ARM: 6166/1: Proper prefetch abort handling on pre-ARMv6

Instruction faults on pre-ARMv6 CPUs are interpreted as
a 'translation fault', but do_translation_fault doesn't
handle well if user mode trying to run instruction above
TASK_SIZE, and result in the infinite retry of that
instruction.

CC: <[email protected]>
Signed-off-by: Anfei Zhou <[email protected]>
Signed-off-by: Russell King <[email protected]>

diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c
index 92f5801f99c1d09c735fb586c9c44bc5df802f13..cbfb2edcf7d12a3a1cae18f04c041d94dc055bcc 100644 (file)
--- a/arch/arm/mm/fault.c
+++ b/arch/arm/mm/fault.c
@@ -393,6 +393,9 @@ do_translation_fault(unsigned long addr, unsigned int fsr,
        if (addr < TASK_SIZE)
                return do_page_fault(addr, fsr, regs);
 
+       if (user_mode(regs))
+               goto bad_area;
+
        index = pgd_index(addr);
 
        /*