| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 03 Jul 2011 17:46:11 +0200 From: Eric Dumazet <eric.dumazet@...il.com> To: Alexey Zaytsev <alexey.zaytsev@...il.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, netdev@...r.kernel.org, Gary Zambrano <zambrano@...adcom.com>, bugme-daemon@...zilla.kernel.org, "David S. Miller" <davem@...emloft.net>, Pekka Pietikainen <pp@...oulu.fi>, Florian Schirmer <jolt@...box.org>, Felix Fietkau <nbd@...nwrt.org>, Michael Buesch <mb@...sch.de> Subject: Re: [Bugme-new] [Bug 38102] New: BUG kmalloc-2048: Poison overwritten Le dimanche 03 juillet 2011 à 01:25 +0400, Alexey Zaytsev a écrit : > On Fri, Jul 1, 2011 at 10:01, Alexey Zaytsev <alexey.zaytsev@...il.com> wrote: > > On Thu, Jun 30, 2011 at 01:51, Andrew Morton <akpm@...ux-foundation.org> wrote: > >> > >> (switched to email. Please respond via emailed reply-to-all, not via the > >> bugzilla web interface). > >> > >> On Thu, 23 Jun 2011 17:33:54 GMT > >> bugzilla-daemon@...zilla.kernel.org wrote: > >> > >>> https://bugzilla.kernel.org/show_bug.cgi?id=38102 > >>> > >>> Summary: BUG kmalloc-2048: Poison overwritten > >>> Product: Drivers > >>> Version: 2.5 > >>> Kernel Version: 3.0.0-rc4 > >> > >> Looks like a 2.6.38->2.6.39 regression, perhaps a memory scribble in b44. > > > > Actually, not sure about the version. 39 was the first one I've been > > using in the scenario. Checking older versions now. > > And git-log does not show a lot of changes to the b44 driver, so it > > might be something unrelated. > > > > I've checked back as far as 2.6.27, and the problem is still there. > I've also looked through the allocation-related code, and it seemed > sane. I'm not sure I understand the 1GB dma workaround, but this path > is never hit in my case. So adding the driver authors to CC. This > could be something different, but I've been unable to reproduce using > an other machine with an rtl8139 nic. Hmm, looking at b44 code, I believe there is a race there. Could you try following patch ? Thanks diff --git a/drivers/net/b44.c b/drivers/net/b44.c index a69331e..80f2fdc 100644 --- a/drivers/net/b44.c +++ b/drivers/net/b44.c @@ -689,9 +689,9 @@ static int b44_alloc_rx_skb(struct b44 *bp, int src_idx, u32 dest_idx_unmasked) ctrl |= DESC_CTRL_EOT; dp = &bp->rx_ring[dest_idx]; - dp->ctrl = cpu_to_le32(ctrl); dp->addr = cpu_to_le32((u32) mapping + bp->dma_offset); - + wmb(); + dp->ctrl = cpu_to_le32(ctrl); if (bp->flags & B44_FLAG_RX_RING_HACK) b44_sync_dma_desc_for_device(bp->sdev, bp->rx_ring_dma, dest_idx * sizeof(*dp), -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists