[PATCH] xen/arm: fix sparse cpu_possible_map calculation on SMP boot

Hirokazu Takahashi posted 1 patch 1 week, 2 days ago
Patches applied successfully (tree, apply log)
git fetch https://gitlab.com/xen-project/patchew/xen tags/patchew/20260625082108.588079-1-taka@valinux.co.jp
xen/arch/arm/smpboot.c | 27 ++++++++++++++-------------
1 file changed, 14 insertions(+), 13 deletions(-)
[PATCH] xen/arm: fix sparse cpu_possible_map calculation on SMP boot
Posted by Hirokazu Takahashi 1 week, 2 days ago
Currently, during ARM Xen's SMP initialization, if there is
a Device Tree error (such as an invalid 'enable-method'),
cpu_possible_map can end up being sparse.

The issue here is that nr_cpu_ids is calculated in a way that
doesn't properly account for the maximum CPU ID when the map is
sparse, causing a mismatch. For example, if cpu_possible_map is
0xff0f, nr_cpu_ids becomes 12, but the actual maximum CPU ID
is 15. Xen's common code is built on the assumption that
'CPU ID < nr_cpu_ids', so this mismatch can break things.

To fix this, modify dt_smp_init_cpus() so that if the
arch_cpu_init() call fails, we don't consume the CPU ID slot.

Signed-off-by: Hirokazu Takahashi <taka@valinux.co.jp>
---
 xen/arch/arm/smpboot.c | 27 ++++++++++++++-------------
 1 file changed, 14 insertions(+), 13 deletions(-)

diff --git a/xen/arch/arm/smpboot.c b/xen/arch/arm/smpboot.c
index 7f3cfa812e..aba3c24373 100644
--- a/xen/arch/arm/smpboot.c
+++ b/xen/arch/arm/smpboot.c
@@ -191,6 +191,14 @@ static void __init dt_smp_init_cpus(void)
             continue;
         }
 
+        if ( hwid != mpidr && cpuidx >= NR_CPUS )
+        {
+            printk(XENLOG_WARNING
+                   "DT /cpu %u node exceeds the max cores %u, capping them\n",
+                   cpuidx, NR_CPUS);
+            break;
+        }
+
         /*
          * Duplicate MPIDRs are a recipe for disaster. Scan all initialized
          * entries and check for duplicates. If any found just skip the node.
@@ -224,24 +232,19 @@ static void __init dt_smp_init_cpus(void)
             bootcpu_valid = true;
         }
         else
-            i = cpuidx++;
-
-        if ( cpuidx > NR_CPUS )
-        {
-            printk(XENLOG_WARNING
-                   "DT /cpu %u node greater than max cores %u, capping them\n",
-                   cpuidx, NR_CPUS);
-            cpuidx = NR_CPUS;
-            break;
-        }
+            i = cpuidx;
 
         if ( (rc = arch_cpu_init(i, cpu)) < 0 )
         {
             printk("cpu%d init failed (hwid %"PRIregister"): %d\n", i, hwid, rc);
-            tmp_map[i] = MPIDR_INVALID;
         }
         else
+        {
             tmp_map[i] = hwid;
+
+            if ( i != 0 )
+                cpuidx++;
+        }
     }
 
     if ( !bootcpu_valid )
@@ -253,8 +256,6 @@ static void __init dt_smp_init_cpus(void)
 
     for ( i = 0; i < cpuidx; i++ )
     {
-        if ( tmp_map[i] == MPIDR_INVALID )
-            continue;
         cpumask_set_cpu(i, &cpu_possible_map);
         cpu_logical_map(i) = tmp_map[i];
     }
-- 
2.43.0