[PATCH] ARM: vfp: avoid unbalanced stack on 'success' return path
Linus Walleij
linus.walleij at linaro.org
Sun May 7 23:17:41 PDT 2023
On Sat, May 6, 2023 at 6:13 PM Ard Biesheuvel <ardb at kernel.org> wrote:
> Commit c76c6c4ecbec0deb5 ("ARM: 9294/2: vfp: Fix broken softirq handling
> with instrumentation enabled") updated the VFP exception entry logic to
> go via a C function, so that we get the compiler's version of
> local_bh_disable(), which may be instrumented, and isn't generally
> callable from assembler.
>
> However, this assumes that passing an alternative 'success' return
> address works in C as it does in asm, and this is only the case if the C
> calls in question are tail calls, as otherwise, the stack will need some
> unwinding as well.
Aha I get it.
> I have already sent patches to the list that replace most of the asm
> logic with C code, and so it is preferable to have a minimal fix that
> addresses the issue and can be backported along with the commit that it
> fixes to v6.3 from v6.4. Hopefully, we can land the C conversion for v6.5.
>
> So instead of passing the 'success' return address as a function
> argument, pass the stack address from where to pop it so that both LR
> and SP have the expected value.
>
> Fixes: c76c6c4ecbec0deb5 ("ARM: 9294/2: vfp: Fix broken softirq handling with ...")
> Reported-by: syzbot+d4b00edc2d0c910d4bf4 at syzkaller.appspotmail.com
> Signed-off-by: Ard Biesheuvel <ardb at kernel.org>
FWIW: Looks correct to me!
Reviewed-by: Linus Walleij <linus.walleij at linaro.org>
Yours,
Linus Walleij
More information about the linux-arm-kernel
mailing list