lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 17 Sep 2020 10:47:26 -0700
From:   John Hubbard <jhubbard@...dia.com>
To:     Ira Weiny <ira.weiny@...el.com>,
        Dan Carpenter <dan.carpenter@...cle.com>
CC:     Souptick Joarder <jrdr.linux@...il.com>,
        <mporter@...nel.crashing.org>, <alex.bou9@...il.com>,
        <akpm@...ux-foundation.org>, <gustavoars@...nel.org>,
        <madhuparnabhowmik10@...il.com>, <linux-kernel@...r.kernel.org>,
        "Matthew Wilcox" <willy@...radead.org>
Subject: Re: [linux-next PATCH] rapidio: Fix error handling path

On 9/17/20 10:34 AM, Ira Weiny wrote:
> On Thu, Sep 17, 2020 at 03:39:51PM +0300, Dan Carpenter wrote:
>> On Wed, Sep 16, 2020 at 01:02:32PM +0300, Dan Carpenter wrote:
>>> On Wed, Sep 16, 2020 at 09:12:17AM +0530, Souptick Joarder wrote:
>>>> There is an error when pin_user_pages_fast() returns -ERRNO and
>>>> inside error handling path driver end up calling unpin_user_pages()
>>>> with -ERRNO which is not correct.
>>>>
>>>> This patch will fix the problem.
>>>
>>> There are a few ways we could prevent bug in the future.
>>>
>>> 1) This could have been caught with existing static analysis tools
>>>     which warn about when a value is set but not used.
>>>
>>> 2) I've created a Smatch check which warngs about:
>>>
>>> 	drivers/rapidio/devices/rio_mport_cdev.c:955 rio_dma_transfer() warn: unpinning negative pages 'nr_pages'
>>>
>>>     I'll test it out tonight and see how well it works.  I don't
>>>     immediately see any other bugs allthough Smatch doesn't like the code
>>>     in siw_umem_release().  It uses "min_t(int" which suggests that
>>>     negative pages are okay.
>>>
>>> 	   int to_free = min_t(int, PAGES_PER_CHUNK, num_pages);
>>>
>>
>> I only found one bug but I'm going to add unpin_user_pages_dirty_lock()
>> to the mix a retest.  There were a few other false positives.  In
>> reviewing the code, I noticed that orangefs_bufmap_map() is also buggy.
>>
>> I sort of feel like returning partial successes is not working.  We
>> could easily make a wrapper which either pins everything or it returns
>> an error code.

Yes we could. And I have the same feeling about this API. It's generated a
remarkable amount of bug fixes, several of which ended up being partial or
wrong in themselves. And mostly this is due to the complicated tristate
return code: instead of 0 or -ERRNO, it also can return "N pages that is
less than what you requested", and there are no standard helpers in the kernel
to make that easier to deal with.

> 
> I guess the question is are there drivers which will keep working (or limp
> along?) on partial pins?  A quick search of a driver I thought did this does
> not apparently any more...  So it sounds good to me from 30,000 feet!  :-D

It sounds good to me too--and from just a *few hundred feet* (having touched most
of the call sites at some point)! haha :)

I think the wrapper should be short-term, though, just until all the callers
are converted to the simpler API. Then change the core gup/pup calls to the simpler
API. There are more than enough gup/pup API entry points as it is, that's for sure.


thanks,
-- 
John Hubbard
NVIDIA

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ