lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <7991c5481003231040u3479778dpcb27d9578383afc0@mail.gmail.com>
Date:	Tue, 23 Mar 2010 10:40:34 -0700
From:	Malli <mchilakala@...il.com>
To:	Benjamin Herrenschmidt <benh@...nel.crashing.org>
Cc:	Mallikarjuna R Chilakala <mallikarjuna.chilakala@...el.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	David Miller <davem@...emloft.net>, netdev@...r.kernel.org
Subject: Re: ixgbe: Set IXGBE_RSC_CB(skb)->DMA field to zero after unmapping 
	the address

On Mon, Mar 22, 2010 at 8:57 PM, Benjamin Herrenschmidt
<benh@...nel.crashing.org> wrote:
> On Mon, 2010-03-22 at 17:59 +0000, Linux Kernel Mailing List wrote:
>> Gitweb:     http://git.kernel.org/linus/fd3686a842717b890fbe3024b83a616c54d5dba0
>> Commit:     fd3686a842717b890fbe3024b83a616c54d5dba0
>> Parent:     936332b8e00103fc20eb7e915c9a3bcb2835a11a
>> Author:     Mallikarjuna R Chilakala <mallikarjuna.chilakala@...el.com>
>> AuthorDate: Fri Mar 19 04:41:33 2010 +0000
>> Committer:  David S. Miller <davem@...emloft.net>
>> CommitDate: Fri Mar 19 21:00:44 2010 -0700
>>
>>     ixgbe: Set IXGBE_RSC_CB(skb)->DMA field to zero after unmapping the address
>>
>>     As per Simon Horman's feedback set IXGBE_RSC_CB(skb)->dma to zero
>>     after unmapping HWRSC DMA address to avoid double freeing.
>>
>
> Note that this whole code is bogus :-) You cannot just assume that 0 is
> a invalid DMA address. It is not. In fact, while you can check if a
> dma_addr_t is invalid using dma_mapping_error(), the generic APIs
> don't provide you with a magic "bad" value you can use for what you are
> trying to do.
>
> Granted, I think we should make our iommu code reserve the first page
> for the sake of everybody's sanity and to avoid such pitfalls, but
> this code is wrong with today iommu implementations.
>
> Cheers,
> Ben.

Yes. I just realized that i can't assign a zero magic "bad" value. It is only
valid in x86/arm/m68k/alpha architecures and not in spark & PowerPC arch,
(it should be ~0). In some other architecutres it throws a BUG() on with
dma_mapping_error() checks. So the patch is not a total bogus in some
architectures :(.

May be it is best to create an internal FLAG in IXGBE_RSC_CB(skb)
which can be used to avoid this double freeing.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ