lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 26 Feb 2010 21:17:37 -0800
From:	Greg KH <greg@...ah.com>
To:	Markus Rechberger <mrechberger@...il.com>
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-usb@...r.kernel.org, werner@...ane.dyn-o-saur.com,
	Marcus Meissner <meissner@...e.de>,
	linux-kernel@...r.kernel.org
Subject: Re: 2.6.33 bugs (USBFS, Intel graphic)

On Sat, Feb 27, 2010 at 05:34:27AM +0100, Markus Rechberger wrote:
> On Sat, Feb 27, 2010 at 5:29 AM, Linus Torvalds
> <torvalds@...ux-foundation.org> wrote:
> >
> >
> > On Fri, 26 Feb 2010, Greg KH wrote:
> >>
> >> Yes, and that patch didn't touch the iso frames. ?That happens later on
> >> in the functions that were modified. ?The patch should not have had any
> >> affect on iso transfers. ?Unless I'm missing something?
> >
> > Hmm. What seems to happen is that for an isochronous transfer, the buffer
> > is split for each microframe. No?
> >
> 
> exactly. and each microframe has its own buffer length identifier.
> 
> the current behaviour breaks VMware, QEMU and virtualbox .. probably
> other things too.
> 
> 
> > So the total length may be in 'urb->actual_length', but the actual data in
> > the buffer may not be contiguous, because it's created from multiple
> > smaller frames, some of which might not be full length?
> >
> 
> yes, it's only contiguous for BULK.
> 
> > I dunno. That would explain the problem - actual_length is correct, but
> > the 'copy_to_user()' still doesn't copy all the data, because it's
> > fragmented.
> >
> 
> no you got it, but your patch does not work. The best way would be to
> revert it if someone wants to speed up BULK it should go down another
> path, leaving the old working implementation untouched.

Hm, so it's back to the original idea of just doing a kzalloc of the
initial buffer, that should solve the problem that Marcus found.

I'll go dig that back up and if you could test it, that would be most
appreciated.

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ