armv8-m: userspace: some parts in userspace enter sequence need to be atomic #22720
Assignees
Labels
area: ARM
ARM (32-bit) Architecture
area: Memory Protection
area: Userspace
Userspace
bug
The issue is a bug, or the PR is fixing a bug
priority: medium
Medium impact/importance bug
Comments
ioannisg
added
bug
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
A part of the execution sequence in z_arm_userspace_enter needs to prevent Zephyr from swapping -out and -in the current thread. This is required when building with support for Built-in stack overflow protection (ARMv8-M only).
When entering user space, a thread performs the following sequential actions:
a. Clears PSPLIM register
b. Sets PSP (back) to the user thread stack
c. Modifies mode variable to indicate nPRIV mode
d. Sets CONTROL.nPRIV to 1.
A context-switch occurring before (c) will set PSPLIM to the bottom of the PRIV stack. If this occurs after (b) the result will be stack-overflow.
Expected behavior
We expect z_arm_userspace_enter to perform without kernel crashing.
Impact
Under certain (corner-case) conditions z_arm_userspace_enter might crash.
Additional context
We need to prevent the kernel from switching -out and -in the thread, while it performs the "critical" execution sequence listed above.
The text was updated successfully, but these errors were encountered: