25ef4a67e7
The target of the strex instruction to clear the exlusive monitor is currently the top of the stack. If the store succeeeds this corrupts r0 in pt_regs. Use the next stack location instead of the current one to prevent any chance of corrupting an in-use address. Signed-off-by: Seth Forshee <seth.forshee@gmail.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
46 lines
1.2 KiB
ArmAsm
46 lines
1.2 KiB
ArmAsm
#include <linux/linkage.h>
|
|
#include <asm/assembler.h>
|
|
#include "abort-macro.S"
|
|
/*
|
|
* Function: v6_early_abort
|
|
*
|
|
* Params : r2 = address of aborted instruction
|
|
* : r3 = saved SPSR
|
|
*
|
|
* Returns : r0 = address of abort
|
|
* : r1 = FSR, bit 11 = write
|
|
* : r2-r8 = corrupted
|
|
* : r9 = preserved
|
|
* : sp = pointer to registers
|
|
*
|
|
* Purpose : obtain information about current aborted instruction.
|
|
* Note: we read user space. This means we might cause a data
|
|
* abort here if the I-TLB and D-TLB aren't seeing the same
|
|
* picture. Unfortunately, this does happen. We live with it.
|
|
*/
|
|
.align 5
|
|
ENTRY(v6_early_abort)
|
|
#ifdef CONFIG_CPU_32v6K
|
|
clrex
|
|
#else
|
|
sub r1, sp, #4 @ Get unused stack location
|
|
strex r0, r1, [r1] @ Clear the exclusive monitor
|
|
#endif
|
|
mrc p15, 0, r1, c5, c0, 0 @ get FSR
|
|
mrc p15, 0, r0, c6, c0, 0 @ get FAR
|
|
/*
|
|
* Faulty SWP instruction on 1136 doesn't set bit 11 in DFSR.
|
|
* The test below covers all the write situations, including Java bytecodes
|
|
*/
|
|
bic r1, r1, #1 << 11 | 1 << 10 @ clear bits 11 and 10 of FSR
|
|
tst r3, #PSR_J_BIT @ Java?
|
|
movne pc, lr
|
|
do_thumb_abort
|
|
ldreq r3, [r2] @ read aborted ARM instruction
|
|
do_ldrd_abort
|
|
tst r3, #1 << 20 @ L = 0 -> write
|
|
orreq r1, r1, #1 << 11 @ yes.
|
|
mov pc, lr
|
|
|
|
|