aboutsummaryrefslogtreecommitdiffstats
path: root/arch
diff options
context:
space:
mode:
authorDavid Daney <ddaney@caviumnetworks.com>2009-07-08 13:07:50 -0400
committerRalf Baechle <ralf@linux-mips.org>2009-08-03 12:52:41 -0400
commit484889fc85a223ef56edc31828b86751b2296b7c (patch)
treef511d75b729c331260bc544a0f03b7d5bea26d9a /arch
parent1de010a2702eb21d90883b83bf8c737d5e69d234 (diff)
MIPS: Avoid clobbering struct pt_regs in kthreads
The resume() implementation octeon_switch.S examines the saved cp0_status register. We were clobbering the entire pt_regs structure in kernel threads leading to random crashes. When switching away from a kernel thread, the saved cp0_status is examined and if bit 30 is set it is cleared and the CP2 state saved into the pt_regs structure. Since the kernel thread stack overlaid the pt_regs structure this resulted in a corrupt stack. When the kthread with the corrupt stack was resumed, it could crash if it used any of the data in the stack that was clobbered. We fix it by moving the kernel thread stack down so it doesn't overlay pt_regs. Signed-off-by: David Daney <ddaney@caviumnetworks.com> Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Diffstat (limited to 'arch')
-rw-r--r--arch/mips/include/asm/processor.h5
-rw-r--r--arch/mips/kernel/head.S3
-rw-r--r--arch/mips/kernel/process.c4
3 files changed, 8 insertions, 4 deletions
diff --git a/arch/mips/include/asm/processor.h b/arch/mips/include/asm/processor.h
index 0f926aa0cb47..087a8884ef06 100644
--- a/arch/mips/include/asm/processor.h
+++ b/arch/mips/include/asm/processor.h
@@ -311,8 +311,9 @@ extern void start_thread(struct pt_regs * regs, unsigned long pc, unsigned long
311 311
312unsigned long get_wchan(struct task_struct *p); 312unsigned long get_wchan(struct task_struct *p);
313 313
314#define __KSTK_TOS(tsk) ((unsigned long)task_stack_page(tsk) + THREAD_SIZE - 32) 314#define __KSTK_TOS(tsk) ((unsigned long)task_stack_page(tsk) + \
315#define task_pt_regs(tsk) ((struct pt_regs *)__KSTK_TOS(tsk) - 1) 315 THREAD_SIZE - 32 - sizeof(struct pt_regs))
316#define task_pt_regs(tsk) ((struct pt_regs *)__KSTK_TOS(tsk))
316#define KSTK_EIP(tsk) (task_pt_regs(tsk)->cp0_epc) 317#define KSTK_EIP(tsk) (task_pt_regs(tsk)->cp0_epc)
317#define KSTK_ESP(tsk) (task_pt_regs(tsk)->regs[29]) 318#define KSTK_ESP(tsk) (task_pt_regs(tsk)->regs[29])
318#define KSTK_STATUS(tsk) (task_pt_regs(tsk)->cp0_status) 319#define KSTK_STATUS(tsk) (task_pt_regs(tsk)->cp0_status)
diff --git a/arch/mips/kernel/head.S b/arch/mips/kernel/head.S
index 492a0a8d70fb..531ce7b16124 100644
--- a/arch/mips/kernel/head.S
+++ b/arch/mips/kernel/head.S
@@ -188,7 +188,8 @@ NESTED(kernel_entry, 16, sp) # kernel entry point
188 188
189 MTC0 zero, CP0_CONTEXT # clear context register 189 MTC0 zero, CP0_CONTEXT # clear context register
190 PTR_LA $28, init_thread_union 190 PTR_LA $28, init_thread_union
191 PTR_LI sp, _THREAD_SIZE - 32 191 /* Set the SP after an empty pt_regs. */
192 PTR_LI sp, _THREAD_SIZE - 32 - PT_SIZE
192 PTR_ADDU sp, $28 193 PTR_ADDU sp, $28
193 set_saved_sp sp, t0, t1 194 set_saved_sp sp, t0, t1
194 PTR_SUBU sp, 4 * SZREG # init stack pointer 195 PTR_SUBU sp, 4 * SZREG # init stack pointer
diff --git a/arch/mips/kernel/process.c b/arch/mips/kernel/process.c
index c09d681b7181..f3d73e1831c1 100644
--- a/arch/mips/kernel/process.c
+++ b/arch/mips/kernel/process.c
@@ -115,7 +115,7 @@ int copy_thread(unsigned long clone_flags, unsigned long usp,
115{ 115{
116 struct thread_info *ti = task_thread_info(p); 116 struct thread_info *ti = task_thread_info(p);
117 struct pt_regs *childregs; 117 struct pt_regs *childregs;
118 long childksp; 118 unsigned long childksp;
119 p->set_child_tid = p->clear_child_tid = NULL; 119 p->set_child_tid = p->clear_child_tid = NULL;
120 120
121 childksp = (unsigned long)task_stack_page(p) + THREAD_SIZE - 32; 121 childksp = (unsigned long)task_stack_page(p) + THREAD_SIZE - 32;
@@ -132,6 +132,8 @@ int copy_thread(unsigned long clone_flags, unsigned long usp,
132 132
133 /* set up new TSS. */ 133 /* set up new TSS. */
134 childregs = (struct pt_regs *) childksp - 1; 134 childregs = (struct pt_regs *) childksp - 1;
135 /* Put the stack after the struct pt_regs. */
136 childksp = (unsigned long) childregs;
135 *childregs = *regs; 137 *childregs = *regs;
136 childregs->regs[7] = 0; /* Clear error flag */ 138 childregs->regs[7] = 0; /* Clear error flag */
137 139