<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/arch/arm/kernel, branch linux-4.1.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>ARM: 8668/1: ftrace: Fix dynamic ftrace with DEBUG_RODATA and !FRAME_POINTER</title>
<updated>2018-05-23T01:33:49+00:00</updated>
<author>
<name>Abel Vesa</name>
<email>abelvesa@linux.com</email>
</author>
<published>2017-04-03T22:58:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=0ad0b3b1752a312bb6bc8dc11ff057df2d820fe9'/>
<id>0ad0b3b1752a312bb6bc8dc11ff057df2d820fe9</id>
<content type='text'>
[ Upstream commit 6f05d0761af612e04572ba4d65b4c0274a88444f ]

The support for dynamic ftrace with CONFIG_DEBUG_RODATA involves
overriding the weak arch_ftrace_update_code() with a variant which makes
the kernel text writable around the patching.

This override was however added under the CONFIG_OLD_MCOUNT ifdef, and
CONFIG_OLD_MCOUNT is only enabled if frame pointers are enabled.

This leads to non-functional dynamic ftrace (ftrace triggers a
WARN_ON()) when CONFIG_DEBUG_RODATA is enabled and CONFIG_FRAME_POINTER
is not.

Move the override out of that ifdef and into the CONFIG_DYNAMIC_FTRACE
ifdef where it belongs.

Fixes: 80d6b0c2eed2a ("ARM: mm: allow text and rodata sections to be read-only")
Suggested-by: Nicolai Stange &lt;nicstange@gmail.com&gt;
Suggested-by: Rabin Vincent &lt;rabin@rab.in&gt;
Signed-off-by: Abel Vesa &lt;abelvesa@gmail.com&gt;
Acked-by: Rabin Vincent &lt;rabin@rab.in&gt;
Signed-off-by: Russell King &lt;rmk+kernel@armlinux.org.uk&gt;
Signed-off-by: Sasha Levin &lt;alexander.levin@microsoft.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 6f05d0761af612e04572ba4d65b4c0274a88444f ]

The support for dynamic ftrace with CONFIG_DEBUG_RODATA involves
overriding the weak arch_ftrace_update_code() with a variant which makes
the kernel text writable around the patching.

This override was however added under the CONFIG_OLD_MCOUNT ifdef, and
CONFIG_OLD_MCOUNT is only enabled if frame pointers are enabled.

This leads to non-functional dynamic ftrace (ftrace triggers a
WARN_ON()) when CONFIG_DEBUG_RODATA is enabled and CONFIG_FRAME_POINTER
is not.

Move the override out of that ifdef and into the CONFIG_DYNAMIC_FTRACE
ifdef where it belongs.

Fixes: 80d6b0c2eed2a ("ARM: mm: allow text and rodata sections to be read-only")
Suggested-by: Nicolai Stange &lt;nicstange@gmail.com&gt;
Suggested-by: Rabin Vincent &lt;rabin@rab.in&gt;
Signed-off-by: Abel Vesa &lt;abelvesa@gmail.com&gt;
Acked-by: Rabin Vincent &lt;rabin@rab.in&gt;
Signed-off-by: Russell King &lt;rmk+kernel@armlinux.org.uk&gt;
Signed-off-by: Sasha Levin &lt;alexander.levin@microsoft.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>drivers/perf: arm_pmu: handle no platform_device</title>
<updated>2018-05-23T01:33:45+00:00</updated>
<author>
<name>Mark Rutland</name>
<email>mark.rutland@arm.com</email>
</author>
<published>2017-04-11T08:39:49+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=b419c51591ea45001268fc050fae5b08d8760cb1'/>
<id>b419c51591ea45001268fc050fae5b08d8760cb1</id>
<content type='text'>
[ Upstream commit 7654137071fa706e5c91f4f27bc2a5cd7e435a9b ]

In armpmu_dispatch_irq() we look at arm_pmu::plat_device to acquire
platdata, so that we can defer to platform-specific IRQ handling,
required on some 32-bit parts. With the advent of ACPI we won't always
have a platform_device, and so we must avoid trying to dereference
fields from it.

This patch fixes up armpmu_dispatch_irq() to avoid doing so, introducing
a new armpmu_get_platdata() helper.

Signed-off-by: Mark Rutland &lt;mark.rutland@arm.com&gt;
Tested-by: Jeremy Linton &lt;jeremy.linton@arm.com&gt;
Cc: Will Deacon &lt;will.deacon@arm.com&gt;
Signed-off-by: Will Deacon &lt;will.deacon@arm.com&gt;
Signed-off-by: Sasha Levin &lt;alexander.levin@microsoft.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 7654137071fa706e5c91f4f27bc2a5cd7e435a9b ]

In armpmu_dispatch_irq() we look at arm_pmu::plat_device to acquire
platdata, so that we can defer to platform-specific IRQ handling,
required on some 32-bit parts. With the advent of ACPI we won't always
have a platform_device, and so we must avoid trying to dereference
fields from it.

This patch fixes up armpmu_dispatch_irq() to avoid doing so, introducing
a new armpmu_get_platdata() helper.

Signed-off-by: Mark Rutland &lt;mark.rutland@arm.com&gt;
Tested-by: Jeremy Linton &lt;jeremy.linton@arm.com&gt;
Cc: Will Deacon &lt;will.deacon@arm.com&gt;
Signed-off-by: Will Deacon &lt;will.deacon@arm.com&gt;
Signed-off-by: Sasha Levin &lt;alexander.levin@microsoft.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>ARM: 8720/1: ensure dump_instr() checks addr_limit</title>
<updated>2017-12-07T02:20:01+00:00</updated>
<author>
<name>Mark Rutland</name>
<email>mark.rutland@arm.com</email>
</author>
<published>2017-11-02T17:44:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=b015088a56ff94376d0d499087cac2dc1c5fa815'/>
<id>b015088a56ff94376d0d499087cac2dc1c5fa815</id>
<content type='text'>
[ Upstream commit b9dd05c7002ee0ca8b676428b2268c26399b5e31 ]

When CONFIG_DEBUG_USER is enabled, it's possible for a user to
deliberately trigger dump_instr() with a chosen kernel address.

Let's avoid problems resulting from this by using get_user() rather than
__get_user(), ensuring that we don't erroneously access kernel memory.

So that we can use the same code to dump user instructions and kernel
instructions, the common dumping code is factored out to __dump_instr(),
with the fs manipulated appropriately in dump_instr() around calls to
this.

Signed-off-by: Mark Rutland &lt;mark.rutland@arm.com&gt;
Cc: stable@vger.kernel.org
Signed-off-by: Russell King &lt;rmk+kernel@armlinux.org.uk&gt;
Signed-off-by: Sasha Levin &lt;alexander.levin@verizon.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit b9dd05c7002ee0ca8b676428b2268c26399b5e31 ]

When CONFIG_DEBUG_USER is enabled, it's possible for a user to
deliberately trigger dump_instr() with a chosen kernel address.

Let's avoid problems resulting from this by using get_user() rather than
__get_user(), ensuring that we don't erroneously access kernel memory.

So that we can use the same code to dump user instructions and kernel
instructions, the common dumping code is factored out to __dump_instr(),
with the fs manipulated appropriately in dump_instr() around calls to
this.

Signed-off-by: Mark Rutland &lt;mark.rutland@arm.com&gt;
Cc: stable@vger.kernel.org
Signed-off-by: Russell King &lt;rmk+kernel@armlinux.org.uk&gt;
Signed-off-by: Sasha Levin &lt;alexander.levin@verizon.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>ARM: 8643/3: arm/ptrace: Preserve previous registers for short regset write</title>
<updated>2017-03-06T22:31:12+00:00</updated>
<author>
<name>Dave Martin</name>
<email>Dave.Martin@arm.com</email>
</author>
<published>2017-01-18T16:11:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=c59ef58eddf01dc661973a6c00030f006ce928cd'/>
<id>c59ef58eddf01dc661973a6c00030f006ce928cd</id>
<content type='text'>
[ Upstream commit 228dbbfb5d77f8e047b2a1d78da14b7158433027 ]

Ensure that if userspace supplies insufficient data to
PTRACE_SETREGSET to fill all the registers, the thread's old
registers are preserved.

Cc: &lt;stable@vger.kernel.org&gt; # 3.0.x-
Fixes: 5be6f62b0059 ("ARM: 6883/1: ptrace: Migrate to regsets framework")
Signed-off-by: Dave Martin &lt;Dave.Martin@arm.com&gt;
Acked-by: Russell King &lt;rmk+kernel@armlinux.org.uk&gt;
Signed-off-by: Russell King &lt;rmk+kernel@arm.linux.org.uk&gt;
Signed-off-by: Sasha Levin &lt;alexander.levin@verizon.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 228dbbfb5d77f8e047b2a1d78da14b7158433027 ]

Ensure that if userspace supplies insufficient data to
PTRACE_SETREGSET to fill all the registers, the thread's old
registers are preserved.

Cc: &lt;stable@vger.kernel.org&gt; # 3.0.x-
Fixes: 5be6f62b0059 ("ARM: 6883/1: ptrace: Migrate to regsets framework")
Signed-off-by: Dave Martin &lt;Dave.Martin@arm.com&gt;
Acked-by: Russell King &lt;rmk+kernel@armlinux.org.uk&gt;
Signed-off-by: Russell King &lt;rmk+kernel@arm.linux.org.uk&gt;
Signed-off-by: Sasha Levin &lt;alexander.levin@verizon.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>ARM: 8634/1: hw_breakpoint: blacklist Scorpion CPUs</title>
<updated>2017-03-06T22:29:18+00:00</updated>
<author>
<name>Mark Rutland</name>
<email>mark.rutland@arm.com</email>
</author>
<published>2017-01-06T12:12:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=d49de65c3bd5d1ffbc3ad4269a546eb5437a31f9'/>
<id>d49de65c3bd5d1ffbc3ad4269a546eb5437a31f9</id>
<content type='text'>
[ Upstream commit ddc37832a1349f474c4532de381498020ed71d31 ]

On APQ8060, the kernel crashes in arch_hw_breakpoint_init, taking an
undefined instruction trap within write_wb_reg. This is because Scorpion
CPUs erroneously appear to set DBGPRSR.SPD when WFI is issued, even if
the core is not powered down. When DBGPRSR.SPD is set, breakpoint and
watchpoint registers are treated as undefined.

It's possible to trigger similar crashes later on from userspace, by
requesting the kernel to install a breakpoint or watchpoint, as we can
go idle at any point between the reset of the debug registers and their
later use. This has always been the case.

Given that this has always been broken, no-one has complained until now,
and there is no clear workaround, disable hardware breakpoints and
watchpoints on Scorpion to avoid these issues.

Signed-off-by: Mark Rutland &lt;mark.rutland@arm.com&gt;
Reported-by: Linus Walleij &lt;linus.walleij@linaro.org&gt;
Reviewed-by: Stephen Boyd &lt;sboyd@codeaurora.org&gt;
Acked-by: Will Deacon &lt;will.deacon@arm.com&gt;
Cc: Russell King &lt;linux@armlinux.org.uk&gt;
Cc: stable@vger.kernel.org
Signed-off-by: Russell King &lt;rmk+kernel@arm.linux.org.uk&gt;
Signed-off-by: Sasha Levin &lt;alexander.levin@verizon.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit ddc37832a1349f474c4532de381498020ed71d31 ]

On APQ8060, the kernel crashes in arch_hw_breakpoint_init, taking an
undefined instruction trap within write_wb_reg. This is because Scorpion
CPUs erroneously appear to set DBGPRSR.SPD when WFI is issued, even if
the core is not powered down. When DBGPRSR.SPD is set, breakpoint and
watchpoint registers are treated as undefined.

It's possible to trigger similar crashes later on from userspace, by
requesting the kernel to install a breakpoint or watchpoint, as we can
go idle at any point between the reset of the debug registers and their
later use. This has always been the case.

Given that this has always been broken, no-one has complained until now,
and there is no clear workaround, disable hardware breakpoints and
watchpoints on Scorpion to avoid these issues.

Signed-off-by: Mark Rutland &lt;mark.rutland@arm.com&gt;
Reported-by: Linus Walleij &lt;linus.walleij@linaro.org&gt;
Reviewed-by: Stephen Boyd &lt;sboyd@codeaurora.org&gt;
Acked-by: Will Deacon &lt;will.deacon@arm.com&gt;
Cc: Russell King &lt;linux@armlinux.org.uk&gt;
Cc: stable@vger.kernel.org
Signed-off-by: Russell King &lt;rmk+kernel@arm.linux.org.uk&gt;
Signed-off-by: Sasha Levin &lt;alexander.levin@verizon.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>[PATCH] arm: fix handling of F_OFD_... in oabi_fcntl64()</title>
<updated>2016-09-11T13:56:59+00:00</updated>
<author>
<name>Al Viro</name>
<email>viro@zeniv.linux.org.uk</email>
</author>
<published>2015-12-29T01:47:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=469a242127b181656cb0a07de4584215bd4494fb'/>
<id>469a242127b181656cb0a07de4584215bd4494fb</id>
<content type='text'>
[ Upstream commit 76cc404bfdc0d419c720de4daaf2584542734f42 ]

Cc: stable@vger.kernel.org # 3.15+
Reviewed-by: Jeff Layton &lt;jeff.layton@primarydata.com&gt;
Signed-off-by: Al Viro &lt;viro@zeniv.linux.org.uk&gt;
Signed-off-by: Sasha Levin &lt;alexander.levin@verizon.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 76cc404bfdc0d419c720de4daaf2584542734f42 ]

Cc: stable@vger.kernel.org # 3.15+
Reviewed-by: Jeff Layton &lt;jeff.layton@primarydata.com&gt;
Signed-off-by: Al Viro &lt;viro@zeniv.linux.org.uk&gt;
Signed-off-by: Sasha Levin &lt;alexander.levin@verizon.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>ARM: fix PTRACE_SETVFPREGS on SMP systems</title>
<updated>2016-06-17T19:37:18+00:00</updated>
<author>
<name>Russell King</name>
<email>rmk+kernel@armlinux.org.uk</email>
</author>
<published>2016-05-30T22:14:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=5642859e6a68f8c8c1e0c5163fad29ad4497f6f5'/>
<id>5642859e6a68f8c8c1e0c5163fad29ad4497f6f5</id>
<content type='text'>
[ Upstream commit e2dfb4b880146bfd4b6aa8e138c0205407cebbaf ]

PTRACE_SETVFPREGS fails to properly mark the VFP register set to be
reloaded, because it undoes one of the effects of vfp_flush_hwstate().

Specifically vfp_flush_hwstate() sets thread-&gt;vfpstate.hard.cpu to
an invalid CPU number, but vfp_set() overwrites this with the original
CPU number, thereby rendering the hardware state as apparently "valid",
even though the software state is more recent.

Fix this by reverting the previous change.

Cc: &lt;stable@vger.kernel.org&gt;
Fixes: 8130b9d7b9d8 ("ARM: 7308/1: vfp: flush thread hwstate before copying ptrace registers")
Acked-by: Will Deacon &lt;will.deacon@arm.com&gt;
Tested-by: Simon Marchi &lt;simon.marchi@ericsson.com&gt;
Signed-off-by: Russell King &lt;rmk+kernel@armlinux.org.uk&gt;
Signed-off-by: Sasha Levin &lt;sasha.levin@oracle.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit e2dfb4b880146bfd4b6aa8e138c0205407cebbaf ]

PTRACE_SETVFPREGS fails to properly mark the VFP register set to be
reloaded, because it undoes one of the effects of vfp_flush_hwstate().

Specifically vfp_flush_hwstate() sets thread-&gt;vfpstate.hard.cpu to
an invalid CPU number, but vfp_set() overwrites this with the original
CPU number, thereby rendering the hardware state as apparently "valid",
even though the software state is more recent.

Fix this by reverting the previous change.

Cc: &lt;stable@vger.kernel.org&gt;
Fixes: 8130b9d7b9d8 ("ARM: 7308/1: vfp: flush thread hwstate before copying ptrace registers")
Acked-by: Will Deacon &lt;will.deacon@arm.com&gt;
Tested-by: Simon Marchi &lt;simon.marchi@ericsson.com&gt;
Signed-off-by: Russell King &lt;rmk+kernel@armlinux.org.uk&gt;
Signed-off-by: Sasha Levin &lt;sasha.levin@oracle.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>ARM: 8425/1: kgdb: Don't try to stop the machine when setting breakpoints</title>
<updated>2015-10-22T21:43:13+00:00</updated>
<author>
<name>Doug Anderson</name>
<email>armlinux@m.disordat.com</email>
</author>
<published>2015-08-26T17:26:49+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=ca4104a08c62d29b43d30b8058507b2dd35ef5f2'/>
<id>ca4104a08c62d29b43d30b8058507b2dd35ef5f2</id>
<content type='text'>
commit 7ae85dc7687c7e7119053d83d02c560ea217b772 upstream.

In (23a4e40 arm: kgdb: Handle read-only text / modules) we moved to
using patch_text() to set breakpoints so that we could handle the case
when we had CONFIG_DEBUG_RODATA.  That patch used patch_text().
Unfortunately, patch_text() assumes that we're not in atomic context
when it runs since it needs to grab a mutex and also wait for other
CPUs to stop (which it does with a completion).

This would result in a stack crawl if you had
CONFIG_DEBUG_ATOMIC_SLEEP and tried to set a breakpoint in kgdb.  The
crawl looked something like:

 BUG: scheduling while atomic: swapper/0/0/0x00010007
 CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.2.0-rc7-00133-geb63b34 #1073
 Hardware name: Rockchip (Device Tree)
  (unwind_backtrace) from [&lt;c00133d4&gt;] (show_stack+0x20/0x24)
  (show_stack) from [&lt;c05400e8&gt;] (dump_stack+0x84/0xb8)
  (dump_stack) from [&lt;c004913c&gt;] (__schedule_bug+0x54/0x6c)
  (__schedule_bug) from [&lt;c054065c&gt;] (__schedule+0x80/0x668)
  (__schedule) from [&lt;c0540cfc&gt;] (schedule+0xb8/0xd4)
  (schedule) from [&lt;c0543a3c&gt;] (schedule_timeout+0x2c/0x234)
  (schedule_timeout) from [&lt;c05417c0&gt;] (wait_for_common+0xf4/0x188)
  (wait_for_common) from [&lt;c0541874&gt;] (wait_for_completion+0x20/0x24)
  (wait_for_completion) from [&lt;c00a0104&gt;] (__stop_cpus+0x58/0x70)
  (__stop_cpus) from [&lt;c00a0580&gt;] (stop_cpus+0x3c/0x54)
  (stop_cpus) from [&lt;c00a06c4&gt;] (__stop_machine+0xcc/0xe8)
  (__stop_machine) from [&lt;c00a0714&gt;] (stop_machine+0x34/0x44)
  (stop_machine) from [&lt;c00173e8&gt;] (patch_text+0x28/0x34)
  (patch_text) from [&lt;c001733c&gt;] (kgdb_arch_set_breakpoint+0x40/0x4c)
  (kgdb_arch_set_breakpoint) from [&lt;c00a0d68&gt;] (kgdb_validate_break_address+0x2c/0x60)
  (kgdb_validate_break_address) from [&lt;c00a0e90&gt;] (dbg_set_sw_break+0x1c/0xdc)
  (dbg_set_sw_break) from [&lt;c00a2e88&gt;] (gdb_serial_stub+0x9c4/0xba4)
  (gdb_serial_stub) from [&lt;c00a11cc&gt;] (kgdb_cpu_enter+0x1f8/0x60c)
  (kgdb_cpu_enter) from [&lt;c00a18cc&gt;] (kgdb_handle_exception+0x19c/0x1d0)
  (kgdb_handle_exception) from [&lt;c0016f7c&gt;] (kgdb_compiled_brk_fn+0x30/0x3c)
  (kgdb_compiled_brk_fn) from [&lt;c00091a4&gt;] (do_undefinstr+0x1a4/0x20c)
  (do_undefinstr) from [&lt;c001400c&gt;] (__und_svc_finish+0x0/0x34)

It turns out that when we're in kgdb all the CPUs are stopped anyway
so there's no reason we should be calling patch_text().  We can
instead directly call __patch_text() which assumes that CPUs have
already been stopped.

Fixes: 23a4e4050ba9 ("arm: kgdb: Handle read-only text / modules")
Reported-by: Aapo Vienamo &lt;avienamo@nvidia.com&gt;
Signed-off-by: Douglas Anderson &lt;dianders@chromium.org&gt;
Reviewed-by: Stephen Boyd &lt;sboyd@codeaurora.org&gt;
Acked-by: Kees Cook &lt;keescook@chromium.org&gt;
Signed-off-by: Russell King &lt;rmk+kernel@arm.linux.org.uk&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 7ae85dc7687c7e7119053d83d02c560ea217b772 upstream.

In (23a4e40 arm: kgdb: Handle read-only text / modules) we moved to
using patch_text() to set breakpoints so that we could handle the case
when we had CONFIG_DEBUG_RODATA.  That patch used patch_text().
Unfortunately, patch_text() assumes that we're not in atomic context
when it runs since it needs to grab a mutex and also wait for other
CPUs to stop (which it does with a completion).

This would result in a stack crawl if you had
CONFIG_DEBUG_ATOMIC_SLEEP and tried to set a breakpoint in kgdb.  The
crawl looked something like:

 BUG: scheduling while atomic: swapper/0/0/0x00010007
 CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.2.0-rc7-00133-geb63b34 #1073
 Hardware name: Rockchip (Device Tree)
  (unwind_backtrace) from [&lt;c00133d4&gt;] (show_stack+0x20/0x24)
  (show_stack) from [&lt;c05400e8&gt;] (dump_stack+0x84/0xb8)
  (dump_stack) from [&lt;c004913c&gt;] (__schedule_bug+0x54/0x6c)
  (__schedule_bug) from [&lt;c054065c&gt;] (__schedule+0x80/0x668)
  (__schedule) from [&lt;c0540cfc&gt;] (schedule+0xb8/0xd4)
  (schedule) from [&lt;c0543a3c&gt;] (schedule_timeout+0x2c/0x234)
  (schedule_timeout) from [&lt;c05417c0&gt;] (wait_for_common+0xf4/0x188)
  (wait_for_common) from [&lt;c0541874&gt;] (wait_for_completion+0x20/0x24)
  (wait_for_completion) from [&lt;c00a0104&gt;] (__stop_cpus+0x58/0x70)
  (__stop_cpus) from [&lt;c00a0580&gt;] (stop_cpus+0x3c/0x54)
  (stop_cpus) from [&lt;c00a06c4&gt;] (__stop_machine+0xcc/0xe8)
  (__stop_machine) from [&lt;c00a0714&gt;] (stop_machine+0x34/0x44)
  (stop_machine) from [&lt;c00173e8&gt;] (patch_text+0x28/0x34)
  (patch_text) from [&lt;c001733c&gt;] (kgdb_arch_set_breakpoint+0x40/0x4c)
  (kgdb_arch_set_breakpoint) from [&lt;c00a0d68&gt;] (kgdb_validate_break_address+0x2c/0x60)
  (kgdb_validate_break_address) from [&lt;c00a0e90&gt;] (dbg_set_sw_break+0x1c/0xdc)
  (dbg_set_sw_break) from [&lt;c00a2e88&gt;] (gdb_serial_stub+0x9c4/0xba4)
  (gdb_serial_stub) from [&lt;c00a11cc&gt;] (kgdb_cpu_enter+0x1f8/0x60c)
  (kgdb_cpu_enter) from [&lt;c00a18cc&gt;] (kgdb_handle_exception+0x19c/0x1d0)
  (kgdb_handle_exception) from [&lt;c0016f7c&gt;] (kgdb_compiled_brk_fn+0x30/0x3c)
  (kgdb_compiled_brk_fn) from [&lt;c00091a4&gt;] (do_undefinstr+0x1a4/0x20c)
  (do_undefinstr) from [&lt;c001400c&gt;] (__und_svc_finish+0x0/0x34)

It turns out that when we're in kgdb all the CPUs are stopped anyway
so there's no reason we should be calling patch_text().  We can
instead directly call __patch_text() which assumes that CPUs have
already been stopped.

Fixes: 23a4e4050ba9 ("arm: kgdb: Handle read-only text / modules")
Reported-by: Aapo Vienamo &lt;avienamo@nvidia.com&gt;
Signed-off-by: Douglas Anderson &lt;dianders@chromium.org&gt;
Reviewed-by: Stephen Boyd &lt;sboyd@codeaurora.org&gt;
Acked-by: Kees Cook &lt;keescook@chromium.org&gt;
Signed-off-by: Russell King &lt;rmk+kernel@arm.linux.org.uk&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>ARM: fix Thumb2 signal handling when ARMv6 is enabled</title>
<updated>2015-10-22T21:43:12+00:00</updated>
<author>
<name>Russell King</name>
<email>rmk+kernel@arm.linux.org.uk</email>
</author>
<published>2015-09-11T15:44:02+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=5e624cb5d02e467dbeea3dccdacbd4e86c1705b1'/>
<id>5e624cb5d02e467dbeea3dccdacbd4e86c1705b1</id>
<content type='text'>
commit 9b55613f42e8d40d5c9ccb8970bde6af4764b2ab upstream.

When a kernel is built covering ARMv6 to ARMv7, we omit to clear the
IT state when entering a signal handler.  This can cause the first
few instructions to be conditionally executed depending on the parent
context.

In any case, the original test for &gt;= ARMv7 is broken - ARMv6 can have
Thumb-2 support as well, and an ARMv6T2 specific build would omit this
code too.

Relax the test back to ARMv6 or greater.  This results in us always
clearing the IT state bits in the PSR, even on CPUs where these bits
are reserved.  However, they're reserved for the IT state, so this
should cause no harm.

Fixes: d71e1352e240 ("Clear the IT state when invoking a Thumb-2 signal handler")
Acked-by: Tony Lindgren &lt;tony@atomide.com&gt;
Tested-by: H. Nikolaus Schaller &lt;hns@goldelico.com&gt;
Tested-by: Grazvydas Ignotas &lt;notasas@gmail.com&gt;
Signed-off-by: Russell King &lt;rmk+kernel@arm.linux.org.uk&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 9b55613f42e8d40d5c9ccb8970bde6af4764b2ab upstream.

When a kernel is built covering ARMv6 to ARMv7, we omit to clear the
IT state when entering a signal handler.  This can cause the first
few instructions to be conditionally executed depending on the parent
context.

In any case, the original test for &gt;= ARMv7 is broken - ARMv6 can have
Thumb-2 support as well, and an ARMv6T2 specific build would omit this
code too.

Relax the test back to ARMv6 or greater.  This results in us always
clearing the IT state bits in the PSR, even on CPUs where these bits
are reserved.  However, they're reserved for the IT state, so this
should cause no harm.

Fixes: d71e1352e240 ("Clear the IT state when invoking a Thumb-2 signal handler")
Acked-by: Tony Lindgren &lt;tony@atomide.com&gt;
Tested-by: H. Nikolaus Schaller &lt;hns@goldelico.com&gt;
Tested-by: Grazvydas Ignotas &lt;notasas@gmail.com&gt;
Signed-off-by: Russell King &lt;rmk+kernel@arm.linux.org.uk&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>ARM: 8393/1: smp: Fix suspicious RCU usage with ipi tracepoints</title>
<updated>2015-08-03T16:29:19+00:00</updated>
<author>
<name>Stephen Boyd</name>
<email>sboyd@codeaurora.org</email>
</author>
<published>2015-06-19T20:37:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=ec5ea3004ddc46c09c6805119cedb7b8f516b997'/>
<id>ec5ea3004ddc46c09c6805119cedb7b8f516b997</id>
<content type='text'>
commit 398f74569cebbf06bc6b069442bcd0e9616ca465 upstream.

John Stultz reports an RCU splat on boot with ARM ipi trace
events enabled.

===============================
[ INFO: suspicious RCU usage. ]
4.1.0-rc7-00033-gb5bed2f #153 Not tainted
-------------------------------
include/trace/events/ipi.h:68 suspicious rcu_dereference_check() usage!

other info that might help us debug this:

RCU used illegally from idle CPU!
rcu_scheduler_active = 1, debug_locks = 0
RCU used illegally from extended quiescent state!
no locks held by swapper/0/0.

stack backtrace:
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.1.0-rc7-00033-gb5bed2f #153
Hardware name: Qualcomm (Flattened Device Tree)
[&lt;c0216b08&gt;] (unwind_backtrace) from [&lt;c02136e8&gt;] (show_stack+0x10/0x14)
[&lt;c02136e8&gt;] (show_stack) from [&lt;c075e678&gt;] (dump_stack+0x70/0xbc)
[&lt;c075e678&gt;] (dump_stack) from [&lt;c0215a80&gt;] (handle_IPI+0x428/0x604)
[&lt;c0215a80&gt;] (handle_IPI) from [&lt;c020942c&gt;] (gic_handle_irq+0x54/0x5c)
[&lt;c020942c&gt;] (gic_handle_irq) from [&lt;c0766604&gt;] (__irq_svc+0x44/0x7c)
Exception stack(0xc09f3f48 to 0xc09f3f90)
3f40:                   00000001 00000001 00000000 c09f73b8 c09f4528 c0a5de9c
3f60: c076b4f0 00000000 00000000 c09ef108 c0a5cec1 00000001 00000000 c09f3f90
3f80: c026bf60 c0210ab8 20000113 ffffffff
[&lt;c0766604&gt;] (__irq_svc) from [&lt;c0210ab8&gt;] (arch_cpu_idle+0x20/0x3c)
[&lt;c0210ab8&gt;] (arch_cpu_idle) from [&lt;c02647f0&gt;] (cpu_startup_entry+0x2c0/0x5dc)
[&lt;c02647f0&gt;] (cpu_startup_entry) from [&lt;c099bc1c&gt;] (start_kernel+0x358/0x3c4)
[&lt;c099bc1c&gt;] (start_kernel) from [&lt;8020807c&gt;] (0x8020807c)

At this point in the IPI handling path we haven't called
irq_enter() yet, so RCU doesn't know that we're about to exit
idle and properly warns that we're using RCU from an idle CPU.
Use trace_ipi_entry_rcuidle() instead of trace_ipi_entry() so
that RCU is informed about our exit from idle.

Fixes: 365ec7b17327 ("ARM: add IPI tracepoints")
Reported-by: John Stultz &lt;john.stultz@linaro.org&gt;
Tested-by: John Stultz &lt;john.stultz@linaro.org&gt;
Acked-by: Steven Rostedt &lt;rostedt@goodmis.org&gt;
Reviewed-by: Paul E. McKenney &lt;paulmck@linux.vnet.ibm.com&gt;
Signed-off-by: Stephen Boyd &lt;sboyd@codeaurora.org&gt;
Signed-off-by: Russell King &lt;rmk+kernel@arm.linux.org.uk&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 398f74569cebbf06bc6b069442bcd0e9616ca465 upstream.

John Stultz reports an RCU splat on boot with ARM ipi trace
events enabled.

===============================
[ INFO: suspicious RCU usage. ]
4.1.0-rc7-00033-gb5bed2f #153 Not tainted
-------------------------------
include/trace/events/ipi.h:68 suspicious rcu_dereference_check() usage!

other info that might help us debug this:

RCU used illegally from idle CPU!
rcu_scheduler_active = 1, debug_locks = 0
RCU used illegally from extended quiescent state!
no locks held by swapper/0/0.

stack backtrace:
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.1.0-rc7-00033-gb5bed2f #153
Hardware name: Qualcomm (Flattened Device Tree)
[&lt;c0216b08&gt;] (unwind_backtrace) from [&lt;c02136e8&gt;] (show_stack+0x10/0x14)
[&lt;c02136e8&gt;] (show_stack) from [&lt;c075e678&gt;] (dump_stack+0x70/0xbc)
[&lt;c075e678&gt;] (dump_stack) from [&lt;c0215a80&gt;] (handle_IPI+0x428/0x604)
[&lt;c0215a80&gt;] (handle_IPI) from [&lt;c020942c&gt;] (gic_handle_irq+0x54/0x5c)
[&lt;c020942c&gt;] (gic_handle_irq) from [&lt;c0766604&gt;] (__irq_svc+0x44/0x7c)
Exception stack(0xc09f3f48 to 0xc09f3f90)
3f40:                   00000001 00000001 00000000 c09f73b8 c09f4528 c0a5de9c
3f60: c076b4f0 00000000 00000000 c09ef108 c0a5cec1 00000001 00000000 c09f3f90
3f80: c026bf60 c0210ab8 20000113 ffffffff
[&lt;c0766604&gt;] (__irq_svc) from [&lt;c0210ab8&gt;] (arch_cpu_idle+0x20/0x3c)
[&lt;c0210ab8&gt;] (arch_cpu_idle) from [&lt;c02647f0&gt;] (cpu_startup_entry+0x2c0/0x5dc)
[&lt;c02647f0&gt;] (cpu_startup_entry) from [&lt;c099bc1c&gt;] (start_kernel+0x358/0x3c4)
[&lt;c099bc1c&gt;] (start_kernel) from [&lt;8020807c&gt;] (0x8020807c)

At this point in the IPI handling path we haven't called
irq_enter() yet, so RCU doesn't know that we're about to exit
idle and properly warns that we're using RCU from an idle CPU.
Use trace_ipi_entry_rcuidle() instead of trace_ipi_entry() so
that RCU is informed about our exit from idle.

Fixes: 365ec7b17327 ("ARM: add IPI tracepoints")
Reported-by: John Stultz &lt;john.stultz@linaro.org&gt;
Tested-by: John Stultz &lt;john.stultz@linaro.org&gt;
Acked-by: Steven Rostedt &lt;rostedt@goodmis.org&gt;
Reviewed-by: Paul E. McKenney &lt;paulmck@linux.vnet.ibm.com&gt;
Signed-off-by: Stephen Boyd &lt;sboyd@codeaurora.org&gt;
Signed-off-by: Russell King &lt;rmk+kernel@arm.linux.org.uk&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
</feed>
