Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v4.4.183 2019-06-22T06:18:20Z 2019-06-22T06:18:20Z Jorge Ramirez-Ortiz jorge.ramirez-ortiz@linaro.org 2019-04-13T10:32:58Z urn:sha1:742cb74bf108fa18f056837bb81a8324824ead44 [ Upstream commit 2fe518fecb3a4727393be286db9804cd82ee2d91 ] When the bit_offset in the cell is zero, the pointer to the msb will not be properly initialized (ie, will still be pointing to the first byte in the buffer). This being the case, if there are bits to clear in the msb, those will be left untouched while the mask will incorrectly clear bit positions on the first byte. This commit also makes sure that any byte unused in the cell is cleared. Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez-ortiz@linaro.org> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> 2017-08-07T02:19:46Z Daniel Schultz d.schultz@phytec.de 2017-01-04T16:18:10Z urn:sha1:fe1da3b785b3b188c7a8fc6ba81d69bc0bc5a0fb [ Upstream commit 14ba972842f9e84e6d3264bc0302101b8a792288 ] All i.MX6 SoCs have an OCOTP Controller with 4kbit fuses. The i.MX6SL is an exception and has only 2kbit fuses. In the TRM for the i.MX6DQ (IMX6QDRM - Rev 2, 06/2014) the fuses size is described in chapter 46.1.1 with: "32-bit word restricted program and read to 4Kbits of eFuse OTP(512x8)." In the TRM for the i.MX6SL (IMX6SLRM - Rev 2, 06/2015) the fuses size is described in chapter 34.1.1 with: "32-bit word restricted program and read to 2 kbit of eFuse OTP(128x8)." Since the Freescale Linux kernel OCOTP driver works with a fuses size of 2 kbit for the i.MX6SL, it looks like the TRM is wrong and the formula to calculate the correct fuses size has to be 256x8. Signed-off-by: Daniel Schultz <d.schultz@phytec.de> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Sasha Levin <alexander.levin@verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2016-05-11T09:21:21Z Stanislav Meduna stano@meduna.org 2016-05-02T15:05:11Z urn:sha1:6e9544fb236325423d5066ebdeed577fb92be315 commit d1306eb675ad7a9a760b6b8e8e189824b8db89e7 upstream. This patch fixes the issue where the mxs_ocotp_read is reading the ocotp in reg_size steps but decrements the remaining size by 1. The number of iterations is thus four times higher, overwriting the area behind the output buffer. Fixes: c01e9a11ab6f ("nvmem: add driver for ocotp in i.MX23 and i.MX28") Tested-by: Stefan Wahren <stefan.wahren@i2se.com> Signed-off-by: Stanislav Meduna <stano@meduna.org> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2015-10-12T17:29:36Z Greg Kroah-Hartman gregkh@linuxfoundation.org 2015-10-12T17:29:36Z urn:sha1:4970c0cb6aa8996e39b1626887f5fb67a49f5ad1 We want the fixes in here as well. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2015-10-04T11:09:43Z Maxime Ripard maxime.ripard@free-electrons.com 2015-09-30T12:36:31Z urn:sha1:fb727077b04f768d0c79d9aa29e958262a9e3d9e The sunxi_sid driver doesn't check for kmalloc return status before derefencing the returned pointer, which could lead to a NULL pointer dereference if kmalloc failed. Check for its return code to make sure it deosn't happen. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2015-10-04T11:09:43Z Axel Lin axel.lin@ingics.com 2015-09-30T12:36:10Z urn:sha1:ace22170655f61d82fff95e57d673bf847a32a03 A tmp buffer is allocated if cell->bit_offset || cell->nbits. So the tmp buffer needs to be freed at the same condition to avoid leak. Signed-off-by: Axel Lin <axel.lin@ingics.com> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2015-10-04T11:09:43Z Axel Lin axel.lin@ingics.com 2015-09-30T12:35:15Z urn:sha1:cbf854ab36870b931aeba4edd954015b7c3005a2 It's pointless to test (cell->bit_offset || cell->bit_offset). nvmem_shift_read_buffer_in_place() should be called when (cell->bit_offset || cell->nbits). Signed-off-by: Axel Lin <axel.lin@ingics.com> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2015-10-04T11:09:43Z ZhengShunQian zhengsq@rock-chips.com 2015-09-30T12:33:56Z urn:sha1:7c806883e143dc60439e6bdb3589700ebed1efaa The position to read/write must be less than max register size. Signed-off-by: ZhengShunQian <zhengsq@rock-chips.com> Acked-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2015-10-04T11:08:14Z kbuild test robot lkp@intel.com 2015-09-30T13:46:06Z urn:sha1:7e532f7925f1758369c7963297baceac3cbaefc1 Signed-off-by: Fengguang Wu <fengguang.wu@intel.com> Acked-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2015-10-04T11:08:14Z ZhengShunQian zhengsq@rock-chips.com 2015-09-30T12:56:44Z urn:sha1:03a69568e07e1150e1cfdb862892798f88dafd17 There are some SoC specified values store in eFuse, such as the cpu_leakage and cpu_version, this driver can expose these values to /sys base on nvmem. Signed-off-by: Caesar Wang <caesar.wang@rock-chips.com> Signed-off-by: ZhengShunQian <zhengsq@rock-chips.com> Acked-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>