Re: [PATCH v3] firmware: arm_scmi: Free mailbox channels if probe fails

From: Cristian Marussi
Date: Tue Aug 31 2021 - 01:48:44 EST

Next message: Joel Becker: "Re: [PATCH 1/4] configfs: return -ENAMETOOLONG earlier in configfs_lookup"
Previous message: Hui Liu: "[PATCH v2 1/1] iio: mtk-auxadc: update case IIO_CHAN_INFO_PROCESSED"
In reply to: rishabhb: "Re: [PATCH v3] firmware: arm_scmi: Free mailbox channels if probe fails"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Aug 30, 2021 at 02:09:37PM -0700, rishabhb@xxxxxxxxxxxxxx wrote:
> Hi Christian

Hi Rishabh,

thanks for looking into this kind of bad interactions.

> There seems to be another issue here. The response from agent can be delayed
> causing a timeout during base protocol acquire,
> which leads to the probe failure. What I have observed is sometimes the
> failure of probe and rx_callback (due to a delayed message)
> happens at the same time on different cpus.
> Because of this race, the device memory may be cleared while the
> interrupt(rx_callback) is executing on another cpu.

You are right that concurrency was not handled properly in this kind of
context and moreover, if you think about it, even the case of out of
order reception of responses and delayed_responses (type2 SCMI messages)
for asynchronous SCMI commands was not handled properly.

> How do you propose we solve this? Do you think it is better to take the
> setting up of base and other protocols out of probe and
> in some delayed work? That would imply the device memory is not released
> until remove is called. Or should we add locking to
> the interrupt handler(scmi_rx_callback) and the cleanup in probe to avoid
> the race?
>

These issues were more easily exposed by SCMI Virtio transport, so in
the series where I introduced scmi-virtio:

https://lore.kernel.org/linux-arm-kernel/162848483974.232214.9506203742448269364.b4-ty@xxxxxxx/

(which is now queued for v5.15 ... now on -next I think...finger crossed)

I took the chance to rectify a couple of other things in the SCMI core
in the initial commits.
As an example, in the above series

[PATCH v7 05/15] firmware: arm_scmi: Handle concurrent and out-of-order messages

cares to add a refcount to xfers and some locking on xfers between TX
and RX path to avoid that a timed out xfer can vanish while the rx path
is concurrently working on it (as you said); moreover I handle the
condition (rare if not unplausible anyway) in which a transport delivers
out of order responses and delayed responses.

I tested this scenarios on some fake emulated SCMI Virtio transport
where I could play any sort of mess and tricks to stress this limit
conditions, but you're more than welcome to verify if the race you are
seeing on Base protocol time out is solved (as I would hope :D) by this
series of mine.

Let me know, any feedback is welcome.

Btw, in the series above there are also other minor changes, but there
is also another more radical change needed to ensure correctness and
protection against stale old messages which maybe could interest you
in general if you are looking into SCMI:

[PATCH v7 04/15] firmware: arm_scmi: Introduce monotonically increasing tokens

Let me know if yo have other concerns.

Thanks
Cristian

Next message: Joel Becker: "Re: [PATCH 1/4] configfs: return -ENAMETOOLONG earlier in configfs_lookup"
Previous message: Hui Liu: "[PATCH v2 1/1] iio: mtk-auxadc: update case IIO_CHAN_INFO_PROCESSED"
In reply to: rishabhb: "Re: [PATCH v3] firmware: arm_scmi: Free mailbox channels if probe fails"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]