lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 27 Mar 2024 20:09:34 +0000
From: Volodymyr Babchuk <Volodymyr_Babchuk@...m.com>
CC: Caleb Connolly <caleb.connolly@...aro.org>,
        Volodymyr Babchuk
	<Volodymyr_Babchuk@...m.com>,
        Bjorn Andersson <andersson@...nel.org>,
        Konrad
 Dybcio <konrad.dybcio@...aro.org>,
        "linux-arm-msm@...r.kernel.org"
	<linux-arm-msm@...r.kernel.org>,
        "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>
Subject: [PATCH] soc: qcom: cmd-db: map shared memory as WT, not WB

It appears that hardware does not like cacheable accesses to this
region. Trying to access this shared memory region as Normal Memory
leads to secure interrupt which causes an endless loop somewhere in
Trust Zone.

The only reason it is working right now is because Qualcomm Hypervisor
maps the same region as Non-Cacheable memory in Stage 2 translation
tables. The issue manifests if we want to use another hypervisor (like
Xen or KVM), which does not know anything about those specific
mappings. This patch fixes the issue by mapping the shared memory as
Write-Through. This removes dependency on correct mappings in Stage 2
tables.

I tested this on SA8155P with Xen.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@...m.com>
---
 drivers/soc/qcom/cmd-db.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/soc/qcom/cmd-db.c b/drivers/soc/qcom/cmd-db.c
index a5fd68411bed5..dd5ababdb476c 100644
--- a/drivers/soc/qcom/cmd-db.c
+++ b/drivers/soc/qcom/cmd-db.c
@@ -324,7 +324,7 @@ static int cmd_db_dev_probe(struct platform_device *pdev)
 		return -EINVAL;
 	}
 
-	cmd_db_header = memremap(rmem->base, rmem->size, MEMREMAP_WB);
+	cmd_db_header = memremap(rmem->base, rmem->size, MEMREMAP_WT);
 	if (!cmd_db_header) {
 		ret = -ENOMEM;
 		cmd_db_header = NULL;
-- 
2.43.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ