Re: [PATCH] i2c: amd-asf: Validate firmware-reported length
From: Shyam Sundar S K
Date: Wed Jun 17 2026 - 07:12:35 EST
On 6/17/2026 15:50, Andi Shyti wrote:
> Hi Paritosh,
>
> On Fri, Jun 12, 2026 at 10:18:15AM +0000, Paritosh Potukuchi wrote:
>> The firmware may sometimes return a length greater than the
>> allocated buffer size, which can lead to out-of-bounds access
>> and a kernel panic.
>
> How often does it happen? Should it be considered a fix?
>
> Shyam, any comments on this?
Looks good to me.
Acked-by: Shyam Sundar S K <Shyam-sundar.S-k@xxxxxxx>
Thanks,
Shyam
>
>> Currently, the driver does not validate the length read from
>> firmware.
>>
>> Add a check to ensure the firmware-reported length stays within
>> the bounds of the data buffer.
>>
>> Fix indentation issues reported by checkpatch.
>
> I'm going to remove this comment here as I'm going to take only
> this patch and it's a meaningless information to leave in the log
> history.
>
>> Signed-off-by: Paritosh Potukuchi <paritosh.potukuchi@xxxxxxx>
>> ---
>> drivers/i2c/busses/i2c-amd-asf-plat.c | 3 +++
>> 1 file changed, 3 insertions(+)
>>
>> diff --git a/drivers/i2c/busses/i2c-amd-asf-plat.c b/drivers/i2c/busses/i2c-amd-asf-plat.c
>> index ca45f0f23321..e1699da838c2 100644
>> --- a/drivers/i2c/busses/i2c-amd-asf-plat.c
>> +++ b/drivers/i2c/busses/i2c-amd-asf-plat.c
>> @@ -90,6 +90,9 @@ static void amd_asf_process_target(struct work_struct *work)
>> outb_p(reg, ASFDATABNKSEL);
>> cmd = inb_p(ASFINDEX);
>> len = inb_p(ASFDATARWPTR);
>> + if (len > ASF_BLOCK_MAX_BYTES)
>> + return;
>> +
>
> Your patch makes sense to me. I'd just like a blank line before
> the 'if' statement. No need to resend it; I'll add it while
> applying the patch unless you disagree.
>
> Besides that, the patch is not properly formatted. It is missing:
>
> 1. Versioning: this should have been "[PATCH v2] ...".
>
> 2. Changelog: for a single patch, it should be added below
> the '---' line, after your Signed-off-by. You added
> "Fix indentation issues..." as a sort of changelog, but
> it is in the wrong place and it is not clear that it is
> a changelog.
>
> 3. Please don't send a new version as a reply to the previous
> one. From a maintainer's point of view, that makes it more
> difficult to track and apply.
>
> That said, I believe this is your first patch, and that's
> perfectly fine. Welcome to the community :-)
>
> Unless there are further comments, I'll apply your patch to
> i2c/i2c-for-7.2.
>
> Thanks,
> Andi