From ecc8a1318f59bd287fd850c2481dc3a5d28ef310 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 16 Apr 2012 11:58:57 -0700
Subject: [PATCH] 3.3-stable patches

added patches:
	arm-7359-2-smp_twd-only-wait-for-reprogramming-on-active-cpus.patch
	arm-7379-1-dt-fix-atags_to_fdt-second-call-site.patch
	arm-7384-1-thumbee-disable-userspace-teehbr-access-for-config_arm_thumbee.patch
---
 ...ait-for-reprogramming-on-active-cpus.patch | 48 +++++++++++++++++
 ...dt-fix-atags_to_fdt-second-call-site.patch | 35 +++++++++++++
 ...teehbr-access-for-config_arm_thumbee.patch | 51 +++++++++++++++++++
 queue-3.3/series                              |  3 ++
 4 files changed, 137 insertions(+)
 create mode 100644 queue-3.3/arm-7359-2-smp_twd-only-wait-for-reprogramming-on-active-cpus.patch
 create mode 100644 queue-3.3/arm-7379-1-dt-fix-atags_to_fdt-second-call-site.patch
 create mode 100644 queue-3.3/arm-7384-1-thumbee-disable-userspace-teehbr-access-for-config_arm_thumbee.patch

diff --git a/queue-3.3/arm-7359-2-smp_twd-only-wait-for-reprogramming-on-active-cpus.patch b/queue-3.3/arm-7359-2-smp_twd-only-wait-for-reprogramming-on-active-cpus.patch
new file mode 100644
index 00000000000..b835b876954
--- /dev/null
+++ b/queue-3.3/arm-7359-2-smp_twd-only-wait-for-reprogramming-on-active-cpus.patch
@@ -0,0 +1,48 @@
+From 9f85550347f51c79a917b2aec04c90691c11e20a Mon Sep 17 00:00:00 2001
+From: Linus Walleij <linus.walleij@linaro.org>
+Date: Tue, 10 Apr 2012 12:37:42 +0100
+Subject: ARM: 7359/2: smp_twd: Only wait for reprogramming on active cpus
+
+From: Linus Walleij <linus.walleij@linaro.org>
+
+commit 9f85550347f51c79a917b2aec04c90691c11e20a upstream.
+
+During booting of cpu1, there is a short window where cpu1
+is online, but not active where cpu1 is occupied by waiting
+to become active. If cpu0 then decides to schedule something
+on cpu1 and wait for it to complete, before cpu0 has set
+cpu1 active, we have a deadlock.
+
+Typically it's this CPU frequency transition that happens at
+this time, so let's just not wait for it to happen, it will
+happen whenever the CPU eventually comes online instead.
+
+Cc: Peter Zijlstra <peterz@infradead.org>
+Signed-off-by: Jonas Aaberg <jonas.aberg@stericsson.com>
+Reviewed-by: Rickard Andersson <rickard.andersson@stericsson.com>
+Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
+Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/kernel/smp_twd.c |    6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+--- a/arch/arm/kernel/smp_twd.c
++++ b/arch/arm/kernel/smp_twd.c
+@@ -115,10 +115,14 @@ static int twd_cpufreq_transition(struct
+ 	 * The twd clock events must be reprogrammed to account for the new
+ 	 * frequency.  The timer is local to a cpu, so cross-call to the
+ 	 * changing cpu.
++	 *
++	 * Only wait for it to finish, if the cpu is active to avoid
++	 * deadlock when cpu1 is spinning on while(!cpu_active(cpu1)) during
++	 * booting of that cpu.
+ 	 */
+ 	if (state == CPUFREQ_POSTCHANGE || state == CPUFREQ_RESUMECHANGE)
+ 		smp_call_function_single(freqs->cpu, twd_update_frequency,
+-			NULL, 1);
++					 NULL, cpu_active(freqs->cpu));
+ 
+ 	return NOTIFY_OK;
+ }
diff --git a/queue-3.3/arm-7379-1-dt-fix-atags_to_fdt-second-call-site.patch b/queue-3.3/arm-7379-1-dt-fix-atags_to_fdt-second-call-site.patch
new file mode 100644
index 00000000000..2dde222813d
--- /dev/null
+++ b/queue-3.3/arm-7379-1-dt-fix-atags_to_fdt-second-call-site.patch
@@ -0,0 +1,35 @@
+From 9c5fd9e85f574d9d0361b2b878f55732290afe5b Mon Sep 17 00:00:00 2001
+From: Marc Zyngier <Marc.Zyngier@arm.com>
+Date: Wed, 11 Apr 2012 14:52:55 +0100
+Subject: ARM: 7379/1: DT: fix atags_to_fdt() second call site
+
+From: Marc Zyngier <Marc.Zyngier@arm.com>
+
+commit 9c5fd9e85f574d9d0361b2b878f55732290afe5b upstream.
+
+atags_to_fdt() returns 1 when it fails to find a valid FDT signature.
+The CONFIG_ARM_ATAG_DTB_COMPAT code is supposed to retry with another
+location, but only does so when the initial call doesn't fail.
+
+Fix this by using the correct condition in the assembly code.
+
+Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
+Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
+Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/boot/compressed/head.S |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/arm/boot/compressed/head.S
++++ b/arch/arm/boot/compressed/head.S
+@@ -273,7 +273,7 @@ restart:	adr	r0, LC0
+ 		add	r0, r0, #0x100
+ 		mov	r1, r6
+ 		sub	r2, sp, r6
+-		blne	atags_to_fdt
++		bleq	atags_to_fdt
+ 
+ 		ldmfd	sp!, {r0-r3, ip, lr}
+ 		sub	sp, sp, #0x10000
diff --git a/queue-3.3/arm-7384-1-thumbee-disable-userspace-teehbr-access-for-config_arm_thumbee.patch b/queue-3.3/arm-7384-1-thumbee-disable-userspace-teehbr-access-for-config_arm_thumbee.patch
new file mode 100644
index 00000000000..e80b4238e4a
--- /dev/null
+++ b/queue-3.3/arm-7384-1-thumbee-disable-userspace-teehbr-access-for-config_arm_thumbee.patch
@@ -0,0 +1,51 @@
+From 078c04545ba56da21567728a909a496df5ff730d Mon Sep 17 00:00:00 2001
+From: Jonathan Austin <Jonathan.Austin@arm.com>
+Date: Thu, 12 Apr 2012 17:45:25 +0100
+Subject: ARM: 7384/1: ThumbEE: Disable userspace TEEHBR access for !CONFIG_ARM_THUMBEE
+
+From: Jonathan Austin <Jonathan.Austin@arm.com>
+
+commit 078c04545ba56da21567728a909a496df5ff730d upstream.
+
+Currently when ThumbEE is not enabled (!CONFIG_ARM_THUMBEE) the ThumbEE
+register states are not saved/restored at context switch. The default state
+of the ThumbEE Ctrl register (TEECR) allows userspace accesses to the
+ThumbEE Base Handler register (TEEHBR). This can cause unexpected behaviour
+when people use ThumbEE on !CONFIG_ARM_THUMBEE kernels, as well as allowing
+covert communication - eg between userspace tasks running inside chroot
+jails.
+
+This patch sets up TEECR in order to prevent user-space access to TEEHBR
+when !CONFIG_ARM_THUMBEE. In this case, tasks are sent SIGILL if they try to
+access TEEHBR.
+
+Reviewed-by: Will Deacon <will.deacon@arm.com>
+Signed-off-by: Jonathan Austin <jonathan.austin@arm.com>
+Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/mm/proc-v7.S |   12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+--- a/arch/arm/mm/proc-v7.S
++++ b/arch/arm/mm/proc-v7.S
+@@ -255,6 +255,18 @@ __v7_setup:
+ 	mcr	p15, 0, r5, c10, c2, 0		@ write PRRR
+ 	mcr	p15, 0, r6, c10, c2, 1		@ write NMRR
+ #endif
++#ifndef CONFIG_ARM_THUMBEE
++	mrc	p15, 0, r0, c0, c1, 0		@ read ID_PFR0 for ThumbEE
++	and	r0, r0, #(0xf << 12)		@ ThumbEE enabled field
++	teq	r0, #(1 << 12)			@ check if ThumbEE is present
++	bne	1f
++	mov	r5, #0
++	mcr	p14, 6, r5, c1, c0, 0		@ Initialize TEEHBR to 0
++	mrc	p14, 6, r0, c0, c0, 0		@ load TEECR
++	orr	r0, r0, #1			@ set the 1st bit in order to
++	mcr	p14, 6, r0, c0, c0, 0		@ stop userspace TEEHBR access
++1:
++#endif
+ 	adr	r5, v7_crval
+ 	ldmia	r5, {r5, r6}
+ #ifdef CONFIG_CPU_ENDIAN_BE8
diff --git a/queue-3.3/series b/queue-3.3/series
index 7def5a1cc66..74e59059651 100644
--- a/queue-3.3/series
+++ b/queue-3.3/series
@@ -7,3 +7,6 @@ drm-i915-properly-compute-dp-dithering-for-user-created-modes.patch
 drm-i915-make-rc6-module-parameter-read-only.patch
 rtlwifi-preallocate-usb-read-buffers-and-eliminate-kalloc-in-read-routine.patch
 rtlwifi-add-missing-dma-buffer-unmapping-for-pci-drivers.patch
+arm-7359-2-smp_twd-only-wait-for-reprogramming-on-active-cpus.patch
+arm-7379-1-dt-fix-atags_to_fdt-second-call-site.patch
+arm-7384-1-thumbee-disable-userspace-teehbr-access-for-config_arm_thumbee.patch
-- 
2.47.3