lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 23 Oct 2015 17:52:01 -0700
From:	Alexander Duyck <alexander.duyck@...il.com>
To:	Hannes Reinecke <hare@...e.de>, Bjorn Helgaas <bhelgaas@...gle.com>
Cc:	linux-pci@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] pci: Update VPD size with correct length

On 10/23/2015 02:09 AM, Hannes Reinecke wrote:
> PCI-2.2 VPD entries have a maximum size of 32k, but might actually
> be smaller than that. To figure out the actual size one has to read
> the VPD area until the 'end marker' is reached.
> Trying to read VPD data beyond that marker results in 'interesting'
> effects, from simple read errors to crashing the card.
> This path modifies the attribute size to the avialable VPD size.
>
> Signed-off-by: Hannes Reinecke <hare@...e.de>
> ---
>   drivers/pci/access.c | 29 +++++++++++++++++++++++++++++
>   1 file changed, 29 insertions(+)
>
> diff --git a/drivers/pci/access.c b/drivers/pci/access.c
> index 6bc9b12..4f8208e 100644
> --- a/drivers/pci/access.c
> +++ b/drivers/pci/access.c
> @@ -409,6 +409,34 @@ static int pci_vpd_f0_dev_check(struct pci_dev *dev)
>   	return ret;
>   }
>
> +/**
> + * pci_vpd_size - determine actual size of Vital Product Data
> + * @dev:	pci device struct
> + * @old_size:	current assumed size, also maximum allowed size
> + *
> + */
> +size_t
> +pci_vpd_pci22_size(struct pci_dev *dev, size_t old_size)
> +{
> +	loff_t off = 0;
> +	unsigned char header[1+2];	/* 1 byte tag, 2 bytes length */
> +
> +	while (off < old_size && pci_read_vpd(dev, off, 1, header)) {
> +		if (header[0] == 0x78)	/* End tag descriptor */
> +			return off + 1;
> +		if (header[0] & 0x80) {
> +			/* Large Resource Data Type Tag */
> +			if (pci_read_vpd(dev, off+1, 2, &header[1]) != 2)
> +				return off + 1;
> +			off += 3 + ((header[2] << 8) | header[1]);
> +		} else {
> +			/* Short Resource Data Type Tag */
> +			off += 1 + (header[0] & 0x07);
> +		}
> +	}
> +	return old_size;
> +}
> +

My understanding is that the end tag can have some data associated with 
it such as a checksum.  What you may want to look at doing is process 
long tag and short tag bits first.  Then you could do a mask and compare 
after and if ((header[0] & ~0x7) == 0x78) then you return off + 1.

Also I was wondering if you have looked at the cxgb4 network driver? 
They are using the vpd read/write calls to access their EEPROM and I 
assume they are doing so outside the actual VPD fields.

- Alex
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ