From fdb8b20906f3546ba6c2f9f0686d8a5189516ba3 Mon Sep 17 00:00:00 2001 From: José Pekkarinen Date: Fri, 9 Oct 2015 08:42:44 +0300 Subject: Kernel bump from 4.1.3-rt to 4.1.7-rt. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These changes brings a vanilla kernel from kernel.org, and the patch applied for rt is patch-4.1.7-rt8.patch. No further changes needed. Change-Id: Id8dd03c2ddd971e4d1d69b905f3069737053b700 Signed-off-by: José Pekkarinen --- kernel/arch/mips/include/asm/stackframe.h | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'kernel/arch/mips/include/asm/stackframe.h') diff --git a/kernel/arch/mips/include/asm/stackframe.h b/kernel/arch/mips/include/asm/stackframe.h index 28d6d9364..a71da5768 100644 --- a/kernel/arch/mips/include/asm/stackframe.h +++ b/kernel/arch/mips/include/asm/stackframe.h @@ -152,6 +152,31 @@ .set noreorder bltz k0, 8f move k1, sp +#ifdef CONFIG_EVA + /* + * Flush interAptiv's Return Prediction Stack (RPS) by writing + * EntryHi. Toggling Config7.RPS is slower and less portable. + * + * The RPS isn't automatically flushed when exceptions are + * taken, which can result in kernel mode speculative accesses + * to user addresses if the RPS mispredicts. That's harmless + * when user and kernel share the same address space, but with + * EVA the same user segments may be unmapped to kernel mode, + * even containing sensitive MMIO regions or invalid memory. + * + * This can happen when the kernel sets the return address to + * ret_from_* and jr's to the exception handler, which looks + * more like a tail call than a function call. If nested calls + * don't evict the last user address in the RPS, it will + * mispredict the return and fetch from a user controlled + * address into the icache. + * + * More recent EVA-capable cores with MAAR to restrict + * speculative accesses aren't affected. + */ + MFC0 k0, CP0_ENTRYHI + MTC0 k0, CP0_ENTRYHI +#endif .set reorder /* Called from user mode, new stack. */ get_saved_sp -- cgit 1.2.3-korg