Broken patch. Don't apply. Correct one coming.
* Mathieu Desnoyers ([EMAIL PROTECTED]) wrote:
> Fix atomicity of TIF update in flush_thread() for powerpc
>
> Race :
>
> parent process executing :
> sys_ptrace()
> (lock_kernel())
> (ptrace_get_task_struct(pid))
> arch_ptrace()
> ptrace_detach()
> ptrace_disable(child);
> clear_singlestep(child);
> clear_tsk_thread_flag(child, TIF_SINGLESTEP);
> (which clears the TIF_SINGLESTEP flag atomically from a different
> process)
> (put_task_struct(child))
> (unlock_kernel())
>
> And at the same time, in the child process :
> sys_execve()
> do_execve()
> search_binary_handler()
> load_elf_binary()
> flush_old_exec()
> flush_thread()
> doing a non-atomic thread flag update
>
> Applies on 2.6.20.
>
> Signed-off-by: Mathieu Desnoyers <[EMAIL PROTECTED]>
>
> --- a/arch/powerpc/kernel/process.c
> +++ b/arch/powerpc/kernel/process.c
> @@ -476,8 +476,13 @@ void flush_thread(void)
> #ifdef CONFIG_PPC64
> struct thread_info *t = current_thread_info();
>
> - if (t->flags & _TIF_ABI_PENDING)
> - t->flags ^= (_TIF_ABI_PENDING | _TIF_32BIT);
> + if (test_tsk_thread_flag(tsk, TIF_ABI_PENDING)) {
> + clear_tsk_thread_flag(tsk, TIF_ABI_PENDING);
> + if (test_tsk_thread_flag(tsk, TIF_32BIT))
> + clear_tsk_thread_flag(tsk, TIF_32BIT);
> + else
> + set_tsk_thread_flag(tsk, TIF_32BIT);
> + }
> #endif
>
> discard_lazy_cpu_state();
> --
> Mathieu Desnoyers
> Computer Engineering Ph.D. Student, Ecole Polytechnique de Montreal
> OpenPGP key fingerprint: 8CD5 52C3 8E3C 4140 715F BA06 3F25 A8FE 3BAE 9A68
--
Mathieu Desnoyers
Computer Engineering Ph.D. Student, Ecole Polytechnique de Montreal
OpenPGP key fingerprint: 8CD5 52C3 8E3C 4140 715F BA06 3F25 A8FE 3BAE 9A68
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
