--- /dev/null
+From c0a1666bcb2a33e84187a15eabdcd54056be9a97 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Thu, 28 Sep 2017 17:58:41 +0200
+Subject: KVM: VMX: use cmpxchg64
+
+From: Paolo Bonzini <pbonzini@redhat.com>
+
+commit c0a1666bcb2a33e84187a15eabdcd54056be9a97 upstream.
+
+This fixes a compilation failure on 32-bit systems.
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/kvm/vmx.c | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+--- a/arch/x86/kvm/vmx.c
++++ b/arch/x86/kvm/vmx.c
+@@ -2029,8 +2029,8 @@ static void vmx_vcpu_pi_load(struct kvm_
+
+ /* Allow posting non-urgent interrupts */
+ new.sn = 0;
+- } while (cmpxchg(&pi_desc->control, old.control,
+- new.control) != old.control);
++ } while (cmpxchg64(&pi_desc->control, old.control,
++ new.control) != old.control);
+ }
+ /*
+ * Switches to specified vcpu, until a matching vcpu_put(), but assumes
+@@ -10705,8 +10705,8 @@ static int vmx_pre_block(struct kvm_vcpu
+
+ /* set 'NV' to 'wakeup vector' */
+ new.nv = POSTED_INTR_WAKEUP_VECTOR;
+- } while (cmpxchg(&pi_desc->control, old.control,
+- new.control) != old.control);
++ } while (cmpxchg64(&pi_desc->control, old.control,
++ new.control) != old.control);
+
+ return 0;
+ }
+@@ -10737,8 +10737,8 @@ static void vmx_post_block(struct kvm_vc
+
+ /* set 'NV' to 'notification vector' */
+ new.nv = POSTED_INTR_VECTOR;
+- } while (cmpxchg(&pi_desc->control, old.control,
+- new.control) != old.control);
++ } while (cmpxchg64(&pi_desc->control, old.control,
++ new.control) != old.control);
+
+ if(vcpu->pre_pcpu != -1) {
+ spin_lock_irqsave(
dmaengine-mmp-pdma-add-number-of-requestors.patch
arm-pxa-add-the-number-of-dma-requestor-lines.patch
arm-pxa-fix-the-number-of-dma-requestor-lines.patch
+kvm-vmx-use-cmpxchg64.patch
+video-fbdev-aty-do-not-leak-uninitialized-padding-in-clk-to-userspace.patch
+swiotlb-xen-implement-xen_swiotlb_dma_mmap-callback.patch
--- /dev/null
+From 7e91c7df29b5e196de3dc6f086c8937973bd0b88 Mon Sep 17 00:00:00 2001
+From: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
+Date: Tue, 7 Feb 2017 19:58:02 +0200
+Subject: swiotlb-xen: implement xen_swiotlb_dma_mmap callback
+
+From: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
+
+commit 7e91c7df29b5e196de3dc6f086c8937973bd0b88 upstream.
+
+This function creates userspace mapping for the DMA-coherent memory.
+
+Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
+Signed-off-by: Oleksandr Dmytryshyn <oleksandr.dmytryshyn@globallogic.com>
+Signed-off-by: Andrii Anisov <andrii_anisov@epam.com>
+Signed-off-by: Konrad Rzeszutek Wilk <konrad@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/xen/mm.c | 1 +
+ drivers/xen/swiotlb-xen.c | 19 +++++++++++++++++++
+ include/xen/swiotlb-xen.h | 5 +++++
+ 3 files changed, 25 insertions(+)
+
+--- a/arch/arm/xen/mm.c
++++ b/arch/arm/xen/mm.c
+@@ -199,6 +199,7 @@ static struct dma_map_ops xen_swiotlb_dm
+ .unmap_page = xen_swiotlb_unmap_page,
+ .dma_supported = xen_swiotlb_dma_supported,
+ .set_dma_mask = xen_swiotlb_set_dma_mask,
++ .mmap = xen_swiotlb_dma_mmap,
+ };
+
+ int __init xen_mm_init(void)
+--- a/drivers/xen/swiotlb-xen.c
++++ b/drivers/xen/swiotlb-xen.c
+@@ -680,3 +680,22 @@ xen_swiotlb_set_dma_mask(struct device *
+ return 0;
+ }
+ EXPORT_SYMBOL_GPL(xen_swiotlb_set_dma_mask);
++
++/*
++ * Create userspace mapping for the DMA-coherent memory.
++ * This function should be called with the pages from the current domain only,
++ * passing pages mapped from other domains would lead to memory corruption.
++ */
++int
++xen_swiotlb_dma_mmap(struct device *dev, struct vm_area_struct *vma,
++ void *cpu_addr, dma_addr_t dma_addr, size_t size,
++ unsigned long attrs)
++{
++#if defined(CONFIG_ARM) || defined(CONFIG_ARM64)
++ if (__generic_dma_ops(dev)->mmap)
++ return __generic_dma_ops(dev)->mmap(dev, vma, cpu_addr,
++ dma_addr, size, attrs);
++#endif
++ return dma_common_mmap(dev, vma, cpu_addr, dma_addr, size);
++}
++EXPORT_SYMBOL_GPL(xen_swiotlb_dma_mmap);
+--- a/include/xen/swiotlb-xen.h
++++ b/include/xen/swiotlb-xen.h
+@@ -58,4 +58,9 @@ xen_swiotlb_dma_supported(struct device
+
+ extern int
+ xen_swiotlb_set_dma_mask(struct device *dev, u64 dma_mask);
++
++extern int
++xen_swiotlb_dma_mmap(struct device *dev, struct vm_area_struct *vma,
++ void *cpu_addr, dma_addr_t dma_addr, size_t size,
++ unsigned long attrs);
+ #endif /* __LINUX_SWIOTLB_XEN_H */
--- /dev/null
+From 8e75f7a7a00461ef6d91797a60b606367f6e344d Mon Sep 17 00:00:00 2001
+From: Vladis Dronov <vdronov@redhat.com>
+Date: Mon, 4 Sep 2017 16:00:50 +0200
+Subject: video: fbdev: aty: do not leak uninitialized padding in clk to userspace
+
+From: Vladis Dronov <vdronov@redhat.com>
+
+commit 8e75f7a7a00461ef6d91797a60b606367f6e344d upstream.
+
+'clk' is copied to a userland with padding byte(s) after 'vclk_post_div'
+field unitialized, leaking data from the stack. Fix this ensuring all of
+'clk' is initialized to zero.
+
+References: https://github.com/torvalds/linux/pull/441
+Reported-by: sohu0106 <sohu0106@126.com>
+Signed-off-by: Vladis Dronov <vdronov@redhat.com>
+Signed-off-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/video/fbdev/aty/atyfb_base.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/video/fbdev/aty/atyfb_base.c
++++ b/drivers/video/fbdev/aty/atyfb_base.c
+@@ -1861,7 +1861,7 @@ static int atyfb_ioctl(struct fb_info *i
+ #if defined(DEBUG) && defined(CONFIG_FB_ATY_CT)
+ case ATYIO_CLKR:
+ if (M64_HAS(INTEGRATED)) {
+- struct atyclk clk;
++ struct atyclk clk = { 0 };
+ union aty_pll *pll = &par->pll;
+ u32 dsp_config = pll->ct.dsp_config;
+ u32 dsp_on_off = pll->ct.dsp_on_off;
projects / thirdparty / kernel / stable-queue.git / commitdiff
