| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 5 Feb 2024 21:08:55 -0500
From: "Martin K. Petersen" <martin.petersen@...cle.com>
To: Alim Akhtar <alim.akhtar@...sung.com>, Avri Altman <avri.altman@....com>,
Bart Van Assche <bvanassche@....org>,
"James E.J. Bottomley" <jejb@...ux.ibm.com>,
Matthias Brugger <matthias.bgg@...il.com>,
AngeloGioacchino Del Regno <angelogioacchino.delregno@...labora.com>,
alice.chao@...iatek.com
Cc: "Martin K . Petersen" <martin.petersen@...cle.com>,
wsd_upstream@...iatek.com, stanley.chu@...iatek.com,
peter.wang@...iatek.com, powen.kao@...iatek.com,
naomi.chu@...iatek.com, cc.chou@...iatek.com, tun-yu.yu@...iatek.com,
chun-hung.wu@...iatek.com, casper.li@...iatek.com,
linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org,
linux-mediatek@...ts.infradead.org
Subject: Re: [PATCH v1 1/1] ufs: core: fix shift issue in ufshcd_clear_cmd
On Mon, 05 Feb 2024 18:49:04 +0800, alice.chao@...iatek.com wrote:
> When task_tag > 32 (in mcq mode), 1U << task_tag will out of bound
> for u32 mask. Fix this bug to prevent SHIFT_ISSUE (Bitwise shifts
> that are out of bounds for their data type).
>
> [name:debug_monitors&]Unexpected kernel BRK exception at EL1
> [name:traps&]Internal error: BRK handler: 00000000f2005514 [#1] PREEMPT SMP
> [name:mediatek_cpufreq_hw&]cpufreq stop DVFS log done
> [name:mrdump&]Kernel Offset: 0x1ba5800000 from 0xffffffc008000000
> [name:mrdump&]PHYS_OFFSET: 0x80000000
> [name:mrdump&]pstate: 22400005 (nzCv daif +PAN -UAO)
> [name:mrdump&]pc : [0xffffffdbaf52bb2c] ufshcd_clear_cmd+0x280/0x288
> [name:mrdump&]lr : [0xffffffdbaf52a774] ufshcd_wait_for_dev_cmd+0x3e4/0x82c
> [name:mrdump&]sp : ffffffc0081471b0
> <snip>
> Workqueue: ufs_eh_wq_0 ufshcd_err_handler
> Call trace:
> dump_backtrace+0xf8/0x144
> show_stack+0x18/0x24
> dump_stack_lvl+0x78/0x9c
> dump_stack+0x18/0x44
> mrdump_common_die+0x254/0x480 [mrdump]
> ipanic_die+0x20/0x30 [mrdump]
> notify_die+0x15c/0x204
> die+0x10c/0x5f8
> arm64_notify_die+0x74/0x13c
> do_debug_exception+0x164/0x26c
> el1_dbg+0x64/0x80
> el1h_64_sync_handler+0x3c/0x90
> el1h_64_sync+0x68/0x6c
> ufshcd_clear_cmd+0x280/0x288
> ufshcd_wait_for_dev_cmd+0x3e4/0x82c
> ufshcd_exec_dev_cmd+0x5bc/0x9ac
> ufshcd_verify_dev_init+0x84/0x1c8
> ufshcd_probe_hba+0x724/0x1ce0
> ufshcd_host_reset_and_restore+0x260/0x574
> ufshcd_reset_and_restore+0x138/0xbd0
> ufshcd_err_handler+0x1218/0x2f28
> process_one_work+0x5fc/0x1140
> worker_thread+0x7d8/0xe20
> kthread+0x25c/0x468
> ret_from_fork+0x10/0x20
>
> [...]
Applied to 6.8/scsi-fixes, thanks!
[1/1] ufs: core: fix shift issue in ufshcd_clear_cmd
https://git.kernel.org/mkp/scsi/c/b513d30d59bb
--
Martin K. Petersen Oracle Linux Engineering
Powered by blists - more mailing lists