vDPA/ifcvf: get_config_size should return a value no greater than dev implementation

[linux-2.6-microblaze.git] / drivers / vdpa / ifcvf / ifcvf_base.c

diff --git a/drivers/vdpa/ifcvf/ifcvf_base.c b/drivers/vdpa/ifcvf/ifcvf_base.c
index 47b9409..75a703b 100644 (file)
--- a/drivers/vdpa/ifcvf/ifcvf_base.c
+++ b/drivers/vdpa/ifcvf/ifcvf_base.c
@@ -127,6 +127,7 @@ int ifcvf_init_hw(struct ifcvf_hw *hw, struct pci_dev *pdev)
                        break;
                case VIRTIO_PCI_CAP_DEVICE_CFG:
                        hw->dev_cfg = get_cap_addr(hw, &cap);
+                       hw->cap_dev_config_size = le32_to_cpu(cap.length);
                        IFCVF_DBG(pdev, "hw->dev_cfg = %p\n", hw->dev_cfg);
                        break;
                }
@@ -232,15 +233,23 @@ int ifcvf_verify_min_features(struct ifcvf_hw *hw, u64 features)
 u32 ifcvf_get_config_size(struct ifcvf_hw *hw)
 {
        struct ifcvf_adapter *adapter;
+       u32 net_config_size = sizeof(struct virtio_net_config);
+       u32 blk_config_size = sizeof(struct virtio_blk_config);
+       u32 cap_size = hw->cap_dev_config_size;
        u32 config_size;
 
        adapter = vf_to_adapter(hw);
+       /* If the onboard device config space size is greater than
+        * the size of struct virtio_net/blk_config, only the spec
+        * implementing contents size is returned, this is very
+        * unlikely, defensive programming.
+        */
        switch (hw->dev_type) {
        case VIRTIO_ID_NET:
-               config_size = sizeof(struct virtio_net_config);
+               config_size = min(cap_size, net_config_size);
                break;
        case VIRTIO_ID_BLOCK:
-               config_size = sizeof(struct virtio_blk_config);
+               config_size = min(cap_size, blk_config_size);
                break;
        default:
                config_size = 0;