diff options
author | David S. Miller <davem@davemloft.net> | 2006-01-31 21:34:51 -0500 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-03-20 04:11:29 -0500 |
commit | 86b818687d4894063ecd1190e54717a0cce8c009 (patch) | |
tree | d2951295358502c88f7fe0c02517d729cff4eb9a | |
parent | 9954863975910a1b9372b7d5006a6cba43bdd288 (diff) |
[SPARC64]: Fix race in LOAD_PER_CPU_BASE()
Since we use %g5 itself as a temporary, it can get clobbered
if we take an interrupt mid-stream and thus cause end up with
the final %g5 value too early as a result of rtrap processing.
Set %g5 at the very end, atomically, to avoid this problem.
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | arch/sparc64/kernel/etrap.S | 4 | ||||
-rw-r--r-- | arch/sparc64/kernel/rtrap.S | 2 | ||||
-rw-r--r-- | arch/sparc64/kernel/winfixup.S | 6 | ||||
-rw-r--r-- | include/asm-sparc64/cpudata.h | 19 |
4 files changed, 18 insertions, 13 deletions
diff --git a/arch/sparc64/kernel/etrap.S b/arch/sparc64/kernel/etrap.S index db7681017299..d974d18b15be 100644 --- a/arch/sparc64/kernel/etrap.S +++ b/arch/sparc64/kernel/etrap.S | |||
@@ -100,7 +100,7 @@ etrap_irq: | |||
100 | stx %i7, [%sp + PTREGS_OFF + PT_V9_I7] | 100 | stx %i7, [%sp + PTREGS_OFF + PT_V9_I7] |
101 | wrpr %g0, ETRAP_PSTATE2, %pstate | 101 | wrpr %g0, ETRAP_PSTATE2, %pstate |
102 | mov %l6, %g6 | 102 | mov %l6, %g6 |
103 | LOAD_PER_CPU_BASE(%g4, %g3) | 103 | LOAD_PER_CPU_BASE(%g4, %g3, %l1) |
104 | jmpl %l2 + 0x4, %g0 | 104 | jmpl %l2 + 0x4, %g0 |
105 | ldx [%g6 + TI_TASK], %g4 | 105 | ldx [%g6 + TI_TASK], %g4 |
106 | 106 | ||
@@ -250,7 +250,7 @@ scetrap: | |||
250 | stx %i6, [%sp + PTREGS_OFF + PT_V9_I6] | 250 | stx %i6, [%sp + PTREGS_OFF + PT_V9_I6] |
251 | mov %l6, %g6 | 251 | mov %l6, %g6 |
252 | stx %i7, [%sp + PTREGS_OFF + PT_V9_I7] | 252 | stx %i7, [%sp + PTREGS_OFF + PT_V9_I7] |
253 | LOAD_PER_CPU_BASE(%g4, %g3) | 253 | LOAD_PER_CPU_BASE(%g4, %g3, %l1) |
254 | ldx [%g6 + TI_TASK], %g4 | 254 | ldx [%g6 + TI_TASK], %g4 |
255 | done | 255 | done |
256 | 256 | ||
diff --git a/arch/sparc64/kernel/rtrap.S b/arch/sparc64/kernel/rtrap.S index 89794ebdcbcf..64bc03610bc6 100644 --- a/arch/sparc64/kernel/rtrap.S +++ b/arch/sparc64/kernel/rtrap.S | |||
@@ -226,7 +226,7 @@ rt_continue: ldx [%sp + PTREGS_OFF + PT_V9_G1], %g1 | |||
226 | brz,pt %l3, 1f | 226 | brz,pt %l3, 1f |
227 | nop | 227 | nop |
228 | /* Must do this before thread reg is clobbered below. */ | 228 | /* Must do this before thread reg is clobbered below. */ |
229 | LOAD_PER_CPU_BASE(%g6, %g7) | 229 | LOAD_PER_CPU_BASE(%i0, %i1, %i2) |
230 | 1: | 230 | 1: |
231 | ldx [%sp + PTREGS_OFF + PT_V9_G6], %g6 | 231 | ldx [%sp + PTREGS_OFF + PT_V9_G6], %g6 |
232 | ldx [%sp + PTREGS_OFF + PT_V9_G7], %g7 | 232 | ldx [%sp + PTREGS_OFF + PT_V9_G7], %g7 |
diff --git a/arch/sparc64/kernel/winfixup.S b/arch/sparc64/kernel/winfixup.S index c0545d089c96..ade991b7d079 100644 --- a/arch/sparc64/kernel/winfixup.S +++ b/arch/sparc64/kernel/winfixup.S | |||
@@ -86,7 +86,7 @@ fill_fixup: | |||
86 | wrpr %l1, (PSTATE_IE | PSTATE_AG | PSTATE_RMO), %pstate | 86 | wrpr %l1, (PSTATE_IE | PSTATE_AG | PSTATE_RMO), %pstate |
87 | mov %o7, %g6 | 87 | mov %o7, %g6 |
88 | ldx [%g6 + TI_TASK], %g4 | 88 | ldx [%g6 + TI_TASK], %g4 |
89 | LOAD_PER_CPU_BASE(%g1, %g2) | 89 | LOAD_PER_CPU_BASE(%g1, %g2, %g3) |
90 | 90 | ||
91 | /* This is the same as below, except we handle this a bit special | 91 | /* This is the same as below, except we handle this a bit special |
92 | * since we must preserve %l5 and %l6, see comment above. | 92 | * since we must preserve %l5 and %l6, see comment above. |
@@ -209,7 +209,7 @@ fill_fixup_mna: | |||
209 | wrpr %l1, (PSTATE_IE | PSTATE_AG | PSTATE_RMO), %pstate | 209 | wrpr %l1, (PSTATE_IE | PSTATE_AG | PSTATE_RMO), %pstate |
210 | mov %o7, %g6 ! Get current back. | 210 | mov %o7, %g6 ! Get current back. |
211 | ldx [%g6 + TI_TASK], %g4 ! Finish it. | 211 | ldx [%g6 + TI_TASK], %g4 ! Finish it. |
212 | LOAD_PER_CPU_BASE(%g1, %g2) | 212 | LOAD_PER_CPU_BASE(%g1, %g2, %g3) |
213 | call mem_address_unaligned | 213 | call mem_address_unaligned |
214 | add %sp, PTREGS_OFF, %o0 | 214 | add %sp, PTREGS_OFF, %o0 |
215 | 215 | ||
@@ -312,7 +312,7 @@ fill_fixup_dax: | |||
312 | wrpr %l1, (PSTATE_IE | PSTATE_AG | PSTATE_RMO), %pstate | 312 | wrpr %l1, (PSTATE_IE | PSTATE_AG | PSTATE_RMO), %pstate |
313 | mov %o7, %g6 ! Get current back. | 313 | mov %o7, %g6 ! Get current back. |
314 | ldx [%g6 + TI_TASK], %g4 ! Finish it. | 314 | ldx [%g6 + TI_TASK], %g4 ! Finish it. |
315 | LOAD_PER_CPU_BASE(%g1, %g2) | 315 | LOAD_PER_CPU_BASE(%g1, %g2, %g3) |
316 | call spitfire_data_access_exception | 316 | call spitfire_data_access_exception |
317 | add %sp, PTREGS_OFF, %o0 | 317 | add %sp, PTREGS_OFF, %o0 |
318 | 318 | ||
diff --git a/include/asm-sparc64/cpudata.h b/include/asm-sparc64/cpudata.h index 16d628913837..f83768883e98 100644 --- a/include/asm-sparc64/cpudata.h +++ b/include/asm-sparc64/cpudata.h | |||
@@ -101,20 +101,25 @@ extern void setup_tba(void); | |||
101 | ldx [%g1 + %g6], %g6; | 101 | ldx [%g1 + %g6], %g6; |
102 | 102 | ||
103 | /* Given the current thread info pointer in %g6, load the per-cpu | 103 | /* Given the current thread info pointer in %g6, load the per-cpu |
104 | * area base of the current processor into %g5. REG1 and REG2 are | 104 | * area base of the current processor into %g5. REG1, REG2, and REG3 are |
105 | * clobbered. | 105 | * clobbered. |
106 | * | ||
107 | * You absolutely cannot use %g5 as a temporary in this code. The | ||
108 | * reason is that traps can happen during execution, and return from | ||
109 | * trap will load the fully resolved %g5 per-cpu base. This can corrupt | ||
110 | * the calculations done by the macro mid-stream. | ||
106 | */ | 111 | */ |
107 | #ifdef CONFIG_SMP | 112 | #ifdef CONFIG_SMP |
108 | #define LOAD_PER_CPU_BASE(REG1, REG2) \ | 113 | #define LOAD_PER_CPU_BASE(REG1, REG2, REG3) \ |
109 | ldub [%g6 + TI_CPU], REG1; \ | 114 | ldub [%g6 + TI_CPU], REG1; \ |
110 | sethi %hi(__per_cpu_shift), %g5; \ | 115 | sethi %hi(__per_cpu_shift), REG3; \ |
111 | sethi %hi(__per_cpu_base), REG2; \ | 116 | sethi %hi(__per_cpu_base), REG2; \ |
112 | ldx [%g5 + %lo(__per_cpu_shift)], %g5; \ | 117 | ldx [REG3 + %lo(__per_cpu_shift)], REG3; \ |
113 | ldx [REG2 + %lo(__per_cpu_base)], REG2; \ | 118 | ldx [REG2 + %lo(__per_cpu_base)], REG2; \ |
114 | sllx REG1, %g5, %g5; \ | 119 | sllx REG1, REG3, REG3; \ |
115 | add %g5, REG2, %g5; | 120 | add REG3, REG2, %g5; |
116 | #else | 121 | #else |
117 | #define LOAD_PER_CPU_BASE(REG1, REG2) | 122 | #define LOAD_PER_CPU_BASE(REG1, REG2, REG3) |
118 | #endif | 123 | #endif |
119 | 124 | ||
120 | #endif /* _SPARC64_CPUDATA_H */ | 125 | #endif /* _SPARC64_CPUDATA_H */ |