| Message ID | 20240110222503.2381599-1-Frank.Li@nxp.com (mailing list archive) |
|---|---|
| State | Rejected |
| Headers | show |
| Series | [1/1] i3c: master: svc: return error when read length bigger than 255 | expand |
On 10/01/2024 17:25:03-0500, Frank Li wrote: > RDTERM in MCTRL is 8 bits. Add a length check to prevent silent data errors > when the read length exceeds 255 bytes during each i3c_priv_xfer operation. > > Signed-off-by: Frank Li <Frank.Li@nxp.com> > --- > drivers/i3c/master/svc-i3c-master.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/drivers/i3c/master/svc-i3c-master.c b/drivers/i3c/master/svc-i3c-master.c > index bd10bb698da0f..181b56953fb28 100644 > --- a/drivers/i3c/master/svc-i3c-master.c > +++ b/drivers/i3c/master/svc-i3c-master.c > @@ -1375,6 +1375,11 @@ static int svc_i3c_master_priv_xfers(struct i3c_dev_desc *dev, > cmd->len = xfers[i].len; > cmd->actual_len = xfers[i].rnw ? xfers[i].len : 0; > cmd->continued = (i + 1) < nxfers; > + > + if (cmd->rnw && cmd->len > 255) { > + dev_err(master->dev, "only support read less than 255 each xfer\n"); What would be the end user action upon seeing this message? Is it actually useful? > + return -EINVAL; > + } > } > > mutex_lock(&master->lock); > -- > 2.34.1 >
On Thu, Jan 11, 2024 at 01:15:23AM +0100, Alexandre Belloni wrote: > On 10/01/2024 17:25:03-0500, Frank Li wrote: > > RDTERM in MCTRL is 8 bits. Add a length check to prevent silent data errors > > when the read length exceeds 255 bytes during each i3c_priv_xfer operation. > > > > Signed-off-by: Frank Li <Frank.Li@nxp.com> > > --- > > drivers/i3c/master/svc-i3c-master.c | 5 +++++ > > 1 file changed, 5 insertions(+) > > > > diff --git a/drivers/i3c/master/svc-i3c-master.c b/drivers/i3c/master/svc-i3c-master.c > > index bd10bb698da0f..181b56953fb28 100644 > > --- a/drivers/i3c/master/svc-i3c-master.c > > +++ b/drivers/i3c/master/svc-i3c-master.c > > @@ -1375,6 +1375,11 @@ static int svc_i3c_master_priv_xfers(struct i3c_dev_desc *dev, > > cmd->len = xfers[i].len; > > cmd->actual_len = xfers[i].rnw ? xfers[i].len : 0; > > cmd->continued = (i + 1) < nxfers; > > + > > + if (cmd->rnw && cmd->len > 255) { > > + dev_err(master->dev, "only support read less than 255 each xfer\n"); > > What would be the end user action upon seeing this message? Is it actually > useful? Hold on, I found an method. It may support > 255 transfer. Frank Li > > > + return -EINVAL; > > + } > > } > > > > mutex_lock(&master->lock); > > -- > > 2.34.1 > > > > -- > Alexandre Belloni, co-owner and COO, Bootlin > Embedded Linux and Kernel engineering > https://bootlin.com
diff --git a/drivers/i3c/master/svc-i3c-master.c b/drivers/i3c/master/svc-i3c-master.c index bd10bb698da0f..181b56953fb28 100644 --- a/drivers/i3c/master/svc-i3c-master.c +++ b/drivers/i3c/master/svc-i3c-master.c @@ -1375,6 +1375,11 @@ static int svc_i3c_master_priv_xfers(struct i3c_dev_desc *dev, cmd->len = xfers[i].len; cmd->actual_len = xfers[i].rnw ? xfers[i].len : 0; cmd->continued = (i + 1) < nxfers; + + if (cmd->rnw && cmd->len > 255) { + dev_err(master->dev, "only support read less than 255 each xfer\n"); + return -EINVAL; + } } mutex_lock(&master->lock);
RDTERM in MCTRL is 8 bits. Add a length check to prevent silent data errors when the read length exceeds 255 bytes during each i3c_priv_xfer operation. Signed-off-by: Frank Li <Frank.Li@nxp.com> --- drivers/i3c/master/svc-i3c-master.c | 5 +++++ 1 file changed, 5 insertions(+)