| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 10 Oct 2016 07:57:31 -0400 (EDT)
From: David Miller <davem@...emloft.net>
To: nikita.yoush@...entembedded.com
Cc: jeffrey.t.kirsher@...el.com, intel-wired-lan@...ts.osuosl.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
cphealy@...il.com
Subject: Re: igb driver can cause cache invalidation of non-owned memory?
From: Nikita Yushchenko <nikita.yoush@...entembedded.com>
Date: Mon, 10 Oct 2016 12:51:28 +0300
> Hmm... I'm not about device writing to memory.
This absolutely is about whether the device wrote into the
area or not.
> Sequence in igb driver is:
>
> dma_map(full_page)
> <device writes here>
> sync_to_cpu(half_page);
> skb_add_rx_frag(skb, half_page);
> napi_gro_receive(skb);
> ...
> dma_unmap(full_page)
>
> What I'm concerned about is - same area is first passed up to network
> stack, and _later_ dma_unmap()ed. Is this indeed safe?
dma_unmap() should never write anything unless the device has
meanwhile written to that chunk of memory.
If the device made no intervening writes into the area, dma_unmap()
should not cause any data to be written to that area, period.
In your example above, consider the case where the device never
writes into the memory area after sync_to_cpu(). In that case
there is nothing that dma_unmap() can possibly write. All the
data has been synced, and no device writes into the memory are
have occurred.
Powered by blists - more mailing lists