2014-07-22 12:16:40

by Aaro Koskinen

Subject: [PATCH] MIPS: OCTEON: make get_system_type() thread-safe

get_system_type() is not thread-safe on OCTEON. It uses static data,
also more dangerous issue is that it's calling cvmx_fuse_read_byte()
every time without any synchronization. Currently it's possible to get
processes stuck looping forever in kernel simply by launching multiple
readers of /proc/cpuinfo:

(while true; do cat /proc/cpuinfo > /dev/null; done) &
(while true; do cat /proc/cpuinfo > /dev/null; done) &
...

Fix by initializing the system type string only once during the early
boot.

Signed-off-by: Aaro Koskinen <[email protected]>
Cc: [email protected]
---
arch/mips/cavium-octeon/setup.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/arch/mips/cavium-octeon/setup.c b/arch/mips/cavium-octeon/setup.c
index 008e9c8..c9d9c62 100644
--- a/arch/mips/cavium-octeon/setup.c
+++ b/arch/mips/cavium-octeon/setup.c
@@ -458,6 +458,18 @@ static void octeon_halt(void)
octeon_kill_core(NULL);
}

+static char __read_mostly octeon_system_type[80];
+
+static int __init init_octeon_system_type(void)
+{
+ snprintf(octeon_system_type, sizeof(octeon_system_type), "%s (%s)",
+ cvmx_board_type_to_string(octeon_bootinfo->board_type),
+ octeon_model_get_string(read_c0_prid()));
+
+ return 0;
+}
+early_initcall(init_octeon_system_type);
+
/**
* Return a string representing the system type
*
@@ -465,11 +477,7 @@ static void octeon_halt(void)
*/
const char *octeon_board_type_string(void)
{
- static char name[80];
- sprintf(name, "%s (%s)",
- cvmx_board_type_to_string(octeon_bootinfo->board_type),
- octeon_model_get_string(read_c0_prid()));
- return name;
+ return octeon_system_type;
}

const char *get_system_type(void)
--
2.0.0

2014-07-22 12:32:04

by Markos Chandras

Subject: Re: [PATCH] MIPS: OCTEON: make get_system_type() thread-safe

On 07/22/2014 12:51 PM, Aaro Koskinen wrote:
> get_system_type() is not thread-safe on OCTEON. It uses static data,
> also more dangerous issue is that it's calling cvmx_fuse_read_byte()
> every time without any synchronization. Currently it's possible to get
> processes stuck looping forever in kernel simply by launching multiple
> readers of /proc/cpuinfo:
>
> (while true; do cat /proc/cpuinfo > /dev/null; done) &
> (while true; do cat /proc/cpuinfo > /dev/null; done) &
> ...
>
> Fix by initializing the system type string only once during the early
> boot.
>
> Signed-off-by: Aaro Koskinen <[email protected]>
> Cc: [email protected]
> ---
> arch/mips/cavium-octeon/setup.c | 18 +++++++++++++-----
> 1 file changed, 13 insertions(+), 5 deletions(-)
>

It looks reasonable to me.

Reviewed-by: Markos Chandras <[email protected]>

--
markos