lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <d6104236-f6e6-b42b-eb83-400bc34f17d6@gmail.com>
Date:   Wed, 18 Nov 2020 09:56:22 +0800
From:   Jia-Ju Bai <baijiaju1990@...il.com>
To:     Kalle Valo <kvalo@...eaurora.org>
Cc:     pkshih@...ltek.com, davem@...emloft.net, kuba@...nel.org,
        straube.linux@...il.com, Larry.Finger@...inger.net,
        christophe.jaillet@...adoo.fr, linux-wireless@...r.kernel.org,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] rtl8192ce: avoid accessing the data mapped to streaming
 DMA



On 2020/11/7 19:44, Kalle Valo wrote:
> Jia-Ju Bai <baijiaju1990@...il.com> wrote:
>
>> In rtl92ce_tx_fill_cmddesc(), skb->data is mapped to streaming DMA on
>> line 530:
>>    dma_addr_t mapping = dma_map_single(..., skb->data, ...);
>>
>> On line 533, skb->data is assigned to hdr after cast:
>>    struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)(skb->data);
>>
>> Then hdr->frame_control is accessed on line 534:
>>    __le16 fc = hdr->frame_control;
>>
>> This DMA access may cause data inconsistency between CPU and hardwre.
>>
>> To fix this bug, hdr->frame_control is accessed before the DMA mapping.
>>
>> Signed-off-by: Jia-Ju Bai <baijiaju1990@...il.com>
> Like Ping said, use "rtlwifi:" prefix and have all rtlwifi patches in
> the same patchset.
>
> 4 patches set to Changes Requested.
>
> 11843533 rtl8192ce: avoid accessing the data mapped to streaming DMA
> 11843541 rtl8192de: avoid accessing the data mapped to streaming DMA
> 11843553 rtl8723ae: avoid accessing the data mapped to streaming DMA
> 11843557 rtl8188ee: avoid accessing the data mapped to streaming DMA
>

Okay, I have sent v2 patches just now.
Please have a look, thank :)


Best wishes,
Jia-Ju Bai

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ