| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Jan 2020 17:17:30 +0100
From: Martin DEVERA <devik@...labs.cz>
To: Miquel Raynal <miquel.raynal@...tlin.com>
Cc: linux-kernel@...r.kernel.org, jan.pohanka@...z.cz,
Christophe Kerello <christophe.kerello@...com>,
Boris Brezillon <boris.brezillon@...tlin.com>,
Richard Weinberger <richard@....at>,
David Woodhouse <dwmw2@...radead.org>,
Brian Norris <computersforpeace@...il.com>,
Marek Vasut <marek.vasut@...il.com>,
linux-mtd@...ts.infradead.org
Subject: Re: [PATCH] mtd: rawnand: Fix unexpected timeouts in waitrdy
On 1/9/20 4:37 PM, Miquel Raynal wrote:
> Hi Martin,
>
> Martin Devera <devik@...labs.cz> wrote on Tue, 10 Dec 2019 16:03:18
> +0100:
>
>> The used way to compute jiffies timeout brokes when
>> jiffie difference is 1. Simply add 1 - it has no other
>> side effects.
>> Fixes STM32MP1 FMC2 NAND controller which sometimes failed
>> exactly in this way.
>>
>> Signed-off-by: Martin Devera <devik@...labs.cz>
>> ---
>> drivers/mtd/nand/raw/nand_base.c | 6 +++++-
>> 1 file changed, 5 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/mtd/nand/raw/nand_base.c b/drivers/mtd/nand/raw/nand_base.c
>> index d527e448ce19..beab3a775cc7 100644
>> --- a/drivers/mtd/nand/raw/nand_base.c
>> +++ b/drivers/mtd/nand/raw/nand_base.c
>> @@ -721,7 +721,11 @@ int nand_soft_waitrdy(struct nand_chip *chip, unsigned long timeout_ms)
>> if (ret)
>> return ret;
>>
>> - timeout_ms = jiffies + msecs_to_jiffies(timeout_ms);
>> + /* +1 below is necessary because if we are now in the last fraction
>> + * of jiffy and msecs_to_jiffies is 1 then we will wait only that
>> + * small jiffy fraction - possibly leading to false timeout
>> + */
>> + timeout_ms = jiffies + msecs_to_jiffies(timeout_ms) + 1;
>> do {
>> ret = nand_read_data_op(chip, &status, sizeof(status), true);
>> if (ret)
> I don't really what you are fixing here, I suspect the root cause to be
> a wrongly calculated timeout_ms in the calling driver.
>
> It is the responsibility of the caller to use this function with a
> relevant timeout_ms parameter. Maybe Christophe can help you here?
>
Hi Miquel,
assume that nand_soft_waitrdy is called with timeout_ms==1. I suppose it is
valid case. Jiffies are 1000 for example (assume something more like
1000.99 -
just before incrementing to 1001).
We compute timeout_ms = 1000+msecs_to_jiffies(1) = 1001 (at least for my
jiffies rate).
nand_read_data_op is called for the first time and returns 0. During the
call jiffies changes
to 1001 thus "while loop" ends here (wrongly).
Notice that routine was called with expected timeout 1ms but actual
timeout used was something
between 0...1ms (which I also measured by tracing & scope on the bus).
Or is my analysis flawed somewhere ?
Thanks,
Martin
Powered by blists - more mailing lists