Date: Tue, 10 Feb 2009 20:00:08 GMT From: Hans Petter Selasky <hselasky@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 157504 for review Message-ID: <200902102000.n1AK08AF054148@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=157504 Change 157504 by hselasky@hselasky_laptop001 on 2009/02/10 19:59:22 USB WLAN fixes after Andrew Thompsons diff reduction against the old USB stack. 1) Fix possible NULL pointer access at detach. 2) BAN use of DELAY(), replaced with usb2_pause_mtx() 3) BAN use of delay less loops polling USB hardware. Affected files ... .. //depot/projects/usb/src/sys/dev/usb2/wlan/if_rum2.c#33 edit .. //depot/projects/usb/src/sys/dev/usb2/wlan/if_ural2.c#32 edit .. //depot/projects/usb/src/sys/dev/usb2/wlan/if_zyd2.c#34 edit Differences ... ==== //depot/projects/usb/src/sys/dev/usb2/wlan/if_rum2.c#33 (text+ko) ==== @@ -548,7 +548,7 @@ { struct rum_softc *sc = device_get_softc(self); struct ifnet *ifp = sc->sc_ifp; - struct ieee80211com *ic = ifp->if_l2com; + struct ieee80211com *ic; /* wait for any post attach or other command to complete */ usb2_proc_drain(&sc->sc_tq); @@ -563,6 +563,7 @@ RUM_UNLOCK(sc); if (ifp) { + ic = ifp->if_l2com; bpfdetach(ifp); ieee80211_ifdetach(ic); if_free(ifp); @@ -1480,9 +1481,10 @@ uint32_t tmp; int ntries; - for (ntries = 0; ntries < 5; ntries++) { + for (ntries = 0; ntries != 5; ntries++) { if (!(rum_read(sc, RT2573_PHY_CSR3) & RT2573_BBP_BUSY)) break; + usb2_pause_mtx(&sc->sc_mtx, hz / 1000); } if (ntries == 5) { device_printf(sc->sc_dev, "could not write to BBP\n"); @@ -1499,9 +1501,10 @@ uint32_t val; int ntries; - for (ntries = 0; ntries < 5; ntries++) { + for (ntries = 0; ntries != 5; ntries++) { if (!(rum_read(sc, RT2573_PHY_CSR3) & RT2573_BBP_BUSY)) break; + usb2_pause_mtx(&sc->sc_mtx, hz / 1000); } if (ntries == 5) { device_printf(sc->sc_dev, "could not read BBP\n"); @@ -1511,11 +1514,11 @@ val = RT2573_BBP_BUSY | RT2573_BBP_READ | reg << 8; rum_write(sc, RT2573_PHY_CSR3, val); - for (ntries = 0; ntries < 100; ntries++) { + for (ntries = 0; ntries != 10; ntries++) { val = rum_read(sc, RT2573_PHY_CSR3); if (!(val & RT2573_BBP_BUSY)) return val & 0xff; - DELAY(1); + usb2_pause_mtx(&sc->sc_mtx, hz / 1000); } device_printf(sc->sc_dev, "could not read BBP\n"); @@ -1528,9 +1531,10 @@ uint32_t tmp; int ntries; - for (ntries = 0; ntries < 5; ntries++) { + for (ntries = 0; ntries != 5; ntries++) { if (!(rum_read(sc, RT2573_PHY_CSR4) & RT2573_RF_BUSY)) break; + usb2_pause_mtx(&sc->sc_mtx, hz / 1000); } if (ntries == 5) { device_printf(sc->sc_dev, "could not write to RF\n"); @@ -1726,7 +1730,7 @@ rum_rf_write(sc, RT2573_RF3, rfprog[i].r3 | power << 7); rum_rf_write(sc, RT2573_RF4, rfprog[i].r4 | sc->rffreq << 10); - DELAY(10); + usb2_pause_mtx(&sc->sc_mtx, hz / 1000); /* enable smart mode for MIMO-capable RFs */ bbp3 = rum_bbp_read(sc, 3); @@ -1938,11 +1942,11 @@ int i, ntries; /* wait for BBP to be ready */ - for (ntries = 0; ntries < 100; ntries++) { + for (ntries = 0; ntries != 100; ntries++) { const uint8_t val = rum_bbp_read(sc, 0); if (val != 0 && val != 0xff) break; - DELAY(1000); + usb2_pause_mtx(&sc->sc_mtx, hz / 1000); } if (ntries == 100) { device_printf(sc->sc_dev, "timeout waiting for BBP\n"); @@ -1989,11 +1993,11 @@ rum_write(sc, RT2573_MAC_CSR1, 0); /* wait for BBP/RF to wakeup */ - for (ntries = 0; ntries < 1000; ntries++) { + for (ntries = 0; ntries != 1000; ntries++) { if (rum_read(sc, RT2573_MAC_CSR12) & 8) break; rum_write(sc, RT2573_MAC_CSR12, 4); /* force wakeup */ - DELAY(1000); + usb2_pause_mtx(&sc->sc_mtx, hz / 1000); } if (ntries == 1000) { device_printf(sc->sc_dev, @@ -2212,7 +2216,7 @@ ieee80211_amrr_node_init(&rvp->amrr, &RUM_NODE(ni)->amn, ni); /* XXX WLAN race --hps */ - if (sc->sc_state != IEEE80211_S_INIT) + if (sc->sc_state == IEEE80211_S_RUN) usb2_callout_reset(&rvp->amrr_ch, hz, rum_amrr_timeout, rvp); } @@ -2223,7 +2227,7 @@ struct rum_softc *sc = rvp->sc; /* XXX WLAN race --hps */ - if (sc->sc_state == IEEE80211_S_INIT) + if (sc->sc_state != IEEE80211_S_RUN) return; rum_queue_command(sc, rum_amrr_task, @@ -2252,7 +2256,7 @@ fail = (le32toh(sc->sta[5]) >> 16); /* TX retry-fail count */ /* XXX WLAN race --hps */ - if (sc->sc_state == IEEE80211_S_INIT) + if (sc->sc_state != IEEE80211_S_RUN) return; ieee80211_amrr_tx_update(&RUM_NODE(ni)->amn, ==== //depot/projects/usb/src/sys/dev/usb2/wlan/if_ural2.c#32 (text+ko) ==== @@ -534,7 +534,7 @@ { struct ural_softc *sc = device_get_softc(self); struct ifnet *ifp = sc->sc_ifp; - struct ieee80211com *ic = ifp->if_l2com; + struct ieee80211com *ic; /* wait for any post attach or other command to complete */ usb2_proc_drain(&sc->sc_tq); @@ -549,6 +549,7 @@ RAL_UNLOCK(sc); if (ifp) { + ic = ifp->if_l2com; bpfdetach(ifp); ieee80211_ifdetach(ic); if_free(ifp); @@ -1594,9 +1595,10 @@ uint16_t tmp; int ntries; - for (ntries = 0; ntries < 5; ntries++) { + for (ntries = 0; ntries != 5; ntries++) { if (!(ural_read(sc, RAL_PHY_CSR8) & RAL_BBP_BUSY)) break; + usb2_pause_mtx(&sc->sc_mtx, hz / 1000); } if (ntries == 5) { device_printf(sc->sc_dev, "could not write to BBP\n"); @@ -1616,9 +1618,10 @@ val = RAL_BBP_WRITE | reg << 8; ural_write(sc, RAL_PHY_CSR7, val); - for (ntries = 0; ntries < 5; ntries++) { + for (ntries = 0; ntries != 5; ntries++) { if (!(ural_read(sc, RAL_PHY_CSR8) & RAL_BBP_BUSY)) break; + usb2_pause_mtx(&sc->sc_mtx, hz / 1000); } if (ntries == 5) { device_printf(sc->sc_dev, "could not read BBP\n"); @@ -1634,9 +1637,10 @@ uint32_t tmp; int ntries; - for (ntries = 0; ntries < 5; ntries++) { + for (ntries = 0; ntries != 5; ntries++) { if (!(ural_read(sc, RAL_PHY_CSR10) & RAL_RF_LOBUSY)) break; + usb2_pause_mtx(&sc->sc_mtx, hz / 1000); } if (ntries == 5) { device_printf(sc->sc_dev, "could not write to RF\n"); @@ -1812,7 +1816,8 @@ /* clear CRC errors */ ural_read(sc, RAL_STA_CSR0); - DELAY(10000); + usb2_pause_mtx(&sc->sc_mtx, hz / 100); + ural_disable_rf_tune(sc); } @@ -2034,10 +2039,10 @@ int i, ntries; /* wait for BBP to be ready */ - for (ntries = 0; ntries < 100; ntries++) { + for (ntries = 0; ntries != 100; ntries++) { if (ural_bbp_read(sc, RAL_BBP_VERSION) != 0) break; - DELAY(1000); + usb2_pause_mtx(&sc->sc_mtx, hz / 1000); } if (ntries == 100) { device_printf(sc->sc_dev, "timeout waiting for BBP\n"); @@ -2133,12 +2138,12 @@ ural_write(sc, ural_def_mac[i].reg, ural_def_mac[i].val); /* wait for BBP and RF to wake up (this can take a long time!) */ - for (ntries = 0; ntries < 100; ntries++) { + for (ntries = 0; ntries != 100; ntries++) { tmp = ural_read(sc, RAL_MAC_CSR17); if ((tmp & (RAL_BBP_AWAKE | RAL_RF_AWAKE)) == (RAL_BBP_AWAKE | RAL_RF_AWAKE)) break; - DELAY(1000); + usb2_pause_mtx(&sc->sc_mtx, hz / 1000); } if (ntries == 100) { device_printf(sc->sc_dev, @@ -2298,7 +2303,7 @@ ieee80211_amrr_node_init(&uvp->amrr, &URAL_NODE(ni)->amn, ni); /* XXX WLAN race --hps */ - if (sc->sc_state != IEEE80211_S_INIT) + if (sc->sc_state == IEEE80211_S_RUN) usb2_callout_reset(&uvp->amrr_ch, hz, ural_amrr_timeout, uvp); } @@ -2309,7 +2314,7 @@ struct ural_softc *sc = uvp->sc; /* XXX WLAN race --hps */ - if (sc->sc_state == IEEE80211_S_INIT) + if (sc->sc_state != IEEE80211_S_RUN) return; ural_queue_command(sc, ural_amrr_task, @@ -2338,7 +2343,7 @@ fail = sc->sta[9]; /* TX retry-fail count */ /* XXX WLAN race --hps */ - if (sc->sc_state == IEEE80211_S_INIT) + if (sc->sc_state != IEEE80211_S_RUN) return; ieee80211_amrr_tx_update(&URAL_NODE(ni)->amn, ==== //depot/projects/usb/src/sys/dev/usb2/wlan/if_zyd2.c#34 (text+ko) ==== @@ -441,7 +441,7 @@ { struct zyd_softc *sc = device_get_softc(dev); struct ifnet *ifp = sc->sc_ifp; - struct ieee80211com *ic = ifp->if_l2com; + struct ieee80211com *ic; /* wait for any post attach or other command to complete */ usb2_proc_drain(&sc->sc_tq); @@ -454,6 +454,7 @@ zyd_unsetup_tx_list(sc); if (ifp) { + ic = ifp->if_l2com; bpfdetach(ifp); ieee80211_ifdetach(ic); if_free(ifp);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200902102000.n1AK08AF054148>