From: Jaehoon Chung <jh80.chung@samsung.com>
Date: Wed, 13 Jul 2011 08:02:16 +0000 (+0900)
Subject: mmc: block: fixed NULL pointer dereference
X-Git-Tag: firefly_0821_release~3680^2~5013^2~18
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=393f9a08e2ee72e42379489a5781feaf9c406d5f;p=firefly-linux-kernel-4.4.55.git

mmc: block: fixed NULL pointer dereference

We already check for ongoing async transfers when handling discard
requests, but not in mmc_blk_issue_flush().  This patch fixes that
omission.

Tested with an SDHCI controller and eMMC4.41.

Signed-off-by: Jaehoon Chung <jh80.chung@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Acked-by: Per Forlin <per.forlin@linaro.org>
Cc: <stable@kernel.org>
Signed-off-by: Chris Ball <cjb@laptop.org>
---

diff --git a/drivers/mmc/card/block.c b/drivers/mmc/card/block.c
index 38d01492a52b..1ff5486213fb 100644
--- a/drivers/mmc/card/block.c
+++ b/drivers/mmc/card/block.c
@@ -1200,6 +1200,9 @@ static int mmc_blk_issue_rq(struct mmc_queue *mq, struct request *req)
 		else
 			ret = mmc_blk_issue_discard_rq(mq, req);
 	} else if (req && req->cmd_flags & REQ_FLUSH) {
+		/* complete ongoing async transfer before issuing flush */
+		if (card->host->areq)
+			mmc_blk_issue_rw_rq(mq, NULL);
 		ret = mmc_blk_issue_flush(mq, req);
 	} else {
 		ret = mmc_blk_issue_rw_rq(mq, req);