This series includes 1 patches:
1. fix global-out-of-bounds issue.
Changes in patch v3:
1. keep original patch author
2. fix version issue.
Changes in patch v2:
1. change check eint number boundary condition.
Guodong Liu (1):
pinctrl: mediatek: fix global-out-of-bounds issue
drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
--
2.18.0
From: Guodong Liu <[email protected]>
When eint virtual eint number is greater than gpio number,
it maybe produce 'desc[eint_n]' size globle-out-of-bounds issue.
Signed-off-by: Zhiyong Tao <[email protected]>
Signed-off-by: Guodong Liu <[email protected]>
---
drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c b/drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c
index 45ebdeba985a..12163d3c4bcb 100644
--- a/drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c
+++ b/drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c
@@ -285,8 +285,12 @@ static int mtk_xt_get_gpio_n(void *data, unsigned long eint_n,
desc = (const struct mtk_pin_desc *)hw->soc->pins;
*gpio_chip = &hw->chip;
- /* Be greedy to guess first gpio_n is equal to eint_n */
- if (desc[eint_n].eint.eint_n == eint_n)
+ /*
+ * Be greedy to guess first gpio_n is equal to eint_n.
+ * Only eint virtual eint number is greater than gpio number.
+ */
+ if (hw->soc->npins > eint_n &&
+ desc[eint_n].eint.eint_n == eint_n)
*gpio_n = eint_n;
else
*gpio_n = mtk_xt_find_eint_num(hw, eint_n);
--
2.25.1
On Wed, Nov 10, 2021 at 10:14 AM Zhiyong Tao <[email protected]> wrote:
>
> From: Guodong Liu <[email protected]>
>
> When eint virtual eint number is greater than gpio number,
> it maybe produce 'desc[eint_n]' size globle-out-of-bounds issue.
>
> Signed-off-by: Zhiyong Tao <[email protected]>
> Signed-off-by: Guodong Liu <[email protected]>
The order of Signed-off-by is still reversed though. The author comes first,
then comes everyone who subsequently handled the patch.
Once fixed,
Reviewed-by: Chen-Yu Tsai <[email protected]>
Also, for single patches, you don't really need to have a cover letter.
Any info you would convey through the cover letter, such as changelogs,
additional context, or whose tree you would like it merged through, can
be put after the triple-dash ...
> ---
here. Text put here won't get included in the commit log.
> drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c b/drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c
> index 45ebdeba985a..12163d3c4bcb 100644
> --- a/drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c
> +++ b/drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c
> @@ -285,8 +285,12 @@ static int mtk_xt_get_gpio_n(void *data, unsigned long eint_n,
> desc = (const struct mtk_pin_desc *)hw->soc->pins;
> *gpio_chip = &hw->chip;
>
> - /* Be greedy to guess first gpio_n is equal to eint_n */
> - if (desc[eint_n].eint.eint_n == eint_n)
> + /*
> + * Be greedy to guess first gpio_n is equal to eint_n.
> + * Only eint virtual eint number is greater than gpio number.
> + */
> + if (hw->soc->npins > eint_n &&
> + desc[eint_n].eint.eint_n == eint_n)
> *gpio_n = eint_n;
> else
> *gpio_n = mtk_xt_find_eint_num(hw, eint_n);
> --
> 2.25.1
>
>
> _______________________________________________
> Linux-mediatek mailing list
> [email protected]
> http://lists.infradead.org/mailman/listinfo/linux-mediatek