--- /dev/null
+From db06068a4fd44a57b642b369d2a295b8448f6b65 Mon Sep 17 00:00:00 2001
+From: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
+Date: Thu, 22 Sep 2016 15:38:31 +0200
+Subject: MIPS: fix uretprobe implementation
+
+From: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
+
+commit db06068a4fd44a57b642b369d2a295b8448f6b65 upstream.
+
+arch_uretprobe_hijack_return_addr should replace the return address for
+a call with a trampoline address.
+
+Signed-off-by: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
+Fixes: 40e084a506eb ('MIPS: Add uprobes support.')
+Cc: linux-mips@linux-mips.org
+Patchwork: https://patchwork.linux-mips.org/patch/14298/
+Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/mips/kernel/uprobes.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/mips/kernel/uprobes.c
++++ b/arch/mips/kernel/uprobes.c
+@@ -257,7 +257,7 @@ unsigned long arch_uretprobe_hijack_retu
+ ra = regs->regs[31];
+
+ /* Replace the return address with the trampoline address */
+- regs->regs[31] = ra;
++ regs->regs[31] = trampoline_vaddr;
+
+ return ra;
+ }
--- /dev/null
+From 305723ab439e14debc1d339aa04e835d488b8253 Mon Sep 17 00:00:00 2001
+From: Paul Burton <paul.burton@imgtec.com>
+Date: Fri, 2 Sep 2016 16:07:10 +0100
+Subject: MIPS: Malta: Fix IOCU disable switch read for MIPS64
+
+From: Paul Burton <paul.burton@imgtec.com>
+
+commit 305723ab439e14debc1d339aa04e835d488b8253 upstream.
+
+Malta boards used with CPU emulators feature a switch to disable use of
+an IOCU. Software has to check this switch & ignore any present IOCU if
+the switch is closed. The read used to do this was unsafe for 64 bit
+kernels, as it simply casted the address 0xbf403000 to a pointer &
+dereferenced it. Whilst in a 32 bit kernel this would access kseg1, in a
+64 bit kernel this attempts to access xuseg & results in an address
+error exception.
+
+Fix by accessing a correctly formed ckseg1 address generated using the
+CKSEG1ADDR macro.
+
+Whilst modifying this code, define the name of the register and the bit
+we care about within it, which indicates whether PCI DMA is routed to
+the IOCU or straight to DRAM. The code previously checked that bit 0 was
+also set, but the least significant 7 bits of the CONFIG_GEN0 register
+contain the value of the MReqInfo signal provided to the IOCU OCP bus,
+so singling out bit 0 makes little sense & that part of the check is
+dropped.
+
+Signed-off-by: Paul Burton <paul.burton@imgtec.com>
+Fixes: b6d92b4a6bdb ("MIPS: Add option to disable software I/O coherency.")
+Cc: Matt Redfearn <matt.redfearn@imgtec.com>
+Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
+Cc: Kees Cook <keescook@chromium.org>
+Cc: linux-mips@linux-mips.org
+Cc: linux-kernel@vger.kernel.org
+Patchwork: https://patchwork.linux-mips.org/patch/14187/
+Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/mips/mti-malta/malta-setup.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+--- a/arch/mips/mti-malta/malta-setup.c
++++ b/arch/mips/mti-malta/malta-setup.c
+@@ -39,6 +39,9 @@
+ #include <linux/console.h>
+ #endif
+
++#define ROCIT_CONFIG_GEN0 0x1f403000
++#define ROCIT_CONFIG_GEN0_PCI_IOCU BIT(7)
++
+ extern void malta_be_init(void);
+ extern int malta_be_handler(struct pt_regs *regs, int is_fixup);
+
+@@ -107,6 +110,8 @@ static void __init fd_activate(void)
+ static int __init plat_enable_iocoherency(void)
+ {
+ int supported = 0;
++ u32 cfg;
++
+ if (mips_revision_sconid == MIPS_REVISION_SCON_BONITO) {
+ if (BONITO_PCICACHECTRL & BONITO_PCICACHECTRL_CPUCOH_PRES) {
+ BONITO_PCICACHECTRL |= BONITO_PCICACHECTRL_CPUCOH_EN;
+@@ -129,7 +134,8 @@ static int __init plat_enable_iocoherenc
+ } else if (mips_cm_numiocu() != 0) {
+ /* Nothing special needs to be done to enable coherency */
+ pr_info("CMP IOCU detected\n");
+- if ((*(unsigned int *)0xbf403000 & 0x81) != 0x81) {
++ cfg = __raw_readl((u32 *)CKSEG1ADDR(ROCIT_CONFIG_GEN0));
++ if (!(cfg & ROCIT_CONFIG_GEN0_PCI_IOCU)) {
+ pr_crit("IOCU OPERATION DISABLED BY SWITCH - DEFAULTING TO SW IO COHERENCY\n");
+ return 0;
+ }
--- /dev/null
+From ca86c9ef2b322ebf24772009fdea037688cbdac1 Mon Sep 17 00:00:00 2001
+From: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
+Date: Thu, 22 Sep 2016 15:38:33 +0200
+Subject: MIPS: uprobes: fix use of uninitialised variable
+
+From: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
+
+commit ca86c9ef2b322ebf24772009fdea037688cbdac1 upstream.
+
+arch_uprobe_pre_xol needs to emulate a branch if a branch instruction
+has been replaced with a breakpoint, but in fact an uninitialised local
+variable was passed to the emulator routine instead of the original
+instruction
+
+Signed-off-by: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
+Fixes: 40e084a506eb ('MIPS: Add uprobes support.')
+Cc: linux-mips@linux-mips.org
+Patchwork: https://patchwork.linux-mips.org/patch/14300/
+Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/mips/kernel/uprobes.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+--- a/arch/mips/kernel/uprobes.c
++++ b/arch/mips/kernel/uprobes.c
+@@ -157,7 +157,6 @@ bool is_trap_insn(uprobe_opcode_t *insn)
+ int arch_uprobe_pre_xol(struct arch_uprobe *aup, struct pt_regs *regs)
+ {
+ struct uprobe_task *utask = current->utask;
+- union mips_instruction insn;
+
+ /*
+ * Now find the EPC where to resume after the breakpoint has been
+@@ -168,10 +167,10 @@ int arch_uprobe_pre_xol(struct arch_upro
+ unsigned long epc;
+
+ epc = regs->cp0_epc;
+- __compute_return_epc_for_insn(regs, insn);
++ __compute_return_epc_for_insn(regs,
++ (union mips_instruction) aup->insn[0]);
+ aup->resume_epc = regs->cp0_epc;
+ }
+-
+ utask->autask.saved_trap_nr = current->thread.trap_nr;
+ current->thread.trap_nr = UPROBE_TRAP_NR;
+ regs->cp0_epc = current->utask->xol_vaddr;
--- /dev/null
+From ddabfa5c2e33f1b495f3e0176de7057850915c0b Mon Sep 17 00:00:00 2001
+From: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
+Date: Thu, 22 Sep 2016 15:38:32 +0200
+Subject: MIPS: uprobes: remove incorrect set_orig_insn
+
+From: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
+
+commit ddabfa5c2e33f1b495f3e0176de7057850915c0b upstream.
+
+Generic kernel code implements a weak version of set_orig_insn that
+moves cached 'insn' from arch_uprobe to the original code location when
+the trap is removed.
+MIPS variant used arch_uprobe->orig_inst which was never initialised
+properly, so this code only inserted a nop instead of the original
+instruction. With that change orig_inst can also be safely removed.
+
+Signed-off-by: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
+Fixes: 40e084a506eb ('MIPS: Add uprobes support.')
+Cc: linux-mips@linux-mips.org
+Patchwork: https://patchwork.linux-mips.org/patch/14299/
+Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/mips/include/asm/uprobes.h | 1 -
+ arch/mips/kernel/uprobes.c | 18 ------------------
+ 2 files changed, 19 deletions(-)
+
+--- a/arch/mips/include/asm/uprobes.h
++++ b/arch/mips/include/asm/uprobes.h
+@@ -36,7 +36,6 @@ struct arch_uprobe {
+ unsigned long resume_epc;
+ u32 insn[2];
+ u32 ixol[2];
+- union mips_instruction orig_inst[MAX_UINSN_BYTES / 4];
+ };
+
+ struct arch_uprobe_task {
+--- a/arch/mips/kernel/uprobes.c
++++ b/arch/mips/kernel/uprobes.c
+@@ -280,24 +280,6 @@ int __weak set_swbp(struct arch_uprobe *
+ return uprobe_write_opcode(mm, vaddr, UPROBE_SWBP_INSN);
+ }
+
+-/**
+- * set_orig_insn - Restore the original instruction.
+- * @mm: the probed process address space.
+- * @auprobe: arch specific probepoint information.
+- * @vaddr: the virtual address to insert the opcode.
+- *
+- * For mm @mm, restore the original opcode (opcode) at @vaddr.
+- * Return 0 (success) or a negative errno.
+- *
+- * This overrides the weak version in kernel/events/uprobes.c.
+- */
+-int set_orig_insn(struct arch_uprobe *auprobe, struct mm_struct *mm,
+- unsigned long vaddr)
+-{
+- return uprobe_write_opcode(mm, vaddr,
+- *(uprobe_opcode_t *)&auprobe->orig_inst[0].word);
+-}
+-
+ void __weak arch_uprobe_copy_ixol(struct page *page, unsigned long vaddr,
+ void *src, unsigned long len)
+ {
irqchip-gicv3-silence-noisy-debug_per_cpu_maps-warning.patch
arm-8618-1-decompressor-reset-ttbcr-fields-to-use-ttbr0-on-armv7.patch
arm64-debug-avoid-resetting-stepping-state-machine-when-tif_singlestep.patch
+mips-uprobes-remove-incorrect-set_orig_insn.patch
+mips-fix-uretprobe-implementation.patch
+mips-malta-fix-iocu-disable-switch-read-for-mips64.patch
+mips-uprobes-fix-use-of-uninitialised-variable.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
