diff options
3 files changed, 126 insertions, 0 deletions
diff --git a/recipes-kernel/linux/linux-qoriq/powerpc-64e-Convert-cmpi-to-cmpwi-in-head_64.S.patch b/recipes-kernel/linux/linux-qoriq/powerpc-64e-Convert-cmpi-to-cmpwi-in-head_64.S.patch new file mode 100644 index 00000000..710b2122 --- /dev/null +++ b/recipes-kernel/linux/linux-qoriq/powerpc-64e-Convert-cmpi-to-cmpwi-in-head_64.S.patch @@ -0,0 +1,57 @@ +From f87f253bac3ce4a4eb2a60a1ae604d74e65f9042 Mon Sep 17 00:00:00 2001 +From: Nicholas Piggin <npiggin@gmail.com> +Date: Thu, 24 Nov 2016 00:02:07 +1100 +Subject: [PATCH] powerpc/64e: Convert cmpi to cmpwi in head_64.S + +From 80f23935cadb ("powerpc: Convert cmp to cmpd in idle enter sequence"): + + PowerPC's "cmp" instruction has four operands. Normally people write + "cmpw" or "cmpd" for the second cmp operand 0 or 1. But, frequently + people forget, and write "cmp" with just three operands. + + With older binutils this is silently accepted as if this was "cmpw", + while often "cmpd" is wanted. With newer binutils GAS will complain + about this for 64-bit code. For 32-bit code it still silently assumes + "cmpw" is what is meant. + +In this case, cmpwi is called for, so this is just a build fix for +new toolchains. + +Cc: stable@vger.kernel.org # v3.0+ +Signed-off-by: Nicholas Piggin <npiggin@gmail.com> +Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> +--- + arch/powerpc/kernel/head_64.S | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/arch/powerpc/kernel/head_64.S b/arch/powerpc/kernel/head_64.S +index 451a8e1..bdb4612 100644 +--- a/arch/powerpc/kernel/head_64.S ++++ b/arch/powerpc/kernel/head_64.S +@@ -221,9 +221,9 @@ booting_thread_hwid: + */ + _GLOBAL(book3e_start_thread) + LOAD_REG_IMMEDIATE(r5, MSR_KERNEL) +- cmpi 0, r3, 0 ++ cmpwi r3, 0 + beq 10f +- cmpi 0, r3, 1 ++ cmpwi r3, 1 + beq 11f + /* If the thread id is invalid, just exit. */ + b 13f +@@ -248,9 +248,9 @@ _GLOBAL(book3e_start_thread) + * r3 = the thread physical id + */ + _GLOBAL(book3e_stop_thread) +- cmpi 0, r3, 0 ++ cmpwi r3, 0 + beq 10f +- cmpi 0, r3, 1 ++ cmpwi r3, 1 + beq 10f + /* If the thread id is invalid, just exit. */ + b 13f +-- +2.7.4 + diff --git a/recipes-kernel/linux/linux-qoriq/powerpc-vdso64-Use-double-word-compare-on-pointers.patch b/recipes-kernel/linux/linux-qoriq/powerpc-vdso64-Use-double-word-compare-on-pointers.patch new file mode 100644 index 00000000..9fa40de4 --- /dev/null +++ b/recipes-kernel/linux/linux-qoriq/powerpc-vdso64-Use-double-word-compare-on-pointers.patch @@ -0,0 +1,67 @@ +From 5045ea37377ce8cca6890d32b127ad6770e6dce5 Mon Sep 17 00:00:00 2001 +From: Anton Blanchard <anton@samba.org> +Date: Sun, 25 Sep 2016 17:16:53 +1000 +Subject: [PATCH] powerpc/vdso64: Use double word compare on pointers + +__kernel_get_syscall_map() and __kernel_clock_getres() use cmpli to +check if the passed in pointer is non zero. cmpli maps to a 32 bit +compare on binutils, so we ignore the top 32 bits. + +A simple test case can be created by passing in a bogus pointer with +the bottom 32 bits clear. Using a clk_id that is handled by the VDSO, +then one that is handled by the kernel shows the problem: + + printf("%d\n", clock_getres(CLOCK_REALTIME, (void *)0x100000000)); + printf("%d\n", clock_getres(CLOCK_BOOTTIME, (void *)0x100000000)); + +And we get: + + 0 + -1 + +The bigger issue is if we pass a valid pointer with the bottom 32 bits +clear, in this case we will return success but won't write any data +to the pointer. + +I stumbled across this issue because the LLVM integrated assembler +doesn't accept cmpli with 3 arguments. Fix this by converting them to +cmpldi. + +Fixes: a7f290dad32e ("[PATCH] powerpc: Merge vdso's and add vdso support to 32 bits kernel") +Cc: stable@vger.kernel.org # v2.6.15+ +Signed-off-by: Anton Blanchard <anton@samba.org> +Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> +--- + arch/powerpc/kernel/vdso64/datapage.S | 2 +- + arch/powerpc/kernel/vdso64/gettimeofday.S | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/arch/powerpc/kernel/vdso64/datapage.S b/arch/powerpc/kernel/vdso64/datapage.S +index 184a6ba..abf17fe 100644 +--- a/arch/powerpc/kernel/vdso64/datapage.S ++++ b/arch/powerpc/kernel/vdso64/datapage.S +@@ -59,7 +59,7 @@ V_FUNCTION_BEGIN(__kernel_get_syscall_map) + bl V_LOCAL_FUNC(__get_datapage) + mtlr r12 + addi r3,r3,CFG_SYSCALL_MAP64 +- cmpli cr0,r4,0 ++ cmpldi cr0,r4,0 + crclr cr0*4+so + beqlr + li r0,NR_syscalls +diff --git a/arch/powerpc/kernel/vdso64/gettimeofday.S b/arch/powerpc/kernel/vdso64/gettimeofday.S +index a76b4af..3820213 100644 +--- a/arch/powerpc/kernel/vdso64/gettimeofday.S ++++ b/arch/powerpc/kernel/vdso64/gettimeofday.S +@@ -145,7 +145,7 @@ V_FUNCTION_BEGIN(__kernel_clock_getres) + bne cr0,99f + + li r3,0 +- cmpli cr0,r4,0 ++ cmpldi cr0,r4,0 + crclr cr0*4+so + beqlr + lis r5,CLOCK_REALTIME_RES@h +-- +2.7.4 + diff --git a/recipes-kernel/linux/linux-qoriq_4.1.bb b/recipes-kernel/linux/linux-qoriq_4.1.bb index 6c2b2351..12d12f53 100644 --- a/recipes-kernel/linux/linux-qoriq_4.1.bb +++ b/recipes-kernel/linux/linux-qoriq_4.1.bb @@ -15,6 +15,8 @@ SRC_URI = "git://git.freescale.com/ppc/sdk/linux.git;nobranch=1 \ file://powerpc-fsl-Fix-build-of-the-dtb-embedded-kernel-images.patch \ file://CVE-2016-2053.patch \ file://CVE-2016-0758.patch \ + file://powerpc-64e-Convert-cmpi-to-cmpwi-in-head_64.S.patch \ + file://powerpc-vdso64-Use-double-word-compare-on-pointers.patch \ " SRCREV = "b14540ee315f79f6a5dfc621e7f4217c8fac7d1c" |