1. Patchew
  2. linux
  3. View series

[PATCH] riscv: smp: Align secondary_start_sbi to 4 bytes

cp0613@linux.alibaba.com posted 1 patch 1 day, 20 hours ago 
arch/riscv/kernel/head.S | 1 +
1 file changed, 1 insertion(+)
[PATCH] riscv: smp: Align secondary_start_sbi to 4 bytes
Posted by cp0613@linux.alibaba.com 1 day, 20 hours ago 
From: Chen Pei <cp0613@linux.alibaba.com>

During SMP boot, the secondary_start_sbi address is passed to the
slave core via sbi_hsm_hart_start. In OpenSBI, this address is
written to STVEC in sbi_hart_switch_mode.

According to the privileged specification, the BASE field of STVEC
must always be aligned on a 4-byte boundary. However, System.map
reveals that secondary_start_sbi is not a 4-byte aligned address.

For example, the address of secondary_start_sbi is
0xffffffff80001066, and the disassembly is as follows:

Dump of assembler code from 0xffffffff80001052 to 0xffffffff8000107a:
   0xffffffff80001052 <_start+4178>:    c.nop   -11
   0xffffffff80001054 <_start+4180>:    auipc   gp,0x1a1f
   0xffffffff80001058 <_start+4184>:    addi    gp,gp,84
   0xffffffff8000105c <_start+4188>:    csrw    satp,a2
   0xffffffff80001060 <_start+4192>:    sfence.vma
   0xffffffff80001064 <_start+4196>:    ret
   0xffffffff80001066 <_start+4198>:    csrw    sie,zero
   0xffffffff8000106a <_start+4202>:    csrw    sip,zero
   0xffffffff8000106e <_start+4206>:    li      t0,2
   0xffffffff80001070 <_start+4208>:    csrw    scounteren,t0
   0xffffffff80001074 <_start+4212>:    auipc   gp,0x1a1f
   0xffffffff80001078 <_start+4216>:    addi    gp,gp,52

When writing to STVEC at address 0xffffffff80001066, the actual
write address is 0xffffffff80001064, corresponding to the address
of the previous ret instruction. This is unexpected, and if an
interrupt occurs at this point, it will cause unpredictable results.

However, secondary_start_sbi immediately masks all interrupts and
updates STVEC, so no problems occurred.

In summary, it is more reasonable to make secondary_start_sbi
satisfy 4-byte alignment.

Signed-off-by: Chen Pei <cp0613@linux.alibaba.com>
---
 arch/riscv/kernel/head.S | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S
index bdf3352acf4c..f35dbfa79505 100644
--- a/arch/riscv/kernel/head.S
+++ b/arch/riscv/kernel/head.S
@@ -124,6 +124,7 @@ relocate_enable_mmu:
 
 	ret
 #endif /* CONFIG_MMU */
+.align 2
 #ifdef CONFIG_SMP
 	.global secondary_start_sbi
 secondary_start_sbi:
-- 
2.50.1
Re: [PATCH] riscv: smp: Align secondary_start_sbi to 4 bytes
Posted by Andrew Jones 1 day, 14 hours ago 
On Thu, Feb 05, 2026 at 08:16:25PM +0800, cp0613@linux.alibaba.com wrote:
> From: Chen Pei <cp0613@linux.alibaba.com>
> 
> During SMP boot, the secondary_start_sbi address is passed to the
> slave core via sbi_hsm_hart_start. In OpenSBI, this address is
> written to STVEC in sbi_hart_switch_mode.
> 
> According to the privileged specification, the BASE field of STVEC
> must always be aligned on a 4-byte boundary. However, System.map
> reveals that secondary_start_sbi is not a 4-byte aligned address.
> 
> For example, the address of secondary_start_sbi is
> 0xffffffff80001066, and the disassembly is as follows:
> 
> Dump of assembler code from 0xffffffff80001052 to 0xffffffff8000107a:
>    0xffffffff80001052 <_start+4178>:    c.nop   -11
>    0xffffffff80001054 <_start+4180>:    auipc   gp,0x1a1f
>    0xffffffff80001058 <_start+4184>:    addi    gp,gp,84
>    0xffffffff8000105c <_start+4188>:    csrw    satp,a2
>    0xffffffff80001060 <_start+4192>:    sfence.vma
>    0xffffffff80001064 <_start+4196>:    ret
>    0xffffffff80001066 <_start+4198>:    csrw    sie,zero
>    0xffffffff8000106a <_start+4202>:    csrw    sip,zero
>    0xffffffff8000106e <_start+4206>:    li      t0,2
>    0xffffffff80001070 <_start+4208>:    csrw    scounteren,t0
>    0xffffffff80001074 <_start+4212>:    auipc   gp,0x1a1f
>    0xffffffff80001078 <_start+4216>:    addi    gp,gp,52
> 
> When writing to STVEC at address 0xffffffff80001066, the actual
> write address is 0xffffffff80001064, corresponding to the address
> of the previous ret instruction. This is unexpected, and if an
> interrupt occurs at this point, it will cause unpredictable results.
> 
> However, secondary_start_sbi immediately masks all interrupts and
> updates STVEC, so no problems occurred.
> 
> In summary, it is more reasonable to make secondary_start_sbi
> satisfy 4-byte alignment.
> 
> Signed-off-by: Chen Pei <cp0613@linux.alibaba.com>
> ---
>  arch/riscv/kernel/head.S | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S
> index bdf3352acf4c..f35dbfa79505 100644
> --- a/arch/riscv/kernel/head.S
> +++ b/arch/riscv/kernel/head.S
> @@ -124,6 +124,7 @@ relocate_enable_mmu:
>  
>  	ret
>  #endif /* CONFIG_MMU */
> +.align 2
>  #ifdef CONFIG_SMP
>  	.global secondary_start_sbi
>  secondary_start_sbi:
> -- 
> 2.50.1
>

Looks good, but the .align 2 would ideally go inside the
#ifdef CONFIG_SMP, just above the label.

Reviewed-by: Andrew Jones <andrew.jones@oss.qualcomm.com>

Thanks,
drew
Re: [PATCH] riscv: smp: Align secondary_start_sbi to 4 bytes
Posted by Guo Ren 1 day, 20 hours ago 
On Thu, Feb 5, 2026 at 8:16 PM <cp0613@linux.alibaba.com> wrote:
>
> From: Chen Pei <cp0613@linux.alibaba.com>
>
> During SMP boot, the secondary_start_sbi address is passed to the
> slave core via sbi_hsm_hart_start. In OpenSBI, this address is
> written to STVEC in sbi_hart_switch_mode.
>
> According to the privileged specification, the BASE field of STVEC
> must always be aligned on a 4-byte boundary. However, System.map
> reveals that secondary_start_sbi is not a 4-byte aligned address.
>
> For example, the address of secondary_start_sbi is
> 0xffffffff80001066, and the disassembly is as follows:
>
> Dump of assembler code from 0xffffffff80001052 to 0xffffffff8000107a:
>    0xffffffff80001052 <_start+4178>:    c.nop   -11
>    0xffffffff80001054 <_start+4180>:    auipc   gp,0x1a1f
>    0xffffffff80001058 <_start+4184>:    addi    gp,gp,84
>    0xffffffff8000105c <_start+4188>:    csrw    satp,a2
>    0xffffffff80001060 <_start+4192>:    sfence.vma
>    0xffffffff80001064 <_start+4196>:    ret
>    0xffffffff80001066 <_start+4198>:    csrw    sie,zero
>    0xffffffff8000106a <_start+4202>:    csrw    sip,zero
>    0xffffffff8000106e <_start+4206>:    li      t0,2
>    0xffffffff80001070 <_start+4208>:    csrw    scounteren,t0
>    0xffffffff80001074 <_start+4212>:    auipc   gp,0x1a1f
>    0xffffffff80001078 <_start+4216>:    addi    gp,gp,52
>
> When writing to STVEC at address 0xffffffff80001066, the actual
> write address is 0xffffffff80001064, corresponding to the address
> of the previous ret instruction. This is unexpected, and if an
> interrupt occurs at this point, it will cause unpredictable results.
>
> However, secondary_start_sbi immediately masks all interrupts and
> updates STVEC, so no problems occurred.
>
> In summary, it is more reasonable to make secondary_start_sbi
> satisfy 4-byte alignment.
>
> Signed-off-by: Chen Pei <cp0613@linux.alibaba.com>
> ---
>  arch/riscv/kernel/head.S | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S
> index bdf3352acf4c..f35dbfa79505 100644
> --- a/arch/riscv/kernel/head.S
> +++ b/arch/riscv/kernel/head.S
> @@ -124,6 +124,7 @@ relocate_enable_mmu:
>
>         ret
>  #endif /* CONFIG_MMU */
> +.align 2
>  #ifdef CONFIG_SMP
>         .global secondary_start_sbi
>  secondary_start_sbi:
> --
> 2.50.1
>

In Linux/arch/riscv/kernel/cpu_ops_sbi.c:
unsigned long boot_addr = __pa_symbol(secondary_start_sbi);
return sbi_hsm_hart_start(hartid, boot_addr, hsm_data);

OpenSBI sets boot_addr to both sepc and stval, and stval requires
4-byte alignment.

Reviewed-by: Guo Ren (Alibaba DAMO Academy) <guoren@kernel.org>

-- 
Best Regards
 Guo Ren

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.