From: Jean Delvare <jdelvare@suse.de>
To: Andrew Jeffery <andrew@codeconstruct.com.au>
Cc: Joel Stanley <joel@jms.id.au>,
Henry Martin <bsdhenrymartin@gmail.com>,
Patrick Rudolph <patrick.rudolph@9elements.com>,
Andrew Geissler <geissonator@yahoo.com>,
Ninad Palsule <ninad@linux.ibm.com>,
Patrick Venture <venture@google.com>,
Robert Lippert <roblip@gmail.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 4/7] soc: aspeed: lpc-snoop: Constrain parameters in channel paths
Date: Wed, 16 Apr 2025 14:37:12 +0200 [thread overview]
Message-ID: <20250416143712.4e4666f4@endymion> (raw)
In-Reply-To: <20250411-aspeed-lpc-snoop-fixes-v1-4-64f522e3ad6f@codeconstruct.com.au>
On Fri, 11 Apr 2025 10:38:34 +0930, Andrew Jeffery wrote:
> Ensure pointers and the channel index are valid before use.
>
> Fixes: 9f4f9ae81d0a ("drivers/misc: add Aspeed LPC snoop driver")
Please don't abuse Fixes tags. Here you are hardening the code just in
case, but this isn't fixing any actual bug, as functions
aspeed_lpc_enable_snoop() and aspeed_lpc_disable_snoop() were never
called with an incorrect channel index.
> Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
> ---
> drivers/soc/aspeed/aspeed-lpc-snoop.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/drivers/soc/aspeed/aspeed-lpc-snoop.c b/drivers/soc/aspeed/aspeed-lpc-snoop.c
> index 28f034b8a3b7226efe20cbe30a7da0c2b49fbd96..6ab362aeb180c8ad356422d8257717f41a232b3c 100644
> --- a/drivers/soc/aspeed/aspeed-lpc-snoop.c
> +++ b/drivers/soc/aspeed/aspeed-lpc-snoop.c
> @@ -182,6 +182,7 @@ static int aspeed_lpc_snoop_config_irq(struct aspeed_lpc_snoop *lpc_snoop,
> return 0;
> }
>
> +__attribute__((nonnull))
> static int aspeed_lpc_enable_snoop(struct aspeed_lpc_snoop *lpc_snoop,
> struct device *dev,
> int channel, u16 lpc_port)
> @@ -190,6 +191,8 @@ static int aspeed_lpc_enable_snoop(struct aspeed_lpc_snoop *lpc_snoop,
> u32 hicr5_en, snpwadr_mask, snpwadr_shift, hicrb_en;
> int rc = 0;
>
> + if (channel < 0 || channel >= ARRAY_SIZE(lpc_snoop->chan))
> + return -EINVAL;
>
> if (lpc_snoop->chan[channel].enabled)
> return -EBUSY;
> @@ -252,9 +255,13 @@ static int aspeed_lpc_enable_snoop(struct aspeed_lpc_snoop *lpc_snoop,
> return rc;
> }
>
> +__attribute__((nonnull))
> static void aspeed_lpc_disable_snoop(struct aspeed_lpc_snoop *lpc_snoop,
> int channel)
> {
> + if (channel < 0 || channel >= ARRAY_SIZE(lpc_snoop->chan))
> + return;
> +
> if (!lpc_snoop->chan[channel].enabled)
> return;
>
>
TBH I'm not sure if this has much value, as any error in the channel
index (or passing NULL pointers for lpc_snoop or dev) would likely be
caught very early during driver development or update. And silently
returning early is not going to fix the problem if this ever happens.
But well, I'm not much into defensive programming anyway, so maybe this
is just me. As I'm not maintaining this driver, this ain't my decision.
Acked-by: Jean Delvare <jdelvare@suse.de>
--
Jean Delvare
SUSE L3 Support
next prev parent reply other threads:[~2025-04-16 12:37 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-11 1:08 [PATCH 0/7] soc: aspeed: lpc-snoop: Miscellaneous fixes Andrew Jeffery
2025-04-11 1:08 ` [PATCH 1/7] soc: aspeed: lpc-snoop: Cleanup resources in stack-order Andrew Jeffery
2025-04-16 12:03 ` Jean Delvare
2025-04-11 1:08 ` [PATCH 2/7] soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Andrew Jeffery
2025-04-16 12:15 ` Jean Delvare
2025-04-16 23:33 ` Andrew Jeffery
2025-04-11 1:08 ` [PATCH 3/7] soc: aspeed: lpc-snoop: Ensure model_data is valid Andrew Jeffery
2025-04-16 12:19 ` Jean Delvare
2025-04-16 23:34 ` Andrew Jeffery
2025-04-11 1:08 ` [PATCH 4/7] soc: aspeed: lpc-snoop: Constrain parameters in channel paths Andrew Jeffery
2025-04-16 12:37 ` Jean Delvare [this message]
2025-04-16 23:37 ` Andrew Jeffery
2025-04-11 1:08 ` [PATCH 5/7] soc: aspeed: lpc-snoop: Rename 'channel' to 'index' " Andrew Jeffery
2025-04-16 12:42 ` Jean Delvare
2025-04-11 1:08 ` [PATCH 6/7] soc: aspeed: lpc-snoop: Rearrange " Andrew Jeffery
2025-04-17 9:52 ` Jean Delvare
2025-04-11 1:08 ` [PATCH 7/7] soc: aspeed: lpc-snoop: Lift channel config to const structs Andrew Jeffery
2025-04-17 10:49 ` Jean Delvare
2025-04-29 2:58 ` Andrew Jeffery
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250416143712.4e4666f4@endymion \
--to=jdelvare@suse.de \
--cc=andrew@codeconstruct.com.au \
--cc=bsdhenrymartin@gmail.com \
--cc=geissonator@yahoo.com \
--cc=joel@jms.id.au \
--cc=linux-kernel@vger.kernel.org \
--cc=ninad@linux.ibm.com \
--cc=patrick.rudolph@9elements.com \
--cc=roblip@gmail.com \
--cc=venture@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox