[PATCH 5.10 33/73] xhci: remove extra loop in interrupt context

From: Sasha Levin
Date: Wed Mar 13 2024 - 13:48:32 EST

Next message: Sasha Levin: "[PATCH 5.10 34/73] xhci: prevent double-fetch of transfer and transfer event TRBs"
Previous message: Sasha Levin: "[PATCH 5.10 32/73] um: allow not setting extra rpaths in the linux binary"
In reply to: Sasha Levin: "[PATCH 5.10 32/73] um: allow not setting extra rpaths in the linux binary"
Next in thread: Sasha Levin: "[PATCH 5.10 34/73] xhci: prevent double-fetch of transfer and transfer event TRBs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Mathias Nyman <mathias.nyman@xxxxxxxxxxxxxxx>

[ Upstream commit 55f6153d8cc8eff0852d108f80087fdf41dc2169 ]

When finishing a TD we walk the endpoint dequeue trb pointer
until it matches the last TRB of the TD.

TDs can contain over 100 TRBs, meaning we call a function 100 times,
do a few comparisons and increase a couple values for each of these calls,
all in interrupt context.

This can all be avoided by adding a pointer to the last TRB segment, and
a number of TRBs in the TD. So instead of walking through each TRB just
set the new dequeue segment, pointer, and number of free TRBs directly.

Getting rid of the while loop also reduces the risk of getting stuck in a
infinite loop in the interrupt handler. Loop relied on valid matching
dequeue and last_trb values to break.

Signed-off-by: Mathias Nyman <mathias.nyman@xxxxxxxxxxxxxxx>
Link: https://lore.kernel.org/r/20210129130044.206855-12-mathias.nyman@xxxxxxxxxxxxxxx
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Stable-dep-of: 5372c65e1311 ("xhci: process isoc TD properly when there was a transaction error mid TD.")
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
drivers/usb/host/xhci-ring.c | 21 ++++++++++++++-------
drivers/usb/host/xhci.h | 2 ++
2 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c
index eb70f07e3623a..b814dc07116da 100644
--- a/drivers/usb/host/xhci-ring.c
+++ b/drivers/usb/host/xhci-ring.c
@@ -2099,8 +2099,9 @@ static int finish_td(struct xhci_hcd *xhci, struct xhci_td *td,
EP_HARD_RESET);
} else {
/* Update ring dequeue pointer */
- while (ep_ring->dequeue != td->last_trb)
- inc_deq(xhci, ep_ring);
+ ep_ring->dequeue = td->last_trb;
+ ep_ring->deq_seg = td->last_trb_seg;
+ ep_ring->num_trbs_free += td->num_trbs - 1;
inc_deq(xhci, ep_ring);
}

@@ -2321,8 +2322,9 @@ static int skip_isoc_td(struct xhci_hcd *xhci, struct xhci_td *td,
frame->actual_length = 0;

/* Update ring dequeue pointer */
- while (ep->ring->dequeue != td->last_trb)
- inc_deq(xhci, ep->ring);
+ ep->ring->dequeue = td->last_trb;
+ ep->ring->deq_seg = td->last_trb_seg;
+ ep->ring->num_trbs_free += td->num_trbs - 1;
inc_deq(xhci, ep->ring);

return xhci_td_cleanup(xhci, td, ep->ring, status);
@@ -3487,7 +3489,7 @@ int xhci_queue_bulk_tx(struct xhci_hcd *xhci, gfp_t mem_flags,
field |= TRB_IOC;
more_trbs_coming = false;
td->last_trb = ring->enqueue;
-
+ td->last_trb_seg = ring->enq_seg;
if (xhci_urb_suitable_for_idt(urb)) {
memcpy(&send_addr, urb->transfer_buffer,
trb_buff_len);
@@ -3513,7 +3515,7 @@ int xhci_queue_bulk_tx(struct xhci_hcd *xhci, gfp_t mem_flags,
upper_32_bits(send_addr),
length_field,
field);
-
+ td->num_trbs++;
addr += trb_buff_len;
sent_len = trb_buff_len;

@@ -3537,8 +3539,10 @@ int xhci_queue_bulk_tx(struct xhci_hcd *xhci, gfp_t mem_flags,
ep_index, urb->stream_id,
1, urb, 1, mem_flags);
urb_priv->td[1].last_trb = ring->enqueue;
+ urb_priv->td[1].last_trb_seg = ring->enq_seg;
field = TRB_TYPE(TRB_NORMAL) | ring->cycle_state | TRB_IOC;
queue_trb(xhci, ring, 0, 0, 0, TRB_INTR_TARGET(0), field);
+ urb_priv->td[1].num_trbs++;
}

check_trb_math(urb, enqd_len);
@@ -3589,6 +3593,7 @@ int xhci_queue_ctrl_tx(struct xhci_hcd *xhci, gfp_t mem_flags,

urb_priv = urb->hcpriv;
td = &urb_priv->td[0];
+ td->num_trbs = num_trbs;

/*
* Don't give the first TRB to the hardware (by toggling the cycle bit)
@@ -3661,6 +3666,7 @@ int xhci_queue_ctrl_tx(struct xhci_hcd *xhci, gfp_t mem_flags,

/* Save the DMA address of the last TRB in the TD */
td->last_trb = ep_ring->enqueue;
+ td->last_trb_seg = ep_ring->enq_seg;

/* Queue status TRB - see Table 7 and sections 4.11.2.2 and 6.4.1.2.3 */
/* If the device sent data, the status stage is an OUT transfer */
@@ -3905,7 +3911,7 @@ static int xhci_queue_isoc_tx(struct xhci_hcd *xhci, gfp_t mem_flags,
goto cleanup;
}
td = &urb_priv->td[i];
-
+ td->num_trbs = trbs_per_td;
/* use SIA as default, if frame id is used overwrite it */
sia_frame_id = TRB_SIA;
if (!(urb->transfer_flags & URB_ISO_ASAP) &&
@@ -3948,6 +3954,7 @@ static int xhci_queue_isoc_tx(struct xhci_hcd *xhci, gfp_t mem_flags,
} else {
more_trbs_coming = false;
td->last_trb = ep_ring->enqueue;
+ td->last_trb_seg = ep_ring->enq_seg;
field |= TRB_IOC;
if (trb_block_event_intr(xhci, num_tds, i))
field |= TRB_BEI;
diff --git a/drivers/usb/host/xhci.h b/drivers/usb/host/xhci.h
index bb3c362a194b2..85ab213c7940a 100644
--- a/drivers/usb/host/xhci.h
+++ b/drivers/usb/host/xhci.h
@@ -1550,9 +1550,11 @@ struct xhci_td {
struct xhci_segment *start_seg;
union xhci_trb *first_trb;
union xhci_trb *last_trb;
+ struct xhci_segment *last_trb_seg;
struct xhci_segment *bounce_seg;
/* actual_length of the URB has already been set */
bool urb_length_set;
+ unsigned int num_trbs;
};

/* xHCI command default timeout value */
--
2.43.0

Next message: Sasha Levin: "[PATCH 5.10 34/73] xhci: prevent double-fetch of transfer and transfer event TRBs"
Previous message: Sasha Levin: "[PATCH 5.10 32/73] um: allow not setting extra rpaths in the linux binary"
In reply to: Sasha Levin: "[PATCH 5.10 32/73] um: allow not setting extra rpaths in the linux binary"
Next in thread: Sasha Levin: "[PATCH 5.10 34/73] xhci: prevent double-fetch of transfer and transfer event TRBs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]