From: Ryan Roberts <ryan.roberts@arm.com>
To: Yang Shi <yang@os.amperecomputing.com>,
Guenter Roeck <linux@roeck-us.net>
Cc: catalin.marinas@arm.com, will@kernel.org,
akpm@linux-foundation.org, david@redhat.com,
lorenzo.stoakes@oracle.com, ardb@kernel.org, dev.jain@arm.com,
scott@os.amperecomputing.com, cl@gentwo.org,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, linux-mm@kvack.org, nd@arm.com
Subject: Re: [PATCH v8 3/5] arm64: mm: support large block mapping when rodata=full
Date: Mon, 3 Nov 2025 10:07:12 +0000 [thread overview]
Message-ID: <cbabb814-3ca5-4213-9346-a7de28aac474@arm.com> (raw)
In-Reply-To: <85e50475-7d2c-49df-924e-90e0b915a4d3@os.amperecomputing.com>
On 03/11/2025 00:47, Yang Shi wrote:
>
>
[...]
>> @@ -723,6 +733,16 @@ int split_kernel_leaf_mapping(unsigned long start,
>> unsigned long end)
>> if (!system_supports_bbml2_noabort())
>> return 0;
>> + /*
>> + * If the region is within a pte-mapped area, there is no need to try to
>> + * split. Additionally, CONFIG_DEBUG_ALLOC and CONFIG_KFENCE may change
>> + * permissions from softirq context so for those cases (which are always
>> + * pte-mapped), we must not go any further because taking the mutex
>> + * below may sleep.
>> + */
>> + if (force_pte_mapping() || is_kfence_address((void *)start))
>
> IIUC this may break kfence late init? The kfence_late_init() allocates pages
> from buddy allocator, then protects them (setting them to invalid). But the
> protection requires split page table, this check will prevent kernel from
> splitting page table because __kfence_pool is initialized before doing
> protection. So there is kind of circular dependency.
I hadn't considered late init. But I guess the requirement is that the kfence
pool needs to be pte mapped whenever kfence is enabled.
For early init; that requirement is clearly met since we pte map it in the arch
code. For late init, as far as I can tell, the memory is initially block mapped,
is allocarted from the buddy then every other page is protected via
kfence_init_pool() from kfence_init_pool(). This will have the effect of
splitting every page in the pool to pte mappings (as long as your suggested fix
below is applied).
It all feels a bit accidental though.
>
> The below fix may work?
>
> if (force_pte_mapping() || (READ_ONCE(kfence_enabled) && is_kfence_address((void
> *)start)))
>
> The kfence_enabled won't be set until protection is done. So if it is set, we
> know kfence address must be mapped by PTE.
I think it will work, but it feels a bit hacky, and kfence_enabled is currently
static in core.c.
I wonder if it would be preferable to explicitly do the pte mapping in
arch_kfence_init_pool()? It looks like that's how x86 does it...
>
> Thanks,
> Yang
>
>
>
>
>
>> + return 0;
>> +
>> /*
>> * Ensure start and end are at least page-aligned since this is the
>> * finest granularity we can split to.
>> @@ -1009,16 +1029,6 @@ static inline void arm64_kfence_map_pool(phys_addr_t
>> kfence_pool, pgd_t *pgdp) {
>> #endif /* CONFIG_KFENCE */
>> -static inline bool force_pte_mapping(void)
>> -{
>> - bool bbml2 = system_capabilities_finalized() ?
>> - system_supports_bbml2_noabort() : cpu_supports_bbml2_noabort();
>> -
>> - return (!bbml2 && (rodata_full || arm64_kfence_can_set_direct_map() ||
>> - is_realm_world())) ||
>> - debug_pagealloc_enabled();
>> -}
>> -
>> static void __init map_mem(pgd_t *pgdp)
>> {
>> static const u64 direct_map_end = _PAGE_END(VA_BITS_MIN);
>> ---8<---
>>
>> Thanks,
>> Ryan
>>
>>> Yang Shi, Do you have any additional thoughts?
>>>
>>> Thanks,
>>> Ryan
>>>
>>>> Thanks,
>>>> Guenter
>>>>
>>>> ---
>>>> Example log:
>>>>
>>>> [ 0.537499] BUG: sleeping function called from invalid context at kernel/
>>>> locking/mutex.c:580
>>>> [ 0.537501] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1,
>>>> name: swapper/0
>>>> [ 0.537502] preempt_count: 1, expected: 0
>>>> [ 0.537504] 2 locks held by swapper/0/1:
>>>> [ 0.537505] #0: ffffb60b01211960 (sched_domains_mutex){+.+.}-{4:4}, at:
>>>> sched_domains_mutex_lock+0x24/0x38
>>>> [ 0.537510] #1: ffffb60b01595838 (rcu_read_lock){....}-{1:3}, at:
>>>> rcu_lock_acquire+0x0/0x40
>>>> [ 0.537516] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.18.0-dbg-
>>>> DEV #1 NONE
>>>> [ 0.537517] Call trace:
>>>> [ 0.537518] show_stack+0x20/0x38 (C)
>>>> [ 0.537520] __dump_stack+0x28/0x38
>>>> [ 0.537522] dump_stack_lvl+0xac/0xf0
>>>> [ 0.537525] dump_stack+0x18/0x3c
>>>> [ 0.537527] __might_resched+0x248/0x2a0
>>>> [ 0.537529] __might_sleep+0x40/0x90
>>>> [ 0.537531] __mutex_lock_common+0x70/0x1818
>>>> [ 0.537533] mutex_lock_nested+0x34/0x48
>>>> [ 0.537534] split_kernel_leaf_mapping+0x74/0x1a0
>>>> [ 0.537536] update_range_prot+0x40/0x150
>>>> [ 0.537537] __change_memory_common+0x30/0x148
>>>> [ 0.537538] __kernel_map_pages+0x70/0x88
>>>> [ 0.537540] __free_frozen_pages+0x6e4/0x7b8
>>>> [ 0.537542] free_frozen_pages+0x1c/0x30
>>>> [ 0.537544] __free_slab+0xf0/0x168
>>>> [ 0.537547] free_slab+0x2c/0xf8
>>>> [ 0.537549] free_to_partial_list+0x4e0/0x620
>>>> [ 0.537551] __slab_free+0x228/0x250
>>>> [ 0.537553] kfree+0x3c4/0x4c0
>>>> [ 0.537555] destroy_sched_domain+0xf8/0x140
>>>> [ 0.537557] cpu_attach_domain+0x17c/0x610
>>>> [ 0.537558] build_sched_domains+0x15a4/0x1718
>>>> [ 0.537560] sched_init_domains+0xbc/0xf8
>>>> [ 0.537561] sched_init_smp+0x30/0x98
>>>> [ 0.537562] kernel_init_freeable+0x148/0x230
>>>> [ 0.537564] kernel_init+0x28/0x148
>>>> [ 0.537566] ret_from_fork+0x10/0x20
>>>> [ 0.537569] =============================
>>>> [ 0.537569] [ BUG: Invalid wait context ]
>>>> [ 0.537571] 6.18.0-dbg-DEV #1 Tainted: G W
>>>> [ 0.537572] -----------------------------
>>>> [ 0.537572] swapper/0/1 is trying to lock:
>>>> [ 0.537573] ffffb60b011f3830 (pgtable_split_lock){+.+.}-{4:4}, at:
>>>> split_kernel_leaf_mapping+0x74/0x1a0
>>>> [ 0.537576] other info that might help us debug this:
>>>> [ 0.537577] context-{5:5}
>>>> [ 0.537578] 2 locks held by swapper/0/1:
>>>> [ 0.537579] #0: ffffb60b01211960 (sched_domains_mutex){+.+.}-{4:4}, at:
>>>> sched_domains_mutex_lock+0x24/0x38
>>>> [ 0.537582] #1: ffffb60b01595838 (rcu_read_lock){....}-{1:3}, at:
>>>> rcu_lock_acquire+0x0/0x40
>>>> [ 0.537585] stack backtrace:
>>>> [ 0.537585] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Tainted: G
>>>> W 6.18.0-dbg-DEV #1 NONE
>>>> [ 0.537587] Tainted: [W]=WARN
>>>> [ 0.537588] Call trace:
>>>> [ 0.537589] show_stack+0x20/0x38 (C)
>>>> [ 0.537591] __dump_stack+0x28/0x38
>>>> [ 0.537593] dump_stack_lvl+0xac/0xf0
>>>> [ 0.537596] dump_stack+0x18/0x3c
>>>> [ 0.537598] __lock_acquire+0x980/0x2a20
>>>> [ 0.537600] lock_acquire+0x124/0x2b8
>>>> [ 0.537602] __mutex_lock_common+0xd8/0x1818
>>>> [ 0.537604] mutex_lock_nested+0x34/0x48
>>>> [ 0.537605] split_kernel_leaf_mapping+0x74/0x1a0
>>>> [ 0.537607] update_range_prot+0x40/0x150
>>>> [ 0.537608] __change_memory_common+0x30/0x148
>>>> [ 0.537609] __kernel_map_pages+0x70/0x88
>>>> [ 0.537610] __free_frozen_pages+0x6e4/0x7b8
>>>> [ 0.537613] free_frozen_pages+0x1c/0x30
>>>> [ 0.537615] __free_slab+0xf0/0x168
>>>> [ 0.537617] free_slab+0x2c/0xf8
>>>> [ 0.537619] free_to_partial_list+0x4e0/0x620
>>>> [ 0.537621] __slab_free+0x228/0x250
>>>> [ 0.537623] kfree+0x3c4/0x4c0
>>>> [ 0.537625] destroy_sched_domain+0xf8/0x140
>>>> [ 0.537627] cpu_attach_domain+0x17c/0x610
>>>> [ 0.537628] build_sched_domains+0x15a4/0x1718
>>>> [ 0.537630] sched_init_domains+0xbc/0xf8
>>>> [ 0.537631] sched_init_smp+0x30/0x98
>>>> [ 0.537632] kernel_init_freeable+0x148/0x230
>>>> [ 0.537633] kernel_init+0x28/0x148
>>>> [ 0.537635] ret_from_fork+0x10/0x20
>>>>
>>>> ---
>>>> bisect:
>>>>
>>>> # bad: [3a8660878839faadb4f1a6dd72c3179c1df56787] Linux 6.18-rc1
>>>> # good: [e5f0a698b34ed76002dc5cff3804a61c80233a7a] Linux 6.17
>>>> git bisect start 'v6.18-rc1' 'v6.17'
>>>> # bad: [58809f614e0e3f4e12b489bddf680bfeb31c0a20] Merge tag 'drm-
>>>> next-2025-10-01' of https://gitlab.freedesktop.org/drm/kernel
>>>> git bisect bad 58809f614e0e3f4e12b489bddf680bfeb31c0a20
>>>> # bad: [a8253f807760e9c80eada9e5354e1240ccf325f9] Merge tag 'soc-
>>>> newsoc-6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
>>>> git bisect bad a8253f807760e9c80eada9e5354e1240ccf325f9
>>>> # bad: [4b81e2eb9e4db8f6094c077d0c8b27c264901c1b] Merge tag 'timers-
>>>> vdso-2025-09-29' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
>>>> git bisect bad 4b81e2eb9e4db8f6094c077d0c8b27c264901c1b
>>>> # bad: [f1004b2f19d7e9add9d707f64d9fcbc50f67921b] Merge tag 'm68k-for-v6.18-
>>>> tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k
>>>> git bisect bad f1004b2f19d7e9add9d707f64d9fcbc50f67921b
>>>> # good: [a9401710a5f5681abd2a6f21f9e76bc9f2e81891] Merge tag 'v6.18-rc-
>>>> part1-smb3-common' of git://git.samba.org/ksmbd
>>>> git bisect good a9401710a5f5681abd2a6f21f9e76bc9f2e81891
>>>> # good: [fe68bb2861808ed5c48d399bd7e670ab76829d55] Merge tag 'microblaze-
>>>> v6.18' of git://git.monstr.eu/linux-2.6-microblaze
>>>> git bisect good fe68bb2861808ed5c48d399bd7e670ab76829d55
>>>> # bad: [f2d64a22faeeecff385b4c91fab5fe036ab00162] Merge branch 'for-next/
>>>> perf' into for-next/core
>>>> git bisect bad f2d64a22faeeecff385b4c91fab5fe036ab00162
>>>> # good: [30f9386820cddbba59b48ae0670c3a1646dd440e] Merge branch 'for-next/
>>>> misc' into for-next/core
>>>> git bisect good 30f9386820cddbba59b48ae0670c3a1646dd440e
>>>> # good: [43de0ac332b815cf56dbdce63687de9acfd35d49] drivers/perf: hisi: Relax
>>>> the event ID check in the framework
>>>> git bisect good 43de0ac332b815cf56dbdce63687de9acfd35d49
>>>> # good: [5973a62efa34c80c9a4e5eac1fca6f6209b902af] arm64: map [_text,
>>>> _stext) virtual address range non-executable+read-only
>>>> git bisect good 5973a62efa34c80c9a4e5eac1fca6f6209b902af
>>>> # good: [b3abb08d6f628a76c36bf7da9508e1a67bf186a0] drivers/perf: hisi:
>>>> Refactor the event configuration of L3C PMU
>>>> git bisect good b3abb08d6f628a76c36bf7da9508e1a67bf186a0
>>>> # good: [6d2f913fda5683fbd4c3580262e10386c1263dfb] Documentation: hisi-pmu:
>>>> Add introduction to HiSilicon V3 PMU
>>>> git bisect good 6d2f913fda5683fbd4c3580262e10386c1263dfb
>>>> # good: [2084660ad288c998b6f0c885e266deb364f65fba] perf/dwc_pcie: Fix use of
>>>> uninitialized variable
>>>> git bisect good 2084660ad288c998b6f0c885e266deb364f65fba
>>>> # bad: [77dfca70baefcb988318a72fe69eb99f6dabbbb1] Merge branch 'for-next/mm'
>>>> into for-next/core
>>>> git bisect bad 77dfca70baefcb988318a72fe69eb99f6dabbbb1
>>>> # first bad commit: [77dfca70baefcb988318a72fe69eb99f6dabbbb1] Merge branch
>>>> 'for-next/mm' into for-next/core
>>>>
>>>> ---
>>>> bisect into branch:
>>>>
>>>> - git checkout -b testing 77dfca70baefcb988318a72fe69eb99f6dabbbb1
>>>> - git rebase 77dfca70baefcb988318a72fe69eb99f6dabbbb1~1
>>>> [ fix minor conflict similar to the conflict resolution in 77dfca70baefc]
>>>> - git diff 77dfca70baefcb988318a72fe69eb99f6dabbbb1
>>>> [ confirmed that there are no differences ]
>>>> - confirm that the problem is still seen at the tip of the rebase
>>>> - git bisect start HEAD 77dfca70baefcb988318a72fe69eb99f6dabbbb1~1
>>>> - run bisect
>>>>
>>>> Results:
>>>>
>>>> # bad: [47fc25df1ae3ae8412f1b812fb586c714d04a5e6] arm64: map [_text, _stext)
>>>> virtual address range non-executable+read-only
>>>> # good: [30f9386820cddbba59b48ae0670c3a1646dd440e] Merge branch 'for-next/
>>>> misc' into for-next/core
>>>> git bisect start 'HEAD' '77dfca70baefcb988318a72fe69eb99f6dabbbb1~1'
>>>> # good: [805491d19fc21271b5c27f4602f8f66b625c110f] arm64/Kconfig: Remove
>>>> CONFIG_RODATA_FULL_DEFAULT_ENABLED
>>>> git bisect good 805491d19fc21271b5c27f4602f8f66b625c110f
>>>> # bad: [13c7d7426232cc4489df7cd2e1f646a22d3f6172] arm64: mm: support large
>>>> block mapping when rodata=full
>>>> git bisect bad 13c7d7426232cc4489df7cd2e1f646a22d3f6172
>>>> # good: [a4d9c67e503f2b73c2d89d8e8209dfd241bdc8d8] arm64: Enable permission
>>>> change on arm64 kernel block mappings
>>>> git bisect good a4d9c67e503f2b73c2d89d8e8209dfd241bdc8d8
>>>> # first bad commit: [13c7d7426232cc4489df7cd2e1f646a22d3f6172] arm64: mm:
>>>> support large block mapping when rodata=full
>
next prev parent reply other threads:[~2025-11-03 10:08 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-17 19:02 [PATCH v8 0/5] arm64: support FEAT_BBM level 2 and large block mapping when rodata=full Yang Shi
2025-09-17 19:02 ` [PATCH v8 1/5] arm64: Enable permission change on arm64 kernel block mappings Yang Shi
2025-09-17 19:02 ` [PATCH v8 2/5] arm64: cpufeature: add AmpereOne to BBML2 allow list Yang Shi
2025-09-17 19:02 ` [PATCH v8 3/5] arm64: mm: support large block mapping when rodata=full Yang Shi
2025-11-01 16:14 ` Guenter Roeck
2025-11-02 10:31 ` Ryan Roberts
2025-11-02 12:11 ` Ryan Roberts
2025-11-02 15:13 ` Guenter Roeck
2025-11-02 17:46 ` Guenter Roeck
2025-11-02 17:49 ` Guenter Roeck
2025-11-02 17:52 ` Guenter Roeck
2025-11-03 0:47 ` Yang Shi
2025-11-03 10:07 ` Ryan Roberts [this message]
2025-11-03 16:21 ` Yang Shi
2025-11-03 5:53 ` Dev Jain
2025-09-17 19:02 ` [PATCH v8 4/5] arm64: mm: split linear mapping if BBML2 unsupported on secondary CPUs Yang Shi
2026-02-02 7:18 ` Arnd Bergmann
2026-02-02 7:43 ` Ard Biesheuvel
2026-02-02 8:11 ` Arnd Bergmann
2025-09-17 19:02 ` [PATCH v8 5/5] arm64: kprobes: call set_memory_rox() for kprobe page Yang Shi
2025-09-18 12:48 ` Catalin Marinas
2025-09-18 15:05 ` Yang Shi
2025-09-18 15:30 ` Ryan Roberts
2025-09-18 15:50 ` Yang Shi
2025-09-18 15:32 ` Catalin Marinas
2025-09-18 15:48 ` Yang Shi
2025-09-18 21:10 ` [PATCH v8 0/5] arm64: support FEAT_BBM level 2 and large block mapping when rodata=full Will Deacon
2025-09-19 10:08 ` Ryan Roberts
2025-09-19 11:27 ` Will Deacon
2025-09-19 11:49 ` Ryan Roberts
2025-09-19 11:56 ` Will Deacon
2025-09-19 12:00 ` Ryan Roberts
2025-09-19 18:44 ` Will Deacon
2025-09-23 7:15 ` Ryan Roberts
2025-09-19 14:55 ` Yang Shi
2026-03-16 7:35 ` Jinjiang Tu
2026-03-16 15:47 ` Ryan Roberts
2026-03-17 0:15 ` Yang Shi
2026-03-17 2:06 ` Jinjiang Tu
2026-03-17 9:07 ` Ryan Roberts
2026-03-17 17:03 ` Yang Shi
2026-03-18 8:29 ` Jinjiang Tu
2026-03-18 9:17 ` Ryan Roberts
2026-03-19 1:22 ` Jinjiang Tu
2026-03-17 17:12 ` Yang Shi
2026-03-17 8:47 ` Kevin Brodsky
2026-03-17 9:13 ` Ryan Roberts
2026-03-17 9:29 ` Kevin Brodsky
2026-03-17 11:45 ` Ryan Roberts
2026-03-17 12:43 ` Kevin Brodsky
2026-03-17 15:05 ` Ryan Roberts
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cbabb814-3ca5-4213-9346-a7de28aac474@arm.com \
--to=ryan.roberts@arm.com \
--cc=akpm@linux-foundation.org \
--cc=ardb@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=cl@gentwo.org \
--cc=david@redhat.com \
--cc=dev.jain@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux@roeck-us.net \
--cc=lorenzo.stoakes@oracle.com \
--cc=nd@arm.com \
--cc=scott@os.amperecomputing.com \
--cc=will@kernel.org \
--cc=yang@os.amperecomputing.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.