From patchwork Tue Oct 25 20:57:10 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 9395477 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5BFE460235 for ; Tue, 25 Oct 2016 20:58:25 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4018229747 for ; Tue, 25 Oct 2016 20:58:25 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 34B7C2976A; Tue, 25 Oct 2016 20:58:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.4 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_SPAM autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 181D929747 for ; Tue, 25 Oct 2016 20:58:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S965127AbcJYU5x (ORCPT ); Tue, 25 Oct 2016 16:57:53 -0400 Received: from mout.kundenserver.de ([212.227.126.133]:55636 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755266AbcJYU5l (ORCPT ); Tue, 25 Oct 2016 16:57:41 -0400 Received: from wuerfel.lan. ([78.43.20.153]) by mrelayeu.kundenserver.de (mreue003) with ESMTPA (Nemesis) id 0LwmRY-1d0n752b60-016MkR; Tue, 25 Oct 2016 22:57:23 +0200 From: Arnd Bergmann To: Mark Brown Cc: Arnd Bergmann , stable@vger.kernel.org, Heiner Kallweit , Nobuteru Hayashi , linux-spi@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [v4.9 PATCH] spi: fsl-espi: avoid processing uninitalized data on error Date: Tue, 25 Oct 2016 22:57:10 +0200 Message-Id: <20161025205718.1637880-1-arnd@arndb.de> X-Mailer: git-send-email 2.9.0 X-Provags-ID: V03:K0:X8s/FHiQm3V1XW4uYWcfgSCnpZyOvgVSxRweL3JWDAfOICKeSOq E229vjCzSaWwqDzfqLQHjEkp/WSEhWI+KVX/1QF2CVuUv8gPgQNQXqL3iJHR8dkDgJDad0j sXLK2Wve7NNst3p0QvS9SdZmjx71K03v988YJ/QUugVcJ0Tms0lAd8DhWxFuqfsc0BoKovL hjEKP5zUOrMaBrBdw7zAg== X-UI-Out-Filterresults: notjunk:1; V01:K0:GB0tAOkxgl0=:AtxVS5IDbLIlPaQauIjcso 4hmtGXTM3nH9fuPt360vSr0ds7dVgwJRdc+RAPa181cxZQ/KBSfxdsOTjR6A0tCPf77PeGGa6 yDv4WQR/TD1TS2Gmq3QelrY6cOCL/Qqn1YlVltUMj8n2rgFUJN5+PeoYBOe67nhv2GAhK8Usd 0Xgm6qbl97/BcHSkCbjFKM0id0Pw+8BwHZymzfT+OAXVjWVfFfN8fNEdfJkf8KkU4VYElPgBD sUNpjR+LKQzFYjfgxc4RAeP3YdCFkMXa9cgNv5xi0O5BNUggvDW36FtgPUC59qoay4rIaCl56 yLAdhRUS4VvgOmkrU6sAzUKHFk4AnVgWU19TRTMZeZjGmK11fjYNik0PNapZ3I/pF1+lW41ot WcE8lV0tV7KWzl6iAbXOr4EXF8ObyGBjmJCL/p5iryQc7njCOjF+HIr3dTXsaX8lu2ZWKuKTQ UICCfZg5tEUkf5XScm2ZELjWLMoOiNVFijHU+aIApnfDAo988vCY9Azqy6ZTnLhBVeONFtmxM R3rIMeKxfimbM67EMG2qbOIyBCND5CQ/YAH6vkfsK23xztXo4JGGvyhctVTJtzZa5SLpQypqH g7V3VRHC/HE5cvh/tu1ReUpQd5/a9HsS6x40Ee7MpXC2EIL0KHNg98jbm+6Dj2QPGVMJ6Jr4d ja9HjVMwA50ub0n7l8W7SPJZJW+jFCQrEbplpLTfpZtT+PV4lee42FTp573/pUcs8A0A= Sender: linux-spi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-spi@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP When we get a spurious interrupt in fsl_espi_irq, we end up processing four uninitalized bytes of data, as shown in this warning message: drivers/spi/spi-fsl-espi.c: In function 'fsl_espi_irq': drivers/spi/spi-fsl-espi.c:462:4: warning: 'rx_data' may be used uninitialized in this function [-Wmaybe-uninitialized] This adds another check so we skip the data in this case. Fixes: 6319a68011b8 ("spi/fsl-espi: avoid infinite loops on fsl_espi_cpu_irq()") Cc: stable@vger.kernel.org Signed-off-by: Arnd Bergmann --- drivers/spi/spi-fsl-espi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) This is a bugfix that we should get into v4.9. It conflicts with a rework of that function that is currently scheduled in spi-next for v4.10, but is also required there in some form. I suppose we also want this backported to -stable, as we also get the warning in older kernels, and the patch that introduced the condition apparently address to fix the hardware problem that would now lead to incorrect data instead of an infinite loop. diff --git a/drivers/spi/spi-fsl-espi.c b/drivers/spi/spi-fsl-espi.c index 7451585..2c175b9 100644 --- a/drivers/spi/spi-fsl-espi.c +++ b/drivers/spi/spi-fsl-espi.c @@ -458,7 +458,7 @@ static void fsl_espi_cpu_irq(struct mpc8xxx_spi *mspi, u32 events) mspi->len -= rx_nr_bytes; - if (mspi->rx) + if (rx_nr_bytes && mspi->rx) mspi->get_rx(rx_data, mspi); }