diff --git a/drivers/firewire/core-device.c b/drivers/firewire/core-device.c index 7a05fd24d68b..3873d535b28d 100644 --- a/drivers/firewire/core-device.c +++ b/drivers/firewire/core-device.c @@ -32,6 +32,7 @@ #include #include #include +#include #include #include #include @@ -1066,6 +1067,8 @@ static void fw_device_init(struct work_struct *work) device->config_rom_retries = 0; set_broadcast_channel(device, device->generation); + + add_device_randomness(&device->config_rom[3], 8); } /* diff --git a/drivers/firewire/core-transaction.c b/drivers/firewire/core-transaction.c index 87d6f2d2f02d..28a94c7ec6e5 100644 --- a/drivers/firewire/core-transaction.c +++ b/drivers/firewire/core-transaction.c @@ -31,6 +31,7 @@ #include #include #include +#include #include #include #include @@ -489,7 +490,7 @@ static struct fw_address_handler *lookup_overlapping_address_handler( { struct fw_address_handler *handler; - list_for_each_entry(handler, list, link) { + list_for_each_entry_rcu(handler, list, link) { if (handler->offset < offset + length && offset < handler->offset + handler->length) return handler; @@ -510,7 +511,7 @@ static struct fw_address_handler *lookup_enclosing_address_handler( { struct fw_address_handler *handler; - list_for_each_entry(handler, list, link) { + list_for_each_entry_rcu(handler, list, link) { if (is_enclosing_handler(handler, offset, length)) return handler; } @@ -518,7 +519,7 @@ static struct fw_address_handler *lookup_enclosing_address_handler( return NULL; } -static DEFINE_SPINLOCK(address_handler_lock); +static DEFINE_SPINLOCK(address_handler_list_lock); static LIST_HEAD(address_handler_list); const struct fw_address_region fw_high_memory_region = @@ -555,6 +556,7 @@ static bool is_in_fcp_region(u64 offset, size_t length) * the specified callback is invoked. The parameters passed to the callback * give the details of the particular request. * + * To be called in process context. * Return value: 0 on success, non-zero otherwise. * * The start offset of the handler's address region is determined by @@ -575,7 +577,7 @@ int fw_core_add_address_handler(struct fw_address_handler *handler, handler->length == 0) return -EINVAL; - spin_lock_bh(&address_handler_lock); + spin_lock(&address_handler_list_lock); handler->offset = region->start; while (handler->offset + handler->length <= region->end) { @@ -588,13 +590,13 @@ int fw_core_add_address_handler(struct fw_address_handler *handler, if (other != NULL) { handler->offset += other->length; } else { - list_add_tail(&handler->link, &address_handler_list); + list_add_tail_rcu(&handler->link, &address_handler_list); ret = 0; break; } } - spin_unlock_bh(&address_handler_lock); + spin_unlock(&address_handler_list_lock); return ret; } @@ -603,14 +605,17 @@ EXPORT_SYMBOL(fw_core_add_address_handler); /** * fw_core_remove_address_handler() - unregister an address handler * + * To be called in process context. + * * When fw_core_remove_address_handler() returns, @handler->callback() is * guaranteed to not run on any CPU anymore. */ void fw_core_remove_address_handler(struct fw_address_handler *handler) { - spin_lock_bh(&address_handler_lock); - list_del(&handler->link); - spin_unlock_bh(&address_handler_lock); + spin_lock(&address_handler_list_lock); + list_del_rcu(&handler->link); + spin_unlock(&address_handler_list_lock); + synchronize_rcu(); } EXPORT_SYMBOL(fw_core_remove_address_handler); @@ -844,7 +849,7 @@ static void handle_exclusive_region_request(struct fw_card *card, if (tcode == TCODE_LOCK_REQUEST) tcode = 0x10 + HEADER_GET_EXTENDED_TCODE(p->header[3]); - spin_lock_bh(&address_handler_lock); + rcu_read_lock(); handler = lookup_enclosing_address_handler(&address_handler_list, offset, request->length); if (handler) @@ -853,7 +858,7 @@ static void handle_exclusive_region_request(struct fw_card *card, p->generation, offset, request->data, request->length, handler->callback_data); - spin_unlock_bh(&address_handler_lock); + rcu_read_unlock(); if (!handler) fw_send_response(card, request, RCODE_ADDRESS_ERROR); @@ -886,8 +891,8 @@ static void handle_fcp_region_request(struct fw_card *card, return; } - spin_lock_bh(&address_handler_lock); - list_for_each_entry(handler, &address_handler_list, link) { + rcu_read_lock(); + list_for_each_entry_rcu(handler, &address_handler_list, link) { if (is_enclosing_handler(handler, offset, request->length)) handler->address_callback(card, NULL, tcode, destination, source, @@ -896,7 +901,7 @@ static void handle_fcp_region_request(struct fw_card *card, request->length, handler->callback_data); } - spin_unlock_bh(&address_handler_lock); + rcu_read_unlock(); fw_send_response(card, request, RCODE_COMPLETE); } diff --git a/drivers/firewire/ohci.c b/drivers/firewire/ohci.c index c788dbdaf3bc..834e71d2324d 100644 --- a/drivers/firewire/ohci.c +++ b/drivers/firewire/ohci.c @@ -1777,11 +1777,35 @@ static int get_self_id_pos(struct fw_ohci *ohci, u32 self_id, return i; } +static int initiated_reset(struct fw_ohci *ohci) +{ + int reg; + int ret = 0; + + mutex_lock(&ohci->phy_reg_mutex); + reg = write_phy_reg(ohci, 7, 0xe0); /* Select page 7 */ + if (reg >= 0) { + reg = read_phy_reg(ohci, 8); + reg |= 0x40; + reg = write_phy_reg(ohci, 8, reg); /* set PMODE bit */ + if (reg >= 0) { + reg = read_phy_reg(ohci, 12); /* read register 12 */ + if (reg >= 0) { + if ((reg & 0x08) == 0x08) { + /* bit 3 indicates "initiated reset" */ + ret = 0x2; + } + } + } + } + mutex_unlock(&ohci->phy_reg_mutex); + return ret; +} + /* * TI TSB82AA2B and TSB12LV26 do not receive the selfID of a locally * attached TSB41BA3D phy; see http://www.ti.com/litv/pdf/sllz059. * Construct the selfID from phy register contents. - * FIXME: How to determine the selfID.i flag? */ static int find_and_insert_self_id(struct fw_ohci *ohci, int self_id_count) { @@ -1814,6 +1838,8 @@ static int find_and_insert_self_id(struct fw_ohci *ohci, int self_id_count) self_id |= ((status & 0x3) << (6 - (i * 2))); } + self_id |= initiated_reset(ohci); + pos = get_self_id_pos(ohci, self_id, self_id_count); if (pos >= 0) { memmove(&(ohci->self_id_buffer[pos+1]), diff --git a/include/linux/firewire.h b/include/linux/firewire.h index db04ec5121cb..191501afd7fb 100644 --- a/include/linux/firewire.h +++ b/include/linux/firewire.h @@ -265,8 +265,16 @@ typedef void (*fw_transaction_callback_t)(struct fw_card *card, int rcode, void *data, size_t length, void *callback_data); /* - * Important note: Except for the FCP registers, the callback must guarantee - * that either fw_send_response() or kfree() is called on the @request. + * This callback handles an inbound request subaction. It is called in + * RCU read-side context, therefore must not sleep. + * + * The callback should not initiate outbound request subactions directly. + * Otherwise there is a danger of recursion of inbound and outbound + * transactions from and to the local node. + * + * The callback is responsible that either fw_send_response() or kfree() + * is called on the @request, except for FCP registers for which the core + * takes care of that. */ typedef void (*fw_address_callback_t)(struct fw_card *card, struct fw_request *request,