From 934fc24df10abfd5aff533d0d044a17669d77d79 Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel Date: Wed, 15 May 2013 10:46:30 +0100 Subject: [PATCH 1/3] ARM: 7723/1: crypto: sha1-armv4-large.S: fix SP handling Make the SHA1 asm code ABI conformant by making sure all stack accesses occur above the stack pointer. Origin: http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1a9d60d2 Signed-off-by: Ard Biesheuvel Acked-by: Nicolas Pitre Cc: stable@vger.kernel.org Signed-off-by: Russell King --- arch/arm/crypto/sha1-armv4-large.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/crypto/sha1-armv4-large.S b/arch/arm/crypto/sha1-armv4-large.S index 92c6eed7aac9..99207c45ec10 100644 --- a/arch/arm/crypto/sha1-armv4-large.S +++ b/arch/arm/crypto/sha1-armv4-large.S @@ -195,6 +195,7 @@ ENTRY(sha1_block_data_order) add r3,r3,r10 @ E+=F_00_19(B,C,D) cmp r14,sp bne .L_00_15 @ [((11+4)*5+2)*3] + sub sp,sp,#25*4 #if __ARM_ARCH__<7 ldrb r10,[r1,#2] ldrb r9,[r1,#3] @@ -290,7 +291,6 @@ ENTRY(sha1_block_data_order) add r3,r3,r10 @ E+=F_00_19(B,C,D) ldr r8,.LK_20_39 @ [+15+16*4] - sub sp,sp,#25*4 cmn sp,#0 @ [+3], clear carry to denote 20_39 .L_20_39_or_60_79: ldr r9,[r14,#15*4] From 4ca46c5e1f38e32c90247686e9e17dae213ecbdb Mon Sep 17 00:00:00 2001 From: Steven Capper Date: Thu, 16 May 2013 17:16:11 +0100 Subject: [PATCH 2/3] ARM: 7727/1: remove the .vm_mm value from gate_vma If one reads /proc/$PID/smaps, the mmap_sem belonging to the address space of the task being examined is locked for reading. All the pages of the vmas belonging to the task's address space are then walked with this lock held. If a gate_vma is present in the architecture, it too is examined by the fs/proc/task_mmu.c code. As gate_vma doesn't belong to the address space of the task though, its pages are not walked. A recent cleanup (commit f6604efe) of the gate_vma initialisation code set the vm_mm value to &init_mm. Unfortunately a non-NULL vm_mm value in the gate_vma will cause the task_mmu code to attempt to walk the pages of the gate_vma (with no mmap-sem lock held). If one enables Transparent Huge Page support and vm debugging, this will then cause OOPses as pmd_trans_huge_lock is called without mmap_sem being locked. This patch removes the .vm_mm value from gate_vma, restoring the original behaviour of the task_mmu code. Signed-off-by: Steve Capper Signed-off-by: Russell King --- arch/arm/kernel/process.c | 1 - 1 file changed, 1 deletion(-) diff --git a/arch/arm/kernel/process.c b/arch/arm/kernel/process.c index f21970316836..282de4826abb 100644 --- a/arch/arm/kernel/process.c +++ b/arch/arm/kernel/process.c @@ -411,7 +411,6 @@ static struct vm_area_struct gate_vma = { .vm_start = 0xffff0000, .vm_end = 0xffff0000 + PAGE_SIZE, .vm_flags = VM_READ | VM_EXEC | VM_MAYREAD | VM_MAYEXEC, - .vm_mm = &init_mm, }; static int __init gate_vma_init(void) From f27d6e172367a424ecf9d373062a820338671277 Mon Sep 17 00:00:00 2001 From: Will Deacon Date: Thu, 16 May 2013 19:38:51 +0100 Subject: [PATCH 3/3] ARM: 7729/1: vfp: ensure VFP_arch is non-zero when VFP is not supported Commit d3f79584a8b5 ("ARM: cleanup undefined instruction entry code") improved the register scheduling when handling undefined instructions. A side effect of this is that r5 is now used as a temporary, whilst the VFP probing code relies on r5 containing a non-zero value when VFP is not supported. This patch fixes the VFP detection code so that we don't rely on the contents of r5. Without this patch, Linux dies loudly on CPUs without VFP support. Signed-off-by: Will Deacon Signed-off-by: Russell King --- arch/arm/vfp/entry.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/vfp/entry.S b/arch/arm/vfp/entry.S index 323ce1a62bbf..46e17492fd1f 100644 --- a/arch/arm/vfp/entry.S +++ b/arch/arm/vfp/entry.S @@ -60,7 +60,7 @@ ENTRY(vfp_testing_entry) str r11, [r10, #TI_PREEMPT] #endif ldr r0, VFP_arch_address - str r5, [r0] @ known non-zero value + str r0, [r0] @ set to non-zero value mov pc, r9 @ we have handled the fault ENDPROC(vfp_testing_entry)