Re: [PATCH v1 3/5] mtd: rawnand: meson: check buffer length
From: Miquel Raynal
Date: Wed Apr 12 2023 - 03:39:56 EST
Hi Arseniy,
AVKrasnov@xxxxxxxxxxxxxx wrote on Wed, 12 Apr 2023 09:16:57 +0300:
> With this chip, buffer length is limited by hardware, so check it before
> command execution to avoid length trim.
What is "this chip"? Are you talking about the controller itself? Is
there any specific SoC version targeted?
>
> Signed-off-by: Arseniy Krasnov <AVKrasnov@xxxxxxxxxxxxxx>
> ---
> drivers/mtd/nand/raw/meson_nand.c | 14 ++++++++++++++
> 1 file changed, 14 insertions(+)
>
> diff --git a/drivers/mtd/nand/raw/meson_nand.c b/drivers/mtd/nand/raw/meson_nand.c
> index 45b53d420aed..f84a10238e4d 100644
> --- a/drivers/mtd/nand/raw/meson_nand.c
> +++ b/drivers/mtd/nand/raw/meson_nand.c
> @@ -543,6 +543,9 @@ static int meson_nfc_read_buf(struct nand_chip *nand, u8 *buf, int len)
> u32 cmd;
> u8 *info;
>
> + if (len > NFC_CMD_RAW_LEN)
> + return -EINVAL;
> +
> info = kzalloc(PER_INFO_BYTE, GFP_KERNEL);
> if (!info)
> return -ENOMEM;
> @@ -571,6 +574,9 @@ static int meson_nfc_write_buf(struct nand_chip *nand, u8 *buf, int len)
> int ret = 0;
> u32 cmd;
>
> + if (len > NFC_CMD_RAW_LEN)
> + return -EINVAL;
> +
> ret = meson_nfc_dma_buffer_setup(nand, buf, len, NULL,
> 0, DMA_TO_DEVICE);
> if (ret)
> @@ -1269,6 +1275,7 @@ static int meson_nand_attach_chip(struct nand_chip *nand)
> struct meson_nfc_nand_chip *meson_chip = to_meson_nand(nand);
> struct mtd_info *mtd = nand_to_mtd(nand);
> int nsectors = mtd->writesize / 1024;
> + int raw_writesize;
> int ret;
>
> if (!mtd->name) {
> @@ -1280,6 +1287,13 @@ static int meson_nand_attach_chip(struct nand_chip *nand)
> return -ENOMEM;
> }
>
> + raw_writesize = mtd->writesize + mtd->oobsize;
> + if (raw_writesize > NFC_CMD_RAW_LEN) {
> + dev_err(nfc->dev, "too big write size in raw mode: %d > %ld\n",
> + raw_writesize, NFC_CMD_RAW_LEN);
> + return -EINVAL;
> + }
> +
> if (nand->bbt_options & NAND_BBT_USE_FLASH)
> nand->bbt_options |= NAND_BBT_NO_OOB;
>
Thanks,
Miquèl