Re: [PATCH] tpm_crb: initialise priv->cmd_size sooner

* Re: [PATCH] tpm_crb: initialise priv->cmd_size sooner
       [not found] ` <20170616194848.232936-1-manuel.lauss-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2017-06-19  0:13   ` Jarkko Sakkinen
  0 siblings, 0 replies; only message in thread
From: Jarkko Sakkinen @ 2017-06-19  0:13 UTC (permalink / raw)
  To: Manuel Lauss, Peter Huewe, Marcel Selhorst, Jason Gunthorpe,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f

On Fri, 2017-06-16 at 21:48 +0200, Manuel Lauss wrote:
> priv->cmd_size is never initialised if  the cmd and rsp buffers reside
> at different addresses.  Move initialisation to right after the buffer
> was mapped.
> 
> This bug was introduced by commit aa77ea0e43dc5bb0c1dcc9bad76afa
> ("tpm/tpm_crb: cache cmd_size register value.").

Please, use a Fixes tag.

> Signed-off-by: Manuel Lauss <manuel.lauss-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
> ---
>  drivers/char/tpm/tpm_crb.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/char/tpm/tpm_crb.c b/drivers/char/tpm/tpm_crb.c
> index b917b9d5f710..17d846d00417 100644
> --- a/drivers/char/tpm/tpm_crb.c
> +++ b/drivers/char/tpm/tpm_crb.c
> @@ -495,6 +495,8 @@ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv,
>  		goto out;
>  	}
>  
> +	priv->cmd_size = cmd_size;
> +

Should be done only if rsp is succesfully mapped.

>  	memcpy_fromio(&rsp_pa, &priv->regs_t->ctrl_rsp_pa, 8);
>  	rsp_pa = le64_to_cpu(rsp_pa);
>  	rsp_size = crb_fixup_cmd_size(dev, &io_res, rsp_pa,
> @@ -515,8 +517,6 @@ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv,
>  		goto out;
>  	}
>  
> -	priv->cmd_size = cmd_size;
> -
>  	priv->rsp = priv->cmd;
>  
>  out:

/Jarkko

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

^ permalink raw reply	[flat|nested] only message in thread