From: Hannes Reinecke <hare@suse.de>
To: Alexander Duyck <alexander.duyck@gmail.com>
Cc: Bjorn Helgaas <bhelgaas@google.com>,
Michal Kubecek <mkubecek@suse.com>,
"Shane M. Seymour" <shane.seymour@hpe.com>,
"linux-pci@vger.kernel.org" <linux-pci@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Bjorn Helgaas <helgaas@kernel.org>
Subject: Re: [PATCH 2/2] pci: Update VPD size with correct length
Date: Fri, 18 Dec 2015 08:44:08 +0100 [thread overview]
Message-ID: <5673B948.9020606@suse.de> (raw)
In-Reply-To: <CAKgT0Uc5sX0=BYMUbnd2xaRtN8oahy77q=_FBiB-_YvRxhtG0Q@mail.gmail.com>
On 12/17/2015 06:13 PM, Alexander Duyck wrote:
> On Wed, Dec 16, 2015 at 11:59 PM, Hannes Reinecke <hare@suse.de> wrote:
>> PCI-2.2 VPD entries have a maximum size of 32k, but might actually
>> be smaller than that. To figure out the actual size one has to read
>> the VPD area until the 'end marker' is reached.
>> Trying to read VPD data beyond that marker results in 'interesting'
>> effects, from simple read errors to crashing the card. And to make
>> matters worse not every PCI card implements this properly, leaving
>> us with no 'end' marker or even completely invalid data.
>> This path modifies the size of the VPD attribute to the available
>> size, and disables the VPD attribute altogether if no valid data
>> could be read.
>>
>> Cc: Alexander Duyck <alexander.duyck@gmail.com>
>> Cc: Bjorn Helgaas <helgaas@kernel.org>
>> Signed-off-by: Hannes Reinecke <hare@suse.de>
>> ---
>> drivers/pci/access.c | 57 ++++++++++++++++++++++++++++++++++++++++++++++++++++
>> 1 file changed, 57 insertions(+)
>>
>> diff --git a/drivers/pci/access.c b/drivers/pci/access.c
>> index 59ac36f..0a647b1 100644
>> --- a/drivers/pci/access.c
>> +++ b/drivers/pci/access.c
>> @@ -475,6 +475,56 @@ static const struct pci_vpd_ops pci_vpd_f0_ops = {
>> .release = pci_vpd_pci22_release,
>> };
>>
>> +/**
>> + * pci_vpd_size - determine actual size of Vital Product Data
>> + * @dev: pci device struct
>> + * @old_size: current assumed size, also maximum allowed size
>> + *
>
> "old_siz"e was dropped so you can remove this line.
>
>> + */
>> +static size_t
>> +pci_vpd_pci22_size(struct pci_dev *dev)
>> +{
>> + size_t off = 0;
>> + unsigned char header[1+2]; /* 1 byte tag, 2 bytes length */
>> +
>> + while (off < PCI_VPD_PCI22_SIZE &&
>> + pci_read_vpd(dev, off, 1, header) == 1) {
>> + unsigned char tag;
>> +
>
> The offset comparison is probably redundant. There is already a check
> in pci_vpd_pci22_read that will check the offset and return -EINVAL if
> we have exceeded vpd->base.len. As such you can probably just do the
> pci_read_vpd comparison and drop the offset length entirely.
>
Indeed it does. Will be doing so.
>> + if (header[0] & PCI_VPD_LRDT) {
>> + /* Large Resource Data Type Tag */
>> + tag = pci_vpd_lrdt_tag(header);
>> + /* Only read length from known tag items */
>> + if ((tag == PCI_VPD_LTIN_ID_STRING) ||
>> + (tag == PCI_VPD_LTIN_RO_DATA) ||
>> + (tag == PCI_VPD_LTIN_RW_DATA)) {
>> + if (pci_read_vpd(dev, off+1, 2,
>> + &header[1]) != 2)
>> + return off + 1;
>> + off += PCI_VPD_LRDT_TAG_SIZE +
>> + pci_vpd_lrdt_size(header);
>> + }
>> + } else {
>> + /* Short Resource Data Type Tag */
>> + off += PCI_VPD_SRDT_TAG_SIZE +
>> + pci_vpd_srdt_size(header);
>> + tag = pci_vpd_srdt_tag(header);
>> + }
>> + if (tag == PCI_VPD_STIN_END) /* End tag descriptor */
>> + return off;
>> + if ((tag != PCI_VPD_LTIN_ID_STRING) &&
>> + (tag != PCI_VPD_LTIN_RO_DATA) &&
>> + (tag != PCI_VPD_LTIN_RW_DATA)) {
>> + dev_dbg(&dev->dev,
>> + "invalid %s vpd tag %02x at offset %zu.",
>> + (header[0] & PCI_VPD_LRDT) ? "large" : "short",
>> + tag, off);
>> + break;
>> + }
>> + }
>> + return 0;
>> +}
>> +
>> int pci_vpd_pci22_init(struct pci_dev *dev)
>> {
>> struct pci_vpd_pci22 *vpd;
>> @@ -497,6 +547,13 @@ int pci_vpd_pci22_init(struct pci_dev *dev)
>> vpd->cap = cap;
>> vpd->busy = false;
>> dev->vpd = &vpd->base;
>> + vpd->base.len = pci_vpd_pci22_size(dev);
>> + if (vpd->base.len == 0) {
>> + dev_dbg(&dev->dev, "Disabling VPD access.");
>> + dev->vpd = NULL;
>> + kfree(vpd);
>> + return -ENXIO;
>> + }
>> return 0;
>> }
>
> It looks like this still doesn't address the VPD_REF_F0 issue I
> mentioned earlier. We don't need to compute the length for each
> function we only need to do it once. I would recommend modifying
> things so that you set vpd->base.len to 0 if the VPD_REF_F0 flag is
> set.
>
But that would effectively inhibit access to the VPD on those
devices, rendering the entire 'f0_ops' thingie quite pointless, right?
I think it's better to directly retrieve the VPD length from the
base pci device, that would give us the correct length _and_ save
duplicate calculations.
> Also I wouldn't delete the vpd configuration if the length is not
> correct as that will likely break several quirks that already exist
> that are setting the length. Also there is no need to return an
> error, the fact is the part has VPD but we cannot determine the length
> as such the correct solution is to leave it at 0. We can leave that
> for a quirk to sort out later if needed. You could probably move the
> dev_dbg message to just before the return 0 in the pci_vpd_pci22_size
> call and drop the entire if statement in the init function.
>
Okay.
Will be sending a new patch.
Cheers,
Hannes
--
Dr. Hannes Reinecke zSeries & Storage
hare@suse.de +49 911 74053 688
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: F. Imendörffer, J. Smithard, J. Guild, D. Upmanyu, G. Norton
HRB 21284 (AG Nürnberg)
next prev parent reply other threads:[~2015-12-18 7:44 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-17 7:59 [PATCHv3 0/2] PCI: Safe VPD access Hannes Reinecke
2015-12-17 7:59 ` [PATCH 1/2] pci: Update VPD definitions Hannes Reinecke
2015-12-17 10:57 ` Seymour, Shane M
2015-12-17 7:59 ` [PATCH 2/2] pci: Update VPD size with correct length Hannes Reinecke
2015-12-17 11:06 ` Seymour, Shane M
2015-12-17 11:10 ` kbuild test robot
2015-12-17 17:13 ` Alexander Duyck
2015-12-18 7:44 ` Hannes Reinecke [this message]
2015-12-18 8:35 [PATCHv4 0/2] PCI: Safe VPD access Hannes Reinecke
2015-12-18 8:35 ` [PATCH 2/2] pci: Update VPD size with correct length Hannes Reinecke
2015-12-18 13:49 ` Alexander Duyck
2015-12-18 13:57 ` Hannes Reinecke
2015-12-18 14:02 ` Alexander Duyck
2015-12-18 14:14 ` Hannes Reinecke
2015-12-29 5:29 ` Jordan_Hargrave
2015-12-29 17:48 ` Alexander Duyck
2015-12-29 19:01 ` Jordan_Hargrave
2015-12-29 20:26 ` Alexander Duyck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5673B948.9020606@suse.de \
--to=hare@suse.de \
--cc=alexander.duyck@gmail.com \
--cc=bhelgaas@google.com \
--cc=helgaas@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=mkubecek@suse.com \
--cc=shane.seymour@hpe.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).