The following commit has been merged into the core/entry branch of tip: Commit-ID: 51ed65dcfd9c61a15920a40178d471d236a7514c Gitweb: https://git.kernel.org/tip/51ed65dcfd9c61a15920a40178d471d236a7514c Author: Mark Rutland <mark.rutland@xxxxxxx> AuthorDate: Wed, 17 Nov 2021 16:30:47 Committer: Thomas Gleixner <tglx@xxxxxxxxxxxxx> CommitterDate: Fri, 26 Nov 2021 21:20:13 +01:00 powerpc: Avoid discarding flags in system_call_exception() Some thread flags can be set remotely, and so even when IRQs are disabled, the flags can change under our feet. Thus, when setting flags we must use an atomic operation rather than a plain read-modify-write sequence, as a plain read-modify-write may discard flags which are concurrently set by a remote thread, e.g. // task A // task B tmp = A->thread_info.flags; set_tsk_thread_flag(A, NEWFLAG_B); tmp |= NEWFLAG_A; A->thread_info.flags = tmp; In arch/powerpc/kernel/interrupt.c's system_call_exception(), we set _TIF_RESTOREALL in the thread info flags with a read-modify-write, which may result in other flags being discarded. Elsewhere in the file we use clear_bits() to atomically remove flag bits, so let's use set_bits() here for consistency with those. I presume there may be reasons (e.g. instrumentation) that prevent the use of set_thread_flag() and clear_thread_flag() here, which would otherwise be preferable. Fixes: ae7aaecc3f2f78b7 ("powerpc/64s: system call rfscv workaround for TM bugs") Signed-off-by: Mark Rutland <mark.rutland@xxxxxxx> Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx> Cc: Eirik Fuller <efuller@xxxxxxxxxx> Cc: Michael Ellerman <mpe@xxxxxxxxxxxxxx> Cc: Nicholas Piggin <npiggin@xxxxxxxxx> Link: https://lore.kernel.org/r/20211117163050.53986-10-mark.rutland@xxxxxxx --- arch/powerpc/kernel/interrupt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/powerpc/kernel/interrupt.c b/arch/powerpc/kernel/interrupt.c index 835b626..1c821b7 100644 --- a/arch/powerpc/kernel/interrupt.c +++ b/arch/powerpc/kernel/interrupt.c @@ -148,7 +148,7 @@ notrace long system_call_exception(long r3, long r4, long r5, */ if (IS_ENABLED(CONFIG_PPC_TRANSACTIONAL_MEM) && unlikely(MSR_TM_TRANSACTIONAL(regs->msr))) - current_thread_info()->flags |= _TIF_RESTOREALL; + set_bits(_TIF_RESTOREALL, current_thread_info()->flags); /* * If the system call was made with a transaction active, doom it and
![]() |