From d134adeba3abd0fef8ed2046cc5bf7f877d7a77c Mon Sep 17 00:00:00 2001 From: Sebastian Huber Date: Fri, 23 May 2014 15:32:32 +0200 Subject: score: Fix race condition in SMP startup Do not use the Per_CPU_Control::started in _SMP_Start_multitasking_on_secondary_processor() since this field may be not up to date when a secondary processor reads it. Use the read-only scheduler assignment instead. Add a new fatal error SMP_FATAL_MULTITASKING_START_ON_INVALID_PROCESSOR. This prevents out-of-bounds access. It is currently not possible to test these fatal errors. One option would be to fake values of the _CPU_SMP_Get_current_processor(), but unfortunately this function is inline on some architectures. --- cpukit/score/src/smp.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'cpukit/score/src/smp.c') diff --git a/cpukit/score/src/smp.c b/cpukit/score/src/smp.c index b9d4b0a6cc..f0554fe2d5 100644 --- a/cpukit/score/src/smp.c +++ b/cpukit/score/src/smp.c @@ -121,8 +121,15 @@ void _SMP_Request_start_multitasking( void ) void _SMP_Start_multitasking_on_secondary_processor( void ) { Per_CPU_Control *self_cpu = _Per_CPU_Get(); + uint32_t cpu_index_self = _Per_CPU_Get_index( self_cpu ); + const Scheduler_Assignment *assignment = + _Scheduler_Get_assignment( cpu_index_self ); - if ( !_Per_CPU_Is_processor_started( self_cpu ) ) { + if ( cpu_index_self >= rtems_configuration_get_maximum_processors() ) { + _SMP_Fatal( SMP_FATAL_MULTITASKING_START_ON_INVALID_PROCESSOR ); + } + + if ( !_Scheduler_Should_start_processor( assignment ) ) { _SMP_Fatal( SMP_FATAL_MULTITASKING_START_ON_UNASSIGNED_PROCESSOR ); } -- cgit v1.2.3