OpenCloudOS-Kernel/arch/arm/mm
Will Deacon 8e64806672 ARM: 8299/1: mm: ensure local active ASID is marked as allocated on rollover
Commit e1a5848e33 ("ARM: 7924/1: mm: don't bother with reserved ttbr0
when running with LPAE") removed the use of the reserved TTBR0 value
for LPAE systems, since the ASID is held in the TTBR and can be updated
atomicly with the pgd of the next mm.

Unfortunately, this patch forgot to update flush_context, which
deliberately avoids marking the local active ASID as allocated, since we
used to switch via ASID zero and didn't need to allocate the ASID of
the previous mm. The side-effect of this is that we can allocate the
same ASID to the next mm and, between flushing the local TLB and updating
TTBR0, we can perform speculative TLB fills for userspace nG mappings
using the page table of the previous mm.

The consequence of this is that the next mm can erroneously hit some
mappings of the previous mm. Note that this was made significantly
harder to hit by a391263cd8 ("ARM: 8203/1: mm: try to re-use old ASID
assignments following a rollover") but is still theoretically possible.

This patch fixes the problem by removing the code from flush_context
that forces the allocated ASID to zero for the local CPU. Many thanks
to the Broadcom guys for tracking this one down.

Fixes: e1a5848e33 ("ARM: 7924/1: mm: don't bother with reserved ttbr0 when running with LPAE")

Cc: <stable@vger.kernel.org> # v3.14+
Reported-by: Raymond Ngun <rngun@broadcom.com>
Tested-by: Raymond Ngun <rngun@broadcom.com>
Reviewed-by: Gregory Fong <gregory.0xf0@gmail.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2015-02-03 12:57:33 +00:00
..
Kconfig ARM: 8298/1: ARM_KERNMEM_PERMS only works with MMU enabled 2015-01-29 15:23:31 +00:00
Makefile ARM: 8238/1: mm: Refine set_memory_* functions 2014-12-03 16:00:05 +00:00
abort-ev4.S ARM: entry: data abort: tail-call the main data abort handler 2011-07-02 10:56:11 +01:00
abort-ev4t.S ARM: entry: data abort: tail-call the main data abort handler 2011-07-02 10:56:11 +01:00
abort-ev5t.S ARM: entry: data abort: tail-call the main data abort handler 2011-07-02 10:56:11 +01:00
abort-ev5tj.S ARM: entry: data abort: tail-call the main data abort handler 2011-07-02 10:56:11 +01:00
abort-ev6.S ARM: 8128/1: abort: don't clear the exclusive monitors 2014-08-27 15:40:12 +01:00
abort-ev7.S ARM: 8128/1: abort: don't clear the exclusive monitors 2014-08-27 15:40:12 +01:00
abort-lv4t.S ARM: entry: data abort: ensure r5 is preserved by abort functions 2011-07-02 10:56:12 +01:00
abort-macro.S ARM: 7088/1: entry: fix wrong parameter name used in do_thumb_abort 2011-09-10 23:39:56 +01:00
abort-nommu.S ARM: entry: data abort: tail-call the main data abort handler 2011-07-02 10:56:11 +01:00
alignment.c ARM: convert printk(KERN_* to pr_* 2014-11-21 15:24:50 +00:00
cache-aurora-l2.h ARM: 7547/4: cache-l2x0: add support for Aurora L2 cache ctrl 2012-11-06 19:47:35 +00:00
cache-fa.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
cache-feroceon-l2.c ARM: convert printk(KERN_* to pr_* 2014-11-21 15:24:50 +00:00
cache-l2x0.c ARM: 8183/1: l2c: Improve l2c310_of_parse() error message 2014-10-29 17:20:55 +00:00
cache-nop.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
cache-tauros2.c ARM: convert printk(KERN_* to pr_* 2014-11-21 15:24:50 +00:00
cache-tauros3.h ARM: 7922/1: l2x0: add Marvell Tauros3 support 2013-12-29 12:32:47 +00:00
cache-v4.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
cache-v4wb.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
cache-v4wt.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
cache-v6.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
cache-v7.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
cache-xsc3l2.c ARM: move CP15 definitions to separate header file 2012-03-28 18:30:01 +01:00
context.c ARM: 8299/1: mm: ensure local active ASID is marked as allocated on rollover 2015-02-03 12:57:33 +00:00
copypage-fa.c arm: remove the second argument of k[un]map_atomic() 2012-03-20 21:48:14 +08:00
copypage-feroceon.c arm: remove the second argument of k[un]map_atomic() 2012-03-20 21:48:14 +08:00
copypage-v4mc.c Merge branch 'for-linus' of git://git.linaro.org/people/rmk/linux-arm 2012-03-29 16:53:48 -07:00
copypage-v4wb.c arm: remove the second argument of k[un]map_atomic() 2012-03-20 21:48:14 +08:00
copypage-v4wt.c arm: remove the second argument of k[un]map_atomic() 2012-03-20 21:48:14 +08:00
copypage-v6.c ARM: 8236/1: mm: fix discard_old_kernel_data 2014-12-03 16:00:04 +00:00
copypage-xsc3.c arm: remove the second argument of k[un]map_atomic() 2012-03-20 21:48:14 +08:00
copypage-xscale.c Merge branch 'for-linus' of git://git.linaro.org/people/rmk/linux-arm 2012-03-29 16:53:48 -07:00
dma-mapping.c ARM: 8288/1: dma-mapping: don't detach devices without an IOMMU during teardown 2015-01-29 15:22:44 +00:00
dump.c ARM: 8249/1: mm: dump: don't skip regions 2015-01-07 20:33:33 +00:00
extable.c ARM: 7876/1: clear Thumb-2 IT state on exception handling 2013-11-07 00:15:49 +00:00
fault-armv.c ARM: convert printk(KERN_* to pr_* 2014-11-21 15:24:50 +00:00
fault.c ARM: convert printk(KERN_* to pr_* 2014-11-21 15:24:50 +00:00
fault.h ARM: LPAE: Add fault handling support 2011-12-08 10:30:40 +00:00
flush.c ARM: 8237/1: fix flush_pfn_alias 2014-12-03 16:00:04 +00:00
fsr-2level.c ARM: LPAE: Move the FSR definitions to separate files 2011-12-08 10:30:37 +00:00
fsr-3level.c ARM: mm: Transparent huge page support for LPAE systems. 2013-06-04 16:52:38 +01:00
highmem.c Merge branch 'devel-stable' into for-next 2014-12-05 16:30:54 +00:00
hugetlbpage.c hugetlb: restrict hugepage_migration_support() to x86_64 2014-06-04 16:53:51 -07:00
idmap.c ARM: 8152/1: Convert pr_warning to pr_warn 2014-09-26 14:39:53 +01:00
init.c ARM: 8275/1: mm: fix PMD_SECT_RDONLY undeclared compile error 2015-01-09 20:44:12 +00:00
iomap.c arm/PCI: remove arch pci_flags definition 2012-02-23 20:18:56 -07:00
ioremap.c ARM: 8060/1: mm: allow sub-architectures to override PCI I/O memory type 2014-06-01 01:15:04 +01:00
l2c-common.c ARM: outer cache: add WARN_ON() to outer_disable() 2014-05-30 00:47:23 +01:00
l2c-l2x0-resume.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
mm.h ARM: provide common method to clear bits in CPU control register 2014-06-02 09:20:11 +01:00
mmap.c ARM: fix booting low-vectors machines 2013-11-30 14:45:31 +00:00
mmu.c ARM: 8253/1: mm: use phys_addr_t type in map_lowmem() for kernel mem region 2015-01-07 20:33:34 +00:00
nommu.c ARM: 8086/1: Set memblock limit for nommu 2014-06-29 10:29:34 +01:00
pabort-legacy.S ARM: entry: prefetch abort: tail-call the main prefetch abort handler 2011-07-02 10:56:10 +01:00
pabort-v6.S ARM: entry: prefetch abort: tail-call the main prefetch abort handler 2011-07-02 10:56:10 +01:00
pabort-v7.S ARM: entry: prefetch abort: tail-call the main prefetch abort handler 2011-07-02 10:56:10 +01:00
pageattr.c ARM: 8238/1: mm: Refine set_memory_* functions 2014-12-03 16:00:05 +00:00
pgd.c ARM: pgd allocation: retry on failure 2013-12-29 12:36:20 +00:00
proc-arm7tdmi.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm9tdmi.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm720.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm740.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm920.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm922.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm925.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm926.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm940.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm946.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm1020.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm1020e.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm1022.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-arm1026.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-fa526.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-feroceon.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-macros.S ARM: mm: Fix ifdef around cpu_*_do_[suspend, resume] ops 2014-09-24 02:47:44 +09:00
proc-mohawk.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-sa110.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-sa1100.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-syms.c ARM: modules: don't export cpu_set_pte_ext when !MMU 2013-03-26 09:55:34 +00:00
proc-v6.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-v7-2level.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-v7-3level.S ARM: 8164/1: mm: clear SCTLR.HA instead of setting it for LPAE 2014-09-25 15:32:57 +01:00
proc-v7.S Merge branches 'fixes', 'misc', 'pm' and 'sa1100' into for-next 2014-12-05 16:30:47 +00:00
proc-v7m.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-xsc3.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
proc-xscale.S ARM: 8216/1: xscale: correct auxiliary register in suspend/resume 2014-11-21 15:25:17 +00:00
tcm.h ARM: 7694/1: ARM, TCM: initialize TCM in paging_init(), instead of setup_arch() 2013-04-17 16:53:24 +01:00
tlb-fa.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
tlb-v4.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
tlb-v4wb.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
tlb-v4wbi.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
tlb-v6.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00
tlb-v7.S ARM: convert all "mov.* pc, reg" to "bx reg" for ARMv6+ 2014-07-18 12:29:04 +01:00