Skip to content

[PW_SID:1098830] RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler#1990

Open
linux-riscv-bot wants to merge 2 commits into
workflow__riscv__fixesfrom
pw1098830
Open

[PW_SID:1098830] RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler#1990
linux-riscv-bot wants to merge 2 commits into
workflow__riscv__fixesfrom
pw1098830

Conversation

@linux-riscv-bot
Copy link
Copy Markdown

@linux-riscv-bot linux-riscv-bot commented May 21, 2026

PR for series 1098830 applied to workflow__riscv__fixes

Name: RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler
URL: https://patchwork.kernel.org/project/linux-riscv/list/?series=1098830
Version: 1

Linux RISC-V bot and others added 2 commits May 14, 2026 08:49
Adding CI files
cd9d421
@6eanut
RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler
1dcc5a8 
The SBI SUSP handler kvm_sbi_ext_susp_handler() checks that all other
vCPUs are stopped before entering system suspend, but it does not hold
mp_state_lock during the iteration. A concurrent HSM HART_START from
another vCPU can start a target vCPU after the SUSP handler has already
checked it, violating the invariant that all vCPUs must be stopped
before suspend.

Fix this with a two-phase approach:
1. Set a VM-wide suspend_in_progress flag before the iteration to block
   concurrent HSM HART_START. The HSM start handler checks this flag
   under its existing mp_state_lock, closing the race.
2. Hold mp_state_lock during each per-vCPU stopped check so that
   mp_state reads are ordered against concurrent power_on/power_off
   writes on the other side of the lock.

The flag is self-clearing: it resets when any vCPU re-enters
kvm_arch_vcpu_ioctl_run after the suspend-resume cycle completes.

Fixes: 023c151 ("RISC-V: KVM: Add SBI system suspend support")
Signed-off-by: Jiakai Xu <jiakaiPeanut@gmail.com>
Signed-off-by: Jiakai Xu <xujiakai2025@iscas.ac.cn>
Assisted-by: YuanSheng:DeepSeek-V3.2
Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
@linux-riscv-bot
Copy link
Copy Markdown
Author

linux-riscv-bot commented May 21, 2026

Patch 1: "RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler"
build-rv32-defconfig
Desc: Builds riscv32 defconfig
Duration: 142.56 seconds
Result: PENDING

@linux-riscv-bot
Copy link
Copy Markdown
Author

linux-riscv-bot commented May 21, 2026

Patch 1: "RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler"
build-rv64-clang-allmodconfig
Desc: Builds riscv64 allmodconfig with Clang, and checks for errors and added warnings
Duration: 1070.81 seconds
Result: PASS

@linux-riscv-bot
Copy link
Copy Markdown
Author

linux-riscv-bot commented May 21, 2026

Patch 1: "RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler"
build-rv64-gcc-allmodconfig
Desc: Builds riscv64 allmodconfig with GCC, and checks for errors and added warnings
Duration: 1453.23 seconds
Result: PASS

@linux-riscv-bot
Copy link
Copy Markdown
Author

linux-riscv-bot commented May 21, 2026

Patch 1: "RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler"
build-rv64-nommu-k210-defconfig
Desc: Builds riscv64 defconfig with NOMMU for K210
Duration: 25.99 seconds
Result: PASS

@linux-riscv-bot
Copy link
Copy Markdown
Author

linux-riscv-bot commented May 21, 2026

Patch 1: "RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler"
build-rv64-nommu-k210-virt
Desc: Builds riscv64 defconfig with NOMMU for the virt platform
Duration: 27.54 seconds
Result: PASS

@linux-riscv-bot
Copy link
Copy Markdown
Author

linux-riscv-bot commented May 21, 2026

Patch 1: "RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler"
checkpatch
Desc: Runs checkpatch.pl on the patch
Duration: 1.52 seconds
Result: PASS

@linux-riscv-bot
Copy link
Copy Markdown
Author

linux-riscv-bot commented May 21, 2026

Patch 1: "RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler"
dtb-warn-rv64
Desc: Checks for Device Tree warnings/errors
Duration: 87.65 seconds
Result: PASS

@linux-riscv-bot
Copy link
Copy Markdown
Author

linux-riscv-bot commented May 21, 2026

Patch 1: "RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler"
header-inline
Desc: Detects static functions without inline keyword in header files
Duration: 0.24 seconds
Result: PASS

@linux-riscv-bot
Copy link
Copy Markdown
Author

linux-riscv-bot commented May 21, 2026

Patch 1: "RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler"
kdoc
Desc: Detects for kdoc errors
Duration: 0.90 seconds
Result: PASS

@linux-riscv-bot
Copy link
Copy Markdown
Author

linux-riscv-bot commented May 21, 2026

Patch 1: "RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler"
module-param
Desc: Detect module_param changes
Duration: 0.26 seconds
Result: PASS

@linux-riscv-bot
Copy link
Copy Markdown
Author

linux-riscv-bot commented May 21, 2026

Patch 1: "RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler"
verify-fixes
Desc: Verifies that the Fixes: tags exist
Duration: 0.29 seconds
Result: PASS

@linux-riscv-bot
Copy link
Copy Markdown
Author

linux-riscv-bot commented May 21, 2026

Patch 1: "RISC-V: KVM: Fix TOCTOU race in SBI system suspend handler"
verify-signedoff
Desc: Verifies that Signed-off-by: tags are correct
Duration: 0.31 seconds
Result: PASS

@linux-riscv-bot linux-riscv-bot force-pushed the workflow__riscv__fixes branch 2 times, most recently from a1231b7 to c03cdce Compare May 23, 2026 03:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@linux-riscv-bot @6eanut