summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrew Lewis <andrew-lewis@netspace.net.au>2008-06-26 19:29:05 +1000
committerPaul Mackerras <paulus@samba.org>2008-07-01 11:28:54 +1000
commit03d70617b8a789c3721afaafde06fcbba7c7ebf1 (patch)
tree36d43d9ec14d21cb74813b4aeb0d784e3f0b7303
parent9d4ae9fc92f347b93b42c9c0ccde7138c1202e36 (diff)
downloadkernel-crypto-03d70617b8a789c3721afaafde06fcbba7c7ebf1.tar.gz
kernel-crypto-03d70617b8a789c3721afaafde06fcbba7c7ebf1.tar.xz
kernel-crypto-03d70617b8a789c3721afaafde06fcbba7c7ebf1.zip
powerpc: Prevent memory corruption due to cache invalidation of unaligned DMA buffer
On PowerPC processors with non-coherent cache architectures the DMA subsystem calls invalidate_dcache_range() before performing a DMA read operation. If the address and length of the DMA buffer are not aligned to a cache-line boundary this can result in memory outside of the DMA buffer being invalidated in the cache. If this memory has an uncommitted store then the data will be lost and a subsequent read of that address will result in an old value being returned from main memory. Only when the DMA buffer starts on a cache-line boundary and is an exact mutiple of the cache-line size can invalidate_dcache_range() be called, otherwise flush_dcache_range() must be called. flush_dcache_range() will first flush uncommitted writes, and then invalidate the cache. Signed-off-by: Andrew Lewis <andrew-lewis at netspace.net.au> Signed-off-by: Paul Mackerras <paulus@samba.org>
-rw-r--r--arch/powerpc/lib/dma-noncoherent.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/arch/powerpc/lib/dma-noncoherent.c b/arch/powerpc/lib/dma-noncoherent.c
index 6656d47841d..5d83907f659 100644
--- a/arch/powerpc/lib/dma-noncoherent.c
+++ b/arch/powerpc/lib/dma-noncoherent.c
@@ -348,8 +348,15 @@ void __dma_sync(void *vaddr, size_t size, int direction)
switch (direction) {
case DMA_NONE:
BUG();
- case DMA_FROM_DEVICE: /* invalidate only */
- invalidate_dcache_range(start, end);
+ case DMA_FROM_DEVICE:
+ /*
+ * invalidate only when cache-line aligned otherwise there is
+ * the potential for discarding uncommitted data from the cache
+ */
+ if ((start & (L1_CACHE_BYTES - 1)) || (size & (L1_CACHE_BYTES - 1)))
+ flush_dcache_range(start, end);
+ else
+ invalidate_dcache_range(start, end);
break;
case DMA_TO_DEVICE: /* writeback only */
clean_dcache_range(start, end);