[PATCH v6 02/20] irqdomain: Fix disassociation race

From: Johan Hovold
Date: Mon Feb 13 2023 - 05:43:56 EST


The global irq_domain_mutex is held when mapping interrupts from
non-hierarchical domains but currently not when disposing them.

This specifically means that updates of the domain mapcount is racy
(currently only used for statistics in debugfs).

Make sure to hold the global irq_domain_mutex also when disposing
mappings from non-hierarchical domains.

Fixes: 9dc6be3d4193 ("genirq/irqdomain: Add map counter")
Cc: stable@xxxxxxxxxxxxxxx # 4.13
Tested-by: Hsin-Yi Wang <hsinyi@xxxxxxxxxxxx>
Tested-by: Mark-PK Tsai <mark-pk.tsai@xxxxxxxxxxxx>
Signed-off-by: Johan Hovold <johan+linaro@xxxxxxxxxx>
---
kernel/irq/irqdomain.c | 5 +++++
1 file changed, 5 insertions(+)

diff --git a/kernel/irq/irqdomain.c b/kernel/irq/irqdomain.c
index 561689a3f050..981cd636275e 100644
--- a/kernel/irq/irqdomain.c
+++ b/kernel/irq/irqdomain.c
@@ -538,6 +538,9 @@ static void irq_domain_disassociate(struct irq_domain *domain, unsigned int irq)
return;

hwirq = irq_data->hwirq;
+
+ mutex_lock(&irq_domain_mutex);
+
irq_set_status_flags(irq, IRQ_NOREQUEST);

/* remove chip and handler */
@@ -557,6 +560,8 @@ static void irq_domain_disassociate(struct irq_domain *domain, unsigned int irq)

/* Clear reverse map for this hwirq */
irq_domain_clear_mapping(domain, hwirq);
+
+ mutex_unlock(&irq_domain_mutex);
}

static int irq_domain_associate_locked(struct irq_domain *domain, unsigned int virq,
--
2.39.1