diff options
| author | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2014-05-23 15:32:32 +0200 |
|---|---|---|
| committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2014-05-26 08:56:44 +0200 |
| commit | d134adeba3abd0fef8ed2046cc5bf7f877d7a77c (patch) | |
| tree | 4ad0cb5a60e30d196c21654213b953685ca5d3ce /cpukit/score/src/smp.c | |
| parent | bsp/gdbarmsim: Change syscall functions to not clash with RTEMS functions. (diff) | |
| download | rtems-d134adeba3abd0fef8ed2046cc5bf7f877d7a77c.tar.bz2 | |
score: Fix race condition in SMP startup
Do not use the Per_CPU_Control::started in
_SMP_Start_multitasking_on_secondary_processor() since this field may be
not up to date when a secondary processor reads it. Use the read-only
scheduler assignment instead.
Add a new fatal error SMP_FATAL_MULTITASKING_START_ON_INVALID_PROCESSOR.
This prevents out-of-bounds access.
It is currently not possible to test these fatal errors. One option
would be to fake values of the _CPU_SMP_Get_current_processor(), but
unfortunately this function is inline on some architectures.
Diffstat (limited to 'cpukit/score/src/smp.c')
| -rw-r--r-- | cpukit/score/src/smp.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/cpukit/score/src/smp.c b/cpukit/score/src/smp.c index b9d4b0a6cc..f0554fe2d5 100644 --- a/cpukit/score/src/smp.c +++ b/cpukit/score/src/smp.c @@ -121,8 +121,15 @@ void _SMP_Request_start_multitasking( void ) void _SMP_Start_multitasking_on_secondary_processor( void ) { Per_CPU_Control *self_cpu = _Per_CPU_Get(); + uint32_t cpu_index_self = _Per_CPU_Get_index( self_cpu ); + const Scheduler_Assignment *assignment = + _Scheduler_Get_assignment( cpu_index_self ); - if ( !_Per_CPU_Is_processor_started( self_cpu ) ) { + if ( cpu_index_self >= rtems_configuration_get_maximum_processors() ) { + _SMP_Fatal( SMP_FATAL_MULTITASKING_START_ON_INVALID_PROCESSOR ); + } + + if ( !_Scheduler_Should_start_processor( assignment ) ) { _SMP_Fatal( SMP_FATAL_MULTITASKING_START_ON_UNASSIGNED_PROCESSOR ); } |