From: Boris Brezillon <boris.brezillon@bootlin.com>
To: Joakim Tjernlund <joakim.tjernlund@infinera.com>
Cc: "linux-mtd @ lists . infradead . org"
<linux-mtd@lists.infradead.org>,
Joakim Tjernlund <joakim.tjernlund@transmode.se>,
stable@vger.kernel.org
Subject: Re: [PATCH 1/3] cfi_cmdset_0001: Do not allow read/write to suspend erase block.
Date: Tue, 24 Apr 2018 17:45:19 +0200 [thread overview]
Message-ID: <20180424174519.0c1bab0a@bbrezillon> (raw)
In-Reply-To: <20180301133941.19660-2-joakim.tjernlund@infinera.com>
On Thu, 1 Mar 2018 14:39:39 +0100
Joakim Tjernlund <joakim.tjernlund@infinera.com> wrote:
> From: Joakim Tjernlund <joakim.tjernlund@transmode.se>
>
> Currently it is possible to read and/or write to suspend EB's.
> Writing /dev/mtdX or /dev/mtdblockX from several processes may
> break the flash state machine.
>
> Signed-off-by: Joakim Tjernlund <joakim.tjernlund@infinera.com>
> Cc: <stable@vger.kernel.org>
Applied the patch series to mtd/master after changing the subject
prefix for "mtd: cfi: cmdset_xxx: ".
I'll send a fixes PR to Linus later this week.
Thanks,
Boris
> ---
> drivers/mtd/chips/cfi_cmdset_0001.c | 16 +++++++++++-----
> include/linux/mtd/flashchip.h | 1 +
> 2 files changed, 12 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/mtd/chips/cfi_cmdset_0001.c b/drivers/mtd/chips/cfi_cmdset_0001.c
> index 60d5d19e347f..b59872304ae7 100644
> --- a/drivers/mtd/chips/cfi_cmdset_0001.c
> +++ b/drivers/mtd/chips/cfi_cmdset_0001.c
> @@ -849,21 +849,25 @@ static int chip_ready (struct map_info *map, struct flchip *chip, unsigned long
> (mode == FL_WRITING && (cfip->SuspendCmdSupport & 1))))
> goto sleep;
>
> + /* Do not allow suspend iff read/write to EB address */
> + if ((adr & chip->in_progress_block_mask) ==
> + chip->in_progress_block_addr)
> + goto sleep;
>
> /* Erase suspend */
> - map_write(map, CMD(0xB0), adr);
> + map_write(map, CMD(0xB0), chip->in_progress_block_addr);
>
> /* If the flash has finished erasing, then 'erase suspend'
> * appears to make some (28F320) flash devices switch to
> * 'read' mode. Make sure that we switch to 'read status'
> * mode so we get the right data. --rmk
> */
> - map_write(map, CMD(0x70), adr);
> + map_write(map, CMD(0x70), chip->in_progress_block_addr);
> chip->oldstate = FL_ERASING;
> chip->state = FL_ERASE_SUSPENDING;
> chip->erase_suspended = 1;
> for (;;) {
> - status = map_read(map, adr);
> + status = map_read(map, chip->in_progress_block_addr);
> if (map_word_andequal(map, status, status_OK, status_OK))
> break;
>
> @@ -1059,8 +1063,8 @@ static void put_chip(struct map_info *map, struct flchip *chip, unsigned long ad
> sending the 0x70 (Read Status) command to an erasing
> chip and expecting it to be ignored, that's what we
> do. */
> - map_write(map, CMD(0xd0), adr);
> - map_write(map, CMD(0x70), adr);
> + map_write(map, CMD(0xd0), chip->in_progress_block_addr);
> + map_write(map, CMD(0x70), chip->in_progress_block_addr);
> chip->oldstate = FL_READY;
> chip->state = FL_ERASING;
> break;
> @@ -1951,6 +1955,8 @@ static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip,
> map_write(map, CMD(0xD0), adr);
> chip->state = FL_ERASING;
> chip->erase_suspended = 0;
> + chip->in_progress_block_addr = adr;
> + chip->in_progress_block_mask = ~(len - 1);
>
> ret = INVAL_CACHE_AND_WAIT(map, chip, adr,
> adr, len,
> diff --git a/include/linux/mtd/flashchip.h b/include/linux/mtd/flashchip.h
> index b63fa457febd..3529683f691e 100644
> --- a/include/linux/mtd/flashchip.h
> +++ b/include/linux/mtd/flashchip.h
> @@ -85,6 +85,7 @@ struct flchip {
> unsigned int write_suspended:1;
> unsigned int erase_suspended:1;
> unsigned long in_progress_block_addr;
> + unsigned long in_progress_block_mask;
>
> struct mutex mutex;
> wait_queue_head_t wq; /* Wait on here when we're waiting for the chip
next prev parent reply other threads:[~2018-04-24 15:46 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-01 13:39 [PATCH 0/3] mtd: fix AMD/Intel flash bugs Joakim Tjernlund
2018-03-01 13:39 ` [PATCH 1/3] cfi_cmdset_0001: Do not allow read/write to suspend erase block Joakim Tjernlund
2018-03-22 14:14 ` Richard Weinberger
2018-03-22 14:26 ` Joakim Tjernlund
2018-04-24 15:45 ` Boris Brezillon [this message]
2018-03-01 13:39 ` [PATCH 2/3] cfi_cmdset_0001: Workaround Micron Erase suspend bug Joakim Tjernlund
2018-03-20 23:06 ` Richard Weinberger
2018-03-21 0:02 ` Joakim Tjernlund
2018-03-01 13:39 ` [PATCH 3/3] cfi_cmdset_0002: Do not allow read/write to suspend erase block Joakim Tjernlund
2018-03-22 14:21 ` Richard Weinberger
2018-03-22 14:27 ` Joakim Tjernlund
2018-03-11 16:06 ` [PATCH 0/3] mtd: fix AMD/Intel flash bugs Joakim Tjernlund
2018-03-12 9:09 ` Andrea Adami
2018-03-12 11:11 ` Joakim Tjernlund
2018-03-15 15:54 ` Boris Brezillon
2018-03-15 17:55 ` Joakim Tjernlund
2018-03-15 18:02 ` Boris Brezillon
2018-04-04 20:27 ` Joakim Tjernlund
2018-04-20 19:05 ` Boris Brezillon
2018-04-21 12:47 ` Joakim Tjernlund
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180424174519.0c1bab0a@bbrezillon \
--to=boris.brezillon@bootlin.com \
--cc=joakim.tjernlund@infinera.com \
--cc=joakim.tjernlund@transmode.se \
--cc=linux-mtd@lists.infradead.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox