| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <200903121758.56808.bzolnier@gmail.com>
Date: Thu, 12 Mar 2009 17:58:56 +0100
From: Bartlomiej Zolnierkiewicz <bzolnier@...il.com>
To: petkovbb@...il.com
Cc: Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>,
linux-ide@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 3/3] ide-{cd,floppy}: do not map all cmds to an sg
On Thursday 12 March 2009, Borislav Petkov wrote:
> On Wed, Mar 11, 2009 at 05:34:28PM +0100, Bartlomiej Zolnierkiewicz wrote:
> > On Tuesday 10 March 2009, Borislav Petkov wrote:
> > > Hi,
> > >
> > > > If the mainline is broken sg fix can wait but to be honest I don't see much
> > > > point in delaying it (it is an independent problem and the bugfix should be
> > > > a completely safe one-liner).
> > >
> > > --
> > > From: Borislav Petkov <petkovbb@...il.com>
> > > Date: Tue, 10 Mar 2009 07:04:52 +0100
> > > Subject: [PATCH] ide-floppy: do not map dataless cmds to an sg
> > >
> > > since it fails the virt_to_page() translation check with DEBUG_VIRTUAL
> > > enabled.
> > >
> > > Signed-off-by: Borislav Petkov <petkovbb@...il.com>
> >
> > I applied it with some changes:
> >
> > > ---
> > > drivers/ide/ide-atapi.c | 12 ++++++++++++
> > > drivers/ide/ide-floppy.c | 6 ++++--
> > > 2 files changed, 16 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/drivers/ide/ide-atapi.c b/drivers/ide/ide-atapi.c
> > > index a5596a6..11a680c 100644
> > > --- a/drivers/ide/ide-atapi.c
> > > +++ b/drivers/ide/ide-atapi.c
> > > @@ -90,6 +90,12 @@ static void ide_queue_pc_head(ide_drive_t *drive, struct gendisk *disk,
> > > rq->cmd_flags |= REQ_PREEMPT;
> > > rq->buffer = (char *)pc;
> > > rq->rq_disk = disk;
> > > +
> > > + if (pc->req_xfer) {
> > > + rq->data = pc->buf;
> > > + rq->data_len = pc->req_xfer;
> > > + }
> > > +
> > > memcpy(rq->cmd, pc->c, 12);
> > > if (drive->media == ide_tape)
> > > rq->cmd[13] = REQ_IDETAPE_PC1;
> > > @@ -112,6 +118,12 @@ int ide_queue_pc_tail(ide_drive_t *drive, struct gendisk *disk,
> > > rq = blk_get_request(drive->queue, READ, __GFP_WAIT);
> > > rq->cmd_type = REQ_TYPE_SPECIAL;
> > > rq->buffer = (char *)pc;
> > > +
> > > + if (pc->req_xfer) {
> > > + rq->data = pc->buf;
> > > + rq->data_len = pc->req_xfer;
> > > + }
> > > +
> > > memcpy(rq->cmd, pc->c, 12);
> > > if (drive->media == ide_tape)
> > > rq->cmd[13] = REQ_IDETAPE_PC1;
> >
> > ide-atapi.c part doesn't seem to be needed for fixing the issue
> > so I removed it (IMO it would fit much better with your sg setup
> > cleanup patch than this one)
>
> No, you need that part. And especially the rq->data assignment.
> Take a look at ide_floppy_get_capacity() - it calls into
> ide_queue_pc_tail() with pc->req_xfer == 255 resulting from the
> ide_floppy_create_read_capacity_cmd(). However, the rq->data is still
> NULL if you'd remove the chunk I added and you get
[...]
Ah I see it now but this is a separate issue from the original one
(OOPS on DEBUG_VIRTUAL=y)! I somehow missed it (probably becasue
patch description fails to mention this important information)
and thus tried to be smart while merging the patch...
Anyway, I replaced the patch in pata tree by your original one.
Thanks,
Bart
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists