From: Greg Kroah-Hartman Date: Mon, 14 Oct 2013 21:07:14 +0000 (-0700) Subject: 3.11-stable patches X-Git-Tag: v3.10.17~21 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f70c4f3b7f82de59dfe0354b49d049e254e6b1b7;p=thirdparty%2Fkernel%2Fstable-queue.git 3.11-stable patches added patches: arc-fix-32-bit-wrap-around-in-access_ok.patch arc-fix-signal-frame-management-for-sa_siginfo.patch arc-fix-__udelay-calculation.patch arc-handle-zero-overhead-loop-in-unaligned-access-handler.patch arc-ignore-ptrace-setregset-request-for-synthetic-register-stop_pc.patch arc-workaround-spinlock-livelock-in-smp-systemc-simulation.patch --- diff --git a/queue-3.11/arc-fix-32-bit-wrap-around-in-access_ok.patch b/queue-3.11/arc-fix-32-bit-wrap-around-in-access_ok.patch new file mode 100644 index 00000000000..12110362988 --- /dev/null +++ b/queue-3.11/arc-fix-32-bit-wrap-around-in-access_ok.patch @@ -0,0 +1,50 @@ +From 0752adfda15f0eca9859a76da3db1800e129ad43 Mon Sep 17 00:00:00 2001 +From: Vineet Gupta +Date: Thu, 26 Sep 2013 18:50:40 +0530 +Subject: ARC: Fix 32-bit wrap around in access_ok() + +From: Vineet Gupta + +commit 0752adfda15f0eca9859a76da3db1800e129ad43 upstream. + +Anton reported + + | LTP tests syscalls/process_vm_readv01 and process_vm_writev01 fail + | similarly in one testcase test_iov_invalid -> lvec->iov_base. + | Testcase expects errno EFAULT and return code -1, + | but it gets return code 1 and ERRNO is 0 what means success. + +Essentially test case was passing a pointer of -1 which access_ok() +was not catching. It was doing [@addr + @sz <= TASK_SIZE] which would +pass for @addr == -1 + +Fixed that by rewriting as [@addr <= TASK_SIZE - @sz] + +Reported-by: Anton Kolesov +Signed-off-by: Vineet Gupta +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arc/include/asm/uaccess.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/arch/arc/include/asm/uaccess.h ++++ b/arch/arc/include/asm/uaccess.h +@@ -43,7 +43,7 @@ + * Because it essentially checks if buffer end is within limit and @len is + * non-ngeative, which implies that buffer start will be within limit too. + * +- * The reason for rewriting being, for majorit yof cases, @len is generally ++ * The reason for rewriting being, for majority of cases, @len is generally + * compile time constant, causing first sub-expression to be compile time + * subsumed. + * +@@ -53,7 +53,7 @@ + * + */ + #define __user_ok(addr, sz) (((sz) <= TASK_SIZE) && \ +- (((addr)+(sz)) <= get_fs())) ++ ((addr) <= (get_fs() - (sz)))) + #define __access_ok(addr, sz) (unlikely(__kernel_ok) || \ + likely(__user_ok((addr), (sz)))) + diff --git a/queue-3.11/arc-fix-__udelay-calculation.patch b/queue-3.11/arc-fix-__udelay-calculation.patch new file mode 100644 index 00000000000..b5fd0528773 --- /dev/null +++ b/queue-3.11/arc-fix-__udelay-calculation.patch @@ -0,0 +1,41 @@ +From 7efd0da2d17360e1cef91507dbe619db0ee2c691 Mon Sep 17 00:00:00 2001 +From: Mischa Jonker +Date: Fri, 30 Aug 2013 11:56:25 +0200 +Subject: ARC: Fix __udelay calculation + +From: Mischa Jonker + +commit 7efd0da2d17360e1cef91507dbe619db0ee2c691 upstream. + +Cast usecs to u64, to ensure that the (usecs * 4295 * HZ) +multiplication is 64 bit. + +Initially, the (usecs * 4295 * HZ) part was done as a 32 bit +multiplication, with the result casted to 64 bit. This led to some bits +falling off, causing a "DMA initialization error" in the stmmac Ethernet +driver, due to a premature timeout. + +Signed-off-by: Mischa Jonker +Signed-off-by: Vineet Gupta +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arc/include/asm/delay.h | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +--- a/arch/arc/include/asm/delay.h ++++ b/arch/arc/include/asm/delay.h +@@ -53,11 +53,10 @@ static inline void __udelay(unsigned lon + { + unsigned long loops; + +- /* (long long) cast ensures 64 bit MPY - real or emulated ++ /* (u64) cast ensures 64 bit MPY - real or emulated + * HZ * 4295 is pre-evaluated by gcc - hence only 2 mpy ops + */ +- loops = ((long long)(usecs * 4295 * HZ) * +- (long long)(loops_per_jiffy)) >> 32; ++ loops = ((u64) usecs * 4295 * HZ * loops_per_jiffy) >> 32; + + __delay(loops); + } diff --git a/queue-3.11/arc-fix-signal-frame-management-for-sa_siginfo.patch b/queue-3.11/arc-fix-signal-frame-management-for-sa_siginfo.patch new file mode 100644 index 00000000000..a5ab33b5045 --- /dev/null +++ b/queue-3.11/arc-fix-signal-frame-management-for-sa_siginfo.patch @@ -0,0 +1,86 @@ +From 10469350e345599dfef3fa78a7c19fb230e674c1 Mon Sep 17 00:00:00 2001 +From: Christian Ruppert +Date: Wed, 2 Oct 2013 11:13:38 +0200 +Subject: ARC: Fix signal frame management for SA_SIGINFO + +From: Christian Ruppert + +commit 10469350e345599dfef3fa78a7c19fb230e674c1 upstream. + +Previously, when a signal was registered with SA_SIGINFO, parameters 2 +and 3 of the signal handler were written to registers r1 and r2 before +the register set was saved. This led to corruption of these two +registers after returning from the signal handler (the wrong values were +restored). +With this patch, registers are now saved before any parameters are +passed, thus maintaining the processor state from before signal entry. + +Signed-off-by: Christian Ruppert +Signed-off-by: Vineet Gupta +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arc/kernel/signal.c | 25 +++++++++++++------------ + 1 file changed, 13 insertions(+), 12 deletions(-) + +--- a/arch/arc/kernel/signal.c ++++ b/arch/arc/kernel/signal.c +@@ -101,7 +101,6 @@ SYSCALL_DEFINE0(rt_sigreturn) + { + struct rt_sigframe __user *sf; + unsigned int magic; +- int err; + struct pt_regs *regs = current_pt_regs(); + + /* Always make any pending restarted system calls return -EINTR */ +@@ -119,15 +118,16 @@ SYSCALL_DEFINE0(rt_sigreturn) + if (!access_ok(VERIFY_READ, sf, sizeof(*sf))) + goto badframe; + +- err = restore_usr_regs(regs, sf); +- err |= __get_user(magic, &sf->sigret_magic); +- if (err) ++ if (__get_user(magic, &sf->sigret_magic)) + goto badframe; + + if (unlikely(is_do_ss_needed(magic))) + if (restore_altstack(&sf->uc.uc_stack)) + goto badframe; + ++ if (restore_usr_regs(regs, sf)) ++ goto badframe; ++ + /* Don't restart from sigreturn */ + syscall_wont_restart(regs); + +@@ -191,6 +191,15 @@ setup_rt_frame(int signo, struct k_sigac + return 1; + + /* ++ * w/o SA_SIGINFO, struct ucontext is partially populated (only ++ * uc_mcontext/uc_sigmask) for kernel's normal user state preservation ++ * during signal handler execution. This works for SA_SIGINFO as well ++ * although the semantics are now overloaded (the same reg state can be ++ * inspected by userland: but are they allowed to fiddle with it ? ++ */ ++ err |= stash_usr_regs(sf, regs, set); ++ ++ /* + * SA_SIGINFO requires 3 args to signal handler: + * #1: sig-no (common to any handler) + * #2: struct siginfo +@@ -213,14 +222,6 @@ setup_rt_frame(int signo, struct k_sigac + magic = MAGIC_SIGALTSTK; + } + +- /* +- * w/o SA_SIGINFO, struct ucontext is partially populated (only +- * uc_mcontext/uc_sigmask) for kernel's normal user state preservation +- * during signal handler execution. This works for SA_SIGINFO as well +- * although the semantics are now overloaded (the same reg state can be +- * inspected by userland: but are they allowed to fiddle with it ? +- */ +- err |= stash_usr_regs(sf, regs, set); + err |= __put_user(magic, &sf->sigret_magic); + if (err) + return err; diff --git a/queue-3.11/arc-handle-zero-overhead-loop-in-unaligned-access-handler.patch b/queue-3.11/arc-handle-zero-overhead-loop-in-unaligned-access-handler.patch new file mode 100644 index 00000000000..f263ab7aeac --- /dev/null +++ b/queue-3.11/arc-handle-zero-overhead-loop-in-unaligned-access-handler.patch @@ -0,0 +1,37 @@ +From c11eb222fd7d4db91196121dbf854178505d2751 Mon Sep 17 00:00:00 2001 +From: Mischa Jonker +Date: Thu, 26 Sep 2013 15:44:56 +0200 +Subject: ARC: Handle zero-overhead-loop in unaligned access handler + +From: Mischa Jonker + +commit c11eb222fd7d4db91196121dbf854178505d2751 upstream. + +If a load or store is the last instruction in a zero-overhead-loop, and +it's misaligned, the loop would execute only once. + +This fixes that problem. + +Signed-off-by: Mischa Jonker +Signed-off-by: Vineet Gupta +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arc/kernel/unaligned.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/arch/arc/kernel/unaligned.c ++++ b/arch/arc/kernel/unaligned.c +@@ -233,6 +233,12 @@ int misaligned_fixup(unsigned long addre + regs->status32 &= ~STATUS_DE_MASK; + } else { + regs->ret += state.instr_len; ++ ++ /* handle zero-overhead-loop */ ++ if ((regs->ret == regs->lp_end) && (regs->lp_count)) { ++ regs->ret = regs->lp_start; ++ regs->lp_count--; ++ } + } + + return 0; diff --git a/queue-3.11/arc-ignore-ptrace-setregset-request-for-synthetic-register-stop_pc.patch b/queue-3.11/arc-ignore-ptrace-setregset-request-for-synthetic-register-stop_pc.patch new file mode 100644 index 00000000000..40769374f57 --- /dev/null +++ b/queue-3.11/arc-ignore-ptrace-setregset-request-for-synthetic-register-stop_pc.patch @@ -0,0 +1,47 @@ +From 5b24282846c064ee90d40fcb3a8f63b8e754fd28 Mon Sep 17 00:00:00 2001 +From: Vineet Gupta +Date: Thu, 10 Oct 2013 19:33:57 +0530 +Subject: ARC: Ignore ptrace SETREGSET request for synthetic register "stop_pc" + +From: Vineet Gupta + +commit 5b24282846c064ee90d40fcb3a8f63b8e754fd28 upstream. + +ARCompact TRAP_S insn used for breakpoints, commits before exception is +taken (updating architectural PC). So ptregs->ret contains next-PC and +not the breakpoint PC itself. This is different from other restartable +exceptions such as TLB Miss where ptregs->ret has exact faulting PC. +gdb needs to know exact-PC hence ARC ptrace GETREGSET provides for +@stop_pc which returns ptregs->ret vs. EFA depending on the +situation. + +However, writing stop_pc (SETREGSET request), which updates ptregs->ret +doesn't makes sense stop_pc doesn't always correspond to that reg as +described above. + +This was not an issue so far since user_regs->ret / user_regs->stop_pc +had same value and both writing to ptregs->ret was OK, needless, but NOT +broken, hence not observed. + +With gdb "jump", they diverge, and user_regs->ret updating ptregs is +overwritten immediately with stop_pc, which this patch fixes. + +Reported-by: Anton Kolesov +Signed-off-by: Vineet Gupta +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arc/kernel/ptrace.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/arc/kernel/ptrace.c ++++ b/arch/arc/kernel/ptrace.c +@@ -102,7 +102,7 @@ static int genregs_set(struct task_struc + REG_IGNORE_ONE(pad2); + REG_IN_CHUNK(callee, efa, cregs); /* callee_regs[r25..r13] */ + REG_IGNORE_ONE(efa); /* efa update invalid */ +- REG_IN_ONE(stop_pc, &ptregs->ret); /* stop_pc: PC update */ ++ REG_IGNORE_ONE(stop_pc); /* PC updated via @ret */ + + return ret; + } diff --git a/queue-3.11/arc-workaround-spinlock-livelock-in-smp-systemc-simulation.patch b/queue-3.11/arc-workaround-spinlock-livelock-in-smp-systemc-simulation.patch new file mode 100644 index 00000000000..cceb4932c74 --- /dev/null +++ b/queue-3.11/arc-workaround-spinlock-livelock-in-smp-systemc-simulation.patch @@ -0,0 +1,86 @@ +From 6c00350b573c0bd3635436e43e8696951dd6e1b6 Mon Sep 17 00:00:00 2001 +From: Vineet Gupta +Date: Wed, 25 Sep 2013 16:53:32 +0530 +Subject: ARC: Workaround spinlock livelock in SMP SystemC simulation + +From: Vineet Gupta + +commit 6c00350b573c0bd3635436e43e8696951dd6e1b6 upstream. + +Some ARC SMP systems lack native atomic R-M-W (LLOCK/SCOND) insns and +can only use atomic EX insn (reg with mem) to build higher level R-M-W +primitives. This includes a SystemC based SMP simulation model. + +So rwlocks need to use a protecting spinlock for atomic cmp-n-exchange +operation to update reader(s)/writer count. + +The spinlock operation itself looks as follows: + + mov reg, 1 ; 1=locked, 0=unlocked +retry: + EX reg, [lock] ; load existing, store 1, atomically + BREQ reg, 1, rety ; if already locked, retry + +In single-threaded simulation, SystemC alternates between the 2 cores +with "N" insn each based scheduling. Additionally for insn with global +side effect, such as EX writing to shared mem, a core switch is +enforced too. + +Given that, 2 cores doing a repeated EX on same location, Linux often +got into a livelock e.g. when both cores were fiddling with tasklist +lock (gdbserver / hackbench) for read/write respectively as the +sequence diagram below shows: + + core1 core2 + -------- -------- +1. spin lock [EX r=0, w=1] - LOCKED +2. rwlock(Read) - LOCKED +3. spin unlock [ST 0] - UNLOCKED + spin lock [EX r=0,w=1] - LOCKED + -- resched core 1---- + +5. spin lock [EX r=1] - ALREADY-LOCKED + + -- resched core 2---- +6. rwlock(Write) - READER-LOCKED +7. spin unlock [ST 0] +8. rwlock failed, retry again + +9. spin lock [EX r=0, w=1] + -- resched core 1---- + +10 spinlock locked in #9, retry #5 +11. spin lock [EX gets 1] + -- resched core 2---- +... +... + +The fix was to unlock using the EX insn too (step 7), to trigger another +SystemC scheduling pass which would let core1 proceed, eliding the +livelock. + +Signed-off-by: Vineet Gupta +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arc/include/asm/spinlock.h | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +--- a/arch/arc/include/asm/spinlock.h ++++ b/arch/arc/include/asm/spinlock.h +@@ -45,7 +45,14 @@ static inline int arch_spin_trylock(arch + + static inline void arch_spin_unlock(arch_spinlock_t *lock) + { +- lock->slock = __ARCH_SPIN_LOCK_UNLOCKED__; ++ unsigned int tmp = __ARCH_SPIN_LOCK_UNLOCKED__; ++ ++ __asm__ __volatile__( ++ " ex %0, [%1] \n" ++ : "+r" (tmp) ++ : "r"(&(lock->slock)) ++ : "memory"); ++ + smp_mb(); + } + diff --git a/queue-3.11/series b/queue-3.11/series index abe1daf6c8d..a3113dc5ee8 100644 --- a/queue-3.11/series +++ b/queue-3.11/series @@ -10,3 +10,9 @@ btrfs-use-right-root-when-checking-for-hash-collision.patch ext4-fix-memory-leak-in-xattr.patch kvm-ppc-book3s-hv-fix-typo-in-saving-dscr.patch parisc-fix-interruption-handler-to-respect-pagefault_disable.patch +arc-fix-__udelay-calculation.patch +arc-handle-zero-overhead-loop-in-unaligned-access-handler.patch +arc-fix-32-bit-wrap-around-in-access_ok.patch +arc-workaround-spinlock-livelock-in-smp-systemc-simulation.patch +arc-fix-signal-frame-management-for-sa_siginfo.patch +arc-ignore-ptrace-setregset-request-for-synthetic-register-stop_pc.patch