aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--drivers/firewire/fw-cdev.c1
-rw-r--r--drivers/firewire/fw-device.c15
-rw-r--r--drivers/firewire/fw-device.h12
-rw-r--r--drivers/firewire/fw-sbp2.c3
-rw-r--r--drivers/firewire/fw-topology.c6
5 files changed, 35 insertions, 2 deletions
diff --git a/drivers/firewire/fw-cdev.c b/drivers/firewire/fw-cdev.c
index cea8a799799f..7e73cbaa4121 100644
--- a/drivers/firewire/fw-cdev.c
+++ b/drivers/firewire/fw-cdev.c
@@ -207,6 +207,7 @@ fill_bus_reset_event(struct fw_cdev_event_bus_reset *event,
207 event->closure = client->bus_reset_closure; 207 event->closure = client->bus_reset_closure;
208 event->type = FW_CDEV_EVENT_BUS_RESET; 208 event->type = FW_CDEV_EVENT_BUS_RESET;
209 event->generation = client->device->generation; 209 event->generation = client->device->generation;
210 smp_rmb(); /* node_id must not be older than generation */
210 event->node_id = client->device->node_id; 211 event->node_id = client->device->node_id;
211 event->local_node_id = card->local_node->node_id; 212 event->local_node_id = card->local_node->node_id;
212 event->bm_node_id = 0; /* FIXME: We don't track the BM. */ 213 event->bm_node_id = 0; /* FIXME: We don't track the BM. */
diff --git a/drivers/firewire/fw-device.c b/drivers/firewire/fw-device.c
index 56681b3b297b..872df2238609 100644
--- a/drivers/firewire/fw-device.c
+++ b/drivers/firewire/fw-device.c
@@ -27,6 +27,7 @@
27#include <linux/idr.h> 27#include <linux/idr.h>
28#include <linux/rwsem.h> 28#include <linux/rwsem.h>
29#include <asm/semaphore.h> 29#include <asm/semaphore.h>
30#include <asm/system.h>
30#include <linux/ctype.h> 31#include <linux/ctype.h>
31#include "fw-transaction.h" 32#include "fw-transaction.h"
32#include "fw-topology.h" 33#include "fw-topology.h"
@@ -182,9 +183,14 @@ static void fw_device_release(struct device *dev)
182 183
183int fw_device_enable_phys_dma(struct fw_device *device) 184int fw_device_enable_phys_dma(struct fw_device *device)
184{ 185{
186 int generation = device->generation;
187
188 /* device->node_id, accessed below, must not be older than generation */
189 smp_rmb();
190
185 return device->card->driver->enable_phys_dma(device->card, 191 return device->card->driver->enable_phys_dma(device->card,
186 device->node_id, 192 device->node_id,
187 device->generation); 193 generation);
188} 194}
189EXPORT_SYMBOL(fw_device_enable_phys_dma); 195EXPORT_SYMBOL(fw_device_enable_phys_dma);
190 196
@@ -389,12 +395,16 @@ static int read_rom(struct fw_device *device, int index, u32 * data)
389 struct read_quadlet_callback_data callback_data; 395 struct read_quadlet_callback_data callback_data;
390 struct fw_transaction t; 396 struct fw_transaction t;
391 u64 offset; 397 u64 offset;
398 int generation = device->generation;
399
400 /* device->node_id, accessed below, must not be older than generation */
401 smp_rmb();
392 402
393 init_completion(&callback_data.done); 403 init_completion(&callback_data.done);
394 404
395 offset = 0xfffff0000400ULL + index * 4; 405 offset = 0xfffff0000400ULL + index * 4;
396 fw_send_request(device->card, &t, TCODE_READ_QUADLET_REQUEST, 406 fw_send_request(device->card, &t, TCODE_READ_QUADLET_REQUEST,
397 device->node_id, device->generation, device->max_speed, 407 device->node_id, generation, device->max_speed,
398 offset, NULL, 4, complete_transaction, &callback_data); 408 offset, NULL, 4, complete_transaction, &callback_data);
399 409
400 wait_for_completion(&callback_data.done); 410 wait_for_completion(&callback_data.done);
@@ -801,6 +811,7 @@ void fw_node_event(struct fw_card *card, struct fw_node *node, int event)
801 811
802 device = node->data; 812 device = node->data;
803 device->node_id = node->node_id; 813 device->node_id = node->node_id;
814 smp_wmb(); /* update node_id before generation */
804 device->generation = card->generation; 815 device->generation = card->generation;
805 if (atomic_read(&device->state) == FW_DEVICE_RUNNING) { 816 if (atomic_read(&device->state) == FW_DEVICE_RUNNING) {
806 PREPARE_DELAYED_WORK(&device->work, fw_device_update); 817 PREPARE_DELAYED_WORK(&device->work, fw_device_update);
diff --git a/drivers/firewire/fw-device.h b/drivers/firewire/fw-device.h
index 894d4a92a18e..0854fe2bc110 100644
--- a/drivers/firewire/fw-device.h
+++ b/drivers/firewire/fw-device.h
@@ -35,6 +35,18 @@ struct fw_attribute_group {
35 struct attribute *attrs[11]; 35 struct attribute *attrs[11];
36}; 36};
37 37
38/*
39 * Note, fw_device.generation always has to be read before fw_device.node_id.
40 * Use SMP memory barriers to ensure this. Otherwise requests will be sent
41 * to an outdated node_id if the generation was updated in the meantime due
42 * to a bus reset.
43 *
44 * Likewise, fw-core will take care to update .node_id before .generation so
45 * that whenever fw_device.generation is current WRT the actual bus generation,
46 * fw_device.node_id is guaranteed to be current too.
47 *
48 * The same applies to fw_device.card->node_id vs. fw_device.generation.
49 */
38struct fw_device { 50struct fw_device {
39 atomic_t state; 51 atomic_t state;
40 struct fw_node *node; 52 struct fw_node *node;
diff --git a/drivers/firewire/fw-sbp2.c b/drivers/firewire/fw-sbp2.c
index d406c34fd378..705a20ce6b4a 100644
--- a/drivers/firewire/fw-sbp2.c
+++ b/drivers/firewire/fw-sbp2.c
@@ -40,6 +40,7 @@
40#include <linux/stringify.h> 40#include <linux/stringify.h>
41#include <linux/timer.h> 41#include <linux/timer.h>
42#include <linux/workqueue.h> 42#include <linux/workqueue.h>
43#include <asm/system.h>
43 44
44#include <scsi/scsi.h> 45#include <scsi/scsi.h>
45#include <scsi/scsi_cmnd.h> 46#include <scsi/scsi_cmnd.h>
@@ -662,6 +663,7 @@ static void sbp2_login(struct work_struct *work)
662 int generation, node_id, local_node_id; 663 int generation, node_id, local_node_id;
663 664
664 generation = device->generation; 665 generation = device->generation;
666 smp_rmb(); /* node_id must not be older than generation */
665 node_id = device->node_id; 667 node_id = device->node_id;
666 local_node_id = device->card->node_id; 668 local_node_id = device->card->node_id;
667 669
@@ -912,6 +914,7 @@ static void sbp2_reconnect(struct work_struct *work)
912 int generation, node_id, local_node_id; 914 int generation, node_id, local_node_id;
913 915
914 generation = device->generation; 916 generation = device->generation;
917 smp_rmb(); /* node_id must not be older than generation */
915 node_id = device->node_id; 918 node_id = device->node_id;
916 local_node_id = device->card->node_id; 919 local_node_id = device->card->node_id;
917 920
diff --git a/drivers/firewire/fw-topology.c b/drivers/firewire/fw-topology.c
index 0fc9b000e99d..172c1867e9aa 100644
--- a/drivers/firewire/fw-topology.c
+++ b/drivers/firewire/fw-topology.c
@@ -21,6 +21,7 @@
21#include <linux/module.h> 21#include <linux/module.h>
22#include <linux/wait.h> 22#include <linux/wait.h>
23#include <linux/errno.h> 23#include <linux/errno.h>
24#include <asm/system.h>
24#include "fw-transaction.h" 25#include "fw-transaction.h"
25#include "fw-topology.h" 26#include "fw-topology.h"
26 27
@@ -518,6 +519,11 @@ fw_core_handle_bus_reset(struct fw_card *card,
518 card->bm_retries = 0; 519 card->bm_retries = 0;
519 520
520 card->node_id = node_id; 521 card->node_id = node_id;
522 /*
523 * Update node_id before generation to prevent anybody from using
524 * a stale node_id together with a current generation.
525 */
526 smp_wmb();
521 card->generation = generation; 527 card->generation = generation;
522 card->reset_jiffies = jiffies; 528 card->reset_jiffies = jiffies;
523 schedule_delayed_work(&card->work, 0); 529 schedule_delayed_work(&card->work, 0);