lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 10 Nov 2022 01:52:43 +0000
From:   Daniel Golle <daniel@...rotopia.org>
To:     Matthew Wilcox <willy@...radead.org>
Cc:     Jens Axboe <axboe@...nel.dk>,
        Miquel Raynal <miquel.raynal@...tlin.com>,
        Richard Weinberger <richard@....at>,
        Vignesh Raghavendra <vigneshr@...com>,
        Davidlohr Bueso <dave@...olabs.net>,
        "Martin K. Petersen" <martin.petersen@...cle.com>,
        Chaitanya Kulkarni <kch@...dia.com>,
        Ming Lei <ming.lei@...hat.com>, linux-block@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-mtd@...ts.infradead.org,
        linux-efi@...r.kernel.org
Subject: Re: [PATCH v4 2/5] block: add partition parser for U-Boot uImage.FIT

On Wed, Nov 09, 2022 at 05:21:01PM +0000, Matthew Wilcox wrote:
> On Wed, Nov 09, 2022 at 02:36:11PM +0000, Daniel Golle wrote:
> > On Wed, Nov 09, 2022 at 01:58:29PM +0000, Matthew Wilcox wrote:
> > > ... actually, why can't you call read_part_sector() and avoid all of
> > > this?
> > 
> > I've tried that before and the problem is that read_part_sector()
> > returns a pointer to one sector (typically 512 bytes) of data.
> > And this pointer should not be accesses beyond sector boundaries,
> > right? You'd have to call read_part_sector() again for the next
> > sector.
> > 
> > The FIT structure, however, usually exceeds the size of one sector,
> > and having a continous memory area covering the structure as a whole
> > is crucial for libfdt to do its job.
> > 
> > I could, of course, use read_part_sector() to copy all sectors
> > covering the FIT structure into a buffer, but that seemed strange
> > given that read_part_sector() actually used read_mapping_page()
> > (and now uses read_mapping_folio()) internally and then returns a
> > pointer to the offset within the page/folio. So why not read it in one
> > piece in first place instead of having it first split up to sectors
> > by read_part_sector() just to then having to reassemble it into a
> > continous buffer again.
> 
> Are you guaranteed that it's "sufficiently" aligned on storage so
> that it fits entirely within a single page?  If not, you'll have
> to copy it, vmap it, or fix libfdt to handle a segmented buffer.

Yes, for the uImage.FIT to be usable for the partition parser it has
to be page-aligned.

There is a check which makes sure that this is the case:
> +	/* uImage.FIT should be aligned to page boundaries */
> +	if (fit_start_sector % (1 << (PAGE_SHIFT - SECTOR_SHIFT)))
> +		return 0;

In case of mtdblock or ubiblock devices, the image always starts at
offset 0, so this is never a problem.
In case of the image being stored in a GPT partition, one has to make
sure that the start sector of the partition is page aligned, otherwise
the above check will fail and the partition parser will bail out.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ