Skip to content

x86 memory domain configuration not always applied correctly on context switch when partitions are added #13918

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
andrewboie opened this issue Feb 27, 2019 · 1 comment
Closed

x86 memory domain configuration not always applied correctly on context switch when partitions are added #13918

andrewboie opened this issue Feb 27, 2019 · 1 comment
Assignees
@andrewboie
Labels
area: Memory Protection bug The issue is a bug, or the PR is fixing a bug priority: high High impact/importance bug

Comments

@andrewboie
Copy link
Contributor

Scenario:

  1. Supervisor thread X modifies the memory domain that it belongs to with k_mem_domain_add_partition(), to add access to region A
  2. Context switches to User thread Y which belongs to the same domain as thread X
  3. Thread Y attempts to access region A and faults

Unlike k_mem_domain_remove_partition(), which invokes _arch_mem_domain_partition_remove() if the caller is in the same domain being worked on, k_mem_domain_add_partition() does not call into arch code at all when partitions are added, and there isn't an arch-level API for this even if we wanted to.

x86 doesn't touch the page tables on context switch if the incoming and outgoing threads are in the same memory domain.

This does not seem to be a problem on ARM or ARC.
@andrewboie andrewboie added bug The issue is a bug, or the PR is fixing a bug priority: high High impact/importance bug area: Memory Protection labels Feb 27, 2019
@andrewboie andrewboie self-assigned this Feb 27, 2019
@andrewboie andrewboie mentioned this issue Feb 27, 2019
Merged
@andrewboie
Copy link
Contributor Author

trivial fix is to unconditionally execute the teardown/setup logic for mem domains on context switch.

but I'd like to see if I can do something better.

@andrewboie andrewboie mentioned this issue Mar 2, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@andrewboie andrewboie

Labels
area: Memory Protection bug The issue is a bug, or the PR is fixing a bug priority: high High impact/importance bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@andrewboie