Prev: [060/145] SCSI: qla1280: Drop host_lock while requesting firmware
Next: [036/145] sparc32: Fix struct stat uid/gid types.
From: Greg KH on 12 Mar 2010 20:00
2.6.32-stable review patch. If anyone has any objections, please let me know.

----------------
From: David S. Miller <davem(a)davemloft.net>

[ Upstream commit 1f474646fdc36b457606bbcd6a3592e6cbd31ac4 ]

Thanks to testcase and report from Brad Spengler:

--------------------
#include <stdio.h>

typedef int (* _wee)(void);

int main(void)
{
char buf[8] = { '\x81', '\xc7', '\xe0', '\x08', '\x81', '\xe8',
'\x00', '\x00' };
_wee wee;
printf("%p\n", &buf);
wee = (_wee)&buf;
wee();

return 0;
}
--------------------

TSB I-tlb load code tries to use andcc to check the _PAGE_EXEC_4U bit,
but that's bit 12 so it gets sign extended all the way up to bit 63
and the test nearly always passes as a result.

Use sethi to fix the bug.

Signed-off-by: David S. Miller <davem(a)davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)suse.de>

---
arch/sparc/kernel/tsb.S | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)

--- a/arch/sparc/kernel/tsb.S
+++ b/arch/sparc/kernel/tsb.S
@@ -191,10 +191,12 @@ tsb_dtlb_load:

tsb_itlb_load:
/* Executable bit must be set. */
-661: andcc %g5, _PAGE_EXEC_4U, %g0
- .section .sun4v_1insn_patch, "ax"
+661: sethi %hi(_PAGE_EXEC_4U), %g4
+ andcc %g5, %g4, %g0
+ .section .sun4v_2insn_patch, "ax"
.word 661b
andcc %g5, _PAGE_EXEC_4V, %g0
+ nop
.previous

be,pn %xcc, tsb_do_fault


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
 | 
Pages: 1
Prev: [060/145] SCSI: qla1280: Drop host_lock while requesting firmware
Next: [036/145] sparc32: Fix struct stat uid/gid types.