From 059d285c7a873352dfe76d74b13021bf09a48d41 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Thu, 14 Dec 2017 22:26:56 +0100
Subject: [PATCH] 4.9-stable patches

added patches:
	kvm-arm-arm64-vgic-its-preserve-the-revious-read-from-the-pending-table.patch
---
 ...-revious-read-from-the-pending-table.patch | 46 +++++++++++++++++++
 queue-4.9/series                              |  1 +
 2 files changed, 47 insertions(+)
 create mode 100644 queue-4.9/kvm-arm-arm64-vgic-its-preserve-the-revious-read-from-the-pending-table.patch

diff --git a/queue-4.9/kvm-arm-arm64-vgic-its-preserve-the-revious-read-from-the-pending-table.patch b/queue-4.9/kvm-arm-arm64-vgic-its-preserve-the-revious-read-from-the-pending-table.patch
new file mode 100644
index 00000000000..61cd58c1b3c
--- /dev/null
+++ b/queue-4.9/kvm-arm-arm64-vgic-its-preserve-the-revious-read-from-the-pending-table.patch
@@ -0,0 +1,46 @@
+From 64afe6e9eb4841f35317da4393de21a047a883b3 Mon Sep 17 00:00:00 2001
+From: Marc Zyngier <marc.zyngier@arm.com>
+Date: Thu, 16 Nov 2017 17:58:17 +0000
+Subject: KVM: arm/arm64: vgic-its: Preserve the revious read from the pending table
+
+From: Marc Zyngier <marc.zyngier@arm.com>
+
+commit 64afe6e9eb4841f35317da4393de21a047a883b3 upstream.
+
+The current pending table parsing code assumes that we keep the
+previous read of the pending bits, but keep that variable in
+the current block, making sure it is discarded on each loop.
+
+We end-up using whatever is on the stack. Who knows, it might
+just be the right thing...
+
+Fixes: 33d3bc9556a7d ("KVM: arm64: vgic-its: Read initial LPI pending table")
+Cc: stable@vger.kernel.org # 4.8
+Reported-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
+Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
+Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
+Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ virt/kvm/arm/vgic/vgic-its.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/virt/kvm/arm/vgic/vgic-its.c
++++ b/virt/kvm/arm/vgic/vgic-its.c
+@@ -322,6 +322,7 @@ static int its_sync_lpi_pending_table(st
+ 	int ret = 0;
+ 	u32 *intids;
+ 	int nr_irqs, i;
++	u8 pendmask;
+ 
+ 	nr_irqs = vgic_copy_lpi_list(vcpu->kvm, &intids);
+ 	if (nr_irqs < 0)
+@@ -329,7 +330,6 @@ static int its_sync_lpi_pending_table(st
+ 
+ 	for (i = 0; i < nr_irqs; i++) {
+ 		int byte_offset, bit_nr;
+-		u8 pendmask;
+ 
+ 		byte_offset = intids[i] / BITS_PER_BYTE;
+ 		bit_nr = intids[i] % BITS_PER_BYTE;
diff --git a/queue-4.9/series b/queue-4.9/series
index add074afc05..8e6aff427c6 100644
--- a/queue-4.9/series
+++ b/queue-4.9/series
@@ -18,3 +18,4 @@ ipmi-stop-timers-before-cleaning-up-the-module.patch
 s390-always-save-and-restore-all-registers-on-context-switch.patch
 usb-gadget-ffs-forbid-usb_ep_alloc_request-from-sleeping.patch
 fix-kcm_clone.patch
+kvm-arm-arm64-vgic-its-preserve-the-revious-read-from-the-pending-table.patch
-- 
2.47.3