lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <2025071619-sterile-skiing-e64b@gregkh>
Date: Wed, 16 Jul 2025 16:45:33 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: "Usyskin, Alexander" <alexander.usyskin@...el.com>
Cc: "Vivi, Rodrigo" <rodrigo.vivi@...el.com>,
	"intel-xe@...ts.freedesktop.org" <intel-xe@...ts.freedesktop.org>,
	"dri-devel@...ts.freedesktop.org" <dri-devel@...ts.freedesktop.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"Ceraolo Spurio, Daniele" <daniele.ceraolospurio@...el.com>,
	"Gupta, Anshuman" <anshuman.gupta@...el.com>,
	"Nilawar, Badal" <badal.nilawar@...el.com>
Subject: Re: [PATCH 2/9] mei: late_bind: add late binding component driver

On Wed, Jul 16, 2025 at 02:26:26PM +0000, Usyskin, Alexander wrote:
> > > > > +	if (bytes < sizeof(rsp)) {
> > > > > +		dev_err(dev, "bad response from the firmware: size %zd <
> > > > %zu\n",
> > > > > +			bytes, sizeof(rsp));
> > > > > +		ret = -EPROTO;
> > > > > +		goto end;
> > > > > +	}
> > > >
> > > > Why not check this above when you check against the size of the header?
> > > > You only need one size check, not 2.
> > > Firmware may return only header with result field set without the data.
> > 
> > Then the firmware is broken :)
> > 
> > > We are parsing the header first and then starting to parse data.
> > > If we check for whole message size at the beginning we'll miss the result
> > data.
> > 
> > You mean you will make it harder to debug the firmware, as you will not
> > be printing out the header information?  Or something else?  The
> > bytes variable HAS to match the full structure size, not just the header
> > size, according to this code.  So just test for that and be done with
> > it!
> 
> The CSME firmware returns only command header if, like, command is not recognised.
> This may happen because of firmware bug or for firmware is configured/compiled
> that way.
> This seems reasonable for the complex protocols where firmware may not be
> aware of this particular command at all and have no idea what the data size it
> should send in reply.
> Printing result from the header will allow us to understand either this is the firmware
> problem or driver sent something wrong.

Then make it obvious in your checking and in your error messages as to
what you are doing here.  Checking the size of the buffer in two
different places, with different values is very odd, and deserves a lot
of explaination.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ