desc->chip->ack is initialized to ack_bad().
It will not be NULL.
Signed-off-by: Wang Chen <[email protected]>
---
kernel/irq/chip.c | 3 +--
kernel/irq/handle.c | 14 +++++---------
2 files changed, 6 insertions(+), 11 deletions(-)
diff --git a/kernel/irq/chip.c b/kernel/irq/chip.c
index f63c706..b929803 100644
--- a/kernel/irq/chip.c
+++ b/kernel/irq/chip.c
@@ -530,8 +530,7 @@ handle_percpu_irq(unsigned int irq, struct irq_desc *desc)
kstat_incr_irqs_this_cpu(irq, desc);
- if (desc->chip->ack)
- desc->chip->ack(irq);
+ desc->chip->ack(irq);
action_ret = handle_IRQ_event(irq, desc->action);
if (!noirqdebug)
diff --git a/kernel/irq/handle.c b/kernel/irq/handle.c
index 6492400..4408672 100644
--- a/kernel/irq/handle.c
+++ b/kernel/irq/handle.c
@@ -337,11 +337,9 @@ unsigned int __do_IRQ(unsigned int irq)
/*
* No locking required for CPU-local interrupts:
*/
- if (desc->chip->ack) {
- desc->chip->ack(irq);
- /* get new one */
- desc = irq_remap_to_desc(irq, desc);
- }
+ desc->chip->ack(irq);
+ /* get new one */
+ desc = irq_remap_to_desc(irq, desc);
if (likely(!(desc->status & IRQ_DISABLED))) {
action_ret = handle_IRQ_event(irq, desc->action);
if (!noirqdebug)
@@ -352,10 +350,8 @@ unsigned int __do_IRQ(unsigned int irq)
}
spin_lock(&desc->lock);
- if (desc->chip->ack) {
- desc->chip->ack(irq);
- desc = irq_remap_to_desc(irq, desc);
- }
+ desc->chip->ack(irq);
+ desc = irq_remap_to_desc(irq, desc);
/*
* REPLAY is when Linux resends an IRQ that was dropped earlier
* WAITING is used by probe to mark irqs that are being tested
--
1.5.3.4
* Wang Chen <[email protected]> wrote:
> desc->chip->ack is initialized to ack_bad().
> It will not be NULL.
hm, that is only true of no_irq_chip() - is it true of all irq_chip
definitions on all architectures?
Ingo
Ingo Molnar said the following on 2008-12-26 21:27:
> * Wang Chen <[email protected]> wrote:
>
>> desc->chip->ack is initialized to ack_bad().
>> It will not be NULL.
>
> hm, that is only true of no_irq_chip() - is it true of all irq_chip
> definitions on all architectures?
>
No, some arch's irq_chip doesn't have ack routine.
So I was wrong.
But this enlighten another thought that generic irq layer doesn't know
whether irq_chip has ack routine on some architectures.
Upon that, before calling chip->ack, should check it's not NULL.
Impact: fix theoretic NULL dereference
Signed-off-by: Wang Chen <[email protected]>
---
diff --git a/kernel/irq/chip.c b/kernel/irq/chip.c
index f63c706..9a7fbb8 100644
--- a/kernel/irq/chip.c
+++ b/kernel/irq/chip.c
@@ -290,7 +290,8 @@ static inline void mask_ack_irq(struct irq_desc *desc, int irq)
desc->chip->mask_ack(irq);
else {
desc->chip->mask(irq);
- desc->chip->ack(irq);
+ if (desc->chip->ack)
+ desc->chip->ack(irq);
}
}
@@ -475,7 +476,8 @@ handle_edge_irq(unsigned int irq, struct irq_desc *desc)
kstat_incr_irqs_this_cpu(irq, desc);
/* Start handling the irq */
- desc->chip->ack(irq);
+ if (desc->chip->ack)
+ desc->chip->ack(irq);
desc = irq_remap_to_desc(irq, desc);
/* Mark the IRQ currently in progress.*/
* Wang Chen <[email protected]> wrote:
> Ingo Molnar said the following on 2008-12-26 21:27:
> > * Wang Chen <[email protected]> wrote:
> >
> >> desc->chip->ack is initialized to ack_bad().
> >> It will not be NULL.
> >
> > hm, that is only true of no_irq_chip() - is it true of all irq_chip
> > definitions on all architectures?
> >
>
> No, some arch's irq_chip doesn't have ack routine.
> So I was wrong.
> But this enlighten another thought that generic irq layer doesn't know
> whether irq_chip has ack routine on some architectures.
> Upon that, before calling chip->ack, should check it's not NULL.
>
> Impact: fix theoretic NULL dereference
>
> Signed-off-by: Wang Chen <[email protected]>
applied to tip/irq/genirq, thanks!
(find below how the final commit message ended up looking like.)
Ingo
------------------>
>From efdc64f0c792ea744bcc9203f35b908e66d42f41 Mon Sep 17 00:00:00 2001
From: Wang Chen <[email protected]>
Date: Mon, 29 Dec 2008 13:35:11 +0800
Subject: [PATCH] genirq: check chip->ack before calling
Impact: fix theoretical NULL dereference
The generic irq layer doesn't know whether irq_chip has ack routine on some
architectures or not. Upon that, before calling chip->ack, we should check
that it's not NULL.
Signed-off-by: Wang Chen <[email protected]>
Signed-off-by: Ingo Molnar <[email protected]>
---
kernel/irq/chip.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/kernel/irq/chip.c b/kernel/irq/chip.c
index 6eb3c79..0ad02d7 100644
--- a/kernel/irq/chip.c
+++ b/kernel/irq/chip.c
@@ -290,7 +290,8 @@ static inline void mask_ack_irq(struct irq_desc *desc, int irq)
desc->chip->mask_ack(irq);
else {
desc->chip->mask(irq);
- desc->chip->ack(irq);
+ if (desc->chip->ack)
+ desc->chip->ack(irq);
}
}
@@ -475,7 +476,8 @@ handle_edge_irq(unsigned int irq, struct irq_desc *desc)
kstat_incr_irqs_this_cpu(irq, desc);
/* Start handling the irq */
- desc->chip->ack(irq);
+ if (desc->chip->ack)
+ desc->chip->ack(irq);
desc = irq_remap_to_desc(irq, desc);
/* Mark the IRQ currently in progress.*/