* [PATCH v2] ARM: enable interrupts when unhandled user faults are triggered
@ 2026-06-29 12:33 Xie Yuanbin
2026-06-29 12:48 ` Xie Yuanbin
` (3 more replies)
0 siblings, 4 replies; 6+ messages in thread
From: Xie Yuanbin @ 2026-06-29 12:33 UTC (permalink / raw)
To: linux, bigeasy, clrkwllms, rostedt, rmk+kernel, linusw, arnd
Cc: linux-arm-kernel, linux-kernel, linux-rt-devel, liaohua4,
lilinjie8, Xie Yuanbin
PREEMPT_RT requires interrupts to be enabled when sending signals.
When do_DataAbort()/do_PrefetchAbort() triggers unhandled user faults,
that is `inf->fn()` return a non-zero value, and the interrupts are not
enabled within the hook function, force_sig_fault() will be called
with interrupts disabled.
This can be triggered by user programs executing the bkpt instruction,
with kernel config CONFIG_PERF_EVENTS=n.
Enable interrupts in do_DataAbort()/do_PrefetchAbort() when unhandled
user faults are triggered to fix the issue.
Fixes: c6e61c06d606 ("ARM: 9463/1: Allow to enable RT")
Suggested-by: Russell King <linux@armlinux.org.uk>
Suggested-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Signed-off-by: Xie Yuanbin <xieyuanbin1@huawei.com>
---
v1->v2: https://lore.kernel.org/20260625073522.182503-1-xieyuanbin1@huawei.com
- Move local_irq_enable() from arm_notify_die() to
do_DataAbort()/do_PrefetchAbort()
arch/arm/mm/fault.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c
index e62cc4be5adf..c68677503532 100644
--- a/arch/arm/mm/fault.c
+++ b/arch/arm/mm/fault.c
@@ -633,6 +633,9 @@ do_DataAbort(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
if (!inf->fn(addr, fsr & ~FSR_LNX_PF, regs))
return;
+ if (likely(user_mode(regs)))
+ local_irq_enable();
+
pr_alert("8<--- cut here ---\n");
pr_alert("Unhandled fault: %s (0x%03x) at 0x%08lx\n",
inf->name, fsr, addr);
@@ -663,6 +666,9 @@ do_PrefetchAbort(unsigned long addr, unsigned int ifsr, struct pt_regs *regs)
if (!inf->fn(addr, ifsr | FSR_LNX_PF, regs))
return;
+ if (likely(user_mode(regs)))
+ local_irq_enable();
+
pr_alert("8<--- cut here ---\n");
pr_alert("Unhandled prefetch abort: %s (0x%03x) at 0x%08lx\n",
inf->name, ifsr, addr);
--
2.53.0
^ permalink raw reply related [flat|nested] 6+ messages in thread* Re: [PATCH v2] ARM: enable interrupts when unhandled user faults are triggered
2026-06-29 12:33 [PATCH v2] ARM: enable interrupts when unhandled user faults are triggered Xie Yuanbin
@ 2026-06-29 12:48 ` Xie Yuanbin
2026-06-29 13:12 ` Sebastian Andrzej Siewior
2026-06-29 12:51 ` sashiko-bot
` (2 subsequent siblings)
3 siblings, 1 reply; 6+ messages in thread
From: Xie Yuanbin @ 2026-06-29 12:48 UTC (permalink / raw)
To: bigeasy, linux, rmk+kernel
Cc: xieyuanbin1, arnd, clrkwllms, liaohua4, lilinjie8, linusw,
linux-arm-kernel, linux-kernel, linux-rt-devel, rostedt
On Mon, 29 Jun 2026 11:40:22 +0200, Sebastian Andrzej Siewior wrote:
> If this is moved to the callers of arm_notify_die() then I don't know
> what to do about baddataabort(). It looks like it gets invoked with
> disabled interrupts, too but I'm not sure. This looks like pre ARM v7.
> Is it reasonable to add such a check there?
Oh, I'm not sure about this place either. Would interrupts here be
disabled? I'm not familiar with the entry assembly code of v4t, so
I don't know how to construct a user-space program that can run to
baddataabort(), and I also don't have a v4t device to test it.
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: [PATCH v2] ARM: enable interrupts when unhandled user faults are triggered
2026-06-29 12:48 ` Xie Yuanbin
@ 2026-06-29 13:12 ` Sebastian Andrzej Siewior
0 siblings, 0 replies; 6+ messages in thread
From: Sebastian Andrzej Siewior @ 2026-06-29 13:12 UTC (permalink / raw)
To: Xie Yuanbin
Cc: linux, rmk+kernel, arnd, clrkwllms, liaohua4, lilinjie8, linusw,
linux-arm-kernel, linux-kernel, linux-rt-devel, rostedt
On 2026-06-29 20:48:16 [+0800], Xie Yuanbin wrote:
> On Mon, 29 Jun 2026 11:40:22 +0200, Sebastian Andrzej Siewior wrote:
> > If this is moved to the callers of arm_notify_die() then I don't know
> > what to do about baddataabort(). It looks like it gets invoked with
> > disabled interrupts, too but I'm not sure. This looks like pre ARM v7.
> > Is it reasonable to add such a check there?
>
> Oh, I'm not sure about this place either. Would interrupts here be
> disabled? I'm not familiar with the entry assembly code of v4t, so
> I don't know how to construct a user-space program that can run to
> baddataabort(), and I also don't have a v4t device to test it.
I don't have anything myself but it follows the same pattern.
Sashiko just reported that it is a pre-existing issue :)
Sebastian
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v2] ARM: enable interrupts when unhandled user faults are triggered
2026-06-29 12:33 [PATCH v2] ARM: enable interrupts when unhandled user faults are triggered Xie Yuanbin
2026-06-29 12:48 ` Xie Yuanbin
@ 2026-06-29 12:51 ` sashiko-bot
2026-06-29 13:14 ` Sebastian Andrzej Siewior
2026-06-30 22:49 ` Linus Walleij
3 siblings, 0 replies; 6+ messages in thread
From: sashiko-bot @ 2026-06-29 12:51 UTC (permalink / raw)
To: Xie Yuanbin; +Cc: linux-rt-devel, linux-kernel
Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
Pre-existing issues:
- [Critical] Missing interrupt enablement in baddataabort() before sending signals, causing a PREEMPT_RT sleeping-while-atomic BUG.
--
commit c514933dc1b8809c06e2a04abca8d68edc5cd623
Author: Xie Yuanbin <xieyuanbin1@huawei.com>
ARM: enable interrupts when unhandled user faults are triggered
This commit enables interrupts in do_DataAbort() and do_PrefetchAbort()
when unhandled user faults are triggered. This resolves an issue on
PREEMPT_RT where calling force_sig_fault() with interrupts disabled
would cause problems, as PREEMPT_RT requires interrupts to be enabled
when sending signals.
> diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c
> index e62cc4be5adf6..c686775035325 100644
> --- a/arch/arm/mm/fault.c
> +++ b/arch/arm/mm/fault.c
> @@ -633,6 +633,9 @@ do_DataAbort(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
> if (!inf->fn(addr, fsr & ~FSR_LNX_PF, regs))
> return;
>
> + if (likely(user_mode(regs)))
> + local_irq_enable();
> +
[Severity: Critical]
This is a pre-existing issue, but does a similar fix need to be applied
to baddataabort() in arch/arm/kernel/traps.c?
If a user-space program executes an unsupported data access instruction on
architectures using v4t_late_abort (like ARM720T or ARM7TDMI), it raises
a data abort exception and enters __dabt_usr with interrupts disabled.
Execution can proceed to v4t_late_abort(), and if instruction decode
fails, it branches to baddataabort():
arch/arm/mm/abort-lv4t.S:v4t_late_abort()
.data_unknown:
mov r0, r4
mov r1, r8
b baddataabort
baddataabort() then calls arm_notify_die() which eventually calls
force_sig_fault():
arch/arm/kernel/traps.c:baddataabort()
arm_notify_die("unknown data abort code", regs,
SIGILL, ILL_ILLOPC, (void __user *)addr, instr, 0);
Because baddataabort() lacks the local_irq_enable() being added here in
do_DataAbort(), interrupts remain disabled during signal delivery. Could
this allow an unprivileged local user to trigger this path and cause a
sleeping-while-atomic panic on PREEMPT_RT?
[ ... ]
--
Sashiko AI review · https://sashiko.dev/#/patchset/20260629123349.134224-1-xieyuanbin1@huawei.com?part=1
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: [PATCH v2] ARM: enable interrupts when unhandled user faults are triggered
2026-06-29 12:33 [PATCH v2] ARM: enable interrupts when unhandled user faults are triggered Xie Yuanbin
2026-06-29 12:48 ` Xie Yuanbin
2026-06-29 12:51 ` sashiko-bot
@ 2026-06-29 13:14 ` Sebastian Andrzej Siewior
2026-06-30 22:49 ` Linus Walleij
3 siblings, 0 replies; 6+ messages in thread
From: Sebastian Andrzej Siewior @ 2026-06-29 13:14 UTC (permalink / raw)
To: Xie Yuanbin
Cc: linux, clrkwllms, rostedt, rmk+kernel, linusw, arnd,
linux-arm-kernel, linux-kernel, linux-rt-devel, liaohua4,
lilinjie8
On 2026-06-29 20:33:49 [+0800], Xie Yuanbin wrote:
> PREEMPT_RT requires interrupts to be enabled when sending signals.
>
> When do_DataAbort()/do_PrefetchAbort() triggers unhandled user faults,
> that is `inf->fn()` return a non-zero value, and the interrupts are not
> enabled within the hook function, force_sig_fault() will be called
> with interrupts disabled.
>
> This can be triggered by user programs executing the bkpt instruction,
> with kernel config CONFIG_PERF_EVENTS=n.
>
> Enable interrupts in do_DataAbort()/do_PrefetchAbort() when unhandled
> user faults are triggered to fix the issue.
>
> Fixes: c6e61c06d606 ("ARM: 9463/1: Allow to enable RT")
>
> Suggested-by: Russell King <linux@armlinux.org.uk>
> Suggested-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
> Signed-off-by: Xie Yuanbin <xieyuanbin1@huawei.com>
Reviewed-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
This fixes the issue that can be easily triggered.
Sebastian
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: [PATCH v2] ARM: enable interrupts when unhandled user faults are triggered
2026-06-29 12:33 [PATCH v2] ARM: enable interrupts when unhandled user faults are triggered Xie Yuanbin
` (2 preceding siblings ...)
2026-06-29 13:14 ` Sebastian Andrzej Siewior
@ 2026-06-30 22:49 ` Linus Walleij
3 siblings, 0 replies; 6+ messages in thread
From: Linus Walleij @ 2026-06-30 22:49 UTC (permalink / raw)
To: Xie Yuanbin
Cc: linux, bigeasy, clrkwllms, rostedt, rmk+kernel, arnd,
linux-arm-kernel, linux-kernel, linux-rt-devel, liaohua4,
lilinjie8
On Mon, Jun 29, 2026 at 2:34 PM Xie Yuanbin <xieyuanbin1@huawei.com> wrote:
> PREEMPT_RT requires interrupts to be enabled when sending signals.
>
> When do_DataAbort()/do_PrefetchAbort() triggers unhandled user faults,
> that is `inf->fn()` return a non-zero value, and the interrupts are not
> enabled within the hook function, force_sig_fault() will be called
> with interrupts disabled.
>
> This can be triggered by user programs executing the bkpt instruction,
> with kernel config CONFIG_PERF_EVENTS=n.
>
> Enable interrupts in do_DataAbort()/do_PrefetchAbort() when unhandled
> user faults are triggered to fix the issue.
>
> Fixes: c6e61c06d606 ("ARM: 9463/1: Allow to enable RT")
>
Skip blank line.
> Suggested-by: Russell King <linux@armlinux.org.uk>
> Suggested-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
> Signed-off-by: Xie Yuanbin <xieyuanbin1@huawei.com>
I had something like this in my (currently put on ice) generic entry
patch series:
https://lore.kernel.org/linux-arm-kernel/20250225-arm-generic-entry-v5-30-2f02313653e5@linaro.org/
This goes in that direction so:
Reviewed-by: Linus Walleij <linusw@kernel.org>
Yours,
Linus Walleij
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2026-06-30 22:49 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-29 12:33 [PATCH v2] ARM: enable interrupts when unhandled user faults are triggered Xie Yuanbin
2026-06-29 12:48 ` Xie Yuanbin
2026-06-29 13:12 ` Sebastian Andrzej Siewior
2026-06-29 12:51 ` sashiko-bot
2026-06-29 13:14 ` Sebastian Andrzej Siewior
2026-06-30 22:49 ` Linus Walleij
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.