On Thu, Dec 3, 2020 at 9:07 PM Andy Lutomirski <luto@xxxxxxxxxx> wrote:
>
> membarrier() does not explicitly sync_core() remote CPUs; instead, it
> relies on the assumption that an IPI will result in a core sync. On
> x86, I think this may be true in practice, but it's not architecturally
> reliable. In particular, the SDM and APM do not appear to guarantee
> that interrupt delivery is serializing. While IRET does serialize, IPI
> return can schedule, thereby switching to another task in the same mm
> that was sleeping in a syscall. The new task could then SYSRET back to
> usermode without ever executing IRET.
>
> Make this more robust by explicitly calling sync_core_before_usermode()
> on remote cores. (This also helps people who search the kernel tree for
> instances of sync_core() and sync_core_before_usermode() -- one might be
> surprised that the core membarrier code doesn't currently show up in a
> such a search.)
>
Fixes: 70216e18e519 ("membarrier: Provide core serializing command,
*_SYNC_CORE")
> Cc: stable@xxxxxxxxxxxxxxx
> Reviewed-by: Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx>
> Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxx>
