Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp1043497ybp; Fri, 11 Oct 2019 08:10:36 -0700 (PDT) X-Google-Smtp-Source: APXvYqzFNaKz99hvITyvac/G/LoSB+B6nvOZVA9mTx2NuF5jBmg0K4AEppIKMwY/st67MdW6UNZr X-Received: by 2002:a17:906:f258:: with SMTP id gy24mr14627474ejb.25.1570806636659; Fri, 11 Oct 2019 08:10:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570806636; cv=none; d=google.com; s=arc-20160816; b=IDV5RIDtkCuAQqx/KNisrveCgx3x9Ta9xZkB8PS1EsSGHkt0/T9Kb/KNUqk6lPBZZL 1YCf/bBg94jQmiwO6D194XISVdEoyKG6thcSRGWQ7qPBg7fhAsrOaak3i7FKUNQJUWes ikPQl4/qLXqB3luArniDKzb/IvwlVAyHyarPWeBczW6GDpoqkrguNnGHV5NNgmzh4jXA zCboU3GpZvP0V/zwRuXs12loGQuzU9wnR4BaVj3/Uohd3GLmGFHijPz9B4HW8pMrReOX kYhWsgFZKoMXYJP7LZzghElb+jtQUDPrydDnpeCqaWRLnwsRGneWeuDUM5euqI6oKfwE 3siw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=hMl8/iSyAmqW49EcpjM3yi0cAtVtpavlAXFFaWcm6ik=; b=ULIi78sRDWiIqXhkpSsDK1FvEIL7e+1sGuSv8uGvmoZTQrUpUWF0tE9dEo2bdPjmGV FSEdXCkDi6XINfJfsyf3yzgRSI4Y6vpqAkOEqXVG2gi8Yk/1RfMfoiPi/gvLamgj6it+ XTTbRwTgDpvCJZPs8UBtfxuJRhSVj5p4EQMTBt2J9slVFnorKjLRwpxSZjX92pBNunef jgWBwmOakCJQ3qR2cQMoFkNDTI5baUJNltO95QCMLbiSBlivapSb0ceDZvQPZAZn9mAH X3sLH9c0PJs8F66MwiYH7KXX2XwfQoCpzfyicKC6LPRNu9R2a8tFSiaPIcVpyRoMp4gU 3bKQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=gfj56F35; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a7si5388871ejy.131.2019.10.11.08.10.12; Fri, 11 Oct 2019 08:10:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=gfj56F35; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727996AbfJKPGu (ORCPT + 99 others); Fri, 11 Oct 2019 11:06:50 -0400 Received: from mail.kernel.org ([198.145.29.99]:46846 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726332AbfJKPGt (ORCPT ); Fri, 11 Oct 2019 11:06:49 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 73948206CD; Fri, 11 Oct 2019 15:06:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1570806409; bh=6u22eQMxqkrsYk72ZwygUnfNpqOnzMaqtO/hpkzgc8c=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=gfj56F35BeBeTrdkFO1TJu+G+xclftJXP4w4kK9upDLZRbPSLicd41mwki/Hg83QN O4i4TaJuwCW3ss0Y8vLI+1XUroo2bhG3bJrFsc0msSE2EgzGAFz5h84D4vlqpRwFDi TaC4qIJ6XesoFJkISOqyIomFVrooVe45EL00i82I= Date: Fri, 11 Oct 2019 17:06:46 +0200 From: Greg Kroah-Hartman To: Alan Stern Cc: Andrey Konovalov , Jaskaran Singh , syzbot , Alexander Potapenko , LKML , USB list , syzkaller-bugs , usb-storage@lists.one-eyed-alien.net Subject: Re: KMSAN: uninit-value in alauda_check_media Message-ID: <20191011150646.GA1240544@kroah.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.12.2 (2019-09-21) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Oct 11, 2019 at 10:53:47AM -0400, Alan Stern wrote: > On Fri, 11 Oct 2019, Andrey Konovalov wrote: > > > On Fri, Oct 11, 2019 at 4:08 PM Alan Stern wrote: > > > > Now yes, it's true that defining status as an array on the stack is > > > also a bug, since USB transfer buffers are not allowed to be stack > > > variables. > > > > Hi Alan, > > > > I'm curious, what is the reason for disallowing that? Should we try to > > somehow detect such cases automatically? > > Transfer buffers are read and written by DMA. On systems that don't > have cache-coherent DMA controllers, it is essential that the CPU does > not access any cache line involved in a DMA transfer while the transfer > is in progress. Otherwise the data in the cache would be different > from the data in the buffer, leading to corruption. > > (In theory it would be okay for the CPU to read (not write!) a cache > line assigned to a buffer for a DMA write (not read!) transfer. But > even doing that isn't really a good idea.) > > (Also, this isn't an issue for x86 architectures, because x86 has > cache-coherent DMA. But it is an issue on other architectures.) > > In practice, this means transfer buffers have to be allocated by > something like kmalloc, so that they occupies their own separate set of > cache lines. Buffers on the stack obviously don't satisfy this > requirement. > > At some point there was a discussion about automatically detecting when > on-stack (or otherwise invalid) buffers are used for DMA transfers. I > don't recall what the outcome was. A patchset from Kees was sent, but it needs a bit more work... thanks, greg k-h