| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20071125011550.GB30759@electric-eye.fr.zoreil.com>
Date: Sun, 25 Nov 2007 02:15:51 +0100
From: Francois Romieu <romieu@...zoreil.com>
To: Alan Cox <alan@...rguk.ukuu.org.uk>
Cc: Alistair John Strachan <alistair@...zero.co.uk>,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: 2.6.24-rc3, 4GB RAM, swiotlb, r8169, out of space
Alan Cox <alan@...rguk.ukuu.org.uk> :
[...]
> You seem to have a leak, which actually isn't suprising
>
> rtl8169_xmit_frags allocates a set of maps for a fragmented packet
>
> rtl8169_start_xmit allocates a buffer
>
> When we finish the transit we free the main buffer (always using skb->len
> when sometimes its skb->headlne. We don't seem to free the fragment
> buffers at all.
> Looks like the unmap path for fragmented packets is broken with any kind
> of iommu
Are you referring to the pci_unmap part ?
There is a 1:1 correspondance between a Tx descriptor entry and
{an unfragmented skb or a fragment of a skb}. Afaiks rtl8169_unmap_tx_skb()
is issued for each Tx descriptor entry, be it after a Tx completion irq or
a general Tx ring cleanup.
I'll read it again after some sleep but the leak does not seem clear to me.
--
Ueimor
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists