From 17cd5bd5391e6e7b363d66335e1bc6760ae969b9 Mon Sep 17 00:00:00 2001 From: Jean Delvare Date: Thu, 25 Jun 2015 09:06:55 +0200 Subject: firmware: dmi_scan: Only honor end-of-table for 64-bit tables A 32-bit entry point to a DMI table says how many structures the table contains. The SMBIOS specification explicitly says that end-of-table markers should be ignored if they are not actually at the end of the DMI table. So only honor the end-of-table marker for tables accessed through 64-bit entry points, as they do not specify a structure count. Fixes: fc43026278 ("dmi: add support for SMBIOS 3.0 64-bit entry point") Signed-off-by: Jean Delvare Acked-by: Ard Biesheuvel Cc: Leif Lindholm Cc: Matt Fleming --- drivers/firmware/dmi_scan.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'drivers/firmware/dmi_scan.c') diff --git a/drivers/firmware/dmi_scan.c b/drivers/firmware/dmi_scan.c index 97b1616aa391..bba843c2b0ac 100644 --- a/drivers/firmware/dmi_scan.c +++ b/drivers/firmware/dmi_scan.c @@ -89,9 +89,9 @@ static void dmi_table(u8 *buf, /* * Stop when we have seen all the items the table claimed to have - * (SMBIOS < 3.0 only) OR we reach an end-of-table marker OR we run - * off the end of the table (should never happen but sometimes does - * on bogus implementations.) + * (SMBIOS < 3.0 only) OR we reach an end-of-table marker (SMBIOS + * >= 3.0 only) OR we run off the end of the table (should never + * happen but sometimes does on bogus implementations.) */ while ((!dmi_num || i < dmi_num) && (data - buf + sizeof(struct dmi_header)) <= dmi_len) { @@ -110,8 +110,13 @@ static void dmi_table(u8 *buf, /* * 7.45 End-of-Table (Type 127) [SMBIOS reference spec v3.0.0] + * For tables behind a 64-bit entry point, we have no item + * count and no exact table length, so stop on end-of-table + * marker. For tables behind a 32-bit entry point, we have + * seen OEM structures behind the end-of-table marker on + * some systems, so don't trust it. */ - if (dm->type == DMI_ENTRY_END_OF_TABLE) + if (!dmi_num && dm->type == DMI_ENTRY_END_OF_TABLE) break; data += 2; -- cgit