From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Sat, 14 Sep 2013 15:01:19 +0000 (-0700)
Subject: 3.11-stable patches
X-Git-Tag: v3.0.97~39
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=46be9507bb068ef502c2e3a2e4bd7fbbf5f2039d;p=thirdparty%2Fkernel%2Fstable-queue.git

3.11-stable patches

added patches:
	arc-smp-failed-to-boot-due-to-missing-ivt-setup.patch
	ipc-msg.c-fix-lost-wakeup-in-msgsnd.patch
---

diff --git a/queue-3.11/arc-smp-failed-to-boot-due-to-missing-ivt-setup.patch b/queue-3.11/arc-smp-failed-to-boot-due-to-missing-ivt-setup.patch
new file mode 100644
index 00000000000..b433a873ad8
--- /dev/null
+++ b/queue-3.11/arc-smp-failed-to-boot-due-to-missing-ivt-setup.patch
@@ -0,0 +1,89 @@
+From c3567f8a359b7917dcffa442301f88ed0a75211f Mon Sep 17 00:00:00 2001
+From: Noam Camus <noamc@ezchip.com>
+Date: Thu, 12 Sep 2013 13:07:39 +0530
+Subject: ARC: SMP failed to boot due to missing IVT setup
+
+From: Noam Camus <noamc@ezchip.com>
+
+commit c3567f8a359b7917dcffa442301f88ed0a75211f upstream.
+
+Commit 05b016ecf5e7a "ARC: Setup Vector Table Base in early boot" moved
+the Interrupt vector Table setup out of arc_init_IRQ() which is called
+for all CPUs, to entry point of boot cpu only, breaking booting of others.
+
+Fix by adding the same to entry point of non-boot CPUs too.
+
+read_arc_build_cfg_regs() printing IVT Base Register didn't help the
+casue since it prints a synthetic value if zero which is totally bogus,
+so fix that to print the exact Register.
+
+[vgupta: Remove the now stale comment from header of arc_init_IRQ and
+also added the commentary for halt-on-reset]
+
+Cc: Gilad Ben-Yossef <gilad@benyossef.com>
+Signed-off-by: Noam Camus <noamc@ezchip.com>
+Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arc/include/asm/sections.h |    1 -
+ arch/arc/kernel/head.S          |    5 +++++
+ arch/arc/kernel/irq.c           |    1 -
+ arch/arc/kernel/setup.c         |    3 ---
+ 4 files changed, 5 insertions(+), 5 deletions(-)
+
+--- a/arch/arc/include/asm/sections.h
++++ b/arch/arc/include/asm/sections.h
+@@ -11,7 +11,6 @@
+ 
+ #include <asm-generic/sections.h>
+ 
+-extern char _int_vec_base_lds[];
+ extern char __arc_dccm_base[];
+ extern char __dtb_start[];
+ 
+--- a/arch/arc/kernel/head.S
++++ b/arch/arc/kernel/head.S
+@@ -34,6 +34,9 @@ stext:
+ 	;	IDENTITY Reg [ 3  2  1  0 ]
+ 	;	(cpu-id)             ^^^	=> Zero for UP ARC700
+ 	;					=> #Core-ID if SMP (Master 0)
++	; Note that non-boot CPUs might not land here if halt-on-reset and
++	; instead breath life from @first_lines_of_secondary, but we still
++	; need to make sure only boot cpu takes this path.
+ 	GET_CPU_ID  r5
+ 	cmp	r5, 0
+ 	jnz	arc_platform_smp_wait_to_boot
+@@ -98,6 +101,8 @@ stext:
+ 
+ first_lines_of_secondary:
+ 
++	sr	@_int_vec_base_lds, [AUX_INTR_VEC_BASE]
++
+ 	; setup per-cpu idle task as "current" on this CPU
+ 	ld	r0, [@secondary_idle_tsk]
+ 	SET_CURR_TASK_ON_CPU  r0, r1
+--- a/arch/arc/kernel/irq.c
++++ b/arch/arc/kernel/irq.c
+@@ -24,7 +24,6 @@
+  * -Needed for each CPU (hence not foldable into init_IRQ)
+  *
+  * what it does ?
+- * -setup Vector Table Base Reg - in case Linux not linked at 0x8000_0000
+  * -Disable all IRQs (on CPU side)
+  * -Optionally, setup the High priority Interrupts as Level 2 IRQs
+  */
+--- a/arch/arc/kernel/setup.c
++++ b/arch/arc/kernel/setup.c
+@@ -47,10 +47,7 @@ void read_arc_build_cfg_regs(void)
+ 	READ_BCR(AUX_IDENTITY, cpu->core);
+ 
+ 	cpu->timers = read_aux_reg(ARC_REG_TIMERS_BCR);
+-
+ 	cpu->vec_base = read_aux_reg(AUX_INTR_VEC_BASE);
+-	if (cpu->vec_base == 0)
+-		cpu->vec_base = (unsigned int)_int_vec_base_lds;
+ 
+ 	READ_BCR(ARC_REG_D_UNCACH_BCR, uncached_space);
+ 	cpu->uncached_base = uncached_space.start << 24;
diff --git a/queue-3.11/ipc-msg.c-fix-lost-wakeup-in-msgsnd.patch b/queue-3.11/ipc-msg.c-fix-lost-wakeup-in-msgsnd.patch
new file mode 100644
index 00000000000..ee9b15868ee
--- /dev/null
+++ b/queue-3.11/ipc-msg.c-fix-lost-wakeup-in-msgsnd.patch
@@ -0,0 +1,91 @@
+From bebcb928c820d0ee83aca4b192adc195e43e66a2 Mon Sep 17 00:00:00 2001
+From: Manfred Spraul <manfred@colorfullife.com>
+Date: Tue, 3 Sep 2013 16:00:08 +0200
+Subject: ipc/msg.c: Fix lost wakeup in msgsnd().
+
+From: Manfred Spraul <manfred@colorfullife.com>
+
+commit bebcb928c820d0ee83aca4b192adc195e43e66a2 upstream.
+
+The check if the queue is full and adding current to the wait queue of
+pending msgsnd() operations (ss_add()) must be atomic.
+
+Otherwise:
+ - the thread that performs msgsnd() finds a full queue and decides to
+   sleep.
+ - the thread that performs msgrcv() first reads all messages from the
+   queue and then sleeps, because the queue is empty.
+ - the msgrcv() calls do not perform any wakeups, because the msgsnd()
+   task has not yet called ss_add().
+ - then the msgsnd()-thread first calls ss_add() and then sleeps.
+
+Net result: msgsnd() and msgrcv() both sleep forever.
+
+Observed with msgctl08 from ltp with a preemptible kernel.
+
+Fix: Call ipc_lock_object() before performing the check.
+
+The patch also moves security_msg_queue_msgsnd() under ipc_lock_object:
+ - msgctl(IPC_SET) explicitely mentions that it tries to expunge any
+   pending operations that are not allowed anymore with the new
+   permissions.  If security_msg_queue_msgsnd() is called without locks,
+   then there might be races.
+ - it makes the patch much simpler.
+
+Reported-and-tested-by: Vineet Gupta <Vineet.Gupta1@synopsys.com>
+Acked-by: Rik van Riel <riel@redhat.com>
+Signed-off-by: Manfred Spraul <manfred@colorfullife.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Sedat Dilek <sedat.dilek@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ ipc/msg.c |   12 +++++-------
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+--- a/ipc/msg.c
++++ b/ipc/msg.c
+@@ -680,16 +680,18 @@ long do_msgsnd(int msqid, long mtype, vo
+ 		goto out_unlock1;
+ 	}
+ 
++	ipc_lock_object(&msq->q_perm);
++
+ 	for (;;) {
+ 		struct msg_sender s;
+ 
+ 		err = -EACCES;
+ 		if (ipcperms(ns, &msq->q_perm, S_IWUGO))
+-			goto out_unlock1;
++			goto out_unlock0;
+ 
+ 		err = security_msg_queue_msgsnd(msq, msg, msgflg);
+ 		if (err)
+-			goto out_unlock1;
++			goto out_unlock0;
+ 
+ 		if (msgsz + msq->q_cbytes <= msq->q_qbytes &&
+ 				1 + msq->q_qnum <= msq->q_qbytes) {
+@@ -699,10 +701,9 @@ long do_msgsnd(int msqid, long mtype, vo
+ 		/* queue full, wait: */
+ 		if (msgflg & IPC_NOWAIT) {
+ 			err = -EAGAIN;
+-			goto out_unlock1;
++			goto out_unlock0;
+ 		}
+ 
+-		ipc_lock_object(&msq->q_perm);
+ 		ss_add(msq, &s);
+ 
+ 		if (!ipc_rcu_getref(msq)) {
+@@ -730,10 +731,7 @@ long do_msgsnd(int msqid, long mtype, vo
+ 			goto out_unlock0;
+ 		}
+ 
+-		ipc_unlock_object(&msq->q_perm);
+ 	}
+-
+-	ipc_lock_object(&msq->q_perm);
+ 	msq->q_lspid = task_tgid_vnr(current);
+ 	msq->q_stime = get_seconds();
+ 
diff --git a/queue-3.11/series b/queue-3.11/series
new file mode 100644
index 00000000000..09da318f957
--- /dev/null
+++ b/queue-3.11/series
@@ -0,0 +1,2 @@
+arc-smp-failed-to-boot-due-to-missing-ivt-setup.patch
+ipc-msg.c-fix-lost-wakeup-in-msgsnd.patch