ARM kprobes: don't let a single-stepped stmdb corrupt the exception stack

If kprobes installs a breakpoint on a "stmdb sp!, {...}" instruction,
and then single-step it by simulation from the exception context, it will
corrupt the saved regs on the stack from the previous context.

To avoid this, let's add an optional parameter to the svc_entry macro
allowing for a hole to be created on the stack before saving the
interrupted context, and use it in the undef_svc handler when kprobes
is enabled.

Signed-off-by: Nicolas Pitre <nico@marvell.com>

1 files changed, 10 insertions, 3 deletions

diff --git a/arch/arm/kernel/entry-armv.S b/arch/arm/kernel/entry-armv.S
index 29dec080a604..12ecc817be3f 100644
--- a/arch/arm/kernel/entry-armv.S
+++ b/arch/arm/kernel/entry-armv.S
@@ -112,8 +112,8 @@ common_invalid:
 #define SPFIX(code...)
 #endif
 
-        .macro  svc_entry
-        sub     sp, sp, #S_FRAME_SIZE
+        .macro  svc_entry, stack_hole=0
+        sub     sp, sp, #(S_FRAME_SIZE + \stack_hole)
  SPFIX( tst     sp, #4          )
  SPFIX( bicne   sp, sp, #4      )
         stmib   sp, {r1 - r12}
@@ -121,7 +121,7 @@ common_invalid:
         ldmia   r0, {r1 - r3}
         add     r5, sp, #S_SP           @ here for interlock avoidance
         mov     r4, #-1                 @  ""  ""      ""       ""
-        add     r0, sp, #S_FRAME_SIZE   @  ""  ""      ""       ""
+        add     r0, sp, #(S_FRAME_SIZE + \stack_hole)
  SPFIX( addne   r0, r0, #4      )
         str     r1, [sp]                @ save the "real" r0 copied
                                         @ from the exception stack
@@ -242,7 +242,14 @@ svc_preempt:
 
         .align  5
 __und_svc:
+#ifdef CONFIG_KPROBES
+        @ If a kprobe is about to simulate a "stmdb sp..." instruction,
+        @ it obviously needs free stack space which then will belong to
+        @ the saved context.
+        svc_entry 64
+#else
         svc_entry
+#endif
 
         @
         @ call emulation code, which returns using r9 if it has emulated