| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 8 Feb 2010 08:33:34 +0100
From: Andreas Mohr <andi@...as.de>
To: Pavel Machek <pavel@....cz>
Cc: Catalin Marinas <catalin.marinas@....com>,
Matthew Dharm <mdharm-kernel@...-eyed-alien.net>,
Sergei Shtylyov <sshtylyov@...mvista.com>,
Ming Lei <tom.leiming@...il.com>, linux-usb@...r.kernel.org,
linux-kernel <linux-kernel@...r.kernel.org>,
Sebastian Siewior <bigeasy@...utronix.de>,
Greg KH <greg@...ah.com>,
linux-arm-kernel <linux-arm-kernel@...ts.infradead.org>
Subject: Re: USB mass storage and ARM cache coherency
Hi,
On Mon, Feb 08, 2010 at 07:55:19AM +0100, Pavel Machek wrote:
> Plus it does unneccessary flushes on x86, etc...
Noticed that as well, there should be an arch-obeying helper for this.
On my MIPSEL, I had urb->transfer_buffer NULL ptr crashes
(I think that was expected in case of a certain DMA setup, Alan said).
However, even with NULL check added I still had:
hub 2-1.1:1.0: state 7 ports 7 chg 0000 evt 0010
Unhandled kernel unaligned access[#1]:
Cpu 0
$ 0 : 00000000 fffffffd 803b0000 00010000
$ 4 : 08002042 8143bfe0 0043bfe0 0000000d
$ 8 : 00000001 3b9aca00 c4653600 00000000
$12 : 00000049 3b9aca00 81dbc868 00000000
$16 : a1e00000 803b0000 8037f840 81dfaa80
$20 : 00000000 81dd5080 80000000 00000000
$24 : 00000000 80015a64
$28 : 8033a000 8033bc10 a1dd83cc 801da5e4
Hi : 00000000
Lo : 00000000
epc : 800171e8 __flush_dcache_page+0x38/0x120
Not tainted
ra : 801da5e4 ehci_urb_done+0x180/0x1e4
Status: 10009002 KERNEL EXL
Cause : 00800010
BadVA : 08002056
PrId : 00029029 (Broadcom BCM3302)
Modules linked in:
Process swapper (pid: 0, threadinfo=8033a000, task=8033c000, tls=00000000)
Stack : 00000000 00000000 81e04980 801c80ac a1dd9060 a1dd8394 ffffff6a ffffff6a
81dfaa80 a1dd83cc a1dd8380 801db3a4 803a6a28 80068e9c 000003f8 00003fc0
a1dd81cc 801dea58 00000001 00000000 a1dd9360 81dd5080 a1dd8380 10009001
a1dd83cc 81dd5158 00000000 80318d44 81dd5158 00000001 00010031 801de8f4
81dd5158 8033bce0 803a76a0 803a0000 8033d860 8004f924 00000219 00000043
...
Call Trace:
[<800171e8>] __flush_dcache_page+0x38/0x120
[<801da5e4>] ehci_urb_done+0x180/0x1e4
[<801db3a4>] qh_completions+0x484/0x554
[<801de8f4>] ehci_work+0x1ec/0xb68
[<801e2598>] ehci_irq+0x360/0x3a4
[<801c7cf8>] usb_hcd_irq+0x64/0x15c
[<80066d58>] handle_IRQ_event+0x90/0x280
[<80068e80>] handle_percpu_irq+0x48/0x9c
[<8000e228>] plat_irq_dispatch+0x15c/0x178
[<80001444>] ret_from_irq+0x0/0x4
[<80001680>] r4k_wait+0x20/0x40
[<8000fe34>] cpu_idle+0x30/0x60
[<80354a34>] start_kernel+0x338/0x350
Code: 00000000 10800029 3c02803b <8c820014> 14400026 3c02803b 8c83001c 2482001c 14620021
Disabling lock debugging due to kernel taint
Kernel panic - not syncing: Fatal exception in interrupt
Seems like BadVA : 08002056 really isn't as aligned (offset 0x6) as it should be.
I've given up on this now BTW, I'll wait until the dust has settled (i.e. some nice improvements
have found their way to the kernel) and retry in some months with a much newer kernel version
(currently patched-up 2.6.31.9) whether something remains to be fixed.
I'll work on more productive things such as submitting some waiting patches.
Andreas Mohr
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists