lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 22 Oct 2014 19:38:31 -0400 From: Jonathan Toppins <jtoppins@...ulusnetworks.com> To: Crestez Dan Leonard <cdleonard@...il.com>, netdev@...r.kernel.org Subject: Re: [RFC] tcp md5 use of alloc_percpu On 10/22/14, 2:55 PM, Crestez Dan Leonard wrote: > sg_init_one does virt_addr on the pointer which assumes it is directly accessible. But the tcp_md5sig_pool pointer comes from alloc_percpu which can return memory from the vmalloc area after the pcpu_first_chunk is exhausted. This looks wrong to me. I'm am getting crashes on mips and I believe this to be the cause. Thinking about this more if the issue really is sg_init_one assumes a directly accessible memory region, can we just modify the zone allocation to GFP_DMA using alloc_percpu_gfp()? Does this satisfy the assumptions made by sg_init_one? diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index 1bec4e7..6924320 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -2889,7 +2889,7 @@ static void __tcp_alloc_md5sig_pool(void) int cpu; struct tcp_md5sig_pool __percpu *pool; - pool = alloc_percpu(struct tcp_md5sig_pool); + pool = alloc_percpu_gfp(struct tcp_md5sig_pool, GFP_DMA); if (!pool) return; -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists