From patchwork Wed Jun 6 10:13:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joakim Tjernlund X-Patchwork-Id: 925792 X-Patchwork-Delegate: boris.brezillon@free-electrons.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=infinera.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="tZEk5O0C"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=infradead.org header.i=@infradead.org header.b="SiBnbZcH"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4114LK6VCnzB3h4 for ; Wed, 6 Jun 2018 20:15:21 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=nOZ9cDm5P0DJrcEprTSLLORxwrXVk78OSfDxmDLcx48=; b=tZEk5O0CPLBdDdptUgWhyIBW1p ruxRss1YWehO3pJrdZhjYjmbkgI7iLqzCorIopqvVJ8C8v8GfWSvu7NREHX7Yz+n7CdKx6zx0Sw62 rufIzWNoEyOn1JX/18OTfeRRZ39+nc33JngxkBAP1ErISylUBfHh3rNwArVKuSY1Weux/qpjam5do LC/WECeA8WENXdKSNmUqF2SKcfHZYGS+y1W9uGdBpZ7XiL4lIiIv0cGN+/opgCMbe63DfaEjpqkvw j4wSbXhEZqz9yf7GpThT91+vAcOqXlUSe5Sr0QfIGaUfb/gMJ5wOUhntpF6ZcThCeye9gcf+yw5FQ 9RzpzXOQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fQVTF-00071v-DH; Wed, 06 Jun 2018 10:15:13 +0000 Received: from casper.infradead.org ([2001:8b0:10b:1236::1]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fQVSL-00062d-St for linux-mtd@bombadil.infradead.org; Wed, 06 Jun 2018 10:14:18 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=References:In-Reply-To:Message-Id:Date: Subject:Cc:To:From:Sender:Reply-To:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=piUhdKb61qbh8eIibEwbgVlZQVsq7mjp4z7zYOHCI/U=; b=SiBnbZcHYeE/keo7/rDWFho0C b2WqbCccpATZkJgCXPqyDNwotill7uEJ99ju7D3VPR885jO8TQnrcDfbj4C/F5KUkyNCCGLQlJ7hn CXVNWQsEyBllydbnouyC870/GCMGbHRi+DgR1fMUdqPjo5x9M5Qz6tmqlQR9FfzuITCD4I+dCJMPQ abhHBLZUb+olcuXXrMZstjQF7cZMVU78vsk19BmrHFNJjeddobz1WBGW3k0qgQ7mNNJ4L4SH/vmVM 3mzmT3yHvv5LGM0GOjOqxA2EJ/yMDJf/ZSUiSCDaddaeDyb9+/jcW8vpOhzOiFfOA6cgM7FjISFyG Vmv2Oe2Fg==; Received: from smtp.transmode.se ([31.15.61.139]) by casper.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fQVSH-0003vy-3K for linux-mtd@lists.infradead.org; Wed, 06 Jun 2018 10:14:16 +0000 Received: from gentoo-jocke.infinera.com (gentoo-jocke.infinera.com [10.210.72.209]) by smtp.transmode.se (Postfix) with ESMTP id ECE7F118A708; Wed, 6 Jun 2018 12:13:42 +0200 (CEST) Received: from gentoo-jocke.infinera.com (gentoo-jocke.infinera.com [127.0.0.1]) by gentoo-jocke.infinera.com (8.14.9/8.14.9) with ESMTP id w56ADgHI011233; Wed, 6 Jun 2018 12:13:42 +0200 Received: (from jocke@localhost) by gentoo-jocke.infinera.com (8.14.9/8.14.9/Submit) id w56ADg9i011232; Wed, 6 Jun 2018 12:13:42 +0200 From: Joakim Tjernlund To: "linux-mtd @ lists . infradead . org" , Boris Brezillon Subject: [PATCH v2 2/4] mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips Date: Wed, 6 Jun 2018 12:13:28 +0200 Message-Id: <20180606101330.11071-2-joakim.tjernlund@infinera.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20180606101330.11071-1-joakim.tjernlund@infinera.com> References: <20180605172607.50acb34f@bbrezillon> <20180606101330.11071-1-joakim.tjernlund@infinera.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180606_111413_198230_F7E36F7F X-CRM114-Status: GOOD ( 22.90 ) X-Spam-Score: 1.0 (+) X-Spam-Report: SpamAssassin version 3.4.1 on casper.infradead.org summary: Content analysis details: (1.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Joakim Tjernlund , stable@vger.kernel.org MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org cfi_ppb_unlock() tries to relock all sectors that was locked before unlocking the whole chip. This locking used the chip start address + the FULL offset from the first flash chip, thereby forming an illegal address. Correct by using the chip offset(adr). Fixes: 1648eaaa1575 ("mtd: cfi_cmdset_0002: Support Persistent Protection Bits (PPB) locking") Cc: stable@vger.kernel.org Signed-off-by: Joakim Tjernlund --- v2 - Spilt into several patches drivers/mtd/chips/cfi_cmdset_0002.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/mtd/chips/cfi_cmdset_0002.c b/drivers/mtd/chips/cfi_cmdset_0002.c index 8648b1adccd5..cb85cccc48c1 100644 --- a/drivers/mtd/chips/cfi_cmdset_0002.c +++ b/drivers/mtd/chips/cfi_cmdset_0002.c @@ -2536,7 +2536,7 @@ static int cfi_atmel_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len) struct ppb_lock { struct flchip *chip; - loff_t offset; + unsigned long adr; int locked; }; @@ -2672,7 +2672,7 @@ static int __maybe_unused cfi_ppb_unlock(struct mtd_info *mtd, loff_t ofs, */ if ((adr < ofs) || (adr >= (ofs + len))) { sect[sectors].chip = &cfi->chips[chipnum]; - sect[sectors].offset = offset; + sect[sectors].adr = adr; sect[sectors].locked = do_ppb_xxlock( map, &cfi->chips[chipnum], adr, 0, DO_XXLOCK_ONEBLOCK_GETLOCK); @@ -2716,7 +2716,7 @@ static int __maybe_unused cfi_ppb_unlock(struct mtd_info *mtd, loff_t ofs, */ for (i = 0; i < sectors; i++) { if (sect[i].locked) - do_ppb_xxlock(map, sect[i].chip, sect[i].offset, 0, + do_ppb_xxlock(map, sect[i].chip, sect[i].adr, 0, DO_XXLOCK_ONEBLOCK_LOCK); }