From f9ff907b0af561dcde4683f7c9f71dc0f41d3be3 Mon Sep 17 00:00:00 2001 From: Rabin Vincent Date: Sat, 3 May 2014 18:19:17 +0100 Subject: ARM: 8048/1: fix v7-M setup stack location MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit __v7m_setup_stack currently sits in the .proc.info.init section, and thus creates a bogus proc info entry (which by the way matches any unknown CPU IDs, due to the entry's mask being 0). Move it out of there. Acked-by: Uwe Kleine-König Signed-off-by: Rabin Vincent Signed-off-by: Russell King --- arch/arm/mm/proc-v7m.S | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'arch/arm') diff --git a/arch/arm/mm/proc-v7m.S b/arch/arm/mm/proc-v7m.S index 0c93588fcb91..1ca37c72f12f 100644 --- a/arch/arm/mm/proc-v7m.S +++ b/arch/arm/mm/proc-v7m.S @@ -123,6 +123,11 @@ __v7m_setup: mov pc, lr ENDPROC(__v7m_setup) + .align 2 +__v7m_setup_stack: + .space 4 * 8 @ 8 registers +__v7m_setup_stack_top: + define_processor_functions v7m, dabort=nommu_early_abort, pabort=legacy_pabort, nommu=1 .section ".rodata" @@ -152,6 +157,3 @@ __v7m_proc_info: .long nop_cache_fns @ proc_info_list.cache .size __v7m_proc_info, . - __v7m_proc_info -__v7m_setup_stack: - .space 4 * 8 @ 8 registers -__v7m_setup_stack_top: -- cgit v1.2.3 From 537094b64b229bf3ad146042f83e74cf6abe59df Mon Sep 17 00:00:00 2001 From: Andrey Ryabinin Date: Wed, 7 May 2014 08:07:25 +0100 Subject: ARM: 8051/1: put_user: fix possible data corruption in put_user According to arm procedure call standart r2 register is call-cloberred. So after the result of x expression was put into r2 any following function call in p may overwrite r2. To fix this, the result of p expression must be saved to the temporary variable before the assigment x expression to __r2. Signed-off-by: Andrey Ryabinin Reviewed-by: Nicolas Pitre Cc: stable@vger.kernel.org Signed-off-by: Russell King --- arch/arm/include/asm/uaccess.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'arch/arm') diff --git a/arch/arm/include/asm/uaccess.h b/arch/arm/include/asm/uaccess.h index 12c3a5decc60..75d95799b6e6 100644 --- a/arch/arm/include/asm/uaccess.h +++ b/arch/arm/include/asm/uaccess.h @@ -171,8 +171,9 @@ extern int __put_user_8(void *, unsigned long long); #define __put_user_check(x,p) \ ({ \ unsigned long __limit = current_thread_info()->addr_limit - 1; \ + const typeof(*(p)) __user *__tmp_p = (p); \ register const typeof(*(p)) __r2 asm("r2") = (x); \ - register const typeof(*(p)) __user *__p asm("r0") = (p);\ + register const typeof(*(p)) __user *__p asm("r0") = __tmp_p; \ register unsigned long __l asm("r1") = __limit; \ register int __e asm("r0"); \ switch (sizeof(*(__p))) { \ -- cgit v1.2.3 From 8203d5b628907ae6141e4eb52f9b48e0f1f46cd2 Mon Sep 17 00:00:00 2001 From: Nikolay Borisov Date: Thu, 8 May 2014 15:54:26 +0100 Subject: ARM: 8052/1: unwind: Fix handling of "Pop r4-r[4+nnn],r14" opcode The arm EABI states that unwind opcode 10100nnn means pop register r4-4[4+nnn],aditionally there is a similar unwind opcode: 10101nnn which means the same thing plus popping r14. Those two cases are handled by the unwind_exec_pop_r4_to_rN function which checks whether the 4th bit is set and does r14 popping. However, up until now it has been checking whether the 8th bit was set (mask & 0x80) instead of the 4th (mask & 0x8), a simple to make typo but this meant that we were always popping r14 even if we had the former opcode. This patch changes the mask so that the 2 unwind opcodes are being handled correctly. Signed-off-by: Nikolay Borisov Reviewed-by: Anurag Aggarwal Signed-off-by: Russell King --- arch/arm/kernel/unwind.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'arch/arm') diff --git a/arch/arm/kernel/unwind.c b/arch/arm/kernel/unwind.c index 3c217694ebec..cb791ac6a003 100644 --- a/arch/arm/kernel/unwind.c +++ b/arch/arm/kernel/unwind.c @@ -285,7 +285,7 @@ static int unwind_exec_pop_r4_to_rN(struct unwind_ctrl_block *ctrl, if (unwind_pop_register(ctrl, &vsp, reg)) return -URC_FAILURE; - if (insn & 0x80) + if (insn & 0x8) if (unwind_pop_register(ctrl, &vsp, 14)) return -URC_FAILURE; -- cgit v1.2.3 From 483a6c9d447f625b991fa04a1530493d893984db Mon Sep 17 00:00:00 2001 From: Rabin Vincent Date: Sat, 24 May 2014 17:38:01 +0100 Subject: ARM: 8064/1: fix v7-M signal return MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit According to the ARM ARM, the behaviour is UNPREDICTABLE if the PC read from the exception return stack is not half word aligned. See the pseudo code for ExceptionReturn() and PopStack(). The signal handler's address has the bit 0 set, and setup_return() directly writes this to regs->ARM_pc. Current hardware happens to discard this bit, but QEMU's emulation doesn't and this makes processes crash. Mask out bit 0 before the exception return in order to get predictable behaviour. Fixes: 19c4d593f0b4 ("ARM: ARMv7-M: Add support for exception handling") Cc: stable@kernel.org Acked-by: Uwe Kleine-König Signed-off-by: Rabin Vincent Signed-off-by: Russell King --- arch/arm/kernel/entry-header.S | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'arch/arm') diff --git a/arch/arm/kernel/entry-header.S b/arch/arm/kernel/entry-header.S index 1420725142ca..efb208de75ec 100644 --- a/arch/arm/kernel/entry-header.S +++ b/arch/arm/kernel/entry-header.S @@ -132,6 +132,10 @@ orrne r5, V7M_xPSR_FRAMEPTRALIGN biceq r5, V7M_xPSR_FRAMEPTRALIGN + @ ensure bit 0 is cleared in the PC, otherwise behaviour is + @ unpredictable + bic r4, #1 + @ write basic exception frame stmdb r2!, {r1, r3-r5} ldmia sp, {r1, r3-r5} -- cgit v1.2.3 From 3f8517e7937d04ac7df9082c741fefc9c873065b Mon Sep 17 00:00:00 2001 From: Nicolas Pitre Date: Fri, 23 May 2014 22:31:44 +0100 Subject: ARM: 8063/1: bL_switcher: fix individual online status reporting of removed CPUs The content of /sys/devices/system/cpu/cpu*/online is still 1 for those CPUs that the switcher has removed even though the global state in /sys/devices/system/cpu/online is updated correctly. It turns out that commit 0902a9044f ("Driver core: Use generic offline/online for CPU offline/online") has changed the way those files retrieve their content by relying on on the generic attribute handling code. The switcher, by calling cpu_down() directly, bypasses this handling and the attribute value doesn't get updated. Fix this by calling device_offline()/device_online() instead. Signed-off-by: Nicolas Pitre Signed-off-by: Russell King --- arch/arm/common/bL_switcher.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'arch/arm') diff --git a/arch/arm/common/bL_switcher.c b/arch/arm/common/bL_switcher.c index f01c0ee0c87e..490f3dced749 100644 --- a/arch/arm/common/bL_switcher.c +++ b/arch/arm/common/bL_switcher.c @@ -433,8 +433,12 @@ static void bL_switcher_restore_cpus(void) { int i; - for_each_cpu(i, &bL_switcher_removed_logical_cpus) - cpu_up(i); + for_each_cpu(i, &bL_switcher_removed_logical_cpus) { + struct device *cpu_dev = get_cpu_device(i); + int ret = device_online(cpu_dev); + if (ret) + dev_err(cpu_dev, "switcher: unable to restore CPU\n"); + } } static int bL_switcher_halve_cpus(void) @@ -521,7 +525,7 @@ static int bL_switcher_halve_cpus(void) continue; } - ret = cpu_down(i); + ret = device_offline(get_cpu_device(i)); if (ret) { bL_switcher_restore_cpus(); return ret; -- cgit v1.2.3