From b32ded99dfc0e4af91dff5e5e9ac2dd55f5c23f9 Mon Sep 17 00:00:00 2001
From: Harsh Sahu <hsahu@codeaurora.org>
Date: Tue, 27 Jun 2017 12:05:43 -0700
Subject: msm: sde: fix unaligned access problem

debug offset comes from the user and can hold any value which can
cause unaligned access. This change fixes the unaligned access
problem on debug offset by properly aligning it.

Change-Id: Ie4de9a12433f6ffd568c6c86928b71a5537b0dff
Signed-off-by: Harsh Sahu <hsahu@codeaurora.org>
---
 drivers/media/platform/msm/sde/rotator/sde_rotator_debug.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/drivers/media/platform/msm/sde/rotator/sde_rotator_debug.c b/drivers/media/platform/msm/sde/rotator/sde_rotator_debug.c
index f41382b5b20c..1966fa9805c0 100644
--- a/drivers/media/platform/msm/sde/rotator/sde_rotator_debug.c
+++ b/drivers/media/platform/msm/sde/rotator/sde_rotator_debug.c
@@ -1023,6 +1023,9 @@ static ssize_t sde_rotator_debug_base_offset_write(struct file *file,
 	if (sscanf(buf, "%5x %x", &off, &cnt) < 2)
 		return -EINVAL;
 
+	if (off % sizeof(u32))
+		return -EINVAL;
+
 	if (off > dbg->max_offset)
 		return -EINVAL;
 
@@ -1091,6 +1094,9 @@ static ssize_t sde_rotator_debug_base_reg_write(struct file *file,
 	if (cnt < 2)
 		return -EFAULT;
 
+	if (off % sizeof(u32))
+		return -EFAULT;
+
 	if (off >= dbg->max_offset)
 		return -EFAULT;
 
@@ -1139,6 +1145,9 @@ static ssize_t sde_rotator_debug_base_reg_read(struct file *file,
 			goto debug_read_error;
 		}
 
+		if (dbg->off % sizeof(u32))
+			return -EFAULT;
+
 		ptr = dbg->base + dbg->off;
 		tot = 0;
 
-- 
cgit v1.2.3