[PATCH v4 09/19] irqdomain: Fix mapping-creation race

From: Johan Hovold
Date: Mon Jan 16 2023 - 08:51:15 EST

Next message: Johan Hovold: "[PATCH v4 01/19] irqdomain: Drop bogus fwspec-mapping error handling"
Previous message: Johan Hovold: "[PATCH v4 06/19] irqdomain: Drop revmap mutex"
In reply to: Johan Hovold: "Re: [PATCH v4 06/19] irqdomain: Drop revmap mutex"
Next in thread: Thomas Gleixner: "Re: [PATCH v4 09/19] irqdomain: Fix mapping-creation race"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Parallel probing (e.g. due to asynchronous probing) of devices that share
interrupts can currently result in two mappings for the same hardware
interrupt to be created.

Make sure to hold the irq_domain_mutex when creating mappings so that
looking for an existing mapping before creating a new one is done
atomically.

Fixes: 765230b5f084 ("driver-core: add asynchronous probing support for drivers")
Fixes: b62b2cf5759b ("irqdomain: Fix handling of type settings for existing mappings")
Link: https://lore.kernel.org/r/YuJXMHoT4ijUxnRb@xxxxxxxxxxxxxxxxxxxx
Cc: Dmitry Torokhov <dtor@xxxxxxxxxxxx>
Cc: Jon Hunter <jonathanh@xxxxxxxxxx>
Tested-by: Hsin-Yi Wang <hsinyi@xxxxxxxxxxxx>
Tested-by: Mark-PK Tsai <mark-pk.tsai@xxxxxxxxxxxx>
Signed-off-by: Johan Hovold <johan+linaro@xxxxxxxxxx>
---
kernel/irq/irqdomain.c | 47 ++++++++++++++++++++++++++++++++----------
1 file changed, 36 insertions(+), 11 deletions(-)

diff --git a/kernel/irq/irqdomain.c b/kernel/irq/irqdomain.c
index d6139b0218d4..7232947eee3e 100644
--- a/kernel/irq/irqdomain.c
+++ b/kernel/irq/irqdomain.c
@@ -25,6 +25,9 @@ static DEFINE_MUTEX(irq_domain_mutex);

static struct irq_domain *irq_default_domain;

+static int ___irq_domain_alloc_irqs(struct irq_domain *domain, int irq_base,
+ unsigned int nr_irqs, int node, void *arg,
+ bool realloc, const struct irq_affinity_desc *affinity);
static void irq_domain_check_hierarchy(struct irq_domain *domain);

struct irqchip_fwid {
@@ -692,7 +695,7 @@ static unsigned int __irq_create_mapping_affinity(struct irq_domain *domain,
return 0;
}

- if (irq_domain_associate(domain, virq, hwirq)) {
+ if (__irq_domain_associate(domain, virq, hwirq)) {
irq_free_desc(virq);
return 0;
}
@@ -728,14 +731,20 @@ unsigned int irq_create_mapping_affinity(struct irq_domain *domain,
return 0;
}

+ mutex_lock(&irq_domain_mutex);
+
/* Check if mapping already exists */
virq = irq_find_mapping(domain, hwirq);
if (virq) {
pr_debug("existing mapping on virq %d\n", virq);
- return virq;
+ goto out;
}

- return __irq_create_mapping_affinity(domain, hwirq, affinity);
+ virq = __irq_create_mapping_affinity(domain, hwirq, affinity);
+out:
+ mutex_unlock(&irq_domain_mutex);
+
+ return virq;
}
EXPORT_SYMBOL_GPL(irq_create_mapping_affinity);

@@ -802,6 +811,8 @@ unsigned int irq_create_fwspec_mapping(struct irq_fwspec *fwspec)
if (WARN_ON(type & ~IRQ_TYPE_SENSE_MASK))
type &= IRQ_TYPE_SENSE_MASK;

+ mutex_lock(&irq_domain_mutex);
+
/*
* If we've already configured this interrupt,
* don't do it again, or hell will break loose.
@@ -814,7 +825,7 @@ unsigned int irq_create_fwspec_mapping(struct irq_fwspec *fwspec)
* interrupt number.
*/
if (type == IRQ_TYPE_NONE || type == irq_get_trigger_type(virq))
- return virq;
+ goto out;

/*
* If the trigger type has not been set yet, then set
@@ -823,36 +834,43 @@ unsigned int irq_create_fwspec_mapping(struct irq_fwspec *fwspec)
if (irq_get_trigger_type(virq) == IRQ_TYPE_NONE) {
irq_data = irq_get_irq_data(virq);
if (!irq_data)
- return 0;
+ goto err;

irqd_set_trigger_type(irq_data, type);
- return virq;
+ goto out;
}

pr_warn("type mismatch, failed to map hwirq-%lu for %s!\n",
hwirq, of_node_full_name(to_of_node(fwspec->fwnode)));
- return 0;
+ goto err;
}

if (irq_domain_is_hierarchy(domain)) {
- virq = irq_domain_alloc_irqs(domain, 1, NUMA_NO_NODE, fwspec);
+ virq = ___irq_domain_alloc_irqs(domain, -1, 1, NUMA_NO_NODE,
+ fwspec, false, NULL);
if (virq <= 0)
- return 0;
+ goto err;
} else {
/* Create mapping */
virq = __irq_create_mapping_affinity(domain, hwirq, NULL);
if (!virq)
- return virq;
+ goto err;
}

irq_data = irq_get_irq_data(virq);
if (WARN_ON(!irq_data))
- return 0;
+ goto err;

/* Store trigger type */
irqd_set_trigger_type(irq_data, type);
+out:
+ mutex_unlock(&irq_domain_mutex);

return virq;
+err:
+ mutex_unlock(&irq_domain_mutex);
+
+ return 0;
}
EXPORT_SYMBOL_GPL(irq_create_fwspec_mapping);

@@ -1877,6 +1895,13 @@ void irq_domain_set_info(struct irq_domain *domain, unsigned int virq,
irq_set_handler_data(virq, handler_data);
}

+static int ___irq_domain_alloc_irqs(struct irq_domain *domain, int irq_base,
+ unsigned int nr_irqs, int node, void *arg,
+ bool realloc, const struct irq_affinity_desc *affinity)
+{
+ return -EINVAL;
+}
+
static void irq_domain_check_hierarchy(struct irq_domain *domain)
{
}
--
2.38.2

Next message: Johan Hovold: "[PATCH v4 01/19] irqdomain: Drop bogus fwspec-mapping error handling"
Previous message: Johan Hovold: "[PATCH v4 06/19] irqdomain: Drop revmap mutex"
In reply to: Johan Hovold: "Re: [PATCH v4 06/19] irqdomain: Drop revmap mutex"
Next in thread: Thomas Gleixner: "Re: [PATCH v4 09/19] irqdomain: Fix mapping-creation race"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]