lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080422120438.GD12774@kernel.dk>
Date:	Tue, 22 Apr 2008 14:04:38 +0200
From:	Jens Axboe <jens.axboe@...cle.com>
To:	FUJITA Tomonori <fujita.tomonori@....ntt.co.jp>
Cc:	tsbogend@...ha.franken.de, jeff@...zik.org,
	linux-kernel@...r.kernel.org, akpm@...ux-foundation.org
Subject: Re: cdrom: use kmalloced buffers instead of buffers on stack

On Tue, Apr 22 2008, FUJITA Tomonori wrote:
> On Tue, 22 Apr 2008 13:55:19 +0200
> Jens Axboe <jens.axboe@...cle.com> wrote:
> 
> > On Tue, Apr 22 2008, FUJITA Tomonori wrote:
> > > On Tue, 22 Apr 2008 07:48:58 +0200
> > > tsbogend@...ha.franken.de (Thomas Bogendoerfer) wrote:
> > > 
> > > > On Mon, Apr 21, 2008 at 10:01:26PM -0400, Jeff Garzik wrote:
> > > > > >    cdrom: use kmalloced buffers instead of buffers on stack
> > > > > >    
> > > > > >    If cdrom commands are issued to a scsi drive in most cases the buffer 
> > > > > >    will be
> > > > > >    filled via dma.  This leads to bad stack corruption on non coherent 
> > > > > >    platforms,
> > > > > >    because the buffers are neither cache line aligned nor is the size a 
> > > > > >    multiple
> > > > > >    of the cache line size.  Using kmalloced buffers avoids this.
> > > > > >    
> > > > > >    Signed-off-by: Thomas Bogendoerfer <tsbogend@...ha.franken.de>
> > > > > >    Signed-off-by: Jens Axboe <jens.axboe@...cle.com>
> > > > > >---
> > > > > > drivers/cdrom/cdrom.c |  274 
> > > > > > ++++++++++++++++++++++++++++++++-----------------
> > > > > > 1 files changed, 181 insertions(+), 93 deletions(-)
> > > > > 
> > > > > Eh... AFAICS this is only really useful in two of the cases converted.
> > > > > 
> > > > > For all the other cases (<= 32 bytes), it is _far_ less complex, far 
> > > > > less code to simply communicate the additional alignment requirements to 
> > > > > the compiler.
> > > > > 
> > > > > What about __attribute__ __aligned__?  Was that tried?
> > > > 
> > > > I used that while narrowing down the bug. But not only the alignment is
> > > > important, but also size needs to be a multiple of the cache line size.
> > > > Which means it needs to be 128 bytes for most SGI machines. That
> > > > and the following in DMA-mapping.txt
> > > > 
> > > > "This rule also means that you may use neither kernel image addresses
> > > > (items in data/text/bss segments), nor module image addresses, nor
> > > > stack addresses for DMA."
> > > > 
> > > > let me choose the kmalloc() solution.
> > > 
> > > Can we advertise such architecture's dma restrictions? For example, if
> > > we can update dma_pad_mask and dma_alignment in request_queue,
> > > blk_rq_map_kern uses a proper bounce buffer for such
> > > architectures. Then we can avoid putting extra complexity in uppper
> > > drivers such as cdrom.c
> > 
> > That would work fine, if cdrom was then also updated to get rid of
> > ->generic_packet() and use the regular queue transport instead. Which
> > would be a VERY nice thing to do anyway, so I'd welcome the effort :-)
> 
> sr_packet calls ioctl so it works for SCSI at least?

Yup, it'll work fine for sr currently, but not ide-cd. But we should
just get rid of ->generic_packet() and prepare a request in cdrom.c
instead.

-- 
Jens Axboe

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ