On Tue, Nov 22, 2022 at 08:53:16PM +0100, Lukas Wunner wrote: > On Tue, Nov 22, 2022 at 07:53:23AM -0800, ira.weiny@xxxxxxxxx wrote: > > Each struct doe_mb is managed as part of the PCI device. They can't go > > away as long as the PCI device exists. pci_doe_flush_mb() was set up to > > flush the workqueue and prevent any further submissions to the mailboxes > > when the PCI device goes away. Unfortunately, this was fundamentally > > flawed. There was no guarantee that a struct doe_mb remained after > > pci_doe_flush_mb() returned. Therefore, the doe_mb state could be > > invalid when those threads waiting on the workqueue were flushed. > > > > Fortunately the current code is safe because all callers make a > > synchronous call to pci_doe_submit_task() and maintain a reference on the > > PCI device. > > > > For these reasons, pci_doe_flush_mb() will never be called while tasks > > are being processed and there is no use for it. > > Going forward my plan is to allocate all existing DOE mailboxes > of a device upon enumeration. That will allow concurrent use > of a mailbox by multiple drivers. > > When a pci_dev goes away, say, because it's been hot-removed, > we need a way to abort all ongoing DOE exchanges. > > pci_doe_flush_mb() seems to do just that so I'm not sure why > it's being removed? I guess I was not explicit enough in the commit message. 1) it is not used today. More importantly 2) it does not work. Because we are not using it currently I thought it best to remove it rather than try and fix it. Once we have a use then we can figure out how to make sure the doe_mb[*] is valid until all tasks are flushed. Ira [*] Probably with a reference on the struct as was discussed before. -- https://lore.kernel.org/all/20221122094627.00003f2c@xxxxxxxxxx/ > > Thanks, > > Lukas
