s390: fix preemption race in disable_sacf_uaccess

With CONFIG_PREEMPT=y there is a possible race in disable_sacf_uaccess. The new set_fs value needs to be stored the the task structure first, the control register update needs to be second. Otherwise a preemptive schedule may interrupt the code right after the control register update has been done and the next time the task is scheduled we get an incorrect value in the control register due to the old set_fs setting. Fixes: 0aaba41b ("s390: remove all code using the access register mode") Signed-off-by: N Martin Schwidefsky <schwidefsky@de.ibm.com>

s390: fix preemption race in disable_sacf_uaccess
With CONFIG_PREEMPT=y there is a possible race in disable_sacf_uaccess. The new set_fs value needs to be stored the the task structure first, the control register update needs to be second. Otherwise a preemptive schedule may interrupt the code right after the control register update has been done and the next time the task is scheduled we get an incorrect value in the control register due to the old set_fs setting. Fixes: 0aaba41b ("s390: remove all code using the access register mode") Signed-off-by: N Martin Schwidefsky <schwidefsky@de.ibm.com>
9f37e797 · Martin Schwidefsky · 366d8216 · 9f37e797
显示空白变更内容
内联并排

Showing with 1 addition and 1 deletion

arch/s390/lib/uaccess.c arch/s390/lib/uaccess.c +1 -1

未找到文件。
--- a/arch/s390/lib/uaccess.c
+++ b/arch/s390/lib/uaccess.c
@@ -89,11 +89,11 @@ EXPORT_SYMBOL(enable_sacf_uaccess);
 void disable_sacf_uaccess(mm_segment_t old_fs)
 {
+	current->thread.mm_segment = old_fs;
 	if (old_fs == USER_DS && test_facility(27)) {
 		__ctl_load(S390_lowcore.user_asce, 1, 1);
 		clear_cpu_flag(CIF_ASCE_PRIMARY);
 	}
-	current->thread.mm_segment = old_fs;
 }
 EXPORT_SYMBOL(disable_sacf_uaccess);