korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-25 05:04:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

AT24 fixes for v4.15

Browse Source 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEFp3rbAvDxGAT0sefEacuoBRx13IFAlofxdUACgkQEacuoBRx
 13JvfA//bB7nUyvHlglfYMOq6z4O3L7IB5bbWs+Z5hoccR0nsnYPXwe3huIyuxBa
 vQLgztqpyzcsT3LYDWS7sD/NQQoHF0it2ZOSRl7pYo83I1KXeKcbimDp3NmurG89
 kx8AEtdhD4XkP/E7IwCsYlO7xTms0d9hShoyy0+0/GB4St5u+NOip+zT3TQVjJBS
 +ChnHMala2WBQji0wXmfOwFGHGEeEZXx5ZdrIheEiedFgOV0k7r/9IwaHVfh+DUb
 Lyb8fRCqTWwUblyky8nybSAtl4ki4jU5FJhiPsa3tI0MO2Vt5kzwWHYCYyQXo8D5
 BEYW1gsFY2R2SV/QF3SNmfWK+HQLgZl+MYzslCd25GiSDFD4mMhRvi85twig8mC8
 w86oaY22IVPAh5aUeF7W1FyRdYmAESsG2gOOG5dyxf8XPeGL7IqaV+GJkj2tPTdC
 OQ9q2hnO08e10e7Nub4k6NCWrIXK4WdNSjyRJz7DE2bvhWtYtnlDB3pCSKpxRNp7
 6aHOMKHnJyNsGIGYmfq7/Zyq511EtYux3xSAZa3NwnnukEE5CeHnYleO4IXXBxNU
 reVIq14QZ5AngT0QF7p+oE0evf2bqeNrv8i2UFF/qqtEA6mCbYnVsgu0+vzuy31t
 k1X/PkfAgQLdqI5TDDABP3y++PSfdWp07hIdlG9wPKVlwjFj2z8=
 =ldzq
 -----END PGP SIGNATURE-----

Merge tag 'at24-4.15-fixes-for-wolfram' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux into i2c/for-current

Please consider pulling the following fixes for v4.15. While it doesn't
fix any regression introduced in the v4.15 merge window, we have a
feature in at24 since linux v4.8 - reading the mac address block from
at24mac series - which turned out to be not working.

This pull request contains changes that fix it together with a patch
that hardens the read and write argument sanitization with
out-of-bounds checks that were missing.
This commit is contained in:
Wolfram Sang 2017-12-02 23:32:13 +01:00
commit edef30980d
1 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
drivers/misc/eeprom/at24.c
View File

@ -425,7 +425,8 @@ static ssize_t at24_eeprom_read_mac(struct at24_data *at24, char *buf,
memset(msg, 0, sizeof(msg));
msg[0].addr = client->addr;
msg[0].buf = addrbuf;
addrbuf[0] = 0x90 + offset;
/* EUI-48 starts from 0x9a, EUI-64 from 0x98 */
addrbuf[0] = 0xa0 - at24->chip.byte_len + offset;
msg[0].len = 1;
msg[1].addr = client->addr;
msg[1].flags = I2C_M_RD;
@ -568,6 +569,9 @@ static int at24_read(void *priv, unsigned int off, void *val, size_t count)
if (unlikely(!count))
return count;
if (off + count > at24->chip.byte_len)
return -EINVAL;
client = at24_translate_offset(at24, &off);
ret = pm_runtime_get_sync(&client->dev);
@ -613,6 +617,9 @@ static int at24_write(void *priv, unsigned int off, void *val, size_t count)
if (unlikely(!count))
return -EINVAL;
if (off + count > at24->chip.byte_len)
return -EINVAL;
client = at24_translate_offset(at24, &off);
ret = pm_runtime_get_sync(&client->dev);
@ -730,6 +737,16 @@ static int at24_probe(struct i2c_client *client, const struct i2c_device_id *id)
dev_warn(&client->dev,
"page_size looks suspicious (no power of 2)!\n");
/*
* REVISIT: the size of the EUI-48 byte array is 6 in at24mac402, while
* the call to ilog2() in AT24_DEVICE_MAGIC() rounds it down to 4.
*
* Eventually we'll get rid of the magic values altoghether in favor of
* real structs, but for now just manually set the right size.
*/
if (chip.flags & AT24_FLAG_MAC && chip.byte_len == 4)
chip.byte_len = 6;
/* Use I2C operations unless we're stuck with SMBus extensions. */
if (!i2c_check_functionality(client->adapter, I2C_FUNC_I2C)) {
if (chip.flags & AT24_FLAG_ADDR16)