Re: [PATCH 07/21] ata: libahci_platform: Sanity check the DT child nodes number

From: Serge Semin
Date: Mon Apr 11 2022 - 09:11:07 EST


On Thu, Mar 24, 2022 at 05:13:45PM +0900, Damien Le Moal wrote:
> On 3/24/22 17:12, Sergey Shtylyov wrote:
> > On 3/24/22 4:40 AM, Damien Le Moal wrote:
> >
> >>> Having greater than (AHCI_MAX_PORTS = 32) ports detected isn't that
> >>> critical from the further AHCI-platform initialization point of view since
> >>> exceeding the ports upper limit will cause allocating more resources than
> >>> will be used afterwards. But detecting too many child DT-nodes doesn't
> >>> seem right since it's very unlikely to have it on an ordinary platform. In
> >>> accordance with the AHCI specification there can't be more than 32 ports
> >>> implemented at least due to having the CAP.NP field of 4 bits wide and the
> >>> PI register of dword size. Thus if such situation is found the DTB must
> >>> have been corrupted and the data read from it shouldn't be reliable. Let's
> >>> consider that as an erroneous situation and halt further resources
> >>> allocation.
> >>>
> >>> Note it's logically more correct to have the nports set only after the
> >>> initialization value is checked for being sane. So while at it let's make
> >>> sure nports is assigned with a correct value.
> >>>
> >>> Signed-off-by: Serge Semin <Sergey.Semin@xxxxxxxxxxxxxxxxxxxx>
> >>> ---
> >>> drivers/ata/libahci_platform.c | 16 +++++++++++-----
> >>> 1 file changed, 11 insertions(+), 5 deletions(-)
> >>>
> >>> diff --git a/drivers/ata/libahci_platform.c b/drivers/ata/libahci_platform.c
> >>> index 4fb9629c03ab..845042295b97 100644
> >>> --- a/drivers/ata/libahci_platform.c
> >>> +++ b/drivers/ata/libahci_platform.c
> >>> @@ -470,15 +470,21 @@ struct ahci_host_priv *ahci_platform_get_resources(struct platform_device *pdev,
> >>> }
> >>> }
> >>>
> >>> - hpriv->nports = child_nodes = of_get_child_count(dev->of_node);
> >>> -
> >>> /*
> >>> - * If no sub-node was found, we still need to set nports to
> >>> - * one in order to be able to use the
> >>> + * Too many sub-nodes most likely means having something wrong with
> >>> + * firmware. If no sub-node was found, we still need to set nports
> >>> + * to one in order to be able to use the
> >>> * ahci_platform_[en|dis]able_[phys|regulators] functions.
> >>> */

> >>> - if (!child_nodes)
> >>> + child_nodes = of_get_child_count(dev->of_node);
> >>> + if (child_nodes > AHCI_MAX_PORTS) {
> >>> + rc = -EINVAL;
> >>> + goto err_out;
> >>> + } else if (!child_nodes) {
> >>
> >> No need for "else" after a return.
> >
> > You meant *goto*? :-)
>
> Yes :) No need for the else after goto.

Personally I prefer having the chained if-else-if-else-etc statement
in such cases from readability and maintainability points of view (it
makes the code reader to more easily perceive that all the variable
value ranges are covered with no reference to the if-else clause
statements). But in this particular case dropping the else word lets
us to convert the afterwards statement into a single line
+ hpriv->nports = child_nodes ?: 1;
So why not. I'll drop 'else' from there then.

-Sergey

>
> >
> > [...]
> >
> > MBR, Sergey
>
>
> --
> Damien Le Moal
> Western Digital Research