lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 04 Feb 2009 15:52:24 +0100
From:	Luca Olivetti <luca@...toso.org>
To:	Daniel Walker <dwalker@...o99.com>
CC:	Ingo Molnar <mingo@...e.hu>, Greg KH <gregkh@...e.de>,
	Mauro Carvalho Chehab <mchehab@...radead.org>,
	linux-kernel@...r.kernel.org, Hans Verkuil <hverkuil@...all.nl>,
	Janne Grunau <janne-dvb@...nau.be>
Subject: Re: [crash] af9005_usb_module_init(): BUG: unable to handle kernel
 paging request at ff100000

En/na Daniel Walker ha escrit:
> On Tue, 2009-02-03 at 21:41 +0100, Luca Olivetti wrote:
> 
>> No, I don't have 2.6.28, but I guess that maybe once usb_register is
>> called the dvb-usb subsystem asynchronously (is that an smp system?)
>> starts polling the remote before the rc_decode function pointer has been
>> initialized.
>> Could you try to initialize it to NULL before calling usb_register?
> 
> What happens to the decode function when you have,
> 
> CONFIG_DVB_USB_AF9005=y
> CONFIG_DVB_USB_AF9005_REMOTE=n
> 
> It seems that the decode function is defined inside,
> drivers/media/dvb/dvb-usb/af9005-remote.c
> 
> but that doesn't get compiled in the case above. It looks like you end
> up with af9005_rc_decode being a function local weak symbol
> (uninitialized) which then gets assigned to rc_decode .. I think the
> crash actually happens on rc_keys_size which get assigned another
> uninitialized local, and it gets de-referenced .

Doesn't symbol_request return a NULL in such a case?
At the time I didn't try the above configuration 
(CONFIG_DVB_USB_AF9005_REMOTE=n), but removed the compiled 
dvb-usb-af9005-remote.ko, and all was well (i.e. the symbol_request 
returned NULL and the remote handling was disabled).

> Here's a patch I compile tested, and I think it would fix the issue.

But it'd break the alternative rc decoding module (not integrated in the 
kernel because it uses lirc):

http://ventoso.org/luca/af9005/README.lirc

Not really an issue for me, since I'm using a lirc-serial homebrew 
device, (besides, my af9005 device is broken, though the remote part is 
still working, so in a pinch I could use it as an usb remote receiver).

@Ingo, silly question, but do you have an af9005 based device where this 
is crashing?

Bye
-- 
Luca


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ