mm: fix 32bit kasan can't boot on T5W [1/1]

PD#SWPL-80202 Problem: If enabled 32bit kasan on T5W with VMAP, kernel can't boot. This case can't happen on T5D. Solution: Rootcause is bss cleared but real data keeps in cache, not flushed into DDR, and physical kasan shadow page soon be mapped to shadow memory while in shadow virtual address we see random data, which caused kasan check failed in vmap fixup function and crashed. So just add a dcache flush function call after bss cleared. Verify: T5W Change-Id: Id72d26046a2155ee8fea35c3bf8c7aa4fe52e7a4 Signed-off-by: Jianxiong Pan <jianxiong.pan@amlogic.com>
2026-03-24 19:40:21 +09:00 · 2023-12-22 16:03:59 +08:00
parent 7d18a616b5
commit 2b75b11030
2 changed files with 18 additions and 3 deletions
--- a/arch/arm/kernel/head-common.S
+++ b/arch/arm/kernel/head-common.S
@@ -105,6 +105,21 @@ __mmap_switched:
 	mov	r1, #0
 	bl	__memset			@ clear .bss

+#if defined (CONFIG_KASAN)
+	/* After bss cleard, kasan_early_shadow_page are 0 in cache
+	 * But on A55 it's physical memory keeps random data, this
+	 * physical page will be mapped to shadow memory very soon(few
+	 * lines behind) in function kasan_early_init, this caused kasan
+	 * shadow memory check failed and crashed in function
+	 * fixup_init_thread_union(). However, this problem don't see on
+	 * A35 processor. Rootcause may related with core's cache replace/
+	 * clean policy.
+	 */
+	push	{r0-r12, lr}
+	bl	v7_flush_dcache_all
+	pop	{r0-r12, lr}
+#endif
+
 	ldmia	r4, {r0, r1, r2, r3}
 	str	r9, [r0]			@ Save processor ID
 	str	r7, [r1]			@ Save machine type
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -3223,7 +3223,7 @@ retry:
 	return page;
 }

-#ifdef CONFIG_AMLOGIC_CMA
+#if defined(CONFIG_AMLOGIC_CMA) && !defined(CONFIG_KASAN)
 /*
 * get page but not cma
 */
@@ -3966,7 +3966,7 @@ struct page *__rmqueue_pcplist(struct zone *zone, unsigned int order,
 {
 	struct page *page = NULL;
 	struct list_head *list = NULL;
-#ifdef CONFIG_AMLOGIC_CMA
+#if defined(CONFIG_AMLOGIC_CMA) && !defined(CONFIG_KASAN)
 	bool cma = can_use_cma(gfp_flags);

 	if (cma)
@@ -3989,7 +3989,7 @@ struct page *__rmqueue_pcplist(struct zone *zone, unsigned int order,
 		}

 		page = list_first_entry(list, struct page, pcp_list);
-	#ifdef CONFIG_AMLOGIC_CMA
+	#if defined(CONFIG_AMLOGIC_CMA) && !defined(CONFIG_KASAN)
 		/*
 		 * USING CMA FIRST POLICY situations:
 		 * 1. CMA pages may return to pcp and allocated next