Fix small race in 44x tlbie function
Josh Boyer
jwboyer at linux.vnet.ibm.com
Thu Aug 9 10:06:46 EST 2007
On Thu, Aug 09, 2007 at 09:01:29AM +1000, Benjamin Herrenschmidt wrote:
> On Wed, 2007-08-08 at 16:29 -0500, Josh Boyer wrote:
> > On Wed, 8 Aug 2007 20:43:25 +0000 (UTC)
> > Hollis Blanchard <hollisb at us.ibm.com> wrote:
> >
> > > On Tue, 07 Aug 2007 14:20:50 +1000, David Gibson wrote:
> > > >
> > > > This patch fixes the problem in both arch/ppc and arch/powerpc by
> > > > inhibiting interrupts (even critical and debug interrupts) across the
> > > > relevant instructions.
> > >
> > > How could a critical or debug interrupt modify the contents of MMUCR?
> >
> > Interrupts from UICs can be configured as critical. If one of those
> > triggers, (or any other CE triggers) and causes a tlb miss, you have a
> > race. The watchdog timer interrupt also is a CE IIRC.
> >
> > CE and DE are admittedly a much smaller race, but still possible.
> > Masking EE off is the largest one.
>
> There is a much bigger problem if CEs can do tlb misses though... they
> can interrupt the tlb miss handler itself, either between the two halves
> of a tlb write, or between the write to MMUCR and the write to the tlb,
> and I suspect both cases will cause trouble.
Yes.
> We might want to check if we were in the TLB miss handler upon return
> from the CE and MCE handlers, and in this case, restart them (just
> return to the faulting instruction, that is use srr0 instead of
> csrr0/mcsrr0).
Something should be looked at, yeah.
josh
More information about the Linuxppc-dev
mailing list