ARM: ux500: do not directly dereference __iomem

commit 65b0e307a1a9193571db12910f382f84195a3d29 upstream.

Sparse reports that calling add_device_randomness() on `uid` is a
violation of address spaces. And indeed the next usage uses readl()
properly, but that was left out when passing it toadd_device_
randomness(). So instead copy the whole thing to the stack first.

Fixes: 4040d10a3d ("ARM: ux500: add DB serial number to entropy pool")
Cc: Linus Walleij <linus.walleij@linaro.org>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/all/202210230819.loF90KDh-lkp@intel.com/
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Link: https://lore.kernel.org/r/20221108123755.207438-1-Jason@zx2c4.com
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Jason A. Donenfeld 2022-11-08 13:37:55 +01:00 committed by Greg Kroah-Hartman
parent c59ee1528b
commit b22d683c90

View File

@ -159,20 +159,18 @@ static ssize_t ux500_get_process(struct device *dev,
static const char *db8500_read_soc_id(struct device_node *backupram)
{
void __iomem *base;
void __iomem *uid;
const char *retstr;
u32 uid[5];
base = of_iomap(backupram, 0);
if (!base)
return NULL;
uid = base + 0x1fc0;
memcpy_fromio(uid, base + 0x1fc0, sizeof(uid));
/* Throw these device-specific numbers into the entropy pool */
add_device_randomness(uid, 0x14);
add_device_randomness(uid, sizeof(uid));
retstr = kasprintf(GFP_KERNEL, "%08x%08x%08x%08x%08x",
readl((u32 *)uid+0),
readl((u32 *)uid+1), readl((u32 *)uid+2),
readl((u32 *)uid+3), readl((u32 *)uid+4));
uid[0], uid[1], uid[2], uid[3], uid[4]);
iounmap(base);
return retstr;
}