From 1ee6c1f0d1f8ea735a6a4f566cc4aa04591502cf Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 19 Apr 2021 14:23:19 +0200
Subject: [PATCH] 4.4-stable patches

added patches:
	arm-9071-1-uprobes-don-t-hook-on-thumb-instructions.patch
---
 ...bes-don-t-hook-on-thumb-instructions.patch | 48 +++++++++++++++++++
 queue-4.4/series                              |  1 +
 2 files changed, 49 insertions(+)
 create mode 100644 queue-4.4/arm-9071-1-uprobes-don-t-hook-on-thumb-instructions.patch

diff --git a/queue-4.4/arm-9071-1-uprobes-don-t-hook-on-thumb-instructions.patch b/queue-4.4/arm-9071-1-uprobes-don-t-hook-on-thumb-instructions.patch
new file mode 100644
index 00000000000..32369fe6908
--- /dev/null
+++ b/queue-4.4/arm-9071-1-uprobes-don-t-hook-on-thumb-instructions.patch
@@ -0,0 +1,48 @@
+From d2f7eca60b29006285d57c7035539e33300e89e5 Mon Sep 17 00:00:00 2001
+From: Fredrik Strupe <fredrik@strupe.net>
+Date: Mon, 5 Apr 2021 21:52:05 +0100
+Subject: ARM: 9071/1: uprobes: Don't hook on thumb instructions
+
+From: Fredrik Strupe <fredrik@strupe.net>
+
+commit d2f7eca60b29006285d57c7035539e33300e89e5 upstream.
+
+Since uprobes is not supported for thumb, check that the thumb bit is
+not set when matching the uprobes instruction hooks.
+
+The Arm UDF instructions used for uprobes triggering
+(UPROBE_SWBP_ARM_INSN and UPROBE_SS_ARM_INSN) coincidentally share the
+same encoding as a pair of unallocated 32-bit thumb instructions (not
+UDF) when the condition code is 0b1111 (0xf). This in effect makes it
+possible to trigger the uprobes functionality from thumb, and at that
+using two unallocated instructions which are not permanently undefined.
+
+Signed-off-by: Fredrik Strupe <fredrik@strupe.net>
+Cc: stable@vger.kernel.org
+Fixes: c7edc9e326d5 ("ARM: add uprobes support")
+Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/arm/probes/uprobes/core.c |    4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/arch/arm/probes/uprobes/core.c
++++ b/arch/arm/probes/uprobes/core.c
+@@ -207,7 +207,7 @@ unsigned long uprobe_get_swbp_addr(struc
+ static struct undef_hook uprobes_arm_break_hook = {
+ 	.instr_mask	= 0x0fffffff,
+ 	.instr_val	= (UPROBE_SWBP_ARM_INSN & 0x0fffffff),
+-	.cpsr_mask	= MODE_MASK,
++	.cpsr_mask	= (PSR_T_BIT | MODE_MASK),
+ 	.cpsr_val	= USR_MODE,
+ 	.fn		= uprobe_trap_handler,
+ };
+@@ -215,7 +215,7 @@ static struct undef_hook uprobes_arm_bre
+ static struct undef_hook uprobes_arm_ss_hook = {
+ 	.instr_mask	= 0x0fffffff,
+ 	.instr_val	= (UPROBE_SS_ARM_INSN & 0x0fffffff),
+-	.cpsr_mask	= MODE_MASK,
++	.cpsr_mask	= (PSR_T_BIT | MODE_MASK),
+ 	.cpsr_val	= USR_MODE,
+ 	.fn		= uprobe_trap_handler,
+ };
diff --git a/queue-4.4/series b/queue-4.4/series
index ae142697d47..1ca4501df7f 100644
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -20,3 +20,4 @@ input-i8042-fix-pegatron-c15b-id-entry.patch
 scsi-libsas-reset-num_scatter-if-libata-marks-qc-as-nodata.patch
 net-davicom-fix-regulator-not-turned-off-on-failed-probe.patch
 i40e-fix-the-panic-when-running-bpf-in-xdpdrv-mode.patch
+arm-9071-1-uprobes-don-t-hook-on-thumb-instructions.patch
-- 
2.47.3