Commit 3ccb1600 authored by Viresh Kumar's avatar Viresh Kumar Committed by Johan Hovold

greybus: svc: reject invalid state requests

The request sequence for SVC protocol is fixed at least upto SVC_HELLO
request. The first request has to be Protocol Version, followed by
SVC_HELLO. Any other request can follow them, but these two.

Add another field in 'struct gb_svc' that keeps track of current state
of the protocol driver. It tracks only upto SVC_HELLO, as we don't need
to track later ones.

Also add a comment, about the order in which the requests are allowed
and why a race can't happen while accessing 'state'.

This removes the WARN_ON() in gb_svc_hello() as we track state
transition with 'state' field.

This also fixes a crash, when the hotplug request is received before
fully initializing the svc connection. The crash mostly happens while
accessing svc->connection->bundle, which is NULL, but can happen at
other places too, as svc connection isn't fully initialized.
Reported-by: default avatarJohan Hovold <johan@hovoldconsulting.com>
Signed-off-by: default avatarViresh Kumar <viresh.kumar@linaro.org>
[johan: add 0x-prefix to warning message ]
Signed-off-by: default avatarJohan Hovold <johan@hovoldconsulting.com>
parent f66427ad
...@@ -15,8 +15,15 @@ ...@@ -15,8 +15,15 @@
#define CPORT_FLAGS_CSD_N (2) #define CPORT_FLAGS_CSD_N (2)
#define CPORT_FLAGS_CSV_N (4) #define CPORT_FLAGS_CSV_N (4)
enum gb_svc_state {
GB_SVC_STATE_RESET,
GB_SVC_STATE_PROTOCOL_VERSION,
GB_SVC_STATE_SVC_HELLO,
};
struct gb_svc { struct gb_svc {
struct gb_connection *connection; struct gb_connection *connection;
enum gb_svc_state state;
}; };
struct svc_hotplug { struct svc_hotplug {
...@@ -226,9 +233,6 @@ static int gb_svc_hello(struct gb_operation *op) ...@@ -226,9 +233,6 @@ static int gb_svc_hello(struct gb_operation *op)
u8 interface_id; u8 interface_id;
int ret; int ret;
/* Hello message should be received only during early bootup */
WARN_ON(hd->initial_svc_connection != connection);
/* /*
* SVC sends information about the endo and interface-id on the hello * SVC sends information about the endo and interface-id on the hello
* request, use that to create an endo. * request, use that to create an endo.
...@@ -452,11 +456,53 @@ static int gb_svc_intf_reset_recv(struct gb_operation *op) ...@@ -452,11 +456,53 @@ static int gb_svc_intf_reset_recv(struct gb_operation *op)
static int gb_svc_request_recv(u8 type, struct gb_operation *op) static int gb_svc_request_recv(u8 type, struct gb_operation *op)
{ {
struct gb_connection *connection = op->connection;
struct gb_svc *svc = connection->private;
int ret = 0;
/*
* SVC requests need to follow a specific order (at least initially) and
* below code takes care of enforcing that. The expected order is:
* - PROTOCOL_VERSION
* - SVC_HELLO
* - Any other request, but the earlier two.
*
* Incoming requests are guaranteed to be serialized and so we don't
* need to protect 'state' for any races.
*/
switch (type) { switch (type) {
case GB_REQUEST_TYPE_PROTOCOL_VERSION: case GB_REQUEST_TYPE_PROTOCOL_VERSION:
return gb_svc_version_request(op); if (svc->state != GB_SVC_STATE_RESET)
ret = -EINVAL;
break;
case GB_SVC_TYPE_SVC_HELLO: case GB_SVC_TYPE_SVC_HELLO:
return gb_svc_hello(op); if (svc->state != GB_SVC_STATE_PROTOCOL_VERSION)
ret = -EINVAL;
break;
default:
if (svc->state != GB_SVC_STATE_SVC_HELLO)
ret = -EINVAL;
break;
}
if (ret) {
dev_warn(&connection->dev,
"unexpected SVC request 0x%02x received (state %u)\n",
type, svc->state);
return ret;
}
switch (type) {
case GB_REQUEST_TYPE_PROTOCOL_VERSION:
ret = gb_svc_version_request(op);
if (!ret)
svc->state = GB_SVC_STATE_PROTOCOL_VERSION;
return ret;
case GB_SVC_TYPE_SVC_HELLO:
ret = gb_svc_hello(op);
if (!ret)
svc->state = GB_SVC_STATE_SVC_HELLO;
return ret;
case GB_SVC_TYPE_INTF_HOTPLUG: case GB_SVC_TYPE_INTF_HOTPLUG:
return gb_svc_intf_hotplug_recv(op); return gb_svc_intf_hotplug_recv(op);
case GB_SVC_TYPE_INTF_HOT_UNPLUG: case GB_SVC_TYPE_INTF_HOT_UNPLUG:
...@@ -479,6 +525,7 @@ static int gb_svc_connection_init(struct gb_connection *connection) ...@@ -479,6 +525,7 @@ static int gb_svc_connection_init(struct gb_connection *connection)
return -ENOMEM; return -ENOMEM;
connection->hd->svc = svc; connection->hd->svc = svc;
svc->state = GB_SVC_STATE_RESET;
svc->connection = connection; svc->connection = connection;
connection->private = svc; connection->private = svc;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment