From: Greg Kroah-Hartman Date: Mon, 4 Dec 2017 14:01:43 +0000 (+0100) Subject: 4.14-stable patches X-Git-Tag: v3.18.86~4 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8e45d6a3b006bf37696667cba36872843682603f;p=thirdparty%2Fkernel%2Fstable-queue.git 4.14-stable patches added patches: drm-i915-don-t-try-indexed-reads-to-alternate-slave-addresses.patch drm-i915-fbdev-serialise-early-hotplug-events-with-async-fbdev-config.patch drm-i915-fix-false-positive-assert_rpm_wakelock_held-in-i915_pmic_bus_access_notifier-v2.patch drm-i915-gvt-correct-addr_4k-2m-1g_mask-definition.patch drm-i915-prevent-zero-length-index-write.patch drm-i915-re-register-pmic-bus-access-notifier-on-runtime-resume.patch revert-x86-entry-64-add-missing-irqflags-tracing-to.patch --- diff --git a/queue-4.14/drm-i915-don-t-try-indexed-reads-to-alternate-slave-addresses.patch b/queue-4.14/drm-i915-don-t-try-indexed-reads-to-alternate-slave-addresses.patch new file mode 100644 index 00000000000..4b42e6a5045 --- /dev/null +++ b/queue-4.14/drm-i915-don-t-try-indexed-reads-to-alternate-slave-addresses.patch @@ -0,0 +1,42 @@ +From ae5c631e605a452a5a0e73205a92810c01ed954b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ville=20Syrj=C3=A4l=C3=A4?= +Date: Thu, 23 Nov 2017 21:41:56 +0200 +Subject: drm/i915: Don't try indexed reads to alternate slave addresses +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Ville Syrjälä + +commit ae5c631e605a452a5a0e73205a92810c01ed954b upstream. + +We can only specify the one slave address to indexed reads/writes. +Make sure the messages we check are destined to the same slave +address before deciding to do an indexed transfer. + +Cc: Daniel Kurtz +Cc: Chris Wilson +Cc: Daniel Vetter +Cc: Sean Paul +Fixes: 56f9eac05489 ("drm/i915/intel_i2c: use INDEX cycles for i2c read transactions") +Signed-off-by: Ville Syrjälä +Link: https://patchwork.freedesktop.org/patch/msgid/20171123194157.25367-2-ville.syrjala@linux.intel.com +Reviewed-by: Chris Wilson +(cherry picked from commit c4deb62d7821672265b87952bcd1c808f3bf3e8f) +Signed-off-by: Joonas Lahtinen +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/gpu/drm/i915/intel_i2c.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/drivers/gpu/drm/i915/intel_i2c.c ++++ b/drivers/gpu/drm/i915/intel_i2c.c +@@ -438,6 +438,7 @@ static bool + gmbus_is_index_read(struct i2c_msg *msgs, int i, int num) + { + return (i + 1 < num && ++ msgs[i].addr == msgs[i + 1].addr && + !(msgs[i].flags & I2C_M_RD) && msgs[i].len <= 2 && + (msgs[i + 1].flags & I2C_M_RD)); + } diff --git a/queue-4.14/drm-i915-fbdev-serialise-early-hotplug-events-with-async-fbdev-config.patch b/queue-4.14/drm-i915-fbdev-serialise-early-hotplug-events-with-async-fbdev-config.patch new file mode 100644 index 00000000000..8a93210ef33 --- /dev/null +++ b/queue-4.14/drm-i915-fbdev-serialise-early-hotplug-events-with-async-fbdev-config.patch @@ -0,0 +1,117 @@ +From a45b30a6c5db631e2ba680304bd5edd0cd1f9643 Mon Sep 17 00:00:00 2001 +From: Chris Wilson +Date: Sat, 25 Nov 2017 19:41:55 +0000 +Subject: drm/i915/fbdev: Serialise early hotplug events with async fbdev config + +From: Chris Wilson + +commit a45b30a6c5db631e2ba680304bd5edd0cd1f9643 upstream. + +As both the hotplug event and fbdev configuration run asynchronously, it +is possible for them to run concurrently. If configuration fails, we were +freeing the fbdev causing a use-after-free in the hotplug event. + +<7>[ 3069.935211] [drm:intel_fb_initial_config [i915]] Not using firmware configuration +<7>[ 3069.935225] [drm:drm_setup_crtcs] looking for cmdline mode on connector 77 +<7>[ 3069.935229] [drm:drm_setup_crtcs] looking for preferred mode on connector 77 0 +<7>[ 3069.935233] [drm:drm_setup_crtcs] found mode 3200x1800 +<7>[ 3069.935236] [drm:drm_setup_crtcs] picking CRTCs for 8192x8192 config +<7>[ 3069.935253] [drm:drm_setup_crtcs] desired mode 3200x1800 set on crtc 43 (0,0) +<7>[ 3069.935323] [drm:intelfb_create [i915]] no BIOS fb, allocating a new one +<4>[ 3069.967737] general protection fault: 0000 [#1] PREEMPT SMP +<0>[ 3069.977453] --------------------------------- +<4>[ 3069.977457] Modules linked in: i915(+) vgem snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic x86_pkg_temp_thermal intel_powerclamp coretemp crct10dif_pclmul crc32_pclmul ghash_clmulni_intel snd_hda_codec snd_hwdep snd_hda_core snd_pcm r8169 mei_me mii prime_numbers mei i2c_hid pinctrl_geminilake pinctrl_intel [last unloaded: i915] +<4>[ 3069.977492] CPU: 1 PID: 15414 Comm: kworker/1:0 Tainted: G U 4.14.0-CI-CI_DRM_3388+ #1 +<4>[ 3069.977497] Hardware name: Intel Corp. Geminilake/GLK RVP1 DDR4 (05), BIOS GELKRVPA.X64.0062.B30.1708222146 08/22/2017 +<4>[ 3069.977508] Workqueue: events output_poll_execute +<4>[ 3069.977512] task: ffff880177734e40 task.stack: ffffc90001fe4000 +<4>[ 3069.977519] RIP: 0010:__lock_acquire+0x109/0x1b60 +<4>[ 3069.977523] RSP: 0018:ffffc90001fe7bb0 EFLAGS: 00010002 +<4>[ 3069.977526] RAX: 6b6b6b6b6b6b6b6b RBX: 0000000000000282 RCX: 0000000000000000 +<4>[ 3069.977530] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff880170d4efd0 +<4>[ 3069.977534] RBP: ffffc90001fe7c70 R08: 0000000000000001 R09: 0000000000000000 +<4>[ 3069.977538] R10: 0000000000000000 R11: ffffffff81899609 R12: ffff880170d4efd0 +<4>[ 3069.977542] R13: ffff880177734e40 R14: 0000000000000001 R15: 0000000000000000 +<4>[ 3069.977547] FS: 0000000000000000(0000) GS:ffff88017fc80000(0000) knlGS:0000000000000000 +<4>[ 3069.977551] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +<4>[ 3069.977555] CR2: 00007f7e8b7bcf04 CR3: 0000000003e0f000 CR4: 00000000003406e0 +<4>[ 3069.977559] Call Trace: +<4>[ 3069.977565] ? mark_held_locks+0x64/0x90 +<4>[ 3069.977571] ? _raw_spin_unlock_irq+0x24/0x50 +<4>[ 3069.977575] ? _raw_spin_unlock_irq+0x24/0x50 +<4>[ 3069.977579] ? trace_hardirqs_on_caller+0xde/0x1c0 +<4>[ 3069.977583] ? _raw_spin_unlock_irq+0x2f/0x50 +<4>[ 3069.977588] ? finish_task_switch+0xa5/0x210 +<4>[ 3069.977592] ? lock_acquire+0xaf/0x200 +<4>[ 3069.977596] lock_acquire+0xaf/0x200 +<4>[ 3069.977600] ? __mutex_lock+0x5e9/0x9b0 +<4>[ 3069.977604] _raw_spin_lock+0x2a/0x40 +<4>[ 3069.977608] ? __mutex_lock+0x5e9/0x9b0 +<4>[ 3069.977612] __mutex_lock+0x5e9/0x9b0 +<4>[ 3069.977616] ? drm_fb_helper_hotplug_event.part.19+0x16/0xa0 +<4>[ 3069.977621] ? drm_fb_helper_hotplug_event.part.19+0x16/0xa0 +<4>[ 3069.977625] drm_fb_helper_hotplug_event.part.19+0x16/0xa0 +<4>[ 3069.977630] output_poll_execute+0x8d/0x180 +<4>[ 3069.977635] process_one_work+0x22e/0x660 +<4>[ 3069.977640] worker_thread+0x48/0x3a0 +<4>[ 3069.977644] ? _raw_spin_unlock_irqrestore+0x4c/0x60 +<4>[ 3069.977649] kthread+0x102/0x140 +<4>[ 3069.977653] ? process_one_work+0x660/0x660 +<4>[ 3069.977657] ? kthread_create_on_node+0x40/0x40 +<4>[ 3069.977662] ret_from_fork+0x27/0x40 +<4>[ 3069.977666] Code: 8d 62 f8 c3 49 81 3c 24 e0 fa 3c 82 41 be 00 00 00 00 45 0f 45 f0 83 fe 01 77 86 89 f0 49 8b 44 c4 08 48 85 c0 0f 84 76 ff ff ff ff 80 38 01 00 00 8b 1d 62 f9 e8 01 45 8b 85 b8 08 00 00 85 +<1>[ 3069.977707] RIP: __lock_acquire+0x109/0x1b60 RSP: ffffc90001fe7bb0 +<4>[ 3069.977712] ---[ end trace 4ad012eb3af62df7 ]--- + +In order to keep the dev_priv->ifbdev alive after failure, we have to +avoid the free and leave it empty until we unload the module (which is +less than ideal, but a necessary evil for simplicity). Then we can use +intel_fbdev_sync() to serialise the hotplug event with the configuration. +The serialisation between the two was removed in commit 934458c2c95d +("Revert "drm/i915: Fix races on fbdev""), but the use after free is much +older, commit 366e39b4d2c5 ("drm/i915: Tear down fbdev if initialization +fails") + +Fixes: 366e39b4d2c5 ("drm/i915: Tear down fbdev if initialization fails") +Fixes: 934458c2c95d ("Revert "drm/i915: Fix races on fbdev"") +Signed-off-by: Chris Wilson +Cc: Lukas Wunner +Cc: Joonas Lahtinen +Cc: Daniel Vetter +Reviewed-by: Lukas Wunner +Link: https://patchwork.freedesktop.org/patch/msgid/20171125194155.355-1-chris@chris-wilson.co.uk +(cherry picked from commit ad88d7fc6c032ddfb32b8d496a070ab71de3a64f) +Signed-off-by: Joonas Lahtinen +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/gpu/drm/i915/intel_fbdev.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +--- a/drivers/gpu/drm/i915/intel_fbdev.c ++++ b/drivers/gpu/drm/i915/intel_fbdev.c +@@ -694,10 +694,8 @@ static void intel_fbdev_initial_config(v + + /* Due to peculiar init order wrt to hpd handling this is separate. */ + if (drm_fb_helper_initial_config(&ifbdev->helper, +- ifbdev->preferred_bpp)) { ++ ifbdev->preferred_bpp)) + intel_fbdev_unregister(to_i915(ifbdev->helper.dev)); +- intel_fbdev_fini(to_i915(ifbdev->helper.dev)); +- } + } + + void intel_fbdev_initial_config_async(struct drm_device *dev) +@@ -797,7 +795,11 @@ void intel_fbdev_output_poll_changed(str + { + struct intel_fbdev *ifbdev = to_i915(dev)->fbdev; + +- if (ifbdev) ++ if (!ifbdev) ++ return; ++ ++ intel_fbdev_sync(ifbdev); ++ if (ifbdev->vma) + drm_fb_helper_hotplug_event(&ifbdev->helper); + } + diff --git a/queue-4.14/drm-i915-fix-false-positive-assert_rpm_wakelock_held-in-i915_pmic_bus_access_notifier-v2.patch b/queue-4.14/drm-i915-fix-false-positive-assert_rpm_wakelock_held-in-i915_pmic_bus_access_notifier-v2.patch new file mode 100644 index 00000000000..fd66945ba6e --- /dev/null +++ b/queue-4.14/drm-i915-fix-false-positive-assert_rpm_wakelock_held-in-i915_pmic_bus_access_notifier-v2.patch @@ -0,0 +1,65 @@ +From f4359cedfb43b934f38c50d1604db21333abe57b Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Fri, 10 Nov 2017 16:03:01 +0100 +Subject: drm/i915: Fix false-positive assert_rpm_wakelock_held in i915_pmic_bus_access_notifier v2 + +From: Hans de Goede + +commit f4359cedfb43b934f38c50d1604db21333abe57b upstream. + +assert_rpm_wakelock_held is triggered from i915_pmic_bus_access_notifier +even though it gets unregistered on (runtime) suspend, this is caused +by a race happening under the following circumstances: + +intel_runtime_pm_put does: + + atomic_dec(&dev_priv->pm.wakeref_count); + + pm_runtime_mark_last_busy(kdev); + pm_runtime_put_autosuspend(kdev); + +And pm_runtime_put_autosuspend calls intel_runtime_suspend from +a workqueue, so there is ample of time between the atomic_dec() and +intel_runtime_suspend() unregistering the notifier. If the notifier +gets called in this windowd assert_rpm_wakelock_held falsely triggers +(at this point we're not runtime-suspended yet). + +This commit adds disable_rpm_wakeref_asserts and +enable_rpm_wakeref_asserts calls around the +intel_uncore_forcewake_get(FORCEWAKE_ALL) call in +i915_pmic_bus_access_notifier fixing the false-positive WARN_ON. + +Changes in v2: +-Reword comment explaining why disabling the wakeref asserts is + ok and necessary + +Reported-by: FKr +Reviewed-by: Imre Deak +Signed-off-by: Hans de Goede +Link: https://patchwork.freedesktop.org/patch/msgid/20171110150301.9601-2-hdegoede@redhat.com +(cherry picked from commit ce30560c80dead91e98a03d90fb8791e57a9b69d) +Signed-off-by: Jani Nikula +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/gpu/drm/i915/intel_uncore.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +--- a/drivers/gpu/drm/i915/intel_uncore.c ++++ b/drivers/gpu/drm/i915/intel_uncore.c +@@ -1171,8 +1171,15 @@ static int i915_pmic_bus_access_notifier + * bus, which will be busy after this notification, leading to: + * "render: timed out waiting for forcewake ack request." + * errors. ++ * ++ * The notifier is unregistered during intel_runtime_suspend(), ++ * so it's ok to access the HW here without holding a RPM ++ * wake reference -> disable wakeref asserts for the time of ++ * the access. + */ ++ disable_rpm_wakeref_asserts(dev_priv); + intel_uncore_forcewake_get(dev_priv, FORCEWAKE_ALL); ++ enable_rpm_wakeref_asserts(dev_priv); + break; + case MBI_PMIC_BUS_ACCESS_END: + intel_uncore_forcewake_put(dev_priv, FORCEWAKE_ALL); diff --git a/queue-4.14/drm-i915-gvt-correct-addr_4k-2m-1g_mask-definition.patch b/queue-4.14/drm-i915-gvt-correct-addr_4k-2m-1g_mask-definition.patch new file mode 100644 index 00000000000..434e3b23403 --- /dev/null +++ b/queue-4.14/drm-i915-gvt-correct-addr_4k-2m-1g_mask-definition.patch @@ -0,0 +1,39 @@ +From b721b65af4eb46df6a1d9e34b14003225e403565 Mon Sep 17 00:00:00 2001 +From: Xiong Zhang +Date: Tue, 28 Nov 2017 07:29:54 +0800 +Subject: drm/i915/gvt: Correct ADDR_4K/2M/1G_MASK definition + +From: Xiong Zhang + +commit b721b65af4eb46df6a1d9e34b14003225e403565 upstream. + +For ADDR_4K_MASK, bit[45..12] should be 1, all other bits +should be 0. The current definition wrongly set bit[46] as 1 +also. This path fixes this. + +v2: Add commit message, fixes and cc stable.(Zhenyu) + +Fixes: 2707e4446688("drm/i915/gvt: vGPU graphics memory virtualization") +Signed-off-by: Xiong Zhang +Signed-off-by: Zhenyu Wang +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/gpu/drm/i915/gvt/gtt.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- a/drivers/gpu/drm/i915/gvt/gtt.c ++++ b/drivers/gpu/drm/i915/gvt/gtt.c +@@ -311,9 +311,9 @@ static inline int gtt_set_entry64(void * + + #define GTT_HAW 46 + +-#define ADDR_1G_MASK (((1UL << (GTT_HAW - 30 + 1)) - 1) << 30) +-#define ADDR_2M_MASK (((1UL << (GTT_HAW - 21 + 1)) - 1) << 21) +-#define ADDR_4K_MASK (((1UL << (GTT_HAW - 12 + 1)) - 1) << 12) ++#define ADDR_1G_MASK (((1UL << (GTT_HAW - 30)) - 1) << 30) ++#define ADDR_2M_MASK (((1UL << (GTT_HAW - 21)) - 1) << 21) ++#define ADDR_4K_MASK (((1UL << (GTT_HAW - 12)) - 1) << 12) + + static unsigned long gen8_gtt_get_pfn(struct intel_gvt_gtt_entry *e) + { diff --git a/queue-4.14/drm-i915-prevent-zero-length-index-write.patch b/queue-4.14/drm-i915-prevent-zero-length-index-write.patch new file mode 100644 index 00000000000..4abbcb92a3f --- /dev/null +++ b/queue-4.14/drm-i915-prevent-zero-length-index-write.patch @@ -0,0 +1,44 @@ +From 56350fb8978bbf4aafe08f21234e161dd128b417 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ville=20Syrj=C3=A4l=C3=A4?= +Date: Thu, 23 Nov 2017 21:41:57 +0200 +Subject: drm/i915: Prevent zero length "index" write +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Ville Syrjälä + +commit 56350fb8978bbf4aafe08f21234e161dd128b417 upstream. + +The hardware always writes one or two bytes in the index portion of +an indexed transfer. Make sure the message we send as the index +doesn't have a zero length. + +Cc: Daniel Kurtz +Cc: Chris Wilson +Cc: Daniel Vetter +Cc: Sean Paul +Fixes: 56f9eac05489 ("drm/i915/intel_i2c: use INDEX cycles for i2c read transactions") +Signed-off-by: Ville Syrjälä +Link: https://patchwork.freedesktop.org/patch/msgid/20171123194157.25367-3-ville.syrjala@linux.intel.com +Reviewed-by: Chris Wilson +(cherry picked from commit bb9e0d4bca50f429152e74a459160b41f3d60fb2) +Signed-off-by: Joonas Lahtinen +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/gpu/drm/i915/intel_i2c.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/drivers/gpu/drm/i915/intel_i2c.c ++++ b/drivers/gpu/drm/i915/intel_i2c.c +@@ -439,7 +439,8 @@ gmbus_is_index_read(struct i2c_msg *msgs + { + return (i + 1 < num && + msgs[i].addr == msgs[i + 1].addr && +- !(msgs[i].flags & I2C_M_RD) && msgs[i].len <= 2 && ++ !(msgs[i].flags & I2C_M_RD) && ++ (msgs[i].len == 1 || msgs[i].len == 2) && + (msgs[i + 1].flags & I2C_M_RD)); + } + diff --git a/queue-4.14/drm-i915-re-register-pmic-bus-access-notifier-on-runtime-resume.patch b/queue-4.14/drm-i915-re-register-pmic-bus-access-notifier-on-runtime-resume.patch new file mode 100644 index 00000000000..042fc391bdb --- /dev/null +++ b/queue-4.14/drm-i915-re-register-pmic-bus-access-notifier-on-runtime-resume.patch @@ -0,0 +1,66 @@ +From 294cf1af8cf2eb0d1eced377fdfb9a2d3f0e8b42 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Tue, 14 Nov 2017 14:55:17 +0100 +Subject: drm/i915: Re-register PMIC bus access notifier on runtime resume + +From: Hans de Goede + +commit 294cf1af8cf2eb0d1eced377fdfb9a2d3f0e8b42 upstream. + +intel_uncore_suspend() unregisters the uncore code's PMIC bus access +notifier and gets called on both normal and runtime suspend. + +intel_uncore_resume_early() re-registers the notifier, but only on +normal resume. Add a new intel_uncore_runtime_resume() function which +only re-registers the notifier and call that on runtime resume. + +Reported-by: Imre Deak +Reviewed-by: Imre Deak +Signed-off-by: Hans de Goede +Link: https://patchwork.freedesktop.org/patch/msgid/20171114135518.15981-2-hdegoede@redhat.com +(cherry picked from commit bedf4d79c3654921839b62246b0965ddb308b201) +Signed-off-by: Jani Nikula +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/gpu/drm/i915/i915_drv.c | 2 ++ + drivers/gpu/drm/i915/intel_uncore.c | 6 ++++++ + drivers/gpu/drm/i915/intel_uncore.h | 1 + + 3 files changed, 9 insertions(+) + +--- a/drivers/gpu/drm/i915/i915_drv.c ++++ b/drivers/gpu/drm/i915/i915_drv.c +@@ -2591,6 +2591,8 @@ static int intel_runtime_resume(struct d + ret = vlv_resume_prepare(dev_priv, true); + } + ++ intel_uncore_runtime_resume(dev_priv); ++ + /* + * No point of rolling back things in case of an error, as the best + * we can do is to hope that things will still work (and disable RPM). +--- a/drivers/gpu/drm/i915/intel_uncore.c ++++ b/drivers/gpu/drm/i915/intel_uncore.c +@@ -434,6 +434,12 @@ void intel_uncore_resume_early(struct dr + i915_check_and_clear_faults(dev_priv); + } + ++void intel_uncore_runtime_resume(struct drm_i915_private *dev_priv) ++{ ++ iosf_mbi_register_pmic_bus_access_notifier( ++ &dev_priv->uncore.pmic_bus_access_nb); ++} ++ + void intel_uncore_sanitize(struct drm_i915_private *dev_priv) + { + i915.enable_rc6 = sanitize_rc6_option(dev_priv, i915.enable_rc6); +--- a/drivers/gpu/drm/i915/intel_uncore.h ++++ b/drivers/gpu/drm/i915/intel_uncore.h +@@ -121,6 +121,7 @@ bool intel_uncore_arm_unclaimed_mmio_det + void intel_uncore_fini(struct drm_i915_private *dev_priv); + void intel_uncore_suspend(struct drm_i915_private *dev_priv); + void intel_uncore_resume_early(struct drm_i915_private *dev_priv); ++void intel_uncore_runtime_resume(struct drm_i915_private *dev_priv); + + u64 intel_uncore_edram_size(struct drm_i915_private *dev_priv); + void assert_forcewakes_inactive(struct drm_i915_private *dev_priv); diff --git a/queue-4.14/revert-x86-entry-64-add-missing-irqflags-tracing-to.patch b/queue-4.14/revert-x86-entry-64-add-missing-irqflags-tracing-to.patch new file mode 100644 index 00000000000..8039a5d92ab --- /dev/null +++ b/queue-4.14/revert-x86-entry-64-add-missing-irqflags-tracing-to.patch @@ -0,0 +1,70 @@ +From 0ed6c0c778e67f00978a778612862441e48cc529 Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman +Date: Mon, 4 Dec 2017 12:59:57 +0100 +Subject: [PATCH] Revert "x86/entry/64: Add missing irqflags tracing to + native_load_gs_index()" + +This reverts commit f9a64e23a9da528e7d8aa1bd2c7bb92be4ebb724 which is +commit 0d794d0d018f23fb09c50f6ae26868bd6ae343d6 upstream. + +Andy writes: + + I think the thing to do is to revert the patch from -stable. + The bug it fixes is very minor, and the regression is that it + made a pre-existing bug in some nearly-undebuggable core resume + code much easier to hit. I don't feel comfortable with a + backport of the latter fix until it has a good long soak in + Linus' tree. + +Reported-by: Andy Lutomirski +Cc: Borislav Petkov +Cc: Brian Gerst +Cc: Dave Hansen +Cc: Josh Poimboeuf +Cc: Linus Torvalds +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Cc: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/entry/entry_64.S | 10 ++-------- + 1 file changed, 2 insertions(+), 8 deletions(-) + +--- a/arch/x86/entry/entry_64.S ++++ b/arch/x86/entry/entry_64.S +@@ -51,19 +51,15 @@ ENTRY(native_usergs_sysret64) + END(native_usergs_sysret64) + #endif /* CONFIG_PARAVIRT */ + +-.macro TRACE_IRQS_FLAGS flags:req ++.macro TRACE_IRQS_IRETQ + #ifdef CONFIG_TRACE_IRQFLAGS +- bt $9, \flags /* interrupts off? */ ++ bt $9, EFLAGS(%rsp) /* interrupts off? */ + jnc 1f + TRACE_IRQS_ON + 1: + #endif + .endm + +-.macro TRACE_IRQS_IRETQ +- TRACE_IRQS_FLAGS EFLAGS(%rsp) +-.endm +- + /* + * When dynamic function tracer is enabled it will add a breakpoint + * to all locations that it is about to modify, sync CPUs, update +@@ -927,13 +923,11 @@ ENTRY(native_load_gs_index) + FRAME_BEGIN + pushfq + DISABLE_INTERRUPTS(CLBR_ANY & ~CLBR_RDI) +- TRACE_IRQS_OFF + SWAPGS + .Lgs_change: + movl %edi, %gs + 2: ALTERNATIVE "", "mfence", X86_BUG_SWAPGS_FENCE + SWAPGS +- TRACE_IRQS_FLAGS (%rsp) + popfq + FRAME_END + ret diff --git a/queue-4.14/series b/queue-4.14/series index 4c6c1d45c8e..2f563d1d026 100644 --- a/queue-4.14/series +++ b/queue-4.14/series @@ -86,3 +86,10 @@ ib-core-do-not-warn-on-lid-conversions-for-opa.patch ib-hfi1-do-not-warn-on-lid-conversions-for-opa.patch e1000e-fix-the-use-of-magic-numbers-for-buffer-overrun-issue.patch md-forbid-a-raid5-from-having-both-a-bitmap-and-a-journal.patch +drm-i915-fix-false-positive-assert_rpm_wakelock_held-in-i915_pmic_bus_access_notifier-v2.patch +drm-i915-re-register-pmic-bus-access-notifier-on-runtime-resume.patch +drm-i915-fbdev-serialise-early-hotplug-events-with-async-fbdev-config.patch +drm-i915-gvt-correct-addr_4k-2m-1g_mask-definition.patch +drm-i915-don-t-try-indexed-reads-to-alternate-slave-addresses.patch +drm-i915-prevent-zero-length-index-write.patch +revert-x86-entry-64-add-missing-irqflags-tracing-to.patch