On 16.11.2022 13:21, Roger Pau Monne wrote: > Current code in _clear_irq_vector() will mark the irq as unused before > doing the cleanup required when move_in_progress is true. > > This can lead to races in create_irq() if the function picks an irq > desc that's been marked as unused but has move_in_progress set, as the > call to assign_irq_vector() in that function can then fail with > -EAGAIN. > > Prevent that by only marking irq descs as unused when all the cleanup > has been done. While there also use write_atomic() when setting > IRQ_UNUSED in _clear_irq_vector() and add a barrier in order to > prevent the setting of IRQ_UNUSED getting reordered by the compiler. > > The check for move_in_progress cannot be removed from > _assign_irq_vector(), as other users (io_apic_set_pci_routing() and > ioapic_guest_write()) can still pass active irq descs to > assign_irq_vector(). > > Note the trace point is not moved and is now set before the irq is > marked as unused. This is done so that the CPU mask provided in the > trace point is the one belonging to the current vector, not the old > one. > > Signed-off-by: Roger Pau Monné <[email protected]>
Reviewed-by: Jan Beulich <[email protected]>
