lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Fri, 26 Feb 2021 15:10:50 +0800
From:   Jinyang He <hejinyang@...ngson.cn>
To:     Jiaxun Yang <jiaxun.yang@...goat.com>,
        Thomas Bogendoerfer <tsbogend@...ha.franken.de>,
        John Crispin <john@...ozen.org>
Cc:     "linux-mips@...r.kernel.org" <linux-mips@...r.kernel.org>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH RFC] MIPS: Remove detect_memory_region()

On 02/26/2021 02:52 PM, Jiaxun Yang wrote:

> 在 2021/2/26 上午9:37, Jinyang He 写道:
>> On 02/24/2021 11:40 PM, Jiaxun Yang wrote:
>>
>>>
>>> On Wed, Feb 24, 2021, at 9:02 PM, Jinyang He wrote:
>>>> detect_memory_region() was committed by Commit 4d9f77d25268 ("MIPS: 
>>>> add
>>>> detect_memory_region()"). Then it was equipped by Commit dd63b00804a5
>>>> ("MIPS: ralink: make use of the new memory detection code") and
>>>> Commit 9b75733b7b5e ("MIPS: ath79: make use of the new memory 
>>>> detection
>>>> code"). Its code is based on early ath79 platform code.
>>>>
>>>> What puzzles me is that how memcmp() detect the memory region. If 
>>>> `break`
>>>> was touched, the function could make sense. That means memcmp() should
>>>> return zero. Otherwise, the loop will be end by size > sz_max.
>>>>
>>>> I have tested detect_memory_region() on Loongson64 3A3000. On our 
>>>> design,
>>>> kseg0 low 256MB maps real memory and kseg0 high 256MB maps IO/PCI. The
>>>> function runs and last stopped on kseg1 where is uncached. In this 
>>>> process
>>>> memcmp also returned non-zero when detected kseg0 high 256MB. Then 
>>>> I did
>>>> another thing. memcpy first and test memcmp then (after &_end). It 
>>>> works
>>>> well on 3A3000 but badly on 3A4000. Maybe because kseg0 high 256MB 
>>>> maps
>>>> IO/PCI and it is dangerous to write like write memory.
>>>>
>>>> At last, read memory from where is not memory region may always 
>>>> return 0.
>>>> (Or trigger exception.) This function have been used several years and
>>>> seems no error occur. Maybe it's a fallback way.
>>> That is not true for other platforms like ath79 or mtk.
>>> They'll wrap around or return 0xffffffff for out of boundary accessing.
>>>
>>> Loongson does not apply to this case as it have special "Address 
>>> Window"
>>> design to accurately describe address regions.
>>> Any access beyond described windows will be handled by MC and return 
>>> 0 or random stuff.
>>>
>>> Again, please don't make changes because you can.
>>>
>>> Thanks.
>>>
>>> - Jiaxun
>>
>> Hi, Jiaxun,
>>
>> Thank you for answering this puzzle for me in detail.
>>
>> Assume that the machine has 8MB real memory and dm address is (base + 
>> 3M).
>> When size = 8MB, there will be a phenomenon of `wrap around`, the actual
>> content of (dm + 8M + 3M) is content of (dm + 3M), so it will trigger
>> `break`, right? At this time, the kernel will add 8M to the memory.
>
> Hi Jingyang,
>
> How can you boot kernel with 8M memory in present days ;-)
> (Ohh with respect to Nintendo64 developer who had proven it's possible)
>
> For what I can say, detect_memory_region exists because many devices
> doesn't have a way to pass memory size information from bootloader to
> kernel. Or their bootloader even don't care about memory size.
>
> Kernel needs it to get memory size correctly. Although it seems fragile.
>
> That's life, we must accept imperfect past and don't repeat it in future.
>
> Thanks.
>
> - Jiaxun
>
>
That's just a assume. Because it looks fresh to me.
Thank you very much. :-D

>>
>> Thanks,
>> Jinyang
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ