From: Antti Palosaari <crope@iki.fi>
To: Mauro Carvalho Chehab <m.chehab@samsung.com>, unlisted-recipients:;
Cc: Linux Media Mailing List <linux-media@vger.kernel.org>,
Mauro Carvalho Chehab <mchehab@infradead.org>
Subject: Re: [PATCH v3 18/29] [media] tuners: Don't use dynamic static allocation
Date: Thu, 07 Nov 2013 20:55:17 +0200 [thread overview]
Message-ID: <527BE215.4080702@iki.fi> (raw)
In-Reply-To: <527926CB.8070006@iki.fi>
Mauro,
I just notified these are all broken. The reason is here that I2C
adapter sets I2C operation length using sizeof(buf).
Please take a look of all there patches and check existing use of
sizeof(buf).
regards
Antti
On 05.11.2013 19:11, Antti Palosaari wrote:
> Acked-by: Antti Palosaari <crope@iki.fi>
> Reviewed-by: Antti Palosaari <crope@iki.fi>
>
> Antti
>
> On 05.11.2013 12:01, Mauro Carvalho Chehab wrote:
>> Dynamic static allocation is evil, as Kernel stack is too low, and
>> compilation complains about it on some archs:
>> drivers/media/tuners/e4000.c:50:1: warning: 'e4000_wr_regs' uses
>> dynamic stack allocation [enabled by default]
>> drivers/media/tuners/e4000.c:83:1: warning: 'e4000_rd_regs' uses
>> dynamic stack allocation [enabled by default]
>> drivers/media/tuners/fc2580.c:66:1: warning:
>> 'fc2580_wr_regs.constprop.1' uses dynamic stack allocation [enabled by
>> default]
>> drivers/media/tuners/fc2580.c:98:1: warning:
>> 'fc2580_rd_regs.constprop.0' uses dynamic stack allocation [enabled by
>> default]
>> drivers/media/tuners/tda18212.c:57:1: warning: 'tda18212_wr_regs'
>> uses dynamic stack allocation [enabled by default]
>> drivers/media/tuners/tda18212.c:90:1: warning:
>> 'tda18212_rd_regs.constprop.0' uses dynamic stack allocation [enabled
>> by default]
>> drivers/media/tuners/tda18218.c:60:1: warning: 'tda18218_wr_regs'
>> uses dynamic stack allocation [enabled by default]
>> drivers/media/tuners/tda18218.c:92:1: warning:
>> 'tda18218_rd_regs.constprop.0' uses dynamic stack allocation [enabled
>> by default]
>>
>> Instead, let's enforce a limit for the buffer. Considering that I2C
>> transfers are generally limited, and that devices used on USB has a
>> max data length of 64 bytes for the control URBs.
>>
>> So, it seem safe to use 64 bytes as the hard limit for all those devices.
>>
>> On most cases, the limit is a way lower than that, but this limit
>> is small enough to not affect the Kernel stack, and it is a no brain
>> limit, as using smaller ones would require to either carefully each
>> driver or to take a look on each datasheet.
>>
>> Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>
>> ---
>> drivers/media/tuners/e4000.c | 21 +++++++++++++++++++--
>> drivers/media/tuners/fc2580.c | 21 +++++++++++++++++++--
>> drivers/media/tuners/tda18212.c | 21 +++++++++++++++++++--
>> drivers/media/tuners/tda18218.c | 21 +++++++++++++++++++--
>> 4 files changed, 76 insertions(+), 8 deletions(-)
>>
>> diff --git a/drivers/media/tuners/e4000.c b/drivers/media/tuners/e4000.c
>> index ad9309da4a91..30192463c9e1 100644
>> --- a/drivers/media/tuners/e4000.c
>> +++ b/drivers/media/tuners/e4000.c
>> @@ -20,11 +20,14 @@
>>
>> #include "e4000_priv.h"
>>
>> +/* Max transfer size done by I2C transfer functions */
>> +#define MAX_XFER_SIZE 64
>> +
>> /* write multiple registers */
>> static int e4000_wr_regs(struct e4000_priv *priv, u8 reg, u8 *val,
>> int len)
>> {
>> int ret;
>> - u8 buf[1 + len];
>> + u8 buf[MAX_XFER_SIZE];
>> struct i2c_msg msg[1] = {
>> {
>> .addr = priv->cfg->i2c_addr,
>> @@ -34,6 +37,13 @@ static int e4000_wr_regs(struct e4000_priv *priv,
>> u8 reg, u8 *val, int len)
>> }
>> };
>>
>> + if (1 + len > sizeof(buf)) {
>> + dev_warn(&priv->i2c->dev,
>> + "%s: i2c wr reg=%04x: len=%d is too big!\n",
>> + KBUILD_MODNAME, reg, len);
>> + return -EINVAL;
>> + }
>> +
>> buf[0] = reg;
>> memcpy(&buf[1], val, len);
>>
>> @@ -53,7 +63,7 @@ static int e4000_wr_regs(struct e4000_priv *priv, u8
>> reg, u8 *val, int len)
>> static int e4000_rd_regs(struct e4000_priv *priv, u8 reg, u8 *val,
>> int len)
>> {
>> int ret;
>> - u8 buf[len];
>> + u8 buf[MAX_XFER_SIZE];
>> struct i2c_msg msg[2] = {
>> {
>> .addr = priv->cfg->i2c_addr,
>> @@ -68,6 +78,13 @@ static int e4000_rd_regs(struct e4000_priv *priv,
>> u8 reg, u8 *val, int len)
>> }
>> };
>>
>> + if (len > sizeof(buf)) {
>> + dev_warn(&priv->i2c->dev,
>> + "%s: i2c rd reg=%04x: len=%d is too big!\n",
>> + KBUILD_MODNAME, reg, len);
>> + return -EINVAL;
>> + }
>> +
>> ret = i2c_transfer(priv->i2c, msg, 2);
>> if (ret == 2) {
>> memcpy(val, buf, len);
>> diff --git a/drivers/media/tuners/fc2580.c
>> b/drivers/media/tuners/fc2580.c
>> index 81f38aae9c66..430fa5163ec7 100644
>> --- a/drivers/media/tuners/fc2580.c
>> +++ b/drivers/media/tuners/fc2580.c
>> @@ -20,6 +20,9 @@
>>
>> #include "fc2580_priv.h"
>>
>> +/* Max transfer size done by I2C transfer functions */
>> +#define MAX_XFER_SIZE 64
>> +
>> /*
>> * TODO:
>> * I2C write and read works only for one single register. Multiple
>> registers
>> @@ -41,7 +44,7 @@
>> static int fc2580_wr_regs(struct fc2580_priv *priv, u8 reg, u8 *val,
>> int len)
>> {
>> int ret;
>> - u8 buf[1 + len];
>> + u8 buf[MAX_XFER_SIZE];
>> struct i2c_msg msg[1] = {
>> {
>> .addr = priv->cfg->i2c_addr,
>> @@ -51,6 +54,13 @@ static int fc2580_wr_regs(struct fc2580_priv *priv,
>> u8 reg, u8 *val, int len)
>> }
>> };
>>
>> + if (1 + len > sizeof(buf)) {
>> + dev_warn(&priv->i2c->dev,
>> + "%s: i2c wr reg=%04x: len=%d is too big!\n",
>> + KBUILD_MODNAME, reg, len);
>> + return -EINVAL;
>> + }
>> +
>> buf[0] = reg;
>> memcpy(&buf[1], val, len);
>>
>> @@ -69,7 +79,7 @@ static int fc2580_wr_regs(struct fc2580_priv *priv,
>> u8 reg, u8 *val, int len)
>> static int fc2580_rd_regs(struct fc2580_priv *priv, u8 reg, u8 *val,
>> int len)
>> {
>> int ret;
>> - u8 buf[len];
>> + u8 buf[MAX_XFER_SIZE];
>> struct i2c_msg msg[2] = {
>> {
>> .addr = priv->cfg->i2c_addr,
>> @@ -84,6 +94,13 @@ static int fc2580_rd_regs(struct fc2580_priv *priv,
>> u8 reg, u8 *val, int len)
>> }
>> };
>>
>> + if (len > sizeof(buf)) {
>> + dev_warn(&priv->i2c->dev,
>> + "%s: i2c rd reg=%04x: len=%d is too big!\n",
>> + KBUILD_MODNAME, reg, len);
>> + return -EINVAL;
>> + }
>> +
>> ret = i2c_transfer(priv->i2c, msg, 2);
>> if (ret == 2) {
>> memcpy(val, buf, len);
>> diff --git a/drivers/media/tuners/tda18212.c
>> b/drivers/media/tuners/tda18212.c
>> index e4a84ee231cf..b3a4adf9ff8f 100644
>> --- a/drivers/media/tuners/tda18212.c
>> +++ b/drivers/media/tuners/tda18212.c
>> @@ -20,6 +20,9 @@
>>
>> #include "tda18212.h"
>>
>> +/* Max transfer size done by I2C transfer functions */
>> +#define MAX_XFER_SIZE 64
>> +
>> struct tda18212_priv {
>> struct tda18212_config *cfg;
>> struct i2c_adapter *i2c;
>> @@ -32,7 +35,7 @@ static int tda18212_wr_regs(struct tda18212_priv
>> *priv, u8 reg, u8 *val,
>> int len)
>> {
>> int ret;
>> - u8 buf[len+1];
>> + u8 buf[MAX_XFER_SIZE];
>> struct i2c_msg msg[1] = {
>> {
>> .addr = priv->cfg->i2c_address,
>> @@ -42,6 +45,13 @@ static int tda18212_wr_regs(struct tda18212_priv
>> *priv, u8 reg, u8 *val,
>> }
>> };
>>
>> + if (1 + len > sizeof(buf)) {
>> + dev_warn(&priv->i2c->dev,
>> + "%s: i2c wr reg=%04x: len=%d is too big!\n",
>> + KBUILD_MODNAME, reg, len);
>> + return -EINVAL;
>> + }
>> +
>> buf[0] = reg;
>> memcpy(&buf[1], val, len);
>>
>> @@ -61,7 +71,7 @@ static int tda18212_rd_regs(struct tda18212_priv
>> *priv, u8 reg, u8 *val,
>> int len)
>> {
>> int ret;
>> - u8 buf[len];
>> + u8 buf[MAX_XFER_SIZE];
>> struct i2c_msg msg[2] = {
>> {
>> .addr = priv->cfg->i2c_address,
>> @@ -76,6 +86,13 @@ static int tda18212_rd_regs(struct tda18212_priv
>> *priv, u8 reg, u8 *val,
>> }
>> };
>>
>> + if (len > sizeof(buf)) {
>> + dev_warn(&priv->i2c->dev,
>> + "%s: i2c rd reg=%04x: len=%d is too big!\n",
>> + KBUILD_MODNAME, reg, len);
>> + return -EINVAL;
>> + }
>> +
>> ret = i2c_transfer(priv->i2c, msg, 2);
>> if (ret == 2) {
>> memcpy(val, buf, len);
>> diff --git a/drivers/media/tuners/tda18218.c
>> b/drivers/media/tuners/tda18218.c
>> index 2d31aeb6b088..7e2b32ee5349 100644
>> --- a/drivers/media/tuners/tda18218.c
>> +++ b/drivers/media/tuners/tda18218.c
>> @@ -20,11 +20,14 @@
>>
>> #include "tda18218_priv.h"
>>
>> +/* Max transfer size done by I2C transfer functions */
>> +#define MAX_XFER_SIZE 64
>> +
>> /* write multiple registers */
>> static int tda18218_wr_regs(struct tda18218_priv *priv, u8 reg, u8
>> *val, u8 len)
>> {
>> int ret = 0, len2, remaining;
>> - u8 buf[1 + len];
>> + u8 buf[MAX_XFER_SIZE];
>> struct i2c_msg msg[1] = {
>> {
>> .addr = priv->cfg->i2c_address,
>> @@ -33,6 +36,13 @@ static int tda18218_wr_regs(struct tda18218_priv
>> *priv, u8 reg, u8 *val, u8 len)
>> }
>> };
>>
>> + if (1 + len > sizeof(buf)) {
>> + dev_warn(&priv->i2c->dev,
>> + "%s: i2c wr reg=%04x: len=%d is too big!\n",
>> + KBUILD_MODNAME, reg, len);
>> + return -EINVAL;
>> + }
>> +
>> for (remaining = len; remaining > 0;
>> remaining -= (priv->cfg->i2c_wr_max - 1)) {
>> len2 = remaining;
>> @@ -63,7 +73,7 @@ static int tda18218_wr_regs(struct tda18218_priv
>> *priv, u8 reg, u8 *val, u8 len)
>> static int tda18218_rd_regs(struct tda18218_priv *priv, u8 reg, u8
>> *val, u8 len)
>> {
>> int ret;
>> - u8 buf[reg+len]; /* we must start read always from reg 0x00 */
>> + u8 buf[MAX_XFER_SIZE]; /* we must start read always from reg 0x00 */
>> struct i2c_msg msg[2] = {
>> {
>> .addr = priv->cfg->i2c_address,
>> @@ -78,6 +88,13 @@ static int tda18218_rd_regs(struct tda18218_priv
>> *priv, u8 reg, u8 *val, u8 len)
>> }
>> };
>>
>> + if (reg + len > sizeof(buf)) {
>> + dev_warn(&priv->i2c->dev,
>> + "%s: i2c wr reg=%04x: len=%d is too big!\n",
>> + KBUILD_MODNAME, reg, len);
>> + return -EINVAL;
>> + }
>> +
>> ret = i2c_transfer(priv->i2c, msg, 2);
>> if (ret == 2) {
>> memcpy(val, &buf[reg], len);
>>
>
>
--
http://palosaari.fi/
next prev parent reply other threads:[~2013-11-07 18:55 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-05 10:01 [PATCH v3 00/29] Fix errors/warnings with allmodconfig/allyesconfig on non-x86 archs Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 01/29] [media] tda9887: remove an warning when compiling for alpha Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 02/29] [media] radio-shark: remove a warning when CONFIG_PM is not defined Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 03/29] [media] zoran: don't build it on alpha Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 04/29] [media] cx18: struct i2c_client is too big for stack Mauro Carvalho Chehab
2013-11-06 0:19 ` Andy Walls
2013-11-05 10:01 ` [PATCH v3 05/29] [media] tef6862: fix warning on avr32 arch Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 06/29] [media] iguanair: simplify calculation of carrier delay cycles Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 07/29] [media] platform drivers: Fix build on frv arch Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 08/29] [media] radio-si470x-i2c: fix a warning on ia64 Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 09/29] [media] rc: Fir warnings on m68k arch Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 10/29] [media] uvc/lirc_serial: Fix some warnings on parisc arch Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 11/29] [media] s5h1420: Don't use dynamic static allocation Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 12/29] [media] dvb-frontends: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 13/29] " Mauro Carvalho Chehab
2013-11-05 17:00 ` Antti Palosaari
2013-11-05 10:01 ` [PATCH v3 14/29] [media] stb0899_drv: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 15/29] [media] stv0367: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 16/29] [media] stv090x: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 17/29] [media] av7110_hw: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 18/29] [media] tuners: " Mauro Carvalho Chehab
2013-11-05 17:11 ` Antti Palosaari
2013-11-07 18:55 ` Antti Palosaari [this message]
2013-11-07 21:13 ` Mauro Carvalho Chehab
2013-11-07 23:27 ` Antti Palosaari
2013-11-05 10:01 ` [PATCH v3 19/29] [media] tuner-xc2028: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 20/29] [media] cimax2: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 21/29] [media] v4l2-async: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 22/29] [media] cxusb: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 23/29] [media] dibusb-common: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 24/29] [media] dw2102: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 25/29] [media] af9015: " Mauro Carvalho Chehab
2013-11-05 17:14 ` Antti Palosaari
2013-11-05 10:01 ` [PATCH v3 26/29] [media] af9035: " Mauro Carvalho Chehab
2013-11-05 17:17 ` Antti Palosaari
2013-11-05 10:01 ` [PATCH v3 27/29] [media] mxl111sf: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 28/29] [media] lirc_zilog: " Mauro Carvalho Chehab
2013-11-05 10:01 ` [PATCH v3 29/29] [media] cx18: disable compilation on frv arch Mauro Carvalho Chehab
2013-11-05 15:17 ` [PATCH v3 00/29] Fix errors/warnings with allmodconfig/allyesconfig on non-x86 archs Hans Verkuil
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=527BE215.4080702@iki.fi \
--to=crope@iki.fi \
--cc=linux-media@vger.kernel.org \
--cc=m.chehab@samsung.com \
--cc=mchehab@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox