[PATCH 2/2] ARM: imx/bbu-external-nand: Fix freeing image copy

[Uwe Kleine-König]

imx_bbu_external_nand_update() does:

	image = memdup(data->image, data->len);
	...
	for (...) {
		...
		image += now;
		...
	}
	...
	free(image)

So it's not the original pointer that is passed to free. This results in
a hang.

Instead use an offset variable and keep image constant.

Fixes: 93b564d9acc7 ("ARM: i.MX bbu-external-nand: Do not modify image")
Signed-off-by: Uwe Kleine-König <u.kleine-koenig at pengutronix.de>
---
 arch/arm/mach-imx/imx-bbu-external-nand.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/arch/arm/mach-imx/imx-bbu-external-nand.c b/arch/arm/mach-imx/imx-bbu-external-nand.c
index 4d3493f9e1e0..40dbaabdc7fa 100644
--- a/arch/arm/mach-imx/imx-bbu-external-nand.c
+++ b/arch/arm/mach-imx/imx-bbu-external-nand.c
@@ -29,7 +29,7 @@ static int imx_bbu_external_nand_update(struct bbu_handler *handler, struct bbu_
 	int size_available, size_need;
 	int ret;
 	uint32_t num_bb = 0, bbt = 0;
-	loff_t nand_offset = 0;
+	loff_t nand_offset = 0, image_offset = 0;
 	int block = 0, len, now, blocksize;
 	void *image = NULL;
 
@@ -157,12 +157,12 @@ static int imx_bbu_external_nand_update(struct bbu_handler *handler, struct bbu_
 		if (ret)
 			goto out;
 
-		ret = write(fd, image, now);
+		ret = write(fd, image + image_offset, now);
 		if (ret < 0)
 			goto out;
 
 		len -= now;
-		image += now;
+		image_offset += now;
 		nand_offset += now;
 	}
 
-- 
2.36.1