When the context tracking feature was backported to 3.14 LSK, setting of the LR was moved out of the main body of el0_sync and into the applicable sub handlers (i.e. el0_da, el0_sp_pc, etc). The el0_dbg handler was overlooked. The implication is that do_debug_exception() will attempt to return directly to userspace without going through the ret_from_exception path. This ultimately results in another sync exception due to a protection fault on the target PC.

This was introduced by:

commit 333625b7586d2753a77f32e1f898ab7cc6cf7655 Author: Larry Bassel larry.bassel@linaro.org Date: Wed Oct 15 15:15:56 2014 -0700

arm64: adjust el0_sync so that a function can be called

Backport of the following patch to 3.14 LSK:

commit 6ab6463aeb5fbc75fa3227befb508fc33b34dbf1 Author: Larry Bassel larry.bassel@linaro.org Date: Fri May 30 20:34:14 2014 +0100

Change-Id: Idadbecffb34326ff197e223abba90c6e50e0bf8d --- arch/arm64/kernel/entry.S | 1 + 1 file changed, 1 insertion(+)

diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S index a010e3a..2175d7b 100644 --- a/arch/arm64/kernel/entry.S +++ b/arch/arm64/kernel/entry.S @@ -526,6 +526,7 @@ el0_dbg: disable_step x1 mov x1, x25 mov x2, sp + adr lr, ret_from_exception b do_debug_exception el0_inv: ct_user_exit