From: Philippe Gerum <rpm@xenomai.org>
To: Jan Kiszka <jan.kiszka@siemens.com>
Cc: xenomai@xenomai.org
Subject: Re: [PATCH 5.4] x86: ipipe: Harden path between use_temporary_mm and unuse_temporary_mm
Date: Sun, 14 Mar 2021 18:14:23 +0100 [thread overview]
Message-ID: <87ft0xfyj4.fsf@xenomai.org> (raw)
In-Reply-To: <3511af9f-f393-a226-0e41-a23d8c1577c8@siemens.com>
Jan Kiszka via Xenomai <xenomai@xenomai.org> writes:
> From: Jan Kiszka <jan.kiszka@siemens.com>
>
> This is only called during early init, e.g. for switching alternatives.
> Still, switch_mm_irqs_off would complain without this, and we are better
> safe than sorry.
>
The way this is done in Dovetail is fragile too, since the protection we
have there still expects the pipeline entry code not to mess up on
handling an interrupt, which defeats the purpose of such
precaution. Besides, the temp_state should be snapshot under protection
too. IOW, IRQs should be hard disabled fully while using the temporary
mm.
Upstreaming a similar patch for Dovetail.
Thanks,
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
>
> 4.19 is not affected. Dovetail solves this differently, via
> local_irq_save_full which is not available in I-pipe and not worth to
> introduce for this purpose.
>
> arch/x86/include/asm/mmu_context.h | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/arch/x86/include/asm/mmu_context.h b/arch/x86/include/asm/mmu_context.h
> index 0d9dd08c2122..2b4afca4e15f 100644
> --- a/arch/x86/include/asm/mmu_context.h
> +++ b/arch/x86/include/asm/mmu_context.h
> @@ -383,6 +383,7 @@ static inline temp_mm_state_t use_temporary_mm(struct mm_struct *mm)
> temp_mm_state_t temp_state;
>
> lockdep_assert_irqs_disabled();
> + hard_cond_local_irq_disable();
> temp_state.mm = this_cpu_read(cpu_tlbstate.loaded_mm);
> switch_mm_irqs_off(NULL, mm, current);
>
> @@ -407,6 +408,7 @@ static inline void unuse_temporary_mm(temp_mm_state_t prev_state)
> {
> lockdep_assert_irqs_disabled();
> switch_mm_irqs_off(NULL, prev_state.mm, current);
> + hard_cond_local_irq_enable();
>
> /*
> * Restore the breakpoints if they were disabled before the temporary mm
--
Philippe.
next prev parent reply other threads:[~2021-03-14 17:14 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-14 16:08 [PATCH 5.4] x86: ipipe: Harden path between use_temporary_mm and unuse_temporary_mm Jan Kiszka
2021-03-14 17:14 ` Philippe Gerum [this message]
2021-03-15 6:19 ` Jan Kiszka
2021-03-15 8:08 ` Jan Kiszka
2021-03-15 9:03 ` Philippe Gerum
2021-03-15 9:00 ` Philippe Gerum
2021-03-15 9:22 ` Jan Kiszka
2021-03-15 9:43 ` Philippe Gerum
2021-03-15 10:02 ` Philippe Gerum
2021-03-15 9:47 ` Philippe Gerum
2021-03-15 9:57 ` Jan Kiszka
2021-03-15 12:11 ` Philippe Gerum
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ft0xfyj4.fsf@xenomai.org \
--to=rpm@xenomai.org \
--cc=jan.kiszka@siemens.com \
--cc=xenomai@xenomai.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.