lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 15 Mar 2021 09:43:02 +0000
From:   John Garry <john.garry@...wei.com>
To:     Arnd Bergmann <arnd@...db.de>, Dmitry Vyukov <dvyukov@...gle.com>
CC:     Mark Rutland <mark.rutland@....com>, Marc Zyngier <maz@...nel.org>,
        "Will Deacon" <will@...nel.org>, Ard Biesheuvel <ardb@...nel.org>,
        Linux ARM <linux-arm-kernel@...ts.infradead.org>,
        syzkaller <syzkaller@...glegroups.com>,
        LKML <linux-kernel@...r.kernel.org>,
        "Peter Maydell" <peter.maydell@...aro.org>,
        Alex Bennée <alex.bennee@...aro.org>
Subject: Re: arm64 syzbot instances

On 12/03/2021 10:52, Arnd Bergmann wrote:
> On Fri, Mar 12, 2021 at 11:38 AM Dmitry Vyukov <dvyukov@...gle.com> wrote:
>> On Fri, Mar 12, 2021 at 11:11 AM Arnd Bergmann <arnd@...db.de> wrote:
>>
>> It does not happen too often on syzbot so far, so let's try to do the
>> right thing first.
>> I've filed: https://bugs.launchpad.net/qemu/+bug/1918917
>> with a link to this thread. To be fair, I don't fully understand what
>> I am talking about, I hope I proxied your description properly.
> 
> Thanks, looks good. I provided a little more detail in a comment there.
> 
>          Arnd
> .
> 

 From looking at the bug report, my impression is that this is a qemu 
issue, as the logical IO space is mapped to the PCI host bridge IO 
space, and qemu does not handle accesses to that CPU addressable region 
at all. As Arnd said.

However, we really should not be accessing logical IO ports 0 or 0x2f8 
at all via ttyS3 if not enumerated from PCI device at that logical IO 
port. That is what I think anyway, as who knows what device - if any - 
really exists at that location. That is why I had this patch to just 
stop accesses to legacy IO port regions on arm64:

https://lore.kernel.org/lkml/1610729929-188490-2-git-send-email-john.garry@huawei.com/

Thanks,
John

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ