lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170419231804.5a04ed69@bbrezillon>
Date:   Wed, 19 Apr 2017 23:18:04 +0200
From:   Boris Brezillon <boris.brezillon@...e-electrons.com>
To:     Pavel Machek <pavel@....cz>
Cc:     richard@....at, dwmw2@...radead.org, computersforpeace@...il.com,
        marek.vasut@...il.com, cyrille.pitchen@...el.com,
        linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org,
        mark.marshall@...cronenergy.com, b44839@...escale.com,
        prabhakar@...escale.com
Subject: Re: fsl_ifc_nand: are blank pages protected by ECC?

On Wed, 19 Apr 2017 14:13:32 +0200
Pavel Machek <pavel@....cz> wrote:

> Hi!
> 
> We have some problems with fsl_ifc_nand ... in the old kernels, but
> this one does not seem to be fixed in v4.11, either.
> 
> UBIFS complains:
> 
> UBIFS error (pid 931): ubifs_scan: corrupt empty space at LEB 282:252630
> UBIFS error (pid 931): ubifs_scanned_corruption: corruption at LEB 282:252630
> UBIFS error (pid 931): ubifs_scanned_corruption: first 1322 bytes from LEB 282:252630
> UBIFS error (pid 931): ubifs_scan: LEB 282 scanning failed
> 
> Possible explanation is here:
> 
> https://e2e.ti.com/support/dsp/davinci_digital_media_processors/f/716/t/289605
> 
> # I see on the forum that this issue has been raised before - my
> # understanding is that the omap2 nand driver does not perform ECC
> # detection/correction on empty pages so when UBIFS checks the empty
> # space data and doesn't read all 0xFF then it fails and mounts
> # read-only. I didn't find any good solution - only a workaround to
> # remove the UBIFS check..
> 
> So I checked fsl_ifc_nand.c in v4.11-rc, and yes, it seems to have the
> same problem:
> 
> 			if (errors == 15) {
> 	                        /*
>                                  * Uncorrectable error.
>                                  * OK only if the whole page is blank.
>                                  *
>                                  * We disable ECCER reporting due to...
>                                  * erratum IFC-A002770 -- so report it now if we
>                                  * see an uncorrectable error in ECCSTAT.
>                                  */
>                                 if (!is_blank(mtd, bufnum))
>                                         ctrl->nand_stat |=
>                                                 IFC_NAND_EVTER_STAT_ECCER;
>                                 break;
>                         }
> 
> is_blank() checks for all 0xff's, so single-bit 0xfe in the data will
> result in_blank() == 0 and uncorrectable error being signaled.
> 
> Should the driver be modified somehow?

Yep, nand_check_erased_ecc_chunk() [1] is here to help you check this
case, unfortunately, it's not directly applicable here, because this
function takes regular pointers and not __iomem ones. You'll either
have to copy the data in an intermediate buffer before calling
nand_check_erased_ecc_chunk(), or cast the SRAM region to a void
pointer (which is usually not a good idea). The last option would be to
open code nand_check_erased_ecc_chunk(), but I'd really like to avoid
that (for maintainability concerns).

[1]http://lxr.free-electrons.com/source/drivers/mtd/nand/nand_base.c#L1414

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ