pwrite() to nand in raw mode fails with EINVAL

[Artem Bityutskiy]

Maxime, I've cleaned up comments, added your signed-off-by and cc
stable. Is this OK?

It would also be nice to get an ack from Maxim Levitsky.

From: Maxime Bizon <mbizon at freebox.fr>
Subject: [PATCH] mtd: fix NAND pwrite in raw mode

Since commit 782ce79a45b3b850b108896fcf7da26754061c8f ("cleanup the
nand_do_write_ops") 'pwrite()' to a NAND device fails with '-EINVAL'
which comes from:

        /* Don't allow multipage oob writes with offset */
        if (ops->ooboffs && (ops->ooboffs + ops->ooblen > oobmaxlen))
                return -EINVAL;

because 'ops->ooboffs' was uninitialized. This patch fixes the issue.

Artem: clean-up comment, add stable.

Signed-off-by: Maxime Bizon <mbizon at freebox.fr>
Cc: stable <stable at kernel.org>
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy at nokia.com>
---
 drivers/mtd/mtdchar.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/drivers/mtd/mtdchar.c b/drivers/mtd/mtdchar.c
index a825002..39dcb57 100644
--- a/drivers/mtd/mtdchar.c
+++ b/drivers/mtd/mtdchar.c
@@ -216,6 +216,7 @@ static ssize_t mtd_read(struct file *file, char __user *buf, size_t count,loff_t
 		{
 			struct mtd_oob_ops ops;
 
+			memset(&ops, 0, sizeof (ops));
 			ops.mode = MTD_OOB_RAW;
 			ops.datbuf = kbuf;
 			ops.oobbuf = NULL;
@@ -319,6 +320,7 @@ static ssize_t mtd_write(struct file *file, const char __user *buf, size_t count
 		{
 			struct mtd_oob_ops ops;
 
+			memset(&ops, 0, sizeof (ops));
 			ops.mode = MTD_OOB_RAW;
 			ops.datbuf = kbuf;
 			ops.oobbuf = NULL;
-- 
1.7.2.3


-- 
Best Regards,
Artem Bityutskiy (Артём Битюцкий)