--- /dev/null
+From 5a07168d8d89b00fe1760120714378175b3ef992 Mon Sep 17 00:00:00 2001
+From: Chen Jie <chenjie6@huawei.com>
+Date: Fri, 15 Mar 2019 03:44:38 +0000
+Subject: futex: Ensure that futex address is aligned in handle_futex_death()
+
+From: Chen Jie <chenjie6@huawei.com>
+
+commit 5a07168d8d89b00fe1760120714378175b3ef992 upstream.
+
+The futex code requires that the user space addresses of futexes are 32bit
+aligned. sys_futex() checks this in futex_get_keys() but the robust list
+code has no alignment check in place.
+
+As a consequence the kernel crashes on architectures with strict alignment
+requirements in handle_futex_death() when trying to cmpxchg() on an
+unaligned futex address which was retrieved from the robust list.
+
+[ tglx: Rewrote changelog, proper sizeof() based alignement check and add
+ comment ]
+
+Fixes: 0771dfefc9e5 ("[PATCH] lightweight robust futexes: core")
+Signed-off-by: Chen Jie <chenjie6@huawei.com>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Cc: <dvhart@infradead.org>
+Cc: <peterz@infradead.org>
+Cc: <zengweilin@huawei.com>
+Cc: stable@vger.kernel.org
+Link: https://lkml.kernel.org/r/1552621478-119787-1-git-send-email-chenjie6@huawei.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ kernel/futex.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/kernel/futex.c
++++ b/kernel/futex.c
+@@ -3110,6 +3110,10 @@ int handle_futex_death(u32 __user *uaddr
+ {
+ u32 uval, uninitialized_var(nval), mval;
+
++ /* Futex address must be 32bit aligned */
++ if ((((unsigned long)uaddr) % sizeof(*uaddr)) != 0)
++ return -1;
++
+ retry:
+ if (get_user(uval, uaddr))
+ return -1;
--- /dev/null
+From 0c671812f152b628bd87c0af49da032cc2a2c319 Mon Sep 17 00:00:00 2001
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+Date: Mon, 18 Mar 2019 19:09:38 -0500
+Subject: objtool: Move objtool_file struct off the stack
+
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+
+commit 0c671812f152b628bd87c0af49da032cc2a2c319 upstream.
+
+Objtool uses over 512k of stack, thanks to the hash table embedded in
+the objtool_file struct. This causes an unnecessarily large stack
+allocation and breaks users with low stack limits.
+
+Move the struct off the stack.
+
+Fixes: 042ba73fe7eb ("objtool: Add several performance improvements")
+Reported-by: Vassili Karpov <moosotc@gmail.com>
+Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: stable@vger.kernel.org
+Link: https://lkml.kernel.org/r/df92dcbc4b84b02ffa252f46876df125fb56e2d7.1552954176.git.jpoimboe@redhat.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/objtool/check.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -2132,9 +2132,10 @@ static void cleanup(struct objtool_file
+ elf_close(file->elf);
+ }
+
++static struct objtool_file file;
++
+ int check(const char *_objname, bool orc)
+ {
+- struct objtool_file file;
+ int ret, warnings = 0;
+
+ objname = _objname;
mips-loongson64-lemote-2f-add-irqf_no_suspend-to-cascade-irqaction.patch
mips-ensure-elf-appended-dtb-is-relocated.patch
mips-fix-kernel-crash-for-r6-in-jump-label-branch-function.patch
+futex-ensure-that-futex-address-is-aligned-in-handle_futex_death.patch
+objtool-move-objtool_file-struct-off-the-stack.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
