[2/2] mailbox: mtk-cmdq: Fix local clock ID usage

Message ID	20211014093112.3852491-2-fshao@chromium.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=9yZI=PC=lists.infradead.org=linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 4A7EF60E96 From: Fei Shao <fshao@chromium.org> To: Jassi Brar <jaswinder.singh@linaro.org> Cc: Chun-Kuang Hu <chunkuang.hu@kernel.org>, Fei Shao <fshao@chromium.org>, Jassi Brar <jassisinghbrar@gmail.com>, Matthias Brugger <matthias.bgg@gmail.com>, "jason-jh.lin" <jason-jh.lin@mediatek.com>, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-mediatek@lists.infradead.org Subject: [PATCH 2/2] mailbox: mtk-cmdq: Fix local clock ID usage Date: Thu, 14 Oct 2021 17:31:11 +0800 Message-Id: <20211014093112.3852491-2-fshao@chromium.org> In-Reply-To: <20211014093112.3852491-1-fshao@chromium.org> References: <20211014093112.3852491-1-fshao@chromium.org> MIME-Version: 1.0 Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Linux-mediatek" <linux-mediatek-bounces@lists.infradead.org> Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org
Series	[1/2] mailbox: mtk-cmdq: Validate alias_id on probe \| expand [1/2] mailbox: mtk-cmdq: Validate alias_id on probe [2/2] mailbox: mtk-cmdq: Fix local clock ID usage

Message ID

20211014093112.3852491-2-fshao@chromium.org (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 4A7EF60E96
From: Fei Shao <fshao@chromium.org>
To: Jassi Brar <jaswinder.singh@linaro.org>
Cc: Chun-Kuang Hu <chunkuang.hu@kernel.org>, Fei Shao <fshao@chromium.org>,
 Jassi Brar <jassisinghbrar@gmail.com>,
 Matthias Brugger <matthias.bgg@gmail.com>,
 "jason-jh.lin" <jason-jh.lin@mediatek.com>,
 linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
 linux-mediatek@lists.infradead.org
Subject: [PATCH 2/2] mailbox: mtk-cmdq: Fix local clock ID usage
Date: Thu, 14 Oct 2021 17:31:11 +0800
Message-Id: <20211014093112.3852491-2-fshao@chromium.org>
In-Reply-To: <20211014093112.3852491-1-fshao@chromium.org>
References: <20211014093112.3852491-1-fshao@chromium.org>
MIME-Version: 1.0
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Linux-mediatek" <linux-mediatek-bounces@lists.infradead.org>
Errors-To: 
 linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org

Series

[1/2] mailbox: mtk-cmdq: Validate alias_id on probe | expand

Commit Message

Fei Shao Oct. 14, 2021, 9:31 a.m. UTC

In the probe function, the clock IDs were pointed to local variables
which should only be used in the same code block, and any access to them
after the probing stage becomes a use-after-free case.

Since there are only limited variants of the gce clock names so far, we
can just declare them as global constants to fix the issue.

Fixes: 85dfdbfc13ea ("mailbox: cmdq: add multi-gce clocks support for
mt8195")
Signed-off-by: Fei Shao <fshao@chromium.org>

---

 drivers/mailbox/mtk-cmdq-mailbox.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

Comments

Tzung-Bi Shih Oct. 14, 2021, 10:47 a.m. UTC | #1

On Thu, Oct 14, 2021 at 05:31:11PM +0800, Fei Shao wrote:
> +const char *clk_name = "gce";
> +const char *clk_names[] = { "gce0", "gce1" };
Does letting them static make more sense?

Fei Shao Oct. 14, 2021, 11:32 a.m. UTC | #2

On Thu, Oct 14, 2021 at 6:47 PM Tzung-Bi Shih <tzungbi@google.com> wrote:
>
> On Thu, Oct 14, 2021 at 05:31:11PM +0800, Fei Shao wrote:
> > +const char *clk_name = "gce";
> > +const char *clk_names[] = { "gce0", "gce1" };
> Does letting them static make more sense?
Yes, I'll send a v2 later. Thanks!

Tzung-Bi Shih Oct. 14, 2021, 11:34 a.m. UTC | #3

On Thu, Oct 14, 2021 at 7:33 PM Fei Shao <fshao@chromium.org> wrote:
>
> On Thu, Oct 14, 2021 at 6:47 PM Tzung-Bi Shih <tzungbi@google.com> wrote:
> >
> > On Thu, Oct 14, 2021 at 05:31:11PM +0800, Fei Shao wrote:
> > > +const char *clk_name = "gce";
> > > +const char *clk_names[] = { "gce0", "gce1" };
> > Does letting them static make more sense?
> Yes, I'll send a v2 later. Thanks!
Probably better to keep their scope in probe function but extend the
lifecycle by using static.

diff --git a/drivers/mailbox/mtk-cmdq-mailbox.c b/drivers/mailbox/mtk-cmdq-mailbox.c
index f3e52dddd422..27248b31cd51 100644
--- a/drivers/mailbox/mtk-cmdq-mailbox.c
+++ b/drivers/mailbox/mtk-cmdq-mailbox.c
@@ -90,6 +90,9 @@  struct gce_plat {
 	u32 gce_num;
 };
 
+const char *clk_name = "gce";
+const char *clk_names[] = { "gce0", "gce1" };
+
 u8 cmdq_get_shift_pa(struct mbox_chan *chan)
 {
 	struct cmdq *cmdq = container_of(chan->mbox, struct cmdq, mbox);
@@ -532,7 +535,6 @@  static int cmdq_probe(struct platform_device *pdev)
 	struct device_node *phandle = dev->of_node;
 	struct device_node *node;
 	int alias_id = 0;
-	char clk_name[4] = "gce";
 
 	cmdq = devm_kzalloc(dev, sizeof(*cmdq), GFP_KERNEL);
 	if (!cmdq)
@@ -570,12 +572,9 @@  static int cmdq_probe(struct platform_device *pdev)
 
 	if (cmdq->gce_num > 1) {
 		for_each_child_of_node(phandle->parent, node) {
-			char clk_id[8];
-
 			alias_id = of_alias_get_id(node, clk_name);
 			if (alias_id >= 0 && alias_id < cmdq->gce_num) {
-				snprintf(clk_id, sizeof(clk_id), "%s%d", clk_name, alias_id);
-				cmdq->clocks[alias_id].id = clk_id;
+				cmdq->clocks[alias_id].id = clk_names[alias_id];
 				cmdq->clocks[alias_id].clk = of_clk_get(node, 0);
 				if (IS_ERR(cmdq->clocks[alias_id].clk)) {
 					dev_err(dev, "failed to get gce clk: %d\n", alias_id);

[2/2] mailbox: mtk-cmdq: Fix local clock ID usage

Commit Message

Comments

Patch