| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <302ff90b-32a9-58dd-ae8f-1b55813fed74@suse.com>
Date: Sun, 17 Feb 2019 11:39:41 +0100
From: Juergen Gross <jgross@...e.com>
To: Oleksandr Andrushchenko <andr2000@...il.com>,
xen-devel@...ts.xenproject.org, linux-kernel@...r.kernel.org,
boris.ostrovsky@...cle.com
Cc: Oleksandr Andrushchenko <oleksandr_andrushchenko@...m.com>
Subject: Re: [Xen-devel][PATCH 1/2] xen/gntdev: Do not destroy context while
dma-bufs are in use
On 14/02/2019 15:23, Oleksandr Andrushchenko wrote:
> From: Oleksandr Andrushchenko <oleksandr_andrushchenko@...m.com>
>
> If there are exported DMA buffers which are still in use and
> grant device is closed by either normal user-space close or by
> a signal this leads to the grant device context to be destroyed,
> thus making it not possible to correctly destroy those exported
> buffers when they are returned back to gntdev and makes the module
> crash:
>
> [ 339.617540] [<ffff00000854c0d8>] dmabuf_exp_ops_release+0x40/0xa8
> [ 339.617560] [<ffff00000867a6e8>] dma_buf_release+0x60/0x190
> [ 339.617577] [<ffff0000082211f0>] __fput+0x88/0x1d0
> [ 339.617589] [<ffff000008221394>] ____fput+0xc/0x18
> [ 339.617607] [<ffff0000080ed4e4>] task_work_run+0x9c/0xc0
> [ 339.617622] [<ffff000008089714>] do_notify_resume+0xfc/0x108
>
> Fix this by referencing gntdev on each DMA buffer export and
> unreferencing on buffer release.
>
> Signed-off-by: Oleksandr Andrushchenko <oleksandr_andrushchenko@...m.com>
Applied to xen/tip.git for-linus-5.1
Juergen
Powered by blists - more mailing lists