Received: by 10.223.185.116 with SMTP id b49csp1135291wrg; Wed, 14 Feb 2018 12:09:50 -0800 (PST) X-Google-Smtp-Source: AH8x225uFu1LDd+GqVIv1f8PIJQpsRVUYe76x3otecjzYjMOOuyeJv7dWe7BiwkDzJ1QO9qs1sZl X-Received: by 2002:a17:902:bb06:: with SMTP id l6-v6mr178371pls.115.1518638990461; Wed, 14 Feb 2018 12:09:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518638990; cv=none; d=google.com; s=arc-20160816; b=ae2T2tTEnj8dEosx/QNvcPLIAvWlwOncNFPyf5sIbR2ijLOsyRj7iXZ2acG6/6qWz+ xydUeMFCeMhhvTcd65Gvuu3toaP5J6AqiTsd083wP6gc4VK+w+TUglBigJXFzbUFwkNq HCWtUOSXDrOi5r70NfP0O6j4SM1Gh0VWsFibqUjR9osh8dTrblD8RRELleSvN9nvPP2M gmH8FrEsIFEM5pcZ/2cvVOCltXjcxhGjC9eJAXgjMqU0j9OfyiKxGqJdSeAiZZWuro0C qhXHmJNQrpI+g/t9Q3ZnBBwHUvtDjy1KguU2P87eUY02RxCYtJnr/DLGFFDByIVv4jDc dUVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :arc-authentication-results; bh=9aO/x51FKw0Bf5krB5XodEHzx7lveMyk282hrb3RD04=; b=Yh6iQo/7tlrMWVWWPm/NJ9E9iFSPxN7OIsRO8rWs8o8Eh4P96BZk1srfcYIWfjyyIc lm+dDiaKOido0P8/5T4xtfN/aVpWnBTWdRFs92AxPScWJTbMpktDZ7SWqgmVmg0WlLQV itv/+6leqRk2AgW1Xw7o/Satybuzo9LzYo1y3/AXlXxS3S5uMOVEsOOGd7MrVTedke9N FwAMxzFgxlVB61iWyjaV7hXIceN2gqZsSjdCG42jEJd0zV/eSdHh/QdmNlMzu3LFsvdF B711fRcrKX8KWiLrJXIHqbVYSTU9+vCRToU3f0T3kz8gCQOE9jNq1tla4OoKoPF4Ps2K fRaA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u198si238449pgc.775.2018.02.14.12.09.35; Wed, 14 Feb 2018 12:09:50 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1033349AbeBNRMF (ORCPT + 99 others); Wed, 14 Feb 2018 12:12:05 -0500 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:58914 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1032907AbeBNRME (ORCPT ); Wed, 14 Feb 2018 12:12:04 -0500 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 57AD1408501B; Wed, 14 Feb 2018 17:12:04 +0000 (UTC) Received: from redhat.com (ovpn-121-104.rdu2.redhat.com [10.10.121.104]) by smtp.corp.redhat.com (Postfix) with SMTP id E3F5C2024CA4; Wed, 14 Feb 2018 17:12:03 +0000 (UTC) Date: Wed, 14 Feb 2018 19:12:03 +0200 From: "Michael S. Tsirkin" To: Marc-Andre Lureau Cc: =?iso-8859-1?Q?Marc-Andr=E9?= Lureau , Linux Kernel Mailing List , Baoquan He , Sergio Lopez Pascual , "Somlo, Gabriel" , xiaolong.ye@intel.com Subject: Re: [PATCH v14 9/9] RFC: fw_cfg: do DMA read operation Message-ID: <20180214190943-mutt-send-email-mst@kernel.org> References: <20180214141850.4017-1-marcandre.lureau@redhat.com> <20180214141850.4017-10-marcandre.lureau@redhat.com> <20180214182714-mutt-send-email-mst@kernel.org> <20180214185818-mutt-send-email-mst@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Wed, 14 Feb 2018 17:12:04 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Wed, 14 Feb 2018 17:12:04 +0000 (UTC) for IP:'10.11.54.4' DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'mst@redhat.com' RCPT:'' Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Feb 14, 2018 at 06:08:48PM +0100, Marc-Andre Lureau wrote: > Hi > > On Wed, Feb 14, 2018 at 5:59 PM, Michael S. Tsirkin wrote: > > On Wed, Feb 14, 2018 at 05:52:10PM +0100, Marc-Andre Lureau wrote: > >> >> @@ -282,8 +320,9 @@ static int fw_cfg_do_platform_probe(struct platform_device *pdev) > >> >> #endif > >> >> > >> >> /* verify fw_cfg device signature */ > >> >> - fw_cfg_read_blob(FW_CFG_SIGNATURE, sig, 0, FW_CFG_SIG_SIZE); > >> >> - if (memcmp(sig, "QEMU", FW_CFG_SIG_SIZE) != 0) { > >> >> + if (fw_cfg_read_blob(FW_CFG_SIGNATURE, sig, > >> >> + 0, FW_CFG_SIG_SIZE, false) < 0 || > >> >> + memcmp(sig, "QEMU", FW_CFG_SIG_SIZE) != 0) { > >> >> fw_cfg_io_cleanup(); > >> >> return -ENODEV; > >> >> } > >> > > >> > Rather than add dead code, how about a promise not to > >> > fail if dma is disabled? Patch will be smaller then. > >> > >> Even with dma disabled, you could have a locking bug which was > >> silently ignored before and is now taken into account. > > > > I see. I'd start with a patch reporting errors to users then. > > That would be a bugfix and can be merged for this version. > > silently is the wrong word for it, there is already a WARN(). it's not visible to userspace though. > However, > the memcmp was done on uninitialzed sig[] (which likely resulted in > returning -ENODEV in the function) Oh, we have an access to an uninitialized memory too. Fun! > Now it can check if the function failed to read before doing the memcmp. > > Hope that clarifies it. I think I get it. I'd make it a bugfix patch as patch 7 in the series. (patch 1-6 are applied in my tree, will merge in this window if they do not blow up). > > > >> > > >> >> @@ -466,8 +505,8 @@ static ssize_t fw_cfg_sysfs_read_raw(struct file *filp, struct kobject *kobj, > >> >> if (count > entry->size - pos) > >> >> count = entry->size - pos; > >> >> > >> >> - fw_cfg_read_blob(entry->select, buf, pos, count); > >> >> - return count; > >> >> + /* do not use DMA, virt_to_phys(buf) might not be ok */ > >> >> + return fw_cfg_read_blob(entry->select, buf, pos, count, false); > >> >> } > >> >> > >> >> static struct bin_attribute fw_cfg_sysfs_attr_raw = { > >> >> @@ -632,7 +671,12 @@ static int fw_cfg_register_dir_entries(void) > >> >> struct fw_cfg_file *dir; > >> >> size_t dir_size; > >> >> > >> >> - fw_cfg_read_blob(FW_CFG_FILE_DIR, &files.count, 0, sizeof(files.count)); > >> >> + ret = fw_cfg_read_blob(FW_CFG_FILE_DIR, &files.count, > >> >> + 0, sizeof(files.count), false); > >> >> + if (ret < 0) { > >> >> + return ret; > >> >> + } > >> >> + > >> >> count = be32_to_cpu(files.count); > >> >> dir_size = count * sizeof(struct fw_cfg_file); > >> >> > >> >> @@ -640,7 +684,11 @@ static int fw_cfg_register_dir_entries(void) > >> >> if (!dir) > >> >> return -ENOMEM; > >> >> > >> >> - fw_cfg_read_blob(FW_CFG_FILE_DIR, dir, sizeof(files.count), dir_size); > >> >> + ret = fw_cfg_read_blob(FW_CFG_FILE_DIR, dir, > >> >> + sizeof(files.count), dir_size, false); > >> >> + if (ret < 0) { > >> >> + goto end; > >> >> + } > >> >> > >> >> for (i = 0; i < count; i++) { > >> >> ret = fw_cfg_register_file(&dir[i]); > >> >> @@ -648,6 +696,7 @@ static int fw_cfg_register_dir_entries(void) > >> >> break; > >> >> } > >> >> > >> >> +end: > >> >> kfree(dir); > >> >> return ret; > >> >> } > >> >> @@ -688,7 +737,10 @@ static int fw_cfg_sysfs_probe(struct platform_device *pdev) > >> >> goto err_probe; > >> >> > >> >> /* get revision number, add matching top-level attribute */ > >> >> - fw_cfg_read_blob(FW_CFG_ID, &rev, 0, sizeof(rev)); > >> >> + err = fw_cfg_read_blob(FW_CFG_ID, &rev, 0, sizeof(rev), false); > >> >> + if (err < 0) { > >> >> + goto err_probe; > >> >> + } > >> >> fw_cfg_rev = le32_to_cpu(rev); > >> >> err = sysfs_create_file(fw_cfg_top_ko, &fw_cfg_rev_attr.attr); > >> >> if (err) > >> >> -- > >> >> 2.16.1.73.g5832b7e9f2