| Message ID | 1496147943-25822-15-git-send-email-kgunda@codeaurora.org (mailing list archive) |
|---|---|
| State | Not Applicable, archived |
| Delegated to: | Andy Gross |
| Headers | show |
Hi Subbaraman,
[auto build test ERROR on linus/master]
[also build test ERROR on v4.12-rc3 next-20170530]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]
url: https://github.com/0day-ci/linux/commits/Kiran-Gunda/spmi-pmic_arb-block-access-of-invalid-read-and-writes/20170531-034312
config: xtensa-allmodconfig (attached as .config)
compiler: xtensa-linux-gcc (GCC) 4.9.0
reproduce:
wget https://raw.githubusercontent.com/01org/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# save the attached .config to linux build tree
make.cross ARCH=xtensa
All error/warnings (new ones prefixed by >>):
>> drivers//spmi/spmi-pmic-arb.c:1163:2: error: unknown field 'activate' specified in initializer
.activate = qpnpint_irq_domain_activate,
^
>> drivers//spmi/spmi-pmic-arb.c:1163:2: warning: excess elements in struct initializer
drivers//spmi/spmi-pmic-arb.c:1163:2: warning: (near initialization for 'pmic_arb_irq_domain_ops')
vim +/activate +1163 drivers//spmi/spmi-pmic-arb.c
1147 .ver_str = "v5",
1148 .ppid_to_apid = pmic_arb_ppid_to_apid_v5,
1149 .mode = pmic_arb_mode_v2,
1150 .non_data_cmd = pmic_arb_non_data_cmd_v2,
1151 .offset = pmic_arb_offset_v5,
1152 .fmt_cmd = pmic_arb_fmt_cmd_v2,
1153 .owner_acc_status = pmic_arb_owner_acc_status_v5,
1154 .acc_enable = pmic_arb_acc_enable_v5,
1155 .irq_status = pmic_arb_irq_status_v5,
1156 .irq_clear = pmic_arb_irq_clear_v5,
1157 .channel_map_offset = pmic_arb_channel_map_offset_v5,
1158 };
1159
1160 static const struct irq_domain_ops pmic_arb_irq_domain_ops = {
1161 .map = qpnpint_irq_domain_map,
1162 .xlate = qpnpint_irq_domain_dt_translate,
> 1163 .activate = qpnpint_irq_domain_activate,
1164 };
1165
1166 static int spmi_pmic_arb_probe(struct platform_device *pdev)
1167 {
1168 struct spmi_pmic_arb *pa;
1169 struct spmi_controller *ctrl;
1170 struct resource *res;
1171 void __iomem *core;
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
On 05/30, Kiran Gunda wrote: > From: Subbaraman Narayanamurthy <subbaram@codeaurora.org> > > Currently, cleanup_irq() is invoked when a peripheral's interrupt > fires and there is no mapping present in the interrupt domain of > spmi interrupt controller. > > The cleanup_irq clears the arbiter bit, clears the pmic interrupt > and disables it at the pmic in that order. The last disable in > cleanup_irq races with request_irq() in that it stomps over the > enable issued by request_irq. Fix this by not writing to the pmic > in cleanup_irq. The latched bit will be left set in the pmic, > which will not send us more interrupts even if the enable bit > stays enabled. > > When a client wants to request an interrupt, use the activate > callback on the irq_domain to clear latched bit. This ensures > that the latched, if set due to the above changes in cleanup_irq > or when the bootloader leaves it set, gets cleaned up, paving way > for upcoming interrupts to trigger. > > With this, there is a possibility of unwanted triggering of > interrupt right after the latched bit is cleared - the interrupt > may be left enabled too. To avoid that, clear the enable first > followed by clearing the latched bit in the activate callback. > > Signed-off-by: Subbaraman Narayanamurthy <subbaram@codeaurora.org> > Signed-off-by: Kiran Gunda <kgunda@codeaurora.org> Please squash this with the patch that adds cleanup_irq() and rewrite the commit text to combine details from both.
On 2017-05-31 23:23, Stephen Boyd wrote: > On 05/30, Kiran Gunda wrote: >> From: Subbaraman Narayanamurthy <subbaram@codeaurora.org> >> >> Currently, cleanup_irq() is invoked when a peripheral's interrupt >> fires and there is no mapping present in the interrupt domain of >> spmi interrupt controller. >> >> The cleanup_irq clears the arbiter bit, clears the pmic interrupt >> and disables it at the pmic in that order. The last disable in >> cleanup_irq races with request_irq() in that it stomps over the >> enable issued by request_irq. Fix this by not writing to the pmic >> in cleanup_irq. The latched bit will be left set in the pmic, >> which will not send us more interrupts even if the enable bit >> stays enabled. >> >> When a client wants to request an interrupt, use the activate >> callback on the irq_domain to clear latched bit. This ensures >> that the latched, if set due to the above changes in cleanup_irq >> or when the bootloader leaves it set, gets cleaned up, paving way >> for upcoming interrupts to trigger. >> >> With this, there is a possibility of unwanted triggering of >> interrupt right after the latched bit is cleared - the interrupt >> may be left enabled too. To avoid that, clear the enable first >> followed by clearing the latched bit in the activate callback. >> >> Signed-off-by: Subbaraman Narayanamurthy <subbaram@codeaurora.org> >> Signed-off-by: Kiran Gunda <kgunda@codeaurora.org> > > Please squash this with the patch that adds cleanup_irq() and > rewrite the commit text to combine details from both. Sure. Will squash it in the next patch submission. -- To unsubscribe from this list: send the line "unsubscribe linux-arm-msm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 2017-06-02 12:56, kgunda@codeaurora.org wrote: > On 2017-05-31 23:23, Stephen Boyd wrote: >> On 05/30, Kiran Gunda wrote: >>> From: Subbaraman Narayanamurthy <subbaram@codeaurora.org> >>> >>> Currently, cleanup_irq() is invoked when a peripheral's interrupt >>> fires and there is no mapping present in the interrupt domain of >>> spmi interrupt controller. >>> >>> The cleanup_irq clears the arbiter bit, clears the pmic interrupt >>> and disables it at the pmic in that order. The last disable in >>> cleanup_irq races with request_irq() in that it stomps over the >>> enable issued by request_irq. Fix this by not writing to the pmic >>> in cleanup_irq. The latched bit will be left set in the pmic, >>> which will not send us more interrupts even if the enable bit >>> stays enabled. >>> >>> When a client wants to request an interrupt, use the activate >>> callback on the irq_domain to clear latched bit. This ensures >>> that the latched, if set due to the above changes in cleanup_irq >>> or when the bootloader leaves it set, gets cleaned up, paving way >>> for upcoming interrupts to trigger. >>> >>> With this, there is a possibility of unwanted triggering of >>> interrupt right after the latched bit is cleared - the interrupt >>> may be left enabled too. To avoid that, clear the enable first >>> followed by clearing the latched bit in the activate callback. >>> >>> Signed-off-by: Subbaraman Narayanamurthy <subbaram@codeaurora.org> >>> Signed-off-by: Kiran Gunda <kgunda@codeaurora.org> >> >> Please squash this with the patch that adds cleanup_irq() and >> rewrite the commit text to combine details from both. > Sure. Will squash it in the next patch submission. Patch that adds cleanup_irq is already taken in to the tree. Lets have this patch as is now. -- To unsubscribe from this list: send the line "unsubscribe linux-arm-msm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 06/06, kgunda@codeaurora.org wrote: > On 2017-06-02 12:56, kgunda@codeaurora.org wrote: > >On 2017-05-31 23:23, Stephen Boyd wrote: > >>On 05/30, Kiran Gunda wrote: > >>>From: Subbaraman Narayanamurthy <subbaram@codeaurora.org> > >>> > >>>Currently, cleanup_irq() is invoked when a peripheral's interrupt > >>>fires and there is no mapping present in the interrupt domain of > >>>spmi interrupt controller. > >>> > >>>The cleanup_irq clears the arbiter bit, clears the pmic interrupt > >>>and disables it at the pmic in that order. The last disable in > >>>cleanup_irq races with request_irq() in that it stomps over the > >>>enable issued by request_irq. Fix this by not writing to the pmic > >>>in cleanup_irq. The latched bit will be left set in the pmic, > >>>which will not send us more interrupts even if the enable bit > >>>stays enabled. > >>> > >>>When a client wants to request an interrupt, use the activate > >>>callback on the irq_domain to clear latched bit. This ensures > >>>that the latched, if set due to the above changes in cleanup_irq > >>>or when the bootloader leaves it set, gets cleaned up, paving way > >>>for upcoming interrupts to trigger. > >>> > >>>With this, there is a possibility of unwanted triggering of > >>>interrupt right after the latched bit is cleared - the interrupt > >>>may be left enabled too. To avoid that, clear the enable first > >>>followed by clearing the latched bit in the activate callback. > >>> > >>>Signed-off-by: Subbaraman Narayanamurthy <subbaram@codeaurora.org> > >>>Signed-off-by: Kiran Gunda <kgunda@codeaurora.org> > >> > >>Please squash this with the patch that adds cleanup_irq() and > >>rewrite the commit text to combine details from both. > >Sure. Will squash it in the next patch submission. > Patch that adds cleanup_irq is already taken in to the tree. > Lets have this patch as is now. Is this the one with the kbuild error? IRQ domains are not always there, so I don't know how this is expected to work.
On 2017-06-13 07:40, Stephen Boyd wrote: > On 06/06, kgunda@codeaurora.org wrote: >> On 2017-06-02 12:56, kgunda@codeaurora.org wrote: >> >On 2017-05-31 23:23, Stephen Boyd wrote: >> >>On 05/30, Kiran Gunda wrote: >> >>>From: Subbaraman Narayanamurthy <subbaram@codeaurora.org> >> >>> >> >>>Currently, cleanup_irq() is invoked when a peripheral's interrupt >> >>>fires and there is no mapping present in the interrupt domain of >> >>>spmi interrupt controller. >> >>> >> >>>The cleanup_irq clears the arbiter bit, clears the pmic interrupt >> >>>and disables it at the pmic in that order. The last disable in >> >>>cleanup_irq races with request_irq() in that it stomps over the >> >>>enable issued by request_irq. Fix this by not writing to the pmic >> >>>in cleanup_irq. The latched bit will be left set in the pmic, >> >>>which will not send us more interrupts even if the enable bit >> >>>stays enabled. >> >>> >> >>>When a client wants to request an interrupt, use the activate >> >>>callback on the irq_domain to clear latched bit. This ensures >> >>>that the latched, if set due to the above changes in cleanup_irq >> >>>or when the bootloader leaves it set, gets cleaned up, paving way >> >>>for upcoming interrupts to trigger. >> >>> >> >>>With this, there is a possibility of unwanted triggering of >> >>>interrupt right after the latched bit is cleared - the interrupt >> >>>may be left enabled too. To avoid that, clear the enable first >> >>>followed by clearing the latched bit in the activate callback. >> >>> >> >>>Signed-off-by: Subbaraman Narayanamurthy <subbaram@codeaurora.org> >> >>>Signed-off-by: Kiran Gunda <kgunda@codeaurora.org> >> >> >> >>Please squash this with the patch that adds cleanup_irq() and >> >>rewrite the commit text to combine details from both. >> >Sure. Will squash it in the next patch submission. >> Patch that adds cleanup_irq is already taken in to the tree. >> Lets have this patch as is now. > > Is this the one with the kbuild error? IRQ domains are not always > there, so I don't know how this is expected to work. Dropped out this patch as it is related to clearing the interrupts those are left enabled by the boot loader. We thought of clearing all the apps owned interrupts in the UEFI itself. -- To unsubscribe from this list: send the line "unsubscribe linux-arm-msm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/drivers/spmi/spmi-pmic-arb.c b/drivers/spmi/spmi-pmic-arb.c index b755c24..767bd2c 100644 --- a/drivers/spmi/spmi-pmic-arb.c +++ b/drivers/spmi/spmi-pmic-arb.c @@ -522,24 +522,9 @@ static void qpnpint_spmi_read(struct irq_data *d, u8 reg, void *buf, size_t len) static void cleanup_irq(struct spmi_pmic_arb *pa, u16 apid, int id) { - u16 ppid = pa->apid_data[apid].ppid; - u8 sid = ppid >> 8; - u8 per = ppid & 0xFF; u8 irq_mask = BIT(id); writel_relaxed(irq_mask, pa->intr + pa->ver_ops->irq_clear(apid)); - - if (pmic_arb_write_cmd(pa->spmic, SPMI_CMD_EXT_WRITEL, sid, - (per << 8) + QPNPINT_REG_LATCHED_CLR, &irq_mask, 1)) - dev_err_ratelimited(&pa->spmic->dev, - "failed to ack irq_mask = 0x%x for ppid = %x\n", - irq_mask, ppid); - - if (pmic_arb_write_cmd(pa->spmic, SPMI_CMD_EXT_WRITEL, sid, - (per << 8) + QPNPINT_REG_EN_CLR, &irq_mask, 1)) - dev_err_ratelimited(&pa->spmic->dev, - "failed to ack irq_mask = 0x%x for ppid = %x\n", - irq_mask, ppid); } static void periph_interrupt(struct spmi_pmic_arb *pa, u16 apid) @@ -698,6 +683,17 @@ static int qpnpint_get_irqchip_state(struct irq_data *d, | IRQCHIP_SKIP_SET_WAKE, }; +static void qpnpint_irq_domain_activate(struct irq_domain *domain, + struct irq_data *d) +{ + u8 irq = HWIRQ_IRQ(d->hwirq); + u8 buf; + + buf = BIT(irq); + qpnpint_spmi_write(d, QPNPINT_REG_EN_CLR, &buf, 1); + qpnpint_spmi_write(d, QPNPINT_REG_LATCHED_CLR, &buf, 1); +} + static int qpnpint_irq_domain_dt_translate(struct irq_domain *d, struct device_node *controller, const u32 *intspec, @@ -1164,6 +1160,7 @@ static u32 pmic_arb_channel_map_offset_v5(u16 n) static const struct irq_domain_ops pmic_arb_irq_domain_ops = { .map = qpnpint_irq_domain_map, .xlate = qpnpint_irq_domain_dt_translate, + .activate = qpnpint_irq_domain_activate, }; static int spmi_pmic_arb_probe(struct platform_device *pdev)