lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 22 Feb 2018 14:04:17 +0000
From:   Robin Murphy <robin.murphy@....com>
To:     miles.chen@...iatek.com, Christoph Hellwig <hch@....de>,
        Marek Szyprowski <m.szyprowski@...sung.com>
Cc:     linux-kernel@...r.kernel.org, iommu@...ts.linux-foundation.org,
        linux-mediatek@...ts.infradead.org, wsd_upstream@...iatek.com
Subject: Re: [PATCH] lib/dma-debug.c: fix memory leakage

On 22/02/18 11:22, miles.chen@...iatek.com wrote:
> From: Miles Chen <miles.chen@...iatek.com>
> 
> Marty reported a memory leakage introduced by commit 3aaabbf1c39e
> ("lib/dma-debug.c: fix incorrect pfn calculation"). Fix it
> by checking the virtual address before allocating the entry.

Oops, seems I failed to look closely enough at the surrounding diff 
context when I reviewed the original patch... :(

> This patch also use virt_addr_valid() instead of virt_to_page()
> to check if a virtual address is linear.

That's an area I happen to have been looking at lately and now 
understand a lot better, so fully agreed there as well.

Acked-by: Robin Murphy <robin.murphy@....com>

Maybe also worth having a proper Fixes: tag instead of just naming the 
commit in prose?

Thanks,
Robin.

> Reported-by: Marty Faltesek <mfaltesek@...gle.com>
> Signed-off-by: Miles Chen <miles.chen@...iatek.com>
> ---
>   lib/dma-debug.c | 10 +++++-----
>   1 file changed, 5 insertions(+), 5 deletions(-)
> 
> diff --git a/lib/dma-debug.c b/lib/dma-debug.c
> index 1b34d210452c..7f5cdc1e6b29 100644
> --- a/lib/dma-debug.c
> +++ b/lib/dma-debug.c
> @@ -1491,12 +1491,12 @@ void debug_dma_alloc_coherent(struct device *dev, size_t size,
>   	if (unlikely(virt == NULL))
>   		return;
>   
> -	entry = dma_entry_alloc();
> -	if (!entry)
> +	/* handle vmalloc and linear addresses */
> +	if (!is_vmalloc_addr(virt) && !virt_addr_valid(virt))
>   		return;
>   
> -	/* handle vmalloc and linear addresses */
> -	if (!is_vmalloc_addr(virt) && !virt_to_page(virt))
> +	entry = dma_entry_alloc();
> +	if (!entry)
>   		return;
>   
>   	entry->type      = dma_debug_coherent;
> @@ -1528,7 +1528,7 @@ void debug_dma_free_coherent(struct device *dev, size_t size,
>   	};
>   
>   	/* handle vmalloc and linear addresses */
> -	if (!is_vmalloc_addr(virt) && !virt_to_page(virt))
> +	if (!is_vmalloc_addr(virt) && !virt_addr_valid(virt))
>   		return;
>   
>   	if (is_vmalloc_addr(virt))
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ