soc: altmode: Add correct notify message length check

#define MSG_OWNER_USBC_PAN	32780

#define MSG_OWNER_USBC_PAN	32780

#define MSG_TYPE_REQ_RESP	1

#define MSG_TYPE_REQ_RESP	1

#define MIN_PAYLOAD_SIZE	9

#define NOTIFY_PAYLOAD_SIZE	16

#define NOTIFY_PAYLOAD_SIZE	16

#define USBC_WRITE_BUFFER_SIZE	8

#define USBC_WRITE_BUFFER_SIZE	8

	struct pmic_glink_hdr *hdr = data;

	struct pmic_glink_hdr *hdr = data;

	struct altmode_dev *amdev = priv;

	struct altmode_dev *amdev = priv;

	struct altmode_client *amclient;

	struct altmode_client *amclient;

	u8 payload_len;

	u8 port_index;

	u8 port_index;

	pr_debug("len: %zu owner: %u type: %u opcode %04x\n", len, hdr->owner,

	pr_debug("len: %zu owner: %u type: %u opcode %04x\n", len, hdr->owner,

		complete(&amdev->response_received);

		complete(&amdev->response_received);

		break;

		break;

	case USBC_NOTIFY_IND:

	case USBC_NOTIFY_IND:

		payload_len = NOTIFY_PAYLOAD_SIZE;

		if (len != sizeof(*notify_msg)) {

		if (len < sizeof(*notify_msg))

			pr_debug("Expected length %u, got: %zu\n",

			payload_len = len - sizeof(*hdr);

					sizeof(*notify_msg), len);

		/* payload should at least contain 9 bytes */

		if (payload_len < MIN_PAYLOAD_SIZE)

			return -EINVAL;

			return -EINVAL;

		}

		notify_msg = data;

		notify_msg = data;

		port_index = notify_msg->payload[0];

		port_index = notify_msg->payload[0];

			return 0;

			return 0;

		}

		}

		pr_debug("Payload: %*ph\n", payload_len, notify_msg->payload);

		pr_debug("Payload: %*ph\n", NOTIFY_PAYLOAD_SIZE,

				notify_msg->payload);

		cancel_work_sync(&amclient->client_cb_work);

		cancel_work_sync(&amclient->client_cb_work);

		memcpy(&amclient->msg, notify_msg->payload, payload_len);

		memcpy(&amclient->msg, notify_msg->payload,

				sizeof(amclient->msg));

		schedule_work(&amclient->client_cb_work);

		schedule_work(&amclient->client_cb_work);

		break;

		break;

	default:

	default: