Re: [PATCH 1/3] dell-laptop: Clear buffer before each SMBIOS call
From: Darren Hart
Date: Wed Jul 01 2015 - 20:45:59 EST
On Wed, Jul 01, 2015 at 08:08:19PM +0200, Pali Rohár wrote:
> Make sure that before initializing SMBIOS call input buffer does not contain
> any garbage (e.g values from previous SMBIOS call). This fix problem with
> passing undefined/random parameters to SMBIOS functions.
>
> Signed-off-by: Pali Rohár <pali.rohar@xxxxxxxxx>
> ---
> drivers/platform/x86/dell-laptop.c | 11 ++++++++++-
> 1 file changed, 10 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c
> index 35758cb..6728487 100644
> --- a/drivers/platform/x86/dell-laptop.c
> +++ b/drivers/platform/x86/dell-laptop.c
> @@ -310,10 +310,15 @@ static DEFINE_MUTEX(buffer_mutex);
>
> static int hwswitch_state;
>
> +static void clear_buffer(void)
> +{
> + memset(buffer, 0, sizeof(struct calling_interface_buffer));
> +}
> +
> static void get_buffer(void)
> {
> mutex_lock(&buffer_mutex);
> - memset(buffer, 0, sizeof(struct calling_interface_buffer));
> + clear_buffer();
> }
>
> static void release_buffer(void)
> @@ -557,6 +562,8 @@ static int dell_rfkill_set(void *data, bool blocked)
> !(buffer->output[1] & BIT(16)))
> disable = 1;
>
> + clear_buffer();
> +
> buffer->input[0] = (1 | (radio<<8) | (disable << 16));
> dell_send_request(buffer, 17, 11);
>
> @@ -571,6 +578,7 @@ static void dell_rfkill_update_sw_state(struct rfkill *rfkill, int radio,
> if (status & BIT(0)) {
> /* Has hw-switch, sync sw_state to BIOS */
> int block = rfkill_blocked(rfkill);
> + clear_buffer();
> buffer->input[0] = (1 | (radio << 8) | (block << 16));
> dell_send_request(buffer, 17, 11);
> } else {
> @@ -774,6 +782,7 @@ static int __init dell_setup_rfkill(void)
> dell_send_request(buffer, 17, 11);
> status = buffer->output[1];
> buffer->input[0] = 0x2;
> + clear_buffer();
> dell_send_request(buffer, 17, 11);
This clears the buffer after modifying input[0] and right before
dell_send_request... so you're sending a completely empty buffer? Is that
intentional here? I guess I would have expected the clear_buffer to be one line
earlier.
> hwswitch_state = buffer->output[1];
> release_buffer();
> --
> 1.7.9.5
>
>
--
Darren Hart
Intel Open Source Technology Center
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/