lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 15 Feb 2024 19:27:23 +0530
From: Shivaprasad G Bhat <sbhat@...ux.ibm.com>
To: Michael Ellerman <mpe@...erman.id.au>, iommu@...ts.linux.dev,
        linuxppc-dev@...ts.ozlabs.org
Cc: linux-kernel@...r.kernel.org, npiggin@...il.com,
        christophe.leroy@...roup.eu, aneesh.kumar@...nel.org,
        naveen.n.rao@...ux.ibm.com, jgg@...pe.ca, jroedel@...e.de,
        tpearson@...torengineering.com, aik@....com, bgray@...ux.ibm.com,
        gregkh@...uxfoundation.org, gbatra@...ux.vnet.ibm.com,
        vaibhav@...ux.ibm.com, venkat88@...ux.vnet.ibm.com
Subject: Re: [PATCH v2] powerpc/iommu: Fix the iommu group reference leak
 during platform domain attach

On 2/15/24 08:01, Michael Ellerman wrote:
> Shivaprasad G Bhat <sbhat@...ux.ibm.com> writes:
>> The function spapr_tce_platform_iommu_attach_dev() is missing to call
>> iommu_group_put() when the domain is already set. This refcount leak
>> shows up with BUG_ON() during DLPAR remove operation as,
<snip>
>>    [c0000013aed5fd10] [c0000000005bfeb4] vfs_write+0xf8/0x488
>>    [c0000013aed5fdc0] [c0000000005c0570] ksys_write+0x84/0x140
>>    [c0000013aed5fe10] [c000000000033358] system_call_exception+0x138/0x330
>>    [c0000013aed5fe50] [c00000000000d05c] system_call_vectored_common+0x15c/0x2ec
>>    --- interrupt: 3000 at 0x20000433acb4
>>    <snip>
>>    ---[ end trace 0000000000000000 ]---
>>
>> The patch makes the iommu_group_get() call only when using it there by
>> avoiding the leak.
>>
>> Fixes: a8ca9fc9134c ("powerpc/iommu: Do not do platform domain attach atctions after probe")
>> Reported-by: Venkat Rao Bagalkote <venkat88@...ux.vnet.ibm.com>
>> Closes: https://lore.kernel.org/all/274e0d2b-b5cc-475e-94e6-8427e88e271d@linux.vnet.ibm.com
>> Signed-off-by: Shivaprasad G Bhat <sbhat@...ux.ibm.com>
>> ---
>> Changelog:
>> v1: https://lore.kernel.org/all/170784021983.6249.10039296655906636112.stgit@linux.ibm.com/
>>   - Minor refactor to call the iommu_group_get() only if required.
>>   - Updated the title, description and signature(Closes/Reported-by).
> Sorry I already applied v1.
>
> If you send this as a patch on top of v1 with a new change log I can
> merge it as a cleanup/rework.

I have posted the cleanup patch at 
https://lore.kernel.org/linux-iommu/170800513841.2411.13524607664262048895.stgit@linux.ibm.com/

Thank you!

Shivaprasad

> cheers

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ