Re: [PATCH] irqchip/atmel-aic: Fix potential deadlock in ->xlate()
From: Boris Brezillon
Date: Tue Sep 13 2016 - 09:01:11 EST
On Tue, 13 Sep 2016 14:55:20 +0200 (CEST)
Thomas Gleixner <tglx@xxxxxxxxxxxxx> wrote:
> On Tue, 13 Sep 2016, Boris Brezillon wrote:
>
> > aic5_irq_domain_xlate() and aic_irq_domain_xlate() take the generic chip
> > lock without disabling interrupts, which can lead to a deadlock if an
> > interrupt occurs while the lock is held in one of these functions.
> >
> > Replace irq_gc_{lock,unlock}() calls by
> > raw_spin_{lock_irqsave,unlock_irqrestore}() ones to prevent this bug from
> > happening.
> >
> > Signed-off-by: Boris Brezillon <boris.brezillon@xxxxxxxxxxxxxxxxxx>
> > Fixes: b1479ebb7720 ("irqchip: atmel-aic: Add atmel AIC/AIC5 drivers")
> > Cc: <stable@xxxxxxxxxxxxxxx>
> > ---
> > drivers/irqchip/irq-atmel-aic.c | 5 +++--
> > drivers/irqchip/irq-atmel-aic5.c | 5 +++--
> > 2 files changed, 6 insertions(+), 4 deletions(-)
> >
> > diff --git a/drivers/irqchip/irq-atmel-aic.c b/drivers/irqchip/irq-atmel-aic.c
> > index 112e17c2768b..447a8b0f1395 100644
> > --- a/drivers/irqchip/irq-atmel-aic.c
> > +++ b/drivers/irqchip/irq-atmel-aic.c
> > @@ -176,6 +176,7 @@ static int aic_irq_domain_xlate(struct irq_domain *d,
> > {
> > struct irq_domain_chip_generic *dgc = d->gc;
> > struct irq_chip_generic *gc;
> > + unsigned long flags;
> > unsigned smr;
> > int idx;
> > int ret;
> > @@ -194,11 +195,11 @@ static int aic_irq_domain_xlate(struct irq_domain *d,
> >
> > gc = dgc->gc[idx];
> >
> > - irq_gc_lock(gc);
> > + raw_spin_lock_irqsave(&gc->lock, flags);
>
> Please provide a primitive, i.e. irq_gc_lock_irqsave(), for it.
Sure, but that means flagging this patch for stable as well. Are you
okay with that?
>
> Thanks,
>
> tglx