lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0706251108180.8907@schroedinger.engr.sgi.com>
Date:	Mon, 25 Jun 2007 11:23:34 -0700 (PDT)
From:	Christoph Lameter <clameter@....com>
To:	Hugh Dickins <hugh@...itas.com>
cc:	Russell King <rmk+lkml@....linux.org.uk>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Nicolas Ferre <nicolas.ferre@....atmel.com>,
	ARM Linux Mailing List 
	<linux-arm-kernel@...ts.arm.linux.org.uk>,
	Linux Kernel list <linux-kernel@...r.kernel.org>,
	Marc Pignat <marc.pignat@...s.ch>,
	Andrew Victor <andrew@...people.com>,
	Pierre Ossman <drzeus@...eus.cx>,
	Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: Oops in a driver while using SLUB as a SLAB allocator

On Mon, 25 Jun 2007, Hugh Dickins wrote:

> > > PageSlab to avoid oopsing on page->mapping.
> > 
> > It is definitely intended to work. Otherwise we would not have code 
> > like this:
> > 
> > christoph@fly:~/linux-2.6$ find . -name "*.c" | xargs grep "flush_dcache_page"|grep virt
> > ./drivers/scsi/scsi_tgt_if.c:   flush_dcache_page(virt_to_page(ev));
> > ./drivers/scsi/scsi_tgt_if.c:           flush_dcache_page(virt_to_page(ev));
> 
> I didn't claim that flush_dcache_page(virt_to_page(virt)) is not expected
> to work.  I claim that flush_dcache_page is expected to be a noop rather
> than an oops on a kmalloced page.

There are no kmalloced pages. There is only kmalloced memory. You allocate 
pages from the page allocator. Its a layering violation to expect a page
struct operation on a slab object to work.

It is not okay to use a page cache function on a slab object. The slab 
object does not fulfill the alignment requirements of a page cache page
nor does it  have a compatible page struct content as a page cache page. 
This can only cause trouble.

The problem is that the code is allocating some slab memory and then 
determines the page struct pointer and then hands it back to the DMA 
layer?

> > Ok. I think your patch is fine as a quick fix for 2.6.22. I am a bit 
> > uneasy with that given that its in such a broadly used function while its 
> > only use is to enable flush_dcache_page to work. But we need the general 
> > issue taken care of after 2.6.22.
> 
> What general issue?

How to flush slab objects in a reliable way.

> Please see Documentation/cachetlb.txt: flush_dcache_page is about
> pagecache pages mapped into userspace.  We don't use kmalloc for those,
> but we do sometimes need to flush_dcache_page in places which commonly
> deal with pagecache pages, but sometimes handle kmalloc'ed buffers too.
> Luckily we don't have to deal with buffers in which the first page is
> kmalloced and the next comes from pagecache.

This gets crazier and crazier. flush_dcache_page is for pages not for
allocated buffers via kmalloc. So this has nothing to do with any need
to flush slab objects?

Sometimes we do this and then we do that? So someone played loose
ball with the slab, was successful and that makes it right now?

We need the VM_BUG_ON in include/linux/mm.h to stop this nonsense.

The "sometimes we have kmalloced buffers" locations need to be fixed.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ