Re: [PATCH] platform/x86/intel/tpmi: Prevent overflow for cap_offset

[Hans de Goede]

Hi,

On 6/22/23 21:57, Srinivas Pandruvada wrote:
> cap_offset is a u16 field, so multiplying with TPMI_CAP_OFFSET_UNIT
> (which is equal to 1024) to covert to bytes will cause overflow. This
> will be a problem once more TPMI features are added.
> 
> This field is not used except for calculating pfs->vsec_offset. So, leave
> cap_offset field unchanged and multiply with TPMI_CAP_OFFSET_UNIT while
> calculating pfs->vsec_offset.
> 
> Signed-off-by: Srinivas Pandruvada <srinivas.pandruvada@xxxxxxxxxxxxxxx>
> ---
> Rebased on top of
> https://kernel.googlesource.com/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86
> review-hans 

Thank you for your patch, I've applied this patch to my fixes
branch:
https://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86.git/log/?h=fixes

Note it will show up in my fixes branch once I've pushed my
local branch there, which might take a while.

I will include this patch in my next fixes pull-req to Linus
for the current kernel development cycle.

Regards,

Hans



> 
>  drivers/platform/x86/intel/tpmi.c | 4 +---
>  1 file changed, 1 insertion(+), 3 deletions(-)
> 
> diff --git a/drivers/platform/x86/intel/tpmi.c b/drivers/platform/x86/intel/tpmi.c
> index 9c606ee2030c..d1fd6e69401c 100644
> --- a/drivers/platform/x86/intel/tpmi.c
> +++ b/drivers/platform/x86/intel/tpmi.c
> @@ -356,9 +356,7 @@ static int intel_vsec_tpmi_init(struct auxiliary_device *auxdev)
>  		if (!pfs_start)
>  			pfs_start = res_start;
>  
> -		pfs->pfs_header.cap_offset *= TPMI_CAP_OFFSET_UNIT;
> -
> -		pfs->vsec_offset = pfs_start + pfs->pfs_header.cap_offset;
> +		pfs->vsec_offset = pfs_start + pfs->pfs_header.cap_offset * TPMI_CAP_OFFSET_UNIT;
>  
>  		/*
>  		 * Process TPMI_INFO to get PCI device to CPU package ID.