Ensure that enqueueing and sending is an atomic operation, failing to do lock this leads to race-conditions where buffers are left in an unsynchronised state.

Author: aentinger

x8h7.h

@@ -17,8 +17,7 @@ typedef struct {
 
 typedef void (*x8h7_hook_t)(void *priv, x8h7_pkt_t *pkt);
 
-int x8h7_pkt_enq(uint8_t peripheral, uint8_t opcode, uint16_t size, void *data);
-int x8h7_pkt_send(void);
+int x8h7_pkt_send_sync(uint8_t peripheral, uint8_t opcode, uint16_t size, void *data);
 int x8h7_hook_set(uint8_t idx, x8h7_hook_t hook, void *priv);
 int x8h7_dbg_set(void (*hook)(void*, uint8_t*, uint16_t), void *priv);
 #endif  /* __X8H7_H */

x8h7_adc.c

@@ -88,8 +88,7 @@ static int x8h7_adc_pkt_get(struct x8h7_adc *adc, unsigned int ch)
 
 static int x8h7_adc_read_chan(struct x8h7_adc *adc, unsigned int ch)
 {
-  x8h7_pkt_enq(X8H7_ADC_PERIPH, ch + 1, 0, NULL);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(X8H7_ADC_PERIPH, ch + 1, 0, NULL);
   if (x8h7_adc_pkt_get(adc, ch) < 0)
     return -ETIMEDOUT;
 

x8h7_can.c

@@ -243,8 +243,7 @@ static int x8h7_can_hw_setup(struct x8h7_can_priv *priv)
             x8h7_msg.field.time_segment_2,
             x8h7_msg.field.sync_jump_width);
 
-  x8h7_pkt_enq(priv->periph, X8H7_CAN_OC_INIT, sizeof(x8h7_msg.buf), x8h7_msg.buf);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(priv->periph, X8H7_CAN_OC_INIT, sizeof(x8h7_msg.buf), x8h7_msg.buf);
 
   return 0;
 }
@@ -253,8 +252,7 @@ static int x8h7_can_hw_setup(struct x8h7_can_priv *priv)
  */
 static int x8h7_can_hw_stop(struct x8h7_can_priv *priv)
 {
-  x8h7_pkt_enq(priv->periph, X8H7_CAN_OC_DEINIT, 0, NULL);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(priv->periph, X8H7_CAN_OC_DEINIT, 0, NULL);
 
   return 0;
 }
@@ -461,28 +459,28 @@ static void x8h7_can_tx_work_handler(struct work_struct *ws)
   int   len;
 #endif
 
-  DBG_PRINT("\n");
-
   while (tx_obj_buf_num_elems(&priv->tx_obj_buf) > 0 && h7_tx_fifo_fill_level(priv) < 1)
   {
     union x8h7_can_frame_message x8h7_can_msg;
     tx_obj_buf_pop(&priv->tx_obj_buf, &x8h7_can_msg);
-    x8h7_pkt_enq(priv->periph,
-                 X8H7_CAN_OC_SEND,
-                 X8H7_CAN_HEADER_SIZE + x8h7_can_msg.field.len, /* Send 4-Byte ID, 1-Byte Length and the required number of data bytes. */
-                 x8h7_can_msg.buf);
+
 #ifdef DEBUG
     i = 0; len = 0;
     for (i = 0; (i < x8h7_can_msg.field.len) && (len < sizeof(data_str)); i++)
       len += snprintf(data_str + len, sizeof(data_str) - len, " %02X", x8h7_can_msg.field.data[i]);
-    DBG_PRINT("Enqueue CAN frame to H7: id = %08X, len = %d, data = [%s ]\n", x8h7_can_msg.field.id, x8h7_can_msg.field.len, data_str);
+    DBG_PRINT("Send CAN frame to H7: id = %08X, len = %d, data = [%s ]\n", x8h7_can_msg.field.id, x8h7_can_msg.field.len, data_str);
 #endif
 
     spin_lock(&priv->tx_obj_buf.lock);
     priv->req_cnt++;
     spin_unlock(&priv->tx_obj_buf.lock);
+
+    x8h7_pkt_send_sync(priv->periph,
+                       X8H7_CAN_OC_SEND,
+                       X8H7_CAN_HEADER_SIZE + x8h7_can_msg.field.len, /* Send 4-Byte ID, 1-Byte Length and the required number of data bytes. */
+                       x8h7_can_msg.buf);
   }
-  x8h7_pkt_send();
+//  x8h7_pkt_send();
 }
 
 /**
@@ -506,8 +504,7 @@ static int x8h7_can_hw_do_set_bittiming(struct net_device *net)
             x8h7_msg.field.time_segment_2,
             x8h7_msg.field.sync_jump_width);
 
-  x8h7_pkt_enq(priv->periph, X8H7_CAN_OC_BITTIM, sizeof(x8h7_msg.buf), x8h7_msg.buf);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(priv->periph, X8H7_CAN_OC_BITTIM, sizeof(x8h7_msg.buf), x8h7_msg.buf);
 
   return 0;
 }
@@ -567,8 +564,7 @@ static int x8h7_can_hw_config_filter(struct x8h7_can_priv *priv,
 
   DBG_PRINT("SEND idx %X, id %X, mask %X\n", idx, id, mask);
 
-  x8h7_pkt_enq(priv->periph, X8H7_CAN_OC_FLT, sizeof(x8h7_msg.buf), x8h7_msg.buf);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(priv->periph, X8H7_CAN_OC_FLT, sizeof(x8h7_msg.buf), x8h7_msg.buf);
 
   return 0;
 }

x8h7_drv.c

@@ -177,8 +177,6 @@ int x8h7_pkt_enq(uint8_t peripheral, uint8_t opcode, uint16_t size, void *data)
   x8h7_subpkt_t      *pkt;
   uint8_t            *ptr;
 
-  mutex_lock(&spidev->lock);
-
   ptr = spidev->x8h7_txb;
   hdr = (x8h7_pkthdr_t*)ptr;
 
@@ -199,15 +197,39 @@ int x8h7_pkt_enq(uint8_t peripheral, uint8_t opcode, uint16_t size, void *data)
     hdr->size += sizeof(x8h7_subpkt_t) + size;
     hdr->checksum = hdr->size ^ 0x5555;
     spidev->x8h7_txl = hdr->size;
-    mutex_unlock(&spidev->lock);
     return 0;
   }
 
+  return -ENOMEM;
+}
+
+static int x8h7_pkt_send(void);
+/**
+ */
+int x8h7_pkt_send_sync(uint8_t peripheral, uint8_t opcode, uint16_t size, void *data)
+{
+  struct spidev_data *spidev = x8h7_spidev;
+  int ret;
+
+  mutex_lock(&spidev->lock);
+  ret = x8h7_pkt_enq(peripheral, opcode, size, data);
+  if (ret < 0) {
+    printk("x8h7_pkt_enq failed with %d", ret);
+    mutex_unlock(&spidev->lock);
+    return ret;
+  }
+  ret = x8h7_pkt_send();
+  if (ret < 0) {
+    printk("x8h7_pkt_send failed with %d", ret);
+    mutex_unlock(&spidev->lock);
+    return ret;
+  }
   mutex_unlock(&spidev->lock);
 
-  return -1;
+  return ret;
 }
-EXPORT_SYMBOL_GPL(x8h7_pkt_enq);
+EXPORT_SYMBOL_GPL(x8h7_pkt_send_sync);
+
 
 /**
  * Function to parse data coming from h7
@@ -284,8 +306,6 @@ int x8h7_spi_trx(struct spi_device *spi,
     uint8_t * data_ptr = 0;
     int i = 0, l = 0;
 
-    DBG_PRINT("\n");
-
     l = 0;
     data_ptr = (uint8_t *)tx_buf;
     for (i = 0; (i < len) && (l < sizeof(data_str)); i++)
@@ -307,16 +327,13 @@ int x8h7_spi_trx(struct spi_device *spi,
  * Function to send/receive physically data over SPI,
  * moreover in this function we process received data
  * and dispatch to corresponding peripheral
- * @TODO: remove arg?
  */
-static inline int x8h7_pkt_send_priv(int arg)
+static int x8h7_pkt_send(void)
 {
   struct spidev_data   *spidev = x8h7_spidev;
   x8h7_pkthdr_t        *hdr;
   int                   len;
 
-  mutex_lock(&spidev->lock);
-
   DBG_PRINT("\n");
 
   /* Exchange of the packet header. */
@@ -326,7 +343,6 @@ static inline int x8h7_pkt_send_priv(int arg)
   hdr = (x8h7_pkthdr_t*)spidev->x8h7_rxb;
   if ((hdr->size != 0) && ((hdr->size ^ 0x5555) != hdr->checksum)) {
     DBG_ERROR("Out of sync %04x %04x\n", hdr->size, hdr->checksum);
-    mutex_unlock(&spidev->lock);
     return -1;
   }
 
@@ -336,7 +352,6 @@ static inline int x8h7_pkt_send_priv(int arg)
     x8h7_spi_trx(spidev->spi,
                  spidev->x8h7_txb + sizeof(x8h7_pkthdr_t), spidev->x8h7_rxb,
                  sizeof(x8h7_pkthdr_t));
-    mutex_unlock(&spidev->lock);
     return 0;
   }
 
@@ -356,20 +371,13 @@ static inline int x8h7_pkt_send_priv(int arg)
     }
   }
 
+  memset(spidev->x8h7_txb, 0, X8H7_BUF_SIZE);
   memset(spidev->x8h7_rxb, 0, X8H7_BUF_SIZE);
+  spidev->x8h7_txl = 0;
 
-  mutex_unlock(&spidev->lock);
   return 0;
 }
 
-/**
- */
-int x8h7_pkt_send(void)
-{
-  return x8h7_pkt_send_priv(0);
-}
-EXPORT_SYMBOL_GPL(x8h7_pkt_send);
-
 /**
  */
 int x8h7_hook_set(uint8_t idx, x8h7_hook_t hook, void *priv)
@@ -398,8 +406,12 @@ EXPORT_SYMBOL_GPL(x8h7_dbg_set);
  */
 static irqreturn_t x8h7_threaded_isr(int irq, void *data)
 {
+  struct spidev_data  *spidev = (struct spidev_data*)data;
+
+  mutex_lock(&spidev->lock);
   DBG_PRINT("Got IRQ from H7\n");
-  x8h7_pkt_send_priv(1);
+  x8h7_pkt_send();
+  mutex_unlock(&spidev->lock);
 
   return IRQ_HANDLED;
 }

x8h7_gpio.c

@@ -125,8 +125,7 @@ static void gpio_irq_ack_work_func(struct work_struct *work)
   DBG_PRINT("\n");
   data[0] = inf->ack_irq;
   data[1] = 0x55;
-  x8h7_pkt_enq(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_IACK, 2, data);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_IACK, 2, data);
   return;
 }
 
@@ -185,8 +184,7 @@ static int x8h7_gpio_direction_input(struct gpio_chip *chip, unsigned offset)
   data[0] = offset;
   data[1] = GPIO_MODE_INPUT;
 
-  x8h7_pkt_enq(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_DIR, 2, data);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_DIR, 2, data);
 
   DBG_PRINT(" dir %08X\n", inf->gpio_dir);
   return 0;
@@ -204,8 +202,7 @@ static int x8h7_gpio_get(struct gpio_chip *chip, unsigned offset)
   }
 
   data[0] = offset;
-  x8h7_pkt_enq(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_RD, 1, data);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_RD, 1, data);
   if (x8h7_gpio_pkt_get(inf) < 0)
     return -ETIMEDOUT;
 
@@ -241,10 +238,9 @@ static int x8h7_gpio_direction_output(struct gpio_chip *chip, unsigned offset,
   }
   data[0] = offset;
   data[1] = !!value;
-  x8h7_pkt_enq(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_WR, 2, data);
+  x8h7_pkt_send_sync(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_WR, 2, data);
   data[1] = GPIO_MODE_OUTPUT_PP;
-  x8h7_pkt_enq(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_DIR, 2, data);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_DIR, 2, data);
 
   DBG_PRINT("dir %08X write %08X\n", inf->gpio_dir, inf->gpio_val);
   return 0;
@@ -269,8 +265,7 @@ static void x8h7_gpio_set(struct gpio_chip *chip, unsigned offset, int value)
 
   data[0] = offset;
   data[1] = !!value;
-  x8h7_pkt_enq(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_WR, 2, data);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_WR, 2, data);
 
   DBG_PRINT("write %08X\n", inf->gpio_val);
 }
@@ -305,8 +300,7 @@ static int x8h7_gpio_set_config(struct gpio_chip *chip, unsigned int offset,
   default:
     return -ENOTSUPP;
   }
-  x8h7_pkt_enq(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_DIR, 2, data);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_DIR, 2, data);
 
   return 0;
 }
@@ -338,7 +332,7 @@ static void x8h7_gpio_irq_unmask(struct irq_data *d)
   // Send mask
   data[0] = irq;
   data[1] = inf->gpio_ien;
-  x8h7_pkt_enq(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_IEN, 2, data);
+  x8h7_pkt_send_sync(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_IEN, 2, data);
   inf->tx_cnt++;
 
   DBG_PRINT("irq %ld, ien %02X\n", irq, inf->gpio_ien);
@@ -356,7 +350,7 @@ static void x8h7_gpio_irq_mask(struct irq_data *d)
   // Send mask
   data[0] = irq;
   data[1] = inf->gpio_ien;
-  x8h7_pkt_enq(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_IEN, 2, data);
+  x8h7_pkt_send_sync(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_IEN, 2, data);
   inf->tx_cnt++;
 
   DBG_PRINT("irq %ld, ien %02X\n", irq, inf->gpio_ien);
@@ -396,7 +390,7 @@ static int x8h7_gpio_irq_set_type(struct irq_data *d, unsigned int flow_type)
   // Send interrupt type
   data[0] = irq;
   data[1] = inf->irq_conf;
-  x8h7_pkt_enq(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_IRQ_TYPE, 2, data);
+  x8h7_pkt_send_sync(X8H7_GPIO_PERIPH, X8H7_GPIO_OC_IRQ_TYPE, 2, data);
   inf->tx_cnt++;
 
   return 0;
@@ -419,7 +413,7 @@ static void x8h7_gpio_irq_bus_sync_unlock(struct irq_data *d)
 
   /* Invoke send only if there are pending events */
   if(inf->tx_cnt != 0) {
-    x8h7_pkt_send();
+    //x8h7_pkt_send();
     inf->tx_cnt = 0;
   }
   mutex_unlock(&inf->lock);

x8h7_h7.c

@@ -220,8 +220,7 @@ static ssize_t x8h7_h7_write(struct file *file,
     return -EFAULT;
   }
 
-  x8h7_pkt_enq(X8H7_H7_PERIPH, X8H7_H7_OC_DATA, len, data);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(X8H7_H7_PERIPH, X8H7_H7_OC_DATA, len, data);
 
   return len;
   */
@@ -248,8 +247,7 @@ static long x8h7_h7_ioctl(struct file *file, unsigned int cmd, unsigned long arg
   }
   switch (cmd) {
   case X8H7_IOCTL_FW_VER:
-    x8h7_pkt_enq(X8H7_H7_PERIPH, X8H7_H7_OC_FW_GET, 0, NULL);
-    x8h7_pkt_send();
+    x8h7_pkt_send_sync(X8H7_H7_PERIPH, X8H7_H7_OC_FW_GET, 0, NULL);
     retval = x8h7_h7_pkt_get(priv);
     if (retval < 0) {
       return -ETIMEDOUT;
@@ -287,18 +285,14 @@ static long x8h7_h7_ioctl(struct file *file, unsigned int cmd, unsigned long arg
   case X8H7_IOCTL_MODE_GET:
     retval = put_user(priv->mode, (__u32 __user *)arg);
     break;
-  case X8H7_IOCTL_PKT_ENQ:
+  case X8H7_IOCTL_PKT_SYNC_SEND:
     retval = copy_from_user(&pkt, (void __user *)arg, sizeof(pkt));
     if (retval == 0) {
-      retval = x8h7_pkt_enq(pkt.peripheral, pkt.opcode, pkt.size, pkt.data);
-      DBG_PRINT("x8h7_pkt_enq(%02X, %02X, %04X, ...) return %d\n",
+      retval = x8h7_pkt_send_sync(pkt.peripheral, pkt.opcode, pkt.size, pkt.data);
+      DBG_PRINT("x8h7_pkt_send_sync(%02X, %02X, %04X, ...) return %d\n",
                 pkt.peripheral, pkt.opcode, pkt.size, retval);
     }
     break;
-  case X8H7_IOCTL_PKT_SEND:
-    retval = x8h7_pkt_send();
-    DBG_PRINT("x8h7_pkt_send() return: %ld\n", retval);
-    break;
   default:
     retval = -ENOTTY;
     break;
@@ -319,8 +313,7 @@ ssize_t x8h7_read_firmware_version(char * buf, size_t const buf_size)
 {
   struct x8h7_h7_priv * priv = x8h7_h7;
 
-  x8h7_pkt_enq(X8H7_H7_PERIPH, X8H7_H7_OC_FW_GET, 0, NULL);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(X8H7_H7_PERIPH, X8H7_H7_OC_FW_GET, 0, NULL);
   if (x8h7_h7_pkt_get(priv) < 0)
     return -ETIMEDOUT;
 
@@ -354,8 +347,7 @@ ssize_t x8h7_read_chip_uid(char * buf, size_t const buf_size)
 {
   struct x8h7_h7_priv * priv = x8h7_h7;
 
-  x8h7_pkt_enq(X8H7_H7_PERIPH, X8H7_GET_UID_REQ, 0, NULL);
-  x8h7_pkt_send();
+  x8h7_pkt_send_sync(X8H7_H7_PERIPH, X8H7_GET_UID_REQ, 0, NULL);
   if (x8h7_h7_pkt_get(priv) < 0)
     return -ETIMEDOUT;