| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 26 Feb 2021 15:10:50 +0800
From: Jinyang He <hejinyang@...ngson.cn>
To: Jiaxun Yang <jiaxun.yang@...goat.com>,
Thomas Bogendoerfer <tsbogend@...ha.franken.de>,
John Crispin <john@...ozen.org>
Cc: "linux-mips@...r.kernel.org" <linux-mips@...r.kernel.org>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH RFC] MIPS: Remove detect_memory_region()
On 02/26/2021 02:52 PM, Jiaxun Yang wrote:
> 在 2021/2/26 上午9:37, Jinyang He 写道:
>> On 02/24/2021 11:40 PM, Jiaxun Yang wrote:
>>
>>>
>>> On Wed, Feb 24, 2021, at 9:02 PM, Jinyang He wrote:
>>>> detect_memory_region() was committed by Commit 4d9f77d25268 ("MIPS:
>>>> add
>>>> detect_memory_region()"). Then it was equipped by Commit dd63b00804a5
>>>> ("MIPS: ralink: make use of the new memory detection code") and
>>>> Commit 9b75733b7b5e ("MIPS: ath79: make use of the new memory
>>>> detection
>>>> code"). Its code is based on early ath79 platform code.
>>>>
>>>> What puzzles me is that how memcmp() detect the memory region. If
>>>> `break`
>>>> was touched, the function could make sense. That means memcmp() should
>>>> return zero. Otherwise, the loop will be end by size > sz_max.
>>>>
>>>> I have tested detect_memory_region() on Loongson64 3A3000. On our
>>>> design,
>>>> kseg0 low 256MB maps real memory and kseg0 high 256MB maps IO/PCI. The
>>>> function runs and last stopped on kseg1 where is uncached. In this
>>>> process
>>>> memcmp also returned non-zero when detected kseg0 high 256MB. Then
>>>> I did
>>>> another thing. memcpy first and test memcmp then (after &_end). It
>>>> works
>>>> well on 3A3000 but badly on 3A4000. Maybe because kseg0 high 256MB
>>>> maps
>>>> IO/PCI and it is dangerous to write like write memory.
>>>>
>>>> At last, read memory from where is not memory region may always
>>>> return 0.
>>>> (Or trigger exception.) This function have been used several years and
>>>> seems no error occur. Maybe it's a fallback way.
>>> That is not true for other platforms like ath79 or mtk.
>>> They'll wrap around or return 0xffffffff for out of boundary accessing.
>>>
>>> Loongson does not apply to this case as it have special "Address
>>> Window"
>>> design to accurately describe address regions.
>>> Any access beyond described windows will be handled by MC and return
>>> 0 or random stuff.
>>>
>>> Again, please don't make changes because you can.
>>>
>>> Thanks.
>>>
>>> - Jiaxun
>>
>> Hi, Jiaxun,
>>
>> Thank you for answering this puzzle for me in detail.
>>
>> Assume that the machine has 8MB real memory and dm address is (base +
>> 3M).
>> When size = 8MB, there will be a phenomenon of `wrap around`, the actual
>> content of (dm + 8M + 3M) is content of (dm + 3M), so it will trigger
>> `break`, right? At this time, the kernel will add 8M to the memory.
>
> Hi Jingyang,
>
> How can you boot kernel with 8M memory in present days ;-)
> (Ohh with respect to Nintendo64 developer who had proven it's possible)
>
> For what I can say, detect_memory_region exists because many devices
> doesn't have a way to pass memory size information from bootloader to
> kernel. Or their bootloader even don't care about memory size.
>
> Kernel needs it to get memory size correctly. Although it seems fragile.
>
> That's life, we must accept imperfect past and don't repeat it in future.
>
> Thanks.
>
> - Jiaxun
>
>
That's just a assume. Because it looks fresh to me.
Thank you very much. :-D
>>
>> Thanks,
>> Jinyang
>>
Powered by blists - more mailing lists