lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aD1ytV8kiWP9ssuv@stanley.mountain>
Date: Mon, 2 Jun 2025 12:45:25 +0300
From: Dan Carpenter <dan.carpenter@...aro.org>
To: Raju Rangoju <Raju.Rangoju@....com>
Cc: broonie@...nel.org, linux-spi@...r.kernel.org,
	linux-kernel@...r.kernel.org, miquel.raynal@...tlin.com,
	Krishnamoorthi M <krishnamoorthi.m@....com>,
	Akshata MukundShetty <akshata.mukundshetty@....com>, cve@...nel.org,
	Harshit Mogalapalli <harshit.m.mogalapalli@...cle.com>
Subject: Re: [PATCH] spi: spi-mem: Add fix to avoid divide error

On Thu, Apr 24, 2025 at 05:43:33PM +0530, Raju Rangoju wrote:
> 
> Fixes: 226d6cb3cb79 ("spi: spi-mem: Estimate the time taken by operations")
> Suggested-by: Krishnamoorthi M <krishnamoorthi.m@....com>
> Co-developed-by: Akshata MukundShetty <akshata.mukundshetty@....com>
> Signed-off-by: Akshata MukundShetty <akshata.mukundshetty@....com>
> Signed-off-by: Raju Rangoju <Raju.Rangoju@....com>
> ---
>  drivers/spi/spi-mem.c | 6 +++++-
>  1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/spi/spi-mem.c b/drivers/spi/spi-mem.c
> index a31a1db07aa4..5db0639d3b01 100644
> --- a/drivers/spi/spi-mem.c
> +++ b/drivers/spi/spi-mem.c
> @@ -596,7 +596,11 @@ u64 spi_mem_calc_op_duration(struct spi_mem_op *op)
>  	ns_per_cycles = 1000000000 / op->max_freq;
>  	ncycles += ((op->cmd.nbytes * 8) / op->cmd.buswidth) / (op->cmd.dtr ? 2 : 1);
>  	ncycles += ((op->addr.nbytes * 8) / op->addr.buswidth) / (op->addr.dtr ? 2 : 1);
> -	ncycles += ((op->dummy.nbytes * 8) / op->dummy.buswidth) / (op->dummy.dtr ? 2 : 1);
> +
> +	/* Dummy bytes are optional for some SPI flash memory operations */
> +	if (op->dummy.nbytes)
> +		ncycles += ((op->dummy.nbytes * 8) / op->dummy.buswidth) / (op->dummy.dtr ? 2 : 1);
> +

Hi,

We were reviewing "CVE-2025-37896: spi: spi-mem: Add fix to avoid divide
error" which was issued for this patch, but this patch is a no-op.

If op->dummy.nbytes is zero then the original code does:

	ncycles += 0;

We don't divide by op->dummy.nbytes.  Was something else intended?

regards,
dan carpenter

>  	ncycles += ((op->data.nbytes * 8) / op->data.buswidth) / (op->data.dtr ? 2 : 1);
>  
>  	return ncycles * ns_per_cycles;
> -- 
> 2.34.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ