From: Nicolas Saenz Julienne <nsaenzjulienne@suse.de>
To: rubini@gnudd.com, hch@infradead.org,
linux-kernel@vger.kernel.org, Christoph Hellwig <hch@lst.de>,
Marek Szyprowski <m.szyprowski@samsung.com>,
Robin Murphy <robin.murphy@arm.com>
Cc: helgaas@kernel.org,
Nicolas Saenz Julienne <nsaenzjulienne@suse.de>,
iommu@lists.linux-foundation.org
Subject: [PATCH v2 1/2] dma-direct: check for overflows on 32 bit DMA addresses
Date: Fri, 18 Oct 2019 13:00:43 +0200 [thread overview]
Message-ID: <20191018110044.22062-2-nsaenzjulienne@suse.de> (raw)
In-Reply-To: <20191018110044.22062-1-nsaenzjulienne@suse.de>
As seen on the new Raspberry Pi 4 and sta2x11's DMA implementation it is
possible for a device configured with 32 bit DMA addresses and a partial
DMA mapping located at the end of the address space to overflow. It
happens when a higher physical address, not DMAable, is translated to
it's DMA counterpart.
For example the Raspberry Pi 4, configurable up to 4 GB of memory, has
an interconnect capable of addressing the lower 1 GB of physical memory
with a DMA offset of 0xc0000000. It transpires that, any attempt to
translate physical addresses higher than the first GB will result in an
overflow which dma_capable() can't detect as it only checks for
addresses bigger then the maximum allowed DMA address.
Fix this by verifying in dma_capable() if the DMA address range provided
is at any point lower than the minimum possible DMA address on the bus.
Signed-off-by: Nicolas Saenz Julienne <nsaenzjulienne@suse.de>
---
include/linux/dma-direct.h | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/include/linux/dma-direct.h b/include/linux/dma-direct.h
index adf993a3bd58..af4bb9c81ccc 100644
--- a/include/linux/dma-direct.h
+++ b/include/linux/dma-direct.h
@@ -3,6 +3,7 @@
#define _LINUX_DMA_DIRECT_H 1
#include <linux/dma-mapping.h>
+#include <linux/memblock.h> /* for min_low_pfn */
#include <linux/mem_encrypt.h>
#ifdef CONFIG_ARCH_HAS_PHYS_TO_DMA
@@ -27,6 +28,13 @@ static inline bool dma_capable(struct device *dev, dma_addr_t addr, size_t size)
if (!dev->dma_mask)
return false;
+#ifndef CONFIG_ARCH_DMA_ADDR_T_64BIT
+ /* Check if DMA address overflowed */
+ if (min(addr, addr + size - 1) <
+ __phys_to_dma(dev, (phys_addr_t)(min_low_pfn << PAGE_SHIFT)))
+ return false;
+#endif
+
return addr + size - 1 <=
min_not_zero(*dev->dma_mask, dev->bus_dma_mask);
}
--
2.23.0
next prev parent reply other threads:[~2019-10-18 11:01 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-18 11:00 [PATCH v2 0/2] x86: Get rid of custom DMA functions Nicolas Saenz Julienne
2019-10-18 11:00 ` Nicolas Saenz Julienne [this message]
2019-10-30 21:41 ` [PATCH v2 1/2] dma-direct: check for overflows on 32 bit DMA addresses Christoph Hellwig
2019-10-31 10:44 ` Nicolas Saenz Julienne
2019-10-18 11:00 ` [PATCH v2 2/2] x86/PCI: sta2x11: use default DMA address translation Nicolas Saenz Julienne
2019-10-30 21:45 ` Christoph Hellwig
2019-10-31 10:43 ` Nicolas Saenz Julienne
2019-10-31 13:59 ` Alessandro Rubini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191018110044.22062-2-nsaenzjulienne@suse.de \
--to=nsaenzjulienne@suse.de \
--cc=hch@infradead.org \
--cc=hch@lst.de \
--cc=helgaas@kernel.org \
--cc=iommu@lists.linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=robin.murphy@arm.com \
--cc=rubini@gnudd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).