Received: by 10.223.185.116 with SMTP id b49csp2155599wrg; Thu, 22 Feb 2018 08:59:27 -0800 (PST) X-Google-Smtp-Source: AH8x227vMszillZcMdB4OznEb4XQmxluQ88TXsb5bEynNkVZvcjH/nHsXhD4E7V6OC6KDJu07BqB X-Received: by 2002:a17:902:71c9:: with SMTP id t9-v6mr7138806plm.107.1519318767109; Thu, 22 Feb 2018 08:59:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519318767; cv=none; d=google.com; s=arc-20160816; b=o9KyJRiaPtY7sSXnvf72lNA4t9OGz3dJKxxS7LARhFJgd0XHyDEQWtcI7EysLC65GQ TC37dimRBx7gz0umK0jhvVvpPwk4tbRXEpQxR4cgmPLhKHFpqwFjtWD3kZRwx//XL/jv kAK3Z2A8Vjiavl94u1j/l525xxGm04MmQiGzQBado3EhzdoONrbW9HwrtLITM2wyJv/s bU2noOPXdjNQ7J4AH7ueXf0ovIqt8XG0fugShLDqgpYvQRlMqevD/lKbqE8DBA6WxTiY CuEuAS0otWj4YP39qpI1YrgHEKA6ZRjmytdn6GP+9riWIM6Bg2bSocKtw4Grd0VMqyxf 7S7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dmarc-filter:dkim-signature:dkim-signature :arc-authentication-results; bh=Z5SYvI6EtMrDJwUAYXvaUj3LtoBgOehgznCal5qtCm4=; b=rT9S5Zc1/MIxBpihmOlfbzgOKAlKup2JT3KW2gTAQ1UnrCrjEBwe+TkrdhpvtEwKwU ut5pDG8fgZZNaFefSkh7KDtMqh3npPSI183bV/bTq1IlQGaUTDcIBrv0hP5SzABxtqxf sgEINdEfdjyGbIhuKy7Hdt3GzB2XZo0eqRmdB1mcJLsKwbkbaMqpHXAzOsSUIAV52wh/ 8rdf/RH9++tgu+WTmcjFGUCrNC8HlCkSbaQ9znm2LcgfS4wTopvdw2QQfyps3QhiIYQv ysppd6s8yHAavHwysKkQFMQwDD6XfCRAl3dXNOmuztWDecqbWrx+Q5Y/BoHP4bB0Y+g+ pfiw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@codeaurora.org header.s=default header.b=JQs45xre; dkim=pass header.i=@codeaurora.org header.s=default header.b=JQs45xre; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 70-v6si319712pla.64.2018.02.22.08.59.12; Thu, 22 Feb 2018 08:59:27 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@codeaurora.org header.s=default header.b=JQs45xre; dkim=pass header.i=@codeaurora.org header.s=default header.b=JQs45xre; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933339AbeBVQ6J (ORCPT + 99 others); Thu, 22 Feb 2018 11:58:09 -0500 Received: from smtp.codeaurora.org ([198.145.29.96]:49832 "EHLO smtp.codeaurora.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933093AbeBVQ6H (ORCPT ); Thu, 22 Feb 2018 11:58:07 -0500 Received: by smtp.codeaurora.org (Postfix, from userid 1000) id B9F996084A; Thu, 22 Feb 2018 16:58:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=codeaurora.org; s=default; t=1519318686; bh=mgdml3VccCYrbjW51ZLosVu4geupU1O7iplvI1efayE=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=JQs45xreDud0A946tWFNcDfWNsQzsOA2QhS8GRUC1y08xX2NtiE6TfSUlsj+hsj2a ZwLq1FaHktUC/+R4v6IqU9zM/gC5Jdj9ICdOKkthc/4iOfmqghiF7YEaq5zahPf8dG wwC94/UjrKsO1eI8a8+88/fTUEphhgk0UspV4ZSo= X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on pdx-caf-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.8 required=2.0 tests=ALL_TRUSTED,BAYES_00, DKIM_SIGNED,T_DKIM_INVALID autolearn=no autolearn_force=no version=3.4.0 Received: from localhost (i-global254.qualcomm.com [199.106.103.254]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: ilina@smtp.codeaurora.org) by smtp.codeaurora.org (Postfix) with ESMTPSA id 075C6607C6; Thu, 22 Feb 2018 16:58:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=codeaurora.org; s=default; t=1519318686; bh=mgdml3VccCYrbjW51ZLosVu4geupU1O7iplvI1efayE=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=JQs45xreDud0A946tWFNcDfWNsQzsOA2QhS8GRUC1y08xX2NtiE6TfSUlsj+hsj2a ZwLq1FaHktUC/+R4v6IqU9zM/gC5Jdj9ICdOKkthc/4iOfmqghiF7YEaq5zahPf8dG wwC94/UjrKsO1eI8a8+88/fTUEphhgk0UspV4ZSo= DMARC-Filter: OpenDMARC Filter v1.3.2 smtp.codeaurora.org 075C6607C6 Authentication-Results: pdx-caf-mail.web.codeaurora.org; dmarc=none (p=none dis=none) header.from=codeaurora.org Authentication-Results: pdx-caf-mail.web.codeaurora.org; spf=none smtp.mailfrom=ilina@codeaurora.org Date: Thu, 22 Feb 2018 16:58:05 +0000 From: Lina Iyer To: Evan Green Cc: Andy Gross , David Brown , linux-arm-msm@vger.kernel.org, linux-soc@vger.kernel.org, Rajendra Nayak , Bjorn Andersson , linux-kernel@vger.kernel.org Subject: Re: [PATCH v2 07/10] drivers: qcom: rpmh: cache sleep/wake state requests Message-ID: <20180222165805.GA7098@codeaurora.org> References: <20180215173507.10989-1-ilina@codeaurora.org> <20180215173507.10989-8-ilina@codeaurora.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.3 (2018-01-21) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Feb 21 2018 at 22:07 +0000, Evan Green wrote: >Hi Lina, > >On Thu, Feb 15, 2018 at 9:35 AM, Lina Iyer wrote: [...] >> +static struct cache_req *cache_rpm_request(struct rpmh_client *rc, >> + enum rpmh_state state, >> + struct tcs_cmd *cmd) >> +{ >> + struct cache_req *req; >> + struct rpmh_ctrlr *rpm = rc->ctrlr; >> + unsigned long flags; >> + >> + spin_lock_irqsave(&rpm->lock, flags); >> + req = __find_req(rc, cmd->addr); >> + if (req) >> + goto existing; >> + >> + req = kzalloc(sizeof(*req), GFP_ATOMIC); >> + if (!req) { >> + req = ERR_PTR(-ENOMEM); >> + goto unlock; >> + } >> + >> + req->addr = cmd->addr; >> + req->sleep_val = req->wake_val = UINT_MAX; > >So UINT_MAX is really never a valid value to write? Maybe it would be >good to at least print some sort of complaint if somebody sends down a >request with this value. Otherwise the request is silently ignored and >would be quite challenging to track down. > Yes, UINT_MAX is a invalid value. I have not encountered anything in the spec that points to hold UINT_MAX as a valid value. It would also be quite inefficient to validate each input. Drivers generally know what they are doing. These are data sent to the hardware and there is a general understanding that incorrect data may fail silently. >> +/** >> + * rpmh_flush: Flushes the buffered active and sleep sets to TCS >> + * >> + * @rc: The RPMh handle got from rpmh_get_dev_channel >> + * >> + * This function is generally called from the sleep code from the last CPU >> + * that is powering down the entire system. >> + * >> + * Returns -EBUSY if the controller is busy, probably waiting on a response >> + * to a RPMH request sent earlier. >> + */ >> +int rpmh_flush(struct rpmh_client *rc) >> +{ >> + struct cache_req *p; >> + struct rpmh_ctrlr *rpm = rc->ctrlr; >> + int ret; >> + unsigned long flags; >> + >> + if (IS_ERR_OR_NULL(rc)) >> + return -EINVAL; >> + >> + spin_lock_irqsave(&rpm->lock, flags); >> + if (!rpm->dirty) { >> + pr_debug("Skipping flush, TCS has latest data.\n"); >> + spin_unlock_irqrestore(&rpm->lock, flags); >> + return 0; >> + } >> + spin_unlock_irqrestore(&rpm->lock, flags); >> + >> + /* >> + * Nobody else should be calling this function other than system PM,, >> + * hence we can run without locks. >> + */ >> + list_for_each_entry(p, &rc->ctrlr->cache, list) { >> + if (!is_req_valid(p)) { >> + pr_debug("%s: skipping RPMH req: a:0x%x s:0x%x w:0x%x", >> + __func__, p->addr, p->sleep_val, p->wake_val); >> + continue; >> + } >> + ret = send_single(rc, RPMH_SLEEP_STATE, p->addr, p->sleep_val); >> + if (ret) >> + return ret; >> + ret = send_single(rc, RPMH_WAKE_ONLY_STATE, p->addr, >> + p->wake_val); >> + if (ret) >> + return ret; >> + } >> + >> + spin_lock_irqsave(&rpm->lock, flags); >> + rpm->dirty = false; >> + spin_unlock_irqrestore(&rpm->lock, flags); >> + > >I've got some questions on the locking in this function. > >I understand that the lock protects the list, and I'm surmising that >you don't want to hold the lock across send_single (even though >there's another lock in there that's held for most of that time, so I >think you could). I'm still a newbie to Linux in general, so I'll pose >this as a question: is it generally okay in Linux to traverse across a >list that may have items concurrently added to it? You're never >removing items from this list, so I think there are no actual bugs, >but it does seem like it relies on the implementation details of the >list. And if you ever did remove items from the list, this would bite >you. > It is generally not advisable to traverse a list if the list is being modified externally. The reason why it is okay here, is the context of this function call. The only caller of this function will be a system PM driver. As noted in the comments, this is called when the last CPU is powering down and in such a context, there are no other active users of this library. >Also, why do you need to acquire the lock just to set dirty to false? >Right now it looks like there's a race where someone could add an >element to this list just after you've terminated this loop (but >before you have the lock), but then the dirty = false here clobbers >their dirty = true, and the item is never sent during future flushes. > >I think it would be safer and faster to set dirty = false before >iterating through the list (either within the lock or outside of it >given that this is the only place that reads or clears dirty). That >way if new elements sneak in you know that they will either be flushed >already or dirty will be true for them on a subsequent flush. > ->dirty will be accessed as a u32 and so does not require a lock per-se. The lock here guarantees a certain system state when the flag is changed. While in this function it is not needed since, there will be no active threads changing the system state. I could possibly remove the lock in this function. >> + return 0; >> +} >> +EXPORT_SYMBOL(rpmh_flush); >> + >> +/** >> + * rpmh_invalidate: Invalidate all sleep and active sets >> + * sets. >> + * >> + * @rc: The RPMh handle got from rpmh_get_dev_channel >> + * >> + * Invalidate the sleep and active values in the TCS blocks. >> + */ >> +int rpmh_invalidate(struct rpmh_client *rc) >> +{ >> + struct rpmh_ctrlr *rpm = rc->ctrlr; >> + int ret; >> + unsigned long flags; >> + >> + if (IS_ERR_OR_NULL(rc)) >> + return -EINVAL; >> + >> + spin_lock_irqsave(&rpm->lock, flags); >> + rpm->dirty = true; >> + spin_unlock_irqrestore(&rpm->lock, flags); > >I don't think the lock acquire/release provides anything here, can't >you just set dirty = true? > It helps synchronize to the state of the controller. >So rpmh_invalidate clears any pending requests in the hardware, but >all the cached address/data pairs are all still in the cache, right? >As soon as someone else adds a new request and sets dirty to true, all >of these old ones get resent as well at flush, right? Is that the >desired behavior? Does anyone ever need to remove an address/data pair >from the RPMh's to-do list? > Drivers overwrite their requests and I have not had a requirement to remove their previous votes. Removing from the controller's registers is good enough to not send the data. If a driver calls invalidate, it is generally followed by a new sleep/wake request. Thanks, Lina >> + >> + do { >> + ret = rpmh_rsc_invalidate(rc->ctrlr->drv); >> + } while (ret == -EAGAIN); >> + >> + return ret; >> +} >> +EXPORT_SYMBOL(rpmh_invalidate); >> +