* [PATCH] clk: clk-loongson2: Fix the number count of clk provider
@ 2024-12-25 6:05 Binbin Zhou
2025-01-07 21:25 ` Stephen Boyd
0 siblings, 1 reply; 5+ messages in thread
From: Binbin Zhou @ 2024-12-25 6:05 UTC (permalink / raw)
To: Binbin Zhou, Huacai Chen, Michael Turquette, Stephen Boyd,
Yinbo Zhu
Cc: Huacai Chen, linux-clk, Xuerui Wang, loongarch, Binbin Zhou,
stable
Since commit 02fb4f008433 ("clk: clk-loongson2: Fix potential buffer
overflow in flexible-array member access"), the clk provider register is
failed.
The count of `clks_num` is shown below:
for (p = data; p->name; p++)
clks_num++;
In fact, `clks_num` represents the number of SoC clocks and should be
expressed as the maximum value of the clock binding id in use (p->id + 1).
Now we fix it to avoid the following error when trying to register a clk
provider:
[ 13.409595] of_clk_hw_onecell_get: invalid index 17
Fixes: 02fb4f008433 ("clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access")
Cc: stable@vger.kernel.org
Signed-off-by: Binbin Zhou <zhoubinbin@loongson.cn>
---
drivers/clk/clk-loongson2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/clk/clk-loongson2.c b/drivers/clk/clk-loongson2.c
index 6bf51d5a49a1..b1b2038acd0b 100644
--- a/drivers/clk/clk-loongson2.c
+++ b/drivers/clk/clk-loongson2.c
@@ -294,7 +294,7 @@ static int loongson2_clk_probe(struct platform_device *pdev)
return -EINVAL;
for (p = data; p->name; p++)
- clks_num++;
+ clks_num = max(clks_num, p->id + 1);
clp = devm_kzalloc(dev, struct_size(clp, clk_data.hws, clks_num),
GFP_KERNEL);
--
2.43.5
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] clk: clk-loongson2: Fix the number count of clk provider
2024-12-25 6:05 [PATCH] clk: clk-loongson2: Fix the number count of clk provider Binbin Zhou
@ 2025-01-07 21:25 ` Stephen Boyd
2025-01-08 1:41 ` Binbin Zhou
0 siblings, 1 reply; 5+ messages in thread
From: Stephen Boyd @ 2025-01-07 21:25 UTC (permalink / raw)
To: Binbin Zhou, Binbin Zhou, Huacai Chen, Michael Turquette,
Yinbo Zhu, Gustavo A. R. Silva
Cc: Huacai Chen, linux-clk, Xuerui Wang, loongarch, Binbin Zhou,
stable
Quoting Binbin Zhou (2024-12-24 22:05:59)
> Since commit 02fb4f008433 ("clk: clk-loongson2: Fix potential buffer
> overflow in flexible-array member access"), the clk provider register is
> failed.
>
> The count of `clks_num` is shown below:
>
> for (p = data; p->name; p++)
> clks_num++;
>
> In fact, `clks_num` represents the number of SoC clocks and should be
> expressed as the maximum value of the clock binding id in use (p->id + 1).
>
> Now we fix it to avoid the following error when trying to register a clk
> provider:
>
> [ 13.409595] of_clk_hw_onecell_get: invalid index 17
>
> Fixes: 02fb4f008433 ("clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access")
> Cc: stable@vger.kernel.org
> Signed-off-by: Binbin Zhou <zhoubinbin@loongson.cn>
> ---
It's common practice to Cc the author of a patch in Fixes. Please do it
next time.
> drivers/clk/clk-loongson2.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/clk/clk-loongson2.c b/drivers/clk/clk-loongson2.c
> index 6bf51d5a49a1..b1b2038acd0b 100644
> --- a/drivers/clk/clk-loongson2.c
> +++ b/drivers/clk/clk-loongson2.c
> @@ -294,7 +294,7 @@ static int loongson2_clk_probe(struct platform_device *pdev)
> return -EINVAL;
>
> for (p = data; p->name; p++)
> - clks_num++;
> + clks_num = max(clks_num, p->id + 1);
NULL is a valid clk. Either fill the onecell data with -ENOENT error
pointers, or stop using it and implement a custom version of
of_clk_hw_onecell_get() that doesn't allow invalid clks to be requested
from this provider.
>
> clp = devm_kzalloc(dev, struct_size(clp, clk_data.hws, clks_num),
> GFP_KERNEL);
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] clk: clk-loongson2: Fix the number count of clk provider
2025-01-07 21:25 ` Stephen Boyd
@ 2025-01-08 1:41 ` Binbin Zhou
2025-01-08 19:20 ` Stephen Boyd
0 siblings, 1 reply; 5+ messages in thread
From: Binbin Zhou @ 2025-01-08 1:41 UTC (permalink / raw)
To: Stephen Boyd
Cc: Binbin Zhou, Huacai Chen, Michael Turquette, Yinbo Zhu,
Gustavo A. R. Silva, Huacai Chen, linux-clk, Xuerui Wang,
loongarch, stable
Hi Stephen:
Thanks for your review.
On Wed, Jan 8, 2025 at 5:25 AM Stephen Boyd <sboyd@kernel.org> wrote:
>
> Quoting Binbin Zhou (2024-12-24 22:05:59)
> > Since commit 02fb4f008433 ("clk: clk-loongson2: Fix potential buffer
> > overflow in flexible-array member access"), the clk provider register is
> > failed.
> >
> > The count of `clks_num` is shown below:
> >
> > for (p = data; p->name; p++)
> > clks_num++;
> >
> > In fact, `clks_num` represents the number of SoC clocks and should be
> > expressed as the maximum value of the clock binding id in use (p->id + 1).
> >
> > Now we fix it to avoid the following error when trying to register a clk
> > provider:
> >
> > [ 13.409595] of_clk_hw_onecell_get: invalid index 17
> >
> > Fixes: 02fb4f008433 ("clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access")
> > Cc: stable@vger.kernel.org
> > Signed-off-by: Binbin Zhou <zhoubinbin@loongson.cn>
> > ---
>
> It's common practice to Cc the author of a patch in Fixes. Please do it
> next time.
Oh, sorry it's my fault, I will do it next time.
>
> > drivers/clk/clk-loongson2.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/clk/clk-loongson2.c b/drivers/clk/clk-loongson2.c
> > index 6bf51d5a49a1..b1b2038acd0b 100644
> > --- a/drivers/clk/clk-loongson2.c
> > +++ b/drivers/clk/clk-loongson2.c
> > @@ -294,7 +294,7 @@ static int loongson2_clk_probe(struct platform_device *pdev)
> > return -EINVAL;
> >
> > for (p = data; p->name; p++)
> > - clks_num++;
> > + clks_num = max(clks_num, p->id + 1);
>
> NULL is a valid clk. Either fill the onecell data with -ENOENT error
> pointers, or stop using it and implement a custom version of
> of_clk_hw_onecell_get() that doesn't allow invalid clks to be requested
> from this provider.
Emm...
Just in case, how about setting all items to ERR_PTR(-ENOENT) before
assigning them.
This is shown below:
while (--clk_num >= 0)
clp->clk_data.hws[clk_num] = ERR_PTR(-ENOENT);
>
> >
> > clp = devm_kzalloc(dev, struct_size(clp, clk_data.hws, clks_num),
> > GFP_KERNEL);
--
Thanks.
Binbin
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] clk: clk-loongson2: Fix the number count of clk provider
2025-01-08 1:41 ` Binbin Zhou
@ 2025-01-08 19:20 ` Stephen Boyd
2025-01-09 3:06 ` Binbin Zhou
0 siblings, 1 reply; 5+ messages in thread
From: Stephen Boyd @ 2025-01-08 19:20 UTC (permalink / raw)
To: Binbin Zhou
Cc: Binbin Zhou, Huacai Chen, Michael Turquette, Yinbo Zhu,
Gustavo A. R. Silva, Huacai Chen, linux-clk, Xuerui Wang,
loongarch, stable
Quoting Binbin Zhou (2025-01-07 17:41:43)
> On Wed, Jan 8, 2025 at 5:25 AM Stephen Boyd <sboyd@kernel.org> wrote:
> > Quoting Binbin Zhou (2024-12-24 22:05:59)
> > > diff --git a/drivers/clk/clk-loongson2.c b/drivers/clk/clk-loongson2.c
> > > index 6bf51d5a49a1..b1b2038acd0b 100644
> > > --- a/drivers/clk/clk-loongson2.c
> > > +++ b/drivers/clk/clk-loongson2.c
> > > @@ -294,7 +294,7 @@ static int loongson2_clk_probe(struct platform_device *pdev)
> > > return -EINVAL;
> > >
> > > for (p = data; p->name; p++)
> > > - clks_num++;
> > > + clks_num = max(clks_num, p->id + 1);
> >
> > NULL is a valid clk. Either fill the onecell data with -ENOENT error
> > pointers, or stop using it and implement a custom version of
> > of_clk_hw_onecell_get() that doesn't allow invalid clks to be requested
> > from this provider.
>
> Emm...
> Just in case, how about setting all items to ERR_PTR(-ENOENT) before
> assigning them.
> This is shown below:
>
> while (--clk_num >= 0)
> clp->clk_data.hws[clk_num] = ERR_PTR(-ENOENT);
Or something like:
memset_p(&clk->clk_data.hws, ERR_PTR(-ENOENT), clk_num);
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] clk: clk-loongson2: Fix the number count of clk provider
2025-01-08 19:20 ` Stephen Boyd
@ 2025-01-09 3:06 ` Binbin Zhou
0 siblings, 0 replies; 5+ messages in thread
From: Binbin Zhou @ 2025-01-09 3:06 UTC (permalink / raw)
To: Stephen Boyd
Cc: Binbin Zhou, Huacai Chen, Michael Turquette, Yinbo Zhu,
Gustavo A. R. Silva, Huacai Chen, linux-clk, Xuerui Wang,
loongarch, stable
Hi Stephen:
Thanks for your comments.
On Thu, Jan 9, 2025 at 3:20 AM Stephen Boyd <sboyd@kernel.org> wrote:
>
> Quoting Binbin Zhou (2025-01-07 17:41:43)
> > On Wed, Jan 8, 2025 at 5:25 AM Stephen Boyd <sboyd@kernel.org> wrote:
> > > Quoting Binbin Zhou (2024-12-24 22:05:59)
> > > > diff --git a/drivers/clk/clk-loongson2.c b/drivers/clk/clk-loongson2.c
> > > > index 6bf51d5a49a1..b1b2038acd0b 100644
> > > > --- a/drivers/clk/clk-loongson2.c
> > > > +++ b/drivers/clk/clk-loongson2.c
> > > > @@ -294,7 +294,7 @@ static int loongson2_clk_probe(struct platform_device *pdev)
> > > > return -EINVAL;
> > > >
> > > > for (p = data; p->name; p++)
> > > > - clks_num++;
> > > > + clks_num = max(clks_num, p->id + 1);
> > >
> > > NULL is a valid clk. Either fill the onecell data with -ENOENT error
> > > pointers, or stop using it and implement a custom version of
> > > of_clk_hw_onecell_get() that doesn't allow invalid clks to be requested
> > > from this provider.
> >
> > Emm...
> > Just in case, how about setting all items to ERR_PTR(-ENOENT) before
> > assigning them.
> > This is shown below:
> >
> > while (--clk_num >= 0)
> > clp->clk_data.hws[clk_num] = ERR_PTR(-ENOENT);
>
> Or something like:
>
> memset_p(&clk->clk_data.hws, ERR_PTR(-ENOENT), clk_num);
Indeed, it looks better and cleaner.
I'll update in V2 soon.
--
Thanks.
Binbin
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2025-01-09 3:06 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-12-25 6:05 [PATCH] clk: clk-loongson2: Fix the number count of clk provider Binbin Zhou
2025-01-07 21:25 ` Stephen Boyd
2025-01-08 1:41 ` Binbin Zhou
2025-01-08 19:20 ` Stephen Boyd
2025-01-09 3:06 ` Binbin Zhou
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox