redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity

MLK-22522: ASoC: fsl_sai: fix stack-out-of-bounds KASAN complain 

Fix the following KASAN reported issue:
==================================================================
[   11.580278] BUG: KASAN: stack-out-of-bounds in find_next_bit+0x3c/0xc0
[   11.586815] Read of size 8 at addr ffffffc8c8d4f760 by task swapper/0/1
[   11.593440]
[   11.594943] CPU: 4 PID: 1 Comm: swapper/0 Tainted: G W 4.19.35-05042-g. #157
[   11.604259] Hardware name: Freescale i.MX8QM MEK (DT)
[   11.609323] Call trace:
[   11.611785]  dump_backtrace+0x0/0x230
[   11.615458]  show_stack+0x14/0x20
[   11.618787]  dump_stack+0xbc/0xf4
[   11.622118]  print_address_description+0x60/0x270
[   11.626830]  kasan_report+0x230/0x360
[   11.630505]  __asan_load8+0x84/0xa8
[   11.634005]  find_next_bit+0x3c/0xc0
[   11.637595]  fsl_sai_calc_dl_off+0x1c/0x50
[   11.641703]  fsl_sai_read_dlcfg+0x184/0x368
[   11.645898]  fsl_sai_probe+0x3ec/0xb48
[   11.649663]  platform_drv_probe+0x70/0xd8
[   11.653683]  really_probe+0x24c/0x370
[   11.657358]  driver_probe_device+0x70/0x138
[   11.661554]  __driver_attach+0x124/0x128
[   11.665489]  bus_for_each_dev+0xe8/0x158
[   11.669425]  driver_attach+0x30/0x40
[   11.673012]  bus_add_driver+0x290/0x308
[   11.676861]  driver_register+0xbc/0x1d0
[   11.680711]  __platform_driver_register+0x7c/0x88
[   11.685431]  fsl_sai_driver_init+0x18/0x20
[   11.689537]  do_one_initcall+0xe8/0x5a8
[   11.693387]  kernel_init_freeable+0x6b0/0x760
[   11.697759]  kernel_init+0x10/0x120
[   11.701255]  ret_from_fork+0x10/0x18
....
==================================================================
[   11.800186] Disabling lock debugging due to kernel taint

Signed-off-by: Viorel Suman <viorel.suman@nxp.com>
Reviewed-by: Shengjiu Wang <shengjiu.wang@nxp.com>
5.4-rM2-2.2.x-imx-squashed
Viorel Suman 2019-08-29 13:17:33 +03:00
parent b02e986120
commit 4c4b7df6f9
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sound/soc/fsl/fsl_sai.c
View File

@ -1259,12 +1259,12 @@ static const struct of_device_id fsl_sai_ids[] = {
};
MODULE_DEVICE_TABLE(of, fsl_sai_ids);
static unsigned int fsl_sai_calc_dl_off(unsigned int* dl_mask)
static unsigned int fsl_sai_calc_dl_off(unsigned long dl_mask)
{
int fbidx, nbidx, offset;
fbidx = find_first_bit((const unsigned long *)dl_mask, 8);
nbidx = find_next_bit((const unsigned long *)dl_mask, 8, fbidx+1);
fbidx = find_first_bit(&dl_mask, 8);
nbidx = find_next_bit(&dl_mask, 8, fbidx + 1);
offset = nbidx - fbidx - 1;
return (offset < 0 || offset >= 7 ? 0 : offset);
@ -1321,9 +1321,9 @@ static int fsl_sai_read_dlcfg(struct platform_device *pdev, char *pn,
cfg[i].pins = pins;
cfg[i].mask[0] = rx;
cfg[i].offset[0] = fsl_sai_calc_dl_off(&rx);
cfg[i].offset[0] = fsl_sai_calc_dl_off(rx);
cfg[i].mask[1] = tx;
cfg[i].offset[1] = fsl_sai_calc_dl_off(&tx);
cfg[i].offset[1] = fsl_sai_calc_dl_off(tx);
}
*rcfg = cfg;