IB/hfi1: Check eeprom config partition validity
authorJan Sokolowski <jan.sokolowski@intel.com>
Tue, 26 Sep 2017 13:06:09 +0000 (06:06 -0700)
committerDoug Ledford <dledford@redhat.com>
Wed, 27 Sep 2017 15:10:36 +0000 (11:10 -0400)
Relying on a trailing magic value is incorrect. There are instances where
this is not present as trailing magic value has a specific purpose which is
not partition validation. Instead use the header magic value which is
present in all variants of the platform configuration and is intended for
validation. This is also used in other locations in the driver.

Fixes: bc5214ee2922 (IB/hfi1: Handle missing magic values in config file)
Reviewed-by: Jakub Byczkowski <jakub.byczkowski@intel.com>
Signed-off-by: Jan Sokolowski <jan.sokolowski@intel.com>
Signed-off-by: Dennis Dalessandro <dennis.dalessandro@intel.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
drivers/infiniband/hw/hfi1/eprom.c

index d46b171079010d2cf7e42dd7557f0abc2bef1348..1613af1c58d9ddaafca831b1282a6462fdc10b66 100644 (file)
@@ -204,7 +204,10 @@ done_asic:
        return ret;
 }
 
-/* magic character sequence that trails an image */
+/* magic character sequence that begins an image */
+#define IMAGE_START_MAGIC "APO="
+
+/* magic character sequence that might trail an image */
 #define IMAGE_TRAIL_MAGIC "egamiAPO"
 
 /* EPROM file types */
@@ -250,6 +253,7 @@ static int read_partition_platform_config(struct hfi1_devdata *dd, void **data,
 {
        void *buffer;
        void *p;
+       u32 length;
        int ret;
 
        buffer = kmalloc(P1_SIZE, GFP_KERNEL);
@@ -262,15 +266,21 @@ static int read_partition_platform_config(struct hfi1_devdata *dd, void **data,
                return ret;
        }
 
-       /* scan for image magic that may trail the actual data */
-       p = strnstr(buffer, IMAGE_TRAIL_MAGIC, P1_SIZE);
-       if (!p) {
+       /* config partition is valid only if it starts with IMAGE_START_MAGIC */
+       if (memcmp(buffer, IMAGE_START_MAGIC, strlen(IMAGE_START_MAGIC))) {
                kfree(buffer);
                return -ENOENT;
        }
 
+       /* scan for image magic that may trail the actual data */
+       p = strnstr(buffer, IMAGE_TRAIL_MAGIC, P1_SIZE);
+       if (p)
+               length = p - buffer;
+       else
+               length = P1_SIZE;
+
        *data = buffer;
-       *size = p - buffer;
+       *size = length;
        return 0;
 }