| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Jul 2019 17:21:30 -0700
From: Bjorn Andersson <bjorn.andersson@...aro.org>
To: Stephen Boyd <swboyd@...omium.org>
Cc: Andy Gross <agross@...nel.org>, linux-kernel@...r.kernel.org,
linux-arm-msm@...r.kernel.org,
Ian Jackson <ian.jackson@...rix.com>,
Julien Grall <julien.grall@....com>,
Avaneesh Kumar Dwivedi <akdwived@...eaurora.org>
Subject: Re: [PATCH 2/3] firmware: qcom_scm: Cleanup code in
qcom_scm_assign_mem()
On Mon 22 Jul 17:04 PDT 2019, Stephen Boyd wrote:
> Quoting Bjorn Andersson (2019-07-22 16:27:19)
> > On Fri 17 May 14:09 PDT 2019, Stephen Boyd wrote:
> >
> > > There are some questionable coding styles in this function. It looks
> > > quite odd to deref a pointer with array indexing that only uses the
> > > first element. Also, destroying an input/output variable halfway through
> > > the function and then overwriting it on success is not clear. It's
> > > better to use a local variable and the kernel macros to step through
> > > each bit set in a bitmask and clearly show where outputs are set.
> > >
> > > Cc: Ian Jackson <ian.jackson@...rix.com>
> > > Cc: Julien Grall <julien.grall@....com>
> > > Cc: Bjorn Andersson <bjorn.andersson@...aro.org>
> > > Cc: Avaneesh Kumar Dwivedi <akdwived@...eaurora.org>
> > > Signed-off-by: Stephen Boyd <swboyd@...omium.org>
> > > ---
> > > drivers/firmware/qcom_scm.c | 34 ++++++++++++++++------------------
> > > include/linux/qcom_scm.h | 9 +++++----
> > > 2 files changed, 21 insertions(+), 22 deletions(-)
> > >
> > > diff --git a/drivers/firmware/qcom_scm.c b/drivers/firmware/qcom_scm.c
> > > index 0c63495cf269..153f13f72bac 100644
> > > --- a/drivers/firmware/qcom_scm.c
> > > +++ b/drivers/firmware/qcom_scm.c
> > > @@ -443,7 +443,8 @@ EXPORT_SYMBOL(qcom_scm_set_remote_state);
> > > */
> > > int qcom_scm_assign_mem(phys_addr_t mem_addr, size_t mem_sz,
> > > unsigned int *srcvm,
> > > - struct qcom_scm_vmperm *newvm, int dest_cnt)
> > > + const struct qcom_scm_vmperm *newvm,
> > > + unsigned int dest_cnt)
> > > {
> > > struct qcom_scm_current_perm_info *destvm;
> > > struct qcom_scm_mem_map_info *mem_to_map;
> > > @@ -458,11 +459,10 @@ int qcom_scm_assign_mem(phys_addr_t mem_addr, size_t mem_sz,
> > > int next_vm;
> > > __le32 *src;
> > > void *ptr;
> > > - int ret;
> > > - int len;
> > > - int i;
> > > + int ret, i, b;
> > > + unsigned long srcvm_bits = *srcvm;
> > >
> > > - src_sz = hweight_long(*srcvm) * sizeof(*src);
> > > + src_sz = hweight_long(srcvm_bits) * sizeof(*src);
> > > mem_to_map_sz = sizeof(*mem_to_map);
> > > dest_sz = dest_cnt * sizeof(*destvm);
> > > ptr_sz = ALIGN(src_sz, SZ_64) + ALIGN(mem_to_map_sz, SZ_64) +
> > > @@ -475,28 +475,26 @@ int qcom_scm_assign_mem(phys_addr_t mem_addr, size_t mem_sz,
> > >
> > > /* Fill source vmid detail */
> > > src = ptr;
> > > - len = hweight_long(*srcvm);
> > > - for (i = 0; i < len; i++) {
> > > - src[i] = cpu_to_le32(ffs(*srcvm) - 1);
> > > - *srcvm ^= 1 << (ffs(*srcvm) - 1);
> > > - }
> > > + i = 0;
> > > + for_each_set_bit(b, &srcvm_bits, sizeof(srcvm_bits))
> >
> > The modem is sad that you only pass 8 here. Changed it to BITS_PER_LONG
> > to include the modem's permission bit and applied all three patches.
> >
>
> Ah of course. Thanks.
>
> BTW, srcvm is an unsigned int, but then we do a bunch of unsigned long
> operations on them. Maybe the whole API should be changed to be more
> explicit about the size of the type, i.e. u64?
>
It's a bitmap of vmids currently with access to the region and the space
has expanded since I looked at this list time, so the now highest
defined id in the downstream kernel is 42.
So it sounds very reasonable to expand this to a u64.
Regards,
Bjorn
Powered by blists - more mailing lists