1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
From ab2695d38f4ffadde05c2275ac68f4aad68ef336 Mon Sep 17 00:00:00 2001
From: Tim Gover <tim.gover@raspberrypi.org>
Date: Thu, 14 Mar 2019 10:16:02 +0000
Subject: [PATCH] Fix copy_from_user if BCM2835_FAST_MEMCPY=n
The change which introduced CONFIG_BCM2835_FAST_MEMCPY unconditionally
changed the behaviour of arm_copy_from_user. The page pinning code
is not safe on ARMv7 if LPAE & high memory is enabled and causes
crashes which look like PTE corruption.
Make __copy_from_user_memcpy conditional on CONFIG_2835_FAST_MEMCPY=y
which is really an ARMv6 / Pi1 optimization and not necessary on newer
ARM processors.
---
arch/arm/lib/uaccess_with_memcpy.c | 6 ++++++
1 file changed, 6 insertions(+)
--- a/arch/arm/lib/uaccess_with_memcpy.c
+++ b/arch/arm/lib/uaccess_with_memcpy.c
@@ -257,6 +257,7 @@ arm_copy_to_user(void __user *to, const
unsigned long __must_check
arm_copy_from_user(void *to, const void __user *from, unsigned long n)
{
+#ifdef CONFIG_BCM2835_FAST_MEMCPY
/*
* This test is stubbed out of the main function above to keep
* the overhead for small copies low by avoiding a large
@@ -271,6 +272,11 @@ arm_copy_from_user(void *to, const void
} else {
n = __copy_from_user_memcpy(to, from, n);
}
+#else
+ unsigned long ua_flags = uaccess_save_and_enable();
+ n = __copy_from_user_std(to, from, n);
+ uaccess_restore(ua_flags);
+#endif
return n;
}
|
