| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Mar 2015 11:29:15 +0100 From: Oliver Neukum <oneukum@...e.de> To: Pavel Machek <pavel@....cz> Cc: Jiri Kosina <jkosina@...e.cz>, Lauri Kasanen <cand@....com>, linux-input@...r.kernel.org, linux-kernel@...r.kernel.org, ao2@....it, AndrewD207@....com Subject: Re: [PATCH] HID: sony: Enable Gasia third-party PS3 controllers On Thu, 2015-03-19 at 11:12 +0100, Pavel Machek wrote: > On Thu 2015-03-19 10:54:22, Oliver Neukum wrote: > > On Thu, 2015-03-19 at 10:38 +0100, Pavel Machek wrote: > > > On Thu 2015-03-19 10:14:21, Oliver Neukum wrote: > > > > On Mon, 2015-03-16 at 22:37 +0100, Jiri Kosina wrote: > > > > > > > Are you sure CONFIG_DMA_API_DEBUG wouldn't warn here? > > > > > > > > As far as I can tell, it will not warn. The problem is not in the > > > > mapping itself. That is usually legitimate. The problem arises > > > > because the buffer doesn't have a cacheline of its own. Thus the > > > > memory corruption happens after the IO operation has started. > > > > > > Nasty. Would WARN_ON(buffer & CACHELINE_SIZE-1) do at least part of > > > > No. It is perfectly legitimate to put your buffer at an offset > > or to combine buffers provided you don't use them at the same > > time. > > Legitimate: yes. Is anyone doing it? And will not they see exactly the For this particular function probably not. In the general case, yes. That's how you continue after an error. > same data corruption with the aliasing data? No, the error happens by touching another part of the cacheline from the CPU thus loading stale content into the cache. You can even have simultaneous DMA to two buffers in the same cacheline provided you touch neither until the last DMA has finished. > > > Alternatively, we could create "allocate_for_usb" function, and only > > > take pointers allocated by that function in usb functions. That would > > > also teach people the problem exists... > > > > No, this problem is not limited to USB. > > Well.. Recognize that just because you have a pointer does not mean > you can pass it to certain functions. > > Maybe those functions should not be taking pointers in the first > place.... What else would it take? Should we force people to allocate a new buffer every time? That would make the API for reading and writing asymmetric. Regards Oliver -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists