lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 12 Feb 2019 11:47:31 +0100
From:   Heiko Stübner <heiko@...ech.de>
To:     Yizhuo <yzhai003@....edu>
Cc:     csong@...ucr.edu, zhiyunq@...ucr.edu,
        Kishon Vijay Abraham I <kishon@...com>,
        linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
        linux-rockchip@...ts.infradead.org
Subject: Re: [PATCH] phy: Variable "caldone" in function rockchip_emmc_phy_power() could be uninitialized

Am Mittwoch, 6. Februar 2019, 02:47:33 CET schrieb Yizhuo:
> In function rockchip_emmc_phy_power(), local variable "caldone"
> could be uninitialized if function regmap_read() returns -EINVAL.
> However, it will be used directly in the later context, which
> is potentially unsafe.
> 
> Signed-off-by: Yizhuo <yzhai003@....edu>
> ---
>  drivers/phy/rockchip/phy-rockchip-emmc.c | 10 ++++++++--
>  1 file changed, 8 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/phy/rockchip/phy-rockchip-emmc.c
> b/drivers/phy/rockchip/phy-rockchip-emmc.c index f1b24f18e9b2..ca921ae08309
> 100644
> --- a/drivers/phy/rockchip/phy-rockchip-emmc.c
> +++ b/drivers/phy/rockchip/phy-rockchip-emmc.c
> @@ -85,11 +85,12 @@ struct rockchip_emmc_phy {
>  static int rockchip_emmc_phy_power(struct phy *phy, bool on_off)
>  {
>  	struct rockchip_emmc_phy *rk_phy = phy_get_drvdata(phy);
> -	unsigned int caldone;
> +	unsigned int caldone = 0;

hmm, this may hide actual uninitialized uses in the future?
With the added error handling below, there shouldn't be a case
where caldone might be used uninitialized still?


Heiko

>  	unsigned int dllrdy;
>  	unsigned int freqsel = PHYCTRL_FREQSEL_200M;
>  	unsigned long rate;
>  	unsigned long timeout;
> +	int err;
> 
>  	/*
>  	 * Keep phyctrl_pdb and phyctrl_endll low to allow
> @@ -164,9 +165,14 @@ static int rockchip_emmc_phy_power(struct phy *phy,
> bool on_off) * wait 5us for calpad busy trimming
>  	 */
>  	udelay(5);
> -	regmap_read(rk_phy->reg_base,
> +	err = regmap_read(rk_phy->reg_base,
>  		    rk_phy->reg_offset + GRF_EMMCPHY_STATUS,
>  		    &caldone);
> +	if (err) {
> +		pr_err("Failed to read status.\n");
> +		return err;
> +	}
> +
>  	caldone = (caldone >> PHYCTRL_CALDONE_SHIFT) & PHYCTRL_CALDONE_MASK;
>  	if (caldone != PHYCTRL_CALDONE_DONE) {
>  		pr_err("rockchip_emmc_phy_power: caldone timeout.\n");

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ