ARM: 7384/1: ThumbEE: Disable userspace TEEHBR access for !CONFIG_ARM_THUMBEE

Currently when ThumbEE is not enabled (!CONFIG_ARM_THUMBEE) the ThumbEE register states are not saved/restored at context switch. The default state of the ThumbEE Ctrl register (TEECR) allows userspace accesses to the ThumbEE Base Handler register (TEEHBR). This can cause unexpected behaviour when people use ThumbEE on !CONFIG_ARM_THUMBEE kernels, as well as allowing covert communication - eg between userspace tasks running inside chroot jails. This patch sets up TEECR in order to prevent user-space access to TEEHBR when !CONFIG_ARM_THUMBEE. In this case, tasks are sent SIGILL if they try to access TEEHBR. Cc: stable@vger.kernel.org Reviewed-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Jonathan Austin <jonathan.austin@arm.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
author: Jonathan Austin <Jonathan.Austin@arm.com> 2012-04-12 12:45:25 -0400
committer: Russell King <rmk+kernel@arm.linux.org.uk> 2012-04-15 17:00:31 -0400
commit: 078c04545ba56da21567728a909a496df5ff730d (patch)
tree: 08d0f061a972f426ef7d7c2ae227ac998ffca013 /arch/arm/mm/proc-v7.S
parent: e5ab85800820edd907d3f43f285e1232f84d5a41 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/arch/arm/mm/proc-v7.S b/arch/arm/mm/proc-v7.S
index f1c8486f7501..c2e2b66f72b5 100644
--- a/arch/arm/mm/proc-v7.S
+++ b/arch/arm/mm/proc-v7.S
@@ -255,6 +255,18 @@ __v7_setup:
        mcr     p15, 0, r5, c10, c2, 0          @ write PRRR
        mcr     p15, 0, r6, c10, c2, 1          @ write NMRR
 #endif
+#ifndef CONFIG_ARM_THUMBEE
+        mrc     p15, 0, r0, c0, c1, 0           @ read ID_PFR0 for ThumbEE
+        and     r0, r0, #(0xf << 12)            @ ThumbEE enabled field
+        teq     r0, #(1 << 12)                  @ check if ThumbEE is present
+        bne     1f
+        mov     r5, #0
+        mcr     p14, 6, r5, c1, c0, 0           @ Initialize TEEHBR to 0
+        mrc     p14, 6, r0, c0, c0, 0           @ load TEECR
+        orr     r0, r0, #1                      @ set the 1st bit in order to
+        mcr     p14, 6, r0, c0, c0, 0           @ stop userspace TEEHBR access
+1:
+#endif
        adr     r5, v7_crval
        ldmia   r5, {r5, r6}
 #ifdef CONFIG_CPU_ENDIAN_BE8
author	Jonathan Austin <Jonathan.Austin@arm.com>	2012-04-12 12:45:25 -0400
committer	Russell King <rmk+kernel@arm.linux.org.uk>	2012-04-15 17:00:31 -0400
commit	078c04545ba56da21567728a909a496df5ff730d (patch)
tree	08d0f061a972f426ef7d7c2ae227ac998ffca013 /arch/arm/mm/proc-v7.S
parent	e5ab85800820edd907d3f43f285e1232f84d5a41 (diff)

diff --git a/arch/arm/mm/proc-v7.S b/arch/arm/mm/proc-v7.S index f1c8486f7501..c2e2b66f72b5 100644 --- a/arch/arm/mm/proc-v7.S +++ b/arch/arm/mm/proc-v7.S
@@ -255,6 +255,18 @@ __v7_setup:
255	mcr p15, 0, r5, c10, c2, 0 @ write PRRR	255	mcr p15, 0, r5, c10, c2, 0 @ write PRRR
256	mcr p15, 0, r6, c10, c2, 1 @ write NMRR	256	mcr p15, 0, r6, c10, c2, 1 @ write NMRR
257	#endif	257	#endif
		258	#ifndef CONFIG_ARM_THUMBEE
		259	mrc p15, 0, r0, c0, c1, 0 @ read ID_PFR0 for ThumbEE
		260	and r0, r0, #(0xf << 12) @ ThumbEE enabled field
		261	teq r0, #(1 << 12) @ check if ThumbEE is present
		262	bne 1f
		263	mov r5, #0
		264	mcr p14, 6, r5, c1, c0, 0 @ Initialize TEEHBR to 0
		265	mrc p14, 6, r0, c0, c0, 0 @ load TEECR
		266	orr r0, r0, #1 @ set the 1st bit in order to
		267	mcr p14, 6, r0, c0, c0, 0 @ stop userspace TEEHBR access
		268	1:
		269	#endif
258	adr r5, v7_crval	270	adr r5, v7_crval
259	ldmia r5, {r5, r6}	271	ldmia r5, {r5, r6}
260	#ifdef CONFIG_CPU_ENDIAN_BE8	272	#ifdef CONFIG_CPU_ENDIAN_BE8