Re: [PATCH 2/3] genirq/irqdomain: Re-check mapping after associate in irq_create_mapping()

From: Marc Zyngier
Date: Fri Sep 20 2019 - 11:52:45 EST

Next message: Matthew Wilcox: "Re: [PATCH v7 3/3] mm: fix double page fault on arm64 if PTE_AF is cleared"
Previous message: Andrey Konovalov: "Re: general protection fault in close_rio"
Next in thread: Sverdlin, Alexander (Nokia - DE/Ulm): "Re: [PATCH 2/3] genirq/irqdomain: Re-check mapping after associate in irq_create_mapping()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/09/2019 10:44, Sverdlin, Alexander (Nokia - DE/Ulm) wrote:
> From: Alexander Sverdlin <alexander.sverdlin@xxxxxxxxx>
>
> If two irq_create_mapping() calls perform a mapping of the same hwirq on
> two CPU cores in parallel they both will get 0 from irq_find_mapping(),
> both will allocate unique virq using irq_domain_alloc_descs() and both
> will finally irq_domain_associate() it. Giving different virq numbers
> to their callers.
>
> In practice the first caller is usually an interrupt controller driver and
> the seconds is some device requesting the interrupt providede by the above
> interrupt controller.

I disagree with this "In practice". An irqchip controller should *very
rarely* call irq_create_mapping on its own. It usually indicates some
level of brokenness, unless the mapped interrupt is exposed by the
irqchip itself (the GIC maintenance interrupt, for example).

> In this case either the interrupt controller driver configures virq which
> is not the one being "associated" with hwirq, or the "slave" device
> requests the virq which is never being triggered.

Why should the interrupt controller configure that interrupt? On any
sane platform, the mapping should be created by the user of the
interrupt, and not by the provider.

This doesn't mean we shouldn't fix the irqdomain races, but I tend to
disagree with the analysis here.

>
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Alexander Sverdlin <alexander.sverdlin@xxxxxxxxx>
> ---
> kernel/irq/irqdomain.c | 13 +++++--------
> 1 file changed, 5 insertions(+), 8 deletions(-)
>
> diff --git a/kernel/irq/irqdomain.c b/kernel/irq/irqdomain.c
> index 7bc07b6..176f2cc 100644
> --- a/kernel/irq/irqdomain.c
> +++ b/kernel/irq/irqdomain.c
> @@ -675,13 +675,6 @@ unsigned int irq_create_mapping(struct irq_domain *domain,
>
> of_node = irq_domain_get_of_node(domain);
>
> - /* Check if mapping already exists */
> - virq = irq_find_mapping(domain, hwirq);
> - if (virq) {
> - pr_debug("-> existing mapping on virq %d\n", virq);
> - return virq;
> - }
> -
> /* Allocate a virtual interrupt number */
> virq = irq_domain_alloc_descs(-1, 1, hwirq, of_node_to_nid(of_node), NULL);
> if (virq <= 0) {
> @@ -691,7 +684,11 @@ unsigned int irq_create_mapping(struct irq_domain *domain,
>
> if (irq_domain_associate(domain, virq, hwirq)) {
> irq_free_desc(virq);
> - return 0;
> +
> + virq = irq_find_mapping(domain, hwirq);
> + if (virq)
> + pr_debug("-> existing mapping on virq %d\n", virq);

I'd rather you limit this second irq_find_mapping() to cases where we're
sure we've found a duplicate:

ret = irq_domain_associate(domain, virq, hwirq);
if (ret) {
irq_free_desc(virq);
if (ret == -EEXIST)
return irq_find_mapping(domain, hwirq);

return 0;
}

> + return virq;
> }
>
> pr_debug("irq %lu on domain %s mapped to virtual irq %u\n",
>

Thanks,

M.
--
Jazz is not dead, it just smells funny...

Next message: Matthew Wilcox: "Re: [PATCH v7 3/3] mm: fix double page fault on arm64 if PTE_AF is cleared"
Previous message: Andrey Konovalov: "Re: general protection fault in close_rio"
Next in thread: Sverdlin, Alexander (Nokia - DE/Ulm): "Re: [PATCH 2/3] genirq/irqdomain: Re-check mapping after associate in irq_create_mapping()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]