This patch (as1591) moves the pm_runtime_get_noresume() and
pm_runtime_put_sync() calls from __device_suspend() and
device_resume() to device_prepare() and device_complete() in the PM
core.
The reason for doing this is to make sure that parent devices remain
at full power (i.e., don't go into runtime suspend) while their
children are being resumed from a system sleep.
The PCI core already contained equivalent code to serve the same
purpose. The patch removes the duplicated code, since it is no longer
needed. One of the comments from the PCI core gets moved into the PM
core, and a second comment is added to explain whe the _get_noresume
and _put_sync calls are present.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
Check the return value of get_unused_fd to make sure a valid
file descriptor is returned.
Make sure to call put_unused_fd even if an error occurs before
the fd can be used.
Change-Id: I0fe8f78d9e30ecfc4d271c5d875424543dae2d0f
Signed-off-by: Rebecca Schultz Zavin <rebecca@android.com>
Move driver callbacks to fill strings instead of using seq_files. This
will allow those values to be used in a future tracepoint patch.
Change-Id: I9b706343e35b11124141fe520e520514a32003d2
Signed-off-by: Erik Gilling <konkers@android.com>
The previous fix only addressed waiting with a timeout.
Change-Id: I8ad735d2d0dfdd53592904e8a54f5689cb5eaa5e
Signed-off-by: Erik Gilling <konkers@android.com>
If a fence's pt is signaled before sync_fence_create is called, the fence
will never transition into the signaled state. This also address a tiny
race if a merged fence's pt after sync_fence_get_status checks it's status
and before fence->status is updated.
Change-Id: Ic8e292a323db26c6f04cb4757d920278b3125ff6
Signed-off-by: Erik Gilling <konkers@android.com>
Fence status is checked outside of locks in both sync_fence_wait and
sync_fence_poll. This patch adds propper barrier protection in these
cases to avoid seeing stale status.
Change-Id: I9d8b6ce6accb415e797df58068a1ccd54e6be445
Signed-off-by: Erik Gilling <konkers@android.com>
If a timeline is destroyed while fences still hold pts on it, the reworked
fence release handler can cause the timeline to be freed before all it's points
are freed.
Change-Id: I1cd8ddb638eded7db9db446ff6b37f3dd165d6c4
Signed-off-by: Erik Gilling <konkers@android.com>
Signed-off-by: Ajay Dudani <adudani@codeaurora.org>
If a fence is released while a timeline that one of it's pts is on is being
signaled, it is possible for that fence to be deleted before it is signaled.
This patch adds a refcount for internal references such as signaled pt
processing.
Change-Id: Ie8605e6fd2ac026c207220a03d84e1c1078ec719
Signed-off-by: Erik Gilling <konkers@android.com>
Signed-off-by: Ajay Dudani <adudani@codeaurora.org>
If the two fences being merged contain sync_pts from the same timeline,
those two pts will be collapsed into a single pt representing the latter
of the two.
Change-Id: Iced7ebb7e5a17a0c8b1a2969ba3388a4edb9ecaf
Signed-off-by: Erik Gilling <konkers@android.com>
Signed-off-by: Ajay Dudani <adudani@codeaurora.org>
Previously fence's pts were freed before the were the fence was removed from the
global fence list. This led to a race with the debugfs support where it would
iterate over sync_pts that had been freed.
Change-Id: Ia3ddbf77de42ca593fc2dc353b5d04e42ddf3946
Signed-off-by: Erik Gilling <konkers@android.com>
Signed-off-by: Ajay Dudani <adudani@codeaurora.org>
commit 1f758b2317 upstream.
__device_suspend() must always send a completion. Otherwise, parent
devices will wait forever.
Commit 1e2ef05b, "PM: Limit race conditions between runtime PM and
system sleep (v2)", introduced a regression by short-circuiting the
complete_all() for certain error cases.
This patch fixes the bug by always signalling a completion.
Addresses http://crosbug.com/31972
Tested by injecting an abort.
Change-Id: I1402360f8af760cfdf66f8830bd8db4b1b676c47
Signed-off-by: Mandeep Singh Baines <msb@chromium.org>
Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Add a common helper for dma-mapping core for mapping a coherent buffer
to userspace.
Change-Id: I9b67d53b50f4761455ff66634d65e6510faa62de
Reported-by: Subash Patel <subashrp@gmail.com>
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Acked-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-By: Subash Patel <subash.ramaswamy@linaro.org>
Signed-off-by: Laura Abbott <lauraa@codeaurora.org>
Commit cf579dfb82 (PM / Sleep: Introduce
"late suspend" and "early resume" of devices) introduced a bug where
suspend_late handlers would be called, but if dpm_suspend_noirq returned
an error the early_resume handlers would never be called. All devices
would end up on the dpm_late_early_list, and would never be resumed
again.
Fix it by calling dpm_resume_early when dpm_suspend_noirq returns
an error.
Signed-off-by: Colin Cross <ccross@android.com>
Cc: stable@vger.kernel.org
Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
Change-Id: I6fe42f02efdc0b5fb0949b7d5c1c8eb8da96825d
Signed-off-by: Joel King <joelking@codeaurora.org>
A lock/handle inode is required in order to successfully create a
new lock/handle. Failure to report the lock/handle inode error can
result in errors for subsequent function calls.
Change-Id: I622af24e695f4781c4dbf46363931a7da09df677
Signed-off-by: Jeff Boody <jboody@codeaurora.org>
The Contiguous Memory Allocator is a set of helper functions for DMA
mapping framework that improves allocations of contiguous memory chunks.
CMA grabs memory on system boot, marks it with MIGRATE_CMA migrate type
and gives back to the system. Kernel is allowed to allocate only movable
pages within CMA's managed memory so that it can be used for example for
page cache when DMA mapping do not use it. On
dma_alloc_from_contiguous() request such pages are migrated out of CMA
area to free required contiguous block and fulfill the request. This
allows to allocate large contiguous chunks of memory at any time
assuming that there is enough free memory available in the system.
This code is heavily based on earlier works by Michal Nazarewicz.
Change-Id: I8a04c58b0d39ee7343ac0b58b6dad9d57912c91d
[lauraa: fixed Kconfig conflict]
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Signed-off-by: Michal Nazarewicz <mina86@mina86.com>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Tested-by: Rob Clark <rob.clark@linaro.org>
Tested-by: Ohad Ben-Cohen <ohad@wizery.com>
Tested-by: Benjamin Gaignard <benjamin.gaignard@linaro.org>
Tested-by: Robert Nelson <robertcnelson@gmail.com>
Tested-by: Barry Song <Baohua.Song@csr.com>
Signed-off-by: Laura Abbott <lauraa@codeaurora.org>
It is possible for user space to attempt to attach a valid fd that
does not correspond to a genlock file. This change adds a magic to
the kernel private data that is used for validation.
CRs-fixed: 359649
Change-Id: Idb16056ba0f89b7d519d501f5b1ce6d5d930ed70
Signed-off-by: Jeff Boody <jboody@codeaurora.org>
A race condition exists where the attach may not kref_get
before the kref_put finished. The genlock_file_lock was
originally added to protect against this case however it
was not protecting the kref.
CRs-fixed: 359649
Change-Id: Iab1fc847c2d3357ec1be79b7cc3e004643126dec
Signed-off-by: Jeff Boody <jboody@codeaurora.org>
In order to support synchronization in a process with a single
gralloc handle we require the ability to write lock a buffer
while it is already read locked by the same handle. This change
extends the concept of an exclusive write lock or recursive read
locks to a genlock handle (rather than the genlock lock).
Genlock cannot provide deadlock protection because the same
handle can be used simultaneously by a producer and consumer.
In practice an error will still be generated when the timeout
expires.
CRs-fixed: 356263
Change-Id: I322e7fadc8b43287f53b211242b176d3de731db2
Signed-off-by: Jeff Boody <jboody@codeaurora.org>
Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
interruptible_wait_timeout returns a signed long, so make sure that
we use a signed long to hold the result. Using an unsigned value would
horribly misinterpet an error such as -ERESTARTSYS.
CRs-Fixed: 341347
Change-Id: Ic0dedbadff2dbe404e68a2a78f6282b5976d05c1
Signed-off-by: Jordan Crouse <jcrouse@codeaurora.org>
Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
Allowing a lock to be asynchronously released while a handle
was still active turned out to be too dangerous to use in a
multi-threaded environment and it served no pratical
purpose anyway. Handles now hold an attached lock until they
are destroyed.
CRs-fixed: 333141
Change-Id: Ic0dedbad8050ff01927ddb165c65a939bf297c10
Signed-off-by: Jordan Crouse <jcrouse@codeaurora.org>
Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
Check for the possibility of NULL handles passed into the
in-kernel API functions and return error where appropriate.
There is a non-zero chance that the private_data will be
cleared while the FD is still active, so check in the ioctl()
function as well.
CRs-fixed: 332835
Change-Id: Ic0dedbada2713080fef79ca188a87c578bec6d2f
Signed-off-by: Jordan Crouse <jcrouse@codeaurora.org>
Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
Signed-off-by: Naomi Luis <nluis@codeaurora.org>
Change-Id: I833e480abfc11ce4aa00a5ae46144895429a0339
Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
Avoid a race condition if a lock gets released by all owners
but a process fails to close a lock file descriptor and tries
to reuse it. Clearing the pointers to the data will ensure
that attaching a dead lock will return an error.
Change-Id: Ic0dedbadd693c7a22b027052cdd247370b28a7c5
Signed-off-by: Jordan Crouse <jcrouse@codeaurora.org>
Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
The resources allocated for a handle were not being freed on device
release. This included releasing the lock. Unfortunately, the
lock release had a fput() too many which was screwing up the
reference counting on the file descriptors. When attaching a lock,
we only need the file pointer for a short time so fput() it back
immediately. That way, only there will only be one reference to
the lock per process, and the process will be responsible for
closing the fd directly and the fput() in genlock_release_lock
is no longer needed.
CRs-fixed: 322645
Change-Id: Ic0dedbad55300a2f8463c800cf8361719583b0b8
Signed-off-by: Jordan Crouse <jcrouse@codeaurora.org>
Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
Add a generic locking API for situations where multiple user-space
processes and/or kernel drivers need to cooordinate access to a
shared resource such as a graphics buffer.
Change-Id: Ic0dedbad74b970d7bd1a6624a845b5b1b9847443
Signed-off-by: Jordan Crouse <jcrouse@codeaurora.org>
Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
A sync point that is not added to the active_list will never signal
in sync_timeline_signal thus causing sync_fence_wait to deadlock or
block until the timeout expired.
Change-Id: I75168d0eec874bf70dd8c28db9508dd8fc1077d3
Signed-off-by: Jeff Boody <jboody@codeaurora.org>
This is needed to allow modules to link against the sync subsystem
Change-Id: I15c1818de329f24e4113ef1d0923413b22fd0eff
Signed-off-by: Erik Gilling <konkers@android.com>
In order to allow drivers to cleanly handled teardown we need to allow them
to cancel pending async waits. To do this cleanly, we move allocation of
sync_fence_waiter to the driver calling sync_async_wait().
Change-Id: Ifcd95648be6ec07026d67f810070a4310f099989
Signed-off-by: Erik Gilling <konkers@android.com>
Compared to Rob Clark's RFC I've ditched the prepare/finish hooks
and corresponding ioctls on the dma_buf file. The major reason for
that is that many people seem to be under the impression that this is
also for synchronization with outstanding asynchronous processsing.
I'm pretty massively opposed to this because:
- It boils down reinventing a new rather general-purpose userspace
synchronization interface. If we look at things like futexes, this
is hard to get right.
- Furthermore a lot of kernel code has to interact with this
synchronization primitive. This smells a look like the dri1 hw_lock,
a horror show I prefer not to reinvent.
- Even more fun is that multiple different subsystems would interact
here, so we have plenty of opportunities to create funny deadlock
scenarios.
I think synchronization is a wholesale different problem from data
sharing and should be tackled as an orthogonal problem.
Now we could demand that prepare/finish may only ensure cache
coherency (as Rob intended), but that runs up into the next problem:
We not only need mmap support to facilitate sw-only processing nodes
in a pipeline (without jumping through hoops by importing the dma_buf
into some sw-access only importer), which allows for a nicer
ION->dma-buf upgrade path for existing Android userspace. We also need
mmap support for existing importing subsystems to support existing
userspace libraries. And a loot of these subsystems are expected to
export coherent userspace mappings.
So prepare/finish can only ever be optional and the exporter /needs/
to support coherent mappings. Given that mmap access is always
somewhat fallback-y in nature I've decided to drop this optimization,
instead of just making it optional. If we demonstrate a clear need for
this, supported by benchmark results, we can always add it in again
later as an optional extension.
Other differences compared to Rob's RFC is the above mentioned support
for mapping a dma-buf through facilities provided by the importer.
Which results in mmap support no longer being optional.
Note that this dma-buf mmap patch does _not_ support every possible
insanity an existing subsystem could pull of with mmap: Because it
does not allow to intercept pagefaults and shoot down ptes importing
subsystems can't add some magic of their own at these points (e.g. to
automatically synchronize with outstanding rendering or set up some
special resources). I've done a cursory read through a few mmap
implementions of various subsytems and I'm hopeful that we can avoid
this (and the complexity it'd bring with it).
Additonally I've extended the documentation a bit to explain the hows
and whys of this mmap extension.
In case we ever want to add support for explicitly cache maneged
userspace mmap with a prepare/finish ioctl pair, we could specify that
userspace needs to mmap a different part of the dma_buf, e.g. the
range starting at dma_buf->size up to dma_buf->size*2. This works
because the size of a dma_buf is invariant over it's lifetime. The
exporter would obviously need to fall back to coherent mappings for
both ranges if a legacy clients maps the coherent range and the
architecture cannot suppor conflicting caching policies. Also, this
would obviously be optional and userspace needs to be able to fall
back to coherent mappings.
v2:
- Spelling fixes from Rob Clark.
- Compile fix for !DMA_BUF from Rob Clark.
- Extend commit message to explain how explicitly cache managed mmap
support could be added later.
- Extend the documentation with implementations notes for exporters
that need to manually fake coherency.
Change-Id: Ia8f2ae5d8a1b1c87ed12ca1c89d7bf2067239ee4
Cc: Rob Clark <rob.clark@linaro.org>
Cc: Rebecca Schultz Zavin <rebecca@android.com>
Signed-Off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
The function regmap_bulk_read() calls the regmap_read() for
each register if set of register has volatile and cache is
enabled. In this case, last few register read makes the memory
corruption if the register size is not the size of unsigned int.
The regam_read() takes argument as unsigned int for returning
value and it update the value as
*val = map->format.parse_val(map->work_buf);
This causes complete 4 bytes (size of unsigned int) to get written.
Now if client pass the memory pointer for value which is equal to the
required size of register count in regmap_bulk_read() then last few
register read actually update the memory beyond passed pointer size.
Avoid this by using local variable for read and then do memcpy()
for actual byte copy to passed pointer based on register size.
I allocated one pointer ptr and take first 16 bytes dump of that
pointer then call regmap_bulk_read() with pointer which is just
on top of this allocated pointer and register count of 128. Here
register size is 1 byte.
The memory trace of last 5 register read are as follows:
[ 5.438589] regmap_bulk_read after regamp_read() for register 122
[ 5.447421] 0xef993c20 0xef993c00 0x00000000 0x00000001
[ 5.467535] regmap_bulk_read after regamp_read() for register 123
[ 5.476374] 0xef993c20 0xef993c00 0x00000000 0x00000001
[ 5.496425] regmap_bulk_read after regamp_read() for register 124
[ 5.505260] 0xef993c20 0xef993c00 0x00000000 0x00000001
[ 5.525372] regmap_bulk_read after regamp_read() for register 125
[ 5.534205] 0xef993c00 0xef993c00 0x00000000 0x00000001
[ 5.554258] regmap_bulk_read after regamp_read() for register 126
[ 5.563100] 0xef990000 0xef993c00 0x00000000 0x00000001
[ 5.554258] regmap_bulk_read after regamp_read() for register 127
[ 5.587108] 0xef000000 0xef993c00 0x00000000 0x00000001
Here it is observed that the memory content at first word started changing
on last 3 regmap_read() and so corruption happened.
Signed-off-by: Laxman Dewangan <ldewangan@nvidia.com>
Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
