| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGb2v67BLODmDmQOJH-m-KWVtXS2EGrnPxi9czj6oipHPDTfjw@mail.gmail.com>
Date: Wed, 19 Feb 2020 10:49:18 +0800
From: Chen-Yu Tsai <wens@...e.org>
To: Ondrej Jirman <megous@...ous.com>
Cc: linux-sunxi <linux-sunxi@...glegroups.com>,
Maxime Ripard <mripard@...nel.org>,
Samuel Holland <samuel@...lland.org>,
Stephen Boyd <swboyd@...omium.org>,
"moderated list:ARM/Allwinner sunXi SoC support"
<linux-arm-kernel@...ts.infradead.org>,
open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] bus: sunxi-rsb: Return correct data when mixing 16-bit
and 8-bit reads
On Wed, Feb 19, 2020 at 9:10 AM Ondrej Jirman <megous@...ous.com> wrote:
>
> When doing a 16-bit read that returns data in the MSB byte, the
> RSB_DATA register will keep the MSB byte unchanged when doing
> the following 8-bit read. sunxi_rsb_read() will then return
> a result that contains high byte from 16-bit read mixed with
> the 8-bit result.
>
> The consequence is that after this happens the PMIC's regmap will
> look like this: (0x33 is the high byte from the 16-bit read)
>
> % cat /sys/kernel/debug/regmap/sunxi-rsb-3a3/registers
> 00: 33
> 01: 33
> 02: 33
> 03: 33
> 04: 33
> 05: 33
> 06: 33
> 07: 33
> 08: 33
> 09: 33
> 0a: 33
> 0b: 33
> 0c: 33
> 0d: 33
> 0e: 33
> [snip]
>
> Fix this by masking the result of the read with the correct mask
> based on the size of the read. There are no 16-bit users in the
> mainline kernel, so this doesn't need to get into the stable tree.
>
> Signed-off-by: Ondrej Jirman <megous@...ous.com>
Acked-by: Chen-Yu Tsai <wens@...e.org>
for the fix, however it's not entirely clear to me how the MSB 0x33
value got into the regmap. Looks like I expected the regmap core to
handle any overflows, or didn't expect the lingering MSB from 16-bit
reads, as I didn't have any 16-bit register devices back when I wrote
this.
ChenYu
> ---
> drivers/bus/sunxi-rsb.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/bus/sunxi-rsb.c b/drivers/bus/sunxi-rsb.c
> index b8043b58568ac..8ab6a3865f569 100644
> --- a/drivers/bus/sunxi-rsb.c
> +++ b/drivers/bus/sunxi-rsb.c
> @@ -316,6 +316,7 @@ static int sunxi_rsb_read(struct sunxi_rsb *rsb, u8 rtaddr, u8 addr,
> {
> u32 cmd;
> int ret;
> + u32 mask;
>
> if (!buf)
> return -EINVAL;
> @@ -323,12 +324,15 @@ static int sunxi_rsb_read(struct sunxi_rsb *rsb, u8 rtaddr, u8 addr,
> switch (len) {
> case 1:
> cmd = RSB_CMD_RD8;
> + mask = 0xffu;
> break;
> case 2:
> cmd = RSB_CMD_RD16;
> + mask = 0xffffu;
> break;
> case 4:
> cmd = RSB_CMD_RD32;
> + mask = 0xffffffffu;
> break;
> default:
> dev_err(rsb->dev, "Invalid access width: %zd\n", len);
> @@ -345,7 +349,7 @@ static int sunxi_rsb_read(struct sunxi_rsb *rsb, u8 rtaddr, u8 addr,
> if (ret)
> goto unlock;
>
> - *buf = readl(rsb->regs + RSB_DATA);
> + *buf = readl(rsb->regs + RSB_DATA) & mask;
>
> unlock:
> mutex_unlock(&rsb->lock);
> --
> 2.25.1
>
Powered by blists - more mailing lists