[PATCH] arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()
Will Deacon
will at kernel.org
Tue Jul 22 08:20:42 PDT 2025
On Mon, Jul 21, 2025 at 09:42:23PM +0000, Prundeanu, Cristian wrote:
> On Fri, Jul 18, 2025 at 03:28:14PM +0100, Ada Couprie Diaz wrote:
>
> > Completely mask DAIF in `cpu_switch_to()` and restore it when returning.
> > Do the same in `call_on_irq_stack()`, but restore and mask around
> > the branch.
> > Mask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency
> > of behaviour between all configurations.
> >
> > Introduce and use an assembly macro for saving and masking DAIF,
> > as the existing one saves but only masks IF.
> >
> > Signed-off-by: Ada Couprie Diaz <ada.coupriediaz at arm.com>
> > Reported-by: Cristian Prundeanu <cpru at amazon.com>
> > Fixes: 59b37fe52f49955791a460752c37145f1afdcad1 ("arm64: Stash shadow stack pointer in the task struct on interrupt")
>
> Confirming this fixes the spontaneous reboot previously observed when
> enabling both pseudo-NMI (irqchip.gicv3_pseudo_nmi=1) and shadow call
> stack (CONFIG_SHADOW_CALL_STACK=y). Tested both on kernel 6.16-rc7 and
> legacy kernel 6.8 where the issue was initially observed.
>
> Tested-by: Cristian Prundeanu <cpru at amazon.com>
Ah, I hadn't appreciated from the cover letter that this was fixing a
real issue seen in the field. It all sounded a bit theoretical (but more
likely with pNMI).
I'll pick it up as a fix so we can land it in v6.16.
Ard -- maybe we can rework this in future along the lines that you
suggest but, from what Mark was saying offline, there may be problems
beyond the SCS that need addressing too if we decide to leave IRQs
enabled.
Will
More information about the linux-arm-kernel
mailing list