lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <201506152327.59907@pali>
Date:	Mon, 15 Jun 2015 23:27:59 +0200
From:	Pali Rohár <pali.rohar@...il.com>
To:	Michal Hocko <mhocko@...e.cz>
Cc:	Hans de Goede <hdegoede@...hat.com>,
	Darren Hart <dvhart@...radead.org>,
	Ben Skeggs <bskeggs@...hat.com>,
	Stuart Hayes <stuart_hayes@...l.com>,
	Matthew Garrett <mjg@...hat.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	platform-driver-x86@...r.kernel.org, linux-mm@...ck.org,
	linux-kernel@...r.kernel.org
Subject: Re: Possible broken MM code in dell-laptop.c?

On Monday 15 June 2015 23:18:16 Michal Hocko wrote:
> On Sun 14-06-15 11:05:07, Pali Rohár wrote:
> > Hello,
> > 
> > in drivers/platform/x86/dell-laptop.c is this part of code:
> > 
> > static int __init dell_init(void)
> > {
> > ...
> > 
> > 	/*
> > 	
> > 	 * Allocate buffer below 4GB for SMI data--only 32-bit physical
> > 	 addr * is passed to SMI handler.
> > 	 */
> > 	
> > 	bufferpage = alloc_page(GFP_KERNEL | GFP_DMA32);
> 
> [...]
> 
> > 	buffer = page_address(bufferpage);
> 
> [...]
> 
> > fail_rfkill:
> > 	free_page((unsigned long)bufferpage);
> 
> This one should be __free_page because it consumes struct page* and
> it is the proper counter part for alloc_page. free_page, just to
> make it confusing, consumes an address which has to be translated to
> a struct page.
> 
> I have no idea why the API has been done this way and yeah, it is
> really confusing.
> 
> [...]
> 
> > static void __exit dell_exit(void)
> > {
> > ...
> > 
> > 	free_page((unsigned long)buffer);

So both, either:

 free_page((unsigned long)buffer);

or

 __free_page(bufferpage);

is correct?

-- 
Pali Rohár
pali.rohar@...il.com

Download attachment "signature.asc " of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ