lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Fri, 24 Nov 2017 16:20:24 +0100
From:   Ulf Hansson <ulf.hansson@...aro.org>
To:     Jiri Slaby <jslaby@...e.cz>
Cc:     Linus <torvalds@...ux-foundation.org>,
        "linux-mmc@...r.kernel.org" <linux-mmc@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Jaehoon Chung <jh80.chung@...sung.com>,
        Adrian Hunter <adrian.hunter@...el.com>,
        Linus Walleij <linus.walleij@...aro.org>,
        Yoshihiro Shimoda <yoshihiro.shimoda.uh@...esas.com>,
        Geert Uytterhoeven <geert+renesas@...der.be>,
        Konrad Rzeszutek Wilk <konrad@...nel.org>
Subject: Re: sdhci broke in 4.14 [was: MMC fixes for v.4.14-rc4]

On 24 November 2017 at 16:15, Jiri Slaby <jslaby@...e.cz> wrote:
> On 11/21/2017, 04:08 PM, Ulf Hansson wrote:
>> Subject: [PATCH] mmc: sdhci: Fix bounce buffer overflow
> ...
>> --- a/drivers/mmc/host/sdhci.c
>> +++ b/drivers/mmc/host/sdhci.c
> ...
>> @@ -3651,22 +3652,29 @@ int sdhci_setup_host(struct sdhci_host *host)
>>         spin_lock_init(&host->lock);
>>
>>         /*
>> +        * Maximum number of sectors in one transfer. Limited by SDMA boundary
>> +        * size (512KiB). Note some tuning modes impose a 4MiB limit, but this
>> +        * is less anyway.
>> +        */
>> +       mmc->max_req_size = 524288;
>> +
>> +       /*
>>          * Maximum number of segments. Depends on if the hardware
>>          * can do scatter/gather or not.
>>          */
>> -       if (host->flags & SDHCI_USE_ADMA)
>> +       if (host->flags & SDHCI_USE_ADMA) {
>>                 mmc->max_segs = SDHCI_MAX_SEGS;
>> -       else if (host->flags & SDHCI_USE_SDMA)
>> +       } else if (host->flags & SDHCI_USE_SDMA) {
>>                 mmc->max_segs = 1;
>> -       else /* PIO */
>> +               if (swiotlb_max_segment()) {
>> +                       unsigned int max_req_size = (1 << IO_TLB_SHIFT) *
>> +                                               IO_TLB_SEGSIZE;
>> +                       mmc->max_req_size = min(mmc->max_req_size,
>> +                                               max_req_size);
>> +               }
>> +       } else { /* PIO */
>>                 mmc->max_segs = SDHCI_MAX_SEGS;
>
> It seems to work fine. FWIW the debug output is:
> [    0.708312] mmc0: max_segs=1 max_req_size=262144 h->flags=00004001

Thanks for testing!

I post a proper formatted patch very soon.

Kind regards
Uffe

Powered by blists - more mailing lists