xen/blkfront: harden blkfront against event channel storms (4ed9f5c5) · Commits · e / devices / android_kernel_fairphone_FP5

drivers/block/xen-blkfront.c

+12 −3

Original line number	Diff line number	Diff line
		@@ -1565,9 +1565,12 @@ static irqreturn_t blkif_interrupt(int irq, void *dev_id)
		unsigned long flags;
		struct blkfront_ring_info rinfo = (struct blkfront_ring_info )dev_id;
		struct blkfront_info *info = rinfo->dev_info;
		unsigned int eoiflag = XEN_EOI_FLAG_SPURIOUS;

		if (unlikely(info->connected != BLKIF_STATE_CONNECTED))
		if (unlikely(info->connected != BLKIF_STATE_CONNECTED)) {
		xen_irq_lateeoi(irq, XEN_EOI_FLAG_SPURIOUS);
		return IRQ_HANDLED;
		}

		spin_lock_irqsave(&rinfo->ring_lock, flags);
		again:
		@@ -1583,6 +1586,8 @@ static irqreturn_t blkif_interrupt(int irq, void *dev_id)
		unsigned long id;
		unsigned int op;

		eoiflag = 0;

		RING_COPY_RESPONSE(&rinfo->ring, i, &bret);
		id = bret.id;

		@@ -1698,6 +1703,8 @@ static irqreturn_t blkif_interrupt(int irq, void *dev_id)

		spin_unlock_irqrestore(&rinfo->ring_lock, flags);

		xen_irq_lateeoi(irq, eoiflag);

		return IRQ_HANDLED;

		err:
		@@ -1705,6 +1712,8 @@ static irqreturn_t blkif_interrupt(int irq, void *dev_id)

		spin_unlock_irqrestore(&rinfo->ring_lock, flags);

		/* No EOI in order to avoid further interrupts. */

		pr_alert("%s disabled for further use\n", info->gd->disk_name);
		return IRQ_HANDLED;
		}
		@@ -1744,8 +1753,8 @@ static int setup_blkring(struct xenbus_device *dev,
		if (err)
		goto fail;

		err = bind_evtchn_to_irqhandler(rinfo->evtchn, blkif_interrupt, 0,
		"blkif", rinfo);
		err = bind_evtchn_to_irqhandler_lateeoi(rinfo->evtchn, blkif_interrupt,
		0, "blkif", rinfo);
		if (err <= 0) {
		xenbus_dev_fatal(dev, err,
		"bind_evtchn_to_irqhandler failed");