From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 13 Oct 2015 18:20:56 +0000 (-0700)
Subject: 3.14-stable patches
X-Git-Tag: v3.10.91~89
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a52cb9f516514ccb8b3aab92376ae2d72febab56;p=thirdparty%2Fkernel%2Fstable-queue.git

3.14-stable patches

added patches:
	kvm-fix-zero-length-mmio-searching.patch
---

diff --git a/queue-3.10/series b/queue-3.10/series
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/queue-3.14/kvm-fix-zero-length-mmio-searching.patch b/queue-3.14/kvm-fix-zero-length-mmio-searching.patch
new file mode 100644
index 00000000000..29430c1bd10
--- /dev/null
+++ b/queue-3.14/kvm-fix-zero-length-mmio-searching.patch
@@ -0,0 +1,57 @@
+From 8f4216c7d28976f7ec1b2bcbfa0a9f787133c45e Mon Sep 17 00:00:00 2001
+From: Jason Wang <jasowang@redhat.com>
+Date: Tue, 15 Sep 2015 14:41:57 +0800
+Subject: kvm: fix zero length mmio searching
+
+From: Jason Wang <jasowang@redhat.com>
+
+commit 8f4216c7d28976f7ec1b2bcbfa0a9f787133c45e upstream.
+
+Currently, if we had a zero length mmio eventfd assigned on
+KVM_MMIO_BUS. It will never be found by kvm_io_bus_cmp() since it
+always compares the kvm_io_range() with the length that guest
+wrote. This will cause e.g for vhost, kick will be trapped by qemu
+userspace instead of vhost. Fixing this by using zero length if an
+iodevice is zero length.
+
+Cc: Gleb Natapov <gleb@kernel.org>
+Cc: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Jason Wang <jasowang@redhat.com>
+Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ virt/kvm/kvm_main.c |   19 +++++++++++++++++--
+ 1 file changed, 17 insertions(+), 2 deletions(-)
+
+--- a/virt/kvm/kvm_main.c
++++ b/virt/kvm/kvm_main.c
+@@ -2797,10 +2797,25 @@ static void kvm_io_bus_destroy(struct kv
+ static inline int kvm_io_bus_cmp(const struct kvm_io_range *r1,
+                                  const struct kvm_io_range *r2)
+ {
+-	if (r1->addr < r2->addr)
++	gpa_t addr1 = r1->addr;
++	gpa_t addr2 = r2->addr;
++
++	if (addr1 < addr2)
+ 		return -1;
+-	if (r1->addr + r1->len > r2->addr + r2->len)
++
++	/* If r2->len == 0, match the exact address.  If r2->len != 0,
++	 * accept any overlapping write.  Any order is acceptable for
++	 * overlapping ranges, because kvm_io_bus_get_first_dev ensures
++	 * we process all of them.
++	 */
++	if (r2->len) {
++		addr1 += r1->len;
++		addr2 += r2->len;
++	}
++
++	if (addr1 > addr2)
+ 		return 1;
++
+ 	return 0;
+ }
+ 
diff --git a/queue-3.14/series b/queue-3.14/series
new file mode 100644
index 00000000000..4aaa79bd438
--- /dev/null
+++ b/queue-3.14/series
@@ -0,0 +1 @@
+kvm-fix-zero-length-mmio-searching.patch
diff --git a/queue-4.1/series b/queue-4.1/series
new file mode 100644
index 00000000000..6aa09e85a7f
--- /dev/null
+++ b/queue-4.1/series
@@ -0,0 +1,10 @@
+arm-kvm-fix-incorrect-device-to-ipa-mapping.patch
+kvm-vmx-fix-vpid-is-0000h-in-non-root-operation.patch
+kvm-don-t-try-to-register-to-kvm_fast_mmio_bus-for-non-mmio-eventfd.patch
+kvm-fix-zero-length-mmio-searching.patch
+kvm-factor-out-core-eventfd-assign-deassign-logic.patch
+kvm-fix-double-free-for-fast-mmio-eventfd.patch
+arm-kvm-disable-virtual-timer-even-if-the-guest-is-not-using-it.patch
+kvm-ppc-book3s-take-the-kvm-srcu-lock-in-kvmppc_h_logical_ci_load-store.patch
+kvm-ppc-book3s-hv-pass-the-correct-trap-argument-to-kvmhv_commence_exit.patch
+time-fix-timekeeping_freqadjust-s-incorrect-use-of-abs-instead-of-abs64.patch
diff --git a/queue-4.2/series b/queue-4.2/series
new file mode 100644
index 00000000000..a3f2b56476b
--- /dev/null
+++ b/queue-4.2/series
@@ -0,0 +1,15 @@
+arm-kvm-fix-incorrect-device-to-ipa-mapping.patch
+kvm-vmx-fix-vpid-is-0000h-in-non-root-operation.patch
+kvm-don-t-try-to-register-to-kvm_fast_mmio_bus-for-non-mmio-eventfd.patch
+kvm-fix-zero-length-mmio-searching.patch
+kvm-factor-out-core-eventfd-assign-deassign-logic.patch
+kvm-fix-double-free-for-fast-mmio-eventfd.patch
+arm-kvm-disable-virtual-timer-even-if-the-guest-is-not-using-it.patch
+kvm-svm-reset-mmu-on-vcpu-reset.patch
+kvm-x86-trap-amd-msrs-for-the-tseg-base-and-mask.patch
+kvm-ppc-book3s-take-the-kvm-srcu-lock-in-kvmppc_h_logical_ci_load-store.patch
+kvm-ppc-book3s-hv-pass-the-correct-trap-argument-to-kvmhv_commence_exit.patch
+revert-kvm-x86-apply-guest-mtrr-virtualization-on-host-reserved-pages.patch
+revert-kvm-svm-use-npt-page-attributes.patch
+revert-kvm-svm-sync-g_pat-with-guest-written-pat-value.patch
+time-fix-timekeeping_freqadjust-s-incorrect-use-of-abs-instead-of-abs64.patch