From: Mikko Rapeli <mikko.rapeli@linaro.org>
To: Avri Altman <Avri.Altman@wdc.com>
Cc: Ulf Hansson <ulf.hansson@linaro.org>,
Jens Wiklander <jens.wiklander@linaro.org>,
"linux-mmc@vger.kernel.org" <linux-mmc@vger.kernel.org>,
Adrian Hunter <adrian.hunter@intel.com>,
Daniil Lunev <dlunev@google.com>,
Asutosh Das <quic_asutoshd@quicinc.com>
Subject: Re: [PATCH v4] mmc: core: Use mrq.sbc in close-ended ffu
Date: Wed, 13 Mar 2024 14:44:27 +0200 [thread overview]
Message-ID: <ZfGfq-E5iCINAEeW@nuoska> (raw)
In-Reply-To: <ZfGSJBuBdzkoooYs@nuoska>
On Wed, Mar 13, 2024 at 01:46:44PM +0200, Mikko Rapeli wrote:
<snip>
> Fix will be to initialize mmc_blk_ioc_data->flags in all cases. Would this be fine as
> a catch all initialization for mmc_blk_ioc_data?
>
> --- a/drivers/mmc/core/block.c
> +++ b/drivers/mmc/core/block.c
> @@ -413,7 +413,7 @@ static struct mmc_blk_ioc_data *mmc_blk_ioctl_copy_from_user(
> struct mmc_blk_ioc_data *idata;
> int err;
>
> - idata = kmalloc(sizeof(*idata), GFP_KERNEL);
> + idata = kzalloc(sizeof(*idata), GFP_KERNEL);
> if (!idata) {
> err = -ENOMEM;
> goto out;
>
> I think this is a sensible and future proof way to go.
>
> Then, the second flags check for MMC_BLK_IOC_SBC is accessing array using
> index i - 1, but is not checking if i == 0 which results in data[-1] access.
> I think this should be fixed with something like:
>
> - if (idata->flags & MMC_BLK_IOC_SBC)
> + if (idata->flags & MMC_BLK_IOC_SBC && i > 0) {
>
> Would you be fine with this?
In addition to these, is the original patch correct also when idata->rpmb is not true
but prev_idata is? I have no idea of the code but this looks a bit suspicious.
@@ -532,7 +544,7 @@ static int __mmc_blk_ioctl_cmd(struct mmc_card *card, struct mmc_blk_data *md,
return err;
}
- if (idata->rpmb) {
+ if (idata->rpmb || prev_idata) {
sbc.opcode = MMC_SET_BLOCK_COUNT;
/*
* We don't do any blockcount validation because the max size
@@ -540,6 +552,8 @@ static int __mmc_blk_ioctl_cmd(struct mmc_card *card, struct mmc_blk_data *md,
* 'Reliable Write' bit here.
*/
sbc.arg = data.blocks | (idata->ic.write_flag & BIT(31));
+ if (prev_idata)
+ sbc.arg = prev_idata->ic.arg;
sbc.flags = MMC_RSP_R1 | MMC_CMD_AC;
mrq.sbc = &sbc;
}
Cheers,
-Mikko
next prev parent reply other threads:[~2024-03-13 12:44 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-29 9:25 [PATCH v4] mmc: core: Use mrq.sbc in close-ended ffu Avri Altman
2023-11-29 13:31 ` Adrian Hunter
2023-11-30 10:36 ` Ulf Hansson
2024-03-11 13:59 ` Mikko Rapeli
2024-03-11 14:55 ` Avri Altman
2024-03-11 15:08 ` Mikko Rapeli
2024-03-11 15:19 ` Jens Wiklander
2024-03-11 15:41 ` Mikko Rapeli
2024-03-11 19:25 ` Avri Altman
2024-03-12 8:01 ` Jens Wiklander
2024-03-13 11:46 ` Mikko Rapeli
2024-03-13 12:44 ` Mikko Rapeli [this message]
2024-03-13 12:50 ` Avri Altman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZfGfq-E5iCINAEeW@nuoska \
--to=mikko.rapeli@linaro.org \
--cc=Avri.Altman@wdc.com \
--cc=adrian.hunter@intel.com \
--cc=dlunev@google.com \
--cc=jens.wiklander@linaro.org \
--cc=linux-mmc@vger.kernel.org \
--cc=quic_asutoshd@quicinc.com \
--cc=ulf.hansson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.