From: Jan Kiszka <jan.kiszka@siemens.com>
To: Xenomai <xenomai@lists.linux.dev>,
"Heber, Stefan" <Stefan.Heber@zwickroell.com>
Subject: [PATCH] x86: ipipe: Protect ARCH_SET_GS and ARCH_SET_FS sections
Date: Thu, 31 Aug 2023 19:02:35 +0200 [thread overview]
Message-ID: <22ffd839-af5c-48f0-a3c8-136be591302d@siemens.com> (raw)
From: Jan Kiszka <jan.kiszka@siemens.com>
We need to make the update of the register and its task-specific cache
atomic, or the head stage can preempt and restore the wrong state on
return. Caused crashes of Linux applications during their startup if the
race condition was met.
Reported-by: Stefan Heber <Stefan.Heber@zwickroell.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
Stefan, please confirm. I'll release a new x86 ipipe version for 5.4 if
this solves the problem (it did for me).
arch/x86/kernel/process_64.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
index e3022e7820015..207a27ad07182 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c
@@ -700,6 +700,7 @@ static long prctl_map_vdso(const struct vdso_image *image, unsigned long addr)
long do_arch_prctl_64(struct task_struct *task, int option, unsigned long arg2)
{
+ unsigned long flags;
int ret = 0;
switch (option) {
@@ -707,7 +708,7 @@ long do_arch_prctl_64(struct task_struct *task, int option, unsigned long arg2)
if (unlikely(arg2 >= TASK_SIZE_MAX))
return -EPERM;
- preempt_disable();
+ flags = hard_preempt_disable();
/*
* ARCH_SET_GS has always overwritten the index
* and the base. Zero is the most sensible value
@@ -728,7 +729,7 @@ long do_arch_prctl_64(struct task_struct *task, int option, unsigned long arg2)
task->thread.gsindex = 0;
x86_gsbase_write_task(task, arg2);
}
- preempt_enable();
+ hard_preempt_enable(flags);
break;
}
case ARCH_SET_FS: {
@@ -739,7 +740,7 @@ long do_arch_prctl_64(struct task_struct *task, int option, unsigned long arg2)
if (unlikely(arg2 >= TASK_SIZE_MAX))
return -EPERM;
- preempt_disable();
+ flags = hard_preempt_disable();
/*
* Set the selector to 0 for the same reason
* as %gs above.
@@ -757,7 +758,7 @@ long do_arch_prctl_64(struct task_struct *task, int option, unsigned long arg2)
task->thread.fsindex = 0;
x86_fsbase_write_task(task, arg2);
}
- preempt_enable();
+ hard_preempt_enable(flags);
break;
}
case ARCH_GET_FS: {
--
2.35.3
next reply other threads:[~2023-08-31 17:02 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-31 17:02 Jan Kiszka [this message]
2023-09-04 8:36 ` [PATCH] x86: ipipe: Protect ARCH_SET_GS and ARCH_SET_FS sections Heber, Stefan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=22ffd839-af5c-48f0-a3c8-136be591302d@siemens.com \
--to=jan.kiszka@siemens.com \
--cc=Stefan.Heber@zwickroell.com \
--cc=xenomai@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).