Doug / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit 962f3ffa927f2e777a4193843c45ffa6e52ff4b6

Authored by Akinobu Mita
Committed by Greg Kroah-Hartman
1 parent 60b0bf0f11
Exists in master and in 7 other branches imx_3.0.35_4.1.0, imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga, smarc-l5.0.0_1.0.0-ga

wusb: fix find_first_zero_bit() return value check 

In wusb_cluster_id_get(), if no zero bits exist in wusb_cluster_id_table,
find_first_zero_bit() returns CLUSTER_IDS.

But it is impossible to detect that the bitmap is full because there
is an off-by-one error in the return value check.  It will cause
unexpected memory access by setting bit out of wusb_cluster_id_table
bitmap, and caller will get wrong cluster id.

Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Cc: linux-usb@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

Showing 1 changed file with 1 additions and 1 deletions Inline Diff

drivers/usb/wusbcore/wusbhc.c
Diff comments   View file @ 962f3ff
1 /* 1 /*
2 * Wireless USB Host Controller 2 * Wireless USB Host Controller
3 * sysfs glue, wusbcore module support and life cycle management 3 * sysfs glue, wusbcore module support and life cycle management
4 * 4 *
5 * 5 *
6 * Copyright (C) 2005-2006 Intel Corporation 6 * Copyright (C) 2005-2006 Intel Corporation
7 * Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com> 7 * Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
8 * 8 *
9 * This program is free software; you can redistribute it and/or 9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License version 10 * modify it under the terms of the GNU General Public License version
11 * 2 as published by the Free Software Foundation. 11 * 2 as published by the Free Software Foundation.
12 * 12 *
13 * This program is distributed in the hope that it will be useful, 13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details. 16 * GNU General Public License for more details.
17 * 17 *
18 * You should have received a copy of the GNU General Public License 18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software 19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21 * 02110-1301, USA. 21 * 02110-1301, USA.
22 * 22 *
23 * 23 *
24 * Creation/destruction of wusbhc is split in two parts; that that 24 * Creation/destruction of wusbhc is split in two parts; that that
25 * doesn't require the HCD to be added (wusbhc_{create,destroy}) and 25 * doesn't require the HCD to be added (wusbhc_{create,destroy}) and
26 * the one that requires (phase B, wusbhc_b_{create,destroy}). 26 * the one that requires (phase B, wusbhc_b_{create,destroy}).
27 * 27 *
28 * This is so because usb_add_hcd() will start the HC, and thus, all 28 * This is so because usb_add_hcd() will start the HC, and thus, all
29 * the HC specific stuff has to be already initialized (like sysfs 29 * the HC specific stuff has to be already initialized (like sysfs
30 * thingies). 30 * thingies).
31 */ 31 */
32 #include <linux/device.h> 32 #include <linux/device.h>
33 #include <linux/module.h> 33 #include <linux/module.h>
34 #include "wusbhc.h" 34 #include "wusbhc.h"
35 35
36 /** 36 /**
37 * Extract the wusbhc that corresponds to a USB Host Controller class device 37 * Extract the wusbhc that corresponds to a USB Host Controller class device
38 * 38 *
39 * WARNING! Apply only if @dev is that of a 39 * WARNING! Apply only if @dev is that of a
40 * wusbhc.usb_hcd.self->class_dev; otherwise, you loose. 40 * wusbhc.usb_hcd.self->class_dev; otherwise, you loose.
41 */ 41 */
42 static struct wusbhc *usbhc_dev_to_wusbhc(struct device *dev) 42 static struct wusbhc *usbhc_dev_to_wusbhc(struct device *dev)
43 { 43 {
44 struct usb_bus *usb_bus = dev_get_drvdata(dev); 44 struct usb_bus *usb_bus = dev_get_drvdata(dev);
45 struct usb_hcd *usb_hcd = bus_to_hcd(usb_bus); 45 struct usb_hcd *usb_hcd = bus_to_hcd(usb_bus);
46 return usb_hcd_to_wusbhc(usb_hcd); 46 return usb_hcd_to_wusbhc(usb_hcd);
47 } 47 }
48 48
49 /* 49 /*
50 * Show & store the current WUSB trust timeout 50 * Show & store the current WUSB trust timeout
51 * 51 *
52 * We don't do locking--it is an 'atomic' value. 52 * We don't do locking--it is an 'atomic' value.
53 * 53 *
54 * The units that we store/show are always MILLISECONDS. However, the 54 * The units that we store/show are always MILLISECONDS. However, the
55 * value of trust_timeout is jiffies. 55 * value of trust_timeout is jiffies.
56 */ 56 */
57 static ssize_t wusb_trust_timeout_show(struct device *dev, 57 static ssize_t wusb_trust_timeout_show(struct device *dev,
58 struct device_attribute *attr, char *buf) 58 struct device_attribute *attr, char *buf)
59 { 59 {
60 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev); 60 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
61 61
62 return scnprintf(buf, PAGE_SIZE, "%u\n", wusbhc->trust_timeout); 62 return scnprintf(buf, PAGE_SIZE, "%u\n", wusbhc->trust_timeout);
63 } 63 }
64 64
65 static ssize_t wusb_trust_timeout_store(struct device *dev, 65 static ssize_t wusb_trust_timeout_store(struct device *dev,
66 struct device_attribute *attr, 66 struct device_attribute *attr,
67 const char *buf, size_t size) 67 const char *buf, size_t size)
68 { 68 {
69 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev); 69 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
70 ssize_t result = -ENOSYS; 70 ssize_t result = -ENOSYS;
71 unsigned trust_timeout; 71 unsigned trust_timeout;
72 72
73 result = sscanf(buf, "%u", &trust_timeout); 73 result = sscanf(buf, "%u", &trust_timeout);
74 if (result != 1) { 74 if (result != 1) {
75 result = -EINVAL; 75 result = -EINVAL;
76 goto out; 76 goto out;
77 } 77 }
78 /* FIXME: maybe we should check for range validity? */ 78 /* FIXME: maybe we should check for range validity? */
79 wusbhc->trust_timeout = trust_timeout; 79 wusbhc->trust_timeout = trust_timeout;
80 cancel_delayed_work(&wusbhc->keep_alive_timer); 80 cancel_delayed_work(&wusbhc->keep_alive_timer);
81 flush_workqueue(wusbd); 81 flush_workqueue(wusbd);
82 queue_delayed_work(wusbd, &wusbhc->keep_alive_timer, 82 queue_delayed_work(wusbd, &wusbhc->keep_alive_timer,
83 (trust_timeout * CONFIG_HZ)/1000/2); 83 (trust_timeout * CONFIG_HZ)/1000/2);
84 out: 84 out:
85 return result < 0 ? result : size; 85 return result < 0 ? result : size;
86 } 86 }
87 static DEVICE_ATTR(wusb_trust_timeout, 0644, wusb_trust_timeout_show, 87 static DEVICE_ATTR(wusb_trust_timeout, 0644, wusb_trust_timeout_show,
88 wusb_trust_timeout_store); 88 wusb_trust_timeout_store);
89 89
90 /* 90 /*
91 * Show the current WUSB CHID. 91 * Show the current WUSB CHID.
92 */ 92 */
93 static ssize_t wusb_chid_show(struct device *dev, 93 static ssize_t wusb_chid_show(struct device *dev,
94 struct device_attribute *attr, char *buf) 94 struct device_attribute *attr, char *buf)
95 { 95 {
96 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev); 96 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
97 const struct wusb_ckhdid *chid; 97 const struct wusb_ckhdid *chid;
98 ssize_t result = 0; 98 ssize_t result = 0;
99 99
100 if (wusbhc->wuie_host_info != NULL) 100 if (wusbhc->wuie_host_info != NULL)
101 chid = &wusbhc->wuie_host_info->CHID; 101 chid = &wusbhc->wuie_host_info->CHID;
102 else 102 else
103 chid = &wusb_ckhdid_zero; 103 chid = &wusb_ckhdid_zero;
104 104
105 result += ckhdid_printf(buf, PAGE_SIZE, chid); 105 result += ckhdid_printf(buf, PAGE_SIZE, chid);
106 result += sprintf(buf + result, "\n"); 106 result += sprintf(buf + result, "\n");
107 107
108 return result; 108 return result;
109 } 109 }
110 110
111 /* 111 /*
112 * Store a new CHID. 112 * Store a new CHID.
113 * 113 *
114 * - Write an all zeros CHID and it will stop the controller 114 * - Write an all zeros CHID and it will stop the controller
115 * - Write a non-zero CHID and it will start it. 115 * - Write a non-zero CHID and it will start it.
116 * 116 *
117 * See wusbhc_chid_set() for more info. 117 * See wusbhc_chid_set() for more info.
118 */ 118 */
119 static ssize_t wusb_chid_store(struct device *dev, 119 static ssize_t wusb_chid_store(struct device *dev,
120 struct device_attribute *attr, 120 struct device_attribute *attr,
121 const char *buf, size_t size) 121 const char *buf, size_t size)
122 { 122 {
123 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev); 123 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
124 struct wusb_ckhdid chid; 124 struct wusb_ckhdid chid;
125 ssize_t result; 125 ssize_t result;
126 126
127 result = sscanf(buf, 127 result = sscanf(buf,
128 "%02hhx %02hhx %02hhx %02hhx " 128 "%02hhx %02hhx %02hhx %02hhx "
129 "%02hhx %02hhx %02hhx %02hhx " 129 "%02hhx %02hhx %02hhx %02hhx "
130 "%02hhx %02hhx %02hhx %02hhx " 130 "%02hhx %02hhx %02hhx %02hhx "
131 "%02hhx %02hhx %02hhx %02hhx\n", 131 "%02hhx %02hhx %02hhx %02hhx\n",
132 &chid.data[0] , &chid.data[1] , 132 &chid.data[0] , &chid.data[1] ,
133 &chid.data[2] , &chid.data[3] , 133 &chid.data[2] , &chid.data[3] ,
134 &chid.data[4] , &chid.data[5] , 134 &chid.data[4] , &chid.data[5] ,
135 &chid.data[6] , &chid.data[7] , 135 &chid.data[6] , &chid.data[7] ,
136 &chid.data[8] , &chid.data[9] , 136 &chid.data[8] , &chid.data[9] ,
137 &chid.data[10], &chid.data[11], 137 &chid.data[10], &chid.data[11],
138 &chid.data[12], &chid.data[13], 138 &chid.data[12], &chid.data[13],
139 &chid.data[14], &chid.data[15]); 139 &chid.data[14], &chid.data[15]);
140 if (result != 16) { 140 if (result != 16) {
141 dev_err(dev, "Unrecognized CHID (need 16 8-bit hex digits): " 141 dev_err(dev, "Unrecognized CHID (need 16 8-bit hex digits): "
142 "%d\n", (int)result); 142 "%d\n", (int)result);
143 return -EINVAL; 143 return -EINVAL;
144 } 144 }
145 result = wusbhc_chid_set(wusbhc, &chid); 145 result = wusbhc_chid_set(wusbhc, &chid);
146 return result < 0 ? result : size; 146 return result < 0 ? result : size;
147 } 147 }
148 static DEVICE_ATTR(wusb_chid, 0644, wusb_chid_show, wusb_chid_store); 148 static DEVICE_ATTR(wusb_chid, 0644, wusb_chid_show, wusb_chid_store);
149 149
150 150
151 static ssize_t wusb_phy_rate_show(struct device *dev, 151 static ssize_t wusb_phy_rate_show(struct device *dev,
152 struct device_attribute *attr, 152 struct device_attribute *attr,
153 char *buf) 153 char *buf)
154 { 154 {
155 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev); 155 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
156 156
157 return sprintf(buf, "%d\n", wusbhc->phy_rate); 157 return sprintf(buf, "%d\n", wusbhc->phy_rate);
158 } 158 }
159 159
160 static ssize_t wusb_phy_rate_store(struct device *dev, 160 static ssize_t wusb_phy_rate_store(struct device *dev,
161 struct device_attribute *attr, 161 struct device_attribute *attr,
162 const char *buf, size_t size) 162 const char *buf, size_t size)
163 { 163 {
164 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev); 164 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
165 uint8_t phy_rate; 165 uint8_t phy_rate;
166 ssize_t result; 166 ssize_t result;
167 167
168 result = sscanf(buf, "%hhu", &phy_rate); 168 result = sscanf(buf, "%hhu", &phy_rate);
169 if (result != 1) 169 if (result != 1)
170 return -EINVAL; 170 return -EINVAL;
171 if (phy_rate >= UWB_PHY_RATE_INVALID) 171 if (phy_rate >= UWB_PHY_RATE_INVALID)
172 return -EINVAL; 172 return -EINVAL;
173 173
174 wusbhc->phy_rate = phy_rate; 174 wusbhc->phy_rate = phy_rate;
175 return size; 175 return size;
176 } 176 }
177 static DEVICE_ATTR(wusb_phy_rate, 0644, wusb_phy_rate_show, wusb_phy_rate_store); 177 static DEVICE_ATTR(wusb_phy_rate, 0644, wusb_phy_rate_show, wusb_phy_rate_store);
178 178
179 /* Group all the WUSBHC attributes */ 179 /* Group all the WUSBHC attributes */
180 static struct attribute *wusbhc_attrs[] = { 180 static struct attribute *wusbhc_attrs[] = {
181 &dev_attr_wusb_trust_timeout.attr, 181 &dev_attr_wusb_trust_timeout.attr,
182 &dev_attr_wusb_chid.attr, 182 &dev_attr_wusb_chid.attr,
183 &dev_attr_wusb_phy_rate.attr, 183 &dev_attr_wusb_phy_rate.attr,
184 NULL, 184 NULL,
185 }; 185 };
186 186
187 static struct attribute_group wusbhc_attr_group = { 187 static struct attribute_group wusbhc_attr_group = {
188 .name = NULL, /* we want them in the same directory */ 188 .name = NULL, /* we want them in the same directory */
189 .attrs = wusbhc_attrs, 189 .attrs = wusbhc_attrs,
190 }; 190 };
191 191
192 /* 192 /*
193 * Create a wusbhc instance 193 * Create a wusbhc instance
194 * 194 *
195 * NOTEs: 195 * NOTEs:
196 * 196 *
197 * - assumes *wusbhc has been zeroed and wusbhc->usb_hcd has been 197 * - assumes *wusbhc has been zeroed and wusbhc->usb_hcd has been
198 * initialized but not added. 198 * initialized but not added.
199 * 199 *
200 * - fill out ports_max, mmcies_max and mmcie_{add,rm} before calling. 200 * - fill out ports_max, mmcies_max and mmcie_{add,rm} before calling.
201 * 201 *
202 * - fill out wusbhc->uwb_rc and refcount it before calling 202 * - fill out wusbhc->uwb_rc and refcount it before calling
203 * - fill out the wusbhc->sec_modes array 203 * - fill out the wusbhc->sec_modes array
204 */ 204 */
205 int wusbhc_create(struct wusbhc *wusbhc) 205 int wusbhc_create(struct wusbhc *wusbhc)
206 { 206 {
207 int result = 0; 207 int result = 0;
208 208
209 wusbhc->trust_timeout = WUSB_TRUST_TIMEOUT_MS; 209 wusbhc->trust_timeout = WUSB_TRUST_TIMEOUT_MS;
210 wusbhc->phy_rate = UWB_PHY_RATE_INVALID - 1; 210 wusbhc->phy_rate = UWB_PHY_RATE_INVALID - 1;
211 211
212 mutex_init(&wusbhc->mutex); 212 mutex_init(&wusbhc->mutex);
213 result = wusbhc_mmcie_create(wusbhc); 213 result = wusbhc_mmcie_create(wusbhc);
214 if (result < 0) 214 if (result < 0)
215 goto error_mmcie_create; 215 goto error_mmcie_create;
216 result = wusbhc_devconnect_create(wusbhc); 216 result = wusbhc_devconnect_create(wusbhc);
217 if (result < 0) 217 if (result < 0)
218 goto error_devconnect_create; 218 goto error_devconnect_create;
219 result = wusbhc_rh_create(wusbhc); 219 result = wusbhc_rh_create(wusbhc);
220 if (result < 0) 220 if (result < 0)
221 goto error_rh_create; 221 goto error_rh_create;
222 result = wusbhc_sec_create(wusbhc); 222 result = wusbhc_sec_create(wusbhc);
223 if (result < 0) 223 if (result < 0)
224 goto error_sec_create; 224 goto error_sec_create;
225 return 0; 225 return 0;
226 226
227 error_sec_create: 227 error_sec_create:
228 wusbhc_rh_destroy(wusbhc); 228 wusbhc_rh_destroy(wusbhc);
229 error_rh_create: 229 error_rh_create:
230 wusbhc_devconnect_destroy(wusbhc); 230 wusbhc_devconnect_destroy(wusbhc);
231 error_devconnect_create: 231 error_devconnect_create:
232 wusbhc_mmcie_destroy(wusbhc); 232 wusbhc_mmcie_destroy(wusbhc);
233 error_mmcie_create: 233 error_mmcie_create:
234 return result; 234 return result;
235 } 235 }
236 EXPORT_SYMBOL_GPL(wusbhc_create); 236 EXPORT_SYMBOL_GPL(wusbhc_create);
237 237
238 static inline struct kobject *wusbhc_kobj(struct wusbhc *wusbhc) 238 static inline struct kobject *wusbhc_kobj(struct wusbhc *wusbhc)
239 { 239 {
240 return &wusbhc->usb_hcd.self.controller->kobj; 240 return &wusbhc->usb_hcd.self.controller->kobj;
241 } 241 }
242 242
243 /* 243 /*
244 * Phase B of a wusbhc instance creation 244 * Phase B of a wusbhc instance creation
245 * 245 *
246 * Creates fields that depend on wusbhc->usb_hcd having been 246 * Creates fields that depend on wusbhc->usb_hcd having been
247 * added. This is where we create the sysfs files in 247 * added. This is where we create the sysfs files in
248 * /sys/class/usb_host/usb_hostX/. 248 * /sys/class/usb_host/usb_hostX/.
249 * 249 *
250 * NOTE: Assumes wusbhc->usb_hcd has been already added by the upper 250 * NOTE: Assumes wusbhc->usb_hcd has been already added by the upper
251 * layer (hwahc or whci) 251 * layer (hwahc or whci)
252 */ 252 */
253 int wusbhc_b_create(struct wusbhc *wusbhc) 253 int wusbhc_b_create(struct wusbhc *wusbhc)
254 { 254 {
255 int result = 0; 255 int result = 0;
256 struct device *dev = wusbhc->usb_hcd.self.controller; 256 struct device *dev = wusbhc->usb_hcd.self.controller;
257 257
258 result = sysfs_create_group(wusbhc_kobj(wusbhc), &wusbhc_attr_group); 258 result = sysfs_create_group(wusbhc_kobj(wusbhc), &wusbhc_attr_group);
259 if (result < 0) { 259 if (result < 0) {
260 dev_err(dev, "Cannot register WUSBHC attributes: %d\n", result); 260 dev_err(dev, "Cannot register WUSBHC attributes: %d\n", result);
261 goto error_create_attr_group; 261 goto error_create_attr_group;
262 } 262 }
263 263
264 result = wusbhc_pal_register(wusbhc); 264 result = wusbhc_pal_register(wusbhc);
265 if (result < 0) 265 if (result < 0)
266 goto error_pal_register; 266 goto error_pal_register;
267 return 0; 267 return 0;
268 268
269 error_pal_register: 269 error_pal_register:
270 sysfs_remove_group(wusbhc_kobj(wusbhc), &wusbhc_attr_group); 270 sysfs_remove_group(wusbhc_kobj(wusbhc), &wusbhc_attr_group);
271 error_create_attr_group: 271 error_create_attr_group:
272 return result; 272 return result;
273 } 273 }
274 EXPORT_SYMBOL_GPL(wusbhc_b_create); 274 EXPORT_SYMBOL_GPL(wusbhc_b_create);
275 275
276 void wusbhc_b_destroy(struct wusbhc *wusbhc) 276 void wusbhc_b_destroy(struct wusbhc *wusbhc)
277 { 277 {
278 wusbhc_pal_unregister(wusbhc); 278 wusbhc_pal_unregister(wusbhc);
279 sysfs_remove_group(wusbhc_kobj(wusbhc), &wusbhc_attr_group); 279 sysfs_remove_group(wusbhc_kobj(wusbhc), &wusbhc_attr_group);
280 } 280 }
281 EXPORT_SYMBOL_GPL(wusbhc_b_destroy); 281 EXPORT_SYMBOL_GPL(wusbhc_b_destroy);
282 282
283 void wusbhc_destroy(struct wusbhc *wusbhc) 283 void wusbhc_destroy(struct wusbhc *wusbhc)
284 { 284 {
285 wusbhc_sec_destroy(wusbhc); 285 wusbhc_sec_destroy(wusbhc);
286 wusbhc_rh_destroy(wusbhc); 286 wusbhc_rh_destroy(wusbhc);
287 wusbhc_devconnect_destroy(wusbhc); 287 wusbhc_devconnect_destroy(wusbhc);
288 wusbhc_mmcie_destroy(wusbhc); 288 wusbhc_mmcie_destroy(wusbhc);
289 } 289 }
290 EXPORT_SYMBOL_GPL(wusbhc_destroy); 290 EXPORT_SYMBOL_GPL(wusbhc_destroy);
291 291
292 struct workqueue_struct *wusbd; 292 struct workqueue_struct *wusbd;
293 EXPORT_SYMBOL_GPL(wusbd); 293 EXPORT_SYMBOL_GPL(wusbd);
294 294
295 /* 295 /*
296 * WUSB Cluster ID allocation map 296 * WUSB Cluster ID allocation map
297 * 297 *
298 * Each WUSB bus in a channel is identified with a Cluster Id in the 298 * Each WUSB bus in a channel is identified with a Cluster Id in the
299 * unauth address pace (WUSB1.0[4.3]). We take the range 0xe0 to 0xff 299 * unauth address pace (WUSB1.0[4.3]). We take the range 0xe0 to 0xff
300 * (that's space for 31 WUSB controllers, as 0xff can't be taken). We 300 * (that's space for 31 WUSB controllers, as 0xff can't be taken). We
301 * start taking from 0xff, 0xfe, 0xfd... (hence the += or -= 0xff). 301 * start taking from 0xff, 0xfe, 0xfd... (hence the += or -= 0xff).
302 * 302 *
303 * For each one we taken, we pin it in the bitap 303 * For each one we taken, we pin it in the bitap
304 */ 304 */
305 #define CLUSTER_IDS 32 305 #define CLUSTER_IDS 32
306 static DECLARE_BITMAP(wusb_cluster_id_table, CLUSTER_IDS); 306 static DECLARE_BITMAP(wusb_cluster_id_table, CLUSTER_IDS);
307 static DEFINE_SPINLOCK(wusb_cluster_ids_lock); 307 static DEFINE_SPINLOCK(wusb_cluster_ids_lock);
308 308
309 /* 309 /*
310 * Get a WUSB Cluster ID 310 * Get a WUSB Cluster ID
311 * 311 *
312 * Need to release with wusb_cluster_id_put() when done w/ it. 312 * Need to release with wusb_cluster_id_put() when done w/ it.
313 */ 313 */
314 /* FIXME: coordinate with the choose_addres() from the USB stack */ 314 /* FIXME: coordinate with the choose_addres() from the USB stack */
315 /* we want to leave the top of the 128 range for cluster addresses and 315 /* we want to leave the top of the 128 range for cluster addresses and
316 * the bottom for device addresses (as we map them one on one with 316 * the bottom for device addresses (as we map them one on one with
317 * ports). */ 317 * ports). */
318 u8 wusb_cluster_id_get(void) 318 u8 wusb_cluster_id_get(void)
319 { 319 {
320 u8 id; 320 u8 id;
321 spin_lock(&wusb_cluster_ids_lock); 321 spin_lock(&wusb_cluster_ids_lock);
322 id = find_first_zero_bit(wusb_cluster_id_table, CLUSTER_IDS); 322 id = find_first_zero_bit(wusb_cluster_id_table, CLUSTER_IDS);
323 if (id > CLUSTER_IDS) { 323 if (id >= CLUSTER_IDS) {
324 id = 0; 324 id = 0;
325 goto out; 325 goto out;
326 } 326 }
327 set_bit(id, wusb_cluster_id_table); 327 set_bit(id, wusb_cluster_id_table);
328 id = (u8) 0xff - id; 328 id = (u8) 0xff - id;
329 out: 329 out:
330 spin_unlock(&wusb_cluster_ids_lock); 330 spin_unlock(&wusb_cluster_ids_lock);
331 return id; 331 return id;
332 332
333 } 333 }
334 EXPORT_SYMBOL_GPL(wusb_cluster_id_get); 334 EXPORT_SYMBOL_GPL(wusb_cluster_id_get);
335 335
336 /* 336 /*
337 * Release a WUSB Cluster ID 337 * Release a WUSB Cluster ID
338 * 338 *
339 * Obtained it with wusb_cluster_id_get() 339 * Obtained it with wusb_cluster_id_get()
340 */ 340 */
341 void wusb_cluster_id_put(u8 id) 341 void wusb_cluster_id_put(u8 id)
342 { 342 {
343 id = 0xff - id; 343 id = 0xff - id;
344 BUG_ON(id >= CLUSTER_IDS); 344 BUG_ON(id >= CLUSTER_IDS);
345 spin_lock(&wusb_cluster_ids_lock); 345 spin_lock(&wusb_cluster_ids_lock);
346 WARN_ON(!test_bit(id, wusb_cluster_id_table)); 346 WARN_ON(!test_bit(id, wusb_cluster_id_table));
347 clear_bit(id, wusb_cluster_id_table); 347 clear_bit(id, wusb_cluster_id_table);
348 spin_unlock(&wusb_cluster_ids_lock); 348 spin_unlock(&wusb_cluster_ids_lock);
349 } 349 }
350 EXPORT_SYMBOL_GPL(wusb_cluster_id_put); 350 EXPORT_SYMBOL_GPL(wusb_cluster_id_put);
351 351
352 /** 352 /**
353 * wusbhc_giveback_urb - return an URB to the USB core 353 * wusbhc_giveback_urb - return an URB to the USB core
354 * @wusbhc: the host controller the URB is from. 354 * @wusbhc: the host controller the URB is from.
355 * @urb: the URB. 355 * @urb: the URB.
356 * @status: the URB's status. 356 * @status: the URB's status.
357 * 357 *
358 * Return an URB to the USB core doing some additional WUSB specific 358 * Return an URB to the USB core doing some additional WUSB specific
359 * processing. 359 * processing.
360 * 360 *
361 * - After a successful transfer, update the trust timeout timestamp 361 * - After a successful transfer, update the trust timeout timestamp
362 * for the WUSB device. 362 * for the WUSB device.
363 * 363 *
364 * - [WUSB] sections 4.13 and 7.5.1 specifies the stop retrasmittion 364 * - [WUSB] sections 4.13 and 7.5.1 specifies the stop retrasmittion
365 * condition for the WCONNECTACK_IE is that the host has observed 365 * condition for the WCONNECTACK_IE is that the host has observed
366 * the associated device responding to a control transfer. 366 * the associated device responding to a control transfer.
367 */ 367 */
368 void wusbhc_giveback_urb(struct wusbhc *wusbhc, struct urb *urb, int status) 368 void wusbhc_giveback_urb(struct wusbhc *wusbhc, struct urb *urb, int status)
369 { 369 {
370 struct wusb_dev *wusb_dev = __wusb_dev_get_by_usb_dev(wusbhc, urb->dev); 370 struct wusb_dev *wusb_dev = __wusb_dev_get_by_usb_dev(wusbhc, urb->dev);
371 371
372 if (status == 0 && wusb_dev) { 372 if (status == 0 && wusb_dev) {
373 wusb_dev->entry_ts = jiffies; 373 wusb_dev->entry_ts = jiffies;
374 374
375 /* wusbhc_devconnect_acked() can't be called from 375 /* wusbhc_devconnect_acked() can't be called from
376 atomic context so defer it to a work queue. */ 376 atomic context so defer it to a work queue. */
377 if (!list_empty(&wusb_dev->cack_node)) 377 if (!list_empty(&wusb_dev->cack_node))
378 queue_work(wusbd, &wusb_dev->devconnect_acked_work); 378 queue_work(wusbd, &wusb_dev->devconnect_acked_work);
379 else 379 else
380 wusb_dev_put(wusb_dev); 380 wusb_dev_put(wusb_dev);
381 } 381 }
382 382
383 usb_hcd_giveback_urb(&wusbhc->usb_hcd, urb, status); 383 usb_hcd_giveback_urb(&wusbhc->usb_hcd, urb, status);
384 } 384 }
385 EXPORT_SYMBOL_GPL(wusbhc_giveback_urb); 385 EXPORT_SYMBOL_GPL(wusbhc_giveback_urb);
386 386
387 /** 387 /**
388 * wusbhc_reset_all - reset the HC hardware 388 * wusbhc_reset_all - reset the HC hardware
389 * @wusbhc: the host controller to reset. 389 * @wusbhc: the host controller to reset.
390 * 390 *
391 * Request a full hardware reset of the chip. This will also reset 391 * Request a full hardware reset of the chip. This will also reset
392 * the radio controller and any other PALs. 392 * the radio controller and any other PALs.
393 */ 393 */
394 void wusbhc_reset_all(struct wusbhc *wusbhc) 394 void wusbhc_reset_all(struct wusbhc *wusbhc)
395 { 395 {
396 uwb_rc_reset_all(wusbhc->uwb_rc); 396 uwb_rc_reset_all(wusbhc->uwb_rc);
397 } 397 }
398 EXPORT_SYMBOL_GPL(wusbhc_reset_all); 398 EXPORT_SYMBOL_GPL(wusbhc_reset_all);
399 399
400 static struct notifier_block wusb_usb_notifier = { 400 static struct notifier_block wusb_usb_notifier = {
401 .notifier_call = wusb_usb_ncb, 401 .notifier_call = wusb_usb_ncb,
402 .priority = INT_MAX /* Need to be called first of all */ 402 .priority = INT_MAX /* Need to be called first of all */
403 }; 403 };
404 404
405 static int __init wusbcore_init(void) 405 static int __init wusbcore_init(void)
406 { 406 {
407 int result; 407 int result;
408 result = wusb_crypto_init(); 408 result = wusb_crypto_init();
409 if (result < 0) 409 if (result < 0)
410 goto error_crypto_init; 410 goto error_crypto_init;
411 /* WQ is singlethread because we need to serialize notifications */ 411 /* WQ is singlethread because we need to serialize notifications */
412 wusbd = create_singlethread_workqueue("wusbd"); 412 wusbd = create_singlethread_workqueue("wusbd");
413 if (wusbd == NULL) { 413 if (wusbd == NULL) {
414 result = -ENOMEM; 414 result = -ENOMEM;
415 printk(KERN_ERR "WUSB-core: Cannot create wusbd workqueue\n"); 415 printk(KERN_ERR "WUSB-core: Cannot create wusbd workqueue\n");
416 goto error_wusbd_create; 416 goto error_wusbd_create;
417 } 417 }
418 usb_register_notify(&wusb_usb_notifier); 418 usb_register_notify(&wusb_usb_notifier);
419 bitmap_zero(wusb_cluster_id_table, CLUSTER_IDS); 419 bitmap_zero(wusb_cluster_id_table, CLUSTER_IDS);
420 set_bit(0, wusb_cluster_id_table); /* reserve Cluster ID 0xff */ 420 set_bit(0, wusb_cluster_id_table); /* reserve Cluster ID 0xff */
421 return 0; 421 return 0;
422 422
423 error_wusbd_create: 423 error_wusbd_create:
424 wusb_crypto_exit(); 424 wusb_crypto_exit();
425 error_crypto_init: 425 error_crypto_init:
426 return result; 426 return result;
427 427
428 } 428 }
429 module_init(wusbcore_init); 429 module_init(wusbcore_init);
430 430
431 static void __exit wusbcore_exit(void) 431 static void __exit wusbcore_exit(void)
432 { 432 {
433 clear_bit(0, wusb_cluster_id_table); 433 clear_bit(0, wusb_cluster_id_table);
434 if (!bitmap_empty(wusb_cluster_id_table, CLUSTER_IDS)) { 434 if (!bitmap_empty(wusb_cluster_id_table, CLUSTER_IDS)) {
435 char buf[256]; 435 char buf[256];
436 bitmap_scnprintf(buf, sizeof(buf), wusb_cluster_id_table, 436 bitmap_scnprintf(buf, sizeof(buf), wusb_cluster_id_table,
437 CLUSTER_IDS); 437 CLUSTER_IDS);
438 printk(KERN_ERR "BUG: WUSB Cluster IDs not released " 438 printk(KERN_ERR "BUG: WUSB Cluster IDs not released "
439 "on exit: %s\n", buf); 439 "on exit: %s\n", buf);
440 WARN_ON(1); 440 WARN_ON(1);
441 } 441 }
442 usb_unregister_notify(&wusb_usb_notifier); 442 usb_unregister_notify(&wusb_usb_notifier);
443 destroy_workqueue(wusbd); 443 destroy_workqueue(wusbd);
444 wusb_crypto_exit(); 444 wusb_crypto_exit();
445 } 445 }
446 module_exit(wusbcore_exit); 446 module_exit(wusbcore_exit);
447 447
448 MODULE_AUTHOR("Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>"); 448 MODULE_AUTHOR("Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>");
449 MODULE_DESCRIPTION("Wireless USB core"); 449 MODULE_DESCRIPTION("Wireless USB core");
450 MODULE_LICENSE("GPL"); 450 MODULE_LICENSE("GPL");
451 451