From: Mikko Rapeli <mikko.rapeli@linaro.org>
To: Avri Altman <Avri.Altman@wdc.com>
Cc: Ulf Hansson <ulf.hansson@linaro.org>,
Jens Wiklander <jens.wiklander@linaro.org>,
"linux-mmc@vger.kernel.org" <linux-mmc@vger.kernel.org>,
Adrian Hunter <adrian.hunter@intel.com>,
Daniil Lunev <dlunev@google.com>,
Asutosh Das <quic_asutoshd@quicinc.com>
Subject: Re: [PATCH v4] mmc: core: Use mrq.sbc in close-ended ffu
Date: Wed, 13 Mar 2024 14:44:27 +0200 [thread overview]
Message-ID: <ZfGfq-E5iCINAEeW@nuoska> (raw)
In-Reply-To: <ZfGSJBuBdzkoooYs@nuoska>
On Wed, Mar 13, 2024 at 01:46:44PM +0200, Mikko Rapeli wrote:
<snip>
> Fix will be to initialize mmc_blk_ioc_data->flags in all cases. Would this be fine as
> a catch all initialization for mmc_blk_ioc_data?
>
> --- a/drivers/mmc/core/block.c
> +++ b/drivers/mmc/core/block.c
> @@ -413,7 +413,7 @@ static struct mmc_blk_ioc_data *mmc_blk_ioctl_copy_from_user(
> struct mmc_blk_ioc_data *idata;
> int err;
>
> - idata = kmalloc(sizeof(*idata), GFP_KERNEL);
> + idata = kzalloc(sizeof(*idata), GFP_KERNEL);
> if (!idata) {
> err = -ENOMEM;
> goto out;
>
> I think this is a sensible and future proof way to go.
>
> Then, the second flags check for MMC_BLK_IOC_SBC is accessing array using
> index i - 1, but is not checking if i == 0 which results in data[-1] access.
> I think this should be fixed with something like:
>
> - if (idata->flags & MMC_BLK_IOC_SBC)
> + if (idata->flags & MMC_BLK_IOC_SBC && i > 0) {
>
> Would you be fine with this?
In addition to these, is the original patch correct also when idata->rpmb is not true
but prev_idata is? I have no idea of the code but this looks a bit suspicious.
@@ -532,7 +544,7 @@ static int __mmc_blk_ioctl_cmd(struct mmc_card *card, struct mmc_blk_data *md,
return err;
}
- if (idata->rpmb) {
+ if (idata->rpmb || prev_idata) {
sbc.opcode = MMC_SET_BLOCK_COUNT;
/*
* We don't do any blockcount validation because the max size
@@ -540,6 +552,8 @@ static int __mmc_blk_ioctl_cmd(struct mmc_card *card, struct mmc_blk_data *md,
* 'Reliable Write' bit here.
*/
sbc.arg = data.blocks | (idata->ic.write_flag & BIT(31));
+ if (prev_idata)
+ sbc.arg = prev_idata->ic.arg;
sbc.flags = MMC_RSP_R1 | MMC_CMD_AC;
mrq.sbc = &sbc;
}
Cheers,
-Mikko
next prev parent reply other threads:[~2024-03-13 12:44 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-29 9:25 [PATCH v4] mmc: core: Use mrq.sbc in close-ended ffu Avri Altman
2023-11-29 13:31 ` Adrian Hunter
2023-11-30 10:36 ` Ulf Hansson
2024-03-11 13:59 ` Mikko Rapeli
2024-03-11 14:55 ` Avri Altman
2024-03-11 15:08 ` Mikko Rapeli
2024-03-11 15:19 ` Jens Wiklander
2024-03-11 15:41 ` Mikko Rapeli
2024-03-11 19:25 ` Avri Altman
2024-03-12 8:01 ` Jens Wiklander
2024-03-13 11:46 ` Mikko Rapeli
2024-03-13 12:44 ` Mikko Rapeli [this message]
2024-03-13 12:50 ` Avri Altman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZfGfq-E5iCINAEeW@nuoska \
--to=mikko.rapeli@linaro.org \
--cc=Avri.Altman@wdc.com \
--cc=adrian.hunter@intel.com \
--cc=dlunev@google.com \
--cc=jens.wiklander@linaro.org \
--cc=linux-mmc@vger.kernel.org \
--cc=quic_asutoshd@quicinc.com \
--cc=ulf.hansson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox