| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 21 Jan 2019 10:43:47 -0800
From: Steve Longerbeam <slongerbeam@...il.com>
To: Philipp Zabel <p.zabel@...gutronix.de>, linux-media@...r.kernel.org
Cc: Gael PORTAY <gael.portay@...labora.com>,
Peter Seiderer <ps.report@....net>, stable@...r.kernel.org,
Mauro Carvalho Chehab <mchehab@...nel.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"open list:STAGING SUBSYSTEM" <devel@...verdev.osuosl.org>,
open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v3 1/2] media: imx: csi: Disable SMFC before disabling
IDMA channel
On 1/21/19 3:49 AM, Philipp Zabel wrote:
> Hi,
>
> On Fri, 2019-01-18 at 17:04 -0800, Steve Longerbeam wrote:
>> Disable the SMFC before disabling the IDMA channel, instead of after,
>> in csi_idmac_unsetup().
>>
>> This fixes a complete system hard lockup on the SabreAuto when streaming
>> from the ADV7180, by repeatedly sending a stream off immediately followed
>> by stream on:
>>
>> while true; do v4l2-ctl -d4 --stream-mmap --stream-count=3; done
>>
>> Eventually this either causes the system lockup or EOF timeouts at all
>> subsequent stream on, until a system reset.
>>
>> The lockup occurs when disabling the IDMA channel at stream off. Stopping
>> the video data stream entering the IDMA channel before disabling the
>> channel itself appears to be a reliable fix for the hard lockup. That can
>> be done either by disabling the SMFC or the CSI before disabling the
>> channel. Disabling the SMFC before the channel is the easiest solution,
>> so do that.
>>
>> Fixes: 4a34ec8e470cb ("[media] media: imx: Add CSI subdev driver")
>>
>> Suggested-by: Peter Seiderer <ps.report@....net>
>> Reported-by: Gaël PORTAY <gael.portay@...labora.com>
>> Signed-off-by: Steve Longerbeam <slongerbeam@...il.com>
> Gaël, could we get a Tested-by: for this as well?
>
>> Cc: stable@...r.kernel.org
>> ---
>> Changes in v3:
>> - switch from disabling the CSI before the channel to disabling the
>> SMFC before the channel.
>> Changes in v2:
>> - restore an empty line
>> - Add Fixes: and Cc: stable
>> ---
>> drivers/staging/media/imx/imx-media-csi.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/drivers/staging/media/imx/imx-media-csi.c b/drivers/staging/media/imx/imx-media-csi.c
>> index e18f58f56dfb..8610027eac97 100644
>> --- a/drivers/staging/media/imx/imx-media-csi.c
>> +++ b/drivers/staging/media/imx/imx-media-csi.c
>> @@ -560,8 +560,8 @@ static int csi_idmac_setup_channel(struct csi_priv *priv)
>> static void csi_idmac_unsetup(struct csi_priv *priv,
>> enum vb2_buffer_state state)
>> {
>> - ipu_idmac_disable_channel(priv->idmac_ch);
>> ipu_smfc_disable(priv->smfc);
>> + ipu_idmac_disable_channel(priv->idmac_ch);
> Steve, do you have any theory why this helps? It's a bit weird to
> disable the SMFC module while the DMA channel is still enabled.
It does fix the hang, but I only have a vague theory as to why. That by
disabling the DMA channel while its internal FIFO is getting filled is
causing the hang, maybe due to a simultaneous update of the channel's
internal FIFO write pointer and the channel disable bit. By disabling
the SMFC (or the CSI), writes to the channel's internal FIFO stop.
> I think
> this warrants a big comment, given that enable order is SMFC_EN before
> IDMAC channel enable.
>
> Also ipu_smfc_disable is refcounted, so if the other CSI is capturing
> simultaneously, this change has no effect.
Sigh, you're right. Let me go back to disabling the CSI before the
channel, the CSI enable/disable is not refcounted (it doesn't need to be
since it is single use) so it doesn't have this problem.
Should we drop this patch or keep it (with a big comment)? By only
changing the disable order to "CSI then channel", the hang is reliably
fixed from my and Gael's testing, but my concern is that by not
disabling the SMFC before the channel, the SMFC could still empty its
FIFO to the channel's internal FIFO and still create a hang.
Steve
Powered by blists - more mailing lists