From aoluo@tsinghua.edu.cn Sat Aug 15 00:52:52 2020 Received: from smtps23.tsinghua.edu.cn ([59.66.3.29] helo=tsinghua.edu.cn) by stoneboat.default.lvansomeren.uk0.bigv.io with esmtp (Exim 4.92) (envelope-from ) id 1k6jV5-0005Jm-Lw for yaffs@stoneboat.aleph1.co.uk; Sat, 15 Aug 2020 00:52:52 +0100 Received: from XNNServer (unknown [118.26.137.114]) by app-1 (Coremail) with SMTP id DwQGZQD3ziLIIzdfzRgXAA--.59616S2; Sat, 15 Aug 2020 07:52:41 +0800 (CST) From: "Ao Luo" To: Date: Sat, 15 Aug 2020 07:52:39 +0800 Message-ID: <006d01d67295$fe776760$fb663620$@tsinghua.edu.cn> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_006E_01D672D9.0C9BB8D0" X-Mailer: Microsoft Outlook 16.0 Thread-Index: AdZylf4DzyCj8A5BSLmCpgSVFrja+Q== Content-Language: zh-cn X-CM-TRANSID: DwQGZQD3ziLIIzdfzRgXAA--.59616S2 X-Coremail-Antispam: 1UD129KBjvdXoW7XFyxtr4DAF45Zr1UJF43Wrg_yoWDGwcE9r WkArWDXw4UJ345Gr17A347J3sxZa98KFy8WF4Yyrs3Jw1DGFy3u3ykZFnxJws7Jayfuw1a grW8J395ur1SvjkaLaAFLSUrUUUUUb8apTn2vfkv8UJUUUU8Yxn0WfASr-VFAUDa7-sFnT 9fnUUIcSsGvfJTRUUUbqAYjsxI4VWxJwAYFVCjjxCrM7AC8VAFwI0_Jr0_Gr1l1xkIjI8I 6I8E6xAIw20EY4v20xvaj40_Wr0E3s1l1IIY67AEw4v_Jr0_Jr4l8cAvFVAK0II2c7xJM2 8CjxkF64kEwVA0rcxSw2x7M28EF7xvwVC0I7IYx2IY67AKxVW5JVW7JwA2z4x0Y4vE2Ix0 cI8IcVCY1x0267AKxVW8JVWxJwA2z4x0Y4vEx4A2jsIE14v26rxl6s0DM28EF7xvwVC2z2 80aVCY1x0267AKxVW0oVCq3wAS0I0E0xvYzxvE52x082IY62kv0487Mc02F40Eb7x2x7xS 6F1j6F4UMc02F40E57IF67AEF4xIwI1l5I8CrVAKz4kIr2xC04v26r4j6ryUMc02F40E42 I26xC2a48xMcIj6xIIjxv20xvE14v26r106r15McIj6I8E87Iv67AKxVWUJVW8JwAm72CE 4IkC6x0Yz7v_Jr0_Gr1lF7xvr2IYc2Ij64vIr41l7480Y4vEI4kI2Ix0rVAqx4xJMxkIec xEwVAFwVWfMxAIw28IcxkI7VAKI48JMxC20s026xCaFVCjc4AY6r1j6r4UMI8I3I0E5I8C rVAFwI0_JrI_JrWlx2IqxVCjr7xvwVAFwI0_JrI_JrWlx4CE17CEb7AF67AKxVWUJVWUXw CIc40Y0x0EwIxGrwCI42IY6xIIjxv20xvE14v26r1j6r1xMIIF0xvE2Ix0cI8IcVCY1x02 67AKxVWUJVW8JwCI42IY6xAIw20EY4v20xvaj40_Wr1j6rW3Jr1lIxAIcVC2z280aVAFwI 0_Jr0_Gr1lIxAIcVC2z280aVCY1x0267AKxVWUJVW8JbIYCTnIWIevJa73UjIFyTuYvjxU aoGHUUUUU X-CM-SenderInfo: 5dro30o6wvx0pjkxthxhgxhubq/ X-Spam_score: -1.9 X-Spam_score_int: -18 X-Spam_bar: - X-Spam_report: Spam detection software, running on the system "stoneboat.default.lvansomeren.uk0.bigv.io", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Two suggested change in temp buffer management: 1. When format disk before mounted, the buffer is not allocated and may return NULL buffer pointers. 2. The size of unmanaged buffer should use total_bytes_per_chunk, otherwise it will cause buffer ov [...] Content analysis details: (-1.9 points, 4.9 required) pts rule name description ---- ---------------------- -------------------------------------------------- -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS -0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-ACL-Warn: warn X-SA-Exim-Connect-IP: 59.66.3.29 X-SA-Exim-Mail-From: aoluo@tsinghua.edu.cn X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on stoneboat.default.lvansomeren.uk0.bigv.io X-Spam-Level: X-Spam-Status: No, score=-1.9 required=4.9 tests=AWL,BAYES_00,HTML_MESSAGE, KHOP_HELO_FCRDNS autolearn=no autolearn_force=no version=3.4.2 X-SA-Exim-Version: 4.2.1 (built Wed, 08 May 2019 21:11:16 +0000) X-SA-Exim-Scanned: Yes (on stoneboat.default.lvansomeren.uk0.bigv.io) Subject: [Yaffs] temp buffer management issues X-BeenThere: yaffs@stoneboat.aleph1.co.uk X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion of YAFFS NAND flash filesystem List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Aug 2020 23:52:52 -0000 This is a multipart message in MIME format. ------=_NextPart_000_006E_01D672D9.0C9BB8D0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Two suggested change in temp buffer management: 1. When format disk before mounted, the buffer is not allocated and may return NULL buffer pointers. 2. The size of unmanaged buffer should use total_bytes_per_chunk, otherwise it will cause buffer overflow in inband tag mode. diff --git a/yaffs_guts.c b/yaffs_guts.c index c52ff84..94177df 100644 --- a/yaffs_guts.c +++ b/yaffs_guts.c @@ -147,7 +147,7 @@ u8 *yaffs_get_temp_buffer(struct yaffs_dev * dev) dev->max_temp = dev->temp_in_use; for (i = 0; i < YAFFS_N_TEMP_BUFFERS; i++) { - if (dev->temp_buffer[i].in_use == 0) { + if (dev->temp_buffer[i].in_use == 0 && dev->temp_buffer[i].buffer) { dev->temp_buffer[i].in_use = 1; return dev->temp_buffer[i].buffer; } @@ -160,7 +160,7 @@ u8 *yaffs_get_temp_buffer(struct yaffs_dev * dev) */ dev->unmanaged_buffer_allocs++; - return kmalloc(dev->data_bytes_per_chunk, GFP_NOFS); + return kmalloc(dev->param.total_bytes_per_chunk, GFP_NOFS); } ------=_NextPart_000_006E_01D672D9.0C9BB8D0 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Two suggested change in temp buffer = management:

  1. When format disk = before mounted, the buffer is not allocated and may return NULL buffer = pointers.
  2. The size of unmanaged = buffer should use total_bytes_per_chunk, otherwise it will cause buffer = overflow in inband tag mode.

 

diff --git = a/yaffs_guts.c b/yaffs_guts.c

index = c52ff84..94177df 100644

--- = a/yaffs_guts.c

+++ = b/yaffs_guts.c

@@ -147,7 +147,7 @@ u8 = *yaffs_get_temp_buffer(struct yaffs_dev * dev)

=             &= nbsp;          = dev->max_temp =3D dev->temp_in_use;

         &= nbsp;  for (i =3D 0; i < YAFFS_N_TEMP_BUFFERS; i++) = {

-         =              = if (dev->temp_buffer[i].in_use =3D=3D 0) {

+         =              = if (dev->temp_buffer[i].in_use =3D=3D 0 && = dev->temp_buffer[i].buffer) {

=             &= nbsp;           &n= bsp;          = dev->temp_buffer[i].in_use =3D 1;

=             &= nbsp;           &n= bsp;          return = dev->temp_buffer[i].buffer;

=             &= nbsp;          = }

@@ -160,7 +160,7 @@ u8 = *yaffs_get_temp_buffer(struct yaffs_dev * dev)

=            =  */

         &= nbsp;  dev->unmanaged_buffer_allocs++;

-         = return kmalloc(dev->data_bytes_per_chunk, = GFP_NOFS);

+         = return kmalloc(dev->param.total_bytes_per_chunk, = GFP_NOFS);

 }

 

------=_NextPart_000_006E_01D672D9.0C9BB8D0--