Patch "[media] tc358743: fix register i2c_rd/wr functions" has been added to the 4.9-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    [media] tc358743: fix register i2c_rd/wr functions

to the 4.9-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     tc358743-fix-register-i2c_rd-wr-functions.patch
and it can be found in the queue-4.9 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From 3538aa6ecfb2dd727a40f9ebbbf25a0c2afe6226 Mon Sep 17 00:00:00 2001
From: Arnd Bergmann <arnd@xxxxxxxx>
Date: Wed, 8 Feb 2017 19:14:13 -0200
Subject: [media] tc358743: fix register i2c_rd/wr functions

From: Arnd Bergmann <arnd@xxxxxxxx>

commit 3538aa6ecfb2dd727a40f9ebbbf25a0c2afe6226 upstream.

While testing with CONFIG_UBSAN, I got this warning:

drivers/media/i2c/tc358743.c: In function 'tc358743_probe':
drivers/media/i2c/tc358743.c:1930:1: error: the frame size of 2480 bytes is larger than 2048 bytes [-Werror=frame-larger-than=]

The problem is that the i2c_rd8/wr8/rd16/... functions in this driver pass
a pointer to a local variable into a common function, and each call to one
of them adds another variable plus redzone to the stack.

I also noticed that the way this is done is broken on big-endian machines,
as we copy the registers in CPU byte order.

To address both those problems, I'm adding two helper functions for reading
a register of up to 32 bits with correct endianess and change all other
functions to use that instead. Just to be sure we don't get the problem
back with changed optimizations in gcc, I'm also marking the new functions
as 'noinline', although my tests with gcc-7 don't require that.

Signed-off-by: Arnd Bergmann <arnd@xxxxxxxx>
Signed-off-by: Hans Verkuil <hans.verkuil@xxxxxxxxx>
Signed-off-by: Mauro Carvalho Chehab <mchehab@xxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
 drivers/media/i2c/tc358743.c |   46 +++++++++++++++++++++++--------------------
 1 file changed, 25 insertions(+), 21 deletions(-)

--- a/drivers/media/i2c/tc358743.c
+++ b/drivers/media/i2c/tc358743.c
@@ -193,57 +193,61 @@ static void i2c_wr(struct v4l2_subdev *s
 	}
 }
 
-static u8 i2c_rd8(struct v4l2_subdev *sd, u16 reg)
+static noinline u32 i2c_rdreg(struct v4l2_subdev *sd, u16 reg, u32 n)
 {
-	u8 val;
+	__le32 val = 0;
 
-	i2c_rd(sd, reg, &val, 1);
+	i2c_rd(sd, reg, (u8 __force *)&val, n);
 
-	return val;
+	return le32_to_cpu(val);
+}
+
+static noinline void i2c_wrreg(struct v4l2_subdev *sd, u16 reg, u32 val, u32 n)
+{
+	__le32 raw = cpu_to_le32(val);
+
+	i2c_wr(sd, reg, (u8 __force *)&raw, n);
+}
+
+static u8 i2c_rd8(struct v4l2_subdev *sd, u16 reg)
+{
+	return i2c_rdreg(sd, reg, 1);
 }
 
 static void i2c_wr8(struct v4l2_subdev *sd, u16 reg, u8 val)
 {
-	i2c_wr(sd, reg, &val, 1);
+	i2c_wrreg(sd, reg, val, 1);
 }
 
 static void i2c_wr8_and_or(struct v4l2_subdev *sd, u16 reg,
 		u8 mask, u8 val)
 {
-	i2c_wr8(sd, reg, (i2c_rd8(sd, reg) & mask) | val);
+	i2c_wrreg(sd, reg, (i2c_rdreg(sd, reg, 2) & mask) | val, 2);
 }
 
 static u16 i2c_rd16(struct v4l2_subdev *sd, u16 reg)
 {
-	u16 val;
-
-	i2c_rd(sd, reg, (u8 *)&val, 2);
-
-	return val;
+	return i2c_rdreg(sd, reg, 2);
 }
 
 static void i2c_wr16(struct v4l2_subdev *sd, u16 reg, u16 val)
 {
-	i2c_wr(sd, reg, (u8 *)&val, 2);
+	i2c_wrreg(sd, reg, val, 2);
 }
 
 static void i2c_wr16_and_or(struct v4l2_subdev *sd, u16 reg, u16 mask, u16 val)
 {
-	i2c_wr16(sd, reg, (i2c_rd16(sd, reg) & mask) | val);
+	i2c_wrreg(sd, reg, (i2c_rdreg(sd, reg, 2) & mask) | val, 2);
 }
 
 static u32 i2c_rd32(struct v4l2_subdev *sd, u16 reg)
 {
-	u32 val;
-
-	i2c_rd(sd, reg, (u8 *)&val, 4);
-
-	return val;
+	return i2c_rdreg(sd, reg, 4);
 }
 
 static void i2c_wr32(struct v4l2_subdev *sd, u16 reg, u32 val)
 {
-	i2c_wr(sd, reg, (u8 *)&val, 4);
+	i2c_wrreg(sd, reg, val, 4);
 }
 
 /* --------------- STATUS --------------- */
@@ -1236,7 +1240,7 @@ static int tc358743_g_register(struct v4
 
 	reg->size = tc358743_get_reg_size(reg->reg);
 
-	i2c_rd(sd, reg->reg, (u8 *)&reg->val, reg->size);
+	reg->val = i2c_rdreg(sd, reg->reg, reg->size);
 
 	return 0;
 }
@@ -1262,7 +1266,7 @@ static int tc358743_s_register(struct v4
 	    reg->reg == BCAPS)
 		return 0;
 
-	i2c_wr(sd, (u16)reg->reg, (u8 *)&reg->val,
+	i2c_wrreg(sd, (u16)reg->reg, reg->val,
 			tc358743_get_reg_size(reg->reg));
 
 	return 0;


Patches currently in stable-queue which might be from arnd@xxxxxxxx are

queue-4.9/kasan-rework-kconfig-settings.patch
queue-4.9/tw5864-use-dev_warn-instead-of-warn-to-shut-up-warning.patch
queue-4.9/perf-x86-shut-up-false-positive-wmaybe-uninitialized-warning.patch
queue-4.9/go7007-add-media_camera_support-dependency.patch
queue-4.9/scsi-advansys-fix-build-warning-for-pci-n.patch
queue-4.9/video-fbdev-via-remove-possibly-unused-variables.patch
queue-4.9/drm-exynos-mark-pm-functions-as-__maybe_unused.patch
queue-4.9/binfmt_elf-compat-avoid-unused-function-warning.patch
queue-4.9/idle-i7300-add-pci-dependency.patch
queue-4.9/cw1200-fix-bogus-maybe-uninitialized-warning.patch
queue-4.9/x86-build-silence-the-build-with-make-s.patch
queue-4.9/gpio-xgene-mark-pm-functions-as-__maybe_unused.patch
queue-4.9/kvm-add-x86_local_apic-dependency.patch
queue-4.9/reiserfs-avoid-a-wmaybe-uninitialized-warning.patch
queue-4.9/scsi-advansys-fix-uninitialized-data-access.patch
queue-4.9/drm-i915-fix-intel_backlight_device_register-declaration.patch
queue-4.9/spi-bcm-qspi-shut-up-warning-about-cfi-header-inclusion.patch
queue-4.9/asoc-ux500-add-module_license-tag.patch
queue-4.9/x86-microcode-amd-change-load_microcode_amd-s-param-to-bool-to-fix-preemptibility-bug.patch
queue-4.9/video-fbdev-mmp-add-module_license.patch
queue-4.9/usb-phy-msm-add-regulator-dependency.patch
queue-4.9/arm64-dts-add-cooling-cells-to-cpu-nodes.patch
queue-4.9/vmxnet3-prevent-building-with-64k-pages.patch
queue-4.9/x86-platform-add-pci-dependency-for-punit_atom_debug.patch
queue-4.9/alsa-hda-ca0132-fix-possible-null-pointer-use.patch
queue-4.9/thermal-fix-intel_soc_dts_iosf_core-dependencies.patch
queue-4.9/arm64-define-bug-instruction-without-config_bug.patch
queue-4.9/arm64-sunxi-always-enable-reset-controller.patch
queue-4.9/tc358743-fix-register-i2c_rd-wr-functions.patch
queue-4.9/security-keys-big_key-requires-config_crypto.patch
queue-4.9/drm-i915-hide-unused-intel_panel_set_backlight-function.patch
queue-4.9/x86-fpu-math-emu-fix-possible-uninitialized-variable-use.patch
queue-4.9/arm-8743-1-bl_switcher-add-module_license-tag.patch
queue-4.9/em28xx-only-use-mt9v011-if-camera-support-is-enabled.patch
queue-4.9/arm64-fix-warning-about-swapper_pg_dir-overflow.patch
queue-4.9/shmem-avoid-maybe-uninitialized-warning.patch
queue-4.9/input-tca8418_keypad-hide-gcc-4.9-wmaybe-uninitialized-warning.patch
queue-4.9/drm-nouveau-hide-gcc-4.9-wmaybe-uninitialized.patch
queue-4.9/x86-add-multiuser-dependency-for-kvm.patch
queue-4.9/isdn-eicon-reduce-stack-size-of-sig_ind-function.patch
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]