lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 4 Jan 2021 17:52:43 -0800
From:   Phil Oester <kernel@...uxace.com>
To:     Arnd Bergmann <arnd@...nel.org>
Cc:     "James E.J. Bottomley" <jejb@...ux.ibm.com>,
        "Martin K. Petersen" <martin.petersen@...cle.com>,
        Arnd Bergmann <arnd@...db.de>,
        Kashyap Desai <kashyap.desai@...adcom.com>,
        Sumit Saxena <sumit.saxena@...adcom.com>,
        Shivasharan S <shivasharan.srikanteshwara@...adcom.com>,
        Anand Lodnoor <anand.lodnoor@...adcom.com>,
        Vaibhav Gupta <vaibhavgupta40@...il.com>,
        Jason Yan <yanaijie@...wei.com>,
        Damien Le Moal <damien.lemoal@....com>,
        megaraidlinux.pdl@...adcom.com, linux-scsi@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression

On Tue, Jan 05, 2021 at 12:41:04AM +0100, Arnd Bergmann wrote:
> Phil Oester reported that a fix for a possible buffer overrun that I
> sent caused a regression that manifests in this output:
> 
>  Event Message: A PCI parity error was detected on a component at bus 0 device 5 function 0.
>  Severity: Critical
>  Message ID: PCI1308
> 
> The original code tried to handle the sense data pointer differently
> when using 32-bit 64-bit DMA addressing, which would lead to a 32-bit
> dma_addr_t value of 0x11223344 to get stored
> 
> 32-bit kernel:       44 33 22 11 ?? ?? ?? ??
> 64-bit LE kernel:    44 33 22 11 00 00 00 00
> 64-bit BE kernel:    00 00 00 00 44 33 22 11
> 
> or a 64-bit dma_addr_t value of 0x1122334455667788 to get stored as
> 
> 32-bit kernel:       88 77 66 55 ?? ?? ?? ??
> 64-bit kernel:       88 77 66 55 44 33 22 11
> 
> In my patch, I tried to ensure that the same value is used on both
> 32-bit and 64-bit kernels, and picked what seemed to be the most sensible
> combination, storing 32-bit addresses in the first four bytes (as 32-bit
> kernels already did), and 64-bit addresses in eight consecutive bytes
> (as 64-bit kernels already did), but evidently this was incorrect.
> 
> Always storing the dma_addr_t pointer as 64-bit little-endian,
> i.e. initializing the second four bytes to zero in case of 32-bit
> addressing, apparently solved the problem for Phil, and is consistent
> with what all 64-bit little-endian machines did before.
> 
> I also checked in the history that in previous versions of the code,
> the pointer was always in the first four bytes without padding, and that
> previous attempts to fix 64-bit user space, big-endian architectures
> and 64-bit DMA were clearly flawed and seem to have introduced made
> this worse.
> 
> Reported-by: Phil Oester <kernel@...uxace.com>
> Fixes: 381d34e376e3 ("scsi: megaraid_sas: Check user-provided offsets")
> Fixes: 107a60dd71b5 ("scsi: megaraid_sas: Add support for 64bit consistent DMA")
> Fixes: 94cd65ddf4d7 ("[SCSI] megaraid_sas: addded support for big endian architecture")
> Fixes: 7b2519afa1ab ("[SCSI] megaraid_sas: fix 64 bit sense pointer truncation")
> Signed-off-by: Arnd Bergmann <arnd@...db.de>

This solves the issue on our Dell servers, thanks Arnd.

Phil

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ