Skip to content
  • Will Deacon's avatar
    ARM: 7748/1: oabi: handle faults when loading swi instruction from userspace · ab3e7055
    Will Deacon authored
    
    
    commit 1aa2b3b7a6c4f3dbd3671171113a20e6a6190e3b upstream.
    
    Running an OABI_COMPAT kernel on an SMP platform can lead to fun and
    games with page aging.
    
    If one CPU issues a swi instruction immediately before another CPU
    decides to mkold the page containing the swi instruction, then we will
    fault attempting to load the instruction during the vector_swi handler
    in order to retrieve its immediate field. Since this fault is not
    currently dealt with by our exception tables, this results in a panic:
    
      Unable to handle kernel paging request at virtual address 4020841c
      pgd = c490c000
      [4020841c] *pgd=84451831, *pte=bf05859d, *ppte=00000000
      Internal error: Oops: 17 [#1] PREEMPT SMP ARM
      Modules linked in: hid_sony(O)
      CPU: 1    Tainted: G        W  O  (3.4.0-perf-gf496dca-01162-gcbcc62b #1)
      PC is at vector_swi+0x28/0x88
      LR is at 0x40208420
    
    This patch wraps all of the swi instruction loads with the USER macro
    and provides a shared exception table entry which simply rewinds the
    saved user PC and returns from the system call (without setting tbl, so
    there's no worries with tracing or syscall restarting). Returning to
    userspace will re-enter the page fault handler, from where we will
    probably send SIGSEGV to the current task.
    
    Reported-by: default avatarWang, Yalin <yalin.wang@sonymobile.com>
    Reviewed-by: default avatarNicolas Pitre <nico@linaro.org>
    Signed-off-by: default avatarWill Deacon <will.deacon@arm.com>
    Signed-off-by: default avatarRussell King <rmk+kernel@arm.linux.org.uk>
    Cc: Sheng Yong <shengyong1@huawei.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    ab3e7055