rwonce: fix crash by removing READ_ONCE() for unaligned read

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

When arm64 is built with LTO, it upgrades READ_ONCE() to ldar / ldapr
(load-acquire) to avoid issues that can be caused by the compiler
optimizing away implicit address dependencies.

Unlike plain loads, these load-acquire instructions actually require an
aligned address.

For now, fix it by removing the READ_ONCE() that the buggy commit
introduced.

Fixes: ece69af2ede1 ("rwonce: handle KCSAN like KASAN in read_word_at_a_time()")
Reported-by: Nathan Chancellor <nathan@kernel.org>
Closes: https://lore.kernel.org/r/20250326203926.GA10484@ax162
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>

authored by

Jann Horn and committed by

Arnd Bergmann 1 year ago 47a60391 ece69af2

+6 -1

1 changed file

expand all

include

asm-generic

rwonce.h

+6 -1

include/asm-generic/rwonce.h

··· 86 86 kasan_check_read(addr, 1); 87 87 kcsan_check_read(addr, 1); 88 88 89 - return READ_ONCE(*(unsigned long *)addr); 89 + /* 90 + * This load can race with concurrent stores to out-of-bounds memory, 91 + * but READ_ONCE() can't be used because it requires higher alignment 92 + * than plain loads in arm64 builds with LTO. 93 + */ 94 + return *(unsigned long *)addr; 90 95 } 91 96 92 97 #endif /* __ASSEMBLY__ */