Files
kernel_common_drivers/include/linux
zhikui.cui e2eca4bfc1 nand: fix memory corruption in meson_nfc_execp_op [1/1]
PD#SWPL-113283

Problem:
when use dma to read a small amount of data to a memory by kzalloc,
kzalloc memory len less than dma minimum handling length,
e.g. kzalloc one byte memory, but dma moves data with a width 64 bits,
so it would destroy the 7 bytes memory space on the right side of the
requested memory.

BUG: KFENCE: memory corruption in meson_nfc_exec_op+0x3b4/0x4c8

Corrupted memory at 0x00000000527f2fd0 [ ! ! ! ! ! ! ! . . . . . . . ]
meson_nfc_exec_op+0x3b4/0x4c8
nand_status_op+0x1ac/0x294
nand_erase_op+0x19c/0x328
nand_erase_nand+0x1d0/0x3cc
nand_erase+0x14/0x20
mtd_erase+0x174/0x1f0
mtdchar_ioctl+0x1c1c/0x2704
mtdchar_unlocked_ioctl+0x50/0x74
__arm64_sys_ioctl+0xa4/0x114
invoke_syscall+0x5c/0x140
el0_svc_common.llvm.4567374417812983254+0xb4/0xf0
do_el0_svc+0x24/0x84
el0_svc+0x2c/0xa4
el0t_64_sync_handler+0x68/0xb4
el0t_64_sync+0x1b4/0x1b8

kfence-#52: 0x00000000d4c8f37e-0x00000000d4c8f37e, size=1, cache=kmalloc-64

Solution:
align dma minimum handling length to kzalloc

Verify:
AT301_T962D4-K35E(1.5G) #256

Change-Id: I541b6acecaa9dd69ec6466bd7040af94b45ae596
Signed-off-by: zhikui.cui <zhikui.cui@amlogic.com>
2024-01-29 20:05:13 +08:00
..