linux.git/arch/arm/kernel/traps.c, branch v4.4.198 Clone of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr 2018-05-26T06:48:56+00:00 Masami Hiramatsu mhiramat@kernel.org 2018-05-13T04:04:16+00:00 e4f821810c2856c856c28884cd6fcb1b528412bb commit eb0146daefdde65665b7f076fbff7b49dade95b9 upstream. Prohibit kprobes on do_undefinstr because kprobes on arm is implemented by undefined instruction. This means if we probe do_undefinstr(), it can cause infinit recursive exception. Fixes: 24ba613c9d6c ("ARM kprobes: core code") Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org> Cc: stable@vger.kernel.org Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit eb0146daefdde65665b7f076fbff7b49dade95b9 upstream.

Prohibit kprobes on do_undefinstr because kprobes on
arm is implemented by undefined instruction. This means
if we probe do_undefinstr(), it can cause infinit
recursive exception.

Fixes: 24ba613c9d6c ("ARM kprobes: core code")
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Cc: stable@vger.kernel.org
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
ARM: 8720/1: ensure dump_instr() checks addr_limit 2017-11-15T16:13:12+00:00 Mark Rutland mark.rutland@arm.com 2017-11-02T17:44:28+00:00 4d5b67a54e6d5c0bb8b6638630f2a5af671798aa commit b9dd05c7002ee0ca8b676428b2268c26399b5e31 upstream. When CONFIG_DEBUG_USER is enabled, it's possible for a user to deliberately trigger dump_instr() with a chosen kernel address. Let's avoid problems resulting from this by using get_user() rather than __get_user(), ensuring that we don't erroneously access kernel memory. So that we can use the same code to dump user instructions and kernel instructions, the common dumping code is factored out to __dump_instr(), with the fs manipulated appropriately in dump_instr() around calls to this. Signed-off-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit b9dd05c7002ee0ca8b676428b2268c26399b5e31 upstream.

When CONFIG_DEBUG_USER is enabled, it's possible for a user to
deliberately trigger dump_instr() with a chosen kernel address.

Let's avoid problems resulting from this by using get_user() rather than
__get_user(), ensuring that we don't erroneously access kernel memory.

So that we can use the same code to dump user instructions and kernel
instructions, the common dumping code is factored out to __dump_instr(),
with the fs manipulated appropriately in dump_instr() around calls to
this.

Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
ARM: remove user cmpxchg syscall 2015-10-03T15:36:45+00:00 Russell King rmk+kernel@arm.linux.org.uk 2015-09-21T18:34:28+00:00 db695c0509d6ec9046ee5e4c520a19fa17d9fce2 Mark Brand reports that a NEEDS_SYSCALL_FOR_CMPXCHG enabled kernel would open a security hole in the ghost syscall used to implement cmpxchg, as it fails to validate the user pointer. However, in order for this option to be enabled, you'd need to be building a pre-ARMv6 kernel with SMP support. There is only one system known which fits that, which is an early ARM SMP FPGA implementation based on the ARM926T. In any case, the Kconfig does not allow SMP to be enabled for pre-ARMv6 systems. Moreover, even if NEEDS_SYSCALL_FOR_CMPXCHG were to be enabled, the kernel would not build as __ARM_NR_cmpxchg64 is not defined. The simple answer is to remove the buggy code. Reported-by: Mark Brand <markbrand@google.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk> 
Mark Brand reports that a NEEDS_SYSCALL_FOR_CMPXCHG enabled kernel would
open a security hole in the ghost syscall used to implement cmpxchg, as
it fails to validate the user pointer.

However, in order for this option to be enabled, you'd need to be
building a pre-ARMv6 kernel with SMP support.  There is only one system
known which fits that, which is an early ARM SMP FPGA implementation
based on the ARM926T.

In any case, the Kconfig does not allow SMP to be enabled for pre-ARMv6
systems.

Moreover, even if NEEDS_SYSCALL_FOR_CMPXCHG were to be enabled, the
kernel would not build as __ARM_NR_cmpxchg64 is not defined.

The simple answer is to remove the buggy code.

Reported-by: Mark Brand <markbrand@google.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
ARM: domains: get rid of manager mode for user domain 2015-08-21T12:55:52+00:00 Russell King rmk+kernel@arm.linux.org.uk 2015-08-21T08:30:16+00:00 3c2aed5b28819564e1a07b4686bd89802bcc4d6b Since we switched to early trap initialisation in 94e5a85b3be0 ("ARM: earlier initialization of vectors page") we haven't been writing directly to the vectors page, and so there's no need for this domain to be in manager mode. Switch it to client mode. Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk> 
Since we switched to early trap initialisation in 94e5a85b3be0
("ARM: earlier initialization of vectors page") we haven't been writing
directly to the vectors page, and so there's no need for this domain
to be in manager mode.  Switch it to client mode.

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
ARM: remove __bad_xchg definition 2015-06-02T08:58:19+00:00 Russell King rmk+kernel@arm.linux.org.uk 2015-05-19T12:39:05+00:00 31cd08c3a1db4b3164567a2a424b5e5dba6ce7a3 We want link errors if xchg() is called for a variable size we do not support. Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk> 
We want link errors if xchg() is called for a variable size we do not
support.

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
arm: Remove signal translation and exec_domain 2015-04-12T18:58:24+00:00 Richard Weinberger richard@nod.at 2014-07-13T13:24:03+00:00 a4980448ed658db313da3195bcca634c7a5adafa As execution domain support is gone we can remove signal translation from the signal code and remove exec_domain from thread_info. Signed-off-by: Richard Weinberger <richard@nod.at> 
As execution domain support is gone we can remove
signal translation from the signal code and remove
exec_domain from thread_info.

Signed-off-by: Richard Weinberger <richard@nod.at>
Merge branches 'fixes', 'misc', 'pm' and 'sa1100' into for-next 2014-12-05T16:30:47+00:00 Russell King rmk+kernel@arm.linux.org.uk 2014-12-05T16:30:47+00:00 fbe4dd088f449cbae586aa8af51d271297c75f9f 






ARM: 8226/1: cacheflush: get rid of restarting block
2014-11-27T15:55:35+00:00

Vladimir Murzin
vladimir.murzin@arm.com

2014-11-27T10:39:04+00:00

3f4aa45ceea5789a4aade536acc27f2e0d3da5e1

We cannot restart cacheflush safely if a process provides user-defined
signal handler and signal is pending. In this case -EINTR is returned
and it is expected that process re-invokes syscall. However, there are
a few problems with that:
 * looks like nobody bothers checking return value from cacheflush
 * but if it did, we don't provide the restart address for that, so the
   process has to use the same range again
 * ...and again, what might lead to looping forever

So, remove cacheflush restarting code and terminate cache flushing
as early as fatal signal is pending.

Cc: stable@vger.kernel.org # 3.12+
Reported-by: Chanho Min <chanho.min@lge.com>
Signed-off-by: Vladimir Murzin <vladimir.murzin@arm.com>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>





We cannot restart cacheflush safely if a process provides user-defined
signal handler and signal is pending. In this case -EINTR is returned
and it is expected that process re-invokes syscall. However, there are
a few problems with that:
 * looks like nobody bothers checking return value from cacheflush
 * but if it did, we don't provide the restart address for that, so the
   process has to use the same range again
 * ...and again, what might lead to looping forever

So, remove cacheflush restarting code and terminate cache flushing
as early as fatal signal is pending.

Cc: stable@vger.kernel.org # 3.12+
Reported-by: Chanho Min <chanho.min@lge.com>
Signed-off-by: Vladimir Murzin <vladimir.murzin@arm.com>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>







ARM: convert printk(KERN_* to pr_*
2014-11-21T15:24:50+00:00

Russell King
rmk+kernel@arm.linux.org.uk

2014-10-28T11:26:42+00:00

4ed89f2228061422ce5f62545fd0b6f6648bd2cc

Convert many (but not all) printk(KERN_* to pr_* to simplify the code.
We take the opportunity to join some printk lines together so we don't
split the message across several lines, and we also add a few levels
to some messages which were previously missing them.

Tested-by: Andrew Lunn <andrew@lunn.ch>
Tested-by: Felipe Balbi <balbi@ti.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>





Convert many (but not all) printk(KERN_* to pr_* to simplify the code.
We take the opportunity to join some printk lines together so we don't
split the message across several lines, and we also add a few levels
to some messages which were previously missing them.

Tested-by: Andrew Lunn <andrew@lunn.ch>
Tested-by: Felipe Balbi <balbi@ti.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>







Merge branches 'fiq' (early part), 'fixes', 'l2c' (early part) and 'misc' into for-next
2014-10-02T20:47:02+00:00

Russell King
rmk+kernel@arm.linux.org.uk

2014-10-02T20:47:02+00:00

d5d16892243e7755da706d03b34da85ea6a74117