lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAL_JsqJiCKW0ny=_ueq=A7RH3octpEhN+KZuLZhbNEHusyjcig@mail.gmail.com>
Date:	Wed, 28 Jan 2015 09:45:19 -0600
From:	Rob Herring <robherring2@...il.com>
To:	Catalin Marinas <catalin.marinas@....com>
Cc:	Murali Karicheri <m-karicheri2@...com>,
	Robin Murphy <Robin.Murphy@....com>,
	"devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
	Russell King <linux@....linux.org.uk>,
	Arnd Bergmann <arnd@...db.de>,
	"linux-pci@...r.kernel.org" <linux-pci@...r.kernel.org>,
	Joerg Roedel <joro@...tes.org>,
	Will Deacon <Will.Deacon@....com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"grant.likely@...aro.org" <grant.likely@...aro.org>,
	"iommu@...ts.linux-foundation.org" <iommu@...ts.linux-foundation.org>,
	Rob Herring <robh+dt@...nel.org>,
	"suravee.suthikulpanit@....com" <suravee.suthikulpanit@....com>,
	Bjorn Helgaas <bhelgaas@...gle.com>,
	"linux-arm-kernel@...ts.infradead.org" 
	<linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH v4 3/6] of: fix size when dma-range is not used

On Wed, Jan 28, 2015 at 5:05 AM, Catalin Marinas
<catalin.marinas@....com> wrote:
> On Tue, Jan 27, 2015 at 06:55:15PM +0000, Murali Karicheri wrote:
>> On 01/27/2015 06:27 AM, Robin Murphy wrote:
>> > On 23/01/15 22:32, Murali Karicheri wrote:
>> >> Fix the dma-range size when the DT attribute is missing. i.e set size to
>> >> dev->coherent_dma_mask + 1 instead of dev->coherent_dma_mask. To detect
>> >> overflow when mask is set to max of u64, add a check, log error and
>> >> return.
>> >> Some platform use mask format for size in DTS. So add a work around to
>> >> catch this and fix.
>> >>
>> >> Cc: Joerg Roedel <joro@...tes.org>
>> >> Cc: Grant Likely <grant.likely@...aro.org>
>> >> Cc: Rob Herring <robh+dt@...nel.org>
>> >> Cc: Bjorn Helgaas <bhelgaas@...gle.com>
>> >> Cc: Will Deacon <will.deacon@....com>
>> >> Cc: Russell King <linux@....linux.org.uk>
>> >> Cc: Arnd Bergmann <arnd@...db.de>
>> >> Cc: Suravee Suthikulpanit <Suravee.Suthikulpanit@....com>
>> >>
>> >> Signed-off-by: Murali Karicheri <m-karicheri2@...com>
>> >> ---
>> >> drivers/of/device.c | 14 +++++++++++++-
>> >> 1 file changed, 13 insertions(+), 1 deletion(-)
>> >>
>> >> diff --git a/drivers/of/device.c b/drivers/of/device.c
>> >> index 2de320d..0a5ff54 100644
>> >> --- a/drivers/of/device.c
>> >> +++ b/drivers/of/device.c
>> >> @@ -105,12 +105,24 @@ void of_dma_configure(struct device *dev, struct
>> >> device_node *np)
>> >> ret = of_dma_get_range(np, &dma_addr, &paddr, &size);
>> >> if (ret < 0) {
>> >> dma_addr = offset = 0;
>> >> - size = dev->coherent_dma_mask;
>> >> + size = dev->coherent_dma_mask + 1;
>> >> } else {
>> >> offset = PFN_DOWN(paddr - dma_addr);
>> >> + /*
>> >> + * Add a work around to treat the size as mask + 1 in case
>> >> + * it is defined in DT as a mask.
>> >> + */
>> >> + if (size & 1)
>> >> + size = size + 1;
>> >> dev_dbg(dev, "dma_pfn_offset(%#08lx)\n", offset);
>> >> }
>> >>
>> >> + /* if size is 0, we have an overflow of u64 */
>> >> + if (!size) {
>> >> + dev_err(dev, "invalid size\n");
>> >> + return;
>> >> + }
>> >> +
>> >
>> > This seems potentially fragile to dodgy DTs given that we might also be
>> > using size to make a mask later. Would it make sense to double-up a
>> > sanity check as mask-format detection? Something like:
>> >
>> > if is_power_of_2(size)
>> > // use size
>> > else if is_power_of_2(size + 1)
>> > // use size + 1
>> > else
>> > // cry
>>
>> How about having the logic like this?
>>
>>       ret = of_dma_get_range(np, &dma_addr, &paddr, &size);
>>       if (ret < 0) {
>>               dma_addr = offset = 0;
>>               size = dev->coherent_dma_mask + 1;
>>       } else {
>>               offset = PFN_DOWN(paddr - dma_addr);
>>               dev_dbg(dev, "dma_pfn_offset(%#08lx)\n", offset);
>>       }
>>
>>       if (is_power_of_2(size + 1))
>>               size = size + 1;
>>       else if (!is_power_of_2(size))
>>       {
>>               dev_err(dev, "invalid size\n");
>>               return;
>>       }
>
> In of_dma_configure(), we currently assume that the default coherent
> mask is 32-bit. In this thread:
>
> http://article.gmane.org/gmane.linux.kernel/1835096
>
> we talked about setting the coherent mask based on size automatically.
> I'm not sure about the size but I think we can assume is 32-bit mask + 1
> if it is not specified in the DT. Instead of just assuming a default
> mask, let's assume a default size and create the mask based on this
> (untested):
>
> diff --git a/drivers/of/platform.c b/drivers/of/platform.c
> index 5b33c6a21807..9ff8d1286b44 100644
> --- a/drivers/of/platform.c
> +++ b/drivers/of/platform.c
> @@ -170,10 +170,10 @@ static void of_dma_configure(struct device *dev)
>         struct iommu_ops *iommu;
>
>         /*
> -        * Set default dma-mask to 32 bit. Drivers are expected to setup
> -        * the correct supported dma_mask.
> +        * Set default size to cover the 32-bit. Drivers are expected to setup
> +        * the correct size and dma_mask.
>          */
> -       dev->coherent_dma_mask = DMA_BIT_MASK(32);
> +       size = 1ULL << 32;
>
>         /*
>          * Set it to coherent_dma_mask by default if the architecture
> @@ -185,13 +185,24 @@ static void of_dma_configure(struct device *dev)
>         ret = of_dma_get_range(dev->of_node, &dma_addr, &paddr, &size);
>         if (ret < 0) {
>                 dma_addr = offset = 0;
> -               size = dev->coherent_dma_mask;

Are we assuming dma_addr, paddr and size are not touched on error? If
so, we can get rid of this clause entirely.

>         } else {
>                 offset = PFN_DOWN(paddr - dma_addr);
>                 dev_dbg(dev, "dma_pfn_offset(%#08lx)\n", dev->dma_pfn_offset);
>         }
>         dev->dma_pfn_offset = offset;
>
> +       /*
> +        * Workaround for DTs setting the size to a mask or 0.
> +        */
> +       if (is_power_of_2(size + 1))
> +               size += 1;

As I mentioned, I think power of 2 is too restrictive (from a DT
perspective even though the kernel may require a power of 2 here for
the mask). Just checking bit0 set should be enough.

Also, we need a WARN here so DTs get fixed.

> +
> +       /*
> +        * Coherent DMA masks larger than 32-bit must be explicitly set by the
> +        * driver.
> +        */
> +       dev->coherent_dma_mask = min(DMA_BIT_MASK(32), DMA_BIT_MASK(ilog2(size)));
> +
>         coherent = of_dma_is_coherent(dev->of_node);
>         dev_dbg(dev, "device is%sdma coherent\n",
>                 coherent ? " " : " not ");
>
> --
> Catalin
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ