| Message ID | 20220513044143.1045728-8-tzungbi@kernel.org (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | bbd43a37ec7a02e81dc0afb2c6194957518a904b |
| Headers | show |
| Series | platform/chrome: get rid of BUG_ON() | expand |
On Thu, May 12, 2022 at 9:42 PM Tzung-Bi Shih <tzungbi@kernel.org> wrote: > > It is overkill to crash the kernel if the `din` buffer is going to full > or overflow. > > Drop the BUG_ON() and return -EINVAL instead. > > Signed-off-by: Tzung-Bi Shih <tzungbi@kernel.org> Reviewed-by: Guenter Roeck <groeck@chromium.org> > --- > Changes from v1: > - Separate from the original 6th patch. > > drivers/platform/chrome/cros_ec_spi.c | 9 ++++++--- > 1 file changed, 6 insertions(+), 3 deletions(-) > > diff --git a/drivers/platform/chrome/cros_ec_spi.c b/drivers/platform/chrome/cros_ec_spi.c > index 5264615f46af..7360b3ff6e4f 100644 > --- a/drivers/platform/chrome/cros_ec_spi.c > +++ b/drivers/platform/chrome/cros_ec_spi.c > @@ -160,7 +160,8 @@ static int receive_n_bytes(struct cros_ec_device *ec_dev, u8 *buf, int n) > struct spi_message msg; > int ret; > > - BUG_ON(buf - ec_dev->din + n > ec_dev->din_size); > + if (buf - ec_dev->din + n > ec_dev->din_size) > + return -EINVAL; > > memset(&trans, 0, sizeof(trans)); > trans.cs_change = 1; > @@ -197,7 +198,8 @@ static int cros_ec_spi_receive_packet(struct cros_ec_device *ec_dev, > unsigned long deadline; > int todo; > > - BUG_ON(ec_dev->din_size < EC_MSG_PREAMBLE_COUNT); > + if (ec_dev->din_size < EC_MSG_PREAMBLE_COUNT) > + return -EINVAL; > > /* Receive data until we see the header byte */ > deadline = jiffies + msecs_to_jiffies(EC_MSG_DEADLINE_MS); > @@ -304,7 +306,8 @@ static int cros_ec_spi_receive_response(struct cros_ec_device *ec_dev, > unsigned long deadline; > int todo; > > - BUG_ON(ec_dev->din_size < EC_MSG_PREAMBLE_COUNT); > + if (ec_dev->din_size < EC_MSG_PREAMBLE_COUNT) > + return -EINVAL; > > /* Receive data until we see the header byte */ > deadline = jiffies + msecs_to_jiffies(EC_MSG_DEADLINE_MS); > -- > 2.36.0.550.gb090851708-goog >
diff --git a/drivers/platform/chrome/cros_ec_spi.c b/drivers/platform/chrome/cros_ec_spi.c index 5264615f46af..7360b3ff6e4f 100644 --- a/drivers/platform/chrome/cros_ec_spi.c +++ b/drivers/platform/chrome/cros_ec_spi.c @@ -160,7 +160,8 @@ static int receive_n_bytes(struct cros_ec_device *ec_dev, u8 *buf, int n) struct spi_message msg; int ret; - BUG_ON(buf - ec_dev->din + n > ec_dev->din_size); + if (buf - ec_dev->din + n > ec_dev->din_size) + return -EINVAL; memset(&trans, 0, sizeof(trans)); trans.cs_change = 1; @@ -197,7 +198,8 @@ static int cros_ec_spi_receive_packet(struct cros_ec_device *ec_dev, unsigned long deadline; int todo; - BUG_ON(ec_dev->din_size < EC_MSG_PREAMBLE_COUNT); + if (ec_dev->din_size < EC_MSG_PREAMBLE_COUNT) + return -EINVAL; /* Receive data until we see the header byte */ deadline = jiffies + msecs_to_jiffies(EC_MSG_DEADLINE_MS); @@ -304,7 +306,8 @@ static int cros_ec_spi_receive_response(struct cros_ec_device *ec_dev, unsigned long deadline; int todo; - BUG_ON(ec_dev->din_size < EC_MSG_PREAMBLE_COUNT); + if (ec_dev->din_size < EC_MSG_PREAMBLE_COUNT) + return -EINVAL; /* Receive data until we see the header byte */ deadline = jiffies + msecs_to_jiffies(EC_MSG_DEADLINE_MS);
It is overkill to crash the kernel if the `din` buffer is going to full or overflow. Drop the BUG_ON() and return -EINVAL instead. Signed-off-by: Tzung-Bi Shih <tzungbi@kernel.org> --- Changes from v1: - Separate from the original 6th patch. drivers/platform/chrome/cros_ec_spi.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-)