On 11/8/2024 5:13 PM, Bryan O'Donoghue wrote: > On 07/11/2024 13:54, Dmitry Baryshkov wrote: >>>> I'd say, don't overwrite the array. Instead the driver should extend it >>>> with the new information. >>> That is exactly the existing patch is currently doing. >> _new_ information, not a copy of the existing information. > > But is this _really_ new information or is it guarding from "malicious" > additional messages ? > > @Vikash is it even a valid use-case for firmware to send one set of capabilities > and then send a new set ? > > It seems to me this should only happen once when the firmware starts up - the > firmware won't acquire any new abilities once it has enumerated its set to APSS. > > So why is it valid to process an additional message at all ? > > Shouldn't we instead be throwing away redundant updates either silently or with > some kind of complaint ? > > If there's no new data - then this is data we shouldn't bother processing. > > If it is new data then surely it should be the _current_ and _only_ valid set of > data. > > And if the update is considered "invalid" then why _would_ we accept the update ? > > I get we're fixing the OOB but I think we should be clear on the validity of the > content of the packet. The payload [1] is all about 2 u32s each for decoder and encoder bit masks, while each bit signifies which codec each supports. So in a good case, it would be always first iteration which would be sufficient. Its a very hypothetical case where a good case would that there are 8 payloads (consider there are 8 supported codecs) with one bit set in each of those 8 payloads. I was initially thinking to cover for this case as well, seems could be a bit of over designing. Maybe set core->codecs_count (to 0) in the beginning of the API should cover the working case. In malicious case, let it continue to override ? Regards, Vikash [1] https://elixir.bootlin.com/linux/v6.12-rc7/source/drivers/media/platform/qcom/venus/hfi_parser.c#L193
