| Message ID | 20240501084109.v3.1.I30fa4c8348ea316c886ef8a522a52fed617f930d@changeid (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | drm/mipi-dsi: Reduce bloat and add funcs for cleaner init seqs | expand |
On 01/05/2024 17:41, Douglas Anderson wrote: > The mipi_dsi_dcs_write_seq() macro makes a call to > mipi_dsi_dcs_write_buffer() which returns a type ssize_t. The macro > then stores it in an int and checks to see if it's negative. This > could theoretically be a problem if "ssize_t" is larger than "int". > > To see the issue, imagine that "ssize_t" is 32-bits and "int" is > 16-bits, you could see a problem if there was some code out there that > looked like: > > mipi_dsi_dcs_write_seq(dsi, cmd, <32767 bytes as arguments>); > > ...since we'd get back that 32768 bytes were transferred and 32768 > stored in a 16-bit int would look negative. > > Though there are no callsites where we'd actually hit this (even if > "int" was only 16-bit), it's cleaner to make the types match so let's > fix it. > > Fixes: 2a9e9daf7523 ("drm/mipi-dsi: Introduce mipi_dsi_dcs_write_seq macro") > Signed-off-by: Douglas Anderson <dianders@chromium.org> > --- > > Changes in v3: > - Use %zd in print instead of casting errors to int. > > Changes in v2: > - New > > include/drm/drm_mipi_dsi.h | 24 ++++++++++++------------ > 1 file changed, 12 insertions(+), 12 deletions(-) > > diff --git a/include/drm/drm_mipi_dsi.h b/include/drm/drm_mipi_dsi.h > index 82b1cc434ea3..70ce0b8cbc68 100644 > --- a/include/drm/drm_mipi_dsi.h > +++ b/include/drm/drm_mipi_dsi.h > @@ -333,18 +333,18 @@ int mipi_dsi_dcs_get_display_brightness_large(struct mipi_dsi_device *dsi, > * @cmd: Command > * @seq: buffer containing data to be transmitted > */ > -#define mipi_dsi_dcs_write_seq(dsi, cmd, seq...) \ > - do { \ > - static const u8 d[] = { cmd, seq }; \ > - struct device *dev = &dsi->dev; \ > - int ret; \ > - ret = mipi_dsi_dcs_write_buffer(dsi, d, ARRAY_SIZE(d)); \ > - if (ret < 0) { \ > - dev_err_ratelimited( \ > - dev, "sending command %#02x failed: %d\n", \ > - cmd, ret); \ > - return ret; \ > - } \ > +#define mipi_dsi_dcs_write_seq(dsi, cmd, seq...) \ > + do { \ > + static const u8 d[] = { cmd, seq }; \ > + struct device *dev = &dsi->dev; \ > + ssize_t ret; \ > + ret = mipi_dsi_dcs_write_buffer(dsi, d, ARRAY_SIZE(d)); \ > + if (ret < 0) { \ > + dev_err_ratelimited( \ > + dev, "sending command %#02x failed: %zd\n", \ > + cmd, ret); \ > + return ret; \ > + } \ > } while (0) > > /** Reviewed-by: Neil Armstrong <neil.armstrong@linaro.org>
On Wed, May 1, 2024 at 5:43 PM Douglas Anderson <dianders@chromium.org> wrote: > The mipi_dsi_dcs_write_seq() macro makes a call to > mipi_dsi_dcs_write_buffer() which returns a type ssize_t. The macro > then stores it in an int and checks to see if it's negative. This > could theoretically be a problem if "ssize_t" is larger than "int". > > To see the issue, imagine that "ssize_t" is 32-bits and "int" is > 16-bits, you could see a problem if there was some code out there that > looked like: > > mipi_dsi_dcs_write_seq(dsi, cmd, <32767 bytes as arguments>); > > ...since we'd get back that 32768 bytes were transferred and 32768 > stored in a 16-bit int would look negative. > > Though there are no callsites where we'd actually hit this (even if > "int" was only 16-bit), it's cleaner to make the types match so let's > fix it. > > Fixes: 2a9e9daf7523 ("drm/mipi-dsi: Introduce mipi_dsi_dcs_write_seq macro") > Signed-off-by: Douglas Anderson <dianders@chromium.org> All right! Nice work. Reviewed-by: Linus Walleij <linus.walleij@linaro.org> Yours, Linus Walleij
diff --git a/include/drm/drm_mipi_dsi.h b/include/drm/drm_mipi_dsi.h index 82b1cc434ea3..70ce0b8cbc68 100644 --- a/include/drm/drm_mipi_dsi.h +++ b/include/drm/drm_mipi_dsi.h @@ -333,18 +333,18 @@ int mipi_dsi_dcs_get_display_brightness_large(struct mipi_dsi_device *dsi, * @cmd: Command * @seq: buffer containing data to be transmitted */ -#define mipi_dsi_dcs_write_seq(dsi, cmd, seq...) \ - do { \ - static const u8 d[] = { cmd, seq }; \ - struct device *dev = &dsi->dev; \ - int ret; \ - ret = mipi_dsi_dcs_write_buffer(dsi, d, ARRAY_SIZE(d)); \ - if (ret < 0) { \ - dev_err_ratelimited( \ - dev, "sending command %#02x failed: %d\n", \ - cmd, ret); \ - return ret; \ - } \ +#define mipi_dsi_dcs_write_seq(dsi, cmd, seq...) \ + do { \ + static const u8 d[] = { cmd, seq }; \ + struct device *dev = &dsi->dev; \ + ssize_t ret; \ + ret = mipi_dsi_dcs_write_buffer(dsi, d, ARRAY_SIZE(d)); \ + if (ret < 0) { \ + dev_err_ratelimited( \ + dev, "sending command %#02x failed: %zd\n", \ + cmd, ret); \ + return ret; \ + } \ } while (0) /**
The mipi_dsi_dcs_write_seq() macro makes a call to mipi_dsi_dcs_write_buffer() which returns a type ssize_t. The macro then stores it in an int and checks to see if it's negative. This could theoretically be a problem if "ssize_t" is larger than "int". To see the issue, imagine that "ssize_t" is 32-bits and "int" is 16-bits, you could see a problem if there was some code out there that looked like: mipi_dsi_dcs_write_seq(dsi, cmd, <32767 bytes as arguments>); ...since we'd get back that 32768 bytes were transferred and 32768 stored in a 16-bit int would look negative. Though there are no callsites where we'd actually hit this (even if "int" was only 16-bit), it's cleaner to make the types match so let's fix it. Fixes: 2a9e9daf7523 ("drm/mipi-dsi: Introduce mipi_dsi_dcs_write_seq macro") Signed-off-by: Douglas Anderson <dianders@chromium.org> --- Changes in v3: - Use %zd in print instead of casting errors to int. Changes in v2: - New include/drm/drm_mipi_dsi.h | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-)