| Message ID | 20200607155408.958437-22-jic23@kernel.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | IIO: Fused set 1 and 2 of timestamp alignment fixes | expand |
On Sun, Jun 07, 2020 at 04:53:57PM +0100, Jonathan Cameron wrote: > From: Jonathan Cameron <Jonathan.Cameron@huawei.com> > > One of a class of bugs pointed out by Lars in a recent review. > iio_push_to_buffers_with_timestamp assumes the buffer used is aligned > to the size of the timestamp (8 bytes). This is not guaranteed in > this driver which uses an array of smaller elements on the stack. > Here there is no data leak possibility so use an explicit structure > on the stack to ensure alignment and nice readable fashion. > > The forced alignment of ts isn't strictly necessary in this driver > as the padding will be correct anyway (there isn't any). However > it is probably less fragile to have it there and it acts as > documentation of the requirement. > Looks good. Acked-by: Tomasz Duszynski <tomasz.duszynski@octakon.com> > Fixes: 713bbb4efb9dc ("iio: pressure: ms5611: Add triggered buffer support") > Reported-by: Lars-Peter Clausen <lars@metafoo.de> > Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> > --- > drivers/iio/pressure/ms5611_core.c | 11 ++++++++--- > 1 file changed, 8 insertions(+), 3 deletions(-) > > diff --git a/drivers/iio/pressure/ms5611_core.c b/drivers/iio/pressure/ms5611_core.c > index d451bb9dffc8..214b0d25f598 100644 > --- a/drivers/iio/pressure/ms5611_core.c > +++ b/drivers/iio/pressure/ms5611_core.c > @@ -212,16 +212,21 @@ static irqreturn_t ms5611_trigger_handler(int irq, void *p) > struct iio_poll_func *pf = p; > struct iio_dev *indio_dev = pf->indio_dev; > struct ms5611_state *st = iio_priv(indio_dev); > - s32 buf[4]; /* s32 (pressure) + s32 (temp) + 2 * s32 (timestamp) */ > + /* Ensure buffer elements are naturally aligned */ > + struct { > + s32 channels[2]; > + s64 ts __aligned(8); > + } scan; > int ret; > > mutex_lock(&st->lock); > - ret = ms5611_read_temp_and_pressure(indio_dev, &buf[1], &buf[0]); > + ret = ms5611_read_temp_and_pressure(indio_dev, &scan.channels[1], > + &scan.channels[0]); > mutex_unlock(&st->lock); > if (ret < 0) > goto err; > > - iio_push_to_buffers_with_timestamp(indio_dev, buf, > + iio_push_to_buffers_with_timestamp(indio_dev, &scan, > iio_get_time_ns(indio_dev)); > > err: > -- > 2.26.2 >
On Sun, 7 Jun 2020 20:03:13 +0200 Tomasz Duszynski <tomasz.duszynski@octakon.com> wrote: > On Sun, Jun 07, 2020 at 04:53:57PM +0100, Jonathan Cameron wrote: > > From: Jonathan Cameron <Jonathan.Cameron@huawei.com> > > > > One of a class of bugs pointed out by Lars in a recent review. > > iio_push_to_buffers_with_timestamp assumes the buffer used is aligned > > to the size of the timestamp (8 bytes). This is not guaranteed in > > this driver which uses an array of smaller elements on the stack. > > Here there is no data leak possibility so use an explicit structure > > on the stack to ensure alignment and nice readable fashion. > > > > The forced alignment of ts isn't strictly necessary in this driver > > as the padding will be correct anyway (there isn't any). However > > it is probably less fragile to have it there and it acts as > > documentation of the requirement. > > > > Looks good. > Acked-by: Tomasz Duszynski <tomasz.duszynski@octakon.com> Applied to the fixes-togreg branch of iio.git and marked for stable. I'm picking up those patch in the series for which I have an ack to cut down on the number we need to consider in the next version. Thanks, Jonathan > > > Fixes: 713bbb4efb9dc ("iio: pressure: ms5611: Add triggered buffer support") > > Reported-by: Lars-Peter Clausen <lars@metafoo.de> > > Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> > > --- > > drivers/iio/pressure/ms5611_core.c | 11 ++++++++--- > > 1 file changed, 8 insertions(+), 3 deletions(-) > > > > diff --git a/drivers/iio/pressure/ms5611_core.c b/drivers/iio/pressure/ms5611_core.c > > index d451bb9dffc8..214b0d25f598 100644 > > --- a/drivers/iio/pressure/ms5611_core.c > > +++ b/drivers/iio/pressure/ms5611_core.c > > @@ -212,16 +212,21 @@ static irqreturn_t ms5611_trigger_handler(int irq, void *p) > > struct iio_poll_func *pf = p; > > struct iio_dev *indio_dev = pf->indio_dev; > > struct ms5611_state *st = iio_priv(indio_dev); > > - s32 buf[4]; /* s32 (pressure) + s32 (temp) + 2 * s32 (timestamp) */ > > + /* Ensure buffer elements are naturally aligned */ > > + struct { > > + s32 channels[2]; > > + s64 ts __aligned(8); > > + } scan; > > int ret; > > > > mutex_lock(&st->lock); > > - ret = ms5611_read_temp_and_pressure(indio_dev, &buf[1], &buf[0]); > > + ret = ms5611_read_temp_and_pressure(indio_dev, &scan.channels[1], > > + &scan.channels[0]); > > mutex_unlock(&st->lock); > > if (ret < 0) > > goto err; > > > > - iio_push_to_buffers_with_timestamp(indio_dev, buf, > > + iio_push_to_buffers_with_timestamp(indio_dev, &scan, > > iio_get_time_ns(indio_dev)); > > > > err: > > -- > > 2.26.2 > >
diff --git a/drivers/iio/pressure/ms5611_core.c b/drivers/iio/pressure/ms5611_core.c index d451bb9dffc8..214b0d25f598 100644 --- a/drivers/iio/pressure/ms5611_core.c +++ b/drivers/iio/pressure/ms5611_core.c @@ -212,16 +212,21 @@ static irqreturn_t ms5611_trigger_handler(int irq, void *p) struct iio_poll_func *pf = p; struct iio_dev *indio_dev = pf->indio_dev; struct ms5611_state *st = iio_priv(indio_dev); - s32 buf[4]; /* s32 (pressure) + s32 (temp) + 2 * s32 (timestamp) */ + /* Ensure buffer elements are naturally aligned */ + struct { + s32 channels[2]; + s64 ts __aligned(8); + } scan; int ret; mutex_lock(&st->lock); - ret = ms5611_read_temp_and_pressure(indio_dev, &buf[1], &buf[0]); + ret = ms5611_read_temp_and_pressure(indio_dev, &scan.channels[1], + &scan.channels[0]); mutex_unlock(&st->lock); if (ret < 0) goto err; - iio_push_to_buffers_with_timestamp(indio_dev, buf, + iio_push_to_buffers_with_timestamp(indio_dev, &scan, iio_get_time_ns(indio_dev)); err: