If host->max is lower than PAGE_CACHE_SIZE, it should allocate the scatterlist with incorrect size. To prevent illegal behavior, fixed the scatterlist size for mmc_alloc_sg(). Signed-off-by: Jaehoon Chung <jh80.chung@xxxxxxxxxxx> --- drivers/mmc/card/queue.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/mmc/card/queue.c b/drivers/mmc/card/queue.c index 6f4323c..0353f99 100644 --- a/drivers/mmc/card/queue.c +++ b/drivers/mmc/card/queue.c @@ -276,12 +276,14 @@ int mmc_init_queue(struct mmc_queue *mq, struct mmc_card *card, blk_queue_max_segments(mq->queue, host->max_segs); blk_queue_max_segment_size(mq->queue, host->max_seg_size); - mqrq_cur->sg = mmc_alloc_sg(host->max_segs, &ret); + mqrq_cur->sg = + mmc_alloc_sg(mq->queue->limits.max_segments, &ret); if (ret) goto cleanup_queue; - mqrq_prev->sg = mmc_alloc_sg(host->max_segs, &ret); + mqrq_prev->sg = + mmc_alloc_sg(mq->queue->limits.max_segments, &ret); if (ret) goto cleanup_queue; } -- 1.9.1 -- To unsubscribe from this list: send the line "unsubscribe linux-mmc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
