summaryrefslogtreecommitdiff
path: root/arch/m68k/mm
diff options
context:
space:
mode:
authorAlexander Stein <alexander.stein@systec-electronic.com>2012-01-23 15:45:56 +0100
committerGreg Ungerer <gerg@uclinux.org>2012-02-07 11:25:57 +1000
commit3372f5a7d005dd42e754490fed6a0171c4a018c6 (patch)
tree8f3bba690f3c674383e9c30ea14a087c44a95dec /arch/m68k/mm
parent57e00098cc0e43d001c9c8a018a1f8396faa0d16 (diff)
m68k: Do not set global share for non-kernel shared pages
If the SG bit is set in MMUTR the page is accessible for all userspace processes (ignoring the ASID). So a process might randomly access a page from a different process which had a shared page (from shared memory) in its context. Signed-off-by: Alexander Stein <alexander.stein@systec-electronic.com> Signed-off-by: Greg Ungerer <gerg@uclinux.org>
Diffstat (limited to 'arch/m68k/mm')
-rw-r--r--arch/m68k/mm/mcfmmu.c9
1 files changed, 5 insertions, 4 deletions
diff --git a/arch/m68k/mm/mcfmmu.c b/arch/m68k/mm/mcfmmu.c
index babd5a97cdcb..875b800ef0dd 100644
--- a/arch/m68k/mm/mcfmmu.c
+++ b/arch/m68k/mm/mcfmmu.c
@@ -87,7 +87,7 @@ void __init paging_init(void)
int cf_tlb_miss(struct pt_regs *regs, int write, int dtlb, int extension_word)
{
- unsigned long flags, mmuar;
+ unsigned long flags, mmuar, mmutr;
struct mm_struct *mm;
pgd_t *pgd;
pmd_t *pmd;
@@ -137,9 +137,10 @@ int cf_tlb_miss(struct pt_regs *regs, int write, int dtlb, int extension_word)
if (!pte_dirty(*pte) && !KMAPAREA(mmuar))
set_pte(pte, pte_wrprotect(*pte));
- mmu_write(MMUTR, (mmuar & PAGE_MASK) | (asid << MMUTR_IDN) |
- (((int)(pte->pte) & (int)CF_PAGE_MMUTR_MASK)
- >> CF_PAGE_MMUTR_SHIFT) | MMUTR_V);
+ mmutr = (mmuar & PAGE_MASK) | (asid << MMUTR_IDN) | MMUTR_V;
+ if ((mmuar < TASK_UNMAPPED_BASE) || (mmuar >= TASK_SIZE))
+ mmutr |= (pte->pte & CF_PAGE_MMUTR_MASK) >> CF_PAGE_MMUTR_SHIFT;
+ mmu_write(MMUTR, mmutr);
mmu_write(MMUDR, (pte_val(*pte) & PAGE_MASK) |
((pte->pte) & CF_PAGE_MMUDR_MASK) | MMUDR_SZ_8KB | MMUDR_X);