Re: [PATCH 1/2] hwmon: (ltc2992) Clamp threshold writes to hardware range

[Guenter Roeck]

On Thu, Apr 16, 2026 at 09:59:30PM +0000, Pradhan, Sanman wrote:
> From: Sanman Pradhan <psanman@xxxxxxxxxxx>
> 
> ltc2992_set_voltage(), ltc2992_set_current(), and ltc2992_set_power()
> do not validate the user-supplied value before converting it to a
> register value. This can result in:
> 
> 1. Negative input values wrapping to large positive register values.
>    For power, the negative long is implicitly cast to u64 in
>    mul_u64_u32_div(), producing an incorrect value. For voltage and
>    current, the negative converted value wraps when passed to
>    ltc2992_write_reg() as a u32.
> 
> 2. Intermediate arithmetic exceeding the range representable in u64 on
>    64-bit platforms. In ltc2992_set_voltage(), (u64)val * 1000 can
>    exceed U64_MAX when val is a large positive long. In
>    ltc2992_set_current(), (u64)val * r_sense_uohm can overflow
>    similarly. In ltc2992_set_power(), the computed value may not fit
>    in u64.
> 
> 3. Register values exceeding the hardware field width. Voltage and
>    current threshold registers are 12-bit (stored left-justified in
>    16 bits), and power threshold registers are 24-bit. Without
>    clamping, bits above the field width are truncated in
>    ltc2992_write_reg().
> 
> Fix by clamping negative values to zero, clamping positive values to
> the rounded hardware-representable maximum (the value returned by the
> read path for a full-scale register) to prevent intermediate overflow,
> and clamping the converted register value to the hardware field width
> before writing. The existing conversion formula and rounding behavior
> are preserved.
> 
> In the power write path, cancel the factor of 1000 from both the
> numerator (r_sense_uohm * 1000) and the denominator
> (VADC_UV_LSB * IADC_NANOV_LSB) to also eliminate a u32 overflow of
> r_sense_uohm * 1000 when r_sense_uohm exceeds about 4.29 ohms.
> 
> Fixes: b0bd407e94b03 ("hwmon: (ltc2992) Add support")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Sanman Pradhan <psanman@xxxxxxxxxxx>

Applied.

Thanks,
Guenter