mtd->size overflow

Thu Aug 30 10:06:18 EDT 2007

Hi,all
I've done the work, and have it tested.
here is the patch:

Index: include/linux/mtd/nand.h
===================================================================

--- include/linux/mtd/nand.h	（修订版 166）
+++ include/linux/mtd/nand.h	（修订版 167）
@@ -392,7 +392,7 @@
 	int		bbt_erase_shift;
 	int		chip_shift;
 	int		numchips;
-	unsigned long	chipsize;
+	u_int64_t	chipsize;
 	int		pagemask;
 	int		pagebuf;
 	int		subpagesize;
@@ -491,8 +491,8 @@
 struct nand_bbt_descr {
 	int	options;
 	int	pages[NAND_MAX_CHIPS];
-	int	offs;
-	int	veroffs;
+	u_int64_t	offs;
+	u_int64_t	veroffs;
 	uint8_t	version[NAND_MAX_CHIPS];
 	int	len;
 	int	maxblocks;
Index: include/linux/mtd/mtd.h
===================================================================
--- include/linux/mtd/mtd.h	（修订版 166）
+++ include/linux/mtd/mtd.h	（修订版 167）
@@ -36,9 +36,9 @@
    specific to any particular block. */
 struct erase_info {
 	struct mtd_info *mtd;
-	u_int32_t addr;
-	u_int32_t len;
-	u_int32_t fail_addr;
+	u_int64_t addr;
+	u_int64_t len;
+	u_int64_t fail_addr;
 	u_long time;
 	u_long retries;
 	u_int dev;
@@ -50,7 +50,7 @@
 };

 struct mtd_erase_region_info {
-	u_int32_t offset;			/* At which this region starts, from the
beginning of the MTD */
+	u_int64_t offset;			/* At which this region starts, from the
beginning of the MTD */
 	u_int32_t erasesize;		/* For this region */
 	u_int32_t numblocks;		/* Number of blocks of erasesize in this region */
 };
@@ -92,7 +92,7 @@
 	size_t		retlen;
 	size_t		ooblen;
 	size_t		oobretlen;
-	uint32_t	ooboffs;
+	u_int64_t	ooboffs;
 	uint8_t		*datbuf;
 	uint8_t		*oobbuf;
 };
@@ -100,7 +100,7 @@
 struct mtd_info {
 	u_char type;
 	u_int32_t flags;
-	u_int32_t size;	 // Total size of the MTD
+	u_int64_t size;	 // Total size of the MTD -- by hoffer

 	/* "Major" erase size for the device. Naïve users may take this
 	 * to be the only erase size available, or may use the more detailed
Index: drivers/mtd/nand/nand_base.c
===================================================================
--- drivers/mtd/nand/nand_base.c	（修订版 166）
+++ drivers/mtd/nand/nand_base.c	（修订版 167）
@@ -2328,8 +2328,8 @@
 	       " 0x%02x, Chip ID: 0x%02x (%s %s)\n", *maf_id, dev_id,
 	       nand_manuf_ids[maf_idx].name, type->name);

-	printk(KERN_INFO "BlockSize: 0x%x, PageSize: 0x%x, OobSize: 0x%x,
BusWith:%d\n",
-           mtd->erasesize,mtd->writesize,mtd->oobsize,(chip->options
& NAND_BUSWIDTH_16) ? 16 : 8 );
+	printk(KERN_INFO "ChipSize: 0x%x, BlockSize: 0x%x, PageSize: 0x%x,
OobSize: 0x%x, BusWith:%d\n",
+           chip->chipsize,mtd->erasesize,mtd->writesize,mtd->oobsize,(chip->options
& NAND_BUSWIDTH_16) ? 16 : 8 );

 	return type;
 }
Index: drivers/mtd/mtdpart.c
===================================================================
--- drivers/mtd/mtdpart.c	（修订版 166）
+++ drivers/mtd/mtdpart.c	（修订版 167）
@@ -28,7 +28,7 @@
 struct mtd_part {
 	struct mtd_info mtd;
 	struct mtd_info *master;
-	u_int32_t offset;
+	u_int64_t offset;
 	int index;
 	struct list_head list;
 	int registered;
@@ -400,15 +400,15 @@
 				slave->offset = ((cur_offset / master->erasesize) + 1) * master->erasesize;
 				printk(KERN_NOTICE "Moving partition %d: "
 				       "0x%08x -> 0x%08x\n", i,
-				       cur_offset, slave->offset);
+				       cur_offset, (u_int32_t)slave->offset);
 			}
 		}
 		if (slave->mtd.size == MTDPART_SIZ_FULL)
 			slave->mtd.size = master->size - slave->offset;
 		cur_offset = slave->offset + slave->mtd.size;

-		printk (KERN_NOTICE "0x%08x-0x%08x : \"%s\"\n", slave->offset,
-			slave->offset + slave->mtd.size, slave->mtd.name);
+		printk (KERN_NOTICE "0x%08x-0x%08x : \"%s\"\n", (u_int32_t)slave->offset,
+			(u_int32_t)(slave->offset + slave->mtd.size), slave->mtd.name);

 		/* let's do some sanity checks */
 		if (slave->offset >= master->size) {
@@ -421,7 +421,7 @@
 		if (slave->offset + slave->mtd.size > master->size) {
 			slave->mtd.size = master->size - slave->offset;
 			printk ("mtd: partition \"%s\" extends beyond the end of device
\"%s\" -- size truncated to %#x\n",
-				parts[i].name, master->name, slave->mtd.size);
+				parts[i].name, master->name, (u_int32_t)slave->mtd.size);
 		}
 		if (master->numeraseregions>1) {
 			/* Deal with variable erase size stuff */
@@ -443,7 +443,7 @@
 		}

 		if ((slave->mtd.flags & MTD_WRITEABLE) &&
-		    (slave->offset % slave->mtd.erasesize)) {
+		    (((u_int32_t)slave->offset) % slave->mtd.erasesize  /*hoffer*/ )) {
 			/* Doesn't start on a boundary of major erase size */
 			/* FIXME: Let it be writable if it is on a boundary of _minor_
erase size though */
 			slave->mtd.flags &= ~MTD_WRITEABLE;
@@ -451,7 +451,7 @@
 				parts[i].name);
 		}
 		if ((slave->mtd.flags & MTD_WRITEABLE) &&
-		    (slave->mtd.size % slave->mtd.erasesize)) {
+		    (((u_int32_t)slave->mtd.size) % slave->mtd.erasesize /*hoffer*/ ) ) {
 			slave->mtd.flags &= ~MTD_WRITEABLE;
 			printk ("mtd: partition \"%s\" doesn't end on an erase block --
force read-only\n",
 				parts[i].name);
Index: drivers/mtd/mtdcore.c
===================================================================
--- drivers/mtd/mtdcore.c	（修订版 166）
+++ drivers/mtd/mtdcore.c	（修订版 167）
@@ -349,7 +349,7 @@
 	if (!this)
 		return 0;

-	return sprintf(buf, "mtd%d: %8.8x %8.8x \"%s\"\n", i, this->size,
+	return sprintf(buf, "mtd%d: %8.8x %8.8x \"%s\"\n", i, (u_int32_t)this->size,
 		       this->erasesize, this->name);
 }



2007/8/30, Jörn Engel <joern at logfs.org>:
> On Wed, 29 August 2007 13:10:15 +0530, Vinit Agnihotri wrote:
> >
> > I dont mind giving out patch
> > but its about making mtd subsytem 64-bit,
> > so mtd-maintainers must allow that patch. As its kernel patch.
>
> Just send the patch.  Even if it doesn't get merged, reading the patch
> will be useful to whoever does the actual 64bit transition.
>
> Jörn
>
> --
> Joern's library part 14:
> http://www.sandpile.org/
>


-- 
Best Regards!

He Yong

School of Information Security,
Shanghai Jiaotong University,
Dong chuan Road #800,
Minhang, Shanghai, P.R.China
