TLB corruption in 2.4.31 scenario?

From: Keith Owens <kaos_at_sgi.com>
Date: 2005-06-15 16:31:23
Mario cannot get to the ia64 list, so I am forwarding this for him.
Please cc Mario on any replies.

------- Forwarded Message

  I noticed during a do_fork() -> copy_mm() -> dup_mmap()  - flush_tlb_mm()
gets called that clears current->mm->context. Now if on another
CPU is running wrap_mmu_context() it can potenitally
step over this context number and assign an alias context to
a new task, then there is a window between the flushing of
the TLB and some other task getting its new context
assigned and returning to user space.  Do you think
there is potential here?

The question comes from TLB aliasing like core files that
I've analyzed. We have not been able to isolate this to
a self-contained executable so the next best thing I could
do is read the code, the issue is very critical for us.

I'd appreciate any insights you may have, btw I can't get
on the ia64 maillist for some reason.


- mario



------- End of Forwarded Message


-
To unsubscribe from this list: send the line "unsubscribe linux-ia64" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Received on Wed Jun 15 02:32:03 2005

This archive was generated by hypermail 2.1.8 : 2005-08-02 09:20:39 EST