re: spi: bcm2835: fix gpio cs level inversion
From: Colin Ian King
Date: Fri Oct 30 2020 - 10:12:15 EST
Hi,
Static analysis with coverity on today's linux-next has detected a
potential issue in bcm2835_spi_setup() in the following commit:
commit 5e31ba0c0543a04483b53151eb5b7413efece94c
Author: Martin Hundebøll <martin@xxxxxxxxxx>
Date: Wed Oct 14 11:02:30 2020 +0200
spi: bcm2835: fix gpio cs level inversion
The analysis is as follows:
1191 static int bcm2835_spi_setup(struct spi_device *spi)
1192 {
1193 struct spi_controller *ctlr = spi->controller;
1194 struct bcm2835_spi *bs = spi_controller_get_devdata(ctlr);
1195 struct gpio_chip *chip;
1. var_decl: Declaring variable lflags without initializer.
... and later on ...
Uninitialized scalar variable (UNINIT)
9. uninit_use_in_call: Using uninitialized value lflags when calling
gpiochip_request_own_desc. [show details]
1262 spi->cs_gpiod = gpiochip_request_own_desc(chip, 8 -
spi->chip_select,
1263 DRV_NAME,
1264 lflags,
1265 GPIOD_OUT_LOW);
The call to gpiochip_request_own_desc passes the uninitalized lflags
down to gpiod_configure_flags:
int gpiod_configure_flags(struct gpio_desc *desc, const char *con_id,
3698 unsigned long lflags, enum gpiod_flags dflags)
3699{
3700 int ret;
3701
3702 if (lflags & GPIO_ACTIVE_LOW)
3703 set_bit(FLAG_ACTIVE_LOW, &desc->flags);
3704
3705 if (lflags & GPIO_OPEN_DRAIN)
3706 set_bit(FLAG_OPEN_DRAIN, &desc->flags);
so this looks like lflags needs to be initialized with something
legitimate, probably zero?
Colin