* [PATCH v5] bus: mhi: Fix race while handling SYS_ERR at power up
@ 2021-12-07 7:00 Manivannan Sadhasivam
2021-12-16 5:34 ` Manivannan Sadhasivam
0 siblings, 1 reply; 2+ messages in thread
From: Manivannan Sadhasivam @ 2021-12-07 7:00 UTC (permalink / raw)
To: mhi
Cc: aleksander, loic.poulain, thomas.perrot, hemantk, bbhatt,
quic_jhugo, linux-arm-msm, Manivannan Sadhasivam, stable
During SYS_ERR condition, as a response to the MHI_RESET from host, some
devices tend to issue BHI interrupt without clearing the SYS_ERR state in
the device. This creates a race condition and causes a failure in booting
up the device.
The issue is seen on the Sierra Wireless EM9191 modem during SYS_ERR
handling in mhi_async_power_up(). Once the host detects that the device
is in SYS_ERR state, it issues MHI_RESET and waits for the device to
process the reset request. During this time, the device triggers the BHI
interrupt to the host without clearing SYS_ERR condition. So the host
starts handling the SYS_ERR condition again.
To fix this issue, let's register the IRQ handler only after handling the
SYS_ERR check to avoid getting spurious IRQs from the device.
Cc: stable@vger.kernel.org
Fixes: e18d4e9fa79b ("bus: mhi: core: Handle syserr during power_up")
Reported-by: Aleksander Morgado <aleksander@aleksander.es>
Tested-by: Aleksander Morgado <aleksander@aleksander.es>
Tested-by: Thomas Perrot <thomas.perrot@bootlin.com>
Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
---
Changes in v5:
* Rewored the commit message and used "error_exit" goto label for error
path
Changes in v4:
* Reverted the change that moved BHI_INTVEC as that was causing issue as
reported by Aleksander.
Changes in v3:
* Moved BHI_INTVEC setup after irq setup
* Used interval_us as the delay for the polling API
Changes in v2:
* Switched to "mhi_poll_reg_field" for detecting MHI reset in device.
drivers/bus/mhi/core/pm.c | 35 ++++++++++++-----------------------
1 file changed, 12 insertions(+), 23 deletions(-)
diff --git a/drivers/bus/mhi/core/pm.c b/drivers/bus/mhi/core/pm.c
index 7464f5d09973..9ae8532df5a3 100644
--- a/drivers/bus/mhi/core/pm.c
+++ b/drivers/bus/mhi/core/pm.c
@@ -1038,7 +1038,7 @@ int mhi_async_power_up(struct mhi_controller *mhi_cntrl)
enum mhi_ee_type current_ee;
enum dev_st_transition next_state;
struct device *dev = &mhi_cntrl->mhi_dev->dev;
- u32 val;
+ u32 interval_us = 25000; /* poll register field every 25 milliseconds */
int ret;
dev_info(dev, "Requested to power ON\n");
@@ -1055,10 +1055,6 @@ int mhi_async_power_up(struct mhi_controller *mhi_cntrl)
mutex_lock(&mhi_cntrl->pm_mutex);
mhi_cntrl->pm_state = MHI_PM_DISABLE;
- ret = mhi_init_irq_setup(mhi_cntrl);
- if (ret)
- goto error_setup_irq;
-
/* Setup BHI INTVEC */
write_lock_irq(&mhi_cntrl->pm_lock);
mhi_write_reg(mhi_cntrl, mhi_cntrl->bhi, BHI_INTVEC, 0);
@@ -1072,7 +1068,7 @@ int mhi_async_power_up(struct mhi_controller *mhi_cntrl)
dev_err(dev, "%s is not a valid EE for power on\n",
TO_MHI_EXEC_STR(current_ee));
ret = -EIO;
- goto error_async_power_up;
+ goto error_exit;
}
state = mhi_get_mhi_state(mhi_cntrl);
@@ -1081,20 +1077,12 @@ int mhi_async_power_up(struct mhi_controller *mhi_cntrl)
if (state == MHI_STATE_SYS_ERR) {
mhi_set_mhi_state(mhi_cntrl, MHI_STATE_RESET);
- ret = wait_event_timeout(mhi_cntrl->state_event,
- MHI_PM_IN_FATAL_STATE(mhi_cntrl->pm_state) ||
- mhi_read_reg_field(mhi_cntrl,
- mhi_cntrl->regs,
- MHICTRL,
- MHICTRL_RESET_MASK,
- MHICTRL_RESET_SHIFT,
- &val) ||
- !val,
- msecs_to_jiffies(mhi_cntrl->timeout_ms));
- if (!ret) {
- ret = -EIO;
+ ret = mhi_poll_reg_field(mhi_cntrl, mhi_cntrl->regs, MHICTRL,
+ MHICTRL_RESET_MASK, MHICTRL_RESET_SHIFT, 0,
+ interval_us);
+ if (ret) {
dev_info(dev, "Failed to reset MHI due to syserr state\n");
- goto error_async_power_up;
+ goto error_exit;
}
/*
@@ -1104,6 +1092,10 @@ int mhi_async_power_up(struct mhi_controller *mhi_cntrl)
mhi_write_reg(mhi_cntrl, mhi_cntrl->bhi, BHI_INTVEC, 0);
}
+ ret = mhi_init_irq_setup(mhi_cntrl);
+ if (ret)
+ goto error_exit;
+
/* Transition to next state */
next_state = MHI_IN_PBL(current_ee) ?
DEV_ST_TRANSITION_PBL : DEV_ST_TRANSITION_READY;
@@ -1116,10 +1108,7 @@ int mhi_async_power_up(struct mhi_controller *mhi_cntrl)
return 0;
-error_async_power_up:
- mhi_deinit_free_irq(mhi_cntrl);
-
-error_setup_irq:
+error_exit:
mhi_cntrl->pm_state = MHI_PM_DISABLE;
mutex_unlock(&mhi_cntrl->pm_mutex);
--
2.25.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH v5] bus: mhi: Fix race while handling SYS_ERR at power up
2021-12-07 7:00 [PATCH v5] bus: mhi: Fix race while handling SYS_ERR at power up Manivannan Sadhasivam
@ 2021-12-16 5:34 ` Manivannan Sadhasivam
0 siblings, 0 replies; 2+ messages in thread
From: Manivannan Sadhasivam @ 2021-12-16 5:34 UTC (permalink / raw)
To: mhi
Cc: aleksander, loic.poulain, thomas.perrot, hemantk, bbhatt,
quic_jhugo, linux-arm-msm, stable
On Tue, Dec 07, 2021 at 12:30:18PM +0530, Manivannan Sadhasivam wrote:
> During SYS_ERR condition, as a response to the MHI_RESET from host, some
> devices tend to issue BHI interrupt without clearing the SYS_ERR state in
> the device. This creates a race condition and causes a failure in booting
> up the device.
>
> The issue is seen on the Sierra Wireless EM9191 modem during SYS_ERR
> handling in mhi_async_power_up(). Once the host detects that the device
> is in SYS_ERR state, it issues MHI_RESET and waits for the device to
> process the reset request. During this time, the device triggers the BHI
> interrupt to the host without clearing SYS_ERR condition. So the host
> starts handling the SYS_ERR condition again.
>
> To fix this issue, let's register the IRQ handler only after handling the
> SYS_ERR check to avoid getting spurious IRQs from the device.
>
> Cc: stable@vger.kernel.org
> Fixes: e18d4e9fa79b ("bus: mhi: core: Handle syserr during power_up")
> Reported-by: Aleksander Morgado <aleksander@aleksander.es>
> Tested-by: Aleksander Morgado <aleksander@aleksander.es>
> Tested-by: Thomas Perrot <thomas.perrot@bootlin.com>
> Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Applied to mhi-next!
Thanks,
Mani
> ---
>
> Changes in v5:
>
> * Rewored the commit message and used "error_exit" goto label for error
> path
>
> Changes in v4:
>
> * Reverted the change that moved BHI_INTVEC as that was causing issue as
> reported by Aleksander.
>
> Changes in v3:
>
> * Moved BHI_INTVEC setup after irq setup
> * Used interval_us as the delay for the polling API
>
> Changes in v2:
>
> * Switched to "mhi_poll_reg_field" for detecting MHI reset in device.
>
> drivers/bus/mhi/core/pm.c | 35 ++++++++++++-----------------------
> 1 file changed, 12 insertions(+), 23 deletions(-)
>
> diff --git a/drivers/bus/mhi/core/pm.c b/drivers/bus/mhi/core/pm.c
> index 7464f5d09973..9ae8532df5a3 100644
> --- a/drivers/bus/mhi/core/pm.c
> +++ b/drivers/bus/mhi/core/pm.c
> @@ -1038,7 +1038,7 @@ int mhi_async_power_up(struct mhi_controller *mhi_cntrl)
> enum mhi_ee_type current_ee;
> enum dev_st_transition next_state;
> struct device *dev = &mhi_cntrl->mhi_dev->dev;
> - u32 val;
> + u32 interval_us = 25000; /* poll register field every 25 milliseconds */
> int ret;
>
> dev_info(dev, "Requested to power ON\n");
> @@ -1055,10 +1055,6 @@ int mhi_async_power_up(struct mhi_controller *mhi_cntrl)
> mutex_lock(&mhi_cntrl->pm_mutex);
> mhi_cntrl->pm_state = MHI_PM_DISABLE;
>
> - ret = mhi_init_irq_setup(mhi_cntrl);
> - if (ret)
> - goto error_setup_irq;
> -
> /* Setup BHI INTVEC */
> write_lock_irq(&mhi_cntrl->pm_lock);
> mhi_write_reg(mhi_cntrl, mhi_cntrl->bhi, BHI_INTVEC, 0);
> @@ -1072,7 +1068,7 @@ int mhi_async_power_up(struct mhi_controller *mhi_cntrl)
> dev_err(dev, "%s is not a valid EE for power on\n",
> TO_MHI_EXEC_STR(current_ee));
> ret = -EIO;
> - goto error_async_power_up;
> + goto error_exit;
> }
>
> state = mhi_get_mhi_state(mhi_cntrl);
> @@ -1081,20 +1077,12 @@ int mhi_async_power_up(struct mhi_controller *mhi_cntrl)
>
> if (state == MHI_STATE_SYS_ERR) {
> mhi_set_mhi_state(mhi_cntrl, MHI_STATE_RESET);
> - ret = wait_event_timeout(mhi_cntrl->state_event,
> - MHI_PM_IN_FATAL_STATE(mhi_cntrl->pm_state) ||
> - mhi_read_reg_field(mhi_cntrl,
> - mhi_cntrl->regs,
> - MHICTRL,
> - MHICTRL_RESET_MASK,
> - MHICTRL_RESET_SHIFT,
> - &val) ||
> - !val,
> - msecs_to_jiffies(mhi_cntrl->timeout_ms));
> - if (!ret) {
> - ret = -EIO;
> + ret = mhi_poll_reg_field(mhi_cntrl, mhi_cntrl->regs, MHICTRL,
> + MHICTRL_RESET_MASK, MHICTRL_RESET_SHIFT, 0,
> + interval_us);
> + if (ret) {
> dev_info(dev, "Failed to reset MHI due to syserr state\n");
> - goto error_async_power_up;
> + goto error_exit;
> }
>
> /*
> @@ -1104,6 +1092,10 @@ int mhi_async_power_up(struct mhi_controller *mhi_cntrl)
> mhi_write_reg(mhi_cntrl, mhi_cntrl->bhi, BHI_INTVEC, 0);
> }
>
> + ret = mhi_init_irq_setup(mhi_cntrl);
> + if (ret)
> + goto error_exit;
> +
> /* Transition to next state */
> next_state = MHI_IN_PBL(current_ee) ?
> DEV_ST_TRANSITION_PBL : DEV_ST_TRANSITION_READY;
> @@ -1116,10 +1108,7 @@ int mhi_async_power_up(struct mhi_controller *mhi_cntrl)
>
> return 0;
>
> -error_async_power_up:
> - mhi_deinit_free_irq(mhi_cntrl);
> -
> -error_setup_irq:
> +error_exit:
> mhi_cntrl->pm_state = MHI_PM_DISABLE;
> mutex_unlock(&mhi_cntrl->pm_mutex);
>
> --
> 2.25.1
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-12-16 5:34 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-07 7:00 [PATCH v5] bus: mhi: Fix race while handling SYS_ERR at power up Manivannan Sadhasivam
2021-12-16 5:34 ` Manivannan Sadhasivam
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).