[PATCH - asihpi 4/6] Mem buffer alloc inside adapter mutex.

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH - asihpi 4/6] Mem buffer alloc inside adapter mutex.
@ 2008-08-22  5:26 linux
  2008-08-22  5:26 ` [PATCH - asihpi 5/6] Avoid null pointer dereference linux
  2008-08-22  6:46 ` [PATCH - asihpi 4/6] Mem buffer alloc inside adapter mutex Takashi Iwai
  0 siblings, 2 replies; 4+ messages in thread
From: linux @ 2008-08-22  5:26 UTC (permalink / raw)
  To: patch; +Cc: Eliot Blennerhassett, alsa-devel

From: Eliot Blennerhassett <eblennerhassett@audioscience.com>


Signed-off-by: Eliot Blennerhassett <eblennerhassett@audioscience.com>

diff --git a/pci/asihpi/hpioctl.c b/pci/asihpi/hpioctl.c
index 8222178..cf7c702 100644
--- a/pci/asihpi/hpioctl.c
+++ b/pci/asihpi/hpioctl.c
@@ -139,7 +139,20 @@ long asihpi_hpi_ioctl(
 	pa = &adapters[hm.wAdapterIndex];
 	hr.wSize = 0;
 	if (hm.wObject == HPI_OBJ_SUBSYSTEM) {
-		HPI_MessageF(&hm, &hr, file);
+		switch (hm.wFunction) {
+		case HPI_SUBSYS_CREATE_ADAPTER:
+		case HPI_SUBSYS_DELETE_ADAPTER:
+			/* Application must not use these functions! */
+			hr.wSize = sizeof(struct hpi_response_header);
+			hr.wError = HPI_ERROR_INVALID_OPERATION;
+			hr.wFunction = hm.wFunction;
+			uncopied_bytes = copy_to_user(phr, &hr, hr.wSize);
+			if (uncopied_bytes)
+				return -EFAULT;
+			return 0;
+		default:
+			HPI_MessageF(&hm, &hr, file);
+		}
 	} else {
 		u16 __user *ptr = NULL;
 		u32 size = 0;
@@ -164,16 +177,6 @@ long asihpi_hpi_ioctl(
 
 		/* Dig out any pointers embedded in the message.  */
 		switch (hm.wFunction) {
-		case HPI_SUBSYS_CREATE_ADAPTER:
-		case HPI_SUBSYS_DELETE_ADAPTER:
-			/* Application must not use these functions! */
-			hr.wSize = sizeof(struct hpi_response_header);
-			hr.wError = HPI_ERROR_INVALID_OPERATION;
-			hr.wFunction = hm.wFunction;
-			uncopied_bytes = copy_to_user(phr, &hr, hr.wSize);
-			if (uncopied_bytes)
-				return -EFAULT;
-			return 0;
 		case HPI_OSTREAM_WRITE:
 		case HPI_ISTREAM_READ:
 			/* Yes, sparse, this is correct. */
@@ -202,6 +205,9 @@ long asihpi_hpi_ioctl(
 						"HPI could not allocate "
 						"stream buffer size %d\n",
 						size);
+
+					mutex_unlock(&adapters[nAdapter].
+						mutex);
 					return -EINVAL;
 				}
 
@@ -216,10 +222,11 @@ long asihpi_hpi_ioctl(
 			break;
 
 		default:
+			size = 0;
 			break;
 		}
 
-		if (wrflag == 0) {
+		if (size && (wrflag == 0)) {
 			uncopied_bytes =
 				copy_from_user(pa->pBuffer, ptr, size);
 			if (uncopied_bytes)
@@ -231,7 +238,7 @@ long asihpi_hpi_ioctl(
 
 		HPI_MessageF(&hm, &hr, file);
 
-		if (wrflag == 1) {
+		if (size && (wrflag == 1)) {
 			uncopied_bytes = copy_to_user(ptr, pa->pBuffer, size);
 			if (uncopied_bytes)
 				HPI_DEBUG_LOG(WARNING,
-- 
1.5.4.3

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH - asihpi 5/6] Avoid null pointer dereference.
  2008-08-22  5:26 [PATCH - asihpi 4/6] Mem buffer alloc inside adapter mutex linux
@ 2008-08-22  5:26 ` linux
  2008-08-22  5:26   ` [PATCH - asihpi 6/6] Return from timer func if XRUN. Avoids read/write of reset stream linux
  2008-08-22  6:46 ` [PATCH - asihpi 4/6] Mem buffer alloc inside adapter mutex Takashi Iwai
  1 sibling, 1 reply; 4+ messages in thread
From: linux @ 2008-08-22  5:26 UTC (permalink / raw)
  To: patch; +Cc: Eliot Blennerhassett, alsa-devel

From: Eliot Blennerhassett <eblennerhassett@audioscience.com>


Signed-off-by: Eliot Blennerhassett <eblennerhassett@audioscience.com>

diff --git a/pci/asihpi/hpi6205.c b/pci/asihpi/hpi6205.c
index daa359d..1654070 100644
--- a/pci/asihpi/hpi6205.c
+++ b/pci/asihpi/hpi6205.c
@@ -2126,6 +2126,9 @@ static short Hpi6205_TransferData(
 	u32 dwTimeOut, dwTemp2;
 	struct bus_master_interface *interface = pHw6205->pInterfaceBuffer;
 
+	if (!pData)
+		return HPI_ERROR_INVALID_DATA_TRANSFER;
+
 	dwDataSize &= ~3L;	/* round dwDataSize down to nearest 4 bytes */
 
 	/* make sure state is IDLE */
-- 
1.5.4.3

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH - asihpi 6/6] Return from timer func if XRUN. Avoids read/write of reset stream.
  2008-08-22  5:26 ` [PATCH - asihpi 5/6] Avoid null pointer dereference linux
@ 2008-08-22  5:26   ` linux
  0 siblings, 0 replies; 4+ messages in thread
From: linux @ 2008-08-22  5:26 UTC (permalink / raw)
  To: patch; +Cc: Eliot Blennerhassett, alsa-devel

From: Eliot Blennerhassett <eblennerhassett@audioscience.com>


Signed-off-by: Eliot Blennerhassett <eblennerhassett@audioscience.com>

diff --git a/pci/asihpi/asihpi.c b/pci/asihpi/asihpi.c
index 584310c..fa0718f 100644
--- a/pci/asihpi/asihpi.c
+++ b/pci/asihpi/asihpi.c
@@ -22,7 +22,7 @@
  *  for any purpose including commercial applications.
  */
 /* >0: print Hw params, timer vars. >1: print stream write/copy sizes  */
-#define REALLY_VERBOSE_LOGGING 0
+#define REALLY_VERBOSE_LOGGING 2
 
 #if REALLY_VERBOSE_LOGGING
 #define VPRINTK1 printk
@@ -483,9 +483,9 @@ static int snd_card_asihpi_pcm_hw_params(struct snd_pcm_substream *substream,
 	if (err)
 		return err;
 
-	VPRINTK1(KERN_INFO "Format %d chan, %d format, %dHz\n",
-				params_channels(params),
-				wFormat, params_rate(params));
+	VPRINTK1(KERN_INFO "Format %d, %d chans, %dHz\n",
+				wFormat,params_channels(params),
+				params_rate(params));
 
 	HPI_HandleError(HPI_FormatCreate(&dpcm->Format, params_channels(params),
 			     wFormat, params_rate(params), 0, 0));
@@ -506,7 +506,9 @@ static int snd_card_asihpi_pcm_hw_params(struct snd_pcm_substream *substream,
 			params_buffer_bytes(params),  runtime->dma_addr);
 		if (err == 0) {
 			snd_printd(KERN_INFO
-					"StreamHostBufferAttach succeeded\n");
+					"StreamHostBufferAttach succeeded %u %u\n",
+						params_buffer_bytes(params),
+						runtime->dma_addr);
 		} else {
 			snd_printd(KERN_INFO
 					"StreamHostBufferAttach error %d\n",
@@ -530,16 +532,8 @@ static int snd_card_asihpi_pcm_hw_params(struct snd_pcm_substream *substream,
 	dpcm->bytes_per_sec = bytes_per_sec;
 	dpcm->pcm_size = params_buffer_bytes(params);
 	dpcm->pcm_count = params_period_bytes(params);
-	snd_printd(KERN_INFO "pcm_size x%x, pcm_count x%x\n",
-			dpcm->pcm_size, dpcm->pcm_count);
-
-#ifdef FORCE_TIMER_JIFFIES
-	if (dpcm->pcm_jiffie_per_period > FORCE_TIMER_JIFFIES) {
-		dpcm->pcm_jiffie_per_period = FORCE_TIMER_JIFFIES;
-		snd_printd(KERN_INFO "Forced timer jiffies to %d\n",
-				FORCE_TIMER_JIFFIES);
-	}
-#endif
+	snd_printd(KERN_INFO "pcm_size x%x, pcm_count x%x, Bps %d\n",
+			dpcm->pcm_size, dpcm->pcm_count, bytes_per_sec);
 
 	dpcm->pcm_irq_pos = 0;
 	dpcm->pcm_buf_pos = 0;
@@ -689,8 +683,6 @@ static void snd_card_asihpi_runtime_free(struct snd_pcm_runtime *runtime)
 	kfree(dpcm);
 }
 
-/***************************** PLAYBACK OPS ****************/
-
 /*algorithm outline
  Without linking degenerates to getting single stream pos etc
  Without mmap 2nd loop degenerates to snd_pcm_period_elapsed
@@ -766,6 +758,7 @@ static void snd_card_asihpi_timer_function(unsigned long data)
 			snd_printd(KERN_WARNING  "OStream %d drained\n",
 					s->number);
 			snd_pcm_stop(s, SNDRV_PCM_STATE_XRUN);
+			return;
 		}
 
 		if (s->stream == SNDRV_PCM_STREAM_PLAYBACK) {
@@ -819,9 +812,10 @@ static void snd_card_asihpi_timer_function(unsigned long data)
 							ds->pcm_count);
 					HPI_HandleError(
 						HPI_OutStreamWriteBuf(
-							phSubSys,
-							ds->hStream,
-							NULL, xfercount,
+							phSubSys, ds->hStream,
+							&s->runtime->
+								dma_area[0],
+							xfercount,
 							&ds->Format));
 				} else {
 					VPRINTK2("Read IS%d x%04x\n",
@@ -841,6 +835,7 @@ static void snd_card_asihpi_timer_function(unsigned long data)
 		add_timer(&dpcm->timer);
 }
 
+/***************************** PLAYBACK OPS ****************/
 static int snd_card_asihpi_playback_ioctl(struct snd_pcm_substream *substream,
 					  unsigned int cmd, void *arg)
 {
@@ -848,8 +843,6 @@ static int snd_card_asihpi_playback_ioctl(struct snd_pcm_substream *substream,
 	return snd_pcm_lib_ioctl(substream, cmd, arg);
 }
 
-
-
 static int snd_card_asihpi_playback_prepare(struct snd_pcm_substream *
 					    substream)
 {
@@ -2893,7 +2886,7 @@ static int __devinit snd_asihpi_probe(struct pci_dev *pci_dev,
 		asihpi->out_max_chans = 2;
 	}
 
-	printk(KERN_INFO "Supports mmap:%d grouping:%d mrx%d\n",
+	printk(KERN_INFO "Supports mmap:%d grouping:%d mrx:%d\n",
 			asihpi->support_mmap,
 			asihpi->support_grouping,
 			asihpi->support_mrx
-- 
1.5.4.3

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH - asihpi 4/6] Mem buffer alloc inside adapter mutex.
  2008-08-22  5:26 [PATCH - asihpi 4/6] Mem buffer alloc inside adapter mutex linux
  2008-08-22  5:26 ` [PATCH - asihpi 5/6] Avoid null pointer dereference linux
@ 2008-08-22  6:46 ` Takashi Iwai
  1 sibling, 0 replies; 4+ messages in thread
From: Takashi Iwai @ 2008-08-22  6:46 UTC (permalink / raw)
  To: linux; +Cc: Eliot Blennerhassett, alsa-devel

At Fri, 22 Aug 2008 17:26:31 +1200,
linux@audioscience.com wrote:
> 
> From: Eliot Blennerhassett <eblennerhassett@audioscience.com>
> 
> 
> Signed-off-by: Eliot Blennerhassett <eblennerhassett@audioscience.com>

Thanks, applied all four (including 7/6 :) patches.


Takashi

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2008-08-22  6:46 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-08-22  5:26 [PATCH - asihpi 4/6] Mem buffer alloc inside adapter mutex linux
2008-08-22  5:26 ` [PATCH - asihpi 5/6] Avoid null pointer dereference linux
2008-08-22  5:26   ` [PATCH - asihpi 6/6] Return from timer func if XRUN. Avoids read/write of reset stream linux
2008-08-22  6:46 ` [PATCH - asihpi 4/6] Mem buffer alloc inside adapter mutex Takashi Iwai

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.