lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1245767657.16488.38.camel@pc1117.cambridge.arm.com>
Date:	Tue, 23 Jun 2009 15:34:17 +0100
From:	Catalin Marinas <catalin.marinas@....com>
To:	Russell King - ARM Linux <linux@....linux.org.uk>
Cc:	Sudeep K N <sudeepholla.maillist@...il.com>,
	linux-arm-kernel@...ts.arm.linux.org.uk, drzeus-mmc@...eus.cx,
	linux-kernel@...r.kernel.org, linux-ide@...r.kernel.org
Subject: Re: Rootfs in eMMC: Kernel panic ...Attempted to kill init!

On Mon, 2009-06-22 at 17:46 +0100, Russell King - ARM Linux wrote:
> On Mon, Jun 22, 2009 at 05:13:16PM +0100, Catalin Marinas wrote:
> > In my case (ext2 over pata_platform), there is no flush_dcache_page()
> > call after the page was written with data from the CompactFlash (neither
> > the driver nor the VFS layer do this and we used hardware tracing to
> > double-check). When the page is mapped into user space,
> > update_mmu_cache() is called but the page hasn't been marked as dirty
> > and no D-cache flushing occurs. Calling flush_dcache_page() in
> > mpage_end_io_read() works around this issue.
> 
> As already covered, there's no chance of adding such a call to the
> generic kernel.  It's the responsibility of the drivers to ensure that
> data they read in hits the underlying page - in the same way that DMA
> does.

The patch below appears to solve the problem with CompactFlash using
pata_platform (I cc'ed linux-ide since the patch changes their code).
The patch only handles the read case but similarly it may need to handle
the write case if D-cache aliasing between user and kernel mappings
exists.

For the USB mass storage, I haven't yet figured out the best place to
call flush_dcache_page().



Call flush_dcache_page after PIO data transfer in libata-aff.c

From: Catalin Marinas <catalin.marinas@....com>

When reading data from an ATA device using PIO, the kernel dirties the
D-cache but there is no flush_dcache_page() call in ata_pio_sector().
Since neither the VFS layer calls this function, a subsequent
update_mmu_cache() is not aware of the dirty page which may lead to
cache incoherency in user space.

Signed-off-by: Catalin Marinas <catalin.marinas@....com>
---
 drivers/ata/libata-sff.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/drivers/ata/libata-sff.c b/drivers/ata/libata-sff.c
index bbbb1fa..2ae15c3 100644
--- a/drivers/ata/libata-sff.c
+++ b/drivers/ata/libata-sff.c
@@ -893,6 +893,9 @@ static void ata_pio_sector(struct ata_queued_cmd *qc)
 				       do_write);
 	}
 
+	if (!do_write)
+		flush_dcache_page(page);
+
 	qc->curbytes += qc->sect_size;
 	qc->cursg_ofs += qc->sect_size;
 

-- 
Catalin

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ