Commit 8c2d2fcd authored by Takashi Sakamoto's avatar Takashi Sakamoto
Browse files

firewire: core: refer fw_card member to initiate bus reset under acquiring lock 

The gap_count member of fw_card structure is referred when initiate bus
reset. This reference is done out of acquiring lock. This is not good.

This commit takes the reference within the acquiring lock, with
additional code refactoring.

Link: https://lore.kernel.org/r/20250908012108.514698-9-o-takashi@sakamocchi.jp


Signed-off-by: default avatarTakashi Sakamoto <o-takashi@sakamocchi.jp>
parent 7dc12e84

drivers/firewire/core-card.c

+26 −26
Original line number Diff line number Diff line
@@ -292,7 +292,7 @@ static void bm_work(struct work_struct *work) 
	struct fw_device *root_device, *irm_device;

	struct fw_node *root_node __free(node_unref) = NULL;

	int root_id, new_root_id, irm_id, local_id;

	int gap_count, generation, grace;

	int expected_gap_count, generation, grace;

	bool do_reset = false;

	bool root_device_is_running;

	bool root_device_is_cmc;
@@ -485,9 +485,9 @@ static void bm_work(struct work_struct *work) 
	 */

	if (!card->beta_repeaters_present &&

	    root_node->max_hops < ARRAY_SIZE(gap_count_table))

		gap_count = gap_count_table[root_node->max_hops];

		expected_gap_count = gap_count_table[root_node->max_hops];

	else

		gap_count = 63;

		expected_gap_count = 63;



	/*

	 * Finally, figure out if we should do a reset or not.  If we have
@@ -495,16 +495,17 @@ static void bm_work(struct work_struct *work) 
	 * have either a new root or a new gap count setting, let's do it.

	 */



	if (card->bm_retries++ < 5 &&

	    (card->gap_count != gap_count || new_root_id != root_id))

	if (card->bm_retries++ < 5 && (card->gap_count != expected_gap_count || new_root_id != root_id))

		do_reset = true;



	if (do_reset) {

		int card_gap_count = card->gap_count;



		spin_unlock_irq(&card->lock);



	if (do_reset) {

		fw_notice(card, "phy config: new root=%x, gap_count=%d\n",

			  new_root_id, gap_count);

		fw_send_phy_config(card, new_root_id, generation, gap_count);

			  new_root_id, expected_gap_count);

		fw_send_phy_config(card, new_root_id, generation, expected_gap_count);

		/*

		 * Where possible, use a short bus reset to minimize

		 * disruption to isochronous transfers. But in the event
@@ -517,15 +518,13 @@ static void bm_work(struct work_struct *work) 
		 * may treat it as two, causing a gap count inconsistency

		 * again. Using a long bus reset prevents this.

		 */

		reset_bus(card, card->gap_count != 0);

		reset_bus(card, card_gap_count != 0);

		/* Will allocate broadcast channel after the reset. */

		return;

	}

	} else {

		spin_unlock_irq(&card->lock);



		if (root_device_is_cmc) {

		/*

		 * Make sure that the cycle master sends cycle start packets.

		 */

			// Make sure that the cycle master sends cycle start packets.

			__be32 data = cpu_to_be32(CSR_STATE_BIT_CMSTR);

			int rcode = fw_run_transaction(card, TCODE_WRITE_QUADLET_REQUEST,

					root_id, generation, SCODE_100,
@@ -538,6 +537,7 @@ static void bm_work(struct work_struct *work) 
		if (local_id == irm_id)

			allocate_broadcast_channel(card, generation);

	}

}



void fw_card_initialize(struct fw_card *card,

			const struct fw_card_driver *driver,