mail archive of the barebox mailing list
 help / color / mirror / Atom feed
From: Andrey Smirnov <andrew.smirnov@gmail.com>
To: Sascha Hauer <s.hauer@pengutronix.de>
Cc: Barebox List <barebox@lists.infradead.org>
Subject: Re: [PATCH v2 17/19] commands: md: Do not use memmap()
Date: Mon, 4 Feb 2019 11:35:59 -0800	[thread overview]
Message-ID: <CAHQ1cqFVHQz0Aa2hRV8PpY=seZcBaVd_JQLhRWSkFoDk3eG3pQ@mail.gmail.com> (raw)
In-Reply-To: <20190204135749.f2xoc6vli5od7htl@pengutronix.de>

On Mon, Feb 4, 2019 at 5:57 AM Sascha Hauer <s.hauer@pengutronix.de> wrote:
>
> On Mon, Jan 28, 2019 at 10:55:47PM -0800, Andrey Smirnov wrote:
> > Codepaths using memmap() in md.c don't do any boundary checks, so it
> > can be easily made to read past the underlying file's
> > boundary. For example on i.MX8MQ based board with 4GiB or RAM we get:
> >
> > md -b -s /dev/ram0 0xfffffff0
> > fffffff0: 00 00 00 00 00 00 08 0c  00 02 20 00 20 00 05 20   .......... . ..
> > 100000000: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 100000010: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 100000020: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 100000030: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 100000040: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 100000050: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 100000060: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 100000070: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 100000080: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 100000090: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 1000000a0: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 1000000b0: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 1000000c0: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 1000000d0: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> > 1000000e0: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> >
> > Drop the memmap() realted codepath, so we can realy on boundary
> > checking done by file I/O layer.
> >
> > Note that this change has a cosmetic side effect, before:
>
> With this change we can no longer see that the underlying memory cannot
> be accessed 'xx'. I find this feature very useful and don't want to
> loose it.

Sad to hear that. I was hoping we can use this as a stepping stone to
get rid of memory_display() altogether.

> If we want to do size checking we can do this, well, by checking the
> size. We could add offset/size parameters to memmap().
>

I'll leave that to next person who'll try to tackle this bug.

> So, dropped this patch for now.
>

"fs: Introduce mem_read_nofail()" should probably be dropped as well
since it was added in support of this.

Thanks,
Andrey Smirnov

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

  reply	other threads:[~2019-02-04 19:36 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-01-29  6:55 [PATCH v2 00/19] 32-bit lseek and /dev/mem fixes/improvements Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 01/19] commands: Move mem_parse_options() to lib/misc.c Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 02/19] commands: Get rid of mem_rw_buf Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 03/19] commands: Move /dev/mem driver to drivers/misc Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 04/19] nvmem: Do not use DEVFS_IS_CHARACTER_DEV Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 05/19] common: firmware: Don't use FILE_SIZE_STREAM directly Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 06/19] devfs: Fix incorrect error check for cdev->ops->lseek() Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 07/19] fs: Update FILE position in lseek() Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 08/19] fs: Drop trivial .lseek() implementaitons in FS drivers Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 09/19] devfs: Drop dev_lseek_default() Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 10/19] fs: devfs: Change .lseek callbacks to return 'int' Andrey Smirnov
2019-02-04 14:32   ` Sascha Hauer
2019-01-29  6:55 ` [PATCH v2 11/19] fs: Do not use IS_ERR_VALUE() to validate offset in lseek() Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 12/19] fs: Simplify new position calculation " Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 13/19] fs: Share code between mem_write()/mem_read() Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 14/19] fs: Avoid division in mem_copy() Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 15/19] fs: Report actual data processed by mem_copy() Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 16/19] fs: Introduce mem_read_nofail() Andrey Smirnov
2019-01-29  6:55 ` [PATCH v2 17/19] commands: md: Do not use memmap() Andrey Smirnov
2019-02-04 13:57   ` Sascha Hauer
2019-02-04 19:35     ` Andrey Smirnov [this message]
2019-01-29  6:55 ` [PATCH v2 18/19] drivers: mem: Create file to access second half of 64-bit memory Andrey Smirnov
2019-01-29  8:48   ` Sascha Hauer
2019-01-29 20:40     ` Andrey Smirnov
2019-01-29 21:09       ` Sam Ravnborg
2019-01-31 10:54       ` Peter Mamonov
2019-01-31 12:50         ` Peter Mamonov
2019-02-01  7:47           ` Sascha Hauer
2019-02-01 10:25             ` Peter Mamonov
2019-02-02  1:07               ` Andrey Smirnov
2019-02-02  0:35             ` Andrey Smirnov
2019-02-04  7:40               ` Sascha Hauer
2019-01-31 20:17         ` Andrey Smirnov
2019-02-01 10:14           ` Peter Mamonov
2019-01-29  6:55 ` [PATCH v2 19/19] libfile: Fix incorrect lseek check in open_and_lseek() Andrey Smirnov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAHQ1cqFVHQz0Aa2hRV8PpY=seZcBaVd_JQLhRWSkFoDk3eG3pQ@mail.gmail.com' \
    --to=andrew.smirnov@gmail.com \
    --cc=barebox@lists.infradead.org \
    --cc=s.hauer@pengutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox