www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Lukas Wunner <lukas@wunner.de>
	Sat, 11 Mar 2023 14:40:02 +0000 (15:40 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 13 Apr 2023 14:55:25 +0000 (16:55 +0200)
commit	ff7edd1ac6435b98c8db0f144d04946d2b3e99b0
tree	ab66a76607de9a5364ecb5ff87c6739963c41486	tree
parent	021544721f493c3f73fb42fabd7681b78a07c725	commit \| diff

cxl/pci: Handle truncated CDAT header

commit 34bafc747c54fb58c1908ec3116fa6137393e596 upstream.

cxl_cdat_get_length() only checks whether the DOE response size is
sufficient for the Table Access response header (1 dword), but not the
succeeding CDAT header (1 dword length plus other fields).

It thus returns whatever uninitialized memory happens to be on the stack
if a truncated DOE response with only 1 dword was received. Fix it.

Fixes: c97006046c79 ("cxl/port: Read CDAT table")
Reported-by: Ming Li <ming4.li@intel.com>
Tested-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Lukas Wunner <lukas@wunner.de>
Reviewed-by: Ming Li <ming4.li@intel.com>
Reviewed-by: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Cc: stable@vger.kernel.org # v6.0+
Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Link: https://lore.kernel.org/r/000e69cd163461c8b1bc2cf4155b6e25402c29c7.1678543498.git.lukas@wunner.de
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>