lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20210203110522.12f2b326@xps13>
Date:   Wed, 3 Feb 2021 11:05:22 +0100
From:   Miquel Raynal <miquel.raynal@...tlin.com>
To:     Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org>
Cc:     richard@....at, vigneshr@...com, boris.brezillon@...labora.com,
        linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org,
        linux-arm-msm@...r.kernel.org, bjorn.andersson@...aro.org
Subject: Re: [PATCH] mtd: rawnand: Do not check for bad block if bbt is
 unavailable

Hi Manivannan,

Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org> wrote on Wed,
03 Feb 2021 15:28:20 +0530:

> Hi Miquel, 
> 
> On 2 February 2021 1:44:59 PM IST, Miquel Raynal <miquel.raynal@...tlin.com> wrote:
> >Hi Manivannan,
> >
> >Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org> wrote on Tue,
> >2 Feb 2021 09:46:14 +0530:
> >  
> >> Hi,
> >> 
> >> On Mon, Feb 01, 2021 at 03:18:24PM +0100, Miquel Raynal wrote:  
> >> > Hi Manivannan,
> >> > 
> >> > Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org> wrote on  
> >Sat,  
> >> > 30 Jan 2021 09:24:12 +0530:
> >> >     
> >> > > The bbt pointer will be unavailable when NAND_SKIP_BBTSCAN option  
> >is  
> >> > > set for a NAND chip. The intention is to skip scanning for the  
> >bad  
> >> > > blocks during boot time.    
> >> > 
> >> > I don't have the same understanding: this flag skips the bad block
> >> > table scan, not the bad block scan. We do want to scan all the  
> >devices  
> >> > in order to construct a RAM based table.
> >> >     
> >> > > However, the MTD core will call
> >> > > _block_isreserved() and _block_isbad() callbacks unconditionally  
> >for  
> >> > > the rawnand devices due to the callbacks always present while  
> >collecting  
> >> > > the ecc stats.
> >> > > 
> >> > > The _block_isreserved() callback for rawnand will bail out if bbt
> >> > > pointer is not available. But _block_isbad() will continue  
> >without  
> >> > > checking for it. So this contradicts with the NAND_SKIP_BBTSCAN  
> >option  
> >> > > since the bad block check will happen anyways (ie., not much  
> >difference  
> >> > > between scanning for bad blocks and checking each block for bad  
> >ones).  
> >> > > 
> >> > > Hence, do not check for the bad block if bbt pointer is  
> >unavailable.    
> >> > 
> >> > Not checking for bad blocks at all feels insane. I don't really get  
> >the  
> >> > scope and goal of such change?
> >> >     
> >> 
> >> The issue I encountered is, on the Telit FN980 device one of the
> >> partition seems to be protected. So trying to read the bad blocks in
> >> that partition makes the device to reboot during boot.  
> >
> >o_O
> >
> >Reading a protected block makes the device to reboot?
> >
> >What is the exact device? Can you share the datasheet? Is this behavior
> >expected? Because it seems really broken to me, a read should not
> >trigger *anything* that bad.
> >  
> 
> I got more information from the vendor, Telit. The access to the 3rd partition is protected by Trustzone and any access in non privileged mode (where Linux kernel runs) causes kernel panic and the device reboots. 

Ok, so this is not a chip feature but more a host constraint.

In this case it would be a good idea to add a host DT property which
describes the zone to avoid accessing it. Something like:

	secure-area/secure-section = <start length>;

>From the core perspective, we should parse this property early enough
and return -EIO when trying to access this area.

Does this solution sound reasonable to you?

Thanks,
Miquèl

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ