lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <05c255e6d9d8d12e8e6af59d9c153981@walle.cc>
Date:   Tue, 02 Mar 2021 14:06:33 +0100
From:   Michael Walle <michael@...le.cc>
To:     Miquel Raynal <miquel.raynal@...tlin.com>
Cc:     linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org,
        linux-api@...r.kernel.org, Richard Weinberger <richard@....at>,
        Vignesh Raghavendra <vigneshr@...com>,
        Tudor.Ambarus@...rochip.com
Subject: Re: [RFC PATCH] mtd: add OTP (one-time-programmable) erase ioctl

Hi,

Am 2021-03-02 13:46, schrieb Miquel Raynal:
> Michael Walle <michael@...le.cc> wrote on Tue,  2 Mar 2021 12:09:27
> +0100:
> 
>> This may sound like a contradiction but some SPI-NOR flashes really
>> support erasing their OTP region until it is finally locked. Having 
>> the
>> possibility to erase an OTP region might come in handy during
>> development.
>> 
>> The ioctl argument follows the OTPLOCK style.
>> 
>> Signed-off-by: Michael Walle <michael@...le.cc>
>> ---
>> OTP support for SPI-NOR flashes may be merged soon:
>> https://lore.kernel.org/linux-mtd/20210216162807.13509-1-michael@walle.cc/
>> 
>> Tudor suggested to add support for the OTP erase operation most 
>> SPI-NOR
>> flashes have:
>> https://lore.kernel.org/linux-mtd/d4f74b1b-fa1b-97ec-858c-d807fe1f9e57@microchip.com/
>> 
>> Therefore, this is an RFC to get some feedback on the MTD side, once 
>> this
>> is finished, I can post a patch for mtd-utils. Then we'll have a 
>> foundation
>> to add the support to SPI-NOR.
>> 

[..]

>> +int mtd_erase_user_prot_reg(struct mtd_info *mtd, loff_t from, size_t 
>> len)
>> +{
>> +	struct mtd_info *master = mtd_get_master(mtd);
>> +
>> +	if (!master->_erase_user_prot_reg)
>> +		return -EOPNOTSUPP;
>> +	if (!len)
>> +		return 0;
> 
> Should we add a sanity check enforcing that we don't try to access
> beyond the end of the OTP area?

This is checked in the op itself, as it is done for all the
other OTP read/write/lock ops.

Right at the moment, I don't see how this could be achieved in
an elegant way. Without additional changes, you'd have to call
mtd_get_user_prot_info() and iterate over the returned values
and figure out whether from and len are valid.

[..]

-michael

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ