| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAATdQgD1paUUmWhiLVq-+zq0V6=RTJw89ggk=R6cBUZO+5dB-Q@mail.gmail.com>
Date: Thu, 12 Aug 2021 17:31:45 +0800
From: Ikjoon Jang <ikjn@...omium.org>
To: Chunfeng Yun (云春峰)
<Chunfeng.Yun@...iatek.com>
Cc: "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>,
"matthias.bgg@...il.com" <matthias.bgg@...il.com>,
"linux-mediatek@...ts.infradead.org"
<linux-mediatek@...ts.infradead.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-usb@...r.kernel.org" <linux-usb@...r.kernel.org>,
"mathias.nyman@...el.com" <mathias.nyman@...el.com>
Subject: Re: [RFC PATCH] usb: xhci-mtk: handle bandwidth table rollover
HI,
On Wed, Aug 11, 2021 at 5:02 PM Chunfeng Yun (云春峰)
<Chunfeng.Yun@...iatek.com> wrote:
>
> On Mon, 2021-08-09 at 17:42 +0800, Ikjoon Jang wrote:
> > On Mon, Aug 9, 2021 at 5:11 PM Greg Kroah-Hartman
> > <gregkh@...uxfoundation.org> wrote:
> > >
> > > On Mon, Aug 09, 2021 at 04:59:29PM +0800, Ikjoon Jang wrote:
> > > > xhci-mtk has 64 slots for periodic bandwidth calculations and
> > > > each
> > > > slot represents byte budgets on a microframe. When an endpoint's
> > > > allocation sits on the boundary of the table, byte budgets' slot
> > > > should be rolled over but the current implementation doesn't.
> > > >
> > > > This patch applies a 6 bits mask to the microframe index to
> > > > handle
> > > > its rollover 64 slots and prevent out-of-bounds array access.
> > > >
> > > > Signed-off-by: Ikjoon Jang <ikjn@...omium.org>
> > > > ---
> > > >
> > > > drivers/usb/host/xhci-mtk-sch.c | 79 +++++++++----------------
> > > > --------
> > > > drivers/usb/host/xhci-mtk.h | 1 +
> > > > 2 files changed, 23 insertions(+), 57 deletions(-)
> > >
> > > Why is this "RFC"? What needs to be addressed in this change
> > > before it
> > > can be accepted?
> >
> > sorry, I had to mention why this is RFC:
> >
> > I simply don't know about the details of the xhci-mtk internals.
> > It was okay from my tests with mt8173 and I think this will be
> > harmless
> > as this is "better than before".
> >
> > But when I removed get_esit_boundary(), I really have no idea why
> > it was there. I'm wondering if there was another reason of that
> > function
> > other than just preventing out-of-bounds. Maybe chunfeng can answer
> > this?
> We use @esit to prevent out-of-bounds array access. it's not a ring,
> can't insert out-of-bounds value into head slot.
Thanks, so that function was only for out-of-bounds array access.
then I think we just can remove that function and use it as a ring.
Can you tell me _why_ it can't be used as a ring?
I think a transaction (e.g. esit_boundary = 7) can start its first SSPLIT
from Y_7 (offset = 7). But will that allocation be matched with this?
- if ((offset + sch_ep->num_budget_microframes) > esit_boundary)
- break;
I mean I'm not sure why this is needed.
Until now, I couldn't find a way to accept the USB audio headset
with a configuration of { INT-IN 64 + ISOC-OUT 384 + ISOC-IN 192 }
without this patch.
>
> >
> > Thanks!
> >
> > >
> > > thanks,
> > >
> > > greg k-h
Powered by blists - more mailing lists