Introduce an emergency_stop flag in struct mmc_host to block further
MMC/SD commands after an undervoltage shutdown. If emergency_stop is
set, sdhci_send_command() will reject new requests with -EBUSY and log a
warning. This helps diagnose and identify code paths that may still
attempt writes after the undervoltage shutdown sequence has completed.
Signed-off-by: Oleksij Rempel <o.rempel@xxxxxxxxxxxxxx>
---
drivers/mmc/core/mmc.c | 1 +
drivers/mmc/host/sdhci.c | 9 +++++++++
include/linux/mmc/host.h | 1 +
3 files changed, 11 insertions(+)
diff --git a/drivers/mmc/core/mmc.c b/drivers/mmc/core/mmc.c
index e626213e7a52..8aa5881293d8 100644
--- a/drivers/mmc/core/mmc.c
+++ b/drivers/mmc/core/mmc.c
@@ -2326,6 +2326,7 @@ static int _mmc_handle_undervoltage(struct mmc_host *host)
pr_err("%s: Undervoltage emergency stop failed\n",
mmc_hostname(host));
+ host->emergency_stop = 1;
mmc_card_set_removed(host->card);
out:
diff --git a/drivers/mmc/host/sdhci.c b/drivers/mmc/host/sdhci.c
index f4a7733a8ad2..8d67f27e7d9e 100644
--- a/drivers/mmc/host/sdhci.c
+++ b/drivers/mmc/host/sdhci.c
@@ -1658,6 +1658,15 @@ static bool sdhci_send_command(struct sdhci_host *host, struct mmc_command *cmd)
WARN_ON(host->cmd);
+ if (host->mmc->emergency_stop) {
+ pr_warn("%s: Ignoring normal request, emergency stop is active\n",
+ mmc_hostname(host->mmc));
+ WARN_ON_ONCE(1);
+
+ cmd->error = -EBUSY;
+ return true;
+ }
+
/* Initially, a command has no error */
cmd->error = 0;
diff --git a/include/linux/mmc/host.h b/include/linux/mmc/host.h
index 4e147ad82804..5dfe2cdde59f 100644
--- a/include/linux/mmc/host.h
+++ b/include/linux/mmc/host.h
@@ -501,6 +501,7 @@ struct mmc_host {
unsigned int can_dma_map_merge:1; /* merging can be used */
unsigned int vqmmc_enabled:1; /* vqmmc regulator is enabled */
unsigned int undervoltage:1; /* Undervoltage state */
+ unsigned int emergency_stop:1; /* Emergency stop. No transfers are allowed. */
int rescan_disable; /* disable card detection */
int rescan_entered; /* used with nonremovable devices */
--
2.39.5
