Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934371AbcJUVEv (ORCPT ); Fri, 21 Oct 2016 17:04:51 -0400 Received: from mail-ua0-f173.google.com ([209.85.217.173]:36461 "EHLO mail-ua0-f173.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933706AbcJUVEt (ORCPT ); Fri, 21 Oct 2016 17:04:49 -0400 MIME-Version: 1.0 In-Reply-To: <20161021204809.14068-1-lersek@redhat.com> References: <20161021204809.14068-1-lersek@redhat.com> From: Andy Lutomirski Date: Fri, 21 Oct 2016 14:04:27 -0700 Message-ID: Subject: Re: [PATCH RESEND] hwrng: core - don't pass stack allocated buffer to rng->read() To: Laszlo Ersek Cc: linux-crypto@vger.kernel.org, "linux-kernel@vger.kernel.org" , "Richard W.M. Jones" , stable , Amit Shah , Andy Lutomirski , Herbert Xu , Kees Cook , Matt Mackall Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 993 Lines: 22 On Fri, Oct 21, 2016 at 1:48 PM, Laszlo Ersek wrote: > The virtio-rng backend for hwrng passes the buffer that it receives for > filling to sg_set_buf() directly, in: > > virtio_read() [drivers/char/hw_random/virtio-rng.c] > register_buffer() [drivers/char/hw_random/virtio-rng.c] > sg_init_one() [lib/scatterlist.c] > sg_set_buf() [include/linux/scatterlist.h] > > In turn, the sg_set_buf() function, when built with CONFIG_DEBUG_SG, > actively enforces (justifiedly) that the buffer used within the > scatter-gather list live in physically contiguous memory: > > BUG_ON(!virt_addr_valid(buf)); > > The combination of the above two facts means that whatever calls > virtio_read() -- via the hwrng.read() method -- has to allocate the > recipient buffer in physically contiguous memory. Indeed. This bug should be fixed by: https://git.kernel.org/cgit/linux/kernel/git/herbert/cryptodev-2.6.git/commit/?id=6d4952d9d9d4dc2bb9c0255d95a09405a1e958f7