* [patch] mtd: pxa3xx_nand: NULL dereference in pxa3xx_nand_probe
[not found] <1294227801.3996.62.camel@sven>
@ 2011-01-06 12:45 ` Dan Carpenter
2011-01-06 13:45 ` Sven Neumann
0 siblings, 1 reply; 4+ messages in thread
From: Dan Carpenter @ 2011-01-06 12:45 UTC (permalink / raw)
To: Sven Neumann
Cc: Artem.Bityutskiy, eric.y.miao, David.Woodhouse, leiwen,
linux-kernel, haojian.zhuang, linux-mtd, Daniel Mack,
linux-arm-kernel
Hi Sven,
Could you test this patch? I don't have an arm so I can't compile this.
This was introduced in 18c81b1828f8 "mtd: pxa3xx_nand: remove the flash
info in driver structure"
Signed-off-by: Dan Carpenter <error27@gmail.com>
diff --git a/drivers/mtd/nand/pxa3xx_nand.c b/drivers/mtd/nand/pxa3xx_nand.c
index 17f8518..ea2c288 100644
--- a/drivers/mtd/nand/pxa3xx_nand.c
+++ b/drivers/mtd/nand/pxa3xx_nand.c
@@ -885,6 +885,7 @@ static int pxa3xx_nand_detect_config(struct pxa3xx_nand_info *info)
/* set info fields needed to __readid */
info->read_id_bytes = (info->page_size == 2048) ? 4 : 2;
info->reg_ndcr = ndcr;
+ info->cmdset = &default_cmdset;
if (__readid(info, &id))
return -ENODEV;
@@ -915,7 +916,6 @@ static int pxa3xx_nand_detect_config(struct pxa3xx_nand_info *info)
info->ndtr0cs0 = nand_readl(info, NDTR0CS0);
info->ndtr1cs0 = nand_readl(info, NDTR1CS0);
- info->cmdset = &default_cmdset;
return 0;
}
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [patch] mtd: pxa3xx_nand: NULL dereference in pxa3xx_nand_probe
2011-01-06 12:45 ` [patch] mtd: pxa3xx_nand: NULL dereference in pxa3xx_nand_probe Dan Carpenter
@ 2011-01-06 13:45 ` Sven Neumann
2011-01-06 14:05 ` [patch v2] " Dan Carpenter
0 siblings, 1 reply; 4+ messages in thread
From: Sven Neumann @ 2011-01-06 13:45 UTC (permalink / raw)
To: Dan Carpenter
Cc: Artem.Bityutskiy, eric.y.miao, David.Woodhouse, leiwen,
linux-kernel, haojian.zhuang, linux-mtd, Daniel Mack,
linux-arm-kernel
Hi Dan,
On Thu, 2011-01-06 at 15:45 +0300, Dan Carpenter wrote:
> Could you test this patch? I don't have an arm so I can't compile this.
Yes, this change fixes the boot problem for me. Thanks for the quick
help.
> This was introduced in 18c81b1828f8 "mtd: pxa3xx_nand: remove the flash
> info in driver structure"
>
> Signed-off-by: Dan Carpenter <error27@gmail.com>
Tested-by: Sven Neumann <s.neumann@raumfeld.com>
> diff --git a/drivers/mtd/nand/pxa3xx_nand.c b/drivers/mtd/nand/pxa3xx_nand.c
> index 17f8518..ea2c288 100644
> --- a/drivers/mtd/nand/pxa3xx_nand.c
> +++ b/drivers/mtd/nand/pxa3xx_nand.c
> @@ -885,6 +885,7 @@ static int pxa3xx_nand_detect_config(struct pxa3xx_nand_info *info)
> /* set info fields needed to __readid */
> info->read_id_bytes = (info->page_size == 2048) ? 4 : 2;
> info->reg_ndcr = ndcr;
> + info->cmdset = &default_cmdset;
>
> if (__readid(info, &id))
> return -ENODEV;
> @@ -915,7 +916,6 @@ static int pxa3xx_nand_detect_config(struct pxa3xx_nand_info *info)
>
> info->ndtr0cs0 = nand_readl(info, NDTR0CS0);
> info->ndtr1cs0 = nand_readl(info, NDTR1CS0);
> - info->cmdset = &default_cmdset;
>
> return 0;
> }
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* [patch v2] mtd: pxa3xx_nand: NULL dereference in pxa3xx_nand_probe
2011-01-06 13:45 ` Sven Neumann
@ 2011-01-06 14:05 ` Dan Carpenter
2011-01-06 15:08 ` Artem Bityutskiy
0 siblings, 1 reply; 4+ messages in thread
From: Dan Carpenter @ 2011-01-06 14:05 UTC (permalink / raw)
To: Sven Neumann
Cc: Artem.Bityutskiy, eric.y.miao, David.Woodhouse, leiwen,
linux-kernel, haojian.zhuang, linux-mtd, Daniel Mack,
linux-arm-kernel
"info->cmdset" gets dereferenced in __readid() so it needs to be
initialized earlier in the function. This bug was introduced in
18c81b1828f8 "mtd: pxa3xx_nand: remove the flash info in driver
structure".
Cc: stable@kernel.org [2.6.37+]
Reported-and-tested-by: Sven Neumann <s.neumann@raumfeld.com>
Signed-off-by: Dan Carpenter <error27@gmail.com>
---
v2: changed the commit text. added stable@kernel.org and a reported-by tag.
diff --git a/drivers/mtd/nand/pxa3xx_nand.c b/drivers/mtd/nand/pxa3xx_nand.c
index 17f8518..ea2c288 100644
--- a/drivers/mtd/nand/pxa3xx_nand.c
+++ b/drivers/mtd/nand/pxa3xx_nand.c
@@ -885,6 +885,7 @@ static int pxa3xx_nand_detect_config(struct pxa3xx_nand_info *info)
/* set info fields needed to __readid */
info->read_id_bytes = (info->page_size == 2048) ? 4 : 2;
info->reg_ndcr = ndcr;
+ info->cmdset = &default_cmdset;
if (__readid(info, &id))
return -ENODEV;
@@ -915,7 +916,6 @@ static int pxa3xx_nand_detect_config(struct pxa3xx_nand_info *info)
info->ndtr0cs0 = nand_readl(info, NDTR0CS0);
info->ndtr1cs0 = nand_readl(info, NDTR1CS0);
- info->cmdset = &default_cmdset;
return 0;
}
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [patch v2] mtd: pxa3xx_nand: NULL dereference in pxa3xx_nand_probe
2011-01-06 14:05 ` [patch v2] " Dan Carpenter
@ 2011-01-06 15:08 ` Artem Bityutskiy
0 siblings, 0 replies; 4+ messages in thread
From: Artem Bityutskiy @ 2011-01-06 15:08 UTC (permalink / raw)
To: Dan Carpenter
Cc: Artem.Bityutskiy, eric.y.miao, David.Woodhouse, leiwen,
Sven Neumann, linux-kernel, haojian.zhuang, linux-mtd,
Daniel Mack, linux-arm-kernel
On Thu, 2011-01-06 at 17:05 +0300, Dan Carpenter wrote:
> "info->cmdset" gets dereferenced in __readid() so it needs to be
> initialized earlier in the function. This bug was introduced in
> 18c81b1828f8 "mtd: pxa3xx_nand: remove the flash info in driver
> structure".
>
> Cc: stable@kernel.org [2.6.37+]
> Reported-and-tested-by: Sven Neumann <s.neumann@raumfeld.com>
> Signed-off-by: Dan Carpenter <error27@gmail.com>
> ---
> v2: changed the commit text. added stable@kernel.org and a reported-by tag.
Pushed to l2-mtd-2.6.git, thanks!
--
Best Regards,
Artem Bityutskiy (Битюцкий Артём)
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2011-01-06 15:08 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <1294227801.3996.62.camel@sven>
2011-01-06 12:45 ` [patch] mtd: pxa3xx_nand: NULL dereference in pxa3xx_nand_probe Dan Carpenter
2011-01-06 13:45 ` Sven Neumann
2011-01-06 14:05 ` [patch v2] " Dan Carpenter
2011-01-06 15:08 ` Artem Bityutskiy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).