• Kishon Vijay Abraham I's avatar
    phy: ti: Fix missing sentinel for clk_div_table · 6d1e6bcb
    Kishon Vijay Abraham I authored
    _get_table_maxdiv() tries to access "clk_div_table" array out of bound
    defined in phy-j721e-wiz.c. Add a sentinel entry to prevent
    the following global-out-of-bounds error reported by enabling KASAN.
    
    [    9.552392] BUG: KASAN: global-out-of-bounds in _get_maxdiv+0xc0/0x148
    [    9.558948] Read of size 4 at addr ffff8000095b25a4 by task kworker/u4:1/38
    [    9.565926]
    [    9.567441] CPU: 1 PID: 38 Comm: kworker/u4:1 Not tainted 5.16.0-116492-gdaadb3bd-dirty #360
    [    9.576242] Hardware name: Texas Instruments J721e EVM (DT)
    [    9.581832] Workqueue: events_unbound deferred_probe_work_func
    [    9.587708] Call trace:
    [    9.590174]  dump_backtrace+0x20c/0x218
    [    9.594038]  show_stack+0x18/0x68
    [    9.597375]  dump_stack_lvl+0x9c/0xd8
    [    9.601062]  print_address_description.constprop.0+0x78/0x334
    [    9.606830]  kasan_report+0x1f0/0x260
    [    9.610517]  __asan_load4+0x9c/0xd8
    [    9.614030]  _get_maxdiv+0xc0/0x148
    [    9.617540]  divider_determine_rate+0x88/0x488
    [    9.622005]  divider_round_rate_parent+0xc8/0x124
    [    9.626729]  wiz_clk_div_round_rate+0x54/0x68
    [    9.631113]  clk_core_determine_round_nolock+0x124/0x158
    [    9.636448]  clk_core_round_rate_nolock+0x68/0x138
    [    9.641260]  clk_core_set_rate_nolock+0x268/0x3a8
    [    9.645987]  clk_set_rate+0x50/0xa8
    [    9.649499]  cdns_sierra_phy_init+0x88/0x248
    [    9.653794]  phy_init+0x98/0x108
    [    9.657046]  cdns_pcie_enable_phy+0xa0/0x170
    [    9.661340]  cdns_pcie_init_phy+0x250/0x2b0
    [    9.665546]  j721e_pcie_probe+0x4b8/0x798
    [    9.669579]  platform_probe+0x8c/0x108
    [    9.673350]  really_probe+0x114/0x630
    [    9.677037]  __driver_probe_device+0x18c/0x220
    [    9.681505]  driver_probe_device+0xac/0x150
    [    9.685712]  __device_attach_driver+0xec/0x170
    [    9.690178]  bus_for_each_drv+0xf0/0x158
    [    9.694124]  __device_attach+0x184/0x210
    [    9.698070]  device_initial_probe+0x14/0x20
    [    9.702277]  bus_probe_device+0xec/0x100
    [    9.706223]  deferred_probe_work_func+0x124/0x180
    [    9.710951]  process_one_work+0x4b0/0xbc0
    [    9.714983]  worker_thread+0x74/0x5d0
    [    9.718668]  kthread+0x214/0x230
    [    9.721919]  ret_from_fork+0x10/0x20
    [    9.725520]
    [    9.727032] The buggy address belongs to the variable:
    [    9.732183]  clk_div_table+0x24/0x440
    
    Fixes: 091876cc ("phy: ti: j721e-wiz: Add support for WIZ module present in TI J721E SoC")
    Cc: stable@vger.kernel.org # v5.10+
    Signed-off-by: default avatarKishon Vijay Abraham I <kishon@ti.com>
    Link: https://lore.kernel.org/r/20220117110108.4117-1-kishon@ti.comSigned-off-by: default avatarVinod Koul <vkoul@kernel.org>
    6d1e6bcb
phy-j721e-wiz.c 33.1 KB