Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp8762801rwb; Thu, 24 Nov 2022 04:05:42 -0800 (PST) X-Google-Smtp-Source: AA0mqf6BlQGkcBAFG6J6p6+wWW6UxTtNY7I8TMftwZvvGeVu7ENxlurQLETt32kdhzaEZ5BSHoAJ X-Received: by 2002:a17:906:ee2:b0:78d:3f96:b7aa with SMTP id x2-20020a1709060ee200b0078d3f96b7aamr13780562eji.74.1669291541535; Thu, 24 Nov 2022 04:05:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669291541; cv=none; d=google.com; s=arc-20160816; b=HKIBOHgxYASSocb37MzZX4AYUGeCuCLviVlaH8+tgAO+R3rE88csvEFlGaktZIv0dU 5LjjUOIiImJ3HtpM5rF35n016U941nDK2h1uwQyKEatRJXFJT4afMsRK3cJqgbTrYfwf Z7vuIeAOe+MUn6UHIpoHZjoXivD3yDIIA8oJiBIncvlt/oSdmVvWLKT8u5y2ln1qbQt0 2WE+S7i67BWI7SdpNwzkMa0bKmixeUwv31X8xSiP++3jmErfbLDRxeFn9NqlK0+uwMmV oPqZYfTXtq1f7ZfhKKdRMRWuoPmX6JnhpNd8ymt5FmDRBECKZX2k0kIJGLVWSItjGY6/ FGeg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=7kSqByKvJN+aNN0/t8/socjYXz0Y0ft0KSPlNneuq/0=; b=z8eOcgjACj+Y08LFigR0gZIcKmu0oNLh+ljpiwYuwxNIf8p6g1BfQ6uuoypajxQ5Hg tNrkecqkDFW9aQ4X3wGp51mBGD3yKB86hCr3XK3/YIzpYzNrmtr0n2kMT91HfMcyjmoW r18rgl1ERKQwfCECtYIdcvgfKMYZLB5wr8E0l/KrINqjAcH+Uaz1J69FUp5Vh6EADOu2 bAp0SSpSSAQgCvhKNTWNBnOipLc1+xJ6QbihPeTK0yn1RN6vk/K4445DOt62tgfD1LEj HQMJadSmHxx6ty3qTKUq8kzBMtK341GL6zERC7kBnV962TgsBcqQrgByj2r69EIu26DJ k0kg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=rlA0ZA3D; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id hz6-20020a1709072ce600b007ae127c6c80si793141ejc.672.2022.11.24.04.05.19; Thu, 24 Nov 2022 04:05:41 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=rlA0ZA3D; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230164AbiKXLgE (ORCPT + 87 others); Thu, 24 Nov 2022 06:36:04 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40618 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230158AbiKXLf6 (ORCPT ); Thu, 24 Nov 2022 06:35:58 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 97207976C9; Thu, 24 Nov 2022 03:35:57 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 2C834620EB; Thu, 24 Nov 2022 11:35:57 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 52A01C433C1; Thu, 24 Nov 2022 11:35:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1669289756; bh=TogMFt68iAhnVUJFSxWaOLgAHnp4lsnQ3MKEsm5atos=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=rlA0ZA3Dpv8H60wDEUFJwlcAExv1GwsPujyRYiVi7pfXW8CaXCfmIvkZ7YlkOxU3C 68Gjzz9zmhapDy5AxpwRrIEZUqfIvlOKcGxBXwQw/c+itC/ekCXJmpwLikInbZIIwl V+Wk4/7Afts9igGZ11JqYDWz415xh6OjnB499mPRuMAKVbELrr8hDP60tl6hKE/P7x AF+3znzg0taw2g2fPahWDhLXNHYQ34lAxJRdu9F56xa0pmv3+LLxvCSTwAMC8bA53F 4hO48+bI+y/84wNxbZCy3QJ8DrN/T+ZtR/kfJxOKE0x23J1dtGnFo3g3/DDDfwDjc2 spb7aVQE7JBfg== Date: Thu, 24 Nov 2022 11:35:51 +0000 From: Mark Brown To: Dhruva Gole Cc: Nathan Barrett-Morrison , greg.malysa@timesys.com, "open list:SPI SUBSYSTEM" , open list Subject: Re: [PATCH] spi: cadence-quadspi: Add upper limit safety check to baudrate divisor Message-ID: References: <20221123211705.126900-1-nathan.morrison@timesys.com> <9e5264fa-db1a-ed96-5fd8-cbfa4694b8bd@ti.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="lnq7tpudOIivlUPp" Content-Disposition: inline In-Reply-To: <9e5264fa-db1a-ed96-5fd8-cbfa4694b8bd@ti.com> X-Cookie: Apply only to affected area. X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --lnq7tpudOIivlUPp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Nov 24, 2022 at 12:16:10PM +0530, Dhruva Gole wrote: > On 24/11/22 02:47, Nathan Barrett-Morrison wrote: > > + /* Maximum baud divisor */ > > + if (div > CQSPI_REG_CONFIG_BAUD_MASK) > I don't think comparing "greater than" with a MASK is atall a good idea. Why - it's checking that the calculated divisor can actually fit in the relevant register field which seems like a totally normal thing to do? > Again, I don't fully understand your situation is as in > what is the peripheral you are using. So please elaborate on that. As far as I can tell the issue here is that the device is asking for a rate which requires a larger divisor than the controller can support but the driver doesn't do any bounds checking so it just writes the calculated divisor out to the hardware, corrupting any adjacent fields. In this context the SPI controller is a peripheral within the SoC. > Importantly, I would suggest that you _NEVER_ compare ANY value to a > MASK Macro. MASK Macros are meant to MASK bits. It's very common to also use masks to identify when values have overflowed the values that can be written to a field. --lnq7tpudOIivlUPp Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmN/VxcACgkQJNaLcl1U h9BMpgf/cLsAMTa2AU1EcDgf6Rm2h9wt/E0cD5OwpVV+MrTVABVz3uKgDoNYwfxE ka2++YyWBIzhbbKtdnvYhBmyeipb+uHTuGkx5+MCZT37sVjJhM3OB87Lja3xzBMD bzpgTL5D00f4AWPwB3sI4QaU8IzjiaBWZ0vSEaSpMDHHq6y2miWn1q53JcluAZ3A +ihJvhoFI3c8dO3PfXG8M8nnqD92X9HQpd0URp/4wAszq4RJTqyvwXZCD+Y0ECUw ES24GzTtJbRbASi9id6DqtaqO1kE6DT3nS/pIjIqSixRHjqPqySeWJDz93XU/KhU e04SV9UMdIcA5vhAaHDqKE9rHfw02A== =P2Sd -----END PGP SIGNATURE----- --lnq7tpudOIivlUPp--