greybus-dev

greybus-dev@lists.linaro.org

4 participants
756 discussions

[PATCH] staging: greybus: authenticate: fix alignment and type warning

by Kosugi Souta

Fix the following checkpatch.pl warning and check: - Warning: Prefer 'unsigned long long' over 'unsigned long long int' - Check: Alignment should match open parenthesis Signed-off-by: Kosugi Souta <k.souta0926(a)gmail.com> --- drivers/staging/greybus/Documentation/firmware/authenticate.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/staging/greybus/Documentation/firmware/authenticate.c b/drivers/staging/greybus/Documentation/firmware/authenticate.c index 3d2c6f88a138..ba4b16b04557 100644 --- a/drivers/staging/greybus/Documentation/firmware/authenticate.c +++ b/drivers/staging/greybus/Documentation/firmware/authenticate.c @@ -58,7 +58,7 @@ int main(int argc, char *argv[]) goto close_fd; } - printf("UID received: 0x%llx\n", *(unsigned long long int *)(uid.uid)); + printf("UID received: 0x%llx\n", *(unsigned long long *)(uid.uid)); /* Get certificate */ printf("Get IMS certificate\n"); @@ -85,7 +85,7 @@ int main(int argc, char *argv[]) } printf("Authenticated, result (%02x), sig-size (%02x)\n", - authenticate.result_code, authenticate.signature_size); + authenticate.result_code, authenticate.signature_size); close_fd: close(fd); -- 2.34.1

2 days, 16 hours

[PATCH 1/2] greybus: gb-beagleplay: fix sleep in atomic context in hdlc_tx_frames()

by Weigang He

hdlc_append() calls usleep_range() to wait for circular buffer space, but it is called with tx_producer_lock (a spinlock) held via hdlc_tx_frames() -> hdlc_append_tx_frame()/hdlc_append_tx_u8()/etc. Sleeping while holding a spinlock is illegal and can trigger "BUG: scheduling while atomic". Fix this by moving the buffer-space wait out of hdlc_append() and into hdlc_tx_frames(), before the spinlock is acquired. The new flow: 1. Pre-calculate the worst-case encoded frame length. 2. Wait (with sleep) outside the lock until enough space is available, kicking the TX consumer work to drain the buffer. 3. Acquire the spinlock, re-verify space, and write the entire frame atomically. This ensures that sleeping only happens without any lock held, and that frames are either fully enqueued or not written at all. This bug is found by CodeQL static analysis tool (interprocedural sleep-in-atomic query) and my code review. Fixes: ec558bbfea67 ("greybus: Add BeaglePlay Linux Driver") Cc: stable(a)vger.kernel.org Cc: Ayush Singh <ayushdevel1325(a)gmail.com> Cc: Johan Hovold <johan(a)kernel.org> Cc: Alex Elder <elder(a)kernel.org> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Weigang He <geoffreyhe2(a)gmail.com> --- drivers/greybus/gb-beagleplay.c | 105 +++++++++++++++++++++++++++----- 1 file changed, 89 insertions(+), 16 deletions(-) diff --git a/drivers/greybus/gb-beagleplay.c b/drivers/greybus/gb-beagleplay.c index 87186f891a6ac..da1b9039fd2f3 100644 --- a/drivers/greybus/gb-beagleplay.c +++ b/drivers/greybus/gb-beagleplay.c @@ -242,30 +242,26 @@ static void hdlc_write(struct gb_beagleplay *bg) } /** - * hdlc_append() - Queue HDLC data for sending. + * hdlc_append() - Queue a single HDLC byte for sending. * @bg: beagleplay greybus driver * @value: hdlc byte to transmit * - * Assumes that producer lock as been acquired. + * Caller must hold tx_producer_lock and must have ensured sufficient + * space in the circular buffer before calling (see hdlc_tx_frames()). */ static void hdlc_append(struct gb_beagleplay *bg, u8 value) { - int tail, head = bg->tx_circ_buf.head; + int head = bg->tx_circ_buf.head; + int tail = READ_ONCE(bg->tx_circ_buf.tail); - while (true) { - tail = READ_ONCE(bg->tx_circ_buf.tail); - - if (CIRC_SPACE(head, tail, TX_CIRC_BUF_SIZE) >= 1) { - bg->tx_circ_buf.buf[head] = value; + lockdep_assert_held(&bg->tx_producer_lock); + if (WARN_ON_ONCE(CIRC_SPACE(head, tail, TX_CIRC_BUF_SIZE) < 1)) + return; - /* Finish producing HDLC byte */ - smp_store_release(&bg->tx_circ_buf.head, - (head + 1) & (TX_CIRC_BUF_SIZE - 1)); - return; - } - dev_warn(&bg->sd->dev, "Tx circ buf full"); - usleep_range(3000, 5000); - } + bg->tx_circ_buf.buf[head] = value; + /* Ensure buffer write is visible before advancing head. */ + smp_store_release(&bg->tx_circ_buf.head, + (head + 1) & (TX_CIRC_BUF_SIZE - 1)); } static void hdlc_append_escaped(struct gb_beagleplay *bg, u8 value) @@ -313,13 +309,90 @@ static void hdlc_transmit(struct work_struct *work) spin_unlock_bh(&bg->tx_consumer_lock); } +/** + * hdlc_encoded_length() - Calculate worst-case encoded length of an HDLC frame. + * @payloads: array of payload buffers + * @count: number of payloads + * + * Returns the maximum number of bytes needed in the circular buffer. + */ +static size_t hdlc_encoded_length(const struct hdlc_payload payloads[], + size_t count) +{ + size_t i, payload_len = 0; + + for (i = 0; i < count; i++) + payload_len += payloads[i].len; + + /* + * Worst case: every data byte needs escaping (doubles in size). + * data bytes = address(1) + control(1) + payload + crc(2) + * framing = opening flag(1) + closing flag(1) + */ + return 2 + (1 + 1 + payload_len + 2) * 2; +} + +#define HDLC_TX_BUF_WAIT_RETRIES 500 +#define HDLC_TX_BUF_WAIT_US_MIN 3000 +#define HDLC_TX_BUF_WAIT_US_MAX 5000 + +/** + * hdlc_tx_frames() - Encode and queue an HDLC frame for transmission. + * @bg: beagleplay greybus driver + * @address: HDLC address field + * @control: HDLC control field + * @payloads: array of payload buffers + * @count: number of payloads + * + * Sleeps outside the spinlock until enough circular-buffer space is + * available, then verifies space under the lock and writes the entire + * frame atomically. Either a complete frame is enqueued or nothing is + * written, avoiding both sleeping in atomic context and partial frames. + */ static void hdlc_tx_frames(struct gb_beagleplay *bg, u8 address, u8 control, const struct hdlc_payload payloads[], size_t count) { + size_t needed = hdlc_encoded_length(payloads, count); + int retries = HDLC_TX_BUF_WAIT_RETRIES; size_t i; + int head, tail; + + /* Wait outside the lock for sufficient buffer space. */ + while (retries--) { + /* Pairs with smp_store_release() in hdlc_append(). */ + head = smp_load_acquire(&bg->tx_circ_buf.head); + tail = READ_ONCE(bg->tx_circ_buf.tail); + + if (CIRC_SPACE(head, tail, TX_CIRC_BUF_SIZE) >= needed) + break; + + /* Kick the consumer and sleep — no lock held. */ + schedule_work(&bg->tx_work); + usleep_range(HDLC_TX_BUF_WAIT_US_MIN, HDLC_TX_BUF_WAIT_US_MAX); + } + + if (retries < 0) { + dev_warn_ratelimited(&bg->sd->dev, + "Tx circ buf full, dropping frame\n"); + return; + } spin_lock(&bg->tx_producer_lock); + /* + * Re-check under the lock. Should not fail since + * tx_producer_lock serialises all producers and the + * consumer only frees space, but guard against it. + */ + head = bg->tx_circ_buf.head; + tail = READ_ONCE(bg->tx_circ_buf.tail); + if (unlikely(CIRC_SPACE(head, tail, TX_CIRC_BUF_SIZE) < needed)) { + spin_unlock(&bg->tx_producer_lock); + dev_warn_ratelimited(&bg->sd->dev, + "Tx circ buf space lost, dropping frame\n"); + return; + } + hdlc_append_tx_frame(bg); hdlc_append_tx_u8(bg, address); hdlc_append_tx_u8(bg, control); -- 2.34.1

4 days, 10 hours

[PATCH] greybus: gb-beagleplay: bound bootloader receive buffering

by Pengpeng Hou

cc1352_bootloader_rx() appends each serdev chunk into the fixed rx_buffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may receive multiple packets in one callback, so a single count value is not constrained by one packet length. Check that the incoming chunk fits in the remaining receive buffer space before memcpy(). If it does not, drop the staged data and consume the bytes instead of overflowing rx_buffer. Fixes: 0cf7befa3ea2 ("greybus: gb-beagleplay: Add firmware upload API") Cc: stable(a)vger.kernel.org Signed-off-by: Pengpeng Hou <pengpeng(a)iscas.ac.cn> --- drivers/greybus/gb-beagleplay.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/greybus/gb-beagleplay.c b/drivers/greybus/gb-beagleplay.c index 87186f891a6a..e70787146c4f 100644 --- a/drivers/greybus/gb-beagleplay.c +++ b/drivers/greybus/gb-beagleplay.c @@ -535,6 +535,13 @@ static size_t cc1352_bootloader_rx(struct gb_beagleplay *bg, const u8 *data, int ret; size_t off = 0; + if (count > sizeof(bg->rx_buffer) - bg->rx_buffer_len) { + dev_warn(&bg->sd->dev, + "dropping oversized bootloader receive chunk"); + bg->rx_buffer_len = 0; + return count; + } + memcpy(bg->rx_buffer + bg->rx_buffer_len, data, count); bg->rx_buffer_len += count; -- 2.50.1 (Apple Git-155)

4 days, 12 hours

[PATCH v2 0/2] staging: use bounded formatting helpers in fbtft/greybus

by Yug Merabtene

This small cleanup series replaces open-coded sprintf() usage in a set of staging drivers with helpers intended for bounded and sysfs-safe formatting. Patch 1 updates fbtft logging strings to use scnprintf(). Patch 2 converts Greybus sysfs show paths to sysfs_emit(), including normalizing attributes that were missing a trailing newline. Changes in v2: - resend with corrected author/sender identity (yug.merabtene(a)gmail.com) - no code changes compared to v1 Yug Merabtene (2): staging: fbtft: use scnprintf() for log strings staging: greybus: switch sysfs show paths to sysfs_emit() drivers/staging/fbtft/fbtft-core.c | 8 +++++--- drivers/staging/greybus/arche-apb-ctrl.c | 12 ++++++------ drivers/staging/greybus/arche-platform.c | 10 +++++----- drivers/staging/greybus/audio_manager_module.c | 12 ++++++------ drivers/staging/greybus/gbphy.c | 2 +- drivers/staging/greybus/light.c | 4 ++-- drivers/staging/greybus/loopback.c | 14 +++++++------- 7 files changed, 32 insertions(+), 30 deletions(-) -- 2.34.1

6 days, 21 hours

[PATCH v3] greybus: es2: drop redundant device reference

by Johan Hovold

Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the structures are needed after disconnect. Drop the redundant device reference to reduce cargo culting, make it easier to spot drivers where an extra reference is needed, and reduce the risk of memory leaks when drivers fail to release it. Signed-off-by: Johan Hovold <johan(a)kernel.org> --- This one needs one more spin... Sorry about the mess up. Johan Changes in v3: - drop the leftover usb_dev_put() in early error paths Changes in v2: - drop temporary udev variable as reported by the kernel test robot (W=1 warning) drivers/greybus/es2.c | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/drivers/greybus/es2.c b/drivers/greybus/es2.c index 6ae0ac828afa..75b889fa21b4 100644 --- a/drivers/greybus/es2.c +++ b/drivers/greybus/es2.c @@ -772,7 +772,6 @@ static int check_urb_status(struct urb *urb) static void es2_destroy(struct es2_ap_dev *es2) { - struct usb_device *udev; struct urb *urb; int i; @@ -804,10 +803,7 @@ static void es2_destroy(struct es2_ap_dev *es2) gb_hd_cport_release_reserved(es2->hd, ES2_CPORT_CDSI1); gb_hd_cport_release_reserved(es2->hd, ES2_CPORT_CDSI0); - udev = es2->usb_dev; gb_hd_put(es2->hd); - - usb_put_dev(udev); } static void cport_in_callback(struct urb *urb) @@ -1257,11 +1253,10 @@ static int ap_probe(struct usb_interface *interface, bool bulk_in_found = false; bool arpc_in_found = false; - udev = usb_get_dev(interface_to_usbdev(interface)); + udev = interface_to_usbdev(interface); num_cports = apb_get_cport_count(udev); if (num_cports < 0) { - usb_put_dev(udev); dev_err(&udev->dev, "Cannot retrieve CPort count: %d\n", num_cports); return num_cports; @@ -1269,10 +1264,8 @@ static int ap_probe(struct usb_interface *interface, hd = gb_hd_create(&es2_driver, &udev->dev, ES2_GBUF_MSG_SIZE_MAX, num_cports); - if (IS_ERR(hd)) { - usb_put_dev(udev); + if (IS_ERR(hd)) return PTR_ERR(hd); - } es2 = hd_to_es2(hd); es2->hd = hd; -- 2.52.0

1 week

[PATCH] staging: greybus: audio_manager: Add missing newline to sysfs_emit outputs

by Shivam Gupta

sysfs_emit outputs in audio_manager_module.c do not include a terminating newline, which is required for proper sysfs formatting. Add newline characters to all sysfs_emit format strings. Signed-off-by: Shivam Gupta <shivgupta751157(a)gmail.com> --- drivers/staging/greybus/audio_manager_module.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/drivers/staging/greybus/audio_manager_module.c b/drivers/staging/greybus/audio_manager_module.c index dc90cc2d2308..5737f2a32f5a 100644 --- a/drivers/staging/greybus/audio_manager_module.c +++ b/drivers/staging/greybus/audio_manager_module.c @@ -75,7 +75,7 @@ static void gb_audio_module_release(struct kobject *kobj) static ssize_t gb_audio_module_name_show(struct gb_audio_manager_module *module, struct gb_audio_manager_module_attribute *attr, char *buf) { - return sysfs_emit(buf, "%s", module->desc.name); + return sysfs_emit(buf, "%s\n", module->desc.name); } static struct gb_audio_manager_module_attribute gb_audio_module_name_attribute = @@ -84,7 +84,7 @@ static struct gb_audio_manager_module_attribute gb_audio_module_name_attribute = static ssize_t gb_audio_module_vid_show(struct gb_audio_manager_module *module, struct gb_audio_manager_module_attribute *attr, char *buf) { - return sysfs_emit(buf, "%d", module->desc.vid); + return sysfs_emit(buf, "%d\n", module->desc.vid); } static struct gb_audio_manager_module_attribute gb_audio_module_vid_attribute = @@ -93,7 +93,7 @@ static struct gb_audio_manager_module_attribute gb_audio_module_vid_attribute = static ssize_t gb_audio_module_pid_show(struct gb_audio_manager_module *module, struct gb_audio_manager_module_attribute *attr, char *buf) { - return sysfs_emit(buf, "%d", module->desc.pid); + return sysfs_emit(buf, "%d\n", module->desc.pid); } static struct gb_audio_manager_module_attribute gb_audio_module_pid_attribute = @@ -103,7 +103,7 @@ static ssize_t gb_audio_module_intf_id_show(struct gb_audio_manager_module *modu struct gb_audio_manager_module_attribute *attr, char *buf) { - return sysfs_emit(buf, "%d", module->desc.intf_id); + return sysfs_emit(buf, "%d\n", module->desc.intf_id); } static struct gb_audio_manager_module_attribute @@ -114,7 +114,7 @@ static ssize_t gb_audio_module_ip_devices_show(struct gb_audio_manager_module *m struct gb_audio_manager_module_attribute *attr, char *buf) { - return sysfs_emit(buf, "0x%X", module->desc.ip_devices); + return sysfs_emit(buf, "0x%X\n", module->desc.ip_devices); } static struct gb_audio_manager_module_attribute @@ -125,7 +125,7 @@ static ssize_t gb_audio_module_op_devices_show(struct gb_audio_manager_module *m struct gb_audio_manager_module_attribute *attr, char *buf) { - return sysfs_emit(buf, "0x%X", module->desc.op_devices); + return sysfs_emit(buf, "0x%X\n", module->desc.op_devices); } static struct gb_audio_manager_module_attribute -- 2.34.1

1 week

[PATCH v2] staging: greybus: audio: fix error message for BTN_3 button

by Haoyu Lu

In gbaudio_init_jack(), when setting SND_JACK_BTN_3 key, the error message incorrectly says "Failed to set BTN_0". This should be "Failed to set BTN_3" to match the button being configured. Signed-off-by: Haoyu Lu <hechushiguitu666(a)gmail.com> Reviewed-by: Johan Hovold <johan(a)kernel.org> --- drivers/staging/greybus/audio_codec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/greybus/audio_codec.c b/drivers/staging/greybus/audio_codec.c index 444c53b4e08d..720aa752e17e 100644 --- a/drivers/staging/greybus/audio_codec.c +++ b/drivers/staging/greybus/audio_codec.c @@ -781,7 +781,7 @@ static int gbaudio_init_jack(struct gbaudio_module_info *module, ret = snd_jack_set_key(module->button.jack.jack, SND_JACK_BTN_3, KEY_VOLUMEDOWN); if (ret) { - dev_err(module->dev, "Failed to set BTN_0\n"); + dev_err(module->dev, "Failed to set BTN_3\n"); goto free_jacks; } } -- 2.17.1

1 week

[PATCH] staging: greybus: audio: fix error message for BTN_3 button

by Haoyu Lu

In gbaudio_init_jack(), when setting SND_JACK_BTN_3 key, the error message incorrectly says "Failed to set BTN_0". This should be "Failed to set BTN_3" to match the button being configured. Signed-off-by: Haoyu Lu <hechushiguitu666(a)gmail.com> --- drivers/staging/greybus/audio_codec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/greybus/audio_codec.c b/drivers/staging/greybus/audio_codec.c index 444c53b4e08d..720aa752e17e 100644 --- a/drivers/staging/greybus/audio_codec.c +++ b/drivers/staging/greybus/audio_codec.c @@ -781,7 +781,7 @@ static int gbaudio_init_jack(struct gbaudio_module_info *module, ret = snd_jack_set_key(module->button.jack.jack, SND_JACK_BTN_3, KEY_VOLUMEDOWN); if (ret) { - dev_err(module->dev, "Failed to set BTN_0\n"); + dev_err(module->dev, "Failed to set BTN_3\n"); goto free_jacks; } } -- 2.17.1

1 week

[PATCH] staging: greybus: camera: use scnprintf() for debugfs buffers

by Yug Merabtene

Signed-off-by: Yug Merabtene <yug.merabtene(a)gmail.com> --- drivers/staging/greybus/camera.c | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/drivers/staging/greybus/camera.c b/drivers/staging/greybus/camera.c index 62b55bb28408..2e4968d206d3 100644 --- a/drivers/staging/greybus/camera.c +++ b/drivers/staging/greybus/camera.c @@ -889,9 +889,15 @@ static ssize_t gb_camera_debugfs_capabilities(struct gb_camera *gcam, for (i = 0; i < size; i += 16) { unsigned int nbytes = min_t(unsigned int, size - i, 16); + size_t remain; - buffer->length += sprintf(buffer->data + buffer->length, - "%*ph\n", nbytes, caps + i); + remain = PAGE_SIZE - buffer->length; + if (!remain) + break; + + buffer->length += scnprintf(buffer->data + buffer->length, + remain, "%*ph\n", nbytes, + caps + i); } done: @@ -973,17 +979,19 @@ static ssize_t gb_camera_debugfs_configure_streams(struct gb_camera *gcam, if (ret < 0) goto done; - buffer->length = sprintf(buffer->data, "%u;%u;", nstreams, flags); + buffer->length = scnprintf(buffer->data, PAGE_SIZE, "%u;%u;", nstreams, flags); for (i = 0; i < nstreams; ++i) { struct gb_camera_stream_config *stream = &streams[i]; - buffer->length += sprintf(buffer->data + buffer->length, - "%u;%u;%u;%u;%u;%u;%u;", - stream->width, stream->height, - stream->format, stream->vc, - stream->dt[0], stream->dt[1], - stream->max_size); + if (buffer->length < PAGE_SIZE) + buffer->length += scnprintf(buffer->data + buffer->length, + PAGE_SIZE - buffer->length, + "%u;%u;%u;%u;%u;%u;%u;", + stream->width, stream->height, + stream->format, stream->vc, + stream->dt[0], stream->dt[1], + stream->max_size); } ret = len; @@ -1046,7 +1054,7 @@ static ssize_t gb_camera_debugfs_flush(struct gb_camera *gcam, if (ret < 0) return ret; - buffer->length = sprintf(buffer->data, "%u", req_id); + buffer->length = scnprintf(buffer->data, PAGE_SIZE, "%u", req_id); return len; } -- 2.34.1

1 week

[PATCH] greybus/uart: fix misaligned wait_for_completion_timeout

by loren coomer

Align the second line of wait_for_completion_timeout() with the opening parenthesis. Signed-off-by: Loren Coomer <lorencoom(a)gmail.com>

1 week, 1 day

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

greybus-dev