From: Florian Fainelli Date: Wed, 20 Oct 2021 18:48:50 +0000 (-0700) Subject: irqchip/irq-bcm7038-l1: Gate use of CPU logical map to MIPS X-Git-Tag: v6.1-rc5~2811^2^2~4^2~9 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=35eb2ef5df42d3c3d2186ae6dab5622a31e6ceee;p=platform%2Fkernel%2Flinux-starfive.git irqchip/irq-bcm7038-l1: Gate use of CPU logical map to MIPS The use of the cpu_logical_map[] array is only relevant for MIPS based platform where this driver is used as a first level interrupt controller and contains multiple register groups to map with an associated CPU. On ARM/ARM64 based systems this interrupt controller is present and used as a second level interrupt controller hanging off the ARM GIC. That copy of the interrupt controller contains a single group, resulting in the intc->cpus[] array to be of size 1. Things happened to work in that case because we install that interrupt controller as a chained handler which does not allow it to be affine to any CPU but the boot CPU which happens to be 0, therefore we never de-reference past intc->cpus[] but with the current code in place, we do leave a chance of de-referencing the array past its bounds. Signed-off-by: Florian Fainelli Signed-off-by: Marc Zyngier Link: https://lore.kernel.org/r/20211020184859.2705451-5-f.fainelli@gmail.com --- diff --git a/drivers/irqchip/irq-bcm7038-l1.c b/drivers/irqchip/irq-bcm7038-l1.c index 14caf32..3c4e348 100644 --- a/drivers/irqchip/irq-bcm7038-l1.c +++ b/drivers/irqchip/irq-bcm7038-l1.c @@ -28,9 +28,6 @@ #include #include #include -#ifdef CONFIG_ARM -#include -#endif #define IRQS_PER_WORD 32 #define REG_BYTES_PER_IRQ_WORD (sizeof(u32) * 4) @@ -127,7 +124,7 @@ static void bcm7038_l1_irq_handle(struct irq_desc *desc) struct irq_chip *chip = irq_desc_get_chip(desc); unsigned int idx; -#ifdef CONFIG_SMP +#if defined(CONFIG_SMP) && defined(CONFIG_MIPS) cpu = intc->cpus[cpu_logical_map(smp_processor_id())]; #else cpu = intc->cpus[0]; @@ -301,7 +298,7 @@ static int bcm7038_l1_suspend(void) u32 val; /* Wakeup interrupt should only come from the boot cpu */ -#ifdef CONFIG_SMP +#if defined(CONFIG_SMP) && defined(CONFIG_MIPS) boot_cpu = cpu_logical_map(0); #else boot_cpu = 0; @@ -325,7 +322,7 @@ static void bcm7038_l1_resume(void) struct bcm7038_l1_chip *intc; int boot_cpu, word; -#ifdef CONFIG_SMP +#if defined(CONFIG_SMP) && defined(CONFIG_MIPS) boot_cpu = cpu_logical_map(0); #else boot_cpu = 0;