From 7665985f9e09da333192a1543fddc831f1c34afa Mon Sep 17 00:00:00 2001 From: Mark Johnston Date: Fri, 13 Sep 2024 14:33:13 +0000 Subject: [PATCH] caprevoke: Fix a buggy vm_cheri_assert_consistent_clg() call vm_cheri_assert_consistent_clg() must be called with the VM map lock held. Also make sure to only call it after the epoch is closed, i.e., we have set the revocation state to CHERI_REVOKE_ST_NONE. --- sys/kern/kern_cheri_revoke.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/kern/kern_cheri_revoke.c b/sys/kern/kern_cheri_revoke.c index 8f5847d80eb2..c36258b617d5 100644 --- a/sys/kern/kern_cheri_revoke.c +++ b/sys/kern/kern_cheri_revoke.c @@ -724,7 +724,6 @@ kern_cheri_revoke(struct thread *td, int flags, /* OK, that's that. Where do we stand now? */ if (res == KERN_SUCCESS && myst == CHERI_REVOKE_ST_CLOSING) { - vm_cheri_assert_consistent_clg(&vm->vm_map); /* Signal the end of this revocation epoch */ epoch++; crepochs.dequeue = epoch; @@ -736,6 +735,8 @@ kern_cheri_revoke(struct thread *td, int flags, vm_map_lock(vmm); cheri_revoke_st_set(&vmm->vm_cheri_revoke_st, epoch, myst); + if (res == KERN_SUCCESS) + vm_cheri_assert_consistent_clg(&vm->vm_map); #ifdef CHERI_CAPREVOKE_STATS if (flags & CHERI_REVOKE_TAKE_STATS) { sx_xlock(&vmm->vm_cheri_revoke_stats_sx);