Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

powerpc/busdma_machdep.c: Limit sgsize to buflen #1415

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

powerpc/busdma_machdep.c: Limit sgsize to buflen #1415

wants to merge 1 commit into from

Conversation

aomsin2526
Copy link
Contributor

Before commit a77e1f0, total sum of ds_len will always equal to user requested size (buflen), so user assume that this will always be true and used it as reference. (example #1414)

Now since this is no longer true, it causes severe memory corruption.

By simply limit sgsize of last segment to buflen will fix it.

@pkubaj pkubaj mentioned this pull request Sep 11, 2024
Open
@pkubaj
Copy link
Contributor

pkubaj commented Sep 11, 2024

Same as #1414
Permissions are changed to 755, that shouldn't be the case.

@aomsin2526
Copy link
Contributor Author

Thanks.

@bsdjhb
Copy link
Member

bsdjhb commented Oct 4, 2024

@mhorne , this is maybe fallout from your earlier commit, and if it is correct it is probably applicable to other architectures such as RISC-V and arm64 as well.

@bsdimp bsdimp self-assigned this Oct 4, 2024
@mhorne mhorne self-assigned this Oct 10, 2024
@mhorne
Copy link
Contributor

mhorne commented Oct 10, 2024

@mhorne , this is maybe fallout from your earlier commit, and if it is correct it is probably applicable to other architectures such as RISC-V and arm64 as well.

Indeed, I have a piece of RISC-V hardware that exhibits the problem and requires the same fix. (As opposed to the hardware that required the change at fault, a77e1f0).

I require a little more time to be sure of what exactly is going wrong, but rest assured I am looking into it and will be able to take action on this PR soon.

@aomsin2526
powerpc/busdma_machdep.c: Limit sgsize to buflen
ac25540 
Before commit a77e1f0, total sum of ds_len will
always equal to user requested size (buflen), so user assume that this will always be true and used it as reference.

Now since this is no longer true, it causes severe memory corruption.

By simply limit sgsize of last segment to buflen will fix it.

Signed-off-by: Chattrapat Sangmanee <aomsin27@hotmail.co.th>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@bsdimp bsdimp

@mhorne mhorne

Labels
needs-review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@aomsin2526 @pkubaj @bsdjhb @mhorne @bsdimp