[PATCH v2 14/18] powerpc: Define set_thread_used_vas()

Michael Ellerman mpe at ellerman.id.au
Thu Nov 9 22:01:28 AEDT 2017


Sukadev Bhattiprolu <sukadev at linux.vnet.ibm.com> writes:

> diff --git a/arch/powerpc/kernel/process.c b/arch/powerpc/kernel/process.c
> index d861fcd..cb5f108 100644
> --- a/arch/powerpc/kernel/process.c
> +++ b/arch/powerpc/kernel/process.c
> @@ -1234,17 +1234,17 @@ struct task_struct *__switch_to(struct task_struct *prev,
>  		 * The copy-paste buffer can only store into foreign real
>  		 * addresses, so unprivileged processes can not see the
>  		 * data or use it in any way unless they have foreign real
> -		 * mappings. We don't have a VAS driver that allocates those
> -		 * yet, so no cpabort is required.
> +		 * mappings. If the new process has the foreign real address
> +		 * mappings, we must issue a cp_abort to clear any state and
> +		 * prevent a covert channel being setup.
> +		 *
> +		 * DD1 allows paste into normal system memory so we do an
> +		 * unpaired copy, rather than cp_abort, to clear the buffer,
> +		 * since cp_abort is quite expensive.
>  		 */
> -		if (cpu_has_feature(CPU_FTR_POWER9_DD1)) {
> -			/*
> -			 * DD1 allows paste into normal system memory, so we
> -			 * do an unpaired copy here to clear the buffer and
> -			 * prevent a covert channel being set up.
> -			 *
> -			 * cpabort is not used because it is quite expensive.
> -			 */
> +		if (new_thread->used_vas) {

So this has a bug in that it's not safe to use new_thread here.

Because this is on the way out of __switch_to(), this code can run both
when switching to a new task and also when switching back to an older
task. In the latter case the task pointed to by new_thread may have
already been freed.

I've fixed it up here to use current_thread_info()->task->thread.used_vas,
so that it's always checking current.

cheers


More information about the Linuxppc-dev mailing list