From aa23dbe7ec9b224c9d6abfc22c68b9fef84accf3 Mon Sep 17 00:00:00 2001 From: "Isaac J. Manjarres" Date: Thu, 17 Nov 2022 17:13:45 -0800 Subject: [PATCH] ANDROID: arm64: dma: Panic if ARCH_DMA_MINALIGN is less than CTR_EL0.CWG If the value of ARCH_DMA_MINALIGN is less than the cache line size of the system, it is not possible to safely perform non-coherent DMA transactions. For example, if a DMA buffer is used for non-coherent DMA from a device, and that buffer shares a cacheline with another buffer that the CPU operated on in the past, the data from the device will be overwritten if the cacheline is evicted. These sort of DMA corruptions are non-trivial to find, so instead of allowing a system to continue booting and potentially initiate an unsafe DMA transaction, trigger a kernel panic if the minimum DMA alignment is smaller than the cache line size of the system. Bug: 241844128 Bug: 267786731 Change-Id: I97998a4b3eea25d0956416c020ac0a6aa6950fb8 Signed-off-by: Isaac J. Manjarres --- arch/arm64/mm/dma-mapping.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/arch/arm64/mm/dma-mapping.c b/arch/arm64/mm/dma-mapping.c index 8e8474935289..f011f4c2c968 100644 --- a/arch/arm64/mm/dma-mapping.c +++ b/arch/arm64/mm/dma-mapping.c @@ -67,11 +67,10 @@ void arch_setup_dma_ops(struct device *dev, u64 dma_base, u64 size, { int cls = cache_line_size_of_cpu(); - WARN_TAINT(!coherent && cls > ARCH_DMA_MINALIGN, - TAINT_CPU_OUT_OF_SPEC, - "%s %s: ARCH_DMA_MINALIGN smaller than CTR_EL0.CWG (%d < %d)", - dev_driver_string(dev), dev_name(dev), - ARCH_DMA_MINALIGN, cls); + if (!coherent && cls > ARCH_DMA_MINALIGN) + panic("%s %s: ARCH_DMA_MINALIGN smaller than CTR_EL0.CWG (%d < %d)", + dev_driver_string(dev), dev_name(dev), ARCH_DMA_MINALIGN, + cls); dev->dma_coherent = coherent; if (iommu) {