[PATCH] arch-sh csum_partial_copy

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] arch-sh csum_partial_copy_generic() bugfix
@ 2005-08-25 17:57 Ollie Wild
  2005-09-02 17:26 ` Ollie Wild
  0 siblings, 1 reply; 4+ messages in thread
From: Ollie Wild @ 2005-08-25 17:57 UTC (permalink / raw)
  To: linux-kernel

[-- Attachment #1: Type: text/plain, Size: 496 bytes --]

There's a bug in Hitachi SuperH csum_partial_copy_generic() 
implementation.  If the supplied length is 1 (and several alignment 
conditions are met), the function immediately branches to label 4.  
However, the assembly at label 4 expects the length to be stored in 
register r2.  Since this has not occurred, subsequent behavior is undefined.

This can cause bad payload checksums in TCP connections.

I've fixed the problem by initializing register r2 prior to the branch 
instruction.

Ollie

[-- Attachment #2: csum_partial_copy_generic.patch --]
[-- Type: text/x-patch, Size: 456 bytes --]

diff --git a/arch/sh/lib/checksum.S b/arch/sh/lib/checksum.S
--- a/arch/sh/lib/checksum.S
+++ b/arch/sh/lib/checksum.S
@@ -202,8 +202,9 @@ ENTRY(csum_partial_copy_generic)
 	cmp/pz	r6		! Jump if we had at least two bytes.
 	bt/s	1f
 	 clrt
+	add	#2,r6		! r6 was < 2.	Deal with it.
 	bra	4f
-	 add	#2,r6		! r6 was < 2.	Deal with it.
+	 mov	r6,r2

 3:	! Handle different src and dest alignments.
 	! This is not common, so simple byte by byte copy will do.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] arch-sh csum_partial_copy_generic() bugfix
  2005-08-25 17:57 [PATCH] arch-sh csum_partial_copy_generic() bugfix Ollie Wild
@ 2005-09-02 17:26 ` Ollie Wild
  2005-09-02 22:24   ` Adrian Bunk
  0 siblings, 1 reply; 4+ messages in thread
From: Ollie Wild @ 2005-09-02 17:26 UTC (permalink / raw)
  To: linux-kernel

It's been about a week since I posted this bug report, and I haven't 
gotten any responses.  Is there someone I should contact directly?  Can 
someone please point me in the right direction?

Thanks,
Ollie

Ollie Wild wrote:

> There's a bug in Hitachi SuperH csum_partial_copy_generic() 
> implementation.  If the supplied length is 1 (and several alignment 
> conditions are met), the function immediately branches to label 4.  
> However, the assembly at label 4 expects the length to be stored in 
> register r2.  Since this has not occurred, subsequent behavior is 
> undefined.
>
> This can cause bad payload checksums in TCP connections.
>
> I've fixed the problem by initializing register r2 prior to the branch 
> instruction.
>
> Ollie
>
>------------------------------------------------------------------------
>
>diff --git a/arch/sh/lib/checksum.S b/arch/sh/lib/checksum.S
>--- a/arch/sh/lib/checksum.S
>+++ b/arch/sh/lib/checksum.S
>@@ -202,8 +202,9 @@ ENTRY(csum_partial_copy_generic)
> 	cmp/pz	r6		! Jump if we had at least two bytes.
> 	bt/s	1f
> 	 clrt
>+	add	#2,r6		! r6 was < 2.	Deal with it.
> 	bra	4f
>-	 add	#2,r6		! r6 was < 2.	Deal with it.
>+	 mov	r6,r2
> 
> 3:	! Handle different src and dest alignments.
> 	! This is not common, so simple byte by byte copy will do.
>  
>


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] arch-sh csum_partial_copy_generic() bugfix
  2005-09-02 17:26 ` Ollie Wild
@ 2005-09-02 22:24   ` Adrian Bunk
  2005-09-02 22:29     ` Ollie Wild
  0 siblings, 1 reply; 4+ messages in thread
From: Adrian Bunk @ 2005-09-02 22:24 UTC (permalink / raw)
  To: Ollie Wild; +Cc: linux-kernel

On Fri, Sep 02, 2005 at 10:26:56AM -0700, Ollie Wild wrote:

> It's been about a week since I posted this bug report, and I haven't 
> gotten any responses.  Is there someone I should contact directly?  Can 
> someone please point me in the right direction?

The MAINTAINERS file in the kernel sources contains the following 
contact information for the sh port:

SUPERH (sh)
P:      Paul Mundt
M:      lethal@linux-sh.org
P:      Kazumoto Kojima
M:      kkojima@rr.iij4u.or.jp
L:      linux-sh@m17n.org
W:      http://www.linux-sh.org
W:      http://www.m17n.org/linux-sh/
W:      http://www.rr.iij4u.or.jp/~kkojima/linux-sh4.html
S:      Maintained

> Thanks,
> Ollie
>...

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] arch-sh csum_partial_copy_generic() bugfix
  2005-09-02 22:24   ` Adrian Bunk
@ 2005-09-02 22:29     ` Ollie Wild
  0 siblings, 0 replies; 4+ messages in thread
From: Ollie Wild @ 2005-09-02 22:29 UTC (permalink / raw)
  To: Adrian Bunk; +Cc: linux-kernel

Adrian Bunk wrote:

>On Fri, Sep 02, 2005 at 10:26:56AM -0700, Ollie Wild wrote:
>  
>
>>It's been about a week since I posted this bug report, and I haven't 
>>gotten any responses.  Is there someone I should contact directly?  Can 
>>someone please point me in the right direction?
>>    
>>
>
>The MAINTAINERS file in the kernel sources contains the following 
>contact information for the sh port:
>  
>
Thanks.

Ollie

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2005-09-02 22:29 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-08-25 17:57 [PATCH] arch-sh csum_partial_copy_generic() bugfix Ollie Wild
2005-09-02 17:26 ` Ollie Wild
2005-09-02 22:24   ` Adrian Bunk
2005-09-02 22:29     ` Ollie Wild

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox