lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 3 Mar 2021 09:01:34 +0200
From:   Adrian Hunter <adrian.hunter@...el.com>
To:     Pradeep P V K <pragalla@...eaurora.org>, ulf.hansson@...aro.org
Cc:     asutoshd@...eaurora.org, stummala@...eaurora.org,
        rampraka@...eaurora.org, vbadigan@...eaurora.org,
        linux-mmc@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH V1] mmc: sdhci: Check for reset prior to DMA address unmap

On 24/02/21 12:53 pm, Pradeep P V K wrote:
> For data read commands, SDHC may initiate data transfers even before it
> completely process the command response. In case command itself fails,
> driver un-maps the memory associated with data transfer but this memory
> can still be accessed by SDHC for the already initiated data transfer.
> This scenario can lead to un-mapped memory access error.
> 
> To avoid this scenario, reset SDHC (when command fails) prior to
> un-mapping memory. Resetting SDHC ensures that all in-flight data
> transfers are either aborted or completed. So we don't run into this
> scenario.
> 
> Swap the reset, un-map steps sequence in sdhci_request_done().
> 
> Suggested-by: Veerabhadrarao Badiganti <vbadigan@...eaurora.org>
> Signed-off-by: Pradeep P V K <pragalla@...eaurora.org>

Seems like a good change to make.  A couple of cosmetic tweaks below,
but:

Acked-by: Adrian Hunter <adrian.hunter@...el.com>

> ---
>  drivers/mmc/host/sdhci.c | 58 ++++++++++++++++++++++++------------------------
>  1 file changed, 29 insertions(+), 29 deletions(-)
> 
> diff --git a/drivers/mmc/host/sdhci.c b/drivers/mmc/host/sdhci.c
> index 646823d..e78d84c 100644
> --- a/drivers/mmc/host/sdhci.c
> +++ b/drivers/mmc/host/sdhci.c
> @@ -2996,6 +2996,35 @@ static bool sdhci_request_done(struct sdhci_host *host)
>  		spin_unlock_irqrestore(&host->lock, flags);
>  		return true;
>  	}

Blank line here please.

> +	/*
> +	 * The controller needs a reset of internal state machines
> +	 * upon error conditions.
> +	 */
> +	if (sdhci_needs_reset(host, mrq)) {
> +		/*
> +		 * Do not finish until command and data lines are available for
> +		 * reset. Note there can only be one other mrq, so it cannot
> +		 * also be in mrqs_done, otherwise host->cmd and host->data_cmd
> +		 * would both be null.
> +		 */
> +		if (host->cmd || host->data_cmd) {
> +			spin_unlock_irqrestore(&host->lock, flags);
> +			return true;
> +		}
> +
> +		/* Some controllers need this kick or reset won't work here */
> +		if (host->quirks & SDHCI_QUIRK_CLOCK_BEFORE_RESET)
> +			/* This is to force an update */
> +			host->ops->set_clock(host, host->clock);
> +
> +		/* Spec says we should do both at the same time, but Ricoh
> +		 * controllers do not like that.
> +		 */

Please change comment style:

		/*
		 * Spec says we should do both at the same time, but Ricoh
		 * controllers do not like that.
		 */

> +		sdhci_do_reset(host, SDHCI_RESET_CMD);
> +		sdhci_do_reset(host, SDHCI_RESET_DATA);
> +
> +		host->pending_reset = false;
> +	}
>  
>  	/*
>  	 * Always unmap the data buffers if they were mapped by
> @@ -3060,35 +3089,6 @@ static bool sdhci_request_done(struct sdhci_host *host)
>  		}
>  	}
>  
> -	/*
> -	 * The controller needs a reset of internal state machines
> -	 * upon error conditions.
> -	 */
> -	if (sdhci_needs_reset(host, mrq)) {
> -		/*
> -		 * Do not finish until command and data lines are available for
> -		 * reset. Note there can only be one other mrq, so it cannot
> -		 * also be in mrqs_done, otherwise host->cmd and host->data_cmd
> -		 * would both be null.
> -		 */
> -		if (host->cmd || host->data_cmd) {
> -			spin_unlock_irqrestore(&host->lock, flags);
> -			return true;
> -		}
> -
> -		/* Some controllers need this kick or reset won't work here */
> -		if (host->quirks & SDHCI_QUIRK_CLOCK_BEFORE_RESET)
> -			/* This is to force an update */
> -			host->ops->set_clock(host, host->clock);
> -
> -		/* Spec says we should do both at the same time, but Ricoh
> -		   controllers do not like that. */
> -		sdhci_do_reset(host, SDHCI_RESET_CMD);
> -		sdhci_do_reset(host, SDHCI_RESET_DATA);
> -
> -		host->pending_reset = false;
> -	}
> -
>  	host->mrqs_done[i] = NULL;
>  
>  	spin_unlock_irqrestore(&host->lock, flags);
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ