lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1596018374.17247.41.camel@mtkswgap22>
Date:   Wed, 29 Jul 2020 18:26:14 +0800
From:   Stanley Chu <stanley.chu@...iatek.com>
To:     Can Guo <cang@...eaurora.org>
CC:     <linux-scsi@...r.kernel.org>, <martin.petersen@...cle.com>,
        <avri.altman@....com>, <alim.akhtar@...sung.com>,
        <jejb@...ux.ibm.com>, <bvanassche@....org>, <beanhuo@...ron.com>,
        <asutoshd@...eaurora.org>, <matthias.bgg@...il.com>,
        <linux-mediatek@...ts.infradead.org>,
        <linux-arm-kernel@...ts.infradead.org>,
        <linux-kernel@...r.kernel.org>, <kuohong.wang@...iatek.com>,
        <peter.wang@...iatek.com>, <chun-hung.wu@...iatek.com>,
        <andy.teng@...iatek.com>, <chaotian.jing@...iatek.com>,
        <cc.chou@...iatek.com>
Subject: Re: [PATCH v2] scsi: ufs: Fix possible infinite loop in ufshcd_hold

Hi Can,

On Wed, 2020-07-29 at 16:43 +0800, Can Guo wrote:
> Hi Stanley,
> 
> On 2020-07-29 10:40, Stanley Chu wrote:
> > In ufshcd_suspend(), after clk-gating is suspended and link is set
> > as Hibern8 state, ufshcd_hold() is still possibly invoked before
> > ufshcd_suspend() returns. For example, MediaTek's suspend vops may
> > issue UIC commands which would call ufshcd_hold() during the command
> > issuing flow.
> > 
> > Now if UFSHCD_CAP_HIBERN8_WITH_CLK_GATING capability is enabled,
> > then ufshcd_hold() may enter infinite loops because there is no
> > clk-ungating work scheduled or pending. In this case, ufshcd_hold()
> > shall just bypass, and keep the link as Hibern8 state.
> > 
> 
> The infinite loop is expected as ufshcd_hold is called again after
> link is put to hibern8 state, so in QCOM's code, we never do this.

Sadly MediaTek have to do this to make our UniPro to enter low-power
mode.

> The cap UFSHCD_CAP_HIBERN8_WITH_CLK_GATING means UIC link state
> must not be HIBERN8 after ufshcd_hold(async=false) returns.

If driver is not in PM scenarios, e.g., suspended, above statement shall
be always followed. But two obvious violations are existed,

1. In ufshcd_suspend(), link is set as HIBERN8 behind ufshcd_hold()
2. In ufshcd_resume(), link is set back as Active before
ufshcd_release() is invoked 

So as my understanding, special conditions are allowed in PM scenarios,
and this is why "hba->clk_gating.is_suspended" is introduced. By this
thought, I used "hba->clk_gating.is_suspended" in this patch as the
mandatory condition to allow ufshcd_hold() usage in vendor suspend and
resume callbacks.


> Instead of bailing out from that loop, which makes the logic of
> ufshcd_hold and clk gating even more complex, how about removing
> ufshcd_hold/release from ufshcd_send_uic_cmd()? I think they are
> redundant and we should never send DME cmds if clocks/powers are
> not ready. I mean callers should make sure they are ready to send
> DME cmds (and only callers know when), but not leave that job to
> ufshcd_send_uic_cmd(). It is convenient to remove ufshcd_hold/
> release from ufshcd_send_uic_cmd() as there are not many places
> sending DME cmds without holding the clocks, ufs_bsg.c is one.
> And I have tested my idea on my setup, it worked well for me.
> Another benefit is that it also allows us to use DME cmds
> in clk gating/ungating contexts if we need to in the future.
> 

Brilliant idea! But this may not solve problems if vendor callbacks need
more than UIC commands in the future.

This simple patch could make all vendor operations on UFSHCI in PM
callbacks possible with UFSHCD_CAP_HIBERN8_WITH_CLK_GATING enabled, and
again, it allows those operations in PM scenarios only.

> Please let me know your idea, thanks.
> 
> Can Guo.

Thanks,
Stanley Chu

> 
> > Signed-off-by: Stanley Chu <stanley.chu@...iatek.com>
> > Signed-off-by: Andy Teng <andy.teng@...iatek.com>
> > 
> > ---
> > 
> > Changes since v1:
> > - Fix return value: Use unique bool variable to get the result of
> > flush_work(). Thcan prevent incorrect returned value, i.e., rc, if
> > flush_work() returns true
> > - Fix commit message
> > 
> > ---
> >  drivers/scsi/ufs/ufshcd.c | 5 ++++-
> >  1 file changed, 4 insertions(+), 1 deletion(-)
> > 
> > diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c
> > index 577cc0d7487f..acba2271c5d3 100644
> > --- a/drivers/scsi/ufs/ufshcd.c
> > +++ b/drivers/scsi/ufs/ufshcd.c
> > @@ -1561,6 +1561,7 @@ static void ufshcd_ungate_work(struct work_struct 
> > *work)
> >  int ufshcd_hold(struct ufs_hba *hba, bool async)
> >  {
> >  	int rc = 0;
> > +	bool flush_result;
> >  	unsigned long flags;
> > 
> >  	if (!ufshcd_is_clkgating_allowed(hba))
> > @@ -1592,7 +1593,9 @@ int ufshcd_hold(struct ufs_hba *hba, bool async)
> >  				break;
> >  			}
> >  			spin_unlock_irqrestore(hba->host->host_lock, flags);
> > -			flush_work(&hba->clk_gating.ungate_work);
> > +			flush_result = flush_work(&hba->clk_gating.ungate_work);
> > +			if (hba->clk_gating.is_suspended && !flush_result)
> > +				goto out;
> >  			spin_lock_irqsave(hba->host->host_lock, flags);
> >  			goto start;
> >  		}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ