ipc4: large_config: log rejected data_off_size validation failures#10934
Merged
kv2019i merged 1 commit intoJun 22, 2026
Merged
Conversation
jsarha
requested review from
dbaluta,
kv2019i,
lbetlej,
lgirdwood,
mmaka1 and
plbossart
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
This PR improves diagnosability of IPC4 MOD_LARGE_CONFIG_SET rejections by adding debug traces when data_off_size fails existing bounds checks in ipc4_set_vendor_config_module_instance() (no change to validation logic).
Changes:
- Add
tr_dbg()logging whendata_off_sizeexceedsMAILBOX_HOSTBOX_SIZE. - Add
tr_dbg()logging wheninit_blockrequests provide adata_off_sizesmaller thansizeof(struct sof_tlv).
Comment on lines
+1111
to
+1112
| tr_dbg(&ipc_tr, "data_off_size greater than mailbox %u > %u", | ||
| data_off_size, MAILBOX_HOSTBOX_SIZE); |
Contributor
Author
There was a problem hiding this comment.
Why on earth copilot wants to cast literal macro to size_t and then use %zu ? Double space fixed.
Member
There was a problem hiding this comment.
@jsarha was this giving a warning for native sim/fuzzing builds. I dont see it giving an issue today on 64bit since its sizes.
Comment on lines
+1116
to
+1117
| tr_dbg(&ipc_tr, "init_block data_off_size too small %u < %u", | ||
| data_off_size, sizeof(struct sof_tlv)); |
jsarha
force-pushed
the
ipc_user_handler_security_fixes_followup
branch
2 times, most recently
from
b91d399 to
d4c5415
Compare
lgirdwood
approved these changes
Jun 17, 2026
kv2019i
requested changes
Jun 18, 2026
kv2019i
left a comment
kv2019i
left a comment
Collaborator
There was a problem hiding this comment.
Comment on the changes inline. -1 due to wrong sign-off...
The data_off_size bounds checks in ipc4_set_vendor_config_module_instance() silently returned IPC4_INVALID_CONFIG_DATA_STRUCT, giving no clue why a MOD_LARGE_CONFIG_SET request was rejected. This makes diagnosing malformed or malicious topologies/host requests harder. Add tr_dbg() traces to both rejection paths reporting the offending data_off_size together with the limit it violated (the mailbox size for the upper bound, and sizeof(struct sof_tlv) for the init_block lower bound). No functional change to the validation itself. Signed-off-by: Jyri Sarha <jyri.sarha@linux.intel.com>
jsarha
force-pushed
the
ipc_user_handler_security_fixes_followup
branch
from
d4c5415 to
a548c0c
Compare
lgirdwood
approved these changes
Jun 18, 2026
kv2019i
approved these changes
Jun 22, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The data_off_size bounds checks in ipc4_set_vendor_config_module_instance() silently returned IPC4_INVALID_CONFIG_DATA_STRUCT, giving no clue why a MOD_LARGE_CONFIG_SET request was rejected. This makes diagnosing malformed or malicious topologies/host requests harder.
Add tr_dbg() traces to both rejection paths reporting the offending data_off_size together with the limit it violated (the mailbox size for the upper bound, and sizeof(struct sof_tlv) for the init_block lower bound). No functional change to the validation itself.