From: Greg Kroah-Hartman Date: Tue, 18 Nov 2014 19:21:15 +0000 (-0800) Subject: 3.14-stable patches X-Git-Tag: v3.10.61~35 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=17a28294d1fa6a8fa8c9cf994845a397acdc5dff;p=thirdparty%2Fkernel%2Fstable-queue.git 3.14-stable patches added patches: arm-8191-1-decompressor-ensure-i-side-picks-up-relocated-code.patch arm-8198-1-make-kuser-helpers-depend-on-mmu.patch pinctrl-dra-dt-bindings-fix-output-pull-up-down.patch --- diff --git a/queue-3.14/arm-8191-1-decompressor-ensure-i-side-picks-up-relocated-code.patch b/queue-3.14/arm-8191-1-decompressor-ensure-i-side-picks-up-relocated-code.patch new file mode 100644 index 00000000000..f0d0d6c47c9 --- /dev/null +++ b/queue-3.14/arm-8191-1-decompressor-ensure-i-side-picks-up-relocated-code.patch @@ -0,0 +1,110 @@ +From 238962ac71910d6c20162ea5230685fead1836a4 Mon Sep 17 00:00:00 2001 +From: Will Deacon +Date: Tue, 4 Nov 2014 11:40:46 +0100 +Subject: ARM: 8191/1: decompressor: ensure I-side picks up relocated code + +From: Will Deacon + +commit 238962ac71910d6c20162ea5230685fead1836a4 upstream. + +To speed up decompression, the decompressor sets up a flat, cacheable +mapping of memory. However, when there is insufficient space to hold +the page tables for this mapping, we don't bother to enable the caches +and subsequently skip all the cache maintenance hooks. + +Skipping the cache maintenance before jumping to the relocated code +allows the processor to predict the branch and populate the I-cache +with stale data before the relocation loop has completed (since a +bootloader may have SCTLR.I set, which permits normal, cacheable +instruction fetches regardless of SCTLR.M). + +This patch moves the cache maintenance check into the maintenance +routines themselves, allowing the v6/v7 versions to invalidate the +I-cache regardless of the MMU state. + +Reported-by: Marc Carino +Tested-by: Julien Grall +Signed-off-by: Will Deacon +Signed-off-by: Russell King +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/boot/compressed/head.S | 20 ++++++++++++++++---- + 1 file changed, 16 insertions(+), 4 deletions(-) + +--- a/arch/arm/boot/compressed/head.S ++++ b/arch/arm/boot/compressed/head.S +@@ -400,8 +400,7 @@ dtb_check_done: + add sp, sp, r6 + #endif + +- tst r4, #1 +- bleq cache_clean_flush ++ bl cache_clean_flush + + adr r0, BSYM(restart) + add r0, r0, r6 +@@ -1050,6 +1049,8 @@ cache_clean_flush: + b call_cache_fn + + __armv4_mpu_cache_flush: ++ tst r4, #1 ++ movne pc, lr + mov r2, #1 + mov r3, #0 + mcr p15, 0, ip, c7, c6, 0 @ invalidate D cache +@@ -1067,6 +1068,8 @@ __armv4_mpu_cache_flush: + mov pc, lr + + __fa526_cache_flush: ++ tst r4, #1 ++ movne pc, lr + mov r1, #0 + mcr p15, 0, r1, c7, c14, 0 @ clean and invalidate D cache + mcr p15, 0, r1, c7, c5, 0 @ flush I cache +@@ -1075,13 +1078,16 @@ __fa526_cache_flush: + + __armv6_mmu_cache_flush: + mov r1, #0 +- mcr p15, 0, r1, c7, c14, 0 @ clean+invalidate D ++ tst r4, #1 ++ mcreq p15, 0, r1, c7, c14, 0 @ clean+invalidate D + mcr p15, 0, r1, c7, c5, 0 @ invalidate I+BTB +- mcr p15, 0, r1, c7, c15, 0 @ clean+invalidate unified ++ mcreq p15, 0, r1, c7, c15, 0 @ clean+invalidate unified + mcr p15, 0, r1, c7, c10, 4 @ drain WB + mov pc, lr + + __armv7_mmu_cache_flush: ++ tst r4, #1 ++ bne iflush + mrc p15, 0, r10, c0, c1, 5 @ read ID_MMFR1 + tst r10, #0xf << 16 @ hierarchical cache (ARMv7) + mov r10, #0 +@@ -1142,6 +1148,8 @@ iflush: + mov pc, lr + + __armv5tej_mmu_cache_flush: ++ tst r4, #1 ++ movne pc, lr + 1: mrc p15, 0, r15, c7, c14, 3 @ test,clean,invalidate D cache + bne 1b + mcr p15, 0, r0, c7, c5, 0 @ flush I cache +@@ -1149,6 +1157,8 @@ __armv5tej_mmu_cache_flush: + mov pc, lr + + __armv4_mmu_cache_flush: ++ tst r4, #1 ++ movne pc, lr + mov r2, #64*1024 @ default: 32K dcache size (*2) + mov r11, #32 @ default: 32 byte line size + mrc p15, 0, r3, c0, c0, 1 @ read cache type +@@ -1182,6 +1192,8 @@ no_cache_id: + + __armv3_mmu_cache_flush: + __armv3_mpu_cache_flush: ++ tst r4, #1 ++ movne pc, lr + mov r1, #0 + mcr p15, 0, r1, c7, c0, 0 @ invalidate whole cache v3 + mov pc, lr diff --git a/queue-3.14/arm-8198-1-make-kuser-helpers-depend-on-mmu.patch b/queue-3.14/arm-8198-1-make-kuser-helpers-depend-on-mmu.patch new file mode 100644 index 00000000000..48a44eb57e6 --- /dev/null +++ b/queue-3.14/arm-8198-1-make-kuser-helpers-depend-on-mmu.patch @@ -0,0 +1,64 @@ +From 08b964ff3c51b10aaf2e6ba639f40054c09f0f7a Mon Sep 17 00:00:00 2001 +From: Nathan Lynch +Date: Mon, 10 Nov 2014 23:46:27 +0100 +Subject: ARM: 8198/1: make kuser helpers depend on MMU +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Nathan Lynch + +commit 08b964ff3c51b10aaf2e6ba639f40054c09f0f7a upstream. + +The kuser helpers page is not set up on non-MMU systems, so it does +not make sense to allow CONFIG_KUSER_HELPERS to be enabled when +CONFIG_MMU=n. Allowing it to be set on !MMU results in an oops in +set_tls (used in execve and the arm_syscall trap handler): + +Unhandled exception: IPSR = 00000005 LR = fffffff1 +CPU: 0 PID: 1 Comm: swapper Not tainted 3.18.0-rc1-00041-ga30465a #216 +task: 8b838000 ti: 8b82a000 task.ti: 8b82a000 +PC is at flush_thread+0x32/0x40 +LR is at flush_thread+0x21/0x40 +pc : [<8f00157a>] lr : [<8f001569>] psr: 4100000b +sp : 8b82be20 ip : 00000000 fp : 8b83c000 +r10: 00000001 r9 : 88018c84 r8 : 8bb85000 +r7 : 8b838000 r6 : 00000000 r5 : 8bb77400 r4 : 8b82a000 +r3 : ffff0ff0 r2 : 8b82a000 r1 : 00000000 r0 : 88020354 +xPSR: 4100000b +CPU: 0 PID: 1 Comm: swapper Not tainted 3.18.0-rc1-00041-ga30465a #216 +[<8f002bc1>] (unwind_backtrace) from [<8f002033>] (show_stack+0xb/0xc) +[<8f002033>] (show_stack) from [<8f00265b>] (__invalid_entry+0x4b/0x4c) + +As best I can tell this issue existed for the set_tls ARM syscall +before commit fbfb872f5f41 "ARM: 8148/1: flush TLS and thumbee +register state during exec" consolidated the TLS manipulation code +into the set_tls helper function, but now that we're using it to flush +register state during execve, !MMU users encounter the oops at the +first exec. + +Prevent CONFIG_MMU=n configurations from enabling +CONFIG_KUSER_HELPERS. + +Fixes: fbfb872f5f41 (ARM: 8148/1: flush TLS and thumbee register state during exec) + +Signed-off-by: Nathan Lynch +Reported-by: Stefan Agner +Acked-by: Uwe Kleine-König +Signed-off-by: Russell King +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/mm/Kconfig | 1 + + 1 file changed, 1 insertion(+) + +--- a/arch/arm/mm/Kconfig ++++ b/arch/arm/mm/Kconfig +@@ -798,6 +798,7 @@ config NEED_KUSER_HELPERS + + config KUSER_HELPERS + bool "Enable kuser helpers in vector page" if !NEED_KUSER_HELPERS ++ depends on MMU + default y + help + Warning: disabling this option may break user programs. diff --git a/queue-3.14/pinctrl-dra-dt-bindings-fix-output-pull-up-down.patch b/queue-3.14/pinctrl-dra-dt-bindings-fix-output-pull-up-down.patch new file mode 100644 index 00000000000..ff8c94c3392 --- /dev/null +++ b/queue-3.14/pinctrl-dra-dt-bindings-fix-output-pull-up-down.patch @@ -0,0 +1,39 @@ +From 73b3a6657a88ef5348a0d69c9a8107d6f01ae862 Mon Sep 17 00:00:00 2001 +From: Roger Quadros +Date: Mon, 3 Nov 2014 12:09:52 +0200 +Subject: pinctrl: dra: dt-bindings: Fix output pull up/down + +From: Roger Quadros + +commit 73b3a6657a88ef5348a0d69c9a8107d6f01ae862 upstream. + +For PIN_OUTPUT_PULLUP and PIN_OUTPUT_PULLDOWN we must not set the +PULL_DIS bit which disables the PULLs. + +PULL_ENA is a 0 and using it in an OR operation is a NOP, so don't +use it in the PIN_OUTPUT_PULLUP/DOWN macros. + +Fixes: 23d9cec07c58 ("pinctrl: dra: dt-bindings: Fix pull enable/disable") + +Signed-off-by: Roger Quadros +Acked-by: Nishanth Menon +Signed-off-by: Tony Lindgren +Signed-off-by: Greg Kroah-Hartman + +--- + include/dt-bindings/pinctrl/dra.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/include/dt-bindings/pinctrl/dra.h ++++ b/include/dt-bindings/pinctrl/dra.h +@@ -40,8 +40,8 @@ + + /* Active pin states */ + #define PIN_OUTPUT (0 | PULL_DIS) +-#define PIN_OUTPUT_PULLUP (PIN_OUTPUT | PULL_ENA | PULL_UP) +-#define PIN_OUTPUT_PULLDOWN (PIN_OUTPUT | PULL_ENA) ++#define PIN_OUTPUT_PULLUP (PULL_UP) ++#define PIN_OUTPUT_PULLDOWN (0) + #define PIN_INPUT (INPUT_EN | PULL_DIS) + #define PIN_INPUT_SLEW (INPUT_EN | SLEWCONTROL) + #define PIN_INPUT_PULLUP (PULL_ENA | INPUT_EN | PULL_UP) diff --git a/queue-3.14/series b/queue-3.14/series index eb779368682..53521802c7e 100644 --- a/queue-3.14/series +++ b/queue-3.14/series @@ -38,3 +38,6 @@ mac80211-fix-use-after-free-in-defragmentation.patch drm-radeon-set-correct-ce-ram-size-for-cik.patch drm-radeon-make-sure-mode-init-is-complete-in-bandwidth_update.patch drm-radeon-add-missing-crtc-unlock-when-setting-up-the-mc.patch +arm-8198-1-make-kuser-helpers-depend-on-mmu.patch +arm-8191-1-decompressor-ensure-i-side-picks-up-relocated-code.patch +pinctrl-dra-dt-bindings-fix-output-pull-up-down.patch