From: Keith Busch <keith.busch@intel.com>
Date: Thu, 4 Aug 2016 16:09:09 -0600
Subject: x86/PCI: VMD: Synchronize with RCU freeing MSI IRQ descs
Git-commit: ee6ee49fd09fa17c92aadf07961d0ff406fceab8
Patch-mainline: v4.9-rc1
References: bsc#1006827

Fix a potential race when disabling MSI/MSI-X on a VMD domain device.  If
the VMD interrupt service is running, it may see a disabled IRQ.  We can
synchronize RCU just before freeing the MSI descriptor.  This is safe since
the irq_desc lock isn't held, and the descriptor is valid even though it is
disabled.  After vmd_msi_free(), though, the handler is reinitialized to
handle_bad_irq(), so we can't let the VMD ISR's list iteration see the
disabled IRQ after this.

Signed-off-by: Keith Busch <keith.busch@intel.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Acked-by Jon Derrick: <jonathan.derrick@intel.com>

Acked-by: Joerg Roedel <jroedel@suse.de>
---
 arch/x86/pci/vmd.c | 2 ++
 1 file changed, 2 insertions(+)

--- a/arch/x86/pci/vmd.c
+++ b/arch/x86/pci/vmd.c
@@ -219,6 +219,8 @@ static void vmd_msi_free(struct irq_doma
 	struct vmd_irq *vmdirq = irq_get_chip_data(virq);
 	unsigned long flags;
 
+	synchronize_rcu();
+
 	/* XXX: Potential optimization to rebalance */
 	raw_spin_lock_irqsave(&list_lock, flags);
 	vmdirq->irq->count--;
