[ia64] Fix futex_atomic_cmpxchg_inatomic() (Closes: #659485)
svn path=/dists/sid/linux-2.6/; revision=18932
This commit is contained in:
parent
8d58511a6e
commit
694fb17c47
|
@ -1,3 +1,10 @@
|
||||||
|
linux-2.6 (3.2.15-2) UNRELEASED; urgency=low
|
||||||
|
|
||||||
|
[ Ben Hutchings ]
|
||||||
|
* [ia64] Fix futex_atomic_cmpxchg_inatomic() (Closes: #659485)
|
||||||
|
|
||||||
|
-- Ben Hutchings <ben@decadent.org.uk> Mon, 16 Apr 2012 02:27:29 +0100
|
||||||
|
|
||||||
linux-2.6 (3.2.15-1) unstable; urgency=high
|
linux-2.6 (3.2.15-1) unstable; urgency=high
|
||||||
|
|
||||||
* New upstream stable update:
|
* New upstream stable update:
|
||||||
|
|
|
@ -0,0 +1,41 @@
|
||||||
|
From: Tony Luck <tony.luck@intel.com>
|
||||||
|
Date: Fri Apr 13 11:32:44 2012 -0700
|
||||||
|
Subject: [IA64] Fix futex_atomic_cmpxchg_inatomic()
|
||||||
|
|
||||||
|
commit 9d38e66bf07b6e57c8e60767c454e1db9aac4484 upstream.
|
||||||
|
|
||||||
|
Michel Lespinasse cleaned up the futex calling conventions in
|
||||||
|
commit 37a9d912b24f96a0591773e6e6c3642991ae5a70
|
||||||
|
futex: Sanitize cmpxchg_futex_value_locked API
|
||||||
|
|
||||||
|
But the ia64 implementation was subtly broken. Gcc does not know
|
||||||
|
that register "r8" will be updated by the fault handler if the
|
||||||
|
cmpxchg instruction takes an exception. So it feels safe in letting
|
||||||
|
the initialization of r8 slide to after the cmpxchg. Result: we
|
||||||
|
always return 0 whether the user address faulted or not.
|
||||||
|
|
||||||
|
Fix by moving the initialization of r8 into the __asm__ code so
|
||||||
|
gcc won't move it.
|
||||||
|
|
||||||
|
Reported-by: <emeric.maschino@gmail.com>
|
||||||
|
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=42757
|
||||||
|
Cc: stable@vger.kernel.org # v2.6.39+
|
||||||
|
Signed-off-by: Tony Luck <tony.luck@intel.com>
|
||||||
|
---
|
||||||
|
diff --git a/arch/ia64/include/asm/futex.h b/arch/ia64/include/asm/futex.h
|
||||||
|
index 8428525..71949a5 100644
|
||||||
|
--- a/arch/ia64/include/asm/futex.h
|
||||||
|
+++ b/arch/ia64/include/asm/futex.h
|
||||||
|
@@ -107,10 +107,11 @@ futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr,
|
||||||
|
return -EFAULT;
|
||||||
|
|
||||||
|
{
|
||||||
|
- register unsigned long r8 __asm ("r8") = 0;
|
||||||
|
+ register unsigned long r8 __asm ("r8");
|
||||||
|
unsigned long prev;
|
||||||
|
__asm__ __volatile__(
|
||||||
|
" mf;; \n"
|
||||||
|
+ " mov r8=r0 \n"
|
||||||
|
" mov ar.ccv=%3;; \n"
|
||||||
|
"[1:] cmpxchg4.acq %0=[%1],%2,ar.ccv \n"
|
||||||
|
" .xdata4 \"__ex_table\", 1b-., 2f-. \n"
|
|
@ -172,3 +172,4 @@
|
||||||
+ debian/nls-Avoid-ABI-change-from-improvement-to-utf8s_to_ut.patch
|
+ debian/nls-Avoid-ABI-change-from-improvement-to-utf8s_to_ut.patch
|
||||||
|
|
||||||
+ bugfix/all/hugetlb-fix-race-condition-in-hugetlb_fault.patch
|
+ bugfix/all/hugetlb-fix-race-condition-in-hugetlb_fault.patch
|
||||||
|
+ bugfix/ia64/IA64-Fix-futex_atomic_cmpxchg_inatomic.patch
|
||||||
|
|
Loading…
Reference in New Issue