On 21/01/2025 9:57 am, Roger Pau Monne wrote: > If using a 32bit Interrupt Remapping Entry or a 128bit one and the CPU > supports 128bit cmpxchg don't disable the entry by setting RemapEn = 0 > ahead of updating it. As a consequence of not toggling RemapEn ahead of > the update the Interrupt Remapping Table needs to be flushed after the > entry update. > > This avoids a window where the IRTE has RemapEn = 0, which can lead to > IO_PAGE_FAULT if the underlying interrupt source is not masked.
It's probably worth saying that this race condition was identified in the field, rather than being a theoretical issue. ~Andrew
