lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CACPK8XeOT6NvEe=oBZ9dUJynHougj-mTMAC2FCwDkvpzBaTKDQ@mail.gmail.com>
Date:   Tue, 24 May 2022 02:12:45 +0000
From:   Joel Stanley <joel@....id.au>
To:     Eddie James <eajames@...ux.ibm.com>
Cc:     linux-iio@...r.kernel.org,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Lars-Peter Clausen <lars@...afoo.de>,
        Jonathan Cameron <jic23@...nel.org>
Subject: Re: [PATCH v2 2/2] iio: pressure: dps310: Reset chip if MEAS_CFG is corrupt

On Wed, 18 May 2022 at 14:48, Eddie James <eajames@...ux.ibm.com> wrote:
>
> Corruption of the MEAS_CFG register has been observed soon after
> system boot. In order to recover this scenario, check MEAS_CFG if
> measurement isn't ready, and if it's incorrect, reset the DPS310
> and execute the startup procedure.

I have some suggestions below on how to rework to make the code easier
to understand. But before we got to that, I had some high level
questions:


You don't seem to be setting the en bits in the CFG register after
doing the reset. Is that required?

Are we ok to sleep for 2.5ms in the iio_info->read_raw callback?


>
> Fixes: ba6ec48e76bc ("iio: Add driver for Infineon DPS310")
> Signed-off-by: Eddie James <eajames@...ux.ibm.com>
> ---
>  drivers/iio/pressure/dps310.c | 89 ++++++++++++++++++++++++++++-------
>  1 file changed, 71 insertions(+), 18 deletions(-)
>
> diff --git a/drivers/iio/pressure/dps310.c b/drivers/iio/pressure/dps310.c
> index f79b274bb38d..c6d02679ef33 100644
> --- a/drivers/iio/pressure/dps310.c
> +++ b/drivers/iio/pressure/dps310.c
> @@ -397,6 +397,39 @@ static int dps310_get_temp_k(struct dps310_data *data)
>         return scale_factors[ilog2(rc)];
>  }
>
> +/* Called with lock held */

Perhaps add this to your comment: Returns a negative value on error, a
positive value when the device is not ready (and may have been reset
due to corruption), and zero when the device is ready.

> +static int dps310_check_reset_meas_cfg(struct dps310_data *data, int ready_bit)
> +{
> +       int en = DPS310_PRS_EN | DPS310_TEMP_EN | DPS310_BACKGROUND;
> +       int meas_cfg;
> +       int rc = regmap_read(data->regmap, DPS310_MEAS_CFG, &meas_cfg);
> +
> +       if (rc < 0)
> +               return rc;
> +
> +       if (meas_cfg & ready_bit)
> +               return 0;
> +
> +       if ((meas_cfg & en) != en) {
> +               /* DPS310 register state corrupt, better start from scratch */
> +               rc = regmap_write(data->regmap, DPS310_RESET,
> +                                 DPS310_RESET_MAGIC);
> +               if (rc < 0)
> +                       return rc;
> +
> +               /* Wait for device chip access: 2.5ms in specification */
> +               usleep_range(2500, 12000);
> +               rc = dps310_startup(data);
> +               if (rc)
> +                       return rc;
> +
> +               dev_info(&data->client->dev,
> +                        "recovered from corrupted MEAS_CFG=%02x\n", meas_cfg);
> +       }
> +
> +       return 1;

I'm confused about this case. We get there when the device doesn't
have ready_bit set in meas_cfg and we've done a reset, but we also get
here when the bit isn't set and we haven't done anything to resolve it
(after re-reading the code I understand now, but perhaps reworking it
as follows will make it clear):

Could we write it like this:

if (meas_cfg & ready_bit) {
  /* Device ready, must be okay */
  return 0;
}

 if (meas_cfg & en) {
   /* Device okay (but not ready), no action required */
   return 1;
}

  /* DPS310 register state corrupt, better start from scratch */
...
 return 1;


> +}
> +
>  static int dps310_read_pres_raw(struct dps310_data *data)
>  {
>         int rc;
> @@ -409,15 +442,25 @@ static int dps310_read_pres_raw(struct dps310_data *data)
>         if (mutex_lock_interruptible(&data->lock))
>                 return -EINTR;
>
> -       rate = dps310_get_pres_samp_freq(data);
> -       timeout = DPS310_POLL_TIMEOUT_US(rate);
> -
> -       /* Poll for sensor readiness; base the timeout upon the sample rate. */
> -       rc = regmap_read_poll_timeout(data->regmap, DPS310_MEAS_CFG, ready,
> -                                     ready & DPS310_PRS_RDY,
> -                                     DPS310_POLL_SLEEP_US(timeout), timeout);
> -       if (rc)
> -               goto done;
> +       rc = dps310_check_reset_meas_cfg(data, DPS310_PRS_RDY);

can we do this:

 if (rc < 0)
   goto done;

if (rc > 0) {

}

The rework I suggest makes it clearer that we've considered the '0'
case, when the device is ready before this code runs.

> +       if (rc) {
> +               if (rc < 0)
> +                       goto done;
> +
> +               rate = dps310_get_pres_samp_freq(data);
> +               timeout = DPS310_POLL_TIMEOUT_US(rate);
> +
> +               /*
> +                * Poll for sensor readiness; base the timeout upon the sample
> +                * rate.
> +                */
> +               rc = regmap_read_poll_timeout(data->regmap, DPS310_MEAS_CFG,
> +                                             ready, ready & DPS310_PRS_RDY,
> +                                             DPS310_POLL_SLEEP_US(timeout),
> +                                             timeout);
> +               if (rc)
> +                       goto done;
> +       }
>
>         rc = regmap_bulk_read(data->regmap, DPS310_PRS_BASE, val, sizeof(val));
>         if (rc < 0)
> @@ -458,15 +501,25 @@ static int dps310_read_temp_raw(struct dps310_data *data)
>         if (mutex_lock_interruptible(&data->lock))
>                 return -EINTR;
>
> -       rate = dps310_get_temp_samp_freq(data);
> -       timeout = DPS310_POLL_TIMEOUT_US(rate);
> -
> -       /* Poll for sensor readiness; base the timeout upon the sample rate. */
> -       rc = regmap_read_poll_timeout(data->regmap, DPS310_MEAS_CFG, ready,
> -                                     ready & DPS310_TMP_RDY,
> -                                     DPS310_POLL_SLEEP_US(timeout), timeout);
> -       if (rc < 0)
> -               goto done;
> +       rc = dps310_check_reset_meas_cfg(data, DPS310_TMP_RDY);
> +       if (rc) {
> +               if (rc < 0)
> +                       goto done;
> +
> +               rate = dps310_get_temp_samp_freq(data);
> +               timeout = DPS310_POLL_TIMEOUT_US(rate);
> +
> +               /*
> +                * Poll for sensor readiness; base the timeout upon the sample
> +                * rate.
> +                */
> +               rc = regmap_read_poll_timeout(data->regmap, DPS310_MEAS_CFG,
> +                                             ready, ready & DPS310_TMP_RDY,
> +                                             DPS310_POLL_SLEEP_US(timeout),
> +                                             timeout);
> +               if (rc < 0)
> +                       goto done;
> +       }
>
>         rc = dps310_read_temp_ready(data);
>
> --
> 2.27.0
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ