From 087aaffcdf9c91667c93923fbc05fa8fb6bc7d3a Mon Sep 17 00:00:00 2001 From: Nicolas Pitre Date: Wed, 22 Sep 2010 18:34:36 -0400 Subject: ARM: implement CONFIG_STRICT_DEVMEM by disabling access to RAM via /dev/mem There are very few legitimate use cases, if any, for directly accessing system RAM through /dev/mem. So let's mimic what they do on x86 and forbid it when CONFIG_STRICT_DEVMEM is turned on. Signed-off-by: Nicolas Pitre --- arch/arm/mm/mmap.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'arch/arm/mm') diff --git a/arch/arm/mm/mmap.c b/arch/arm/mm/mmap.c index 4f5b39687df5..b0a98305055c 100644 --- a/arch/arm/mm/mmap.c +++ b/arch/arm/mm/mmap.c @@ -144,3 +144,25 @@ int valid_mmap_phys_addr_range(unsigned long pfn, size_t size) { return !(pfn + (size >> PAGE_SHIFT) > 0x00100000); } + +#ifdef CONFIG_STRICT_DEVMEM + +#include + +/* + * devmem_is_allowed() checks to see if /dev/mem access to a certain + * address is valid. The argument is a physical page number. + * We mimic x86 here by disallowing access to system RAM as well as + * device-exclusive MMIO regions. This effectively disable read()/write() + * on /dev/mem. + */ +int devmem_is_allowed(unsigned long pfn) +{ + if (iomem_is_exclusive(pfn << PAGE_SHIFT)) + return 0; + if (!page_is_ram(pfn)) + return 1; + return 0; +} + +#endif -- cgit v1.2.3 From 475d92fc6e72cd123dc5dbb9e70cdb80b0cfdf2d Mon Sep 17 00:00:00 2001 From: Will Deacon Date: Tue, 28 Sep 2010 14:02:02 +0100 Subject: ARM: 6416/1: errata: faulty hazard checking in the Store Buffer may lead to data corruption On the r2p0, r2p1 and r2p2 versions of the Cortex-A9, data corruption can occur under very rare conditions due to a store buffer optimisation. This workaround sets a bit in the diagnostic register of the Cortex-A9, disabling the optimisation and preventing the problem from occurring. Acked-by: Catalin Marinas Signed-off-by: Will Deacon Signed-off-by: Russell King --- arch/arm/Kconfig | 14 ++++++++++++++ arch/arm/mm/proc-v7.S | 8 ++++++++ 2 files changed, 22 insertions(+) (limited to 'arch/arm/mm') diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 88c97bc7a6f5..9c26ba7244fb 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -1101,6 +1101,20 @@ config ARM_ERRATA_720789 invalidated are not, resulting in an incoherency in the system page tables. The workaround changes the TLB flushing routines to invalidate entries regardless of the ASID. + +config ARM_ERRATA_743622 + bool "ARM errata: Faulty hazard checking in the Store Buffer may lead to data corruption" + depends on CPU_V7 + help + This option enables the workaround for the 743622 Cortex-A9 + (r2p0..r2p2) erratum. Under very rare conditions, a faulty + optimisation in the Cortex-A9 Store Buffer may lead to data + corruption. This workaround sets a specific bit in the diagnostic + register of the Cortex-A9 which disables the Store Buffer + optimisation, preventing the defect from occurring. This has no + visible impact on the overall performance or power consumption of the + processor. + endmenu source "arch/arm/common/Kconfig" diff --git a/arch/arm/mm/proc-v7.S b/arch/arm/mm/proc-v7.S index 7563ff0141bd..75619c55f137 100644 --- a/arch/arm/mm/proc-v7.S +++ b/arch/arm/mm/proc-v7.S @@ -253,6 +253,14 @@ __v7_setup: orreq r10, r10, #1 << 22 @ set bit #22 mcreq p15, 0, r10, c15, c0, 1 @ write diagnostic register #endif +#ifdef CONFIG_ARM_ERRATA_743622 + teq r6, #0x20 @ present in r2p0 + teqne r6, #0x21 @ present in r2p1 + teqne r6, #0x22 @ present in r2p2 + mrceq p15, 0, r10, c15, c0, 1 @ read diagnostic register + orreq r10, r10, #1 << 6 @ set bit #6 + mcreq p15, 0, r10, c15, c0, 1 @ write diagnostic register +#endif 3: mov r10, #0 #ifdef HARVARD_CACHE -- cgit v1.2.3 From 7f58217bb6d39edac68ae0988cdb96a520ad916f Mon Sep 17 00:00:00 2001 From: Santosh Shilimkar Date: Thu, 30 Sep 2010 09:02:17 +0100 Subject: ARM: 6419/1: mmu: Fix MT_MEMORY and MT_MEMORY_NONCACHED pte flags The commit f1a2481c0 sets up the default flags for MT_MEMORY and MT_MEMORY_NONCACHED memory types. L_PTE_USER flag is wrongly set as default for these entries so remove it. Also adding the 'L_PTE_WRITE' flag so that these pages become read-write instead of just being read-only [this stops them being exposed to userspace, which is the main concern here --rmk] Reported-by: Catalin Marinas Signed-off-by: Santosh Shilimkar Acked-by: Catalin Marinas Signed-off-by: Russell King --- arch/arm/mm/mmu.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'arch/arm/mm') diff --git a/arch/arm/mm/mmu.c b/arch/arm/mm/mmu.c index 6a3a2d0cd6db..e8ed9dc461fe 100644 --- a/arch/arm/mm/mmu.c +++ b/arch/arm/mm/mmu.c @@ -248,7 +248,7 @@ static struct mem_type mem_types[] = { }, [MT_MEMORY] = { .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_DIRTY | - L_PTE_USER | L_PTE_EXEC, + L_PTE_WRITE | L_PTE_EXEC, .prot_l1 = PMD_TYPE_TABLE, .prot_sect = PMD_TYPE_SECT | PMD_SECT_AP_WRITE, .domain = DOMAIN_KERNEL, @@ -259,7 +259,7 @@ static struct mem_type mem_types[] = { }, [MT_MEMORY_NONCACHED] = { .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_DIRTY | - L_PTE_USER | L_PTE_EXEC | L_PTE_MT_BUFFERABLE, + L_PTE_WRITE | L_PTE_EXEC | L_PTE_MT_BUFFERABLE, .prot_l1 = PMD_TYPE_TABLE, .prot_sect = PMD_TYPE_SECT | PMD_SECT_AP_WRITE, .domain = DOMAIN_KERNEL, -- cgit v1.2.3 From c0bb5862a9076992e2cbeb5fa0d08c2ac3d4fbb0 Mon Sep 17 00:00:00 2001 From: Tony Lindgren Date: Thu, 7 Oct 2010 19:34:04 +0100 Subject: ARM: 6435/1: Fix HWCAP_TLS flag for ARM11MPCore/Cortex-A9 Commit 14eff1812679c76564b775aa95cdd378965f6cfb added proper detection for ARM11MPCore/Cortex-A9 instead of detecting them as ARMv7. However, it was missing the HWCAP_TLS flags. HWCAP_TLS is needed if support for earlier ARMv6 is compiled into the same kernel. Without HWCAP_TLS flags the userspace won't work unless nosmp is specified: Kernel panic - not syncing: Attempted to kill init! CPU0: stopping ] (unwind_backtrace+0x0/0xec) from [] (do_IPI+0xfc/0x184) ] (do_IPI+0xfc/0x184) from [] (__irq_svc+0x9c/0x160) Exception stack(0xc0565f80 to 0xc0565fc8) 5f80: 00000001 c05772a0 00000000 00003a61 c0564000 c05cf500 c003603c c0578600 5fa0: 80033ef0 410fc091 0000001f 00000000 00000000 c0565fc8 c00b91f8 c0057cb4 5fc0: 20000013 ffffffff [] (__irq_svc+0x9c/0x160) from [] (default_idle+0x30/0x38) [] (default_idle+0x30/0x38) from [] (cpu_idle+0x9c/0xf8) [] (cpu_idle+0x9c/0xf8) from [] (start_kernel+0x2a4/0x300) [] (start_kernel+0x2a4/0x300) from [<80008084>] (0x80008084) Signed-off-by: Tony Lindgren Signed-off-by: Russell King --- arch/arm/mm/proc-v7.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'arch/arm/mm') diff --git a/arch/arm/mm/proc-v7.S b/arch/arm/mm/proc-v7.S index 75619c55f137..197f21bed5e9 100644 --- a/arch/arm/mm/proc-v7.S +++ b/arch/arm/mm/proc-v7.S @@ -373,7 +373,7 @@ __v7_ca9mp_proc_info: b __v7_ca9mp_setup .long cpu_arch_name .long cpu_elf_name - .long HWCAP_SWP|HWCAP_HALF|HWCAP_THUMB|HWCAP_FAST_MULT|HWCAP_EDSP + .long HWCAP_SWP|HWCAP_HALF|HWCAP_THUMB|HWCAP_FAST_MULT|HWCAP_EDSP|HWCAP_TLS .long cpu_v7_name .long v7_processor_functions .long v7wbi_tlb_fns -- cgit v1.2.3 From 06c10884486a63a1e4ff657aaa51e848e64b9dc3 Mon Sep 17 00:00:00 2001 From: Russell King Date: Wed, 13 Oct 2010 00:15:25 +0100 Subject: ARM: relax ioremap prohibition (309caa9) for -final and -stable ... but produce a big warning about the problem as encouragement for people to fix their drivers. Signed-off-by: Russell King --- arch/arm/mm/ioremap.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'arch/arm/mm') diff --git a/arch/arm/mm/ioremap.c b/arch/arm/mm/ioremap.c index ab506272b2d3..17e7b0b57e49 100644 --- a/arch/arm/mm/ioremap.c +++ b/arch/arm/mm/ioremap.c @@ -204,8 +204,12 @@ void __iomem * __arm_ioremap_pfn_caller(unsigned long pfn, /* * Don't allow RAM to be mapped - this causes problems with ARMv6+ */ - if (WARN_ON(pfn_valid(pfn))) - return NULL; + if (pfn_valid(pfn)) { + printk(KERN_WARNING "BUG: Your driver calls ioremap() on system memory. This leads\n" + KERN_WARNING "to architecturally unpredictable behaviour on ARMv6+, and ioremap()\n" + KERN_WARNING "will fail in the next kernel release. Please fix your driver.\n"); + WARN_ON(1); + } type = get_mem_type(mtype); if (!type) -- cgit v1.2.3