Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2231076,
    "url": "http://patchwork.ozlabs.org/api/1.1/patches/2231076/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/opensbi/patch/20260430102313.95249-3-zhangzhanpeng.jasper@bytedance.com/",
    "project": {
        "id": 67,
        "url": "http://patchwork.ozlabs.org/api/1.1/projects/67/?format=api",
        "name": "OpenSBI development",
        "link_name": "opensbi",
        "list_id": "opensbi.lists.infradead.org",
        "list_email": "opensbi@lists.infradead.org",
        "web_url": "https://github.com/riscv/opensbi",
        "scm_url": "",
        "webscm_url": ""
    },
    "msgid": "<20260430102313.95249-3-zhangzhanpeng.jasper@bytedance.com>",
    "date": "2026-04-30T10:23:13",
    "name": "[2/2] lib: sbi: sse: fix SSE handler sstatus leakage",
    "commit_ref": null,
    "pull_url": null,
    "state": "new",
    "archived": false,
    "hash": "bd8e7ccd9b38bd9b966c7137e52376935e3804ee",
    "submitter": {
        "id": 93288,
        "url": "http://patchwork.ozlabs.org/api/1.1/people/93288/?format=api",
        "name": "Zhanpeng Zhang",
        "email": "zhangzhanpeng.jasper@bytedance.com"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/opensbi/patch/20260430102313.95249-3-zhangzhanpeng.jasper@bytedance.com/mbox/",
    "series": [
        {
            "id": 502269,
            "url": "http://patchwork.ozlabs.org/api/1.1/series/502269/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/opensbi/list/?series=502269",
            "date": "2026-04-30T10:23:11",
            "name": "lib: sbi: sse: fix interrupted context corruption",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/502269/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/2231076/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/2231076/checks/",
    "tags": {},
    "headers": {
        "Return-Path": "\n <opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>",
        "X-Original-To": "incoming@patchwork.ozlabs.org",
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n secure) header.d=lists.infradead.org header.i=@lists.infradead.org\n header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ex0RDlm6;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n secure) header.d=infradead.org header.i=@infradead.org header.a=rsa-sha256\n header.s=desiato.20200630 header.b=pZm3KS4s;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n unprotected) header.d=bytedance.com header.i=@bytedance.com\n header.a=rsa-sha256 header.s=google header.b=D0tKY8jF;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=none (no SPF record) smtp.mailfrom=lists.infradead.org\n (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;\n envelope-from=opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;\n receiver=patchwork.ozlabs.org)"
        ],
        "Received": [
            "from bombadil.infradead.org (bombadil.infradead.org\n [IPv6:2607:7c80:54:3::133])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g5qyd07rYz1yK1\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 30 Apr 2026 20:23:52 +1000 (AEST)",
            "from localhost ([::1] helo=bombadil.infradead.org)\n\tby bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1wIOYc-00000005BmH-03pF;\n\tThu, 30 Apr 2026 10:23:46 +0000",
            "from desiato.infradead.org ([2001:8b0:10b:1:d65d:64ff:fe57:4e05])\n\tby bombadil.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1wIOYZ-00000005BlA-3RC5\n\tfor opensbi@bombadil.infradead.org;\n\tThu, 30 Apr 2026 10:23:43 +0000",
            "from mail-pj1-x102e.google.com ([2607:f8b0:4864:20::102e])\n\tby desiato.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1wIOYW-000000077Nj-2BwR\n\tfor opensbi@lists.infradead.org;\n\tThu, 30 Apr 2026 10:23:42 +0000",
            "by mail-pj1-x102e.google.com with SMTP id\n 98e67ed59e1d1-35d99bae2ebso704745a91.3\n        for <opensbi@lists.infradead.org>;\n Thu, 30 Apr 2026 03:23:40 -0700 (PDT)",
            "from FJ7FR2JRQ3.bytedance.net ([139.177.225.247])\n        by smtp.gmail.com with ESMTPSA id\n 98e67ed59e1d1-364dbeb2db0sm321070a91.10.2026.04.30.03.23.34\n        (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256);\n        Thu, 30 Apr 2026 03:23:37 -0700 (PDT)"
        ],
        "DKIM-Signature": [
            "v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n\td=lists.infradead.org; s=bombadil.20210309; h=Sender:\n\tContent-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:\n\tList-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:\n\tMessage-ID:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description:\n\tResent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:\n\tList-Owner; bh=UMqL/qs6ae34wPKVtcJ086BCnywCpoIOjGzMUONhNbg=; b=ex0RDlm6RXjRGr\n\tuddNgTuj6JIomvx2doCB1znN4pVimFoj16lUp3omp4a2LRAqNAuUwmg7SPkrFIXj0T2fjb4e6JyMW\n\tQJB+x2Pm5Daqpsvf4+ix5wNe4HvXg658EFB5cIUdkLrrmb/SW0Acg8yWaOxsH2qqKVSAbp2FGCW2L\n\tVmTGQ7pKgHFPMe88a9yBbehviF0ZOcrNgLFvePbd4RTsMMemr9I2Y0g3Md9QmRFFBwLNnTelbVbzX\n\tqiKLk1Ab7XhV1S7bzbJiz849QOCE1aZR4ix2hGf1DyAm3dRkIwEdaDrRuDLlLM2UaqVlcat12Rirp\n\t7nT1gsCjzLmeNI+4e3rQ==;",
            "v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n\td=infradead.org; s=desiato.20200630; h=Content-Transfer-Encoding:MIME-Version\n\t:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Sender:Reply-To:\n\tContent-Type:Content-ID:Content-Description;\n\tbh=he20OQGYvGMGwKnsBxzw0zcRCXJmNL6lIQg+SZsxBgU=; b=pZm3KS4sfq320Kaq3SBBezX66N\n\tLBWtlKJOZ7MGxRqIkK+jizLWApgvj7H2TiBFntEaPwRlcwbzLKy05+VN8n8qFVLoHDEpaF2fI6Idj\n\tsgAEm01Q00OB8FxphyCSN+MVd5TJngK/TK2Nc58N7ZaIPPyQ66tIWFnvzKUC0tnbHdWpY6nU0gBvi\n\tKYTC4Tmt9geOnpzGYG+1G+88kIyhPE7xbrrSAx75ybfyuB1ScVnZw5fM1CivT3CMyvLaW3xAQ9va1\n\tT2hPhVfrnaRzy0UyEaLuWrnIA9QXByUT0+34BfMGQzgXLRmOvHUCYgpS9VPML28JKeqk2l4qX7R3S\n\tVon+UaOw==;",
            "v=1; a=rsa-sha256; c=relaxed/relaxed;\n        d=bytedance.com; s=google; t=1777544618; x=1778149418;\n darn=lists.infradead.org;\n        h=content-transfer-encoding:mime-version:references:in-reply-to\n         :message-id:date:subject:cc:to:from:from:to:cc:subject:date\n         :message-id:reply-to;\n        bh=he20OQGYvGMGwKnsBxzw0zcRCXJmNL6lIQg+SZsxBgU=;\n        b=D0tKY8jF31tN2s4XSOdzo/ILarr+sTQORfjGrv1WqdsS5eab++7NiMod6lnx5OZiYZ\n         eegiwRGNXpSM1QK7Sw+IpPjVSq8wqYSMf5WjlvbdrUAT8F3OvQEmCkZP3regs/OdIv1j\n         QeBZCnYIO4fqLEVCLDhpt7U1f8RSwVH48fd3slgL/fnG3OKzS9SPIoKdTaVv6RaCCW0i\n         GVCLuNCdEASJn+U/3GkeuDtSnufeKDTV5Skg34jaUUmGqUSsBK2ULuPpjbtn/R9Nofml\n         vG26DWPwgnt/I0FI4S/QypWAjXi+IAX1HfunT1gD1w1u0BHPBPWoty6tQXgcBnWJt6bX\n         Zfsw=="
        ],
        "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n        d=1e100.net; s=20251104; t=1777544618; x=1778149418;\n        h=content-transfer-encoding:mime-version:references:in-reply-to\n         :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from\n         :to:cc:subject:date:message-id:reply-to;\n        bh=he20OQGYvGMGwKnsBxzw0zcRCXJmNL6lIQg+SZsxBgU=;\n        b=ecYSZJaCqS/Krpsw5e8zneUe+6ikyROXsd5uGCG7ThJN7/Sa/vsBJLck6UNNYMzG3M\n         8HToJqg1bHW34RbZ1AH7YWyOZyNxynpUn1VLLU07/Sd4CPukFHvawS1T/lrINc/unfPL\n         oUXWhhwnEJA5tpN0gGbu/7tGrJhvmaLZBwqbM1nYbcxJuoeNgy1trztFRNtYTB0tTmpV\n         vPmEKM+NFRGBJdia+jOEZsA13NMOWdYc0UZUDomYcaFoj+bhJXRPwmUrL30nLnFE5Csm\n         gNE9LXrZDocqCK1UVAEecyCCJq34Zp6rec2eeVFu10XnfSJp0NcGcZ1lOE05C25NlH+H\n         jGeA==",
        "X-Gm-Message-State": "AOJu0YyDCojla1uC/cR1hFeg9I1G98MKTxBgcdfVz247w54JP7nSOeXx\n\t0hYy6LBdlp30bS3gXfCKPaJ75mAaLZ3c4Dvx7g8Xjx7RSRpGhUB/qu52kH8Lvmg6PX7jvAD7Vd/\n\t8gw6M",
        "X-Gm-Gg": "AeBDievg93i1+spTzvTxaqepyJGvyASqCMBfwGb2rdVh3iyRbiL7rM/mHZgU5MX9mN7\n\tDiJtr9sK6ObdfGh3RK8tqu6Hdy7TM6ISG3v6cEx6gx9r3/8I48u6n1bNCS72QlxLMOyN9h+4uzm\n\tH3jr/qyyRB5zac+5DDn+CRx16MmuVMzAch9Rh2YuwS26T0Gk8bC1VzEl2krYjZw3AKBiGrdHyLP\n\tVnXhZb2V3GhBK1z2EhP/gR1mEFXQMws9whH8JovGBYozT9U6Ngb69tluBXEDQhULrHq6KHEuXhr\n\tT2CK7sQcLk/4apKd5Nbq91MDnUvT8tbX7EX2pAnwMeKGsGG9lMkvKmEay6y8PEU7l3fjhaZ2xt7\n\tTu1nzHypoWC89Hv98MZrXD23AJ+1KnjOliZcoUo+hwZFLPQ6ic21zB4eiJ0F+o/IKKXxPmLSLKH\n\tUKjbc8bTX2qBDgTj+eJ1k3K+iLMyXp8wSOTm16gEDe+rmzPhnIYbn4pHsmLPtkv/3zmOIe0gvDw\n\tcpWQE5iWQ==",
        "X-Received": "by 2002:a17:90b:5890:b0:35e:5aa5:ae38 with SMTP id\n 98e67ed59e1d1-364c2f59166mr2469962a91.9.1777544618057;\n        Thu, 30 Apr 2026 03:23:38 -0700 (PDT)",
        "From": "Zhanpeng Zhang <zhangzhanpeng.jasper@bytedance.com>",
        "To": "opensbi@lists.infradead.org",
        "Cc": "cleger@rivosinc.com,\n\tanup@brainfault.org,\n\tatishp@atishpatra.org,\n\tcuiyunhui@bytedance.com,\n\tyuanzhu@bytedance.com,\n\tZhanpeng Zhang <zhangzhanpeng.jasper@bytedance.com>",
        "Subject": "[PATCH 2/2] lib: sbi: sse: fix SSE handler sstatus leakage",
        "Date": "Thu, 30 Apr 2026 18:23:13 +0800",
        "Message-ID": "<20260430102313.95249-3-zhangzhanpeng.jasper@bytedance.com>",
        "X-Mailer": "git-send-email 2.50.1",
        "In-Reply-To": "<20260430102313.95249-1-zhangzhanpeng.jasper@bytedance.com>",
        "References": "<20260430102313.95249-1-zhangzhanpeng.jasper@bytedance.com>",
        "MIME-Version": "1.0",
        "X-CRM114-Version": "20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 ",
        "X-CRM114-CacheID": "sfid-20260430_112340_910278_7A6AC208 ",
        "X-CRM114-Status": "GOOD (  13.22  )",
        "X-Spam-Score": "-0.2 (/)",
        "X-Spam-Report": "Spam detection software,\n running on the system \"desiato.infradead.org\",\n has NOT identified this incoming email as spam.  The original\n message has been attached to this so you can view it or label\n similar future email.  If you have any questions, see\n the administrator of that system for details.\n Content preview:  SSE can interrupt kernel execution at any point and run a\n   complex handler. PMU-SSE is a real-world example: its handler runs the perf\n    overflow path, and `perf top` repeatedly enters the SSE handler an [...]\n Content analysis details:   (-0.2 points, 5.0 required)\n  pts rule name              description\n ---- ----------------------\n --------------------------------------------------\n -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/, no\n                             trust\n                             [2607:f8b0:4864:20:0:0:0:102e listed in]\n                             [list.dnswl.org]\n -0.0 SPF_PASS               SPF: sender matches SPF record\n  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record\n -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from\n author's\n                             domain\n  0.1 DKIM_SIGNED            Message has a DKIM or DK signature,\n not necessarily valid\n -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from\n                             envelope-from domain\n -0.1 DKIM_VALID             Message has at least one valid DKIM or DK\n signature",
        "X-BeenThere": "opensbi@lists.infradead.org",
        "X-Mailman-Version": "2.1.34",
        "Precedence": "list",
        "List-Id": "<opensbi.lists.infradead.org>",
        "List-Unsubscribe": "<http://lists.infradead.org/mailman/options/opensbi>,\n <mailto:opensbi-request@lists.infradead.org?subject=unsubscribe>",
        "List-Archive": "<http://lists.infradead.org/pipermail/opensbi/>",
        "List-Post": "<mailto:opensbi@lists.infradead.org>",
        "List-Help": "<mailto:opensbi-request@lists.infradead.org?subject=help>",
        "List-Subscribe": "<http://lists.infradead.org/mailman/listinfo/opensbi>,\n <mailto:opensbi-request@lists.infradead.org?subject=subscribe>",
        "Content-Type": "text/plain; charset=\"us-ascii\"",
        "Content-Transfer-Encoding": "7bit",
        "Sender": "\"opensbi\" <opensbi-bounces@lists.infradead.org>",
        "Errors-To": "opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org"
    },
    "content": "SSE can interrupt kernel execution at any point and run a complex\nhandler. PMU-SSE is a real-world example: its handler runs the\nperf overflow path, and `perf top` repeatedly enters the SSE handler and\ncompletion paths when PMU-SSE is enabled. Any synthetic handler status\nthat leaks into the SSE-interrupted context is therefore quickly exposed.\n\nSSE injection rewrites SIE, SPIE and SPP to enter the registered S-mode\nhandler. The old completion path reconstructed SIE from the handler trap\nstate and restored SPIE/SPP from the interrupted attributes instead of\nrestoring the S-mode status bits that were interrupted by the event.\n\nThat makes SIE/SPIE/SPP handler-contaminated resume state. The resulting\nSSE handler sstatus leakage can make PMU-SSE perf top resume with\nmismatched privilege and interrupt state, causing an \"environment call\nfrom U-mode\" panic. This was reproducible on the previous version with\nstress tests like `perf top` or `perf record -a`.\n\nSave the interrupted SIE/SPIE/SPP bits in private SSE resume state before\nconstructing the handler context and restore them when the handler\ncompletes. Keep using the interrupted SPP attribute to select the final\nmret privilege level.\n\nFixes: c8cdf01d8f3a (\"lib: sbi: Add support for Supervisor Software Events extension\")\nSigned-off-by: Zhanpeng Zhang <zhangzhanpeng.jasper@bytedance.com>\n---\n lib/sbi/sbi_sse.c | 21 +++++++++------------\n 1 file changed, 9 insertions(+), 12 deletions(-)",
    "diff": "diff --git a/lib/sbi/sbi_sse.c b/lib/sbi/sbi_sse.c\nindex 0544449d..1c1a0e80 100644\n--- a/lib/sbi/sbi_sse.c\n+++ b/lib/sbi/sbi_sse.c\n@@ -77,12 +77,17 @@ struct sse_ipi_inject_data {\n  * M-mode-owned state.\n  */\n struct sse_resume_state {\n+\t/* SIE/SPIE/SPP bits from mstatus, used to restore S-mode state. */\n+\tunsigned long sstatus_bits;\n \t/* Complete hstatus value, used to restore H-mode virtualization state. */\n \tunsigned long hstatus;\n \t/* MPV bit from mstatus/mstatusH, used to restore virtualization state. */\n \tbool prev_virt;\n };\n \n+#define SSE_RESUME_SSTATUS_MASK \\\n+\t(SSTATUS_SIE | SSTATUS_SPIE | SSTATUS_SPP)\n+\n struct sbi_sse_event_attrs {\n \tunsigned long status;\n \tunsigned long prio;\n@@ -568,6 +573,7 @@ static void sse_event_inject(struct sbi_sse_event *e,\n \ti_ctx->a6 = regs->a6;\n \ti_ctx->a7 = regs->a7;\n \ti_ctx->sepc = csr_read(CSR_SEPC);\n+\tr_ctx->sstatus_bits = regs->mstatus & SSE_RESUME_SSTATUS_MASK;\n \n \tr_ctx->prev_virt = sbi_regs_from_virt(regs);\n \n@@ -631,7 +637,7 @@ static void sse_event_resume(struct sbi_sse_event *e,\n \tregs->mepc = csr_read(CSR_SEPC);\n \n \tregs->mstatus &= ~MSTATUS_MPP;\n-\tif (regs->mstatus & MSTATUS_SPP)\n+\tif (i_ctx->flags & SBI_SSE_ATTR_INTERRUPTED_FLAGS_SSTATUS_SPP)\n \t\tregs->mstatus |= (PRV_S << MSTATUS_MPP_SHIFT);\n \n \tif (misa_extension('H')) {\n@@ -649,17 +655,8 @@ static void sse_event_resume(struct sbi_sse_event *e,\n \t\tcsr_write(CSR_HSTATUS, r_ctx->hstatus);\n \t}\n \n-\tregs->mstatus &= ~MSTATUS_SIE;\n-\tif (regs->mstatus & MSTATUS_SPIE)\n-\t\tregs->mstatus |= MSTATUS_SIE;\n-\n-\tregs->mstatus &= ~MSTATUS_SPIE;\n-\tif (i_ctx->flags & SBI_SSE_ATTR_INTERRUPTED_FLAGS_SSTATUS_SPIE)\n-\t\tregs->mstatus |= MSTATUS_SPIE;\n-\n-\tregs->mstatus &= ~MSTATUS_SPP;\n-\tif (i_ctx->flags & SBI_SSE_ATTR_INTERRUPTED_FLAGS_SSTATUS_SPP)\n-\t\tregs->mstatus |= MSTATUS_SPP;\n+\tregs->mstatus &= ~SSE_RESUME_SSTATUS_MASK;\n+\tregs->mstatus |= r_ctx->sstatus_bits;\n \n \tregs->mstatus &= ~MSTATUS_SPELP;\n \tif (i_ctx->flags & SBI_SSE_ATTR_INTERRUPTED_FLAGS_SSTATUS_SPELP)\n",
    "prefixes": [
        "2/2"
    ]
}