From b511804169038ba3bff5b8b9b81978234cc9b58b Mon Sep 17 00:00:00 2001 From: Nico Huber Date: Fri, 5 Aug 2022 13:16:31 +0200 Subject: pciexp_device: Drop quirk handling in pciexp_get_ext_cap_offset() Keeping these checks in generic code seems rather dangerous. In theory, it could lead to endless loops even for compliant devices, if we accidentally detect arbitrary register contents as capability and use them as a pointer to another one. Not to forget that the register reads can have side effects. All users of this `cafe` have been converted to use pciexp_find_ext_vendor_cap(). Change-Id: I70d21534e04282a4156572a290b83c46be085e0c Signed-off-by: Nico Huber Reviewed-on: https://review.coreboot.org/c/coreboot/+/66456 Reviewed-by: Tim Wawrzynczak Tested-by: build bot (Jenkins) --- src/device/pciexp_device.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'src/device') diff --git a/src/device/pciexp_device.c b/src/device/pciexp_device.c index 3bb5cb82df..903ecdd941 100644 --- a/src/device/pciexp_device.c +++ b/src/device/pciexp_device.c @@ -13,17 +13,14 @@ static unsigned int pciexp_get_ext_cap_offset(const struct device *dev, unsigned unsigned int offset) { unsigned int this_cap_offset = offset; - unsigned int next_cap_offset, this_cap, cafe; + unsigned int next_cap_offset, this_cap; while (this_cap_offset != 0) { this_cap = pci_read_config32(dev, this_cap_offset); /* Bail out when this request is unsupported */ if (this_cap == 0xffffffff) break; - cafe = pci_read_config32(dev, this_cap_offset + 4); if ((this_cap & 0xffff) == cap) { return this_cap_offset; - } else if ((cafe & 0xffff) == cap) { - return this_cap_offset + 4; } else { next_cap_offset = this_cap >> 20; this_cap_offset = next_cap_offset; -- cgit v1.2.3