From patchwork Tue Mar 11 16:54:53 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Jon Medhurst \(Tixy\)" X-Patchwork-Id: 26043 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-yk0-f198.google.com (mail-yk0-f198.google.com [209.85.160.198]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 3502D202E1 for ; Tue, 11 Mar 2014 16:56:15 +0000 (UTC) Received: by mail-yk0-f198.google.com with SMTP id 9sf47534701ykp.1 for ; Tue, 11 Mar 2014 09:56:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:subject:date:message-id :in-reply-to:references:cc:precedence:list-id:list-unsubscribe :list-archive:list-post:list-help:list-subscribe:mime-version:sender :errors-to:x-original-sender:x-original-authentication-results :mailing-list:content-type:content-transfer-encoding; bh=AtW81uf0fM/H4XHLoYglegErrPpT5NuTEiDuXAozViE=; b=OTrrtiOonpJV6+uHnbJyWNvhaqf8o69tUni1dUvDxzYqxBV2uReWiHBHSNDR3+ETCi k5yeEtBXZQ1nEyC6pQEMAVYW6kW+HIlOTm//N9cXNzk23a+/HFUVg2sH1hOjdB3TRlAT SlzXdmae4nv71trVQNxB0pgNPWw2BjW29Sj2mh1z5AJ43PAtv4sn2w6Y7SopG7vxjYV9 dJDbL0Fm794gJAYcd5DBew+J16hXtX5cdjFj2Nbg792brblCHY9JJNR5/kwURcXTTwtn O8pB8N2qXdSFic3axmUQTganh4jMR/cH3j4Dq9n5VoeJPbykectzQZQhQ3oQX43BVJos wEGQ== X-Gm-Message-State: ALoCoQlwbvoBO/yiPuveUdzgluOz2ILd4HIpcWEX7SgHz+YSeikBR65cPPm8lX2h+4G47lNaKFRz X-Received: by 10.58.91.196 with SMTP id cg4mr4984419veb.41.1394556974906; Tue, 11 Mar 2014 09:56:14 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.18.166 with SMTP id 35ls2571358qgf.3.gmail; Tue, 11 Mar 2014 09:56:14 -0700 (PDT) X-Received: by 10.220.114.135 with SMTP id e7mr7292830vcq.23.1394556974762; Tue, 11 Mar 2014 09:56:14 -0700 (PDT) Received: from mail-vc0-f181.google.com (mail-vc0-f181.google.com [209.85.220.181]) by mx.google.com with ESMTPS id ke3si5942734veb.65.2014.03.11.09.56.14 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 11 Mar 2014 09:56:14 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.181 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) client-ip=209.85.220.181; Received: by mail-vc0-f181.google.com with SMTP id id10so2519953vcb.26 for ; Tue, 11 Mar 2014 09:56:14 -0700 (PDT) X-Received: by 10.52.69.146 with SMTP id e18mr27198400vdu.15.1394556974658; Tue, 11 Mar 2014 09:56:14 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.220.78.9 with SMTP id i9csp219402vck; Tue, 11 Mar 2014 09:56:13 -0700 (PDT) X-Received: by 10.194.48.100 with SMTP id k4mr8479823wjn.49.1394556973399; Tue, 11 Mar 2014 09:56:13 -0700 (PDT) Received: from casper.infradead.org (casper.infradead.org. [2001:770:15f::2]) by mx.google.com with ESMTPS id ww3si21815498wjc.74.2014.03.11.09.56.12 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Mar 2014 09:56:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:770:15f::2 as permitted sender) client-ip=2001:770:15f::2; Received: from merlin.infradead.org ([2001:4978:20e::2]) by casper.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1WNPy8-0001gk-OY; Tue, 11 Mar 2014 16:55:56 +0000 Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1WNPy6-0005C9-3C; Tue, 11 Mar 2014 16:55:54 +0000 Received: from smarthost01d.mail.zen.net.uk ([212.23.1.7]) by merlin.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1WNPy2-0005AY-1t for linux-arm-kernel@lists.infradead.org; Tue, 11 Mar 2014 16:55:51 +0000 Received: from [82.69.122.217] (helo=plug1) by smarthost01d.mail.zen.net.uk with esmtpsa (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from ) id 1WNPxa-000GLr-KD; Tue, 11 Mar 2014 16:55:22 +0000 Received: from linaro1 ([192.168.2.110] helo=linaro1.home) by plug1 with esmtp (Exim 4.80) (envelope-from ) id 1WNPxR-00024r-El; Tue, 11 Mar 2014 16:55:13 +0000 Received: from tixy by linaro1.home with local (Exim 4.80) (envelope-from ) id 1WNPxV-0004qb-Us; Tue, 11 Mar 2014 16:55:17 +0000 From: Jon Medhurst To: David Long Subject: [PATCH 2/3] ARM: kprobes: Disallow instructions with PC and register specified shift Date: Tue, 11 Mar 2014 16:54:53 +0000 Message-Id: <1394556894-18592-3-git-send-email-tixy@linaro.org> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <1394556894-18592-1-git-send-email-tixy@linaro.org> References: <1394556894-18592-1-git-send-email-tixy@linaro.org> X-Originating-smarthost01d-IP: [82.69.122.217] X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20140311_125550_181767_FE590BC8 X-CRM114-Status: GOOD ( 10.16 ) X-Spam-Score: -1.9 (-) X-Spam-Report: SpamAssassin version 3.3.2 on merlin.infradead.org summary: Content analysis details: (-1.9 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [212.23.1.7 listed in list.dnswl.org] -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] Cc: linaro-kernel@lists.linaro.org, Russell King , linux-arm-kernel@lists.infradead.org X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: tixy@linaro.org X-Original-Authentication-Results: mx.google.com; spf=neutral (google.com: 209.85.220.181 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 ARM data processing instructions which have a register specified shift are defined as UNPREDICTABLE if PC is used for any register, not just the shift value as the code was previous assuming. This issue manifests on A15 devices as either test case failures or undefined instructions aborts. Reported-by: David Long Signed-off-by: Jon Medhurst --- arch/arm/kernel/kprobes-test-arm.c | 25 +++++++++++++------------ arch/arm/kernel/probes-arm.c | 6 +++--- 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/arch/arm/kernel/kprobes-test-arm.c b/arch/arm/kernel/kprobes-test-arm.c index 87839de..8a7428b 100644 --- a/arch/arm/kernel/kprobes-test-arm.c +++ b/arch/arm/kernel/kprobes-test-arm.c @@ -73,12 +73,9 @@ void kprobe_arm_test_cases(void) TEST_RRR( op "lt" s " r11, r",11,VAL1,", r",14,N(val),", asr r",7, 6,"")\ TEST_RR( op "gt" s " r12, r13" ", r",14,val, ", ror r",14,7,"")\ TEST_RR( op "le" s " r14, r",0, val, ", r13" ", lsl r",14,8,"")\ - TEST_RR( op s " r12, pc" ", r",14,val, ", ror r",14,7,"")\ - TEST_RR( op s " r14, r",0, val, ", pc" ", lsl r",14,8,"")\ TEST_R( op "eq" s " r0, r",11,VAL1,", #0xf5") \ TEST_R( op "ne" s " r11, r",0, VAL1,", #0xf5000000") \ - TEST_R( op s " r7, r",8, VAL2,", #0x000af000") \ - TEST( op s " r4, pc" ", #0x00005a00") + TEST_R( op s " r7, r",8, VAL2,", #0x000af000") #define DATA_PROCESSING_DNM(op,val) \ _DATA_PROCESSING_DNM(op,"",val) \ @@ -102,8 +99,6 @@ void kprobe_arm_test_cases(void) TEST_RRR( op "ge r",11,VAL1,", r",14,N(val),", asr r",7, 6,"") \ TEST_RR( op "le r13" ", r",14,val, ", ror r",14,7,"") \ TEST_RR( op "gt r",0, val, ", r13" ", lsl r",14,8,"") \ - TEST_RR( op " pc" ", r",14,val, ", ror r",14,7,"") \ - TEST_RR( op " r",0, val, ", pc" ", lsl r",14,8,"") \ TEST_R( op "eq r",11,VAL1,", #0xf5") \ TEST_R( op "ne r",0, VAL1,", #0xf5000000") \ TEST_R( op " r",8, VAL2,", #0x000af000") @@ -124,7 +119,6 @@ void kprobe_arm_test_cases(void) TEST_RR( op "ge" s " r11, r",11,N(val),", asr r",7, 6,"") \ TEST_RR( op "lt" s " r12, r",11,val, ", ror r",14,7,"") \ TEST_R( op "gt" s " r14, r13" ", lsl r",14,8,"") \ - TEST_R( op "le" s " r14, pc" ", lsl r",14,8,"") \ TEST( op "eq" s " r0, #0xf5") \ TEST( op "ne" s " r11, #0xf5000000") \ TEST( op s " r7, #0x000af000") \ @@ -158,12 +152,19 @@ void kprobe_arm_test_cases(void) TEST_SUPPORTED("cmp pc, #0x1000"); TEST_SUPPORTED("cmp sp, #0x1000"); - /* Data-processing with PC as shift*/ + /* Data-processing with PC and a shift count in a register */ TEST_UNSUPPORTED(".word 0xe15c0f1e @ cmp r12, r14, asl pc") TEST_UNSUPPORTED(".word 0xe1a0cf1e @ mov r12, r14, asl pc") TEST_UNSUPPORTED(".word 0xe08caf1e @ add r10, r12, r14, asl pc") - - /* Data-processing with PC as shift*/ + TEST_UNSUPPORTED(".word 0xe151021f @ cmp r1, pc, lsl r2") + TEST_UNSUPPORTED(".word 0xe17f0211 @ cmn pc, r1, lsl r2") + TEST_UNSUPPORTED(".word 0xe1a0121f @ mov r1, pc, lsl r2") + TEST_UNSUPPORTED(".word 0xe1a0f211 @ mov pc, r1, lsl r2") + TEST_UNSUPPORTED(".word 0xe042131f @ sub r1, r2, pc, lsl r3") + TEST_UNSUPPORTED(".word 0xe1cf1312 @ bic r1, pc, r2, lsl r3") + TEST_UNSUPPORTED(".word 0xe081f312 @ add pc, r1, r2, lsl r3") + + /* Data-processing with PC as a target a status registers updated */ TEST_UNSUPPORTED("movs pc, r1") TEST_UNSUPPORTED("movs pc, r1, lsl r2") TEST_UNSUPPORTED("movs pc, #0x10000") @@ -186,14 +187,14 @@ void kprobe_arm_test_cases(void) TEST_BF_R ("add pc, pc, r",14,2f-1f-8,"") TEST_BF_R ("add pc, r",14,2f-1f-8,", pc") TEST_BF_R ("mov pc, r",0,2f,"") - TEST_BF_RR("mov pc, r",0,2f,", asl r",1,0,"") + TEST_BF_R ("add pc, pc, r",14,(2f-1f-8)*2,", asr #1") TEST_BB( "sub pc, pc, #1b-2b+8") #if __LINUX_ARM_ARCH__ == 6 && !defined(CONFIG_CPU_V7) TEST_BB( "sub pc, pc, #1b-2b+8-2") /* UNPREDICTABLE before and after ARMv6 */ #endif TEST_BB_R( "sub pc, pc, r",14, 1f-2f+8,"") TEST_BB_R( "rsb pc, r",14,1f-2f+8,", pc") - TEST_RR( "add pc, pc, r",10,-2,", asl r",11,1,"") + TEST_R( "add pc, pc, r",10,-2,", asl #1") #ifdef CONFIG_THUMB2_KERNEL TEST_ARM_TO_THUMB_INTERWORK_R("add pc, pc, r",0,3f-1f-8+1,"") TEST_ARM_TO_THUMB_INTERWORK_R("sub pc, r",0,3f+8+1,", #8") diff --git a/arch/arm/kernel/probes-arm.c b/arch/arm/kernel/probes-arm.c index 51a13a0..8eaef81 100644 --- a/arch/arm/kernel/probes-arm.c +++ b/arch/arm/kernel/probes-arm.c @@ -341,12 +341,12 @@ static const union decode_item arm_cccc_000x_table[] = { /* CMP (reg-shift reg) cccc 0001 0101 xxxx xxxx xxxx 0xx1 xxxx */ /* CMN (reg-shift reg) cccc 0001 0111 xxxx xxxx xxxx 0xx1 xxxx */ DECODE_EMULATEX (0x0f900090, 0x01100010, PROBES_DATA_PROCESSING_REG, - REGS(ANY, 0, NOPC, 0, ANY)), + REGS(NOPC, 0, NOPC, 0, NOPC)), /* MOV (reg-shift reg) cccc 0001 101x xxxx xxxx xxxx 0xx1 xxxx */ /* MVN (reg-shift reg) cccc 0001 111x xxxx xxxx xxxx 0xx1 xxxx */ DECODE_EMULATEX (0x0fa00090, 0x01a00010, PROBES_DATA_PROCESSING_REG, - REGS(0, ANY, NOPC, 0, ANY)), + REGS(0, NOPC, NOPC, 0, NOPC)), /* AND (reg-shift reg) cccc 0000 000x xxxx xxxx xxxx 0xx1 xxxx */ /* EOR (reg-shift reg) cccc 0000 001x xxxx xxxx xxxx 0xx1 xxxx */ @@ -359,7 +359,7 @@ static const union decode_item arm_cccc_000x_table[] = { /* ORR (reg-shift reg) cccc 0001 100x xxxx xxxx xxxx 0xx1 xxxx */ /* BIC (reg-shift reg) cccc 0001 110x xxxx xxxx xxxx 0xx1 xxxx */ DECODE_EMULATEX (0x0e000090, 0x00000010, PROBES_DATA_PROCESSING_REG, - REGS(ANY, ANY, NOPC, 0, ANY)), + REGS(NOPC, NOPC, NOPC, 0, NOPC)), DECODE_END };