lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 27 Oct 2022 13:34:56 +0300
From:   Dmitry Osipenko <dmitry.osipenko@...labora.com>
To:     Christian König <christian.koenig@....com>,
        Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>,
        Maxime Ripard <mripard@...nel.org>,
        Sumit Semwal <sumit.semwal@...aro.org>,
        Thomas Zimmermann <tzimmermann@...e.de>,
        David Airlie <airlied@...il.com>,
        Daniel Vetter <daniel@...ll.ch>, noralf@...nnes.org,
        Dan Carpenter <dan.carpenter@...cle.com>
Cc:     dri-devel@...ts.freedesktop.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 1/2] dma-buf: Make locking consistent in
 dma_buf_detach()

On 10/27/22 09:13, Christian König wrote:
> Am 27.10.22 um 00:46 schrieb Dmitry Osipenko:
>> The dma_buf_detach() locks attach->dmabuf->resv and then unlocks
>> dmabuf->resv, which could be a two different locks from a static
>> code checker perspective. In particular this triggers Smatch to
>> report the "double unlock" error. Make the locking pointers consistent.
>>
>> Reported-by: Dan Carpenter <dan.carpenter@...cle.com>
>> Link: https://lore.kernel.org/dri-devel/Y1fLfsccW3AS%2Fo+%2F@kili/
>> Fixes: 809d9c72c2f8 ("dma-buf: Move dma_buf_attach() to dynamic
>> locking specification")
>> Signed-off-by: Dmitry Osipenko <dmitry.osipenko@...labora.com>
> 
> It would be even cleaner if we completely drop the dmabuf parameter for
> the function and just use the inside the attachment.
> 
> Anyway patch is Reviewed-by: Christian König <christian.koenig@....com>
> for now, wider cleanups can come later on.

I had the same thought about dropping the dmabuf parameter.

Looking at this patch again, perhaps a better dmabuf sanity-check will be:

- 	if (WARN_ON(!dmabuf || !attach))
+ 	if (WARN_ON(!dmabuf || !attach || dmabuf != attach->dmabuf))

I'll switch to this version in v2, if there are no objections.

> 
>> ---
>>   drivers/dma-buf/dma-buf.c | 3 ++-
>>   1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c
>> index c40d72d318fd..6e33ef4fde34 100644
>> --- a/drivers/dma-buf/dma-buf.c
>> +++ b/drivers/dma-buf/dma-buf.c
>> @@ -998,9 +998,10 @@ void dma_buf_detach(struct dma_buf *dmabuf,
>> struct dma_buf_attachment *attach)
>>       if (WARN_ON(!dmabuf || !attach))
>>           return;
>>   -    dma_resv_lock(attach->dmabuf->resv, NULL);
>> +    dma_resv_lock(dmabuf->resv, NULL);
>>         if (attach->sgt) {
>> +        WARN_ON(dmabuf != attach->dmabuf);
>>             __unmap_dma_buf(attach, attach->sgt, attach->dir);
>>   
> 

-- 
Best regards,
Dmitry

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ