 ded7975475
			
		
	
	
	ded7975475
	
	
	
		
			
			The commit facd8b80c6
("irq: Sanitize invoke_softirq") converted irq exit
calls of do_softirq() to __do_softirq() on all architectures,
assuming it was only used there for its irq disablement
properties.
But as a side effect, the softirqs processed in the end
of the hardirq are always called on the inline current
stack that is used by irq_exit() instead of the softirq
stack provided by the archs that override do_softirq().
The result is mostly safe if the architecture runs irq_exit()
on a separate irq stack because then softirqs are processed
on that same stack that is near empty at this stage (assuming
hardirq aren't nesting).
Otherwise irq_exit() runs in the task stack and so does the softirq
too. The interrupted call stack can be randomly deep already and
the softirq can dig through it even further. To add insult to the
injury, this softirq can be interrupted by a new hardirq, maximizing
the chances for a stack overrun as reported in powerpc for example:
	do_IRQ: stack overflow: 1920
	CPU: 0 PID: 1602 Comm: qemu-system-ppc Not tainted 3.10.4-300.1.fc19.ppc64p7 #1
	Call Trace:
	[c0000000050a8740] .show_stack+0x130/0x200 (unreliable)
	[c0000000050a8810] .dump_stack+0x28/0x3c
	[c0000000050a8880] .do_IRQ+0x2b8/0x2c0
	[c0000000050a8930] hardware_interrupt_common+0x154/0x180
	--- Exception: 501 at .cp_start_xmit+0x3a4/0x820 [8139cp]
		LR = .cp_start_xmit+0x390/0x820 [8139cp]
	[c0000000050a8d40] .dev_hard_start_xmit+0x394/0x640
	[c0000000050a8e00] .sch_direct_xmit+0x110/0x260
	[c0000000050a8ea0] .dev_queue_xmit+0x260/0x630
	[c0000000050a8f40] .br_dev_queue_push_xmit+0xc4/0x130 [bridge]
	[c0000000050a8fc0] .br_dev_xmit+0x198/0x270 [bridge]
	[c0000000050a9070] .dev_hard_start_xmit+0x394/0x640
	[c0000000050a9130] .dev_queue_xmit+0x428/0x630
	[c0000000050a91d0] .ip_finish_output+0x2a4/0x550
	[c0000000050a9290] .ip_local_out+0x50/0x70
	[c0000000050a9310] .ip_queue_xmit+0x148/0x420
	[c0000000050a93b0] .tcp_transmit_skb+0x4e4/0xaf0
	[c0000000050a94a0] .__tcp_ack_snd_check+0x7c/0xf0
	[c0000000050a9520] .tcp_rcv_established+0x1e8/0x930
	[c0000000050a95f0] .tcp_v4_do_rcv+0x21c/0x570
	[c0000000050a96c0] .tcp_v4_rcv+0x734/0x930
	[c0000000050a97a0] .ip_local_deliver_finish+0x184/0x360
	[c0000000050a9840] .ip_rcv_finish+0x148/0x400
	[c0000000050a98d0] .__netif_receive_skb_core+0x4f8/0xb00
	[c0000000050a99d0] .netif_receive_skb+0x44/0x110
	[c0000000050a9a70] .br_handle_frame_finish+0x2bc/0x3f0 [bridge]
	[c0000000050a9b20] .br_nf_pre_routing_finish+0x2ac/0x420 [bridge]
	[c0000000050a9bd0] .br_nf_pre_routing+0x4dc/0x7d0 [bridge]
	[c0000000050a9c70] .nf_iterate+0x114/0x130
	[c0000000050a9d30] .nf_hook_slow+0xb4/0x1e0
	[c0000000050a9e00] .br_handle_frame+0x290/0x330 [bridge]
	[c0000000050a9ea0] .__netif_receive_skb_core+0x34c/0xb00
	[c0000000050a9fa0] .netif_receive_skb+0x44/0x110
	[c0000000050aa040] .napi_gro_receive+0xe8/0x120
	[c0000000050aa0c0] .cp_rx_poll+0x31c/0x590 [8139cp]
	[c0000000050aa1d0] .net_rx_action+0x1dc/0x310
	[c0000000050aa2b0] .__do_softirq+0x158/0x330
	[c0000000050aa3b0] .irq_exit+0xc8/0x110
	[c0000000050aa430] .do_IRQ+0xdc/0x2c0
	[c0000000050aa4e0] hardware_interrupt_common+0x154/0x180
	 --- Exception: 501 at .bad_range+0x1c/0x110
		 LR = .get_page_from_freelist+0x908/0xbb0
	[c0000000050aa7d0] .list_del+0x18/0x50 (unreliable)
	[c0000000050aa850] .get_page_from_freelist+0x908/0xbb0
	[c0000000050aa9e0] .__alloc_pages_nodemask+0x21c/0xae0
	[c0000000050aaba0] .alloc_pages_vma+0xd0/0x210
	[c0000000050aac60] .handle_pte_fault+0x814/0xb70
	[c0000000050aad50] .__get_user_pages+0x1a4/0x640
	[c0000000050aae60] .get_user_pages_fast+0xec/0x160
	[c0000000050aaf10] .__gfn_to_pfn_memslot+0x3b0/0x430 [kvm]
	[c0000000050aafd0] .kvmppc_gfn_to_pfn+0x64/0x130 [kvm]
	[c0000000050ab070] .kvmppc_mmu_map_page+0x94/0x530 [kvm]
	[c0000000050ab190] .kvmppc_handle_pagefault+0x174/0x610 [kvm]
	[c0000000050ab270] .kvmppc_handle_exit_pr+0x464/0x9b0 [kvm]
	[c0000000050ab320]  kvm_start_lightweight+0x1ec/0x1fc [kvm]
	[c0000000050ab4f0] .kvmppc_vcpu_run_pr+0x168/0x3b0 [kvm]
	[c0000000050ab9c0] .kvmppc_vcpu_run+0xc8/0xf0 [kvm]
	[c0000000050aba50] .kvm_arch_vcpu_ioctl_run+0x5c/0x1a0 [kvm]
	[c0000000050abae0] .kvm_vcpu_ioctl+0x478/0x730 [kvm]
	[c0000000050abc90] .do_vfs_ioctl+0x4ec/0x7c0
	[c0000000050abd80] .SyS_ioctl+0xd4/0xf0
	[c0000000050abe30] syscall_exit+0x0/0x98
Since this is a regression, this patch proposes a minimalistic
and low-risk solution by blindly forcing the hardirq exit processing of
softirqs on the softirq stack. This way we should reduce significantly
the opportunities for task stack overflow dug by softirqs.
Longer term solutions may involve extending the hardirq stack coverage to
irq_exit(), etc...
Reported-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Frederic Weisbecker <fweisbec@gmail.com>
Cc: #3.9.. <stable@vger.kernel.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@au1.ibm.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Paul Mackerras <paulus@au1.ibm.com>
Cc: James Hogan <james.hogan@imgtec.com>
Cc: James E.J. Bottomley <jejb@parisc-linux.org>
Cc: Helge Deller <deller@gmx.de>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: Andrew Morton <akpm@linux-foundation.org>
		
	
			
		
			
				
	
	
		
			896 lines
		
	
	
	
		
			21 KiB
			
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			896 lines
		
	
	
	
		
			21 KiB
			
		
	
	
	
		
			C
		
	
	
	
	
	
| /*
 | |
|  *	linux/kernel/softirq.c
 | |
|  *
 | |
|  *	Copyright (C) 1992 Linus Torvalds
 | |
|  *
 | |
|  *	Distribute under GPLv2.
 | |
|  *
 | |
|  *	Rewritten. Old one was good in 2.2, but in 2.3 it was immoral. --ANK (990903)
 | |
|  *
 | |
|  *	Remote softirq infrastructure is by Jens Axboe.
 | |
|  */
 | |
| 
 | |
| #include <linux/export.h>
 | |
| #include <linux/kernel_stat.h>
 | |
| #include <linux/interrupt.h>
 | |
| #include <linux/init.h>
 | |
| #include <linux/mm.h>
 | |
| #include <linux/notifier.h>
 | |
| #include <linux/percpu.h>
 | |
| #include <linux/cpu.h>
 | |
| #include <linux/freezer.h>
 | |
| #include <linux/kthread.h>
 | |
| #include <linux/rcupdate.h>
 | |
| #include <linux/ftrace.h>
 | |
| #include <linux/smp.h>
 | |
| #include <linux/smpboot.h>
 | |
| #include <linux/tick.h>
 | |
| 
 | |
| #define CREATE_TRACE_POINTS
 | |
| #include <trace/events/irq.h>
 | |
| 
 | |
| #include <asm/irq.h>
 | |
| /*
 | |
|    - No shared variables, all the data are CPU local.
 | |
|    - If a softirq needs serialization, let it serialize itself
 | |
|      by its own spinlocks.
 | |
|    - Even if softirq is serialized, only local cpu is marked for
 | |
|      execution. Hence, we get something sort of weak cpu binding.
 | |
|      Though it is still not clear, will it result in better locality
 | |
|      or will not.
 | |
| 
 | |
|    Examples:
 | |
|    - NET RX softirq. It is multithreaded and does not require
 | |
|      any global serialization.
 | |
|    - NET TX softirq. It kicks software netdevice queues, hence
 | |
|      it is logically serialized per device, but this serialization
 | |
|      is invisible to common code.
 | |
|    - Tasklets: serialized wrt itself.
 | |
|  */
 | |
| 
 | |
| #ifndef __ARCH_IRQ_STAT
 | |
| irq_cpustat_t irq_stat[NR_CPUS] ____cacheline_aligned;
 | |
| EXPORT_SYMBOL(irq_stat);
 | |
| #endif
 | |
| 
 | |
| static struct softirq_action softirq_vec[NR_SOFTIRQS] __cacheline_aligned_in_smp;
 | |
| 
 | |
| DEFINE_PER_CPU(struct task_struct *, ksoftirqd);
 | |
| 
 | |
| char *softirq_to_name[NR_SOFTIRQS] = {
 | |
| 	"HI", "TIMER", "NET_TX", "NET_RX", "BLOCK", "BLOCK_IOPOLL",
 | |
| 	"TASKLET", "SCHED", "HRTIMER", "RCU"
 | |
| };
 | |
| 
 | |
| /*
 | |
|  * we cannot loop indefinitely here to avoid userspace starvation,
 | |
|  * but we also don't want to introduce a worst case 1/HZ latency
 | |
|  * to the pending events, so lets the scheduler to balance
 | |
|  * the softirq load for us.
 | |
|  */
 | |
| static void wakeup_softirqd(void)
 | |
| {
 | |
| 	/* Interrupts are disabled: no need to stop preemption */
 | |
| 	struct task_struct *tsk = __this_cpu_read(ksoftirqd);
 | |
| 
 | |
| 	if (tsk && tsk->state != TASK_RUNNING)
 | |
| 		wake_up_process(tsk);
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * preempt_count and SOFTIRQ_OFFSET usage:
 | |
|  * - preempt_count is changed by SOFTIRQ_OFFSET on entering or leaving
 | |
|  *   softirq processing.
 | |
|  * - preempt_count is changed by SOFTIRQ_DISABLE_OFFSET (= 2 * SOFTIRQ_OFFSET)
 | |
|  *   on local_bh_disable or local_bh_enable.
 | |
|  * This lets us distinguish between whether we are currently processing
 | |
|  * softirq and whether we just have bh disabled.
 | |
|  */
 | |
| 
 | |
| /*
 | |
|  * This one is for softirq.c-internal use,
 | |
|  * where hardirqs are disabled legitimately:
 | |
|  */
 | |
| #ifdef CONFIG_TRACE_IRQFLAGS
 | |
| static void __local_bh_disable(unsigned long ip, unsigned int cnt)
 | |
| {
 | |
| 	unsigned long flags;
 | |
| 
 | |
| 	WARN_ON_ONCE(in_irq());
 | |
| 
 | |
| 	raw_local_irq_save(flags);
 | |
| 	/*
 | |
| 	 * The preempt tracer hooks into add_preempt_count and will break
 | |
| 	 * lockdep because it calls back into lockdep after SOFTIRQ_OFFSET
 | |
| 	 * is set and before current->softirq_enabled is cleared.
 | |
| 	 * We must manually increment preempt_count here and manually
 | |
| 	 * call the trace_preempt_off later.
 | |
| 	 */
 | |
| 	preempt_count() += cnt;
 | |
| 	/*
 | |
| 	 * Were softirqs turned off above:
 | |
| 	 */
 | |
| 	if (softirq_count() == cnt)
 | |
| 		trace_softirqs_off(ip);
 | |
| 	raw_local_irq_restore(flags);
 | |
| 
 | |
| 	if (preempt_count() == cnt)
 | |
| 		trace_preempt_off(CALLER_ADDR0, get_parent_ip(CALLER_ADDR1));
 | |
| }
 | |
| #else /* !CONFIG_TRACE_IRQFLAGS */
 | |
| static inline void __local_bh_disable(unsigned long ip, unsigned int cnt)
 | |
| {
 | |
| 	add_preempt_count(cnt);
 | |
| 	barrier();
 | |
| }
 | |
| #endif /* CONFIG_TRACE_IRQFLAGS */
 | |
| 
 | |
| void local_bh_disable(void)
 | |
| {
 | |
| 	__local_bh_disable(_RET_IP_, SOFTIRQ_DISABLE_OFFSET);
 | |
| }
 | |
| 
 | |
| EXPORT_SYMBOL(local_bh_disable);
 | |
| 
 | |
| static void __local_bh_enable(unsigned int cnt)
 | |
| {
 | |
| 	WARN_ON_ONCE(in_irq());
 | |
| 	WARN_ON_ONCE(!irqs_disabled());
 | |
| 
 | |
| 	if (softirq_count() == cnt)
 | |
| 		trace_softirqs_on(_RET_IP_);
 | |
| 	sub_preempt_count(cnt);
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * Special-case - softirqs can safely be enabled in
 | |
|  * cond_resched_softirq(), or by __do_softirq(),
 | |
|  * without processing still-pending softirqs:
 | |
|  */
 | |
| void _local_bh_enable(void)
 | |
| {
 | |
| 	__local_bh_enable(SOFTIRQ_DISABLE_OFFSET);
 | |
| }
 | |
| 
 | |
| EXPORT_SYMBOL(_local_bh_enable);
 | |
| 
 | |
| static inline void _local_bh_enable_ip(unsigned long ip)
 | |
| {
 | |
| 	WARN_ON_ONCE(in_irq() || irqs_disabled());
 | |
| #ifdef CONFIG_TRACE_IRQFLAGS
 | |
| 	local_irq_disable();
 | |
| #endif
 | |
| 	/*
 | |
| 	 * Are softirqs going to be turned on now:
 | |
| 	 */
 | |
| 	if (softirq_count() == SOFTIRQ_DISABLE_OFFSET)
 | |
| 		trace_softirqs_on(ip);
 | |
| 	/*
 | |
| 	 * Keep preemption disabled until we are done with
 | |
| 	 * softirq processing:
 | |
|  	 */
 | |
| 	sub_preempt_count(SOFTIRQ_DISABLE_OFFSET - 1);
 | |
| 
 | |
| 	if (unlikely(!in_interrupt() && local_softirq_pending()))
 | |
| 		do_softirq();
 | |
| 
 | |
| 	dec_preempt_count();
 | |
| #ifdef CONFIG_TRACE_IRQFLAGS
 | |
| 	local_irq_enable();
 | |
| #endif
 | |
| 	preempt_check_resched();
 | |
| }
 | |
| 
 | |
| void local_bh_enable(void)
 | |
| {
 | |
| 	_local_bh_enable_ip(_RET_IP_);
 | |
| }
 | |
| EXPORT_SYMBOL(local_bh_enable);
 | |
| 
 | |
| void local_bh_enable_ip(unsigned long ip)
 | |
| {
 | |
| 	_local_bh_enable_ip(ip);
 | |
| }
 | |
| EXPORT_SYMBOL(local_bh_enable_ip);
 | |
| 
 | |
| /*
 | |
|  * We restart softirq processing for at most MAX_SOFTIRQ_RESTART times,
 | |
|  * but break the loop if need_resched() is set or after 2 ms.
 | |
|  * The MAX_SOFTIRQ_TIME provides a nice upper bound in most cases, but in
 | |
|  * certain cases, such as stop_machine(), jiffies may cease to
 | |
|  * increment and so we need the MAX_SOFTIRQ_RESTART limit as
 | |
|  * well to make sure we eventually return from this method.
 | |
|  *
 | |
|  * These limits have been established via experimentation.
 | |
|  * The two things to balance is latency against fairness -
 | |
|  * we want to handle softirqs as soon as possible, but they
 | |
|  * should not be able to lock up the box.
 | |
|  */
 | |
| #define MAX_SOFTIRQ_TIME  msecs_to_jiffies(2)
 | |
| #define MAX_SOFTIRQ_RESTART 10
 | |
| 
 | |
| asmlinkage void __do_softirq(void)
 | |
| {
 | |
| 	struct softirq_action *h;
 | |
| 	__u32 pending;
 | |
| 	unsigned long end = jiffies + MAX_SOFTIRQ_TIME;
 | |
| 	int cpu;
 | |
| 	unsigned long old_flags = current->flags;
 | |
| 	int max_restart = MAX_SOFTIRQ_RESTART;
 | |
| 
 | |
| 	/*
 | |
| 	 * Mask out PF_MEMALLOC s current task context is borrowed for the
 | |
| 	 * softirq. A softirq handled such as network RX might set PF_MEMALLOC
 | |
| 	 * again if the socket is related to swap
 | |
| 	 */
 | |
| 	current->flags &= ~PF_MEMALLOC;
 | |
| 
 | |
| 	pending = local_softirq_pending();
 | |
| 	account_irq_enter_time(current);
 | |
| 
 | |
| 	__local_bh_disable(_RET_IP_, SOFTIRQ_OFFSET);
 | |
| 	lockdep_softirq_enter();
 | |
| 
 | |
| 	cpu = smp_processor_id();
 | |
| restart:
 | |
| 	/* Reset the pending bitmask before enabling irqs */
 | |
| 	set_softirq_pending(0);
 | |
| 
 | |
| 	local_irq_enable();
 | |
| 
 | |
| 	h = softirq_vec;
 | |
| 
 | |
| 	do {
 | |
| 		if (pending & 1) {
 | |
| 			unsigned int vec_nr = h - softirq_vec;
 | |
| 			int prev_count = preempt_count();
 | |
| 
 | |
| 			kstat_incr_softirqs_this_cpu(vec_nr);
 | |
| 
 | |
| 			trace_softirq_entry(vec_nr);
 | |
| 			h->action(h);
 | |
| 			trace_softirq_exit(vec_nr);
 | |
| 			if (unlikely(prev_count != preempt_count())) {
 | |
| 				printk(KERN_ERR "huh, entered softirq %u %s %p"
 | |
| 				       "with preempt_count %08x,"
 | |
| 				       " exited with %08x?\n", vec_nr,
 | |
| 				       softirq_to_name[vec_nr], h->action,
 | |
| 				       prev_count, preempt_count());
 | |
| 				preempt_count() = prev_count;
 | |
| 			}
 | |
| 
 | |
| 			rcu_bh_qs(cpu);
 | |
| 		}
 | |
| 		h++;
 | |
| 		pending >>= 1;
 | |
| 	} while (pending);
 | |
| 
 | |
| 	local_irq_disable();
 | |
| 
 | |
| 	pending = local_softirq_pending();
 | |
| 	if (pending) {
 | |
| 		if (time_before(jiffies, end) && !need_resched() &&
 | |
| 		    --max_restart)
 | |
| 			goto restart;
 | |
| 
 | |
| 		wakeup_softirqd();
 | |
| 	}
 | |
| 
 | |
| 	lockdep_softirq_exit();
 | |
| 
 | |
| 	account_irq_exit_time(current);
 | |
| 	__local_bh_enable(SOFTIRQ_OFFSET);
 | |
| 	tsk_restore_flags(current, old_flags, PF_MEMALLOC);
 | |
| }
 | |
| 
 | |
| #ifndef __ARCH_HAS_DO_SOFTIRQ
 | |
| 
 | |
| asmlinkage void do_softirq(void)
 | |
| {
 | |
| 	__u32 pending;
 | |
| 	unsigned long flags;
 | |
| 
 | |
| 	if (in_interrupt())
 | |
| 		return;
 | |
| 
 | |
| 	local_irq_save(flags);
 | |
| 
 | |
| 	pending = local_softirq_pending();
 | |
| 
 | |
| 	if (pending)
 | |
| 		__do_softirq();
 | |
| 
 | |
| 	local_irq_restore(flags);
 | |
| }
 | |
| 
 | |
| #endif
 | |
| 
 | |
| /*
 | |
|  * Enter an interrupt context.
 | |
|  */
 | |
| void irq_enter(void)
 | |
| {
 | |
| 	int cpu = smp_processor_id();
 | |
| 
 | |
| 	rcu_irq_enter();
 | |
| 	if (is_idle_task(current) && !in_interrupt()) {
 | |
| 		/*
 | |
| 		 * Prevent raise_softirq from needlessly waking up ksoftirqd
 | |
| 		 * here, as softirq will be serviced on return from interrupt.
 | |
| 		 */
 | |
| 		local_bh_disable();
 | |
| 		tick_check_idle(cpu);
 | |
| 		_local_bh_enable();
 | |
| 	}
 | |
| 
 | |
| 	__irq_enter();
 | |
| }
 | |
| 
 | |
| static inline void invoke_softirq(void)
 | |
| {
 | |
| 	if (!force_irqthreads) {
 | |
| 		/*
 | |
| 		 * We can safely execute softirq on the current stack if
 | |
| 		 * it is the irq stack, because it should be near empty
 | |
| 		 * at this stage. But we have no way to know if the arch
 | |
| 		 * calls irq_exit() on the irq stack. So call softirq
 | |
| 		 * in its own stack to prevent from any overrun on top
 | |
| 		 * of a potentially deep task stack.
 | |
| 		 */
 | |
| 		do_softirq();
 | |
| 	} else {
 | |
| 		wakeup_softirqd();
 | |
| 	}
 | |
| }
 | |
| 
 | |
| static inline void tick_irq_exit(void)
 | |
| {
 | |
| #ifdef CONFIG_NO_HZ_COMMON
 | |
| 	int cpu = smp_processor_id();
 | |
| 
 | |
| 	/* Make sure that timer wheel updates are propagated */
 | |
| 	if ((idle_cpu(cpu) && !need_resched()) || tick_nohz_full_cpu(cpu)) {
 | |
| 		if (!in_interrupt())
 | |
| 			tick_nohz_irq_exit();
 | |
| 	}
 | |
| #endif
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * Exit an interrupt context. Process softirqs if needed and possible:
 | |
|  */
 | |
| void irq_exit(void)
 | |
| {
 | |
| #ifndef __ARCH_IRQ_EXIT_IRQS_DISABLED
 | |
| 	local_irq_disable();
 | |
| #else
 | |
| 	WARN_ON_ONCE(!irqs_disabled());
 | |
| #endif
 | |
| 
 | |
| 	account_irq_exit_time(current);
 | |
| 	trace_hardirq_exit();
 | |
| 	sub_preempt_count(HARDIRQ_OFFSET);
 | |
| 	if (!in_interrupt() && local_softirq_pending())
 | |
| 		invoke_softirq();
 | |
| 
 | |
| 	tick_irq_exit();
 | |
| 	rcu_irq_exit();
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * This function must run with irqs disabled!
 | |
|  */
 | |
| inline void raise_softirq_irqoff(unsigned int nr)
 | |
| {
 | |
| 	__raise_softirq_irqoff(nr);
 | |
| 
 | |
| 	/*
 | |
| 	 * If we're in an interrupt or softirq, we're done
 | |
| 	 * (this also catches softirq-disabled code). We will
 | |
| 	 * actually run the softirq once we return from
 | |
| 	 * the irq or softirq.
 | |
| 	 *
 | |
| 	 * Otherwise we wake up ksoftirqd to make sure we
 | |
| 	 * schedule the softirq soon.
 | |
| 	 */
 | |
| 	if (!in_interrupt())
 | |
| 		wakeup_softirqd();
 | |
| }
 | |
| 
 | |
| void raise_softirq(unsigned int nr)
 | |
| {
 | |
| 	unsigned long flags;
 | |
| 
 | |
| 	local_irq_save(flags);
 | |
| 	raise_softirq_irqoff(nr);
 | |
| 	local_irq_restore(flags);
 | |
| }
 | |
| 
 | |
| void __raise_softirq_irqoff(unsigned int nr)
 | |
| {
 | |
| 	trace_softirq_raise(nr);
 | |
| 	or_softirq_pending(1UL << nr);
 | |
| }
 | |
| 
 | |
| void open_softirq(int nr, void (*action)(struct softirq_action *))
 | |
| {
 | |
| 	softirq_vec[nr].action = action;
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * Tasklets
 | |
|  */
 | |
| struct tasklet_head
 | |
| {
 | |
| 	struct tasklet_struct *head;
 | |
| 	struct tasklet_struct **tail;
 | |
| };
 | |
| 
 | |
| static DEFINE_PER_CPU(struct tasklet_head, tasklet_vec);
 | |
| static DEFINE_PER_CPU(struct tasklet_head, tasklet_hi_vec);
 | |
| 
 | |
| void __tasklet_schedule(struct tasklet_struct *t)
 | |
| {
 | |
| 	unsigned long flags;
 | |
| 
 | |
| 	local_irq_save(flags);
 | |
| 	t->next = NULL;
 | |
| 	*__this_cpu_read(tasklet_vec.tail) = t;
 | |
| 	__this_cpu_write(tasklet_vec.tail, &(t->next));
 | |
| 	raise_softirq_irqoff(TASKLET_SOFTIRQ);
 | |
| 	local_irq_restore(flags);
 | |
| }
 | |
| 
 | |
| EXPORT_SYMBOL(__tasklet_schedule);
 | |
| 
 | |
| void __tasklet_hi_schedule(struct tasklet_struct *t)
 | |
| {
 | |
| 	unsigned long flags;
 | |
| 
 | |
| 	local_irq_save(flags);
 | |
| 	t->next = NULL;
 | |
| 	*__this_cpu_read(tasklet_hi_vec.tail) = t;
 | |
| 	__this_cpu_write(tasklet_hi_vec.tail,  &(t->next));
 | |
| 	raise_softirq_irqoff(HI_SOFTIRQ);
 | |
| 	local_irq_restore(flags);
 | |
| }
 | |
| 
 | |
| EXPORT_SYMBOL(__tasklet_hi_schedule);
 | |
| 
 | |
| void __tasklet_hi_schedule_first(struct tasklet_struct *t)
 | |
| {
 | |
| 	BUG_ON(!irqs_disabled());
 | |
| 
 | |
| 	t->next = __this_cpu_read(tasklet_hi_vec.head);
 | |
| 	__this_cpu_write(tasklet_hi_vec.head, t);
 | |
| 	__raise_softirq_irqoff(HI_SOFTIRQ);
 | |
| }
 | |
| 
 | |
| EXPORT_SYMBOL(__tasklet_hi_schedule_first);
 | |
| 
 | |
| static void tasklet_action(struct softirq_action *a)
 | |
| {
 | |
| 	struct tasklet_struct *list;
 | |
| 
 | |
| 	local_irq_disable();
 | |
| 	list = __this_cpu_read(tasklet_vec.head);
 | |
| 	__this_cpu_write(tasklet_vec.head, NULL);
 | |
| 	__this_cpu_write(tasklet_vec.tail, &__get_cpu_var(tasklet_vec).head);
 | |
| 	local_irq_enable();
 | |
| 
 | |
| 	while (list) {
 | |
| 		struct tasklet_struct *t = list;
 | |
| 
 | |
| 		list = list->next;
 | |
| 
 | |
| 		if (tasklet_trylock(t)) {
 | |
| 			if (!atomic_read(&t->count)) {
 | |
| 				if (!test_and_clear_bit(TASKLET_STATE_SCHED, &t->state))
 | |
| 					BUG();
 | |
| 				t->func(t->data);
 | |
| 				tasklet_unlock(t);
 | |
| 				continue;
 | |
| 			}
 | |
| 			tasklet_unlock(t);
 | |
| 		}
 | |
| 
 | |
| 		local_irq_disable();
 | |
| 		t->next = NULL;
 | |
| 		*__this_cpu_read(tasklet_vec.tail) = t;
 | |
| 		__this_cpu_write(tasklet_vec.tail, &(t->next));
 | |
| 		__raise_softirq_irqoff(TASKLET_SOFTIRQ);
 | |
| 		local_irq_enable();
 | |
| 	}
 | |
| }
 | |
| 
 | |
| static void tasklet_hi_action(struct softirq_action *a)
 | |
| {
 | |
| 	struct tasklet_struct *list;
 | |
| 
 | |
| 	local_irq_disable();
 | |
| 	list = __this_cpu_read(tasklet_hi_vec.head);
 | |
| 	__this_cpu_write(tasklet_hi_vec.head, NULL);
 | |
| 	__this_cpu_write(tasklet_hi_vec.tail, &__get_cpu_var(tasklet_hi_vec).head);
 | |
| 	local_irq_enable();
 | |
| 
 | |
| 	while (list) {
 | |
| 		struct tasklet_struct *t = list;
 | |
| 
 | |
| 		list = list->next;
 | |
| 
 | |
| 		if (tasklet_trylock(t)) {
 | |
| 			if (!atomic_read(&t->count)) {
 | |
| 				if (!test_and_clear_bit(TASKLET_STATE_SCHED, &t->state))
 | |
| 					BUG();
 | |
| 				t->func(t->data);
 | |
| 				tasklet_unlock(t);
 | |
| 				continue;
 | |
| 			}
 | |
| 			tasklet_unlock(t);
 | |
| 		}
 | |
| 
 | |
| 		local_irq_disable();
 | |
| 		t->next = NULL;
 | |
| 		*__this_cpu_read(tasklet_hi_vec.tail) = t;
 | |
| 		__this_cpu_write(tasklet_hi_vec.tail, &(t->next));
 | |
| 		__raise_softirq_irqoff(HI_SOFTIRQ);
 | |
| 		local_irq_enable();
 | |
| 	}
 | |
| }
 | |
| 
 | |
| 
 | |
| void tasklet_init(struct tasklet_struct *t,
 | |
| 		  void (*func)(unsigned long), unsigned long data)
 | |
| {
 | |
| 	t->next = NULL;
 | |
| 	t->state = 0;
 | |
| 	atomic_set(&t->count, 0);
 | |
| 	t->func = func;
 | |
| 	t->data = data;
 | |
| }
 | |
| 
 | |
| EXPORT_SYMBOL(tasklet_init);
 | |
| 
 | |
| void tasklet_kill(struct tasklet_struct *t)
 | |
| {
 | |
| 	if (in_interrupt())
 | |
| 		printk("Attempt to kill tasklet from interrupt\n");
 | |
| 
 | |
| 	while (test_and_set_bit(TASKLET_STATE_SCHED, &t->state)) {
 | |
| 		do {
 | |
| 			yield();
 | |
| 		} while (test_bit(TASKLET_STATE_SCHED, &t->state));
 | |
| 	}
 | |
| 	tasklet_unlock_wait(t);
 | |
| 	clear_bit(TASKLET_STATE_SCHED, &t->state);
 | |
| }
 | |
| 
 | |
| EXPORT_SYMBOL(tasklet_kill);
 | |
| 
 | |
| /*
 | |
|  * tasklet_hrtimer
 | |
|  */
 | |
| 
 | |
| /*
 | |
|  * The trampoline is called when the hrtimer expires. It schedules a tasklet
 | |
|  * to run __tasklet_hrtimer_trampoline() which in turn will call the intended
 | |
|  * hrtimer callback, but from softirq context.
 | |
|  */
 | |
| static enum hrtimer_restart __hrtimer_tasklet_trampoline(struct hrtimer *timer)
 | |
| {
 | |
| 	struct tasklet_hrtimer *ttimer =
 | |
| 		container_of(timer, struct tasklet_hrtimer, timer);
 | |
| 
 | |
| 	tasklet_hi_schedule(&ttimer->tasklet);
 | |
| 	return HRTIMER_NORESTART;
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * Helper function which calls the hrtimer callback from
 | |
|  * tasklet/softirq context
 | |
|  */
 | |
| static void __tasklet_hrtimer_trampoline(unsigned long data)
 | |
| {
 | |
| 	struct tasklet_hrtimer *ttimer = (void *)data;
 | |
| 	enum hrtimer_restart restart;
 | |
| 
 | |
| 	restart = ttimer->function(&ttimer->timer);
 | |
| 	if (restart != HRTIMER_NORESTART)
 | |
| 		hrtimer_restart(&ttimer->timer);
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * tasklet_hrtimer_init - Init a tasklet/hrtimer combo for softirq callbacks
 | |
|  * @ttimer:	 tasklet_hrtimer which is initialized
 | |
|  * @function:	 hrtimer callback function which gets called from softirq context
 | |
|  * @which_clock: clock id (CLOCK_MONOTONIC/CLOCK_REALTIME)
 | |
|  * @mode:	 hrtimer mode (HRTIMER_MODE_ABS/HRTIMER_MODE_REL)
 | |
|  */
 | |
| void tasklet_hrtimer_init(struct tasklet_hrtimer *ttimer,
 | |
| 			  enum hrtimer_restart (*function)(struct hrtimer *),
 | |
| 			  clockid_t which_clock, enum hrtimer_mode mode)
 | |
| {
 | |
| 	hrtimer_init(&ttimer->timer, which_clock, mode);
 | |
| 	ttimer->timer.function = __hrtimer_tasklet_trampoline;
 | |
| 	tasklet_init(&ttimer->tasklet, __tasklet_hrtimer_trampoline,
 | |
| 		     (unsigned long)ttimer);
 | |
| 	ttimer->function = function;
 | |
| }
 | |
| EXPORT_SYMBOL_GPL(tasklet_hrtimer_init);
 | |
| 
 | |
| /*
 | |
|  * Remote softirq bits
 | |
|  */
 | |
| 
 | |
| DEFINE_PER_CPU(struct list_head [NR_SOFTIRQS], softirq_work_list);
 | |
| EXPORT_PER_CPU_SYMBOL(softirq_work_list);
 | |
| 
 | |
| static void __local_trigger(struct call_single_data *cp, int softirq)
 | |
| {
 | |
| 	struct list_head *head = &__get_cpu_var(softirq_work_list[softirq]);
 | |
| 
 | |
| 	list_add_tail(&cp->list, head);
 | |
| 
 | |
| 	/* Trigger the softirq only if the list was previously empty.  */
 | |
| 	if (head->next == &cp->list)
 | |
| 		raise_softirq_irqoff(softirq);
 | |
| }
 | |
| 
 | |
| #ifdef CONFIG_USE_GENERIC_SMP_HELPERS
 | |
| static void remote_softirq_receive(void *data)
 | |
| {
 | |
| 	struct call_single_data *cp = data;
 | |
| 	unsigned long flags;
 | |
| 	int softirq;
 | |
| 
 | |
| 	softirq = *(int *)cp->info;
 | |
| 	local_irq_save(flags);
 | |
| 	__local_trigger(cp, softirq);
 | |
| 	local_irq_restore(flags);
 | |
| }
 | |
| 
 | |
| static int __try_remote_softirq(struct call_single_data *cp, int cpu, int softirq)
 | |
| {
 | |
| 	if (cpu_online(cpu)) {
 | |
| 		cp->func = remote_softirq_receive;
 | |
| 		cp->info = &softirq;
 | |
| 		cp->flags = 0;
 | |
| 
 | |
| 		__smp_call_function_single(cpu, cp, 0);
 | |
| 		return 0;
 | |
| 	}
 | |
| 	return 1;
 | |
| }
 | |
| #else /* CONFIG_USE_GENERIC_SMP_HELPERS */
 | |
| static int __try_remote_softirq(struct call_single_data *cp, int cpu, int softirq)
 | |
| {
 | |
| 	return 1;
 | |
| }
 | |
| #endif
 | |
| 
 | |
| /**
 | |
|  * __send_remote_softirq - try to schedule softirq work on a remote cpu
 | |
|  * @cp: private SMP call function data area
 | |
|  * @cpu: the remote cpu
 | |
|  * @this_cpu: the currently executing cpu
 | |
|  * @softirq: the softirq for the work
 | |
|  *
 | |
|  * Attempt to schedule softirq work on a remote cpu.  If this cannot be
 | |
|  * done, the work is instead queued up on the local cpu.
 | |
|  *
 | |
|  * Interrupts must be disabled.
 | |
|  */
 | |
| void __send_remote_softirq(struct call_single_data *cp, int cpu, int this_cpu, int softirq)
 | |
| {
 | |
| 	if (cpu == this_cpu || __try_remote_softirq(cp, cpu, softirq))
 | |
| 		__local_trigger(cp, softirq);
 | |
| }
 | |
| EXPORT_SYMBOL(__send_remote_softirq);
 | |
| 
 | |
| /**
 | |
|  * send_remote_softirq - try to schedule softirq work on a remote cpu
 | |
|  * @cp: private SMP call function data area
 | |
|  * @cpu: the remote cpu
 | |
|  * @softirq: the softirq for the work
 | |
|  *
 | |
|  * Like __send_remote_softirq except that disabling interrupts and
 | |
|  * computing the current cpu is done for the caller.
 | |
|  */
 | |
| void send_remote_softirq(struct call_single_data *cp, int cpu, int softirq)
 | |
| {
 | |
| 	unsigned long flags;
 | |
| 	int this_cpu;
 | |
| 
 | |
| 	local_irq_save(flags);
 | |
| 	this_cpu = smp_processor_id();
 | |
| 	__send_remote_softirq(cp, cpu, this_cpu, softirq);
 | |
| 	local_irq_restore(flags);
 | |
| }
 | |
| EXPORT_SYMBOL(send_remote_softirq);
 | |
| 
 | |
| static int remote_softirq_cpu_notify(struct notifier_block *self,
 | |
| 					       unsigned long action, void *hcpu)
 | |
| {
 | |
| 	/*
 | |
| 	 * If a CPU goes away, splice its entries to the current CPU
 | |
| 	 * and trigger a run of the softirq
 | |
| 	 */
 | |
| 	if (action == CPU_DEAD || action == CPU_DEAD_FROZEN) {
 | |
| 		int cpu = (unsigned long) hcpu;
 | |
| 		int i;
 | |
| 
 | |
| 		local_irq_disable();
 | |
| 		for (i = 0; i < NR_SOFTIRQS; i++) {
 | |
| 			struct list_head *head = &per_cpu(softirq_work_list[i], cpu);
 | |
| 			struct list_head *local_head;
 | |
| 
 | |
| 			if (list_empty(head))
 | |
| 				continue;
 | |
| 
 | |
| 			local_head = &__get_cpu_var(softirq_work_list[i]);
 | |
| 			list_splice_init(head, local_head);
 | |
| 			raise_softirq_irqoff(i);
 | |
| 		}
 | |
| 		local_irq_enable();
 | |
| 	}
 | |
| 
 | |
| 	return NOTIFY_OK;
 | |
| }
 | |
| 
 | |
| static struct notifier_block remote_softirq_cpu_notifier = {
 | |
| 	.notifier_call	= remote_softirq_cpu_notify,
 | |
| };
 | |
| 
 | |
| void __init softirq_init(void)
 | |
| {
 | |
| 	int cpu;
 | |
| 
 | |
| 	for_each_possible_cpu(cpu) {
 | |
| 		int i;
 | |
| 
 | |
| 		per_cpu(tasklet_vec, cpu).tail =
 | |
| 			&per_cpu(tasklet_vec, cpu).head;
 | |
| 		per_cpu(tasklet_hi_vec, cpu).tail =
 | |
| 			&per_cpu(tasklet_hi_vec, cpu).head;
 | |
| 		for (i = 0; i < NR_SOFTIRQS; i++)
 | |
| 			INIT_LIST_HEAD(&per_cpu(softirq_work_list[i], cpu));
 | |
| 	}
 | |
| 
 | |
| 	register_hotcpu_notifier(&remote_softirq_cpu_notifier);
 | |
| 
 | |
| 	open_softirq(TASKLET_SOFTIRQ, tasklet_action);
 | |
| 	open_softirq(HI_SOFTIRQ, tasklet_hi_action);
 | |
| }
 | |
| 
 | |
| static int ksoftirqd_should_run(unsigned int cpu)
 | |
| {
 | |
| 	return local_softirq_pending();
 | |
| }
 | |
| 
 | |
| static void run_ksoftirqd(unsigned int cpu)
 | |
| {
 | |
| 	local_irq_disable();
 | |
| 	if (local_softirq_pending()) {
 | |
| 		__do_softirq();
 | |
| 		rcu_note_context_switch(cpu);
 | |
| 		local_irq_enable();
 | |
| 		cond_resched();
 | |
| 		return;
 | |
| 	}
 | |
| 	local_irq_enable();
 | |
| }
 | |
| 
 | |
| #ifdef CONFIG_HOTPLUG_CPU
 | |
| /*
 | |
|  * tasklet_kill_immediate is called to remove a tasklet which can already be
 | |
|  * scheduled for execution on @cpu.
 | |
|  *
 | |
|  * Unlike tasklet_kill, this function removes the tasklet
 | |
|  * _immediately_, even if the tasklet is in TASKLET_STATE_SCHED state.
 | |
|  *
 | |
|  * When this function is called, @cpu must be in the CPU_DEAD state.
 | |
|  */
 | |
| void tasklet_kill_immediate(struct tasklet_struct *t, unsigned int cpu)
 | |
| {
 | |
| 	struct tasklet_struct **i;
 | |
| 
 | |
| 	BUG_ON(cpu_online(cpu));
 | |
| 	BUG_ON(test_bit(TASKLET_STATE_RUN, &t->state));
 | |
| 
 | |
| 	if (!test_bit(TASKLET_STATE_SCHED, &t->state))
 | |
| 		return;
 | |
| 
 | |
| 	/* CPU is dead, so no lock needed. */
 | |
| 	for (i = &per_cpu(tasklet_vec, cpu).head; *i; i = &(*i)->next) {
 | |
| 		if (*i == t) {
 | |
| 			*i = t->next;
 | |
| 			/* If this was the tail element, move the tail ptr */
 | |
| 			if (*i == NULL)
 | |
| 				per_cpu(tasklet_vec, cpu).tail = i;
 | |
| 			return;
 | |
| 		}
 | |
| 	}
 | |
| 	BUG();
 | |
| }
 | |
| 
 | |
| static void takeover_tasklets(unsigned int cpu)
 | |
| {
 | |
| 	/* CPU is dead, so no lock needed. */
 | |
| 	local_irq_disable();
 | |
| 
 | |
| 	/* Find end, append list for that CPU. */
 | |
| 	if (&per_cpu(tasklet_vec, cpu).head != per_cpu(tasklet_vec, cpu).tail) {
 | |
| 		*__this_cpu_read(tasklet_vec.tail) = per_cpu(tasklet_vec, cpu).head;
 | |
| 		this_cpu_write(tasklet_vec.tail, per_cpu(tasklet_vec, cpu).tail);
 | |
| 		per_cpu(tasklet_vec, cpu).head = NULL;
 | |
| 		per_cpu(tasklet_vec, cpu).tail = &per_cpu(tasklet_vec, cpu).head;
 | |
| 	}
 | |
| 	raise_softirq_irqoff(TASKLET_SOFTIRQ);
 | |
| 
 | |
| 	if (&per_cpu(tasklet_hi_vec, cpu).head != per_cpu(tasklet_hi_vec, cpu).tail) {
 | |
| 		*__this_cpu_read(tasklet_hi_vec.tail) = per_cpu(tasklet_hi_vec, cpu).head;
 | |
| 		__this_cpu_write(tasklet_hi_vec.tail, per_cpu(tasklet_hi_vec, cpu).tail);
 | |
| 		per_cpu(tasklet_hi_vec, cpu).head = NULL;
 | |
| 		per_cpu(tasklet_hi_vec, cpu).tail = &per_cpu(tasklet_hi_vec, cpu).head;
 | |
| 	}
 | |
| 	raise_softirq_irqoff(HI_SOFTIRQ);
 | |
| 
 | |
| 	local_irq_enable();
 | |
| }
 | |
| #endif /* CONFIG_HOTPLUG_CPU */
 | |
| 
 | |
| static int cpu_callback(struct notifier_block *nfb,
 | |
| 				  unsigned long action,
 | |
| 				  void *hcpu)
 | |
| {
 | |
| 	switch (action) {
 | |
| #ifdef CONFIG_HOTPLUG_CPU
 | |
| 	case CPU_DEAD:
 | |
| 	case CPU_DEAD_FROZEN:
 | |
| 		takeover_tasklets((unsigned long)hcpu);
 | |
| 		break;
 | |
| #endif /* CONFIG_HOTPLUG_CPU */
 | |
| 	}
 | |
| 	return NOTIFY_OK;
 | |
| }
 | |
| 
 | |
| static struct notifier_block cpu_nfb = {
 | |
| 	.notifier_call = cpu_callback
 | |
| };
 | |
| 
 | |
| static struct smp_hotplug_thread softirq_threads = {
 | |
| 	.store			= &ksoftirqd,
 | |
| 	.thread_should_run	= ksoftirqd_should_run,
 | |
| 	.thread_fn		= run_ksoftirqd,
 | |
| 	.thread_comm		= "ksoftirqd/%u",
 | |
| };
 | |
| 
 | |
| static __init int spawn_ksoftirqd(void)
 | |
| {
 | |
| 	register_cpu_notifier(&cpu_nfb);
 | |
| 
 | |
| 	BUG_ON(smpboot_register_percpu_thread(&softirq_threads));
 | |
| 
 | |
| 	return 0;
 | |
| }
 | |
| early_initcall(spawn_ksoftirqd);
 | |
| 
 | |
| /*
 | |
|  * [ These __weak aliases are kept in a separate compilation unit, so that
 | |
|  *   GCC does not inline them incorrectly. ]
 | |
|  */
 | |
| 
 | |
| int __init __weak early_irq_init(void)
 | |
| {
 | |
| 	return 0;
 | |
| }
 | |
| 
 | |
| int __init __weak arch_probe_nr_irqs(void)
 | |
| {
 | |
| 	return NR_IRQS_LEGACY;
 | |
| }
 | |
| 
 | |
| int __init __weak arch_early_irq_init(void)
 | |
| {
 | |
| 	return 0;
 | |
| }
 |