lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <DM6PR04MB65753E95C58554A9BD01C3FEFC38A@DM6PR04MB6575.namprd04.prod.outlook.com>
Date:   Tue, 18 Jul 2023 12:32:15 +0000
From:   Avri Altman <Avri.Altman@....com>
To:     Adrian Hunter <adrian.hunter@...el.com>,
        Wenchao Chen <wenchao.chen@...soc.com>,
        "ulf.hansson@...aro.org" <ulf.hansson@...aro.org>
CC:     "linux-mmc@...r.kernel.org" <linux-mmc@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "wenchao.chen666@...il.com" <wenchao.chen666@...il.com>,
        "zhenxiong.lai@...soc.com" <zhenxiong.lai@...soc.com>,
        "chunyan.zhang@...soc.com" <chunyan.zhang@...soc.com>,
        "yuelin.tang@...soc.com" <yuelin.tang@...soc.com>
Subject: RE: [PATCH] mmc: core: Remove FW revision from CID check

> 
> On 18/07/23 04:15, Wenchao Chen wrote:
> > When the card is reset, mmc_card_init() will check if this
> > card is the previous card by comparing the CID.
> >
> > If the firmware is upgraded, the product version may change,
> > so we remove the product version from the CID check.
> 
> What is the use-case for this?  I would have thought it is safer
> not to assume anything about the card after the firmware has been
> upgraded.
Ack on that.

Regardless, the PRV CID-slice is [48:55]  and CRC [1:7]?

Thanks,
Avri

> 
> >
> > Signed-off-by: Wenchao Chen <wenchao.chen@...soc.com>
> > ---
> >  drivers/mmc/core/mmc.c | 18 +++++++++++++++++-
> >  1 file changed, 17 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/mmc/core/mmc.c b/drivers/mmc/core/mmc.c
> > index 89cd48fcec79..32a73378d5c3 100644
> > --- a/drivers/mmc/core/mmc.c
> > +++ b/drivers/mmc/core/mmc.c
> > @@ -32,6 +32,9 @@
> >  #define MIN_CACHE_EN_TIMEOUT_MS 1600
> >  #define CACHE_FLUSH_TIMEOUT_MS 30000 /* 30s */
> >
> > +#define MMC_CID_PRV_MASK GENMASK(23, 16)
> > +#define MMC_CID_CRC_MASK GENMASK(7, 0)
> > +
> >  static const unsigned int tran_exp[] = {
> >       10000,          100000,         1000000,        10000000,
> >       0,              0,              0,              0
> > @@ -126,6 +129,19 @@ static int mmc_decode_cid(struct mmc_card *card)
> >       return 0;
> >  }
> >
> > +static int mmc_check_cid(u32 *cid, u32 *raw_cid)
> > +{
> > +     /*
> > +      * When comparing CID, we need to remove the product
> > +      * version (Field PRV, offset 55:48) and CRC. Because
> > +      * the product version will change when the firmware
> > +      * is upgraded. Also, the new CRC is different.
> > +      */
> > +     return cid[0] != raw_cid[0] || cid[1] != raw_cid[1] ||
> > +             (cid[2] & ~MMC_CID_PRV_MASK) != (raw_cid[2] &
> ~MMC_CID_PRV_MASK) ||
> > +             (cid[3] & ~MMC_CID_CRC_MASK) != (raw_cid[3] &
> ~MMC_CID_CRC_MASK);
> > +}
> > +
> >  static void mmc_set_erase_size(struct mmc_card *card)
> >  {
> >       if (card->ext_csd.erase_group_def & 1)
> > @@ -1640,7 +1656,7 @@ static int mmc_init_card(struct mmc_host *host,
> u32 ocr,
> >               goto err;
> >
> >       if (oldcard) {
> > -             if (memcmp(cid, oldcard->raw_cid, sizeof(cid)) != 0) {
> > +             if (mmc_check_cid(cid, oldcard->raw_cid)) {
> >                       pr_debug("%s: Perhaps the card was replaced\n",
> >                               mmc_hostname(host));
> >                       err = -ENOENT;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ