| Message ID | 20211108064815.569494-3-adrian.hunter@intel.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | scsi: ufs: core: Fix task management completion timeout race | expand |
On 11/7/21 10:48 PM, Adrian Hunter wrote: > hba->outstanding_tasks, which is read under host_lock spinlock, tells > the interrupt handler what task management tags are in use by the driver. > The doorbell register bits indicate which tags are in use by the hardware. > A doorbell bit that is 0 is because the bit has yet to be set by the > driver, or because the task is complete. It is only possible to > disambiguate the 2 cases, if reading/writing the doorbell register is > synchronized with reading/writing hba->outstanding_tasks. > > For that reason, reading REG_UTP_TASK_REQ_DOOR_BELL must be done under > spinlock. Reviewed-by: Bart Van Assche <bvanassche@acm.org>
diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c index a904531ba528..a1519b2b6cfe 100644 --- a/drivers/scsi/ufs/ufshcd.c +++ b/drivers/scsi/ufs/ufshcd.c @@ -6453,9 +6453,8 @@ static irqreturn_t ufshcd_tmc_handler(struct ufs_hba *hba) irqreturn_t ret = IRQ_NONE; int tag; - pending = ufshcd_readl(hba, REG_UTP_TASK_REQ_DOOR_BELL); - spin_lock_irqsave(hba->host->host_lock, flags); + pending = ufshcd_readl(hba, REG_UTP_TASK_REQ_DOOR_BELL); issued = hba->outstanding_tasks & ~pending; for_each_set_bit(tag, &issued, hba->nutmrs) { struct request *req = hba->tmf_rqs[tag];
hba->outstanding_tasks, which is read under host_lock spinlock, tells the interrupt handler what task management tags are in use by the driver. The doorbell register bits indicate which tags are in use by the hardware. A doorbell bit that is 0 is because the bit has yet to be set by the driver, or because the task is complete. It is only possible to disambiguate the 2 cases, if reading/writing the doorbell register is synchronized with reading/writing hba->outstanding_tasks. For that reason, reading REG_UTP_TASK_REQ_DOOR_BELL must be done under spinlock. Fixes: f5ef336fd2e4c3 ("scsi: ufs: core: Fix task management completion") Signed-off-by: Adrian Hunter <adrian.hunter@intel.com> --- drivers/scsi/ufs/ufshcd.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)