The raw message frame length is unaligned and explicitly marked as
little endian. It should not be accessed without the appropriate
accessor functions. Fix this.
Note that payload.len already contains the correct length after parsing
via sshp_parse_frame(), so we can simply use that instead.
Reported-by: kernel-test-robot <lkp@xxxxxxxxx>
Fixes: c167b9c7e3d6 ("platform/surface: Add Surface Aggregator subsystem")
Signed-off-by: Maximilian Luz <luzmaximilian@xxxxxxxxx>
---
Changes in v2:
- Use payload.len instead of getting the frame length directly. Note
that payload.len equals the frame length and is already correctly set
in sshp_parse_frame(), so they are exactly the same thing. Makes it
look a bit nicer though.
I did drop the ACKs/Reveiewd-by in case you want to check that
yourselves and since that's essentially the whole change.
---
drivers/platform/surface/aggregator/ssh_packet_layer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/platform/surface/aggregator/ssh_packet_layer.c b/drivers/platform/surface/aggregator/ssh_packet_layer.c
index 583315db8b02..15d96eac6811 100644
--- a/drivers/platform/surface/aggregator/ssh_packet_layer.c
+++ b/drivers/platform/surface/aggregator/ssh_packet_layer.c
@@ -1774,7 +1774,7 @@ static size_t ssh_ptl_rx_eval(struct ssh_ptl *ptl, struct ssam_span *source)
break;
}
- return aligned.ptr - source->ptr + SSH_MESSAGE_LENGTH(frame->len);
+ return aligned.ptr - source->ptr + SSH_MESSAGE_LENGTH(payload.len);
}
static int ssh_ptl_rx_threadfn(void *data)
--
2.30.0
