From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: Helge Deller <deller@gmx.de>
Cc: John David Anglin <dave@hiauly1.hia.nrc.ca>,
kyle@infradead.org, linux-parisc@vger.kernel.org
Subject: Re: [PATCH] [RFC] fix kernel crash (protection id trap) when
Date: Mon, 22 Dec 2008 16:43:36 -0600 [thread overview]
Message-ID: <1229985816.3345.43.camel@localhost.localdomain> (raw)
In-Reply-To: <494EC89A.9000802@gmx.de>
On Sun, 2008-12-21 at 23:52 +0100, Helge Deller wrote:
> John David Anglin wrote:
> >> I think the bug may be in flush_user_cache_page_non_current. It hijacks
> >> sr3 temporarily and I don't think cr8 is updated when this is done. The
> >> switch may need to be atomic.
> >
> > The following might fix the protection ID bug.
> >
> > --- cache.c.orig 2008-07-17 21:24:46.000000000 -0400
> > +++ cache.c 2008-12-21 11:53:54.000000000 -0500
> > @@ -312,14 +312,14 @@
> >
> > /* make us current */
> > mtctl(__pa(vma->vm_mm->pgd), 25);
> > - mtsp(vma->vm_mm->context, 3);
> > + load_context(vma->vm_mm->context);
> >
> > flush_user_dcache_page(vmaddr);
> > if(vma->vm_flags & VM_EXEC)
> > flush_user_icache_page(vmaddr);
> >
> > /* put the old current process back */
> > - mtsp(space, 3);
> > + load_context(space);
>
> I came to the similar conclusion and tried exactly this patch earlier
> today. It didn't fixed the problem (although I had the feeling that the
> bug didn't appeared as often then).
Actually, it should bug more often. This function:
flush_user_cache_page_non_current() is very rarely called (which is
hopefully why you don't see an increase in bugs). However, this is a
kernel function ... if you call load_context() here, you'll get the user
protection IDs in the register and it will immediately fault when it
returns to the kernel. All it should be doing (which is what it
currently does) is to set up sr3 to allow the kernel to poke into a user
address space, which is the design of the function.
James
next prev parent reply other threads:[~2008-12-22 22:43 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-17 22:46 [PATCH] [RFC] fix kernel crash (protection id trap) when compiling ruby1.9 Helge Deller
2008-12-18 0:05 ` [PATCH] [RFC] fix kernel crash (protection id trap) when compiling John David Anglin
2008-12-18 0:43 ` Kyle McMartin
2008-12-18 3:02 ` [PATCH] [RFC] fix kernel crash (protection id trap) when John David Anglin
2008-12-18 3:05 ` Kyle McMartin
2008-12-18 4:04 ` Kyle McMartin
2008-12-18 16:16 ` Carlos O'Donell
2008-12-18 18:28 ` Kyle McMartin
2008-12-19 15:25 ` Carlos O'Donell
2008-12-19 16:13 ` John David Anglin
2008-12-19 16:23 ` Carlos O'Donell
2008-12-19 16:28 ` Kyle McMartin
2008-12-19 16:35 ` Carlos O'Donell
2008-12-19 16:36 ` Carlos O'Donell
2008-12-19 16:44 ` Kyle McMartin
2008-12-19 17:28 ` Carlos O'Donell
2008-12-19 17:33 ` Kyle McMartin
2008-12-19 17:36 ` Carlos O'Donell
2008-12-19 17:39 ` Kyle McMartin
2008-12-19 17:42 ` Kyle McMartin
2008-12-19 18:43 ` Carlos O'Donell
2008-12-18 1:46 ` [PATCH] [RFC] fix kernel crash (protection id trap) when compiling ruby1.9 Carlos O'Donell
2008-12-18 2:02 ` Carlos O'Donell
2008-12-18 13:13 ` Helge Deller
2008-12-18 15:28 ` [PATCH] [RFC] fix kernel crash (protection id trap) when compiling John David Anglin
2008-12-18 16:09 ` Carlos O'Donell
2008-12-18 2:36 ` [PATCH] [RFC] fix kernel crash (protection id trap) when compiling ruby1.9 Kyle McMartin
2008-12-18 12:21 ` Carlos O'Donell
2008-12-18 7:03 ` Kyle McMartin
2008-12-18 13:09 ` Helge Deller
2008-12-18 15:05 ` Kyle McMartin
2008-12-19 21:29 ` Kyle McMartin
2008-12-19 22:59 ` Helge Deller
2008-12-19 23:34 ` Kyle McMartin
2008-12-20 17:07 ` [PATCH] [RFC] fix kernel crash (protection id trap) when John David Anglin
2008-12-21 15:20 ` John David Anglin
2008-12-21 17:27 ` John David Anglin
2008-12-21 21:33 ` Kyle McMartin
2008-12-21 22:02 ` Kyle McMartin
2008-12-21 22:52 ` John David Anglin
2008-12-21 22:11 ` John David Anglin
2008-12-21 22:52 ` Helge Deller
2008-12-21 22:58 ` John David Anglin
2008-12-21 23:08 ` Helge Deller
2008-12-22 0:07 ` John David Anglin
2008-12-22 22:43 ` James Bottomley [this message]
2008-12-22 22:46 ` Kyle McMartin
2008-12-23 2:31 ` John David Anglin
2008-12-23 2:54 ` Kyle McMartin
2008-12-23 3:15 ` John David Anglin
2008-12-23 13:13 ` John David Anglin
2008-12-21 22:20 ` Kyle McMartin
2008-12-21 22:48 ` John David Anglin
2008-12-22 22:46 ` James Bottomley
2008-12-22 22:47 ` Kyle McMartin
2008-12-21 22:59 ` Helge Deller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1229985816.3345.43.camel@localhost.localdomain \
--to=james.bottomley@hansenpartnership.com \
--cc=dave@hiauly1.hia.nrc.ca \
--cc=deller@gmx.de \
--cc=kyle@infradead.org \
--cc=linux-parisc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.