--- /dev/null
+From 7e91c7df29b5e196de3dc6f086c8937973bd0b88 Mon Sep 17 00:00:00 2001
+From: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
+Date: Tue, 7 Feb 2017 19:58:02 +0200
+Subject: swiotlb-xen: implement xen_swiotlb_dma_mmap callback
+
+From: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
+
+commit 7e91c7df29b5e196de3dc6f086c8937973bd0b88 upstream.
+
+This function creates userspace mapping for the DMA-coherent memory.
+
+Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
+Signed-off-by: Oleksandr Dmytryshyn <oleksandr.dmytryshyn@globallogic.com>
+Signed-off-by: Andrii Anisov <andrii_anisov@epam.com>
+Signed-off-by: Konrad Rzeszutek Wilk <konrad@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/xen/mm.c | 1 +
+ drivers/xen/swiotlb-xen.c | 19 +++++++++++++++++++
+ include/xen/swiotlb-xen.h | 5 +++++
+ 3 files changed, 25 insertions(+)
+
+--- a/arch/arm/xen/mm.c
++++ b/arch/arm/xen/mm.c
+@@ -59,6 +59,7 @@ static struct dma_map_ops xen_swiotlb_dm
+ .unmap_page = xen_swiotlb_unmap_page,
+ .dma_supported = xen_swiotlb_dma_supported,
+ .set_dma_mask = xen_swiotlb_set_dma_mask,
++ .mmap = xen_swiotlb_dma_mmap,
+ };
+
+ int __init xen_mm_init(void)
+--- a/drivers/xen/swiotlb-xen.c
++++ b/drivers/xen/swiotlb-xen.c
+@@ -684,3 +684,22 @@ xen_swiotlb_set_dma_mask(struct device *
+ return 0;
+ }
+ EXPORT_SYMBOL_GPL(xen_swiotlb_set_dma_mask);
++
++/*
++ * Create userspace mapping for the DMA-coherent memory.
++ * This function should be called with the pages from the current domain only,
++ * passing pages mapped from other domains would lead to memory corruption.
++ */
++int
++xen_swiotlb_dma_mmap(struct device *dev, struct vm_area_struct *vma,
++ void *cpu_addr, dma_addr_t dma_addr, size_t size,
++ unsigned long attrs)
++{
++#if defined(CONFIG_ARM) || defined(CONFIG_ARM64)
++ if (__generic_dma_ops(dev)->mmap)
++ return __generic_dma_ops(dev)->mmap(dev, vma, cpu_addr,
++ dma_addr, size, attrs);
++#endif
++ return dma_common_mmap(dev, vma, cpu_addr, dma_addr, size);
++}
++EXPORT_SYMBOL_GPL(xen_swiotlb_dma_mmap);
+--- a/include/xen/swiotlb-xen.h
++++ b/include/xen/swiotlb-xen.h
+@@ -58,4 +58,9 @@ xen_swiotlb_dma_supported(struct device
+
+ extern int
+ xen_swiotlb_set_dma_mask(struct device *dev, u64 dma_mask);
++
++extern int
++xen_swiotlb_dma_mmap(struct device *dev, struct vm_area_struct *vma,
++ void *cpu_addr, dma_addr_t dma_addr, size_t size,
++ unsigned long attrs);
+ #endif /* __LINUX_SWIOTLB_XEN_H */
--- /dev/null
+From 8e75f7a7a00461ef6d91797a60b606367f6e344d Mon Sep 17 00:00:00 2001
+From: Vladis Dronov <vdronov@redhat.com>
+Date: Mon, 4 Sep 2017 16:00:50 +0200
+Subject: video: fbdev: aty: do not leak uninitialized padding in clk to userspace
+
+From: Vladis Dronov <vdronov@redhat.com>
+
+commit 8e75f7a7a00461ef6d91797a60b606367f6e344d upstream.
+
+'clk' is copied to a userland with padding byte(s) after 'vclk_post_div'
+field unitialized, leaking data from the stack. Fix this ensuring all of
+'clk' is initialized to zero.
+
+References: https://github.com/torvalds/linux/pull/441
+Reported-by: sohu0106 <sohu0106@126.com>
+Signed-off-by: Vladis Dronov <vdronov@redhat.com>
+Signed-off-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/video/fbdev/aty/atyfb_base.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/video/fbdev/aty/atyfb_base.c
++++ b/drivers/video/fbdev/aty/atyfb_base.c
+@@ -1852,7 +1852,7 @@ static int atyfb_ioctl(struct fb_info *i
+ #if defined(DEBUG) && defined(CONFIG_FB_ATY_CT)
+ case ATYIO_CLKR:
+ if (M64_HAS(INTEGRATED)) {
+- struct atyclk clk;
++ struct atyclk clk = { 0 };
+ union aty_pll *pll = &par->pll;
+ u32 dsp_config = pll->ct.dsp_config;
+ u32 dsp_on_off = pll->ct.dsp_on_off;
projects / thirdparty / kernel / stable-queue.git / commitdiff
