Commit 49ba0302 authored by Doug Anderson's avatar Doug Anderson Committed by Ulf Hansson

mmc: dw_mmc: Add locking around cmd11 timer

It is possible for the cmd11 interrupt to fire and delete the
cmd11_timer before the cmd11_timer was actually setup.  Let's fix this
race by adding a few spinlocks.  Note that the race wasn't seen in
practice without adding some printk statements, but it still seems
wise to fix.

Fixes: 5c935165 ("mmc: dw_mmc: Add a timeout for sending CMD11")
Signed-off-by: default avatarDoug Anderson <dianders@chromium.org>
Signed-off-by: default avatarJaehoon Chung <jh80.chung@samsung.com>
Signed-off-by: default avatarUlf Hansson <ulf.hansson@linaro.org>
parent fd674198
...@@ -1023,14 +1023,23 @@ static void __dw_mci_start_request(struct dw_mci *host, ...@@ -1023,14 +1023,23 @@ static void __dw_mci_start_request(struct dw_mci *host,
dw_mci_start_command(host, cmd, cmdflags); dw_mci_start_command(host, cmd, cmdflags);
if (cmd->opcode == SD_SWITCH_VOLTAGE) { if (cmd->opcode == SD_SWITCH_VOLTAGE) {
unsigned long irqflags;
/* /*
* Databook says to fail after 2ms w/ no response, but evidence * Databook says to fail after 2ms w/ no response, but evidence
* shows that sometimes the cmd11 interrupt takes over 130ms. * shows that sometimes the cmd11 interrupt takes over 130ms.
* We'll set to 500ms, plus an extra jiffy just in case jiffies * We'll set to 500ms, plus an extra jiffy just in case jiffies
* is just about to roll over. * is just about to roll over.
*
* We do this whole thing under spinlock and only if the
* command hasn't already completed (indicating the the irq
* already ran so we don't want the timeout).
*/ */
mod_timer(&host->cmd11_timer, spin_lock_irqsave(&host->irq_lock, irqflags);
jiffies + msecs_to_jiffies(500) + 1); if (!test_bit(EVENT_CMD_COMPLETE, &host->pending_events))
mod_timer(&host->cmd11_timer,
jiffies + msecs_to_jiffies(500) + 1);
spin_unlock_irqrestore(&host->irq_lock, irqflags);
} }
if (mrq->stop) if (mrq->stop)
...@@ -2160,11 +2169,20 @@ static irqreturn_t dw_mci_interrupt(int irq, void *dev_id) ...@@ -2160,11 +2169,20 @@ static irqreturn_t dw_mci_interrupt(int irq, void *dev_id)
/* Check volt switch first, since it can look like an error */ /* Check volt switch first, since it can look like an error */
if ((host->state == STATE_SENDING_CMD11) && if ((host->state == STATE_SENDING_CMD11) &&
(pending & SDMMC_INT_VOLT_SWITCH)) { (pending & SDMMC_INT_VOLT_SWITCH)) {
del_timer(&host->cmd11_timer); unsigned long irqflags;
mci_writel(host, RINTSTS, SDMMC_INT_VOLT_SWITCH); mci_writel(host, RINTSTS, SDMMC_INT_VOLT_SWITCH);
pending &= ~SDMMC_INT_VOLT_SWITCH; pending &= ~SDMMC_INT_VOLT_SWITCH;
/*
* Hold the lock; we know cmd11_timer can't be kicked
* off after the lock is released, so safe to delete.
*/
spin_lock_irqsave(&host->irq_lock, irqflags);
dw_mci_cmd_interrupt(host, pending); dw_mci_cmd_interrupt(host, pending);
spin_unlock_irqrestore(&host->irq_lock, irqflags);
del_timer(&host->cmd11_timer);
} }
if (pending & DW_MCI_CMD_ERROR_FLAGS) { if (pending & DW_MCI_CMD_ERROR_FLAGS) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment