[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAPbMC74ShG6R8JEoiv29082GqN5jbkHrLcsw6fXfjWu=oAqmAg@mail.gmail.com>
Date: Mon, 19 Aug 2024 12:05:30 -0700
From: Haoyu Li <lihaoyu499@...il.com>
To: Michael Turquette <mturquette@...libre.com>, Stephen Boyd <sboyd@...nel.org>
Cc: linux-clk@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [drivers/clk] Question about `en7523_register_clocks` func: misuse of __counted_by
Dear Linux Developers for COMMON CLK FRAMEWORK,
We are curious about the use of `struct clk_hw_onecell_data *clk_data`
in function `en7523_register_clocks`.
The definition of `struct clk_hw_onecell_data` is at
https://elixir.bootlin.com/linux/v6.10.6/source/include/linux/clk-provider.h#L1405.
```
struct clk_hw_onecell_data {
unsigned int num;
struct clk_hw *hws[] __counted_by(num);
};
```
Our question is: The `hws` member of `struct clk_hw_onecell_data` is annotated
with "__counted_by", which means the size of the array is indicated by
`num`. Only if we set `num` before accessing `hws[n]`, the flexible
member `hws` can be properly bounds-checked at run-time when enabling
CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Or there will be a
warning from each array access that is prior to the initialization
because the number of elements is zero.
In function `en7523_register_clocks` at
https://elixir.bootlin.com/linux/v6.10.6/source/drivers/clk/clk-en7523.c#L428,
we think relocating `clk_data->num = EN7523_NUM_CLOCKS` before
accessing `clk_data->hws[EN7523_CLK_PCIE]` is needed.
Here is a fix example of a similar situation :
https://lore.kernel.org/stable/20240613113225.898955993@linuxfoundation.org/.
Please kindly correct us if we missed any key information. Looking
forward to your response!
Best,
Haoyu Li
Powered by blists - more mailing lists