From patchwork Wed May 24 09:56:01 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Rutland X-Patchwork-Id: 100423 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp194109qge; Wed, 24 May 2017 02:56:53 -0700 (PDT) X-Received: by 10.99.54.7 with SMTP id d7mr37338775pga.24.1495619813388; Wed, 24 May 2017 02:56:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495619813; cv=none; d=google.com; s=arc-20160816; b=LeZuKR7KGZZ+vUCg80yHRtlrrr24jBzdmJ0qLmX0wm164osQizFjz+QtT7A0xj3lwz ZNqIribpg18DSez1vO2fME8cXD2WF3REsyWwVdZMWu1k0uqANRFfvKRJ8uVSuOuwFnQe Yza7lLlk2FH3RKH7qn9vY3QZhX38VrWK+hZsrF6FgjKelA4k5Bwx5KjKpBREWp2oQBVB nNbD8+01ZTnUZ4L0l/zllwoXFtP44FeXrelLlxcjBeivcxmOgo4acbu8nmApqGIdUPJc xx9wglmFiAihQVu3kuxgkvkbum2SZKwdiJmu8tEW9x5DZOSVNP0CLsu1E3SD2I8G6fLl VNvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:to:from :arc-authentication-results; bh=4ax7n19by6Sx38G9GXGgJAj/MxSFumEB/1fo6GFD1lY=; b=c1ECYNyaOnCXrsds/mNhGmiptY+OSiokyLIbgVW5HtAtsVFZTVY76gIq41aMGDU9kF DvUORB7gE1zymRemz5IDGIANx+Z5v2LzxrvBCmRvC1+8OKndFeg034ydNAt7LNz2ORjR a60M/va8WGoqMpqS6S/KqnmA3tXq/Sm8AsCb4Th3H0/qx0N0NVSUsr7IAHGV4TNNfs4S eH+lSL6RRYnvBIK4Il06+vEqQddzGCoN3M8k9VcSMcxoo5CRI37LtJBnRGHLVVkvGPR8 +nxnPsLCV86m1wDXz9A9DZYkwX3haxmZfHpgTrPLn+s0NElIg9tcedFfmqoDLAgy11z/ uPpg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v2si23913403pgv.316.2017.05.24.02.56.53; Wed, 24 May 2017 02:56:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933232AbdEXJ4w (ORCPT + 6 others); Wed, 24 May 2017 05:56:52 -0400 Received: from foss.arm.com ([217.140.101.70]:35168 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751643AbdEXJ4t (ORCPT ); Wed, 24 May 2017 05:56:49 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9A1542B; Wed, 24 May 2017 02:56:48 -0700 (PDT) Received: from leverpostej.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 20C783F578; Wed, 24 May 2017 02:56:47 -0700 (PDT) From: Mark Rutland To: stable@vger.kernel.org Subject: [PATCH v4.4.y] arm64: ensure extension of smp_store_release value Date: Wed, 24 May 2017 10:56:01 +0100 Message-Id: <1495619761-24676-1-git-send-email-mark.rutland@arm.com> X-Mailer: git-send-email 1.9.1 Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org commit 994870bead4ab19087a79492400a5478e2906196 upstream. When an inline assembly operand's type is narrower than the register it is allocated to, the least significant bits of the register (up to the operand type's width) are valid, and any other bits are permitted to contain any arbitrary value. This aligns with the AAPCS64 parameter passing rules. Our __smp_store_release() implementation does not account for this, and implicitly assumes that operands have been zero-extended to the width of the type being stored to. Thus, we may store unknown values to memory when the value type is narrower than the pointer type (e.g. when storing a char to a long). This patch fixes the issue by casting the value operand to the same width as the pointer operand in all cases, which ensures that the value is zero-extended as we expect. We use the same union trickery as __smp_load_acquire and {READ,WRITE}_ONCE() to avoid GCC complaining that pointers are potentially cast to narrower width integers in unreachable paths. A whitespace issue at the top of __smp_store_release() is also corrected. No changes are necessary for __smp_load_acquire(). Load instructions implicitly clear any upper bits of the register, and the compiler will only consider the least significant bits of the register as valid regardless. Fixes: 47933ad41a86 ("arch: Introduce smp_load_acquire(), smp_store_release()") Fixes: 878a84d5a8a1 ("arm64: add missing data types in smp_load_acquire/smp_store_release") Cc: # 3.14.x- Acked-by: Will Deacon Signed-off-by: Mark Rutland Cc: Matthias Kaehlcke Signed-off-by: Catalin Marinas --- arch/arm64/include/asm/barrier.h | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) -- 1.9.1 diff --git a/arch/arm64/include/asm/barrier.h b/arch/arm64/include/asm/barrier.h index 9622eb4..f2d2c0b 100644 --- a/arch/arm64/include/asm/barrier.h +++ b/arch/arm64/include/asm/barrier.h @@ -41,23 +41,33 @@ #define smp_store_release(p, v) \ do { \ + union { typeof(*p) __val; char __c[1]; } __u = \ + { .__val = (__force typeof(*p)) (v) }; \ compiletime_assert_atomic_type(*p); \ switch (sizeof(*p)) { \ case 1: \ asm volatile ("stlrb %w1, %0" \ - : "=Q" (*p) : "r" (v) : "memory"); \ + : "=Q" (*p) \ + : "r" (*(__u8 *)__u.__c) \ + : "memory"); \ break; \ case 2: \ asm volatile ("stlrh %w1, %0" \ - : "=Q" (*p) : "r" (v) : "memory"); \ + : "=Q" (*p) \ + : "r" (*(__u16 *)__u.__c) \ + : "memory"); \ break; \ case 4: \ asm volatile ("stlr %w1, %0" \ - : "=Q" (*p) : "r" (v) : "memory"); \ + : "=Q" (*p) \ + : "r" (*(__u32 *)__u.__c) \ + : "memory"); \ break; \ case 8: \ asm volatile ("stlr %1, %0" \ - : "=Q" (*p) : "r" (v) : "memory"); \ + : "=Q" (*p) \ + : "r" (*(__u64 *)__u.__c) \ + : "memory"); \ break; \ } \ } while (0)