sem_holder.c: Replace addrenv_select with kmm_map for holder sem access

The holder list can be modified via interrupt so using addrenv_select is not safe. Access the semaphore by mapping it into kernel virtual memory instead.
2024-12-17 16:04:52 +02:00 · 2024-12-17 16:04:52 +02:00 · ea020a4eae
commit ea020a4eae
parent 510d9659b4
1 changed files with 9 additions and 17 deletions
--- a/sched/semaphore/sem_holder.c
+++ b/sched/semaphore/sem_holder.c
@ -30,8 +30,8 @@
 #include <assert.h>
 #include <debug.h>

-#include <nuttx/addrenv.h>
 #include <nuttx/arch.h>
+#include <nuttx/mm/kmap.h>

 #include "sched/sched.h"
 #include "semaphore/semaphore.h"
@ -98,6 +98,10 @@ nxsem_allocholder(FAR sem_t *sem, FAR struct tcb_s *htcb)
      PANIC();
    }

+#ifdef CONFIG_MM_KMAP
+  sem = kmm_map_user(this_task(), sem, sizeof(*sem));
+#endif
+
  pholder->sem    = sem;
  pholder->htcb   = htcb;
  pholder->counts = 0;
@ -194,6 +198,10 @@ static inline void nxsem_freeholder(FAR sem_t *sem,
        }
    }

+#ifdef CONFIG_MM_KMAP
+  kmm_unmap(pholder->sem);
+#endif
+
  /* Release the holder and counts */

  pholder->tlink  = NULL;
@ -398,15 +406,6 @@ static void nxsem_restore_priority(FAR struct tcb_s *htcb)
    {
      FAR struct semholder_s *pholder;

-#ifdef CONFIG_ARCH_ADDRENV
-      FAR struct addrenv_s *oldenv;
-
-      if (htcb->addrenv_own)
-        {
-          addrenv_select(htcb->addrenv_own, &oldenv);
-        }
-#endif
-
      /* Try to find the highest priority across all the threads that are
       * waiting for any semaphore held by htcb.
       */
@ -424,13 +423,6 @@ static void nxsem_restore_priority(FAR struct tcb_s *htcb)
            }
        }

-#ifdef CONFIG_ARCH_ADDRENV
-      if (htcb->addrenv_own)
-        {
-          addrenv_restore(oldenv);
-        }
-#endif
-
      /* Apply the selected priority to the thread (hopefully back to the
       * threads base_priority).
       */