lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150121184456.GA30346@red-moon>
Date:	Wed, 21 Jan 2015 18:44:56 +0000
From:	Lorenzo Pieralisi <lorenzo.pieralisi@....com>
To:	Bjorn Helgaas <bhelgaas@...gle.com>
Cc:	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Arnd Bergmann <arnd@...db.de>,
	Jesse Barnes <jbarnes@...tuousgeek.org>,
	Benjamin Herrenschmidt <benh@...nel.crashing.org>,
	Russell King <linux@....linux.org.uk>,
	"David S. Miller" <davem@...emloft.net>,
	Michal Simek <monstr@...str.eu>,
	Martin Wilck <martin.wilck@...fujitsu.com>,
	Linux PCI <linux-pci@...r.kernel.org>
Subject: Re: [RFC PATCH v3 1/2] drivers: pci: fix pci_mmap_fits()
 implementation for procfs mmap

Hi Bjorn,

On Fri, Nov 21, 2014 at 05:51:14PM +0000, Bjorn Helgaas wrote:
> On Thu, Nov 13, 2014 at 11:19:15AM +0000, Lorenzo Pieralisi wrote:
> > The introduction of pci_mmap_fits() in commit:
> > 
> > b5ff7df3df9efab511244d5a299fce706c71af48
> > "Check mapped ranges on sysfs resource files"
> > 
> > allowed to check for valid range mappings of PCI resources to user space
> > when mapping PCI resources through the sysfs filesystem.
> > 
> > The mapping of resources through the sysfs expects the offset passed
> > by the user through the mmap syscall to be 0, and the pgoff is adjusted
> > by the kernel to memory map the resource to the CPU physical address
> > corresponding to the PCI resource in question.
> > 
> > The usage of procfs mapping of PCI resources (/proc/bus/pci files)
> > is more controversial in that userspace programs mapping PCI resources
> > are expected to pass in the mmap offset field either a CPU physical address
> > or a PCI bar value, depending on the architecture.
> > 
> > By the time pci_mmap_fits() was used to check PCI resource ranges for
> > procfs PCI resources mapping in commit:
> > 
> > 9eff02e2042f96fb2aedd02e032eca1c5333d7
> > "PCI: check mmap range of /proc/bus/pci files too"
> > 
> > the procfs interface for mmapping resources to user space broke, since
> > pci_mmap_fits() expected the offset passed from user space in the mmap
> > call to be 0, not the CPU physical address or PCI BAR value of the
> > resource in question.
> > 
> > Subsequent attempts at fixing the pci_mmap_fits() implementation failed
> > to fix the issue (or fixed the issue in some architectures but not for
> > all of them, ARM and SPARC procfs interface PCI resources mapping stayed
> > broken throughout) in particular commits:
> > 
> > 8c05cd08a7504b855c265263e84af61aabafa329
> > "PCI: fix offset check for sysfs mmapped files"
> > 
> > and
> > 
> > 3b519e4ea618b6943a82931630872907f9ac2c2b
> > "PCI: fix size checks for mmap() on /proc/bus/pci files"
> > 
> > fixed procfs PCI resources mapping checks in pci_mmap_fits for some
> > architectures, but not for architectures like SPARC that expects
> > the offset value passed from user space through the mmap syscall
> > (when mapping through procfs) to represent the PCI BAR value of the
> > resource to be mapped.
> > 
> > The reason behind the breakage is the following. The addresses stored
> > in PCI device resources for memory spaces correspond to CPU physical
> > addresses, which do not necessarily map 1:1 to PCI bus addresses as
> > programmed in PCI devices configuration spaces.
> > 
> > This implies that the sanity checks carried out in pci_mmap_fits() to
> > ensure that the user executes an mmap of a "real" pci resource are
> > erroneous when executed through procfs. Some platforms (ie SPARC)
> > expect the offset value to be passed in (procfs mapping) to be the
> > PCI BAR configuration value as read from the PCI device configuration
> > space, not the fixed-up CPU physical address that is present in PCI
> > device resources.
> > 
> > The required pgoff (offset in mmap syscall) value passed from userspace
> > is supposed to represent the resource value exported through
> > /proc/bus/pci/devices when the resource is mmapped though procfs (and 0
> > when the mapping is carried out through sysfs resource files), which
> > corresponds to the PCI resource filtered through the pci_resource_to_user()
> > API.
> > 
> > This patch converts the PCI resource to the expected "user visible"
> > value through pci_resource_to_user() before carrying out sanity checks
> > in pci_mmap_fits() so that the check is carried out on the resource
> > values as expected from the userspace mmap API.
> > 
> > Cc: Arnd Bergmann <arnd@...db.de>
> > Cc: Jesse Barnes <jbarnes@...tuousgeek.org>
> > Cc: Bjorn Helgaas <bhelgaas@...gle.com>
> > Cc: Benjamin Herrenschmidt <benh@...nel.crashing.org>
> > Cc: Russell King <linux@....linux.org.uk>
> > Cc: David S. Miller <davem@...emloft.net>
> > Cc: Michal Simek <monstr@...str.eu>
> > Cc: Martin Wilck <martin.wilck@...fujitsu.com>
> > Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@....com>
> 
> Hi Lorenzo,
> 
> I think this patch is the right thing to do.  I'm going to try to write
> patches for microblaze, mips, powerpc, and sparc that implement their
> pci_resource_to_user() in terms of pcibios_resource_to_bus() (the patches
> are easy; it's the arguments for correctness that take time).  Then I'll
> try to convince myself that those arches are currently broken and will be
> fixed by your patch below.
> 
> But I'll be on vacation all next week, so this will take me some time and
> it may not make the next merge window.

I do not know if you had time to implement the patches above, I would
like to ask Russell to merge patch 2 of this series though, since (1) it
is a fix in the first place given the current proc/sys interface, and
(2) we need it to remove dependency on pcibios for arm64 drivers; I am
just waiting to merge patch 2 upstream since in a way it depends on your
decision on what the final proc/sys interface should look like and how
we implement it.

As things stand, patch 2 can be merged and fixes the current API on ARM.

Thanks,
Lorenzo

> 
> Bjorn
> 
> > ---
> >  drivers/pci/pci-sysfs.c | 13 ++++++++-----
> >  1 file changed, 8 insertions(+), 5 deletions(-)
> > 
> > diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
> > index 2c6643f..e4634e3 100644
> > --- a/drivers/pci/pci-sysfs.c
> > +++ b/drivers/pci/pci-sysfs.c
> > @@ -963,17 +963,20 @@ void pci_remove_legacy_files(struct pci_bus *b)
> >  int pci_mmap_fits(struct pci_dev *pdev, int resno, struct vm_area_struct *vma,
> >  		  enum pci_mmap_api mmap_api)
> >  {
> > -	unsigned long nr, start, size, pci_start;
> > +	unsigned long nr, start, size, pci_offset;
> > +	resource_size_t pci_start, pci_end;
> >  
> >  	if (pci_resource_len(pdev, resno) == 0)
> >  		return 0;
> >  	nr = vma_pages(vma);
> >  	start = vma->vm_pgoff;
> > +	pci_resource_to_user(pdev, resno, &pdev->resource[resno],
> > +			     &pci_start, &pci_end);
> >  	size = ((pci_resource_len(pdev, resno) - 1) >> PAGE_SHIFT) + 1;
> > -	pci_start = (mmap_api == PCI_MMAP_PROCFS) ?
> > -			pci_resource_start(pdev, resno) >> PAGE_SHIFT : 0;
> > -	if (start >= pci_start && start < pci_start + size &&
> > -			start + nr <= pci_start + size)
> > +	pci_offset = (mmap_api == PCI_MMAP_PROCFS) ?
> > +			pci_start >> PAGE_SHIFT : 0;
> > +	if (start >= pci_offset && start < pci_offset + size &&
> > +			start + nr <= pci_offset + size)
> >  		return 1;
> >  	return 0;
> >  }
> > -- 
> > 2.1.2
> > 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ