| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <815a8414-bfbe-c693-3208-1580779815ec@gmail.com>
Date: Tue, 16 Jul 2019 15:46:44 -0700
From: Florian Fainelli <f.fainelli@...il.com>
To: Nicolas Boichat <drinkcat@...omium.org>,
Rob Herring <robh+dt@...nel.org>
Cc: Frank Rowand <frowand.list@...il.com>, devicetree@...r.kernel.org,
linux-kernel@...r.kernel.org,
Ian Campbell <ian.campbell@...rix.com>,
Grant Likely <grant.likely@...aro.org>,
Stephen Boyd <swboyd@...omium.org>
Subject: Re: [PATCH] of/fdt: Make sure no-map does not remove already reserved
regions
On 7/2/19 10:08 PM, Nicolas Boichat wrote:
> If the device tree is incorrectly configured, and attempts to
> define a "no-map" reserved memory that overlaps with the kernel
> data/code, the kernel would crash quickly after boot, with no
> obvious clue about the nature of the issue.
>
> For example, this would happen if we have the kernel mapped at
> these addresses (from /proc/iomem):
> 40000000-41ffffff : System RAM
> 40080000-40dfffff : Kernel code
> 40e00000-411fffff : reserved
> 41200000-413e0fff : Kernel data
>
> And we declare a no-map shared-dma-pool region at a fixed address
> within that range:
> mem_reserved: mem_region {
> compatible = "shared-dma-pool";
> reg = <0 0x40000000 0 0x01A00000>;
> no-map;
> };
>
> To fix this, when removing memory regions at early boot (which is
> what "no-map" regions do), we need to make sure that the memory
> is not already reserved. If we do, __reserved_mem_reserve_reg
> will throw an error:
> [ 0.000000] OF: fdt: Reserved memory: failed to reserve memory
> for node 'mem_region': base 0x0000000040000000, size 26 MiB
> and the code that will try to use the region should also fail,
> later on.
>
> We do not do anything for non-"no-map" regions, as memblock
> explicitly allows reserved regions to overlap, and the commit
> that this fixes removed the check for that precise reason.
>
> Fixes: 094cb98179f19b7 ("of/fdt: memblock_reserve /memreserve/ regions in the case of partial overlap")
> Signed-off-by: Nicolas Boichat <drinkcat@...omium.org>
> ---
> drivers/of/fdt.c | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
> index cd17dc62a71980a..a1ded43fc332d0c 100644
> --- a/drivers/of/fdt.c
> +++ b/drivers/of/fdt.c
> @@ -1138,8 +1138,16 @@ int __init __weak early_init_dt_mark_hotplug_memory_arch(u64 base, u64 size)
> int __init __weak early_init_dt_reserve_memory_arch(phys_addr_t base,
> phys_addr_t size, bool nomap)
> {
> - if (nomap)
> + if (nomap) {
> + /*
> + * If the memory is already reserved (by another region), we
> + * should not allow it to be removed altogether.
> + */
> + if (memblock_is_region_reserved(base, size))
> + return -EBUSY;
> +
> return memblock_remove(base, size);
While you are it, the nomap argument (introduced with
e8d9d1f5485b52ec3c4d7af839e6914438f6c285) predates the introduction of
memblock_is_nomap() (bf3d3cc580f9960883ebf9ea05868f336d9491c2), so
should just remove memblock_remove() and use memblock_mark_nomap()
instead here.
--
Florian
Powered by blists - more mailing lists