Linux v4.9.9
Fix DMA on stack from 1-wire driver (rhbz 1415397)
This commit is contained in:
parent
be9b0fe86d
commit
85f99ff3de
|
@ -1,64 +0,0 @@
|
|||
From fb1d9d3f95654f00c4156129f3cd90d3efe32d26 Mon Sep 17 00:00:00 2001
|
||||
From: Jiri Kosina <jkosina@suse.cz>
|
||||
Date: Wed, 25 Jan 2017 20:52:33 +0100
|
||||
Subject: [PATCH] x86/efi: always map first physical page into EFI pagetables
|
||||
|
||||
Commit 129766708 ("x86/efi: Only map RAM into EFI page tables if in
|
||||
mixed-mode") stopped creating 1:1 mapping for all RAM in case of running
|
||||
in native 64bit mode.
|
||||
|
||||
It turns out though that there are 64bit EFI implementations in the wild
|
||||
(this particular problem has been reported on Lenovo Yoga 710-11IKB) which
|
||||
still make use of first physical page for their own private use (which is
|
||||
what legacy BIOS used to do, but EFI specification doesn't grant any such
|
||||
right to EFI BIOS ... oh well).
|
||||
|
||||
In case there is no mapping for this particular frame in EFI pagetables,
|
||||
as soon as firmware tries to make use of it, triple fault occurs and the
|
||||
system reboots (in case of Yoga 710-11IKB this is very early during boot).
|
||||
|
||||
Fix that by always mapping the first page of physical memory into EFI
|
||||
pagetables.
|
||||
|
||||
Note: just reverting 129766708 is not enough on v4.9-rc1+ to fix the
|
||||
regression on affected hardware, as commit ab72a27da ("x86/efi:
|
||||
Consolidate region mapping logic") later made the first physical frame not
|
||||
to be mapped anyway.
|
||||
|
||||
Fixes: 129766708 ("x86/efi: Only map RAM into EFI page tables if in mixed-mode")
|
||||
Cc: stable@kernel.org # v4.8+
|
||||
Cc: Waiman Long <waiman.long@hpe.com>
|
||||
Cc: Borislav Petkov <bp@suse.de>
|
||||
Cc: Laura Abbott <labbott@redhat.com>
|
||||
Cc: Vojtech Pavlik <vojtech@ucw.cz>
|
||||
Reported-by: Hanka Pavlikova <hanka@ucw.cz>
|
||||
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
|
||||
---
|
||||
arch/x86/platform/efi/efi_64.c | 11 +++++++++++
|
||||
1 file changed, 11 insertions(+)
|
||||
|
||||
diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c
|
||||
index 319148bd4b05..02ae2abe8b8e 100644
|
||||
--- a/arch/x86/platform/efi/efi_64.c
|
||||
+++ b/arch/x86/platform/efi/efi_64.c
|
||||
@@ -269,6 +269,17 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
|
||||
efi_scratch.use_pgd = true;
|
||||
|
||||
/*
|
||||
+ * Certain firmware versions are way too sentimental and still believe
|
||||
+ * they are exclusive and unquestionable owners of first physical page.
|
||||
+ * Create 1:1 mapping for this page to avoid triple faults during early
|
||||
+ * boot with such firmware.
|
||||
+ */
|
||||
+ if (kernel_map_pages_in_pgd(pgd, 0x0, 0x0, 1, _PAGE_RW)) {
|
||||
+ pr_err("Failed to create 1:1 mapping of first page\n");
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ /*
|
||||
* When making calls to the firmware everything needs to be 1:1
|
||||
* mapped and addressable with 32-bit pointers. Map the kernel
|
||||
* text and allocate a new stack because we can't rely on the
|
||||
--
|
||||
2.11.0
|
||||
|
|
@ -1,90 +0,0 @@
|
|||
From patchwork Mon Jan 30 15:23:24 2017
|
||||
Content-Type: text/plain; charset="utf-8"
|
||||
MIME-Version: 1.0
|
||||
Content-Transfer-Encoding: 7bit
|
||||
Subject: PCI/ASPM: Handle PCI-to-PCIe bridges as roots of PCIe hierarchies
|
||||
From: Bjorn Helgaas <bhelgaas@google.com>
|
||||
X-Patchwork-Id: 9545603
|
||||
Message-Id: <20170130152324.32437.37400.stgit@bhelgaas-glaptop.roam.corp.google.com>
|
||||
To: linux-pci@vger.kernel.org
|
||||
Cc: Jao Ching Chen <jcchen@pericom.com>, lists@ssl-mail.com,
|
||||
linux-kernel@vger.kernel.org, Blake Moore <blake.moore@men.de>,
|
||||
Takashi Iwai <tiwai@suse.com>
|
||||
Date: Mon, 30 Jan 2017 09:23:24 -0600
|
||||
|
||||
In a struct pcie_link_state, link->root points to the pcie_link_state of
|
||||
the root of the PCIe hierarchy. For the topmost link, this points to
|
||||
itself (link->root = link). For others, we copy the pointer from the
|
||||
parent (link->root = link->parent->root).
|
||||
|
||||
Previously we recognized that Root Ports originated PCIe hierarchies, but
|
||||
we treated PCI/PCI-X to PCIe Bridges as being in the middle of the
|
||||
hierarchy, and when we tried to copy the pointer from link->parent->root,
|
||||
there was no parent, and we dereferenced a NULL pointer:
|
||||
|
||||
BUG: unable to handle kernel NULL pointer dereference at 0000000000000090
|
||||
IP: [<ffffffff9e424350>] pcie_aspm_init_link_state+0x170/0x820
|
||||
|
||||
Recognize that PCI/PCI-X to PCIe Bridges originate PCIe hierarchies just
|
||||
like Root Ports do, so link->root for these devices should also point to
|
||||
itself.
|
||||
|
||||
Fixes: 51ebfc92b72b ("PCI: Enumerate switches below PCI-to-PCIe bridges")
|
||||
Link: https://bugzilla.kernel.org/show_bug.cgi?id=193411
|
||||
Link: https://bugzilla.opensuse.org/show_bug.cgi?id=1022181
|
||||
Tested-by: lists@ssl-mail.com
|
||||
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
|
||||
CC: stable@vger.kernel.org # v4.2+
|
||||
---
|
||||
drivers/pci/pcie/aspm.c | 19 +++++++++++++------
|
||||
1 file changed, 13 insertions(+), 6 deletions(-)
|
||||
|
||||
|
||||
--
|
||||
To unsubscribe from this list: send the line "unsubscribe linux-pci" in
|
||||
the body of a message to majordomo@vger.kernel.org
|
||||
More majordomo info at http://vger.kernel.org/majordomo-info.html
|
||||
|
||||
diff --git a/drivers/pci/pcie/aspm.c b/drivers/pci/pcie/aspm.c
|
||||
index 17ac1dce3286..3dd8bcbb3011 100644
|
||||
--- a/drivers/pci/pcie/aspm.c
|
||||
+++ b/drivers/pci/pcie/aspm.c
|
||||
@@ -532,25 +532,32 @@ static struct pcie_link_state *alloc_pcie_link_state(struct pci_dev *pdev)
|
||||
link = kzalloc(sizeof(*link), GFP_KERNEL);
|
||||
if (!link)
|
||||
return NULL;
|
||||
+
|
||||
INIT_LIST_HEAD(&link->sibling);
|
||||
INIT_LIST_HEAD(&link->children);
|
||||
INIT_LIST_HEAD(&link->link);
|
||||
link->pdev = pdev;
|
||||
- if (pci_pcie_type(pdev) != PCI_EXP_TYPE_ROOT_PORT) {
|
||||
+
|
||||
+ /*
|
||||
+ * Root Ports and PCI/PCI-X to PCIe Bridges are roots of PCIe
|
||||
+ * hierarchies.
|
||||
+ */
|
||||
+ if (pci_pcie_type(pdev) == PCI_EXP_TYPE_ROOT_PORT ||
|
||||
+ pci_pcie_type(pdev) == PCI_EXP_TYPE_PCIE_BRIDGE) {
|
||||
+ link->root = link;
|
||||
+ } else {
|
||||
struct pcie_link_state *parent;
|
||||
+
|
||||
parent = pdev->bus->parent->self->link_state;
|
||||
if (!parent) {
|
||||
kfree(link);
|
||||
return NULL;
|
||||
}
|
||||
+
|
||||
link->parent = parent;
|
||||
+ link->root = link->parent->root;
|
||||
list_add(&link->link, &parent->children);
|
||||
}
|
||||
- /* Setup a pointer to the root port link */
|
||||
- if (!link->parent)
|
||||
- link->root = link;
|
||||
- else
|
||||
- link->root = link->parent->root;
|
||||
|
||||
list_add(&link->sibling, &link_list);
|
||||
pdev->link_state = link;
|
17
kernel.spec
17
kernel.spec
|
@ -42,7 +42,7 @@ Summary: The Linux kernel
|
|||
# For non-released -rc kernels, this will be appended after the rcX and
|
||||
# gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
|
||||
#
|
||||
%global baserelease 201
|
||||
%global baserelease 200
|
||||
%global fedora_build %{baserelease}
|
||||
|
||||
# base_sublevel is the kernel version we're starting with and patching
|
||||
|
@ -54,7 +54,7 @@ Summary: The Linux kernel
|
|||
%if 0%{?released_kernel}
|
||||
|
||||
# Do we have a -stable update to apply?
|
||||
%define stable_update 8
|
||||
%define stable_update 9
|
||||
# Set rpm version accordingly
|
||||
%if 0%{?stable_update}
|
||||
%define stablerev %{stable_update}
|
||||
|
@ -631,15 +631,9 @@ Patch851: selinux-namespace-fix.patch
|
|||
#rhbz 1390308
|
||||
Patch852: nouveau-add-maxwell-to-backlight-init.patch
|
||||
|
||||
#The saddest EFI firmware bug
|
||||
Patch854: 0001-x86-efi-always-map-first-physical-page-into-EFI-page.patch
|
||||
|
||||
# CVE-2017-2596 rhbz 1417812 1417813
|
||||
Patch855: kvm-fix-page-struct-leak-in-handle_vmon.patch
|
||||
|
||||
# rhbz 1418858
|
||||
Patch856: PCI-ASPM-Handle-PCI-to-PCIe-bridges-as-roots-of-PCIe-hierarchies.patch
|
||||
|
||||
#CVE-2017-5897 rhbz 1419848 1419851
|
||||
Patch857: ip6_gre-fix-ip6gre_err-invalid-reads.patch
|
||||
|
||||
|
@ -650,6 +644,9 @@ Patch859: 2-2-media-dvb-usb-firmware-don-t-do-DMA-on-stack.patch
|
|||
#rhbz 1420276
|
||||
Patch860: 0001-sctp-avoid-BUG_ON-on-sctp_wait_for_sndbuf.patch
|
||||
|
||||
#rhbz 1415397
|
||||
Patch861: w1-ds2490-USB-transfer-buffers-need-to-be-DMAable.patch
|
||||
|
||||
# END OF PATCH DEFINITIONS
|
||||
|
||||
%endif
|
||||
|
@ -2197,6 +2194,10 @@ fi
|
|||
#
|
||||
#
|
||||
%changelog
|
||||
* Thu Feb 09 2017 Laura Abbott <labbott@fedoraproject.org> - 4.9.9-200
|
||||
- Linux v4.9.9
|
||||
- Fix DMA on stack from 1-wire driver (rhbz 1415397)
|
||||
|
||||
* Thu Feb 9 2017 Justin M. Forbes <jforbes@fedoraproject.org>
|
||||
- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (rhbz 1420276)
|
||||
|
||||
|
|
|
@ -0,0 +1,360 @@
|
|||
From patchwork Wed Jan 18 20:31:11 2017
|
||||
Content-Type: text/plain; charset="utf-8"
|
||||
MIME-Version: 1.0
|
||||
Content-Transfer-Encoding: 7bit
|
||||
Subject: w1: ds2490: USB transfer buffers need to be DMAable
|
||||
From: "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
|
||||
X-Patchwork-Id: 9524693
|
||||
Message-Id: <5ba98814-d0b0-fbd4-d631-eda3472f4017@maciej.szmigiero.name>
|
||||
To: Evgeniy Polyakov <zbr@ioremap.net>
|
||||
Cc: linux-kernel <linux-kernel@vger.kernel.org>
|
||||
Date: Wed, 18 Jan 2017 21:31:11 +0100
|
||||
|
||||
ds2490 driver was doing USB transfers from / to buffers on a stack.
|
||||
This is not permitted and made the driver non-working with vmapped stacks.
|
||||
|
||||
Since all these transfers are done under the same bus_mutex lock we can
|
||||
simply use shared buffers in a device private structure for two most common
|
||||
of them.
|
||||
|
||||
While we are at it, let's also fix a comparison between int and size_t in
|
||||
ds9490r_search() which made the driver spin in this function if state
|
||||
register get requests were failing.
|
||||
|
||||
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
|
||||
Cc: stable@vger.kernel.org
|
||||
---
|
||||
drivers/w1/masters/ds2490.c | 142 ++++++++++++++++++++++++++------------------
|
||||
1 file changed, 84 insertions(+), 58 deletions(-)
|
||||
|
||||
diff --git a/drivers/w1/masters/ds2490.c b/drivers/w1/masters/ds2490.c
|
||||
index 049a884a756f..59d74d1b47a8 100644
|
||||
--- a/drivers/w1/masters/ds2490.c
|
||||
+++ b/drivers/w1/masters/ds2490.c
|
||||
@@ -153,6 +153,9 @@ struct ds_device
|
||||
*/
|
||||
u16 spu_bit;
|
||||
|
||||
+ u8 st_buf[ST_SIZE];
|
||||
+ u8 byte_buf;
|
||||
+
|
||||
struct w1_bus_master master;
|
||||
};
|
||||
|
||||
@@ -174,7 +177,6 @@ struct ds_status
|
||||
u8 data_in_buffer_status;
|
||||
u8 reserved1;
|
||||
u8 reserved2;
|
||||
-
|
||||
};
|
||||
|
||||
static struct usb_device_id ds_id_table [] = {
|
||||
@@ -244,28 +246,6 @@ static int ds_send_control(struct ds_device *dev, u16 value, u16 index)
|
||||
return err;
|
||||
}
|
||||
|
||||
-static int ds_recv_status_nodump(struct ds_device *dev, struct ds_status *st,
|
||||
- unsigned char *buf, int size)
|
||||
-{
|
||||
- int count, err;
|
||||
-
|
||||
- memset(st, 0, sizeof(*st));
|
||||
-
|
||||
- count = 0;
|
||||
- err = usb_interrupt_msg(dev->udev, usb_rcvintpipe(dev->udev,
|
||||
- dev->ep[EP_STATUS]), buf, size, &count, 1000);
|
||||
- if (err < 0) {
|
||||
- pr_err("Failed to read 1-wire data from 0x%x: err=%d.\n",
|
||||
- dev->ep[EP_STATUS], err);
|
||||
- return err;
|
||||
- }
|
||||
-
|
||||
- if (count >= sizeof(*st))
|
||||
- memcpy(st, buf, sizeof(*st));
|
||||
-
|
||||
- return count;
|
||||
-}
|
||||
-
|
||||
static inline void ds_print_msg(unsigned char *buf, unsigned char *str, int off)
|
||||
{
|
||||
pr_info("%45s: %8x\n", str, buf[off]);
|
||||
@@ -324,6 +304,35 @@ static void ds_dump_status(struct ds_device *dev, unsigned char *buf, int count)
|
||||
}
|
||||
}
|
||||
|
||||
+static int ds_recv_status(struct ds_device *dev, struct ds_status *st,
|
||||
+ bool dump)
|
||||
+{
|
||||
+ int count, err;
|
||||
+
|
||||
+ if (st)
|
||||
+ memset(st, 0, sizeof(*st));
|
||||
+
|
||||
+ count = 0;
|
||||
+ err = usb_interrupt_msg(dev->udev,
|
||||
+ usb_rcvintpipe(dev->udev,
|
||||
+ dev->ep[EP_STATUS]),
|
||||
+ dev->st_buf, sizeof(dev->st_buf),
|
||||
+ &count, 1000);
|
||||
+ if (err < 0) {
|
||||
+ pr_err("Failed to read 1-wire data from 0x%x: err=%d.\n",
|
||||
+ dev->ep[EP_STATUS], err);
|
||||
+ return err;
|
||||
+ }
|
||||
+
|
||||
+ if (dump)
|
||||
+ ds_dump_status(dev, dev->st_buf, count);
|
||||
+
|
||||
+ if (st && count >= sizeof(*st))
|
||||
+ memcpy(st, dev->st_buf, sizeof(*st));
|
||||
+
|
||||
+ return count;
|
||||
+}
|
||||
+
|
||||
static void ds_reset_device(struct ds_device *dev)
|
||||
{
|
||||
ds_send_control_cmd(dev, CTL_RESET_DEVICE, 0);
|
||||
@@ -344,7 +353,6 @@ static void ds_reset_device(struct ds_device *dev)
|
||||
static int ds_recv_data(struct ds_device *dev, unsigned char *buf, int size)
|
||||
{
|
||||
int count, err;
|
||||
- struct ds_status st;
|
||||
|
||||
/* Careful on size. If size is less than what is available in
|
||||
* the input buffer, the device fails the bulk transfer and
|
||||
@@ -359,14 +367,9 @@ static int ds_recv_data(struct ds_device *dev, unsigned char *buf, int size)
|
||||
err = usb_bulk_msg(dev->udev, usb_rcvbulkpipe(dev->udev, dev->ep[EP_DATA_IN]),
|
||||
buf, size, &count, 1000);
|
||||
if (err < 0) {
|
||||
- u8 buf[ST_SIZE];
|
||||
- int count;
|
||||
-
|
||||
pr_info("Clearing ep0x%x.\n", dev->ep[EP_DATA_IN]);
|
||||
usb_clear_halt(dev->udev, usb_rcvbulkpipe(dev->udev, dev->ep[EP_DATA_IN]));
|
||||
-
|
||||
- count = ds_recv_status_nodump(dev, &st, buf, sizeof(buf));
|
||||
- ds_dump_status(dev, buf, count);
|
||||
+ ds_recv_status(dev, NULL, true);
|
||||
return err;
|
||||
}
|
||||
|
||||
@@ -404,7 +407,6 @@ int ds_stop_pulse(struct ds_device *dev, int limit)
|
||||
{
|
||||
struct ds_status st;
|
||||
int count = 0, err = 0;
|
||||
- u8 buf[ST_SIZE];
|
||||
|
||||
do {
|
||||
err = ds_send_control(dev, CTL_HALT_EXE_IDLE, 0);
|
||||
@@ -413,7 +415,7 @@ int ds_stop_pulse(struct ds_device *dev, int limit)
|
||||
err = ds_send_control(dev, CTL_RESUME_EXE, 0);
|
||||
if (err)
|
||||
break;
|
||||
- err = ds_recv_status_nodump(dev, &st, buf, sizeof(buf));
|
||||
+ err = ds_recv_status(dev, &st, false);
|
||||
if (err)
|
||||
break;
|
||||
|
||||
@@ -456,18 +458,17 @@ int ds_detect(struct ds_device *dev, struct ds_status *st)
|
||||
|
||||
static int ds_wait_status(struct ds_device *dev, struct ds_status *st)
|
||||
{
|
||||
- u8 buf[ST_SIZE];
|
||||
int err, count = 0;
|
||||
|
||||
do {
|
||||
st->status = 0;
|
||||
- err = ds_recv_status_nodump(dev, st, buf, sizeof(buf));
|
||||
+ err = ds_recv_status(dev, st, false);
|
||||
#if 0
|
||||
if (err >= 0) {
|
||||
int i;
|
||||
printk("0x%x: count=%d, status: ", dev->ep[EP_STATUS], err);
|
||||
for (i=0; i<err; ++i)
|
||||
- printk("%02x ", buf[i]);
|
||||
+ printk("%02x ", dev->st_buf[i]);
|
||||
printk("\n");
|
||||
}
|
||||
#endif
|
||||
@@ -485,7 +486,7 @@ static int ds_wait_status(struct ds_device *dev, struct ds_status *st)
|
||||
* can do something with it).
|
||||
*/
|
||||
if (err > 16 || count >= 100 || err < 0)
|
||||
- ds_dump_status(dev, buf, err);
|
||||
+ ds_dump_status(dev, dev->st_buf, err);
|
||||
|
||||
/* Extended data isn't an error. Well, a short is, but the dump
|
||||
* would have already told the user that and we can't do anything
|
||||
@@ -608,7 +609,6 @@ static int ds_write_byte(struct ds_device *dev, u8 byte)
|
||||
{
|
||||
int err;
|
||||
struct ds_status st;
|
||||
- u8 rbyte;
|
||||
|
||||
err = ds_send_control(dev, COMM_BYTE_IO | COMM_IM | dev->spu_bit, byte);
|
||||
if (err)
|
||||
@@ -621,11 +621,11 @@ static int ds_write_byte(struct ds_device *dev, u8 byte)
|
||||
if (err)
|
||||
return err;
|
||||
|
||||
- err = ds_recv_data(dev, &rbyte, sizeof(rbyte));
|
||||
+ err = ds_recv_data(dev, &dev->byte_buf, 1);
|
||||
if (err < 0)
|
||||
return err;
|
||||
|
||||
- return !(byte == rbyte);
|
||||
+ return !(byte == dev->byte_buf);
|
||||
}
|
||||
|
||||
static int ds_read_byte(struct ds_device *dev, u8 *byte)
|
||||
@@ -712,7 +712,6 @@ static void ds9490r_search(void *data, struct w1_master *master,
|
||||
int err;
|
||||
u16 value, index;
|
||||
struct ds_status st;
|
||||
- u8 st_buf[ST_SIZE];
|
||||
int search_limit;
|
||||
int found = 0;
|
||||
int i;
|
||||
@@ -724,7 +723,12 @@ static void ds9490r_search(void *data, struct w1_master *master,
|
||||
/* FIFO 128 bytes, bulk packet size 64, read a multiple of the
|
||||
* packet size.
|
||||
*/
|
||||
- u64 buf[2*64/8];
|
||||
+ const size_t bufsize = 2 * 64;
|
||||
+ u64 *buf;
|
||||
+
|
||||
+ buf = kmalloc(bufsize, GFP_KERNEL);
|
||||
+ if (!buf)
|
||||
+ return;
|
||||
|
||||
mutex_lock(&master->bus_mutex);
|
||||
|
||||
@@ -745,10 +749,9 @@ static void ds9490r_search(void *data, struct w1_master *master,
|
||||
do {
|
||||
schedule_timeout(jtime);
|
||||
|
||||
- if (ds_recv_status_nodump(dev, &st, st_buf, sizeof(st_buf)) <
|
||||
- sizeof(st)) {
|
||||
+ err = ds_recv_status(dev, &st, false);
|
||||
+ if (err < 0 || err < sizeof(st))
|
||||
break;
|
||||
- }
|
||||
|
||||
if (st.data_in_buffer_status) {
|
||||
/* Bulk in can receive partial ids, but when it does
|
||||
@@ -758,7 +761,7 @@ static void ds9490r_search(void *data, struct w1_master *master,
|
||||
* bulk without first checking if status says there
|
||||
* is data to read.
|
||||
*/
|
||||
- err = ds_recv_data(dev, (u8 *)buf, sizeof(buf));
|
||||
+ err = ds_recv_data(dev, (u8 *)buf, bufsize);
|
||||
if (err < 0)
|
||||
break;
|
||||
for (i = 0; i < err/8; ++i) {
|
||||
@@ -794,9 +797,14 @@ static void ds9490r_search(void *data, struct w1_master *master,
|
||||
}
|
||||
search_out:
|
||||
mutex_unlock(&master->bus_mutex);
|
||||
+ kfree(buf);
|
||||
}
|
||||
|
||||
#if 0
|
||||
+/*
|
||||
+ * FIXME: if this disabled code is ever used in the future all ds_send_data()
|
||||
+ * calls must be changed to use a DMAable buffer.
|
||||
+ */
|
||||
static int ds_match_access(struct ds_device *dev, u64 init)
|
||||
{
|
||||
int err;
|
||||
@@ -845,13 +853,12 @@ static int ds_set_path(struct ds_device *dev, u64 init)
|
||||
|
||||
static u8 ds9490r_touch_bit(void *data, u8 bit)
|
||||
{
|
||||
- u8 ret;
|
||||
struct ds_device *dev = data;
|
||||
|
||||
- if (ds_touch_bit(dev, bit, &ret))
|
||||
+ if (ds_touch_bit(dev, bit, &dev->byte_buf))
|
||||
return 0;
|
||||
|
||||
- return ret;
|
||||
+ return dev->byte_buf;
|
||||
}
|
||||
|
||||
#if 0
|
||||
@@ -866,13 +873,12 @@ static u8 ds9490r_read_bit(void *data)
|
||||
{
|
||||
struct ds_device *dev = data;
|
||||
int err;
|
||||
- u8 bit = 0;
|
||||
|
||||
- err = ds_touch_bit(dev, 1, &bit);
|
||||
+ err = ds_touch_bit(dev, 1, &dev->byte_buf);
|
||||
if (err)
|
||||
return 0;
|
||||
|
||||
- return bit & 1;
|
||||
+ return dev->byte_buf & 1;
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -887,32 +893,52 @@ static u8 ds9490r_read_byte(void *data)
|
||||
{
|
||||
struct ds_device *dev = data;
|
||||
int err;
|
||||
- u8 byte = 0;
|
||||
|
||||
- err = ds_read_byte(dev, &byte);
|
||||
+ err = ds_read_byte(dev, &dev->byte_buf);
|
||||
if (err)
|
||||
return 0;
|
||||
|
||||
- return byte;
|
||||
+ return dev->byte_buf;
|
||||
}
|
||||
|
||||
static void ds9490r_write_block(void *data, const u8 *buf, int len)
|
||||
{
|
||||
struct ds_device *dev = data;
|
||||
+ u8 *tbuf;
|
||||
+
|
||||
+ if (len <= 0)
|
||||
+ return;
|
||||
+
|
||||
+ tbuf = kmalloc(len, GFP_KERNEL);
|
||||
+ if (!tbuf)
|
||||
+ return;
|
||||
|
||||
- ds_write_block(dev, (u8 *)buf, len);
|
||||
+ memcpy(tbuf, buf, len);
|
||||
+ ds_write_block(dev, tbuf, len);
|
||||
+
|
||||
+ kfree(tbuf);
|
||||
}
|
||||
|
||||
static u8 ds9490r_read_block(void *data, u8 *buf, int len)
|
||||
{
|
||||
struct ds_device *dev = data;
|
||||
int err;
|
||||
+ u8 *tbuf;
|
||||
|
||||
- err = ds_read_block(dev, buf, len);
|
||||
- if (err < 0)
|
||||
+ if (len <= 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ tbuf = kmalloc(len, GFP_KERNEL);
|
||||
+ if (!tbuf)
|
||||
return 0;
|
||||
|
||||
- return len;
|
||||
+ err = ds_read_block(dev, tbuf, len);
|
||||
+ if (err >= 0)
|
||||
+ memcpy(buf, tbuf, len);
|
||||
+
|
||||
+ kfree(tbuf);
|
||||
+
|
||||
+ return err >= 0 ? len : 0;
|
||||
}
|
||||
|
||||
static u8 ds9490r_reset(void *data)
|
Loading…
Reference in New Issue