[thirdparty/kernel/stable-queue.git] / releases / 4.4.45 / arm-8613-1-fix-the-uaccess-crash-on-pb11mpcore.patch

From 90f92c631b210c1e97080b53a9d863783281a932 Mon Sep 17 00:00:00 2001
From: Linus Walleij <linus.walleij@linaro.org>
Date: Tue, 13 Sep 2016 12:31:17 +0100
Subject: ARM: 8613/1: Fix the uaccess crash on PB11MPCore

From: Linus Walleij <linus.walleij@linaro.org>

commit 90f92c631b210c1e97080b53a9d863783281a932 upstream.

The following patch was sketched by Russell in response to my
crashes on the PB11MPCore after the patch for software-based
priviledged no access support for ARMv8.1. See this thread:
http://marc.info/?l=linux-arm-kernel&m=144051749807214&w=2

I am unsure what is going on, I suspect everyone involved in
the discussion is. I just want to repost this to get the
discussion restarted, as I still have to apply this patch
with every kernel iteration to get my PB11MPCore Realview
running.

Testing by Neil Armstrong on the Oxnas NAS has revealed that
this bug exist also on that widely deployed hardware, so
we are probably currently regressing all ARM11MPCore systems.

Cc: Russell King <linux@armlinux.org.uk>
Cc: Will Deacon <will.deacon@arm.com>
Fixes: a5e090acbf54 ("ARM: software-based priviledged-no-access support")
Tested-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 arch/arm/kernel/smp_tlb.c |    7 +++++++
 1 file changed, 7 insertions(+)

--- a/arch/arm/kernel/smp_tlb.c
+++ b/arch/arm/kernel/smp_tlb.c
@@ -9,6 +9,7 @@
  */
 #include <linux/preempt.h>
 #include <linux/smp.h>
+#include <linux/uaccess.h>
 
 #include <asm/smp_plat.h>
 #include <asm/tlbflush.h>
@@ -40,8 +41,11 @@ static inline void ipi_flush_tlb_mm(void
 static inline void ipi_flush_tlb_page(void *arg)
 {
 	struct tlb_args *ta = (struct tlb_args *)arg;
+	unsigned int __ua_flags = uaccess_save_and_enable();
 
 	local_flush_tlb_page(ta->ta_vma, ta->ta_start);
+
+	uaccess_restore(__ua_flags);
 }
 
 static inline void ipi_flush_tlb_kernel_page(void *arg)
@@ -54,8 +58,11 @@ static inline void ipi_flush_tlb_kernel_
 static inline void ipi_flush_tlb_range(void *arg)
 {
 	struct tlb_args *ta = (struct tlb_args *)arg;
+	unsigned int __ua_flags = uaccess_save_and_enable();
 
 	local_flush_tlb_range(ta->ta_vma, ta->ta_start, ta->ta_end);
+
+	uaccess_restore(__ua_flags);
 }
 
 static inline void ipi_flush_tlb_kernel_range(void *arg)
Commit	Line	Data
0cd91647 GKH	1	From 90f92c631b210c1e97080b53a9d863783281a932 Mon Sep 17 00:00:00 2001
	2	From: Linus Walleij <linus.walleij@linaro.org>
	3	Date: Tue, 13 Sep 2016 12:31:17 +0100
	4	Subject: ARM: 8613/1: Fix the uaccess crash on PB11MPCore
	5
	6	From: Linus Walleij <linus.walleij@linaro.org>
	7
	8	commit 90f92c631b210c1e97080b53a9d863783281a932 upstream.
	9
	10	The following patch was sketched by Russell in response to my
	11	crashes on the PB11MPCore after the patch for software-based
	12	priviledged no access support for ARMv8.1. See this thread:
	13	http://marc.info/?l=linux-arm-kernel&m=144051749807214&w=2
	14
	15	I am unsure what is going on, I suspect everyone involved in
	16	the discussion is. I just want to repost this to get the
	17	discussion restarted, as I still have to apply this patch
	18	with every kernel iteration to get my PB11MPCore Realview
	19	running.
	20
	21	Testing by Neil Armstrong on the Oxnas NAS has revealed that
	22	this bug exist also on that widely deployed hardware, so
	23	we are probably currently regressing all ARM11MPCore systems.
	24
	25	Cc: Russell King <linux@armlinux.org.uk>
	26	Cc: Will Deacon <will.deacon@arm.com>
	27	Fixes: a5e090acbf54 ("ARM: software-based priviledged-no-access support")
	28	Tested-by: Neil Armstrong <narmstrong@baylibre.com>
	29	Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
	30	Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
	31	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	32
	33	---
	34	arch/arm/kernel/smp_tlb.c \| 7 +++++++
	35	1 file changed, 7 insertions(+)
	36
	37	--- a/arch/arm/kernel/smp_tlb.c
	38	+++ b/arch/arm/kernel/smp_tlb.c
	39	@@ -9,6 +9,7 @@
	40	*/
	41	#include <linux/preempt.h>
	42	#include <linux/smp.h>
	43	+#include <linux/uaccess.h>
	44
	45	#include <asm/smp_plat.h>
	46	#include <asm/tlbflush.h>
	47	@@ -40,8 +41,11 @@ static inline void ipi_flush_tlb_mm(void
	48	static inline void ipi_flush_tlb_page(void *arg)
	49	{
	50	struct tlb_args ta = (struct tlb_args )arg;
	51	+ unsigned int __ua_flags = uaccess_save_and_enable();
	52
	53	local_flush_tlb_page(ta->ta_vma, ta->ta_start);
	54	+
	55	+ uaccess_restore(__ua_flags);
	56	}
	57
	58	static inline void ipi_flush_tlb_kernel_page(void *arg)
	59	@@ -54,8 +58,11 @@ static inline void ipi_flush_tlb_kernel_
	60	static inline void ipi_flush_tlb_range(void *arg)
	61	{
	62	struct tlb_args ta = (struct tlb_args )arg;
	63	+ unsigned int __ua_flags = uaccess_save_and_enable();
	64
65	local_flush_tlb_range(ta->ta_vma, ta->ta_start, ta->ta_end);
66	+
67	+ uaccess_restore(__ua_flags);
68	}
69
70	static inline void ipi_flush_tlb_kernel_range(void *arg)