The early bail out that caused an out-of-bounds write was removed with
commit 5c018e378f91 ("spi: spi-rockchip: Fix out of bounds array
access")
Unfortunately that caused the PM runtime count to be unbalanced and
underflowed on the first call. To fix that reintroduce a no-op check
by reading the register directly.
Cc: stable@xxxxxxxxxxxxxxx
Fixes: 5c018e378f91 ("spi: spi-rockchip: Fix out of bounds array access")
Signed-off-by: Christian Loehle <christian.loehle@xxxxxxx>
---
Not particularly happy with it, it's just the most straightforward
fix for the issue at hand. I couldn't quite convince myself that
no-op rockchip_spi_set_cs() are 100% ruled out just from spi.c after
the first call either, but maybe someone more familiar with the code
can. I have only seen the issue for the first call / during boot FWIW.
Any more elegant fix suggestions welcome! The other host controller
drivers don't need the read before CS change, so this shouldn't really
either.
drivers/spi/spi-rockchip.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/drivers/spi/spi-rockchip.c b/drivers/spi/spi-rockchip.c
index 864e58167417..1bc012fce7cb 100644
--- a/drivers/spi/spi-rockchip.c
+++ b/drivers/spi/spi-rockchip.c
@@ -241,6 +241,20 @@ static void rockchip_spi_set_cs(struct spi_device *spi, bool enable)
struct spi_controller *ctlr = spi->controller;
struct rockchip_spi *rs = spi_controller_get_devdata(ctlr);
bool cs_asserted = spi->mode & SPI_CS_HIGH ? enable : !enable;
+ bool cs_actual;
+
+ /*
+ * SPI subsystem tries to avoid no-op calls that would break the PM
+ * refcount below. It can't however for the first time it is used.
+ * To detect this case we read it here and bail out early for no-ops.
+ */
+ if (spi_get_csgpiod(spi, 0))
+ cs_actual = !!(readl_relaxed(rs->regs + ROCKCHIP_SPI_SER) & 1);
+ else
+ cs_actual = !!(readl_relaxed(rs->regs + ROCKCHIP_SPI_SER) &
+ BIT(spi_get_chipselect(spi, 0)));
+ if (unlikely(cs_actual == cs_asserted))
+ return;
if (cs_asserted) {
/* Keep things powered as long as CS is asserted */
--
2.34.1
[PATCH] spi: rockchip: Fix PM runtime count on no-op cs
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: [PATCH] spi: rockchip: Fix PM runtime count on no-op cs
- From: Christian Loehle <christian.loehle@xxxxxxx>
- Date: Fri, 6 Dec 2024 19:50:55 +0000
- Cc: linux-spi@xxxxxxxxxxxxxxx, linux-arm-kernel@xxxxxxxxxxxxxxxxxxx, linux-rockchip@xxxxxxxxxxxxxxxxxxx, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>
- User-agent: Mozilla Thunderbird
- Follow-Ups:
- Re: [PATCH] spi: rockchip: Fix PM runtime count on no-op cs
- From: Mark Brown
- Re: [PATCH] spi: rockchip: Fix PM runtime count on no-op cs
- Prev by Date: [GIT PULL] SPI fixes for v6.13-rc1
- Next by Date: [PATCH v3 04/13] dt-bindings: serial: atmel,at91-usart: add microchip,sama7d65-usart
- Previous by thread: [GIT PULL] SPI fixes for v6.13-rc1
- Next by thread: Re: [PATCH] spi: rockchip: Fix PM runtime count on no-op cs
- Index(es):
 |