Hi,
On Sep 21 2018 15:32, Takashi Iwai wrote:
On Fri, 21 Sep 2018 05:01:31 +0200,
Takashi Sakamoto wrote:
Hi,
On Sep 21 2018 00:54, Takashi Iwai wrote:
Per popular demands, this patch adds a new ALSA core API function,
snd_devm_card_new(), to create a snd_card object in a managed way via
devres. When a card object is created by this new function, it's
released automatically at the device release. It includes also the
call of snd_card_free().
However, the story isn't that simple. A caveat is that We have to
call snd_card_new(), more specifically, the disconnection part, at
very first of the whole resource release procedure. This assures that
the exposed devices are deleted and sync with the all accessing
processes getting closed.
For achieving it, snd_card_register() adds a new devres action to
trigger snd_card_free() automatically when the given card object is a
"managed" one. Since usually snd_card_register() is the last step of
the initialization, this should work in most cases.
With all these tricks, some drivers can get rid of the whole the
driver remove callback.
About a bit of implementation details: the patch adds two new flags to
snd_card object, managed and releasing. The former indicates that the
object was created via snd_devm_card_new(), and the latter is used for
avoiding the double-free of snd_card_free() calls. Both flags are
fairly internal and likely uninteresting to normal users.
Signed-off-by: Takashi Iwai <tiwai@xxxxxxx>
---
include/sound/core.h | 5 +++
sound/core/init.c | 95 ++++++++++++++++++++++++++++++++++++++++++--
2 files changed, 96 insertions(+), 4 deletions(-)
In my opinion, the new 'snd_devm_card_new()' is not good in hot-plug
scenario. It brings kernel oops for processes to touch released device
data relevant to target devices.
For example, for devices connected to each buses, some helper
functions are available to up/down reference count of 'struct device':
- PCIe: pci_dev_get()/pci_dev_put()
- USB: usb_get_intf()/usb_put_intf()
- IEEE 1394: fw_unit_get()/fw_unit_put()
In hot-plug scenario, drivers need to increment the reference counter in
.probe() callback. In .remove/.disconnect callback, the reference
counter should be kept but just set disconnect state to sound
card/device instances. When .private_free callback of sound card device,
the reference is decremented. This is required to enable userspace
applications to handle disconnect processes and avoid kernel oops by
touching released device data related to the connected bus.
As a quick glance, existent drivers for devices on PCIe/USB are not
programmed with enough care of this point. It's prior to fix them for
your 'caveat'.
...but it's likely for me to get wrong understanding design of whole
existent driver in sound subsystem. I'm happy to receive your
indications against my misunderstanding.
It should work as long as the whole remove procedure is performed
after snd_card_free(). With the use of devres, typically you can drop
the whole remove() callback, and that's it.
Basically a device hot-unplug is nothing but the driver unbinding from
the device. Under the normal situation, the driver core calls its
remove() callback, then releases the rest via devres in the reverse
order. When remove() is empty, it'll just perform the devres release.
So, when snd_card_free() is performed at the beginning of devres
release, the call order is as if you were calling snd_card_free() at
remove() callback.
I'm OK to discuss for a case of unbinding as more-popular cases.
The snd_card_free() syncs with the release of the all active files,
i.e. it waits until all accesses get released, then proceed to the
further procedures to free resources, including the call of
private_free. Hence this call itself should be safe, as long as it's
called at first.
I overlooked that snd_card_free() calls 'wait_for_completion()'. Thanks
for your indication. As you said, no worries.
Here I have another concern about timing for processes to return from
unbinding operation. For example:
echo '0000:0a:00.1' > /sys/bus/pci/drivers/snd_hda_intel/unbind
This process returns when the other processes close all of ALSA
character devices related to the sound card because wait for completion
is executed in context of the process. Well-programmed userspace
applications are expected to release the character devices when
received -ENODEV from ioctl(2) or EPOLLERR/EPOLLNVAL from poll(2) to
the character devices.
I don't know exactly that it's acceptable to block a process which
performs unbinding, depending on behaviours of the other processes.
In a point of safe ABI, it's worth for us to consider or decide a
policy for the point.
The rest of resource free is left to devres, and devres guarantees the
resource free in the reverse order. That's the reason that it'd be
best to use devres for the whole resources. Mixing up both devres and
normal resources needs a careful handling of the release order.
Thanks
Takashi Sakamoto
_______________________________________________
Alsa-devel mailing list
Alsa-devel@xxxxxxxxxxxxxxxx
http://mailman.alsa-project.org/mailman/listinfo/alsa-devel
