From nobody Mon Feb 9 19:53:26 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=canonical.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1634906791050996.7279155142867; Fri, 22 Oct 2021 05:46:31 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-489-ORPkjsvaOLCQEcfZsNsAaA-1; Fri, 22 Oct 2021 08:46:26 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 0D539180830C; Fri, 22 Oct 2021 12:46:21 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E4BF8101E589; Fri, 22 Oct 2021 12:46:20 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id AF4A84EA2F; Fri, 22 Oct 2021 12:46:20 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 19MCjtNb011540 for ; Fri, 22 Oct 2021 08:45:55 -0400 Received: by smtp.corp.redhat.com (Postfix) id E9FD62166B25; Fri, 22 Oct 2021 12:45:54 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E45C02166B2D for ; Fri, 22 Oct 2021 12:45:53 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 769A0811E78 for ; Fri, 22 Oct 2021 12:45:53 +0000 (UTC) Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-467-sTNm3YuZORmbMjXVv0zRow-1; Fri, 22 Oct 2021 08:45:50 -0400 Received: from mail-lf1-f69.google.com (mail-lf1-f69.google.com [209.85.167.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id BD5844000B for ; Fri, 22 Oct 2021 12:45:48 +0000 (UTC) Received: by mail-lf1-f69.google.com with SMTP id br42-20020a056512402a00b003fd94a74905so1691801lfb.7 for ; Fri, 22 Oct 2021 05:45:48 -0700 (PDT) Received: from ws.lan.d-node.is ([95.165.29.203]) by smtp.gmail.com with ESMTPSA id e8sm722655lft.308.2021.10.22.05.45.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Oct 2021 05:45:47 -0700 (PDT) X-MC-Unique: ORPkjsvaOLCQEcfZsNsAaA-1 X-MC-Unique: sTNm3YuZORmbMjXVv0zRow-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=SGfQkBivon1htZdfTTv0HIJP2GETQ5HsNDhoxwD6n0w=; b=U/hVgrIwlS7n1XTQbmOB3Dx4lIiw1I+EK6bUDxKgQOHEqHVSPCXafCi8d5m181PdJs OUcNEeAFb+8s/Si6f123j5TZgL9VJWETtM6nI3rvaWhdDb2uSnyywE3aacK8qNegAyWN pVU4KHxkeoBHl8vJZY3jbUkozyw/qlj5kyb3yZmoQWDGSAkWdLO7cfw1jm8IMtIzy3Fy qqAIJT6yFB0TpbSzJlfkEsrwgrC7nFyqbyludXICDoLafzxG4ltrprtXEbYufTJ4/rIo XQUBRCC3WYiO9sS/K4O/6KR0egyfT8nVqfIEpSNf5h3YlXQjp/w96zGlt2IYCzobn70z zOVA== X-Gm-Message-State: AOAM533boF+qPeycjIqZpxE4mfNJXuGDEIiVWhKnXcbYFl0B43o1gDZd 6AJyGGz4gUmcni0gbLBhDBaPvT57iPJ1Cs7hLftd4cgM0hzgA3kgGC/hBxsTwaZzUVGaMV+2TY/ FOgJRf7/MGVOQ0Ksm3Qx908QChl8Ue0Sm5A== X-Received: by 2002:a2e:bd0b:: with SMTP id n11mr12673560ljq.71.1634906748202; Fri, 22 Oct 2021 05:45:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwAp5qxJlmYj3Pb+kxawR3N+NG5H0K9xTVOFelIMePtZZDluSJC1F8ffyQFhOQxFJUkFHFXUA== X-Received: by 2002:a2e:bd0b:: with SMTP id n11mr12673533ljq.71.1634906747936; Fri, 22 Oct 2021 05:45:47 -0700 (PDT) From: Dmitrii Shcherbakov To: dmitrii.shcherbakov@canonical.com, libvir-list@redhat.com Subject: [libvirt PATCH 3/4] PCI VPD: Skip fields with invalid values Date: Fri, 22 Oct 2021 15:45:44 +0300 Message-Id: <20211022124545.412352-4-dmitrii.shcherbakov@canonical.com> In-Reply-To: <20211022124545.412352-1-dmitrii.shcherbakov@canonical.com> References: <20211022124545.412352-1-dmitrii.shcherbakov@canonical.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-MIME-Autoconverted: from quoted-printable to 8bit by lists01.pubmisc.prod.ext.phx2.redhat.com id 19MCjtNb011540 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1634906792851100001 Content-Type: text/plain; charset="utf-8" While invalid values need to be ignored when presenting VPD data to the user, it would be good to attempt to parse a valid portion of the VPD instead of marking it invalid as a whole. The particular example encountered on real hardware was twofold: * "N/A" strings present in read-only fields. This would not be a useful valid value for a field, not to mention that if the serial number field with the "N/A" value was parsed, it would confuse higher-level software because this isn't a unique serial for a device; * 0xFF bytes present in VPD-W field values. Those bytes are not valid values and were probably used by the vendor as placeholders. Ignoring the whole VPD because of that would be too strict. Signed-off-by: Dmitrii Shcherbakov --- src/util/virpcivpd.c | 9 ++-- tests/virpcivpdtest.c | 105 ++++++++++++++++++++++++++++++++++++++---- 2 files changed, 102 insertions(+), 12 deletions(-) diff --git a/src/util/virpcivpd.c b/src/util/virpcivpd.c index cd49031fa4..8c2b17c3a6 100644 --- a/src/util/virpcivpd.c +++ b/src/util/virpcivpd.c @@ -544,9 +544,12 @@ virPCIVPDParseVPDLargeResourceFields(int vpdFileFd, ui= nt16_t resPos, uint16_t re */ fieldValue =3D g_strstrip(g_strndup((char *)buf, fieldDataLen)= ); if (!virPCIVPDResourceIsValidTextValue(fieldValue)) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("Field value contains invalid characters"= )); - return false; + /* Skip fields with invalid values - this is safe assuming= field length is + * correctly specified. */ + VIR_DEBUG("A value for field %s contains invalid character= s", fieldKeyword); + g_free(g_steal_pointer(&fieldKeyword)); + g_free(g_steal_pointer(&fieldValue)); + continue; } } else if (fieldFormat =3D=3D VIR_PCI_VPD_RESOURCE_FIELD_VALUE_FOR= MAT_RESVD) { if (*csum) { diff --git a/tests/virpcivpdtest.c b/tests/virpcivpdtest.c index 00e34cc94a..b56f335fab 100644 --- a/tests/virpcivpdtest.c +++ b/tests/virpcivpdtest.c @@ -692,6 +692,99 @@ testVirPCIVPDParseFullVPDSkipInvalidKeywords(const voi= d *opaque G_GNUC_UNUSED) return 0; } =20 +static int +testVirPCIVPDParseFullVPDSkipInvalidValues(const void *opaque G_GNUC_UNUSE= D) +{ + int fd =3D -1; + size_t dataLen =3D 0; + size_t i =3D 0; + virPCIVPDResourceCustom *custom =3D NULL; + + g_autoptr(virPCIVPDResource) res =3D NULL; + + /* This example is based on real-world hardware which was programmed b= y the vendor with + * invalid field values in both the RO section and RW section. The RO = section contains + * only fields with invalid values and the checksum field with a corre= ct checksum. The + * RW field has a 0 length which means there is no more space in the R= W section. */ + const uint8_t fullVPDExample[] =3D { + 0x82, 0x23, 0x00, 0x48, 0x50, 0x20, 0x45, 0x74, 0x68, 0x65, 0x72, = 0x6e, 0x65, 0x74, + 0x20, 0x31, 0x47, 0x62, 0x20, 0x32, 0x2d, 0x70, 0x6f, 0x72, 0x74, = 0x20, 0x33, 0x36, + 0x31, 0x69, 0x20, 0x41, 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, 0x90, = 0x42, 0x00, 0x50, + 0x4e, 0x03, 0x4e, 0x2f, 0x41, 0x45, 0x43, 0x03, 0x4e, 0x2f, 0x41, = 0x53, 0x4e, 0x03, + 0x4e, 0x2f, 0x41, 0x56, 0x30, 0x29, 0x34, 0x57, 0x2f, 0x31, 0x57, = 0x20, 0x50, 0x43, + 0x49, 0x65, 0x47, 0x32, 0x78, 0x34, 0x20, 0x32, 0x70, 0x20, 0x31, = 0x47, 0x62, 0x45, + 0x20, 0x52, 0x4a, 0x34, 0x35, 0x20, 0x49, 0x6e, 0x74, 0x65, 0x6c, = 0x20, 0x69, 0x33, + 0x35, 0x30, 0x20, 0x20, 0x20, 0x52, 0x56, 0x01, 0x63, 0x91, 0x47, = 0x00, 0x56, 0x31, + 0x06, 0x35, 0x2e, 0x37, 0x2e, 0x30, 0x36, 0x56, 0x33, 0x06, 0x32, = 0x2e, 0x38, 0x2e, + 0x32, 0x30, 0x56, 0x36, 0x06, 0x31, 0x2e, 0x35, 0x2e, 0x33, 0x35, = 0x59, 0x41, 0x03, + 0x4e, 0x2f, 0x41, 0x59, 0x42, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, = 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x59, 0x43, 0x0D, = 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 'R', '= W', 0x00, 0x78, + }; + + dataLen =3D sizeof(fullVPDExample) / sizeof(uint8_t); + fd =3D virCreateAnonymousFile(fullVPDExample, dataLen); + res =3D virPCIVPDParse(fd); + VIR_FORCE_CLOSE(fd); + + if (!res) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + "The resource pointer is NULL after parsing which i= s unexpected."); + return -1; + } + /* In this case none of the RO fields have valid contents, however, th= ey have been checksummed + * correctly. Therefore, the RO portion of the resource is not initial= ized. The checksum + * includes bytes of the device name besides the VPD-R section. So thi= s example is valid + * and, considering the parser is implemented to be graceful about inv= alid keywords and + * values, this situation is generally possible. */ + if (res->ro) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + "The RO section consisting of only invalid fields g= ot parsed successfully"); + return -1; + } + if (!res->rw) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + "Could not successfully parse an RW section with so= me invalid fields"); + return -1; + } + + if (res->rw->asset_tag) { + /* The asset tag has an invalid value in this case so it should be= NULL. */ + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + "Successfully parsed an invalid asset tag."); + return -1; + } + if (res->rw->vendor_specific->len !=3D 3) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + "The number of parsed vendor fields is not equal to= the expected number."); + return -1; + } + if (res->rw->system_specific->len > 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + "Successfully parsed some systems-specific fields w= hile none are valid"); + return -1; + } + for (i =3D 0; i < res->rw->vendor_specific->len; ++i) { + custom =3D ((virPCIVPDResourceCustom*)g_ptr_array_index(res->rw->v= endor_specific, i)); + if (custom->idx =3D=3D '1') { + if (STRNEQ(custom->value, "5.7.06")) { + return -1; + } + } else if (custom->idx =3D=3D '3') { + if (STRNEQ(custom->value, "2.8.20")) { + return -1; + } + } else if (custom->idx =3D=3D '6') { + if (STRNEQ(custom->value, "1.5.35")) { + return -1; + } + } + } + + return 0; +} + + static int testVirPCIVPDParseFullVPDInvalid(const void *opaque G_GNUC_UNUSED) { @@ -753,14 +846,6 @@ testVirPCIVPDParseFullVPDInvalid(const void *opaque G_= GNUC_UNUSED) 'R', 'V', 0x02, 0x81, 0x00, \ PCI_VPD_RESOURCE_END_VAL =20 -# define VPD_R_INVALID_FIELD_VALUE \ - VPD_STRING_RESOURCE_EXAMPLE_HEADER, \ - VPD_STRING_RESOURCE_EXAMPLE_DATA, \ - PCI_VPD_LARGE_RESOURCE_FLAG | PCI_VPD_READ_ONLY_LARGE_RESOURCE_FLAG, 0= x0A, 0x00, \ - 'S', 'N', 0x02, 0x04, 0x02, \ - 'R', 'V', 0x02, 0x28, 0x00, \ - PCI_VPD_RESOURCE_END_VAL - # define VPD_INVALID_STRING_RESOURCE_VALUE \ VPD_STRING_RESOURCE_EXAMPLE_HEADER, \ 't', 0x03, 's', 't', 'n', 'a', 'm', 'e', \ @@ -833,7 +918,6 @@ testVirPCIVPDParseFullVPDInvalid(const void *opaque G_G= NUC_UNUSED) TEST_INVALID_VPD(VPD_R_INVALID_RV); TEST_INVALID_VPD(VPD_R_INVALID_RV_ZERO_LENGTH); TEST_INVALID_VPD(VPD_R_UNEXPECTED_RW_IN_VPD_R_KEY); - TEST_INVALID_VPD(VPD_R_INVALID_FIELD_VALUE); TEST_INVALID_VPD(VPD_INVALID_STRING_RESOURCE_VALUE); TEST_INVALID_VPD(VPD_INVALID_SN_FIELD_LENGTH); TEST_INVALID_VPD(VPD_INVALID_RV_NOT_LAST); @@ -868,6 +952,9 @@ mymain(void) if (virTestRun("Parsing a VPD resource with a zero-length RW ", testVirPCIVPDParseZeroLengthRW, NULL) < 0) ret =3D -1; + if (virTestRun("Parsing a VPD resource with an invalid values ", + testVirPCIVPDParseFullVPDSkipInvalidValues, NULL) < 0) + ret =3D -1; if (virTestRun("Parsing a VPD resource with an invalid keyword ", testVirPCIVPDParseFullVPDSkipInvalidKeywords, NULL) < 0) ret =3D -1; --=20 2.32.0