lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 09 Jun 2020 11:31:20 +0200
From:   Takashi Iwai <tiwai@...e.de>
To:     Christoph Hellwig <hch@....de>
Cc:     David Rientjes <rientjes@...gle.com>,
        "Alex Xu (Hello71)" <alex_y_xu@...oo.ca>,
        alsa-devel@...a-project.org, bp@...en8.de, hch@...radead.org,
        hpa@...or.com, linux-kernel@...r.kernel.org, mingo@...hat.com,
        Pavel Machek <pavel@....cz>, perex@...ex.cz,
        tglx@...utronix.de, tiwai@...e.com, x86@...nel.org
Subject: Re: next-0519 on thinkpad x60: sound related? window manager crash

On Tue, 09 Jun 2020 11:17:27 +0200,
Christoph Hellwig wrote:
> 
> On Tue, Jun 09, 2020 at 11:09:14AM +0200, Takashi Iwai wrote:
> > On Tue, 09 Jun 2020 10:43:05 +0200,
> > Christoph Hellwig wrote:
> > > 
> > > On Tue, Jun 09, 2020 at 10:05:26AM +0200, Takashi Iwai wrote:
> > > > > >From the disassembly it seems like a vmalloc allocation is NULL, which
> > > > > seems really weird as this patch shouldn't make a difference for them,
> > > > > and I also only see a single places that allocates the field, and that
> > > > > checks for an allocation failure.  But the sound code is a little
> > > > > hard to unwind sometimes.
> > > > 
> > > > It's not clear which sound device being affected, but if it's
> > > > HD-audio on x86, runtime->dma_area points to a vmapped buffer from
> > > > SG-pages allocated by dma_alloc_coherent().
> > > > 
> > > > OTOH, if it's a USB-audio, runtime->dma_area is a buffer by
> > > > vmalloc().
> > > 
> > > Err, you can't just vmap a buffer returned from dma_alloc_coherent,
> > > dma_alloc_coherent returns values are opaque and can't be used
> > > for virt_to_page.  Whatever that code did has already been broken
> > > per the DMA API contract and on many architectures and just happend
> > > to work on x86 by accident.
> > 
> > Hmm, that's bad.
> > 
> > How would be a proper way to get the virtually mapped SG-buffer pages
> > with coherent memory?  (Also allowing user-space mmap, too)
> 
> dma_mmap_coherent / dma_mmap_attrs for userspace.  We don't really
> have a good way for kernel space mappings.

And that's the missing piece right now...  :-<


Takashi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ