summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoakim Tjernlund <joakim.tjernlund@infinera.com>2018-03-01 14:39:41 +0100
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2018-05-02 07:59:55 -0700
commit2365af7dba0ea7b12e93bb0c80bac6c16d51861c (patch)
treeb76277b052df39e93e1bb36cc5b8c8e95437c253
parent6ad4bee75e23e6ce91f073d39b68db9f544ce5a0 (diff)
downloadlinux-stable-2365af7dba0ea7b12e93bb0c80bac6c16d51861c.tar.gz
linux-stable-2365af7dba0ea7b12e93bb0c80bac6c16d51861c.tar.bz2
linux-stable-2365af7dba0ea7b12e93bb0c80bac6c16d51861c.zip
mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
commit 7b70eb14392a7cf505f9b358d06c33b5af73d1e7 upstream. Currently it is possible to read and/or write to suspend EB's. Writing /dev/mtdX or /dev/mtdblockX from several processes may break the flash state machine. Taken from cfi_cmdset_0001 driver. Signed-off-by: Joakim Tjernlund <joakim.tjernlund@infinera.com> Cc: <stable@vger.kernel.org> Reviewed-by: Richard Weinberger <richard@nod.at> Signed-off-by: Boris Brezillon <boris.brezillon@bootlin.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat
-rw-r--r--drivers/mtd/chips/cfi_cmdset_0002.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/drivers/mtd/chips/cfi_cmdset_0002.c b/drivers/mtd/chips/cfi_cmdset_0002.c
index c50d8cf0f60d..16faa97ac3f2 100644
--- a/drivers/mtd/chips/cfi_cmdset_0002.c
+++ b/drivers/mtd/chips/cfi_cmdset_0002.c
@@ -814,9 +814,10 @@ static int get_chip(struct map_info *map, struct flchip *chip, unsigned long adr
(mode == FL_WRITING && (cfip->EraseSuspend & 0x2))))
goto sleep;
- /* We could check to see if we're trying to access the sector
- * that is currently being erased. However, no user will try
- * anything like that so we just wait for the timeout. */
+ /* Do not allow suspend iff read/write to EB address */
+ if ((adr & chip->in_progress_block_mask) ==
+ chip->in_progress_block_addr)
+ goto sleep;
/* Erase suspend */
/* It's harmless to issue the Erase-Suspend and Erase-Resume
@@ -2265,6 +2266,7 @@ static int __xipram do_erase_chip(struct map_info *map, struct flchip *chip)
chip->state = FL_ERASING;
chip->erase_suspended = 0;
chip->in_progress_block_addr = adr;
+ chip->in_progress_block_mask = ~(map->size - 1);
INVALIDATE_CACHE_UDELAY(map, chip,
adr, map->size,
@@ -2354,6 +2356,7 @@ static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip,
chip->state = FL_ERASING;
chip->erase_suspended = 0;
chip->in_progress_block_addr = adr;
+ chip->in_progress_block_mask = ~(len - 1);
INVALIDATE_CACHE_UDELAY(map, chip,
adr, len,
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-28 22:32:33 +0000