CVS commit: [netbsd-8] src/sys

Fri, 05 Apr 2019 00:48:37 -0700 

Module Name:    src
Committed By:   martin
Date:           Fri Apr  5 07:48:05 UTC 2019

Modified Files:
        src/sys/arch/amd64/amd64 [netbsd-8]: machdep.c netbsd32_machdep.c
        src/sys/compat/linux/arch/amd64 [netbsd-8]: linux_machdep.c
        src/sys/compat/linux32/arch/amd64 [netbsd-8]: linux32_machdep.c

Log Message:
Pull up following revision(s) (requested by maxv):

        sys/arch/amd64/amd64/netbsd32_machdep.c: revision 1.120
        sys/compat/linux/arch/amd64/linux_machdep.c: revision 1.57
        sys/compat/linux32/arch/amd64/linux32_machdep.c: revision 1.44
        sys/arch/amd64/amd64/machdep.c: revision 1.328
        sys/arch/amd64/amd64/machdep.c: revision 1.329

Fix a tiny race in setregs and linux_setregs. Between the moment we set
pcb_flags to zero, and the moment cpu_segregs64_zero resets pcb_gs, we may
be preempted.

If this happens, and if the calling LWP was a 32bit thread, when switching
back to that LWP, the context switcher sees that PCB_COMPAT32 is not set in
pcb_flags and tries to perform a 64bit context switch; but pcb_gs contains
a 32bit GDT descriptor, and not a 64bit GS.base value. The wrmsr therefore
faults because the value is non-canonical, and this fault is fatal.

Rearrange the code so that the update of pcb_flags and pcb_gs/pcb_fs is non
interruptible. This fixes the problem, tested with a reproducer (which
therefore doesn't work anymore).

Likely fixes PR/53993.

Disable preemption when setting PCB_COMPAT32, to prevent a context switch
before cpu_fsgs_reload() finishes, otherwise we write garbage in the GDT.

On NetBSD-current it is harmless, however in NetBSD-8 it might cause
panics, because NetBSD-8 uses the old SegRegs model and under this model
we reload %fs and %gs during switches.


To generate a diff of this commit:
cvs rdiff -u -r1.255.6.8 -r1.255.6.9 src/sys/arch/amd64/amd64/machdep.c
cvs rdiff -u -r1.105.2.2 -r1.105.2.3 \
    src/sys/arch/amd64/amd64/netbsd32_machdep.c
cvs rdiff -u -r1.51.6.1 -r1.51.6.2 \
    src/sys/compat/linux/arch/amd64/linux_machdep.c
cvs rdiff -u -r1.38.6.1 -r1.38.6.2 \
    src/sys/compat/linux32/arch/amd64/linux32_machdep.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Reply via email to