--- /dev/null
+From ab2695d38f4ffadde05c2275ac68f4aad68ef336 Mon Sep 17 00:00:00 2001
+From: Tim Gover <tim.gover@raspberrypi.org>
+Date: Thu, 14 Mar 2019 10:16:02 +0000
+Subject: [PATCH] Fix copy_from_user if BCM2835_FAST_MEMCPY=n
+
+The change which introduced CONFIG_BCM2835_FAST_MEMCPY unconditionally
+changed the behaviour of arm_copy_from_user. The page pinning code
+is not safe on ARMv7 if LPAE & high memory is enabled and causes
+crashes which look like PTE corruption.
+
+Make __copy_from_user_memcpy conditional on CONFIG_2835_FAST_MEMCPY=y
+which is really an ARMv6 / Pi1 optimization and not necessary on newer
+ARM processors.
+---
+ arch/arm/lib/uaccess_with_memcpy.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/arch/arm/lib/uaccess_with_memcpy.c
++++ b/arch/arm/lib/uaccess_with_memcpy.c
+@@ -257,6 +257,7 @@ arm_copy_to_user(void __user *to, const
+ unsigned long __must_check
+ arm_copy_from_user(void *to, const void __user *from, unsigned long n)
+ {
++#ifdef CONFIG_BCM2835_FAST_MEMCPY
+ /*
+ * This test is stubbed out of the main function above to keep
+ * the overhead for small copies low by avoiding a large
+@@ -271,6 +272,11 @@ arm_copy_from_user(void *to, const void
+ } else {
+ n = __copy_from_user_memcpy(to, from, n);
+ }
++#else
++ unsigned long ua_flags = uaccess_save_and_enable();
++ n = __copy_from_user_std(to, from, n);
++ uaccess_restore(ua_flags);
++#endif
+ return n;
+ }
+
projects / openwrt / staging / chunkeey.git / blobdiff