caprevoke: Avoid validating CLGs if revocation is in progress

When forking, the GCLG and LCLGs may be out of sync if a new revocation epoch was opened (bumping the GCLG) but the background scan has not yet started (background scans block fork()). This can arise if a cheri_revoke() is called without either of the CHERI_REVOKE_LAST_PASS and CHERI_REVOKE_ASYNC flags.
CTSRD-CHERI · Oct 9, 2024 · b9a107c · b9a107c
1 parent 4d85878
commit b9a107c
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/sys/vm/vm_cheri_revoke.c b/sys/vm/vm_cheri_revoke.c
@@ -1120,6 +1120,8 @@ vm_cheri_assert_consistent_clg(struct vm_map *map)
 
 	if (!cheri_validate_clg)
 		return;
+	if (cheri_revoke_st_is_revoking(map->vm_cheri_revoke_st))
+		return;
 	VM_MAP_ENTRY_FOREACH(entry, map) {
 		if ((entry->max_protection & VM_PROT_READ_CAP) == 0)
 			continue;