--- /dev/null
+From c3567f8a359b7917dcffa442301f88ed0a75211f Mon Sep 17 00:00:00 2001
+From: Noam Camus <noamc@ezchip.com>
+Date: Thu, 12 Sep 2013 13:07:39 +0530
+Subject: ARC: SMP failed to boot due to missing IVT setup
+
+From: Noam Camus <noamc@ezchip.com>
+
+commit c3567f8a359b7917dcffa442301f88ed0a75211f upstream.
+
+Commit 05b016ecf5e7a "ARC: Setup Vector Table Base in early boot" moved
+the Interrupt vector Table setup out of arc_init_IRQ() which is called
+for all CPUs, to entry point of boot cpu only, breaking booting of others.
+
+Fix by adding the same to entry point of non-boot CPUs too.
+
+read_arc_build_cfg_regs() printing IVT Base Register didn't help the
+casue since it prints a synthetic value if zero which is totally bogus,
+so fix that to print the exact Register.
+
+[vgupta: Remove the now stale comment from header of arc_init_IRQ and
+also added the commentary for halt-on-reset]
+
+Cc: Gilad Ben-Yossef <gilad@benyossef.com>
+Signed-off-by: Noam Camus <noamc@ezchip.com>
+Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arc/include/asm/sections.h | 1 -
+ arch/arc/kernel/head.S | 5 +++++
+ arch/arc/kernel/irq.c | 1 -
+ arch/arc/kernel/setup.c | 3 ---
+ 4 files changed, 5 insertions(+), 5 deletions(-)
+
+--- a/arch/arc/include/asm/sections.h
++++ b/arch/arc/include/asm/sections.h
+@@ -11,7 +11,6 @@
+
+ #include <asm-generic/sections.h>
+
+-extern char _int_vec_base_lds[];
+ extern char __arc_dccm_base[];
+ extern char __dtb_start[];
+
+--- a/arch/arc/kernel/head.S
++++ b/arch/arc/kernel/head.S
+@@ -34,6 +34,9 @@ stext:
+ ; IDENTITY Reg [ 3 2 1 0 ]
+ ; (cpu-id) ^^^ => Zero for UP ARC700
+ ; => #Core-ID if SMP (Master 0)
++ ; Note that non-boot CPUs might not land here if halt-on-reset and
++ ; instead breath life from @first_lines_of_secondary, but we still
++ ; need to make sure only boot cpu takes this path.
+ GET_CPU_ID r5
+ cmp r5, 0
+ jnz arc_platform_smp_wait_to_boot
+@@ -98,6 +101,8 @@ stext:
+
+ first_lines_of_secondary:
+
++ sr @_int_vec_base_lds, [AUX_INTR_VEC_BASE]
++
+ ; setup per-cpu idle task as "current" on this CPU
+ ld r0, [@secondary_idle_tsk]
+ SET_CURR_TASK_ON_CPU r0, r1
+--- a/arch/arc/kernel/irq.c
++++ b/arch/arc/kernel/irq.c
+@@ -24,7 +24,6 @@
+ * -Needed for each CPU (hence not foldable into init_IRQ)
+ *
+ * what it does ?
+- * -setup Vector Table Base Reg - in case Linux not linked at 0x8000_0000
+ * -Disable all IRQs (on CPU side)
+ * -Optionally, setup the High priority Interrupts as Level 2 IRQs
+ */
+--- a/arch/arc/kernel/setup.c
++++ b/arch/arc/kernel/setup.c
+@@ -47,10 +47,7 @@ void read_arc_build_cfg_regs(void)
+ READ_BCR(AUX_IDENTITY, cpu->core);
+
+ cpu->timers = read_aux_reg(ARC_REG_TIMERS_BCR);
+-
+ cpu->vec_base = read_aux_reg(AUX_INTR_VEC_BASE);
+- if (cpu->vec_base == 0)
+- cpu->vec_base = (unsigned int)_int_vec_base_lds;
+
+ READ_BCR(ARC_REG_D_UNCACH_BCR, uncached_space);
+ cpu->uncached_base = uncached_space.start << 24;
--- /dev/null
+From bebcb928c820d0ee83aca4b192adc195e43e66a2 Mon Sep 17 00:00:00 2001
+From: Manfred Spraul <manfred@colorfullife.com>
+Date: Tue, 3 Sep 2013 16:00:08 +0200
+Subject: ipc/msg.c: Fix lost wakeup in msgsnd().
+
+From: Manfred Spraul <manfred@colorfullife.com>
+
+commit bebcb928c820d0ee83aca4b192adc195e43e66a2 upstream.
+
+The check if the queue is full and adding current to the wait queue of
+pending msgsnd() operations (ss_add()) must be atomic.
+
+Otherwise:
+ - the thread that performs msgsnd() finds a full queue and decides to
+ sleep.
+ - the thread that performs msgrcv() first reads all messages from the
+ queue and then sleeps, because the queue is empty.
+ - the msgrcv() calls do not perform any wakeups, because the msgsnd()
+ task has not yet called ss_add().
+ - then the msgsnd()-thread first calls ss_add() and then sleeps.
+
+Net result: msgsnd() and msgrcv() both sleep forever.
+
+Observed with msgctl08 from ltp with a preemptible kernel.
+
+Fix: Call ipc_lock_object() before performing the check.
+
+The patch also moves security_msg_queue_msgsnd() under ipc_lock_object:
+ - msgctl(IPC_SET) explicitely mentions that it tries to expunge any
+ pending operations that are not allowed anymore with the new
+ permissions. If security_msg_queue_msgsnd() is called without locks,
+ then there might be races.
+ - it makes the patch much simpler.
+
+Reported-and-tested-by: Vineet Gupta <Vineet.Gupta1@synopsys.com>
+Acked-by: Rik van Riel <riel@redhat.com>
+Signed-off-by: Manfred Spraul <manfred@colorfullife.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Sedat Dilek <sedat.dilek@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ ipc/msg.c | 12 +++++-------
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+--- a/ipc/msg.c
++++ b/ipc/msg.c
+@@ -680,16 +680,18 @@ long do_msgsnd(int msqid, long mtype, vo
+ goto out_unlock1;
+ }
+
++ ipc_lock_object(&msq->q_perm);
++
+ for (;;) {
+ struct msg_sender s;
+
+ err = -EACCES;
+ if (ipcperms(ns, &msq->q_perm, S_IWUGO))
+- goto out_unlock1;
++ goto out_unlock0;
+
+ err = security_msg_queue_msgsnd(msq, msg, msgflg);
+ if (err)
+- goto out_unlock1;
++ goto out_unlock0;
+
+ if (msgsz + msq->q_cbytes <= msq->q_qbytes &&
+ 1 + msq->q_qnum <= msq->q_qbytes) {
+@@ -699,10 +701,9 @@ long do_msgsnd(int msqid, long mtype, vo
+ /* queue full, wait: */
+ if (msgflg & IPC_NOWAIT) {
+ err = -EAGAIN;
+- goto out_unlock1;
++ goto out_unlock0;
+ }
+
+- ipc_lock_object(&msq->q_perm);
+ ss_add(msq, &s);
+
+ if (!ipc_rcu_getref(msq)) {
+@@ -730,10 +731,7 @@ long do_msgsnd(int msqid, long mtype, vo
+ goto out_unlock0;
+ }
+
+- ipc_unlock_object(&msq->q_perm);
+ }
+-
+- ipc_lock_object(&msq->q_perm);
+ msq->q_lspid = task_tgid_vnr(current);
+ msq->q_stime = get_seconds();
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
