b41a60eca8
This patch (as920) adds an extra level of protection to the USB-Persist facility. Now it will apply by default only to hubs; for all other devices the user must enable it explicitly by setting the power/persist device attribute. The disconnect_all_children() routine in hub.c has been removed and its code placed inline. This is the way it was originally as part of hub_pre_reset(); the revised usage in hub_reset_resume() is sufficiently different that the code can no longer be shared. Likewise, mark_children_for_reset() is now inline as part of hub_reset_resume(). The end result looks much cleaner than before. The sysfs interface is updated to add the new attribute file, and there are corresponding documentation updates. Signed-off-by: Alan Stern <stern@rowland.harvard.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
156 lines
7.3 KiB
Text
156 lines
7.3 KiB
Text
USB device persistence during system suspend
|
|
|
|
Alan Stern <stern@rowland.harvard.edu>
|
|
|
|
September 2, 2006 (Updated May 29, 2007)
|
|
|
|
|
|
What is the problem?
|
|
|
|
According to the USB specification, when a USB bus is suspended the
|
|
bus must continue to supply suspend current (around 1-5 mA). This
|
|
is so that devices can maintain their internal state and hubs can
|
|
detect connect-change events (devices being plugged in or unplugged).
|
|
The technical term is "power session".
|
|
|
|
If a USB device's power session is interrupted then the system is
|
|
required to behave as though the device has been unplugged. It's a
|
|
conservative approach; in the absence of suspend current the computer
|
|
has no way to know what has actually happened. Perhaps the same
|
|
device is still attached or perhaps it was removed and a different
|
|
device plugged into the port. The system must assume the worst.
|
|
|
|
By default, Linux behaves according to the spec. If a USB host
|
|
controller loses power during a system suspend, then when the system
|
|
wakes up all the devices attached to that controller are treated as
|
|
though they had disconnected. This is always safe and it is the
|
|
"officially correct" thing to do.
|
|
|
|
For many sorts of devices this behavior doesn't matter in the least.
|
|
If the kernel wants to believe that your USB keyboard was unplugged
|
|
while the system was asleep and a new keyboard was plugged in when the
|
|
system woke up, who cares? It'll still work the same when you type on
|
|
it.
|
|
|
|
Unfortunately problems _can_ arise, particularly with mass-storage
|
|
devices. The effect is exactly the same as if the device really had
|
|
been unplugged while the system was suspended. If you had a mounted
|
|
filesystem on the device, you're out of luck -- everything in that
|
|
filesystem is now inaccessible. This is especially annoying if your
|
|
root filesystem was located on the device, since your system will
|
|
instantly crash.
|
|
|
|
Loss of power isn't the only mechanism to worry about. Anything that
|
|
interrupts a power session will have the same effect. For example,
|
|
even though suspend current may have been maintained while the system
|
|
was asleep, on many systems during the initial stages of wakeup the
|
|
firmware (i.e., the BIOS) resets the motherboard's USB host
|
|
controllers. Result: all the power sessions are destroyed and again
|
|
it's as though you had unplugged all the USB devices. Yes, it's
|
|
entirely the BIOS's fault, but that doesn't do _you_ any good unless
|
|
you can convince the BIOS supplier to fix the problem (lots of luck!).
|
|
|
|
On many systems the USB host controllers will get reset after a
|
|
suspend-to-RAM. On almost all systems, no suspend current is
|
|
available during hibernation (also known as swsusp or suspend-to-disk).
|
|
You can check the kernel log after resuming to see if either of these
|
|
has happened; look for lines saying "root hub lost power or was reset".
|
|
|
|
In practice, people are forced to unmount any filesystems on a USB
|
|
device before suspending. If the root filesystem is on a USB device,
|
|
the system can't be suspended at all. (All right, it _can_ be
|
|
suspended -- but it will crash as soon as it wakes up, which isn't
|
|
much better.)
|
|
|
|
|
|
What is the solution?
|
|
|
|
Setting CONFIG_USB_PERSIST will cause the kernel to work around these
|
|
issues. It enables a mode in which the core USB device data
|
|
structures are allowed to persist across a power-session disruption.
|
|
It works like this. If the kernel sees that a USB host controller is
|
|
not in the expected state during resume (i.e., if the controller was
|
|
reset or otherwise had lost power) then it applies a persistence check
|
|
to each of the USB devices below that controller for which the
|
|
"persist" attribute is set. It doesn't try to resume the device; that
|
|
can't work once the power session is gone. Instead it issues a USB
|
|
port reset and then re-enumerates the device. (This is exactly the
|
|
same thing that happens whenever a USB device is reset.) If the
|
|
re-enumeration shows that the device now attached to that port has the
|
|
same descriptors as before, including the Vendor and Product IDs, then
|
|
the kernel continues to use the same device structure. In effect, the
|
|
kernel treats the device as though it had merely been reset instead of
|
|
unplugged.
|
|
|
|
If no device is now attached to the port, or if the descriptors are
|
|
different from what the kernel remembers, then the treatment is what
|
|
you would expect. The kernel destroys the old device structure and
|
|
behaves as though the old device had been unplugged and a new device
|
|
plugged in, just as it would without the CONFIG_USB_PERSIST option.
|
|
|
|
The end result is that the USB device remains available and usable.
|
|
Filesystem mounts and memory mappings are unaffected, and the world is
|
|
now a good and happy place.
|
|
|
|
Note that even when CONFIG_USB_PERSIST is set, the "persist" feature
|
|
will be applied only to those devices for which it is enabled. You
|
|
can enable the feature by doing (as root):
|
|
|
|
echo 1 >/sys/bus/usb/devices/.../power/persist
|
|
|
|
where the "..." should be filled in the with the device's ID. Disable
|
|
the feature by writing 0 instead of 1. For hubs the feature is
|
|
automatically and permanently enabled, so you only have to worry about
|
|
setting it for devices where it really matters.
|
|
|
|
|
|
Is this the best solution?
|
|
|
|
Perhaps not. Arguably, keeping track of mounted filesystems and
|
|
memory mappings across device disconnects should be handled by a
|
|
centralized Logical Volume Manager. Such a solution would allow you
|
|
to plug in a USB flash device, create a persistent volume associated
|
|
with it, unplug the flash device, plug it back in later, and still
|
|
have the same persistent volume associated with the device. As such
|
|
it would be more far-reaching than CONFIG_USB_PERSIST.
|
|
|
|
On the other hand, writing a persistent volume manager would be a big
|
|
job and using it would require significant input from the user. This
|
|
solution is much quicker and easier -- and it exists now, a giant
|
|
point in its favor!
|
|
|
|
Furthermore, the USB_PERSIST option applies to _all_ USB devices, not
|
|
just mass-storage devices. It might turn out to be equally useful for
|
|
other device types, such as network interfaces.
|
|
|
|
|
|
WARNING: Using CONFIG_USB_PERSIST can be dangerous!!
|
|
|
|
When recovering an interrupted power session the kernel does its best
|
|
to make sure the USB device hasn't been changed; that is, the same
|
|
device is still plugged into the port as before. But the checks
|
|
aren't guaranteed to be 100% accurate.
|
|
|
|
If you replace one USB device with another of the same type (same
|
|
manufacturer, same IDs, and so on) there's an excellent chance the
|
|
kernel won't detect the change. Serial numbers and other strings are
|
|
not compared. In many cases it wouldn't help if they were, because
|
|
manufacturers frequently omit serial numbers entirely in their
|
|
devices.
|
|
|
|
Furthermore it's quite possible to leave a USB device exactly the same
|
|
while changing its media. If you replace the flash memory card in a
|
|
USB card reader while the system is asleep, the kernel will have no
|
|
way to know you did it. The kernel will assume that nothing has
|
|
happened and will continue to use the partition tables, inodes, and
|
|
memory mappings for the old card.
|
|
|
|
If the kernel gets fooled in this way, it's almost certain to cause
|
|
data corruption and to crash your system. You'll have no one to blame
|
|
but yourself.
|
|
|
|
YOU HAVE BEEN WARNED! USE AT YOUR OWN RISK!
|
|
|
|
That having been said, most of the time there shouldn't be any trouble
|
|
at all. The "persist" feature can be extremely useful. Make the most
|
|
of it.
|