[Xen-changelog] [xen-4.1-testing] x86/vIRQ: IRR and TMR race condition bug fix

[Xen patchbot-4.1-testing <patchbot@xxxxxxx>]

# HG changeset patch
# User Yongan Liu <Liuyongan@xxxxxxxxxx>
# Date 1326799888 0
# Node ID c358c4213d23212d39a0b95501d843580a66435a
# Parent  2fb706161c099593eba7050c5262f7da3dd8b6f3
x86/vIRQ: IRR and TMR race condition bug fix

In vlapic_set_irq, we set the IRR register before the TMR. And the IRR
might be serviced before setting TMR, and even worse EOI might occur
before TMR setting, in which case the vioapic_update_EOI won't be
called, and further prevent all the subsequent interrupt injecting.
Reorder setting the TMR and IRR will solve the problem.

Besides, KVM has fixed a similar bug in:
http://markmail.org/search/?q=APIC_TMR#query:APIC_TMR+page:1+mid:rphs4f7lkxjlldne+state:results

Signed-off-by: Yongan Liu<Liuyongan@xxxxxxxxxx>
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
Committed-by: Jan Beulich <jbeulich@xxxxxxxx>
xen-unstable changeset:   24453:02b92d035f64
xen-unstable date:        Thu Jan 05 09:29:59 2012 +0100
---


diff -r 2fb706161c09 -r c358c4213d23 xen/arch/x86/hvm/vlapic.c
--- a/xen/arch/x86/hvm/vlapic.c Tue Jan 17 11:30:37 2012 +0000
+++ b/xen/arch/x86/hvm/vlapic.c Tue Jan 17 11:31:28 2012 +0000
@@ -142,14 +142,11 @@
 
 int vlapic_set_irq(struct vlapic *vlapic, uint8_t vec, uint8_t trig)
 {
-    int ret;
-
-    ret = !vlapic_test_and_set_irr(vec, vlapic);
     if ( trig )
         vlapic_set_vector(vec, &vlapic->regs->data[APIC_TMR]);
 
     /* We may need to wake up target vcpu, besides set pending bit here */
-    return ret;
+    return !vlapic_test_and_set_irr(vec, vlapic);
 }
 
 static int vlapic_find_highest_isr(struct vlapic *vlapic)

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog