Received: by 2002:a05:6602:18e:0:0:0:0 with SMTP id m14csp5856172ioo; Wed, 1 Jun 2022 14:13:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwO1DINR5goGX1qabWDxkdenNNb2/mTVSyonw1XkkQuWIAHbLhu6LLgnF3eHJBw6HaH+kSw X-Received: by 2002:a17:902:cec2:b0:163:e44a:c678 with SMTP id d2-20020a170902cec200b00163e44ac678mr1315651plg.137.1654118009489; Wed, 01 Jun 2022 14:13:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1654118009; cv=none; d=google.com; s=arc-20160816; b=oim3+ozs2Q8Zq4BAIQFPmp/ASmT2URqoQDQvoB4x2uMw+uUP8wRME33SMMn170tFgH LEA8BAWJ3/RLrmbs9yFjtXawZBSGdX7WTfhilX0KYyevC4eoP69YfCIhvg6m6GwXBIPB Lg/Fu2a+IVzfFyptMwm10m5Xv2s7HDpDrMfxtjwGKH33UTdGwwR7QAMnP4l3o0z0MrVX DqtTyP9TDxvpe9Nee5cqK00rZfgRApM0F/k47vCPzMafjou+Wp+Mfs+HFmgBgEw0mQIH c7RckmE83d1ktRG5asEcCn1q7F3Vs/nFTugNfi/3uwOG7OO/JXc+ld9W1U2BWyBhNfLE WiDA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=/ZN3XYzcycmCsCacW8bmcW60HDp42L0uYVb/ImOyReg=; b=YKIb3KrELqX9FgHGe8g2Yn5lR+PHJVBMyRsOCm+zL834Aq7HGF0OclPN/TxCp6MNF6 R9HTVdw3mLlNsamCuz+s1HxeAmEwOb/X8nRTQp7sa9O9DFUrvWQ+x+DSyKkgycbNOZQg 5c3x0m1sAYS3gNdWQ/JdAhqWM2OnpjWr2xsHb6V7o38FfyFyNOqaLztH0JGwI+j8OD0X CcIEJdTdZMzgGsP4McOkB3VWj7iOBSbSDhnxSDSl1aySGg+7grBmjpAqM3qLwCexC37a rWGSf4dPvrjdnDLMZZswlCFkNq8LycsCHC/sFtwM5dktD+HnvE2hf5FhYsoz1N5lDWbs QaEQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=U9o+bkG4; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id p17-20020a634f51000000b003fc9d7a73cfsi3469433pgl.647.2022.06.01.14.13.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jun 2022 14:13:29 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=U9o+bkG4; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 2471A2D6A94; Wed, 1 Jun 2022 13:05:18 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345341AbiEaO7s (ORCPT + 99 others); Tue, 31 May 2022 10:59:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48496 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233773AbiEaO7r (ORCPT ); Tue, 31 May 2022 10:59:47 -0400 Received: from mail-oi1-x229.google.com (mail-oi1-x229.google.com [IPv6:2607:f8b0:4864:20::229]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3EF714163D for ; Tue, 31 May 2022 07:59:46 -0700 (PDT) Received: by mail-oi1-x229.google.com with SMTP id r65so12651547oia.9 for ; Tue, 31 May 2022 07:59:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/ZN3XYzcycmCsCacW8bmcW60HDp42L0uYVb/ImOyReg=; b=U9o+bkG40WUIYZVcc3zU5Nu4eZQvbsOJRf+82NIcI2eurDzXRrKyuzSHPWFSE4Mr36 WCvUfuhvTUqLPsCltkReJ669CNI1o1QfvwYmBEMV3V5gyK1Gdvxsx0St+2aoUo74OTjI hnFdNuKAQkLMWxSOhs8RhZzJ/WOrVKrlAg6KUO9aPU4qz0+TyP30q67InhxFfXM+Qd4P ogaubtZ2Z5LTeoHxfPD9MZTY0qb+tpIznbF05H98I9vbY7pkvjV/BQix6LGB7HCSA5Tn ZESAfrT5A9rXh7F3qGizPFwe1y3JwWdc6M84EW//F36gvi4DKFKBksfHaCX/bEl027Rp nw/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/ZN3XYzcycmCsCacW8bmcW60HDp42L0uYVb/ImOyReg=; b=oIS05/d5f4a8TzbDhqZ/cbQDMvWJ1dzuX7XIWBsqPbVtydlBs5mfCfZxJlwj5SjHql u3JcRoPqTJo2m9/pw3sLPfZhpmuMuwNWKLYjdsJX3QFUdWM4e4hDbTTzWhFRGuby8HQt pkFkmIzxLF5NOJ/C8WO8j8VsGMtAsr+/68+RFwTuLY66wFecTtDm/3sPsJwpxWipzsZY FhNTdM9ypSP5UbjqpYHNWtphiHi2diRZC1DezfwCKexzcKapqS2mIVQ5aFGGYAMNKBuD XvNc1uOcB8hnmNYELcKIZ94rp9sakYmbd2Lkg3fdCHVkyUjoR/5n3RyDK+rktzp3TVhR ZIPw== X-Gm-Message-State: AOAM530Ix29WpLoBrSByeci9p0JaDFnZu6D6cyNalDTr8tSxrRzwWkHO LRhivRYQHWykc/Ubaulof1hNRoaVgz9yWi0wV2O1lA== X-Received: by 2002:a05:6808:124a:b0:32c:45f0:5011 with SMTP id o10-20020a056808124a00b0032c45f05011mr2700034oiv.217.1654009185566; Tue, 31 May 2022 07:59:45 -0700 (PDT) MIME-Version: 1.0 References: <20220523171559.472112-1-cristian.marussi@arm.com> In-Reply-To: <20220523171559.472112-1-cristian.marussi@arm.com> From: Etienne Carriere Date: Tue, 31 May 2022 16:59:35 +0200 Message-ID: Subject: Re: [PATCH] firmware: arm_scmi: Relax BASE protocol sanity checks on protocol list To: Cristian Marussi Cc: linux-arm-kernel@lists.infradead.org, linux-rockchip@lists.infradead.org, linux-kernel@vger.kernel.org, Heiko Stuebner , Liang Chen , Kever Yang , Jeffy Chen , Peter Geis , Nicolas Frattaroli , Sudeep Holla Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello Cristian, On Mon, 23 May 2022 at 19:17, Cristian Marussi wrote: > > Even though malformed replies from firmware must be treated carefully to > avoid memory corruption Kernel side, some out-of-spec SCMI replies can > be tolerated to avoid breaking existing deployed system, as long as they > won't cause memory issues. > > Reported-by: Nicolas Frattaroli > Cc: Etienne Carriere > Cc: Sudeep Holla > Signed-off-by: Cristian Marussi Acked-by: Etienne Carriere Best regards, etienne > --- > drivers/firmware/arm_scmi/base.c | 16 +++++++++++----- > 1 file changed, 11 insertions(+), 5 deletions(-) > > diff --git a/drivers/firmware/arm_scmi/base.c b/drivers/firmware/arm_scmi/base.c > index 20fba7370f4e..d0ac96da1ddf 100644 > --- a/drivers/firmware/arm_scmi/base.c > +++ b/drivers/firmware/arm_scmi/base.c > @@ -221,11 +221,17 @@ scmi_base_implementation_list_get(const struct scmi_protocol_handle *ph, > calc_list_sz = (1 + (loop_num_ret - 1) / sizeof(u32)) * > sizeof(u32); > if (calc_list_sz != real_list_sz) { > - dev_err(dev, > - "Malformed reply - real_sz:%zd calc_sz:%u\n", > - real_list_sz, calc_list_sz); > - ret = -EPROTO; > - break; > + dev_warn(dev, > + "Malformed reply - real_sz:%zd calc_sz:%u (loop_num_ret:%d)\n", > + real_list_sz, calc_list_sz, loop_num_ret); > + /* > + * Bail out if the expected list size is bigger than the > + * total payload size of the received reply. > + */ > + if (calc_list_sz > real_list_sz) { > + ret = -EPROTO; > + break; > + } > } > > for (loop = 0; loop < loop_num_ret; loop++) > -- > 2.36.1 >