* [PATCH v6] scsi: ufs: Quiesce all scsi devices before shutdown
@ 2020-08-03 4:25 Stanley Chu
2020-08-03 5:03 ` Can Guo
0 siblings, 1 reply; 3+ messages in thread
From: Stanley Chu @ 2020-08-03 4:25 UTC (permalink / raw)
To: linux-scsi, martin.petersen, avri.altman, alim.akhtar, jejb, bvanassche
Cc: Stanley Chu, andy.teng, cc.chou, chun-hung.wu, kuohong.wang,
linux-kernel, jiajie.hao, cang, linux-mediatek, peter.wang,
matthias.bgg, beanhuo, chaotian.jing, linux-arm-kernel, asutoshd
Currently I/O request could be still submitted to UFS device while
UFS is working on shutdown flow. This may lead to racing as below
scenarios and finally system may crash due to unclocked register
accesses.
To fix this kind of issues, in ufshcd_shutdown(),
1. Use pm_runtime_get_sync() instead of resuming UFS device by
ufshcd_runtime_resume() "internally" to let runtime PM framework
manage and prevent concurrent runtime operations by incoming I/O
requests.
2. Specifically quiesce all SCSI devices to block all I/O requests
after device is resumed.
Example of racing scenario: While UFS device is runtime-suspended
Thread #1: Executing UFS shutdown flow, e.g.,
ufshcd_suspend(UFS_SHUTDOWN_PM)
Thread #2: Executing runtime resume flow triggered by I/O request,
e.g., ufshcd_resume(UFS_RUNTIME_PM)
This breaks the assumption that UFS PM flows can not be running
concurrently and some unexpected racing behavior may happen.
Signed-off-by: Stanley Chu <stanley.chu@mediatek.com>
---
Changes:
- Since v4: Use pm_runtime_get_sync() instead of resuming UFS device by ufshcd_runtime_resume() "internally".
---
drivers/scsi/ufs/ufshcd.c | 39 ++++++++++++++++++++++++++++++++++-----
1 file changed, 34 insertions(+), 5 deletions(-)
diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c
index 307622284239..fc01171d13b1 100644
--- a/drivers/scsi/ufs/ufshcd.c
+++ b/drivers/scsi/ufs/ufshcd.c
@@ -159,6 +159,12 @@ struct ufs_pm_lvl_states ufs_pm_lvl_states[] = {
{UFS_POWERDOWN_PWR_MODE, UIC_LINK_OFF_STATE},
};
+#define ufshcd_scsi_for_each_sdev(fn) \
+ list_for_each_entry(starget, &hba->host->__targets, siblings) { \
+ __starget_for_each_device(starget, NULL, \
+ fn); \
+ }
+
static inline enum ufs_dev_pwr_mode
ufs_get_pm_lvl_to_dev_pwr_mode(enum ufs_pm_level lvl)
{
@@ -8629,6 +8635,13 @@ int ufshcd_runtime_idle(struct ufs_hba *hba)
}
EXPORT_SYMBOL(ufshcd_runtime_idle);
+static void ufshcd_quiesce_sdev(struct scsi_device *sdev, void *data)
+{
+ /* Suspended devices are already quiesced so can be skipped */
+ if (!pm_runtime_suspended(&sdev->sdev_gendev))
+ scsi_device_quiesce(sdev);
+}
+
/**
* ufshcd_shutdown - shutdown routine
* @hba: per adapter instance
@@ -8640,6 +8653,7 @@ EXPORT_SYMBOL(ufshcd_runtime_idle);
int ufshcd_shutdown(struct ufs_hba *hba)
{
int ret = 0;
+ struct scsi_target *starget;
if (!hba->is_powered)
goto out;
@@ -8647,11 +8661,26 @@ int ufshcd_shutdown(struct ufs_hba *hba)
if (ufshcd_is_ufs_dev_poweroff(hba) && ufshcd_is_link_off(hba))
goto out;
- if (pm_runtime_suspended(hba->dev)) {
- ret = ufshcd_runtime_resume(hba);
- if (ret)
- goto out;
- }
+ /*
+ * Let runtime PM framework manage and prevent concurrent runtime
+ * operations with shutdown flow.
+ */
+ pm_runtime_get_sync(hba->dev);
+
+ /*
+ * Quiesce all SCSI devices to prevent any non-PM requests sending
+ * from block layer during and after shutdown.
+ *
+ * Here we can not use blk_cleanup_queue() since PM requests
+ * (with BLK_MQ_REQ_PREEMPT flag) are still required to be sent
+ * through block layer. Therefore SCSI command queued after the
+ * scsi_target_quiesce() call returned will block until
+ * blk_cleanup_queue() is called.
+ *
+ * Besides, scsi_target_"un"quiesce (e.g., scsi_target_resume) can
+ * be ignored since shutdown is one-way flow.
+ */
+ ufshcd_scsi_for_each_sdev(ufshcd_quiesce_sdev);
ret = ufshcd_suspend(hba, UFS_SHUTDOWN_PM);
out:
--
2.18.0
_______________________________________________
Linux-mediatek mailing list
Linux-mediatek@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-mediatek
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH v6] scsi: ufs: Quiesce all scsi devices before shutdown
2020-08-03 4:25 [PATCH v6] scsi: ufs: Quiesce all scsi devices before shutdown Stanley Chu
@ 2020-08-03 5:03 ` Can Guo
2020-08-03 9:58 ` Stanley Chu
0 siblings, 1 reply; 3+ messages in thread
From: Can Guo @ 2020-08-03 5:03 UTC (permalink / raw)
To: Stanley Chu
Cc: jiajie.hao, linux-scsi, martin.petersen, andy.teng, jejb,
chun-hung.wu, kuohong.wang, linux-kernel, asutoshd, avri.altman,
linux-mediatek, peter.wang, alim.akhtar, matthias.bgg, beanhuo,
chaotian.jing, cc.chou, linux-arm-kernel, bvanassche
Hi Stanley,
On 2020-08-03 12:25, Stanley Chu wrote:
> Currently I/O request could be still submitted to UFS device while
> UFS is working on shutdown flow. This may lead to racing as below
> scenarios and finally system may crash due to unclocked register
> accesses.
>
> To fix this kind of issues, in ufshcd_shutdown(),
>
> 1. Use pm_runtime_get_sync() instead of resuming UFS device by
> ufshcd_runtime_resume() "internally" to let runtime PM framework
> manage and prevent concurrent runtime operations by incoming I/O
> requests.
>
> 2. Specifically quiesce all SCSI devices to block all I/O requests
> after device is resumed.
>
> Example of racing scenario: While UFS device is runtime-suspended
>
> Thread #1: Executing UFS shutdown flow, e.g.,
> ufshcd_suspend(UFS_SHUTDOWN_PM)
>
> Thread #2: Executing runtime resume flow triggered by I/O request,
> e.g., ufshcd_resume(UFS_RUNTIME_PM)
>
> This breaks the assumption that UFS PM flows can not be running
> concurrently and some unexpected racing behavior may happen.
>
> Signed-off-by: Stanley Chu <stanley.chu@mediatek.com>
> ---
> Changes:
> - Since v4: Use pm_runtime_get_sync() instead of resuming UFS device
> by ufshcd_runtime_resume() "internally".
> ---
> drivers/scsi/ufs/ufshcd.c | 39 ++++++++++++++++++++++++++++++++++-----
> 1 file changed, 34 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c
> index 307622284239..fc01171d13b1 100644
> --- a/drivers/scsi/ufs/ufshcd.c
> +++ b/drivers/scsi/ufs/ufshcd.c
> @@ -159,6 +159,12 @@ struct ufs_pm_lvl_states ufs_pm_lvl_states[] = {
> {UFS_POWERDOWN_PWR_MODE, UIC_LINK_OFF_STATE},
> };
>
> +#define ufshcd_scsi_for_each_sdev(fn) \
> + list_for_each_entry(starget, &hba->host->__targets, siblings) { \
> + __starget_for_each_device(starget, NULL, \
> + fn); \
> + }
> +
> static inline enum ufs_dev_pwr_mode
> ufs_get_pm_lvl_to_dev_pwr_mode(enum ufs_pm_level lvl)
> {
> @@ -8629,6 +8635,13 @@ int ufshcd_runtime_idle(struct ufs_hba *hba)
> }
> EXPORT_SYMBOL(ufshcd_runtime_idle);
>
> +static void ufshcd_quiesce_sdev(struct scsi_device *sdev, void *data)
> +{
> + /* Suspended devices are already quiesced so can be skipped */
Why can runtime suspended sdevs be skipped? Block layer can still resume
them at any time, no?
> + if (!pm_runtime_suspended(&sdev->sdev_gendev))
> + scsi_device_quiesce(sdev);
> +}
> +
> /**
> * ufshcd_shutdown - shutdown routine
> * @hba: per adapter instance
> @@ -8640,6 +8653,7 @@ EXPORT_SYMBOL(ufshcd_runtime_idle);
> int ufshcd_shutdown(struct ufs_hba *hba)
> {
> int ret = 0;
> + struct scsi_target *starget;
>
> if (!hba->is_powered)
> goto out;
> @@ -8647,11 +8661,26 @@ int ufshcd_shutdown(struct ufs_hba *hba)
> if (ufshcd_is_ufs_dev_poweroff(hba) && ufshcd_is_link_off(hba))
> goto out;
>
> - if (pm_runtime_suspended(hba->dev)) {
> - ret = ufshcd_runtime_resume(hba);
> - if (ret)
> - goto out;
> - }
> + /*
> + * Let runtime PM framework manage and prevent concurrent runtime
> + * operations with shutdown flow.
> + */
> + pm_runtime_get_sync(hba->dev);
> +
> + /*
> + * Quiesce all SCSI devices to prevent any non-PM requests sending
> + * from block layer during and after shutdown.
> + *
> + * Here we can not use blk_cleanup_queue() since PM requests
> + * (with BLK_MQ_REQ_PREEMPT flag) are still required to be sent
> + * through block layer. Therefore SCSI command queued after the
> + * scsi_target_quiesce() call returned will block until
> + * blk_cleanup_queue() is called.
> + *
> + * Besides, scsi_target_"un"quiesce (e.g., scsi_target_resume) can
> + * be ignored since shutdown is one-way flow.
> + */
> + ufshcd_scsi_for_each_sdev(ufshcd_quiesce_sdev);
Any reasons why don't use scsi_target_quiesce() here?
Thanks,
Can Guo.
>
> ret = ufshcd_suspend(hba, UFS_SHUTDOWN_PM);
> out:
_______________________________________________
Linux-mediatek mailing list
Linux-mediatek@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-mediatek
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH v6] scsi: ufs: Quiesce all scsi devices before shutdown
2020-08-03 5:03 ` Can Guo
@ 2020-08-03 9:58 ` Stanley Chu
0 siblings, 0 replies; 3+ messages in thread
From: Stanley Chu @ 2020-08-03 9:58 UTC (permalink / raw)
To: Can Guo
Cc: jiajie.hao, linux-scsi, martin.petersen, andy.teng, jejb,
chun-hung.wu, kuohong.wang, linux-kernel, asutoshd, avri.altman,
linux-mediatek, peter.wang, alim.akhtar, matthias.bgg, beanhuo,
chaotian.jing, cc.chou, linux-arm-kernel, bvanassche
Hi Can,
On Mon, 2020-08-03 at 13:03 +0800, Can Guo wrote:
> Hi Stanley,
>
> On 2020-08-03 12:25, Stanley Chu wrote:
> > Currently I/O request could be still submitted to UFS device while
> > UFS is working on shutdown flow. This may lead to racing as below
> > scenarios and finally system may crash due to unclocked register
> > accesses.
> >
> > To fix this kind of issues, in ufshcd_shutdown(),
> >
> > 1. Use pm_runtime_get_sync() instead of resuming UFS device by
> > ufshcd_runtime_resume() "internally" to let runtime PM framework
> > manage and prevent concurrent runtime operations by incoming I/O
> > requests.
> >
> > 2. Specifically quiesce all SCSI devices to block all I/O requests
> > after device is resumed.
> >
> > Example of racing scenario: While UFS device is runtime-suspended
> >
> > Thread #1: Executing UFS shutdown flow, e.g.,
> > ufshcd_suspend(UFS_SHUTDOWN_PM)
> >
> > Thread #2: Executing runtime resume flow triggered by I/O request,
> > e.g., ufshcd_resume(UFS_RUNTIME_PM)
> >
> > This breaks the assumption that UFS PM flows can not be running
> > concurrently and some unexpected racing behavior may happen.
> >
> > Signed-off-by: Stanley Chu <stanley.chu@mediatek.com>
> > ---
> > Changes:
> > - Since v4: Use pm_runtime_get_sync() instead of resuming UFS device
> > by ufshcd_runtime_resume() "internally".
> > ---
> > drivers/scsi/ufs/ufshcd.c | 39 ++++++++++++++++++++++++++++++++++-----
> > 1 file changed, 34 insertions(+), 5 deletions(-)
> >
> > diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c
> > index 307622284239..fc01171d13b1 100644
> > --- a/drivers/scsi/ufs/ufshcd.c
> > +++ b/drivers/scsi/ufs/ufshcd.c
> > @@ -159,6 +159,12 @@ struct ufs_pm_lvl_states ufs_pm_lvl_states[] = {
> > {UFS_POWERDOWN_PWR_MODE, UIC_LINK_OFF_STATE},
> > };
> >
> > +#define ufshcd_scsi_for_each_sdev(fn) \
> > + list_for_each_entry(starget, &hba->host->__targets, siblings) { \
> > + __starget_for_each_device(starget, NULL, \
> > + fn); \
> > + }
> > +
> > static inline enum ufs_dev_pwr_mode
> > ufs_get_pm_lvl_to_dev_pwr_mode(enum ufs_pm_level lvl)
> > {
> > @@ -8629,6 +8635,13 @@ int ufshcd_runtime_idle(struct ufs_hba *hba)
> > }
> > EXPORT_SYMBOL(ufshcd_runtime_idle);
> >
> > +static void ufshcd_quiesce_sdev(struct scsi_device *sdev, void *data)
> > +{
> > + /* Suspended devices are already quiesced so can be skipped */
>
> Why can runtime suspended sdevs be skipped? Block layer can still resume
> them at any time, no?
Thanks for reminding.
Yes, this check is wrong. All SCSI devices shall be applied
scsi_device_quiesce() here so I will fix it in next version.
>
> > + if (!pm_runtime_suspended(&sdev->sdev_gendev))
> > + scsi_device_quiesce(sdev);
> > +}
> > +
> > /**
> > * ufshcd_shutdown - shutdown routine
> > * @hba: per adapter instance
> > @@ -8640,6 +8653,7 @@ EXPORT_SYMBOL(ufshcd_runtime_idle);
> > int ufshcd_shutdown(struct ufs_hba *hba)
> > {
> > int ret = 0;
> > + struct scsi_target *starget;
> >
> > if (!hba->is_powered)
> > goto out;
> > @@ -8647,11 +8661,26 @@ int ufshcd_shutdown(struct ufs_hba *hba)
> > if (ufshcd_is_ufs_dev_poweroff(hba) && ufshcd_is_link_off(hba))
> > goto out;
> >
> > - if (pm_runtime_suspended(hba->dev)) {
> > - ret = ufshcd_runtime_resume(hba);
> > - if (ret)
> > - goto out;
> > - }
> > + /*
> > + * Let runtime PM framework manage and prevent concurrent runtime
> > + * operations with shutdown flow.
> > + */
> > + pm_runtime_get_sync(hba->dev);
> > +
> > + /*
> > + * Quiesce all SCSI devices to prevent any non-PM requests sending
> > + * from block layer during and after shutdown.
> > + *
> > + * Here we can not use blk_cleanup_queue() since PM requests
> > + * (with BLK_MQ_REQ_PREEMPT flag) are still required to be sent
> > + * through block layer. Therefore SCSI command queued after the
> > + * scsi_target_quiesce() call returned will block until
> > + * blk_cleanup_queue() is called.
> > + *
> > + * Besides, scsi_target_"un"quiesce (e.g., scsi_target_resume) can
> > + * be ignored since shutdown is one-way flow.
> > + */
> > + ufshcd_scsi_for_each_sdev(ufshcd_quiesce_sdev);
>
> Any reasons why don't use scsi_target_quiesce() here?
As above, now all SCSI devices shall be quiesced here, so I could use
the way in v2: using scsi_target_quiesce() directly here.
Thanks,
Stanley Chu
>
> Thanks,
>
> Can Guo.
>
> >
> > ret = ufshcd_suspend(hba, UFS_SHUTDOWN_PM);
> > out:
_______________________________________________
Linux-mediatek mailing list
Linux-mediatek@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-mediatek
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-08-03 10:08 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-08-03 4:25 [PATCH v6] scsi: ufs: Quiesce all scsi devices before shutdown Stanley Chu
2020-08-03 5:03 ` Can Guo
2020-08-03 9:58 ` Stanley Chu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).