Re: [PATCH] i2c: iproc: fix race between client unreg and isr

From: Dhananjay Phadke
Date: Mon Jul 27 2020 - 13:38:30 EST

Ray Jui <ray.jui@xxxxxxxxxxxx> wrote:
>>> I think the following sequence needs to be implemented to make this
>>> safe, i.e., after 'synchronize_irq', no further slave interrupt will be
>>> fired.
>>> In 'bcm_iproc_i2c_unreg_slave':
>>> 1. Set an atomic variable 'unreg_slave' (I'm bad in names so please come
>>> up with a better name than this)
>>> 2. Disable all slave interrupts
>>> 3. synchronize_irq
>>> 4. Set slave to NULL
>>> 5. Erase slave addresses
>> What about this in unreg_slave?
>> 1. disable_irq()
>> This includes synchronize_irq() and avoids the race. Because irq
>> will be masked at interrupt controller level, interrupts coming
>> in at the I2C IP core level should still be pending once we
>> reenable the irq.
> Can you confirm that even if we have irq pending at the i2c IP core
> level, as long as we execute Step 2. below (to disable/mask all slave
> interrupts), after 'enable_irq' is called, we still will not receive any
> further i2c slave interrupt?
> Basically I'm asking if interrupts will be "cached" at the GIC
> controller level after 'disable_irq' is called. As long as that is not
> the case, then I think we are good.
> The goal of course is to ensure there's no further slave interrupts
> after 'enable_irq' in Step 3 below.

That was my question as well, the best would be if the i2c controller itself
has a bit for masking all interrupts overriding individual event enables
set by the ISR.

Also with regards to the original sequence, I think slave address should
be erased before enable_irq(), besides draining rx and tx FIFOs.

I'll send reworked patch.

@Rayagonda will validate new sequence with the test that hit the race condition.

- Dhananjay