lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Tue, 24 Feb 2015 09:12:43 +0000
From:	Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
To:	Mark Brown <broonie@...nel.org>
CC:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH 1/2] regmap: Add range check in _regmap_raw_read()



On 24/02/15 08:55, Mark Brown wrote:
> On Thu, Feb 19, 2015 at 01:02:03PM +0000, Srinivas Kandagatla wrote:
>
>> The culprit was in my test code, which I eventually fixed. However I would
>> have expected regmap to do some out of bound check before it tries to access
>> the register space.
>
>> If I try to do an out of bound access via regmap_read()/write() it throws up
>> an error, which is not the same with regmap_bulk_read/write() apis.
>
>> I was lucky that I got a page fault as the register range was just at page
>> boundary, but in cases where the range is not at page boundary, Its highly
>> likely that it could silently corrupt other memory location( specially in
>> write cases).
>
> The risk of page faults mostly only applies to memory mapped register
> maps - most register maps are on other buses where things are a bit less
> clear, we do often have writes to undocumented registers which aren't

Yes, my test was on memory mapped registers.

> included in the readability checks (indeed it's rare for anything to
> actually give us writability information for the write side).  As
> covered in earlier messages a part of this is a performance tradeoff,
> it's potentially expensive for us to do the checks on bulk I/O but for
> single register access it's much cheaper relative to the operation as a
> whole.

I totally agree with you on the performance overhead of checking every 
read/write, But on the other hand adding a single range check is better 
than no check with less/nil performance overhead.

>
> It's particularly interesting for MMIO actually as these devices are by
> far the most performance intensive, we don't have all the costs of the
> bus to mask what regmap is doing.
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ