| Message ID | 20220209090342.13220-2-p-mohan@ti.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | remoteproc sysfs fixes/improvements | expand |
Hi Puranjay, On Wed, Feb 09, 2022 at 02:33:41PM +0530, Puranjay Mohan wrote: > The remoteproc framework provides sysfs interfaces for changing > the firmware name and for starting/stopping a remote processor > through the sysfs files 'state' and 'firmware'. The 'recovery' > sysfs file can also be used similarly to control the error recovery > state machine of a remoteproc. These interfaces are currently > allowed irrespective of how the remoteprocs were booted (like > remoteproc self auto-boot, remoteproc client-driven boot etc). > These interfaces can adversely affect a remoteproc and its clients > especially when a remoteproc is being controlled by a remoteproc > client driver(s). Also, not all remoteproc drivers may want to > support the sysfs interfaces by default. > > Add support to deny the sysfs state/firmware/recovery change by > introducing a state flag 'deny_sysfs_ops' that the individual > remoteproc drivers can set based on their usage needs. The default > behavior is to allow the sysfs operations as before. > > Implement attribute_group->is_visible() to hide the sysfs > state/firmware/recovery entries when deny_sysfs_ops flag is set. > > Signed-off-by: Puranjay Mohan <p-mohan@ti.com> > --- > Changes in v3->v4: > Use mode = 0444 in rproc_is_visible() to make the sysfs entries > read-only when the deny_sysfs_ops flag is set. > --- > drivers/remoteproc/remoteproc_sysfs.c | 18 +++++++++++++++++- > include/linux/remoteproc.h | 2 ++ > 2 files changed, 19 insertions(+), 1 deletion(-) > > diff --git a/drivers/remoteproc/remoteproc_sysfs.c b/drivers/remoteproc/remoteproc_sysfs.c > index ea8b89f97d7b..da2d0eecfa44 100644 > --- a/drivers/remoteproc/remoteproc_sysfs.c > +++ b/drivers/remoteproc/remoteproc_sysfs.c > @@ -230,6 +230,21 @@ static ssize_t name_show(struct device *dev, struct device_attribute *attr, > } > static DEVICE_ATTR_RO(name); > > +static umode_t rproc_is_visible(struct kobject *kobj, struct attribute *attr, > + int n) > +{ > + struct device *dev = kobj_to_dev(kobj); > + struct rproc *rproc = to_rproc(dev); > + umode_t mode = attr->mode; > + > + if (rproc->deny_sysfs_ops && (attr == &dev_attr_recovery.attr || > + attr == &dev_attr_firmware.attr || > + attr == &dev_attr_state.attr)) I was wondering if we should also add coredump to this group to make it an all or nothing option (name is already read only). > + mode = 0444; Much better. > + > + return mode; > +} > + > static struct attribute *rproc_attrs[] = { > &dev_attr_coredump.attr, > &dev_attr_recovery.attr, > @@ -240,7 +255,8 @@ static struct attribute *rproc_attrs[] = { > }; > > static const struct attribute_group rproc_devgroup = { > - .attrs = rproc_attrs > + .attrs = rproc_attrs, > + .is_visible = rproc_is_visible, > }; > > static const struct attribute_group *rproc_devgroups[] = { > diff --git a/include/linux/remoteproc.h b/include/linux/remoteproc.h > index e0600e1e5c17..3849c66ce38f 100644 > --- a/include/linux/remoteproc.h > +++ b/include/linux/remoteproc.h > @@ -523,6 +523,7 @@ struct rproc_dump_segment { > * @table_sz: size of @cached_table > * @has_iommu: flag to indicate if remote processor is behind an MMU > * @auto_boot: flag to indicate if remote processor should be auto-started > + * @deny_sysfs_ops: flag to not permit sysfs operations on state, firmware and recovery > * @dump_segments: list of segments in the firmware > * @nb_vdev: number of vdev currently handled by rproc > * @elf_class: firmware ELF class > @@ -562,6 +563,7 @@ struct rproc { > size_t table_sz; > bool has_iommu; > bool auto_boot; > + bool deny_sysfs_ops; Wouldn't "sysfs_read_only" make more sense? With or without the above and for this set: Reviewed-by: Mathieu Poirier <mathieu.poirier@linaro.org> > struct list_head dump_segments; > int nb_vdev; > u8 elf_class; > -- > 2.17.1 >
Hi Mathieu, On 11/02/22 00:18, Mathieu Poirier wrote: > Hi Puranjay, > > On Wed, Feb 09, 2022 at 02:33:41PM +0530, Puranjay Mohan wrote: >> The remoteproc framework provides sysfs interfaces for changing >> the firmware name and for starting/stopping a remote processor >> through the sysfs files 'state' and 'firmware'. The 'recovery' >> sysfs file can also be used similarly to control the error recovery >> state machine of a remoteproc. These interfaces are currently >> allowed irrespective of how the remoteprocs were booted (like >> remoteproc self auto-boot, remoteproc client-driven boot etc). >> These interfaces can adversely affect a remoteproc and its clients >> especially when a remoteproc is being controlled by a remoteproc >> client driver(s). Also, not all remoteproc drivers may want to >> support the sysfs interfaces by default. >> >> Add support to deny the sysfs state/firmware/recovery change by >> introducing a state flag 'deny_sysfs_ops' that the individual >> remoteproc drivers can set based on their usage needs. The default >> behavior is to allow the sysfs operations as before. >> >> Implement attribute_group->is_visible() to hide the sysfs >> state/firmware/recovery entries when deny_sysfs_ops flag is set. >> >> Signed-off-by: Puranjay Mohan <p-mohan@ti.com> >> --- >> Changes in v3->v4: >> Use mode = 0444 in rproc_is_visible() to make the sysfs entries >> read-only when the deny_sysfs_ops flag is set. >> --- >> drivers/remoteproc/remoteproc_sysfs.c | 18 +++++++++++++++++- >> include/linux/remoteproc.h | 2 ++ >> 2 files changed, 19 insertions(+), 1 deletion(-) >> >> diff --git a/drivers/remoteproc/remoteproc_sysfs.c b/drivers/remoteproc/remoteproc_sysfs.c >> index ea8b89f97d7b..da2d0eecfa44 100644 >> --- a/drivers/remoteproc/remoteproc_sysfs.c >> +++ b/drivers/remoteproc/remoteproc_sysfs.c >> @@ -230,6 +230,21 @@ static ssize_t name_show(struct device *dev, struct device_attribute *attr, >> } >> static DEVICE_ATTR_RO(name); >> >> +static umode_t rproc_is_visible(struct kobject *kobj, struct attribute *attr, >> + int n) >> +{ >> + struct device *dev = kobj_to_dev(kobj); >> + struct rproc *rproc = to_rproc(dev); >> + umode_t mode = attr->mode; >> + >> + if (rproc->deny_sysfs_ops && (attr == &dev_attr_recovery.attr || >> + attr == &dev_attr_firmware.attr || >> + attr == &dev_attr_state.attr)) > > I was wondering if we should also add coredump to this group to make it an all > or nothing option (name is already read only). I have sent a v5 where I have added coredump to this. > >> + mode = 0444; > > Much better. > >> + >> + return mode; >> +} >> + >> static struct attribute *rproc_attrs[] = { >> &dev_attr_coredump.attr, >> &dev_attr_recovery.attr, >> @@ -240,7 +255,8 @@ static struct attribute *rproc_attrs[] = { >> }; >> >> static const struct attribute_group rproc_devgroup = { >> - .attrs = rproc_attrs >> + .attrs = rproc_attrs, >> + .is_visible = rproc_is_visible, >> }; >> >> static const struct attribute_group *rproc_devgroups[] = { >> diff --git a/include/linux/remoteproc.h b/include/linux/remoteproc.h >> index e0600e1e5c17..3849c66ce38f 100644 >> --- a/include/linux/remoteproc.h >> +++ b/include/linux/remoteproc.h >> @@ -523,6 +523,7 @@ struct rproc_dump_segment { >> * @table_sz: size of @cached_table >> * @has_iommu: flag to indicate if remote processor is behind an MMU >> * @auto_boot: flag to indicate if remote processor should be auto-started >> + * @deny_sysfs_ops: flag to not permit sysfs operations on state, firmware and recovery >> * @dump_segments: list of segments in the firmware >> * @nb_vdev: number of vdev currently handled by rproc >> * @elf_class: firmware ELF class >> @@ -562,6 +563,7 @@ struct rproc { >> size_t table_sz; >> bool has_iommu; >> bool auto_boot; >> + bool deny_sysfs_ops; > > Wouldn't "sysfs_read_only" make more sense? I agree, I have renamed it to sysfs_read_only in v5 patch > > > With or without the above and for this set: > > Reviewed-by: Mathieu Poirier <mathieu.poirier@linaro.org> Thanks. Puranjay Mohan > >> struct list_head dump_segments; >> int nb_vdev; >> u8 elf_class; >> -- >> 2.17.1 >>
diff --git a/drivers/remoteproc/remoteproc_sysfs.c b/drivers/remoteproc/remoteproc_sysfs.c index ea8b89f97d7b..da2d0eecfa44 100644 --- a/drivers/remoteproc/remoteproc_sysfs.c +++ b/drivers/remoteproc/remoteproc_sysfs.c @@ -230,6 +230,21 @@ static ssize_t name_show(struct device *dev, struct device_attribute *attr, } static DEVICE_ATTR_RO(name); +static umode_t rproc_is_visible(struct kobject *kobj, struct attribute *attr, + int n) +{ + struct device *dev = kobj_to_dev(kobj); + struct rproc *rproc = to_rproc(dev); + umode_t mode = attr->mode; + + if (rproc->deny_sysfs_ops && (attr == &dev_attr_recovery.attr || + attr == &dev_attr_firmware.attr || + attr == &dev_attr_state.attr)) + mode = 0444; + + return mode; +} + static struct attribute *rproc_attrs[] = { &dev_attr_coredump.attr, &dev_attr_recovery.attr, @@ -240,7 +255,8 @@ static struct attribute *rproc_attrs[] = { }; static const struct attribute_group rproc_devgroup = { - .attrs = rproc_attrs + .attrs = rproc_attrs, + .is_visible = rproc_is_visible, }; static const struct attribute_group *rproc_devgroups[] = { diff --git a/include/linux/remoteproc.h b/include/linux/remoteproc.h index e0600e1e5c17..3849c66ce38f 100644 --- a/include/linux/remoteproc.h +++ b/include/linux/remoteproc.h @@ -523,6 +523,7 @@ struct rproc_dump_segment { * @table_sz: size of @cached_table * @has_iommu: flag to indicate if remote processor is behind an MMU * @auto_boot: flag to indicate if remote processor should be auto-started + * @deny_sysfs_ops: flag to not permit sysfs operations on state, firmware and recovery * @dump_segments: list of segments in the firmware * @nb_vdev: number of vdev currently handled by rproc * @elf_class: firmware ELF class @@ -562,6 +563,7 @@ struct rproc { size_t table_sz; bool has_iommu; bool auto_boot; + bool deny_sysfs_ops; struct list_head dump_segments; int nb_vdev; u8 elf_class;
The remoteproc framework provides sysfs interfaces for changing the firmware name and for starting/stopping a remote processor through the sysfs files 'state' and 'firmware'. The 'recovery' sysfs file can also be used similarly to control the error recovery state machine of a remoteproc. These interfaces are currently allowed irrespective of how the remoteprocs were booted (like remoteproc self auto-boot, remoteproc client-driven boot etc). These interfaces can adversely affect a remoteproc and its clients especially when a remoteproc is being controlled by a remoteproc client driver(s). Also, not all remoteproc drivers may want to support the sysfs interfaces by default. Add support to deny the sysfs state/firmware/recovery change by introducing a state flag 'deny_sysfs_ops' that the individual remoteproc drivers can set based on their usage needs. The default behavior is to allow the sysfs operations as before. Implement attribute_group->is_visible() to hide the sysfs state/firmware/recovery entries when deny_sysfs_ops flag is set. Signed-off-by: Puranjay Mohan <p-mohan@ti.com> --- Changes in v3->v4: Use mode = 0444 in rproc_is_visible() to make the sysfs entries read-only when the deny_sysfs_ops flag is set. --- drivers/remoteproc/remoteproc_sysfs.c | 18 +++++++++++++++++- include/linux/remoteproc.h | 2 ++ 2 files changed, 19 insertions(+), 1 deletion(-)