Josh Wu | 22 Jul 11:25 2014

[PATCH] mtd: atmel_nand: NFC: fix mtd_nandbiterrs.ko test fail when using sram write

When enable NFC sram write, it will failed the mtd_nandbiterrs.ko test.

As in driver's nfc_sram_write_page(), if ops->mode equal to MTD_OSP_RAW,
driver assumes the data buffer contains one page data and one oob data
followed. And driver will write the page data and oob data to nand.

But this is wrong implementation. Since the data buffer don't contains the
oob data to write. We should write the chip->oob_poi to nand's oob.

So this patch fix it by writing the oob data from chip->oob_poi.

Signed-off-by: Josh Wu <josh.wu <at> atmel.com>
---
 drivers/mtd/nand/atmel_nand.c | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/drivers/mtd/nand/atmel_nand.c b/drivers/mtd/nand/atmel_nand.c
index 33826a0..012d687 100644
--- a/drivers/mtd/nand/atmel_nand.c
+++ b/drivers/mtd/nand/atmel_nand.c
 <at>  <at>  -1913,15 +1913,13  <at>  <at>  static int nfc_sram_write_page(struct mtd_info *mtd, struct nand_chip *chip,
 	if (offset || (data_len < mtd->writesize))
 		return -EINVAL;

-	cfg = nfc_readl(host->nfc->hsmc_regs, CFG);
-	len = mtd->writesize;
-
-	if (unlikely(raw)) {
-		len += mtd->oobsize;
-		nfc_writel(host->nfc->hsmc_regs, CFG, cfg | NFC_CFG_WSPARE);
(Continue reading)

Josh Wu | 22 Jul 11:24 2014

[PATCH] mtd: atmel_nand: add pmecc support for 512, 1k, 4k, 8k page size

PMECC can support 512, 1k, 2k, 4k, 8k page size.
The driver currently only support 2k page size nand flash. So this patch
add support to 512, 1k, 4k and 8k page size nand flash.

Signed-off-by: Josh Wu <josh.wu <at> atmel.com>
---
 drivers/mtd/nand/atmel_nand.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/drivers/mtd/nand/atmel_nand.c b/drivers/mtd/nand/atmel_nand.c
index 371afdd..33826a0 100644
--- a/drivers/mtd/nand/atmel_nand.c
+++ b/drivers/mtd/nand/atmel_nand.c
 <at>  <at>  -1174,7 +1174,17  <at>  <at>  static int atmel_pmecc_nand_init_params(struct platform_device *pdev,

 	/* set ECC page size and oob layout */
 	switch (mtd->writesize) {
+	case 512:
+	case 1024:
 	case 2048:
+	case 4096:
+	case 8192:
+		if (sector_size > mtd->writesize) {
+			dev_err(host->dev, "pmecc sector size is bigger than the page size!\n");
+			err_no = -EINVAL;
+			goto err;
+		}
+
 		host->pmecc_degree = (sector_size == 512) ?
 			PMECC_GF_DIMENSION_13 : PMECC_GF_DIMENSION_14;
(Continue reading)

Josh Wu | 22 Jul 11:12 2014

[PATCH] mtd: atmel_nand: incease the chip_delay to support some 4k-page flash

For MT29F8G08ABABA nand flash, the time read a page (tR) is 25us.
To support it, we need increase the chip_delay to 25us.

Signed-off-by: Josh Wu <josh.wu <at> atmel.com>
---
 drivers/mtd/nand/atmel_nand.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/mtd/nand/atmel_nand.c b/drivers/mtd/nand/atmel_nand.c
index e321c56..371afdd 100644
--- a/drivers/mtd/nand/atmel_nand.c
+++ b/drivers/mtd/nand/atmel_nand.c
 <at>  <at>  -2099,7 +2099,11  <at>  <at>  static int atmel_nand_probe(struct platform_device *pdev)
 	}

 	nand_chip->ecc.mode = host->board.ecc_mode;
-	nand_chip->chip_delay = 20;		/* 20us command delay time */
+
+	/* For support 4k-page flash, incease the delay time to 25us.
+	 * In P.108 of MT29F8G08ABABA datasheet, tR max is 25us.
+	 */
+	nand_chip->chip_delay = 25;

 	if (host->board.bus_width_16)	/* 16-bit bus width */
 		nand_chip->options |= NAND_BUSWIDTH_16;
--

-- 
1.9.1

______________________________________________________
Linux MTD discussion mailing list
(Continue reading)

Zhang Zhen | 22 Jul 08:28 2014

[PATCH v2] ubifs: refactor ubifs_file_mmap()

generic_file_mmap() set vma->vm_ops = &generic_file_vm_ops,
then ubifs_file_mmap set vma->vm_ops = &ubifs_file_vm_ops.
So it is redundant.
And there is no kind of file does not supply page reading function
in ubifs. The readpage() check up for mmap file in generic_file_mmap()
is not needed.

So remove the call of generic_file_mmap().

Change v1 -> v2:
- deleted the mapping variable
Signed-off-by: Zhang Zhen <zhenzhang.zhang <at> huawei.com>
---
 fs/ubifs/file.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/fs/ubifs/file.c b/fs/ubifs/file.c
index b5b593c..f7b6958 100644
--- a/fs/ubifs/file.c
+++ b/fs/ubifs/file.c
 <at>  <at>  -1540,11 +1540,7  <at>  <at>  static const struct vm_operations_struct ubifs_file_vm_ops = {

 static int ubifs_file_mmap(struct file *file, struct vm_area_struct *vma)
 {
-	int err;
-
-	err = generic_file_mmap(file, vma);
-	if (err)
-		return err;
+	file_accessed(file);
(Continue reading)

Zhang Zhen | 22 Jul 07:23 2014

[PATCH] ubifs: refactor ubifs_file_mmap()

generic_file_mmap() set vma->vm_ops = &generic_file_vm_ops,
then ubifs_file_mmap set vma->vm_ops = &ubifs_file_vm_ops.
So it is redundant.
And there is no kind of file does not supply page reading function
in ubifs. The readpage() check up for mmap file in generic_file_mmap()
is not needed.

So remove the call of generic_file_mmap().

Signed-off-by: Zhang Zhen <zhenzhang.zhang <at> huawei.com>
---
 fs/ubifs/file.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/fs/ubifs/file.c b/fs/ubifs/file.c
index b5b593c..c7f1af6 100644
--- a/fs/ubifs/file.c
+++ b/fs/ubifs/file.c
 <at>  <at>  -1540,11 +1540,9  <at>  <at>  static const struct vm_operations_struct ubifs_file_vm_ops = {

 static int ubifs_file_mmap(struct file *file, struct vm_area_struct *vma)
 {
-	int err;
+	struct address_space *mapping = file->f_mapping;

-	err = generic_file_mmap(file, vma);
-	if (err)
-		return err;
+	file_accessed(file);
 	vma->vm_ops = &ubifs_file_vm_ops;
(Continue reading)

Brian Norris | 22 Jul 04:08 2014
Picon

[PATCH] mtd: terminate user-provided string

Noticed by Coverity as a potential security issue.

Signed-off-by: Brian Norris <computersforpeace <at> gmail.com>
---
Untested for now. Maybe I'll scrape together a test before applying, then it'd
be worth sending -stable.

 drivers/mtd/mtdchar.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/mtd/mtdchar.c b/drivers/mtd/mtdchar.c
index a0f54e80670c..53563955931b 100644
--- a/drivers/mtd/mtdchar.c
+++ b/drivers/mtd/mtdchar.c
 <at>  <at>  -549,6 +549,9  <at>  <at>  static int mtdchar_blkpg_ioctl(struct mtd_info *mtd,
 		if (mtd_is_partition(mtd))
 			return -EINVAL;

+		/* Sanitize user input */
+		p.devname[BLKPG_DEVNAMELTH - 1] = '\0';
+
 		return mtd_add_partition(mtd, p.devname, p.start, p.length);

 	case BLKPG_DEL_PARTITION:
--

-- 
1.9.1

______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/
(Continue reading)

Brian Norris | 22 Jul 04:08 2014
Picon

[PATCH] mtd: nand: fix integer widening problems

chip->pagebuf is a 32-bit type (int), so the shift will only be applied
as 32-bit. Fix this for 64-bit safety.

Caught by Coverity.

Signed-off-by: Brian Norris <computersforpeace <at> gmail.com>
---
I haven't confirmed through tests, but this likely could be pretty dangerous.
Perhaps it should be marked for -stable? (In the meantime, maybe I'll see if I
can rig up a test case that fails.)

 drivers/mtd/nand/nand_base.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/mtd/nand/nand_base.c b/drivers/mtd/nand/nand_base.c
index d8cdf06343fb..4ffb06b8138d 100644
--- a/drivers/mtd/nand/nand_base.c
+++ b/drivers/mtd/nand/nand_base.c
 <at>  <at>  -2391,8 +2391,8  <at>  <at>  static int nand_do_write_ops(struct mtd_info *mtd, loff_t to,
 	blockmask = (1 << (chip->phys_erase_shift - chip->page_shift)) - 1;

 	/* Invalidate the page cache, when we write to the cached page */
-	if (to <= (chip->pagebuf << chip->page_shift) &&
-	    (chip->pagebuf << chip->page_shift) < (to + ops->len))
+	if (to <= ((loff_t)chip->pagebuf << chip->page_shift) &&
+	    ((loff_t)chip->pagebuf << chip->page_shift) < (to + ops->len))
 		chip->pagebuf = -1;

 	/* Don't allow multipage oob writes with offset */
--

-- 
(Continue reading)

Brian Norris | 22 Jul 04:07 2014
Picon

[PATCH] mtd: maps: solutionengine: drop excess dependency

Already depends on SOLUTION_ENGINE, so we don't need the SUPERH
dependency too.

Signed-off-by: Brian Norris <computersforpeace <at> gmail.com>
---
 drivers/mtd/maps/Kconfig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/mtd/maps/Kconfig b/drivers/mtd/maps/Kconfig
index 21b2874a303b..ba801d2c6dcc 100644
--- a/drivers/mtd/maps/Kconfig
+++ b/drivers/mtd/maps/Kconfig
 <at>  <at>  -249,7 +249,7  <at>  <at>  config MTD_CFI_FLAGADM

 config MTD_SOLUTIONENGINE
 	tristate "CFI Flash device mapped on Hitachi SolutionEngine"
-	depends on SUPERH && SOLUTION_ENGINE && MTD_CFI && MTD_REDBOOT_PARTS
+	depends on SOLUTION_ENGINE && MTD_CFI && MTD_REDBOOT_PARTS
 	help
 	  This enables access to the flash chips on the Hitachi SolutionEngine and
 	  similar boards. Say 'Y' if you are building a kernel for such a board.
--

-- 
1.9.1

______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/

Brian Norris | 22 Jul 04:07 2014
Picon

[PATCH] mtd: nandsim: fix integer widening

This multiplication should be done in 64-bit, not 32-bit.

Caught by Coverity.

Signed-off-by: Brian Norris <computersforpeace <at> gmail.com>
---
 drivers/mtd/nand/nandsim.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/mtd/nand/nandsim.c b/drivers/mtd/nand/nandsim.c
index 4f0d83648e5a..7dc1dd28d896 100644
--- a/drivers/mtd/nand/nandsim.c
+++ b/drivers/mtd/nand/nandsim.c
 <at>  <at>  -827,7 +827,7  <at>  <at>  static int parse_badblocks(struct nandsim *ns, struct mtd_info *mtd)
 			NS_ERR("invalid badblocks.\n");
 			return -EINVAL;
 		}
-		offset = erase_block_no * ns->geom.secsz;
+		offset = (loff_t)erase_block_no * ns->geom.secsz;
 		if (mtd_block_markbad(mtd, offset)) {
 			NS_ERR("invalid badblocks.\n");
 			return -EINVAL;
--

-- 
1.9.1

______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/

(Continue reading)

Brian Norris | 22 Jul 04:07 2014
Picon

[PATCH] mtd: nand: denali: set proper error code on timeout

The condition "if (irq_status == 0)" already ensures that one half of
the ternary ?: is dead. I think this should probably actually be a FAIL,
not a PASS.

Caught by Coverity.

Signed-off-by: Brian Norris <computersforpeace <at> gmail.com>
Cc: Jamie Iles <jamie <at> jamieiles.com>
---
 drivers/mtd/nand/denali.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/drivers/mtd/nand/denali.c b/drivers/mtd/nand/denali.c
index 0b071a3136a2..332a3279dd8d 100644
--- a/drivers/mtd/nand/denali.c
+++ b/drivers/mtd/nand/denali.c
 <at>  <at>  -1061,9 +1061,7  <at>  <at>  static int write_page(struct mtd_info *mtd, struct nand_chip *chip,
 		dev_err(denali->dev,
 				"timeout on write_page (type = %d)\n",
 				raw_xfer);
-		denali->status =
-			(irq_status & INTR_STATUS__PROGRAM_FAIL) ?
-			NAND_STATUS_FAIL : PASS;
+		denali->status = NAND_STATUS_FAIL;
 	}

 	denali_enable_dma(denali, false);
--

-- 
1.9.1

(Continue reading)

Brian Norris | 22 Jul 04:07 2014
Picon

[PATCH] mtd: use __packed shorthand

Signed-off-by: Brian Norris <computersforpeace <at> gmail.com>
---
 drivers/mtd/mtdswap.c        |  2 +-
 drivers/mtd/nand/sm_common.h |  2 +-
 include/linux/mtd/cfi.h      | 22 +++++++++++-----------
 3 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/drivers/mtd/mtdswap.c b/drivers/mtd/mtdswap.c
index 8ca8d41bb35e..5c23f81c6912 100644
--- a/drivers/mtd/mtdswap.c
+++ b/drivers/mtd/mtdswap.c
 <at>  <at>  -145,7 +145,7  <at>  <at>  struct mtdswap_dev {
 struct mtdswap_oobdata {
 	__le16 magic;
 	__le32 count;
-} __attribute__((packed));
+} __packed;

 #define MTDSWAP_MAGIC_CLEAN	0x2095
 #define MTDSWAP_MAGIC_DIRTY	(MTDSWAP_MAGIC_CLEAN + 1)
diff --git a/drivers/mtd/nand/sm_common.h b/drivers/mtd/nand/sm_common.h
index 00f4a83359b2..d3e028e58b0f 100644
--- a/drivers/mtd/nand/sm_common.h
+++ b/drivers/mtd/nand/sm_common.h
 <at>  <at>  -18,7 +18,7  <at>  <at>  struct sm_oob {
 	uint8_t ecc2[3];
 	uint8_t lba_copy2[2];
 	uint8_t ecc1[3];
-} __attribute__((packed));
+} __packed;
(Continue reading)


Gmane