--- /dev/null
+From c0a1666bcb2a33e84187a15eabdcd54056be9a97 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Thu, 28 Sep 2017 17:58:41 +0200
+Subject: KVM: VMX: use cmpxchg64
+
+From: Paolo Bonzini <pbonzini@redhat.com>
+
+commit c0a1666bcb2a33e84187a15eabdcd54056be9a97 upstream.
+
+This fixes a compilation failure on 32-bit systems.
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/kvm/vmx.c | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+--- a/arch/x86/kvm/vmx.c
++++ b/arch/x86/kvm/vmx.c
+@@ -2223,8 +2223,8 @@ static void vmx_vcpu_pi_load(struct kvm_
+ new.ndst = (dest << 8) & 0xFF00;
+
+ new.sn = 0;
+- } while (cmpxchg(&pi_desc->control, old.control,
+- new.control) != old.control);
++ } while (cmpxchg64(&pi_desc->control, old.control,
++ new.control) != old.control);
+ }
+
+ static void decache_tsc_multiplier(struct vcpu_vmx *vmx)
+@@ -11428,8 +11428,8 @@ static void __pi_post_block(struct kvm_v
+
+ /* set 'NV' to 'notification vector' */
+ new.nv = POSTED_INTR_VECTOR;
+- } while (cmpxchg(&pi_desc->control, old.control,
+- new.control) != old.control);
++ } while (cmpxchg64(&pi_desc->control, old.control,
++ new.control) != old.control);
+
+ if (!WARN_ON_ONCE(vcpu->pre_pcpu == -1)) {
+ spin_lock(&per_cpu(blocked_vcpu_on_cpu_lock, vcpu->pre_pcpu));
+@@ -11498,8 +11498,8 @@ static int pi_pre_block(struct kvm_vcpu
+
+ /* set 'NV' to 'wakeup vector' */
+ new.nv = POSTED_INTR_WAKEUP_VECTOR;
+- } while (cmpxchg(&pi_desc->control, old.control,
+- new.control) != old.control);
++ } while (cmpxchg64(&pi_desc->control, old.control,
++ new.control) != old.control);
+
+ /* We should not block the vCPU if an interrupt is posted for it. */
+ if (pi_test_on(pi_desc) == 1)
--- /dev/null
+From 8e75f7a7a00461ef6d91797a60b606367f6e344d Mon Sep 17 00:00:00 2001
+From: Vladis Dronov <vdronov@redhat.com>
+Date: Mon, 4 Sep 2017 16:00:50 +0200
+Subject: video: fbdev: aty: do not leak uninitialized padding in clk to userspace
+
+From: Vladis Dronov <vdronov@redhat.com>
+
+commit 8e75f7a7a00461ef6d91797a60b606367f6e344d upstream.
+
+'clk' is copied to a userland with padding byte(s) after 'vclk_post_div'
+field unitialized, leaking data from the stack. Fix this ensuring all of
+'clk' is initialized to zero.
+
+References: https://github.com/torvalds/linux/pull/441
+Reported-by: sohu0106 <sohu0106@126.com>
+Signed-off-by: Vladis Dronov <vdronov@redhat.com>
+Signed-off-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/video/fbdev/aty/atyfb_base.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/video/fbdev/aty/atyfb_base.c
++++ b/drivers/video/fbdev/aty/atyfb_base.c
+@@ -1855,7 +1855,7 @@ static int atyfb_ioctl(struct fb_info *i
+ #if defined(DEBUG) && defined(CONFIG_FB_ATY_CT)
+ case ATYIO_CLKR:
+ if (M64_HAS(INTEGRATED)) {
+- struct atyclk clk;
++ struct atyclk clk = { 0 };
+ union aty_pll *pll = &par->pll;
+ u32 dsp_config = pll->ct.dsp_config;
+ u32 dsp_on_off = pll->ct.dsp_on_off;
projects / thirdparty / kernel / stable-queue.git / commitdiff
