[U-Boot] [PATCH] mmc: zynq_sdhci: fix uninitialized pointer deref on probe
Michal Simek
michal.simek at xilinx.com
Fri Aug 2 04:37:56 UTC 2019
On 01. 08. 19 17:00, Matwey V. Kornilov wrote:
> Since commit 3d296365e4e8 ("mmc: sdhci: Add support for
> sdhci-caps-mask") sdhci_setup_cfg() expects a valid sdhci_host mmc
> field. Move the mmc field initialization before sdhci_setup_cfg()
> call to avoid crash on mmc pointer dereference.
>
> [this patch is based on commit 41a9fab8dac8 ("mmc: mv_sdhci: fix
> uninitialized pointer deref on probe") by Baruch Siach]
>
> Fixes: 3d296365e4e8 ("mmc: sdhci: Add support for sdhci-caps-mask")
> Cc: Faiz Abbas <faiz_abbas at ti.com>
> Cc: Baruch Siach <baruch at tkos.co.il>
> Signed-off-by: Matwey V. Kornilov <matwey.kornilov at gmail.com>
> ---
> drivers/mmc/zynq_sdhci.c | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/mmc/zynq_sdhci.c b/drivers/mmc/zynq_sdhci.c
> index c525084250..3225a7ac93 100644
> --- a/drivers/mmc/zynq_sdhci.c
> +++ b/drivers/mmc/zynq_sdhci.c
> @@ -242,13 +242,14 @@ static int arasan_sdhci_probe(struct udevice *dev)
>
> host->max_clk = clock;
>
> + host->mmc = &plat->mmc;
> + host->mmc->dev = dev;
> + host->mmc->priv = host;
> +
> ret = sdhci_setup_cfg(&plat->cfg, host, plat->f_max,
> CONFIG_ZYNQ_SDHCI_MIN_FREQ);
> - host->mmc = &plat->mmc;
> if (ret)
> return ret;
> - host->mmc->priv = host;
> - host->mmc->dev = dev;
> upriv->mmc = host->mmc;
>
> return sdhci_probe(dev);
>
Would be good to mentioned that this was tested on Z-turn board.
Anyway I have tested it on zcu102 and issue is not visible there but it
is visible on zc706. That's why I expect this is issue only for Zynq device.
Anyway
Tested-by: Michal Simek <michal.simek at xilinx.com> (on zcu102/zc706)
Peng: Feel free to take it via your tree or I will take it.
Thanks,
Michal
More information about the U-Boot
mailing list