irqchip/mips: Fix RCU violation when using irqdomain lookup on interrupt entry

Marc Zyngier · Marc Zyngier · commit 1fee9db9b42d · 2021-07-09T10:18:58.000+01:00
Since d4a45c6 ("irqdomain: Protect the linear revmap with RCU"), any irqdomain lookup requires the RCU read lock to be held. This assumes that the architecture code will be structured such as irq_enter() will be called *before* the interrupt is looked up in the irq domain. However, this isn't the case for MIPS, and a number of drivers are structured to do it the other way around when handling an interrupt in their root irqchip (secondary irqchips are OK by construction). This results in a RCU splat on a lockdep-enabled kernel when the kernel takes an interrupt from idle, as reported by Guenter Roeck. Note that this could have fired previously if any driver had used tree-based irqdomain, which always had the RCU requirement. To solve this, provide a MIPS-specific helper (do_domain_IRQ()) as the pendent of do_IRQ() that will do thing in the right order (and maybe save some cycles in the process). Ideally, MIPS would be moved over to using handle_domain_irq(), but that's much more ambitious. Reported-by: Guenter Roeck <linux@roeck-us.net> Tested-by: Guenter Roeck <linux@roeck-us.net> [maz: add dependency on CONFIG_IRQ_DOMAIN after report from the kernelci bot] Signed-off-by: Marc Zyngier <maz@kernel.org> Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de> Cc: Serge Semin <fancer.lancer@gmail.com> Link: https://lore.kernel.org/r/20210705172352.GA56304@roeck-us.net Link: https://lore.kernel.org/r/20210706110647.3979002-1-maz@kernel.org
diff --git a/arch/mips/include/asm/irq.h b/arch/mips/include/asm/irq.h
@@ -57,6 +57,9 @@ asmlinkage void plat_irq_dispatch(void);
 
 extern void do_IRQ(unsigned int irq);
 
+struct irq_domain;
+extern void do_domain_IRQ(struct irq_domain *domain, unsigned int irq);
+
 extern void arch_init_irq(void);
 extern void spurious_interrupt(void);
 
diff --git a/arch/mips/kernel/irq.c b/arch/mips/kernel/irq.c
@@ -21,6 +21,7 @@
 #include <linux/kallsyms.h>
 #include <linux/kgdb.h>
 #include <linux/ftrace.h>
+#include <linux/irqdomain.h>
 
 #include <linux/atomic.h>
 #include <linux/uaccess.h>
@@ -107,3 +108,18 @@ void __irq_entry do_IRQ(unsigned int irq)
 	irq_exit();
 }
 
+#ifdef CONFIG_IRQ_DOMAIN
+void __irq_entry do_domain_IRQ(struct irq_domain *domain, unsigned int hwirq)
+{
+	struct irq_desc *desc;
+
+	irq_enter();
+	check_stack_overflow();
+
+	desc = irq_resolve_mapping(domain, hwirq);
+	if (likely(desc))
+		handle_irq_desc(desc);
+
+	irq_exit();
+}
+#endif
diff --git a/drivers/irqchip/irq-mips-cpu.c b/drivers/irqchip/irq-mips-cpu.c
@@ -127,7 +127,6 @@ static struct irq_chip mips_mt_cpu_irq_controller = {
 asmlinkage void __weak plat_irq_dispatch(void)
 {
 	unsigned long pending = read_c0_cause() & read_c0_status() & ST0_IM;
-	unsigned int virq;
 	int irq;
 
 	if (!pending) {
@@ -137,12 +136,15 @@ asmlinkage void __weak plat_irq_dispatch(void)
 
 	pending >>= CAUSEB_IP;
 	while (pending) {
+		struct irq_domain *d;
+
 		irq = fls(pending) - 1;
 		if (IS_ENABLED(CONFIG_GENERIC_IRQ_IPI) && irq < 2)
-			virq = irq_linear_revmap(ipi_domain, irq);
+			d = ipi_domain;
 		else
-			virq = irq_linear_revmap(irq_domain, irq);
-		do_IRQ(virq);
+			d = irq_domain;
+
+		do_domain_IRQ(d, irq);
 		pending &= ~BIT(irq);
 	}
 }
diff --git a/drivers/irqchip/irq-mips-gic.c b/drivers/irqchip/irq-mips-gic.c
@@ -169,8 +169,8 @@ static void gic_handle_shared_int(bool chained)
 			generic_handle_domain_irq(gic_irq_domain,
 						  GIC_SHARED_TO_HWIRQ(intr));
 		else
-			do_IRQ(irq_find_mapping(gic_irq_domain,
-						GIC_SHARED_TO_HWIRQ(intr)));
+			do_domain_IRQ(gic_irq_domain,
+				      GIC_SHARED_TO_HWIRQ(intr));
 	}
 }
 
@@ -320,8 +320,8 @@ static void gic_handle_local_int(bool chained)
 			generic_handle_domain_irq(gic_irq_domain,
 						  GIC_LOCAL_TO_HWIRQ(intr));
 		else
-			do_IRQ(irq_find_mapping(gic_irq_domain,
-						GIC_LOCAL_TO_HWIRQ(intr)));
+			do_domain_IRQ(gic_irq_domain,
+				      GIC_LOCAL_TO_HWIRQ(intr));
 	}
 }
 
diff --git a/drivers/irqchip/irq-pic32-evic.c b/drivers/irqchip/irq-pic32-evic.c
@@ -42,11 +42,10 @@ static void __iomem *evic_base;
 
 asmlinkage void __weak plat_irq_dispatch(void)
 {
-	unsigned int irq, hwirq;
+	unsigned int hwirq;
 
 	hwirq = readl(evic_base + REG_INTSTAT) & 0xFF;
-	irq = irq_linear_revmap(evic_irq_domain, hwirq);
-	do_IRQ(irq);
+	do_domain_IRQ(evic_irq_domain, hwirq);
 }
 
 static struct evic_chip_data *irqd_to_priv(struct irq_data *data)

Original file line number	Diff line number	Diff line change
`@@ -169,8 +169,8 @@ static void gic_handle_shared_int(bool chained)`
`169`	`169`	`generic_handle_domain_irq(gic_irq_domain,`
`170`	`170`	`GIC_SHARED_TO_HWIRQ(intr));`
`171`	`171`	`else`
`172`		`- do_IRQ(irq_find_mapping(gic_irq_domain,`
`173`		`- GIC_SHARED_TO_HWIRQ(intr)));`
	`172`	`+ do_domain_IRQ(gic_irq_domain,`
	`173`	`+ GIC_SHARED_TO_HWIRQ(intr));`
`174`	`174`	`}`
`175`	`175`	`}`
`176`	`176`
`@@ -320,8 +320,8 @@ static void gic_handle_local_int(bool chained)`
`320`	`320`	`generic_handle_domain_irq(gic_irq_domain,`
`321`	`321`	`GIC_LOCAL_TO_HWIRQ(intr));`
`322`	`322`	`else`
`323`		`- do_IRQ(irq_find_mapping(gic_irq_domain,`
`324`		`- GIC_LOCAL_TO_HWIRQ(intr)));`
	`323`	`+ do_domain_IRQ(gic_irq_domain,`
	`324`	`+ GIC_LOCAL_TO_HWIRQ(intr));`
`325`	`325`	`}`
`326`	`326`	`}`
`327`	`327`
Original file line number	Diff line number	Diff line change
`@@ -42,11 +42,10 @@ static void __iomem *evic_base;`
`42`	`42`
`43`	`43`	`asmlinkage void __weak plat_irq_dispatch(void)`
`44`	`44`	`{`
`45`		`- unsigned int irq, hwirq;`
	`45`	`+ unsigned int hwirq;`
`46`	`46`
`47`	`47`	`hwirq = readl(evic_base + REG_INTSTAT) & 0xFF;`
`48`		`- irq = irq_linear_revmap(evic_irq_domain, hwirq);`
`49`		`- do_IRQ(irq);`
	`48`	`+ do_domain_IRQ(evic_irq_domain, hwirq);`
`50`	`49`	`}`
`51`	`50`
`52`	`51`	`static struct evic_chip_data irqd_to_priv(struct irq_data data)`