x86/irq: Ensure PI wakeup handler is unregistered before module unload
authorSean Christopherson <seanjc@google.com>
Sat, 9 Oct 2021 00:11:04 +0000 (17:11 -0700)
committerPaolo Bonzini <pbonzini@redhat.com>
Fri, 22 Oct 2021 16:45:35 +0000 (12:45 -0400)
Add a synchronize_rcu() after clearing the posted interrupt wakeup handler
to ensure all readers, i.e. in-flight IRQ handlers, see the new handler
before returning to the caller.  If the caller is an exiting module and
is unregistering its handler, failure to wait could result in the IRQ
handler jumping into an unloaded module.

The registration path doesn't require synchronization, as it's the
caller's responsibility to not generate interrupts it cares about until
after its handler is registered.

Fixes: f6b3c72c2366 ("x86/irq: Define a global vector for VT-d Posted-Interrupts")
Cc: stable@vger.kernel.org
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20211009001107.3936588-2-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
arch/x86/kernel/irq.c

index e28f6a5d14f1b2d14ca4c4e9aaae2ec2b0f4a3dd..766ffe3ba313711fef22b21bee349d2db360fb46 100644 (file)
@@ -291,8 +291,10 @@ void kvm_set_posted_intr_wakeup_handler(void (*handler)(void))
 {
        if (handler)
                kvm_posted_intr_wakeup_handler = handler;
-       else
+       else {
                kvm_posted_intr_wakeup_handler = dummy_handler;
+               synchronize_rcu();
+       }
 }
 EXPORT_SYMBOL_GPL(kvm_set_posted_intr_wakeup_handler);