| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Jun 2024 17:51:39 +0100
From: Ben Walsh <ben@...nut.com>
To: Dan Carpenter <dan.carpenter@...aro.org>
Cc: Benson Leung <bleung@...omium.org>, Tzung-Bi Shih <tzungbi@...nel.org>,
Guenter Roeck <groeck@...omium.org>, chrome-platform@...ts.linux.dev,
linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] platform/chrome: cros_ec_lpc: Fix error code in
cros_ec_lpc_mec_read_bytes()
Thanks for fixing this! Unfortunately `in_range` returns -EINVAL if
length == 0 (see the definition of `fwk_ec_lpc_mec_in_range`). I'm sure
this broke something in my testing, but I can't find what it was now.
My original suggestion was to add a test for "length == 0" before the
"in_range" test, then do the test as you have done. But we decided to
defer this to a later, separate patch.
There's also a similar "in_range" test in `fwk_ec_lpc_mec_write_bytes`.
We could:
1. Revert this and change the `data & EC_LPC_STATUS_BUSY_MASK` to
`res & EC_LPC_STATUS_BUSY_MASK`. This is the same logic as before the
negative error code change.
or 2. Put in a check for length == 0.
or 3. Change the logic in `fwk_ec_lpc_mec_in_range`. Although I'm not
sure what the correct answer is to "zero length is in range?"
I prefer option 2. What do you think?
Dan Carpenter <dan.carpenter@...aro.org> writes:
> We changed these functions to returning negative error codes, but this
> first error path was accidentally overlooked. It leads to a Smatch
> warning:
>
> drivers/platform/chrome/cros_ec_lpc.c:181 ec_response_timed_out()
> error: uninitialized symbol 'data'.
>
> Fix this by returning the error code instead of success.
>
> Fixes: 68dbac0a58ef ("platform/chrome: cros_ec_lpc: MEC access can return error code")
> Signed-off-by: Dan Carpenter <dan.carpenter@...aro.org>
> ---
> drivers/platform/chrome/cros_ec_lpc.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/platform/chrome/cros_ec_lpc.c b/drivers/platform/chrome/cros_ec_lpc.c
> index ebe9fb143840..f0470248b109 100644
> --- a/drivers/platform/chrome/cros_ec_lpc.c
> +++ b/drivers/platform/chrome/cros_ec_lpc.c
> @@ -139,7 +139,7 @@ static int cros_ec_lpc_mec_read_bytes(unsigned int offset, unsigned int length,
> int in_range = cros_ec_lpc_mec_in_range(offset, length);
>
> if (in_range < 0)
> - return 0;
> + return in_range;
>
> return in_range ?
> cros_ec_lpc_io_bytes_mec(MEC_IO_READ,
> @@ -158,7 +158,7 @@ static int cros_ec_lpc_mec_write_bytes(unsigned int offset, unsigned int length,
> int in_range = cros_ec_lpc_mec_in_range(offset, length);
>
> if (in_range < 0)
> - return 0;
> + return in_range;
>
> return in_range ?
> cros_ec_lpc_io_bytes_mec(MEC_IO_WRITE,
> --
> 2.43.0
Powered by blists - more mailing lists