[3.13.y-ckt stable] Patch "regmap: Fix possible shift overflow in regmap_field_init()" has been added to staging queue

Kamal Mostafa kamal at canonical.com
Thu Jul 23 01:58:18 UTC 2015 

This is a note to let you know that I have just added a patch titled

    regmap: Fix possible shift overflow in regmap_field_init()

to the linux-3.13.y-queue branch of the 3.13.y-ckt extended stable tree 
which can be found at:

    http://kernel.ubuntu.com/git/ubuntu/linux.git/log/?h=linux-3.13.y-queue

This patch is scheduled to be released in version 3.13.11-ckt24.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.13.y-ckt tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Kamal

------

>From d24dcee06a4f7a1cc8adad0b54aaf8f2d5cb77fa Mon Sep 17 00:00:00 2001
From: Maxime Coquelin <maxime.coquelin at st.com>
Date: Tue, 16 Jun 2015 13:53:19 +0200
Subject: regmap: Fix possible shift overflow in regmap_field_init()

commit 921cc29473a0d7c109105c1876ddb432f4a4be7d upstream.

The way the mask is generated in regmap_field_init() is wrong.
Indeed, a field initialized with msb = 31 and lsb = 0 provokes a shift
overflow while calculating the mask field.

On some 32 bits architectures, such as x86, the generated mask is 0,
instead of the expected 0xffffffff.

This patch uses GENMASK() to fix the problem, as this macro is already safe
regarding shift overflow.

Signed-off-by: Maxime Coquelin <maxime.coquelin at st.com>
Signed-off-by: Mark Brown <broonie at kernel.org>
Signed-off-by: Kamal Mostafa <kamal at canonical.com>
---
 drivers/base/regmap/regmap.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/base/regmap/regmap.c b/drivers/base/regmap/regmap.c
index 7183d1d..c1d343e 100644
--- a/drivers/base/regmap/regmap.c
+++ b/drivers/base/regmap/regmap.c
@@ -808,11 +808,10 @@ EXPORT_SYMBOL_GPL(devm_regmap_init);
 static void regmap_field_init(struct regmap_field *rm_field,
 	struct regmap *regmap, struct reg_field reg_field)
 {
-	int field_bits = reg_field.msb - reg_field.lsb + 1;
 	rm_field->regmap = regmap;
 	rm_field->reg = reg_field.reg;
 	rm_field->shift = reg_field.lsb;
-	rm_field->mask = ((BIT(field_bits) - 1) << reg_field.lsb);
+	rm_field->mask = GENMASK(reg_field.msb, reg_field.lsb);
 	rm_field->id_size = reg_field.id_size;
 	rm_field->id_offset = reg_field.id_offset;
 }
--
1.9.1

More information about the kernel-team mailing list