lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Fri, 14 Oct 2016 16:20:00 +0200
From:   Denys Vlasenko <dvlasenk@...hat.com>
To:     James Bottomley <JBottomley@...allels.com>
Cc:     Denys Vlasenko <dvlasenk@...hat.com>,
        Hannes Reinicke <hare@...e.de>, linux-scsi@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: [PATCH] scsi: aic7xxx: fix ahc_delay and ahd_delay

They are buggy:

        while (usec > 0)
               udelay(usec % 1024);
               usec -= 1024;

For example, for usec = 100*1024 + 1, old code will udelay(1) 101 times,
i.e. it will be approximately equivalent to udelay(101),
not the expected udelay(102400).

This did not bite because all callers use values far from "pathological" ones,
such as 500 and 1000 - these work fine with buggy code.

This was reported in 2006 but was missed.

Signed-off-by: Denys Vlasenko <dvlasenk@...hat.com>
CC: James Bottomley <JBottomley@...allels.com>
CC: Hannes Reinicke <hare@...e.de>
CC: linux-scsi@...r.kernel.org
CC: linux-kernel@...r.kernel.org
---
 drivers/scsi/aic7xxx/aic79xx_osm.c | 7 ++++---
 drivers/scsi/aic7xxx/aic7xxx_osm.c | 7 ++++---
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/drivers/scsi/aic7xxx/aic79xx_osm.c b/drivers/scsi/aic7xxx/aic79xx_osm.c
index 2588b8f..e7a7838 100644
--- a/drivers/scsi/aic7xxx/aic79xx_osm.c
+++ b/drivers/scsi/aic7xxx/aic79xx_osm.c
@@ -380,9 +380,10 @@ ahd_delay(long usec)
 	 * multi-millisecond waits.  Wait at most
 	 * 1024us per call.
 	 */
-	while (usec > 0) {
-		udelay(usec % 1024);
-		usec -= 1024;
+	udelay(usec & 1023);
+	usec >>= 10;
+	while (--usec >= 0) {
+		udelay(1024);
 	}
 }
 
diff --git a/drivers/scsi/aic7xxx/aic7xxx_osm.c b/drivers/scsi/aic7xxx/aic7xxx_osm.c
index fc6a831..c81798e 100644
--- a/drivers/scsi/aic7xxx/aic7xxx_osm.c
+++ b/drivers/scsi/aic7xxx/aic7xxx_osm.c
@@ -388,9 +388,10 @@ ahc_delay(long usec)
 	 * multi-millisecond waits.  Wait at most
 	 * 1024us per call.
 	 */
-	while (usec > 0) {
-		udelay(usec % 1024);
-		usec -= 1024;
+	udelay(usec & 1023);
+	usec >>= 10;
+	while (--usec >= 0) {
+		udelay(1024);
 	}
 }
 
-- 
2.9.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ