From 844b43adba74d97f15e56b103c97bfcccaa01aa6 Mon Sep 17 00:00:00 2001 From: Carmelo Amoroso Date: Mon, 7 Jan 2008 13:50:18 +0900 Subject: sh: Fix argument page dcache flushing regression. In the do_execve() path, argument page handling used to explicitly call flush_dcache_page() for each page, this has since been reworked and uses flush_kernel_dcache_page() instead, which is presently a nop. Doing a simple modprobe/rmmod in a loop under busybox consistently manages to crash without providing a sane flush_kernel_dcache_page() implementation, so, plug in a simple implementation. Signed-off-by: Carmelo Amoroso Signed-off-by: Paul Mundt --- include/asm-sh/cacheflush.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/include/asm-sh/cacheflush.h b/include/asm-sh/cacheflush.h index 9d528ada3c1..e034c360411 100644 --- a/include/asm-sh/cacheflush.h +++ b/include/asm-sh/cacheflush.h @@ -43,6 +43,12 @@ extern void __flush_purge_region(void *start, int size); extern void __flush_invalidate_region(void *start, int size); #endif +#define ARCH_HAS_FLUSH_KERNEL_DCACHE_PAGE +static inline void flush_kernel_dcache_page(struct page *page) +{ + flush_dcache_page(page); +} + #if defined(CONFIG_CPU_SH4) && !defined(CONFIG_CACHE_OFF) extern void copy_to_user_page(struct vm_area_struct *vma, struct page *page, unsigned long vaddr, void *dst, const void *src, -- cgit v1.2.3-18-g5258 From d7587b1445c0087cfcaa03ceae79b52eef4e9e4b Mon Sep 17 00:00:00 2001 From: Paul Mundt Date: Fri, 11 Jan 2008 13:18:16 +0900 Subject: sh: Force __access_ok() to obey address space limit. When the thread_info->addr_limit changes were introduced, __access_ok() was missed in the conversion, allowing user processes to perform P1/P2 accesses under certain conditions. This has already been corrected with the nommu refactoring in later kernels. Signed-off-by: Paul Mundt --- include/asm-sh/uaccess.h | 42 +++++++++++++++--------------------------- 1 file changed, 15 insertions(+), 27 deletions(-) diff --git a/include/asm-sh/uaccess.h b/include/asm-sh/uaccess.h index f18a1a5c95c..77c391fa93d 100644 --- a/include/asm-sh/uaccess.h +++ b/include/asm-sh/uaccess.h @@ -73,38 +73,26 @@ static inline int __access_ok(unsigned long addr, unsigned long size) /* * __access_ok: Check if address with size is OK or not. * - * We do three checks: - * (1) is it user space? - * (2) addr + size --> carry? - * (3) addr + size >= 0x80000000 (PAGE_OFFSET) + * Uhhuh, this needs 33-bit arithmetic. We have a carry.. * - * (1) (2) (3) | RESULT - * 0 0 0 | ok - * 0 0 1 | ok - * 0 1 0 | bad - * 0 1 1 | bad - * 1 0 0 | ok - * 1 0 1 | bad - * 1 1 0 | bad - * 1 1 1 | bad + * sum := addr + size; carry? --> flag = true; + * if (sum >= addr_limit) flag = true; */ static inline int __access_ok(unsigned long addr, unsigned long size) { - unsigned long flag, tmp; - - __asm__("stc r7_bank, %0\n\t" - "mov.l @(8,%0), %0\n\t" - "clrt\n\t" - "addc %2, %1\n\t" - "and %1, %0\n\t" - "rotcl %0\n\t" - "rotcl %0\n\t" - "and #3, %0" - : "=&z" (flag), "=r" (tmp) - : "r" (addr), "1" (size) - : "t"); - + unsigned long flag, sum; + + __asm__("clrt\n\t" + "addc %3, %1\n\t" + "movt %0\n\t" + "cmp/hi %4, %1\n\t" + "rotcl %0" + :"=&r" (flag), "=r" (sum) + :"1" (addr), "r" (size), + "r" (current_thread_info()->addr_limit.seg) + :"t"); return flag == 0; + } #endif /* CONFIG_MMU */ -- cgit v1.2.3-18-g5258