From 54e08cfed5c6e9dd15cc5adb62d1eb7bc5cb2978 Mon Sep 17 00:00:00 2001
From: Stefan Kalkowski <stefan.kalkowski@genode-labs.com>
Date: Tue, 29 May 2012 11:14:53 +0200
Subject: [PATCH] Fiasco.OC: make capability ref-counter thread-safe

Introduce process global spin-lock for Cap_index's reference-counter
to avoid non-atomic increment/decrement of the counter. Here, we don't
use a static Spinlock object, because it's constructor wouldn't be
initialized before used for the first time.
---
 base-foc/include/base/cap_map.h  |  4 ++--
 base-foc/src/base/env/cap_map.cc | 24 ++++++++++++++++++++++++
 2 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/base-foc/include/base/cap_map.h b/base-foc/include/base/cap_map.h
index aa4179b46..320c3e7fa 100644
--- a/base-foc/include/base/cap_map.h
+++ b/base-foc/include/base/cap_map.h
@@ -64,8 +64,8 @@ namespace Genode
 			bool     used()  const   { return _id != UNUSED;     }
 			uint16_t id()    const   { return _id;               }
 			void     id(uint16_t id) { _id = id;                 }
-			uint8_t  inc()           { return ++_ref_cnt;        }
-			uint8_t  dec()           { return --_ref_cnt;        }
+			uint8_t  inc();
+			uint8_t  dec();
 			addr_t   kcap();
 
 			void* operator new    (size_t size, Cap_index* idx) { return idx; }
diff --git a/base-foc/src/base/env/cap_map.cc b/base-foc/src/base/env/cap_map.cc
index b305f6c1f..6a46ad733 100644
--- a/base-foc/src/base/env/cap_map.cc
+++ b/base-foc/src/base/env/cap_map.cc
@@ -18,6 +18,9 @@
 
 #include <util/assert.h>
 
+/* Lock implementation local include */
+#include <spin_lock.h>
+
 namespace Fiasco {
 #include <l4/sys/consts.h>
 #include <l4/sys/task.h>
@@ -28,6 +31,9 @@ namespace Fiasco {
  **  Cap_index class  **
  ***********************/
 
+static volatile int _cap_index_spinlock = SPINLOCK_UNLOCKED;
+
+
 bool Genode::Cap_index::higher(Genode::Cap_index *n) { return n->_id > _id; }
 
 
@@ -46,6 +52,24 @@ Genode::addr_t Genode::Cap_index::kcap() {
 	return cap_idx_alloc()->idx_to_kcap(this); }
 
 
+Genode::uint8_t Genode::Cap_index::inc()
+{
+	spinlock_lock(&_cap_index_spinlock);
+	Genode::uint8_t ret = ++_ref_cnt;
+	spinlock_unlock(&_cap_index_spinlock);
+	return ret;
+}
+
+
+Genode::uint8_t Genode::Cap_index::dec()
+{
+	spinlock_lock(&_cap_index_spinlock);
+	Genode::uint8_t ret = --_ref_cnt;
+	spinlock_unlock(&_cap_index_spinlock);
+	return ret;
+}
+
+
 /****************************
  **  Capability_map class  **
  ****************************/