lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 06 Jul 2008 23:19:24 +0900
From:	Tejun Heo <htejun@...il.com>
To:	Komuro <komurojun-mbn@...ty.com>
CC:	Jeff Garzik <jeff@...zik.org>,
	linux-pcmcia <linux-pcmcia@...ts.infradead.org>,
	linux-kernel@...r.kernel.org,
	Dominik Brodowski <linux@...inikbrodowski.net>,
	linux-ide@...r.kernel.org,
	Kristoffer Ericson <kristoffer.ericson@...il.com>,
	jgarzik@...hat.com, rjw@...k.pl
Subject: Re: [KERNEL 2.6.26-rc4]  bugreport : pata_pcmcia with Sandisk Extreme
 III 8GB

Hello, Komuro.

Komuro wrote:
> Hi, Tejun
> 
> The patch below fixes the pata_pcmcia problem.
> 
> I think the ap->lock points to bogus address.
> 
> Any comment?
> 
> --- linux-2.6.26-rc8/drivers/ata/libata-core.c.orig	2008-07-06 10:05:46.000000000 +0900
> +++ linux-2.6.26-rc8/drivers/ata/libata-core.c	2008-07-06 10:09:16.000000000 +0900
> @@ -5304,6 +5304,8 @@ struct ata_host *ata_host_alloc(struct d
>  			goto err_out;
>  
>  		ap->port_no = i;
> +		ap->lock = &ap->__lock;
> +		spin_lock_init(ap->lock);
>  		host->ports[i] = ap;
>  	}
>  
> --- linux-2.6.26-rc8/include/linux/libata.h.orig	2008-07-06 10:03:54.000000000 +0900
> +++ linux-2.6.26-rc8/include/linux/libata.h	2008-07-06 10:04:35.000000000 +0900
> @@ -639,6 +639,7 @@ struct ata_port {
>  	struct Scsi_Host	*scsi_host; /* our co-allocated scsi host */
>  	struct ata_port_operations *ops;
>  	spinlock_t		*lock;
> +	spinlock_t		__lock;
>  	unsigned long		flags;	/* ATA_FLAG_xxx */
>  	unsigned int		pflags; /* ATA_PFLAG_xxx */
>  	unsigned int		print_id; /* user visible unique port ID */

Hmmm... Strange.  From ata_port_alloc(),

struct ata_port *ata_port_alloc(struct ata_host *host)
{
	struct ata_port *ap;

	DPRINTK("ENTER\n");

	ap = kzalloc(sizeof(*ap), GFP_KERNEL);
	if (!ap)
		return NULL;

	ap->pflags |= ATA_PFLAG_INITIALIZING;
	ap->lock = &host->lock;
	^^^^^^^^^^^^^^^^^^^^^^^

How come ap->lock can get set to bogus address?  Can you please printk
&host->lock and ap->lock after ata_host_alloc() without the patch?

Thanks.

-- 
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ