iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
736edce5f3
linux/arch/x86/kernel/apic
History
Tomoki Sekiyama 1d44b30f35 x86/ioapic: Fix NULL pointer dereference on CPU hotplug after disabling irqs 
In the current kernel, percpu variable `vector_irq' is not always
cleared when a CPU is offlined. If the CPU that has the disabled
irqs in vector_irq is hotplugged again, __setup_vector_irq()
hits invalid irq vector and may crash.

This bug can be reproduced as following;

 # echo 0 > /sys/devices/system/cpu/cpu7/online
 # modprobe -r some_driver_using_interrupts     # vector_irq@cpu7 uncleared
 # echo 1 > /sys/devices/system/cpu/cpu7/online # kernel may crash

To fix this problem, this patch clears vector_irq in
__fixup_irqs() when the CPU is offlined.

This also reverts commit f6175f5bfb, which partially fixes
this bug by clearing vector in __clear_irq_vector(). But in
environments with IOMMU IRQ remapper, it could fail because
cfg->domain doesn't contain offlined CPUs. With this patch, the
fix in __clear_irq_vector() can be reverted because every
vector_irq is already cleared in __fixup_irqs() on offlined CPUs.

Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama.qu@hitachi.com>
Acked-by: Suresh Siddha <suresh.b.siddha@intel.com>
Cc: yrl.pp-manager.tt@hitachi.com
Cc: Yinghai Lu <yinghai@kernel.org>
Cc: Alexander Gordeev <agordeev@redhat.com>
Link: http://lkml.kernel.org/r/20120726104732.2889.19144.stgit@kvmdev
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2012-07-26 15:01:17 +02:00
..
apic_flat_64.c x86/apic: Eliminate cpu_mask_to_apicid() operation 2012-06-14 12:53:13 +02:00
apic_noop.c x86/apic/x2apic: Limit the vector reservation to the user specified mask 2012-07-06 11:00:22 +02:00
apic_numachip.c x86/apic: Eliminate cpu_mask_to_apicid() operation 2012-06-14 12:53:13 +02:00
apic.c x86/apic: Fix ugly casting and branching in cpu_mask_to_apicid_and() 2012-06-14 12:53:14 +02:00
bigsmp_32.c x86/apic: Eliminate cpu_mask_to_apicid() operation 2012-06-14 12:53:13 +02:00
es7000_32.c x86/apic/es7000: Make apicid of a cluster (not CPU) from a cpumask 2012-06-14 12:53:16 +02:00
hw_nmi.c x86, nmi: Wire up NMI handlers to new routines 2011-10-10 06:56:57 +02:00
io_apic.c x86/ioapic: Fix NULL pointer dereference on CPU hotplug after disabling irqs 2012-07-26 15:01:17 +02:00
ipi.c x86: Always use x86_cpu_to_logical_apicid for cpu -> logical apic id 2011-01-28 14:54:05 +01:00
Makefile x86: Add NumaChip support 2011-12-05 17:17:24 +01:00
numaq_32.c x86/apic: Eliminate cpu_mask_to_apicid() operation 2012-06-14 12:53:13 +02:00
probe_32.c Merge branch 'x86/apic' into x86/platform 2012-06-18 11:09:49 +02:00
probe_64.c x86/platform: Introduce APIC post-initialization callback 2012-06-06 09:06:19 +02:00
summit_32.c Merge branch 'x86-platform-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2012-07-22 12:19:36 -07:00
x2apic_cluster.c x86/apic/x2apic: Use multiple cluster members for the irq destination only with the explicit affinity 2012-07-06 11:00:23 +02:00
x2apic_phys.c x86/apic: Eliminate cpu_mask_to_apicid() operation 2012-06-14 12:53:13 +02:00
x2apic_uv_x.c x86/apic: Fix ugly casting and branching in cpu_mask_to_apicid_and() 2012-06-14 12:53:14 +02:00