* [PATCH] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
@ 2018-09-05 16:38 ` Sudeep Holla
0 siblings, 0 replies; 12+ messages in thread
From: Sudeep Holla @ 2018-09-05 16:38 UTC (permalink / raw)
To: arm
Cc: Sudeep Holla, linux-kernel, linux-arm-kernel, Ionela Voinescu,
Quentin Perret, Kevin Hilman, Olof Johansson, Arnd Bergmann
Firmware can provide zero as values for sustained performance level and
corresponding sustained frequency in kHz in order to hide the actual
frequencies and provide only abstract values. It may endup with divide
by zero scenario resulting in kernel panic.
Let's set the multiplication factor to one if either one or both of them
(sustained_perf_level and sustained_freq) are set to zero.
Fixes: a9e3fbfaa0ff ("firmware: arm_scmi: add initial support for performance protocol")
Reported-by: Ionela Voinescu <ionela.voinescu@arm.com>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
---
drivers/firmware/arm_scmi/perf.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
Hi ARM SoC team,
Can you pick this patch directly ?
Regards,
Sudeep
diff --git a/drivers/firmware/arm_scmi/perf.c b/drivers/firmware/arm_scmi/perf.c
index 721e6c57beae..51c08394026b 100644
--- a/drivers/firmware/arm_scmi/perf.c
+++ b/drivers/firmware/arm_scmi/perf.c
@@ -166,7 +166,12 @@ scmi_perf_domain_attributes_get(const struct scmi_handle *handle, u32 domain,
le32_to_cpu(attr->sustained_freq_khz);
dom_info->sustained_perf_level =
le32_to_cpu(attr->sustained_perf_level);
- dom_info->mult_factor = (dom_info->sustained_freq_khz * 1000) /
+ if (!dom_info->sustained_freq_khz ||
+ !dom_info->sustained_perf_level)
+ dom_info->mult_factor = 1;
+ else
+ dom_info->mult_factor =
+ (dom_info->sustained_freq_khz * 1000) /
dom_info->sustained_perf_level;
memcpy(dom_info->name, attr->name, SCMI_MAX_STR_SIZE);
}
--
2.7.4
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
@ 2018-09-05 16:38 ` Sudeep Holla
0 siblings, 0 replies; 12+ messages in thread
From: Sudeep Holla @ 2018-09-05 16:38 UTC (permalink / raw)
To: linux-arm-kernel
Firmware can provide zero as values for sustained performance level and
corresponding sustained frequency in kHz in order to hide the actual
frequencies and provide only abstract values. It may endup with divide
by zero scenario resulting in kernel panic.
Let's set the multiplication factor to one if either one or both of them
(sustained_perf_level and sustained_freq) are set to zero.
Fixes: a9e3fbfaa0ff ("firmware: arm_scmi: add initial support for performance protocol")
Reported-by: Ionela Voinescu <ionela.voinescu@arm.com>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
---
drivers/firmware/arm_scmi/perf.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
Hi ARM SoC team,
Can you pick this patch directly ?
Regards,
Sudeep
diff --git a/drivers/firmware/arm_scmi/perf.c b/drivers/firmware/arm_scmi/perf.c
index 721e6c57beae..51c08394026b 100644
--- a/drivers/firmware/arm_scmi/perf.c
+++ b/drivers/firmware/arm_scmi/perf.c
@@ -166,7 +166,12 @@ scmi_perf_domain_attributes_get(const struct scmi_handle *handle, u32 domain,
le32_to_cpu(attr->sustained_freq_khz);
dom_info->sustained_perf_level =
le32_to_cpu(attr->sustained_perf_level);
- dom_info->mult_factor = (dom_info->sustained_freq_khz * 1000) /
+ if (!dom_info->sustained_freq_khz ||
+ !dom_info->sustained_perf_level)
+ dom_info->mult_factor = 1;
+ else
+ dom_info->mult_factor =
+ (dom_info->sustained_freq_khz * 1000) /
dom_info->sustained_perf_level;
memcpy(dom_info->name, attr->name, SCMI_MAX_STR_SIZE);
}
--
2.7.4
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
2018-09-05 16:38 ` Sudeep Holla
@ 2018-09-06 13:17 ` Quentin Perret
-1 siblings, 0 replies; 12+ messages in thread
From: Quentin Perret @ 2018-09-06 13:17 UTC (permalink / raw)
To: Sudeep Holla
Cc: arm, linux-kernel, linux-arm-kernel, Ionela Voinescu,
Kevin Hilman, Olof Johansson, Arnd Bergmann
Hi Sudeep,
On Wednesday 05 Sep 2018 at 17:38:11 (+0100), Sudeep Holla wrote:
> @@ -166,7 +166,12 @@ scmi_perf_domain_attributes_get(const struct scmi_handle *handle, u32 domain,
> le32_to_cpu(attr->sustained_freq_khz);
> dom_info->sustained_perf_level =
> le32_to_cpu(attr->sustained_perf_level);
> - dom_info->mult_factor = (dom_info->sustained_freq_khz * 1000) /
> + if (!dom_info->sustained_freq_khz ||
> + !dom_info->sustained_perf_level)
> + dom_info->mult_factor = 1;
I'm sorry I missed that the first time I reviewed this patch, but after
discussing with Ionela, we found out that there is actually a case where
this could be a problem. If you have perf levels that are 1,2,3,4 (for
example), then with mult_factor=1 you'll register OPPs at 1Hz, 2Hz, 3Hz,
4Hz into PM_OPP. And that will be turned into 0 KHz for all of them at
the CPUFreq level when divided by 1000 in dev_pm_opp_init_cpufreq_table().
I guess a quick fix would be to have a default mult_factor of 1000 ...
What do you think ?
Thanks,
Quentin
^ permalink raw reply [flat|nested] 12+ messages in thread
* [PATCH] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
@ 2018-09-06 13:17 ` Quentin Perret
0 siblings, 0 replies; 12+ messages in thread
From: Quentin Perret @ 2018-09-06 13:17 UTC (permalink / raw)
To: linux-arm-kernel
Hi Sudeep,
On Wednesday 05 Sep 2018 at 17:38:11 (+0100), Sudeep Holla wrote:
> @@ -166,7 +166,12 @@ scmi_perf_domain_attributes_get(const struct scmi_handle *handle, u32 domain,
> le32_to_cpu(attr->sustained_freq_khz);
> dom_info->sustained_perf_level =
> le32_to_cpu(attr->sustained_perf_level);
> - dom_info->mult_factor = (dom_info->sustained_freq_khz * 1000) /
> + if (!dom_info->sustained_freq_khz ||
> + !dom_info->sustained_perf_level)
> + dom_info->mult_factor = 1;
I'm sorry I missed that the first time I reviewed this patch, but after
discussing with Ionela, we found out that there is actually a case where
this could be a problem. If you have perf levels that are 1,2,3,4 (for
example), then with mult_factor=1 you'll register OPPs at 1Hz, 2Hz, 3Hz,
4Hz into PM_OPP. And that will be turned into 0 KHz for all of them at
the CPUFreq level when divided by 1000 in dev_pm_opp_init_cpufreq_table().
I guess a quick fix would be to have a default mult_factor of 1000 ...
What do you think ?
Thanks,
Quentin
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
2018-09-06 13:17 ` Quentin Perret
@ 2018-09-06 14:38 ` Sudeep Holla
-1 siblings, 0 replies; 12+ messages in thread
From: Sudeep Holla @ 2018-09-06 14:38 UTC (permalink / raw)
To: Quentin Perret
Cc: Sudeep Holla, arm, linux-kernel, linux-arm-kernel,
Ionela Voinescu, Kevin Hilman, Olof Johansson, Arnd Bergmann
On 06/09/18 14:17, Quentin Perret wrote:
> Hi Sudeep,
>
> On Wednesday 05 Sep 2018 at 17:38:11 (+0100), Sudeep Holla wrote:
>> @@ -166,7 +166,12 @@ scmi_perf_domain_attributes_get(const struct scmi_handle *handle, u32 domain,
>> le32_to_cpu(attr->sustained_freq_khz);
>> dom_info->sustained_perf_level =
>> le32_to_cpu(attr->sustained_perf_level);
>> - dom_info->mult_factor = (dom_info->sustained_freq_khz * 1000) /
>> + if (!dom_info->sustained_freq_khz ||
>> + !dom_info->sustained_perf_level)
>> + dom_info->mult_factor = 1;
>
> I'm sorry I missed that the first time I reviewed this patch, but after
> discussing with Ionela, we found out that there is actually a case where
> this could be a problem. If you have perf levels that are 1,2,3,4 (for
> example), then with mult_factor=1 you'll register OPPs at 1Hz, 2Hz, 3Hz,
> 4Hz into PM_OPP. And that will be turned into 0 KHz for all of them at
> the CPUFreq level when divided by 1000 in dev_pm_opp_init_cpufreq_table().
>
Good find.
> I guess a quick fix would be to have a default mult_factor of 1000 ...
>
I agree.
> What do you think ?
I will respin and send.
--
Regards,
Sudeep
^ permalink raw reply [flat|nested] 12+ messages in thread
* [PATCH] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
@ 2018-09-06 14:38 ` Sudeep Holla
0 siblings, 0 replies; 12+ messages in thread
From: Sudeep Holla @ 2018-09-06 14:38 UTC (permalink / raw)
To: linux-arm-kernel
On 06/09/18 14:17, Quentin Perret wrote:
> Hi Sudeep,
>
> On Wednesday 05 Sep 2018 at 17:38:11 (+0100), Sudeep Holla wrote:
>> @@ -166,7 +166,12 @@ scmi_perf_domain_attributes_get(const struct scmi_handle *handle, u32 domain,
>> le32_to_cpu(attr->sustained_freq_khz);
>> dom_info->sustained_perf_level =
>> le32_to_cpu(attr->sustained_perf_level);
>> - dom_info->mult_factor = (dom_info->sustained_freq_khz * 1000) /
>> + if (!dom_info->sustained_freq_khz ||
>> + !dom_info->sustained_perf_level)
>> + dom_info->mult_factor = 1;
>
> I'm sorry I missed that the first time I reviewed this patch, but after
> discussing with Ionela, we found out that there is actually a case where
> this could be a problem. If you have perf levels that are 1,2,3,4 (for
> example), then with mult_factor=1 you'll register OPPs at 1Hz, 2Hz, 3Hz,
> 4Hz into PM_OPP. And that will be turned into 0 KHz for all of them at
> the CPUFreq level when divided by 1000 in dev_pm_opp_init_cpufreq_table().
>
Good find.
> I guess a quick fix would be to have a default mult_factor of 1000 ...
>
I agree.
> What do you think ?
I will respin and send.
--
Regards,
Sudeep
^ permalink raw reply [flat|nested] 12+ messages in thread
* [PATCH v2] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
2018-09-05 16:38 ` Sudeep Holla
@ 2018-09-06 15:10 ` Sudeep Holla
-1 siblings, 0 replies; 12+ messages in thread
From: Sudeep Holla @ 2018-09-06 15:10 UTC (permalink / raw)
To: arm
Cc: Sudeep Holla, linux-kernel, linux-arm-kernel, Ionela Voinescu,
Quentin Perret, Kevin Hilman, Olof Johansson, Arnd Bergmann
Firmware can provide zero as values for sustained performance level and
corresponding sustained frequency in kHz in order to hide the actual
frequencies and provide only abstract values. It may endup with divide
by zero scenario resulting in kernel panic.
Let's set the multiplication factor to one if either one or both of them
(sustained_perf_level and sustained_freq) are set to zero.
Fixes: a9e3fbfaa0ff ("firmware: arm_scmi: add initial support for performance protocol")
Reported-by: Ionela Voinescu <ionela.voinescu@arm.com>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
---
drivers/firmware/arm_scmi/perf.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
Hi ARM SoC team,
Can you pick this patch directly ?
Regards,
Sudeep
diff --git a/drivers/firmware/arm_scmi/perf.c b/drivers/firmware/arm_scmi/perf.c
index 721e6c57beae..64342944d917 100644
--- a/drivers/firmware/arm_scmi/perf.c
+++ b/drivers/firmware/arm_scmi/perf.c
@@ -166,7 +166,13 @@ scmi_perf_domain_attributes_get(const struct scmi_handle *handle, u32 domain,
le32_to_cpu(attr->sustained_freq_khz);
dom_info->sustained_perf_level =
le32_to_cpu(attr->sustained_perf_level);
- dom_info->mult_factor = (dom_info->sustained_freq_khz * 1000) /
+ if (!dom_info->sustained_freq_khz ||
+ !dom_info->sustained_perf_level)
+ /* CPUFreq converts to kHz, hence default 1000 */
+ dom_info->mult_factor = 1000;
+ else
+ dom_info->mult_factor =
+ (dom_info->sustained_freq_khz * 1000) /
dom_info->sustained_perf_level;
memcpy(dom_info->name, attr->name, SCMI_MAX_STR_SIZE);
}
--
2.7.4
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH v2] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
@ 2018-09-06 15:10 ` Sudeep Holla
0 siblings, 0 replies; 12+ messages in thread
From: Sudeep Holla @ 2018-09-06 15:10 UTC (permalink / raw)
To: linux-arm-kernel
Firmware can provide zero as values for sustained performance level and
corresponding sustained frequency in kHz in order to hide the actual
frequencies and provide only abstract values. It may endup with divide
by zero scenario resulting in kernel panic.
Let's set the multiplication factor to one if either one or both of them
(sustained_perf_level and sustained_freq) are set to zero.
Fixes: a9e3fbfaa0ff ("firmware: arm_scmi: add initial support for performance protocol")
Reported-by: Ionela Voinescu <ionela.voinescu@arm.com>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
---
drivers/firmware/arm_scmi/perf.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
Hi ARM SoC team,
Can you pick this patch directly ?
Regards,
Sudeep
diff --git a/drivers/firmware/arm_scmi/perf.c b/drivers/firmware/arm_scmi/perf.c
index 721e6c57beae..64342944d917 100644
--- a/drivers/firmware/arm_scmi/perf.c
+++ b/drivers/firmware/arm_scmi/perf.c
@@ -166,7 +166,13 @@ scmi_perf_domain_attributes_get(const struct scmi_handle *handle, u32 domain,
le32_to_cpu(attr->sustained_freq_khz);
dom_info->sustained_perf_level =
le32_to_cpu(attr->sustained_perf_level);
- dom_info->mult_factor = (dom_info->sustained_freq_khz * 1000) /
+ if (!dom_info->sustained_freq_khz ||
+ !dom_info->sustained_perf_level)
+ /* CPUFreq converts to kHz, hence default 1000 */
+ dom_info->mult_factor = 1000;
+ else
+ dom_info->mult_factor =
+ (dom_info->sustained_freq_khz * 1000) /
dom_info->sustained_perf_level;
memcpy(dom_info->name, attr->name, SCMI_MAX_STR_SIZE);
}
--
2.7.4
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH v2] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
2018-09-06 15:10 ` Sudeep Holla
@ 2018-09-06 16:59 ` Olof Johansson
-1 siblings, 0 replies; 12+ messages in thread
From: Olof Johansson @ 2018-09-06 16:59 UTC (permalink / raw)
To: Sudeep Holla
Cc: arm, linux-kernel, linux-arm-kernel, Ionela Voinescu,
Quentin Perret, Kevin Hilman, Arnd Bergmann
Hi,
On Thu, Sep 06, 2018 at 04:10:39PM +0100, Sudeep Holla wrote:
> Firmware can provide zero as values for sustained performance level and
> corresponding sustained frequency in kHz in order to hide the actual
> frequencies and provide only abstract values. It may endup with divide
> by zero scenario resulting in kernel panic.
>
> Let's set the multiplication factor to one if either one or both of them
> (sustained_perf_level and sustained_freq) are set to zero.
>
> Fixes: a9e3fbfaa0ff ("firmware: arm_scmi: add initial support for performance protocol")
> Reported-by: Ionela Voinescu <ionela.voinescu@arm.com>
> Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
> ---
> drivers/firmware/arm_scmi/perf.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> Hi ARM SoC team,
>
> Can you pick this patch directly ?
Applied, however:
> diff --git a/drivers/firmware/arm_scmi/perf.c b/drivers/firmware/arm_scmi/perf.c
> index 721e6c57beae..64342944d917 100644
> --- a/drivers/firmware/arm_scmi/perf.c
> +++ b/drivers/firmware/arm_scmi/perf.c
> @@ -166,7 +166,13 @@ scmi_perf_domain_attributes_get(const struct scmi_handle *handle, u32 domain,
> le32_to_cpu(attr->sustained_freq_khz);
> dom_info->sustained_perf_level =
> le32_to_cpu(attr->sustained_perf_level);
> - dom_info->mult_factor = (dom_info->sustained_freq_khz * 1000) /
> + if (!dom_info->sustained_freq_khz ||
> + !dom_info->sustained_perf_level)
> + /* CPUFreq converts to kHz, hence default 1000 */
> + dom_info->mult_factor = 1000;
> + else
> + dom_info->mult_factor =
> + (dom_info->sustained_freq_khz * 1000) /
> dom_info->sustained_perf_level;
> memcpy(dom_info->name, attr->name, SCMI_MAX_STR_SIZE);
I noticed you do memcpy of these name strings in a few places, and use
it as a string. Any firmware that would return a non-terminated string
would cause problems later on. strlcpy() might be a better approach.
-Olof
^ permalink raw reply [flat|nested] 12+ messages in thread
* [PATCH v2] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
@ 2018-09-06 16:59 ` Olof Johansson
0 siblings, 0 replies; 12+ messages in thread
From: Olof Johansson @ 2018-09-06 16:59 UTC (permalink / raw)
To: linux-arm-kernel
Hi,
On Thu, Sep 06, 2018 at 04:10:39PM +0100, Sudeep Holla wrote:
> Firmware can provide zero as values for sustained performance level and
> corresponding sustained frequency in kHz in order to hide the actual
> frequencies and provide only abstract values. It may endup with divide
> by zero scenario resulting in kernel panic.
>
> Let's set the multiplication factor to one if either one or both of them
> (sustained_perf_level and sustained_freq) are set to zero.
>
> Fixes: a9e3fbfaa0ff ("firmware: arm_scmi: add initial support for performance protocol")
> Reported-by: Ionela Voinescu <ionela.voinescu@arm.com>
> Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
> ---
> drivers/firmware/arm_scmi/perf.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> Hi ARM SoC team,
>
> Can you pick this patch directly ?
Applied, however:
> diff --git a/drivers/firmware/arm_scmi/perf.c b/drivers/firmware/arm_scmi/perf.c
> index 721e6c57beae..64342944d917 100644
> --- a/drivers/firmware/arm_scmi/perf.c
> +++ b/drivers/firmware/arm_scmi/perf.c
> @@ -166,7 +166,13 @@ scmi_perf_domain_attributes_get(const struct scmi_handle *handle, u32 domain,
> le32_to_cpu(attr->sustained_freq_khz);
> dom_info->sustained_perf_level =
> le32_to_cpu(attr->sustained_perf_level);
> - dom_info->mult_factor = (dom_info->sustained_freq_khz * 1000) /
> + if (!dom_info->sustained_freq_khz ||
> + !dom_info->sustained_perf_level)
> + /* CPUFreq converts to kHz, hence default 1000 */
> + dom_info->mult_factor = 1000;
> + else
> + dom_info->mult_factor =
> + (dom_info->sustained_freq_khz * 1000) /
> dom_info->sustained_perf_level;
> memcpy(dom_info->name, attr->name, SCMI_MAX_STR_SIZE);
I noticed you do memcpy of these name strings in a few places, and use
it as a string. Any firmware that would return a non-terminated string
would cause problems later on. strlcpy() might be a better approach.
-Olof
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH v2] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
2018-09-06 16:59 ` Olof Johansson
@ 2018-09-06 17:11 ` Sudeep Holla
-1 siblings, 0 replies; 12+ messages in thread
From: Sudeep Holla @ 2018-09-06 17:11 UTC (permalink / raw)
To: Olof Johansson
Cc: Sudeep Holla, arm, linux-kernel, linux-arm-kernel,
Ionela Voinescu, Quentin Perret, Kevin Hilman, Arnd Bergmann
On 06/09/18 17:59, Olof Johansson wrote:
> Hi,
>
> On Thu, Sep 06, 2018 at 04:10:39PM +0100, Sudeep Holla wrote:
>> Firmware can provide zero as values for sustained performance level and
>> corresponding sustained frequency in kHz in order to hide the actual
>> frequencies and provide only abstract values. It may endup with divide
>> by zero scenario resulting in kernel panic.
>>
>> Let's set the multiplication factor to one if either one or both of them
>> (sustained_perf_level and sustained_freq) are set to zero.
>>
>> Fixes: a9e3fbfaa0ff ("firmware: arm_scmi: add initial support for performance protocol")
>> Reported-by: Ionela Voinescu <ionela.voinescu@arm.com>
>> Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
>> ---
>> drivers/firmware/arm_scmi/perf.c | 8 +++++++-
>> 1 file changed, 7 insertions(+), 1 deletion(-)
>>
>> Hi ARM SoC team,
>>
>> Can you pick this patch directly ?
>
> Applied, however:
>
Thanks.
>> diff --git a/drivers/firmware/arm_scmi/perf.c b/drivers/firmware/arm_scmi/perf.c
>> index 721e6c57beae..64342944d917 100644
>> --- a/drivers/firmware/arm_scmi/perf.c
>> +++ b/drivers/firmware/arm_scmi/perf.c
>> @@ -166,7 +166,13 @@ scmi_perf_domain_attributes_get(const struct scmi_handle *handle, u32 domain,
>> le32_to_cpu(attr->sustained_freq_khz);
>> dom_info->sustained_perf_level =
>> le32_to_cpu(attr->sustained_perf_level);
>> - dom_info->mult_factor = (dom_info->sustained_freq_khz * 1000) /
>> + if (!dom_info->sustained_freq_khz ||
>> + !dom_info->sustained_perf_level)
>> + /* CPUFreq converts to kHz, hence default 1000 */
>> + dom_info->mult_factor = 1000;
>> + else
>> + dom_info->mult_factor =
>> + (dom_info->sustained_freq_khz * 1000) /
>> dom_info->sustained_perf_level;
>> memcpy(dom_info->name, attr->name, SCMI_MAX_STR_SIZE);
>
> I noticed you do memcpy of these name strings in a few places, and use
> it as a string. Any firmware that would return a non-terminated string
> would cause problems later on. strlcpy() might be a better approach.
>
I seem to have assumed firmware always conforms to the definition: "Null
terminated ASCII string of up to 16 bytes in length" when I initially
wrote this.
Thanks for the finding this and the suggestion, it's always safer to
protect against firmware bugs. I will find all the occurrences and fix them.
--
Regards,
Sudeep
^ permalink raw reply [flat|nested] 12+ messages in thread
* [PATCH v2] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
@ 2018-09-06 17:11 ` Sudeep Holla
0 siblings, 0 replies; 12+ messages in thread
From: Sudeep Holla @ 2018-09-06 17:11 UTC (permalink / raw)
To: linux-arm-kernel
On 06/09/18 17:59, Olof Johansson wrote:
> Hi,
>
> On Thu, Sep 06, 2018 at 04:10:39PM +0100, Sudeep Holla wrote:
>> Firmware can provide zero as values for sustained performance level and
>> corresponding sustained frequency in kHz in order to hide the actual
>> frequencies and provide only abstract values. It may endup with divide
>> by zero scenario resulting in kernel panic.
>>
>> Let's set the multiplication factor to one if either one or both of them
>> (sustained_perf_level and sustained_freq) are set to zero.
>>
>> Fixes: a9e3fbfaa0ff ("firmware: arm_scmi: add initial support for performance protocol")
>> Reported-by: Ionela Voinescu <ionela.voinescu@arm.com>
>> Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
>> ---
>> drivers/firmware/arm_scmi/perf.c | 8 +++++++-
>> 1 file changed, 7 insertions(+), 1 deletion(-)
>>
>> Hi ARM SoC team,
>>
>> Can you pick this patch directly ?
>
> Applied, however:
>
Thanks.
>> diff --git a/drivers/firmware/arm_scmi/perf.c b/drivers/firmware/arm_scmi/perf.c
>> index 721e6c57beae..64342944d917 100644
>> --- a/drivers/firmware/arm_scmi/perf.c
>> +++ b/drivers/firmware/arm_scmi/perf.c
>> @@ -166,7 +166,13 @@ scmi_perf_domain_attributes_get(const struct scmi_handle *handle, u32 domain,
>> le32_to_cpu(attr->sustained_freq_khz);
>> dom_info->sustained_perf_level =
>> le32_to_cpu(attr->sustained_perf_level);
>> - dom_info->mult_factor = (dom_info->sustained_freq_khz * 1000) /
>> + if (!dom_info->sustained_freq_khz ||
>> + !dom_info->sustained_perf_level)
>> + /* CPUFreq converts to kHz, hence default 1000 */
>> + dom_info->mult_factor = 1000;
>> + else
>> + dom_info->mult_factor =
>> + (dom_info->sustained_freq_khz * 1000) /
>> dom_info->sustained_perf_level;
>> memcpy(dom_info->name, attr->name, SCMI_MAX_STR_SIZE);
>
> I noticed you do memcpy of these name strings in a few places, and use
> it as a string. Any firmware that would return a non-terminated string
> would cause problems later on. strlcpy() might be a better approach.
>
I seem to have assumed firmware always conforms to the definition: "Null
terminated ASCII string of up to 16 bytes in length" when I initially
wrote this.
Thanks for the finding this and the suggestion, it's always safer to
protect against firmware bugs. I will find all the occurrences and fix them.
--
Regards,
Sudeep
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2018-09-06 17:12 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-09-05 16:38 [PATCH] firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero Sudeep Holla
2018-09-05 16:38 ` Sudeep Holla
2018-09-06 13:17 ` Quentin Perret
2018-09-06 13:17 ` Quentin Perret
2018-09-06 14:38 ` Sudeep Holla
2018-09-06 14:38 ` Sudeep Holla
2018-09-06 15:10 ` [PATCH v2] " Sudeep Holla
2018-09-06 15:10 ` Sudeep Holla
2018-09-06 16:59 ` Olof Johansson
2018-09-06 16:59 ` Olof Johansson
2018-09-06 17:11 ` Sudeep Holla
2018-09-06 17:11 ` Sudeep Holla
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.