| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20220705154932.2141021-8-ira.weiny@intel.com>
Date: Tue, 5 Jul 2022 08:49:30 -0700
From: ira.weiny@...el.com
To: Dan Williams <dan.j.williams@...el.com>,
Bjorn Helgaas <bhelgaas@...gle.com>,
Jonathan Cameron <Jonathan.Cameron@...wei.com>
Cc: Ira Weiny <ira.weiny@...el.com>, Lukas Wunner <lukas@...ner.de>,
Alison Schofield <alison.schofield@...el.com>,
Vishal Verma <vishal.l.verma@...el.com>,
Dave Jiang <dave.jiang@...el.com>,
Ben Widawsky <bwidawsk@...nel.org>,
linux-kernel@...r.kernel.org, linux-cxl@...r.kernel.org,
linux-pci@...r.kernel.org
Subject: [PATCH V13 7/9] cxl/port: Introduce cxl_cdat_valid()
From: Ira Weiny <ira.weiny@...el.com>
The CDAT data is protected by a checksum and should be the proper
length.
Introduce cxl_cdat_valid() to validate the data. While at it check and
store the sequence number.
Signed-off-by: Ira Weiny <ira.weiny@...el.com>
---
Changes from V12
Jonathan:
Remove unneeded rc check.
Changes from V8
Move code to cxl/core/pci.c
Changes from V6
Change name to cxl_cdat_valid() as this validates all the CDAT
data not just the header
Add error and debug prints
Changes from V5
New patch, split out
Update cdat_hdr_valid()
Remove revision and cs field parsing
There is no point in these
Add seq check and debug print.
---
drivers/cxl/cdat.h | 2 ++
drivers/cxl/core/pci.c | 37 +++++++++++++++++++++++++++++++++++++
2 files changed, 39 insertions(+)
diff --git a/drivers/cxl/cdat.h b/drivers/cxl/cdat.h
index c6a48ab326bf..39eb561081f2 100644
--- a/drivers/cxl/cdat.h
+++ b/drivers/cxl/cdat.h
@@ -91,10 +91,12 @@
*
* @table: cache of CDAT table
* @length: length of cached CDAT table
+ * @seq: Last read Sequence number of the CDAT table
*/
struct cxl_cdat {
void *table;
size_t length;
+ u32 seq;
};
#endif /* !__CXL_CDAT_H__ */
diff --git a/drivers/cxl/core/pci.c b/drivers/cxl/core/pci.c
index 9232b806d051..0a1620c302e1 100644
--- a/drivers/cxl/core/pci.c
+++ b/drivers/cxl/core/pci.c
@@ -531,6 +531,40 @@ static int cxl_cdat_get_length(struct device *dev,
return 0;
}
+static bool cxl_cdat_valid(struct device *dev, struct cxl_cdat *cdat)
+{
+ u32 *table = cdat->table;
+ u8 *data8 = cdat->table;
+ u32 length, seq;
+ u8 check;
+ int i;
+
+ length = FIELD_GET(CDAT_HEADER_DW0_LENGTH, table[0]);
+ if ((length < CDAT_HEADER_LENGTH_BYTES) || (length > cdat->length)) {
+ dev_err(dev, "CDAT Invalid length %u (%zu-%zu)\n", length,
+ CDAT_HEADER_LENGTH_BYTES, cdat->length);
+ return false;
+ }
+
+ for (check = 0, i = 0; i < length; i++)
+ check += data8[i];
+
+ dev_dbg(dev, "CDAT length %u CS %u\n", length, check);
+ if (check != 0) {
+ dev_err(dev, "CDAT Invalid checksum %u\n", check);
+ return false;
+ }
+
+ seq = FIELD_GET(CDAT_HEADER_DW3_SEQUENCE, table[3]);
+ /* Store the sequence for now. */
+ if (cdat->seq != seq) {
+ dev_info(dev, "CDAT seq change %x -> %x\n", cdat->seq, seq);
+ cdat->seq = seq;
+ }
+
+ return true;
+}
+
static int cxl_cdat_read_table(struct device *dev,
struct pci_doe_mb *cdat_mb,
struct cxl_cdat *cdat)
@@ -583,6 +617,9 @@ static int cxl_cdat_read_table(struct device *dev,
}
} while (entry_handle != CXL_DOE_TABLE_ACCESS_LAST_ENTRY);
+ if (!cxl_cdat_valid(dev, cdat))
+ return -EIO;
+
return 0;
}
--
2.35.3
Powered by blists - more mailing lists