[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4B5B0CEB.8060707@s5r6.in-berlin.de>
Date: Sat, 23 Jan 2010 15:51:23 +0100
From: Stefan Richter <stefanr@...6.in-berlin.de>
To: Clemens Ladisch <cladisch@...tmail.net>
CC: linux-kernel@...r.kernel.org, linux1394-devel@...ts.sourceforge.net
Subject: Re: [PATCH 1/5] firewire: fix use of multiple AV/C devices, allow
multiple FCP listeners
Stefan Richter wrote:
> Date: Thu, 24 Dec 2009 12:05:58 +0100
> From: Clemens Ladisch <cladisch@...tmail.net>
>
> Control of more than one AV/C device at once --- e.g. camcorders, tape
> decks, audio devices, TV tuners --- failed or worked only unreliably,
> depending on driver implementation. This affected kernelspace and
> userspace drivers alike and was caused by firewire-core's inability to
> accept multiple registrations of FCP listeners.
>
> The fix allows multiple address handlers to be registered for the FCP
> command and response registers. When a request for these registers is
> received, all handlers are invoked, and the Firewire response is
> generated by the core and not by any handler.
>
> The cdev API does not change, i.e., userspace is still expected to send
> a response for FCP requests; this response is silently ignored.
>
> Signed-off-by: Clemens Ladisch <clemens@...isch.de>
> Signed-off-by: Stefan Richter <stefanr@...6.in-berlin.de> (changelog, rebased, whitespace)
I tested this on another box which has more kernel debug options enabled
than my current mainly used box. Alas, there is a serious regression on
that box:
1.) testlibraw now always shows:
- testing FCP monitoring on local node
got fcp command from node 0 of 8 bytes:ERROR: fcp payload not correct
6b 6b 6b 6b 6b 6b 6b 6b
got fcp response from node 0 of 8 bytes:ERROR: fcp payload not correct
6b 6b 6b 6b 6b 6b 6b 6b
2.) gscanbus's AV/C controls work but are now very quick to segfault.
3.) Kino frequently shows 6b:6b:6b:6b as timestamp when a DV camcorder
in "record" mode is connected.
4.) Kino is unable to determine the presence of a DV camcorder if the
camcorder is in "play" mode.
Only the AV/C kernel driver firedtv still works (tested with kaffeine).
0x6b is the POISON_FREE pattern in <linux/poison.h>. So, we apparently
have a use-after-free issue with FCP responses in firewire-core's cdev
interface now.
None of this happened before the patch. (There this box with otherwise
identical kernel and modules only exhibits the problem that was fixed by
the patch, i.e. no more than one FCP listener possible at a time.)
--
Stefan Richter
-=====-==-=- ---= =-===
http://arcgraph.de/sr/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists