Lukas Wunner 34bafc747c cxl/pci: Handle truncated CDAT header ... cxl_cdat_get_length() only checks whether the DOE response size is sufficient for the Table Access response header (1 dword), but not the succeeding CDAT header (1 dword length plus other fields). It thus returns whatever uninitialized memory happens to be on the stack if a truncated DOE response with only 1 dword was received. Fix it. Fixes: c97006046c ("cxl/port: Read CDAT table") Reported-by: Ming Li <ming4.li@intel.com> Tested-by: Ira Weiny <ira.weiny@intel.com> Signed-off-by: Lukas Wunner <lukas@wunner.de> Reviewed-by: Ming Li <ming4.li@intel.com> Reviewed-by: Dan Williams <dan.j.williams@intel.com> Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: stable@vger.kernel.org # v6.0+ Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com> Link: https://lore.kernel.org/r/000e69cd163461c8b1bc2cf4155b6e25402c29c7.1678543498.git.lukas@wunner.de Signed-off-by: Dan Williams <dan.j.williams@intel.com>		2023-04-03 16:16:19 -07:00
..
core	cxl/pci: Handle truncated CDAT header	2023-04-03 16:16:19 -07:00
acpi.c	Merge branch 'for-6.3/cxl-ram-region' into cxl/next	2023-02-10 18:11:01 -08:00
cxl.h	cxl for v6.3	2023-02-25 09:19:23 -08:00
cxlmem.h	cxl for v6.3	2023-02-25 09:19:23 -08:00
cxlpci.h	Merge branch 'for-6.3/cxl-rr-emu' into cxl/next	2023-02-14 16:06:10 -08:00
Kconfig	Merge branch 'for-6.3/cxl-ram-region' into cxl/next	2023-02-10 18:11:01 -08:00
Makefile	cxl/pmem: Introduce nvdimm_security_ops with ->get_flags() operation	2022-11-30 16:30:47 -08:00
mem.c	cxl/port: Add RCD endpoint port enumeration	2022-12-05 10:32:26 -08:00
pci.c	Merge branch 'for-6.3/cxl' into cxl/next	2023-02-14 15:06:08 -08:00
pmem.c	cxl/pmem: Fix nvdimm registration races	2023-02-13 17:01:05 -08:00
port.c	Merge branch 'for-6.3/cxl-rr-emu' into cxl/next	2023-02-14 16:06:10 -08:00
security.c	cxl/mbox: Enable cxl_mbox_send_cmd() users to validate output size	2022-12-06 14:36:02 -08:00