Re: [PATCH v3] soc: aspeed: lpc-snoop: Fix usercopy overflow in snoop_file_read

Next message: yangxingui: "Re: [PATCH v3 2/2] scsi: libsas: Add linkrate and sas_addr change detection in rediscover"
Previous message: Lianfeng Ouyang: " &#x56DE;&#x590D;: [PATCH v2 2/3] i2c: designware: Export symbols and add __weak for Starfive I2C driver"
In reply to: Karthikeyan KS: "[PATCH v3] soc: aspeed: lpc-snoop: Fix usercopy overflow in snoop_file_read"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Andrew Jeffery

Date: Wed May 27 2026 - 22:49:16 EST

Hi Karthikeyan,

On Wed, 2026-05-27 at 17:59 +0000, Karthikeyan KS wrote:
> diff --git a/drivers/soc/aspeed/aspeed-lpc-snoop.c b/drivers/soc/aspeed/aspeed-lpc-snoop.c
> index eceeaf8df..ef6697a42 100644
> --- a/drivers/soc/aspeed/aspeed-lpc-snoop.c
> +++ b/drivers/soc/aspeed/aspeed-lpc-snoop.c
> @@ -60,6 +60,7 @@ struct aspeed_lpc_snoop_model_data {
>
> struct aspeed_lpc_snoop_channel {
> struct kfifo fifo;
> + spinlock_t lock;
> wait_queue_head_t wq;
> struct miscdevice miscdev;
> };
> @@ -93,7 +94,11 @@ static ssize_t snoop_file_read(struct file *file, char __user *buffer,
> if (ret == -ERESTARTSYS)
> return -EINTR;
> }
> +
> + spin_lock_irq(&chan->lock);
> ret = kfifo_to_user(&chan->fifo, buffer, count, &copied);
> + spin_unlock_irq(&chan->lock);

This seems inappropriate and I expect is flagged if you compile with
CONFIG_PROVE_LOCKING=y or CONFIG_DEBUG_ATOMIC_SLEEP=y. I suggest both
if you're not already.

Further, I hit conflicts when applying your change on v7.1-rc5. Can you
please ensure you develop, build and test on recent releases.

Thanks,

Andrew