lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20090109111936.GB17948@linux-mips.org>
Date:	Fri, 9 Jan 2009 11:19:36 +0000
From:	Ralf Baechle <ralf@...ux-mips.org>
To:	Haavard Skinnemoen <haavard.skinnemoen@...el.com>,
	linux-arch@...r.kernel.org
Cc:	Atsushi Nemoto <anemo@....ocn.ne.jp>, dan.j.williams@...el.com,
	linux-kernel@...r.kernel.org, maciej.sosnowski@...el.com
Subject: Re: [PATCH] dmatest: flush and invalidate destination buffer
	before DMA

On Thu, Jan 08, 2009 at 09:36:03AM +0100, Haavard Skinnemoen wrote:

> In the general case, however, I think MIPS has a bug: I've seen drivers
> DMA to/from tiny buffers stored inside another struct. This is legal
> because the driver can guarantee that the other fields in the struct
> aren't accessed in the mean time, but any fields sharing a cacheline
> with the buffer must be written back before the lines are invalidated.

Depending on the implementation details, the use of such a struct might be
relying on implementation-specific behaviour.  This is what
Documentation/DMA-API.txt has to say:

[...]
int
dma_get_cache_alignment(void)

Returns the processor cache alignment.  This is the absolute minimum
alignment *and* width that you must observe when either mapping
memory or doing partial flushes.

Notes: This API may return a number *larger* than the actual cache
line, but it will guarantee that one or more cache lines fit exactly
into the width returned by this call.  It will also always be a power
of two for easy alignment.
[...]

Since dma_get_cache_alignment() is a function not a constant its result
can't be used in the definition of a struct unless possibly excessive
padding is used.

The debate has shown that we problably need BUG_ON() assertions in the
DMA API implementations to catch this sort of dangerous use.

  Ralf
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ