MTD: slc-nand: fix signed integer overflow in erase_bootloader [1/1]

PD#SWPL-11771

Problem:
Hackers can use signed integer erase_boot_num to cause systems crash

Solution:
replace signed variable with unsigned variables

Verify:
AXG-S400

Change-Id: I9cc8d8f43c199f48e7d7bff2664bca740681d274
Signed-off-by: xianjun.liu <xianjun.liu@amlogic.com>

drivers/amlogic/mtd/boot.c

@@ -664,13 +664,13 @@ WRITE_BAD_BLOCK:
 /* extra char device for bootloader */
 #define AML_CHAR_BOOT_DEV	(0)
 #if (AML_CHAR_BOOT_DEV)
-int erase_bootloader(struct mtd_info *mtd, int boot_num)
+int erase_bootloader(struct mtd_info *mtd, uint32_t boot_num)
 {
 	struct nand_chip *chip = mtd->priv;
 	struct aml_nand_chip *aml_chip = mtd_to_nand_chip(mtd);
 	int page, each_boot_pages, boot_copy_num;
 	int pages_per_block;
-	int start_page, end_page;
+	uint32_t start_page, end_page;
 	int status;
 
 	if (aml_chip->bl_mode)
@@ -920,8 +920,9 @@ static int boot_ioctl(struct file *file, u_int cmd, u_long arg)
 	struct uboot_file_info *ufi = file->private_data;
 	struct mtd_info *mtd = ufi->mtd;
 	void __user *argp = (void __user *)arg;
-	int ret = 0, erase_boot_num = 0;
+	int ret = 0;
 	u_long size;
+	uint32_t erase_boot_num = 0;
 
 	pr_debug("boot_ioctl\n");
 
@@ -1017,7 +1018,7 @@ static long boot_compat_ioctl(struct file *file, uint32_t cmd,
 	}
 	case BOOT_ERASE_INFO32:
 	{
-		int erase_boot_num;
+		uint32_t erase_boot_num;
 
 		if (copy_from_user(&erase_boot_num, argp, sizeof(int)))
 			ret = -EFAULT;