mirror of
https://github.com/edk2-porting/linux-next.git
synced 2025-01-13 16:14:26 +08:00
53989fad12
A test of the form:
while true; do modprobe -r cxl_pmem; modprobe cxl_pmem; done
May lead to a crash signature of the form:
BUG: unable to handle page fault for address: ffffffffc0660030
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0010) - not-present page
[..]
Workqueue: cxl_pmem 0xffffffffc0660030
RIP: 0010:0xffffffffc0660030
Code: Unable to access opcode bytes at RIP 0xffffffffc0660006.
[..]
Call Trace:
? process_one_work+0x4ec/0x9c0
? pwq_dec_nr_in_flight+0x100/0x100
? rwlock_bug.part.0+0x60/0x60
? worker_thread+0x2eb/0x700
In that report the 0xffffffffc0660030 address corresponds to the former
function address of cxl_nvb_update_state() from a previous load of the
module, not the current address. Fix that by arranging for ->state_work
in the 'struct cxl_nvdimm_bridge' object to be reinitialized on cxl_pmem
module reload.
Details:
Recall that CXL subsystem wants to link a CXL memory expander device to
an NVDIMM sub-hierarchy when both a persistent memory range has been
registered by the CXL platform driver (cxl_acpi) *and* when that CXL
memory expander has published persistent memory capacity (Get Partition
Info). To this end the cxl_nvdimm_bridge driver arranges to rescan the
CXL bus when either of those conditions change. The helper
bus_rescan_devices() can not be called underneath the device_lock() for
any device on that bus, so the cxl_nvdimm_bridge driver uses a workqueue
for the rescan.
Typically a driver allocates driver data to hold a 'struct work_struct'
for a driven device, but for a workqueue that may run after ->remove()
returns, driver data will have been freed. The 'struct
cxl_nvdimm_bridge' object holds the state and work_struct directly.
Unfortunately it was only arranging for that infrastructure to be
initialized once per device creation rather than the necessary once per
workqueue (cxl_pmem_wq) creation.
Introduce is_cxl_nvdimm_bridge() and cxl_nvdimm_bridge_reset() in
support of invalidating stale references to a recently destroyed
cxl_pmem_wq.
Cc: <stable@vger.kernel.org>
Fixes: 8fdcb1704f ("cxl/pmem: Add initial infrastructure for pmem support")
Reported-by: Vishal Verma <vishal.l.verma@intel.com>
Tested-by: Vishal Verma <vishal.l.verma@intel.com>
Link: https://lore.kernel.org/r/163665474585.3505991.8397182770066720755.stgit@dwillia2-desk3.amr.corp.intel.com
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
272 lines
6.5 KiB
C
272 lines
6.5 KiB
C
// SPDX-License-Identifier: GPL-2.0-only
|
|
/* Copyright(c) 2020 Intel Corporation. */
|
|
#include <linux/device.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/idr.h>
|
|
#include <cxlmem.h>
|
|
#include <cxl.h>
|
|
#include "core.h"
|
|
|
|
/**
|
|
* DOC: cxl pmem
|
|
*
|
|
* The core CXL PMEM infrastructure supports persistent memory
|
|
* provisioning and serves as a bridge to the LIBNVDIMM subsystem. A CXL
|
|
* 'bridge' device is added at the root of a CXL device topology if
|
|
* platform firmware advertises at least one persistent memory capable
|
|
* CXL window. That root-level bridge corresponds to a LIBNVDIMM 'bus'
|
|
* device. Then for each cxl_memdev in the CXL device topology a bridge
|
|
* device is added to host a LIBNVDIMM dimm object. When these bridges
|
|
* are registered native LIBNVDIMM uapis are translated to CXL
|
|
* operations, for example, namespace label access commands.
|
|
*/
|
|
|
|
static DEFINE_IDA(cxl_nvdimm_bridge_ida);
|
|
|
|
static void cxl_nvdimm_bridge_release(struct device *dev)
|
|
{
|
|
struct cxl_nvdimm_bridge *cxl_nvb = to_cxl_nvdimm_bridge(dev);
|
|
|
|
ida_free(&cxl_nvdimm_bridge_ida, cxl_nvb->id);
|
|
kfree(cxl_nvb);
|
|
}
|
|
|
|
static const struct attribute_group *cxl_nvdimm_bridge_attribute_groups[] = {
|
|
&cxl_base_attribute_group,
|
|
NULL,
|
|
};
|
|
|
|
const struct device_type cxl_nvdimm_bridge_type = {
|
|
.name = "cxl_nvdimm_bridge",
|
|
.release = cxl_nvdimm_bridge_release,
|
|
.groups = cxl_nvdimm_bridge_attribute_groups,
|
|
};
|
|
|
|
struct cxl_nvdimm_bridge *to_cxl_nvdimm_bridge(struct device *dev)
|
|
{
|
|
if (dev_WARN_ONCE(dev, dev->type != &cxl_nvdimm_bridge_type,
|
|
"not a cxl_nvdimm_bridge device\n"))
|
|
return NULL;
|
|
return container_of(dev, struct cxl_nvdimm_bridge, dev);
|
|
}
|
|
EXPORT_SYMBOL_NS_GPL(to_cxl_nvdimm_bridge, CXL);
|
|
|
|
bool is_cxl_nvdimm_bridge(struct device *dev)
|
|
{
|
|
return dev->type == &cxl_nvdimm_bridge_type;
|
|
}
|
|
EXPORT_SYMBOL_NS_GPL(is_cxl_nvdimm_bridge, CXL);
|
|
|
|
__mock int match_nvdimm_bridge(struct device *dev, const void *data)
|
|
{
|
|
return is_cxl_nvdimm_bridge(dev);
|
|
}
|
|
|
|
struct cxl_nvdimm_bridge *cxl_find_nvdimm_bridge(struct cxl_nvdimm *cxl_nvd)
|
|
{
|
|
struct device *dev;
|
|
|
|
dev = bus_find_device(&cxl_bus_type, NULL, cxl_nvd, match_nvdimm_bridge);
|
|
if (!dev)
|
|
return NULL;
|
|
return to_cxl_nvdimm_bridge(dev);
|
|
}
|
|
EXPORT_SYMBOL_NS_GPL(cxl_find_nvdimm_bridge, CXL);
|
|
|
|
static struct cxl_nvdimm_bridge *
|
|
cxl_nvdimm_bridge_alloc(struct cxl_port *port)
|
|
{
|
|
struct cxl_nvdimm_bridge *cxl_nvb;
|
|
struct device *dev;
|
|
int rc;
|
|
|
|
cxl_nvb = kzalloc(sizeof(*cxl_nvb), GFP_KERNEL);
|
|
if (!cxl_nvb)
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
rc = ida_alloc(&cxl_nvdimm_bridge_ida, GFP_KERNEL);
|
|
if (rc < 0)
|
|
goto err;
|
|
cxl_nvb->id = rc;
|
|
|
|
dev = &cxl_nvb->dev;
|
|
cxl_nvb->port = port;
|
|
cxl_nvb->state = CXL_NVB_NEW;
|
|
device_initialize(dev);
|
|
device_set_pm_not_required(dev);
|
|
dev->parent = &port->dev;
|
|
dev->bus = &cxl_bus_type;
|
|
dev->type = &cxl_nvdimm_bridge_type;
|
|
|
|
return cxl_nvb;
|
|
|
|
err:
|
|
kfree(cxl_nvb);
|
|
return ERR_PTR(rc);
|
|
}
|
|
|
|
static void unregister_nvb(void *_cxl_nvb)
|
|
{
|
|
struct cxl_nvdimm_bridge *cxl_nvb = _cxl_nvb;
|
|
bool flush;
|
|
|
|
/*
|
|
* If the bridge was ever activated then there might be in-flight state
|
|
* work to flush. Once the state has been changed to 'dead' then no new
|
|
* work can be queued by user-triggered bind.
|
|
*/
|
|
device_lock(&cxl_nvb->dev);
|
|
flush = cxl_nvb->state != CXL_NVB_NEW;
|
|
cxl_nvb->state = CXL_NVB_DEAD;
|
|
device_unlock(&cxl_nvb->dev);
|
|
|
|
/*
|
|
* Even though the device core will trigger device_release_driver()
|
|
* before the unregister, it does not know about the fact that
|
|
* cxl_nvdimm_bridge_driver defers ->remove() work. So, do the driver
|
|
* release not and flush it before tearing down the nvdimm device
|
|
* hierarchy.
|
|
*/
|
|
device_release_driver(&cxl_nvb->dev);
|
|
if (flush)
|
|
flush_work(&cxl_nvb->state_work);
|
|
device_unregister(&cxl_nvb->dev);
|
|
}
|
|
|
|
/**
|
|
* devm_cxl_add_nvdimm_bridge() - add the root of a LIBNVDIMM topology
|
|
* @host: platform firmware root device
|
|
* @port: CXL port at the root of a CXL topology
|
|
*
|
|
* Return: bridge device that can host cxl_nvdimm objects
|
|
*/
|
|
struct cxl_nvdimm_bridge *devm_cxl_add_nvdimm_bridge(struct device *host,
|
|
struct cxl_port *port)
|
|
{
|
|
struct cxl_nvdimm_bridge *cxl_nvb;
|
|
struct device *dev;
|
|
int rc;
|
|
|
|
if (!IS_ENABLED(CONFIG_CXL_PMEM))
|
|
return ERR_PTR(-ENXIO);
|
|
|
|
cxl_nvb = cxl_nvdimm_bridge_alloc(port);
|
|
if (IS_ERR(cxl_nvb))
|
|
return cxl_nvb;
|
|
|
|
dev = &cxl_nvb->dev;
|
|
rc = dev_set_name(dev, "nvdimm-bridge%d", cxl_nvb->id);
|
|
if (rc)
|
|
goto err;
|
|
|
|
rc = device_add(dev);
|
|
if (rc)
|
|
goto err;
|
|
|
|
rc = devm_add_action_or_reset(host, unregister_nvb, cxl_nvb);
|
|
if (rc)
|
|
return ERR_PTR(rc);
|
|
|
|
return cxl_nvb;
|
|
|
|
err:
|
|
put_device(dev);
|
|
return ERR_PTR(rc);
|
|
}
|
|
EXPORT_SYMBOL_NS_GPL(devm_cxl_add_nvdimm_bridge, CXL);
|
|
|
|
static void cxl_nvdimm_release(struct device *dev)
|
|
{
|
|
struct cxl_nvdimm *cxl_nvd = to_cxl_nvdimm(dev);
|
|
|
|
kfree(cxl_nvd);
|
|
}
|
|
|
|
static const struct attribute_group *cxl_nvdimm_attribute_groups[] = {
|
|
&cxl_base_attribute_group,
|
|
NULL,
|
|
};
|
|
|
|
const struct device_type cxl_nvdimm_type = {
|
|
.name = "cxl_nvdimm",
|
|
.release = cxl_nvdimm_release,
|
|
.groups = cxl_nvdimm_attribute_groups,
|
|
};
|
|
|
|
bool is_cxl_nvdimm(struct device *dev)
|
|
{
|
|
return dev->type == &cxl_nvdimm_type;
|
|
}
|
|
EXPORT_SYMBOL_NS_GPL(is_cxl_nvdimm, CXL);
|
|
|
|
struct cxl_nvdimm *to_cxl_nvdimm(struct device *dev)
|
|
{
|
|
if (dev_WARN_ONCE(dev, !is_cxl_nvdimm(dev),
|
|
"not a cxl_nvdimm device\n"))
|
|
return NULL;
|
|
return container_of(dev, struct cxl_nvdimm, dev);
|
|
}
|
|
EXPORT_SYMBOL_NS_GPL(to_cxl_nvdimm, CXL);
|
|
|
|
static struct cxl_nvdimm *cxl_nvdimm_alloc(struct cxl_memdev *cxlmd)
|
|
{
|
|
struct cxl_nvdimm *cxl_nvd;
|
|
struct device *dev;
|
|
|
|
cxl_nvd = kzalloc(sizeof(*cxl_nvd), GFP_KERNEL);
|
|
if (!cxl_nvd)
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
dev = &cxl_nvd->dev;
|
|
cxl_nvd->cxlmd = cxlmd;
|
|
device_initialize(dev);
|
|
device_set_pm_not_required(dev);
|
|
dev->parent = &cxlmd->dev;
|
|
dev->bus = &cxl_bus_type;
|
|
dev->type = &cxl_nvdimm_type;
|
|
|
|
return cxl_nvd;
|
|
}
|
|
|
|
static void cxl_nvd_unregister(void *dev)
|
|
{
|
|
device_unregister(dev);
|
|
}
|
|
|
|
/**
|
|
* devm_cxl_add_nvdimm() - add a bridge between a cxl_memdev and an nvdimm
|
|
* @host: same host as @cxlmd
|
|
* @cxlmd: cxl_memdev instance that will perform LIBNVDIMM operations
|
|
*
|
|
* Return: 0 on success negative error code on failure.
|
|
*/
|
|
int devm_cxl_add_nvdimm(struct device *host, struct cxl_memdev *cxlmd)
|
|
{
|
|
struct cxl_nvdimm *cxl_nvd;
|
|
struct device *dev;
|
|
int rc;
|
|
|
|
cxl_nvd = cxl_nvdimm_alloc(cxlmd);
|
|
if (IS_ERR(cxl_nvd))
|
|
return PTR_ERR(cxl_nvd);
|
|
|
|
dev = &cxl_nvd->dev;
|
|
rc = dev_set_name(dev, "pmem%d", cxlmd->id);
|
|
if (rc)
|
|
goto err;
|
|
|
|
rc = device_add(dev);
|
|
if (rc)
|
|
goto err;
|
|
|
|
dev_dbg(host, "%s: register %s\n", dev_name(dev->parent),
|
|
dev_name(dev));
|
|
|
|
return devm_add_action_or_reset(host, cxl_nvd_unregister, dev);
|
|
|
|
err:
|
|
put_device(dev);
|
|
return rc;
|
|
}
|
|
EXPORT_SYMBOL_NS_GPL(devm_cxl_add_nvdimm, CXL);
|