linux/arch/mips/kernel
Markos Chandras ab6c15bc66 MIPS: MSC: Prevent out-of-bounds writes to MIPS SC ioremap'd region
Previously, the lower limit for the MIPS SC initialization loop was
set incorrectly allowing one extra loop leading to writes
beyond the MSC ioremap'd space. More precisely, the value of the 'imp'
in the last loop increased beyond the msc_irqmap_t boundaries and
as a result of which, the 'n' variable was loaded with an incorrect
value. This value was used later on to calculate the offset in the
MSC01_IC_SUP which led to random crashes like the following one:

CPU 0 Unable to handle kernel paging request at virtual address e75c0200,
epc == 8058dba4, ra == 8058db90
[...]
Call Trace:
[<8058dba4>] init_msc_irqs+0x104/0x154
[<8058b5bc>] arch_init_irq+0xd8/0x154
[<805897b0>] start_kernel+0x220/0x36c

Kernel panic - not syncing: Attempted to kill the idle task!

This patch fixes the problem

Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Cc: stable@vger.kernel.org
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/7118/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2014-06-26 10:48:23 +01:00
..
.gitignore
8250-platform.c
asm-offsets.c Revert "MIPS: Save/restore MSA context around signals" 2014-06-26 10:48:18 +01:00
binfmt_elfn32.c MIPS: Compat: Fix cputime_to_timeval() arguments in compat binfmt_elf. 2013-06-06 16:11:26 +02:00
binfmt_elfo32.c MIPS: Support for 64-bit FP with O32 binaries 2014-01-13 23:40:56 +01:00
bmips_vec.S MIPS: Fix gigaton of warning building with microMIPS. 2014-03-31 18:17:12 +02:00
branch.c Merge branch '3.15-fixes' into mips-for-linux-next 2014-06-04 22:53:02 +02:00
cevt-bcm1480.c MIPS: Delete __cpuinit/__CPUINIT usage from MIPS code 2013-07-14 19:36:51 -04:00
cevt-ds1287.c MIPS: Whitespace cleanup. 2013-02-01 10:00:22 +01:00
cevt-gic.c MIPS: allow GIC clockevent device config from other CPUs 2014-05-02 16:39:11 +01:00
cevt-gt641xx.c MIPS: Whitespace cleanup. 2013-02-01 10:00:22 +01:00
cevt-r4k.c Merge branch 'wip-mips-pm' of https://github.com/paulburton/linux into mips-for-linux-next 2014-05-29 15:08:23 +02:00
cevt-sb1250.c MIPS: Delete __cpuinit/__CPUINIT usage from MIPS code 2013-07-14 19:36:51 -04:00
cevt-txx9.c MIPS: Whitespace cleanup. 2013-02-01 10:00:22 +01:00
cps-vec.S MIPS: smp-cps: duplicate core0 CCA on secondary cores 2014-05-28 16:20:33 +01:00
cpu-bugs64.c MIPS: Delete __cpuinit/__CPUINIT usage from MIPS code 2013-07-14 19:36:51 -04:00
cpu-probe.c MIPS: Add function get_ebase_cpunum 2014-05-30 21:01:11 +02:00
crash_dump.c mips: remove savemaxmem parameter setup 2013-07-03 16:08:03 -07:00
crash.c mips: delete non-required instances of include <linux/init.h> 2014-01-24 22:39:56 +01:00
csrc-bcm1480.c MIPS: Whitespace cleanup. 2013-02-01 10:00:22 +01:00
csrc-gic.c MIPS: Refactor GIC clocksource code. 2013-05-09 17:55:20 +02:00
csrc-ioasic.c MIPS: DECstation HRT initialization rearrangement 2013-09-13 11:56:13 +02:00
csrc-r4k.c
csrc-sb1250.c MIPS: Whitespace cleanup. 2013-02-01 10:00:22 +01:00
early_printk_8250.c MIPS: Add 8250/16550 serial early printk driver 2013-10-29 21:24:36 +01:00
early_printk.c early_printk: consolidate random copies of identical code 2013-04-29 18:28:13 -07:00
entry.S MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
ftrace.c Most of the changes were largely clean ups, and some documentation. 2014-04-03 10:26:31 -07:00
genex.S MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
gpio_txx9.c
head.S MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
i8253.c
i8259.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
idle.c Merge branch 'wip-mips-pm' of https://github.com/paulburton/linux into mips-for-linux-next 2014-05-29 15:08:23 +02:00
irq_cpu.c MIPS: Panic messages should not end in \n. 2013-10-29 21:24:19 +01:00
irq_txx9.c MIPS: Whitespace cleanup. 2013-02-01 10:00:22 +01:00
irq-gic.c MIPS: allow GIC clockevent device config from other CPUs 2014-05-02 16:39:11 +01:00
irq-gt641xx.c MIPS: Whitespace cleanup. 2013-02-01 10:00:22 +01:00
irq-msc01.c MIPS: MSC: Prevent out-of-bounds writes to MIPS SC ioremap'd region 2014-06-26 10:48:23 +01:00
irq-rm7000.c MIPS: Whitespace cleanup. 2013-02-01 10:00:22 +01:00
irq.c Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2014-06-09 18:10:34 -07:00
jump_label.c
kgdb.c MIPS: kernel: {ftrace,kgdb}: Set correct address limit for cache flushes 2014-03-26 23:09:18 +01:00
kprobes.c kprobes/mips: Fix to check double free of insn slot 2013-05-22 12:48:30 +02:00
linux32.c unify compat fanotify_mark(2), switch to COMPAT_SYSCALL_DEFINE 2013-05-09 13:46:38 -04:00
machine_kexec.c MIPS: kdump: Add support 2012-12-13 16:46:47 +01:00
Makefile MIPS: OCTEON: Enable use of FPU 2014-05-30 21:01:09 +02:00
mcount.S MIPS: Ftrace: Fix function tracing return address to match 2013-09-03 14:46:27 +02:00
mips_ksyms.c MIPS: checksum: Split the 'copy_user' symbol 2014-03-26 23:09:17 +01:00
mips_machine.c MIPS: move mips_{set,get}_machine_name() to a more generic place 2013-05-08 01:19:07 +02:00
mips-cm.c MIPS: Add generic CM probe & access code 2014-03-06 21:25:22 +01:00
mips-cpc.c MIPS: smp-cps: rework core/VPE initialisation 2014-05-28 16:20:28 +01:00
mips-mt-fpaff.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
mips-mt.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
module-rela.c MIPS: Whitespace cleanup. 2013-02-01 10:00:22 +01:00
module.c MIPS: Use NUMA_NO_NODE instead of -1 for node ID. 2013-10-29 21:24:14 +01:00
octeon_switch.S MIPS: OCTEON: Enable use of FPU 2014-05-30 21:01:09 +02:00
perf_event_mipsxx.c MIPS: perf: Add interAptiv support 2014-03-31 18:17:12 +02:00
perf_event.c
pm-cps.c MIPS: pm-cps: convert smp_mb__*() 2014-06-16 12:47:47 +01:00
pm.c MIPS: PM: Implement PM helper macros 2014-05-02 16:39:10 +01:00
proc.c Revert "MIPS: MT: proc: Add support for printing VPE and TC ids" 2014-05-13 00:29:33 +02:00
process.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
prom.c mips: convert fdt pointers to opaque pointers 2014-04-30 00:59:13 -05:00
ptrace32.c MIPS: Simplify PTRACE_PEEKUSR for FPC_EIR 2014-03-31 18:17:12 +02:00
ptrace.c MIPS: ptrace: Avoid smp_processor_id() in preemptible code 2014-05-28 10:54:41 +02:00
r4k_fpu.S Revert "MIPS: Save/restore MSA context around signals" 2014-06-26 10:48:18 +01:00
r4k_switch.S MIPS: OCTEON: Enable use of FPU 2014-05-30 21:01:09 +02:00
r2300_fpu.S MIPS: Whitespace cleanup. 2013-02-01 10:00:22 +01:00
r2300_switch.S MIPS: stack protector: Fix per-task canary switch 2013-10-07 15:31:04 +02:00
r6000_fpu.S
relocate_kernel.S MIPS: kdump: Skip walking indirection page for crashkernels 2013-09-05 20:53:37 +02:00
reset.c
rtlx-cmp.c MIPS: APRP: Unregister rtlx interrupt hook at module exit 2014-03-06 20:55:07 +01:00
rtlx-mt.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
rtlx.c MIPS: APRP: Code formatting clean-ups. 2014-01-22 20:19:02 +01:00
scall32-o32.S MIPS: Wire up renameat2 syscall. 2014-05-13 17:57:33 +02:00
scall64-64.S MIPS: Wire up renameat2 syscall. 2014-05-13 17:57:33 +02:00
scall64-n32.S MIPS: Wire up renameat2 syscall. 2014-05-13 17:57:33 +02:00
scall64-o32.S MIPS: Wire up renameat2 syscall. 2014-05-13 17:57:33 +02:00
segment.c MIPS: Add debugfs file to print the segmentation control registers 2014-01-22 20:19:00 +01:00
setup.c MIPS: Fix start of free memory when using initrd 2013-10-29 21:24:23 +01:00
signal32.c Revert "MIPS: Save/restore MSA context around signals" 2014-06-26 10:48:18 +01:00
signal_n32.c Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2013-03-02 07:44:16 -08:00
signal-common.h most of set_current_blocked() callers want SIGKILL/SIGSTOP removed from set 2012-06-01 12:58:51 -04:00
signal.c Revert "MIPS: Save/restore MSA context around signals" 2014-06-26 10:48:18 +01:00
smp-bmips.c MIPS: SMP: Remove plat_smp_ops cpus_done method. 2014-05-27 11:06:42 +02:00
smp-cmp.c MIPS: SMP: Remove plat_smp_ops cpus_done method. 2014-05-27 11:06:42 +02:00
smp-cps.c MIPS: smp-cps: Convert smp_mb__after_atomic_dec() 2014-06-16 12:47:47 +01:00
smp-gic.c cpuidle: cpuidle-cps: add MIPS CPS cpuidle driver 2014-05-28 16:20:36 +01:00
smp-mt.c MIPS: SMP: Remove plat_smp_ops cpus_done method. 2014-05-27 11:06:42 +02:00
smp-up.c MIPS: SMP: Remove plat_smp_ops cpus_done method. 2014-05-27 11:06:42 +02:00
smp.c Merge branch 'wip-mips-pm' of https://github.com/paulburton/linux into mips-for-linux-next 2014-05-29 15:08:23 +02:00
spinlock_test.c
spram.c MIPS: Use current_cpu_type() instead of c->cputype 2014-03-31 18:17:12 +02:00
stacktrace.c
sync-r4k.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
syscall.c MIPS: Fix gigaton of warning building with microMIPS. 2014-03-31 18:17:12 +02:00
time.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
topology.c
traps.c Merge branch '3.15-fixes' into mips-for-linux-next 2014-06-04 22:53:02 +02:00
unaligned.c MIPS: kernel: unaligned: Handle unaligned accesses for EVA 2014-03-26 23:09:16 +01:00
vdso.c
vmlinux.lds.S MIPS: Discard .eh_frame sections in linker script. 2013-08-26 15:33:41 +02:00
vpe-cmp.c MIPS: APRP: Add VPE loader support for CMP platforms. 2014-01-22 20:19:02 +01:00
vpe-mt.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
vpe.c Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2014-01-30 17:20:32 -08:00
watch.c MIPS: Delete __cpuinit/__CPUINIT usage from MIPS code 2013-07-14 19:36:51 -04:00