[thirdparty/kernel/stable-queue.git] / releases / 3.10.56 / arm-8165-1-alignment-don-t-break-misaligned-neon-load-store.patch

From 5ca918e5e3f9df4634077c06585c42bc6a8d699a Mon Sep 17 00:00:00 2001
From: Robin Murphy <robin.murphy@arm.com>
Date: Thu, 25 Sep 2014 11:56:19 +0100
Subject: ARM: 8165/1: alignment: don't break misaligned NEON load/store

From: Robin Murphy <robin.murphy@arm.com>

commit 5ca918e5e3f9df4634077c06585c42bc6a8d699a upstream.

The alignment fixup incorrectly decodes faulting ARM VLDn/VSTn
instructions (where the optional alignment hint is given but incorrect)
as LDR/STR, leading to register corruption. Detect these and correctly
treat them as unhandled, so that userspace gets the fault it expects.

Reported-by: Simon Hosie <simon.hosie@arm.com>
Signed-off-by: Robin Murphy <robin.murphy@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 arch/arm/mm/alignment.c |    3 +++
 1 file changed, 3 insertions(+)

--- a/arch/arm/mm/alignment.c
+++ b/arch/arm/mm/alignment.c
@@ -39,6 +39,7 @@
  * This code is not portable to processors with late data abort handling.
  */
 #define CODING_BITS(i)	(i & 0x0e000000)
+#define COND_BITS(i)	(i & 0xf0000000)
 
 #define LDST_I_BIT(i)	(i & (1 << 26))		/* Immediate constant	*/
 #define LDST_P_BIT(i)	(i & (1 << 24))		/* Preindex		*/
@@ -812,6 +813,8 @@ do_alignment(unsigned long addr, unsigne
 		break;
 
 	case 0x04000000:	/* ldr or str immediate */
+		if (COND_BITS(instr) == 0xf0000000) /* NEON VLDn, VSTn */
+			goto bad;
 		offset.un = OFFSET_BITS(instr);
 		handler = do_alignment_ldrstr;
 		break;
Commit	Line	Data
256d7bf6 GKH	1	From 5ca918e5e3f9df4634077c06585c42bc6a8d699a Mon Sep 17 00:00:00 2001
	2	From: Robin Murphy <robin.murphy@arm.com>
	3	Date: Thu, 25 Sep 2014 11:56:19 +0100
	4	Subject: ARM: 8165/1: alignment: don't break misaligned NEON load/store
	5
	6	From: Robin Murphy <robin.murphy@arm.com>
	7
	8	commit 5ca918e5e3f9df4634077c06585c42bc6a8d699a upstream.
	9
	10	The alignment fixup incorrectly decodes faulting ARM VLDn/VSTn
	11	instructions (where the optional alignment hint is given but incorrect)
	12	as LDR/STR, leading to register corruption. Detect these and correctly
	13	treat them as unhandled, so that userspace gets the fault it expects.
	14
	15	Reported-by: Simon Hosie <simon.hosie@arm.com>
	16	Signed-off-by: Robin Murphy <robin.murphy@arm.com>
	17	Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
	18	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	19
	20	---
	21	arch/arm/mm/alignment.c \| 3 +++
	22	1 file changed, 3 insertions(+)
	23
	24	--- a/arch/arm/mm/alignment.c
	25	+++ b/arch/arm/mm/alignment.c
	26	@@ -39,6 +39,7 @@
	27	* This code is not portable to processors with late data abort handling.
	28	*/
	29	#define CODING_BITS(i) (i & 0x0e000000)
	30	+#define COND_BITS(i) (i & 0xf0000000)
	31
	32	#define LDST_I_BIT(i) (i & (1 << 26)) /* Immediate constant */
	33	#define LDST_P_BIT(i) (i & (1 << 24)) /* Preindex */
	34	@@ -812,6 +813,8 @@ do_alignment(unsigned long addr, unsigne
	35	break;
	36
	37	case 0x04000000: /* ldr or str immediate */
	38	+ if (COND_BITS(instr) == 0xf0000000) /* NEON VLDn, VSTn */
	39	+ goto bad;
	40	offset.un = OFFSET_BITS(instr);
	41	handler = do_alignment_ldrstr;
	42	break;