lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250114-easiness-pregame-d1d2d4b57e7b@spud>
Date: Tue, 14 Jan 2025 17:13:49 +0000
From: Conor Dooley <conor@...nel.org>
To: linux-spi@...r.kernel.org
Cc: conor@...nel.org,
	Conor Dooley <conor.dooley@...rochip.com>,
	stable@...r.kernel.org,
	Daire McNamara <daire.mcnamara@...rochip.com>,
	Mark Brown <broonie@...nel.org>,
	linux-kernel@...r.kernel.org
Subject: [PATCH] spi: microchip-core: prevent RX overflows when transmit size > FIFO size

From: Conor Dooley <conor.dooley@...rochip.com>

When the size of a transfer exceeds the size of the FIFO (32 bytes), RX
overflows will be generated and receive data will be corrupted and
warnings will be produced. For example, here's an error generated by a
transfer of 36 bytes:

  spi_master spi0: mchp_corespi_interrupt: RX OVERFLOW: rxlen: 4, txlen: 0

I am not entirely sure how this happens, as rxlen being 4 means that 32
of 36 bytes have been read from the RX FIFO so there should be
sufficient room for 4 more bytes but timing is likely a factor as simply
adding a delay in the transmit path is enough to avoid the overflows.

CC: stable@...r.kernel.org
Fixes: 9ac8d17694b6 ("spi: add support for microchip fpga spi controllers")
Signed-off-by: Conor Dooley <conor.dooley@...rochip.com>
---
Been sitting on this one for a bit, original reporter claims the problem
isn't fixed, but it fixed the issue on my setup so I am sending the patch
as it's an improvement on the status quo at the very least.

CC: Conor Dooley <conor.dooley@...rochip.com>
CC: Daire McNamara <daire.mcnamara@...rochip.com>
CC: Mark Brown <broonie@...nel.org>
CC: linux-spi@...r.kernel.org
CC: linux-kernel@...r.kernel.org
---
 drivers/spi/spi-microchip-core.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/drivers/spi/spi-microchip-core.c b/drivers/spi/spi-microchip-core.c
index 5b6af55855ef..3582fe8d3fc4 100644
--- a/drivers/spi/spi-microchip-core.c
+++ b/drivers/spi/spi-microchip-core.c
@@ -221,6 +221,13 @@ static inline void mchp_corespi_write_fifo(struct mchp_corespi *spi)
 	while ((i < fifo_max) && !(mchp_corespi_read(spi, REG_STATUS) & STATUS_TXFIFO_FULL)) {
 		u32 word;
 
+		/*
+		 * If the transfer is larger than FIFO_DEPTH, spin until space
+		 * is made in the RX FIFO to avoid losing data to RX overflows
+		 */
+		while (mchp_corespi_read(spi, REG_STATUS) & STATUS_RXFIFO_FULL)
+			;
+
 		if (spi->n_bytes == 4)
 			word = spi->tx_buf ? *((u32 *)spi->tx_buf) : 0xaa;
 		else if (spi->n_bytes == 2)
-- 
2.45.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ