From df54c4934e030e73cb6a7bd6713f697350dabd0b Mon Sep 17 00:00:00 2001 From: Thomas Gleixner Date: Sun, 2 Aug 2015 20:38:23 +0000 Subject: [PATCH] x86/irq: Protect smp_cleanup_move smp_cleanup_move fiddles without protection in the interrupt descriptors and the vector array. A concurrent irq setup/teardown or affinity setting can pull the rug under that operation. Add proper locking. Signed-off-by: Thomas Gleixner Cc: Jiang Liu Cc: Peter Zijlstra Cc: Rusty Russell Cc: Bjorn Helgaas Link: http://lkml.kernel.org/r/20150802203609.222975294@linutronix.de Signed-off-by: Thomas Gleixner --- arch/x86/kernel/apic/vector.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/arch/x86/kernel/apic/vector.c b/arch/x86/kernel/apic/vector.c index f47069e8efac..63d58b08a109 100644 --- a/arch/x86/kernel/apic/vector.c +++ b/arch/x86/kernel/apic/vector.c @@ -539,6 +539,9 @@ asmlinkage __visible void smp_irq_move_cleanup_interrupt(void) entering_ack_irq(); + /* Prevent vectors vanishing under us */ + raw_spin_lock(&vector_lock); + me = smp_processor_id(); for (vector = FIRST_EXTERNAL_VECTOR; vector < NR_VECTORS; vector++) { int irq; @@ -546,6 +549,7 @@ asmlinkage __visible void smp_irq_move_cleanup_interrupt(void) struct irq_desc *desc; struct apic_chip_data *data; + retry: irq = __this_cpu_read(vector_irq[vector]); if (irq <= VECTOR_UNDEFINED) @@ -555,12 +559,16 @@ asmlinkage __visible void smp_irq_move_cleanup_interrupt(void) if (!desc) continue; + if (!raw_spin_trylock(&desc->lock)) { + raw_spin_unlock(&vector_lock); + cpu_relax(); + raw_spin_lock(&vector_lock); + goto retry; + } + data = apic_chip_data(&desc->irq_data); if (!data) - continue; - - raw_spin_lock(&desc->lock); - + goto unlock; /* * Check if the irq migration is in progress. If so, we * haven't received the cleanup request yet for this irq. @@ -589,6 +597,8 @@ unlock: raw_spin_unlock(&desc->lock); } + raw_spin_unlock(&vector_lock); + exiting_irq(); } -- 2.34.1