On Mon, Dec 20, 2021 at 10:25:51AM +0000, wigin zeng wrote: > On Mon, Dec 20, 2021 at 09:44:04AM +0000, wigin zeng wrote: > > > >That makes no sense, as what orders the data coming in? The 2 bytes could be added to the tty buffer before the 512 bytes, or the other way around. > > > > > >What hardware are you using that is mixing dma and irq data like this? > > > >That feels very wrong. > > > > >It is not normal case, normally, the input size should smaller than DMA block size and DMA complete the whole copy. > > >However, there are some abnormal situations. The external input is unexpectedly larger than the data length of the DMA configuration. This situation in my example will appear, and it may cause the kernel to panic. > > >You did not answer my question about hardware type :( > > >And again, how is this happening? If you use DMA, all data should be coming through DMA and not the irq. Otherwise crazy stuff like this will happen in any type of driver, your hardware can not mix this type of stuff up. > > On our platform, UART connected to a MCU which will send data of variable length from time to time. There is no definition of a maximum transmission length. > We configured DMA block size is 4096bytes, however, there are more than 4100 bytes input, DMA just handled 4096bytes and left bytes in FIFO cannot trigger next DMA > Transfer done interrupt(left bytes number < DMA block size ), so these data should be processed by UART IRQ. That is a broken hardware design and will not work with any operating system. > In other word, if the external use UART "vulnerability" to attack the system, we need to ensure that the system not crash at least, right? So you are saying that Linux now treat all hardware that has DMA functionality as a potential threat? That is not a model that Linux, or any other operating system, has ever had to support before, please do not make up new rules here and expect Linux to automatically support them without a lot of redesign and work. If you wish to protect Linux from this type of untrusted hardware, please do the work to do so. This patch is not that work. > >How can flow control handle this at all? Flow control is at the serial data stream level. This is confusing the PCI data stream order. > > I just think more logic is needed to control the order of data processing by DMA and UART IRQ to keep the integrity of serial data. > But the specific design, I haven't considered yet, the first goal is the keep the system alive. Again, this is a broken hardware design, please fix that first. thanks, greg k-h