lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20210928134654.991923-1-colin.king@canonical.com>
Date:   Tue, 28 Sep 2021 14:46:54 +0100
From:   Colin King <colin.king@...onical.com>
To:     Daniel Palmer <daniel@...ngy.jp>,
        Romain Perier <romain.perier@...il.com>,
        Alexandre Belloni <alexandre.belloni@...tlin.com>,
        Nobuhiro Iwamatsu <iwamatsu@...auri.org>,
        linux-arm-kernel@...ts.infradead.org, linux-rtc@...r.kernel.org
Cc:     kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH][next][V2] rtc: msc313: Fix unintentional sign extension issues with left shift of a u16

From: Colin Ian King <colin.king@...onical.com>

Shifting the u16 value returned by readw by 16 bits to the left
will be promoted to a 32 bit signed int and then sign-extended
to an unsigned long. If the top bit of the readw is set then
the shifted value will be sign extended and the top 32 bits of
the result will be set.

Fixes: be7d9c9161b9 ("rtc: Add support for the MSTAR MSC313 RTC")
Signed-off-by: Colin Ian King <colin.king@...onical.com>
---
V2: Fix identical issue in msc313_rtc_read_time too. Thanks to Daniel Palmer
    for noticing this ommission.
---
 drivers/rtc/rtc-msc313.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/rtc/rtc-msc313.c b/drivers/rtc/rtc-msc313.c
index 5f178d29cfd8..f3fde013c4b8 100644
--- a/drivers/rtc/rtc-msc313.c
+++ b/drivers/rtc/rtc-msc313.c
@@ -53,7 +53,7 @@ static int msc313_rtc_read_alarm(struct device *dev, struct rtc_wkalrm *alarm)
 	unsigned long seconds;
 
 	seconds = readw(priv->rtc_base + REG_RTC_MATCH_VAL_L)
-			| (readw(priv->rtc_base + REG_RTC_MATCH_VAL_H) << 16);
+			| ((unsigned long)readw(priv->rtc_base + REG_RTC_MATCH_VAL_H) << 16);
 
 	rtc_time64_to_tm(seconds, &alarm->time);
 
@@ -122,7 +122,7 @@ static int msc313_rtc_read_time(struct device *dev, struct rtc_time *tm)
 		udelay(1);
 
 	seconds = readw(priv->rtc_base + REG_RTC_CNT_VAL_L)
-			| (readw(priv->rtc_base + REG_RTC_CNT_VAL_H) << 16);
+			| ((unsigned long)readw(priv->rtc_base + REG_RTC_CNT_VAL_H) << 16);
 
 	rtc_time64_to_tm(seconds, tm);
 
-- 
2.32.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ