Commit Graph

766 Commits

Author SHA1 Message Date
Tilman Schmidt
6ad34145cf gigaset: correct range checking off by one error
Correct a potential array overrun due to an off by one error in the
range check on the CAPI CONNECT_REQ CIPValue parameter.
Found and reported by Dan Carpenter using smatch.

Impact: bugfix
Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-03-16 14:15:41 -07:00
Lars Ellenberg
d00561a2f6 ISDN: Add PCI ID for HFC-2S/4S Beronet Card PCIe
A few subdevice IDs seem to have been dropped when hfc_multi was
included upstream, just compare the list at
http://www.openvox.cn/viewvc/misdn/trunk/hfc_multi.c?revision=75&view=annotate#l175
with the IDs in drivers/isdn/hardware/mISDN/hfcmulti.c

Added PCIe 2 Port card and LED settings (same as PCI)
Do not use <linux/pci_ids.h> /KKe

Signed-off-by: Lars Ellenberg <lars.ellenberg@linbit.com>
Signed-off-by: Karsten Keil <keil@b1-systems.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-03-15 19:09:28 -07:00
David S. Miller
4961e02f19 Merge branch 'master' of /home/davem/src/GIT/linux-2.6/ 2010-03-15 16:23:54 -07:00
Tilman Schmidt
873a69a358 gigaset: prune use of tty_buffer_request_room
Calling tty_buffer_request_room() before tty_insert_flip_string()
is unnecessary, costs CPU and for big buffers can mess up the
multi-page allocation avoidance.

Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Acked-by: Karsten Keil <keil@b1-systems.de>
CC: Alan Cox <alan@lxorguk.ukuu.org.uk>, stable@kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-03-15 16:00:49 -07:00
Tilman Schmidt
3a0a3a6b92 gigaset: correct clearing of at_state strings on RING
In RING handling, clear the table of received parameter strings in
a loop like everywhere else, instead of by enumeration which had
already gotten out of sync.

Impact: minor bugfix
Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Acked-by: Karsten Keil <keil@b1-systems.de>
CC: stable@kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-03-15 16:00:49 -07:00
Tilman Schmidt
bc35b4e347 gigaset: avoid registering CAPI driver more than once
Registering/unregistering the Gigaset CAPI driver when a device is
connected/disconnected causes an Oops when disconnecting two Gigaset
devices in a row, because the same capi_driver structure gets
unregistered twice. Fix by making driver registration/unregistration
a separate operation (empty in the ISDN4Linux case) called when the
main module is loaded/unloaded.

Impact: bugfix
Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Acked-by: Karsten Keil <keil@b1-systems.de>
CC: stable@kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-03-15 16:00:49 -07:00
Ian Munsie
255f5c327e i4l: change magic numbers in Eicon DIVA ISDN driver to symbolic names
Replace references to the '20' magic number found throughout the Eicon
ISDN driver for the length of the station_id field in the T30_INFO struct
with the T30_MAX_STATION_ID_LENGTH symbolic constant.

Signed-off-by: Ian Munsie <imunsie@au.ibm.com>
Cc: Armin Schindler <mac@melware.de>
Cc: Karsten Keil <isdn@linux-pingi.de>
Cc: Stoyan Gaydarov <sgayda2@uiuc.edu>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-03-15 15:47:02 -07:00
Ian Munsie
8b4017d8c1 i4l: silence compiler warnings for array access in Eicon DIVA ISDN driver
When compiling this driver, the compiler throws the following warnings:

drivers/isdn/hardware/eicon/message.c:8426: warning: array subscript is above array bounds
drivers/isdn/hardware/eicon/message.c:8427: warning: array subscript is above array bounds
drivers/isdn/hardware/eicon/message.c:8434: warning: array subscript is above array bounds
drivers/isdn/hardware/eicon/message.c:8435: warning: array subscript is above array bounds
drivers/isdn/hardware/eicon/message.c:8436: warning: array subscript is above array bounds
drivers/isdn/hardware/eicon/message.c:8447: warning: array subscript is above array bounds

This arises from the particular semantics the driver is using to write to
the nlc array (static byte[256]).  The array has a length in byte 0
followed by a T30_INFO struct starting at byte 1.

The T30_INFO struct has a number of variable length strings after the
station_id entry, which cannot be explicitly defined in the struct and the
driver accesses them with an array index to station_id beyond the length
of station_id.

This patch merely changes the semantics that the driver uses to access the
entries after the station_id entry to use the original 256 byte nlc array
taking the offset and length of the station_id entry to calculate where to
write in the array, thereby silencing the warning.

Signed-off-by: Ian Munsie <imunsie@au.ibm.com>
Cc: Armin Schindler <mac@melware.de>
Cc: Karsten Keil <isdn@linux-pingi.de>
Cc: Stoyan Gaydarov <sgayda2@uiuc.edu>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-03-15 15:47:02 -07:00
Roel Kluin
dec9951b8a isdn: misplaced parenthesis in pof_handle_data()
The parenthesis was misplaced.

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Cc: Karsten Keil <isdn@linux-pingi.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-03-15 15:47:01 -07:00
Jiri Kosina
318ae2edc3 Merge branch 'for-next' into for-linus
Conflicts:
	Documentation/filesystems/proc.txt
	arch/arm/mach-u300/include/mach/debug-macro.S
	drivers/net/qlge/qlge_ethtool.c
	drivers/net/qlge/qlge_main.c
	drivers/net/typhoon.c
2010-03-08 16:55:37 +01:00
David S. Miller
47871889c6 Merge branch 'master' of /home/davem/src/GIT/linux-2.6/
Conflicts:
	drivers/firmware/iscsi_ibft.c
2010-02-28 19:23:06 -08:00
Andy Shevchenko
003bdb279b isdn: remove ishexdigit() in regard to isxdigit()
Samll cleanup in drivers/isdn/gigaset/capi.c where own implementation of
isxdigit() has been changed to kernel native one.

Signed-off-by: Andy Shevchenko <ext-andriy.shevchenko@nokia.com>
Acked-by: Tilman Schmidt <tilman@imap.cc>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-26 01:24:24 -08:00
Tilman Schmidt
1528b18f7e gigaset: reduce syslog clutter
Improve readability of the Gigaset driver's kernel messages by
removing a few unnecessary messages and limiting the emission
of some debug messages more narrowly.

Impact: logging
Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-26 01:24:23 -08:00
Tilman Schmidt
63e055d1c6 bas_gigaset: collapse CR/LF at end of AT response
Copy the mechanism from ser_/usb_gigaset to avoid producing
spurious empty responses for CR/LF sequences from the device.
Add a comment in all drivers documenting that behaviour.
Correct an off by one error that might result in a one byte
buffer overflow when receiving an unexpectedly long reply.

Impact: minor bugfix
Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-26 01:24:23 -08:00
Tilman Schmidt
41a68a748b PCI: push deprecated pci_find_device() function to last user
The ISDN4Linux HiSax driver family contains the last remaining users
of the deprecated pci_find_device() function. This patch creates a
private copy of that function in HiSax, and removes the now unused
global function together with its controlling configuration option,
CONFIG_PCI_LEGACY.

Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
2010-02-22 16:17:01 -08:00
Tilman Schmidt
e5f8d9ac46 isdn: fix a few Kconfig imperfections
1. Rewrite the outdated help texts for config options ISDN and ISDN_CAPI.
2. The MISDN config option appeared between ISDN_I4L and the I4L hardware
   driver options; move it to a less irritating place.
3. HYSDN is not in fact an I4L driver, and needn't depend on ISDN_I4L, so
   move it from the I4L section to the general section.
4. ISDN_HDLC is now also used by drivers outside I4L.  Move it from the
   I4L section to the general section, too.

Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-22 15:45:53 -08:00
Jan Kiszka
771f4c87be CAPI: Remove experimental tag from middleware feature
Despite all its bugs, the middleware support of our CAPI stack was
already in use for many, many moons. And after going through its code,
fixing all issues I found, I feel it deserves to officially become a
non-experimental feature.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:36 -08:00
Jan Kiszka
79e95f4717 CAPI: Schedule capifs for removal
With dynamic TTY nodes and the help of udev, we no longer need this
special filesystem. Schedule it for removal in one year from now.

As a last duty to this feature, move its help to right option so that
users can read the rationale.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:36 -08:00
Jan Kiszka
c6af043794 CAPI: Drop special controller lookup from capi20_put_message
This strange special rule to fall back to controller 1 cannot be derived
from the CAPI specs and looks a lot like it was once dedicated to some
out-of-tree driver, probably AVM's broken fcdsl2 (FRITZ!Card DSL v2.0).
I found no in-tree user that needs this check, and I'm now taking care
of the fcdsl2. So drop these bits from our stack.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:35 -08:00
Jan Kiszka
eef0ced028 CAPI: Drop return value of handle_minor_send
We did not evaluate handle_minor_send's return value, just (void)'ed it
away. Time for a cleanup.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:35 -08:00
Jan Kiszka
2b72b5bd65 CAPI: Clean up capiminor_*_ack
No need for irqsave acquisition of acklock, bh-safe is sufficient.
Moverover, move kfree out of the lock and do not take acklock at all
in capiminor_del_all_ack as we are the last user of the list here.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:34 -08:00
Jan Kiszka
dfbb84ffe9 CAPI: Fix locking around capiminor's output queue and drop workaround_lock
Introduce outlock as a spin lock that protects capiminor's outqueue,
outbytes and outskb (formerly known as ttyskb). outlock can be acquired
from soft-IRQ context via capinc_write, so make it bh-safe.

This finally removes the last reason for keeping the workaround lock
around (which was incomplete and partly broken anyway). And as we no
longer call handle_recv_skb in atomic context, gen_data_b3_resp_for can
use non-atomic allocation now.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:34 -08:00
Jan Kiszka
68d7347b28 CAPI: Drop capiminor's unused inbytes counter
The inbytes counter was only updated but never read.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:33 -08:00
Jan Kiszka
42792713f7 CAPI: Use atomics for capiminor's datahandle and msgid
The capiminor members datahandle and msgid are incremented outside any
lock, so better do this atomically.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:33 -08:00
Jan Kiszka
42651b5c1a CAPI: Rename datahandle_queue -> ackqueue_entry
This struct is describing a queue entry, not the queue itself.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:32 -08:00
Jan Kiszka
a11ef7be8e CAPI: Rework capiminor RX handler
Avoid re-queuing skbs unless the error detected in handle_recv_skb is
expected to be recoverable such as lacking memory, a full CAPI queue, a
full TTY input buffer, or a not yet existing TTY.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:32 -08:00
Jan Kiszka
b75b2eedcb CAPI: Drop handle_minor_recv from capinc_tty_write
Sending a message down the CAPI stack may trigger the reception of an
answer, but this will go through capi_recv_message and call
handle_minor_recv from there. There is no need to walk the receive queue
on capinc_tty_write.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:31 -08:00
Jan Kiszka
a84fdf41b2 CAPI: Drop atomic ttyopencount
Not needed, tty->count keeps track of this information. At this chance,
drop traces of ancient attempts to debug this logic via _DEBUG_REFCOUNT.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:31 -08:00
Jan Kiszka
3d5d30fe7a CAPI: Clean up capiminors_lock
Use a plain spin lock for capiminors_lock, drop inconsistent irqsafe
acquisitions (it's only used in process context anyway).

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:30 -08:00
Jan Kiszka
6576c2891a CAPI: Drop obsolete nccip from capiminor struct
The nccip in capiminor used to serve as an indicator that the NCCI was
close. But we don't need this, we issue a hangup on capincci_free_minor.
So drop this legacy.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:30 -08:00
Jan Kiszka
30bced91d9 CAPI: Issue synchronous hangup on capincci_free_minor
capincci_free and, thus, capincci_free_minor runs in process context, so
we can issue the hangup of the associated TTY synchronously.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:29 -08:00
Jan Kiszka
2c8df72259 CAPI: Drop remaining NULL checks on tty->driver_data
tty_struct's driver_data cannot be NULL, no need to test for it.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:29 -08:00
Jan Kiszka
fb4b4881ef CAPI: Use tty_port to keep track of capiminor's tty
Use the reference management features of tty_port to look up and drop
again the tty_struct associated with a capiminor.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:29 -08:00
Jan Kiszka
4632451180 CAPI: Establish install/cleanup handlers for capiminor TTYs
Properly associate/disassociate a capiminor object with its TTY via the
install/cleanup handlers instead of trying to guess first open and last
close.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:28 -08:00
Jan Kiszka
0159d5491f CAPI: Use kref on capiminor
Install a reference counter for capiminor objects. Acquire it when
obtaining a capiminor from the array during capinc_tty_open, drop it
when closing the tty again. Another reference is held for the hook-up
with capincci.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:28 -08:00
Jan Kiszka
e95ac14386 CAPI: Use dynamic major for NCCI TTYs by default
No need to allocate a fixed major for this TTY, both capifs and udev
make this transparent to the user.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:27 -08:00
Jan Kiszka
40fb2d0da7 CAPI: Dynamically register minor devices
Register capiminors dynamically with the TTY core so that udev can make
them show up as the NCCIs appear or disappear. This removes the need to
check if the capiminor requested in capinc_tty_open actually exists.

And this completely obsoletes capifs which will be scheduled for removal
in a later patch.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:27 -08:00
Jan Kiszka
e76b154407 CAPI: Clean up capinc_tty_init/exit
Return proper error code if tty_register_driver fails. In contrast,
tty_unregister_driver cannot practically fail, so drop that error
handling. Finally, mark capinc_tty_init/exit with __init/__exit.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:26 -08:00
Jan Kiszka
81d17fe5e2 CAPI: Switch capiminor list to array
Using a plain array of pointers simplifies the management of capiminors.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:26 -08:00
Jan Kiszka
884f5c4479 CAPI: Switch NCCI list to standard doubly linked list
Replace open-coded NCCI list management with standard mechanisms.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:25 -08:00
Jan Kiszka
28a1dbb6f7 CAPI: Fix racy capi_read
capi_read still used interruptible_sleep_on, risking to miss a wakeup
this way. Convert it to wait_event_interruptible.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:25 -08:00
Jan Kiszka
54f0fad3d8 CAPI: Use non-atomic allocation during NCCI setup
Both capincci_alloc and capiminor_alloc run in non-atomic context,
update their memory allocations accordingly.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:24 -08:00
Jan Kiszka
05b4149433 CAPI: Rework locking of capidev members
Rename 'ncci_list_mtx' to 'lock', expressing that it now protects a
larger set of capidev members: the NCCI list, ap.applid (ie. the
registration of the application), and modifications of userflags.

We do not need to protect each and every check for ap.applid because,
once an application is registered, it will stay for the whole lifetime
of the device.

Also, there is no need to apply the capidev mutex during release (if
there could be concurrent users, we would crash them anyway by freeing
the device at the end of capi_release).

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:24 -08:00
Jan Kiszka
eca39dd830 CAPI: Clean up capi_open/release
Fold capidev_alloc and capidev_free into capi_open and capi_release -
there are no other users. Someone pushed a lock_kernel into capi_open.
Drop it, we don't need it. Also remove the useless test from open that
checks for private_data == NULL.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:23 -08:00
Jan Kiszka
b8f433dc5c CAPI: Convert capidev_list_lock into a mutex
No need for anything "harder" here (specifically no need for
irqsave...). Also, make the list removal the first operation of
capidev_free to avoid dumping half-released devices via /proc.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:23 -08:00
Jan Kiszka
501c87a919 CAPI: Reduce #ifdef mess around CONFIG_ISDN_CAPI_MIDDLEWARE
Make the code a bit more readable be providing stub functions for the
!CONFIG_ISDN_CAPI_MIDDLEWARE case. Though a few lines are moved around,
this comes with no functional changes.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:23 -08:00
Jan Kiszka
88c896ef87 CAPI: Rework application locking
Drop the application rw-lock in favour of RCU. This synchronizes
capi20_release against capi_ctr_handle_message which may dereference an
application from (soft-)IRQ context. Any other access to the application
list is now protected by the capi_controller_lock as well. This also
allows to safely inspect applications for /proc dumping by holding
capi_controller_lock.

At this chance, drop some useless release_in_progress checks where we
obtained the application pointer from the list (which becomes NULL on
release_in_progress).

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:22 -08:00
Jan Kiszka
0ca3a017a7 CAPI: Rework locking of controller data structures
This patch applies the mutex so far only protecting the controller list
to (almost) all accesses of controller data structures. It also reworks
waiting on state changes in old_capi_manufacturer so that it no longer
poll and holds a module reference to the controller owner while waiting
(the latter was partly done already). Modification and checking of the
blocked state remains racy by design, the caller is responsible for
dealing with this.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:22 -08:00
Jan Kiszka
ef69bb2ec6 CAPI: Rework controller state notifier
Another step towards proper locking: Rework the callback provided to
capidrv for controller state changes. This is so far attached to an
application, which would require us to hold the corresponding lock
across notification calls.

But there is no direct relation between a controller up/down event and
an application, so let's decouple them and provide a notifier call chain
for those events instead. This notifier chain is first of all used
internally. Here we request the highest priority to unsure that
housekeeping work is done before any other notifications. The chain is
exported via [un]register_capictr_notifier to our only user, capidrv, to
replace the racy and unfixable capi20_set_callback.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:21 -08:00
Jan Kiszka
3efecf7a49 CAPI: Rework capi_ctr_ready/down
This step prepares the application of proper controller locking: Push
all state changing work into the notify handler that are called by
capi_ctr_ready and capi_ctr_down, switch detach_capi_ctr to issue a
synchronous ctr_down. Also ensure that we do not go through any action
if the state did not change.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:21 -08:00