| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 3 May 2021 01:07:04 +0200
From: Ansuel Smith <ansuelsmth@...il.com>
To: Florian Fainelli <f.fainelli@...il.com>
Cc: Ansuel Smith <ansuelsmth@...il.com>, Andrew Lunn <andrew@...n.ch>,
Vivien Didelot <vivien.didelot@...il.com>,
Vladimir Oltean <olteanv@...il.com>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Russell King <linux@...linux.org.uk>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [RFC PATCH net-next v2 12/17] net: dsa: qca8k: dsa: qca8k: protect MASTER busy_wait with mdio mutex
MDIO_MASTER operation have a dedicated busy wait that is not protected
by the mdio mutex. This can cause situation where the MASTER operation
is done and a normal operation is executed between the MASTER read/write
and the MASTER busy_wait. Rework the qca8k_mdio_read/write function to
address this issue by binding the lock for the whole MASTER operation
and not only the mdio read/write common operation.
Signed-off-by: Ansuel Smith <ansuelsmth@...il.com>
---
drivers/net/dsa/qca8k.c | 69 ++++++++++++++++++++++++++++++++++-------
1 file changed, 57 insertions(+), 12 deletions(-)
diff --git a/drivers/net/dsa/qca8k.c b/drivers/net/dsa/qca8k.c
index f64e3215a515..9a1b28bcaff0 100644
--- a/drivers/net/dsa/qca8k.c
+++ b/drivers/net/dsa/qca8k.c
@@ -617,9 +617,33 @@ qca8k_port_to_phy(int port)
return port - 1;
}
+static int
+qca8k_mdio_busy_wait(struct qca8k_priv *priv, u32 reg, u32 mask)
+{
+ unsigned long timeout;
+ u16 r1, r2, page;
+
+ qca8k_split_addr(reg, &r1, &r2, &page);
+
+ timeout = jiffies + msecs_to_jiffies(20);
+
+ /* loop until the busy flag has cleared */
+ do {
+ u32 val = qca8k_mii_read32(priv->bus, 0x10 | r2, r1);
+ int busy = val & mask;
+
+ if (!busy)
+ break;
+ cond_resched();
+ } while (!time_after_eq(jiffies, timeout));
+
+ return time_after_eq(jiffies, timeout);
+}
+
static int
qca8k_mdio_write(struct qca8k_priv *priv, int port, u32 regnum, u16 data)
{
+ u16 r1, r2, page;
u32 phy, val;
int ret;
@@ -635,12 +659,22 @@ qca8k_mdio_write(struct qca8k_priv *priv, int port, u32 regnum, u16 data)
QCA8K_MDIO_MASTER_REG_ADDR(regnum) |
QCA8K_MDIO_MASTER_DATA(data);
- ret = qca8k_write(priv, QCA8K_MDIO_MASTER_CTRL, val);
+ qca8k_split_addr(QCA8K_MDIO_MASTER_CTRL, &r1, &r2, &page);
+
+ mutex_lock_nested(&priv->bus->mdio_lock, MDIO_MUTEX_NESTED);
+
+ ret = qca8k_set_page(priv->bus, page);
if (ret)
- return ret;
+ goto exit;
+
+ qca8k_mii_write32(priv->bus, 0x10 | r2, r1, val);
- ret = qca8k_busy_wait(priv, QCA8K_MDIO_MASTER_CTRL,
- QCA8K_MDIO_MASTER_BUSY);
+ if (qca8k_mdio_busy_wait(priv, QCA8K_MDIO_MASTER_CTRL,
+ QCA8K_MDIO_MASTER_BUSY))
+ ret = -ETIMEDOUT;
+
+exit:
+ mutex_unlock(&priv->bus->mdio_lock);
/* even if the busy_wait timeouts try to clear the MASTER_EN */
qca8k_reg_clear(priv, QCA8K_MDIO_MASTER_CTRL,
@@ -652,6 +686,7 @@ qca8k_mdio_write(struct qca8k_priv *priv, int port, u32 regnum, u16 data)
static int
qca8k_mdio_read(struct qca8k_priv *priv, int port, u32 regnum)
{
+ u16 r1, r2, page;
u32 phy, val;
int ret;
@@ -666,20 +701,30 @@ qca8k_mdio_read(struct qca8k_priv *priv, int port, u32 regnum)
QCA8K_MDIO_MASTER_READ | QCA8K_MDIO_MASTER_PHY_ADDR(phy) |
QCA8K_MDIO_MASTER_REG_ADDR(regnum);
- ret = qca8k_write(priv, QCA8K_MDIO_MASTER_CTRL, val);
- if (ret)
- return ret;
+ qca8k_split_addr(QCA8K_MDIO_MASTER_CTRL, &r1, &r2, &page);
- if (qca8k_busy_wait(priv, QCA8K_MDIO_MASTER_CTRL,
- QCA8K_MDIO_MASTER_BUSY))
- return -ETIMEDOUT;
+ mutex_lock_nested(&priv->bus->mdio_lock, MDIO_MUTEX_NESTED);
- ret = qca8k_read(priv, QCA8K_MDIO_MASTER_CTRL, &val);
+ ret = qca8k_set_page(priv->bus, page);
if (ret)
- return ret;
+ goto exit;
+
+ qca8k_mii_write32(priv->bus, 0x10 | r2, r1, val);
+
+ if (qca8k_mdio_busy_wait(priv, QCA8K_MDIO_MASTER_CTRL,
+ QCA8K_MDIO_MASTER_BUSY))
+ val = -ETIMEDOUT;
+ else
+ val = qca8k_mii_read32(priv->bus, 0x10 | r2, r1);
val &= QCA8K_MDIO_MASTER_DATA_MASK;
+exit:
+ mutex_unlock(&priv->bus->mdio_lock);
+
+ if (val >= 0)
+ val &= QCA8K_MDIO_MASTER_DATA_MASK;
+
/* even if the busy_wait timeouts try to clear the MASTER_EN */
qca8k_reg_clear(priv, QCA8K_MDIO_MASTER_CTRL,
QCA8K_MDIO_MASTER_EN);
--
2.30.2
Powered by blists - more mailing lists