| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 5 Jul 2021 20:52:51 +0200
From: Gerald Schaefer <gerald.schaefer@...ux.ibm.com>
To: Christoph Hellwig <hch@....de>, <iommu@...ts.linux-foundation.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
linux-s390 <linux-s390@...r.kernel.org>,
Niklas Schnelle <schnelle@...ux.ibm.com>
Subject: [RFC PATCH 0/1] dma-debug: fix check_for_illegal_area() in debug_dma_map_sg()
The following warning occurred sporadically on s390:
DMA-API: nvme 0006:00:00.0: device driver maps memory from kernel text or rodata [addr=0000000048cc5e2f] [len=131072]
WARNING: CPU: 4 PID: 825 at kernel/dma/debug.c:1083 check_for_illegal_area+0xa8/0x138
It is a false-positive warning, due to a broken logic in debug_dma_map_sg(),
see patch description. In short, the check is mixing up kernel start address
for sg elements with the length of possibly combined sg elements in the DMA
address space.
I am a bit confused by the whole logic, and not sure what would be the best
way to fix this. The false-postives should have been possible since commit
884d05970bfb ("dma-debug: use sg_dma_len accessor"), which is included since
2.6.31. Also, it seems to me that even before that commit, the check would
have been wrong, or at least incomplete, because it is located in a loop
that iterates over mapped_ents instead of nents. So it would not check all
physical sg elements if any were combined in DMA address space.
Gerald Schaefer (1):
dma-debug: fix check_for_illegal_area() in debug_dma_map_sg()
kernel/dma/debug.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
--
2.25.1
Powered by blists - more mailing lists