Commit 27ab41e2 authored by Kees Cook's avatar Kees Cook Committed by Boris Brezillon

mtd: nftl: Remove VLA usage

On the quest to remove all stack VLAs from the kernel[1] this changes
the check_free_sectors() routine to use a kmalloc()ed buffer instead
of a large VLA stack buffer.

[1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.comSigned-off-by: default avatarKees Cook <keescook@chromium.org>
Signed-off-by: default avatarBoris Brezillon <boris.brezillon@bootlin.com>
parent 7cc9aa66
...@@ -334,28 +334,37 @@ static int memcmpb(void *a, int c, int n) ...@@ -334,28 +334,37 @@ static int memcmpb(void *a, int c, int n)
static int check_free_sectors(struct INFTLrecord *inftl, unsigned int address, static int check_free_sectors(struct INFTLrecord *inftl, unsigned int address,
int len, int check_oob) int len, int check_oob)
{ {
u8 buf[SECTORSIZE + inftl->mbd.mtd->oobsize];
struct mtd_info *mtd = inftl->mbd.mtd; struct mtd_info *mtd = inftl->mbd.mtd;
size_t retlen; size_t retlen;
int i; int i, ret;
u8 *buf;
buf = kmalloc(SECTORSIZE + mtd->oobsize, GFP_KERNEL);
if (!buf)
return -1;
ret = -1;
for (i = 0; i < len; i += SECTORSIZE) { for (i = 0; i < len; i += SECTORSIZE) {
if (mtd_read(mtd, address, SECTORSIZE, &retlen, buf)) if (mtd_read(mtd, address, SECTORSIZE, &retlen, buf))
return -1; goto out;
if (memcmpb(buf, 0xff, SECTORSIZE) != 0) if (memcmpb(buf, 0xff, SECTORSIZE) != 0)
return -1; goto out;
if (check_oob) { if (check_oob) {
if(inftl_read_oob(mtd, address, mtd->oobsize, if(inftl_read_oob(mtd, address, mtd->oobsize,
&retlen, &buf[SECTORSIZE]) < 0) &retlen, &buf[SECTORSIZE]) < 0)
return -1; goto out;
if (memcmpb(buf + SECTORSIZE, 0xff, mtd->oobsize) != 0) if (memcmpb(buf + SECTORSIZE, 0xff, mtd->oobsize) != 0)
return -1; goto out;
} }
address += SECTORSIZE; address += SECTORSIZE;
} }
return 0; ret = 0;
out:
kfree(buf);
return ret;
} }
/* /*
......
...@@ -272,28 +272,37 @@ static int memcmpb(void *a, int c, int n) ...@@ -272,28 +272,37 @@ static int memcmpb(void *a, int c, int n)
static int check_free_sectors(struct NFTLrecord *nftl, unsigned int address, int len, static int check_free_sectors(struct NFTLrecord *nftl, unsigned int address, int len,
int check_oob) int check_oob)
{ {
u8 buf[SECTORSIZE + nftl->mbd.mtd->oobsize];
struct mtd_info *mtd = nftl->mbd.mtd; struct mtd_info *mtd = nftl->mbd.mtd;
size_t retlen; size_t retlen;
int i; int i, ret;
u8 *buf;
buf = kmalloc(SECTORSIZE + mtd->oobsize, GFP_KERNEL);
if (!buf)
return -1;
ret = -1;
for (i = 0; i < len; i += SECTORSIZE) { for (i = 0; i < len; i += SECTORSIZE) {
if (mtd_read(mtd, address, SECTORSIZE, &retlen, buf)) if (mtd_read(mtd, address, SECTORSIZE, &retlen, buf))
return -1; goto out;
if (memcmpb(buf, 0xff, SECTORSIZE) != 0) if (memcmpb(buf, 0xff, SECTORSIZE) != 0)
return -1; goto out;
if (check_oob) { if (check_oob) {
if(nftl_read_oob(mtd, address, mtd->oobsize, if(nftl_read_oob(mtd, address, mtd->oobsize,
&retlen, &buf[SECTORSIZE]) < 0) &retlen, &buf[SECTORSIZE]) < 0)
return -1; goto out;
if (memcmpb(buf + SECTORSIZE, 0xff, mtd->oobsize) != 0) if (memcmpb(buf + SECTORSIZE, 0xff, mtd->oobsize) != 0)
return -1; goto out;
} }
address += SECTORSIZE; address += SECTORSIZE;
} }
return 0; ret = 0;
out:
kfree(buf);
return ret;
} }
/* NFTL_format: format a Erase Unit by erasing ALL Erase Zones in the Erase Unit and /* NFTL_format: format a Erase Unit by erasing ALL Erase Zones in the Erase Unit and
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment