From 0f2357dba59d9078091b06f1455a00245eca1508 Mon Sep 17 00:00:00 2001 From: Jason Yan Date: Mon, 18 Feb 2019 16:04:03 +0800 Subject: [PATCH] ipmi: fix BT reset for a while when cmd timeout euler inclusion category: bugfix bugzilla: 7565 CVE: NA ---------------------- [Changelog]: fix ipmi bt infinite loop when insmod with BMC broken [Author]:zhengshaoyu Signed-off-by: Jason Yan [yan: cherry-picked from kernel-3.4] Signed-off-by: Jason Yan Reviewed-by: zhengbin Signed-off-by: Yang Yingliang --- drivers/char/ipmi/ipmi_bt_sm.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/drivers/char/ipmi/ipmi_bt_sm.c b/drivers/char/ipmi/ipmi_bt_sm.c index 97d6856c9c0f..64bfbe1e3786 100644 --- a/drivers/char/ipmi/ipmi_bt_sm.c +++ b/drivers/char/ipmi/ipmi_bt_sm.c @@ -86,6 +86,7 @@ struct si_sm_data { enum bt_states complete; /* to divert the state machine */ long BT_CAP_req2rsp; int BT_CAP_retries; /* Recommended retries */ + int init; }; #define BT_CLR_WR_PTR 0x01 /* See IPMI 1.5 table 11.6.4 */ @@ -414,8 +415,8 @@ static enum si_sm_result error_recovery(struct si_sm_data *bt, if (!bt->nonzero_status) printk(KERN_ERR "IPMI BT: stuck, try power cycle\n"); - /* this is most likely during insmod */ - else if (bt->seq <= (unsigned char)(bt->BT_CAP_retries & 0xFF)) { + /* only during insmod */ + else if (!bt->init) { printk(KERN_WARNING "IPMI: BT reset (takes 5 secs)\n"); bt->state = BT_STATE_RESET1; return SI_SM_CALL_WITHOUT_DELAY; @@ -560,6 +561,10 @@ static enum si_sm_result bt_event(struct si_sm_data *bt, long time) BT_STATE_CHANGE(BT_STATE_READ_WAIT, SI_SM_CALL_WITHOUT_DELAY); bt->state = bt->complete; + + if (!bt->init && bt->seq) + bt->init = 1; + return bt->state == BT_STATE_IDLE ? /* where to next? */ SI_SM_TRANSACTION_COMPLETE : /* normal */ SI_SM_CALL_WITHOUT_DELAY; /* Startup magic */ -- GitLab