| Message ID | 20200708093043.25756-1-peter.chen@nxp.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [1/1] usb: cdns3: gadget: own the lock wrongly at the suspend routine | expand |
Hi, > -----Original Message----- > From: Peter Chen <peter.chen@nxp.com> > Sent: Wednesday, July 8, 2020 5:31 PM > To: balbi@kernel.org; gregkh@linuxfoundation.org > Cc: linux-usb@vger.kernel.org; dl-linux-imx <linux-imx@nxp.com>; > pawell@cadence.com; rogerq@ti.com; Jun Li <jun.li@nxp.com>; Peter Chen > <peter.chen@nxp.com>; stable <stable@vger.kernel.org> > Subject: [PATCH 1/1] usb: cdns3: gadget: own the lock wrongly at the suspend routine > > When it is device mode with cable connected to host, the call stack is: > cdns3_suspend->cdns3_gadget_suspend->cdns3_disconnect_gadget, > the cdns3_disconnect_gadget owns lock wrongly at this situation, it causes the Isn't afterwards the lock will be released in cdns3_suspend() by below code? spin_unlock_irqrestore(&cdns->gadget_dev->lock, flags); > system being deadlock after resume due to at cdns3_device_thread_irq_handler, it > tries to get the lock, but will never get it. > > To fix it, we delete the lock operations, and add them at the caller when necessary. There are 2 caller places, by this, another code path: cdns3_suspend->cdns3_gadget_suspend->cdns3_disconnect_gadget() will do gadget_driver->disconnect() with lock hold, is this intentional? Thanks Li Jun > > Cc: stable <stable@vger.kernel.org> > Fixes: 7733f6c32e36 ("usb: cdns3: Add Cadence USB3 DRD Driver") > Signed-off-by: Peter Chen <peter.chen@nxp.com> > --- > drivers/usb/cdns3/gadget.c | 7 +++---- > 1 file changed, 3 insertions(+), 4 deletions(-) > > diff --git a/drivers/usb/cdns3/gadget.c b/drivers/usb/cdns3/gadget.c index > 13027ce6bed8..f6c51cc924a8 100644 > --- a/drivers/usb/cdns3/gadget.c > +++ b/drivers/usb/cdns3/gadget.c > @@ -1674,11 +1674,8 @@ static int cdns3_check_ep_interrupt_proceed(struct > cdns3_endpoint *priv_ep) > > static void cdns3_disconnect_gadget(struct cdns3_device *priv_dev) { > - if (priv_dev->gadget_driver && priv_dev->gadget_driver->disconnect) { > - spin_unlock(&priv_dev->lock); > + if (priv_dev->gadget_driver && priv_dev->gadget_driver->disconnect) > priv_dev->gadget_driver->disconnect(&priv_dev->gadget); > - spin_lock(&priv_dev->lock); > - } > } > > /** > @@ -1713,8 +1710,10 @@ static void cdns3_check_usb_interrupt_proceed(struct > cdns3_device *priv_dev, > > /* Disconnection detected */ > if (usb_ists & (USB_ISTS_DIS2I | USB_ISTS_DISI)) { > + spin_unlock(&priv_dev->lock); > cdns3_disconnect_gadget(priv_dev); > priv_dev->gadget.speed = USB_SPEED_UNKNOWN; > + spin_lock(&priv_dev->lock); > usb_gadget_set_state(&priv_dev->gadget, USB_STATE_NOTATTACHED); > cdns3_hw_reset_eps_config(priv_dev); > } > -- > 2.17.1
On 20-07-08 13:33:56, Jun Li wrote: > > Hi, > > -----Original Message----- > > From: Peter Chen <peter.chen@nxp.com> > > Sent: Wednesday, July 8, 2020 5:31 PM > > To: balbi@kernel.org; gregkh@linuxfoundation.org > > Cc: linux-usb@vger.kernel.org; dl-linux-imx <linux-imx@nxp.com>; > > pawell@cadence.com; rogerq@ti.com; Jun Li <jun.li@nxp.com>; Peter Chen > > <peter.chen@nxp.com>; stable <stable@vger.kernel.org> > > Subject: [PATCH 1/1] usb: cdns3: gadget: own the lock wrongly at the suspend routine > > > > When it is device mode with cable connected to host, the call stack is: > > cdns3_suspend->cdns3_gadget_suspend->cdns3_disconnect_gadget, > > the cdns3_disconnect_gadget owns lock wrongly at this situation, it causes the > > Isn't afterwards the lock will be released in cdns3_suspend() by below code? > spin_unlock_irqrestore(&cdns->gadget_dev->lock, flags); > > > system being deadlock after resume due to at cdns3_device_thread_irq_handler, it > > tries to get the lock, but will never get it. > > > > To fix it, we delete the lock operations, and add them at the caller when necessary. > > There are 2 caller places, by this, another code path: > cdns3_suspend->cdns3_gadget_suspend->cdns3_disconnect_gadget() will do > gadget_driver->disconnect() with lock hold, is this intentional? > Oh, my oops. This patch is based on my PM patch set which delete the gadget_dev->lock protect at cdns3_suspend, please skip it. Peter > > > > > Cc: stable <stable@vger.kernel.org> > > Fixes: 7733f6c32e36 ("usb: cdns3: Add Cadence USB3 DRD Driver") > > Signed-off-by: Peter Chen <peter.chen@nxp.com> > > --- > > drivers/usb/cdns3/gadget.c | 7 +++---- > > 1 file changed, 3 insertions(+), 4 deletions(-) > > > > diff --git a/drivers/usb/cdns3/gadget.c b/drivers/usb/cdns3/gadget.c index > > 13027ce6bed8..f6c51cc924a8 100644 > > --- a/drivers/usb/cdns3/gadget.c > > +++ b/drivers/usb/cdns3/gadget.c > > @@ -1674,11 +1674,8 @@ static int cdns3_check_ep_interrupt_proceed(struct > > cdns3_endpoint *priv_ep) > > > > static void cdns3_disconnect_gadget(struct cdns3_device *priv_dev) { > > - if (priv_dev->gadget_driver && priv_dev->gadget_driver->disconnect) { > > - spin_unlock(&priv_dev->lock); > > + if (priv_dev->gadget_driver && priv_dev->gadget_driver->disconnect) > > priv_dev->gadget_driver->disconnect(&priv_dev->gadget); > > - spin_lock(&priv_dev->lock); > > - } > > } > > > > /** > > @@ -1713,8 +1710,10 @@ static void cdns3_check_usb_interrupt_proceed(struct > > cdns3_device *priv_dev, > > > > /* Disconnection detected */ > > if (usb_ists & (USB_ISTS_DIS2I | USB_ISTS_DISI)) { > > + spin_unlock(&priv_dev->lock); > > cdns3_disconnect_gadget(priv_dev); > > priv_dev->gadget.speed = USB_SPEED_UNKNOWN; > > + spin_lock(&priv_dev->lock); > > usb_gadget_set_state(&priv_dev->gadget, USB_STATE_NOTATTACHED); > > cdns3_hw_reset_eps_config(priv_dev); > > } > > -- > > 2.17.1 >
diff --git a/drivers/usb/cdns3/gadget.c b/drivers/usb/cdns3/gadget.c index 13027ce6bed8..f6c51cc924a8 100644 --- a/drivers/usb/cdns3/gadget.c +++ b/drivers/usb/cdns3/gadget.c @@ -1674,11 +1674,8 @@ static int cdns3_check_ep_interrupt_proceed(struct cdns3_endpoint *priv_ep) static void cdns3_disconnect_gadget(struct cdns3_device *priv_dev) { - if (priv_dev->gadget_driver && priv_dev->gadget_driver->disconnect) { - spin_unlock(&priv_dev->lock); + if (priv_dev->gadget_driver && priv_dev->gadget_driver->disconnect) priv_dev->gadget_driver->disconnect(&priv_dev->gadget); - spin_lock(&priv_dev->lock); - } } /** @@ -1713,8 +1710,10 @@ static void cdns3_check_usb_interrupt_proceed(struct cdns3_device *priv_dev, /* Disconnection detected */ if (usb_ists & (USB_ISTS_DIS2I | USB_ISTS_DISI)) { + spin_unlock(&priv_dev->lock); cdns3_disconnect_gadget(priv_dev); priv_dev->gadget.speed = USB_SPEED_UNKNOWN; + spin_lock(&priv_dev->lock); usb_gadget_set_state(&priv_dev->gadget, USB_STATE_NOTATTACHED); cdns3_hw_reset_eps_config(priv_dev); }
When it is device mode with cable connected to host, the call stack is: cdns3_suspend->cdns3_gadget_suspend->cdns3_disconnect_gadget, the cdns3_disconnect_gadget owns lock wrongly at this situation, it causes the system being deadlock after resume due to at cdns3_device_thread_irq_handler, it tries to get the lock, but will never get it. To fix it, we delete the lock operations, and add them at the caller when necessary. Cc: stable <stable@vger.kernel.org> Fixes: 7733f6c32e36 ("usb: cdns3: Add Cadence USB3 DRD Driver") Signed-off-by: Peter Chen <peter.chen@nxp.com> --- drivers/usb/cdns3/gadget.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-)