Hi Can,
On Mon, 2020-08-03 at 13:03 +0800, Can Guo wrote:
> Hi Stanley,
>
> On 2020-08-03 12:25, Stanley Chu wrote:
> > Currently I/O request could be still submitted to UFS device while
> > UFS is working on shutdown flow. This may lead to racing as below
> > scenarios and finally system may crash due to unclocked register
> > accesses.
> >
> > To fix this kind of issues, in ufshcd_shutdown(),
> >
> > 1. Use pm_runtime_get_sync() instead of resuming UFS device by
> > ufshcd_runtime_resume() "internally" to let runtime PM framework
> > manage and prevent concurrent runtime operations by incoming I/O
> > requests.
> >
> > 2. Specifically quiesce all SCSI devices to block all I/O requests
> > after device is resumed.
> >
> > Example of racing scenario: While UFS device is runtime-suspended
> >
> > Thread #1: Executing UFS shutdown flow, e.g.,
> > ufshcd_suspend(UFS_SHUTDOWN_PM)
> >
> > Thread #2: Executing runtime resume flow triggered by I/O request,
> > e.g., ufshcd_resume(UFS_RUNTIME_PM)
> >
> > This breaks the assumption that UFS PM flows can not be running
> > concurrently and some unexpected racing behavior may happen.
> >
> > Signed-off-by: Stanley Chu <stanley.chu@xxxxxxxxxxxx>
> > ---
> > Changes:
> > - Since v4: Use pm_runtime_get_sync() instead of resuming UFS device
> > by ufshcd_runtime_resume() "internally".
> > ---
> > drivers/scsi/ufs/ufshcd.c | 39 ++++++++++++++++++++++++++++++++++-----
> > 1 file changed, 34 insertions(+), 5 deletions(-)
> >
> > diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c
> > index 307622284239..fc01171d13b1 100644
> > --- a/drivers/scsi/ufs/ufshcd.c
> > +++ b/drivers/scsi/ufs/ufshcd.c
> > @@ -159,6 +159,12 @@ struct ufs_pm_lvl_states ufs_pm_lvl_states[] = {
> > {UFS_POWERDOWN_PWR_MODE, UIC_LINK_OFF_STATE},
> > };
> >
> > +#define ufshcd_scsi_for_each_sdev(fn) \
> > + list_for_each_entry(starget, &hba->host->__targets, siblings) { \
> > + __starget_for_each_device(starget, NULL, \
> > + fn); \
> > + }
> > +
> > static inline enum ufs_dev_pwr_mode
> > ufs_get_pm_lvl_to_dev_pwr_mode(enum ufs_pm_level lvl)
> > {
> > @@ -8629,6 +8635,13 @@ int ufshcd_runtime_idle(struct ufs_hba *hba)
> > }
> > EXPORT_SYMBOL(ufshcd_runtime_idle);
> >
> > +static void ufshcd_quiesce_sdev(struct scsi_device *sdev, void *data)
> > +{
> > + /* Suspended devices are already quiesced so can be skipped */
>
> Why can runtime suspended sdevs be skipped? Block layer can still resume
> them at any time, no?
Thanks for reminding.
Yes, this check is wrong. All SCSI devices shall be applied
scsi_device_quiesce() here so I will fix it in next version.
>
> > + if (!pm_runtime_suspended(&sdev->sdev_gendev))
> > + scsi_device_quiesce(sdev);
> > +}
> > +
> > /**
> > * ufshcd_shutdown - shutdown routine
> > * @hba: per adapter instance
> > @@ -8640,6 +8653,7 @@ EXPORT_SYMBOL(ufshcd_runtime_idle);
> > int ufshcd_shutdown(struct ufs_hba *hba)
> > {
> > int ret = 0;
> > + struct scsi_target *starget;
> >
> > if (!hba->is_powered)
> > goto out;
> > @@ -8647,11 +8661,26 @@ int ufshcd_shutdown(struct ufs_hba *hba)
> > if (ufshcd_is_ufs_dev_poweroff(hba) && ufshcd_is_link_off(hba))
> > goto out;
> >
> > - if (pm_runtime_suspended(hba->dev)) {
> > - ret = ufshcd_runtime_resume(hba);
> > - if (ret)
> > - goto out;
> > - }
> > + /*
> > + * Let runtime PM framework manage and prevent concurrent runtime
> > + * operations with shutdown flow.
> > + */
> > + pm_runtime_get_sync(hba->dev);
> > +
> > + /*
> > + * Quiesce all SCSI devices to prevent any non-PM requests sending
> > + * from block layer during and after shutdown.
> > + *
> > + * Here we can not use blk_cleanup_queue() since PM requests
> > + * (with BLK_MQ_REQ_PREEMPT flag) are still required to be sent
> > + * through block layer. Therefore SCSI command queued after the
> > + * scsi_target_quiesce() call returned will block until
> > + * blk_cleanup_queue() is called.
> > + *
> > + * Besides, scsi_target_"un"quiesce (e.g., scsi_target_resume) can
> > + * be ignored since shutdown is one-way flow.
> > + */
> > + ufshcd_scsi_for_each_sdev(ufshcd_quiesce_sdev);
>
> Any reasons why don't use scsi_target_quiesce() here?
As above, now all SCSI devices shall be quiesced here, so I could use
the way in v2: using scsi_target_quiesce() directly here.
Thanks,
Stanley Chu
>
> Thanks,
>
> Can Guo.
>
> >
> > ret = ufshcd_suspend(hba, UFS_SHUTDOWN_PM);
> > out:
