From: jens.wiklander@linaro.org (Jens Wiklander)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v4 3/5] tee: generic TEE subsystem
Date: Thu, 9 Jul 2015 14:49:08 +0200 [thread overview]
Message-ID: <20150709124908.GA27483@ermac> (raw)
In-Reply-To: <20150708171026.GA11740@obsidianresearch.com>
On Wed, Jul 08, 2015 at 11:10:26AM -0600, Jason Gunthorpe wrote:
> On Wed, Jul 08, 2015 at 12:16:30PM +0200, Jens Wiklander wrote:
>
> > +static void tee_device_complete_unused(struct kref *kref)
> > +{
> > + struct tee_device *teedev;
> > +
> > + teedev = container_of(kref, struct tee_device, users);
> > + /* When the mutex is released, no other tee_device_get() will succeed */
> > + teedev->desc = NULL;
> > + complete(&teedev->c_no_users);
> > +}
> > +
> > +void tee_device_put(struct tee_device *teedev)
> > +{
> > + mutex_lock(&teedev->mutex);
> > + /* Shouldn't put in this state */
> > + if (!WARN_ON(!teedev->desc))
> > + kref_put(&teedev->users, tee_device_complete_unused);
> > + mutex_unlock(&teedev->mutex);
> > +}
> > +
> > +bool tee_device_get(struct tee_device *teedev)
> > +{
> > + mutex_lock(&teedev->mutex);
> > + if (!teedev->desc) {
> > + mutex_unlock(&teedev->mutex);
> > + return false;
> > + }
> > + kref_get(&teedev->users);
> > + mutex_unlock(&teedev->mutex);
> > + return true;
> > +}
>
> If you are holding the mutex then you don't really need a kref, just a
> simple active count counter.
>
> I've been a bit learly lately about seeing krefs used for something
> other than kfree, I've seen a few subtle mistakes in those schemes -
> yours looks OK, only because of the lock, and the lock makes the kref
> redundant..
Thanks, I'll fix.
>
> > + cdev_init(&teedev->cdev, &tee_fops);
> > + teedev->cdev.owner = teedesc->owner;
>
> This also needs to set teedev->cdev.kobj.parent.
> I'm guessing:
>
> teedev->cdev.kobj.parent = &teedev->dev.kobj;
>
> TPM had the same mistake..
OK. This triggered a discussion, from what I understand the outcome
is that what you're suggesting is the right thing to do here.
>
> > +void tee_device_unregister(struct tee_device *teedev)
> > +{
> > + if (IS_ERR_OR_NULL(teedev))
> > + return;
>
> See for some general colour on IS_ERR_OR_NULL
>
> https://www.mail-archive.com/linux-omap at vger.kernel.org/msg78030.html
>
> IMHO, you should never, store an ERR pointer into long term storage,
> so I wonder why this is like this...
OK, I'll replace the IS_ERR_OR_NULL with !teedev and only store a real
pointer or NULL here.
>
> > + if (teedev->flags & TEE_DEVICE_FLAG_REGISTERED) {
> > + cdev_del(&teedev->cdev);
> > + device_del(&teedev->dev);
> > + }
> > +
> > + tee_device_put(teedev);
> > + wait_for_completion(&teedev->c_no_users);
>
> Generally in a scheme like this we'd see open and release get/put the
> underlying module handle to prevent driver removal while the char dev
> is open. Otherwise module removal will hang here.
I'm perhaps misunderstanding you. While the cdev has any open file
descriptors rmmod will fail with "Resource temporarily unavailable"
because of fops_get() in chrdev_open().
tee_device_get()/put() deals with detaching of the driver, I see no
other way than blocking here once the detaching has been triggered.
--
Thanks,
Jens
WARNING: multiple messages have this Message-ID (diff)
From: Jens Wiklander <jens.wiklander@linaro.org>
To: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Cc: linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org, devicetree@vger.kernel.org,
Arnd Bergmann <arnd@arndb.de>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Rob Herring <robh+dt@kernel.org>,
Herbert Xu <herbert@gondor.apana.org.au>,
valentin.manea@huawei.com, jean-michel.delorme@st.com,
emmanuel.michel@st.com, javier@javigon.com,
Mark Rutland <mark.rutland@arm.com>,
Michal Simek <michal.simek@xilinx.com>
Subject: Re: [PATCH v4 3/5] tee: generic TEE subsystem
Date: Thu, 9 Jul 2015 14:49:08 +0200 [thread overview]
Message-ID: <20150709124908.GA27483@ermac> (raw)
In-Reply-To: <20150708171026.GA11740@obsidianresearch.com>
On Wed, Jul 08, 2015 at 11:10:26AM -0600, Jason Gunthorpe wrote:
> On Wed, Jul 08, 2015 at 12:16:30PM +0200, Jens Wiklander wrote:
>
> > +static void tee_device_complete_unused(struct kref *kref)
> > +{
> > + struct tee_device *teedev;
> > +
> > + teedev = container_of(kref, struct tee_device, users);
> > + /* When the mutex is released, no other tee_device_get() will succeed */
> > + teedev->desc = NULL;
> > + complete(&teedev->c_no_users);
> > +}
> > +
> > +void tee_device_put(struct tee_device *teedev)
> > +{
> > + mutex_lock(&teedev->mutex);
> > + /* Shouldn't put in this state */
> > + if (!WARN_ON(!teedev->desc))
> > + kref_put(&teedev->users, tee_device_complete_unused);
> > + mutex_unlock(&teedev->mutex);
> > +}
> > +
> > +bool tee_device_get(struct tee_device *teedev)
> > +{
> > + mutex_lock(&teedev->mutex);
> > + if (!teedev->desc) {
> > + mutex_unlock(&teedev->mutex);
> > + return false;
> > + }
> > + kref_get(&teedev->users);
> > + mutex_unlock(&teedev->mutex);
> > + return true;
> > +}
>
> If you are holding the mutex then you don't really need a kref, just a
> simple active count counter.
>
> I've been a bit learly lately about seeing krefs used for something
> other than kfree, I've seen a few subtle mistakes in those schemes -
> yours looks OK, only because of the lock, and the lock makes the kref
> redundant..
Thanks, I'll fix.
>
> > + cdev_init(&teedev->cdev, &tee_fops);
> > + teedev->cdev.owner = teedesc->owner;
>
> This also needs to set teedev->cdev.kobj.parent.
> I'm guessing:
>
> teedev->cdev.kobj.parent = &teedev->dev.kobj;
>
> TPM had the same mistake..
OK. This triggered a discussion, from what I understand the outcome
is that what you're suggesting is the right thing to do here.
>
> > +void tee_device_unregister(struct tee_device *teedev)
> > +{
> > + if (IS_ERR_OR_NULL(teedev))
> > + return;
>
> See for some general colour on IS_ERR_OR_NULL
>
> https://www.mail-archive.com/linux-omap@vger.kernel.org/msg78030.html
>
> IMHO, you should never, store an ERR pointer into long term storage,
> so I wonder why this is like this...
OK, I'll replace the IS_ERR_OR_NULL with !teedev and only store a real
pointer or NULL here.
>
> > + if (teedev->flags & TEE_DEVICE_FLAG_REGISTERED) {
> > + cdev_del(&teedev->cdev);
> > + device_del(&teedev->dev);
> > + }
> > +
> > + tee_device_put(teedev);
> > + wait_for_completion(&teedev->c_no_users);
>
> Generally in a scheme like this we'd see open and release get/put the
> underlying module handle to prevent driver removal while the char dev
> is open. Otherwise module removal will hang here.
I'm perhaps misunderstanding you. While the cdev has any open file
descriptors rmmod will fail with "Resource temporarily unavailable"
because of fops_get() in chrdev_open().
tee_device_get()/put() deals with detaching of the driver, I see no
other way than blocking here once the detaching has been triggered.
--
Thanks,
Jens
next prev parent reply other threads:[~2015-07-09 12:49 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-08 10:16 [PATCH v4 0/5] generic TEE subsystem Jens Wiklander
2015-07-08 10:16 ` Jens Wiklander
2015-07-08 10:16 ` [PATCH v4 1/5] arm/arm64: add smccc ARCH32 Jens Wiklander
2015-07-08 10:16 ` Jens Wiklander
2015-07-08 10:16 ` Jens Wiklander
2015-07-08 10:16 ` [PATCH v4 2/5] dt/bindings: add bindings for optee Jens Wiklander
2015-07-08 10:16 ` Jens Wiklander
2015-07-08 10:16 ` Jens Wiklander
2015-07-08 10:16 ` [PATCH v4 3/5] tee: generic TEE subsystem Jens Wiklander
2015-07-08 10:16 ` Jens Wiklander
2015-07-08 17:10 ` Jason Gunthorpe
2015-07-08 17:10 ` Jason Gunthorpe
2015-07-08 21:11 ` Greg Kroah-Hartman
2015-07-08 21:11 ` Greg Kroah-Hartman
2015-07-08 22:26 ` Jason Gunthorpe
2015-07-08 22:26 ` Jason Gunthorpe
2015-07-08 22:26 ` Jason Gunthorpe
2015-07-08 22:33 ` Greg Kroah-Hartman
2015-07-08 22:33 ` Greg Kroah-Hartman
2015-07-08 22:33 ` Greg Kroah-Hartman
2015-07-08 23:16 ` Jason Gunthorpe
2015-07-08 23:16 ` Jason Gunthorpe
2015-07-08 23:16 ` Jason Gunthorpe
2015-07-08 23:53 ` Greg Kroah-Hartman
2015-07-08 23:53 ` Greg Kroah-Hartman
2015-07-09 0:47 ` Dmitry Torokhov
2015-07-09 0:47 ` Dmitry Torokhov
2015-07-08 23:28 ` Dmitry Torokhov
2015-07-08 23:28 ` Dmitry Torokhov
2015-07-08 23:28 ` Dmitry Torokhov
2015-07-08 23:52 ` Greg Kroah-Hartman
2015-07-08 23:52 ` Greg Kroah-Hartman
2015-07-09 0:56 ` Dmitry Torokhov
2015-07-09 0:56 ` Dmitry Torokhov
2015-07-09 0:56 ` Dmitry Torokhov
2015-07-09 12:49 ` Jens Wiklander [this message]
2015-07-09 12:49 ` Jens Wiklander
2015-07-09 18:25 ` Jason Gunthorpe
2015-07-09 18:25 ` Jason Gunthorpe
2015-07-08 10:16 ` [PATCH v4 4/5] tee: add OP-TEE driver Jens Wiklander
2015-07-08 10:16 ` Jens Wiklander
2015-07-08 10:16 ` [PATCH v4 5/5] Documentation: tee subsystem and op-tee driver Jens Wiklander
2015-07-08 10:16 ` Jens Wiklander
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150709124908.GA27483@ermac \
--to=jens.wiklander@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.