From owner-dev-commits-src-main@freebsd.org Wed Dec 30 23:00:33 2020 Return-Path: Delivered-To: dev-commits-src-main@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 876044D21FA; Wed, 30 Dec 2020 23:00:33 +0000 (UTC) (envelope-from bdragon@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4D5mwK39S2z4ppv; Wed, 30 Dec 2020 23:00:33 +0000 (UTC) (envelope-from bdragon@FreeBSD.org) Received: from auth1-smtp.messagingengine.com (auth1-smtp.messagingengine.com [66.111.4.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: bdragon/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 5FC198F99; Wed, 30 Dec 2020 23:00:33 +0000 (UTC) (envelope-from bdragon@FreeBSD.org) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailauth.nyi.internal (Postfix) with ESMTP id 4F05327C0054; Wed, 30 Dec 2020 18:00:33 -0500 (EST) Received: from imap1 ([10.202.2.51]) by compute3.internal (MEProxy); Wed, 30 Dec 2020 18:00:33 -0500 X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrvddvgedgtdejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne gfrhhlucfvnfffucdluddtmdenucfjughrpefofgggkfgjfhffhffvufgtsehttdertder reejnecuhfhrohhmpedfuehrrghnughonhcuuegvrhhgrhgvnhdfuceosggurhgrghhonh eshfhrvggvuefuffdrohhrgheqnecuggftrfgrthhtvghrnhepheeiieekkeffkeelkeel geetgfeltdetgffhudetieekveefvdfhgefgffdujefgnecuffhomhgrihhnpehfrhgvvg gsshgurdhorhhgnecuvehluhhsthgvrhfuihiivgepvdenucfrrghrrghmpehmrghilhhf rhhomhepsggurhgrghhonhdomhgvshhmthhprghuthhhphgvrhhsohhnrghlihhthidqud dtgedvfeehkeeigedqudekuddtkeehuddqsggurhgrghhonheppefhrhgvvgeuufffrdho rhhgsehimhgrphdrtggt X-ME-Proxy: Received: by mailuser.nyi.internal (Postfix, from userid 501) id A4EBEC200A5; Wed, 30 Dec 2020 18:00:33 -0500 (EST) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.3.1-61-gb52c239-fm-20201210.001-gb52c2396 Mime-Version: 1.0 Message-Id: <01789d70-9469-4049-a23e-cd529dd96ce5@www.fastmail.com> In-Reply-To: <202012302245.0BUMjrpm032399@gitrepo.freebsd.org> References: <202012302245.0BUMjrpm032399@gitrepo.freebsd.org> Date: Wed, 30 Dec 2020 17:00:13 -0600 From: "Brandon Bergren" To: "Piotr Kubaj" , src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: =?UTF-8?Q?Re:_git:_76ff03aef741_-_main_-_powerpc:_Fix_copyin/copyout_rac?= =?UTF-8?Q?e_condition?= Content-Type: text/plain X-BeenThere: dev-commits-src-main@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Commit messages for the main branch of the src repository." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Dec 2020 23:00:33 -0000 Approved-By: bdragon (in IRC) On Wed, Dec 30, 2020, at 4:45 PM, Piotr Kubaj wrote: > The branch main has been updated by pkubaj (ports committer): > > URL: > https://cgit.FreeBSD.org/src/commit/?id=76ff03aef7411e601673dfc997bd6d691bd9a14e > > commit 76ff03aef7411e601673dfc997bd6d691bd9a14e > Author: Justin Hibbits > AuthorDate: 2020-12-08 22:49:25 +0000 > Commit: Piotr Kubaj > CommitDate: 2020-12-30 22:45:44 +0000 > > powerpc: Fix copyin/copyout race condition > > It's possible for a context switch, and CPU migration, to occur between > fetching the PCPU context and extracting the pc_curpcb. This can cause > the fault handler to be installed for the wrong thread, leading to a > panic in copyin()/copyout(). Since curthread is already in %r13, just > use that directly, as GPRs are migrated, so there is no migration race > risk. > --- > sys/powerpc/powerpc/support.S | 16 ++++++---------- > 1 file changed, 6 insertions(+), 10 deletions(-) > > diff --git a/sys/powerpc/powerpc/support.S b/sys/powerpc/powerpc/support.S > index 9ff1bcc02437..10d3192972d5 100644 > --- a/sys/powerpc/powerpc/support.S > +++ b/sys/powerpc/powerpc/support.S > @@ -61,6 +61,7 @@ > /* log_2(8 * WORD) */ > #define LOOP_LOG 6 > #define LOG_WORD 3 > +#define CURTHREAD %r13 > #else > #define LOAD lwz > #define STORE stw > @@ -70,6 +71,7 @@ > /* log_2(8 * WORD) */ > #define LOOP_LOG 5 > #define LOG_WORD 2 > +#define CURTHREAD %r2 > #endif > > #ifdef AIM > @@ -149,32 +151,26 @@ > > #endif > > -#define PCPU(reg) mfsprg reg, 0 > - > #define SET_COPYFAULT(raddr, rpcb, len) \ > VALIDATE_ADDR_COPY(raddr, len) ;\ > - PCPU(%r9) ;\ > li %r0, COPYFAULT ;\ > - LOAD rpcb, PC_CURPCB(%r9) ;\ > + LOAD rpcb, TD_PCB(CURTHREAD) ;\ > STORE %r0, PCB_ONFAULT(rpcb) ;\ > > #define SET_COPYFAULT_TRUNCATE(raddr, rpcb, len)\ > VALIDATE_TRUNCATE_ADDR_COPY(raddr, len) ;\ > - PCPU(%r9) ;\ > li %r0, COPYFAULT ;\ > - LOAD rpcb, PC_CURPCB(%r9) ;\ > + LOAD rpcb, TD_PCB(CURTHREAD) ;\ > STORE %r0, PCB_ONFAULT(rpcb) > > #define SET_FUSUFAULT(raddr, rpcb) \ > VALIDATE_ADDR_FUSU(raddr) ;\ > - PCPU(%r9) ;\ > li %r0, FUSUFAULT ;\ > - LOAD rpcb, PC_CURPCB(%r9) ;\ > + LOAD rpcb, TD_PCB(CURTHREAD) ;\ > STORE %r0, PCB_ONFAULT(rpcb) > > #define CLEAR_FAULT_NO_CLOBBER(rpcb) \ > - PCPU(%r9) ;\ > - LOAD rpcb, PC_CURPCB(%r9) ;\ > + LOAD rpcb, TD_PCB(CURTHREAD) ;\ > li %r0, 0 ;\ > STORE %r0, PCB_ONFAULT(rpcb) > > -- Brandon Bergren bdragon@FreeBSD.org