lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20090624174411.GA5729@liondog.tnic>
Date:	Wed, 24 Jun 2009 19:44:11 +0200
From:	Borislav Petkov <petkovbb@...glemail.com>
To:	David Miller <davem@...emloft.net>
Cc:	bzolnier@...il.com, linux-ide@...r.kernel.org,
	linux-kernel@...r.kernel.org, htejun@...il.com
Subject: Re: [patch 2/6] ide: fix ide_kill_rq() for special
	ide-{floppy,tape} driver requests

On Wed, Jun 24, 2009 at 03:39:09AM -0700, David Miller wrote:
> From: Bartlomiej Zolnierkiewicz <bzolnier@...il.com>
> Date: Wed, 24 Jun 2009 12:09:53 +0200
> 
> > The obscure reasons is just the fact that both ide-floppy and ide-tape
> > had a they own duplicated/buggy request completion routines.
> > 
> > While they were being unified the whole bunch of similar class of bugs
> > were fixed so I agree that there may still be more issues to deal with
> > there.
> 
> I see, the ->pc_callback() of these things set rq->errors and then
> ide_pc_intr() happily overrides whatever was set there, either on it's
> own or via ide_complete_rq().
> 
> I'll look over this some more while I wait for the testing results
> from Borislav.

Ok, let's see now, I did some testing but can't seem to hit that
particular path because it is taken relatively rarely - it can be
reached from start_request() and ide_atapi_error() via ide_error for
ide-floppy and ide-tape.

If my code staring doesn't mislead me, the start_request()-one has to
happen during an IDE reset operation, while we're polling for reset
completion _and_ when drive->failures has reached drive->max_failures
since this is the only site the drive->failures counter is increased.

The ide_atapi_error() cannot happen because (!blk_fs_request(rq))
requests are being completed in ide_error() with the respective error
status.

It is possible that I've missed something so feel free to correct me
and/or suggest a different testing approach.

Thanks.

-- 
Regards/Gruss,
    Boris.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ