-
Nathan Chancellor authored
There are four different callback functions that are used for the clk_register callback that all have different second parameter types. bcm2835_register_pll -> struct bcm2835_pll_data bcm2835_register_pll_divider -> struct bcm2835_pll_divider_data bcm2835_register_clock -> struct bcm2835_clock_data bcm2835_register_date -> struct bcm2835_gate_data These callbacks are cast to bcm2835_clk_register so that there is no error about incompatible pointer types. Unfortunately, this is a control flow integrity violation, which verifies that the callback function's types match the prototypes exactly before jumping. [ 0.857913] CFI failure (target: 0xffffff9334a81820): [ 0.857977] WARNING: CPU: 3 PID: 35 at kernel/cfi.c:29 __cfi_check_fail+0x50/0x58 [ 0.857985] Modules linked in: [ 0.858007] CPU: 3 PID: 35 Comm: kworker/3:1 Not tainted 4.19.123-v8-01301-gdbb48f16956e4-dirty #1 [ 0.858015] Hardware name: Raspberry Pi 3 Model B Rev 1.2 (DT) [ 0.858031] Workqueue: events 0xffffff9334a925c8 [ 0.858046] pstate: 60000005 (nZCv daif -PAN -UAO) [ 0.858058] pc : __cfi_check_fail+0x50/0x58 [ 0.858070] lr : __cfi_check_fail+0x50/0x58 [ 0.858078] sp : ffffff800814ba90 [ 0.858086] x29: ffffff800814ba90 x28: 000fffffffdfff3d [ 0.858101] x27: 00000000002000c2 x26: ffffff93355fdb18 [ 0.858116] x25: 0000000000000000 x24: ffffff9334a81820 [ 0.858131] x23: ffffff93357f3580 x22: ffffff9334af1000 [ 0.858146] x21: a79b57e88f8ebc81 x20: ffffff93357f3580 [ 0.858161] x19: ffffff9334a81820 x18: fffffff679769070 [ 0.858175] x17: 0000000000000000 x16: 0000000000000000 [ 0.858190] x15: 0000000000000004 x14: 000000000000003c [ 0.858205] x13: 0000000000003044 x12: 0000000000000000 [ 0.858220] x11: b57e91cd641bae00 x10: b57e91cd641bae00 [ 0.858235] x9 : b57e91cd641bae00 x8 : b57e91cd641bae00 [ 0.858250] x7 : 0000000000000000 x6 : ffffff933591d4e5 [ 0.858264] x5 : 0000000000000000 x4 : 0000000000000000 [ 0.858279] x3 : ffffff800814b718 x2 : ffffff9334a84818 [ 0.858293] x1 : ffffff9334bba66c x0 : 0000000000000029 [ 0.858308] Call trace: [ 0.858321] __cfi_check_fail+0x50/0x58 [ 0.858337] __cfi_check+0x3ab3c/0x4467c [ 0.858351] bcm2835_clk_probe+0x210/0x2dc [ 0.858369] platform_drv_probe+0xb0/0xfc [ 0.858380] really_probe+0x4a0/0x5a8 [ 0.858391] driver_probe_device+0x68/0x104 [ 0.858403] __device_attach_driver+0x100/0x148 [ 0.858418] bus_for_each_drv+0xb0/0x12c [ 0.858431] __device_attach.llvm.17225159516306086099+0xc0/0x168 [ 0.858443] bus_probe_device+0x44/0xfc [ 0.858455] deferred_probe_work_func+0xa0/0xe0 [ 0.858472] process_one_work+0x210/0x538 [ 0.858485] worker_thread+0x2e8/0x478 [ 0.858500] kthread+0x154/0x164 [ 0.858515] ret_from_fork+0x10/0x18 To fix this, change the second parameter of all functions void * and use a local variable with the correct type so that everything works properly. With this, the only use of bcm2835_clk_register is in struct bcm2835_clk_desc so we can just remove it and use the type directly. Fixes: 56eb3a2e ("clk: bcm2835: remove use of BCM2835_CLOCK_COUNT in driver") Link: https://github.com/ClangBuiltLinux/linux/issues/1028Signed-off-by: Nathan Chancellor <natechancellor@gmail.com> Link: https://lkml.kernel.org/r/20200516080806.1459784-2-natechancellor@gmail.comSigned-off-by: Stephen Boyd <sboyd@kernel.org>
99a1ae29