[PATCH v3 2/5] ARM: mm: fault: Enable interrupts before invoking __do_user_fault()

[Sebastian Andrzej Siewior]

On 2025-11-10 15:55:52 [+0100], To linux-arm-kernel at lists.infradead.org wrote:
|
|   https://www.armlinux.org.uk/developer/patches/viewpatch.php?id=9460/1
|
| Moved to Discarded.
|
| This makes the issues with the branch predictor hardening worse if this
| patch is merged on its own - since this adds another path where
| interrupts are enabled before calling harden_branch_predictor() in
| __do_user_fault(). It would be sensible to move the interrupt enable
| into __do_user_fault().
|
|    *** PLEASE DO NOT REPLY TO THIS MESSAGE ***

I thought that we apply both.
In 9462/1 I am moving harden_branch_predictor() out of __do_user_fault()
because do_page_fault() needs the hardening before the interrupts are
enabled. Do mean something like

diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c
index 2bc828a1940c0..f70b98fb562b3 100644
--- a/arch/arm/mm/fault.c
+++ b/arch/arm/mm/fault.c
@@ -186,6 +186,7 @@ __do_user_fault(unsigned long addr, unsigned int fsr, unsigned int sig,
 	if (addr > TASK_SIZE)
 		harden_branch_predictor();
 
+	local_irq_enable();
 #ifdef CONFIG_DEBUG_USER
 	if (((user_debug & UDBG_SEGV) && (sig == SIGSEGV)) ||
 	    ((user_debug & UDBG_BUS)  && (sig == SIGBUS))) {
@@ -274,8 +275,13 @@ do_page_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
 
 
 	/* Enable interrupts if they were enabled in the parent context. */
-	if (interrupts_enabled(regs))
+	if (interrupts_enabled(regs)) {
+		if (addr >= TASK_SIZE && user_mode(regs)) {
+			__do_user_fault(addr, fsr, SIGSEGV, SEGV_MAPERR, regs);
+			return 0;
+		}
 		local_irq_enable();
+	}
 
 	/*
 	 * If we're in an interrupt or have no user

instead both patches? So now we end up in __do_user_fault() via
do_page_fault() with enabled interrupts but only for addr < TASK_SIZE
which does not involve harden_branch_predictor().

Sebastian