lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <s5hlfkwip1h.wl-tiwai@suse.de>
Date:   Tue, 09 Jun 2020 11:09:14 +0200
From:   Takashi Iwai <tiwai@...e.de>
To:     Christoph Hellwig <hch@....de>
Cc:     David Rientjes <rientjes@...gle.com>,
        "Alex Xu (Hello71)" <alex_y_xu@...oo.ca>,
        alsa-devel@...a-project.org, bp@...en8.de, hch@...radead.org,
        hpa@...or.com, linux-kernel@...r.kernel.org, mingo@...hat.com,
        Pavel Machek <pavel@....cz>, perex@...ex.cz,
        tglx@...utronix.de, tiwai@...e.com, x86@...nel.org
Subject: Re: next-0519 on thinkpad x60: sound related? window manager crash

On Tue, 09 Jun 2020 10:43:05 +0200,
Christoph Hellwig wrote:
> 
> On Tue, Jun 09, 2020 at 10:05:26AM +0200, Takashi Iwai wrote:
> > > >From the disassembly it seems like a vmalloc allocation is NULL, which
> > > seems really weird as this patch shouldn't make a difference for them,
> > > and I also only see a single places that allocates the field, and that
> > > checks for an allocation failure.  But the sound code is a little
> > > hard to unwind sometimes.
> > 
> > It's not clear which sound device being affected, but if it's
> > HD-audio on x86, runtime->dma_area points to a vmapped buffer from
> > SG-pages allocated by dma_alloc_coherent().
> > 
> > OTOH, if it's a USB-audio, runtime->dma_area is a buffer by
> > vmalloc().
> 
> Err, you can't just vmap a buffer returned from dma_alloc_coherent,
> dma_alloc_coherent returns values are opaque and can't be used
> for virt_to_page.  Whatever that code did has already been broken
> per the DMA API contract and on many architectures and just happend
> to work on x86 by accident.

Hmm, that's bad.

How would be a proper way to get the virtually mapped SG-buffer pages
with coherent memory?  (Also allowing user-space mmap, too)


thanks,

Takashi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ