On Thu, Jul 29, 2021 at 01:42:28PM -0500, Bjorn Helgaas wrote: > From: Bjorn Helgaas <bhelgaas@xxxxxxxxxx> > > The basic idea is to validate VPD resource *size* without validating the > actual content, since the kernel really doesn't care about the content. > > Thanks very much for the feedback on v1, and I'd be glad for any additional > feedback. > > Follow-up to: > https://lore.kernel.org/r/20210715215959.2014576-1-helgaas@xxxxxxxxxx > > Changes since v1: > - Incorporate Heiner's patch to reject VPD if first byte is 0x00 or 0xff > (https://lore.kernel.org/r/8de8c906-9284-93b9-bb44-4ffdc3470740@xxxxxxxxx/) > - Update size checks to reject resources that would extend past the > maximum VPD size > > Bjorn Helgaas (5): > PCI/VPD: Correct diagnostic for VPD read failure > PCI/VPD: Check Resource Item Names against those valid for type > PCI/VPD: Reject resource tags with invalid size > PCI/VPD: Don't check Large Resource Item Names for validity > PCI/VPD: Allow access to valid parts of VPD if some is invalid > > Heiner Kallweit (1): > PCI/VPD: Treat initial 0xff as missing EEPROM > > drivers/pci/vpd.c | 55 +++++++++++++++++++++-------------------------- > 1 file changed, 25 insertions(+), 30 deletions(-) I applied this to pci/vpd for v5.15. Thanks for the feedback so far, and I'll still be happy to receive more.
