diff options
author | Rafael J. Wysocki <rjw@sisk.pl> | 2010-07-05 16:43:53 -0400 |
---|---|---|
committer | Rafael J. Wysocki <rjw@sisk.pl> | 2010-07-18 19:58:48 -0400 |
commit | c125e96f044427f38d106fab7bc5e4a5e6a18262 (patch) | |
tree | d9bbd40cc933fe522dbdf8ca2f7edf7b6f2f7ca4 /kernel/power | |
parent | b14e033e17d0ea0ba12668d0d2f371cd31586994 (diff) |
PM: Make it possible to avoid races between wakeup and system sleep
One of the arguments during the suspend blockers discussion was that
the mainline kernel didn't contain any mechanisms making it possible
to avoid races between wakeup and system suspend.
Generally, there are two problems in that area. First, if a wakeup
event occurs exactly when /sys/power/state is being written to, it
may be delivered to user space right before the freezer kicks in, so
the user space consumer of the event may not be able to process it
before the system is suspended. Second, if a wakeup event occurs
after user space has been frozen, it is not generally guaranteed that
the ongoing transition of the system into a sleep state will be
aborted.
To address these issues introduce a new global sysfs attribute,
/sys/power/wakeup_count, associated with a running counter of wakeup
events and three helper functions, pm_stay_awake(), pm_relax(), and
pm_wakeup_event(), that may be used by kernel subsystems to control
the behavior of this attribute and to request the PM core to abort
system transitions into a sleep state already in progress.
The /sys/power/wakeup_count file may be read from or written to by
user space. Reads will always succeed (unless interrupted by a
signal) and return the current value of the wakeup events counter.
Writes, however, will only succeed if the written number is equal to
the current value of the wakeup events counter. If a write is
successful, it will cause the kernel to save the current value of the
wakeup events counter and to abort the subsequent system transition
into a sleep state if any wakeup events are reported after the write
has returned.
[The assumption is that before writing to /sys/power/state user space
will first read from /sys/power/wakeup_count. Next, user space
consumers of wakeup events will have a chance to acknowledge or
veto the upcoming system transition to a sleep state. Finally, if
the transition is allowed to proceed, /sys/power/wakeup_count will
be written to and if that succeeds, /sys/power/state will be written
to as well. Still, if any wakeup events are reported to the PM core
by kernel subsystems after that point, the transition will be
aborted.]
Additionally, put a wakeup events counter into struct dev_pm_info and
make these per-device wakeup event counters available via sysfs,
so that it's possible to check the activity of various wakeup event
sources within the kernel.
To illustrate how subsystems can use pm_wakeup_event(), make the
low-level PCI runtime PM wakeup-handling code use it.
Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
Acked-by: Jesse Barnes <jbarnes@virtuousgeek.org>
Acked-by: Greg Kroah-Hartman <gregkh@suse.de>
Acked-by: markgross <markgross@thegnar.org>
Reviewed-by: Alan Stern <stern@rowland.harvard.edu>
Diffstat (limited to 'kernel/power')
-rw-r--r-- | kernel/power/hibernate.c | 20 | ||||
-rw-r--r-- | kernel/power/main.c | 55 | ||||
-rw-r--r-- | kernel/power/suspend.c | 4 |
3 files changed, 72 insertions, 7 deletions
diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c index aa9e916da4d5..f61202916631 100644 --- a/kernel/power/hibernate.c +++ b/kernel/power/hibernate.c | |||
@@ -277,7 +277,7 @@ static int create_image(int platform_mode) | |||
277 | goto Enable_irqs; | 277 | goto Enable_irqs; |
278 | } | 278 | } |
279 | 279 | ||
280 | if (hibernation_test(TEST_CORE)) | 280 | if (hibernation_test(TEST_CORE) || !pm_check_wakeup_events()) |
281 | goto Power_up; | 281 | goto Power_up; |
282 | 282 | ||
283 | in_suspend = 1; | 283 | in_suspend = 1; |
@@ -288,8 +288,10 @@ static int create_image(int platform_mode) | |||
288 | error); | 288 | error); |
289 | /* Restore control flow magically appears here */ | 289 | /* Restore control flow magically appears here */ |
290 | restore_processor_state(); | 290 | restore_processor_state(); |
291 | if (!in_suspend) | 291 | if (!in_suspend) { |
292 | events_check_enabled = false; | ||
292 | platform_leave(platform_mode); | 293 | platform_leave(platform_mode); |
294 | } | ||
293 | 295 | ||
294 | Power_up: | 296 | Power_up: |
295 | sysdev_resume(); | 297 | sysdev_resume(); |
@@ -511,14 +513,20 @@ int hibernation_platform_enter(void) | |||
511 | 513 | ||
512 | local_irq_disable(); | 514 | local_irq_disable(); |
513 | sysdev_suspend(PMSG_HIBERNATE); | 515 | sysdev_suspend(PMSG_HIBERNATE); |
516 | if (!pm_check_wakeup_events()) { | ||
517 | error = -EAGAIN; | ||
518 | goto Power_up; | ||
519 | } | ||
520 | |||
514 | hibernation_ops->enter(); | 521 | hibernation_ops->enter(); |
515 | /* We should never get here */ | 522 | /* We should never get here */ |
516 | while (1); | 523 | while (1); |
517 | 524 | ||
518 | /* | 525 | Power_up: |
519 | * We don't need to reenable the nonboot CPUs or resume consoles, since | 526 | sysdev_resume(); |
520 | * the system is going to be halted anyway. | 527 | local_irq_enable(); |
521 | */ | 528 | enable_nonboot_cpus(); |
529 | |||
522 | Platform_finish: | 530 | Platform_finish: |
523 | hibernation_ops->finish(); | 531 | hibernation_ops->finish(); |
524 | 532 | ||
diff --git a/kernel/power/main.c b/kernel/power/main.c index b58800b21fc0..62b0bc6e4983 100644 --- a/kernel/power/main.c +++ b/kernel/power/main.c | |||
@@ -204,6 +204,60 @@ static ssize_t state_store(struct kobject *kobj, struct kobj_attribute *attr, | |||
204 | 204 | ||
205 | power_attr(state); | 205 | power_attr(state); |
206 | 206 | ||
207 | #ifdef CONFIG_PM_SLEEP | ||
208 | /* | ||
209 | * The 'wakeup_count' attribute, along with the functions defined in | ||
210 | * drivers/base/power/wakeup.c, provides a means by which wakeup events can be | ||
211 | * handled in a non-racy way. | ||
212 | * | ||
213 | * If a wakeup event occurs when the system is in a sleep state, it simply is | ||
214 | * woken up. In turn, if an event that would wake the system up from a sleep | ||
215 | * state occurs when it is undergoing a transition to that sleep state, the | ||
216 | * transition should be aborted. Moreover, if such an event occurs when the | ||
217 | * system is in the working state, an attempt to start a transition to the | ||
218 | * given sleep state should fail during certain period after the detection of | ||
219 | * the event. Using the 'state' attribute alone is not sufficient to satisfy | ||
220 | * these requirements, because a wakeup event may occur exactly when 'state' | ||
221 | * is being written to and may be delivered to user space right before it is | ||
222 | * frozen, so the event will remain only partially processed until the system is | ||
223 | * woken up by another event. In particular, it won't cause the transition to | ||
224 | * a sleep state to be aborted. | ||
225 | * | ||
226 | * This difficulty may be overcome if user space uses 'wakeup_count' before | ||
227 | * writing to 'state'. It first should read from 'wakeup_count' and store | ||
228 | * the read value. Then, after carrying out its own preparations for the system | ||
229 | * transition to a sleep state, it should write the stored value to | ||
230 | * 'wakeup_count'. If that fails, at least one wakeup event has occured since | ||
231 | * 'wakeup_count' was read and 'state' should not be written to. Otherwise, it | ||
232 | * is allowed to write to 'state', but the transition will be aborted if there | ||
233 | * are any wakeup events detected after 'wakeup_count' was written to. | ||
234 | */ | ||
235 | |||
236 | static ssize_t wakeup_count_show(struct kobject *kobj, | ||
237 | struct kobj_attribute *attr, | ||
238 | char *buf) | ||
239 | { | ||
240 | unsigned long val; | ||
241 | |||
242 | return pm_get_wakeup_count(&val) ? sprintf(buf, "%lu\n", val) : -EINTR; | ||
243 | } | ||
244 | |||
245 | static ssize_t wakeup_count_store(struct kobject *kobj, | ||
246 | struct kobj_attribute *attr, | ||
247 | const char *buf, size_t n) | ||
248 | { | ||
249 | unsigned long val; | ||
250 | |||
251 | if (sscanf(buf, "%lu", &val) == 1) { | ||
252 | if (pm_save_wakeup_count(val)) | ||
253 | return n; | ||
254 | } | ||
255 | return -EINVAL; | ||
256 | } | ||
257 | |||
258 | power_attr(wakeup_count); | ||
259 | #endif /* CONFIG_PM_SLEEP */ | ||
260 | |||
207 | #ifdef CONFIG_PM_TRACE | 261 | #ifdef CONFIG_PM_TRACE |
208 | int pm_trace_enabled; | 262 | int pm_trace_enabled; |
209 | 263 | ||
@@ -236,6 +290,7 @@ static struct attribute * g[] = { | |||
236 | #endif | 290 | #endif |
237 | #ifdef CONFIG_PM_SLEEP | 291 | #ifdef CONFIG_PM_SLEEP |
238 | &pm_async_attr.attr, | 292 | &pm_async_attr.attr, |
293 | &wakeup_count_attr.attr, | ||
239 | #ifdef CONFIG_PM_DEBUG | 294 | #ifdef CONFIG_PM_DEBUG |
240 | &pm_test_attr.attr, | 295 | &pm_test_attr.attr, |
241 | #endif | 296 | #endif |
diff --git a/kernel/power/suspend.c b/kernel/power/suspend.c index f37cb7dd4402..5f8d09f94325 100644 --- a/kernel/power/suspend.c +++ b/kernel/power/suspend.c | |||
@@ -163,8 +163,10 @@ static int suspend_enter(suspend_state_t state) | |||
163 | 163 | ||
164 | error = sysdev_suspend(PMSG_SUSPEND); | 164 | error = sysdev_suspend(PMSG_SUSPEND); |
165 | if (!error) { | 165 | if (!error) { |
166 | if (!suspend_test(TEST_CORE)) | 166 | if (!suspend_test(TEST_CORE) && pm_check_wakeup_events()) { |
167 | error = suspend_ops->enter(state); | 167 | error = suspend_ops->enter(state); |
168 | events_check_enabled = false; | ||
169 | } | ||
168 | sysdev_resume(); | 170 | sysdev_resume(); |
169 | } | 171 | } |
170 | 172 | ||