sched/addrenv, binfmt: Always allocate address environment from heap

Instead of using a volatile storage for the address environment in the binfmt / loadinfo structures, always allocate the address environment from kheap. This serves two purposes: - If the task creation fails, any kernel thread that depends on the address environment created during task creation will not lose their mappings (because they hold a reference to it) - The current address environment variable (g_addrenv) will NEVER contain a stale / incorrect value - Releasing the address environment is simplified as any pointer given to addrenv_drop() can be assumed to be heap memory - Makes the kludge function addrenv_clear_current irrelevant, as the system will NEVER have invalid mappings any more
2026-06-05 15:58:59 +08:00 · 2023-04-13 11:48:06 +03:00
parent 53d4b9ed54
commit 64d8249895
8 changed files with 51 additions and 161 deletions
@@ -117,7 +117,7 @@ int exec_module(FAR struct binary_s *binp,
 {
  FAR struct task_tcb_s *tcb;
 #if defined(CONFIG_ARCH_ADDRENV) && defined(CONFIG_BUILD_KERNEL)
-  FAR struct arch_addrenv_s *addrenv = &binp->addrenv.addrenv;
+  FAR struct arch_addrenv_s *addrenv = &binp->addrenv->addrenv;
  FAR void *vheap;
 #endif
  FAR void *stackaddr = NULL;
@@ -165,7 +165,7 @@ int exec_module(FAR struct binary_s *binp,
 #if defined(CONFIG_ARCH_ADDRENV) && defined(CONFIG_BUILD_KERNEL)
  /* Instantiate the address environment containing the user heap */

-  ret = addrenv_select(&binp->addrenv);
+  ret = addrenv_select(binp->addrenv);
  if (ret < 0)
    {
      berr("ERROR: addrenv_select() failed: %d\n", ret);
@@ -242,7 +242,7 @@ int exec_module(FAR struct binary_s *binp,
 #ifdef CONFIG_ARCH_ADDRENV
  /* Attach the address environment to the new task */

-  ret = addrenv_attach((FAR struct tcb_s *)tcb, &binp->addrenv);
+  ret = addrenv_attach((FAR struct tcb_s *)tcb, binp->addrenv);
  if (ret < 0)
    {
      berr("ERROR: addrenv_attach() failed: %d\n", ret);
@@ -271,11 +271,7 @@ static int elf_loadbinary(FAR struct binary_s *binp,
   * needed when the module is executed.
   */

-  up_addrenv_clone(&loadinfo.addrenv.addrenv, &binp->addrenv.addrenv);
-
-  /* Take a reference to the address environment, so it won't get freed */
-
-  addrenv_take(&binp->addrenv);
+  binp->addrenv = loadinfo.addrenv;

 #else
  binp->alloc[0]  = (FAR void *)loadinfo.textalloc;
@@ -84,24 +84,30 @@ int elf_addrenv_alloc(FAR struct elf_loadinfo_s *loadinfo, size_t textsize,
                      size_t datasize, size_t heapsize)
 {
 #ifdef CONFIG_ARCH_ADDRENV
-  FAR struct arch_addrenv_s *addrenv = &loadinfo->addrenv.addrenv;
+  FAR struct arch_addrenv_s *addrenv;
  FAR void *vtext;
  FAR void *vdata;
  int ret;

  /* Create an address environment for the new ELF task */

+  loadinfo->addrenv = addrenv_allocate();
+  if (!loadinfo->addrenv)
+    {
+      return -ENOMEM;
+    }
+
+  /* Start creating the address environment sections */
+
+  addrenv = &loadinfo->addrenv->addrenv;
+
  ret = up_addrenv_create(textsize, datasize, heapsize, addrenv);
  if (ret < 0)
    {
      berr("ERROR: up_addrenv_create failed: %d\n", ret);
-      return ret;
+      goto errout_with_addrenv;
    }

-  /* Take a reference to the address environment, so it won't get freed */
-
-  addrenv_take(&loadinfo->addrenv);
-
  /* Get the virtual address associated with the start of the address
   * environment.  This is the base address that we will need to use to
   * access the ELF image (but only if the address environment has been
@@ -112,19 +118,24 @@ int elf_addrenv_alloc(FAR struct elf_loadinfo_s *loadinfo, size_t textsize,
  if (ret < 0)
    {
      berr("ERROR: up_addrenv_vtext failed: %d\n", ret);
-      return ret;
+      goto errout_with_addrenv;
    }

  ret = up_addrenv_vdata(addrenv, textsize, &vdata);
  if (ret < 0)
    {
      berr("ERROR: up_addrenv_vdata failed: %d\n", ret);
-      return ret;
+      goto errout_with_addrenv;
    }

  loadinfo->textalloc = (uintptr_t)vtext;
  loadinfo->dataalloc = (uintptr_t)vdata;
+
  return OK;
+
+errout_with_addrenv:
+  addrenv_drop(loadinfo->addrenv, false);
+  return ret;
 #else
  /* Allocate memory to hold the ELF image */

@@ -177,7 +188,7 @@ int elf_addrenv_select(FAR struct elf_loadinfo_s *loadinfo)

  /* Instantiate the new address environment */

-  ret = addrenv_select(&loadinfo->addrenv);
+  ret = addrenv_select(loadinfo->addrenv);
  if (ret < 0)
    {
      berr("ERROR: addrenv_select failed: %d\n", ret);
@@ -186,7 +197,7 @@ int elf_addrenv_select(FAR struct elf_loadinfo_s *loadinfo)

  /* Allow write access to .text */

-  ret = up_addrenv_mprot(&loadinfo->addrenv.addrenv, loadinfo->textalloc,
+  ret = up_addrenv_mprot(&loadinfo->addrenv->addrenv, loadinfo->textalloc,
                         loadinfo->textsize, ELF_TEXT_WRE);
  if (ret < 0)
    {
@@ -219,7 +230,7 @@ int elf_addrenv_restore(FAR struct elf_loadinfo_s *loadinfo)

  /* Remove write access to .text */

-  ret = up_addrenv_mprot(&loadinfo->addrenv.addrenv, loadinfo->textalloc,
+  ret = up_addrenv_mprot(&loadinfo->addrenv->addrenv, loadinfo->textalloc,
                         loadinfo->textsize, ELF_TEXT_WRD);
  if (ret < 0)
    {
@@ -261,15 +272,10 @@ int elf_addrenv_restore(FAR struct elf_loadinfo_s *loadinfo)
 void elf_addrenv_free(FAR struct elf_loadinfo_s *loadinfo)
 {
 #ifdef CONFIG_ARCH_ADDRENV
-  int ret;

  /* Free the address environment */

-  ret = up_addrenv_destroy(&loadinfo->addrenv.addrenv);
-  if (ret < 0)
-    {
-      berr("ERROR: up_addrenv_destroy failed: %d\n", ret);
-    }
+  addrenv_drop(loadinfo->addrenv, false);
 #else

  if (loadinfo->textalloc != 0)