This is a note to let you know that I've just added the patch titled
ARM: 7479/1: mm: avoid NULL dereference when flushing gate_vma with VIVT
caches
to the 3.5-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
arm-7479-1-mm-avoid-null-dereference-when-flushing-gate_vma-with-vivt-caches.patch
and it can be found in the queue-3.5 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.
>From b74253f78400f9a4b42da84bb1de7540b88ce7c4 Mon Sep 17 00:00:00 2001
From: Will Deacon <[email protected]>
Date: Mon, 23 Jul 2012 14:18:13 +0100
Subject: ARM: 7479/1: mm: avoid NULL dereference when flushing gate_vma with
VIVT caches
From: Will Deacon <[email protected]>
commit b74253f78400f9a4b42da84bb1de7540b88ce7c4 upstream.
The vivt_flush_cache_{range,page} functions check that the mm_struct
of the VMA being flushed has been active on the current CPU before
performing the cache maintenance.
The gate_vma has a NULL mm_struct pointer and, as such, will cause a
kernel fault if we try to flush it with the above operations. This
happens during ELF core dumps, which include the gate_vma as it may be
useful for debugging purposes.
This patch adds checks to the VIVT cache flushing functions so that VMAs
with a NULL mm_struct are flushed unconditionally (the vectors page may
be dirty if we use it to store the current TLS pointer).
Reported-by: Gilles Chanteperdrix <[email protected]>
Tested-by: Uros Bizjak <[email protected]>
Signed-off-by: Will Deacon <[email protected]>
Signed-off-by: Russell King <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
arch/arm/include/asm/cacheflush.h | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
--- a/arch/arm/include/asm/cacheflush.h
+++ b/arch/arm/include/asm/cacheflush.h
@@ -215,7 +215,9 @@ static inline void vivt_flush_cache_mm(s
static inline void
vivt_flush_cache_range(struct vm_area_struct *vma, unsigned long start,
unsigned long end)
{
- if (cpumask_test_cpu(smp_processor_id(), mm_cpumask(vma->vm_mm)))
+ struct mm_struct *mm = vma->vm_mm;
+
+ if (!mm || cpumask_test_cpu(smp_processor_id(), mm_cpumask(mm)))
__cpuc_flush_user_range(start & PAGE_MASK, PAGE_ALIGN(end),
vma->vm_flags);
}
@@ -223,7 +225,9 @@ vivt_flush_cache_range(struct vm_area_st
static inline void
vivt_flush_cache_page(struct vm_area_struct *vma, unsigned long user_addr,
unsigned long pfn)
{
- if (cpumask_test_cpu(smp_processor_id(), mm_cpumask(vma->vm_mm))) {
+ struct mm_struct *mm = vma->vm_mm;
+
+ if (!mm || cpumask_test_cpu(smp_processor_id(), mm_cpumask(mm))) {
unsigned long addr = user_addr & PAGE_MASK;
__cpuc_flush_user_range(addr, addr + PAGE_SIZE, vma->vm_flags);
}
Patches currently in stable-queue which might be from [email protected] are
queue-3.5/arm-7480-1-only-call-smp_send_stop-on-smp.patch
queue-3.5/arm-7477-1-vfp-always-save-vfp-state-in-vfp_pm_suspend-on-up.patch
queue-3.5/arm-7479-1-mm-avoid-null-dereference-when-flushing-gate_vma-with-vivt-caches.patch
queue-3.5/arm-7478-1-errata-extend-workaround-for-erratum-720789.patch
queue-3.5/arm-7467-1-mutex-use-generic-xchg-based-implementation-for-armv6.patch
queue-3.5/arm-fix-undefined-instruction-exception-handling.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
