[PATCH v2] mtd: nftl/inftl: check mtd_erase() return value

Miquel Raynal miquel.raynal at bootlin.com
Mon Feb 19 15:22:15 PST 2018 

Since the creation of mtd_erase(), the function can return a negative
error code without updating the instr->state flag. This happens for
instance when ->_erase() is not implemented or ->erasesize has an invalid
value. The calling function should error out in this case.

Functions in nftlmount/inftlmount call mtd_erase() without checking the
return code. The instr->state flag is checked but might not have been
updated depending on the error path.

Add checks on the returned value of mtd_erase().

Signed-off-by: Miquel Raynal <miquel.raynal at bootlin.com>
---

Changes since v1:
  - Fix disgraceful compilation issue.

 drivers/mtd/inftlmount.c | 7 +++++--
 drivers/mtd/nftlmount.c  | 3 ++-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/mtd/inftlmount.c b/drivers/mtd/inftlmount.c
index 8d6bb189ea8e..34fd6180966a 100644
--- a/drivers/mtd/inftlmount.c
+++ b/drivers/mtd/inftlmount.c
@@ -219,7 +219,9 @@ static int find_boot_record(struct INFTLrecord *inftl)
 				 */
 				instr->addr = ip->Reserved0 * inftl->EraseSize;
 				instr->len = inftl->EraseSize;
-				mtd_erase(mtd, instr);
+				ret = mtd_erase(mtd, instr);
+				if (ret < 0)
+					return ret;
 			}
 			if ((ip->lastUnit - ip->firstUnit + 1) < ip->virtualUnits) {
 				printk(KERN_WARNING "INFTL: Media Header "
@@ -393,7 +395,8 @@ int INFTL_formatblock(struct INFTLrecord *inftl, int block)
 	   mark only the failed block in the bbt. */
 	for (physblock = 0; physblock < inftl->EraseSize;
 	     physblock += instr->len, instr->addr += instr->len) {
-		mtd_erase(inftl->mbd.mtd, instr);
+		if (mtd_erase(inftl->mbd.mtd, instr) < 0)
+			goto fail;
 
 		if (instr->state == MTD_ERASE_FAILED) {
 			printk(KERN_WARNING "INFTL: error while formatting block %d\n",
diff --git a/drivers/mtd/nftlmount.c b/drivers/mtd/nftlmount.c
index 184c8fbfe465..8dbc40ab7d73 100644
--- a/drivers/mtd/nftlmount.c
+++ b/drivers/mtd/nftlmount.c
@@ -331,7 +331,8 @@ int NFTL_formatblock(struct NFTLrecord *nftl, int block)
 	instr->mtd = nftl->mbd.mtd;
 	instr->addr = block * nftl->EraseSize;
 	instr->len = nftl->EraseSize;
-	mtd_erase(mtd, instr);
+	if (mtd_erase(mtd, instr) < 0)
+		goto fail;
 
 	if (instr->state == MTD_ERASE_FAILED) {
 		printk("Error while formatting block %d\n", block);
-- 
2.14.1

More information about the linux-mtd mailing list