From: Guenter Roeck <linux@roeck-us.net>
To: "Cormier, Jonathan" <jcormier@criticallink.com>
Cc: linux-hwmon@vger.kernel.org,
John Pruitt <jpruitt@criticallink.com>,
Jean Delvare <jdelvare@suse.com>,
linux-kernel@vger.kernel.org, devicetree@vger.kernel.org,
Rob Herring <robh+dt@kernel.org>,
Krzysztof Kozlowski <krzysztof.kozlowski+dt@linaro.org>,
Bob Duke <bduke@criticallink.com>
Subject: Re: [PATCH v2 4/4] hwmon: ltc2945: Fix possible overflows
Date: Wed, 28 Dec 2022 09:01:10 -0800 [thread overview]
Message-ID: <20221228170110.GC1267483@roeck-us.net> (raw)
In-Reply-To: <20221220000457.1163446-5-jcormier@criticallink.com>
On Mon, Dec 19, 2022 at 07:04:57PM -0500, Cormier, Jonathan wrote:
> From: John Pruitt <jpruitt@criticallink.com>
>
> Use 64-bit values for intermediate calculations. Check for
> overflows and return INT_MAX if overflows happened.
>
> Signed-off-by: John Pruitt <jpruitt@criticallink.com>
> Signed-off-by: "Cormier, Jonathan" <jcormier@criticallink.com>
The problems here are introduced with the previous patch
and thus would need a Fixes: tag. It just doesn't make sense
to submit that as separate patch.
> ---
> drivers/hwmon/ltc2945.c | 20 +++++++++++++++-----
> 1 file changed, 15 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/hwmon/ltc2945.c b/drivers/hwmon/ltc2945.c
> index fc7d399b2c85..7239422fc6db 100644
> --- a/drivers/hwmon/ltc2945.c
> +++ b/drivers/hwmon/ltc2945.c
> @@ -126,6 +126,10 @@ static long long ltc2945_reg_to_val(struct device *dev, u8 reg)
> }
> val *= 1000;
> val = DIV_ROUND_CLOSEST_ULL(val, shunt_resistor);
> + /* check for overflow, use MAX value if it happened */
> + if (val > INT_MAX)
> + val = INT_MAX;
> +
ltc2945_reg_to_val returns long long, and the calling code expects long long.
How would this ever overflow ?
> break;
> case LTC2945_VIN_H:
> case LTC2945_MAX_VIN_H:
> @@ -159,12 +163,14 @@ static long long ltc2945_reg_to_val(struct device *dev, u8 reg)
> }
>
> static int ltc2945_val_to_reg(struct device *dev, u8 reg,
> - unsigned long val)
> + unsigned long val_32)
> {
> struct ltc2945_data *data = dev_get_drvdata(dev);
> struct regmap *regmap = data->regmap;
> u32 shunt_resistor = data->shunt_resistor;
> unsigned int control;
> + /* use 64-bit val for intermediate calculations */
> + unsigned long long val = val_32;
This is unnnecessary. The parameter can be unsigned long long,
making the conversion automatic.
> int ret;
>
> switch (reg) {
> @@ -184,7 +190,7 @@ static int ltc2945_val_to_reg(struct device *dev, u8 reg,
> if (control & CONTROL_MULT_SELECT) {
> /* 25 mV * 25 uV = 0.625 uV resolution. */
> val *= shunt_resistor;
> - val = DIV_ROUND_CLOSEST(val, 625 * 1000);
> + val = DIV_ROUND_CLOSEST_ULL(val, 625LL * 1000LL);
> } else {
> /*
> * 0.5 mV * 25 uV = 0.0125 uV resolution.
> @@ -192,7 +198,7 @@ static int ltc2945_val_to_reg(struct device *dev, u8 reg,
> * accept loss of accuracy.
> */
> val *= shunt_resistor;
> - val = DIV_ROUND_CLOSEST(val, 25 * 1000) * 2;
> + val = DIV_ROUND_CLOSEST_ULL(val, 25LL * 1000LL) * 2;
> }
> break;
> case LTC2945_VIN_H:
> @@ -201,7 +207,7 @@ static int ltc2945_val_to_reg(struct device *dev, u8 reg,
> case LTC2945_MAX_VIN_THRES_H:
> case LTC2945_MIN_VIN_THRES_H:
> /* 25 mV resolution. */
> - val /= 25;
> + val = DIV_ROUND_CLOSEST_ULL(val, 25LL);
Unrelated change causing behavioral change. Not that I mind, but it is
still unrelated and would have to be a separate patch.
> break;
> case LTC2945_ADIN_H:
> case LTC2945_MAX_ADIN_H:
> @@ -218,11 +224,15 @@ static int ltc2945_val_to_reg(struct device *dev, u8 reg,
> case LTC2945_MIN_SENSE_THRES_H:
> /* 25 uV resolution. Convert to mA. */
> val *= shunt_resistor;
> - val = DIV_ROUND_CLOSEST(val, 25 * 1000);
> + val = DIV_ROUND_CLOSEST_ULL(val, 25LL * 1000LL);
> break;
> default:
> return -EINVAL;
> }
> + /* If val is too large, just return the max value */
> + if (val > INT_MAX)
> + return INT_MAX;
> +
While the return value is declared as int, the calling code expects
unsigned long. It would be better to adjust the return value and clamp
against ULONG_MAX.
> return val;
> }
>
> --
> 2.25.1
prev parent reply other threads:[~2022-12-28 17:06 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-14 22:07 [PATCH 0/2] hwmon: ltc2945: Add binding and shunt resistor support Cormier, Jonathan
2022-12-14 22:07 ` [PATCH 1/2] dt-bindings: hwmon: adi,ltc2945: Add binding Cormier, Jonathan
2022-12-15 9:42 ` Krzysztof Kozlowski
[not found] ` <CADL8D3ZUE5WbV0oS6hEVUNh9asrhTKQeGR4McR6Kh6qykSFw=Q@mail.gmail.com>
2022-12-15 14:37 ` Jon Cormier
2022-12-14 22:07 ` [PATCH 2/2] hwmon: ltc2945: Allow setting shunt resistor Cormier, Jonathan
2022-12-15 15:11 ` Guenter Roeck
2022-12-15 19:42 ` Jon Cormier
2023-01-09 23:35 ` [PATCH v3 0/2] hwmon: ltc2945: Add binding and shunt resistor support Jonathan Cormier
2023-01-09 23:35 ` [PATCH v3 1/5] dt-bindings: hwmon: adi,ltc2945: Add binding Jonathan Cormier
2023-01-10 9:07 ` Krzysztof Kozlowski
2023-01-09 23:35 ` [PATCH v3 2/5] hwmon: ltc2945: Add devicetree match table Jonathan Cormier
2023-01-09 23:35 ` [PATCH v3 3/5] hwmon: ltc2945: Handle error case in ltc2945_value_store Jonathan Cormier
2023-01-10 0:04 ` Guenter Roeck
2023-01-10 18:19 ` Jon Cormier
2023-01-10 18:22 ` Guenter Roeck
2023-01-10 19:25 ` Jon Cormier
2023-01-12 0:44 ` Guenter Roeck
2023-01-18 18:32 ` Jon Cormier
2023-01-09 23:35 ` [PATCH v3 4/5] hwmon: ltc2945: Allow setting shunt resistor Jonathan Cormier
2023-01-09 23:35 ` [PATCH v3 5/5] hwmon: ltc2945: Convert division to DIV_ROUND_CLOSEST_ULL Jonathan Cormier
2022-12-20 0:04 ` [PATCH v2 0/2] hwmon: ltc2945: Add binding and shunt resistor support Cormier, Jonathan
2022-12-20 0:04 ` [PATCH v2 1/4] dt-bindings: hwmon: adi,ltc2945: Add binding Cormier, Jonathan
2022-12-20 10:15 ` Krzysztof Kozlowski
2022-12-20 14:35 ` Jon Cormier
2022-12-20 14:46 ` Guenter Roeck
2022-12-20 21:47 ` Jon Cormier
2022-12-20 0:04 ` [PATCH v2 2/4] hwmon: ltc2945: Add devicetree match table Cormier, Jonathan
2022-12-28 16:43 ` Guenter Roeck
2022-12-20 0:04 ` [PATCH v2 3/4] hwmon: ltc2945: Allow setting shunt resistor Cormier, Jonathan
2022-12-28 16:49 ` Guenter Roeck
2022-12-20 0:04 ` [PATCH v2 4/4] hwmon: ltc2945: Fix possible overflows Cormier, Jonathan
2022-12-28 17:01 ` Guenter Roeck [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221228170110.GC1267483@roeck-us.net \
--to=linux@roeck-us.net \
--cc=bduke@criticallink.com \
--cc=devicetree@vger.kernel.org \
--cc=jcormier@criticallink.com \
--cc=jdelvare@suse.com \
--cc=jpruitt@criticallink.com \
--cc=krzysztof.kozlowski+dt@linaro.org \
--cc=linux-hwmon@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=robh+dt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox