ARM: Convert VFP/Crunch/XscaleCP thread_release() to exit_thread()

This avoids races in the VFP code where the dead thread may have
state on another CPU.  By moving this code to exit_thread(), we
will be running as the thread, and therefore be running on the
current CPU.

This means that we can ensure that the only local state is accessed
in the thread notifiers.

Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
This commit is contained in:
Russell King 2009-12-18 14:34:43 +00:00
parent 2395d66d09
commit 797245f5da
5 changed files with 19 additions and 18 deletions

View File

@ -41,7 +41,7 @@ static inline void thread_notify(unsigned long rc, struct thread_info *thread)
* These are the reason codes for the thread notifier. * These are the reason codes for the thread notifier.
*/ */
#define THREAD_NOTIFY_FLUSH 0 #define THREAD_NOTIFY_FLUSH 0
#define THREAD_NOTIFY_RELEASE 1 #define THREAD_NOTIFY_EXIT 1
#define THREAD_NOTIFY_SWITCH 2 #define THREAD_NOTIFY_SWITCH 2
#endif #endif

View File

@ -51,7 +51,7 @@ static int crunch_do(struct notifier_block *self, unsigned long cmd, void *t)
* initialised state information on the first fault. * initialised state information on the first fault.
*/ */
case THREAD_NOTIFY_RELEASE: case THREAD_NOTIFY_EXIT:
crunch_task_release(thread); crunch_task_release(thread);
break; break;

View File

@ -274,17 +274,18 @@ void show_regs(struct pt_regs * regs)
__backtrace(); __backtrace();
} }
ATOMIC_NOTIFIER_HEAD(thread_notify_head);
EXPORT_SYMBOL_GPL(thread_notify_head);
/* /*
* Free current thread data structures etc.. * Free current thread data structures etc..
*/ */
void exit_thread(void) void exit_thread(void)
{ {
thread_notify(THREAD_NOTIFY_EXIT, current_thread_info());
} }
ATOMIC_NOTIFIER_HEAD(thread_notify_head);
EXPORT_SYMBOL_GPL(thread_notify_head);
void flush_thread(void) void flush_thread(void)
{ {
struct thread_info *thread = current_thread_info(); struct thread_info *thread = current_thread_info();
@ -299,9 +300,6 @@ void flush_thread(void)
void release_thread(struct task_struct *dead_task) void release_thread(struct task_struct *dead_task)
{ {
struct thread_info *thread = task_thread_info(dead_task);
thread_notify(THREAD_NOTIFY_RELEASE, thread);
} }
asmlinkage void ret_from_fork(void) __asm__("ret_from_fork"); asmlinkage void ret_from_fork(void) __asm__("ret_from_fork");

View File

@ -70,7 +70,7 @@ static int iwmmxt_do(struct notifier_block *self, unsigned long cmd, void *t)
* initialised state information on the first fault. * initialised state information on the first fault.
*/ */
case THREAD_NOTIFY_RELEASE: case THREAD_NOTIFY_EXIT:
iwmmxt_task_release(thread); iwmmxt_task_release(thread);
break; break;

View File

@ -63,14 +63,15 @@ static void vfp_thread_flush(struct thread_info *thread)
put_cpu(); put_cpu();
} }
static void vfp_thread_release(struct thread_info *thread) static void vfp_thread_exit(struct thread_info *thread)
{ {
/* release case: Per-thread VFP cleanup. */ /* release case: Per-thread VFP cleanup. */
union vfp_state *vfp = &thread->vfpstate; union vfp_state *vfp = &thread->vfpstate;
unsigned int cpu = thread->cpu; unsigned int cpu = get_cpu();
if (last_VFP_context[cpu] == vfp) if (last_VFP_context[cpu] == vfp)
last_VFP_context[cpu] = NULL; last_VFP_context[cpu] = NULL;
put_cpu();
} }
/* /*
@ -88,11 +89,13 @@ static void vfp_thread_release(struct thread_info *thread)
* but may change at any time. * but may change at any time.
* - we could be preempted if tree preempt rcu is enabled, so * - we could be preempted if tree preempt rcu is enabled, so
* it is unsafe to use thread->cpu. * it is unsafe to use thread->cpu.
* THREAD_NOTIFY_RELEASE: * THREAD_NOTIFY_EXIT
* - the thread (v) will not be running on any CPU; it is a dead thread. * - the thread (v) will be running on the local CPU, so
* - thread->cpu will be the last CPU the thread ran on, which may not * v === current_thread_info()
* be the current CPU. * - thread->cpu is the local CPU number at the time it is accessed,
* - we could be preempted if tree preempt rcu is enabled. * but may change at any time.
* - we could be preempted if tree preempt rcu is enabled, so
* it is unsafe to use thread->cpu.
*/ */
static int vfp_notifier(struct notifier_block *self, unsigned long cmd, void *v) static int vfp_notifier(struct notifier_block *self, unsigned long cmd, void *v)
{ {
@ -133,7 +136,7 @@ static int vfp_notifier(struct notifier_block *self, unsigned long cmd, void *v)
if (cmd == THREAD_NOTIFY_FLUSH) if (cmd == THREAD_NOTIFY_FLUSH)
vfp_thread_flush(thread); vfp_thread_flush(thread);
else else
vfp_thread_release(thread); vfp_thread_exit(thread);
return NOTIFY_DONE; return NOTIFY_DONE;
} }