> -----Original Message----- > From: Bjorn Helgaas [mailto:bhelgaas@xxxxxxxxxx] > Sent: Tuesday, November 18, 2014 5:02 AM > To: Venkat Duvvuru > Cc: linux-pci@xxxxxxxxxxxxxxx; Anish Bhatt; Hariprasad Shenai > Subject: Re: [PATCH v1] pci: Limit VPD length of Emulex adapters to the > actual length supported. > > [+cc Anish, Hariprasad (cxgb4 maintainers/contributors)] > > Anish, Hariprasad, here's the problem: > >> I took a quick look at those drivers, and it actually looks like most > >> of them look for the tag structure, e.g., by using pci_vpd_find_tag() > >> or doing something similar. So maybe it actually would be safe to do > >> this. Maybe you could have a more thorough look at them and see if > >> you agree? > > If the devices doesn't follow the spec for the VPD contents, pci-core may > endup requesting 32k data which probably will not break existing users. > > The case I'm worried about is a device that doesn't follow the VPD > format spec, but its VPD contents include data that matches an End > Tag. If we make pci_read_vpd() stop when it sees an End Tag, we may > stop reading data prematurely. [Venkat] I think it's fair to assume that devices either follow the spec or they don't. Even if the devices partially follow the spec, If the first byte (and the subsequent relevant bytes which are calculated based on the length and data of that resource) of the VPD data has a valid tag, we can stop after the End tag, otherwise read 32k worth data. Misunderstanding other VPD contents as End tag seems very unlikely as the parser code can distinguish tag, length and data based on the spec. For example, pci utilities always look for the End tag while reading VPD data. (cap_vpd routine in ls-vpd.c) ��.n��������+%������w��{.n�����{���"�)��jg��������ݢj����G�������j:+v���w�m������w�������h�����٥