From patchwork Fri Oct 28 16:36:06 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Matthias Brugger <mbrugger@suse.com>
X-Patchwork-Id: 9402311
Return-Path: 
 <linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	544206022E for <patchwork-linux-arm@patchwork.kernel.org>;
	Fri, 28 Oct 2016 16:38:54 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 45BEB2A7D4
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Fri, 28 Oct 2016 16:38:54 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 3A8472A883; Fri, 28 Oct 2016 16:38:54 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED
	autolearn=ham version=3.3.1
Received: from bombadil.infradead.org (bombadil.infradead.org
	[198.137.202.9])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 332D52A83B
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Fri, 28 Oct 2016 16:38:53 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.85_2 #1 (Red Hat Linux))
	id 1c0A9S-0002Em-2F; Fri, 28 Oct 2016 16:37:06 +0000
Received: from smtp.nue.novell.com ([195.135.221.5])
	by bombadil.infradead.org with esmtps (Exim 4.85_2 #1 (Red Hat
	Linux)) id 1c0A9M-0002Cm-PY
	for linux-arm-kernel@lists.infradead.org;
	Fri, 28 Oct 2016 16:37:01 +0000
Received: from nwb-ext-pat.microfocus.com ([10.120.13.103])
	by smtp.nue.novell.com with ESMTP (TLS encrypted);
	Fri, 28 Oct 2016 18:36:38 +0200
Received: from linux-gy6r.site (nwb-a10-snat.microfocus.com [10.120.13.201])
	by nwb-ext-pat.microfocus.com with ESMTP (TLS encrypted);
	Fri, 28 Oct 2016 17:36:12 +0100
Subject: Re: [PATCH] fpga zynq: Check the bitstream for validity
To: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>,
	Matthias Brugger <mbrugger@suse.com>
References: <20161026225413.GA6220@obsidianresearch.com>
	<c0e99b6e-ae72-5c64-34c1-91865d0e00b5@suse.com>
	<20161027143937.GC6818@obsidianresearch.com>
	<8bed213a-96e3-1891-a46a-234253a2561e@suse.com>
	<20161028154740.GC10441@obsidianresearch.com>
From: Matthias Brugger <mbrugger@suse.com>
Message-ID: <5ea0e77e-11c5-b4f7-00a9-9c5425ffac5a@suse.com>
Date: Fri, 28 Oct 2016 18:36:06 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
	Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <20161028154740.GC10441@obsidianresearch.com>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20161028_093701_211284_44E78D3E 
X-CRM114-Status: GOOD (  15.75  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: Alan Tull <atull@opensource.altera.com>,
	Moritz Fischer <moritz.fischer@ettus.com>,
	Michal Simek <michal.simek@xilinx.com>,
	S??ren Brinkmann <soren.brinkmann@xilinx.com>,
	linux-arm-kernel@lists.infradead.org
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
X-Virus-Scanned: ClamAV using ClamSMTP

On 28/10/16 17:47, Jason Gunthorpe wrote:
> On Fri, Oct 28, 2016 at 01:06:08PM +0200, Matthias Brugger wrote:
>
>> The only case we don't check is, if count == 0. If we check that here, we
>> can get rid of the count <= 4 check.
>
> You don't think
>
>   if (count == 0 || buf[3] = 'x')
>
> looks weird and wrong? I do.
>

That wasn't what I meant. Apart it looks quite wrong, because when the 
count is zero buf[3] points to anything but a valid value.

>>> The count <= 4 should stay here since it is primarily guarding against
>>> read past the buffer in the if.
>>
>> If you insist in doing this check, it should be count < 4, because we check
>> the first four elements of buf, or do I miss something?
>
> count = 4 and count = 0 are both invalid. A bitstream consisting of
> only the sync word is also going to fail programming.
>
> As Michal said, the actual min bitstream length is probably >> 50 bytes
>

Sure but we are checking here that the bitstream passed to the kernel is 
correct. I was thinking of something like:

diff --git a/drivers/fpga/zynq-fpga.c b/drivers/fpga/zynq-fpga.c
index c2fb4120bd62..46a38772e7ee 100644
--- a/drivers/fpga/zynq-fpga.c
+++ b/drivers/fpga/zynq-fpga.c
@@ -184,12 +184,26 @@ static int zynq_fpga_ops_write_init(struct 
fpga_manager *mgr, u32 flags,

  	priv = mgr->priv;

+	/* All valid bitstreams are multiples of 32 bits */
+	if (!count || (count % 4) != 0)
+		return -EINVAL;
+

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel