3.0-stable patches

added patches:
	arm-7384-1-thumbee-disable-userspace-teehbr-access-for-config_arm_thumbee.patch

diff --git a/queue-3.0/arm-7384-1-thumbee-disable-userspace-teehbr-access-for-config_arm_thumbee.patch b/queue-3.0/arm-7384-1-thumbee-disable-userspace-teehbr-access-for-config_arm_thumbee.patch
new file mode 100644 (file)
index 0000000..3e564e0
--- /dev/null
+++ b/queue-3.0/arm-7384-1-thumbee-disable-userspace-teehbr-access-for-config_arm_thumbee.patch
@@ -0,0 +1,51 @@
+From 078c04545ba56da21567728a909a496df5ff730d Mon Sep 17 00:00:00 2001
+From: Jonathan Austin <Jonathan.Austin@arm.com>
+Date: Thu, 12 Apr 2012 17:45:25 +0100
+Subject: ARM: 7384/1: ThumbEE: Disable userspace TEEHBR access for !CONFIG_ARM_THUMBEE
+
+From: Jonathan Austin <Jonathan.Austin@arm.com>
+
+commit 078c04545ba56da21567728a909a496df5ff730d upstream.
+
+Currently when ThumbEE is not enabled (!CONFIG_ARM_THUMBEE) the ThumbEE
+register states are not saved/restored at context switch. The default state
+of the ThumbEE Ctrl register (TEECR) allows userspace accesses to the
+ThumbEE Base Handler register (TEEHBR). This can cause unexpected behaviour
+when people use ThumbEE on !CONFIG_ARM_THUMBEE kernels, as well as allowing
+covert communication - eg between userspace tasks running inside chroot
+jails.
+
+This patch sets up TEECR in order to prevent user-space access to TEEHBR
+when !CONFIG_ARM_THUMBEE. In this case, tasks are sent SIGILL if they try to
+access TEEHBR.
+
+Reviewed-by: Will Deacon <will.deacon@arm.com>
+Signed-off-by: Jonathan Austin <jonathan.austin@arm.com>
+Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/mm/proc-v7.S |   12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+--- a/arch/arm/mm/proc-v7.S
++++ b/arch/arm/mm/proc-v7.S
+@@ -372,6 +372,18 @@ __v7_setup:
+       mcr     p15, 0, r5, c10, c2, 0          @ write PRRR
+       mcr     p15, 0, r6, c10, c2, 1          @ write NMRR
+ #endif
++#ifndef CONFIG_ARM_THUMBEE
++      mrc     p15, 0, r0, c0, c1, 0           @ read ID_PFR0 for ThumbEE
++      and     r0, r0, #(0xf << 12)            @ ThumbEE enabled field
++      teq     r0, #(1 << 12)                  @ check if ThumbEE is present
++      bne     1f
++      mov     r5, #0
++      mcr     p14, 6, r5, c1, c0, 0           @ Initialize TEEHBR to 0
++      mrc     p14, 6, r0, c0, c0, 0           @ load TEECR
++      orr     r0, r0, #1                      @ set the 1st bit in order to
++      mcr     p14, 6, r0, c0, c0, 0           @ stop userspace TEEHBR access
++1:
++#endif
+       adr     r5, v7_crval
+       ldmia   r5, {r5, r6}
+ #ifdef CONFIG_CPU_ENDIAN_BE8

diff --git a/queue-3.0/series b/queue-3.0/series
index 2e785bc0ef766b0daf2bb5715abfddefbdf50b9c..f7d965faea100dc999203a2e7b04f62f8d8392f2 100644 (file)
--- a/queue-3.0/series
+++ b/queue-3.0/series
@@ -1,3 +1,4 @@
 drm-i915-ringbuffer-exclude-last-2-cachlines-of-ring-on-845g.patch
 drm-radeon-only-add-the-mm-i2c-bus-if-the-hw_i2c-module-param-is-set.patch
 rtlwifi-add-missing-dma-buffer-unmapping-for-pci-drivers.patch
+arm-7384-1-thumbee-disable-userspace-teehbr-access-for-config_arm_thumbee.patch