[PATCH v2 5/5] riscv: mm: Unconditionally sfence.vma for spurious fault

Next message: Benjamin Marzinski: "Re: [PATCH 12/24] scsi-multipath: provide callbacks for path state"
Previous message: Vivian Wang: "[PATCH v2 2/5] riscv: kfence: Call mark_new_valid_map() for kfence_unprotect()"
In reply to: Vivian Wang: "[PATCH v2 2/5] riscv: kfence: Call mark_new_valid_map() for kfence_unprotect()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Vivian Wang

Date: Tue Mar 03 2026 - 00:32:00 EST

Svvptc does not guarantee that it's safe to just return here. Since we
have already cleared our bit, if, theoretically, the bounded timeframe
for the accessed page to become valid still hasn't happened after sret,
we could fault again and actually crash.

Hopefully, these spurious faults should be rare enough that this is an
acceptable slowdown.

Cc: <stable@xxxxxxxxxxxxxxx>
Fixes: 503638e0babf ("riscv: Stop emitting preventive sfence.vma for new vmalloc mappings")
Signed-off-by: Vivian Wang <wangruikang@xxxxxxxxxxx>
---
arch/riscv/kernel/entry.S | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S
index 9c6acfd09141..34717bd1fa91 100644
--- a/arch/riscv/kernel/entry.S
+++ b/arch/riscv/kernel/entry.S
@@ -75,8 +75,11 @@
/* Atomically reset the current cpu bit in new_valid_map_cpus */
amoxor.d a0, a1, (a0)

- /* Only emit a sfence.vma if the uarch caches invalid entries */
- ALTERNATIVE("sfence.vma", "nop", 0, RISCV_ISA_EXT_SVVPTC, 1)
+ /*
+ * A sfence.vma is required here. Even if we had Svvptc, there's no
+ * guarantee that after returning we wouldn't just fault again.
+ */
+ sfence.vma

REG_L a0, TASK_TI_A0(tp)
REG_L a1, TASK_TI_A1(tp)

--
2.53.0