This code was using -1 to represent that there was no reset function.
Unfortunately, the -1 was stored in u8 so the if (clks[i].rs_id >= 0)
condition was always true. This lead to an out of bounds access in
visconti_clk_register_gates().
Fixes:
b4cbe606dc36 ("clk: visconti: Add support common clock driver and reset driver")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Link: https://lore.kernel.org/r/20220316083533.GA30941@kili
Acked-by: Nobuhiro Iwamatsu <nobuhiro1.iwamatsu@toshiba.co.jp>
Signed-off-by: Stephen Boyd <sboyd@kernel.org>
{ TMPV770X_CLK_WRCK, "wrck",
clks_parent_data, ARRAY_SIZE(clks_parent_data),
0, 0x68, 0x168, 9, 32,
- -1, }, /* No reset */
+ NO_RESET, },
{ TMPV770X_CLK_PICKMON, "pickmon",
clks_parent_data, ARRAY_SIZE(clks_parent_data),
0, 0x10, 0x110, 8, 4,
if (!dev_name)
return -ENOMEM;
- if (clks[i].rs_id >= 0) {
+ if (clks[i].rs_id != NO_RESET) {
rson_offset = reset[clks[i].rs_id].rson_offset;
rsoff_offset = reset[clks[i].rs_id].rsoff_offset;
rs_idx = reset[clks[i].rs_id].rs_idx;
int num_gate,
const struct visconti_reset_data *reset,
spinlock_t *lock);
+
+#define NO_RESET 0xFF
+
#endif /* _VISCONTI_CLKC_H_ */
projects / platform / kernel / linux-rpi.git / commitdiff