| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <455484E4.1020100@openvz.org>
Date: Fri, 10 Nov 2006 16:55:48 +0300
From: Pavel Emelianov <xemul@...nvz.org>
To: Andrew Morton <akpm@...l.org>, mingo@...hat.com,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
CC: Kirill Korotaev <dev@...nvz.org>
Subject: [RFC] [PATCH] Fix misrouted interrupts deadlocks
While testing kernel on machine with "irqpoll" option
I've caught such a lockup:
__do_IRQ()
spin_lock(&desc->lock);
desc->chip->ack(); /* IRQ is ACKed */
note_interrupt()
misrouted_irq()
handle_IRQ_event()
if (...)
local_irq_enable_in_hardirq();
/* interrupts are enabled from now */
...
__do_IRQ() /* same IRQ we've started from */
spin_lock(&desc->lock); /* LOCKUP */
Looking at misrouted_irq() code I've found that a potential
deadlock like this can also take place:
1CPU:
__do_IRQ()
spin_lock(&desc->lock); /* irq = A */
misrouted_irq()
for (i = 1; i < NR_IRQS; i++) {
spin_lock(&desc->lock); /* irq = B */
if (desc->status & IRQ_INPROGRESS) {
2CPU:
__do_IRQ()
spin_lock(&desc->lock); /* irq = B */
misrouted_irq()
for (i = 1; i < NR_IRQS; i++) {
spin_lock(&desc->lock); /* irq = A */
if (desc->status & IRQ_INPROGRESS) {
As the second lock on booth CPUs is taken before checking that
this irq is being handled in another processor this may cause
a deadlock. This issue is only theoretical.
I propose the attached patch to fix booth problems: when trying
to handle misrouted IRQ active desc->lock may be unlocked.
Please comment.
View attachment "diff-misrouted-irq-lockup" of type "text/plain" (537 bytes)
Powered by blists - more mailing lists