Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp3367954ybp; Sun, 6 Oct 2019 10:23:32 -0700 (PDT) X-Google-Smtp-Source: APXvYqzmctVH/4XAAeWNc3BqXnPbfTMCOQJmFAOTIzF6V/60BgJDVNArCtX7DUqQ02gYc8a99TrM X-Received: by 2002:a17:906:c738:: with SMTP id fj24mr20556469ejb.255.1570382612733; Sun, 06 Oct 2019 10:23:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570382612; cv=none; d=google.com; s=arc-20160816; b=xnomFEg/tDdZQYI1ijd8xWIBW7M6qKnf9CL4wk8PnroC/oa2bccXKQGEaitdY2Bxrx GIA3eQdnCM56vjbFb71hWE1oZU3cWtcBNs4odzxQ2VYGKc0aJeFJy5d5KFTYdi8C8CT4 roB85rPq0FyhgnCpX7uHmdUKngiEhPHNgM+syXc8pITs3dk+IlPwziJOSp23HUUnkIHx NjVI149N8mvyj+6kAWBRVmBCwR5Hgcl7D7Fv87om4W89OXUsLZDt8/+YK6Fj98nte1JY /Y8t85fRlorZEkMQZBYvpEsUt53q8mHXZI0VhkZ4oQnLR3rYfj6lcy09ukTK582ccJCr XWWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=du0aBYlo+KV1lBoeFUna9MIBKfAQIqlxlQ+Mri0P7eI=; b=zhuagoiUzrth+ZlgMWlMiHseQTwxra+XDuK8clDRNgmWWtI5A3lZ6xcFOKHWtYk+oY fkgQ8G4EF+K/EqG8JKH2eZ/TZkxIc33gdkooFfj8WGqtoUnGqOqnlR2/2Vn4iA6PtrLq U5vKX3Wv3nTDOnDxfVuq/hzfxn97ANy+L9C+faYDuyxqSVq4BcsXafhYIBqaWy3017+X SB6XoRWvja546Yucd94mRkFZfYrDK7YE24O3xmoZWuiTZed/9tlAgxtv95+MTvv1FYDM I9vTEy9q4SbOF6gXR2T5mc8oua3LGyywIlahKg+qoNtTSZ66RGo5IDtFN2jhu1dHTFR7 dm7Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=18mCn1xR; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y12si5859009ejp.103.2019.10.06.10.23.09; Sun, 06 Oct 2019 10:23:32 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=18mCn1xR; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726912AbfJFRTs (ORCPT + 99 others); Sun, 6 Oct 2019 13:19:48 -0400 Received: from mail.kernel.org ([198.145.29.99]:44680 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726828AbfJFRTq (ORCPT ); Sun, 6 Oct 2019 13:19:46 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 3AE7B20835; Sun, 6 Oct 2019 17:19:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1570382384; bh=xqcbefcJOqTr5yezU+WtL17X1hRbLdYNn8J2gsa7Mc8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=18mCn1xRAnbpUqmu58T6ti/EnorGx44njQmZPBMWaYP/DmIygtcLfmobpHUnYsP/R KDZbqjVZfCg7Na2/LyM4IpwrNj4VywjV/Fvysl7jP+52lEA78hSgnbV1RxqtP4tUDV zPH2wihcBnj9NI7awnf6HwjbIvsslhhVsNgkH9TM= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Orion Hodson , Will Deacon , Russell King , Sasha Levin Subject: [PATCH 4.4 16/36] ARM: 8898/1: mm: Dont treat faults reported from cache maintenance as writes Date: Sun, 6 Oct 2019 19:18:58 +0200 Message-Id: <20191006171051.090284415@linuxfoundation.org> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191006171038.266461022@linuxfoundation.org> References: <20191006171038.266461022@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Will Deacon [ Upstream commit 834020366da9ab3fb87d1eb9a3160eb22dbed63a ] Translation faults arising from cache maintenance instructions are rather unhelpfully reported with an FSR value where the WnR field is set to 1, indicating that the faulting access was a write. Since cache maintenance instructions on 32-bit ARM do not require any particular permissions, this can cause our private 'cacheflush' system call to fail spuriously if a translation fault is generated due to page aging when targetting a read-only VMA. In this situation, we will return -EFAULT to userspace, although this is unfortunately suppressed by the popular '__builtin___clear_cache()' intrinsic provided by GCC, which returns void. Although it's tempting to write this off as a userspace issue, we can actually do a little bit better on CPUs that support LPAE, even if the short-descriptor format is in use. On these CPUs, cache maintenance faults additionally set the CM field in the FSR, which we can use to suppress the write permission checks in the page fault handler and succeed in performing cache maintenance to read-only areas even in the presence of a translation fault. Reported-by: Orion Hodson Signed-off-by: Will Deacon Signed-off-by: Russell King Signed-off-by: Sasha Levin --- arch/arm/mm/fault.c | 4 ++-- arch/arm/mm/fault.h | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c index 0d20cd5940171..702a5542b11a8 100644 --- a/arch/arm/mm/fault.c +++ b/arch/arm/mm/fault.c @@ -211,7 +211,7 @@ static inline bool access_error(unsigned int fsr, struct vm_area_struct *vma) { unsigned int mask = VM_READ | VM_WRITE | VM_EXEC; - if (fsr & FSR_WRITE) + if ((fsr & FSR_WRITE) && !(fsr & FSR_CM)) mask = VM_WRITE; if (fsr & FSR_LNX_PF) mask = VM_EXEC; @@ -281,7 +281,7 @@ do_page_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs) if (user_mode(regs)) flags |= FAULT_FLAG_USER; - if (fsr & FSR_WRITE) + if ((fsr & FSR_WRITE) && !(fsr & FSR_CM)) flags |= FAULT_FLAG_WRITE; /* diff --git a/arch/arm/mm/fault.h b/arch/arm/mm/fault.h index 78830657cab3a..b014e57248044 100644 --- a/arch/arm/mm/fault.h +++ b/arch/arm/mm/fault.h @@ -5,6 +5,7 @@ * Fault status register encodings. We steal bit 31 for our own purposes. */ #define FSR_LNX_PF (1 << 31) +#define FSR_CM (1 << 13) #define FSR_WRITE (1 << 11) #define FSR_FS4 (1 << 10) #define FSR_FS3_0 (15) -- 2.20.1