lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20190520115249.901773602@linuxfoundation.org>
Date:   Mon, 20 May 2019 14:14:16 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     linux-kernel@...r.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        stable@...r.kernel.org, Romain Porte <romain.porte@...ia.com>,
        Pascal Fabreges <pascal.fabreges@...ia.com>,
        Alexander Sverdlin <alexander.sverdlin@...ia.com>,
        Tudor Ambarus <tudor.ambarus@...rochip.com>,
        Mika Westerberg <mika.westerberg@...ux.intel.com>,
        Miquel Raynal <miquel.raynal@...tlin.com>
Subject: [PATCH 5.0 076/123] mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write

From: Alexander Sverdlin <alexander.sverdlin@...ia.com>

commit 2b75ebeea6f4937d4d05ec4982c471cef9a29b7f upstream.

It was observed that reads crossing 4K address boundary are failing.

This limitation is mentioned in Intel documents:

Intel(R) 9 Series Chipset Family Platform Controller Hub (PCH) Datasheet:

"5.26.3 Flash Access
Program Register Access:
* Program Register Accesses are not allowed to cross a 4 KB boundary..."

Enhanced Serial Peripheral Interface (eSPI)
Interface Base Specification (for Client and Server Platforms):

"5.1.4 Address
For other memory transactions, the address may start or end at any byte
boundary. However, the address and payload length combination must not
cross the naturally aligned address boundary of the corresponding Maximum
Payload Size. It must not cross a 4 KB address boundary."

Avoid this by splitting an operation crossing the boundary into two
operations.

Fixes: 8afda8b26d01 ("spi-nor: Add support for Intel SPI serial flash controller")
Cc: stable@...r.kernel.org
Reported-by: Romain Porte <romain.porte@...ia.com>
Tested-by: Pascal Fabreges <pascal.fabreges@...ia.com>
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@...ia.com>
Reviewed-by: Tudor Ambarus <tudor.ambarus@...rochip.com>
Acked-by: Mika Westerberg <mika.westerberg@...ux.intel.com>
Signed-off-by: Miquel Raynal <miquel.raynal@...tlin.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>

---
 drivers/mtd/spi-nor/intel-spi.c |    8 ++++++++
 1 file changed, 8 insertions(+)

--- a/drivers/mtd/spi-nor/intel-spi.c
+++ b/drivers/mtd/spi-nor/intel-spi.c
@@ -632,6 +632,10 @@ static ssize_t intel_spi_read(struct spi
 	while (len > 0) {
 		block_size = min_t(size_t, len, INTEL_SPI_FIFO_SZ);
 
+		/* Read cannot cross 4K boundary */
+		block_size = min_t(loff_t, from + block_size,
+				   round_up(from + 1, SZ_4K)) - from;
+
 		writel(from, ispi->base + FADDR);
 
 		val = readl(ispi->base + HSFSTS_CTL);
@@ -685,6 +689,10 @@ static ssize_t intel_spi_write(struct sp
 	while (len > 0) {
 		block_size = min_t(size_t, len, INTEL_SPI_FIFO_SZ);
 
+		/* Write cannot cross 4K boundary */
+		block_size = min_t(loff_t, to + block_size,
+				   round_up(to + 1, SZ_4K)) - to;
+
 		writel(to, ispi->base + FADDR);
 
 		val = readl(ispi->base + HSFSTS_CTL);


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ