I've got a custom piece of FPGA logic which I've implemented a functioning char driver for, and I'm trying to get it to work as a network driver as well now. I'm following along as best I can using the LDD book, snull code, and loopback.c, dummy.c, and other drivers from the kernel as examples.
The code I've got below (obviously ripped out of the larger file) is the networking driver code I have so far; I can successfully insmod, and "ifconfig optical0" shows that my MTU & flags are correct so I know at least it's being registered.
Now I'm trying to implement the struct net_device's private field (void* priv) to store stats and other things in, and it's resulting in segfaults. Here's the code so far:
struct serdes_device {
struct serdes_regs __iomem *regs;
struct serdes_dma *tx_dma,
*rx_dma;
struct device *dev;
struct net_device *netdev;
struct resource serdes_res;
struct cdev cdev;
int major, minor;
int tx_kbps;
int rx_kbps;
};
struct optical_priv {
struct serdes_device *serdes_dev;
struct net_device_stats stats;
};
static const struct net_device_ops optical_netdev_ops = {
.ndo_get_stats = optical_stats,
.ndo_start_xmit = optical_xmit,
/* and so on, not including the ops functions for brevity */
};
void optical_setup(struct net_device *dev)
{
dev->netdev_ops = &optical_netdev_ops;
dev->destructor = free_netdev;
dev->tx_queue_len = 1;
dev->type = ARPHRD_NONE;
dev->hard_header_len = SERDES_FRAME_HEADER_LENGTH;
dev->mtu = SERDES_FRAME_TOTAL_LENGTH;
dev->addr_len = 0;
dev->flags &= ~IFF_BROADCAST;
/* more flags & features cut */
}
static int optical_init(struct net_device *netdev)
{
int err;
struct optical_priv *priv;
netdev = alloc_netdev(sizeof(struct optical_priv), "optical%d", optical_setup);
if (!netdev)
return -ENOMEM;
err = register_netdev(netdev);
if (err < 0)
goto err;
priv = netdev_priv(netdev);
printk(KERN_WARNING "priv is at address 0x%p\n", priv);
return 0;
err:
free_netdev(netdev);
return err;
}
static int serdes_of_probe(struct platform_device *op)
{
struct serdes_device *serdes_dev;
struct optical_priv *priv;
int err = 0;
serdes_dev = kzalloc(sizeof(struct serdes_device), GFP_KERNEL);
/* A bunch of unrelated openfirmware & cdev code removed. */
err = optical_init(serdes_dev->netdev);
if (err < 0)
dev_err(serdes_dev->dev, "Error %d initing optical link\n", err);
priv = netdev_priv(serdes_dev->netdev);
if (!priv)
dev_err(serdes_dev->dev, "priv is null... \n");
dev_info(serdes_dev->dev, "priv is at 0x%p\n", priv);
dev_info(&op->dev, "Done probing.\n");
return 0;
out_free_serdes:
kfree(serdes_dev);
out_return:
return err;
}
So as I understand it, I'm allocating space for and initializing my serdes device (which I know works as a char driver). Then I call optical_init which allocs, registers, and configures serdes_dev->netdev. alloc_netdev is supposed to allocate room for the (void *)priv field as well which is why sizeof(struct optical_priv) is passed in.
The output after insmod of the two print statements in there look like this:
priv is at address 0xdd2de500
priv is at 0x00000500
Done probing.
and obviously trying to access priv in any way after that causes a segfault. I think my confusion is about why netdev_priv() returns the two different values when called from the two different functions-- shouldn't it be allocated and correct anytime after alloc_netdev?
e: I think I'm also confusing myself by looking for examples in too many drivers, from too many eras, steeped in the history of hardware and kernel APIs past... if anyone has a good basic driver recommendation for me to start with, I'm more than happy reading code to learn.
I think that the problem is here:
err = optical_init(serdes_dev->netdev);
You are passing an invalid pointer to a netdev structure. Then in optical_init() you change the local value of the pointer with:
netdev = alloc_netdev(sizeof(struct optical_priv), "optical%d", optical_setup);
Now you have a valid pointer to a struct net_device. But this pointer value does not apply to the serdes_dev->netdev variable but only locally in optical_init(). In consequence of this, also the pointer to priv is invalid. Here a little example that show the issue:
#include <stdio.h>
#include <stdlib.h>
struct test {
int first;
int *second;
};
void allocate_memory(int *ptr)
{
ptr = malloc(10);
printf("while allocating %p\n", ptr);
}
int main(void) {
struct test *p1;
p1= malloc(sizeof(struct test));
printf("before %p\n", p1->second);
allocate_memory(p1->second);
printf("after %p\n", p1->second);
free(p1);
free(p2);
return EXIT_SUCCESS;
}
The output is:
before (nil)
while allocating 0x23ee030
after (nil)
Related
I am attempting to implement my own version of a semaphore into a linux vm and am running into a crash when I attempt to lock a spinlock inside the down function. Using GDB I found that the down is called immediately after the create function so the problem is definitely there.
Here is the create function:
asmlinkage long sys_create(int value, char name[32], char key[32]){
struct sem *new_sem = (struct sem*) kmalloc(sizeof(struct sem), GFP_ATOMIC);
struct sem_node *new_sem_node = (struct sem_node*) kmalloc(sizeof(struct sem_node), GFP_ATOMIC);
struct sem_node *curr_sem = sem_list_head;
new_sem_node->sem = new_sem;
spin_lock(&sem_lock);
new_sem->sem_id = IDcntr++;
spin_lock_init(&(new_sem->lock));
strncpy(new_sem->key, key, 32);
strncpy(new_sem->name, name, 32);
if(curr_sem == NULL)
{
sem_list_head = new_sem_node;
}
else
{
while(curr_sem->next != NULL)
{
curr_sem = curr_sem->next;
}
curr_sem->next = new_sem_node;
}
spin_unlock(&sem_lock);
return new_sem->sem_id;
}
Functions spin_lock, spin_unlock, and spin_lock_init are working as intended. The down function calls:
spin_lock(&(sem_list_head->sem->lock));
right at the beginning and freezes. To be more specific, in the gdb terminal, I try and get to the next line and it stops and in the actual machine it's completely stopped. No other functions are called between the create and down function. Below is the header file that defines the sem_node, process_node, and sem objects used in the create and down functions:
int IDcntr = 1;
DEFINE_SPINLOCK(sem_lock);
struct sem_node
{
struct sem* sem;
struct sem_node* next;
};
struct process_node
{
struct process_node* next;
struct task_struct* task;
};
struct sem
{
int value;
long sem_id;
spinlock_t lock;
char key[32];
char name[32];
struct process_node* head;
struct process_node* tail;
};
struct sem_node* sem_list_head = NULL;
Through independent testing the function DEFINE_SPINLOCK and object spinlock_t are working as intended. After thorough debugging the problem is in the create function. I freely admit that I am still learning how semaphores work so chances are I didn't set variables correctly or define things correctly. Any help in pointing me the right way would be greatly appreciated.
Hi i have a watchdog linux driver as below:
struct omap_wdt_dev {
struct watchdog_device wdev;
struct device *dev;
void __iomem *base_addr;
uint32_t ttgr_pattern;
};
static int omap_wdt_start(struct watchdog_device *wdev)
{
struct omap_wdt_dev *omap_wdev = watchdog_get_drvdata(wdev);
/*...*/
omap_wdt_reload(omap_wdev);
return 0;
}
static int omap_wdt_plf_probe(struct platform_device *pdev)
{
struct omap_wdt_dev *omap_wdev;
omap_wdev = kzalloc(sizeof(*omap_wdev), GFP_KERNEL);
watchdog_set_drvdata(wdev, (void *)omap_wdev);
/*...*/
return 0;
}
In this code, they have created a struct omap_wdt_dev which have a watchdog_deviceinside it. Then in probe function omap_wdt_plf_probe, they use a void pointer inside watchdog_device to point to "wdev" by the function:watchdog_set_drvdata(wdev, (void *)omap_wdev). Then in function omap_wdt_start which have input parameter is a watchdog_device, they get the omap_wdt_dev from watchdog_device to use omap_wdt_dev.
I see this technical, use a void pointer to contain the data of a struct, is used frequently in linux kernel, but i do not know the name of this technique.
Can you explain me more about it and show me some another technique which is used in linux kernel ?
The following function doesn't work. pin_thread_function sometimes receive garbage instead of the struct data. What is wrong? I know that is some basic scope related problem, but I can't explain.
typedef void (*state_callback_t)(int state);
struct pin_thread_params
{
char pin[3 + 1];
state_callback_t callback_onchange;
};
extern int pin_monitor_create(const char * pin,
state_callback_t callback_onchange)
{
int ret;
unsigned long int thread;
struct pin_thread_params params;
//Setup struct
strcpy(params.pin, "123");
params.callback_onchange = callback_onchange;
//Create thread with struc as parameter
ret = pthread_create(&thread, NULL, pin_thread_function, ¶ms);
if (!ret)
{
ret = pthread_detach(thread);
}
return ret;
}
static void * pin_thread_function(void * context)
{
struct pin_thread_params params;
memcpy(¶ms, context, sizeof(params));
//Sometimes the correct string, most time garbage
printf("Started monitoring %s", params.pin);
}
When params is malloc'ed before pthread_create, everything works fine, like this:
...
struct pin_thread_params * params;
//Setup struct with malloc
params = malloc(sizeof(struct pin_thread_params));
strcpy(params->pin, "123");
params->callback_onchange = callback_onchange;
...
struct pin_thread_params params is statically allocated and the address of it is not safe to use once the scope of it is over (i.e. after pin_monitor_create has returned). It may happen that sometimes the thread execution starts before the pin_monitor_create has exited and you see the valid data in params. However, the dynamically allocated memory is from heap and will be usable until you free it, so you always get valid data in params within pin_thread_function .
I'm not particularly knowledgeable about pthreads (can't just comment quite yet), but you are passing a pointer to stack allocated memory to the thread which will eventually be clobbered by proceeding function calls.
I'm making an ioctl call from C++ into a driver I don't own/maintain, and I'm trying to sort out if there's a clean, "safe-ish" mechanism to deal with some of the ugly struct allocation required.
Slimmed down version of some structures involved
// IOCTL expects an instance of this structure "first"
typedef struct {
int param1;
int param2;
} s_ioctl_request;
//... followed by an instance of this. If attr_length
// is > sizeof(s_attr_header), more data is allowed to follow.
typedef struct {
uint32_t attr_length;
uint32_t attr_type;
} s_attr_header;
// Example that uses more data than just the header.
typedef struct {
s_attr_header hdr;
uint32_t attr_param;
} s_attr_type1;
// Another example.
typedef struct {
s_attr_header hdr;
uint32_t attr_param1;
uint32_t attr_param2;
} s_attr_type2;
The ioctl requires that s_ioctl_request be immediately followed by an s_attr_header, or other struct containing it, where attr_length is set to the size of the outer struct in bytes.
In C, to write a wrapper for the ioctl it would be done via something along these lines:
int do_ugly_ioctl(int fd, int p1, int p2, s_attr_header * attr)
{
int res;
// Allocate enough memory for both structures.
s_ioctl_request *req = malloc( sizeof(*req) + attr->hdr.attr_length );
// Copy the 2nd, (variable length) structure after the first.
memcpy( ((char*)req) + sizeof(*req), attr, attr->hdr.attr_length);
// Modify params as necessary
req->param1 = p1;
req->param2 = p2;
// Make the driver call, free mem, and return result.
res = ioctl(fd, SOME_IOCTL_ID, req);
free(req);
return res;
}
// Example invocation.
s_attr_type1 a1;
a1.hdr.attr_length = sizeof(a1);
a1.hdr.attr_type = 1;
do_ugly_ioctl(fd, 10, 20, &a1);
A couple options I'm thinking of, are:
Throw modern C++-isms out the window, and do exactly what I've shown above.
Allocate the storage with a std::vector, then do ugly casts with the resulting std::vector::data() pointer so at least I'm not doing new[] / delete[] or malloc / free.
Create a unique wrapper method for each s_attr_type* that uses its own "special" struct. This seems "safest", i.e. least likely for the user of the wrapper method to screw it up. And bonus points, allows pass-by-ref.
Method #3 example:
int do_ugly_ioctl(fd, int param1, int param2, s_attr_type2& attr){
struct RequestData {
s_ioctl_request ioreq;
s_attr_type2 attr;
};
RequestData r;
r.ioreq.param1 = param1;
r.ioreq.param2 = param2;
r.attr = attr;
r.attr.hdr.attr_length = sizeof(attr); // Might as well enforce this here.
ioctl(fd, SOME_IOCTL_ID, (void*) &r);
}
So I guess some questions here are:
Is it "worth it" to C++-ize a solution to this problem? (as opposed to relying on the more error-prone C impl).
If I go with method #3 or similar, is there anything that I can do with <type_traits> to make a template of this function and only accept structs with an s_attr_header as the first member?
Any other brilliant ideas?
Totally worth it, and your solution is quite nice.
You might want to declare your structures as packed (there are compiler extensions to achieve this) to avoid having extra padding when combining multiple structures.
You can also set the size of the structure within the constructor.
struct RequestData
{
RequestData() : ioreq{}, attr{}
{
attr.hdr.attr_length = sizeof(attr);
}
s_ioctl_request ioreq;
s_attr_type2 attr;
};
concerning your second question, you could split the assignment in two, it's not too nice but it's easy and if you pass something without a correct header, it will lead to a compiler error:
template<typename Attr>
int do_ugly_ioctl(fd, int param1, int param2, Attr& attr){
struct RequestData {
s_ioctl_request ioreq;
Attr attr;
};
RequestData r;
r.ioreq.param1 = param1;
r.ioreq.param2 = param2;
s_attr_header hdr = Attr.hdr; //this will lead to compilation error if the type is not what we expect
(void) hdr;
r.attr = attr;
r.attr.hdr.attr_length = sizeof(attr); // Might as well enforce this here.
ioctl(fd, SOME_IOCTL_ID, (void*) &r);
}
how can i correctly send a struct from the server to the client in ansi-c sun-rpc?
in my test.x IDL file i defined a struct cluster with a string and an int
and a type clusters which is a variable-length array of cluster elements:
struct cluster {
string name<255>;
int debuglevel;
};
typedef cluster clusters<32>;
i then changed the stubs generated by rpcgen like
test_server.c
clusters *
test_1_svc(void *argp, struct svc_req *rqstp)
{
static clusters result;
cluster cl1, cl2;
cl1.name="cl1";
cl1.debuglevel="1";
cl2.name="cl2";
cl2.debuglevel="2";
cluster clist[2];
clist[0]=cl1;
clist[1]=cl2;
result.clusters_len = 2;
result.clusters_val = &clist;
/*
* insert server code here
*/
return(&result);
}
and test_client.c
test_prog_1( char* host )
{
CLIENT *clnt;
clusters *result_1;
char* test_1_arg;
clnt = clnt_create(host, test_PROG, test_VERS, "udp");
if (clnt == NULL) {
clnt_pcreateerror(host);
exit(1);
}
result_1 = test_1((void*)&test_1_arg, clnt);
if (result_1 == NULL) {
clusters* rec_cls = malloc(2*sizeof(struct cluster));
if(xdr_clusters(&result_1, rec_cls)){
printf("got xdr_clusters");
}
clnt_perror(clnt, "call failed:");
}
clnt_destroy( clnt );
}
Both compile, but the server often segfaults after one or two request runs by the client and on the clientside the xdr_clusters function never returns true. It seems like some kind of memory mismanagement and I'm also not sure if I'm handling the serialization on the server-side correctly.
I just filled result.clusters_len and result.clusters_val with the appropiate values like they are defined in test.h (by rpcgen):
typedef struct {
u_int clusters_len;
cluster *clusters_val;
} clusters;
Do I have to make use of xdr_clusters on the server side for this to correctly serialize the result?
thank you
okay, i figured my mistakes, lets summarize them:
know how to initialize an int correctly (without the quotes of course...)
forget about that clist nonsense, just malloc the internal pointer of the result struct directly
read the damn compiler warnings: when it tells you, that there are functions declared implicitly and you didn't want implicit declarations, then there is possibly something missing, in my case i needed to include stdlib.h and stdio.h to get malloc, printf and exit functions for server and client stubs.
on the clientside: why should we do anything except throwing an error if the result is NULL? see the new client code below to check correct result printing
test_server.c
test_1_svc(void *argp, struct svc_req *rqstp){
static clusters result;
cluster cl1, cl2;
cl1.name="cl1";
cl1.debuglevel=1;
cl2.name="cl2";
cl2.debuglevel=2;
result.clusters_len = 2;
result.clusters_val = malloc(2*sizeof(struct cluster));
result.clusters_val[0]=cl1;
result.clusters_val[1]=cl2;
return(&result);
}
test_client.c
test_prog_1( char* host )
{
CLIENT *clnt;
clusters *result_1;
char* test_1_arg;
clnt = clnt_create(host, test_PROG, test_VERS, "udp");
if (clnt == NULL) {
clnt_pcreateerror(host);
exit(1);
}
result_1 = test_1((void*)&test_1_arg, clnt);
if (result_1 == NULL) {
clnt_perror(clnt, "call failed:");
}else{
printf("I got %d cluster structs in an array\n",result_1->clusters_len);
int j;
for(j=0;j<result_1->clusters_len;j++){
printf("cluster #%d: %s#runlevel %d\n",j,result_1->clusters_val[j].name,result_1->clusters_val[j].debuglevel);
}
}
clnt_destroy( clnt );
}
as a result, we get some nice values on the clientside printed
and of course no segfaults anymore on the serverside:
lars$ ./test_client localhost
I got 2 cluster structs in an array
cluster #0: cl1#runlevel 1
cluster #1: cl2#runlevel 2