• Geert Uytterhoeven's avatar
    m68k: Disable/restore interrupts in hwreg_present()/hwreg_write() · 9ac8b73b
    Geert Uytterhoeven authored
    commit e4dc601b upstream.
    
    hwreg_present() and hwreg_write() temporarily change the VBR register to
    another vector table. This table contains a valid bus error handler
    only, all other entries point to arbitrary addresses.
    
    If an interrupt comes in while the temporary table is active, the
    processor will start executing at such an arbitrary address, and the
    kernel will crash.
    
    While most callers run early, before interrupts are enabled, or
    explicitly disable interrupts, Finn Thain pointed out that macsonic has
    one callsite that doesn't, causing intermittent boot crashes.
    There's another unsafe callsite in hilkbd.
    
    Fix this for good by disabling and restoring interrupts inside
    hwreg_present() and hwreg_write().
    
    Explicitly disabling interrupts can be removed from the callsites later.
    Reported-by: default avatarFinn Thain <fthain@telegraphics.com.au>
    Signed-off-by: default avatarGeert Uytterhoeven <geert@linux-m68k.org>
    Signed-off-by: default avatarJiri Slaby <jslaby@suse.cz>
    9ac8b73b
hwtest.c 2.6 KB