Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp2761943rwb; Mon, 3 Oct 2022 05:21:28 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4axpv4TgJgFQm87Q1Odd3YTjZpE8c1j4EvIbHMIPyw0u0kGcJRpFfb+EUyu8tEsmBCgPY1 X-Received: by 2002:a17:90a:5996:b0:203:1640:2dbf with SMTP id l22-20020a17090a599600b0020316402dbfmr12157277pji.150.1664799687986; Mon, 03 Oct 2022 05:21:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1664799687; cv=none; d=google.com; s=arc-20160816; b=oEsEhtskkR8uDLWl72wy5n4JUZONkX4xqE5z+8NT1h+iWNOoIWaKxAXgtbyPfBDnQG iJlqBlnbhEo4rxlVMSD6XSSHuvSkevD1WWjohYoZ+Gzuqbt4Z1ngd5jnawCWMY/T5j/G O4GXV378qwyfbd8iYkrJ1jWb+Mt48uWpdgAUbH5P0wJaMcotLrcXZX89pGaKsJBCPovj V1TqF8O9nHczY/Nz9QqmS2yWGsu+StBtlO6SWlCRtByrAWi5FtaBcOIocUPRcAyUDOMp cF6BSoRvD8hIzzzD/wc/tBf/xAq+C0eDVdnQwYmnfP2jRJ8LkXY/N+pLSAfZ5p9Zz9bb Su7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=ZwcYVLOdHsCgTakuvlsIcAUfd5Jd8zD73dYPiE5yHpo=; b=vLIZhG03oUwEGsK4+PueIBSdiEw6wkaGcSn44dong7o4Xqd5CTbKzaO9/VRR1tcdw4 MzUtJTHHQiHyaakf4BWPgjwD07mh85Fo0XlLQVUXcpmy3V6xKNQGocDjF0ZnHUqMWFgz 98SdPbQTXzLAC02toG9CmjgTSZ5iqCYxGFbgDFzarWW50gQ+LuxpKkO6L2YIc9doEedF 2RN3rkXC8R+YG0pKcCz7XrPDOzYdfkwOK5yV550F4a4n6v8eqh3I6xi5bbQxR6dKBhWX t3+dZT0W9EDP3U7MpCfiPEnJlLh3LM5UKkPz4yvspQbl7NCTw/RaPJaoAalrIW73VJNy QniQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass (test mode) header.i=@axis.com header.s=axis-central1 header.b=gqBxCs1H; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=axis.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 5-20020a630e45000000b0043949a1054esi1211242pgo.383.2022.10.03.05.21.14; Mon, 03 Oct 2022 05:21:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass (test mode) header.i=@axis.com header.s=axis-central1 header.b=gqBxCs1H; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=axis.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229605AbiJCL32 (ORCPT + 99 others); Mon, 3 Oct 2022 07:29:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34218 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229480AbiJCL3Z (ORCPT ); Mon, 3 Oct 2022 07:29:25 -0400 Received: from smtp1.axis.com (smtp1.axis.com [195.60.68.17]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 232162CC8D; Mon, 3 Oct 2022 04:29:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axis.com; q=dns/txt; s=axis-central1; t=1664796560; x=1696332560; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=ZwcYVLOdHsCgTakuvlsIcAUfd5Jd8zD73dYPiE5yHpo=; b=gqBxCs1H2ZvxteM1ijq5qjn3T8QZVK7b44Rgrv5iSr/ILVNjia0TdQAh UnH6+jR3XfwSJsFaOgi1Up3P/nOifNVgFgGjBAnUqFqJCNUsYI1ZG8v0T sNehcITFZd3CT+0jHjfzJXo+ddLdX75iItRxuENxuqSWxwSmcaQujRuZB P2KEBI57XABuRySi9vF7l04lGfkAQbPJP5DeFvrNo4d9H1wPz8WZwVyNk IMfjWv7KvdM/rW0b0Nw882Ujikn4thHRYzONJQyZaJbBKGK9FLVBCPRal 163HTa0eSq3EI3IWsrxKh/KEX7oKj54oCysZQRB2X97jIc/K3umgoBdSU Q==; Date: Mon, 3 Oct 2022 13:29:18 +0200 From: Vincent Whitchurch To: Robin Murphy CC: Marek Szyprowski , "broonie@kernel.org" , "krzysztof.kozlowski@linaro.org" , "andi@etezian.org" , Christoph Hellwig , kernel , "alim.akhtar@samsung.com" , "linux-spi@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "linux-samsung-soc@vger.kernel.org" , "linux-arm-kernel@lists.infradead.org" , "iommu@lists.linux-foundation.org" Subject: Re: [PATCH v2 2/4] spi: Fix cache corruption due to DMA/PIO overlap Message-ID: References: <20220927112117.77599-1-vincent.whitchurch@axis.com> <20220927112117.77599-3-vincent.whitchurch@axis.com> <461a5187-fc7a-b7f6-84da-0e947f764a0a@arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline In-Reply-To: <461a5187-fc7a-b7f6-84da-0e947f764a0a@arm.com> X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Sep 30, 2022 at 02:10:28PM +0200, Robin Murphy wrote: > That said, maybe this is something that's better to catch than to paper > over? Arguably the real bug here is that spi_unmap_buf() and the new > sync functions should use the same "{tx,rx}_buf != NULL" condition that > spi_map_buf() used for the DMA mapping decision in the first place. The "{tx,rx}_buf != NULL" condition would not sufficient on its own; the call to ->can_dma() is also part of the condition. __spi_unmap_msg() already does the ->can_dma() call even though it checks for the orig_nents != 0 condition instead of the tx,rx_buf != NULL, but I omitted that call in the new sync functions, incorrectly believing it to be redundant. It looks like __spi_unmap_msg() would have triggered a similar crash even before this patch, if a client had reused an xfer with both rx and tx the first time, and only one of them enabled the next time around (and with ->can_dma() returning true both times). Testing the {tx,rx}_buf instead of sgt->orig_nents would have avoided that, as you say.