From nobody Mon Dec 1 22:37:16 2025 Received: from mail-ot1-f44.google.com (mail-ot1-f44.google.com [209.85.210.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4813E313521 for ; Wed, 26 Nov 2025 17:46:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.44 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1764179197; cv=none; b=AqmHheeSJ2Xm9Ay7FxHZxpzhKfKp/yMfNEaonvDyopfixYJNzENzOp5kilV4jI7hcePqakJXWqC0ljb7fRqJ0lnBzT16Ue5gP/sZUuo08jP076Qd94ree0BvUdUdZ7+NKqFJaH/dXb4rjBeuUjQIfJ07u7nQ4ChQbV93V4q/y6A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1764179197; c=relaxed/simple; bh=9U+GnrSlG5sCxW9pY3HRrBJ7UI24sm2FPtmuWSKIX9Y=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:To:Cc; b=l7q4vos5bkWivLVU+xl5TrA+gubiSdnBhjO4ZFL+H0sX+1RKEkgExsHObnPnbBnaN/l1k5yx/LnZDlyBcpqkbyOO+DM54zES6Eqpqmm4w5DetDozyFvYTZ5WM5rA71gag7s+vfpIHnYEO3wlmn40MF1Jdbyj3AcX3urokq9Lq8M= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.210.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-ot1-f44.google.com with SMTP id 46e09a7af769-7c6d3676455so32390a34.2 for ; Wed, 26 Nov 2025 09:46:34 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1764179194; x=1764783994; h=cc:to:message-id:content-transfer-encoding:mime-version:subject :date:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=ngh5WCQQNN28DIPnbePNrqfYLwUi0/9012QJtQO9mIo=; b=SEqjwpis1xUOKwmCBzu0r7Ey3uYugiLJ/aeXf9Vxk4L70FHUqCgQEIZPO7CeAekXI0 2YGfl7vrOohY/s7nECryGySUF7f0wWVpisV0HhGf3o4r9/Tpw3HRcBFtUDqxuqmvi9Ug 8Vf/aMV2WIRBpvHsLPxj1/7DbPWx0V1DiwAjE+QJA3dunNqY5BSDfpBPnfxL/DiRTBCZ SMtL4Fa9gS0G7gt9egbdAiz5oy238lfQVPqBCFu3+nKq73nvU6mf2Qvyo6NmAvvPlMkS 1/myA4ocFnHKZNRUlnJA2Uu4yp6OXe6wXLMZJ+7gUdb642gseOaLL9pThotfbs5rmKs6 slMQ== X-Forwarded-Encrypted: i=1; AJvYcCUznSPLr1fgKx/FqEgeRzEiMn1i1UT4SRpcFf8vwgMy1gBAQOxeOCMm03fYQdVH/X41e5Iq5mnjpvzRPAM=@vger.kernel.org X-Gm-Message-State: AOJu0Yzw0WL5zyPB0Zc9/itTd2VtDa5g7X3g6ArRqy5PMClQjlLP3EQf P+xCTUyeJuPTRpP+4fRrd0YPlOzfybe0Ju3/2aL2Ntjk9Iw/mwhEUjw0 X-Gm-Gg: ASbGncvLuGnmvuNwI8eaEWq1y7uizTZncbAiNmWPpstQ1ck0Wj6/rZFInS5C0kHEWwn tsH2szC3Tu8IqHGLjdlwhJMgbckQAGGvcboE92qoBMwio0wuCk1jSUcIy+sa12FHQQBw6ora0CQ t1n9fH9/41ocwjEEgYhtaAus/oc9GFezMWQ6FRJqO/KPnnkjesg3nR51ryMmccDs9Gi7KmHF7PO 4M6tCF0t5ki99/wKBB3fjy8e5SyDEetkFtJmZkKrilKilp9n4v7QZ/AH/bde+HwKGDWQkLDrC4C hP1TRlA8SR1KEkEL7pNPcjuS5KAKaan72iWoYqWsjEVkyY70CaywnXAfuSmgY5L0g53NKmELYIY 4rxzZnBe2mEEr/Lk7EgAMjDrUOBopAS3UN9vbMLg0aubUVsNM3ihQ7g8EyTN8xJJcVWdYvPqJ4U IoKOphUg9rYBio3Q== X-Google-Smtp-Source: AGHT+IHQtRk3cqHVtBwOM91S3QDUC4t4B343tUf0oWTeq8a9iKRiUd9uXUElLeAEu3SmK2f131kv3w== X-Received: by 2002:a05:6830:6751:b0:7c7:6c4e:ad2 with SMTP id 46e09a7af769-7c798f9e05fmr8496172a34.11.1764179194223; Wed, 26 Nov 2025 09:46:34 -0800 (PST) Received: from localhost ([2a03:2880:10ff:44::]) by smtp.gmail.com with ESMTPSA id 46e09a7af769-7c78d302329sm7761526a34.6.2025.11.26.09.46.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Nov 2025 09:46:33 -0800 (PST) From: Breno Leitao Date: Wed, 26 Nov 2025 09:46:18 -0800 Subject: [PATCH] mm/kfence: add reboot notifier to disable KFENCE on shutdown Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251126-kfence-v1-1-5a6e1d7c681c@debian.org> X-B4-Tracking: v=1; b=H4sIAOk8J2kC/x3MWwqAIBAF0K0M9zshtQe6leijbKwhsFCIINp70 FnAeVA4Cxd4epD5kiJHgiddEcI2pZWVLPAEU5tWa9OpPXIKrBoTnI1utq53qAhn5ij3Hw3j+34 KGHzxWAAAAA== X-Change-ID: 20251126-kfence-42c93f9b3979 To: Alexander Potapenko , Marco Elver , Dmitry Vyukov , Andrew Morton Cc: kasan-dev@googlegroups.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, kernel-team@meta.com, Breno Leitao X-Mailer: b4 0.15-dev-a6db3 X-Developer-Signature: v=1; a=openpgp-sha256; l=2763; i=leitao@debian.org; h=from:subject:message-id; bh=9U+GnrSlG5sCxW9pY3HRrBJ7UI24sm2FPtmuWSKIX9Y=; b=owEBbQKS/ZANAwAIATWjk5/8eHdtAcsmYgBpJzz53hh71o0dkkgQFrG2kU74cUuCamS+nyHar AitaN7UfBmJAjMEAAEIAB0WIQSshTmm6PRnAspKQ5s1o5Of/Hh3bQUCaSc8+QAKCRA1o5Of/Hh3 bddLD/0ZiqTCTHMsIVZgo/sRS2o3c2kxOP8WK2lZX7zOxZdIUVFdd7ttiVQk6+oIvRnJ1mC7qYZ r9TZMBjc6E4WZI/P/iyRUxUC70JfDQs5mhERpJz+xWX4x7GcB2R0HymsyOkKa18wLCpuM3emKMX wv7rzT4xwoaiY6KVRkJr+YMLm4XWKRDIHcfg25U9khuh9I21EkHAJSmGEW0Rpp43h/gW0kTEaMv /mtMN0PtQZrKzsKJcNawEiornCfbPvUfoZ+GN0vcgJD7WzFNdz5F2tXtik7SRALjOXju7ABthTY xz8MAhLuGM+62d4gY7bPKrOwjOAaL1HFj5zdGKUXNvlWkXBL1j3KPMlDgUvdnMT07QlUu43i2aX 0oN8rkdKyG8JHEhJwCTeWbANuwCLHEXltDwBWfoRoA97/RtVCQ0s3X1fVt5bgUBINMd10cjVKGM i54kz044jZeCJcIxr/Z8iF2uUXQAuR6QptQsf9yOrtFbC42Sply8HtAALjc7/STmWOjUGKAQJbb KnMU3RYqZZRhNmrv90GeEKhVp8WzcQd51JoQiDS+tVzETKzkrCGhjUgAcUXWbJZTINVVA2wSENr A6wG9LBV4aAkQi48ioTbXCXgTj7cPxlDp8KZOiXy37Z0Q81ZOolT2JEnL8JGqn2kOAptNBm46ng tT/lpt3LrS7mibA== X-Developer-Key: i=leitao@debian.org; a=openpgp; fpr=AC8539A6E8F46702CA4A439B35A3939FFC78776D During system shutdown, KFENCE can cause IPI synchronization issues if it remains active through the reboot process. To prevent this, register a reboot notifier that disables KFENCE and cancels any pending timer work early in the shutdown sequence. This is only necessary when CONFIG_KFENCE_STATIC_KEYS is enabled, as this configuration sends IPIs that can interfere with shutdown. Without static keys, no IPIs are generated and KFENCE can safely remain active. The notifier uses maximum priority (INT_MAX) to ensure KFENCE shuts down before other subsystems that might still depend on stable memory allocation behavior. This fixes a late kexec CSD lockup[1] when kfence is trying to IPI a CPU that is busy in a IRQ-disabled context printing characters to the console. Link: https://lore.kernel.org/all/sqwajvt7utnt463tzxgwu2yctyn5m6bjwrslsnupf= exeml6hkd@v6sqmpbu3vvu/ [1] Signed-off-by: Breno Leitao Reviewed-by: Marco Elver --- mm/kfence/core.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/mm/kfence/core.c b/mm/kfence/core.c index 727c20c94ac5..162a026871ab 100644 --- a/mm/kfence/core.c +++ b/mm/kfence/core.c @@ -26,6 +26,7 @@ #include #include #include +#include #include #include #include @@ -820,6 +821,25 @@ static struct notifier_block kfence_check_canary_notif= ier =3D { static struct delayed_work kfence_timer; =20 #ifdef CONFIG_KFENCE_STATIC_KEYS +static int kfence_reboot_callback(struct notifier_block *nb, + unsigned long action, void *data) +{ + /* + * Disable kfence to avoid static keys IPI synchronization during + * late shutdown/kexec + */ + WRITE_ONCE(kfence_enabled, false); + /* Cancel any pending timer work */ + cancel_delayed_work_sync(&kfence_timer); + + return NOTIFY_OK; +} + +static struct notifier_block kfence_reboot_notifier =3D { + .notifier_call =3D kfence_reboot_callback, + .priority =3D INT_MAX, /* Run early to stop timers ASAP */ +}; + /* Wait queue to wake up allocation-gate timer task. */ static DECLARE_WAIT_QUEUE_HEAD(allocation_wait); =20 @@ -901,6 +921,10 @@ static void kfence_init_enable(void) if (kfence_check_on_panic) atomic_notifier_chain_register(&panic_notifier_list, &kfence_check_canar= y_notifier); =20 +#ifdef CONFIG_KFENCE_STATIC_KEYS + register_reboot_notifier(&kfence_reboot_notifier); +#endif + WRITE_ONCE(kfence_enabled, true); queue_delayed_work(system_unbound_wq, &kfence_timer, 0); =20 --- base-commit: ab084f0b8d6d2ee4b1c6a28f39a2a7430bdfa7f0 change-id: 20251126-kfence-42c93f9b3979 Best regards, -- =20 Breno Leitao