Hello
The main goal of this patch series is to fix a possible NULL dereference.
Even if the probability of this case is very low, fixing it made
static analyzers happy.
In the same time it permits to remove a "cast that drop const qualifiers.
Regards
Changes since v1
- Use of_device_get_match_data
- Add the missing patch for constify atmel_nand_caps structures
LABBE Corentin (2):
mtd: nand: atmel_nand: constify atmel_nand_caps structures
mtd: nand: atmel_nand: fix a possible NULL dereference
drivers/mtd/nand/atmel_nand.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
--
2.4.10
All atmel_nand_caps are never modified, consitify them.
Signed-off-by: LABBE Corentin <[email protected]>
---
drivers/mtd/nand/atmel_nand.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/mtd/nand/atmel_nand.c b/drivers/mtd/nand/atmel_nand.c
index 583cdd9..475c938 100644
--- a/drivers/mtd/nand/atmel_nand.c
+++ b/drivers/mtd/nand/atmel_nand.c
@@ -128,7 +128,7 @@ struct atmel_nand_host {
struct atmel_nfc *nfc;
- struct atmel_nand_caps *caps;
+ const struct atmel_nand_caps *caps;
bool has_pmecc;
u8 pmecc_corr_cap;
u16 pmecc_sector_size;
@@ -2304,11 +2304,11 @@ static int atmel_nand_remove(struct platform_device *pdev)
return 0;
}
-static struct atmel_nand_caps at91rm9200_caps = {
+static const struct atmel_nand_caps at91rm9200_caps = {
.pmecc_correct_erase_page = false,
};
-static struct atmel_nand_caps sama5d4_caps = {
+static const struct atmel_nand_caps sama5d4_caps = {
.pmecc_correct_erase_page = true,
};
--
2.4.10
of_match_device could return NULL, and so cause a NULL pointer
dereference later.
Signed-off-by: LABBE Corentin <[email protected]>
---
drivers/mtd/nand/atmel_nand.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/mtd/nand/atmel_nand.c b/drivers/mtd/nand/atmel_nand.c
index 475c938..7902967 100644
--- a/drivers/mtd/nand/atmel_nand.c
+++ b/drivers/mtd/nand/atmel_nand.c
@@ -1496,8 +1496,9 @@ static int atmel_of_init_port(struct atmel_nand_host *host,
struct atmel_nand_data *board = &host->board;
enum of_gpio_flags flags = 0;
- host->caps = (struct atmel_nand_caps *)
- of_match_device(atmel_nand_dt_ids, host->dev)->data;
+ host->caps = of_device_get_match_data(host->dev);
+ if (!host->caps)
+ return 1;
if (of_property_read_u32(np, "atmel,nand-addr-offset", &val) == 0) {
if (val >= 32) {
--
2.4.10
Hi, Corentin
Thanks for the patch.
On 11/20/2015 3:45 PM, LABBE Corentin wrote:
> All atmel_nand_caps are never modified, consitify them.
>
> Signed-off-by: LABBE Corentin <[email protected]>
Acked-by: Josh Wu <[email protected]>
Best Regards,
Josh Wu
> ---
> drivers/mtd/nand/atmel_nand.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/mtd/nand/atmel_nand.c b/drivers/mtd/nand/atmel_nand.c
> index 583cdd9..475c938 100644
> --- a/drivers/mtd/nand/atmel_nand.c
> +++ b/drivers/mtd/nand/atmel_nand.c
> @@ -128,7 +128,7 @@ struct atmel_nand_host {
>
> struct atmel_nfc *nfc;
>
> - struct atmel_nand_caps *caps;
> + const struct atmel_nand_caps *caps;
> bool has_pmecc;
> u8 pmecc_corr_cap;
> u16 pmecc_sector_size;
> @@ -2304,11 +2304,11 @@ static int atmel_nand_remove(struct platform_device *pdev)
> return 0;
> }
>
> -static struct atmel_nand_caps at91rm9200_caps = {
> +static const struct atmel_nand_caps at91rm9200_caps = {
> .pmecc_correct_erase_page = false,
> };
>
> -static struct atmel_nand_caps sama5d4_caps = {
> +static const struct atmel_nand_caps sama5d4_caps = {
> .pmecc_correct_erase_page = true,
> };
>
Hi, Corentin
Thanks for the patch. It looks fine to me, just one nitpick in below:
On 11/20/2015 3:45 PM, LABBE Corentin wrote:
> of_match_device could return NULL, and so cause a NULL pointer
> dereference later.
>
> Signed-off-by: LABBE Corentin <[email protected]>
> ---
> drivers/mtd/nand/atmel_nand.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/mtd/nand/atmel_nand.c b/drivers/mtd/nand/atmel_nand.c
> index 475c938..7902967 100644
> --- a/drivers/mtd/nand/atmel_nand.c
> +++ b/drivers/mtd/nand/atmel_nand.c
> @@ -1496,8 +1496,9 @@ static int atmel_of_init_port(struct atmel_nand_host *host,
> struct atmel_nand_data *board = &host->board;
> enum of_gpio_flags flags = 0;
>
> - host->caps = (struct atmel_nand_caps *)
> - of_match_device(atmel_nand_dt_ids, host->dev)->data;
> + host->caps = of_device_get_match_data(host->dev);
> + if (!host->caps)
> + return 1;
it's better to use -EINVAL here.
Best Regards,
Josh Wu
>
> if (of_property_read_u32(np, "atmel,nand-addr-offset", &val) == 0) {
> if (val >= 32) {
On Fri, Nov 20, 2015 at 04:28:10PM +0800, Josh Wu wrote:
> Hi, Corentin
>
> Thanks for the patch.
>
> On 11/20/2015 3:45 PM, LABBE Corentin wrote:
> >All atmel_nand_caps are never modified, consitify them.
> >
> >Signed-off-by: LABBE Corentin <[email protected]>
>
> Acked-by: Josh Wu <[email protected]>
Pushed patch 1 to l2-mtd.git
On Fri, Nov 20, 2015 at 04:33:14PM +0800, Josh Wu wrote:
> Hi, Corentin
>
> Thanks for the patch. It looks fine to me, just one nitpick in below:
>
> On 11/20/2015 3:45 PM, LABBE Corentin wrote:
> > of_match_device could return NULL, and so cause a NULL pointer
> > dereference later.
> >
> > Signed-off-by: LABBE Corentin <[email protected]>
> > ---
> > drivers/mtd/nand/atmel_nand.c | 5 +++--
> > 1 file changed, 3 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/mtd/nand/atmel_nand.c b/drivers/mtd/nand/atmel_nand.c
> > index 475c938..7902967 100644
> > --- a/drivers/mtd/nand/atmel_nand.c
> > +++ b/drivers/mtd/nand/atmel_nand.c
> > @@ -1496,8 +1496,9 @@ static int atmel_of_init_port(struct atmel_nand_host *host,
> > struct atmel_nand_data *board = &host->board;
> > enum of_gpio_flags flags = 0;
> >
> > - host->caps = (struct atmel_nand_caps *)
> > - of_match_device(atmel_nand_dt_ids, host->dev)->data;
> > + host->caps = of_device_get_match_data(host->dev);
> > + if (!host->caps)
> > + return 1;
>
> it's better to use -EINVAL here.
>
Hello
I do that Uwe Kleine-K?nig said to me to do in others thread:
https://lkml.org/lkml/2015/11/12/70 and https://lkml.org/lkml/2015/11/16/211
Regards
Hi, Corentin
On 11/24/2015 9:12 PM, LABBE Corentin wrote:
> On Fri, Nov 20, 2015 at 04:33:14PM +0800, Josh Wu wrote:
>> Hi, Corentin
>>
>> Thanks for the patch. It looks fine to me, just one nitpick in below:
>>
>> On 11/20/2015 3:45 PM, LABBE Corentin wrote:
>>> of_match_device could return NULL, and so cause a NULL pointer
>>> dereference later.
>>>
>>> Signed-off-by: LABBE Corentin <[email protected]>
>>> ---
>>> drivers/mtd/nand/atmel_nand.c | 5 +++--
>>> 1 file changed, 3 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/drivers/mtd/nand/atmel_nand.c b/drivers/mtd/nand/atmel_nand.c
>>> index 475c938..7902967 100644
>>> --- a/drivers/mtd/nand/atmel_nand.c
>>> +++ b/drivers/mtd/nand/atmel_nand.c
>>> @@ -1496,8 +1496,9 @@ static int atmel_of_init_port(struct atmel_nand_host *host,
>>> struct atmel_nand_data *board = &host->board;
>>> enum of_gpio_flags flags = 0;
>>>
>>> - host->caps = (struct atmel_nand_caps *)
>>> - of_match_device(atmel_nand_dt_ids, host->dev)->data;
>>> + host->caps = of_device_get_match_data(host->dev);
>>> + if (!host->caps)
>>> + return 1;
>> it's better to use -EINVAL here.
>>
> Hello
>
> I do that Uwe Kleine-K?nig said to me to do in others thread:
> https://lkml.org/lkml/2015/11/12/70 and https://lkml.org/lkml/2015/11/16/211
Thank you for the information.
I checked the imx serial driver(drivers/tty/serial/imx.c) in
serial_imx_probe():
...
ret = serial_imx_probe_dt(sport, pdev);
if (ret > 0) ---> So here is why you need to return 1 in
serial_imx_probe_dt().
serial_imx_probe_pdata(sport, pdev);
else if (ret < 0)
return ret;
There has a branch to check whether ret is > 0 or < 0. So that's why you
need to return 1 in imx serial driver.
But in atmel_nand driver, we don't have such code for that. The
atmel_of_init_port() is only used for dt probe. So if dt is not matched,
just return an error.
>
> Regards
>
Best Regards,
Josh Wu