue debugging. I'll see if I can disable that particular debugging trace I guess. dd.xtrace sent privately... "readcd dev=/dev/mcdx0 f=foo.img" is still an immediate hard lockup also without the mutex. I believe the "tar" runs has produced something useful now though: root@...2:~# dmesg -c >/dev/null root@...2:~# strace -o tar.strace tar cvf foo.tar /mnt/cdrom tar: Removing leading `/' from member names /mnt/cdrom/ /mnt/cdrom/dott/ /mnt/cdrom/dott/adlib.ims /mnt/cdrom/dott/dott.bat /mnt/cdrom/dott/dotticon.ico /mnt/cdrom/dott/gmidi.ims /mnt/cdrom/dott/maniac/ rlogin: connection closed. rene@...e4:~$ When I now switch the monitor to 5va2 directly, there is an oops on the screen, with a backtrace saying (manual transcription): Call Trace: [<c1047eb6>] drain_array+0x94/0xc3 [ ... ] cache_reap+0x55/0xe9 [ ... ] run_workqueue+0x8f/0x14d [ ... ] cache_reap+0x0//0xe9 [ ... ] worker_thread+0x122/0x14b [ ... ] default_wake_function+0x0/0xc [ ... ] default_wake_function+0x0/0xc [ ... ] worker_thread+0x0/0x14b [ ... ] kthread+0x72/0x97 [ ... ] kthread+0x0/0x97 [ ... ] kernel_thread_helper+0x7/0x10 ======================= Code: [ ... ] EIP: [<c1047787>] free_block+0x58/0xcf SS:ESP [ ... ] Couple of functions mentioned twice in that backtrace. That looks a little off no? "tar.strace" made it to disk, so it's attached as well. Rene. View attachment "dd.strace" of type "text/plain" (7106 bytes) View attachment "tar.strace" of type "text/plain" (14883 bytes)
Powered by blists - more mailing lists