lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAA7_YY-t2wWaqztey6Y3+eS8R=uvQnY6kT2h+vMzFAiZkGh4og@mail.gmail.com>
Date: Sun, 4 Jan 2026 00:03:24 +0900
From: Naohiko Shimizu <naohiko.shimizu@...il.com>
To: Anup Patel <apatel@...tanamicro.com>
Cc: pjw@...nel.org, palmer@...belt.com, aou@...s.berkeley.edu, alex@...ti.fr, 
	anup@...infault.org, atish.patra@...ux.dev, daniel.lezcano@...aro.org, 
	tglx@...utronix.de, nick.hu@...ive.com, linux-riscv@...ts.infradead.org, 
	linux-kernel@...r.kernel.org, kvm@...r.kernel.org, 
	kvm-riscv@...ts.infradead.org
Subject: Re: [PATCH 1/3] riscv: clocksource: Fix stimecmp update hazard on RV32

Hi Anup,

Thank you for your review.

I agree. I will update the commit description in v2 to explicitly cite
the RISC-V Privileged Specification and explain why the 3-step
programming sequence is necessary to avoid timer hazards on RV32.

Briefly, the current code writes the LSB first without ensuring it's
in the future, which can trigger a spurious interrupt if Time >=
{stimecmph(old), stimecmp(new)} becomes true momentarily. The new
sequence follows the spec's recommendation for mtimecmp (Section
3.2.1) to ensure the 64-bit value is always "in the future" during the
update.

I will apply the same detailed description to [PATCH 2/3] as well.

Regards, Naohiko Shimizu


On Sat, Jan 3, 2026 at 11:46 PM Anup Patel <apatel@...tanamicro.com> wrote:
>
> On Sat, Jan 3, 2026 at 3:16 PM Naohiko Shimizu
> <naohiko.shimizu@...il.com> wrote:
>
> Please add a detailed commit description about why the
> new way of programming stimecmp is better. Also, explain
> what the current Priv spec says in this context.
>
> >
> > Signed-off-by: Naohiko Shimizu <naohiko.shimizu@...il.com>
> > ---
> >  drivers/clocksource/timer-riscv.c | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/clocksource/timer-riscv.c b/drivers/clocksource/timer-riscv.c
> > index 4d7cf338824a..cfc4d83c42c0 100644
> > --- a/drivers/clocksource/timer-riscv.c
> > +++ b/drivers/clocksource/timer-riscv.c
> > @@ -50,8 +50,9 @@ static int riscv_clock_next_event(unsigned long delta,
> >
> >         if (static_branch_likely(&riscv_sstc_available)) {
> >  #if defined(CONFIG_32BIT)
> > -               csr_write(CSR_STIMECMP, next_tval & 0xFFFFFFFF);
> > +               csr_write(CSR_STIMECMP, ULONG_MAX);
> >                 csr_write(CSR_STIMECMPH, next_tval >> 32);
> > +               csr_write(CSR_STIMECMP, next_tval & 0xFFFFFFFF);
> >  #else
> >                 csr_write(CSR_STIMECMP, next_tval);
> >  #endif
> > --
> > 2.39.5
> >
> >
>
> Regards,
> Anup

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ