diff options
| author |  Dan Williams <dan.j.williams@intel.com>
| 2024-03-13 00:17:18 -0700 |
|---|---|---|
| committer | Dan Williams <dan.j.williams@intel.com>
| 2024-03-13 00:17:18 -0700 |
| commit | 88482878c3b4abc2a6e66e016cc01eacbdc5b0ed (patch) | |
| tree | e535fc1bee6a062ff9e3611deaf7387493d28c10 /drivers/cxl | |
| parent | Merge branch 'for-6.9/cxl-einj' into for-6.9/cxl (diff) | |
| parent | cxl: Fix the incorrect assignment of SSLBIS entry pointer initial location (diff) | |
| download | linux-88482878c3b4abc2a6e66e016cc01eacbdc5b0ed.tar.gz linux-88482878c3b4abc2a6e66e016cc01eacbdc5b0ed.tar.bz2 linux-88482878c3b4abc2a6e66e016cc01eacbdc5b0ed.zip | |
Merge branch 'for-6.9/cxl-fixes' into for-6.9/cxl
Pick up a parsing fix for the CDAT SSLBIS structure for v6.9.
Diffstat (limited to 'drivers/cxl')
| -rw-r--r-- | drivers/cxl/core/cdat.c | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/drivers/cxl/core/cdat.c b/drivers/cxl/core/cdat.c index e8c066293b31..eddbbe21450c 100644 --- a/drivers/cxl/core/cdat.c +++ b/drivers/cxl/core/cdat.c @@ -398,36 +398,38 @@ EXPORT_SYMBOL_NS_GPL(cxl_endpoint_parse_cdat, CXL); static int cdat_sslbis_handler(union acpi_subtable_headers *header, void *arg, const unsigned long end) { + struct acpi_cdat_sslbis_table { + struct acpi_cdat_header header; + struct acpi_cdat_sslbis sslbis_header; + struct acpi_cdat_sslbe entries[]; + } *tbl = (struct acpi_cdat_sslbis_table *)header; + int size = sizeof(header->cdat) + sizeof(tbl->sslbis_header); struct acpi_cdat_sslbis *sslbis; - int size = sizeof(header->cdat) + sizeof(*sslbis); struct cxl_port *port = arg; struct device *dev = &port->dev; - struct acpi_cdat_sslbe *entry; int remain, entries, i; u16 len; len = le16_to_cpu((__force __le16)header->cdat.length); remain = len - size; - if (!remain || remain % sizeof(*entry) || + if (!remain || remain % sizeof(tbl->entries[0]) || (unsigned long)header + len > end) { dev_warn(dev, "Malformed SSLBIS table length: (%u)\n", len); return -EINVAL; } - /* Skip common header */ - sslbis = (struct acpi_cdat_sslbis *)((unsigned long)header + - sizeof(header->cdat)); - + sslbis = &tbl->sslbis_header; /* Unrecognized data type, we can skip */ if (sslbis->data_type > ACPI_HMAT_WRITE_BANDWIDTH) return 0; - entries = remain / sizeof(*entry); - entry = (struct acpi_cdat_sslbe *)((unsigned long)header + sizeof(*sslbis)); + entries = remain / sizeof(tbl->entries[0]); + if (struct_size(tbl, entries, entries) != len) + return -EINVAL; for (i = 0; i < entries; i++) { - u16 x = le16_to_cpu((__force __le16)entry->portx_id); - u16 y = le16_to_cpu((__force __le16)entry->porty_id); + u16 x = le16_to_cpu((__force __le16)tbl->entries[i].portx_id); + u16 y = le16_to_cpu((__force __le16)tbl->entries[i].porty_id); __le64 le_base; __le16 le_val; struct cxl_dport *dport; @@ -457,8 +459,8 @@ static int cdat_sslbis_handler(union acpi_subtable_headers *header, void *arg, break; } - le_base = (__force __le64)sslbis->entry_base_unit; - le_val = (__force __le16)entry->latency_or_bandwidth; + le_base = (__force __le64)tbl->sslbis_header.entry_base_unit; + le_val = (__force __le16)tbl->entries[i].latency_or_bandwidth; if (check_mul_overflow(le64_to_cpu(le_base), le16_to_cpu(le_val), &val)) @@ -471,8 +473,6 @@ static int cdat_sslbis_handler(union acpi_subtable_headers *header, void *arg, sslbis->data_type, val); } - - entry++; } return 0; |