lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAPDyKFoZS+Fp3jPdsRnOX3r1_KLVZ64w1yq0nXBj6VtqW_r5CQ@mail.gmail.com>
Date:   Fri, 18 Nov 2016 15:29:27 +0100
From:   Ulf Hansson <ulf.hansson@...aro.org>
To:     Alexey Khoroshilov <khoroshilov@...ras.ru>
Cc:     Pierre Ossman <pierre@...man.eu>,
        linux-mmc <linux-mmc@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        ldv-project@...uxtesting.org
Subject: Re: [PATCH] mmc: wbsd: implement check for dma mapping error

On 11 November 2016 at 22:42, Alexey Khoroshilov <khoroshilov@...ras.ru> wrote:
> wbsd_request_dma() does not check for dma mapping errors.
>
> Found by Linux Driver Verification project (linuxtesting.org).
>
> Signed-off-by: Alexey Khoroshilov <khoroshilov@...ras.ru>

Thanks, applied for next!

Kind regards
Uffe

> ---
>  drivers/mmc/host/wbsd.c | 11 +++++++----
>  1 file changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/mmc/host/wbsd.c b/drivers/mmc/host/wbsd.c
> index c3fd16d997ca..80a3b11f3217 100644
> --- a/drivers/mmc/host/wbsd.c
> +++ b/drivers/mmc/host/wbsd.c
> @@ -1395,23 +1395,25 @@ static void wbsd_request_dma(struct wbsd_host *host, int dma)
>          */
>         host->dma_addr = dma_map_single(mmc_dev(host->mmc), host->dma_buffer,
>                 WBSD_DMA_SIZE, DMA_BIDIRECTIONAL);
> +       if (dma_mapping_error(mmc_dev(host->mmc), host->dma_addr))
> +               goto kfree;
>
>         /*
>          * ISA DMA must be aligned on a 64k basis.
>          */
>         if ((host->dma_addr & 0xffff) != 0)
> -               goto kfree;
> +               goto unmap;
>         /*
>          * ISA cannot access memory above 16 MB.
>          */
>         else if (host->dma_addr >= 0x1000000)
> -               goto kfree;
> +               goto unmap;
>
>         host->dma = dma;
>
>         return;
>
> -kfree:
> +unmap:
>         /*
>          * If we've gotten here then there is some kind of alignment bug
>          */
> @@ -1421,6 +1423,7 @@ static void wbsd_request_dma(struct wbsd_host *host, int dma)
>                 WBSD_DMA_SIZE, DMA_BIDIRECTIONAL);
>         host->dma_addr = 0;
>
> +kfree:
>         kfree(host->dma_buffer);
>         host->dma_buffer = NULL;
>
> @@ -1434,7 +1437,7 @@ static void wbsd_request_dma(struct wbsd_host *host, int dma)
>
>  static void wbsd_release_dma(struct wbsd_host *host)
>  {
> -       if (host->dma_addr) {
> +       if (!dma_mapping_error(mmc_dev(host->mmc), host->dma_addr)) {
>                 dma_unmap_single(mmc_dev(host->mmc), host->dma_addr,
>                         WBSD_DMA_SIZE, DMA_BIDIRECTIONAL);
>         }
> --
> 2.7.4
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ