ia64/xen-unstable

changeset 9118:0f368e70b4eb

VTPM fixes:
- fixes a problem in the vTPM backend where the timer was killed when
the timer function was run
- removes a variable from being put in the ring by the frontend
- reformatting due to indent tool running over some of the files

Has been tested with the vtpm-relevant parts of xm-test.

Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
author kaf24@firebug.cl.cam.ac.uk
date Fri Mar 03 10:55:11 2006 +0100 (2006-03-03)
parents ec7802acc8c9
children 7eafbed44734
files linux-2.6-xen-sparse/drivers/xen/tpmback/interface.c linux-2.6-xen-sparse/drivers/xen/tpmback/tpmback.c linux-2.6-xen-sparse/drivers/xen/tpmfront/tpmfront.c xen/include/public/io/tpmif.h
line diff
     1.1 --- a/linux-2.6-xen-sparse/drivers/xen/tpmback/interface.c	Fri Mar 03 10:53:58 2006 +0100
     1.2 +++ b/linux-2.6-xen-sparse/drivers/xen/tpmback/interface.c	Fri Mar 03 10:55:11 2006 +0100
     1.3 @@ -19,8 +19,7 @@ int num_frontends = 0;
     1.4  
     1.5  LIST_HEAD(tpmif_list);
     1.6  
     1.7 -tpmif_t *
     1.8 -alloc_tpmif(domid_t domid, long int instance)
     1.9 +static tpmif_t *alloc_tpmif(domid_t domid, long int instance)
    1.10  {
    1.11  	struct page *page;
    1.12  	tpmif_t *tpmif;
    1.13 @@ -45,16 +44,14 @@ alloc_tpmif(domid_t domid, long int inst
    1.14  	return tpmif;
    1.15  }
    1.16  
    1.17 -void
    1.18 -free_tpmif(tpmif_t * tpmif)
    1.19 +static void free_tpmif(tpmif_t * tpmif)
    1.20  {
    1.21  	num_frontends--;
    1.22  	list_del(&tpmif->tpmif_list);
    1.23  	kmem_cache_free(tpmif_cachep, tpmif);
    1.24  }
    1.25  
    1.26 -tpmif_t *
    1.27 -tpmif_find(domid_t domid, long int instance)
    1.28 +tpmif_t *tpmif_find(domid_t domid, long int instance)
    1.29  {
    1.30  	tpmif_t *tpmif;
    1.31  
    1.32 @@ -72,8 +69,7 @@ tpmif_find(domid_t domid, long int insta
    1.33  	return alloc_tpmif(domid, instance);
    1.34  }
    1.35  
    1.36 -static int
    1.37 -map_frontend_page(tpmif_t *tpmif, unsigned long shared_page)
    1.38 +static int map_frontend_page(tpmif_t *tpmif, unsigned long shared_page)
    1.39  {
    1.40  	int ret;
    1.41  	struct gnttab_map_grant_ref op = {
    1.42 @@ -99,8 +95,7 @@ map_frontend_page(tpmif_t *tpmif, unsign
    1.43  	return 0;
    1.44  }
    1.45  
    1.46 -static void
    1.47 -unmap_frontend_page(tpmif_t *tpmif)
    1.48 +static void unmap_frontend_page(tpmif_t *tpmif)
    1.49  {
    1.50  	struct gnttab_unmap_grant_ref op;
    1.51  	int ret;
    1.52 @@ -115,14 +110,14 @@ unmap_frontend_page(tpmif_t *tpmif)
    1.53  	BUG_ON(ret);
    1.54  }
    1.55  
    1.56 -int
    1.57 -tpmif_map(tpmif_t *tpmif, unsigned long shared_page, unsigned int evtchn)
    1.58 +int tpmif_map(tpmif_t *tpmif, unsigned long shared_page, unsigned int evtchn)
    1.59  {
    1.60  	int err;
    1.61  	evtchn_op_t op = {
    1.62  		.cmd = EVTCHNOP_bind_interdomain,
    1.63  		.u.bind_interdomain.remote_dom = tpmif->domid,
    1.64 -		.u.bind_interdomain.remote_port = evtchn };
    1.65 +		.u.bind_interdomain.remote_port = evtchn,
    1.66 +        };
    1.67  
    1.68          if (tpmif->irq) {
    1.69                  return 0;
    1.70 @@ -156,8 +151,7 @@ tpmif_map(tpmif_t *tpmif, unsigned long 
    1.71  	return 0;
    1.72  }
    1.73  
    1.74 -static void
    1.75 -__tpmif_disconnect_complete(void *arg)
    1.76 +static void __tpmif_disconnect_complete(void *arg)
    1.77  {
    1.78  	tpmif_t *tpmif = (tpmif_t *) arg;
    1.79  
    1.80 @@ -172,22 +166,19 @@ static void
    1.81  	free_tpmif(tpmif);
    1.82  }
    1.83  
    1.84 -void
    1.85 -tpmif_disconnect_complete(tpmif_t * tpmif)
    1.86 +void tpmif_disconnect_complete(tpmif_t * tpmif)
    1.87  {
    1.88  	INIT_WORK(&tpmif->work, __tpmif_disconnect_complete, (void *)tpmif);
    1.89  	schedule_work(&tpmif->work);
    1.90  }
    1.91  
    1.92 -void __init
    1.93 -tpmif_interface_init(void)
    1.94 +void __init tpmif_interface_init(void)
    1.95  {
    1.96  	tpmif_cachep = kmem_cache_create("tpmif_cache", sizeof (tpmif_t),
    1.97  					 0, 0, NULL, NULL);
    1.98  }
    1.99  
   1.100 -void __init
   1.101 -tpmif_interface_exit(void)
   1.102 +void __init tpmif_interface_exit(void)
   1.103  {
   1.104  	kmem_cache_destroy(tpmif_cachep);
   1.105  }
     2.1 --- a/linux-2.6-xen-sparse/drivers/xen/tpmback/tpmback.c	Fri Mar 03 10:53:58 2006 +0100
     2.2 +++ b/linux-2.6-xen-sparse/drivers/xen/tpmback/tpmback.c	Fri Mar 03 10:55:11 2006 +0100
     2.3 @@ -22,17 +22,23 @@
     2.4  #include <xen/xenbus.h>
     2.5  #include <xen/interface/grant_table.h>
     2.6  
     2.7 -
     2.8  /* local data structures */
     2.9  struct data_exchange {
    2.10  	struct list_head pending_pak;
    2.11  	struct list_head current_pak;
    2.12  	unsigned int copied_so_far;
    2.13  	u8 has_opener;
    2.14 -	rwlock_t pak_lock;  // protects all of the previous fields
    2.15 +	rwlock_t pak_lock;	// protects all of the previous fields
    2.16  	wait_queue_head_t wait_queue;
    2.17  };
    2.18  
    2.19 +struct vtpm_resp_hdr {
    2.20 +	uint32_t instance_no;
    2.21 +	uint16_t tag_no;
    2.22 +	uint32_t len_no;
    2.23 +	uint32_t ordinal_no;
    2.24 +} __attribute__ ((packed));
    2.25 +
    2.26  struct packet {
    2.27  	struct list_head next;
    2.28  	unsigned int data_len;
    2.29 @@ -50,36 +56,43 @@ enum {
    2.30  	PACKET_FLAG_CHECK_RESPONSESTATUS = 2,
    2.31  };
    2.32  
    2.33 +/* local variables */
    2.34  static struct data_exchange dataex;
    2.35  
    2.36  /* local function prototypes */
    2.37 -static int vtpm_queue_packet(struct packet *pak);
    2.38  static int _packet_write(struct packet *pak,
    2.39 -                         const char *data, size_t size,
    2.40 -                         int userbuffer);
    2.41 +			 const char *data, size_t size, int userbuffer);
    2.42  static void processing_timeout(unsigned long ptr);
    2.43 -static int  packet_read_shmem(struct packet *pak,
    2.44 -                              tpmif_t *tpmif,
    2.45 -                              u32 offset,
    2.46 -                              char *buffer,
    2.47 -                              int isuserbuffer,
    2.48 -                              u32 left);
    2.49 -
    2.50 +static int packet_read_shmem(struct packet *pak,
    2.51 +			     tpmif_t * tpmif,
    2.52 +			     u32 offset,
    2.53 +			     char *buffer, int isuserbuffer, u32 left);
    2.54 +static int vtpm_queue_packet(struct packet *pak);
    2.55  
    2.56  #define MIN(x,y)  (x) < (y) ? (x) : (y)
    2.57  
    2.58 -
    2.59  /***************************************************************
    2.60 - Buffer copying
    2.61 + Buffer copying fo user and kernel space buffes.
    2.62  ***************************************************************/
    2.63 -static inline int
    2.64 -copy_from_buffer(void *to,
    2.65 -                 const void *from,
    2.66 -                 unsigned long size,
    2.67 -                 int userbuffer)
    2.68 +static inline int copy_from_buffer(void *to,
    2.69 +				   const void *from, unsigned long size,
    2.70 +				   int isuserbuffer)
    2.71  {
    2.72 -	if (userbuffer) {
    2.73 -		if (copy_from_user(to, from, size))
    2.74 +	if (isuserbuffer) {
    2.75 +		if (copy_from_user(to, (void __user *)from, size))
    2.76 +			return -EFAULT;
    2.77 +	} else {
    2.78 +		memcpy(to, from, size);
    2.79 +	}
    2.80 +	return 0;
    2.81 +}
    2.82 +
    2.83 +static inline int copy_to_buffer(void *to,
    2.84 +				 const void *from, unsigned long size,
    2.85 +				 int isuserbuffer)
    2.86 +{
    2.87 +	if (isuserbuffer) {
    2.88 +		if (copy_to_user((void __user *)to, from, size))
    2.89  			return -EFAULT;
    2.90  	} else {
    2.91  		memcpy(to, from, size);
    2.92 @@ -91,17 +104,19 @@ copy_from_buffer(void *to,
    2.93   Packet-related functions
    2.94  ***************************************************************/
    2.95  
    2.96 -static struct packet *
    2.97 -packet_find_instance(struct list_head *head, u32 tpm_instance)
    2.98 +static struct packet *packet_find_instance(struct list_head *head,
    2.99 +					   u32 tpm_instance)
   2.100  {
   2.101  	struct packet *pak;
   2.102  	struct list_head *p;
   2.103 +
   2.104  	/*
   2.105  	 * traverse the list of packets and return the first
   2.106  	 * one with the given instance number
   2.107  	 */
   2.108  	list_for_each(p, head) {
   2.109  		pak = list_entry(p, struct packet, next);
   2.110 +
   2.111  		if (pak->tpm_instance == tpm_instance) {
   2.112  			return pak;
   2.113  		}
   2.114 @@ -109,17 +124,18 @@ packet_find_instance(struct list_head *h
   2.115  	return NULL;
   2.116  }
   2.117  
   2.118 -static struct packet *
   2.119 -packet_find_packet(struct list_head *head, void *packet)
   2.120 +static struct packet *packet_find_packet(struct list_head *head, void *packet)
   2.121  {
   2.122  	struct packet *pak;
   2.123  	struct list_head *p;
   2.124 +
   2.125  	/*
   2.126  	 * traverse the list of packets and return the first
   2.127  	 * one with the given instance number
   2.128  	 */
   2.129  	list_for_each(p, head) {
   2.130  		pak = list_entry(p, struct packet, next);
   2.131 +
   2.132  		if (pak == packet) {
   2.133  			return pak;
   2.134  		}
   2.135 @@ -127,22 +143,20 @@ packet_find_packet(struct list_head *hea
   2.136  	return NULL;
   2.137  }
   2.138  
   2.139 -static struct packet *
   2.140 -packet_alloc(tpmif_t *tpmif, u32 size, u8 req_tag, u8 flags)
   2.141 +static struct packet *packet_alloc(tpmif_t * tpmif,
   2.142 +				   u32 size, u8 req_tag, u8 flags)
   2.143  {
   2.144  	struct packet *pak = NULL;
   2.145 -	pak = kmalloc(sizeof(struct packet),
   2.146 -                      GFP_KERNEL);
   2.147 +	pak = kzalloc(sizeof (struct packet), GFP_KERNEL);
   2.148  	if (NULL != pak) {
   2.149 -		memset(pak, 0x0, sizeof(*pak));
   2.150  		if (tpmif) {
   2.151  			pak->tpmif = tpmif;
   2.152  			pak->tpm_instance = tpmif->tpm_instance;
   2.153  		}
   2.154 -		pak->data_len  = size;
   2.155 -		pak->req_tag   = req_tag;
   2.156 +		pak->data_len = size;
   2.157 +		pak->req_tag = req_tag;
   2.158  		pak->last_read = 0;
   2.159 -		pak->flags     = flags;
   2.160 +		pak->flags = flags;
   2.161  
   2.162  		/*
   2.163  		 * cannot do tpmif_get(tpmif); bad things happen
   2.164 @@ -155,16 +169,16 @@ packet_alloc(tpmif_t *tpmif, u32 size, u
   2.165  	return pak;
   2.166  }
   2.167  
   2.168 -static void inline
   2.169 -packet_reset(struct packet *pak)
   2.170 +static void inline packet_reset(struct packet *pak)
   2.171  {
   2.172  	pak->last_read = 0;
   2.173  }
   2.174  
   2.175 -static void inline
   2.176 -packet_free(struct packet *pak)
   2.177 +static void packet_free(struct packet *pak)
   2.178  {
   2.179 -	del_singleshot_timer_sync(&pak->processing_timer);
   2.180 +	if (timer_pending(&pak->processing_timer)) {
   2.181 +		BUG();
   2.182 +	}
   2.183  	kfree(pak->data_buffer);
   2.184  	/*
   2.185  	 * cannot do tpmif_put(pak->tpmif); bad things happen
   2.186 @@ -173,13 +187,13 @@ packet_free(struct packet *pak)
   2.187  	kfree(pak);
   2.188  }
   2.189  
   2.190 -static int
   2.191 -packet_set(struct packet *pak,
   2.192 -           const unsigned char *buffer, u32 size)
   2.193 +static int packet_set(struct packet *pak,
   2.194 +		      const unsigned char *buffer, u32 size)
   2.195  {
   2.196  	int rc = 0;
   2.197  	unsigned char *buf = kmalloc(size, GFP_KERNEL);
   2.198 -	if (NULL != buf) {
   2.199 +
   2.200 +	if (buf) {
   2.201  		pak->data_buffer = buf;
   2.202  		memcpy(buf, buffer, size);
   2.203  		pak->data_len = size;
   2.204 @@ -189,27 +203,21 @@ packet_set(struct packet *pak,
   2.205  	return rc;
   2.206  }
   2.207  
   2.208 -
   2.209  /*
   2.210   * Write data to the shared memory and send it to the FE.
   2.211   */
   2.212 -static int
   2.213 -packet_write(struct packet *pak,
   2.214 -             const char *data, size_t size,
   2.215 -             int userbuffer)
   2.216 +static int packet_write(struct packet *pak,
   2.217 +			const char *data, size_t size, int isuserbuffer)
   2.218  {
   2.219  	int rc = 0;
   2.220  
   2.221 -	DPRINTK("Supposed to send %d bytes to front-end!\n",
   2.222 -	        size);
   2.223 -
   2.224 -	if (0 != (pak->flags & PACKET_FLAG_CHECK_RESPONSESTATUS)) {
   2.225 +	if ((pak->flags & PACKET_FLAG_CHECK_RESPONSESTATUS)) {
   2.226  #ifdef CONFIG_XEN_TPMDEV_CLOSE_IF_VTPM_FAILS
   2.227  		u32 res;
   2.228 +
   2.229  		if (copy_from_buffer(&res,
   2.230 -		                     &data[2+4],
   2.231 -		                     sizeof(res),
   2.232 -		                     userbuffer)) {
   2.233 +				     &data[2 + 4], sizeof (res),
   2.234 +				     isuserbuffer)) {
   2.235  			return -EFAULT;
   2.236  		}
   2.237  
   2.238 @@ -230,17 +238,14 @@ packet_write(struct packet *pak,
   2.239  		/* Don't send a respone to this packet. Just acknowledge it. */
   2.240  		rc = size;
   2.241  	} else {
   2.242 -		rc = _packet_write(pak, data, size, userbuffer);
   2.243 +		rc = _packet_write(pak, data, size, isuserbuffer);
   2.244  	}
   2.245  
   2.246  	return rc;
   2.247  }
   2.248  
   2.249 -
   2.250 -static int
   2.251 -_packet_write(struct packet *pak,
   2.252 -              const char *data, size_t size,
   2.253 -              int userbuffer)
   2.254 +int _packet_write(struct packet *pak,
   2.255 +		  const char *data, size_t size, int isuserbuffer)
   2.256  {
   2.257  	/*
   2.258  	 * Write into the shared memory pages directly
   2.259 @@ -254,7 +259,7 @@ static int
   2.260  
   2.261  	if (tpmif == NULL) {
   2.262  		return -EFAULT;
   2.263 -        }
   2.264 +	}
   2.265  
   2.266  	if (tpmif->status == DISCONNECTED) {
   2.267  		return size;
   2.268 @@ -273,16 +278,13 @@ static int
   2.269  			return 0;
   2.270  		}
   2.271  
   2.272 -		map_op.host_addr  = MMAP_VADDR(tpmif, i);
   2.273 -		map_op.flags      = GNTMAP_host_map;
   2.274 -		map_op.ref        = tx->ref;
   2.275 -		map_op.dom        = tpmif->domid;
   2.276 +		map_op.host_addr = MMAP_VADDR(tpmif, i);
   2.277 +		map_op.flags = GNTMAP_host_map;
   2.278 +		map_op.ref = tx->ref;
   2.279 +		map_op.dom = tpmif->domid;
   2.280  
   2.281 -		if(unlikely(
   2.282 -		    HYPERVISOR_grant_table_op(
   2.283 -		        GNTTABOP_map_grant_ref,
   2.284 -		        &map_op,
   2.285 -		        1))) {
   2.286 +		if (unlikely(HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref,
   2.287 +						       &map_op, 1))) {
   2.288  			BUG();
   2.289  		}
   2.290  
   2.291 @@ -292,28 +294,27 @@ static int
   2.292  			DPRINTK(" Grant table operation failure !\n");
   2.293  			return 0;
   2.294  		}
   2.295 -		set_phys_to_machine(__pa(MMAP_VADDR(tpmif,i)) >> PAGE_SHIFT,
   2.296 -			FOREIGN_FRAME(map_op.dev_bus_addr >> PAGE_SHIFT));
   2.297 +		set_phys_to_machine(__pa(MMAP_VADDR(tpmif, i)) >> PAGE_SHIFT,
   2.298 +				    FOREIGN_FRAME(map_op.
   2.299 +						  dev_bus_addr >> PAGE_SHIFT));
   2.300  
   2.301  		tocopy = MIN(size - offset, PAGE_SIZE);
   2.302  
   2.303 -		if (copy_from_buffer((void *)(MMAP_VADDR(tpmif,i)|
   2.304 -		                     (tx->addr & ~PAGE_MASK)),
   2.305 -		                     &data[offset],
   2.306 -		                     tocopy,
   2.307 -		                     userbuffer)) {
   2.308 +		if (copy_from_buffer((void *)(MMAP_VADDR(tpmif, i) |
   2.309 +					      (tx->addr & ~PAGE_MASK)),
   2.310 +				     &data[offset], tocopy, isuserbuffer)) {
   2.311  			tpmif_put(tpmif);
   2.312  			return -EFAULT;
   2.313  		}
   2.314  		tx->size = tocopy;
   2.315  
   2.316 -		unmap_op.host_addr    = MMAP_VADDR(tpmif, i);
   2.317 -		unmap_op.handle       = handle;
   2.318 +		unmap_op.host_addr = MMAP_VADDR(tpmif, i);
   2.319 +		unmap_op.handle = handle;
   2.320  		unmap_op.dev_bus_addr = 0;
   2.321  
   2.322 -		if(unlikely(HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref,
   2.323 -		                                      &unmap_op,
   2.324 -		                                      1))) {
   2.325 +		if (unlikely
   2.326 +		    (HYPERVISOR_grant_table_op
   2.327 +		     (GNTTABOP_unmap_grant_ref, &unmap_op, 1))) {
   2.328  			BUG();
   2.329  		}
   2.330  
   2.331 @@ -322,8 +323,7 @@ static int
   2.332  	}
   2.333  
   2.334  	rc = offset;
   2.335 -	DPRINTK("Notifying frontend via irq %d\n",
   2.336 -	        tpmif->irq);
   2.337 +	DPRINTK("Notifying frontend via irq %d\n", tpmif->irq);
   2.338  	notify_remote_via_irq(tpmif->irq);
   2.339  
   2.340  	return rc;
   2.341 @@ -334,26 +334,19 @@ static int
   2.342   * provided buffer. Advance the read_last indicator which tells
   2.343   * how many bytes have already been read.
   2.344   */
   2.345 -static int
   2.346 -packet_read(struct packet *pak, size_t numbytes,
   2.347 -            char *buffer, size_t buffersize,
   2.348 -            int userbuffer)
   2.349 +static int packet_read(struct packet *pak, size_t numbytes,
   2.350 +		       char *buffer, size_t buffersize, int isuserbuffer)
   2.351  {
   2.352  	tpmif_t *tpmif = pak->tpmif;
   2.353 +
   2.354  	/*
   2.355 -	 * I am supposed to read 'numbytes' of data from the
   2.356 -	 * buffer.
   2.357 -	 * The first 4 bytes that are read are the instance number in
   2.358 -	 * network byte order, after that comes the data from the
   2.359 -	 * shared memory buffer.
   2.360 +	 * Read 'numbytes' of data from the buffer. The first 4
   2.361 +	 * bytes are the instance number in network byte order,
   2.362 +	 * after that come the data from the shared memory buffer.
   2.363  	 */
   2.364  	u32 to_copy;
   2.365  	u32 offset = 0;
   2.366  	u32 room_left = buffersize;
   2.367 -	/*
   2.368 -	 * Ensure that we see the request when we copy it.
   2.369 -	 */
   2.370 -	mb();
   2.371  
   2.372  	if (pak->last_read < 4) {
   2.373  		/*
   2.374 @@ -361,18 +354,13 @@ packet_read(struct packet *pak, size_t n
   2.375  		 */
   2.376  		u32 instance_no = htonl(pak->tpm_instance);
   2.377  		u32 last_read = pak->last_read;
   2.378 +
   2.379  		to_copy = MIN(4 - last_read, numbytes);
   2.380  
   2.381 -		if (userbuffer) {
   2.382 -			if (copy_to_user(&buffer[0],
   2.383 -			                 &(((u8 *)&instance_no)[last_read]),
   2.384 -			                 to_copy)) {
   2.385 -				return -EFAULT;
   2.386 -			}
   2.387 -		} else {
   2.388 -			memcpy(&buffer[0],
   2.389 -			       &(((u8 *)&instance_no)[last_read]),
   2.390 -			       to_copy);
   2.391 +		if (copy_to_buffer(&buffer[0],
   2.392 +				   &(((u8 *) & instance_no)[last_read]),
   2.393 +				   to_copy, isuserbuffer)) {
   2.394 +			return -EFAULT;
   2.395  		}
   2.396  
   2.397  		pak->last_read += to_copy;
   2.398 @@ -388,39 +376,30 @@ packet_read(struct packet *pak, size_t n
   2.399  		if (pak->data_buffer) {
   2.400  			u32 to_copy = MIN(pak->data_len - offset, room_left);
   2.401  			u32 last_read = pak->last_read - 4;
   2.402 -			if (userbuffer) {
   2.403 -				if (copy_to_user(&buffer[offset],
   2.404 -				                 &pak->data_buffer[last_read],
   2.405 -				                 to_copy)) {
   2.406 -					return -EFAULT;
   2.407 -				}
   2.408 -			} else {
   2.409 -				memcpy(&buffer[offset],
   2.410 -				       &pak->data_buffer[last_read],
   2.411 -				       to_copy);
   2.412 +
   2.413 +			if (copy_to_buffer(&buffer[offset],
   2.414 +					   &pak->data_buffer[last_read],
   2.415 +					   to_copy, isuserbuffer)) {
   2.416 +				return -EFAULT;
   2.417  			}
   2.418  			pak->last_read += to_copy;
   2.419  			offset += to_copy;
   2.420  		} else {
   2.421  			offset = packet_read_shmem(pak,
   2.422 -			                           tpmif,
   2.423 -			                           offset,
   2.424 -			                           buffer,
   2.425 -			                           userbuffer,
   2.426 -			                           room_left);
   2.427 +						   tpmif,
   2.428 +						   offset,
   2.429 +						   buffer,
   2.430 +						   isuserbuffer, room_left);
   2.431  		}
   2.432  	}
   2.433  	return offset;
   2.434  }
   2.435  
   2.436 -
   2.437 -static int
   2.438 -packet_read_shmem(struct packet *pak,
   2.439 -                  tpmif_t *tpmif,
   2.440 -                  u32 offset,
   2.441 -                  char *buffer,
   2.442 -                  int isuserbuffer,
   2.443 -                  u32 room_left) {
   2.444 +static int packet_read_shmem(struct packet *pak,
   2.445 +			     tpmif_t * tpmif,
   2.446 +			     u32 offset, char *buffer, int isuserbuffer,
   2.447 +			     u32 room_left)
   2.448 +{
   2.449  	u32 last_read = pak->last_read - 4;
   2.450  	u32 i = (last_read / PAGE_SIZE);
   2.451  	u32 pg_offset = last_read & (PAGE_SIZE - 1);
   2.452 @@ -428,6 +407,7 @@ packet_read_shmem(struct packet *pak,
   2.453  	grant_handle_t handle;
   2.454  
   2.455  	tpmif_tx_request_t *tx;
   2.456 +
   2.457  	tx = &tpmif->tx->ring[0].req;
   2.458  	/*
   2.459  	 * Start copying data at the page with index 'index'
   2.460 @@ -443,13 +423,12 @@ packet_read_shmem(struct packet *pak,
   2.461  		tx = &tpmif->tx->ring[i].req;
   2.462  
   2.463  		map_op.host_addr = MMAP_VADDR(tpmif, i);
   2.464 -		map_op.flags     = GNTMAP_host_map;
   2.465 -		map_op.ref       = tx->ref;
   2.466 -		map_op.dom       = tpmif->domid;
   2.467 +		map_op.flags = GNTMAP_host_map;
   2.468 +		map_op.ref = tx->ref;
   2.469 +		map_op.dom = tpmif->domid;
   2.470  
   2.471 -		if(unlikely(HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref,
   2.472 -		                                      &map_op,
   2.473 -		                                      1))) {
   2.474 +		if (unlikely(HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref,
   2.475 +						       &map_op, 1))) {
   2.476  			BUG();
   2.477  		}
   2.478  
   2.479 @@ -462,41 +441,33 @@ packet_read_shmem(struct packet *pak,
   2.480  
   2.481  		if (to_copy > tx->size) {
   2.482  			/*
   2.483 -			 * This is the case when the user wants to read more
   2.484 -			 * than what we have. So we just give him what we
   2.485 -			 * have.
   2.486 +			 * User requests more than what's available
   2.487  			 */
   2.488  			to_copy = MIN(tx->size, to_copy);
   2.489  		}
   2.490  
   2.491  		DPRINTK("Copying from mapped memory at %08lx\n",
   2.492 -		        (unsigned long)(MMAP_VADDR(tpmif,i) |
   2.493 -			(tx->addr & ~PAGE_MASK)));
   2.494 +			(unsigned long)(MMAP_VADDR(tpmif, i) |
   2.495 +					(tx->addr & ~PAGE_MASK)));
   2.496  
   2.497 -		src = (void *)(MMAP_VADDR(tpmif,i) | ((tx->addr & ~PAGE_MASK) + pg_offset));
   2.498 -		if (isuserbuffer) {
   2.499 -			if (copy_to_user(&buffer[offset],
   2.500 -			                 src,
   2.501 -			                 to_copy)) {
   2.502 -				return -EFAULT;
   2.503 -			}
   2.504 -		} else {
   2.505 -			memcpy(&buffer[offset],
   2.506 -			       src,
   2.507 -			       to_copy);
   2.508 +		src = (void *)(MMAP_VADDR(tpmif, i) |
   2.509 +			       ((tx->addr & ~PAGE_MASK) + pg_offset));
   2.510 +		if (copy_to_buffer(&buffer[offset],
   2.511 +				   src, to_copy, isuserbuffer)) {
   2.512 +			return -EFAULT;
   2.513  		}
   2.514  
   2.515 -
   2.516  		DPRINTK("Data from TPM-FE of domain %d are %d %d %d %d\n",
   2.517 -		        tpmif->domid, buffer[offset], buffer[offset+1],buffer[offset+2],buffer[offset+3]);
   2.518 +			tpmif->domid, buffer[offset], buffer[offset + 1],
   2.519 +			buffer[offset + 2], buffer[offset + 3]);
   2.520  
   2.521 -		unmap_op.host_addr    = MMAP_VADDR(tpmif, i);
   2.522 -		unmap_op.handle       = handle;
   2.523 +		unmap_op.host_addr = MMAP_VADDR(tpmif, i);
   2.524 +		unmap_op.handle = handle;
   2.525  		unmap_op.dev_bus_addr = 0;
   2.526  
   2.527 -		if(unlikely(HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref,
   2.528 -		                                      &unmap_op,
   2.529 -		                                      1))) {
   2.530 +		if (unlikely
   2.531 +		    (HYPERVISOR_grant_table_op
   2.532 +		     (GNTTABOP_unmap_grant_ref, &unmap_op, 1))) {
   2.533  			BUG();
   2.534  		}
   2.535  
   2.536 @@ -507,7 +478,7 @@ packet_read_shmem(struct packet *pak,
   2.537  
   2.538  		to_copy = MIN(PAGE_SIZE, room_left);
   2.539  		i++;
   2.540 -	} /* while (to_copy > 0) */
   2.541 +	}			/* while (to_copy > 0) */
   2.542  	/*
   2.543  	 * Adjust the last_read pointer
   2.544  	 */
   2.545 @@ -515,13 +486,11 @@ packet_read_shmem(struct packet *pak,
   2.546  	return offset;
   2.547  }
   2.548  
   2.549 -
   2.550  /* ============================================================
   2.551   * The file layer for reading data from this device
   2.552   * ============================================================
   2.553   */
   2.554 -static int
   2.555 -vtpm_op_open(struct inode *inode, struct file *f)
   2.556 +static int vtpm_op_open(struct inode *inode, struct file *f)
   2.557  {
   2.558  	int rc = 0;
   2.559  	unsigned long flags;
   2.560 @@ -536,9 +505,8 @@ vtpm_op_open(struct inode *inode, struct
   2.561  	return rc;
   2.562  }
   2.563  
   2.564 -static ssize_t
   2.565 -vtpm_op_read(struct file *file,
   2.566 -	     char __user * data, size_t size, loff_t * offset)
   2.567 +static ssize_t vtpm_op_read(struct file *file,
   2.568 +			    char __user * data, size_t size, loff_t * offset)
   2.569  {
   2.570  	int ret_size = -ENODATA;
   2.571  	struct packet *pak = NULL;
   2.572 @@ -549,7 +517,7 @@ vtpm_op_read(struct file *file,
   2.573  	if (list_empty(&dataex.pending_pak)) {
   2.574  		write_unlock_irqrestore(&dataex.pak_lock, flags);
   2.575  		wait_event_interruptible(dataex.wait_queue,
   2.576 -		                         !list_empty(&dataex.pending_pak));
   2.577 +					 !list_empty(&dataex.pending_pak));
   2.578  		write_lock_irqsave(&dataex.pak_lock, flags);
   2.579  	}
   2.580  
   2.581 @@ -561,7 +529,7 @@ vtpm_op_read(struct file *file,
   2.582  
   2.583  		DPRINTK("size given by app: %d, available: %d\n", size, left);
   2.584  
   2.585 -		ret_size = MIN(size,left);
   2.586 +		ret_size = MIN(size, left);
   2.587  
   2.588  		ret_size = packet_read(pak, ret_size, data, size, 1);
   2.589  		if (ret_size < 0) {
   2.590 @@ -574,7 +542,8 @@ vtpm_op_read(struct file *file,
   2.591  				DPRINTK("All data from this packet given to app.\n");
   2.592  				/* All data given to app */
   2.593  
   2.594 -				del_singleshot_timer_sync(&pak->processing_timer);
   2.595 +				del_singleshot_timer_sync(&pak->
   2.596 +							  processing_timer);
   2.597  				list_del(&pak->next);
   2.598  				list_add_tail(&pak->next, &dataex.current_pak);
   2.599  				/*
   2.600 @@ -582,7 +551,7 @@ vtpm_op_read(struct file *file,
   2.601  				 * the more time we give the TPM to process the request.
   2.602  				 */
   2.603  				mod_timer(&pak->processing_timer,
   2.604 -				          jiffies + (num_frontends * 60 * HZ));
   2.605 +					  jiffies + (num_frontends * 60 * HZ));
   2.606  				dataex.copied_so_far = 0;
   2.607  			}
   2.608  		}
   2.609 @@ -597,16 +566,15 @@ vtpm_op_read(struct file *file,
   2.610  /*
   2.611   * Write operation - only works after a previous read operation!
   2.612   */
   2.613 -static ssize_t
   2.614 -vtpm_op_write(struct file *file, const char __user * data, size_t size,
   2.615 -	      loff_t * offset)
   2.616 +static ssize_t vtpm_op_write(struct file *file,
   2.617 +			     const char __user * data, size_t size,
   2.618 +			     loff_t * offset)
   2.619  {
   2.620  	struct packet *pak;
   2.621  	int rc = 0;
   2.622  	unsigned int off = 4;
   2.623  	unsigned long flags;
   2.624 -	u32 instance_no = 0;
   2.625 -	u32 len_no = 0;
   2.626 +	struct vtpm_resp_hdr vrh;
   2.627  
   2.628  	/*
   2.629  	 * Minimum required packet size is:
   2.630 @@ -616,45 +584,38 @@ vtpm_op_write(struct file *file, const c
   2.631  	 * 4 bytes for the ordinal
   2.632  	 * sum: 14 bytes
   2.633  	 */
   2.634 -	if ( size < off + 10 ) {
   2.635 +	if (size < sizeof (vrh))
   2.636  		return -EFAULT;
   2.637 -	}
   2.638  
   2.639 -	if (copy_from_user(&instance_no,
   2.640 -	                   (void __user *)&data[0],
   2.641 -	                   4)) {
   2.642 +	if (copy_from_user(&vrh, data, sizeof (vrh)))
   2.643 +		return -EFAULT;
   2.644 +
   2.645 +	/* malformed packet? */
   2.646 +	if ((off + ntohl(vrh.len_no)) != size)
   2.647 +		return -EFAULT;
   2.648 +
   2.649 +	write_lock_irqsave(&dataex.pak_lock, flags);
   2.650 +	pak = packet_find_instance(&dataex.current_pak,
   2.651 +				   ntohl(vrh.instance_no));
   2.652 +
   2.653 +	if (pak == NULL) {
   2.654 +		write_unlock_irqrestore(&dataex.pak_lock, flags);
   2.655 +		printk(KERN_ALERT "No associated packet! (inst=%d)\n",
   2.656 +		       ntohl(vrh.instance_no));
   2.657  		return -EFAULT;
   2.658  	}
   2.659  
   2.660 -	if (copy_from_user(&len_no,
   2.661 -	                   (void __user *)&data[off+2],
   2.662 -	                   4) ||
   2.663 -	    (off + ntohl(len_no) != size)) {
   2.664 -		return -EFAULT;
   2.665 -	}
   2.666 -
   2.667 -	write_lock_irqsave(&dataex.pak_lock, flags);
   2.668 -	pak = packet_find_instance(&dataex.current_pak, ntohl(instance_no));
   2.669 -
   2.670 -	if (pak == NULL) {
   2.671 -		write_unlock_irqrestore(&dataex.pak_lock, flags);
   2.672 -		printk(KERN_ALERT "No associated packet!\n");
   2.673 -		return -EFAULT;
   2.674 -	} else {
   2.675 -		del_singleshot_timer_sync(&pak->processing_timer);
   2.676 -		list_del(&pak->next);
   2.677 -	}
   2.678 +	del_singleshot_timer_sync(&pak->processing_timer);
   2.679 +	list_del(&pak->next);
   2.680  
   2.681  	write_unlock_irqrestore(&dataex.pak_lock, flags);
   2.682  
   2.683  	/*
   2.684 -	 * The first 'offset' bytes must be the instance number.
   2.685 -	 * I will just pull that from the packet.
   2.686 +	 * The first 'offset' bytes must be the instance number - skip them.
   2.687  	 */
   2.688  	size -= off;
   2.689 -	data = &data[off];
   2.690  
   2.691 -	rc = packet_write(pak, data, size, 1);
   2.692 +	rc = packet_write(pak, &data[off], size, 1);
   2.693  
   2.694  	if (rc > 0) {
   2.695  		/* I neglected the first 4 bytes */
   2.696 @@ -664,10 +625,10 @@ vtpm_op_write(struct file *file, const c
   2.697  	return rc;
   2.698  }
   2.699  
   2.700 -static int
   2.701 -vtpm_op_release(struct inode *inode, struct file *file)
   2.702 +static int vtpm_op_release(struct inode *inode, struct file *file)
   2.703  {
   2.704  	unsigned long flags;
   2.705 +
   2.706  	vtpm_release_packets(NULL, 1);
   2.707  	write_lock_irqsave(&dataex.pak_lock, flags);
   2.708  	dataex.has_opener = 0;
   2.709 @@ -675,10 +636,11 @@ vtpm_op_release(struct inode *inode, str
   2.710  	return 0;
   2.711  }
   2.712  
   2.713 -static unsigned int
   2.714 -vtpm_op_poll(struct file *file, struct poll_table_struct *pts)
   2.715 +static unsigned int vtpm_op_poll(struct file *file,
   2.716 +				 struct poll_table_struct *pts)
   2.717  {
   2.718  	unsigned int flags = POLLOUT | POLLWRNORM;
   2.719 +
   2.720  	poll_wait(file, &dataex.wait_queue, pts);
   2.721  	if (!list_empty(&dataex.pending_pak)) {
   2.722  		flags |= POLLIN | POLLRDNORM;
   2.723 @@ -696,54 +658,47 @@ static struct file_operations vtpm_ops =
   2.724  	.poll = vtpm_op_poll,
   2.725  };
   2.726  
   2.727 -static struct miscdevice ibmvtpms_miscdevice = {
   2.728 +static struct miscdevice vtpms_miscdevice = {
   2.729  	.minor = 225,
   2.730  	.name = "vtpm",
   2.731  	.fops = &vtpm_ops,
   2.732  };
   2.733  
   2.734 -
   2.735  /***************************************************************
   2.736   Virtual TPM functions and data stuctures
   2.737  ***************************************************************/
   2.738  
   2.739  static u8 create_cmd[] = {
   2.740 -        1,193,		/* 0: TPM_TAG_RQU_COMMAMD */
   2.741 -        0,0,0,19,	/* 2: length */
   2.742 -        0,0,0,0x1,	/* 6: VTPM_ORD_OPEN */
   2.743 -        0,		/* 10: VTPM type */
   2.744 -        0,0,0,0,	/* 11: domain id */
   2.745 -        0,0,0,0		/* 15: instance id */
   2.746 +	1, 193,			/* 0: TPM_TAG_RQU_COMMAMD */
   2.747 +	0, 0, 0, 19,		/* 2: length */
   2.748 +	0, 0, 0, 0x1,		/* 6: VTPM_ORD_OPEN */
   2.749 +	0,			/* 10: VTPM type */
   2.750 +	0, 0, 0, 0,		/* 11: domain id */
   2.751 +	0, 0, 0, 0		/* 15: instance id */
   2.752  };
   2.753  
   2.754 -static u8 destroy_cmd[] = {
   2.755 -        1,193,		/* 0: TPM_TAG_RQU_COMMAMD */
   2.756 -        0,0,0,14,	/* 2: length */
   2.757 -        0,0,0,0x2,	/* 6: VTPM_ORD_CLOSE */
   2.758 -        0,0,0,0		/* 10: instance id */
   2.759 -};
   2.760 -
   2.761 -int tpmif_vtpm_open(tpmif_t *tpmif, domid_t domid, u32 instance)
   2.762 +int tpmif_vtpm_open(tpmif_t * tpmif, domid_t domid, u32 instance)
   2.763  {
   2.764  	int rc = 0;
   2.765  	struct packet *pak;
   2.766  
   2.767  	pak = packet_alloc(tpmif,
   2.768 -	                   sizeof(create_cmd),
   2.769 -	                   create_cmd[0],
   2.770 -	                   PACKET_FLAG_DISCARD_RESPONSE|
   2.771 -	                   PACKET_FLAG_CHECK_RESPONSESTATUS);
   2.772 +			   sizeof (create_cmd),
   2.773 +			   create_cmd[1],
   2.774 +			   PACKET_FLAG_DISCARD_RESPONSE |
   2.775 +			   PACKET_FLAG_CHECK_RESPONSESTATUS);
   2.776  	if (pak) {
   2.777 -		u8 buf[sizeof(create_cmd)];
   2.778 -		u32 domid_no = htonl((u32)domid);
   2.779 +		u8 buf[sizeof (create_cmd)];
   2.780 +		u32 domid_no = htonl((u32) domid);
   2.781  		u32 instance_no = htonl(instance);
   2.782 -		memcpy(buf, create_cmd, sizeof(create_cmd));
   2.783  
   2.784 -		memcpy(&buf[11], &domid_no, sizeof(u32));
   2.785 -		memcpy(&buf[15], &instance_no, sizeof(u32));
   2.786 +		memcpy(buf, create_cmd, sizeof (create_cmd));
   2.787 +
   2.788 +		memcpy(&buf[11], &domid_no, sizeof (u32));
   2.789 +		memcpy(&buf[15], &instance_no, sizeof (u32));
   2.790  
   2.791  		/* copy the buffer into the packet */
   2.792 -		rc = packet_set(pak, buf, sizeof(buf));
   2.793 +		rc = packet_set(pak, buf, sizeof (buf));
   2.794  
   2.795  		if (rc == 0) {
   2.796  			pak->tpm_instance = 0;
   2.797 @@ -759,23 +714,30 @@ int tpmif_vtpm_open(tpmif_t *tpmif, domi
   2.798  	return rc;
   2.799  }
   2.800  
   2.801 +static u8 destroy_cmd[] = {
   2.802 +	1, 193,			/* 0: TPM_TAG_RQU_COMMAMD */
   2.803 +	0, 0, 0, 14,		/* 2: length */
   2.804 +	0, 0, 0, 0x2,		/* 6: VTPM_ORD_CLOSE */
   2.805 +	0, 0, 0, 0		/* 10: instance id */
   2.806 +};
   2.807 +
   2.808  int tpmif_vtpm_close(u32 instid)
   2.809  {
   2.810  	int rc = 0;
   2.811  	struct packet *pak;
   2.812  
   2.813  	pak = packet_alloc(NULL,
   2.814 -	                   sizeof(create_cmd),
   2.815 -	                   create_cmd[0],
   2.816 -	                   PACKET_FLAG_DISCARD_RESPONSE);
   2.817 +			   sizeof (destroy_cmd),
   2.818 +			   destroy_cmd[1], PACKET_FLAG_DISCARD_RESPONSE);
   2.819  	if (pak) {
   2.820 -		u8 buf[sizeof(destroy_cmd)];
   2.821 +		u8 buf[sizeof (destroy_cmd)];
   2.822  		u32 instid_no = htonl(instid);
   2.823 -		memcpy(buf, destroy_cmd, sizeof(destroy_cmd));
   2.824 -		memcpy(&buf[10], &instid_no, sizeof(u32));
   2.825 +
   2.826 +		memcpy(buf, destroy_cmd, sizeof (destroy_cmd));
   2.827 +		memcpy(&buf[10], &instid_no, sizeof (u32));
   2.828  
   2.829  		/* copy the buffer into the packet */
   2.830 -		rc = packet_set(pak, buf, sizeof(buf));
   2.831 +		rc = packet_set(pak, buf, sizeof (buf));
   2.832  
   2.833  		if (rc == 0) {
   2.834  			pak->tpm_instance = 0;
   2.835 @@ -791,23 +753,22 @@ int tpmif_vtpm_close(u32 instid)
   2.836  	return rc;
   2.837  }
   2.838  
   2.839 -
   2.840  /***************************************************************
   2.841   Utility functions
   2.842  ***************************************************************/
   2.843  
   2.844 -static int
   2.845 -tpm_send_fail_message(struct packet *pak, u8 req_tag)
   2.846 +static int tpm_send_fail_message(struct packet *pak, u8 req_tag)
   2.847  {
   2.848  	int rc;
   2.849  	static const unsigned char tpm_error_message_fail[] = {
   2.850  		0x00, 0x00,
   2.851  		0x00, 0x00, 0x00, 0x0a,
   2.852 -		0x00, 0x00, 0x00, 0x09 /* TPM_FAIL */
   2.853 +		0x00, 0x00, 0x00, 0x09	/* TPM_FAIL */
   2.854  	};
   2.855 -	unsigned char buffer[sizeof(tpm_error_message_fail)];
   2.856 +	unsigned char buffer[sizeof (tpm_error_message_fail)];
   2.857  
   2.858 -	memcpy(buffer, tpm_error_message_fail, sizeof(tpm_error_message_fail));
   2.859 +	memcpy(buffer, tpm_error_message_fail,
   2.860 +	       sizeof (tpm_error_message_fail));
   2.861  	/*
   2.862  	 * Insert the right response tag depending on the given tag
   2.863  	 * All response tags are '+3' to the request tag.
   2.864 @@ -817,23 +778,24 @@ tpm_send_fail_message(struct packet *pak
   2.865  	/*
   2.866  	 * Write the data to shared memory and notify the front-end
   2.867  	 */
   2.868 -	rc = packet_write(pak, buffer, sizeof(buffer), 0);
   2.869 +	rc = packet_write(pak, buffer, sizeof (buffer), 0);
   2.870  
   2.871  	return rc;
   2.872  }
   2.873  
   2.874 -
   2.875 -static void
   2.876 -_vtpm_release_packets(struct list_head *head, tpmif_t *tpmif,
   2.877 -                      int send_msgs)
   2.878 +static void _vtpm_release_packets(struct list_head *head,
   2.879 +				  tpmif_t * tpmif, int send_msgs)
   2.880  {
   2.881  	struct packet *pak;
   2.882 -	struct list_head *pos, *tmp;
   2.883 +	struct list_head *pos,
   2.884 +	         *tmp;
   2.885  
   2.886  	list_for_each_safe(pos, tmp, head) {
   2.887  		pak = list_entry(pos, struct packet, next);
   2.888 +
   2.889  		if (tpmif == NULL || pak->tpmif == tpmif) {
   2.890  			int can_send = 0;
   2.891 +
   2.892  			del_singleshot_timer_sync(&pak->processing_timer);
   2.893  			list_del(&pak->next);
   2.894  
   2.895 @@ -849,9 +811,7 @@ static void
   2.896  	}
   2.897  }
   2.898  
   2.899 -
   2.900 -int
   2.901 -vtpm_release_packets(tpmif_t *tpmif, int send_msgs)
   2.902 +int vtpm_release_packets(tpmif_t * tpmif, int send_msgs)
   2.903  {
   2.904  	unsigned long flags;
   2.905  
   2.906 @@ -860,23 +820,22 @@ vtpm_release_packets(tpmif_t *tpmif, int
   2.907  	_vtpm_release_packets(&dataex.pending_pak, tpmif, send_msgs);
   2.908  	_vtpm_release_packets(&dataex.current_pak, tpmif, send_msgs);
   2.909  
   2.910 -	write_unlock_irqrestore(&dataex.pak_lock,
   2.911 -	                        flags);
   2.912 +	write_unlock_irqrestore(&dataex.pak_lock, flags);
   2.913  	return 0;
   2.914  }
   2.915  
   2.916 -
   2.917  static int vtpm_queue_packet(struct packet *pak)
   2.918  {
   2.919  	int rc = 0;
   2.920 +
   2.921  	if (dataex.has_opener) {
   2.922  		unsigned long flags;
   2.923 +
   2.924  		write_lock_irqsave(&dataex.pak_lock, flags);
   2.925  		list_add_tail(&pak->next, &dataex.pending_pak);
   2.926  		/* give the TPM some time to pick up the request */
   2.927  		mod_timer(&pak->processing_timer, jiffies + (30 * HZ));
   2.928 -		write_unlock_irqrestore(&dataex.pak_lock,
   2.929 -		                        flags);
   2.930 +		write_unlock_irqrestore(&dataex.pak_lock, flags);
   2.931  
   2.932  		wake_up_interruptible(&dataex.wait_queue);
   2.933  	} else {
   2.934 @@ -885,24 +844,22 @@ static int vtpm_queue_packet(struct pack
   2.935  	return rc;
   2.936  }
   2.937  
   2.938 -
   2.939 -static int vtpm_receive(tpmif_t *tpmif, u32 size)
   2.940 +static int vtpm_receive(tpmif_t * tpmif, u32 size)
   2.941  {
   2.942  	int rc = 0;
   2.943  	unsigned char buffer[10];
   2.944  	__be32 *native_size;
   2.945 +	struct packet *pak = packet_alloc(tpmif, size, 0, 0);
   2.946  
   2.947 -	struct packet *pak = packet_alloc(tpmif, size, buffer[4], 0);
   2.948 -	if (NULL == pak) {
   2.949 +	if (!pak)
   2.950  		return -ENOMEM;
   2.951 -	}
   2.952  	/*
   2.953  	 * Read 10 bytes from the received buffer to test its
   2.954  	 * content for validity.
   2.955  	 */
   2.956 -	if (sizeof(buffer) != packet_read(pak,
   2.957 -	                                  sizeof(buffer), buffer,
   2.958 -	                                  sizeof(buffer), 0)) {
   2.959 +	if (sizeof (buffer) != packet_read(pak,
   2.960 +					   sizeof (buffer), buffer,
   2.961 +					   sizeof (buffer), 0)) {
   2.962  		goto failexit;
   2.963  	}
   2.964  	/*
   2.965 @@ -911,7 +868,7 @@ static int vtpm_receive(tpmif_t *tpmif, 
   2.966  	 */
   2.967  	packet_reset(pak);
   2.968  
   2.969 -	native_size = (__force __be32 *)(&buffer[4+2]);
   2.970 +	native_size = (__force __be32 *) (&buffer[4 + 2]);
   2.971  	/*
   2.972  	 * Verify that the size of the packet is correct
   2.973  	 * as indicated and that there's actually someone reading packets.
   2.974 @@ -920,26 +877,24 @@ static int vtpm_receive(tpmif_t *tpmif, 
   2.975  	 */
   2.976  	if (size < 10 ||
   2.977  	    be32_to_cpu(*native_size) != size ||
   2.978 -	    0 == dataex.has_opener ||
   2.979 -	    tpmif->status != CONNECTED) {
   2.980 -	    	rc = -EINVAL;
   2.981 -	    	goto failexit;
   2.982 +	    0 == dataex.has_opener || tpmif->status != CONNECTED) {
   2.983 +		rc = -EINVAL;
   2.984 +		goto failexit;
   2.985  	} else {
   2.986 -		if ((rc = vtpm_queue_packet(pak)) < 0) {
   2.987 +		rc = vtpm_queue_packet(pak);
   2.988 +		if (rc < 0)
   2.989  			goto failexit;
   2.990 -		}
   2.991  	}
   2.992  	return 0;
   2.993  
   2.994 -failexit:
   2.995 +      failexit:
   2.996  	if (pak) {
   2.997 -		tpm_send_fail_message(pak, buffer[4+1]);
   2.998 +		tpm_send_fail_message(pak, buffer[4 + 1]);
   2.999  		packet_free(pak);
  2.1000  	}
  2.1001  	return rc;
  2.1002  }
  2.1003  
  2.1004 -
  2.1005  /*
  2.1006   * Timeout function that gets invoked when a packet has not been processed
  2.1007   * during the timeout period.
  2.1008 @@ -951,44 +906,42 @@ static void processing_timeout(unsigned 
  2.1009  {
  2.1010  	struct packet *pak = (struct packet *)ptr;
  2.1011  	unsigned long flags;
  2.1012 +
  2.1013  	write_lock_irqsave(&dataex.pak_lock, flags);
  2.1014  	/*
  2.1015  	 * The packet needs to be searched whether it
  2.1016  	 * is still on the list.
  2.1017  	 */
  2.1018  	if (pak == packet_find_packet(&dataex.pending_pak, pak) ||
  2.1019 -	    pak == packet_find_packet(&dataex.current_pak, pak) ) {
  2.1020 +	    pak == packet_find_packet(&dataex.current_pak, pak)) {
  2.1021  		list_del(&pak->next);
  2.1022 -		tpm_send_fail_message(pak, pak->req_tag);
  2.1023 +		if ((pak->flags & PACKET_FLAG_DISCARD_RESPONSE) == 0) {
  2.1024 +			tpm_send_fail_message(pak, pak->req_tag);
  2.1025 +		}
  2.1026  		packet_free(pak);
  2.1027  	}
  2.1028  
  2.1029  	write_unlock_irqrestore(&dataex.pak_lock, flags);
  2.1030  }
  2.1031  
  2.1032 -
  2.1033 -
  2.1034  static void tpm_tx_action(unsigned long unused);
  2.1035  static DECLARE_TASKLET(tpm_tx_tasklet, tpm_tx_action, 0);
  2.1036  
  2.1037  static struct list_head tpm_schedule_list;
  2.1038  static spinlock_t tpm_schedule_list_lock;
  2.1039  
  2.1040 -static inline void
  2.1041 -maybe_schedule_tx_action(void)
  2.1042 +static inline void maybe_schedule_tx_action(void)
  2.1043  {
  2.1044  	smp_mb();
  2.1045  	tasklet_schedule(&tpm_tx_tasklet);
  2.1046  }
  2.1047  
  2.1048 -static inline int
  2.1049 -__on_tpm_schedule_list(tpmif_t * tpmif)
  2.1050 +static inline int __on_tpm_schedule_list(tpmif_t * tpmif)
  2.1051  {
  2.1052  	return tpmif->list.next != NULL;
  2.1053  }
  2.1054  
  2.1055 -static void
  2.1056 -remove_from_tpm_schedule_list(tpmif_t * tpmif)
  2.1057 +static void remove_from_tpm_schedule_list(tpmif_t * tpmif)
  2.1058  {
  2.1059  	spin_lock_irq(&tpm_schedule_list_lock);
  2.1060  	if (likely(__on_tpm_schedule_list(tpmif))) {
  2.1061 @@ -999,8 +952,7 @@ remove_from_tpm_schedule_list(tpmif_t * 
  2.1062  	spin_unlock_irq(&tpm_schedule_list_lock);
  2.1063  }
  2.1064  
  2.1065 -static void
  2.1066 -add_to_tpm_schedule_list_tail(tpmif_t * tpmif)
  2.1067 +static void add_to_tpm_schedule_list_tail(tpmif_t * tpmif)
  2.1068  {
  2.1069  	if (__on_tpm_schedule_list(tpmif))
  2.1070  		return;
  2.1071 @@ -1013,22 +965,18 @@ add_to_tpm_schedule_list_tail(tpmif_t * 
  2.1072  	spin_unlock_irq(&tpm_schedule_list_lock);
  2.1073  }
  2.1074  
  2.1075 -void
  2.1076 -tpmif_schedule_work(tpmif_t * tpmif)
  2.1077 +void tpmif_schedule_work(tpmif_t * tpmif)
  2.1078  {
  2.1079  	add_to_tpm_schedule_list_tail(tpmif);
  2.1080  	maybe_schedule_tx_action();
  2.1081  }
  2.1082  
  2.1083 -void
  2.1084 -tpmif_deschedule_work(tpmif_t * tpmif)
  2.1085 +void tpmif_deschedule_work(tpmif_t * tpmif)
  2.1086  {
  2.1087  	remove_from_tpm_schedule_list(tpmif);
  2.1088  }
  2.1089  
  2.1090 -
  2.1091 -static void
  2.1092 -tpm_tx_action(unsigned long unused)
  2.1093 +static void tpm_tx_action(unsigned long unused)
  2.1094  {
  2.1095  	struct list_head *ent;
  2.1096  	tpmif_t *tpmif;
  2.1097 @@ -1042,10 +990,6 @@ tpm_tx_action(unsigned long unused)
  2.1098  		tpmif = list_entry(ent, tpmif_t, list);
  2.1099  		tpmif_get(tpmif);
  2.1100  		remove_from_tpm_schedule_list(tpmif);
  2.1101 -		/*
  2.1102 -		 * Ensure that we see the request when we read from it.
  2.1103 -		 */
  2.1104 -		mb();
  2.1105  
  2.1106  		tx = &tpmif->tx->ring[0].req;
  2.1107  
  2.1108 @@ -1056,22 +1000,22 @@ tpm_tx_action(unsigned long unused)
  2.1109  	}
  2.1110  }
  2.1111  
  2.1112 -irqreturn_t
  2.1113 -tpmif_be_int(int irq, void *dev_id, struct pt_regs *regs)
  2.1114 +irqreturn_t tpmif_be_int(int irq, void *dev_id, struct pt_regs *regs)
  2.1115  {
  2.1116 -	tpmif_t *tpmif = dev_id;
  2.1117 +	tpmif_t *tpmif = (tpmif_t *) dev_id;
  2.1118 +
  2.1119  	add_to_tpm_schedule_list_tail(tpmif);
  2.1120  	maybe_schedule_tx_action();
  2.1121  	return IRQ_HANDLED;
  2.1122  }
  2.1123  
  2.1124 -static int __init
  2.1125 -tpmback_init(void)
  2.1126 +static int __init tpmback_init(void)
  2.1127  {
  2.1128  	int rc;
  2.1129  
  2.1130 -	if ((rc = misc_register(&ibmvtpms_miscdevice)) != 0) {
  2.1131 -		printk(KERN_ALERT "Could not register misc device for TPM BE.\n");
  2.1132 +	if ((rc = misc_register(&vtpms_miscdevice)) != 0) {
  2.1133 +		printk(KERN_ALERT
  2.1134 +		       "Could not register misc device for TPM BE.\n");
  2.1135  		return rc;
  2.1136  	}
  2.1137  
  2.1138 @@ -1094,13 +1038,11 @@ tpmback_init(void)
  2.1139  
  2.1140  module_init(tpmback_init);
  2.1141  
  2.1142 -static void __exit
  2.1143 -tpmback_exit(void)
  2.1144 +static void __exit tpmback_exit(void)
  2.1145  {
  2.1146 -
  2.1147  	tpmif_xenbus_exit();
  2.1148  	tpmif_interface_exit();
  2.1149 -	misc_deregister(&ibmvtpms_miscdevice);
  2.1150 +	misc_deregister(&vtpms_miscdevice);
  2.1151  }
  2.1152  
  2.1153  module_exit(tpmback_exit);
     3.1 --- a/linux-2.6-xen-sparse/drivers/xen/tpmfront/tpmfront.c	Fri Mar 03 10:53:58 2006 +0100
     3.2 +++ b/linux-2.6-xen-sparse/drivers/xen/tpmfront/tpmfront.c	Fri Mar 03 10:55:11 2006 +0100
     3.3 @@ -602,7 +602,6 @@ tpm_xmit(struct tpm_private *tp,
     3.4  
     3.5  		tx = &tp->tx->ring[i].req;
     3.6  
     3.7 -		tx->id = i;
     3.8  		tx->addr = virt_to_machine(txb->data);
     3.9  		tx->size = txb->len;
    3.10  
     4.1 --- a/xen/include/public/io/tpmif.h	Fri Mar 03 10:53:58 2006 +0100
     4.2 +++ b/xen/include/public/io/tpmif.h	Fri Mar 03 10:55:11 2006 +0100
     4.3 @@ -21,7 +21,7 @@
     4.4  typedef struct {
     4.5      unsigned long addr;   /* Machine address of packet.   */
     4.6      grant_ref_t ref;      /* grant table access reference */
     4.7 -    uint16_t id;          /* Echoed in response message.  */
     4.8 +    uint16_t unused;
     4.9      uint16_t size;        /* Packet size in bytes.        */
    4.10  } tpmif_tx_request_t;
    4.11