mshv: fix SRCU protection in irqfd resampler ack handler

Replace hlist_for_each_entry_rcu() with hlist_for_each_entry_srcu()
in mshv_irqfd_resampler_ack() to correctly handle SRCU-protected
linked list traversal.

The function uses SRCU (sleepable RCU) synchronization via
partition->pt_irq_srcu, but was incorrectly using the RCU variant
for list iteration. This could lead to race conditions when the
list is modified concurrently.

Also add srcu_read_lock_held() assertion as required by
hlist_for_each_entry_srcu() to ensure we're in the proper
read-side critical section.

Fixes: 621191d709b14 ("Drivers: hv: Introduce mshv_root module to expose /dev/mshv to VMMs")
Signed-off-by: Li RongQing <lirongqing@baidu.com>
Reviewed-by: Anirudh Rayabharam (Microsoft) <anirudh@anirudhrb.com>
Acked-by: Stanislav Kinsburskii <skinsburskii@linux.microsoft.com>
Signed-off-by: Wei Liu <wei.liu@kernel.org>

diff --git a/drivers/hv/mshv_eventfd.c b/drivers/hv/mshv_eventfd.c
index 525b64a5acc2ea13426d8ce6c6a0b00be21ea411..5e0b10aeeaa240d3ebc5b3e4c55d73d79160a51d 100644 (file)
--- a/drivers/hv/mshv_eventfd.c
+++ b/drivers/hv/mshv_eventfd.c
@@ -87,8 +87,9 @@ static void mshv_irqfd_resampler_ack(struct mshv_irq_ack_notifier *mian)
 
        idx = srcu_read_lock(&partition->pt_irq_srcu);
 
-       hlist_for_each_entry_rcu(irqfd, &resampler->rsmplr_irqfd_list,
-                                irqfd_resampler_hnode) {
+       hlist_for_each_entry_srcu(irqfd, &resampler->rsmplr_irqfd_list,
+                                irqfd_resampler_hnode,
+                                srcu_read_lock_held(&partition->pt_irq_srcu)) {
                if (hv_should_clear_interrupt(irqfd->irqfd_lapic_irq.lapic_control.interrupt_type))
                        hv_call_clear_virtual_interrupt(partition->pt_id);