From: Bartosz Golaszewski <brgl@bgdev.pl>
To: Linus Walleij <linus.walleij@linaro.org>,
Kent Gibson <warthog618@gmail.com>, Alex Elder <elder@linaro.org>,
Geert Uytterhoeven <geert+renesas@glider.be>,
"Paul E . McKenney" <paulmck@kernel.org>,
Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
Wolfram Sang <wsa@the-dreams.de>
Cc: linux-gpio@vger.kernel.org, linux-kernel@vger.kernel.org,
Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Subject: [PATCH v3 09/24] gpio: remove gpio_lock
Date: Thu, 8 Feb 2024 10:59:05 +0100 [thread overview]
Message-ID: <20240208095920.8035-10-brgl@bgdev.pl> (raw)
In-Reply-To: <20240208095920.8035-1-brgl@bgdev.pl>
From: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
The "multi-function" gpio_lock is pretty much useless with how it's used
in GPIOLIB currently. Because many GPIO API calls can be called from all
contexts but may also call into sleeping driver callbacks, there are
many places with utterly broken workarounds like yielding the lock to
call a possibly sleeping function and then re-acquiring it again without
taking into account that the protected state may have changed.
It was also used to protect several unrelated things: like individual
descriptors AND the GPIO device list. We now serialize access to these
two with SRCU and so can finally remove the spinlock.
There is of course the question of consistency of lockless access to
GPIO descriptors. Because we only support exclusive access to GPIOs
(officially anyway, I'm looking at you broken
GPIOD_FLAGS_BIT_NONEXCLUSIVE bit...) and the API contract with providers
does not guarantee serialization, it's enough to ensure we cannot
accidentally dereference an invalid pointer and that the state we present
to both users and providers remains consistent. To achieve that: read the
flags field atomically except for a few special cases. Read their current
value before executing callback code and use this value for any subsequent
logic. Modifying the flags depends on the particular use-case and can
differ. For instance: when requesting a GPIO, we need to set the
REQUESTED bit immediately so that the next user trying to request the
same line sees -EBUSY.
While at it: the allocations that used GFP_ATOMIC until this point can
now switch to GFP_KERNEL.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
---
drivers/gpio/gpiolib-cdev.c | 18 +++---
drivers/gpio/gpiolib-sysfs.c | 17 ++----
drivers/gpio/gpiolib.c | 106 +++++++++++------------------------
drivers/gpio/gpiolib.h | 2 -
4 files changed, 46 insertions(+), 97 deletions(-)
diff --git a/drivers/gpio/gpiolib-cdev.c b/drivers/gpio/gpiolib-cdev.c
index 75f4912339a6..3588aaf90e45 100644
--- a/drivers/gpio/gpiolib-cdev.c
+++ b/drivers/gpio/gpiolib-cdev.c
@@ -2302,18 +2302,16 @@ static void gpio_desc_to_lineinfo(struct gpio_desc *desc,
memset(info, 0, sizeof(*info));
info->offset = gpio_chip_hwgpio(desc);
- scoped_guard(spinlock_irqsave, &gpio_lock) {
- if (desc->name)
- strscpy(info->name, desc->name, sizeof(info->name));
+ if (desc->name)
+ strscpy(info->name, desc->name, sizeof(info->name));
- scoped_guard(srcu, &desc->srcu) {
- label = gpiod_get_label(desc);
- if (label)
- strscpy(info->consumer, label,
- sizeof(info->consumer));
- }
+ dflags = READ_ONCE(desc->flags);
- dflags = READ_ONCE(desc->flags);
+ scoped_guard(srcu, &desc->srcu) {
+ label = gpiod_get_label(desc);
+ if (label && test_bit(FLAG_REQUESTED, &dflags))
+ strscpy(info->consumer, label,
+ sizeof(info->consumer));
}
/*
diff --git a/drivers/gpio/gpiolib-sysfs.c b/drivers/gpio/gpiolib-sysfs.c
index d6ff044ce887..3fe740b7d84d 100644
--- a/drivers/gpio/gpiolib-sysfs.c
+++ b/drivers/gpio/gpiolib-sysfs.c
@@ -563,7 +563,6 @@ int gpiod_export(struct gpio_desc *desc, bool direction_may_change)
struct gpio_device *gdev;
struct gpiod_data *data;
struct gpio_chip *chip;
- unsigned long flags;
struct device *dev;
int status, offset;
@@ -578,6 +577,9 @@ int gpiod_export(struct gpio_desc *desc, bool direction_may_change)
return -EINVAL;
}
+ if (!test_and_set_bit(FLAG_EXPORT, &desc->flags))
+ return -EPERM;
+
gdev = desc->gdev;
chip = gdev->chip;
@@ -589,18 +591,11 @@ int gpiod_export(struct gpio_desc *desc, bool direction_may_change)
goto err_unlock;
}
- spin_lock_irqsave(&gpio_lock, flags);
- if (!test_bit(FLAG_REQUESTED, &desc->flags) ||
- test_bit(FLAG_EXPORT, &desc->flags)) {
- spin_unlock_irqrestore(&gpio_lock, flags);
- gpiod_dbg(desc, "%s: unavailable (requested=%d, exported=%d)\n",
- __func__,
- test_bit(FLAG_REQUESTED, &desc->flags),
- test_bit(FLAG_EXPORT, &desc->flags));
+ if (!test_bit(FLAG_REQUESTED, &desc->flags)) {
+ gpiod_dbg(desc, "%s: unavailable (not requested)\n", __func__);
status = -EPERM;
goto err_unlock;
}
- spin_unlock_irqrestore(&gpio_lock, flags);
data = kzalloc(sizeof(*data), GFP_KERNEL);
if (!data) {
@@ -628,7 +623,6 @@ int gpiod_export(struct gpio_desc *desc, bool direction_may_change)
goto err_free_data;
}
- set_bit(FLAG_EXPORT, &desc->flags);
mutex_unlock(&sysfs_lock);
return 0;
@@ -636,6 +630,7 @@ int gpiod_export(struct gpio_desc *desc, bool direction_may_change)
kfree(data);
err_unlock:
mutex_unlock(&sysfs_lock);
+ clear_bit(FLAG_EXPORT, &desc->flags);
gpiod_dbg(desc, "%s: status %d\n", __func__, status);
return status;
}
diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c
index 68543ab34fb6..d0de492acd4c 100644
--- a/drivers/gpio/gpiolib.c
+++ b/drivers/gpio/gpiolib.c
@@ -76,12 +76,6 @@ static const struct bus_type gpio_bus_type = {
*/
#define FASTPATH_NGPIO CONFIG_GPIOLIB_FASTPATH_LIMIT
-/* gpio_lock prevents conflicts during gpio_desc[] table updates.
- * While any GPIO is requested, its gpio_chip is not removable;
- * each GPIO's "requested" flag serves as a lock and refcount.
- */
-DEFINE_SPINLOCK(gpio_lock);
-
static DEFINE_MUTEX(gpio_lookup_lock);
static LIST_HEAD(gpio_lookup_list);
@@ -123,8 +117,7 @@ static int desc_set_label(struct gpio_desc *desc, const char *label)
const char *new = NULL, *old;
if (label) {
- /* FIXME: make this GFP_KERNEL once the spinlock is out. */
- new = kstrdup_const(label, GFP_ATOMIC);
+ new = kstrdup_const(label, GFP_KERNEL);
if (!new)
return -ENOMEM;
}
@@ -1093,7 +1086,6 @@ EXPORT_SYMBOL_GPL(gpiochip_add_data_with_key);
void gpiochip_remove(struct gpio_chip *gc)
{
struct gpio_device *gdev = gc->gpiodev;
- unsigned long flags;
unsigned int i;
down_write(&gdev->sem);
@@ -1119,12 +1111,10 @@ void gpiochip_remove(struct gpio_chip *gc)
*/
gpiochip_set_data(gc, NULL);
- spin_lock_irqsave(&gpio_lock, flags);
for (i = 0; i < gdev->ngpio; i++) {
if (test_bit(FLAG_REQUESTED, &gdev->descs[i].flags))
break;
}
- spin_unlock_irqrestore(&gpio_lock, flags);
if (i != gdev->ngpio)
dev_crit(&gdev->dev,
@@ -2227,62 +2217,43 @@ EXPORT_SYMBOL_GPL(gpiochip_remove_pin_ranges);
static int gpiod_request_commit(struct gpio_desc *desc, const char *label)
{
struct gpio_chip *gc = desc->gdev->chip;
- unsigned long flags;
unsigned int offset;
int ret;
+ if (test_and_set_bit(FLAG_REQUESTED, &desc->flags))
+ return -EBUSY;
+
if (label) {
label = kstrdup_const(label, GFP_KERNEL);
if (!label)
return -ENOMEM;
}
- spin_lock_irqsave(&gpio_lock, flags);
-
/* NOTE: gpio_request() can be called in early boot,
* before IRQs are enabled, for non-sleeping (SOC) GPIOs.
*/
- if (test_and_set_bit(FLAG_REQUESTED, &desc->flags)) {
- ret = -EBUSY;
- goto out_free_unlock;
- }
-
if (gc->request) {
- /* gc->request may sleep */
- spin_unlock_irqrestore(&gpio_lock, flags);
offset = gpio_chip_hwgpio(desc);
if (gpiochip_line_is_valid(gc, offset))
ret = gc->request(gc, offset);
else
ret = -EINVAL;
- spin_lock_irqsave(&gpio_lock, flags);
+ if (ret)
+ goto out_clear_bit;
+ }
- if (ret) {
- desc_set_label(desc, NULL);
- clear_bit(FLAG_REQUESTED, &desc->flags);
- goto out_free_unlock;
- }
- }
- if (gc->get_direction) {
- /* gc->get_direction may sleep */
- spin_unlock_irqrestore(&gpio_lock, flags);
+ if (gc->get_direction)
gpiod_get_direction(desc);
- spin_lock_irqsave(&gpio_lock, flags);
- }
- spin_unlock_irqrestore(&gpio_lock, flags);
ret = desc_set_label(desc, label ? : "?");
- if (ret) {
- clear_bit(FLAG_REQUESTED, &desc->flags);
- return ret;
- }
+ if (ret)
+ goto out_clear_bit;
return 0;
-out_free_unlock:
- spin_unlock_irqrestore(&gpio_lock, flags);
- kfree_const(label);
+out_clear_bit:
+ clear_bit(FLAG_REQUESTED, &desc->flags);
return ret;
}
@@ -2352,35 +2323,32 @@ static bool gpiod_free_commit(struct gpio_desc *desc)
might_sleep();
- spin_lock_irqsave(&gpio_lock, flags);
-
gc = desc->gdev->chip;
- if (gc && test_bit(FLAG_REQUESTED, &desc->flags)) {
- if (gc->free) {
- spin_unlock_irqrestore(&gpio_lock, flags);
- might_sleep_if(gc->can_sleep);
+ flags = READ_ONCE(desc->flags);
+
+ if (gc && test_bit(FLAG_REQUESTED, &flags)) {
+ if (gc->free)
gc->free(gc, gpio_chip_hwgpio(desc));
- spin_lock_irqsave(&gpio_lock, flags);
- }
- clear_bit(FLAG_ACTIVE_LOW, &desc->flags);
- clear_bit(FLAG_REQUESTED, &desc->flags);
- clear_bit(FLAG_OPEN_DRAIN, &desc->flags);
- clear_bit(FLAG_OPEN_SOURCE, &desc->flags);
- clear_bit(FLAG_PULL_UP, &desc->flags);
- clear_bit(FLAG_PULL_DOWN, &desc->flags);
- clear_bit(FLAG_BIAS_DISABLE, &desc->flags);
- clear_bit(FLAG_EDGE_RISING, &desc->flags);
- clear_bit(FLAG_EDGE_FALLING, &desc->flags);
- clear_bit(FLAG_IS_HOGGED, &desc->flags);
+
+ clear_bit(FLAG_ACTIVE_LOW, &flags);
+ clear_bit(FLAG_REQUESTED, &flags);
+ clear_bit(FLAG_OPEN_DRAIN, &flags);
+ clear_bit(FLAG_OPEN_SOURCE, &flags);
+ clear_bit(FLAG_PULL_UP, &flags);
+ clear_bit(FLAG_PULL_DOWN, &flags);
+ clear_bit(FLAG_BIAS_DISABLE, &flags);
+ clear_bit(FLAG_EDGE_RISING, &flags);
+ clear_bit(FLAG_EDGE_FALLING, &flags);
+ clear_bit(FLAG_IS_HOGGED, &flags);
#ifdef CONFIG_OF_DYNAMIC
WRITE_ONCE(desc->hog, NULL);
#endif
ret = true;
- }
+ desc_set_label(desc, NULL);
+ WRITE_ONCE(desc->flags, flags);
- spin_unlock_irqrestore(&gpio_lock, flags);
- desc_set_label(desc, NULL);
- gpiod_line_state_notify(desc, GPIOLINE_CHANGED_RELEASED);
+ gpiod_line_state_notify(desc, GPIOLINE_CHANGED_RELEASED);
+ }
return ret;
}
@@ -2422,22 +2390,12 @@ char *gpiochip_dup_line_label(struct gpio_chip *gc, unsigned int offset)
if (IS_ERR(desc))
return NULL;
- guard(spinlock_irqsave)(&gpio_lock);
-
if (!test_bit(FLAG_REQUESTED, &desc->flags))
return NULL;
guard(srcu)(&desc->srcu);
- /*
- * FIXME: Once we mark gpiod_direction_input/output() and
- * gpiod_get_direction() with might_sleep(), we'll be able to protect
- * the GPIO descriptors with mutex (while value setting operations will
- * become lockless).
- *
- * Until this happens, this allocation needs to be atomic.
- */
- label = kstrdup(gpiod_get_label(desc), GFP_ATOMIC);
+ label = kstrdup(gpiod_get_label(desc), GFP_KERNEL);
if (!label)
return ERR_PTR(-ENOMEM);
diff --git a/drivers/gpio/gpiolib.h b/drivers/gpio/gpiolib.h
index 2bf3f9e13ae4..9b7afe87f1bd 100644
--- a/drivers/gpio/gpiolib.h
+++ b/drivers/gpio/gpiolib.h
@@ -135,8 +135,6 @@ int gpiod_set_array_value_complex(bool raw, bool can_sleep,
int gpiod_set_transitory(struct gpio_desc *desc, bool transitory);
-extern spinlock_t gpio_lock;
-
void gpiod_line_state_notify(struct gpio_desc *desc, unsigned long action);
/**
--
2.40.1
next prev parent reply other threads:[~2024-02-08 9:59 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-08 9:58 [PATCH v3 00/24] gpio: rework locking and object life-time control Bartosz Golaszewski
2024-02-08 9:58 ` [PATCH v3 01/24] gpio: protect the list of GPIO devices with SRCU Bartosz Golaszewski
2024-02-10 11:00 ` Hillf Danton
2024-02-10 11:07 ` Bartosz Golaszewski
2024-02-08 9:58 ` [PATCH v3 02/24] gpio: of: assign and read the hog pointer atomically Bartosz Golaszewski
2024-02-08 9:58 ` [PATCH v3 03/24] gpio: remove unused logging helpers Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 04/24] gpio: provide and use gpiod_get_label() Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 05/24] gpio: don't set label from irq helpers Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 06/24] gpio: add SRCU infrastructure to struct gpio_desc Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 07/24] gpio: protect the descriptor label with SRCU Bartosz Golaszewski
2024-02-12 14:56 ` kernel test robot
2024-02-13 21:16 ` Mark Brown
2024-02-13 22:07 ` Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 08/24] gpio: sysfs: use gpio_device_find() to iterate over existing devices Bartosz Golaszewski
2024-02-08 9:59 ` Bartosz Golaszewski [this message]
2024-02-08 9:59 ` [PATCH v3 10/24] gpio: reinforce desc->flags handling Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 11/24] gpio: remove unneeded code from gpio_device_get_desc() Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 12/24] gpio: sysfs: extend the critical section for unregistering sysfs devices Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 13/24] gpio: sysfs: pass the GPIO device - not chip - to sysfs callbacks Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 14/24] gpio: cdev: replace gpiochip_get_desc() with gpio_device_get_desc() Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 15/24] gpio: cdev: don't access gdev->chip if it's not needed Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 16/24] gpio: sysfs: " Bartosz Golaszewski
2024-02-08 12:20 ` Linus Walleij
2024-02-08 9:59 ` [PATCH v3 17/24] gpio: don't dereference gdev->chip in gpiochip_setup_dev() Bartosz Golaszewski
2024-02-08 12:21 ` Linus Walleij
2024-02-08 9:59 ` [PATCH v3 18/24] gpio: reduce the functionality of validate_desc() Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 19/24] gpio: remove unnecessary checks from gpiod_to_chip() Bartosz Golaszewski
2024-02-08 17:39 ` Andy Shevchenko
2024-02-08 19:17 ` Bartosz Golaszewski
2024-02-08 19:24 ` Andy Shevchenko
2024-02-08 19:34 ` Bartosz Golaszewski
2024-02-09 13:59 ` Andy Shevchenko
2024-02-08 9:59 ` [PATCH v3 20/24] gpio: add the can_sleep flag to struct gpio_device Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 21/24] gpio: add SRCU infrastructure " Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 22/24] gpio: protect the pointer to gpio_chip in gpio_device with SRCU Bartosz Golaszewski
2024-02-12 15:09 ` kernel test robot
2024-02-12 16:56 ` Bartosz Golaszewski
2024-02-12 21:20 ` Bartosz Golaszewski
2024-02-13 8:10 ` Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 23/24] gpio: remove the RW semaphore from the GPIO device Bartosz Golaszewski
2024-02-10 5:37 ` Kent Gibson
2024-02-12 9:53 ` Bartosz Golaszewski
2024-02-12 9:57 ` Kent Gibson
2024-02-12 9:59 ` Bartosz Golaszewski
2024-02-08 9:59 ` [PATCH v3 24/24] gpio: mark unsafe gpio_chip manipulators as deprecated Bartosz Golaszewski
2024-02-08 17:43 ` [PATCH v3 00/24] gpio: rework locking and object life-time control Andy Shevchenko
2024-02-12 10:07 ` Bartosz Golaszewski
[not found] ` <CGME20240213120518eucas1p2d514aac6e6d1e29bbae05f32db6724db@eucas1p2.samsung.com>
2024-02-13 12:05 ` Marek Szyprowski
2024-02-13 12:08 ` Bartosz Golaszewski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240208095920.8035-10-brgl@bgdev.pl \
--to=brgl@bgdev.pl \
--cc=andriy.shevchenko@linux.intel.com \
--cc=bartosz.golaszewski@linaro.org \
--cc=elder@linaro.org \
--cc=geert+renesas@glider.be \
--cc=linus.walleij@linaro.org \
--cc=linux-gpio@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=paulmck@kernel.org \
--cc=warthog618@gmail.com \
--cc=wsa@the-dreams.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).