lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 22 May 2020 15:04:07 +0100
From:   Lorenzo Pieralisi <>
To:     Alan Mikhak <>
        Alan Mikhak <>
Subject: Re: PCI: dwc: Warn only for non-prefetchable memory resource size

On Tue, May 19, 2020 at 07:33:04PM -0700, Alan Mikhak wrote:
> Hi Lorenzo,
> I came across this issue when implementing a Linux NVMe endpoint function
> driver under the Linux PCI Endpoint Framework:
> I needed to map up to 128GB of host memory using a single ATU window
> from the endpoint side because NVMe PRPs can be scattered all over host
> memory. In the process, I came across this 4GB limitation where the
> maximum size of memory that can be mapped is limited by what a u32 value
> can represent.
> I submitted a separate patch to fix an undefined behavior that may also
> happen in dw_pcie_prog_outbound_atu_unroll() under some circumstances
> when the size of the memory being mapped is greater than what a u32 value
> can represent.
> The above patch has been accepted. However, the variable pp->mem_size
> in dw_pcie_host_init() is still a u32 whereas the value returned by
> resource_size() is u64. If the resource size has non-zero upper 32-bits,
> those upper 32-bits will be lost when assigning:
>  pp->mem_size = resource_size(pp->mem).
> Since current callers seem happy with the existing 4GB implementation
> and fixing the u32 limit is beyond my available resources and has a long
> high-impact tail, a warning seemed to be a good choice to highlight
> this issue in case someone else decides to map a MEM region that is
> greater than 4GB.
> Removing the warning will avoid such discussions. Without this warning,
> this limitation will go unnoticed and will only impact whoever has to
> deal with it. It cost me time to figure it out when I had an application
> that needed a region larger than 4GB. I figured the most I could do about
> it is to raise the issue by adding a warning.

You did the right thing (and you helped me unearth some major
deficiencies in current DWC code). Unfortunately I have to drop:

9e73fa02aa00 ("PCI: dwc: Warn if MEM resource size exceeds max for 32-bits")

because it triggers regressions (and it is still not in the mainline,
IMO there would be more if we send it upstream).

I will keep:

e1fc129219a8 ("PCI: dwc: Program outbound ATU upper limit register")

because it is a step in the right direction and makes sense on its own.

Thanks for all the effort you put into this.


> Regards,
> Alan

Powered by blists - more mailing lists