| Message ID | 20200306130623.500019114@linutronix.de |
|---|---|
| State | New |
| Headers | show |
| Series | genirq/PCI: Sanitize interrupt injection | expand |
On 2020-03-06 13:03, Thomas Gleixner wrote: > Interrupts cannot be injected when the interrupt is not activated and > when > a replay is already in progress. > > Fixes: 536e2e34bd00 ("genirq/debugfs: Triggering of interrupts from > userspace") > Signed-off-by: Thomas Gleixner <tglx@linutronix.de> > Cc: stable@vger.kernel.org > --- > kernel/irq/debugfs.c | 11 +++++++++-- > 1 file changed, 9 insertions(+), 2 deletions(-) > > --- a/kernel/irq/debugfs.c > +++ b/kernel/irq/debugfs.c > @@ -206,8 +206,15 @@ static ssize_t irq_debug_write(struct fi > chip_bus_lock(desc); > raw_spin_lock_irqsave(&desc->lock, flags); > > - if (irq_settings_is_level(desc) || desc->istate & IRQS_NMI) { > - /* Can't do level nor NMIs, sorry */ > + /* > + * Don't allow injection when the interrupt is: > + * - Level or NMI type > + * - not activated > + * - replaying already > + */ > + if (irq_settings_is_level(desc) || > + !irqd_is_activated(&desc->irq_data) || > + (desc->istate & (IRQS_NMI | IRQS_REPLAY)) { > err = -EINVAL; > } else { > desc->istate |= IRQS_PENDING; Huh, nice catch. Acked-by: Marc Zyngier <maz@kernel.org> M.
--- a/kernel/irq/debugfs.c +++ b/kernel/irq/debugfs.c @@ -206,8 +206,15 @@ static ssize_t irq_debug_write(struct fi chip_bus_lock(desc); raw_spin_lock_irqsave(&desc->lock, flags); - if (irq_settings_is_level(desc) || desc->istate & IRQS_NMI) { - /* Can't do level nor NMIs, sorry */ + /* + * Don't allow injection when the interrupt is: + * - Level or NMI type + * - not activated + * - replaying already + */ + if (irq_settings_is_level(desc) || + !irqd_is_activated(&desc->irq_data) || + (desc->istate & (IRQS_NMI | IRQS_REPLAY)) { err = -EINVAL; } else { desc->istate |= IRQS_PENDING;
Interrupts cannot be injected when the interrupt is not activated and when a replay is already in progress. Fixes: 536e2e34bd00 ("genirq/debugfs: Triggering of interrupts from userspace") Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: stable@vger.kernel.org --- kernel/irq/debugfs.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-)