#include <linux/module.h>
#include <linux/slab.h>
#include <linux/sched.h>
+#include <linux/smp_lock.h>
#include <linux/mtd/mtd.h>
#include <linux/mtd/compatmac.h>
{
int minor = iminor(inode);
int devnum = minor >> 1;
+ int ret = 0;
struct mtd_info *mtd;
struct mtd_file_info *mfi;
if ((file->f_mode & 2) && (minor & 1))
return -EACCES;
+ lock_kernel();
mtd = get_mtd_device(NULL, devnum);
- if (IS_ERR(mtd))
- return PTR_ERR(mtd);
+ if (IS_ERR(mtd)) {
+ ret = PTR_ERR(mtd);
+ goto out;
+ }
if (MTD_ABSENT == mtd->type) {
put_mtd_device(mtd);
- return -ENODEV;
+ ret = -ENODEV;
+ goto out;
}
/* You can't open it RW if it's not a writeable device */
if ((file->f_mode & 2) && !(mtd->flags & MTD_WRITEABLE)) {
put_mtd_device(mtd);
- return -EACCES;
+ ret = -EACCES;
+ goto out;
}
mfi = kzalloc(sizeof(*mfi), GFP_KERNEL);
if (!mfi) {
put_mtd_device(mtd);
- return -ENOMEM;
+ ret = -ENOMEM;
+ goto out;
}
mfi->mtd = mtd;
file->private_data = mfi;
- return 0;
+out:
+ unlock_kernel();
+ return ret;
} /* mtd_open */
/*====================================================================*/
{
struct mtd_oob_buf buf;
struct mtd_oob_ops ops;
+ uint32_t retlen;
if(!(file->f_mode & 2))
return -EPERM;
buf.start &= ~(mtd->oobsize - 1);
ret = mtd->write_oob(mtd, buf.start, &ops);
- if (copy_to_user(argp + sizeof(uint32_t), &ops.oobretlen,
- sizeof(uint32_t)))
+ if (ops.oobretlen > 0xFFFFFFFFU)
+ ret = -EOVERFLOW;
+ retlen = ops.oobretlen;
+ if (copy_to_user(&((struct mtd_oob_buf *)argp)->length,
+ &retlen, sizeof(buf.length)))
ret = -EFAULT;
kfree(ops.oobbuf);
git.openpandora.org / pandora-kernel.git / blobdiff