lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 30 Dec 2020 16:08:16 +0800
From:   "Leizhen (ThunderTown)" <>
To:     Russell King - ARM Linux admin <>
CC:     Greg Kroah-Hartman <>,
        Will Deacon <>,
        Jason Cooper <>,
        Haojian Zhuang <>,
        Arnd Bergmann <>,
        linux-arm-kernel <>,
        linux-kernel <>
Subject: Re: [PATCH 1/1] ARM: LPAE: use phys_addr_t instead of unsigned long
 in outercache hooks

On 2020/12/29 18:51, Russell King - ARM Linux admin wrote:
> On Tue, Dec 29, 2020 at 02:30:56PM +0800, Leizhen (ThunderTown) wrote:
>> On 2020/12/26 20:13, Russell King - ARM Linux admin wrote:
>>> On Fri, Dec 25, 2020 at 07:44:58PM +0800, Zhen Lei wrote:
>>>> The outercache of some Hisilicon SOCs support physical addresses wider
>>>> than 32-bits. The unsigned long datatype is not sufficient for mapping
>>>> physical addresses >= 4GB. The commit ad6b9c9d78b9 ("ARM: 6671/1: LPAE:
>>>> use phys_addr_t instead of unsigned long in outercache functions") has
>>>> already modified the outercache functions. But the parameters of the
>>>> outercache hooks are not changed. This patch use phys_addr_t instead of
>>>> unsigned long in outercache hooks: inv_range, clean_range, flush_range.
>>>> To ensure the outercache that does not support LPAE works properly, do
>>>> cast phys_addr_t to unsigned long by adding a middle-tier function.
>>> Please don't do that. The cast can be done inside the L2 functions
>>> themselves without needing all these additional functions.
>> OK. At first, I wanted to fit in like this:
>> -static void l2c220_inv_range(unsigned long start, unsigned long end)
>> +static void l2c220_inv_range(phys_addr_t lpae_start, phys_addr_t lpae_end)
>>  {
>> +  unsigned long start = lpae_start;
>> +  unsigned long end = lpae_end;
> It sounds like there should be a "but..." clause here. This is exactly
> what I'm suggesting you should be doing. Currently, there's a silent
> narrowing cast in every single caller of the outer_.*_range() functions
> and you're only moving it from the callsites to inside the called
> functions.

Okay, I will send v2 based on this idea.

>>> We probably ought to also add some protection against addresses > 4GB,
>>> although these are hot paths, so we don't want to add tests in these
>>> functions. Maybe instead checking whether the system has memory above
>>> 4GB while the L2 cache is being initialised would be a good idea?
>> I'm sorry, I didn't quite understand what you meant. Currently, the
>> biggest problem is the compilation problem. The sizeof(long) may be
>> 32, and the 64-bit physical address cannot be transferred from outcache
>> functions to outcache hooks.
> What I mean is that we really ought to warn if the L2C310 code tries to
> initialise on a system where memory is above 4GB. However, it's very
> unlikely that such a system exists, so it's probably fine not implement
> a check, but it just feels fragile to be truncating the 64-bit address
> to 32-bit on a kernel that _could_ support higher addresses, even though
> that's exactly what is happening today (kind of by accident - I don't
> think anyone realised.)

Powered by blists - more mailing lists