74f51b80a0
ACPICA commit 767ee53354e0c4b7e8e7c57c6dd7bf569f0d52bb There are issues related to the namespace/interpreter locks, which causes several ACPI functionalities not specification compliant. The lock issues were detectec when we were trying to fix the functionalities (please see Link # [1] for the details). What's the lock issues? Let's first look into the namespace/interpreter lock usages inside of the object evaluation and the table loading which are the key AML interpretion code paths: Table loading: acpi_ns_load_table L(Namespace) acpi_ns_parse_table acpi_ns_one_complete_parse(LOAD_PASS1/LOAD_PASS2) acpi_ds_load1_begion_op acpi_ds_load1_end_op acpi_ds_load2_begion_op acpi_ds_load2_end_op U(Namespace) Object evaluation: acpi_ns_evaluate L(Interpreter) acpi_ps_execute_method acpi_ds_exec_begin_op acpi_ds_exec_end_op U(Interpreter) acpi_ns_load_table L(Namespace) U(Namespace) acpi_ev_initialize_region L(Namespace) U(Namespace) address_space.Setup address_space.Handler acpi_os_wait_semaphore acpi_os_acquire_mutex acpi_os_sleep L(Interpreter) U(Interpreter) L(Interpreter) acpi_ex_resolve_node_to_value U(Interpreter) acpi_ns_check_return_value Where: 1. L(Interpreter) means acquire(MTX_INTERPRETER); 2. U(Interpreter) means release(MTX_INTERPRETER); 3. L(Namespace) means acquire(MTX_NAMESPACE); 4. U(Namespace) means release(MTX_NAMESPACE); We can see that acpi_ns_exec_module_code() (which invokes acpi_ns_evaluate) is implemented in a deferred way just in order to avoid to reacquire the namespace lock. This is in fact the root cause of many other ACPICA issues: 1. We now know for sure that the module code should be executed right in place by the Windows AML interpreter. So in the current design, if the region initializations/accesses or the table loadings (where the namespace surely should be locked again) happening during the table loading period, dead lock could happen because ACPICA never unlocks the namespace during the AML interpretion. 2. ACPICA interpreter just ensures that all static namespace nodes (named objects created during the acpi_load_tables()) are created (acpi_ns_lookup()) with the correct lock held, but doesn't ensure that the named objects created by the control method are created with the same correct lock held. It requires the control methods to be executed in a serial way after "loading a table", that's why ACPICA requires method auto serialization. This patch fixes these software design issues by extending interpreter enter/exit APIs to hold both interpreter/namespace locks to ensure the lock order correctness, so that we can get these code paths: Table loading: acpi_ns_load_table E(Interpreter) acpi_ns_parse_table acpi_ns_one_complete_parse acpi_ns_execute_table X(Interpreter) acpi_ns_load_table acpi_ev_initialize_region address_space.Setup address_space.Handler acpi_os_wait_semaphore acpi_os_acquire_mutex acpi_os_sleep E(Interpreter) X(Interpreter) Object evaluation: acpi_ns_evaluate E(Interpreter) acpi_ps_execute_method X(Interpreter) acpi_ns_load_table acpi_ev_initialize_region address_space.Setup address_space.Handler acpi_os_wait_semaphore acpi_os_acquire_mutex acpi_os_sleep E(Interpreter) X(Interpreter) Where: 1. E(Interpreter) means acquire(MTX_INTERPRETER, MTX_NAMESPACE); 2. X(Interpreter) means release(MTX_NAMESPACE, MTX_INTERPRETER); After this change, we can see: 1. All namespace nodes creations are locked by the namespace lock. 2. All namespace nodes referencing are locked with the same lock. 3. But we also can notice a defact that, all namespace nodes deletions could be affected by this change. As a consequence, acpi_ns_delete_namespace_subtree() may delete a static namespace node that is still referenced by the interpreter (for example, the parser scopes). Currently, we needn't worry about the last defact because in ACPICA, table unloading is not fully functioning, its design strictly relies on the fact that when the namespace deletion happens, either the AML table or the OSPMs should have been notified and thus either the AML table or the OSPMs shouldn't reference deletion-related namespace nodes during the namespace deletion. And this change still works with the above restrictions applied. While making this a-step-forward helps us to correct the wrong grammar to pull many things back to the correct rail. And pulling things back to the correct rail in return makes it possible for us to support fully functioning table unloading after doing many cleanups. While this patch is generated, all namespace locks are examined to ensure that they can meet either of the following pattens: 1. L(Namespace) U(Namespace) 2. E(Interpreter) X(Interpreter) 3. E(Interpreter) X(Interpreter) L(Namespace) U(Namespace) E(Interpreter) X(Interpreter) We ensure this by adding X(Interpreter)/E(Interpreter) or removing U(Namespace)/L(Namespace) for those currently are executed in the following order: E(Interpreter) L(Namespace) U(Namespace) X(Interpreter) And adding E(Interpreter)/X(Interpreter) for those currently are executed in the following order: X(Interpreter) E(Interpreter) Originally, the interpreter lock is held for the execution AML opcodes, the namespace lock is held for the named object creation AML opcodes. Since they are actually same in MS interpreter (can all be executed during the table loading), we can combine the 2 locks and tune the locking code better in this way. Lv Zheng. Link: https://bugzilla.kernel.org/show_bug.cgi?id=153541 # [1] Link: https://bugzilla.kernel.org/show_bug.cgi?id=121701 # [1] Link: https://bugs.acpica.org/show_bug.cgi?id=1323 Link: https://github.com/acpica/acpica/commit/767ee533 Reported-and-tested-by: Mika Westerberg <mika.westerberg@linux.intel.com> Reported-and-tested-by: Greg White <gwhite@kupulau.com> Reported-and-tested-by: Dutch Guy <lucht_piloot@gmx.net> Signed-off-by: Lv Zheng <lv.zheng@intel.com> Signed-off-by: Bob Moore <robert.moore@intel.com> Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
291 lines
9.3 KiB
C
291 lines
9.3 KiB
C
/******************************************************************************
|
|
*
|
|
* Module Name: utaddress - op_region address range check
|
|
*
|
|
*****************************************************************************/
|
|
|
|
/*
|
|
* Copyright (C) 2000 - 2016, Intel Corp.
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions, and the following disclaimer,
|
|
* without modification.
|
|
* 2. Redistributions in binary form must reproduce at minimum a disclaimer
|
|
* substantially similar to the "NO WARRANTY" disclaimer below
|
|
* ("Disclaimer") and any redistribution must be conditioned upon
|
|
* including a substantially similar Disclaimer requirement for further
|
|
* binary redistribution.
|
|
* 3. Neither the names of the above-listed copyright holders nor the names
|
|
* of any contributors may be used to endorse or promote products derived
|
|
* from this software without specific prior written permission.
|
|
*
|
|
* Alternatively, this software may be distributed under the terms of the
|
|
* GNU General Public License ("GPL") version 2 as published by the Free
|
|
* Software Foundation.
|
|
*
|
|
* NO WARRANTY
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR
|
|
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
|
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
* POSSIBILITY OF SUCH DAMAGES.
|
|
*/
|
|
|
|
#include <acpi/acpi.h>
|
|
#include "accommon.h"
|
|
#include "acnamesp.h"
|
|
|
|
#define _COMPONENT ACPI_UTILITIES
|
|
ACPI_MODULE_NAME("utaddress")
|
|
|
|
/*******************************************************************************
|
|
*
|
|
* FUNCTION: acpi_ut_add_address_range
|
|
*
|
|
* PARAMETERS: space_id - Address space ID
|
|
* address - op_region start address
|
|
* length - op_region length
|
|
* region_node - op_region namespace node
|
|
*
|
|
* RETURN: Status
|
|
*
|
|
* DESCRIPTION: Add the Operation Region address range to the global list.
|
|
* The only supported Space IDs are Memory and I/O. Called when
|
|
* the op_region address/length operands are fully evaluated.
|
|
*
|
|
* MUTEX: Locks the namespace
|
|
*
|
|
* NOTE: Because this interface is only called when an op_region argument
|
|
* list is evaluated, there cannot be any duplicate region_nodes.
|
|
* Duplicate Address/Length values are allowed, however, so that multiple
|
|
* address conflicts can be detected.
|
|
*
|
|
******************************************************************************/
|
|
acpi_status
|
|
acpi_ut_add_address_range(acpi_adr_space_type space_id,
|
|
acpi_physical_address address,
|
|
u32 length, struct acpi_namespace_node *region_node)
|
|
{
|
|
struct acpi_address_range *range_info;
|
|
|
|
ACPI_FUNCTION_TRACE(ut_add_address_range);
|
|
|
|
if ((space_id != ACPI_ADR_SPACE_SYSTEM_MEMORY) &&
|
|
(space_id != ACPI_ADR_SPACE_SYSTEM_IO)) {
|
|
return_ACPI_STATUS(AE_OK);
|
|
}
|
|
|
|
/* Allocate/init a new info block, add it to the appropriate list */
|
|
|
|
range_info = ACPI_ALLOCATE(sizeof(struct acpi_address_range));
|
|
if (!range_info) {
|
|
return_ACPI_STATUS(AE_NO_MEMORY);
|
|
}
|
|
|
|
range_info->start_address = address;
|
|
range_info->end_address = (address + length - 1);
|
|
range_info->region_node = region_node;
|
|
|
|
range_info->next = acpi_gbl_address_range_list[space_id];
|
|
acpi_gbl_address_range_list[space_id] = range_info;
|
|
|
|
ACPI_DEBUG_PRINT((ACPI_DB_NAMES,
|
|
"\nAdded [%4.4s] address range: 0x%8.8X%8.8X-0x%8.8X%8.8X\n",
|
|
acpi_ut_get_node_name(range_info->region_node),
|
|
ACPI_FORMAT_UINT64(address),
|
|
ACPI_FORMAT_UINT64(range_info->end_address)));
|
|
|
|
return_ACPI_STATUS(AE_OK);
|
|
}
|
|
|
|
/*******************************************************************************
|
|
*
|
|
* FUNCTION: acpi_ut_remove_address_range
|
|
*
|
|
* PARAMETERS: space_id - Address space ID
|
|
* region_node - op_region namespace node
|
|
*
|
|
* RETURN: None
|
|
*
|
|
* DESCRIPTION: Remove the Operation Region from the global list. The only
|
|
* supported Space IDs are Memory and I/O. Called when an
|
|
* op_region is deleted.
|
|
*
|
|
* MUTEX: Assumes the namespace is locked
|
|
*
|
|
******************************************************************************/
|
|
|
|
void
|
|
acpi_ut_remove_address_range(acpi_adr_space_type space_id,
|
|
struct acpi_namespace_node *region_node)
|
|
{
|
|
struct acpi_address_range *range_info;
|
|
struct acpi_address_range *prev;
|
|
|
|
ACPI_FUNCTION_TRACE(ut_remove_address_range);
|
|
|
|
if ((space_id != ACPI_ADR_SPACE_SYSTEM_MEMORY) &&
|
|
(space_id != ACPI_ADR_SPACE_SYSTEM_IO)) {
|
|
return_VOID;
|
|
}
|
|
|
|
/* Get the appropriate list head and check the list */
|
|
|
|
range_info = prev = acpi_gbl_address_range_list[space_id];
|
|
while (range_info) {
|
|
if (range_info->region_node == region_node) {
|
|
if (range_info == prev) { /* Found at list head */
|
|
acpi_gbl_address_range_list[space_id] =
|
|
range_info->next;
|
|
} else {
|
|
prev->next = range_info->next;
|
|
}
|
|
|
|
ACPI_DEBUG_PRINT((ACPI_DB_NAMES,
|
|
"\nRemoved [%4.4s] address range: 0x%8.8X%8.8X-0x%8.8X%8.8X\n",
|
|
acpi_ut_get_node_name(range_info->
|
|
region_node),
|
|
ACPI_FORMAT_UINT64(range_info->
|
|
start_address),
|
|
ACPI_FORMAT_UINT64(range_info->
|
|
end_address)));
|
|
|
|
ACPI_FREE(range_info);
|
|
return_VOID;
|
|
}
|
|
|
|
prev = range_info;
|
|
range_info = range_info->next;
|
|
}
|
|
|
|
return_VOID;
|
|
}
|
|
|
|
/*******************************************************************************
|
|
*
|
|
* FUNCTION: acpi_ut_check_address_range
|
|
*
|
|
* PARAMETERS: space_id - Address space ID
|
|
* address - Start address
|
|
* length - Length of address range
|
|
* warn - TRUE if warning on overlap desired
|
|
*
|
|
* RETURN: Count of the number of conflicts detected. Zero is always
|
|
* returned for Space IDs other than Memory or I/O.
|
|
*
|
|
* DESCRIPTION: Check if the input address range overlaps any of the
|
|
* ASL operation region address ranges. The only supported
|
|
* Space IDs are Memory and I/O.
|
|
*
|
|
* MUTEX: Assumes the namespace is locked.
|
|
*
|
|
******************************************************************************/
|
|
|
|
u32
|
|
acpi_ut_check_address_range(acpi_adr_space_type space_id,
|
|
acpi_physical_address address, u32 length, u8 warn)
|
|
{
|
|
struct acpi_address_range *range_info;
|
|
acpi_physical_address end_address;
|
|
char *pathname;
|
|
u32 overlap_count = 0;
|
|
|
|
ACPI_FUNCTION_TRACE(ut_check_address_range);
|
|
|
|
if ((space_id != ACPI_ADR_SPACE_SYSTEM_MEMORY) &&
|
|
(space_id != ACPI_ADR_SPACE_SYSTEM_IO)) {
|
|
return_UINT32(0);
|
|
}
|
|
|
|
range_info = acpi_gbl_address_range_list[space_id];
|
|
end_address = address + length - 1;
|
|
|
|
/* Check entire list for all possible conflicts */
|
|
|
|
while (range_info) {
|
|
/*
|
|
* Check if the requested address/length overlaps this
|
|
* address range. There are four cases to consider:
|
|
*
|
|
* 1) Input address/length is contained completely in the
|
|
* address range
|
|
* 2) Input address/length overlaps range at the range start
|
|
* 3) Input address/length overlaps range at the range end
|
|
* 4) Input address/length completely encompasses the range
|
|
*/
|
|
if ((address <= range_info->end_address) &&
|
|
(end_address >= range_info->start_address)) {
|
|
|
|
/* Found an address range overlap */
|
|
|
|
overlap_count++;
|
|
if (warn) { /* Optional warning message */
|
|
pathname =
|
|
acpi_ns_get_normalized_pathname(range_info->
|
|
region_node,
|
|
TRUE);
|
|
|
|
ACPI_WARNING((AE_INFO,
|
|
"%s range 0x%8.8X%8.8X-0x%8.8X%8.8X conflicts with OpRegion 0x%8.8X%8.8X-0x%8.8X%8.8X (%s)",
|
|
acpi_ut_get_region_name(space_id),
|
|
ACPI_FORMAT_UINT64(address),
|
|
ACPI_FORMAT_UINT64(end_address),
|
|
ACPI_FORMAT_UINT64(range_info->
|
|
start_address),
|
|
ACPI_FORMAT_UINT64(range_info->
|
|
end_address),
|
|
pathname));
|
|
ACPI_FREE(pathname);
|
|
}
|
|
}
|
|
|
|
range_info = range_info->next;
|
|
}
|
|
|
|
return_UINT32(overlap_count);
|
|
}
|
|
|
|
/*******************************************************************************
|
|
*
|
|
* FUNCTION: acpi_ut_delete_address_lists
|
|
*
|
|
* PARAMETERS: None
|
|
*
|
|
* RETURN: None
|
|
*
|
|
* DESCRIPTION: Delete all global address range lists (called during
|
|
* subsystem shutdown).
|
|
*
|
|
******************************************************************************/
|
|
|
|
void acpi_ut_delete_address_lists(void)
|
|
{
|
|
struct acpi_address_range *next;
|
|
struct acpi_address_range *range_info;
|
|
int i;
|
|
|
|
/* Delete all elements in all address range lists */
|
|
|
|
for (i = 0; i < ACPI_ADDRESS_RANGE_MAX; i++) {
|
|
next = acpi_gbl_address_range_list[i];
|
|
|
|
while (next) {
|
|
range_info = next;
|
|
next = range_info->next;
|
|
ACPI_FREE(range_info);
|
|
}
|
|
|
|
acpi_gbl_address_range_list[i] = NULL;
|
|
}
|
|
}
|