2014-11-13 18:09:41

by Furquan Shaikh

[permalink] [raw]
Subject: [PATCH] pstore: Use memcpy_toio instead of memcpy

persistent_ram_update uses vmap / iomap based on whether the buffer is in memory
region or reserved region. However, both map it as non-cacheable memory. For
armv8 specifically, non-cacheable mapping requests use a memory type that has to
be accessed aligned to the request size. memcpy() doesn't guarantee that.

Signed-off-by: Furquan Shaikh <[email protected]>
---
fs/pstore/ram_core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/pstore/ram_core.c b/fs/pstore/ram_core.c
index 9d7b9a8..cfbc5e4 100644
--- a/fs/pstore/ram_core.c
+++ b/fs/pstore/ram_core.c
@@ -299,7 +299,7 @@ static void notrace persistent_ram_update(struct persistent_ram_zone *prz,
const void *s, unsigned int start, unsigned int count)
{
struct persistent_ram_buffer *buffer = prz->buffer;
- memcpy(buffer->data + start, s, count);
+ memcpy_toio(buffer->data + start, s, count);
persistent_ram_update_ecc(prz, start, count);
}

--
2.1.0.rc2.206.gedb03e5


2014-11-13 18:10:59

by Kees Cook

[permalink] [raw]
Subject: Re: [PATCH] pstore: Use memcpy_toio instead of memcpy

On Thu, Nov 13, 2014 at 10:09 AM, Furquan Shaikh <[email protected]> wrote:
> persistent_ram_update uses vmap / iomap based on whether the buffer is in memory
> region or reserved region. However, both map it as non-cacheable memory. For
> armv8 specifically, non-cacheable mapping requests use a memory type that has to
> be accessed aligned to the request size. memcpy() doesn't guarantee that.
>
> Signed-off-by: Furquan Shaikh <[email protected]>
> ---
> fs/pstore/ram_core.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/pstore/ram_core.c b/fs/pstore/ram_core.c
> index 9d7b9a8..cfbc5e4 100644
> --- a/fs/pstore/ram_core.c
> +++ b/fs/pstore/ram_core.c
> @@ -299,7 +299,7 @@ static void notrace persistent_ram_update(struct persistent_ram_zone *prz,
> const void *s, unsigned int start, unsigned int count)
> {
> struct persistent_ram_buffer *buffer = prz->buffer;
> - memcpy(buffer->data + start, s, count);
> + memcpy_toio(buffer->data + start, s, count);
> persistent_ram_update_ecc(prz, start, count);
> }
>
> --
> 2.1.0.rc2.206.gedb03e5
>

Acked-by: Kees Cook <[email protected]>

Thanks!

-Kees

--
Kees Cook
Chrome OS Security