psp_get_capability() is declared as returning an 'unsigned int'. However,
it returns -ENODEV on failure when it cannot access the device registers
(i.e., when ioread32 returns 0xffffffff).

Since -ENODEV is a negative value, returning it from a function declared as
'unsigned int' results in an implicit cast to a large positive integer.
This prevents the caller psp_dev_init() from correctly detecting the
error condition, leading to improper error handling.

Signed-off-by: Yunseong Kim <yunseong.kim@est.tech>
---
Changes in v2:
- Address feedback from Tom Lendacky.
---
 drivers/crypto/ccp/psp-dev.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index 5c7f7e02a7d8..664cd51bbf0d 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -141,7 +141,7 @@ static irqreturn_t psp_irq_handler(int irq, void *data)
 	return IRQ_HANDLED;
 }
 
-static unsigned int psp_get_capability(struct psp_device *psp)
+static int psp_get_capability(struct psp_device *psp)
 {
 	unsigned int val = ioread32(psp->io_regs + psp->vdata->feature_reg);
 

---
base-commit: 7080e32d3f09d8688c4a87d81bdcc71f7f606b16
change-id: 20260426-master-eba8d68042ab

Best regards,
-- 
Yunseong Kim <yunseong.kim@est.tech>

On 4/26/26 16:25, Yunseong Kim wrote:
> [Some people who received this message don't often get email from yunseong.kim@est.tech. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]
> 
> psp_get_capability() is declared as returning an 'unsigned int'. However,
> it returns -ENODEV on failure when it cannot access the device registers
> (i.e., when ioread32 returns 0xffffffff).
> 
> Since -ENODEV is a negative value, returning it from a function declared as
> 'unsigned int' results in an implicit cast to a large positive integer.
> This prevents the caller psp_dev_init() from correctly detecting the
> error condition, leading to improper error handling.

Not true. The psp_dev_init() function will assign the return value to an
int and so it ends up getting the -ENODEV value in the end. Also, since
psp_dev_init() is only checking for a non-zero value on error and the
return value of psp_dev_init() is not checked, this doesn't have any
impact on the processing or handling of errors.

I agree that psp_get_capability() should return an int instead of an
unsigned int, so the patch is fine, but you need to rework the commit
message to be accurate.

Thanks,
Tom

> 
> Signed-off-by: Yunseong Kim <yunseong.kim@est.tech>
> ---
> Changes in v2:
> - Address feedback from Tom Lendacky.
> ---
>  drivers/crypto/ccp/psp-dev.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
> index 5c7f7e02a7d8..664cd51bbf0d 100644
> --- a/drivers/crypto/ccp/psp-dev.c
> +++ b/drivers/crypto/ccp/psp-dev.c
> @@ -141,7 +141,7 @@ static irqreturn_t psp_irq_handler(int irq, void *data)
>         return IRQ_HANDLED;
>  }
> 
> -static unsigned int psp_get_capability(struct psp_device *psp)
> +static int psp_get_capability(struct psp_device *psp)
>  {
>         unsigned int val = ioread32(psp->io_regs + psp->vdata->feature_reg);
> 
> 
> ---
> base-commit: 7080e32d3f09d8688c4a87d81bdcc71f7f606b16
> change-id: 20260426-master-eba8d68042ab
> 
> Best regards,
> --
> Yunseong Kim <yunseong.kim@est.tech>
>

Hi Tom,

On 4/27/26 16:33, Tom Lendacky wrote:
> On 4/26/26 16:25, Yunseong Kim wrote:
>> [Some people who received this message don't often get email from yunseong.kim@est.tech. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]
>>
>> psp_get_capability() is declared as returning an 'unsigned int'. However,
>> it returns -ENODEV on failure when it cannot access the device registers
>> (i.e., when ioread32 returns 0xffffffff).
>>
>> Since -ENODEV is a negative value, returning it from a function declared as
>> 'unsigned int' results in an implicit cast to a large positive integer.
>> This prevents the caller psp_dev_init() from correctly detecting the
>> error condition, leading to improper error handling.
> 
> Not true. The psp_dev_init() function will assign the return value to an
> int and so it ends up getting the -ENODEV value in the end. Also, since
> psp_dev_init() is only checking for a non-zero value on error and the
> return value of psp_dev_init() is not checked, this doesn't have any
> impact on the processing or handling of errors.
> 
> I agree that psp_get_capability() should return an int instead of an
> unsigned int, so the patch is fine, but you need to rework the commit
> message to be accurate.
> 
> Thanks,
> Tom

Oh, I see. Thanks for the comment! I’ll fix this in v3, and sorry for
being a bit late with the v2 patch.

>>
>> Signed-off-by: Yunseong Kim <yunseong.kim@est.tech>
>> ---
>> Changes in v2:
>> - Address feedback from Tom Lendacky.
>> ---
>>  drivers/crypto/ccp/psp-dev.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
>> index 5c7f7e02a7d8..664cd51bbf0d 100644
>> --- a/drivers/crypto/ccp/psp-dev.c
>> +++ b/drivers/crypto/ccp/psp-dev.c
>> @@ -141,7 +141,7 @@ static irqreturn_t psp_irq_handler(int irq, void *data)
>>         return IRQ_HANDLED;
>>  }
>>
>> -static unsigned int psp_get_capability(struct psp_device *psp)
>> +static int psp_get_capability(struct psp_device *psp)
>>  {
>>         unsigned int val = ioread32(psp->io_regs + psp->vdata->feature_reg);
>>
>>
>> ---
>> base-commit: 7080e32d3f09d8688c4a87d81bdcc71f7f606b16
>> change-id: 20260426-master-eba8d68042ab
>>
>> Best regards,
>> --
>> Yunseong Kim <yunseong.kim@est.tech>
>>
Thank you,
Yunseong