Skip to content
Commit 72f039db authored by Bjorn Andersson's avatar Bjorn Andersson Committed by Kishon Vijay Abraham I
Browse files

phy: qcom-qmp: Ensure register indirection arrays initialized 

It's possible that struct qmp_phy_cfg->regs references an array that is
smaller than the possible register lookups that is going to be
performed, with the resulting out-of-bounds read resulting in undefined
behavior.

One such example is when during qcom_qmp_phy_com_init() performs a
qphy_setbits() on entry QPHY_PCS_POWER_DOWN_CONTROL (i.e. 17) with
msm8996_ufsphy_regs_layout only being 12 entries long.

Solve this by inflating all "regs_layout" arrays to ensure that any
remaining entries are zero-initialized, as expected by the code.

Fixes: e4d8b05a

 ("phy: qcom-qmp: Use proper PWRDOWN offset for sm8150 USB")
Signed-off-by: default avatarBjorn Andersson <bjorn.andersson@linaro.org>
Link: https://lore.kernel.org/r/20200515013643.2081941-1-bjorn.andersson@linaro.org
Signed-off-by: default avatarKishon Vijay Abraham I <kishon@ti.com>
parent 81530a38
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment