commit 646fd12784d506180353005f40f90bcf08c84a3e
author Massimo Cirillo <maxcir@gmail.com> Fri Jan 11 10:24:11 2008 +0000
committer Linus Torvalds <torvalds@woody.linux-foundation.org> Fri Jan 11 11:44:37 2008 -0800
tree 69cd72ea6fb51212d439bd3e4237126af2b6ada2
parent 7c48c56e9b5a51263269dd419cc32531db141340

cache invalidation error for buffered write

The bug causes corruptions of data read from flash.

The original code performs cache invalidation from "adr" to "adr + len"
in do_write_buffer().  Since len and adr could be updated in the code
before invalidation - it causes improper setting of cache invalidation
regions.

Signed-off-by: Massimo Cirillo <maxcir@gmail.com>
Signed-off-by: Giuseppe D'Eliseo <giuseppedeliseo@gmail.com>
Acked-by: Nicolas Pitre <nico@cam.org>
Acked-by: Jörn Engel <joern@logfs.org>
Signed-off-by: David Woohouse <dwmw2@infradead.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

drivers/mtd/chips/cfi_cmdset_0001.c

diff --git a/drivers/mtd/chips/cfi_cmdset_0001.c b/drivers/mtd/chips/cfi_cmdset_0001.c
index a9eb1c5..1707f98c 100644
--- a/drivers/mtd/chips/cfi_cmdset_0001.c
+++ b/drivers/mtd/chips/cfi_cmdset_0001.c
@@ -1504,9 +1504,12 @@
 	int ret, wbufsize, word_gap, words;
 	const struct kvec *vec;
 	unsigned long vec_seek;
+	unsigned long initial_adr;
+	int initial_len = len;
 
 	wbufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize;
 	adr += chip->start;
+	initial_adr = adr;
 	cmd_adr = adr & ~(wbufsize-1);
 
 	/* Let's determine this according to the interleave only once */
@@ -1519,7 +1522,7 @@
 		return ret;
 	}
 
-	XIP_INVAL_CACHED_RANGE(map, adr, len);
+	XIP_INVAL_CACHED_RANGE(map, initial_adr, initial_len);
 	ENABLE_VPP(map);
 	xip_disable(map, chip, cmd_adr);
 
@@ -1610,7 +1613,7 @@
 	chip->state = FL_WRITING;
 
 	ret = INVAL_CACHE_AND_WAIT(map, chip, cmd_adr,
-				   adr, len,
+				   initial_adr, initial_len,
 				   chip->buffer_write_time);
 	if (ret) {
 		map_write(map, CMD(0x70), cmd_adr);