From patchwork Mon Apr 8 08:36:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= X-Patchwork-Id: 786896 Delivered-To: patch@linaro.org Received: by 2002:a05:6000:1101:b0:343:f27d:c44e with SMTP id z1csp1236708wrw; Mon, 8 Apr 2024 01:37:13 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUfc0HoDt9OVW+aWxflFr3/dLzNHZWwlKvNtYwr2b8YF/vJiGl9Tb+y9I+CtGU/weiDJri9BgEktcGhOBNEt5IL X-Google-Smtp-Source: AGHT+IEAXhZNJJqg106V28ptvxSWaAvnOj1TLfucxKNbaFT9X4mUBy3vyEjJnmsK/PJ4nku1jdcZ X-Received: by 2002:a05:6214:5605:b0:699:41c6:b822 with SMTP id mg5-20020a056214560500b0069941c6b822mr7860756qvb.0.1712565433315; Mon, 08 Apr 2024 01:37:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1712565433; cv=none; d=google.com; s=arc-20160816; b=I4AW79KnQmSObI1md40WXbxKBpvW2adqhJ5LCjWkeU57PQZnUawOugeFT1iUlQKY0M SUOYPTlNP6xWgTB2bO7FTqHcNobOTUzYOfZykmG9OroYlyhP2pP5pXSzRIqdBhd8HWTr e2Jvp0yvlxZIedQ0rtO8kDl3HTwp1BH7NmllbOoOBlU8FcKdp5Uv1r/G9I4/f5JLeMpL 888zHiEXXGm/Q4Knxbgly819XU3f6pbaadu6spgbcIqO4d8w9aBN4oxREPh3dAHnOsQ4 wBtw/RYXBYwYMw7GbNgzbAKT2Hik2kv5aE+ZmbKrueefj8ewEBmkAf8IR7xsCICFxYYD twYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=m6BQV7fTkLyG6qLOnaR99Tjx9wX3tBZOaYxcFxZPlB4=; fh=n0lTV0dotq1tfPYpBFNqSbS7LCFaWpIW+UGdhuc8B/k=; b=QNwD77yBUx9cM96MB6AzJXupSQW5lj/8JglNGKWJckPSC6uk8XQbsuMnABegTN9BM/ TEDlo+ube0zEJWYoxYeR/dLRKrn/e9wbbgRvibslFKtxiyyxaB7fOPdCKtgzzKjKVa/n pxfwVgX/xaoBvxqoO3WyqAtB4M//YYa39hj/mPcOWeJHFt/+P9UtVwpf+uHuHtI9iAnA TGZBBtIuD6jE1vrm/gvhyUhTOyQjIvdOXrIfJASM/psP9seH0SSsu4XW2vq1U/WIBzeR 5iZm61l9orjdMTFne72c573COAaRZeq1RSOabcjtGI12K4AKm7posYRSLFBZJ6wOwKxi m/Fg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=kMKPzEyU; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id j13-20020a05621419cd00b0069a9e598366si5703695qvc.316.2024.04.08.01.37.13 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Mon, 08 Apr 2024 01:37:13 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=kMKPzEyU; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rtkUI-0005ks-M4; Mon, 08 Apr 2024 04:36:22 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rtkUG-0005kV-4q for qemu-devel@nongnu.org; Mon, 08 Apr 2024 04:36:20 -0400 Received: from mail-ej1-x62f.google.com ([2a00:1450:4864:20::62f]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rtkUC-0002kX-D6 for qemu-devel@nongnu.org; Mon, 08 Apr 2024 04:36:17 -0400 Received: by mail-ej1-x62f.google.com with SMTP id a640c23a62f3a-a51c6e91793so189029766b.0 for ; Mon, 08 Apr 2024 01:36:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1712565374; x=1713170174; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=m6BQV7fTkLyG6qLOnaR99Tjx9wX3tBZOaYxcFxZPlB4=; b=kMKPzEyUD/F0sbYq/nQ82zPTsTn7vQ81d+XVIqLKRNOVuEG6Q6cCJcGasr/rARUQcs VDySXTWgEtPxeBAHb2Sci16CH/x2yjEcK1kCUBeJhMwZY3cL2JVdrZMutsu+D1s3aoth Igi49chemjMhA2glyL52lho4KhvrfjdDnDHOLs+HLaDyt1XSnOz5NU7rUNNe9k9Rh8iH 1xYL2BAO8v1Xz8y0+Fu2NVaR6MNMfFg0nVRsRvfZG19BmmLevMRlibts2ZeJeBuPWDCW enyBcUc//EAaj8IqZxYbajadKFAAa9wxscG9dSI57SPN622NkN0Z+EhSruzjgyXejduH qGZw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712565374; x=1713170174; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=m6BQV7fTkLyG6qLOnaR99Tjx9wX3tBZOaYxcFxZPlB4=; b=gSBTT++mvBNP1a8T63otJ/HpXo7Ad7NvMd6xHtF3eWv/j6KwfKsgv7zBkhfBuYgyVB 07QPn7u/VkGLwyPl4HLgofJxsNxjU5zlZf6pLEXqf6RhPbjE56m+3KRXYTtc4Y5oA6Z5 mdFAeQ0KkWdSnAqtdBjnbCYk+iKNEAheda+hVfqIzlAsJWv8hHCOYmu/bfdiRJHumy9s lT2rbb3xogfwPw4J2jO7DH7L/J7W1cBZZXGWLTFdlcjEx4EK2qBvLtCpg6pCg4kNScDS d4ArFjoxkSwoS2qDPMFpJrkKVRsS+VlOgmk+J+PgS0I4Hd5j4fZAMK60Z1BsDR0S6gRV 9FdQ== X-Gm-Message-State: AOJu0YycEkxeF+Fl9l6GKwBTSyLATRMLwqTyiXSVY8V8CyTSSnbm5qBn ukJ1Lqw0CUEAeGoSFItobgsMG4UanC11Mll5xSCd/MBmhB2vM6aEKhencLjxYjSuclBmsAYCfF4 v X-Received: by 2002:a17:906:bc46:b0:a51:9e23:dc44 with SMTP id s6-20020a170906bc4600b00a519e23dc44mr7328386ejv.31.1712565374465; Mon, 08 Apr 2024 01:36:14 -0700 (PDT) Received: from m1x-phil.lan ([176.176.144.67]) by smtp.gmail.com with ESMTPSA id md16-20020a170906ae9000b00a51e004de4asm256150ejb.11.2024.04.08.01.36.13 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Mon, 08 Apr 2024 01:36:14 -0700 (PDT) From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: Qiang Liu , Mauro Matteo Cascella , Kevin Wolf , Alexander Bulekov , Hanna Reitz , qemu-block@nongnu.org, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= Subject: [PATCH-for-9.0? 1/3] hw/block/nand: Factor nand_load_iolen() method out Date: Mon, 8 Apr 2024 10:36:03 +0200 Message-ID: <20240408083605.55238-2-philmd@linaro.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20240408083605.55238-1-philmd@linaro.org> References: <20240408083605.55238-1-philmd@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::62f; envelope-from=philmd@linaro.org; helo=mail-ej1-x62f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson --- hw/block/nand.c | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) diff --git a/hw/block/nand.c b/hw/block/nand.c index d1435f2207..6fa9038bb5 100644 --- a/hw/block/nand.c +++ b/hw/block/nand.c @@ -243,9 +243,25 @@ static inline void nand_pushio_byte(NANDFlashState *s, uint8_t value) } } +/* + * nand_load_block: Load block containing (s->addr + @offset). + * Returns length of data available at @offset in this block. + */ +static int nand_load_block(NANDFlashState *s, int offset) +{ + int iolen; + + s->blk_load(s, s->addr, offset); + + iolen = (1 << s->page_shift) - offset; + if (s->gnd) { + iolen += 1 << s->oob_shift; + } + return iolen; +} + static void nand_command(NANDFlashState *s) { - unsigned int offset; switch (s->cmd) { case NAND_CMD_READ0: s->iolen = 0; @@ -271,12 +287,7 @@ static void nand_command(NANDFlashState *s) case NAND_CMD_NOSERIALREAD2: if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP)) break; - offset = s->addr & ((1 << s->addr_shift) - 1); - s->blk_load(s, s->addr, offset); - if (s->gnd) - s->iolen = (1 << s->page_shift) - offset; - else - s->iolen = (1 << s->page_shift) + (1 << s->oob_shift) - offset; + s->iolen = nand_load_block(s, s->addr & ((1 << s->addr_shift) - 1)); break; case NAND_CMD_RESET: @@ -597,12 +608,7 @@ uint32_t nand_getio(DeviceState *dev) if (!s->iolen && s->cmd == NAND_CMD_READ0) { offset = (int) (s->addr & ((1 << s->addr_shift) - 1)) + s->offset; s->offset = 0; - - s->blk_load(s, s->addr, offset); - if (s->gnd) - s->iolen = (1 << s->page_shift) - offset; - else - s->iolen = (1 << s->page_shift) + (1 << s->oob_shift) - offset; + s->iolen = nand_load_block(s, offset); } if (s->ce || s->iolen <= 0) { From patchwork Mon Apr 8 08:36:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= X-Patchwork-Id: 786897 Delivered-To: patch@linaro.org Received: by 2002:a05:6000:1101:b0:343:f27d:c44e with SMTP id z1csp1236866wrw; Mon, 8 Apr 2024 01:37:45 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVfBmqRrqIxHdY+fYIbB9KjYdu5qhHaMIxZCWseB3GnBDvPNcfwNRiC8LiRdX/H19YyJfFE7cWeHKaJwn22PQPH X-Google-Smtp-Source: AGHT+IEU4HcwOFgQRANZ0AK/CDm6ZcDaY1aN/wjy9eQh4ZAPNzpJaGvjbaBU83vYbjYLKItqzDg5 X-Received: by 2002:a05:6214:18ea:b0:69b:82a:e7fc with SMTP id ep10-20020a05621418ea00b0069b082ae7fcmr4654482qvb.59.1712565465718; Mon, 08 Apr 2024 01:37:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1712565465; cv=none; d=google.com; s=arc-20160816; b=oeErJ6IwMiozCJiGNePbKfk/2vsRwTsk7MN1QyHguQ3gDaZZLLWybt+XXvF2Gd/f1b dz6GpbVv4FfXSlBeOStvVD4Vp1/N6hPQ9oK/gbz1YhwQ2N8f/G06zHi5mQWZYjJ0jhL+ 0cK3BPbFbLp1zfNdUcMhpOTDjAxVlW+Gz5Ckiqji7Ui04vvZi8jMj1+hRaAEqNH+5ALM YuBldcNOIO/jyBSilAMlkL/bgp9f8zYgtfw55n4JSt4kdYWTiXsAoy4T38iDFgyWrtDJ dPFSlhqX8Nfi9/S7lLCNWA0ArHchoqViC0k4V1l8eOCliW0qQpPCVM7KHzVRt3Oa10rr e8RQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=6lxlzp3IlPActhEyj4Nxu8uqxhWQDk/wL/7CgsYIL7w=; fh=n0lTV0dotq1tfPYpBFNqSbS7LCFaWpIW+UGdhuc8B/k=; b=0kDscdtXR5LfsEj66fdIlos0Ie3WxKNBYbjutPYcdvPx2amIgu+9pLE7kQ3DdhyjQj xeOWyhgytstI9blrmCbUlzzt/Te4JiqGVkMkQb+KSsAsVcdcsHv+wv+g6yDCaZqDVi39 I5mNK6OuuwW6Sw4yuz5nENGrh3JJwpTENdof68ahVnSgas0zDMrefdpUFJwEyPJyL8dW PqbUYeM9S3DqYYF6gKzFi5VKXHBAuy5NWb8Tw4P4puBmDQPWwc3NyD+SOoTKARwPIBZH NdTkYbwY+khjw1ph7kzv/Ft6wRZ3j6QnE7mJlUasspFgGiSdlwVboXYUHDTi8qwPjup5 TwZw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=PiM4tKI7; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id n11-20020a0cec4b000000b006993002626bsi7549263qvq.173.2024.04.08.01.37.45 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Mon, 08 Apr 2024 01:37:45 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=PiM4tKI7; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rtkUL-0005m0-CE; Mon, 08 Apr 2024 04:36:25 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rtkUJ-0005lg-UZ for qemu-devel@nongnu.org; Mon, 08 Apr 2024 04:36:23 -0400 Received: from mail-ed1-x532.google.com ([2a00:1450:4864:20::532]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rtkUH-0002lB-Tb for qemu-devel@nongnu.org; Mon, 08 Apr 2024 04:36:23 -0400 Received: by mail-ed1-x532.google.com with SMTP id 4fb4d7f45d1cf-56e48d0a632so2309919a12.2 for ; Mon, 08 Apr 2024 01:36:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1712565380; x=1713170180; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=6lxlzp3IlPActhEyj4Nxu8uqxhWQDk/wL/7CgsYIL7w=; b=PiM4tKI7wJalGJ3b6ykWrrhCOyOHGphuvgyDhM9aDitp9eA5WlZgVE2QCfcTXQIGN7 Klc1Zytv9o7LFIpFwgg4tZVbVcfHY4YeJ3dOWGO71t5FAb4yJyc+nDqe0fHdCPU4lUvQ GSlNriDPu3VRveI4+kgjQ9xtg9mBWUj86vxw45ES8lOvNWm/caRi+PpBJuj84vuLKL8o VN/9RPmGGAC7J8IPDnAZfpGmaz/GM3oLdv/rqwprJVLitt8TNlm4AcqPNaXDy+2xA6PG NwyIas0rt9FVaPSTEacXLvUVye0ivQmChDy7kG28dp9LabJ5UDJlSeyRoQcbJQWAmF3C olFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712565380; x=1713170180; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6lxlzp3IlPActhEyj4Nxu8uqxhWQDk/wL/7CgsYIL7w=; b=p1WnDbub0sZtXTlyFsydLiupv0Mg0C06nBq5N8HDViTPBqNRxjuANMHf/Gmq6ZzunS SU8Xk1gBefQw3259GxzwGFdFK6+8sZ4gTZ+w3fv6kF1n0OfezQnKXPSiszZTmh8IzZLY NfUsUKuhBMZ6ZyCbZK2+VTml/fKvwBiS0ZZ86tRGedBNG5Q9oxaqqHK+Rt2Ydk8y+zvC nSiDZE4fYjFV+/goUtfStW8mgElXx8FLu4NIooY/y7v2wRqGykHGcgvKEW1Q3S4J3ISz QBvBn1bBOXKBKmFloR3v1Wj8EtO5dyVI+xfNjsd5VwGg/uP9tXi2wY+O/Fl3Gb3d5scY fxkw== X-Gm-Message-State: AOJu0YxYO+hUpdpNf10D6q1GtDsUiDbH/sKFDzJj0eHfKcwRyGSDb/yL L0TFDJacj4MVeXBN2EYN49F6wFjYmjnmY+5WIxns0TajaqaAGzysvAed+g46aAgKC3OEdQ9x4ox 0 X-Received: by 2002:a17:907:94c7:b0:a51:d3da:99a9 with SMTP id dn7-20020a17090794c700b00a51d3da99a9mr2004574ejc.51.1712565380294; Mon, 08 Apr 2024 01:36:20 -0700 (PDT) Received: from m1x-phil.lan ([176.176.144.67]) by smtp.gmail.com with ESMTPSA id js23-20020a170906ca9700b00a51c6d98777sm2125981ejb.58.2024.04.08.01.36.19 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Mon, 08 Apr 2024 01:36:19 -0700 (PDT) From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: Qiang Liu , Mauro Matteo Cascella , Kevin Wolf , Alexander Bulekov , Hanna Reitz , qemu-block@nongnu.org, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= Subject: [PATCH-for-9.0? 2/3] hw/block/nand: Have blk_load() return boolean indicating success Date: Mon, 8 Apr 2024 10:36:04 +0200 Message-ID: <20240408083605.55238-3-philmd@linaro.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20240408083605.55238-1-philmd@linaro.org> References: <20240408083605.55238-1-philmd@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::532; envelope-from=philmd@linaro.org; helo=mail-ed1-x532.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson --- hw/block/nand.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/hw/block/nand.c b/hw/block/nand.c index 6fa9038bb5..3627c799b5 100644 --- a/hw/block/nand.c +++ b/hw/block/nand.c @@ -84,7 +84,11 @@ struct NANDFlashState { void (*blk_write)(NANDFlashState *s); void (*blk_erase)(NANDFlashState *s); - void (*blk_load)(NANDFlashState *s, uint64_t addr, int offset); + /* + * Returns %true when block containing (@addr + @offset) is + * successfully loaded, otherwise %false. + */ + bool (*blk_load)(NANDFlashState *s, uint64_t addr, int offset); uint32_t ioaddr_vmstate; }; @@ -769,11 +773,11 @@ static void glue(nand_blk_erase_, NAND_PAGE_SIZE)(NANDFlashState *s) } } -static void glue(nand_blk_load_, NAND_PAGE_SIZE)(NANDFlashState *s, +static bool glue(nand_blk_load_, NAND_PAGE_SIZE)(NANDFlashState *s, uint64_t addr, int offset) { if (PAGE(addr) >= s->pages) { - return; + return false; } if (s->blk) { @@ -801,6 +805,8 @@ static void glue(nand_blk_load_, NAND_PAGE_SIZE)(NANDFlashState *s, offset, NAND_PAGE_SIZE + OOB_SIZE - offset); s->ioaddr = s->io; } + + return true; } static void glue(nand_init_, NAND_PAGE_SIZE)(NANDFlashState *s) From patchwork Mon Apr 8 08:36:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= X-Patchwork-Id: 786895 Delivered-To: patch@linaro.org Received: by 2002:a05:6000:1101:b0:343:f27d:c44e with SMTP id z1csp1236712wrw; Mon, 8 Apr 2024 01:37:13 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWSy+iCoCbC3XrR1PAODkLVg0AAviJMPJDCPJI0HNILFVG5tWlXDdFlNqp910gE5FhHKhQk+LLwxDmLuR0Kwibo X-Google-Smtp-Source: AGHT+IHow+fuhTONb7WPu+LmSl4DBXx/rQUEqdrA+jm5GbDpGnUcO0UIDUwM7/1YMcNe0l6BmtBZ X-Received: by 2002:a25:bd3:0:b0:dcc:3a3:9150 with SMTP id 202-20020a250bd3000000b00dcc03a39150mr6541573ybl.22.1712565433357; Mon, 08 Apr 2024 01:37:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1712565433; cv=none; d=google.com; s=arc-20160816; b=panCk0RGZpgKRIaMKkPmIBXYtRAr7/6yMefqITa/3LQczQyIpkA58GsvVTnm6Fsq8m IBTZOIf0Pe7rh3cS6IX3D6cYBj5ovYkn53OFU9VeJ7hcDURBbHqBLmhdM9T3YR9fpyCj fjNx52UMQKKvw6/npGhJPEGKkuK0qPrk6AKpovpNF4RvNz1itywr0YoYap1cnNB0PEkk NOLTFhxtyGeI5Ek+NTEtz1o112eaVum1HByW2KcY6GxAOY1ROTEwnpi5ekUYRKSTg7Dj hPj6h9aXumhN7xj/vfkMXs3l9UlUAMhbfGTvDNzRi57dhjz2axHFbVXALc2CeUj3LI5E Z//A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=0jCU1df9n+PO9XWHeO5IZQ9CHjWOsBfm5l6WMz/CJRw=; fh=n0lTV0dotq1tfPYpBFNqSbS7LCFaWpIW+UGdhuc8B/k=; b=hrJqiIj81dPqnmv1lhALpPVg4/R4QffkVy7hSnqNnq0YxfwVwl2/2WZgWhX7fWMi9A qf2tt3z9Nxw6XhiCxZruaYd5m0X16i7U1RSI56FleVogmjZRsFJ92JEHX+MU27OLtHEj acG3nL95A/xDImO3IjXY2ayofT/UEoPOqT0/cSd/1Px8THLXh16gx0ic76vHJjlR2TDd Ea0QpwfX8M2j+hFe/DNwTNKr0D0N2nnoEKiq0FZ+6DAiTX4gIT5OJoDDhD/KVQx+EJ1v 6csKJeqEYZOZwTLhrQCTOYZgcXAo1HaJKQ8bc+RcykIpU/MrZqc+giG4ir/5zETyx5YV GACw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=KoF0npzM; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id t7-20020a05622a148700b004347a268701si4446899qtx.419.2024.04.08.01.37.13 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Mon, 08 Apr 2024 01:37:13 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=KoF0npzM; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rtkUS-0005n5-CQ; Mon, 08 Apr 2024 04:36:32 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rtkUQ-0005ma-2Z for qemu-devel@nongnu.org; Mon, 08 Apr 2024 04:36:30 -0400 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rtkUO-0002lk-8J for qemu-devel@nongnu.org; Mon, 08 Apr 2024 04:36:29 -0400 Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-a51d05c50b2so114769866b.0 for ; Mon, 08 Apr 2024 01:36:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1712565386; x=1713170186; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0jCU1df9n+PO9XWHeO5IZQ9CHjWOsBfm5l6WMz/CJRw=; b=KoF0npzMTjBFYI+f6oRPuIhCtdI8zn/fLgw8ZBIapnFr3xxWFe3v7vEGOPSzQkERQ6 sG/6R2fZd9ciKEoSEnD0nPJDw3Sd6ZPpCO/YKPUK5AA2Fb09damLiUuRkUO8/Q0dK2l/ t+hxRtR5vz3ZDjDeb9tGk1tHFSy1AEglt0gMWZEXWFv9R2igwAS+Z13QveCKc33MNaqB qSv0elZ/r6/KFX6hCViiM/fxpQ/E3wm5Jhh1nswqrfH607W0hXxPvO4iKB8pz+mK0kng rNQlL+VWrG+OCQ+wEN7g6y/lBuZRnJPY4J8aHpoxJ7qjzS8cBuN3xO/TJcf1KgYVGfb5 cF3Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712565386; x=1713170186; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0jCU1df9n+PO9XWHeO5IZQ9CHjWOsBfm5l6WMz/CJRw=; b=lPLXKxnfhn8R2R8t7yYuMUavRzdcoIFls5lrHt8LerVPYZGTCMqopC12bTfIt3I7dC KXMDfQ89BBP28+iZ+KkFPdBjq94LRoNcK/BPu5/Tq5qNlxYtZNywiitj4NySLXkn5PAD X2kxP+4f+Npbhx3ThIEVDv75DjUURN9ADLhVr6IJkdQVl8kAOGtUDZo6DG5oCjZo7x8v X5bf+IDa9E/Vd9cwQoxspQfJ2MyDUJ0TTiaydL6wlxgHclZuo95KlIl3wEYIbDAuJqAt PuiNkwdG8lQB54am41ar1o+lxh5uv5I6uX9kINUxtr1XfWWeTlclr436B41EaVHg98Il Rr0A== X-Gm-Message-State: AOJu0Yzlr5YAiKlHd37UPO4LObnZdfJxzphVgia7N/yxnNeCrOasr89k pXktbd1+bbqkEC1xWsC+nmLTOVs5qZkPNJhL9WF4yaRZmRxYtsTSOAN738tITigpgxqzT/lkNS7 O X-Received: by 2002:a17:907:31c9:b0:a51:ddc6:edc1 with SMTP id xf9-20020a17090731c900b00a51ddc6edc1mr711411ejb.28.1712565386203; Mon, 08 Apr 2024 01:36:26 -0700 (PDT) Received: from m1x-phil.lan ([176.176.144.67]) by smtp.gmail.com with ESMTPSA id qy47-20020a17090768af00b00a517995c070sm4131041ejc.33.2024.04.08.01.36.24 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Mon, 08 Apr 2024 01:36:25 -0700 (PDT) From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: Qiang Liu , Mauro Matteo Cascella , Kevin Wolf , Alexander Bulekov , Hanna Reitz , qemu-block@nongnu.org, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= Subject: [PATCH-for-9.0? 3/3] hw/block/nand: Fix out-of-bound access in NAND block buffer Date: Mon, 8 Apr 2024 10:36:05 +0200 Message-ID: <20240408083605.55238-4-philmd@linaro.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20240408083605.55238-1-philmd@linaro.org> References: <20240408083605.55238-1-philmd@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::631; envelope-from=philmd@linaro.org; helo=mail-ej1-x631.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org nand_command() and nand_getio() don't check @offset points into the block, nor the available data length (s->iolen) is not negative. In order to fix: - check the offset is in range in nand_blk_load_NAND_PAGE_SIZE(), - do not set @iolen if blk_load() failed. Reproducer: $ cat << EOF | qemu-system-arm -machine tosa \ -monitor none -serial none \ -display none -qtest stdio write 0x10000111 0x1 0xca write 0x10000104 0x1 0x47 write 0x1000ca04 0x1 0xd7 write 0x1000ca01 0x1 0xe0 write 0x1000ca04 0x1 0x71 write 0x1000ca00 0x1 0x50 write 0x1000ca04 0x1 0xd7 read 0x1000ca02 0x1 write 0x1000ca01 0x1 0x10 EOF ================================================================= ==15750==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61f000000de0 at pc 0x560e61557210 bp 0x7ffcfc4a59f0 sp 0x7ffcfc4a59e8 READ of size 1 at 0x61f000000de0 thread T0 #0 0x560e6155720f in mem_and hw/block/nand.c:101:20 #1 0x560e6155ac9c in nand_blk_write_512 hw/block/nand.c:663:9 #2 0x560e61544200 in nand_command hw/block/nand.c:293:13 #3 0x560e6153cc83 in nand_setio hw/block/nand.c:520:13 #4 0x560e61a0a69e in tc6393xb_nand_writeb hw/display/tc6393xb.c:380:13 #5 0x560e619f9bf7 in tc6393xb_writeb hw/display/tc6393xb.c:524:9 #6 0x560e647c7d03 in memory_region_write_accessor softmmu/memory.c:492:5 #7 0x560e647c7641 in access_with_adjusted_size softmmu/memory.c:554:18 #8 0x560e647c5f66 in memory_region_dispatch_write softmmu/memory.c:1514:16 #9 0x560e6485409e in flatview_write_continue softmmu/physmem.c:2825:23 #10 0x560e648421eb in flatview_write softmmu/physmem.c:2867:12 #11 0x560e64841ca8 in address_space_write softmmu/physmem.c:2963:18 #12 0x560e61170162 in qemu_writeb tests/qtest/videzzo/videzzo_qemu.c:1080:5 #13 0x560e6116eef7 in dispatch_mmio_write tests/qtest/videzzo/videzzo_qemu.c:1227:28 0x61f000000de0 is located 0 bytes to the right of 3424-byte region [0x61f000000080,0x61f000000de0) allocated by thread T0 here: #0 0x560e611276cf in malloc /root/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3 #1 0x7f7959a87e98 in g_malloc (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x57e98) #2 0x560e64b98871 in object_new qom/object.c:749:12 #3 0x560e64b5d1a1 in qdev_new hw/core/qdev.c:153:19 #4 0x560e61547ea5 in nand_init hw/block/nand.c:639:11 #5 0x560e619f8772 in tc6393xb_init hw/display/tc6393xb.c:558:16 #6 0x560e6390bad2 in tosa_init hw/arm/tosa.c:250:12 SUMMARY: AddressSanitizer: heap-buffer-overflow hw/block/nand.c:101:20 in mem_and ==15750==ABORTING Broken since introduction in commit 3e3d5815cb ("NAND Flash memory emulation and ECC calculation helpers for use by NAND controllers"). Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1446 Reported-by: Qiang Liu Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson --- hw/block/nand.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/hw/block/nand.c b/hw/block/nand.c index 3627c799b5..d90dc965a1 100644 --- a/hw/block/nand.c +++ b/hw/block/nand.c @@ -255,7 +255,9 @@ static int nand_load_block(NANDFlashState *s, int offset) { int iolen; - s->blk_load(s, s->addr, offset); + if (!s->blk_load(s, s->addr, offset)) { + return 0; + } iolen = (1 << s->page_shift) - offset; if (s->gnd) { @@ -780,6 +782,10 @@ static bool glue(nand_blk_load_, NAND_PAGE_SIZE)(NANDFlashState *s, return false; } + if (offset > NAND_PAGE_SIZE + OOB_SIZE) { + return false; + } + if (s->blk) { if (s->mem_oob) { if (blk_pread(s->blk, SECTOR(addr) << BDRV_SECTOR_BITS,