[PATCH] mtd: nftl/inftl: check mtd_erase() return value

Miquel Raynal miquel.raynal at bootlin.com
Mon Feb 19 15:04:30 PST 2018 

Hi Boris,

On Mon, 12 Feb 2018 13:41:01 +0100, Boris Brezillon
<boris.brezillon at bootlin.com> wrote:

> On Thu, 25 Jan 2018 00:24:34 +0100
> Miquel Raynal <miquel.raynal at free-electrons.com> wrote:
> 
> > Since the creation of mtd_erase(), the function can return a negative
> > error code without updating the instr->state flag. This happens for
> > instance when ->_erase() is not implemented or ->erasesize has an invalid
> > value. The calling function should error out in this case.
> > 
> > Functions in nftlmount/inftlmount call mtd_erase() without checking the
> > return code. The instr->state flag is checked but might not have been
> > updated depending on the error path.
> > 
> > Add checks on the returned value of mtd_erase().
> > 
> > Signed-off-by: Miquel Raynal <miquel.raynal at free-electrons.com>
> > ---
> >  drivers/mtd/inftlmount.c | 7 +++++--
> >  drivers/mtd/nftlmount.c  | 3 ++-
> >  2 files changed, 7 insertions(+), 3 deletions(-)
> > 
> > diff --git a/drivers/mtd/inftlmount.c b/drivers/mtd/inftlmount.c
> > index 8d6bb189ea8e..cab4a0b9f881 100644
> > --- a/drivers/mtd/inftlmount.c
> > +++ b/drivers/mtd/inftlmount.c
> > @@ -219,7 +219,9 @@ static int find_boot_record(struct INFTLrecord *inftl)
> >  				 */
> >  				instr->addr = ip->Reserved0 * inftl->EraseSize;
> >  				instr->len = inftl->EraseSize;
> > -				mtd_erase(mtd, instr);
> > +				ret = mtd_erase(mtd, instr);
> > +				if (ret < 0)
> > +					return ret;
> >  			}
> >  			if ((ip->lastUnit - ip->firstUnit + 1) < ip->virtualUnits) {
> >  				printk(KERN_WARNING "INFTL: Media Header "
> > @@ -393,7 +395,8 @@ int INFTL_formatblock(struct INFTLrecord *inftl, int block)
> >  	   mark only the failed block in the bbt. */
> >  	for (physblock = 0; physblock < inftl->EraseSize;
> >  	     physblock += instr->len, instr->addr += instr->len) {
> > -		mtd_erase(inftl->mbd.mtd, instr);
> > +		if (mtd_erase(inftl->mbd.mtd, instr < 0))  
> 
> 		    ^ mtd_erase(inftl->mbd.mtd, instr) < 0
> 
> which means you did not even compile test your patch :P.

/o\ shame on me... I feel I've been cheated by my conf :)

> 
> > +			goto fail;
> >  
> >  		if (instr->state == MTD_ERASE_FAILED) {
> >  			printk(KERN_WARNING "INFTL: error while formatting block %d\n",
> > diff --git a/drivers/mtd/nftlmount.c b/drivers/mtd/nftlmount.c
> > index 184c8fbfe465..8dbc40ab7d73 100644
> > --- a/drivers/mtd/nftlmount.c
> > +++ b/drivers/mtd/nftlmount.c
> > @@ -331,7 +331,8 @@ int NFTL_formatblock(struct NFTLrecord *nftl, int block)
> >  	instr->mtd = nftl->mbd.mtd;
> >  	instr->addr = block * nftl->EraseSize;
> >  	instr->len = nftl->EraseSize;
> > -	mtd_erase(mtd, instr);
> > +	if (mtd_erase(mtd, instr) < 0)
> > +		goto fail;
> >  
> >  	if (instr->state == MTD_ERASE_FAILED) {
> >  		printk("Error while formatting block %d\n", block);  
> 
> 
> 



-- 
Miquel Raynal, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
http://bootlin.com

More information about the linux-mtd mailing list