linux/arch/arm/mm/abort-ev6.S
Seth Forshee 25ef4a67e7 [ARM] 5416/1: Use unused address in v6_early_abort
The target of the strex instruction to clear the exlusive monitor
is currently the top of the stack.  If the store succeeeds this
corrupts r0 in pt_regs.  Use the next stack location instead of
the current one to prevent any chance of corrupting an in-use
address.

Signed-off-by: Seth Forshee <seth.forshee@gmail.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2009-03-03 12:11:25 +00:00

46 lines
1.2 KiB
ArmAsm

#include <linux/linkage.h>
#include <asm/assembler.h>
#include "abort-macro.S"
/*
* Function: v6_early_abort
*
* Params : r2 = address of aborted instruction
* : r3 = saved SPSR
*
* Returns : r0 = address of abort
* : r1 = FSR, bit 11 = write
* : r2-r8 = corrupted
* : r9 = preserved
* : sp = pointer to registers
*
* Purpose : obtain information about current aborted instruction.
* Note: we read user space. This means we might cause a data
* abort here if the I-TLB and D-TLB aren't seeing the same
* picture. Unfortunately, this does happen. We live with it.
*/
.align 5
ENTRY(v6_early_abort)
#ifdef CONFIG_CPU_32v6K
clrex
#else
sub r1, sp, #4 @ Get unused stack location
strex r0, r1, [r1] @ Clear the exclusive monitor
#endif
mrc p15, 0, r1, c5, c0, 0 @ get FSR
mrc p15, 0, r0, c6, c0, 0 @ get FAR
/*
* Faulty SWP instruction on 1136 doesn't set bit 11 in DFSR.
* The test below covers all the write situations, including Java bytecodes
*/
bic r1, r1, #1 << 11 | 1 << 10 @ clear bits 11 and 10 of FSR
tst r3, #PSR_J_BIT @ Java?
movne pc, lr
do_thumb_abort
ldreq r3, [r2] @ read aborted ARM instruction
do_ldrd_abort
tst r3, #1 << 20 @ L = 0 -> write
orreq r1, r1, #1 << 11 @ yes.
mov pc, lr