diff options
| author |   Cyrille Pitchen <cyrille.pitchen@wedev4u.fr> | 2017-09-06 23:45:02 +0200 |
|---|---|---|
| committer |   Boris Brezillon <boris.brezillon@free-electrons.com> | 2017-09-18 09:53:27 +0200 |
| commit | bfa4133795e5a0badd402dd3f58b13b3cec64a4b (patch) | |
| tree | 17aa61c255aaf8039f11ec5d2391c071de6f1516 /drivers/mtd/nand | |
| parent | mtd: spi-nor: Check consistency of the memory size extracted from the SFDP (diff) | |
| download | linux-dev-bfa4133795e5a0badd402dd3f58b13b3cec64a4b.tar.xz linux-dev-bfa4133795e5a0badd402dd3f58b13b3cec64a4b.zip | |
mtd: spi-nor: fix DMA unsafe buffer issue in spi_nor_read_sfdp()
spi_nor_read_sfdp() calls nor->read() to read the SFDP data.
When the m25p80 driver is used (pretty common case), nor->read() is then
implemented by the m25p80_read() function, which is likely to initialize a
'struct spi_transfer' from its buf argument before appending this
structure inside the 'struct spi_message' argument of spi_sync().
Besides the SPI sub-system states that both .tx_buf and .rx_buf members of
'struct spi_transfer' must point into dma-safe memory. However, two of the
three calls of spi_nor_read_sfdp() were given pointers to stack allocated
memory as buf argument, hence not in a dma-safe area.
Hopefully, the third and last call of spi_nor_read_sfdp() was already
given a kmalloc'ed buffer argument, hence dma-safe.
So this patch fixes this issue by introducing a
spi_nor_read_sfdp_dma_unsafe() function which simply wraps the existing
spi_nor_read_sfdp() function and uses some kmalloc'ed memory as a bounce
buffer.
Fixes: f384b352cbf0 ("mtd: spi-nor: parse Serial Flash Discoverable Parameters (SFDP) tables")
Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Cyrille Pitchen <cyrille.pitchen@wedev4u.fr>
Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Diffstat (limited to 'drivers/mtd/nand')
0 files changed, 0 insertions, 0 deletions