首页 发现 帮助
登录
GfA
/
linux_kernel
5
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

genirq: Prevent crash in irq_move_irq()

The functions irq_move_irq() and irq_move_masked_irq() expect that the
caller passes the top-level irq_data to them when hierarchical
irqdomains are enabled. But that's not true when called from
apic_ack_edge(), which results in a null pointer dereference by
idata->chip->irq_mask(idata).

Instead of fixing callers to passing top-level irq_data, we rather
change irq_move_irq()/irq_move_masked_irq() to accept any irq_data.

Signed-off-by: Jiang Liu <jiang.liu@linux.intel.com>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Bjorn Helgaas <bhelgaas@google.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Yinghai Lu <yinghai@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Link: http://lkml.kernel.org/r/1433145945-789-3-git-send-email-jiang.liu@linux.intel.com
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Jiang Liu 10 年之前
父节点
7bbf1dd24b
当前提交
77ed42f18e
共有 1 个文件被更改,包括 8 次插入1 次删除
分列视图 显示文件统计
  1. 8 1
      kernel/irq/migration.c

+ 8 - 1
kernel/irq/migration.c
查看文件 

@@ -7,7 +7,7 @@
 
 void irq_move_masked_irq(struct irq_data *idata)
 
 {
 
 	struct irq_desc *desc = irq_data_to_desc(idata);
 
-	struct irq_chip *chip = idata->chip;
 
+	struct irq_chip *chip = desc->irq_data.chip;
 
 
 	if (likely(!irqd_is_setaffinity_pending(&desc->irq_data)))
 
 		return;
 
@@ -52,6 +52,13 @@ void irq_move_irq(struct irq_data *idata)
 
 {
 
 	bool masked;
 
 
+	/*
 
+	 * Get top level irq_data when CONFIG_IRQ_DOMAIN_HIERARCHY is enabled,
 
+	 * and it should be optimized away when CONFIG_IRQ_DOMAIN_HIERARCHY is
 
+	 * disabled. So we avoid an "#ifdef CONFIG_IRQ_DOMAIN_HIERARCHY" here.
 
+	 */
 
+	idata = irq_desc_get_irq_data(irq_data_to_desc(idata));
 
+
 
 	if (likely(!irqd_is_setaffinity_pending(idata)))
 
 		return;