LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Bjorn Helgaas <helgaas@kernel.org>
To: "Alex G." <mr.nuke.me@gmail.com>
Cc: bhelgaas@google.com, linux-pci@vger.kernel.org,
	gregkh@linuxfoundation.org, fred@fredlawl.com,
	linux-kernel@vger.kernel.org, alex_gagniuc@dellteam.com,
	austin_bolen@dell.com, keith.busch@intel.com
Subject: Re: [PATCH RESEND] PCI/AER: Use a common function to print AER error bits
Date: Mon, 7 May 2018 17:06:59 -0500	[thread overview]
Message-ID: <20180507220659.GB161390@bhelgaas-glaptop.roam.corp.google.com> (raw)
In-Reply-To: <8e8a8de1-a90c-ab88-c8ac-bbe8bcc7d49c@gmail.com>

On Mon, Apr 30, 2018 at 12:41:26PM -0500, Alex G. wrote:
> On 04/30/2018 12:15 PM, Bjorn Helgaas wrote:
> > On Sat, Apr 28, 2018 at 12:07:48PM -0500, Alex G. wrote:
> 
> (snip)
> >> I could update the offending line to say:
> >>  +	info.first_error = PCI_ERR_CAP_FEP(aer->cap_control);
> > 
> > That's what I would have expected.  So I'd say either do this, or add
> > a comment about why it's not the right thing to do.
> 
> Okay.
> 
> >> Though I still have the concerns with validating CPER data:
> >>
> >>> I can see a way to use even more common printk code, but that requires
> >>> validating the PCI regs we get from firmware. That means we need to make
> >>> a guarantee about CPER that is beyond the scope of this patch.
> > 
> > Sounds like this is material for another patch, but if/when you do
> > that, I'd like to understand your concern about validating the
> > registers we get from firmware.  Are you worried about getting
> > incorrect register contents, then printing the wrong info, making
> > the wrong decision about how to recover, something else?
> 
> I don't trust firmware, and I have daymares about firmware leaving these
> fields uninitialized. In jargon, I'd like to treat it as external
> untrusted serialized data.

That makes good sense to me.

In this particular case, we only test first_error for equality:

  __aer_print_error(...)
  {
    ...

      pci_err(dev, "   [%2d] %-22s%s\n", i, errmsg,
	info->first_error == i ? " (First)" : "");

so I don't think there's any danger.  If we were using it to index an
array or something, we should certainly validate it first.

  reply	other threads:[~2018-05-07 22:06 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-04-17 17:09 Alexandru Gagniuc
2018-04-26 17:27 ` Tyler Baicar
2018-04-27 22:43 ` Bjorn Helgaas
2018-04-28 16:46   ` Alex G.
2018-04-28 17:07     ` Alex G.
2018-04-30 17:15       ` Bjorn Helgaas
2018-04-30 17:41         ` Alex G.
2018-05-07 22:06           ` Bjorn Helgaas [this message]
2018-04-30 19:52 ` [PATCH v2] " Alexandru Gagniuc
2018-05-07 22:13   ` Bjorn Helgaas

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180507220659.GB161390@bhelgaas-glaptop.roam.corp.google.com \
    --to=helgaas@kernel.org \
    --cc=alex_gagniuc@dellteam.com \
    --cc=austin_bolen@dell.com \
    --cc=bhelgaas@google.com \
    --cc=fred@fredlawl.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=keith.busch@intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-pci@vger.kernel.org \
    --cc=mr.nuke.me@gmail.com \
    --subject='Re: [PATCH RESEND] PCI/AER: Use a common function to print AER error bits' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).