From: Greg Kroah-Hartman Date: Sat, 4 Jun 2016 17:06:25 +0000 (-0700) Subject: 3.14-stable patches X-Git-Tag: v3.14.72~31 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=96eaf19cfcaea47b367c7c29991e1a41ee773e97;p=thirdparty%2Fkernel%2Fstable-queue.git 3.14-stable patches added patches: mips-math-emu-fix-jalr-emulation-when-rd-0.patch --- diff --git a/queue-3.14/mips-math-emu-fix-jalr-emulation-when-rd-0.patch b/queue-3.14/mips-math-emu-fix-jalr-emulation-when-rd-0.patch new file mode 100644 index 00000000000..d5156b0d72f --- /dev/null +++ b/queue-3.14/mips-math-emu-fix-jalr-emulation-when-rd-0.patch @@ -0,0 +1,48 @@ +From ab4a92e66741b35ca12f8497896bafbe579c28a1 Mon Sep 17 00:00:00 2001 +From: Paul Burton +Date: Thu, 21 Apr 2016 14:04:55 +0100 +Subject: MIPS: math-emu: Fix jalr emulation when rd == $0 + +From: Paul Burton + +commit ab4a92e66741b35ca12f8497896bafbe579c28a1 upstream. + +When emulating a jalr instruction with rd == $0, the code in +isBranchInstr was incorrectly writing to GPR $0 which should actually +always remain zeroed. This would lead to any further instructions +emulated which use $0 operating on a bogus value until the task is next +context switched, at which point the value of $0 in the task context +would be restored to the correct zero by a store in SAVE_SOME. Fix this +by not writing to rd if it is $0. + +Fixes: 102cedc32a6e ("MIPS: microMIPS: Floating point support.") +Signed-off-by: Paul Burton +Cc: Maciej W. Rozycki +Cc: James Hogan +Cc: linux-mips@linux-mips.org +Cc: linux-kernel@vger.kernel.org +Patchwork: https://patchwork.linux-mips.org/patch/13160/ +Signed-off-by: Ralf Baechle +Signed-off-by: Greg Kroah-Hartman + +--- + arch/mips/math-emu/cp1emu.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +--- a/arch/mips/math-emu/cp1emu.c ++++ b/arch/mips/math-emu/cp1emu.c +@@ -676,9 +676,11 @@ static int isBranchInstr(struct pt_regs + case spec_op: + switch (insn.r_format.func) { + case jalr_op: +- regs->regs[insn.r_format.rd] = +- regs->cp0_epc + dec_insn.pc_inc + +- dec_insn.next_pc_inc; ++ if (insn.r_format.rd != 0) { ++ regs->regs[insn.r_format.rd] = ++ regs->cp0_epc + dec_insn.pc_inc + ++ dec_insn.next_pc_inc; ++ } + /* Fall through */ + case jr_op: + *contpc = regs->regs[insn.r_format.rs]; diff --git a/queue-3.14/series b/queue-3.14/series new file mode 100644 index 00000000000..d78fb401836 --- /dev/null +++ b/queue-3.14/series @@ -0,0 +1 @@ +mips-math-emu-fix-jalr-emulation-when-rd-0.patch diff --git a/queue-4.4/series b/queue-4.4/series new file mode 100644 index 00000000000..1eb08be7ffa --- /dev/null +++ b/queue-4.4/series @@ -0,0 +1,3 @@ +mips64-r6-r2-emulation-bugfix.patch +mips-math-emu-fix-jalr-emulation-when-rd-0.patch +mips-msa-fix-a-link-error-on-_init_msa_upper-with-older-gcc.patch diff --git a/queue-4.5/series b/queue-4.5/series new file mode 100644 index 00000000000..1eb08be7ffa --- /dev/null +++ b/queue-4.5/series @@ -0,0 +1,3 @@ +mips64-r6-r2-emulation-bugfix.patch +mips-math-emu-fix-jalr-emulation-when-rd-0.patch +mips-msa-fix-a-link-error-on-_init_msa_upper-with-older-gcc.patch diff --git a/queue-4.6/series b/queue-4.6/series new file mode 100644 index 00000000000..d9f287667c2 --- /dev/null +++ b/queue-4.6/series @@ -0,0 +1,4 @@ +f2fs-fix-deadlock-when-flush-inline-data.patch +mips64-r6-r2-emulation-bugfix.patch +mips-math-emu-fix-jalr-emulation-when-rd-0.patch +mips-msa-fix-a-link-error-on-_init_msa_upper-with-older-gcc.patch