--- /dev/null
+From 9d42d48a342aee208c1154696196497fdc556bbf Mon Sep 17 00:00:00 2001
+From: Catalin Marinas <catalin.marinas@arm.com>
+Date: Mon, 23 Feb 2015 15:13:40 +0000
+Subject: arm64: compat Fix siginfo_t -> compat_siginfo_t conversion on big endian
+
+From: Catalin Marinas <catalin.marinas@arm.com>
+
+commit 9d42d48a342aee208c1154696196497fdc556bbf upstream.
+
+The native (64-bit) sigval_t union contains sival_int (32-bit) and
+sival_ptr (64-bit). When a compat application invokes a syscall that
+takes a sigval_t value (as part of a larger structure, e.g.
+compat_sys_mq_notify, compat_sys_timer_create), the compat_sigval_t
+union is converted to the native sigval_t with sival_int overlapping
+with either the least or the most significant half of sival_ptr,
+depending on endianness. When the corresponding signal is delivered to a
+compat application, on big endian the current (compat_uptr_t)sival_ptr
+cast always returns 0 since sival_int corresponds to the top part of
+sival_ptr. This patch fixes copy_siginfo_to_user32() so that sival_int
+is copied to the compat_siginfo_t structure.
+
+Reported-by: Bamvor Jian Zhang <bamvor.zhangjian@huawei.com>
+Tested-by: Bamvor Jian Zhang <bamvor.zhangjian@huawei.com>
+Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/kernel/signal32.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+--- a/arch/arm64/kernel/signal32.c
++++ b/arch/arm64/kernel/signal32.c
+@@ -154,8 +154,7 @@ int copy_siginfo_to_user32(compat_siginf
+ case __SI_TIMER:
+ err |= __put_user(from->si_tid, &to->si_tid);
+ err |= __put_user(from->si_overrun, &to->si_overrun);
+- err |= __put_user((compat_uptr_t)(unsigned long)from->si_ptr,
+- &to->si_ptr);
++ err |= __put_user(from->si_int, &to->si_int);
+ break;
+ case __SI_POLL:
+ err |= __put_user(from->si_band, &to->si_band);
+@@ -184,7 +183,7 @@ int copy_siginfo_to_user32(compat_siginf
+ case __SI_MESGQ: /* But this is */
+ err |= __put_user(from->si_pid, &to->si_pid);
+ err |= __put_user(from->si_uid, &to->si_uid);
+- err |= __put_user((compat_uptr_t)(unsigned long)from->si_ptr, &to->si_ptr);
++ err |= __put_user(from->si_int, &to->si_int);
+ break;
+ case __SI_SYS:
+ err |= __put_user((compat_uptr_t)(unsigned long)
--- /dev/null
+From a52d209336f8fc7483a8c7f4a8a7d2a8e1692a6c Mon Sep 17 00:00:00 2001
+From: Martin Vajnar <martin.vajnar@gmail.com>
+Date: Wed, 24 Dec 2014 00:27:57 +0100
+Subject: hx4700: regulator: declare full constraints
+
+From: Martin Vajnar <martin.vajnar@gmail.com>
+
+commit a52d209336f8fc7483a8c7f4a8a7d2a8e1692a6c upstream.
+
+Since the removal of CONFIG_REGULATOR_DUMMY option, the touchscreen stopped
+working. This patch enables the "replacement" for REGULATOR_DUMMY and
+allows the touchscreen to work even though there is no regulator for "vcc".
+
+Signed-off-by: Martin Vajnar <martin.vajnar@gmail.com>
+Signed-off-by: Robert Jarzmik <robert.jarzmik@free.fr>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/mach-pxa/hx4700.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/arch/arm/mach-pxa/hx4700.c
++++ b/arch/arm/mach-pxa/hx4700.c
+@@ -893,6 +893,8 @@ static void __init hx4700_init(void)
+ mdelay(10);
+ gpio_set_value(GPIO71_HX4700_ASIC3_nRESET, 1);
+ mdelay(10);
++
++ regulator_has_full_constraints();
+ }
+
+ MACHINE_START(H4700, "HP iPAQ HX4700")
--- /dev/null
+From 428d53be5e7468769d4e7899cca06ed5f783a6e1 Mon Sep 17 00:00:00 2001
+From: David Hildenbrand <dahi@linux.vnet.ibm.com>
+Date: Fri, 16 Jan 2015 12:58:09 +0100
+Subject: KVM: s390: avoid memory leaks if __inject_vm() fails
+
+From: David Hildenbrand <dahi@linux.vnet.ibm.com>
+
+commit 428d53be5e7468769d4e7899cca06ed5f783a6e1 upstream.
+
+We have to delete the allocated interrupt info if __inject_vm() fails.
+
+Otherwise user space can keep flooding kvm with floating interrupts and
+provoke more and more memory leaks.
+
+Reported-by: Dominik Dingel <dingel@linux.vnet.ibm.com>
+Reviewed-by: Dominik Dingel <dingel@linux.vnet.ibm.com>
+Signed-off-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
+Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/s390/kvm/interrupt.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+--- a/arch/s390/kvm/interrupt.c
++++ b/arch/s390/kvm/interrupt.c
+@@ -1233,6 +1233,7 @@ int kvm_s390_inject_vm(struct kvm *kvm,
+ struct kvm_s390_interrupt *s390int)
+ {
+ struct kvm_s390_interrupt_info *inti;
++ int rc;
+
+ inti = kzalloc(sizeof(*inti), GFP_KERNEL);
+ if (!inti)
+@@ -1280,7 +1281,10 @@ int kvm_s390_inject_vm(struct kvm *kvm,
+ trace_kvm_s390_inject_vm(s390int->type, s390int->parm, s390int->parm64,
+ 2);
+
+- return __inject_vm(kvm, inti);
++ rc = __inject_vm(kvm, inti);
++ if (rc)
++ kfree(inti);
++ return rc;
+ }
+
+ void kvm_s390_reinject_io_int(struct kvm *kvm,
--- /dev/null
+From 0ac96caf0f9381088c673a16d910b1d329670edf Mon Sep 17 00:00:00 2001
+From: David Hildenbrand <dahi@linux.vnet.ibm.com>
+Date: Fri, 12 Dec 2014 15:17:31 +0100
+Subject: KVM: s390: base hrtimer on a monotonic clock
+
+From: David Hildenbrand <dahi@linux.vnet.ibm.com>
+
+commit 0ac96caf0f9381088c673a16d910b1d329670edf upstream.
+
+The hrtimer that handles the wait with enabled timer interrupts
+should not be disturbed by changes of the host time.
+
+This patch changes our hrtimer to be based on a monotonic clock.
+
+Signed-off-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
+Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
+Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/s390/kvm/kvm-s390.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/s390/kvm/kvm-s390.c
++++ b/arch/s390/kvm/kvm-s390.c
+@@ -670,7 +670,7 @@ int kvm_arch_vcpu_setup(struct kvm_vcpu
+ if (rc)
+ return rc;
+ }
+- hrtimer_init(&vcpu->arch.ckc_timer, CLOCK_REALTIME, HRTIMER_MODE_ABS);
++ hrtimer_init(&vcpu->arch.ckc_timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL);
+ vcpu->arch.ckc_timer.function = kvm_s390_idle_wakeup;
+ get_cpu_id(&vcpu->arch.cpu_id);
+ vcpu->arch.cpu_id.version = 0xff;
--- /dev/null
+From 8e2207cdd087ebb031e9118d1fd0902c6533a5e5 Mon Sep 17 00:00:00 2001
+From: David Hildenbrand <dahi@linux.vnet.ibm.com>
+Date: Thu, 15 Jan 2015 17:56:18 +0100
+Subject: KVM: s390: floating irqs: fix user triggerable endless loop
+
+From: David Hildenbrand <dahi@linux.vnet.ibm.com>
+
+commit 8e2207cdd087ebb031e9118d1fd0902c6533a5e5 upstream.
+
+If a vm with no VCPUs is created, the injection of a floating irq
+leads to an endless loop in the kernel.
+
+Let's skip the search for a destination VCPU for a floating irq if no
+VCPUs were created.
+
+Reviewed-by: Dominik Dingel <dingel@linux.vnet.ibm.com>
+Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
+Signed-off-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
+Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/s390/kvm/interrupt.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/arch/s390/kvm/interrupt.c
++++ b/arch/s390/kvm/interrupt.c
+@@ -1197,6 +1197,8 @@ static int __inject_vm(struct kvm *kvm,
+ list_add_tail(&inti->list, &iter->list);
+ }
+ atomic_set(&fi->active, 1);
++ if (atomic_read(&kvm->online_vcpus) == 0)
++ goto unlock_fi;
+ sigcpu = find_first_bit(fi->idle_mask, KVM_MAX_VCPUS);
+ if (sigcpu == KVM_MAX_VCPUS) {
+ do {
--- /dev/null
+From 2d00f759427bb3ed963b60f570830e9eca7e1c69 Mon Sep 17 00:00:00 2001
+From: David Hildenbrand <dahi@linux.vnet.ibm.com>
+Date: Thu, 11 Dec 2014 10:18:01 +0100
+Subject: KVM: s390: forward hrtimer if guest ckc not pending yet
+
+From: David Hildenbrand <dahi@linux.vnet.ibm.com>
+
+commit 2d00f759427bb3ed963b60f570830e9eca7e1c69 upstream.
+
+Patch 0759d0681cae ("KVM: s390: cleanup handle_wait by reusing
+kvm_vcpu_block") changed the way pending guest clock comparator
+interrupts are detected. It was assumed that as soon as the hrtimer
+wakes up, the condition for the guest ckc is satisfied.
+
+This is however only true as long as adjclock() doesn't speed
+up the monotonic clock. Reason is that the hrtimer is based on
+CLOCK_MONOTONIC, the guest clock comparator detection is based
+on the raw TOD clock. If CLOCK_MONOTONIC runs faster than the
+TOD clock, the hrtimer wakes the target VCPU up too early and
+the target VCPU will not detect any pending interrupts, therefore
+going back to sleep. It will never be woken up again because the
+hrtimer has finished. The VCPU is stuck.
+
+As a quick fix, we have to forward the hrtimer until the guest
+clock comparator is really due, to guarantee properly timed wake
+ups.
+
+As the hrtimer callback might be triggered on another cpu, we
+have to make sure that the timer is really stopped and not currently
+executing the callback on another cpu. This can happen if the vcpu
+thread is scheduled onto another physical cpu, but the timer base
+is not migrated. So lets use hrtimer_cancel instead of try_to_cancel.
+
+A proper fix might be to introduce a RAW based hrtimer.
+
+Reported-by: Christian Borntraeger <borntraeger@de.ibm.com>
+Signed-off-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
+Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
+Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/s390/kvm/interrupt.c | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+
+--- a/arch/s390/kvm/interrupt.c
++++ b/arch/s390/kvm/interrupt.c
+@@ -820,7 +820,7 @@ no_timer:
+ __unset_cpu_idle(vcpu);
+ vcpu->srcu_idx = srcu_read_lock(&vcpu->kvm->srcu);
+
+- hrtimer_try_to_cancel(&vcpu->arch.ckc_timer);
++ hrtimer_cancel(&vcpu->arch.ckc_timer);
+ return 0;
+ }
+
+@@ -840,10 +840,20 @@ void kvm_s390_vcpu_wakeup(struct kvm_vcp
+ enum hrtimer_restart kvm_s390_idle_wakeup(struct hrtimer *timer)
+ {
+ struct kvm_vcpu *vcpu;
++ u64 now, sltime;
+
+ vcpu = container_of(timer, struct kvm_vcpu, arch.ckc_timer);
+- kvm_s390_vcpu_wakeup(vcpu);
++ now = get_tod_clock_fast() + vcpu->arch.sie_block->epoch;
++ sltime = tod_to_ns(vcpu->arch.sie_block->ckc - now);
+
++ /*
++ * If the monotonic clock runs faster than the tod clock we might be
++ * woken up too early and have to go back to sleep to avoid deadlocks.
++ */
++ if (vcpu->arch.sie_block->ckc > now &&
++ hrtimer_forward_now(timer, ns_to_ktime(sltime)))
++ return HRTIMER_RESTART;
++ kvm_s390_vcpu_wakeup(vcpu);
+ return HRTIMER_NORESTART;
+ }
+
mips-htw-prevent-accidental-htw-start-due-to-nested-htw_-start-stop.patch
udf-remove-repeated-loads-blocksize.patch
udf-check-length-of-extended-attributes-and-allocation-descriptors.patch
+kvm-s390-forward-hrtimer-if-guest-ckc-not-pending-yet.patch
+kvm-s390-base-hrtimer-on-a-monotonic-clock.patch
+kvm-s390-floating-irqs-fix-user-triggerable-endless-loop.patch
+kvm-s390-avoid-memory-leaks-if-__inject_vm-fails.patch
+hx4700-regulator-declare-full-constraints.patch
+arm64-compat-fix-siginfo_t-compat_siginfo_t-conversion-on-big-endian.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
