lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 12 Oct 2021 16:10:46 +0200
From:   Pierre Morel <pmorel@...ux.ibm.com>
To:     Cornelia Huck <cohuck@...hat.com>,
        Halil Pasic <pasic@...ux.ibm.com>,
        Vineeth Vijayan <vneethv@...ux.ibm.com>,
        Peter Oberparleiter <oberpar@...ux.ibm.com>,
        Heiko Carstens <hca@...ux.ibm.com>,
        Vasily Gorbik <gor@...ux.ibm.com>,
        Christian Borntraeger <borntraeger@...ibm.com>,
        Michael Mueller <mimu@...ux.ibm.com>,
        linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:     stable@...r.kernel.org, bfu@...hat.com
Subject: Re: [RFC PATCH 1/1] s390/cio: make ccw_device_dma_* more robust



On 10/11/21 16:33, Cornelia Huck wrote:
> On Mon, Oct 11 2021, Pierre Morel <pmorel@...ux.ibm.com> wrote:
> 
>> On 10/11/21 1:59 PM, Halil Pasic wrote:
>>> diff --git a/drivers/s390/cio/device_ops.c b/drivers/s390/cio/device_ops.c
>>> index 0fe7b2f2e7f5..c533d1dadc6b 100644
>>> --- a/drivers/s390/cio/device_ops.c
>>> +++ b/drivers/s390/cio/device_ops.c
>>> @@ -825,13 +825,23 @@ EXPORT_SYMBOL_GPL(ccw_device_get_chid);
>>>     */
>>>    void *ccw_device_dma_zalloc(struct ccw_device *cdev, size_t size)
>>>    {
>>> -	return cio_gp_dma_zalloc(cdev->private->dma_pool, &cdev->dev, size);
>>> +	void *addr;
>>> +
>>> +	if (!get_device(&cdev->dev))
>>> +		return NULL;
>>> +	addr = cio_gp_dma_zalloc(cdev->private->dma_pool, &cdev->dev, size);
>>> +	if (IS_ERR_OR_NULL(addr))
>>
>> I can be wrong but it seems that only dma_alloc_coherent() used in
>> cio_gp_dma_zalloc() report an error but the error is ignored and used as
>> a valid pointer.
> 
> Hm, I thought dma_alloc_coherent() returned either NULL or a valid
> address?

hum, my bad, checked the wrong function, should have use my glasses or 
connect my brain.

> 
>>
>> So shouldn't we modify this function and just test for a NULL address here?
> 
> If I read cio_gp_dma_zalloc() correctly, we either get NULL or a valid
> address, so yes.
> 

-- 
Pierre Morel
IBM Lab Boeblingen

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ