From: Robert Hancock <hancockrwd@gmail.com>
To: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
Cc: linux-ide@vger.kernel.org, cebbert@redhat.com
Subject: Re: ahci 0000:00:1f.2: DMA-API: device driver maps memory from stack
Date: Fri, 27 Feb 2009 23:21:47 -0600 [thread overview]
Message-ID: <49A8C9EB.3080803@gmail.com> (raw)
In-Reply-To: <20090228125014J.fujita.tomonori@lab.ntt.co.jp>
FUJITA Tomonori wrote:
>> One could print out where buf points in
>> this function and see if that is the case. Sense buffer gets allocated
>> by the SCSI layer..
>
> I guess that SCSI-ml doesn't use a buffer on the stack for
> scmd->sense_buffer... atapi_eh_clear_ua() looks guilty?
>
>
> static int atapi_eh_clear_ua(struct ata_device *dev)
> {
> int i;
>
> for (i = 0; i < ATA_EH_UA_TRIES; i++) {
> u8 sense_buffer[SCSI_SENSE_BUFFERSIZE];
> u8 sense_key = 0;
> unsigned int err_mask;
>
> err_mask = atapi_eh_tur(dev, &sense_key);
> if (err_mask != 0 && err_mask != AC_ERR_DEV) {
> ata_dev_printk(dev, KERN_WARNING, "TEST_UNIT_READY "
> "failed (err_mask=0x%x)\n", err_mask);
> return -EIO;
> }
>
> if (!err_mask || sense_key != UNIT_ATTENTION)
> return 0;
>
> err_mask = atapi_eh_request_sense(dev, sense_buffer, sense_key);
>
I don't think this is the path that Chuck's warning came through, that
one looks like atapi_eh_request_sense. But yeah, this code does look
bad, we DMA into that sense buffer so it can't be on the stack.
prev parent reply other threads:[~2009-02-28 5:21 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-02-27 23:42 ahci 0000:00:1f.2: DMA-API: device driver maps memory from stack Chuck Ebbert
2009-02-28 2:38 ` Robert Hancock
2009-02-28 3:50 ` FUJITA Tomonori
2009-02-28 5:21 ` Robert Hancock [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49A8C9EB.3080803@gmail.com \
--to=hancockrwd@gmail.com \
--cc=cebbert@redhat.com \
--cc=fujita.tomonori@lab.ntt.co.jp \
--cc=linux-ide@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.