1. Patchew
  2. linux
  3. View series

[PATCH] ASoC: max98090: Remove unneeded check in max98090_put_enab_tlv()

Alexey Khoroshilov posted 1 patch 3 years, 11 months ago 
sound/soc/codecs/max98090.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] ASoC: max98090: Remove unneeded check in max98090_put_enab_tlv()
Posted by Alexey Khoroshilov 3 years, 11 months ago 
Variable sel is of unsigned int type, so sel < 0 is not required.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
Fixes: 2fbe467bcbfc ("ASoC: max98090: Reject invalid values in custom control put()")
---
 sound/soc/codecs/max98090.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sound/soc/codecs/max98090.c b/sound/soc/codecs/max98090.c
index 62b41ca050a2..c535a8496bf1 100644
--- a/sound/soc/codecs/max98090.c
+++ b/sound/soc/codecs/max98090.c
@@ -413,7 +413,7 @@ static int max98090_put_enab_tlv(struct snd_kcontrol *kcontrol,
 
 	val = (val >> mc->shift) & mask;
 
-	if (sel < 0 || sel > mc->max)
+	if (sel > mc->max)
 		return -EINVAL;
 
 	*select = sel;
-- 
2.7.4
Re: [PATCH] ASoC: max98090: Remove unneeded check in max98090_put_enab_tlv()
Posted by Mark Brown 3 years, 11 months ago 
On Thu, May 19, 2022 at 08:10:12PM +0300, Alexey Khoroshilov wrote:
> Variable sel is of unsigned int type, so sel < 0 is not required.
> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.

>  	val = (val >> mc->shift) & mask;
>  
> -	if (sel < 0 || sel > mc->max)
> +	if (sel > mc->max)

The check needs to be moved, not removed.  The userspace ABI allows
passing in of negative values.
Re: [PATCH] ASoC: max98090: Remove unneeded check in max98090_put_enab_tlv()
Posted by Pierre-Louis Bossart 3 years, 11 months ago 

On 5/19/22 12:29, Mark Brown wrote:
> On Thu, May 19, 2022 at 08:10:12PM +0300, Alexey Khoroshilov wrote:
>> Variable sel is of unsigned int type, so sel < 0 is not required.
>>
>> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> 
>>  	val = (val >> mc->shift) & mask;
>>  
>> -	if (sel < 0 || sel > mc->max)
>> +	if (sel > mc->max)
> 
> The check needs to be moved, not removed.  The userspace ABI allows
> passing in of negative values.

I was about to send the same cleanup, cppcheck reports the same issue
with a useless test.

The problem is that the values coming from userspace are cast to unsigned...
Re: [PATCH] ASoC: max98090: Remove unneeded check in max98090_put_enab_tlv()
Posted by Alexey Khoroshilov 3 years, 11 months ago 
On 19.05.2022 20:29, Mark Brown wrote:
> On Thu, May 19, 2022 at 08:10:12PM +0300, Alexey Khoroshilov wrote:
>> Variable sel is of unsigned int type, so sel < 0 is not required.
>>
>> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> 
>>  	val = (val >> mc->shift) & mask;
>>  
>> -	if (sel < 0 || sel > mc->max)
>> +	if (sel > mc->max)
> 
> The check needs to be moved, not removed.  The userspace ABI allows
> passing in of negative values.
> 

Would (sel > mc->max) be enough in this case anyway?

--
Alexey
Re: [PATCH] ASoC: max98090: Remove unneeded check in max98090_put_enab_tlv()
Posted by Mark Brown 3 years, 11 months ago 
On Thu, May 19, 2022 at 08:49:48PM +0300, Alexey Khoroshilov wrote:
> On 19.05.2022 20:29, Mark Brown wrote:
> > On Thu, May 19, 2022 at 08:10:12PM +0300, Alexey Khoroshilov wrote:

> >> -	if (sel < 0 || sel > mc->max)
> >> +	if (sel > mc->max)

> > The check needs to be moved, not removed.  The userspace ABI allows
> > passing in of negative values.

> Would (sel > mc->max) be enough in this case anyway?

Oh, the check won't be working properly - it's just that like I say the
fix is to move rather than remove it so it's operating on the signed
value.
Re: [PATCH] ASoC: max98090: Remove unneeded check in max98090_put_enab_tlv()
Posted by Alexey Khoroshilov 3 years, 11 months ago 
On 19.05.2022 20:54, Mark Brown wrote:
> On Thu, May 19, 2022 at 08:49:48PM +0300, Alexey Khoroshilov wrote:
>> On 19.05.2022 20:29, Mark Brown wrote:
>>> On Thu, May 19, 2022 at 08:10:12PM +0300, Alexey Khoroshilov wrote:
> 
>>>> -	if (sel < 0 || sel > mc->max)
>>>> +	if (sel > mc->max)
> 
>>> The check needs to be moved, not removed.  The userspace ABI allows
>>> passing in of negative values.
> 
>> Would (sel > mc->max) be enough in this case anyway?
> 
> Oh, the check won't be working properly - it's just that like I say the
> fix is to move rather than remove it so it's operating on the signed
> value.
> 

Do you mean something like this?

static int max98090_put_enab_tlv(struct snd_kcontrol *kcontrol,
				struct snd_ctl_elem_value *ucontrol)
{
	struct snd_soc_component *component = snd_soc_kcontrol_component(kcontrol);
	struct max98090_priv *max98090 = snd_soc_component_get_drvdata(component);
	struct soc_mixer_control *mc =
		(struct soc_mixer_control *)kcontrol->private_value;
	unsigned int mask = (1 << fls(mc->max)) - 1;
-       unsigned int sel = ucontrol->value.integer.value[0];
+       int sel_unchecked = ucontrol->value.integer.value[0];
+       unsigned int sel;
	unsigned int val = snd_soc_component_read(component, mc->reg);
	unsigned int *select;

	switch (mc->reg) {
	case M98090_REG_MIC1_INPUT_LEVEL:
		select = &(max98090->pa1en);
		break;
	case M98090_REG_MIC2_INPUT_LEVEL:
		select = &(max98090->pa2en);
		break;
	case M98090_REG_ADC_SIDETONE:
		select = &(max98090->sidetone);
		break;
	default:
		return -EINVAL;
	}

	val = (val >> mc->shift) & mask;

-       if (sel < 0 || sel > mc->max)
+       if (sel_unchecked < 0 || sel_unchecked > mc->max)
                return -EINVAL;
+       sel = sel_unchecked;

	*select = sel;
Re: [PATCH] ASoC: max98090: Remove unneeded check in max98090_put_enab_tlv()
Posted by Mark Brown 3 years, 11 months ago 
On Thu, May 19, 2022 at 09:27:25PM +0300, Alexey Khoroshilov wrote:
> On 19.05.2022 20:54, Mark Brown wrote:

> > Oh, the check won't be working properly - it's just that like I say the
> > fix is to move rather than remove it so it's operating on the signed
> > value.

> Do you mean something like this?

That looks about right.
Re: [PATCH] ASoC: max98090: Remove unneeded check in max98090_put_enab_tlv()
Posted by Alexey Khoroshilov 3 years, 11 months ago 
On 19.05.2022 23:07, Mark Brown wrote:
> On Thu, May 19, 2022 at 09:27:25PM +0300, Alexey Khoroshilov wrote:
>> On 19.05.2022 20:54, Mark Brown wrote:
>>> Oh, the check won't be working properly - it's just that like I say the
>>> fix is to move rather than remove it so it's operating on the signed
>>> value.
>> Do you mean something like this?
> That looks about right.
Should I prepare a patch or you will do it yourself?
Re: [PATCH] ASoC: max98090: Remove unneeded check in max98090_put_enab_tlv()
Posted by Mark Brown 3 years, 11 months ago 
On Thu, May 19, 2022 at 11:13:00PM +0300, Alexey Khoroshilov wrote:
> On 19.05.2022 23:07, Mark Brown wrote:
> > On Thu, May 19, 2022 at 09:27:25PM +0300, Alexey Khoroshilov wrote:

> >> Do you mean something like this?

> > That looks about right.

> Should I prepare a patch or you will do it yourself?

Please send it, you already wrote it - may as well get the credit too.
[PATCH] ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv()
Posted by Alexey Khoroshilov 3 years, 11 months ago 
Validation of signed input should be done before casting to unsigned int.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
Suggested-by: Mark Brown <broonie@kernel.org>
Fixes: 2fbe467bcbfc ("ASoC: max98090: Reject invalid values in custom control put()")
---
 sound/soc/codecs/max98090.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/sound/soc/codecs/max98090.c b/sound/soc/codecs/max98090.c
index 62b41ca050a2..5513acd360b8 100644
--- a/sound/soc/codecs/max98090.c
+++ b/sound/soc/codecs/max98090.c
@@ -393,7 +393,8 @@ static int max98090_put_enab_tlv(struct snd_kcontrol *kcontrol,
 	struct soc_mixer_control *mc =
 		(struct soc_mixer_control *)kcontrol->private_value;
 	unsigned int mask = (1 << fls(mc->max)) - 1;
-	unsigned int sel = ucontrol->value.integer.value[0];
+	int sel_unchecked = ucontrol->value.integer.value[0];
+	unsigned int sel;
 	unsigned int val = snd_soc_component_read(component, mc->reg);
 	unsigned int *select;
 
@@ -413,8 +414,9 @@ static int max98090_put_enab_tlv(struct snd_kcontrol *kcontrol,
 
 	val = (val >> mc->shift) & mask;
 
-	if (sel < 0 || sel > mc->max)
+	if (sel_unchecked < 0 || sel_unchecked > mc->max)
 		return -EINVAL;
+	sel = sel_unchecked;
 
 	*select = sel;
 
-- 
2.7.4
Re: [PATCH] ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv()
Posted by Mark Brown 3 years, 11 months ago 
On Fri, 20 May 2022 01:31:26 +0300, Alexey Khoroshilov wrote:
> Validation of signed input should be done before casting to unsigned int.
> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> 
> 

Applied to

   https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound.git for-next

Thanks!

[1/1] ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv()
      commit: f7a344468105ef8c54086dfdc800e6f5a8417d3e

All being well this means that it will be integrated into the linux-next
tree (usually sometime in the next 24 hours) and sent to Linus during
the next merge window (or sooner if it is a bug fix), however if
problems are discovered then the patch may be dropped or reverted.

You may get further e-mails resulting from automated or manual testing
and review of the tree, please engage with people reporting problems and
send followup patches addressing any issues that are reported if needed.

If any updates are required or you are submitting further changes they
should be sent as incremental updates against current git, existing
patches will not be replaced.

Please add any relevant lists and maintainers to the CCs when replying
to this mail.

Thanks,
Mark

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.