lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1316355934.27722.6.camel@dabdike>
Date:	Sun, 18 Sep 2011 18:25:34 +0400
From:	James Bottomley <James.Bottomley@...senPartnership.com>
To:	Chris Boot <bootc@...tc.net>
Cc:	"Woodhouse, David" <david.woodhouse@...el.com>,
	adam radford <aradford@...il.com>,
	lkml <linux-kernel@...r.kernel.org>,
	Adam Radford <linuxraid@....com>,
	"linux-scsi@...r.kernel.org" <linux-scsi@...r.kernel.org>
Subject: Re: iommu_iova leak [inside 3w-9xxx]

On Sun, 2011-09-18 at 15:05 +0100, Chris Boot wrote: 
> > Hardly ... all it's saying is that twa_exit doesn't wait for pending I/O
> > to complete, so when you remove the module it tears down in the middle
> > of an I/O.  A bug, yes, but it's not indicative of any sort of leak in
> > the maps/unmaps.
> 
> 
> James,
> 
> I don't think that's the case - I had unmounted all filesystems, deactivated all volume groups, and performed a sync before waiting a few seconds and running rmmod. Next time I'll also 'echo 1 > /sys/block/sdX/device/delete' if that's helpful.

Actually, I take all that back: the driver has a bug in QUEUE_FULL
handling: twa_scsi_queue() calls twa_scsiop_execute_scsi(), which maps
the dma buffer, but if the card responds QUEUE_FULL it just returns
SCSI_MLQUEUE_HOST_BUSY without ever unmapping.  That leg in the code
frees the request but also doesn't unmap it.  In fact any error return
from twa_scsiop_execute_scsi() seems to have the same problem (but
QUEUE_FULL is the only silent one).

I trust Adam will fix this.

James


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ