From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 24 Oct 2017 10:26:19 +0000 (+0200)
Subject: 3.18-stable patches
X-Git-Tag: v3.18.78~10
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9dca263361ede56e8770ec9d5b48c6925c34fbee;p=thirdparty%2Fkernel%2Fstable-queue.git

3.18-stable patches

added patches:
	parisc-avoid-trashing-sr2-and-sr3-in-lws-code.patch
	parisc-fix-double-word-compare-and-exchange-in-lws-code-on-32-bit-kernels.patch
---

diff --git a/queue-3.18/parisc-avoid-trashing-sr2-and-sr3-in-lws-code.patch b/queue-3.18/parisc-avoid-trashing-sr2-and-sr3-in-lws-code.patch
new file mode 100644
index 00000000000..1469c2ecd68
--- /dev/null
+++ b/queue-3.18/parisc-avoid-trashing-sr2-and-sr3-in-lws-code.patch
@@ -0,0 +1,169 @@
+From f4125cfdb3008363137f744c101e5d76ead760ba Mon Sep 17 00:00:00 2001
+From: John David Anglin <dave.anglin@bell.net>
+Date: Fri, 28 Oct 2016 22:13:42 +0200
+Subject: parisc: Avoid trashing sr2 and sr3 in LWS code
+
+From: John David Anglin <dave.anglin@bell.net>
+
+commit f4125cfdb3008363137f744c101e5d76ead760ba upstream.
+
+There is no need to trash sr2 and sr3 in the Light-weight syscall (LWS).  sr2
+already points to kernel space (it's zero in userspace, otherwise syscalls
+wouldn't work), and since the LWS code is executed in userspace, we can simply
+ignore to preload sr3.
+
+Signed-off-by: John David Anglin <dave.anglin@bell.net>
+Signed-off-by: Helge Deller <deller@gmx.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/parisc/kernel/syscall.S |   53 +++++++++++++++++++------------------------
+ 1 file changed, 24 insertions(+), 29 deletions(-)
+
+--- a/arch/parisc/kernel/syscall.S
++++ b/arch/parisc/kernel/syscall.S
+@@ -479,11 +479,6 @@ lws_start:
+ 	comiclr,>>	__NR_lws_entries, %r20, %r0
+ 	b,n	lws_exit_nosys
+ 
+-	/* WARNING: Trashing sr2 and sr3 */
+-	mfsp	%sr7,%r1			/* get userspace into sr3 */
+-	mtsp	%r1,%sr3
+-	mtsp	%r0,%sr2			/* get kernel space into sr2 */
+-
+ 	/* Load table start */
+ 	ldil	L%lws_table, %r1
+ 	ldo	R%lws_table(%r1), %r28	/* Scratch use of r28 */
+@@ -632,9 +627,9 @@ cas_action:
+ 	stw	%r1, 4(%sr2,%r20)
+ #endif
+ 	/* The load and store could fail */
+-1:	ldw,ma	0(%sr3,%r26), %r28
++1:	ldw,ma	0(%r26), %r28
+ 	sub,<>	%r28, %r25, %r0
+-2:	stw,ma	%r24, 0(%sr3,%r26)
++2:	stw,ma	%r24, 0(%r26)
+ 	/* Free lock */
+ 	stw,ma	%r20, 0(%sr2,%r20)
+ #if ENABLE_LWS_DEBUG
+@@ -711,9 +706,9 @@ lws_compare_and_swap_2:
+ 	nop
+ 
+ 	/* 8bit load */
+-4:	ldb	0(%sr3,%r25), %r25
++4:	ldb	0(%r25), %r25
+ 	b	cas2_lock_start
+-5:	ldb	0(%sr3,%r24), %r24
++5:	ldb	0(%r24), %r24
+ 	nop
+ 	nop
+ 	nop
+@@ -721,9 +716,9 @@ lws_compare_and_swap_2:
+ 	nop
+ 
+ 	/* 16bit load */
+-6:	ldh	0(%sr3,%r25), %r25
++6:	ldh	0(%r25), %r25
+ 	b	cas2_lock_start
+-7:	ldh	0(%sr3,%r24), %r24
++7:	ldh	0(%r24), %r24
+ 	nop
+ 	nop
+ 	nop
+@@ -731,9 +726,9 @@ lws_compare_and_swap_2:
+ 	nop
+ 
+ 	/* 32bit load */
+-8:	ldw	0(%sr3,%r25), %r25
++8:	ldw	0(%r25), %r25
+ 	b	cas2_lock_start
+-9:	ldw	0(%sr3,%r24), %r24
++9:	ldw	0(%r24), %r24
+ 	nop
+ 	nop
+ 	nop
+@@ -742,14 +737,14 @@ lws_compare_and_swap_2:
+ 
+ 	/* 64bit load */
+ #ifdef CONFIG_64BIT
+-10:	ldd	0(%sr3,%r25), %r25
+-11:	ldd	0(%sr3,%r24), %r24
++10:	ldd	0(%r25), %r25
++11:	ldd	0(%r24), %r24
+ #else
+ 	/* Load new value into r22/r23 - high/low */
+-10:	ldw	0(%sr3,%r25), %r22
+-11:	ldw	4(%sr3,%r25), %r23
++10:	ldw	0(%r25), %r22
++11:	ldw	4(%r25), %r23
+ 	/* Load new value into fr4 for atomic store later */
+-12:	flddx	0(%sr3,%r24), %fr4
++12:	flddx	0(%r24), %fr4
+ #endif
+ 
+ cas2_lock_start:
+@@ -799,30 +794,30 @@ cas2_action:
+ 	ldo	1(%r0),%r28
+ 
+ 	/* 8bit CAS */
+-13:	ldb,ma	0(%sr3,%r26), %r29
++13:	ldb,ma	0(%r26), %r29
+ 	sub,=	%r29, %r25, %r0
+ 	b,n	cas2_end
+-14:	stb,ma	%r24, 0(%sr3,%r26)
++14:	stb,ma	%r24, 0(%r26)
+ 	b	cas2_end
+ 	copy	%r0, %r28
+ 	nop
+ 	nop
+ 
+ 	/* 16bit CAS */
+-15:	ldh,ma	0(%sr3,%r26), %r29
++15:	ldh,ma	0(%r26), %r29
+ 	sub,=	%r29, %r25, %r0
+ 	b,n	cas2_end
+-16:	sth,ma	%r24, 0(%sr3,%r26)
++16:	sth,ma	%r24, 0(%r26)
+ 	b	cas2_end
+ 	copy	%r0, %r28
+ 	nop
+ 	nop
+ 
+ 	/* 32bit CAS */
+-17:	ldw,ma	0(%sr3,%r26), %r29
++17:	ldw,ma	0(%r26), %r29
+ 	sub,=	%r29, %r25, %r0
+ 	b,n	cas2_end
+-18:	stw,ma	%r24, 0(%sr3,%r26)
++18:	stw,ma	%r24, 0(%r26)
+ 	b	cas2_end
+ 	copy	%r0, %r28
+ 	nop
+@@ -830,22 +825,22 @@ cas2_action:
+ 
+ 	/* 64bit CAS */
+ #ifdef CONFIG_64BIT
+-19:	ldd,ma	0(%sr3,%r26), %r29
++19:	ldd,ma	0(%r26), %r29
+ 	sub,*=	%r29, %r25, %r0
+ 	b,n	cas2_end
+-20:	std,ma	%r24, 0(%sr3,%r26)
++20:	std,ma	%r24, 0(%r26)
+ 	copy	%r0, %r28
+ #else
+ 	/* Compare first word */
+-19:	ldw,ma	0(%sr3,%r26), %r29
++19:	ldw,ma	0(%r26), %r29
+ 	sub,=	%r29, %r22, %r0
+ 	b,n	cas2_end
+ 	/* Compare second word */
+-20:	ldw,ma	4(%sr3,%r26), %r29
++20:	ldw,ma	4(%r26), %r29
+ 	sub,=	%r29, %r23, %r0
+ 	b,n	cas2_end
+ 	/* Perform the store */
+-21:	fstdx	%fr4, 0(%sr3,%r26)
++21:	fstdx	%fr4, 0(%r26)
+ 	copy	%r0, %r28
+ #endif
+ 
diff --git a/queue-3.18/parisc-fix-double-word-compare-and-exchange-in-lws-code-on-32-bit-kernels.patch b/queue-3.18/parisc-fix-double-word-compare-and-exchange-in-lws-code-on-32-bit-kernels.patch
new file mode 100644
index 00000000000..bad0dfc79a4
--- /dev/null
+++ b/queue-3.18/parisc-fix-double-word-compare-and-exchange-in-lws-code-on-32-bit-kernels.patch
@@ -0,0 +1,55 @@
+From 374b3bf8e8b519f61eb9775888074c6e46b3bf0c Mon Sep 17 00:00:00 2001
+From: John David Anglin <dave.anglin@bell.net>
+Date: Sat, 30 Sep 2017 17:24:23 -0400
+Subject: parisc: Fix double-word compare and exchange in LWS code on 32-bit kernels
+
+From: John David Anglin <dave.anglin@bell.net>
+
+commit 374b3bf8e8b519f61eb9775888074c6e46b3bf0c upstream.
+
+As discussed on the debian-hppa list, double-wordcompare and exchange
+operations fail on 32-bit kernels.  Looking at the code, I realized that
+the ",ma" completer does the wrong thing in the  "ldw,ma  4(%r26), %r29"
+instruction.  This increments %r26 and causes the following store to
+write to the wrong location.
+
+Note by Helge Deller:
+The patch applies cleanly to stable kernel series if this upstream
+commit is merged in advance:
+f4125cfdb300 ("parisc: Avoid trashing sr2 and sr3 in LWS code").
+
+Signed-off-by: John David Anglin <dave.anglin@bell.net>
+Tested-by: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
+Fixes: 89206491201c ("parisc: Implement new LWS CAS supporting 64 bit operations.")
+Signed-off-by: Helge Deller <deller@gmx.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/parisc/kernel/syscall.S |    6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/arch/parisc/kernel/syscall.S
++++ b/arch/parisc/kernel/syscall.S
+@@ -740,7 +740,7 @@ lws_compare_and_swap_2:
+ 10:	ldd	0(%r25), %r25
+ 11:	ldd	0(%r24), %r24
+ #else
+-	/* Load new value into r22/r23 - high/low */
++	/* Load old value into r22/r23 - high/low */
+ 10:	ldw	0(%r25), %r22
+ 11:	ldw	4(%r25), %r23
+ 	/* Load new value into fr4 for atomic store later */
+@@ -832,11 +832,11 @@ cas2_action:
+ 	copy	%r0, %r28
+ #else
+ 	/* Compare first word */
+-19:	ldw,ma	0(%r26), %r29
++19:	ldw	0(%r26), %r29
+ 	sub,=	%r29, %r22, %r0
+ 	b,n	cas2_end
+ 	/* Compare second word */
+-20:	ldw,ma	4(%r26), %r29
++20:	ldw	4(%r26), %r29
+ 	sub,=	%r29, %r23, %r0
+ 	b,n	cas2_end
+ 	/* Perform the store */
diff --git a/queue-3.18/series b/queue-3.18/series
index ad5d9067795..02e6ee1e7d8 100644
--- a/queue-3.18/series
+++ b/queue-3.18/series
@@ -15,3 +15,5 @@ keys-encrypted-fix-dereference-of-null-user_key_payload.patch
 lib-digsig-fix-dereference-of-null-user_key_payload.patch
 keys-don-t-let-add_key-update-an-uninstantiated-key.patch
 cls_api.c-fix-dumping-of-non-existing-actions-stats.patch
+parisc-avoid-trashing-sr2-and-sr3-in-lws-code.patch
+parisc-fix-double-word-compare-and-exchange-in-lws-code-on-32-bit-kernels.patch