* Re: [PATCH] tpm_crb: initialise priv->cmd_size sooner
[not found] ` <20170616194848.232936-1-manuel.lauss-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2017-06-19 0:13 ` Jarkko Sakkinen
0 siblings, 0 replies; only message in thread
From: Jarkko Sakkinen @ 2017-06-19 0:13 UTC (permalink / raw)
To: Manuel Lauss, Peter Huewe, Marcel Selhorst, Jason Gunthorpe,
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
On Fri, 2017-06-16 at 21:48 +0200, Manuel Lauss wrote:
> priv->cmd_size is never initialised if the cmd and rsp buffers reside
> at different addresses. Move initialisation to right after the buffer
> was mapped.
>
> This bug was introduced by commit aa77ea0e43dc5bb0c1dcc9bad76afa
> ("tpm/tpm_crb: cache cmd_size register value.").
Please, use a Fixes tag.
> Signed-off-by: Manuel Lauss <manuel.lauss-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
> ---
> drivers/char/tpm/tpm_crb.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm_crb.c b/drivers/char/tpm/tpm_crb.c
> index b917b9d5f710..17d846d00417 100644
> --- a/drivers/char/tpm/tpm_crb.c
> +++ b/drivers/char/tpm/tpm_crb.c
> @@ -495,6 +495,8 @@ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv,
> goto out;
> }
>
> + priv->cmd_size = cmd_size;
> +
Should be done only if rsp is succesfully mapped.
> memcpy_fromio(&rsp_pa, &priv->regs_t->ctrl_rsp_pa, 8);
> rsp_pa = le64_to_cpu(rsp_pa);
> rsp_size = crb_fixup_cmd_size(dev, &io_res, rsp_pa,
> @@ -515,8 +517,6 @@ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv,
> goto out;
> }
>
> - priv->cmd_size = cmd_size;
> -
> priv->rsp = priv->cmd;
>
> out:
/Jarkko
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
^ permalink raw reply [flat|nested] only message in thread