system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-11-05 18:23:50 +00:00
Code Issues Projects Releases Packages Wiki Activity
linux/arch/x86/kernel
History
Thomas Gleixner 5a3f75e3f0 x86/irq: Plug irq vector hotplug race 
Jin debugged a nasty cpu hotplug race which results in leaking a irq
vector on the newly hotplugged cpu.

cpu N				cpu M
native_cpu_up                   device_shutdown
  do_boot_cpu			  free_msi_irqs
  start_secondary                   arch_teardown_msi_irqs
    smp_callin                        default_teardown_msi_irqs
       setup_vector_irq                  arch_teardown_msi_irq
        __setup_vector_irq		   native_teardown_msi_irq
          lock(vector_lock)		     destroy_irq 
          install vectors
          unlock(vector_lock)
					       lock(vector_lock)
--->                                  	       __clear_irq_vector
                                    	       unlock(vector_lock)
    lock(vector_lock)
    set_cpu_online
    unlock(vector_lock)

This leaves the irq vector(s) which are torn down on CPU M stale in
the vector array of CPU N, because CPU M does not see CPU N online
yet. There is a similar issue with concurrent newly setup interrupts.

The alloc/free protection of irq descriptors does not prevent the
above race, because it merily prevents interrupt descriptors from
going away or changing concurrently.

Prevent this by moving the call to setup_vector_irq() into the
vector_lock held region which protects set_cpu_online():

cpu N				cpu M
native_cpu_up                   device_shutdown
  do_boot_cpu			  free_msi_irqs
  start_secondary                   arch_teardown_msi_irqs
    smp_callin                        default_teardown_msi_irqs
       lock(vector_lock)                arch_teardown_msi_irq
       setup_vector_irq()
        __setup_vector_irq		   native_teardown_msi_irq
          install vectors		     destroy_irq 
       set_cpu_online
       unlock(vector_lock)
					       lock(vector_lock)
                                  	       __clear_irq_vector
                                    	       unlock(vector_lock)

So cpu M either sees the cpu N online before clearing the vector or
cpu N installs the vectors after cpu M has cleared it.

Reported-by: xiao jin <jin.xiao@intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Joerg Roedel <jroedel@suse.de>
Cc: Borislav Petkov <bp@suse.de>
Cc: Yanmin Zhang <yanmin_zhang@linux.intel.com>
Link: http://lkml.kernel.org/r/20150705171102.141898931@linutronix.de
2015-07-07 11:54:04 +02:00
..
acpi Power management and ACPI material for v4.2-rc1 2015-06-23 14:18:07 -07:00
apic x86/irq: Plug irq vector hotplug race 2015-07-07 11:54:04 +02:00
cpu Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2015-07-04 08:58:50 -07:00
fpu x86/fpu: Fix boot crash in the early FPU code 2015-07-04 10:05:56 +02:00
kprobes Merge branch 'perf-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2015-04-14 14:37:47 -07:00
.gitignore
alternative.c Merge branch 'x86-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2015-06-22 17:59:09 -07:00
amd_gart_64.c
amd_nb.c x86/gart: Check for GART support before accessing GART registers 2015-05-06 11:15:53 +02:00
apb_timer.c x86/intel-mid: Delay initialization of APB timer 2015-04-24 15:36:51 +02:00
aperture_64.c x86/gart: Check for GART support before accessing GART registers 2015-05-06 11:15:53 +02:00
apm_32.c
asm-offsets.c x86: Merge common 32-bit values in asm-offsets.c 2015-05-05 20:48:02 +02:00
asm-offsets_32.c x86: Remove unused TI_cpu 2015-05-05 20:48:02 +02:00
asm-offsets_64.c x86/asm/entry: (Re-)rename __NR_entry_INT80_compat_max to __NR_syscall_compat_max 2015-06-08 23:43:38 +02:00
audit_64.c
bootflag.c x86: don't use module_init for non-modular core bootflag code 2015-06-16 14:12:34 -04:00
check.c mm/memblock: add extra "flags" to memblock to allow selection of memory based on attribute 2015-06-24 17:49:44 -07:00
cpuid.c
crash.c x86/mm: Decouple <linux/vmalloc.h> from <asm/io.h> 2015-06-03 12:02:00 +02:00
crash_dump_32.c
crash_dump_64.c
devicetree.c Replace module_init with equivalent device_initcall in non modules. 2015-07-02 10:30:48 -07:00
doublefault.c
dumpstack.c Merge branch 'x86-debug-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2015-04-13 13:23:34 -07:00
dumpstack_32.c Merge branch 'x86-debug-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2015-04-13 13:23:34 -07:00
dumpstack_64.c
e820.c The libnvdimm sub-system introduces, in addition to the libnvdimm-core, 2015-06-29 10:34:42 -07:00
early-quirks.c Merge branch 'drm-next' of git://people.freedesktop.org/~airlied/linux 2015-06-26 13:18:51 -07:00
early_printk.c x86/earlyprintk: Allow early_printk() to use console style parameters like '115200n8' 2015-07-06 17:33:47 +02:00
espfix_64.c x86/espfix: Init espfix on the boot CPU side 2015-07-06 15:00:34 +02:00
ftrace.c
head.c
head32.c
head64.c x86/kasan: Fix KASAN shadow region page tables 2015-07-06 14:53:13 +02:00
head_32.S Merge branch 'x86-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2015-06-22 17:59:09 -07:00
head_64.S x86/kasan: Fix KASAN shadow region page tables 2015-07-06 14:53:13 +02:00
hpet.c x86/hpet: Use proper hpet device number for MSI allocation 2015-06-21 16:38:40 +02:00
hw_breakpoint.c
i386_ksyms_32.c preempt: Use preempt_schedule_context() as the official tracing preemption point 2015-06-07 15:57:42 +02:00
i8237.c
i8253.c
i8259.c x86/asm/entry/irq: Clean up IRQn_VECTOR macros 2015-05-10 12:34:28 +02:00
io_delay.c
ioport.c
iosf_mbi.c
irq.c Merge branch 'x86/ras' into x86/core, to fix conflicts 2015-06-07 15:35:27 +02:00
irq_32.c x86/irq: Merge irq_regs & irq_stat 2015-05-10 12:34:27 +02:00
irq_64.c x86/irq: Merge irq_regs & irq_stat 2015-05-10 12:34:27 +02:00
irq_work.c x86: Consolidate irq entering inlines 2015-05-15 16:04:49 +02:00
irqinit.c Merge branch 'x86/ras' into x86/core, to fix conflicts 2015-06-07 15:35:27 +02:00
jump_label.c
kdebugfs.c
kexec-bzimage64.c x86/kexec: prepend elfcorehdr instead of appending it to the crash-kernel command-line. 2015-06-30 19:44:57 -07:00
kgdb.c Linux 4.0-rc7 2015-04-08 09:01:54 +02:00
ksysfs.c
kvm.c The bulk of the changes here is for x86. And for once it's not 2015-06-24 09:36:49 -07:00
kvmclock.c x86: kvmclock: set scheduler clock stable 2015-05-29 14:01:52 +02:00
ldt.c
livepatch.c
machine_kexec_32.c
machine_kexec_64.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/livepatching 2015-06-23 14:07:26 -07:00
Makefile Merge branch 'x86-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2015-06-22 17:59:09 -07:00
mcount_64.S
mmconf-fam10h_64.c
module.c x86/mm/KASLR: Propagate KASLR status to kernel proper 2015-04-03 15:26:15 +02:00
mpparse.c x86: Cleanup irq_domain ops 2015-04-24 15:36:55 +02:00
msr.c
nmi.c
nmi_selftest.c
paravirt-spinlocks.c locking/pvqspinlock: Rename QUEUED_SPINLOCK to QUEUED_SPINLOCKS 2015-05-11 09:52:09 +02:00
paravirt.c Merge branch 'linus' into x86/asm, before applying dependent patch 2015-05-08 13:33:33 +02:00
paravirt_patch_32.c locking/pvqspinlock, x86: Implement the paravirt qspinlock call patching 2015-05-08 12:37:09 +02:00
paravirt_patch_64.c Merge branch 'locking/core' into x86/core, to prepare for dependent patch 2015-06-03 10:07:35 +02:00
pci-calgary_64.c
pci-dma.c x86: Deinline dma_free_attrs() 2015-05-05 20:48:02 +02:00
pci-iommu_table.c
pci-nommu.c
pci-swiotlb.c x86/swiotlb: Try coherent allocations with __GFP_NOWARN 2015-06-11 08:28:38 +02:00
pcspeaker.c
perf_regs.c perf/x86/64: Report regs_user->ax too in get_regs_user() 2015-04-11 13:08:53 +02:00
pmc_atom.c
pmem.c libnvdimm: Set numa_node to NVDIMM devices 2015-06-26 11:23:38 -04:00
probe_roms.c
process.c Merge branch 'x86-fpu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2015-06-22 17:16:11 -07:00
process_32.c x86: opt into HAVE_COPY_THREAD_TLS, for both 32-bit and 64-bit 2015-06-30 19:45:01 -07:00
process_64.c x86: opt into HAVE_COPY_THREAD_TLS, for both 32-bit and 64-bit 2015-06-30 19:45:01 -07:00
ptrace.c x86/fpu: Factor out fpu/regset.h from fpu/internal.h 2015-05-19 15:48:06 +02:00
pvclock.c x86: pvclock: Really remove the sched notifier for cross-cpu migrations 2015-04-27 15:49:30 +02:00
quirks.c
reboot.c
reboot_fixups_32.c
relocate_kernel_32.S
relocate_kernel_64.S
resource.c
rtc.c
setup.c Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2015-07-04 08:58:50 -07:00
setup_percpu.c
signal.c x86/fpu: Split out fpu/signal.h from fpu/internal.h for signal frame handling functions 2015-05-19 15:48:05 +02:00
smp.c x86: Consolidate irq entering inlines 2015-05-15 16:04:49 +02:00
smpboot.c x86/irq: Plug irq vector hotplug race 2015-07-07 11:54:04 +02:00
stacktrace.c
step.c
sys_x86_64.c
sysfb.c
sysfb_efi.c
sysfb_simplefb.c
tboot.c
tce_64.c
test_nx.c
test_rodata.c
time.c
tls.c
tls.h
topology.c
trace_clock.c
tracepoint.c
traps.c Merge branch 'x86-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2015-06-22 17:59:09 -07:00
tsc.c x86/tsc: Let high latency PIT fail fast in quick_pit_calibrate() 2015-07-06 09:41:00 +02:00
tsc_msr.c
tsc_sync.c x86: Replace cpu_**_mask() with topology_**_cpumask() 2015-05-27 15:22:17 +02:00
uprobes.c x86: Make is_64bit_mm() widely available 2015-06-09 12:24:32 +02:00
verify_cpu.S
vm86_32.c
vmlinux.lds.S
vsmp_64.c x86: replace __init_or_module with __init in non-modular vsmp_64.c 2015-06-16 14:12:41 -04:00
x86_init.c PCI changes for the v4.2 merge window: 2015-06-23 13:41:24 -07:00
x8664_ksyms_64.c preempt: Use preempt_schedule_context() as the official tracing preemption point 2015-06-07 15:57:42 +02:00