aboutsummaryrefslogtreecommitdiff
path: root/projects
diff options
context:
space:
mode:
authorPaul Selkirk <paul@psgd.org>2016-07-07 20:09:51 -0400
committerPaul Selkirk <paul@psgd.org>2016-07-07 20:09:51 -0400
commitb3bce363f25d1a23dc7276bcb7fcbd11ccf591f2 (patch)
treeaa29f89948f107fa40ed796d355ebebe4727c8df /projects
parent61abfd73c36364a08901634a828c2e397e9c9010 (diff)
Drop bad request packets.
Also, if the UART receive callback fails to re-enable receive (because dispatch_thread is in the middle of transmitting a response), signal dispatch_thread to re-enable receive after it's done.
Diffstat (limited to 'projects')
-rw-r--r--projects/hsm/hsm.c35
1 files changed, 25 insertions, 10 deletions
diff --git a/projects/hsm/hsm.c b/projects/hsm/hsm.c
index e941abf..3186bc5 100644
--- a/projects/hsm/hsm.c
+++ b/projects/hsm/hsm.c
@@ -110,6 +110,7 @@ osSemaphoreDef(rpc_sem);
static volatile uint8_t uart_rx; /* current character received from UART */
static rpc_buffer_t * volatile rbuf; /* current RPC input buffer */
+static volatile int reenable_recv = 1;
/* Callback for HAL_UART_Receive_IT().
* With multiple worker threads, we can't do a blocking receive, because
@@ -122,11 +123,19 @@ static rpc_buffer_t * volatile rbuf; /* current RPC input buffer */
void HAL_UART2_RxCpltCallback(UART_HandleTypeDef *huart)
{
int complete;
- hal_slip_recv_char(rbuf->buf, &rbuf->len, sizeof(rbuf->buf), &complete);
+
+ if (hal_slip_recv_char(rbuf->buf, &rbuf->len, sizeof(rbuf->buf), &complete) != LIBHAL_OK)
+ Error_Handler();
+
if (complete)
- osSemaphoreRelease(rpc_sem);
+ if (osSemaphoreRelease(rpc_sem) != osOK)
+ Error_Handler();
- HAL_UART_Receive_IT(huart, (uint8_t *)&uart_rx, 1);
+ if (HAL_UART_Receive_IT(huart, (uint8_t *)&uart_rx, 1) != CMSIS_HAL_OK)
+ /* We may have collided with a transmit.
+ * Signal the dispatch_thread to try again.
+ */
+ reenable_recv = 1;
}
hal_error_t hal_serial_recv_char(uint8_t *cp)
@@ -157,6 +166,13 @@ void dispatch_thread(void const *args)
osMutexWait(dispatch_mutex, osWaitForever);
#endif
+ /* Start receiving, or re-enable after failing in the callback. */
+ if (reenable_recv) {
+ if (HAL_UART_Receive_IT(&huart_user, (uint8_t *)&uart_rx, 1) != CMSIS_HAL_OK)
+ Error_Handler();
+ reenable_recv = 0;
+ }
+
/* Wait for the complete rpc request */
rbuf = &ibuf;
osSemaphoreWait(rpc_sem, osWaitForever);
@@ -169,7 +185,12 @@ void dispatch_thread(void const *args)
#endif
/* Process the request */
- hal_rpc_server_dispatch(ibuf.buf, ibuf.len, obuf.buf, &obuf.len);
+ if (hal_rpc_server_dispatch(ibuf.buf, ibuf.len, obuf.buf, &obuf.len) != LIBHAL_OK)
+ /* If hal_rpc_server_dispatch failed with an XDR error, it
+ * probably means the request packet was garbage. In any case, we
+ * have nothing to transmit.
+ */
+ continue;
/* Send the response */
#if NUM_RPC_TASK > 1
@@ -251,12 +272,6 @@ int main()
Error_Handler();
}
- /* Start the non-blocking receive. Do this after launching the worker
- * thread(s), because that's where rbuf is initialized.
- */
- if (HAL_UART_Receive_IT(&huart_user, (uint8_t *)&uart_rx, 1) != CMSIS_HAL_OK)
- Error_Handler();
-
/* Launch other threads (csprng warm-up thread?)
* Wait for FPGA_DONE interrupt.
*/