lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1425609282-16568-3-git-send-email-yanjiang.jin@windriver.com>
Date:	Fri, 6 Mar 2015 10:34:42 +0800
From:	<yanjiang.jin@...driver.com>
To:	<horia.geanta@...escale.com>, <herbert@...dor.apana.org.au>,
	<davem@...emloft.net>, <kim.phillips@...escale.com>
CC:	<ruchika.gupta@...escale.com>, <cristian.stoica@...escale.com>,
	<NiteshNarayanLal@...escale.com>, <linux-crypto@...r.kernel.org>,
	<linux-kernel@...r.kernel.org>, <jinyanjiang@...il.com>
Subject: [PATCH 2/2] crypto: caam_rng: fix rng_unmap_ctx's DMA_UNMAP size problem

From: Yanjiang Jin <yanjiang.jin@...driver.com>

Fix rng_unmap_ctx's DMA_UNMAP size problem for caam_rng, else system would
report the below calltrace during cleanup caam_rng.
Since rng_create_sh_desc() creates a fixed descriptor of exactly 4
command-lengths now, also update DESC_RNG_LEN to (4 * CAAM_CMD_SZ).

caam_jr ffe301000.jr: DMA-API: device driver frees DMA memory with different size [device address=0x000000007f080010] [map size=16 bytes] [unmap size=40 bytes]
------------[ cut here ]------------
WARNING: at lib/dma-debug.c:887
Modules linked in:
task: c0000000f7cdaa80 ti: c0000000e5340000 task.ti: c0000000e5340000
NIP: c0000000004f5bc8 LR: c0000000004f5bc4 CTR: c0000000005f69b0
REGS: c0000000e53433c0 TRAP: 0700   Not tainted
MSR: 0000000080029000 <CE,EE,ME>  CR: 24088482  XER: 00000000
SOFTE: 0

GPR00: c0000000004f5bc4 c0000000e5343640 c0000000012af360 000000000000009f
GPR04: 0000000000000000 00000000000000a0 c000000000d02070 c000000015980660
GPR08: c000000000cff360 0000000000000000 0000000000000000 c0000000012da018
GPR12: 00000000000001e3 c000000001fff780 00000000100f0000 0000000000000001
GPR16: 0000000000000002 0000000000000000 0000000000000000 0000000000000000
GPR20: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000001
GPR24: 0000000000000001 0000000000000001 0000000000000000 0000000000000001
GPR28: c000000001556b90 c000000001565b80 c0000000e5343750 c0000000f9427480
NIP [c0000000004f5bc8] .check_unmap+0x538/0x9c0
LR [c0000000004f5bc4] .check_unmap+0x534/0x9c0
Call Trace:
[c0000000e5343640] [c0000000004f5bc4] .check_unmap+0x534/0x9c0 (unreliable)
[c0000000e53436e0] [c0000000004f60d4] .debug_dma_unmap_page+0x84/0xb0
[c0000000e5343810] [c00000000082f9d4] .caam_cleanup+0x1d4/0x240
[c0000000e53438a0] [c00000000056cc88] .hwrng_unregister+0xd8/0x1c0
Instruction dump:
7c641b78 41de0410 e8a90050 2fa50000 419e0484 e8de0028 e8ff0030 3c62ff90
e91e0030 38638388 48546ed9 60000000 <0fe00000> 3c62ff8f 38637fc8 48546ec5
---[ end trace e43fd1734d6600df ]---

Signed-off-by: Yanjiang Jin <yanjiang.jin@...driver.com>
---
1. Fix an alignment issue;
2. update DESC_RNG_LEN to (4 * CAAM_CMD_SZ).

 drivers/crypto/caam/caamrng.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/caam/caamrng.c b/drivers/crypto/caam/caamrng.c
index ae31e55..26a544b 100644
--- a/drivers/crypto/caam/caamrng.c
+++ b/drivers/crypto/caam/caamrng.c
@@ -52,7 +52,7 @@
 
 /* length of descriptors */
 #define DESC_JOB_O_LEN			(CAAM_CMD_SZ * 2 + CAAM_PTR_SZ * 2)
-#define DESC_RNG_LEN			(10 * CAAM_CMD_SZ)
+#define DESC_RNG_LEN			(4 * CAAM_CMD_SZ)
 
 /* Buffer, its dma address and lock */
 struct buf_data {
@@ -90,8 +90,8 @@ static inline void rng_unmap_ctx(struct caam_rng_ctx *ctx)
 	struct device *jrdev = ctx->jrdev;
 
 	if (ctx->sh_desc_dma)
-		dma_unmap_single(jrdev, ctx->sh_desc_dma, DESC_RNG_LEN,
-				 DMA_TO_DEVICE);
+		dma_unmap_single(jrdev, ctx->sh_desc_dma,
+				 desc_bytes(ctx->sh_desc), DMA_TO_DEVICE);
 	rng_unmap_buf(jrdev, &ctx->bufs[0]);
 	rng_unmap_buf(jrdev, &ctx->bufs[1]);
 }
-- 
1.9.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ