Message ID | 1491813318-4417-1-git-send-email-boris.brezillon@free-electrons.com |
---|---|
State | Accepted |
Commit | 4d02423e9afe6c46142ce98bbcaf5167316dbfbf |
Delegated to: | Boris Brezillon |
Headers | show |
On 04/10/2017 10:35 AM, Boris Brezillon wrote: > The GPMI driver is wrongly assuming that nand_release() can safely be > called on an uninitialized/unregistered NAND device. > > Add a new err_nand_cleanup label in the error path and only execute if > nand_scan_tail() succeeded. > > Note that we now call nand_cleanup() instead of nand_release() > (nand_release() is actually grouping the mtd_device_unregister() and > nand_cleanup() in one call) because there's no point in trying to > unregister a device that has never been registered. > > Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com> Reviewed-by: Marek Vasut <marek.vasut@gmail.com> > --- > drivers/mtd/nand/gpmi-nand/gpmi-nand.c | 10 ++++++---- > 1 file changed, 6 insertions(+), 4 deletions(-) > > diff --git a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c > index d52139635b67..92279a0d52f1 100644 > --- a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c > +++ b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c > @@ -2048,18 +2048,20 @@ static int gpmi_nand_init(struct gpmi_nand_data *this) > > ret = nand_boot_init(this); > if (ret) > - goto err_out; > + goto err_nand_cleanup; > ret = chip->scan_bbt(mtd); > if (ret) > - goto err_out; > + goto err_nand_cleanup; > > ret = mtd_device_register(mtd, NULL, 0); > if (ret) > - goto err_out; > + goto err_nand_cleanup; > return 0; > > +err_nand_cleanup: > + nand_cleanup(chip); > err_out: > - gpmi_nand_exit(this); > + gpmi_free_dma_buffer(this); > return ret; > } > >
From: Marek Vasut <marek.vasut@gmail.com> Sent: Saturday, April 15, 2017 8:58 AM To: Boris Brezillon; Richard Weinberger; linux-mtd@lists.infradead.org Cc: David Woodhouse; Brian Norris; Cyrille Pitchen; Han Xu; Shawn Guo; Sascha Hauer; Leonard Crestez; Masahiro Yamada Subject: Re: [PATCH 1/2] mtd: nand: gpmi: Fix gpmi_nand_init() error path On 04/10/2017 10:35 AM, Boris Brezillon wrote: > The GPMI driver is wrongly assuming that nand_release() can safely be > called on an uninitialized/unregistered NAND device. > > Add a new err_nand_cleanup label in the error path and only execute if > nand_scan_tail() succeeded. > > Note that we now call nand_cleanup() instead of nand_release() > (nand_release() is actually grouping the mtd_device_unregister() and > nand_cleanup() in one call) because there's no point in trying to > unregister a device that has never been registered. > > Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com> Acked-by: Han Xu <han.xu@nxp.com> Reviewed-by: Marek Vasut <marek.vasut@gmail.com> > --- > drivers/mtd/nand/gpmi-nand/gpmi-nand.c | 10 ++++++---- > 1 file changed, 6 insertions(+), 4 deletions(-) > > diff --git a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c > index d52139635b67..92279a0d52f1 100644 > --- a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c > +++ b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c > @@ -2048,18 +2048,20 @@ static int gpmi_nand_init(struct gpmi_nand_data *this) > > ret = nand_boot_init(this); > if (ret) > - goto err_out; > + goto err_nand_cleanup; > ret = chip->scan_bbt(mtd); > if (ret) > - goto err_out; > + goto err_nand_cleanup; > > ret = mtd_device_register(mtd, NULL, 0); > if (ret) > - goto err_out; > + goto err_nand_cleanup; > return 0; > > +err_nand_cleanup: > + nand_cleanup(chip); > err_out: > - gpmi_nand_exit(this); > + gpmi_free_dma_buffer(this); > return ret; > } > > -- Best regards, Marek Vasut
On Mon, 10 Apr 2017 10:35:17 +0200 Boris Brezillon <boris.brezillon@free-electrons.com> wrote: > The GPMI driver is wrongly assuming that nand_release() can safely be > called on an uninitialized/unregistered NAND device. > > Add a new err_nand_cleanup label in the error path and only execute if > nand_scan_tail() succeeded. > > Note that we now call nand_cleanup() instead of nand_release() > (nand_release() is actually grouping the mtd_device_unregister() and > nand_cleanup() in one call) because there's no point in trying to > unregister a device that has never been registered. > > Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com> Applied both to nand/next. > --- > drivers/mtd/nand/gpmi-nand/gpmi-nand.c | 10 ++++++---- > 1 file changed, 6 insertions(+), 4 deletions(-) > > diff --git a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c > index d52139635b67..92279a0d52f1 100644 > --- a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c > +++ b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c > @@ -2048,18 +2048,20 @@ static int gpmi_nand_init(struct gpmi_nand_data *this) > > ret = nand_boot_init(this); > if (ret) > - goto err_out; > + goto err_nand_cleanup; > ret = chip->scan_bbt(mtd); > if (ret) > - goto err_out; > + goto err_nand_cleanup; > > ret = mtd_device_register(mtd, NULL, 0); > if (ret) > - goto err_out; > + goto err_nand_cleanup; > return 0; > > +err_nand_cleanup: > + nand_cleanup(chip); > err_out: > - gpmi_nand_exit(this); > + gpmi_free_dma_buffer(this); > return ret; > } >
diff --git a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c index d52139635b67..92279a0d52f1 100644 --- a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c +++ b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c @@ -2048,18 +2048,20 @@ static int gpmi_nand_init(struct gpmi_nand_data *this) ret = nand_boot_init(this); if (ret) - goto err_out; + goto err_nand_cleanup; ret = chip->scan_bbt(mtd); if (ret) - goto err_out; + goto err_nand_cleanup; ret = mtd_device_register(mtd, NULL, 0); if (ret) - goto err_out; + goto err_nand_cleanup; return 0; +err_nand_cleanup: + nand_cleanup(chip); err_out: - gpmi_nand_exit(this); + gpmi_free_dma_buffer(this); return ret; }
The GPMI driver is wrongly assuming that nand_release() can safely be called on an uninitialized/unregistered NAND device. Add a new err_nand_cleanup label in the error path and only execute if nand_scan_tail() succeeded. Note that we now call nand_cleanup() instead of nand_release() (nand_release() is actually grouping the mtd_device_unregister() and nand_cleanup() in one call) because there's no point in trying to unregister a device that has never been registered. Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com> --- drivers/mtd/nand/gpmi-nand/gpmi-nand.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-)