From: Greg Kroah-Hartman <gregkh@suse.de>
Date: Fri, 13 Aug 2010 20:17:14 +0000 (-0700)
Subject: .32, .34, and .35 mm patches
X-Git-Tag: v2.6.32.19~2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7a6058f52bdb70eda9929da68ae9d1eb672bd4bb;p=thirdparty%2Fkernel%2Fstable-queue.git

.32, .34, and .35 mm patches
---

diff --git a/review-2.6.32/mm-fix-missing-page-table-unmap-for-stack-guard-page-failure-case.patch b/review-2.6.32/mm-fix-missing-page-table-unmap-for-stack-guard-page-failure-case.patch
new file mode 100644
index 00000000000..63626e481b5
--- /dev/null
+++ b/review-2.6.32/mm-fix-missing-page-table-unmap-for-stack-guard-page-failure-case.patch
@@ -0,0 +1,34 @@
+From 5528f9132cf65d4d892bcbc5684c61e7822b21e9 Mon Sep 17 00:00:00 2001
+From: Linus Torvalds <torvalds@linux-foundation.org>
+Date: Fri, 13 Aug 2010 09:24:04 -0700
+Subject: mm: fix missing page table unmap for stack guard page failure case
+
+From: Linus Torvalds <torvalds@linux-foundation.org>
+
+commit 5528f9132cf65d4d892bcbc5684c61e7822b21e9 upstream.
+
+.. which didn't show up in my tests because it's a no-op on x86-64 and
+most other architectures.  But we enter the function with the last-level
+page table mapped, and should unmap it at exit.
+
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ mm/memory.c |    4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/mm/memory.c
++++ b/mm/memory.c
+@@ -2662,8 +2662,10 @@ static int do_anonymous_page(struct mm_s
+ 	spinlock_t *ptl;
+ 	pte_t entry;
+ 
+-	if (check_stack_guard_page(vma, address) < 0)
++	if (check_stack_guard_page(vma, address) < 0) {
++		pte_unmap(page_table);
+ 		return VM_FAULT_SIGBUS;
++	}
+ 
+ 	if (!(flags & FAULT_FLAG_WRITE)) {
+ 		entry = pte_mkspecial(pfn_pte(my_zero_pfn(address),
diff --git a/review-2.6.32/series b/review-2.6.32/series
index 5d613569ac5..b09ad12e997 100644
--- a/review-2.6.32/series
+++ b/review-2.6.32/series
@@ -110,3 +110,5 @@ ibmvfc-reduce-error-recovery-timeout.patch
 md-raid1-delay-reads-that-could-overtake-behind-writes.patch
 mm-fix-corruption-of-hibernation-caused-by-reusing-swap-during-image-saving.patch
 mm-keep-a-guard-page-below-a-grow-down-stack-segment.patch
+mm-fix-missing-page-table-unmap-for-stack-guard-page-failure-case.patch
+x86-don-t-send-sigbus-for-kernel-page-faults.patch
diff --git a/review-2.6.32/x86-don-t-send-sigbus-for-kernel-page-faults.patch b/review-2.6.32/x86-don-t-send-sigbus-for-kernel-page-faults.patch
new file mode 100644
index 00000000000..dd1a3a82dea
--- /dev/null
+++ b/review-2.6.32/x86-don-t-send-sigbus-for-kernel-page-faults.patch
@@ -0,0 +1,39 @@
+From 96054569190bdec375fe824e48ca1f4e3b53dd36 Mon Sep 17 00:00:00 2001
+From: Linus Torvalds <torvalds@linux-foundation.org>
+Date: Fri, 13 Aug 2010 09:49:20 -0700
+Subject: x86: don't send SIGBUS for kernel page faults
+
+From: Linus Torvalds <torvalds@linux-foundation.org>
+
+commit 96054569190bdec375fe824e48ca1f4e3b53dd36 upstream.
+
+It's wrong for several reasons, but the most direct one is that the
+fault may be for the stack accesses to set up a previous SIGBUS.  When
+we have a kernel exception, the kernel exception handler does all the
+fixups, not some user-level signal handler.
+
+Even apart from the nested SIGBUS issue, it's also wrong to give out
+kernel fault addresses in the signal handler info block, or to send a
+SIGBUS when a system call already returns EFAULT.
+
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/x86/mm/fault.c |    4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/arch/x86/mm/fault.c
++++ b/arch/x86/mm/fault.c
+@@ -801,8 +801,10 @@ do_sigbus(struct pt_regs *regs, unsigned
+ 	up_read(&mm->mmap_sem);
+ 
+ 	/* Kernel mode? Handle exceptions or die: */
+-	if (!(error_code & PF_USER))
++	if (!(error_code & PF_USER)) {
+ 		no_context(regs, error_code, address);
++		return;
++	}
+ 
+ 	/* User-space => ok to do another page fault: */
+ 	if (is_prefetch(regs, error_code, address))
diff --git a/review-2.6.34/mm-fix-missing-page-table-unmap-for-stack-guard-page-failure-case.patch b/review-2.6.34/mm-fix-missing-page-table-unmap-for-stack-guard-page-failure-case.patch
new file mode 100644
index 00000000000..3ce67dc9732
--- /dev/null
+++ b/review-2.6.34/mm-fix-missing-page-table-unmap-for-stack-guard-page-failure-case.patch
@@ -0,0 +1,34 @@
+From 5528f9132cf65d4d892bcbc5684c61e7822b21e9 Mon Sep 17 00:00:00 2001
+From: Linus Torvalds <torvalds@linux-foundation.org>
+Date: Fri, 13 Aug 2010 09:24:04 -0700
+Subject: mm: fix missing page table unmap for stack guard page failure case
+
+From: Linus Torvalds <torvalds@linux-foundation.org>
+
+commit 5528f9132cf65d4d892bcbc5684c61e7822b21e9 upstream.
+
+.. which didn't show up in my tests because it's a no-op on x86-64 and
+most other architectures.  But we enter the function with the last-level
+page table mapped, and should unmap it at exit.
+
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ mm/memory.c |    4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/mm/memory.c
++++ b/mm/memory.c
+@@ -2783,8 +2783,10 @@ static int do_anonymous_page(struct mm_s
+ 	spinlock_t *ptl;
+ 	pte_t entry;
+ 
+-	if (check_stack_guard_page(vma, address) < 0)
++	if (check_stack_guard_page(vma, address) < 0) {
++		pte_unmap(page_table);
+ 		return VM_FAULT_SIGBUS;
++	}
+ 
+ 	if (!(flags & FAULT_FLAG_WRITE)) {
+ 		entry = pte_mkspecial(pfn_pte(my_zero_pfn(address),
diff --git a/review-2.6.34/series b/review-2.6.34/series
index f715fc082a5..9f6a6e40b5f 100644
--- a/review-2.6.34/series
+++ b/review-2.6.34/series
@@ -53,3 +53,5 @@ ibmvfc-fix-command-completion-handling.patch
 ibmvfc-reduce-error-recovery-timeout.patch
 md-raid1-delay-reads-that-could-overtake-behind-writes.patch
 mm-keep-a-guard-page-below-a-grow-down-stack-segment.patch
+mm-fix-missing-page-table-unmap-for-stack-guard-page-failure-case.patch
+x86-don-t-send-sigbus-for-kernel-page-faults.patch
diff --git a/review-2.6.34/x86-don-t-send-sigbus-for-kernel-page-faults.patch b/review-2.6.34/x86-don-t-send-sigbus-for-kernel-page-faults.patch
new file mode 100644
index 00000000000..46bb772e3f7
--- /dev/null
+++ b/review-2.6.34/x86-don-t-send-sigbus-for-kernel-page-faults.patch
@@ -0,0 +1,39 @@
+From 96054569190bdec375fe824e48ca1f4e3b53dd36 Mon Sep 17 00:00:00 2001
+From: Linus Torvalds <torvalds@linux-foundation.org>
+Date: Fri, 13 Aug 2010 09:49:20 -0700
+Subject: x86: don't send SIGBUS for kernel page faults
+
+From: Linus Torvalds <torvalds@linux-foundation.org>
+
+commit 96054569190bdec375fe824e48ca1f4e3b53dd36 upstream.
+
+It's wrong for several reasons, but the most direct one is that the
+fault may be for the stack accesses to set up a previous SIGBUS.  When
+we have a kernel exception, the kernel exception handler does all the
+fixups, not some user-level signal handler.
+
+Even apart from the nested SIGBUS issue, it's also wrong to give out
+kernel fault addresses in the signal handler info block, or to send a
+SIGBUS when a system call already returns EFAULT.
+
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/x86/mm/fault.c |    4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/arch/x86/mm/fault.c
++++ b/arch/x86/mm/fault.c
+@@ -802,8 +802,10 @@ do_sigbus(struct pt_regs *regs, unsigned
+ 	up_read(&mm->mmap_sem);
+ 
+ 	/* Kernel mode? Handle exceptions or die: */
+-	if (!(error_code & PF_USER))
++	if (!(error_code & PF_USER)) {
+ 		no_context(regs, error_code, address);
++		return;
++	}
+ 
+ 	/* User-space => ok to do another page fault: */
+ 	if (is_prefetch(regs, error_code, address))
diff --git a/review-2.6.35/mm-fix-missing-page-table-unmap-for-stack-guard-page-failure-case.patch b/review-2.6.35/mm-fix-missing-page-table-unmap-for-stack-guard-page-failure-case.patch
new file mode 100644
index 00000000000..77aa7570e11
--- /dev/null
+++ b/review-2.6.35/mm-fix-missing-page-table-unmap-for-stack-guard-page-failure-case.patch
@@ -0,0 +1,34 @@
+From 5528f9132cf65d4d892bcbc5684c61e7822b21e9 Mon Sep 17 00:00:00 2001
+From: Linus Torvalds <torvalds@linux-foundation.org>
+Date: Fri, 13 Aug 2010 09:24:04 -0700
+Subject: mm: fix missing page table unmap for stack guard page failure case
+
+From: Linus Torvalds <torvalds@linux-foundation.org>
+
+commit 5528f9132cf65d4d892bcbc5684c61e7822b21e9 upstream.
+
+.. which didn't show up in my tests because it's a no-op on x86-64 and
+most other architectures.  But we enter the function with the last-level
+page table mapped, and should unmap it at exit.
+
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ mm/memory.c |    4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/mm/memory.c
++++ b/mm/memory.c
+@@ -2792,8 +2792,10 @@ static int do_anonymous_page(struct mm_s
+ 	spinlock_t *ptl;
+ 	pte_t entry;
+ 
+-	if (check_stack_guard_page(vma, address) < 0)
++	if (check_stack_guard_page(vma, address) < 0) {
++		pte_unmap(page_table);
+ 		return VM_FAULT_SIGBUS;
++	}
+ 
+ 	if (!(flags & FAULT_FLAG_WRITE)) {
+ 		entry = pte_mkspecial(pfn_pte(my_zero_pfn(address),
diff --git a/review-2.6.35/series b/review-2.6.35/series
index 93023718d0d..36f5b87a957 100644
--- a/review-2.6.35/series
+++ b/review-2.6.35/series
@@ -66,3 +66,5 @@ xen-do-not-suspend-ipi-irqs.patch
 crypto-testmgr-add-an-option-to-disable-cryptoalgos-self-tests.patch
 ext4-fix-freeze-deadlock-under-io.patch
 mm-keep-a-guard-page-below-a-grow-down-stack-segment.patch
+mm-fix-missing-page-table-unmap-for-stack-guard-page-failure-case.patch
+x86-don-t-send-sigbus-for-kernel-page-faults.patch
diff --git a/review-2.6.35/x86-don-t-send-sigbus-for-kernel-page-faults.patch b/review-2.6.35/x86-don-t-send-sigbus-for-kernel-page-faults.patch
new file mode 100644
index 00000000000..46bb772e3f7
--- /dev/null
+++ b/review-2.6.35/x86-don-t-send-sigbus-for-kernel-page-faults.patch
@@ -0,0 +1,39 @@
+From 96054569190bdec375fe824e48ca1f4e3b53dd36 Mon Sep 17 00:00:00 2001
+From: Linus Torvalds <torvalds@linux-foundation.org>
+Date: Fri, 13 Aug 2010 09:49:20 -0700
+Subject: x86: don't send SIGBUS for kernel page faults
+
+From: Linus Torvalds <torvalds@linux-foundation.org>
+
+commit 96054569190bdec375fe824e48ca1f4e3b53dd36 upstream.
+
+It's wrong for several reasons, but the most direct one is that the
+fault may be for the stack accesses to set up a previous SIGBUS.  When
+we have a kernel exception, the kernel exception handler does all the
+fixups, not some user-level signal handler.
+
+Even apart from the nested SIGBUS issue, it's also wrong to give out
+kernel fault addresses in the signal handler info block, or to send a
+SIGBUS when a system call already returns EFAULT.
+
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/x86/mm/fault.c |    4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/arch/x86/mm/fault.c
++++ b/arch/x86/mm/fault.c
+@@ -802,8 +802,10 @@ do_sigbus(struct pt_regs *regs, unsigned
+ 	up_read(&mm->mmap_sem);
+ 
+ 	/* Kernel mode? Handle exceptions or die: */
+-	if (!(error_code & PF_USER))
++	if (!(error_code & PF_USER)) {
+ 		no_context(regs, error_code, address);
++		return;
++	}
+ 
+ 	/* User-space => ok to do another page fault: */
+ 	if (is_prefetch(regs, error_code, address))