[PATCH] crypto: atmel-sha204a - Fix uninitialized data access on OTP read error
Lothar Rubusch
l.rubusch at gmail.com
Sun Feb 22 09:29:51 PST 2026
Hi Thorsten! So this one was tested on your hardware?
Wouldn't it make more sense to squash this with the patch before: 'Fix
error codes in OTP reads' (which IMHO actually fixes mainly the bounds
check)? This on it's own I'd consider rather a refac than "Fixes".
On Fri, Feb 20, 2026 at 2:32 PM Thorsten Blum <thorsten.blum at linux.dev> wrote:
>
> Return early if atmel_i2c_send_receive() fails to avoid checking
> potentially uninitialized data in 'cmd.data'.
>
> Cc: stable at vger.kernel.org
> Fixes: e05ce444e9e5 ("crypto: atmel-sha204a - add reading from otp zone")
> Signed-off-by: Thorsten Blum <thorsten.blum at linux.dev>
> ---
> drivers/crypto/atmel-sha204a.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/drivers/crypto/atmel-sha204a.c b/drivers/crypto/atmel-sha204a.c
> index 0fcf4a39de27..f4a04b297257 100644
> --- a/drivers/crypto/atmel-sha204a.c
> +++ b/drivers/crypto/atmel-sha204a.c
> @@ -103,6 +103,10 @@ static int atmel_sha204a_otp_read(struct i2c_client *client, u16 addr, u8 *otp)
> }
>
> ret = atmel_i2c_send_receive(client, &cmd);
> + if (ret < 0) {
> + dev_err(&client->dev, "failed to read otp at %04X\n", addr);
> + return ret;
> + }
>
> if (cmd.data[0] == 0xff) {
> dev_err(&client->dev, "failed, device not ready\n");
> --
> Thorsten Blum <thorsten.blum at linux.dev>
> GPG: 1D60 735E 8AEF 3BE4 73B6 9D84 7336 78FD 8DFE EAD4
>
More information about the linux-arm-kernel
mailing list