diff options
| author | Stefano Stabellini <stefano.stabellini@eu.citrix.com> | 2013-04-19 18:24:03 +0100 |
|---|---|---|
| committer | Ian Campbell <ian.campbell@citrix.com> | 2013-04-22 12:34:10 +0100 |
| commit | 071c61e7367987a9f71dc18c3c58a5dba659a5c8 (patch) | |
| tree | 8452deeb0799f5a87f7074932b145f923d2fdfd1 | |
| parent | b09ea2a57899624ba8da6b2efdf1901cda847616 (diff) | |
| download | xen-071c61e7367987a9f71dc18c3c58a5dba659a5c8.tar.gz xen-071c61e7367987a9f71dc18c3c58a5dba659a5c8.tar.bz2 xen-071c61e7367987a9f71dc18c3c58a5dba659a5c8.zip | |
xen/arm: do not use is_running to decide whether we can write directly to the LR registers
During context switch is_running is set for the next vcpu before the
gic state is actually saved.
This leads to possible nasty races when interrupts need to be injected
after is_running is set to the next vcpu but before the currently
running gic state has been saved from the previous vcpu.
Use current instead of is_running to check which one is the currently
running vcpu: set_current is called right before __context_switch and
schedule_tail with interrupt disabled.
Re-enabled interrupts after ctxt_switch_from, so that all the context
switch saving functions don't have to worry about receiving interrupts
while saving state.
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
| -rw-r--r-- | xen/arch/arm/domain.c | 5 | ||||
| -rw-r--r-- | xen/arch/arm/gic.c | 9 |
2 files changed, 8 insertions, 6 deletions
diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c index e3088137a4..eae42afcfd 100644 --- a/xen/arch/arm/domain.c +++ b/xen/arch/arm/domain.c @@ -213,11 +213,10 @@ static void ctxt_switch_to(struct vcpu *n) static void schedule_tail(struct vcpu *prev) { - /* Re-enable interrupts before restoring state which may fault. */ - local_irq_enable(); - ctxt_switch_from(prev); + local_irq_enable(); + /* TODO update_runstate_area(current); */ diff --git a/xen/arch/arm/gic.c b/xen/arch/arm/gic.c index 0d1ab5a1cc..c3887a9bff 100644 --- a/xen/arch/arm/gic.c +++ b/xen/arch/arm/gic.c @@ -64,12 +64,15 @@ irq_desc_t *__irq_to_desc(int irq) void gic_save_state(struct vcpu *v) { int i; + ASSERT(!local_irq_is_enabled()); - spin_lock_irq(&gic.lock); + /* No need for spinlocks here because interrupts are disabled around + * this call and it only accesses struct vcpu fields that cannot be + * accessed simultaneously by another pCPU. + */ for ( i=0; i<nr_lrs; i++) v->arch.gic_lr[i] = GICH[GICH_LR + i]; v->arch.lr_mask = this_cpu(lr_mask); - spin_unlock_irq(&gic.lock); v->arch.gic_apr = GICH[GICH_APR]; /* Disable until next VCPU scheduled */ GICH[GICH_HCR] = 0; @@ -524,7 +527,7 @@ void gic_set_guest_irq(struct vcpu *v, unsigned int virtual_irq, spin_lock_irqsave(&gic.lock, flags); - if ( v->is_running && list_empty(&v->arch.vgic.lr_pending) ) + if ( v == current && list_empty(&v->arch.vgic.lr_pending) ) { i = find_first_zero_bit(&this_cpu(lr_mask), nr_lrs); if (i < nr_lrs) { |