From nobody Sun Feb 8 05:08:20 2026 Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 47BD522097 for ; Tue, 2 Dec 2025 00:43:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.170 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1764636186; cv=none; b=Z0wapgWdtRRBeL6fxH1L22nAyYnTF5nibDpIC/hHvJeGgyRZb2iZ8rHKfCYxgr5nf55vErsT9RGrTie1Hn2mZh5fek4VBQwha0dPWJMvs6oJ/bupJLQGwg7SowDke4Khh7fogI1hn6qA/46bXeiutfAJs4ySLTq99i9ngmLx+mg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1764636186; c=relaxed/simple; bh=Y2YQXOwbqJVthCoSgkczMwaAepUt9JD+f+PRl9mcuRc=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version; b=Ji1KlQ6UqFcLlYr63UYck7u2lZx/ZAqjgMPnoByt28mXEvJdGHMafjQX8TOrPY1OkQQv5A8VhartLhcMlpGq85ZQSLiwQA8IBgOZ9qqw6oM0pgVTmyQDjaN+FKbzz4TNv413B8xVflQDdt7Kj4gb9zcY6BUXTV7CQnXZSI94iH0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=luaberry.com; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.210.170 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=luaberry.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-7b9c17dd591so4332892b3a.3 for ; Mon, 01 Dec 2025 16:43:05 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1764636184; x=1765240984; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=9C0BuMfYpE52X3ZkwF2ddAC3FMTh1lBAow5RoiEAGeU=; b=iSFhxs5UJVk5F9J+QV492hkb+z3QZbuG+7BmzaaqLYc4WNVLR6uH/UXOd0m6m/WvQA Z+T9GCTX+WLuUlqFg4pwA9lKq6VI0NkgM02qZoHD/Kj4OQ+UbKLF3W6jELM5qA4vx4Pf zx6j0NV+g6zMM3xIxct7BnJJWpWqHPFv9ZFVPKXUykuQDo3lUeH9qneeqa1g/7y25w7e fs915f4A6NrtacLzNrd5D1WXfXc2krOB6BzLt3iT9WoQBX5RPk/I3LEAmLLGKpuUYy/d LFsy88gId8eGDSLB4pPaCzVYOhrZ6FpcMuIr9yq57s2+42JV2kdY98mgjoSjFvqHIPc0 RC+w== X-Forwarded-Encrypted: i=1; AJvYcCXKaZcqA2RbsmajENE6hqEEHhDlIRe8hJuBbj5V6IxCAvEOtsFCZobUiD7NebwLLfUZitVMYacTCIl2OOY=@vger.kernel.org X-Gm-Message-State: AOJu0YzzQQ/GcD/bn3dyyMz+lcsU+c2/KtENV+T12oHeDctPQwb6/hdK WL4+Jo5RwI2qDdk5lddDdbH5Fpc2vzEfxd4roxMHruXUrrFYkr0L7hC9 X-Gm-Gg: ASbGncvIqhM2wVlZiG45SgHAPqT4C3qxlb/LLh2TyLpW9phT6S96VOh/ydSzglgO49t QzsF4Szli7Evk4xZRbh1A4SjuvXn+mH5M3GImKoELIFRlc9DNH5F9WFQv9HoiDxfhyKnIslLQ9S AomrAGHFniNMqvEh3LG+IbyCzdPnRQd1OeXfPOzabXzwF03gqqv9p2sDozaMnaUnxKvInqqH8g6 JXXIN1aWpB3BJl7PAe+o0NUD3RbxHHt/1LGQQPTPE0dHibOLASR0d1SN313Z42L1I9nxwVdQwoj xvtlCslTh1sbmGwgNnmTt1/QDB4FednxEhmDXVl/G6ulIRlQ5HmQ5y+6r1mS587vxwwsn2pfuGb 72My82pQi7qs+orrUWbdFjRNJN7wWwg2v/cEBfV1Cf6eMT7PV840qXD6MFc2cHrDfDKkmN1rNHJ Gu94Itembsu2kysVcFyw+yYs/SBN4Y5Q== X-Google-Smtp-Source: AGHT+IFjl/QJBewD7kSmPY7WYm5wqwBCAmnQ0iouuo16tzvMnxlT2E8ljk56fl4NupM+SgcFNmRjbQ== X-Received: by 2002:a05:6a20:2447:b0:33f:df99:11e5 with SMTP id adf61e73a8af0-3637dea5abemr30792787637.28.1764636184498; Mon, 01 Dec 2025 16:43:04 -0800 (PST) Received: from lua-playground.. ([221.164.191.151]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-be4fbb00bd1sm13300578a12.11.2025.12.01.16.43.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 01 Dec 2025 16:43:04 -0800 (PST) From: Jeongin Yeo To: catalin.marinas@arm.com, will@kernel.org Cc: ryan.roberts@arm.com, akpm@linux-foundation.org, david@kernel.org, kevin.brodsky@arm.com, dev.jain@arm.com, quic_zhenhuah@quicinc.com, lorenzo.stoakes@oracle.com, yang@os.amperecomputing.com, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org Subject: [PATCH] arm64: mm: prevent context switching during idmap is mapped Date: Tue, 2 Dec 2025 00:42:23 +0000 Message-Id: <20251202004223.108388-1-leo.yeo@luaberry.com> X-Mailer: git-send-email 2.34.1 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" cpu_install_idmap replaces ttbr0 to install idmap. replace_phys uses idmap_cpu_replace_ttbr1 which is located in idmap, thus it requires ttbr0 to point idmap.=20 =20 However, if a kernel task has switched out right after cpu_install_idmap, when kernel task is loaded, its ttbr0 is mapped to reserved_pg_dir which doesn't contain any idmap functions. Therefore, the kernel task cannot find any functions to run, causing memory fault. =20 As far as I can verify from the current arm64 tree, no in-tree caller invokes this function from a preemptible context. =20 Nevertheless, future work might allow this function to be called in preemptive state. Encapsulating the idmap sequence with preempt_disable() and preempt_enable() prevents this possible problem. Signed-off-by: Jeongin Yeo --- arch/arm64/mm/mmu.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c index 2ba01dc8ef82..c3da836ebe8d 100644 --- a/arch/arm64/mm/mmu.c +++ b/arch/arm64/mm/mmu.c @@ -29,6 +29,7 @@ #include #include #include +#include =20 #include #include @@ -2136,7 +2137,7 @@ void __cpu_replace_ttbr1(pgd_t *pgdp, bool cnp) ttbr1 |=3D TTBR_CNP_BIT; =20 replace_phys =3D (void *)__pa_symbol(idmap_cpu_replace_ttbr1); - + preempt_disable(); cpu_install_idmap(); =20 /* @@ -2148,6 +2149,7 @@ void __cpu_replace_ttbr1(pgd_t *pgdp, bool cnp) local_daif_restore(daif); =20 cpu_uninstall_idmap(); + preempt_enable(); } =20 #ifdef CONFIG_ARCH_HAS_PKEYS --=20 2.43.0