Re: [PATCH v2 17/19] commands: md: Do not use memmap()

Sascha Hauer <s.hauer@xxxxxxxxxxxxxx> · Mon, 4 Feb 2019 14:57:49 +0100

On Mon, Jan 28, 2019 at 10:55:47PM -0800, Andrey Smirnov wrote:
> Codepaths using memmap() in md.c don't do any boundary checks, so it
> can be easily made to read past the underlying file's
> boundary. For example on i.MX8MQ based board with 4GiB or RAM we get:
> 
> md -b -s /dev/ram0 0xfffffff0
> fffffff0: 00 00 00 00 00 00 08 0c  00 02 20 00 20 00 05 20   .......... . ..
> 100000000: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 100000010: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 100000020: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 100000030: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 100000040: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 100000050: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 100000060: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 100000070: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 100000080: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 100000090: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 1000000a0: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 1000000b0: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 1000000c0: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 1000000d0: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 1000000e0: xx xx xx xx xx xx xx xx  xx xx xx xx xx xx xx xx  ................
> 
> Drop the memmap() realted codepath, so we can realy on boundary
> checking done by file I/O layer.
> 
> Note that this change has a cosmetic side effect, before:

With this change we can no longer see that the underlying memory cannot
be accessed 'xx'. I find this feature very useful and don't want to
loose it.
If we want to do size checking we can do this, well, by checking the
size. We could add offset/size parameters to memmap().

So, dropped this patch for now.

Sascha

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox