korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-16 00:34:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
69a8eed58c
linux/drivers/mtd
History
Alexander Sverdlin 69a8eed58c mtd: spi-nor: Don't copy self-pointing struct around 
spi_nor_parse_sfdp() modifies the passed structure so that it points to
itself (params.erase_map.regions to params.erase_map.uniform_region). This
makes it impossible to copy the local struct anywhere else.

Therefore only use memcpy() in backup-restore scenario. The bug may show up
like below:

BUG: unable to handle page fault for address: ffffc90000b377f8
Oops: 0000 [#1] PREEMPT SMP NOPTI
CPU: 4 PID: 3500 Comm: flashcp Tainted: G           O      5.4.53-... #1
...
RIP: 0010:spi_nor_erase+0x8e/0x5c0
Code: 64 24 18 89 db 4d 8b b5 d0 04 00 00 4c 89 64 24 18 4c 89 64 24 20 eb 12 a8 10 0f 85 59 02 00 00 49 83 c6 10 0f 84 4f 02 00 00 <49> 8b 06 48 89 c2 48 83 e2 c0 48 89 d1 49 03 4e 08 48 39 cb 73 d8
RSP: 0018:ffffc9000217fc48 EFLAGS: 00010206
RAX: 0000000000740000 RBX: 0000000000000000 RCX: 0000000000740000
RDX: ffff8884550c9980 RSI: ffff88844f9c0bc0 RDI: ffff88844ede7bb8
RBP: 0000000000740000 R08: ffffffff815bfbe0 R09: ffff88844f9c0bc0
R10: 0000000000000000 R11: 0000000000000000 R12: ffffc9000217fc60
R13: ffff88844ede7818 R14: ffffc90000b377f8 R15: 0000000000000000
FS:  00007f4699780500(0000) GS:ffff88846ff00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90000b377f8 CR3: 00000004538ee000 CR4: 0000000000340fe0
Call Trace:
 part_erase+0x27/0x50
 mtdchar_ioctl+0x831/0xba0
 ? filemap_map_pages+0x186/0x3d0
 ? do_filp_open+0xad/0x110
 ? _copy_to_user+0x22/0x30
 ? cp_new_stat+0x150/0x180
 mtdchar_unlocked_ioctl+0x2a/0x40
 do_vfs_ioctl+0xa0/0x630
 ? __do_sys_newfstat+0x3c/0x60
 ksys_ioctl+0x70/0x80
 __x64_sys_ioctl+0x16/0x20
 do_syscall_64+0x6a/0x200
 ? prepare_exit_to_usermode+0x50/0xd0
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7f46996b6817

Cc: stable@vger.kernel.org
Fixes: c46872170a ("mtd: spi-nor: Move erase_map to 'struct spi_nor_flash_parameter'")
Co-developed-by: Matija Glavinic Pecotic <matija.glavinic-pecotic.ext@nokia.com>
Signed-off-by: Matija Glavinic Pecotic <matija.glavinic-pecotic.ext@nokia.com>
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@nokia.com>
Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Tested-by: Baurzhan Ismagulov <ibr@radix50.net>
Reviewed-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Link: https://lore.kernel.org/r/20201005084803.23460-1-alexander.sverdlin@nokia.com
2020-10-28 22:36:30 +05:30
..
chips mtd: Replace HTTP links with HTTPS ones 2020-08-02 22:17:19 +02:00
devices mtd: spear_smi: Enable compile testing 2020-10-02 09:09:08 +02:00
hyperbus mtd: hyperbus: Fix build failure when only RPCIF_HYPERBUS is enabled 2020-10-12 21:12:08 +02:00
lpddr mtd: lpddr: fix excessive stack usage with clang 2020-08-27 14:36:07 +02:00
maps mtd: maps: vmu-flash: fix typos for struct memcard 2020-10-02 09:08:27 +02:00
nand mtd: rawnand: ifc: Move the ECC engine initialization to the right place 2020-10-26 18:44:31 +01:00
parsers mtd: parsers: bcm63xx: Do not make it modular 2020-10-02 09:09:08 +02:00
spi-nor mtd: spi-nor: Don't copy self-pointing struct around 2020-10-28 22:36:30 +05:30
tests treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 326 2019-06-05 17:37:06 +02:00
ubi ubi: check kthread_should_stop() after the setting of task state 2020-09-17 22:55:59 +02:00
ftl.c treewide: Use array_size() in vmalloc() 2018-06-12 16:19:22 -07:00
inftlcore.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
inftlmount.c mtd: fix spelling mistake "BlockMultiplerBits" -> "BlockMultiplierBits" 2020-03-11 14:49:30 +01:00
Kconfig mtd: Support kmsg dumper based on pstore/blk 2020-05-31 19:49:01 -07:00
Makefile mtd: Support kmsg dumper based on pstore/blk 2020-05-31 19:49:01 -07:00
mtd_blkdevs.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 102 2019-05-24 17:39:00 +02:00
mtdblock_ro.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 102 2019-05-24 17:39:00 +02:00
mtdblock.c mtd: clear cache_state to avoid writing to bad blocks repeatedly 2020-06-05 10:16:14 +02:00
mtdchar.c mtd: properly check all write ioctls for permissions 2020-07-24 23:03:11 +02:00
mtdconcat.c mtd: mtdconcat: map: remove redundant assignment to variable 'size' 2020-09-11 18:49:34 +02:00
mtdcore.c NAND Core changes: 2020-10-17 10:45:42 -07:00
mtdcore.h mtd: Provide fs_context-aware mount_mtd() replacement 2019-09-05 14:34:23 -04:00
mtdoops.c mtd: mtdoops: Don't write panic data twice 2020-09-07 14:22:12 +02:00
mtdpart.c mtd: Add support for emulated SLC mode on MLC NANDs 2020-05-11 09:51:41 +02:00
mtdpstore.c iov_iter: Move unnecessary inclusion of crypto/hash.h 2020-06-30 09:34:23 -04:00
mtdsuper.c mtd: Kill mount_mtd() 2019-09-05 14:34:26 -04:00
mtdswap.c mtd: no need to check return value of debugfs_create functions 2019-11-14 10:57:38 +01:00
nftlcore.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
nftlmount.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
rfd_ftl.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
sm_ftl.c mtd: sm_ftl: fix NULL pointer warning 2020-01-09 20:09:55 +01:00
sm_ftl.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
ssfdc.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00