From: Anton Blanchard <anton@samba.org>
To: Roland Dreier <roland@topspin.com>
Cc: linux-kernel@vger.kernel.org
Subject: Re: PCI DMA to small buffers on cache-incoherent arch
Date: Sat, 8 Jun 2002 23:58:45 +1000 [thread overview]
Message-ID: <20020608135845.GC4671@krispykreme> (raw)
In-Reply-To: <52vg8ta4ki.fsf@topspin.com>
> The problem that caused crashes on cache-incoherent architectures (my
> specific system uses a PPC 440GP but this should apply in general) was
> the following. The USB stack was doing PCI DMA into buffers that were
> allocated on the stack, which causes stack corruption: on the PPC
> 440GP, pci_map_single() with PCI_DMA_FROMDEVICE just invalidates the
> cache for the region being mapped. However, if a buffer is smaller
> than a cache line, then two bad things can happen.
Yes, DMAing to the stack is definitely a bug, thats mentioned in
Documentation/DMA-mapping.txt. We used to vmalloc our kernel stacks
on ppc64 and that picked up all sorts of DMA violations.
I just checked 2.5 and noticed the scsi code is _still_ DMAing to the
stack! Maybe it would be worth having a debug option for x86 where
it uses vmalloc for kernel stack allocation :)
Anyway attached is a patch from Todd Inglett that I updated for 2.5.
Anton
===== drivers/scsi/scsi_scan.c 1.13 vs edited =====
--- 1.13/drivers/scsi/scsi_scan.c Fri May 31 11:17:30 2002
+++ edited/drivers/scsi/scsi_scan.c Sun Jun 9 07:28:25 2002
@@ -368,7 +368,6 @@
unsigned int dev;
unsigned int lun;
unsigned char *scsi_result;
- unsigned char scsi_result0[256];
Scsi_Device *SDpnt;
Scsi_Device *SDtail;
@@ -390,9 +389,7 @@
*/
scsi_initialize_queue(SDpnt, shpnt);
SDpnt->request_queue.queuedata = (void *) SDpnt;
- /* Make sure we have something that is valid for DMA purposes */
- scsi_result = ((!shpnt->unchecked_isa_dma)
- ? &scsi_result0[0] : kmalloc(512, GFP_DMA));
+ scsi_result = kmalloc(512, GFP_DMA);
}
if (scsi_result == NULL) {
@@ -532,10 +529,9 @@
kfree((char *) SDpnt);
}
- /* If we allocated a buffer so we could do DMA, free it now */
- if (scsi_result != &scsi_result0[0] && scsi_result != NULL) {
- kfree(scsi_result);
- } {
+ kfree(scsi_result);
+
+ {
Scsi_Device *sdev;
Scsi_Cmnd *scmd;
===== drivers/scsi/sr_ioctl.c 1.13 vs edited =====
--- 1.13/drivers/scsi/sr_ioctl.c Thu May 23 23:18:39 2002
+++ edited/drivers/scsi/sr_ioctl.c Sun Jun 9 07:30:15 2002
@@ -344,7 +344,12 @@
Scsi_CD *SCp = cdi->handle;
u_char sr_cmd[10];
int result, target = minor(cdi->dev);
- unsigned char buffer[32];
+ unsigned char *buffer = kmalloc(512, GFP_DMA);
+
+ if (buffer == NULL) {
+ printk("SCSI DMA pool exhausted.");
+ return -ENOMEM;
+ }
memset(sr_cmd, 0, sizeof(sr_cmd));
@@ -417,6 +422,7 @@
return -EINVAL;
}
+ kfree(buffer);
#if 0
if (result)
printk("DEBUG: sr_audio: result for ioctl %x: %x\n", cmd, result);
next prev parent reply other threads:[~2002-06-08 21:44 UTC|newest]
Thread overview: 99+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-06-08 20:38 PCI DMA to small buffers on cache-incoherent arch Roland Dreier
2002-06-08 13:58 ` Anton Blanchard [this message]
2002-06-09 0:52 ` Roland Dreier
2002-06-08 23:03 ` David S. Miller
2002-06-09 0:40 ` Roland Dreier
2002-06-09 0:53 ` David S. Miller
2002-06-09 1:26 ` Roland Dreier
2002-06-09 5:29 ` David S. Miller
2002-06-09 6:16 ` Roland Dreier
2002-06-10 16:03 ` Roland Dreier
2002-06-11 14:04 ` David Woodhouse
2002-06-09 6:45 ` Oliver Neukum
2002-06-10 4:24 ` David S. Miller
2002-06-10 10:00 ` Oliver Neukum
2002-06-10 10:24 ` David S. Miller
2002-06-09 9:51 ` Paul Mackerras
2002-06-09 10:54 ` Benjamin Herrenschmidt
2002-06-10 4:27 ` David S. Miller
2002-06-10 15:59 ` Roland Dreier
2002-06-10 17:03 ` Tom Rini
2002-06-10 17:22 ` Oliver Neukum
2002-06-10 17:29 ` Tom Rini
2002-06-10 17:39 ` Oliver Neukum
2002-06-10 19:03 ` Roland Dreier
2002-06-10 19:14 ` Tom Rini
2002-06-10 19:21 ` Roland Dreier
2002-06-10 19:26 ` Tom Rini
2002-06-10 17:57 ` Russell King
2002-06-10 17:28 ` Roland Dreier
2002-06-10 18:07 ` William Jhun
2002-06-10 18:29 ` William Jhun
2002-06-10 18:33 ` Mark Zealey
2002-06-10 18:44 ` Oliver Neukum
2002-06-11 3:10 ` David S. Miller
2002-06-11 4:04 ` Roland Dreier
2002-06-11 4:16 ` Brad Hards
2002-06-11 4:24 ` Roland Dreier
2002-06-11 4:24 ` David S. Miller
2002-06-11 4:21 ` David S. Miller
2002-06-11 4:39 ` Roland Dreier
2002-06-11 4:38 ` David S. Miller
2002-06-11 6:23 ` Oliver Neukum
2002-06-11 6:38 ` David S. Miller
2002-06-11 7:38 ` Oliver Neukum
2002-06-11 7:36 ` David S. Miller
2002-06-11 7:43 ` David S. Miller
2002-06-11 8:07 ` Oliver Neukum
2002-06-11 8:15 ` David S. Miller
2002-06-11 12:06 ` Oliver Neukum
2002-06-11 12:04 ` David S. Miller
2002-06-11 14:23 ` Oliver Neukum
2002-06-14 4:14 ` David S. Miller
2002-06-11 18:26 ` Roland Dreier
2002-06-11 17:29 ` Benjamin Herrenschmidt
2002-06-12 12:02 ` Oliver Neukum
2002-06-11 20:06 ` Benjamin Herrenschmidt
2002-06-12 12:02 ` David S. Miller
2002-06-11 23:00 ` Thunder from the hill
2002-06-11 23:56 ` Roland Dreier
2002-06-12 0:09 ` Thunder from the hill
2002-06-11 15:57 ` William Jhun
2002-06-12 9:06 ` Pavel Machek
2002-06-12 20:16 ` David S. Miller
2002-06-12 11:47 ` David S. Miller
2002-06-12 12:08 ` Oliver Neukum
2002-06-14 4:41 ` David S. Miller
2002-06-12 16:09 ` William Jhun
2002-06-09 1:30 ` Albert D. Cahalan
2002-06-09 5:29 ` David S. Miller
2002-06-09 6:33 ` Albert D. Cahalan
2002-06-09 6:50 ` Oliver Neukum
2002-06-09 6:57 ` Albert D. Cahalan
2002-06-09 7:15 ` Oliver Neukum
2002-06-09 8:48 ` Russell King
2002-06-09 15:42 ` Albert D. Cahalan
2002-06-09 23:26 ` Oliver Neukum
-- strict thread matches above, loose matches on Subject: below --
2002-06-11 5:31 David Brownell
2002-06-11 5:44 ` David S. Miller
2002-06-11 15:12 ` David Brownell
2002-06-11 15:44 ` Oliver Neukum
2002-06-12 3:25 ` David S. Miller
2002-06-11 17:33 ` Benjamin Herrenschmidt
2002-06-12 9:42 ` David S. Miller
2002-06-12 14:14 ` David Brownell
2002-06-12 15:00 ` Benjamin Herrenschmidt
2002-06-12 18:44 ` Roland Dreier
2002-06-12 19:13 ` David Brownell
2002-06-12 19:58 ` Oliver Neukum
2002-06-12 22:51 ` David S. Miller
2002-06-12 23:17 ` Oliver Neukum
2002-06-13 4:57 ` David Brownell
2002-06-12 22:46 ` David S. Miller
2002-06-13 5:13 ` David Brownell
2002-06-13 9:38 ` David S. Miller
2002-06-12 22:50 ` David S. Miller
2002-06-12 6:25 ` David Brownell
2002-06-12 6:24 ` David S. Miller
2002-06-12 7:06 ` David Brownell
2002-06-12 9:22 ` David S. Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20020608135845.GC4671@krispykreme \
--to=anton@samba.org \
--cc=linux-kernel@vger.kernel.org \
--cc=roland@topspin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.