--- /dev/null
+From foo@baz Thu Oct 18 11:12:46 CEST 2018
+From: Keerthy <j-keerthy@ti.com>
+Date: Wed, 8 Aug 2018 18:44:59 +0530
+Subject: clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs
+
+From: Keerthy <j-keerthy@ti.com>
+
+[ Upstream commit 3b7d96a0dbb6b630878597a1838fc39f808b761b ]
+
+The 32k clocksource is NONSTOP for non-am43 SoCs. Hence
+add the flag for all the other SoCs.
+
+Reported-by: Tony Lindgren <tony@atomide.com>
+Signed-off-by: Keerthy <j-keerthy@ti.com>
+Acked-by: Tony Lindgren <tony@atomide.com>
+Signed-off-by: Daniel Lezcano <daniel.lezcano@linaro.org>
+Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/clocksource/timer-ti-32k.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/drivers/clocksource/timer-ti-32k.c
++++ b/drivers/clocksource/timer-ti-32k.c
+@@ -98,6 +98,9 @@ static void __init ti_32k_timer_init(str
+ return;
+ }
+
++ if (!of_machine_is_compatible("ti,am43"))
++ ti_32k_timer.cs.flags |= CLOCK_SOURCE_SUSPEND_NONSTOP;
++
+ ti_32k_timer.counter = ti_32k_timer.base;
+
+ /*
--- /dev/null
+From foo@baz Thu Oct 18 11:12:46 CEST 2018
+From: Michael Schmitz <schmitzmic@gmail.com>
+Date: Mon, 17 Sep 2018 15:27:49 -0700
+Subject: Input: atakbd - fix Atari CapsLock behaviour
+
+From: Michael Schmitz <schmitzmic@gmail.com>
+
+[ Upstream commit 52d2c7bf7c90217fbe875d2d76f310979c48eb83 ]
+
+The CapsLock key on Atari keyboards is not a toggle, it does send the
+normal make and break scancodes.
+
+Drop the CapsLock toggle handling code, which did cause the CapsLock
+key to merely act as a Shift key.
+
+Tested-by: Michael Schmitz <schmitzmic@gmail.com>
+Signed-off-by: Michael Schmitz <schmitzmic@gmail.com>
+Signed-off-by: Andreas Schwab <schwab@linux-m68k.org>
+Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
+Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/input/keyboard/atakbd.c | 10 ++--------
+ 1 file changed, 2 insertions(+), 8 deletions(-)
+
+--- a/drivers/input/keyboard/atakbd.c
++++ b/drivers/input/keyboard/atakbd.c
+@@ -189,14 +189,8 @@ static void atakbd_interrupt(unsigned ch
+
+ scancode = atakbd_keycode[scancode];
+
+- if (scancode == KEY_CAPSLOCK) { /* CapsLock is a toggle switch key on Amiga */
+- input_report_key(atakbd_dev, scancode, 1);
+- input_report_key(atakbd_dev, scancode, 0);
+- input_sync(atakbd_dev);
+- } else {
+- input_report_key(atakbd_dev, scancode, down);
+- input_sync(atakbd_dev);
+- }
++ input_report_key(atakbd_dev, scancode, down);
++ input_sync(atakbd_dev);
+ } else /* scancodes >= 0xf3 are mouse data, most likely */
+ printk(KERN_INFO "atakbd: unhandled scancode %x\n", scancode);
+
--- /dev/null
+From foo@baz Thu Oct 18 11:12:46 CEST 2018
+From: Andreas Schwab <schwab@linux-m68k.org>
+Date: Mon, 17 Sep 2018 12:43:34 -0700
+Subject: Input: atakbd - fix Atari keymap
+
+From: Andreas Schwab <schwab@linux-m68k.org>
+
+[ Upstream commit 9e62df51be993035c577371ffee5477697a56aad ]
+
+Fix errors in Atari keymap (mostly in keypad, help and undo keys).
+
+Patch provided on debian-68k ML by Andreas Schwab <schwab@linux-m68k.org>,
+keymap array size and unhandled scancode limit adjusted to 0x73 by me.
+
+Tested-by: Michael Schmitz <schmitzmic@gmail.com>
+Signed-off-by: Michael Schmitz <schmitzmic@gmail.com>
+Signed-off-by: Andreas Schwab <schwab@linux-m68k.org>
+Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
+Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/input/keyboard/atakbd.c | 64 ++++++++++++++++------------------------
+ 1 file changed, 26 insertions(+), 38 deletions(-)
+
+--- a/drivers/input/keyboard/atakbd.c
++++ b/drivers/input/keyboard/atakbd.c
+@@ -79,8 +79,7 @@ MODULE_LICENSE("GPL");
+ */
+
+
+-static unsigned char atakbd_keycode[0x72] = { /* American layout */
+- [0] = KEY_GRAVE,
++static unsigned char atakbd_keycode[0x73] = { /* American layout */
+ [1] = KEY_ESC,
+ [2] = KEY_1,
+ [3] = KEY_2,
+@@ -121,9 +120,9 @@ static unsigned char atakbd_keycode[0x72
+ [38] = KEY_L,
+ [39] = KEY_SEMICOLON,
+ [40] = KEY_APOSTROPHE,
+- [41] = KEY_BACKSLASH, /* FIXME, '#' */
++ [41] = KEY_GRAVE,
+ [42] = KEY_LEFTSHIFT,
+- [43] = KEY_GRAVE, /* FIXME: '~' */
++ [43] = KEY_BACKSLASH,
+ [44] = KEY_Z,
+ [45] = KEY_X,
+ [46] = KEY_C,
+@@ -149,45 +148,34 @@ static unsigned char atakbd_keycode[0x72
+ [66] = KEY_F8,
+ [67] = KEY_F9,
+ [68] = KEY_F10,
+- [69] = KEY_ESC,
+- [70] = KEY_DELETE,
+- [71] = KEY_KP7,
+- [72] = KEY_KP8,
+- [73] = KEY_KP9,
++ [71] = KEY_HOME,
++ [72] = KEY_UP,
+ [74] = KEY_KPMINUS,
+- [75] = KEY_KP4,
+- [76] = KEY_KP5,
+- [77] = KEY_KP6,
++ [75] = KEY_LEFT,
++ [77] = KEY_RIGHT,
+ [78] = KEY_KPPLUS,
+- [79] = KEY_KP1,
+- [80] = KEY_KP2,
+- [81] = KEY_KP3,
+- [82] = KEY_KP0,
+- [83] = KEY_KPDOT,
+- [90] = KEY_KPLEFTPAREN,
+- [91] = KEY_KPRIGHTPAREN,
+- [92] = KEY_KPASTERISK, /* FIXME */
+- [93] = KEY_KPASTERISK,
+- [94] = KEY_KPPLUS,
+- [95] = KEY_HELP,
++ [80] = KEY_DOWN,
++ [82] = KEY_INSERT,
++ [83] = KEY_DELETE,
+ [96] = KEY_102ND,
+- [97] = KEY_KPASTERISK, /* FIXME */
+- [98] = KEY_KPSLASH,
++ [97] = KEY_UNDO,
++ [98] = KEY_HELP,
+ [99] = KEY_KPLEFTPAREN,
+ [100] = KEY_KPRIGHTPAREN,
+ [101] = KEY_KPSLASH,
+ [102] = KEY_KPASTERISK,
+- [103] = KEY_UP,
+- [104] = KEY_KPASTERISK, /* FIXME */
+- [105] = KEY_LEFT,
+- [106] = KEY_RIGHT,
+- [107] = KEY_KPASTERISK, /* FIXME */
+- [108] = KEY_DOWN,
+- [109] = KEY_KPASTERISK, /* FIXME */
+- [110] = KEY_KPASTERISK, /* FIXME */
+- [111] = KEY_KPASTERISK, /* FIXME */
+- [112] = KEY_KPASTERISK, /* FIXME */
+- [113] = KEY_KPASTERISK /* FIXME */
++ [103] = KEY_KP7,
++ [104] = KEY_KP8,
++ [105] = KEY_KP9,
++ [106] = KEY_KP4,
++ [107] = KEY_KP5,
++ [108] = KEY_KP6,
++ [109] = KEY_KP1,
++ [110] = KEY_KP2,
++ [111] = KEY_KP3,
++ [112] = KEY_KP0,
++ [113] = KEY_KPDOT,
++ [114] = KEY_KPENTER,
+ };
+
+ static struct input_dev *atakbd_dev;
+@@ -195,7 +183,7 @@ static struct input_dev *atakbd_dev;
+ static void atakbd_interrupt(unsigned char scancode, char down)
+ {
+
+- if (scancode < 0x72) { /* scancodes < 0xf2 are keys */
++ if (scancode < 0x73) { /* scancodes < 0xf3 are keys */
+
+ // report raw events here?
+
+@@ -209,7 +197,7 @@ static void atakbd_interrupt(unsigned ch
+ input_report_key(atakbd_dev, scancode, down);
+ input_sync(atakbd_dev);
+ }
+- } else /* scancodes >= 0xf2 are mouse data, most likely */
++ } else /* scancodes >= 0xf3 are mouse data, most likely */
+ printk(KERN_INFO "atakbd: unhandled scancode %x\n", scancode);
+
+ return;
--- /dev/null
+From foo@baz Thu Oct 18 11:12:46 CEST 2018
+From: Jozef Balga <jozef.balga@gmail.com>
+Date: Tue, 21 Aug 2018 05:01:04 -0400
+Subject: media: af9035: prevent buffer overflow on write
+
+From: Jozef Balga <jozef.balga@gmail.com>
+
+[ Upstream commit 312f73b648626a0526a3aceebb0a3192aaba05ce ]
+
+When less than 3 bytes are written to the device, memcpy is called with
+negative array size which leads to buffer overflow and kernel panic. This
+patch adds a condition and returns -EOPNOTSUPP instead.
+Fixes bugzilla issue 64871
+
+[mchehab+samsung@kernel.org: fix a merge conflict and changed the
+ condition to match the patch's comment, e. g. len == 3 could
+ also be valid]
+Signed-off-by: Jozef Balga <jozef.balga@gmail.com>
+Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
+Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/media/usb/dvb-usb-v2/af9035.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+--- a/drivers/media/usb/dvb-usb-v2/af9035.c
++++ b/drivers/media/usb/dvb-usb-v2/af9035.c
+@@ -389,8 +389,10 @@ static int af9035_i2c_master_xfer(struct
+ msg[0].addr == (state->af9033_i2c_addr[1] >> 1))
+ reg |= 0x100000;
+
+- ret = af9035_wr_regs(d, reg, &msg[0].buf[3],
+- msg[0].len - 3);
++ ret = (msg[0].len >= 3) ? af9035_wr_regs(d, reg,
++ &msg[0].buf[3],
++ msg[0].len - 3)
++ : -EOPNOTSUPP;
+ } else {
+ /* I2C write */
+ u8 buf[MAX_XFER_SIZE];
--- /dev/null
+From foo@baz Thu Oct 18 11:12:46 CEST 2018
+From: Nathan Chancellor <natechancellor@gmail.com>
+Date: Fri, 21 Sep 2018 02:44:12 -0700
+Subject: net/mlx4: Use cpumask_available for eq->affinity_mask
+
+From: Nathan Chancellor <natechancellor@gmail.com>
+
+[ Upstream commit 8ac1ee6f4d62e781e3b3fd8b9c42b70371427669 ]
+
+Clang warns that the address of a pointer will always evaluated as true
+in a boolean context:
+
+drivers/net/ethernet/mellanox/mlx4/eq.c:243:11: warning: address of
+array 'eq->affinity_mask' will always evaluate to 'true'
+[-Wpointer-bool-conversion]
+ if (!eq->affinity_mask || cpumask_empty(eq->affinity_mask))
+ ~~~~~^~~~~~~~~~~~~
+1 warning generated.
+
+Use cpumask_available, introduced in commit f7e30f01a9e2 ("cpumask: Add
+helper cpumask_available()"), which does the proper checking and avoids
+this warning.
+
+Link: https://github.com/ClangBuiltLinux/linux/issues/86
+Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/ethernet/mellanox/mlx4/eq.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/drivers/net/ethernet/mellanox/mlx4/eq.c
++++ b/drivers/net/ethernet/mellanox/mlx4/eq.c
+@@ -228,7 +228,8 @@ static void mlx4_set_eq_affinity_hint(st
+ struct mlx4_dev *dev = &priv->dev;
+ struct mlx4_eq *eq = &priv->eq_table.eq[vec];
+
+- if (!eq->affinity_mask || cpumask_empty(eq->affinity_mask))
++ if (!cpumask_available(eq->affinity_mask) ||
++ cpumask_empty(eq->affinity_mask))
+ return;
+
+ hint_err = irq_set_affinity_hint(eq->irq, eq->affinity_mask);
--- /dev/null
+From foo@baz Thu Oct 18 11:12:46 CEST 2018
+From: Michael Neuling <mikey@neuling.org>
+Date: Tue, 25 Sep 2018 19:36:47 +1000
+Subject: powerpc/tm: Avoid possible userspace r1 corruption on reclaim
+
+From: Michael Neuling <mikey@neuling.org>
+
+[ Upstream commit 96dc89d526ef77604376f06220e3d2931a0bfd58 ]
+
+Current we store the userspace r1 to PACATMSCRATCH before finally
+saving it to the thread struct.
+
+In theory an exception could be taken here (like a machine check or
+SLB miss) that could write PACATMSCRATCH and hence corrupt the
+userspace r1. The SLB fault currently doesn't touch PACATMSCRATCH, but
+others do.
+
+We've never actually seen this happen but it's theoretically
+possible. Either way, the code is fragile as it is.
+
+This patch saves r1 to the kernel stack (which can't fault) before we
+turn MSR[RI] back on. PACATMSCRATCH is still used but only with
+MSR[RI] off. We then copy r1 from the kernel stack to the thread
+struct once we have MSR[RI] back on.
+
+Suggested-by: Breno Leitao <leitao@debian.org>
+Signed-off-by: Michael Neuling <mikey@neuling.org>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/powerpc/kernel/tm.S | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+--- a/arch/powerpc/kernel/tm.S
++++ b/arch/powerpc/kernel/tm.S
+@@ -202,6 +202,13 @@ dont_backup_fp:
+ std r11, GPR11(r1) /* Temporary stash */
+
+ /*
++ * Move the saved user r1 to the kernel stack in case PACATMSCRATCH is
++ * clobbered by an exception once we turn on MSR_RI below.
++ */
++ ld r11, PACATMSCRATCH(r13)
++ std r11, GPR1(r1)
++
++ /*
+ * Store r13 away so we can free up the scratch SPR for the SLB fault
+ * handler (needed once we start accessing the thread_struct).
+ */
+@@ -237,7 +244,7 @@ dont_backup_fp:
+ SAVE_GPR(8, r7) /* user r8 */
+ SAVE_GPR(9, r7) /* user r9 */
+ SAVE_GPR(10, r7) /* user r10 */
+- ld r3, PACATMSCRATCH(r13) /* user r1 */
++ ld r3, GPR1(r1) /* user r1 */
+ ld r4, GPR7(r1) /* user r7 */
+ ld r5, GPR11(r1) /* user r11 */
+ ld r6, GPR12(r1) /* user r12 */
--- /dev/null
+From foo@baz Thu Oct 18 11:12:46 CEST 2018
+From: Michael Neuling <mikey@neuling.org>
+Date: Mon, 24 Sep 2018 17:27:04 +1000
+Subject: powerpc/tm: Fix userspace r13 corruption
+
+From: Michael Neuling <mikey@neuling.org>
+
+[ Upstream commit cf13435b730a502e814c63c84d93db131e563f5f ]
+
+When we treclaim we store the userspace checkpointed r13 to a scratch
+SPR and then later save the scratch SPR to the user thread struct.
+
+Unfortunately, this doesn't work as accessing the user thread struct
+can take an SLB fault and the SLB fault handler will write the same
+scratch SPRG that now contains the userspace r13.
+
+To fix this, we store r13 to the kernel stack (which can't fault)
+before we access the user thread struct.
+
+Found by running P8 guest + powervm + disable_1tb_segments + TM. Seen
+as a random userspace segfault with r13 looking like a kernel address.
+
+Signed-off-by: Michael Neuling <mikey@neuling.org>
+Reviewed-by: Breno Leitao <leitao@debian.org>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/powerpc/kernel/tm.S | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+--- a/arch/powerpc/kernel/tm.S
++++ b/arch/powerpc/kernel/tm.S
+@@ -199,13 +199,20 @@ dont_backup_fp:
+ std r1, PACATMSCRATCH(r13)
+ ld r1, PACAR1(r13)
+
+- /* Store the PPR in r11 and reset to decent value */
+ std r11, GPR11(r1) /* Temporary stash */
+
++ /*
++ * Store r13 away so we can free up the scratch SPR for the SLB fault
++ * handler (needed once we start accessing the thread_struct).
++ */
++ GET_SCRATCH0(r11)
++ std r11, GPR13(r1)
++
+ /* Reset MSR RI so we can take SLB faults again */
+ li r11, MSR_RI
+ mtmsrd r11, 1
+
++ /* Store the PPR in r11 and reset to decent value */
+ mfspr r11, SPRN_PPR
+ HMT_MEDIUM
+
+@@ -234,7 +241,7 @@ dont_backup_fp:
+ ld r4, GPR7(r1) /* user r7 */
+ ld r5, GPR11(r1) /* user r11 */
+ ld r6, GPR12(r1) /* user r12 */
+- GET_SCRATCH0(8) /* user r13 */
++ ld r8, GPR13(r1) /* user r13 */
+ std r3, GPR1(r7)
+ std r4, GPR7(r7)
+ std r5, GPR11(r7)
--- /dev/null
+From foo@baz Thu Oct 18 11:12:46 CEST 2018
+From: James Cowgill <jcowgill@debian.org>
+Date: Thu, 6 Sep 2018 22:57:56 +0100
+Subject: RISC-V: include linux/ftrace.h in asm-prototypes.h
+
+From: James Cowgill <jcowgill@debian.org>
+
+[ Upstream commit 57a489786de9ec37d6e25ef1305dc337047f0236 ]
+
+Building a riscv kernel with CONFIG_FUNCTION_TRACER and
+CONFIG_MODVERSIONS enabled results in these two warnings:
+
+ MODPOST vmlinux.o
+WARNING: EXPORT symbol "return_to_handler" [vmlinux] version generation failed, symbol will not be versioned.
+WARNING: EXPORT symbol "_mcount" [vmlinux] version generation failed, symbol will not be versioned.
+
+When exporting symbols from an assembly file, the MODVERSIONS code
+requires their prototypes to be defined in asm-prototypes.h (see
+scripts/Makefile.build). Since both of these symbols have prototypes
+defined in linux/ftrace.h, include this header from RISC-V's
+asm-prototypes.h.
+
+Reported-by: Karsten Merker <merker@debian.org>
+Signed-off-by: James Cowgill <jcowgill@debian.org>
+Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
+Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/riscv/include/asm/asm-prototypes.h | 7 +++++++
+ 1 file changed, 7 insertions(+)
+ create mode 100644 arch/riscv/include/asm/asm-prototypes.h
+
+--- /dev/null
++++ b/arch/riscv/include/asm/asm-prototypes.h
+@@ -0,0 +1,7 @@
++/* SPDX-License-Identifier: GPL-2.0 */
++#ifndef _ASM_RISCV_PROTOTYPES_H
++
++#include <linux/ftrace.h>
++#include <asm-generic/asm-prototypes.h>
++
++#endif /* _ASM_RISCV_PROTOTYPES_H */
x86-fpu-remove-use_eager_fpu.patch
x86-fpu-remove-struct-fpu-counter.patch
x86-fpu-finish-excising-eagerfpu.patch
+media-af9035-prevent-buffer-overflow-on-write.patch
+clocksource-drivers-ti-32k-add-clock_source_suspend_nonstop-flag-for-non-am43-socs.patch
+input-atakbd-fix-atari-keymap.patch
+input-atakbd-fix-atari-capslock-behaviour.patch
+net-mlx4-use-cpumask_available-for-eq-affinity_mask.patch
+risc-v-include-linux-ftrace.h-in-asm-prototypes.h.patch
+powerpc-tm-fix-userspace-r13-corruption.patch
+powerpc-tm-avoid-possible-userspace-r1-corruption-on-reclaim.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
