提交 c4a7bba2 编写于 作者: A Andy Lutomirski 提交者: Ingo Molnar

sched/x86: Add a comment clarifying LDT context switching

The code is correct, but only for a rather subtle reason.  This
confused me for quite a while when I read switch_mm, so clarify
the code to avoid confusing other people, too.

TBH, I wouldn't be surprised if this code was only correct by
accident.

[ I wouldn't normally send a comment-only patch, but it took me a long
  time to first figure out wtf was going on here, and then to figure
  out why this wasn't exploitable by malicious code, and then to
  figure out why this oddity had no user-visible effect at all.  Let's
  spare future readers the same confusion. ]
Signed-off-by: NAndy Lutomirski <luto@amacapital.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Link: http://lkml.kernel.org/r/36275c99801a87d8dcf0502a41cf4e2ad81aae46.1412623954.git.luto@amacapital.netSigned-off-by: NIngo Molnar <mingo@kernel.org>
上级 2c7577a7
......@@ -53,7 +53,16 @@ static inline void switch_mm(struct mm_struct *prev, struct mm_struct *next,
/* Stop flush ipis for the previous mm */
cpumask_clear_cpu(cpu, mm_cpumask(prev));
/* Load the LDT, if the LDT is different: */
/*
* Load the LDT, if the LDT is different.
*
* It's possible leave_mm(prev) has been called. If so,
* then prev->context.ldt could be out of sync with the
* LDT descriptor or the LDT register. This can only happen
* if prev->context.ldt is non-null, since we never free
* an LDT. But LDTs can't be shared across mms, so
* prev->context.ldt won't be equal to next->context.ldt.
*/
if (unlikely(prev->context.ldt != next->context.ldt))
load_LDT_nolock(&next->context);
}
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册