summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSudeep Holla <sudeep.holla@arm.com>2019-07-08 09:40:35 +0100
committerSudeep Holla <sudeep.holla@arm.com>2019-08-12 12:22:58 +0100
commit37bbffcb19a7c98ed0a8c0b2dd2e11bfc05d5964 (patch)
treeb0751b2a4f18b5ef674427b020b7a4fa1706b80d
parent9eefa43a1a03960c7458e1463132f893702741be (diff)
downloadlinux-37bbffcb19a7c98ed0a8c0b2dd2e11bfc05d5964.tar.gz
linux-37bbffcb19a7c98ed0a8c0b2dd2e11bfc05d5964.tar.bz2
linux-37bbffcb19a7c98ed0a8c0b2dd2e11bfc05d5964.zip
firmware: arm_scmi: Remove extra check for invalid length message responses
scmi_xfer_get_init ensures both transmit and receive buffer lengths are within the maximum limits. If receive buffer length is not supplied by the caller, it's set to the maximum limit value. Receive buffer length is never modified after that. So there's no need for the extra check when receive transmit completion for a command essage. Further, if the response header length is greater than the prescribed receive buffer length, the response buffer is truncated to the latter. Reported-by: Jim Quinlan <james.quinlan@broadcom.com> Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
-rw-r--r--drivers/firmware/arm_scmi/driver.c6
1 files changed, 0 insertions, 6 deletions
diff --git a/drivers/firmware/arm_scmi/driver.c b/drivers/firmware/arm_scmi/driver.c
index b5bc4c7a8fab..6ef652940099 100644
--- a/drivers/firmware/arm_scmi/driver.c
+++ b/drivers/firmware/arm_scmi/driver.c
@@ -230,12 +230,6 @@ static void scmi_rx_callback(struct mbox_client *cl, void *m)
xfer = &minfo->xfer_block[xfer_id];
scmi_dump_header_dbg(dev, &xfer->hdr);
- /* Is the message of valid length? */
- if (xfer->rx.len > info->desc->max_msg_size) {
- dev_err(dev, "unable to handle %zu xfer(max %d)\n",
- xfer->rx.len, info->desc->max_msg_size);
- return;
- }
scmi_fetch_response(xfer, mem);
complete(&xfer->done);