irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity()

BugLink: https://bugs.launchpad.net/bugs/2107449

commit 35cb2c6ce7da545f3b5cb1e6473ad7c3a6f08310 upstream.

The following call-chain leads to enabling interrupts in a nested interrupt
disabled section:

irq_set_vcpu_affinity()
  irq_get_desc_lock()
     raw_spin_lock_irqsave()   <--- Disable interrupts
  its_irq_set_vcpu_affinity()
     guard(raw_spinlock_irq)   <--- Enables interrupts when leaving the guard()
  irq_put_desc_unlock()        <--- Warns because interrupts are enabled

This was broken in commit b97e8a2f7130, which replaced the original
raw_spin_[un]lock() pair with guard(raw_spinlock_irq).

Fix the issue by using guard(raw_spinlock).

[ tglx: Massaged change log ]

Fixes: b97e8a2f7130 ("irqchip/gic-v3-its: Fix potential race condition in its_vlpi_prop_update()")
Signed-off-by: Tomas Krcka <krckatom@amazon.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Marc Zyngier <maz@kernel.org>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/all/20241230150825.62894-1-krckatom@amazon.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
CVE-2024-57949
Signed-off-by: Koichiro Den <koichiro.den@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

This commit is contained in:

Tomas Krcka

2024-12-30 15:08:25 +00:00

committed by

Stefan Bader

parent 319f647a88

commit 6c6c7ee347

1 changed files with 1 additions and 1 deletions

									
										drivers/irqchip/irq-gic-v3-its.c
									
		+1
		-1
	
												View File
												
				@@ -1973,7 +1973,7 @@ static int its_irq_set_vcpu_affinity(struct irq_data *d, void *vcpu_info)

					if (!is_v4(its_dev->its))

						return -EINVAL;

					guard(raw_spinlock_irq)(&its_dev->event_map.vlpi_lock);

					guard(raw_spinlock)(&its_dev->event_map.vlpi_lock);

					/* Unmap request? */

					if (!info)