[PATCH v2 0/2] arm64: kprobes: fix XOL preemption window

Next message: Konrad Dybcio: "Re: [PATCH] arm64: dts: qcom: qcs6490-rb3gen2: Adjust tsens thermal zone configuration"
Previous message: Christian Brauner: "Re: [PATCH 2/2] io_uring/bpf_filter: pass in expected filter payload size"
Next in thread: Khaja Hussain Shaik Khaji: "[PATCH v2 1/2] arm64: kprobes: disable preemption across XOL single-step"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Khaja Hussain Shaik Khaji

Date: Tue Feb 17 2026 - 08:39:10 EST

Hi Mark,

Thanks for the detailed analysis.

You're right that this is not BTI-specific. The underlying issue is that
XOL execution assumes per-CPU kprobe state remains intact across exception
return, which can be violated if execution is preempted or migrated
during the XOL window.

This v2 series addresses the root cause of kprobe crashes that the
previous BTI workaround addressed only indirectly: disable preemption
across the XOL instruction and re-enable it in the SS-BRK handler. This
ensures the XOL/SS-BRK pair executes on the same CPU and avoids corruption
of per-CPU kprobe state.

Regarding triggering: this was observed with kretprobes during long
stability runs (800+ hours on dwc3 paths), where XOL execution may be
preempted or migrated before the SS-BRK is handled, resulting in
incorrect per-CPU kprobe state.

This series leaves BTI handling unchanged and avoids emulating BTI as
NOP.

Khaja Hussain Shaik Khaji (2):
arm64: kprobes: disable preemption across XOL single-step
arm64: insn: drop NOP from steppable hint list

arch/arm64/include/asm/insn.h | 1 -
arch/arm64/kernel/probes/kprobes.c | 13 +++++++++++++
2 files changed, 13 insertions(+), 1 deletion(-)

--
2.34.1