x86/PCI: VMD: Synchronize with RCU freeing MSI IRQ descs

Fix a potential race when disabling MSI/MSI-X on a VMD domain device.  If
the VMD interrupt service is running, it may see a disabled IRQ.  We can
synchronize RCU just before freeing the MSI descriptor.  This is safe since
the irq_desc lock isn't held, and the descriptor is valid even though it is
disabled.  After vmd_msi_free(), though, the handler is reinitialized to
handle_bad_irq(), so we can't let the VMD ISR's list iteration see the
disabled IRQ after this.

Signed-off-by: Keith Busch <[email protected]>
Signed-off-by: Bjorn Helgaas <[email protected]>
Acked-by Jon Derrick: <[email protected]>

diff --git a/arch/x86/pci/vmd.c b/arch/x86/pci/vmd.c
index e785907acb79112996f877bcdd87e8d68755b7f0..57058520f21997d6b3632383cf7ef457e8a275ff 100644 (file)
--- a/arch/x86/pci/vmd.c
+++ b/arch/x86/pci/vmd.c
@@ -218,6 +218,8 @@ static void vmd_msi_free(struct irq_domain *domain,
        struct vmd_irq *vmdirq = irq_get_chip_data(virq);
        unsigned long flags;
 
+       synchronize_rcu();
+
        /* XXX: Potential optimization to rebalance */
        raw_spin_lock_irqsave(&list_lock, flags);
        vmdirq->irq->count--;