Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp2898849pxb; Tue, 24 Aug 2021 10:08:49 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwHG4swuFfmC25Dd4lEb18st0Xee1Iak6C8btXggTi1OTlIfEJ2QJiLW8E2pmRBc8IiRwnv X-Received: by 2002:aa7:c993:: with SMTP id c19mr23158943edt.239.1629824929496; Tue, 24 Aug 2021 10:08:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629824929; cv=none; d=google.com; s=arc-20160816; b=Qa9thd864hwy+/1w7gpU5a9w/1DL0noKsA0apKPQR2IpxQrQdXuL3wmRFyZlN6/z4a prfuxjZJtwneviSRESVw/MHlBaBCoJyF9l4IkeQBy92rskodeJZVIj0CdkOz/aJKP+HJ z0btrBJw2ye/6rP4J8YF0qCTUMz5HvGvlhBfaMdqx5e8yKIN9cqPxWNtMvA4HXs61xsy zLVAA5Ry9IWGlUjdiLinYT1XX+7vXo+EJCQ+TeqMBRuqswhMZV7m7AjCjB3ss0pi1pzc NamankVdXrbbEn6g8lAerxr37YwZlnAUnTtUdpz8et5D9MBzkoS6JIqhLCCtiqjWn1dv O+EA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=dJaptsLggj6Hx9mR0sGrXr9e/UrLOpBD1ymzStw+3mI=; b=XQHMb21qMk9Jy1hhml22NPg5MvQuPhHXJLi4rGN/j9VV+DwD083r60Ah+E3IxHo2gw AiQKGzyJx4G0nN2rGdf+iKffluNkkuQkoBfDg48okkPWuLr81F4/lxwgTkEPs3fg9Bxa Y1zW2lZOIW4if/z1C571UVgaJN5U/x6neucDm/j+LamOIe8hzP1IBLviSBln6UpEgAyQ 7WH1ivc2LEJ4mnwc1/U1EO2GBaDWekmTFYKNjLVEkyL/dw7YQibLaFKuJLQeqcwJaWIE XwwUR81JvrNkC0LLKvGnMY2vFZH1MsJ7tomc/0gy+E0pRzcd4GQA/RkrZNFnftf8cAe6 J0ww== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=B0ZcWbrl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id d13si18497043ejz.741.2021.08.24.10.08.24; Tue, 24 Aug 2021 10:08:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=B0ZcWbrl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239007AbhHXRFb (ORCPT + 99 others); Tue, 24 Aug 2021 13:05:31 -0400 Received: from mail.kernel.org ([198.145.29.99]:46490 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238828AbhHXRDL (ORCPT ); Tue, 24 Aug 2021 13:03:11 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id DB8446140D; Tue, 24 Aug 2021 16:59:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1629824356; bh=x0+KlKy6EWSfrQqWUtPEjzEI5Ags1cRHRVqRZULL9DY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=B0ZcWbrljFLvFQaWgqz2q09sVR9bdjd0uFNFtuwxVIGpa1DrlrQcyGI6nuoerumYq KSj+vcUsJv+edxIjnvT4w1XU8Bz5+hdnja0E/X2Yxtq1oDKhoU47h3+kcghAFPtU4y qtlP66Dm1oWWQa6q+oGWACUeLA6aaL2xg4zH4SEi99zhn/1ObVtGUQL9i3LC0YHbb/ zCvVdvu/wnLVGoH348MLhnUksaVlcy583gnTgNvSrb5Iyj7eAeNg1qk38fiTLFq+gK GV/oVC8Csxiy/CVLq1M3IK8O/mCxNvuAGlacidIk9857pOZUXeHKWOJXDJFwz3+oYr /KdhrkWHvqnIw== From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Andreas Persson , Miquel Raynal , Greg Kroah-Hartman Subject: [PATCH 5.10 06/98] mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards Date: Tue, 24 Aug 2021 12:57:36 -0400 Message-Id: <20210824165908.709932-7-sashal@kernel.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210824165908.709932-1-sashal@kernel.org> References: <20210824165908.709932-1-sashal@kernel.org> MIME-Version: 1.0 X-KernelTest-Patch: http://kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.61-rc1.gz X-KernelTest-Tree: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git X-KernelTest-Branch: linux-5.10.y X-KernelTest-Patches: git://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git X-KernelTest-Version: 5.10.61-rc1 X-KernelTest-Deadline: 2021-08-26T16:58+00:00 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andreas Persson commit 2394e628738933aa014093d93093030f6232946d upstream. Erasing an AMD linear flash card (AM29F016D) crashes after the first sector has been erased. Likewise, writing to it crashes after two bytes have been written. The reason is a missing check for a null pointer - the cmdset_priv field is not set for this type of card. Fixes: 4844ef80305d ("mtd: cfi_cmdset_0002: Add support for polling status register") Signed-off-by: Andreas Persson Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/DB6P189MB05830B3530B8087476C5CFE4C1159@DB6P189MB0583.EURP189.PROD.OUTLOOK.COM Signed-off-by: Greg Kroah-Hartman --- drivers/mtd/chips/cfi_cmdset_0002.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/mtd/chips/cfi_cmdset_0002.c b/drivers/mtd/chips/cfi_cmdset_0002.c index a1f3e1031c3d..96a27e06401f 100644 --- a/drivers/mtd/chips/cfi_cmdset_0002.c +++ b/drivers/mtd/chips/cfi_cmdset_0002.c @@ -119,7 +119,7 @@ static int cfi_use_status_reg(struct cfi_private *cfi) struct cfi_pri_amdstd *extp = cfi->cmdset_priv; u8 poll_mask = CFI_POLL_STATUS_REG | CFI_POLL_DQ; - return extp->MinorVersion >= '5' && + return extp && extp->MinorVersion >= '5' && (extp->SoftwareFeatures & poll_mask) == CFI_POLL_STATUS_REG; } -- 2.30.2