From: Sasha Levin <sashal@kernel.org>
To: patches@lists.linux.dev, stable@vger.kernel.org
Cc: "Clément Léger" <cleger@rivosinc.com>,
"Conor Dooley" <conor.dooley@microchip.com>,
"Paul Walmsley" <pjw@kernel.org>,
"Sasha Levin" <sashal@kernel.org>,
paul.walmsley@sifive.com, palmer@dabbelt.com,
aou@eecs.berkeley.edu, linux-riscv@lists.infradead.org
Subject: [PATCH AUTOSEL 6.17-6.16] riscv: cpufeature: add validation for zfa, zfh and zfhmin
Date: Thu, 2 Oct 2025 11:30:11 -0400 [thread overview]
Message-ID: <20251002153025.2209281-24-sashal@kernel.org> (raw)
In-Reply-To: <20251002153025.2209281-1-sashal@kernel.org>
From: Clément Léger <cleger@rivosinc.com>
[ Upstream commit 2e2cf5581fccc562f7faf174ffb9866fed5cafbd ]
These extensions depends on the F one. Add a validation callback
checking for the F extension to be present. Now that extensions are
correctly reported using the F/D presence, we can remove the
has_fpu() check in hwprobe_isa_ext0().
Signed-off-by: Clément Léger <cleger@rivosinc.com>
Reviewed-by: Conor Dooley <conor.dooley@microchip.com>
Link: https://lore.kernel.org/r/20250527100001.33284-1-cleger@rivosinc.com
Signed-off-by: Paul Walmsley <pjw@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
LLM Generated explanations, may be completely bogus:
Based on my comprehensive analysis of this commit, here is my
assessment:
**Backport Status: YES**
## Extensive Analysis
### What This Commit Fixes
This commit addresses **incorrect CPU feature reporting** for three
RISC-V floating-point extensions (ZFA, ZFH, ZFHMIN) that were being
exposed to userspace without proper validation that their required
dependency (the F extension) is present.
### Code Changes Analysis
The commit makes two key changes:
1. **In arch/riscv/kernel/cpufeature.c (lines 477-480)**:
- Changes ZFA, ZFH, and ZFHMIN from `__RISCV_ISA_EXT_DATA` to
`__RISCV_ISA_EXT_DATA_VALIDATE`
- Adds `riscv_ext_f_depends` validation callback (lines 83-90) which
checks that the F extension is available before allowing these
extensions to be reported
- The validation function returns `-EPROBE_DEFER` if F is not
present, preventing incorrect feature reporting
2. **In arch/riscv/kernel/sys_hwprobe.c (lines 156-163)**:
- Removes the `has_fpu()` conditional check that was previously
gating these extensions
- This is safe because the validation is now properly handled in
cpufeature.c through the validation callbacks
### Why This is a Bug Fix
According to the RISC-V ISA specification:
- **ZFA** (Additional Floating-Point Instructions) requires F
- **ZFH** (Half-Precision Floating-Point) requires F
- **ZFHMIN** (Minimal Half-Precision Floating-Point) requires F
Without this fix, the kernel could incorrectly report these extensions
as available even when the base F extension is not present. This
violates the ISA specification and could lead to:
1. **Incorrect userspace behavior**: Applications using hwprobe() might
detect these extensions and attempt to use instructions that aren't
supported
2. **Illegal instruction exceptions**: If userspace tries to execute
these instructions without F support
3. **Inconsistent CPU capability reporting**: The kernel would report
capabilities that the hardware doesn't actually support
### Context from Related Commits
This commit is part of a larger validation effort:
- **e186c28dda11e** (Feb 2025): Introduced `riscv_ext_f_depends`
validation for ZFBFMIN
- **12e7fbb6a84e6** (Mar 2025): Added F & D extension validation checks
- **004961843389e** (Apr 2025): Merged the validation series
- **2e2cf5581fccc** (May 2025): This commit - completes the validation
by adding it for ZFA/ZFH/ZFHMIN which were missed
The commit message states: "Now that extensions are correctly reported
using the F/D presence, we can remove the has_fpu() check" - indicating
this is cleanup that follows the proper validation infrastructure being
put in place.
### Backporting Criteria Assessment
✅ **Fixes a bug affecting users**: Yes - incorrect CPU feature reporting
can cause userspace applications to malfunction
✅ **Small and contained**: Yes - only 14 lines changed across 2 files,
following an established pattern
✅ **Clear side effects**: No unexpected side effects - makes reporting
more correct
✅ **No architectural changes**: No - uses existing validation
infrastructure
✅ **Minimal regression risk**: Very low - the change makes feature
reporting more conservative (won't report features unless dependencies
are met)
✅ **Confined to subsystem**: Yes - only affects RISC-V architecture code
### Conclusion
This commit should be backported because it:
1. Fixes incorrect CPU capability reporting that violates the RISC-V ISA
specification
2. Prevents potential illegal instruction exceptions in userspace
3. Is small, focused, and low-risk
4. Follows the stable tree rules for important bug fixes with minimal
risk
5. Completes a validation series that was already merged upstream
The fix ensures RISC-V systems correctly report their capabilities to
userspace, which is critical for proper system operation.
arch/riscv/kernel/cpufeature.c | 6 +++---
arch/riscv/kernel/sys_hwprobe.c | 14 ++++++--------
2 files changed, 9 insertions(+), 11 deletions(-)
diff --git a/arch/riscv/kernel/cpufeature.c b/arch/riscv/kernel/cpufeature.c
index 743d53415572e..67b59699357da 100644
--- a/arch/riscv/kernel/cpufeature.c
+++ b/arch/riscv/kernel/cpufeature.c
@@ -474,10 +474,10 @@ const struct riscv_isa_ext_data riscv_isa_ext[] = {
__RISCV_ISA_EXT_DATA(zacas, RISCV_ISA_EXT_ZACAS),
__RISCV_ISA_EXT_DATA(zalrsc, RISCV_ISA_EXT_ZALRSC),
__RISCV_ISA_EXT_DATA(zawrs, RISCV_ISA_EXT_ZAWRS),
- __RISCV_ISA_EXT_DATA(zfa, RISCV_ISA_EXT_ZFA),
+ __RISCV_ISA_EXT_DATA_VALIDATE(zfa, RISCV_ISA_EXT_ZFA, riscv_ext_f_depends),
__RISCV_ISA_EXT_DATA_VALIDATE(zfbfmin, RISCV_ISA_EXT_ZFBFMIN, riscv_ext_f_depends),
- __RISCV_ISA_EXT_DATA(zfh, RISCV_ISA_EXT_ZFH),
- __RISCV_ISA_EXT_DATA(zfhmin, RISCV_ISA_EXT_ZFHMIN),
+ __RISCV_ISA_EXT_DATA_VALIDATE(zfh, RISCV_ISA_EXT_ZFH, riscv_ext_f_depends),
+ __RISCV_ISA_EXT_DATA_VALIDATE(zfhmin, RISCV_ISA_EXT_ZFHMIN, riscv_ext_f_depends),
__RISCV_ISA_EXT_DATA(zca, RISCV_ISA_EXT_ZCA),
__RISCV_ISA_EXT_DATA_VALIDATE(zcb, RISCV_ISA_EXT_ZCB, riscv_ext_zca_depends),
__RISCV_ISA_EXT_DATA_VALIDATE(zcd, RISCV_ISA_EXT_ZCD, riscv_ext_zcd_validate),
diff --git a/arch/riscv/kernel/sys_hwprobe.c b/arch/riscv/kernel/sys_hwprobe.c
index 0b170e18a2beb..3e9259790816e 100644
--- a/arch/riscv/kernel/sys_hwprobe.c
+++ b/arch/riscv/kernel/sys_hwprobe.c
@@ -153,14 +153,12 @@ static void hwprobe_isa_ext0(struct riscv_hwprobe *pair,
EXT_KEY(ZVKT);
}
- if (has_fpu()) {
- EXT_KEY(ZCD);
- EXT_KEY(ZCF);
- EXT_KEY(ZFA);
- EXT_KEY(ZFBFMIN);
- EXT_KEY(ZFH);
- EXT_KEY(ZFHMIN);
- }
+ EXT_KEY(ZCD);
+ EXT_KEY(ZCF);
+ EXT_KEY(ZFA);
+ EXT_KEY(ZFBFMIN);
+ EXT_KEY(ZFH);
+ EXT_KEY(ZFHMIN);
if (IS_ENABLED(CONFIG_RISCV_ISA_SUPM))
EXT_KEY(SUPM);
--
2.51.0
next prev parent reply other threads:[~2025-10-02 15:30 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-02 15:29 [PATCH AUTOSEL 6.17-5.4] hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Sasha Levin
2025-10-02 15:29 ` [PATCH AUTOSEL 6.17-6.12] arm64: sysreg: Correct sign definitions for EIESB and DoubleLock Sasha Levin
2025-10-02 15:29 ` [PATCH AUTOSEL 6.17-5.4] hfs: clear offset and space out of valid records in b-tree node Sasha Levin
2025-10-02 15:29 ` [PATCH AUTOSEL 6.17-5.4] hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Sasha Levin
2025-10-02 15:29 ` [PATCH AUTOSEL 6.17-6.1] powerpc/32: Remove PAGE_KERNEL_TEXT to fix startup failure Sasha Levin
2025-10-02 15:29 ` [PATCH AUTOSEL 6.17-5.4] m68k: bitops: Fix find_*_bit() signatures Sasha Levin
2025-10-02 15:29 ` [PATCH AUTOSEL 6.17] smb: client: make use of ib_wc_status_msg() and skip IB_WC_WR_FLUSH_ERR logging Sasha Levin
2025-10-02 15:29 ` [PATCH AUTOSEL 6.17-6.16] arm64: realm: ioremap: Allow mapping memory as encrypted Sasha Levin
2025-10-02 16:43 ` Suzuki K Poulose
2025-10-21 15:38 ` Sasha Levin
2025-10-02 15:29 ` [PATCH AUTOSEL 6.17-6.12] gfs2: Fix unlikely race in gdlm_put_lock Sasha Levin
2025-10-02 15:29 ` [PATCH AUTOSEL 6.17-6.1] smb: server: let smb_direct_flush_send_list() invalidate a remote key first Sasha Levin
2025-10-02 15:29 ` [PATCH AUTOSEL 6.17-5.15] nios2: ensure that memblock.current_limit is set when setting pfn limits Sasha Levin
2025-10-02 15:29 ` [PATCH AUTOSEL 6.17-6.12] s390/mm: Use __GFP_ACCOUNT for user page table allocations Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-6.16] riscv: mm: Return intended SATP mode for noXlvl options Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-6.16] gfs2: Fix LM_FLAG_TRY* logic in add_to_queue Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-6.16] dlm: move to rinfo for all middle conversion cases Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-5.4] hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-5.4] exec: Fix incorrect type for ret Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-5.4] hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-6.1] lkdtm: fortify: Fix potential NULL dereference on kmalloc failure Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-6.16] riscv: mm: Use mmu-type from FDT to limit SATP mode Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-6.6] Unbreak 'make tools/*' for user-space targets Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-5.4] hfs: make proper initalization of struct hfs_find_data Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-5.4] hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Sasha Levin
2025-10-02 15:30 ` Sasha Levin [this message]
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-6.12] PCI: Test for bit underflow in pcie_set_readrq() Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-6.16] s390/pkey: Forward keygenflags to ep11_unwrapkey Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-6.6] drivers/perf: hisi: Relax the event ID check in the framework Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-5.4] hfs: validate record offset in hfsplus_bmap_alloc Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17] smb: client: limit the range of info->receive_credit_target Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-5.4] dlm: check for defined force value in dlm_lockspace_release Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-6.12] binfmt_elf: preserve original ELF e_flags for core dumps Sasha Levin
2025-10-02 15:58 ` Kees Cook
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-6.16] arm64: errata: Apply workarounds for Neoverse-V3AE Sasha Levin
2025-10-02 15:30 ` [PATCH AUTOSEL 6.17-6.16] smb: client: queue post_recv_credits_work also if the peer raises the credit target Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251002153025.2209281-24-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=aou@eecs.berkeley.edu \
--cc=cleger@rivosinc.com \
--cc=conor.dooley@microchip.com \
--cc=linux-riscv@lists.infradead.org \
--cc=palmer@dabbelt.com \
--cc=patches@lists.linux.dev \
--cc=paul.walmsley@sifive.com \
--cc=pjw@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).