From 2799d5c5f9d2064c6d1f50ec82e28e3eac5f6954 Mon Sep 17 00:00:00 2001 From: Stefan Richter Date: Thu, 18 Feb 2010 01:52:45 +0100 Subject: firewire: core: don't fail device creation in case of too large config ROM blocks It never happened yet, but better safe than sorry: If a device's config ROM contains a block which overlaps the boundary at 0xfffff00007ff, just ignore that one block instead of refusing to add the device representation. That way, upper layers (kernelspace or userspace drivers) might still be able to use the device to some degree. That's better than total inaccessibility of the device. Worse, the core would have logged only a generic "giving up on config rom" message which could only be debugged by feeding a firewire-ohci debug logging session through a config ROM interpreter, IOW would likely remain undiagnosed. Signed-off-by: Stefan Richter --- drivers/firewire/core-device.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'drivers/firewire') diff --git a/drivers/firewire/core-device.c b/drivers/firewire/core-device.c index e02bf2dff84..01cb6a327e2 100644 --- a/drivers/firewire/core-device.c +++ b/drivers/firewire/core-device.c @@ -588,15 +588,19 @@ static int read_bus_info_block(struct fw_device *device, int generation) if (read_rom(device, generation, i, &rom[i]) != RCODE_COMPLETE) goto out; end = i + (rom[i] >> 16) + 1; - i++; - if (end > READ_BIB_ROM_SIZE) + if (end > READ_BIB_ROM_SIZE) { /* - * This block extends outside standard config - * area (and the array we're reading it - * into). That's broken, so ignore this - * device. + * This block extends outside the config ROM which is + * a firmware bug. Ignore this whole block, i.e. + * simply set a fake block length of 0. */ - goto out; + fw_error("skipped invalid ROM block %x at %llx\n", + rom[i], + i * 4 | CSR_REGISTER_BASE | CSR_CONFIG_ROM); + rom[i] = 0; + end = i; + } + i++; /* * Now read in the block. If this is a directory -- cgit v1.2.3