From: Jonathan Cameron <Jonathan.Cameron@Huawei.com>
To: Lukas Wunner <lukas@wunner.de>
Cc: Bjorn Helgaas <helgaas@kernel.org>, <linux-pci@vger.kernel.org>,
Gregory Price <gregory.price@memverge.com>,
Ira Weiny <ira.weiny@intel.com>,
Dan Williams <dan.j.williams@intel.com>,
"Alison Schofield" <alison.schofield@intel.com>,
Vishal Verma <vishal.l.verma@intel.com>,
Dave Jiang <dave.jiang@intel.com>,
"Li, Ming" <ming4.li@intel.com>, Hillf Danton <hdanton@sina.com>,
Ben Widawsky <bwidawsk@kernel.org>, <linuxarm@huawei.com>,
<linux-cxl@vger.kernel.org>
Subject: Re: [PATCH v3 04/16] cxl/pci: Handle excessive CDAT length
Date: Fri, 17 Feb 2023 10:01:56 +0000 [thread overview]
Message-ID: <20230217100156.000039b9@Huawei.com> (raw)
In-Reply-To: <20230216102616.GA13347@wunner.de>
On Thu, 16 Feb 2023 11:26:16 +0100
Lukas Wunner <lukas@wunner.de> wrote:
> On Tue, Feb 14, 2023 at 11:33:11AM +0000, Jonathan Cameron wrote:
> > On Fri, 10 Feb 2023 21:25:04 +0100 Lukas Wunner <lukas@wunner.de> wrote:
> > > If the length in the CDAT header is larger than the concatenation of the
> > > header and all table entries, then the CDAT exposed to user space
> > > contains trailing null bytes.
> > >
> > > Not every consumer may be able to handle that. Per Postel's robustness
> > > principle, "be liberal in what you accept" and silently reduce the
> > > cached length to avoid exposing those null bytes.
> [...]
> > Fair enough. I'd argue that we are papering over broken hardware if
> > we hit these conditions, so given we aren't aware of any (I hope)
> > not sure this is stable material. Argument in favor of stable being
> > that if we do get broken hardware we don't want an ABI change when
> > we paper over the garbage... hmm.
>
> Type 0 is assigned for DSMAS structures. So user space might believe
> there's an additional DSMAS in the CDAT. It *could* detect that the
> length is bogus (it is 0 but should be 24), but what if it doesn't
> check that? It seems way too dangerous to leave this loophole open,
> hence the stable designation.
Ok
>
> Thanks,
>
> Lukas
>
> > > --- a/drivers/cxl/core/pci.c
> > > +++ b/drivers/cxl/core/pci.c
> > > @@ -582,6 +582,9 @@ static int cxl_cdat_read_table(struct device *dev,
> > > }
> > > } while (entry_handle != CXL_DOE_TABLE_ACCESS_LAST_ENTRY);
> > >
> > > + /* Length in CDAT header may exceed concatenation of CDAT entries */
> > > + cdat->length -= length;
> > > +
> > > return 0;
> > > }
> > >
next prev parent reply other threads:[~2023-02-17 10:02 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-10 20:25 [PATCH v3 00/16] Collection of DOE material Lukas Wunner
2023-02-10 20:25 ` [PATCH v3 01/16] cxl/pci: Fix CDAT retrieval on big endian Lukas Wunner
2023-02-11 0:22 ` Dan Williams
2023-02-19 13:03 ` Lukas Wunner
2023-02-14 11:15 ` Jonathan Cameron
2023-02-14 13:51 ` Lukas Wunner
2023-02-14 15:45 ` Jonathan Cameron
2023-02-28 2:53 ` Alexey Kardashevskiy
2023-02-28 8:24 ` Lukas Wunner
2023-02-28 12:08 ` Alexey Kardashevskiy
2023-02-10 20:25 ` [PATCH v3 02/16] cxl/pci: Handle truncated CDAT header Lukas Wunner
2023-02-11 0:40 ` Dan Williams
2023-02-11 9:34 ` Lukas Wunner
2023-02-14 11:16 ` Jonathan Cameron
2023-02-15 1:41 ` Li, Ming
2023-02-10 20:25 ` [PATCH v3 03/16] cxl/pci: Handle truncated CDAT entries Lukas Wunner
2023-02-11 0:50 ` Dan Williams
2023-02-11 10:56 ` Lukas Wunner
2023-02-14 11:30 ` Jonathan Cameron
2023-02-10 20:25 ` [PATCH v3 04/16] cxl/pci: Handle excessive CDAT length Lukas Wunner
2023-02-11 1:04 ` Dan Williams
2023-02-14 11:33 ` Jonathan Cameron
2023-02-16 10:26 ` Lukas Wunner
2023-02-17 10:01 ` Jonathan Cameron [this message]
2023-02-10 20:25 ` [PATCH v3 05/16] PCI/DOE: Silence WARN splat with CONFIG_DEBUG_OBJECTS=y Lukas Wunner
2023-02-10 20:25 ` [PATCH v3 06/16] PCI/DOE: Fix memory leak " Lukas Wunner
2023-02-11 1:06 ` Dan Williams
2023-03-01 1:51 ` Davidlohr Bueso
2023-02-10 20:25 ` [PATCH v3 07/16] PCI/DOE: Provide synchronous API and use it internally Lukas Wunner
2023-02-15 1:45 ` Li, Ming
2023-02-28 18:58 ` Davidlohr Bueso
2023-02-10 20:25 ` [PATCH v3 08/16] cxl/pci: Use synchronous API for DOE Lukas Wunner
2023-02-10 20:25 ` [PATCH v3 09/16] PCI/DOE: Make asynchronous API private Lukas Wunner
2023-02-15 1:48 ` Li, Ming
2023-02-10 20:25 ` [PATCH v3 10/16] PCI/DOE: Deduplicate mailbox flushing Lukas Wunner
2023-02-14 11:36 ` Jonathan Cameron
2023-02-15 5:07 ` Li, Ming
2023-02-10 20:25 ` [PATCH v3 11/16] PCI/DOE: Allow mailbox creation without devres management Lukas Wunner
2023-02-14 11:51 ` Jonathan Cameron
2023-02-15 5:17 ` Li, Ming
2023-02-10 20:25 ` [PATCH v3 12/16] PCI/DOE: Create mailboxes on device enumeration Lukas Wunner
2023-02-15 2:07 ` Li, Ming
2023-02-28 1:18 ` Alexey Kardashevskiy
2023-02-28 1:39 ` Dan Williams
2023-02-28 5:43 ` Lukas Wunner
2023-02-28 7:24 ` Alexey Kardashevskiy
2023-02-28 10:42 ` Jonathan Cameron
2023-03-02 20:22 ` Lukas Wunner
2023-03-07 1:55 ` Alexey Kardashevskiy
2023-04-03 0:55 ` Alexey Kardashevskiy
2023-02-10 20:25 ` [PATCH v3 13/16] cxl/pci: Use CDAT DOE mailbox created by PCI core Lukas Wunner
2023-02-10 20:25 ` [PATCH v3 14/16] PCI/DOE: Make mailbox creation API private Lukas Wunner
2023-02-15 2:13 ` Li, Ming
2023-02-10 20:25 ` [PATCH v3 15/16] PCI/DOE: Relax restrictions on request and response size Lukas Wunner
2023-02-15 5:05 ` Li, Ming
2023-02-15 11:49 ` Lukas Wunner
2023-02-10 20:25 ` [PATCH v3 16/16] cxl/pci: Rightsize CDAT response allocation Lukas Wunner
2023-02-14 13:05 ` Jonathan Cameron
2023-02-16 0:56 ` Ira Weiny
2023-02-16 8:03 ` Lukas Wunner
2023-02-28 1:45 ` Alexey Kardashevskiy
2023-02-28 5:55 ` Lukas Wunner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230217100156.000039b9@Huawei.com \
--to=jonathan.cameron@huawei.com \
--cc=alison.schofield@intel.com \
--cc=bwidawsk@kernel.org \
--cc=dan.j.williams@intel.com \
--cc=dave.jiang@intel.com \
--cc=gregory.price@memverge.com \
--cc=hdanton@sina.com \
--cc=helgaas@kernel.org \
--cc=ira.weiny@intel.com \
--cc=linux-cxl@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=linuxarm@huawei.com \
--cc=lukas@wunner.de \
--cc=ming4.li@intel.com \
--cc=vishal.l.verma@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).