You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@nuttx.apache.org by GitBox <gi...@apache.org> on 2021/03/26 13:09:15 UTC

[GitHub] [incubator-nuttx] xiaoxiang781216 edited a comment on issue #3168: Move internal globals to TLS to protect mutual access on FLAT mode

xiaoxiang781216 edited a comment on issue #3168:
URL: https://github.com/apache/incubator-nuttx/issues/3168#issuecomment-808200522


   > I meant to copy this here yesterday but I accientally put this in PR #3182:
   > 
   > > > From PR #3170
   > > > I am beginning to think that the best way to implement per-process globals might be the same way that we already implement other per-process, application data like file descriptor, streams, etc. Allocate then with umm_malloc(), but retain them in the group structure with the system call to access them.
   > > 
   > > 
   > > Yes, it's another approach, but why not move all pure userspace stuff to the main stack? So we don't have to put some special FILE function inside the kernel space.
   > 
   > I don't know how to do that and moving ALL of the userspace stuff to the main stack is more than I can offer to do now. There is no interface that will support a thread's access to data stored in the main thread's stack. How would you do that? A new non-standard OS interface?
   > 
   
   The non-standard OS interface already exist, we don't need new one.
   
   > I think would need:
   > 
   > * A correctly working getpid(), and
   
   But it isn't really required. If we reserve -1 as the current main thread(just like 0 mean the current thread).
   
   > * A new TLS interface that will get the TLS data from the main thread (or perhaps any thread given the pid?  No, that would be a security problem).
   > 
   
   You have defined one in errno patch:
   ```
   int nxsched_get_stackinfo(pid_t pid, FAR struct stackinfo_s *stackinfo)
   ```
   And do the correct security check:
   ```
         if ((rtcb->flags & TCB_FLAG_TTYPE_MASK) != TCB_FLAG_TTYPE_KERNEL)
           {
             /* It is an application thread.  It is permitted to query
              * only threads within the same task group.  It is not permitted
              * to peek into the stacks of either kernel threads or other
              * applications tasks.
              */
   
             if (rtcb->group != qtcb->group)
               {
                 return -EACCES;
               }
           }
   ```
   
   > So I think we are dead in the water for now:
   > 
   > * getopt() needs process-specific data (It does not need TLS or a pthread data destructor).
   > * We don't have agreement on how to do process-specific data
   > 
   > I will do something else today. This is not ready to implement.
   
   So, all primitive funtions are there, the major work is to reorginize the data struture and source file. Yes, the reorg self is a huge change.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org