git.itanic.dy.fi Git - linux-stable/commit

author	Lukas Wunner <lukas@wunner.de>
	Sat, 11 Mar 2023 14:40:02 +0000 (15:40 +0100)
committer	Dan Williams <dan.j.williams@intel.com>
	Mon, 3 Apr 2023 23:16:19 +0000 (16:16 -0700)
commit	34bafc747c54fb58c1908ec3116fa6137393e596
tree	1da2e4dccc57d95eefd64caafaec582a07189dd9	tree \| snapshot
parent	fbaa38214cd9e150764ccaa82e04ecf42cc1140c	commit \| diff

cxl/pci: Handle truncated CDAT header

cxl_cdat_get_length() only checks whether the DOE response size is
sufficient for the Table Access response header (1 dword), but not the
succeeding CDAT header (1 dword length plus other fields).

It thus returns whatever uninitialized memory happens to be on the stack
if a truncated DOE response with only 1 dword was received. Fix it.

Fixes: c97006046c79 ("cxl/port: Read CDAT table")
Reported-by: Ming Li <ming4.li@intel.com>
Tested-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Lukas Wunner <lukas@wunner.de>
Reviewed-by: Ming Li <ming4.li@intel.com>
Reviewed-by: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Cc: stable@vger.kernel.org # v6.0+
Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Link: https://lore.kernel.org/r/000e69cd163461c8b1bc2cf4155b6e25402c29c7.1678543498.git.lukas@wunner.de
Signed-off-by: Dan Williams <dan.j.williams@intel.com>