lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <201511241904.26525.linux@rainbow-software.org>
Date:	Tue, 24 Nov 2015 19:04:24 +0100
From:	Ondrej Zary <linux@...nbow-software.org>
To:	Finn Thain <fthain@...egraphics.com.au>
Cc:	Sam Creasey <sammy@...my.net>,
	Michael Schmitz <schmitzmic@...il.com>,
	"James E.J. Bottomley" <JBottomley@...n.com>,
	linux-m68k@...r.kernel.org, linux-scsi@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 00/71] More fixes, cleanup and modernization for NCR5380 drivers

On Tuesday 24 November 2015 13:03:17 Ondrej Zary wrote:
> On Tuesday 24 November 2015, Finn Thain wrote:
> > 
> > On Tue, 24 Nov 2015, Ondrej Zary wrote:
> > 
> > > On Tuesday 24 November 2015, Finn Thain wrote:
> > > > 
> > > > On Mon, 23 Nov 2015, Ondrej Zary wrote:
> > > > 
> > > > > 
> > > > > PDMA seems to be broken in multiple ways. NCR5380_pread cannot 
> > > > > process less than 128 bytes. In fact, 53C400 datasheet says that 
> > > > > it's HW limitation: non-modulo-128-byte transfers should use PIO.
> > > > > 
> > > > > Adding
> > > > >         transfersize = round_down(transfersize, 128);
> > > > > to generic_NCR5380_dma_xfer_len() improves the situation a bit.
> > > > > 
> > > > > After modprobe, some small reads (8, 4, 24 and 64 bytes) are done 
> > > > > using PIO, then eight 512-byte reads using PDMA and then it fails on 
> > > > > a 254-byte read. First 128 bytes are read using PDMA and the next 
> > > > > PDMA operation hangs waiting forever for the host buffer to be 
> > > > > ready.
> > > > > 
> > > > 
> > > > A 128-byte PDMA receive followed by 126-byte PDMA receive? I don't see 
> > > > how that is possible given round_down(126, 128) == 0. Was this the 
> > > > actual 'len' argument to NCR5380_pread() in g_NCR5380.c?
> > > 
> > > No 126-byte PDMA. The 126 bytes were probably lost (or mixed with the 
> > > next read?).
> > 
> > When you said, the "PDMA operation hangs waiting forever", I figured that 
> > you had hit an infinite loop in NCR5380_pread()... but now I'm lost.
> 
> The first 128-byte PDMA ended successfully (ignoring what happened to the
> remaining 126 bytes), then a next request for 254 bytes came. This resulted
> in a new 128-byte PDMA and that hanged (in one of its possibly infinite loops
> without a timeout).
> 
> > My main concern here is to confirm that I didn't break anything e.g. with 
> > patch 24 or 41. It would be nice to know that this hang is not the result 
> > of a new bug.
> 
> PDMA was already broken before so it's hard to tell. I can try to modify
> the unpatched driver to see if PDMA is broken the same way.

Just tested the driver without your patches and it's broken exactly the same
way.

-- 
Ondrej Zary
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ