[PATCH v2] regmap: fix alignment issues

[PATCH v2] regmap: fix alignment issues

[Jens Thoms Toerring]

The assembly and disassembly of data to be sent to or received from a
device invoke functions (regmap_format_XXX() and regmap_parse_XXX())
that extract or insert data items into a buffer. In some cases these
functions are invoked with buffer pointers with odd addresses but try
to directly assign from or to those address. On architectures with
strict alignment requirements this leads to kernel crashes for u16 and
u32 values. The assignments have are replaced by memcpy() calls.

Signed-off-by: Jens Thoms Toerring <jt@toerring.de>
---
 drivers/base/regmap/regmap.c | 40 ++++++++++++++++++++++++----------------
 1 file changed, 24 insertions(+), 16 deletions(-)

diff --git a/drivers/base/regmap/regmap.c b/drivers/base/regmap/regmap.c
index 58cfb32..d495ce1 100644
--- a/drivers/base/regmap/regmap.c
+++ b/drivers/base/regmap/regmap.c
@@ -193,15 +193,17 @@ static void regmap_format_8(void *buf, unsigned int val, unsigned int shift)
 
 static void regmap_format_16_be(void *buf, unsigned int val, unsigned int shift)
 {
-	__be16 *b = buf;
+	__be16 v = cpu_to_be16(val << shift);
 
-	b[0] = cpu_to_be16(val << shift);
+	memcpy(buf, &v, sizeof(v));
 }
 
 static void regmap_format_16_native(void *buf, unsigned int val,
 				    unsigned int shift)
 {
-	*(u16 *)buf = val << shift;
+	u16 v = val << shift;
+
+	memcpy(buf, &v, sizeof(v));
 }
 
 static void regmap_format_24(void *buf, unsigned int val, unsigned int shift)
@@ -217,15 +219,17 @@ static void regmap_format_24(void *buf, unsigned int val, unsigned int shift)
 
 static void regmap_format_32_be(void *buf, unsigned int val, unsigned int shift)
 {
-	__be32 *b = buf;
+	__be32 v = cpu_to_be32(val << shift);
 
-	b[0] = cpu_to_be32(val << shift);
+	memcpy(buf, &v, sizeof(v));
 }
 
 static void regmap_format_32_native(void *buf, unsigned int val,
 				    unsigned int shift)
 {
-	*(u32 *)buf = val << shift;
+	u32 v = val << shift;
+
+	memcpy(buf, &v, sizeof(v));
 }
 
 static unsigned int regmap_parse_8(void *buf)
@@ -237,16 +241,18 @@ static unsigned int regmap_parse_8(void *buf)
 
 static unsigned int regmap_parse_16_be(void *buf)
 {
-	__be16 *b = buf;
+	__be16 v;
 
-	b[0] = be16_to_cpu(b[0]);
-
-	return b[0];
+	memcpy(&v, buf, sizeof(v));
+	return be16_to_cpu(v);
 }
 
 static unsigned int regmap_parse_16_native(void *buf)
 {
-	return *(u16 *)buf;
+	u16 v;
+
+	memcpy(&v, buf, sizeof(v));
+	return v;
 }
 
 static unsigned int regmap_parse_24(void *buf)
@@ -261,16 +267,18 @@ static unsigned int regmap_parse_24(void *buf)
 
 static unsigned int regmap_parse_32_be(void *buf)
 {
-	__be32 *b = buf;
-
-	b[0] = be32_to_cpu(b[0]);
+	__be32 v;
 
-	return b[0];
+	memcpy(&v, buf, sizeof(v));
+	return be32_to_cpu(v);
 }
 
 static unsigned int regmap_parse_32_native(void *buf)
 {
-	return *(u32 *)buf;
+	u32 v;
+
+	memcpy(&v, buf, sizeof(v));
+	return v;
 }
 
 static void regmap_lock_mutex(void *__map)
-- 
1.9.1

Re: [PATCH v2] regmap: fix alignment issues

[Jens Thoms Toerring]

On Tue, May 26, 2020 at 01:42:36AM +0300, Andy Shevchenko wrote:
> On Tuesday, May 26, 2020, Jens Thoms Toerring <jt@toerring.de> wrote:
> 
> > The assembly and disassembly of data to be sent to or received from a
> > device invoke functions (regmap_format_XXX() and regmap_parse_XXX())
> > that extract or insert data items into a buffer. In some cases these
> > functions are invoked with buffer pointers with odd addresses but try
> > to directly assign from or to those address. On architectures with
> > strict alignment requirements this leads to kernel crashes for u16 and
> > u32 values. The assignments have are replaced by memcpy() calls.
> >
> >
> Don't we have put_/get_unaligned_b/leXX() for this?

Nice, didn't know about them, thank you. Will amend the patch.

-- 
  \   Jens Thoms Toerring  ________      jt@toerring.de
   \_______________________________      http://toerring.de