Commit 99338190 authored by Christophe Leroy's avatar Christophe Leroy Committed by Michael Ellerman

powerpc/32s: Fix CPU wake-up from sleep mode

Commit f7354cca ("powerpc/32: Remove CURRENT_THREAD_INFO and
rename TI_CPU") broke the CPU wake-up from sleep mode (i.e. when
_TLF_SLEEPING is set) by delaying the tovirt(r2, r2).

This is because r2 is not restored by fast_exception_return. It used
to work (by chance ?) because CPU wake-up interrupt never comes from
user, so r2 is expected to point to 'current' on return.

Commit e2fb9f54 ("powerpc/32: Prepare for Kernel Userspace Access
Protection") broke it even more by clobbering r0 which is not
restored by fast_exception_return either.

Use r6 instead of r0. This is possible because r3-r6 are restored by
fast_exception_return and only r3-r5 are used for exception arguments.

For r2 it could be converted back to virtual address, but stay on the
safe side and restore it from the stack instead. It should be live
in the cache at that moment, so loading from the stack should make
no difference compared to converting it from phys to virt.

Fixes: f7354cca ("powerpc/32: Remove CURRENT_THREAD_INFO and rename TI_CPU")
Fixes: e2fb9f54 ("powerpc/32: Prepare for Kernel Userspace Access Protection")
Cc: stable@vger.kernel.org
Signed-off-by: default avatarChristophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/6d02c3ae6ad77af34392e98117e44c2bf6d13ba1.1580121710.git.christophe.leroy@c-s.fr
parent 21613cfa
...@@ -180,7 +180,7 @@ transfer_to_handler: ...@@ -180,7 +180,7 @@ transfer_to_handler:
2: /* if from kernel, check interrupted DOZE/NAP mode and 2: /* if from kernel, check interrupted DOZE/NAP mode and
* check for stack overflow * check for stack overflow
*/ */
kuap_save_and_lock r11, r12, r9, r2, r0 kuap_save_and_lock r11, r12, r9, r2, r6
addi r2, r12, -THREAD addi r2, r12, -THREAD
#ifndef CONFIG_VMAP_STACK #ifndef CONFIG_VMAP_STACK
lwz r9,KSP_LIMIT(r12) lwz r9,KSP_LIMIT(r12)
...@@ -288,6 +288,7 @@ reenable_mmu: ...@@ -288,6 +288,7 @@ reenable_mmu:
rlwinm r9,r9,0,~MSR_EE rlwinm r9,r9,0,~MSR_EE
lwz r12,_LINK(r11) /* and return to address in LR */ lwz r12,_LINK(r11) /* and return to address in LR */
kuap_restore r11, r2, r3, r4, r5 kuap_restore r11, r2, r3, r4, r5
lwz r2, GPR2(r11)
b fast_exception_return b fast_exception_return
#endif #endif
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment