Re: [PATCH v8 4/5] iommu/arm-smmu: Add the device_link between masters and smmu

From: Robin Murphy
Date: Wed Mar 07 2018 - 07:48:19 EST


On 02/03/18 10:10, Vivek Gautam wrote:
From: Sricharan R <sricharan@xxxxxxxxxxxxxx>

Finally add the device link between the master device and
smmu, so that the smmu gets runtime enabled/disabled only when the
master needs it. This is done from add_device callback which gets
called once when the master is added to the smmu.

Signed-off-by: Sricharan R <sricharan@xxxxxxxxxxxxxx>
Signed-off-by: Vivek Gautam <vivek.gautam@xxxxxxxxxxxxxx>
---
drivers/iommu/arm-smmu.c | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)

diff --git a/drivers/iommu/arm-smmu.c b/drivers/iommu/arm-smmu.c
index 3d6a1875431f..bb1ea82c1003 100644
--- a/drivers/iommu/arm-smmu.c
+++ b/drivers/iommu/arm-smmu.c
@@ -217,6 +217,9 @@ struct arm_smmu_device {
/* IOMMU core code handle */
struct iommu_device iommu;
+
+ /* runtime PM link to master */
+ struct device_link *link;

Just the one?

};
enum arm_smmu_context_fmt {
@@ -1470,10 +1473,26 @@ static int arm_smmu_add_device(struct device *dev)
iommu_device_link(&smmu->iommu, dev);
+ /*
+ * Establish the link between smmu and master, so that the
+ * smmu gets runtime enabled/disabled as per the master's
+ * needs.
+ */
+ smmu->link = device_link_add(dev, smmu->dev, DL_FLAG_PM_RUNTIME);

Maybe I've misunderstood how the API works, but AFAICS the second and subsequent devices are all just going to overwrite (and leak) the link of the previous one...

+ if (!smmu->link) {
+ dev_warn(smmu->dev, "Unable to create device link between %s and %s\n",
+ dev_name(smmu->dev), dev_name(dev));
+ ret = -ENODEV;
+ goto out_unlink;
+ }
+
arm_smmu_rpm_put(smmu);
return 0;
+out_unlink:
+ iommu_device_unlink(&smmu->iommu, dev);
+ arm_smmu_master_free_smes(fwspec);
out_rpm_put:
arm_smmu_rpm_put(smmu);
out_cfg_free:
@@ -1496,6 +1515,8 @@ static void arm_smmu_remove_device(struct device *dev)
cfg = fwspec->iommu_priv;
smmu = cfg->smmu;
+ device_link_del(smmu->link);

...and equivalently you end up with a double-free (or more) here of a link which may not have belonged to dev anyway.

Robin.

+
ret = arm_smmu_rpm_get(smmu);
if (ret < 0)
return;