diff options
| author | Gabor Juhos <juhosg@freemail.hu> | 2017-12-12 21:49:50 +0100 |
|---|---|---|
| committer | John Crispin <john@phrozen.org> | 2017-12-16 00:00:25 +0100 |
| commit | 665bb2749906aff4d4ec607a308353fa30cb1b3a (patch) | |
| tree | 799010fadb4db241b1290c53c61d0f1f8d71fa96 | |
| parent | 2ecc4131077b26ed8b95b88dea870b1f3a9444c2 (diff) | |
| download | upstream-665bb2749906aff4d4ec607a308353fa30cb1b3a.tar.gz upstream-665bb2749906aff4d4ec607a308353fa30cb1b3a.tar.bz2 upstream-665bb2749906aff4d4ec607a308353fa30cb1b3a.zip | |
ar71xx: fix invalid pointer dereference in rb95x_nand_scan_fixup()
Since Linux 4.6, mtd->priv no longer points to the NAND specific
structure. Under 4.9 it contains NULL, thus using it to access
chip->options causes an invalid pointer dereference (FS#1200).
Update the code to use the mtd_to_nand() helper under 4.9 to obtain
the address of the chip specific data.
Fixes: 7bbf4117c6fe ("ar71xx: Add kernel 4.9 support")
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
| -rw-r--r-- | target/linux/ar71xx/files/arch/mips/ath79/mach-rb95x.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/target/linux/ar71xx/files/arch/mips/ath79/mach-rb95x.c b/target/linux/ar71xx/files/arch/mips/ath79/mach-rb95x.c index 9eaeaa7f9d..5e24694d5c 100644 --- a/target/linux/ar71xx/files/arch/mips/ath79/mach-rb95x.c +++ b/target/linux/ar71xx/files/arch/mips/ath79/mach-rb95x.c @@ -207,7 +207,11 @@ static const struct mtd_ooblayout_ops rb95x_nand_ecclayout_ops = { static int rb95x_nand_scan_fixup(struct mtd_info *mtd) { +#if LINUX_VERSION_CODE < KERNEL_VERSION(4,6,0) struct nand_chip *chip = mtd->priv; +#else + struct nand_chip *chip = mtd_to_nand(mtd); +#endif /* < 4.6.0 */ if (mtd->writesize == 512) { /* |