| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ac4b66da-6a76-c2ec-7e21-31632f3448d5@sberdevices.ru>
Date: Wed, 12 Apr 2023 12:20:55 +0300
From: Arseniy Krasnov <avkrasnov@...rdevices.ru>
To: Miquel Raynal <miquel.raynal@...tlin.com>
CC: Liang Yang <liang.yang@...ogic.com>,
Richard Weinberger <richard@....at>,
Vignesh Raghavendra <vigneshr@...com>,
Neil Armstrong <neil.armstrong@...aro.org>,
Kevin Hilman <khilman@...libre.com>,
Jerome Brunet <jbrunet@...libre.com>,
Martin Blumenstingl <martin.blumenstingl@...glemail.com>,
Jianxin Pan <jianxin.pan@...ogic.com>,
Yixun Lan <yixun.lan@...ogic.com>, <oxffffaa@...il.com>,
<kernel@...rdevices.ru>, <linux-mtd@...ts.infradead.org>,
<linux-arm-kernel@...ts.infradead.org>,
<linux-amlogic@...ts.infradead.org>, <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v1 4/5] mtd: rawnand: meson: clear OOB buffer before read
On 12.04.2023 10:44, Miquel Raynal wrote:
> Hi Arseniy,
>
> AVKrasnov@...rdevices.ru wrote on Wed, 12 Apr 2023 09:16:58 +0300:
>
>> This NAND reads only few user's bytes in ECC mode (not full OOB), so
>
> "This NAND reads" does not look right, do you mean "Subpage reads do
> not retrieve all the OOB bytes,"?
>
>> fill OOB buffer with zeroes to not return garbage from previous reads
>> to user.
>> Otherwise 'nanddump' utility prints something like this for just erased
>> page:
>>
>> ...
>> 0x000007f0: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
>> OOB Data: ff ff ff ff 00 00 ff ff 80 cf 22 99 cb ad d3 be
>> OOB Data: 63 27 ae 06 16 0a 2f eb bb dd 46 74 41 8e 88 6e
>> OOB Data: 38 a1 2d e6 77 d4 05 06 f2 a5 7e 25 eb 34 7c ff
>> OOB Data: 38 ea de 14 10 de 9b 40 33 16 6a cc 9d aa 2f 5e
>>
>> Signed-off-by: Arseniy Krasnov <AVKrasnov@...rdevices.ru>
>> ---
>> drivers/mtd/nand/raw/meson_nand.c | 5 +++++
>> 1 file changed, 5 insertions(+)
>>
>> diff --git a/drivers/mtd/nand/raw/meson_nand.c b/drivers/mtd/nand/raw/meson_nand.c
>> index f84a10238e4d..f2f2472cb511 100644
>> --- a/drivers/mtd/nand/raw/meson_nand.c
>> +++ b/drivers/mtd/nand/raw/meson_nand.c
>> @@ -858,9 +858,12 @@ static int meson_nfc_read_page_sub(struct nand_chip *nand,
>> static int meson_nfc_read_page_raw(struct nand_chip *nand, u8 *buf,
>> int oob_required, int page)
>> {
>> + struct mtd_info *mtd = nand_to_mtd(nand);
>> u8 *oob_buf = nand->oob_poi;
>> int ret;
>>
>> + memset(oob_buf, 0, mtd->oobsize);
>
> I'm surprised raw reads do not read the entire OOB?
Yes! Seems in case of raw access (what i see in this driver) number of OOB bytes read
still depends on ECC parameters: for each portion of data covered with ECC code we can
read it's ECC code and "user bytes" from OOB - it is what i see by dumping DMA buffer by
printk(). For example I'm working with 2K NAND pages, each page has 2 x 1K ECC blocks.
For each ECC block I have 16 OOB bytes which I can access by read/write. Each 16 bytes
contains 2 bytes of user's data and 14 bytes ECC codes. So when I read page in raw mode
controller returns 32 bytes (2 x (2 + 14)) of OOB. While OOB is reported as 64 bytes.
Thanks, Arseniy
>
>> +
>> ret = meson_nfc_read_page_sub(nand, page, 1);
>> if (ret)
>> return ret;
>> @@ -881,6 +884,8 @@ static int meson_nfc_read_page_hwecc(struct nand_chip *nand, u8 *buf,
>> u8 *oob_buf = nand->oob_poi;
>> int ret, i;
>>
>> + memset(oob_buf, 0, mtd->oobsize);
>> +
>> ret = meson_nfc_read_page_sub(nand, page, 0);
>> if (ret)
>> return ret;
>
>
> Thanks,
> Miquèl
Powered by blists - more mailing lists