--- /dev/null
+From e98eac6ff1b45e4e73f2e6031b37c256ccb5d36b Mon Sep 17 00:00:00 2001
+From: Thomas Gleixner <tglx@linutronix.de>
+Date: Fri, 27 Mar 2020 12:06:44 +0100
+Subject: cpu/hotplug: Ignore pm_wakeup_pending() for disable_nonboot_cpus()
+
+From: Thomas Gleixner <tglx@linutronix.de>
+
+commit e98eac6ff1b45e4e73f2e6031b37c256ccb5d36b upstream.
+
+A recent change to freeze_secondary_cpus() which added an early abort if a
+wakeup is pending missed the fact that the function is also invoked for
+shutdown, reboot and kexec via disable_nonboot_cpus().
+
+In case of disable_nonboot_cpus() the wakeup event needs to be ignored as
+the purpose is to terminate the currently running kernel.
+
+Add a 'suspend' argument which is only set when the freeze is in context of
+a suspend operation. If not set then an eventually pending wakeup event is
+ignored.
+
+Fixes: a66d955e910a ("cpu/hotplug: Abort disabling secondary CPUs if wakeup is pending")
+Reported-by: Boqun Feng <boqun.feng@gmail.com>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Cc: Pavankumar Kondeti <pkondeti@codeaurora.org>
+Cc: stable@vger.kernel.org
+Link: https://lkml.kernel.org/r/874kuaxdiz.fsf@nanos.tec.linutronix.de
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ include/linux/cpu.h | 12 +++++++++---
+ kernel/cpu.c | 4 ++--
+ 2 files changed, 11 insertions(+), 5 deletions(-)
+
+--- a/include/linux/cpu.h
++++ b/include/linux/cpu.h
+@@ -138,12 +138,18 @@ static inline void get_online_cpus(void)
+ static inline void put_online_cpus(void) { cpus_read_unlock(); }
+
+ #ifdef CONFIG_PM_SLEEP_SMP
+-extern int freeze_secondary_cpus(int primary);
++int __freeze_secondary_cpus(int primary, bool suspend);
++static inline int freeze_secondary_cpus(int primary)
++{
++ return __freeze_secondary_cpus(primary, true);
++}
++
+ static inline int disable_nonboot_cpus(void)
+ {
+- return freeze_secondary_cpus(0);
++ return __freeze_secondary_cpus(0, false);
+ }
+-extern void enable_nonboot_cpus(void);
++
++void enable_nonboot_cpus(void);
+
+ static inline int suspend_disable_secondary_cpus(void)
+ {
+--- a/kernel/cpu.c
++++ b/kernel/cpu.c
+@@ -1212,7 +1212,7 @@ EXPORT_SYMBOL_GPL(cpu_up);
+ #ifdef CONFIG_PM_SLEEP_SMP
+ static cpumask_var_t frozen_cpus;
+
+-int freeze_secondary_cpus(int primary)
++int __freeze_secondary_cpus(int primary, bool suspend)
+ {
+ int cpu, error = 0;
+
+@@ -1237,7 +1237,7 @@ int freeze_secondary_cpus(int primary)
+ if (cpu == primary)
+ continue;
+
+- if (pm_wakeup_pending()) {
++ if (suspend && pm_wakeup_pending()) {
+ pr_info("Wakeup pending. Abort CPU freeze\n");
+ error = -EBUSY;
+ break;
--- /dev/null
+From a740a423c36932695b01a3e920f697bc55b05fec Mon Sep 17 00:00:00 2001
+From: Thomas Gleixner <tglx@linutronix.de>
+Date: Fri, 6 Mar 2020 14:03:42 +0100
+Subject: genirq/debugfs: Add missing sanity checks to interrupt injection
+
+From: Thomas Gleixner <tglx@linutronix.de>
+
+commit a740a423c36932695b01a3e920f697bc55b05fec upstream.
+
+Interrupts cannot be injected when the interrupt is not activated and when
+a replay is already in progress.
+
+Fixes: 536e2e34bd00 ("genirq/debugfs: Triggering of interrupts from userspace")
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Acked-by: Marc Zyngier <maz@kernel.org>
+Cc: stable@vger.kernel.org
+Link: https://lkml.kernel.org/r/20200306130623.500019114@linutronix.de
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ kernel/irq/debugfs.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+--- a/kernel/irq/debugfs.c
++++ b/kernel/irq/debugfs.c
+@@ -206,8 +206,15 @@ static ssize_t irq_debug_write(struct fi
+ chip_bus_lock(desc);
+ raw_spin_lock_irqsave(&desc->lock, flags);
+
+- if (irq_settings_is_level(desc) || desc->istate & IRQS_NMI) {
+- /* Can't do level nor NMIs, sorry */
++ /*
++ * Don't allow injection when the interrupt is:
++ * - Level or NMI type
++ * - not activated
++ * - replaying already
++ */
++ if (irq_settings_is_level(desc) ||
++ !irqd_is_activated(&desc->irq_data) ||
++ (desc->istate & (IRQS_NMI | IRQS_REPLAY))) {
+ err = -EINVAL;
+ } else {
+ desc->istate |= IRQS_PENDING;
--- /dev/null
+From c336e992cb1cb1db9ee608dfb30342ae781057ab Mon Sep 17 00:00:00 2001
+From: Jens Axboe <axboe@kernel.dk>
+Date: Fri, 3 Apr 2020 13:54:26 -0600
+Subject: io_uring: remove bogus RLIMIT_NOFILE check in file registration
+
+From: Jens Axboe <axboe@kernel.dk>
+
+commit c336e992cb1cb1db9ee608dfb30342ae781057ab upstream.
+
+We already checked this limit when the file was opened, and we keep it
+open in the file table. Hence when we added unit_inflight to the count
+we want to register, we're doubly accounting these files. This results
+in -EMFILE for file registration, if we're at half the limit.
+
+Cc: stable@vger.kernel.org # v5.1+
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/io_uring.c | 7 -------
+ 1 file changed, 7 deletions(-)
+
+--- a/fs/io_uring.c
++++ b/fs/io_uring.c
+@@ -4162,13 +4162,6 @@ static int __io_sqe_files_scm(struct io_
+ struct sk_buff *skb;
+ int i, nr_files;
+
+- if (!capable(CAP_SYS_RESOURCE) && !capable(CAP_SYS_ADMIN)) {
+- unsigned long inflight = ctx->user->unix_inflight + nr;
+-
+- if (inflight > task_rlimit(current, RLIMIT_NOFILE))
+- return -EMFILE;
+- }
+-
+ fpl = kzalloc(sizeof(*fpl), GFP_KERNEL);
+ if (!fpl)
+ return -ENOMEM;
--- /dev/null
+From 6a214a28132f19ace3d835a6d8f6422ec80ad200 Mon Sep 17 00:00:00 2001
+From: Sungbo Eo <mans0n@gorani.run>
+Date: Sat, 21 Mar 2020 22:38:42 +0900
+Subject: irqchip/versatile-fpga: Apply clear-mask earlier
+
+From: Sungbo Eo <mans0n@gorani.run>
+
+commit 6a214a28132f19ace3d835a6d8f6422ec80ad200 upstream.
+
+Clear its own IRQs before the parent IRQ get enabled, so that the
+remaining IRQs do not accidentally interrupt the parent IRQ controller.
+
+This patch also fixes a reboot bug on OX820 SoC, where the remaining
+rps-timer IRQ raises a GIC interrupt that is left pending. After that,
+the rps-timer IRQ is cleared during driver initialization, and there's
+no IRQ left in rps-irq when local_irq_enable() is called, which evokes
+an error message "unexpected IRQ trap".
+
+Fixes: bdd272cbb97a ("irqchip: versatile FPGA: support cascaded interrupts from DT")
+Signed-off-by: Sungbo Eo <mans0n@gorani.run>
+Signed-off-by: Marc Zyngier <maz@kernel.org>
+Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/20200321133842.2408823-1-mans0n@gorani.run
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/irqchip/irq-versatile-fpga.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/drivers/irqchip/irq-versatile-fpga.c
++++ b/drivers/irqchip/irq-versatile-fpga.c
+@@ -212,6 +212,9 @@ int __init fpga_irq_of_init(struct devic
+ if (of_property_read_u32(node, "valid-mask", &valid_mask))
+ valid_mask = 0;
+
++ writel(clear_mask, base + IRQ_ENABLE_CLEAR);
++ writel(clear_mask, base + FIQ_ENABLE_CLEAR);
++
+ /* Some chips are cascaded from a parent IRQ */
+ parent_irq = irq_of_parse_and_map(node, 0);
+ if (!parent_irq) {
+@@ -221,9 +224,6 @@ int __init fpga_irq_of_init(struct devic
+
+ fpga_irq_init(base, node->name, 0, parent_irq, valid_mask, node);
+
+- writel(clear_mask, base + IRQ_ENABLE_CLEAR);
+- writel(clear_mask, base + FIQ_ENABLE_CLEAR);
+-
+ /*
+ * On Versatile AB/PB, some secondary interrupts have a direct
+ * pass-thru to the primary controller for IRQs 20 and 22-31 which need
--- /dev/null
+From 792a402c2840054533ef56279c212ef6da87d811 Mon Sep 17 00:00:00 2001
+From: "Gustavo A. R. Silva" <gustavo@embeddedor.com>
+Date: Tue, 22 Jan 2019 14:18:42 -0600
+Subject: MIPS: OCTEON: irq: Fix potential NULL pointer dereference
+
+From: Gustavo A. R. Silva <gustavo@embeddedor.com>
+
+commit 792a402c2840054533ef56279c212ef6da87d811 upstream.
+
+There is a potential NULL pointer dereference in case kzalloc()
+fails and returns NULL.
+
+Fix this by adding a NULL check on *cd*
+
+This bug was detected with the help of Coccinelle.
+
+Fixes: 64b139f97c01 ("MIPS: OCTEON: irq: add CIB and other fixes")
+Cc: stable@vger.kernel.org
+Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
+Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/mips/cavium-octeon/octeon-irq.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/arch/mips/cavium-octeon/octeon-irq.c
++++ b/arch/mips/cavium-octeon/octeon-irq.c
+@@ -2199,6 +2199,9 @@ static int octeon_irq_cib_map(struct irq
+ }
+
+ cd = kzalloc(sizeof(*cd), GFP_KERNEL);
++ if (!cd)
++ return -ENOMEM;
++
+ cd->host_data = host_data;
+ cd->bit = hw;
+
--- /dev/null
+From d191aaffe3687d1e73e644c185f5f0550ec242b5 Mon Sep 17 00:00:00 2001
+From: Huacai Chen <chenhc@lemote.com>
+Date: Wed, 25 Mar 2020 11:44:54 +0800
+Subject: MIPS/tlbex: Fix LDDIR usage in setup_pw() for Loongson-3
+
+From: Huacai Chen <chenhc@lemote.com>
+
+commit d191aaffe3687d1e73e644c185f5f0550ec242b5 upstream.
+
+LDDIR/LDPTE is Loongson-3's acceleration for Page Table Walking. If BD
+(Base Directory, the 4th page directory) is not enabled, then GDOffset
+is biased by BadVAddr[63:62]. So, if GDOffset (aka. BadVAddr[47:36] for
+Loongson-3) is big enough, "0b11(BadVAddr[63:62])|BadVAddr[47:36]|...."
+can far beyond pg_swapper_dir. This means the pg_swapper_dir may NOT be
+accessed by LDDIR correctly, so fix it by set PWDirExt in CP0_PWCtl.
+
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Pei Huang <huangpei@loongson.cn>
+Signed-off-by: Huacai Chen <chenhc@lemote.com>
+Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/mips/mm/tlbex.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+--- a/arch/mips/mm/tlbex.c
++++ b/arch/mips/mm/tlbex.c
+@@ -1480,6 +1480,7 @@ static void build_r4000_tlb_refill_handl
+
+ static void setup_pw(void)
+ {
++ unsigned int pwctl;
+ unsigned long pgd_i, pgd_w;
+ #ifndef __PAGETABLE_PMD_FOLDED
+ unsigned long pmd_i, pmd_w;
+@@ -1506,6 +1507,7 @@ static void setup_pw(void)
+
+ pte_i = ilog2(_PAGE_GLOBAL);
+ pte_w = 0;
++ pwctl = 1 << 30; /* Set PWDirExt */
+
+ #ifndef __PAGETABLE_PMD_FOLDED
+ write_c0_pwfield(pgd_i << 24 | pmd_i << 12 | pt_i << 6 | pte_i);
+@@ -1516,8 +1518,9 @@ static void setup_pw(void)
+ #endif
+
+ #ifdef CONFIG_MIPS_HUGE_TLB_SUPPORT
+- write_c0_pwctl(1 << 6 | psn);
++ pwctl |= (1 << 6 | psn);
+ #endif
++ write_c0_pwctl(pwctl);
+ write_c0_kpgd((long)swapper_pg_dir);
+ kscratch_used_mask |= (1 << 7); /* KScratch6 is used for KPGD */
+ }
--- /dev/null
+From 56cb26891ea4180121265dc6b596015772c4a4b8 Mon Sep 17 00:00:00 2001
+From: Ulf Hansson <ulf.hansson@linaro.org>
+Date: Tue, 10 Mar 2020 11:40:23 +0100
+Subject: PM / Domains: Allow no domain-idle-states DT property in genpd when parsing
+
+From: Ulf Hansson <ulf.hansson@linaro.org>
+
+commit 56cb26891ea4180121265dc6b596015772c4a4b8 upstream.
+
+Commit 2c361684803e ("PM / Domains: Don't treat zero found compatible idle
+states as an error"), moved of_genpd_parse_idle_states() towards allowing
+none compatible idle state to be found for the device node, rather than
+returning an error code.
+
+However, it didn't consider that the "domain-idle-states" DT property may
+be missing as it's optional, which makes of_count_phandle_with_args() to
+return -ENOENT. Let's fix this to make the behaviour consistent.
+
+Fixes: 2c361684803e ("PM / Domains: Don't treat zero found compatible idle states as an error")
+Reported-by: Benjamin Gaignard <benjamin.gaignard@st.com>
+Cc: 4.20+ <stable@vger.kernel.org> # 4.20+
+Reviewed-by: Sudeep Holla <sudeep.holla@arm.com>
+Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/base/power/domain.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/base/power/domain.c
++++ b/drivers/base/power/domain.c
+@@ -2615,7 +2615,7 @@ static int genpd_iterate_idle_states(str
+
+ ret = of_count_phandle_with_args(dn, "domain-idle-states", NULL);
+ if (ret <= 0)
+- return ret;
++ return ret == -ENOENT ? 0 : ret;
+
+ /* Loop over the phandles until all the requested entry is found */
+ of_for_each_phandle(&it, ret, dn, "domain-idle-states", NULL, 0) {
--- /dev/null
+From 87de6594dc45dbf6819f3e0ef92f9331c5a9444c Mon Sep 17 00:00:00 2001
+From: Neeraj Upadhyay <neeraju@codeaurora.org>
+Date: Mon, 23 Mar 2020 10:38:51 +0530
+Subject: PM: sleep: wakeup: Skip wakeup_source_sysfs_remove() if device is not there
+
+From: Neeraj Upadhyay <neeraju@codeaurora.org>
+
+commit 87de6594dc45dbf6819f3e0ef92f9331c5a9444c upstream.
+
+Skip wakeup_source_sysfs_remove() to fix a NULL pinter dereference via
+ws->dev, if the wakeup source is unregistered before registering the
+wakeup class from device_add().
+
+Fixes: 2ca3d1ecb8c4 ("PM / wakeup: Register wakeup class kobj after device is added")
+Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org>
+Cc: 5.4+ <stable@vger.kernel.org> # 5.4+
+[ rjw: Subject & changelog, white space ]
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/base/power/wakeup.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/drivers/base/power/wakeup.c
++++ b/drivers/base/power/wakeup.c
+@@ -241,7 +241,9 @@ void wakeup_source_unregister(struct wak
+ {
+ if (ws) {
+ wakeup_source_remove(ws);
+- wakeup_source_sysfs_remove(ws);
++ if (ws->dev)
++ wakeup_source_sysfs_remove(ws);
++
+ wakeup_source_destroy(ws);
+ }
+ }
--- /dev/null
+From 6c871b7314dde9ab64f20de8f5aa3d01be4518e8 Mon Sep 17 00:00:00 2001
+From: Vasily Averin <vvs@virtuozzo.com>
+Date: Tue, 25 Feb 2020 11:11:20 +0300
+Subject: pstore: pstore_ftrace_seq_next should increase position index
+
+From: Vasily Averin <vvs@virtuozzo.com>
+
+commit 6c871b7314dde9ab64f20de8f5aa3d01be4518e8 upstream.
+
+In Aug 2018 NeilBrown noticed
+commit 1f4aace60b0e ("fs/seq_file.c: simplify seq_file iteration code and interface")
+"Some ->next functions do not increment *pos when they return NULL...
+Note that such ->next functions are buggy and should be fixed.
+A simple demonstration is
+
+ dd if=/proc/swaps bs=1000 skip=1
+
+Choose any block size larger than the size of /proc/swaps. This will
+always show the whole last line of /proc/swaps"
+
+/proc/swaps output was fixed recently, however there are lot of other
+affected files, and one of them is related to pstore subsystem.
+
+If .next function does not change position index, following .show function
+will repeat output related to current position index.
+
+There are at least 2 related problems:
+- read after lseek beyond end of file, described above by NeilBrown
+ "dd if=<AFFECTED_FILE> bs=1000 skip=1" will generate whole last list
+- read after lseek on in middle of last line will output expected rest of
+ last line but then repeat whole last line once again.
+
+If .show() function generates multy-line output (like
+pstore_ftrace_seq_show() does ?) following bash script cycles endlessly
+
+ $ q=;while read -r r;do echo "$((++q)) $r";done < AFFECTED_FILE
+
+Unfortunately I'm not familiar enough to pstore subsystem and was unable
+to find affected pstore-related file on my test node.
+
+If .next function does not change position index, following .show function
+will repeat output related to current position index.
+
+Cc: stable@vger.kernel.org
+Fixes: 1f4aace60b0e ("fs/seq_file.c: simplify seq_file iteration code ...")
+Link: https://bugzilla.kernel.org/show_bug.cgi?id=206283
+Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
+Link: https://lore.kernel.org/r/4e49830d-4c88-0171-ee24-1ee540028dad@virtuozzo.com
+[kees: with robustness tweak from Joel Fernandes <joelaf@google.com>]
+Signed-off-by: Kees Cook <keescook@chromium.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/pstore/inode.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+--- a/fs/pstore/inode.c
++++ b/fs/pstore/inode.c
+@@ -87,11 +87,11 @@ static void *pstore_ftrace_seq_next(stru
+ struct pstore_private *ps = s->private;
+ struct pstore_ftrace_seq_data *data = v;
+
++ (*pos)++;
+ data->off += REC_SIZE;
+ if (data->off + REC_SIZE > ps->total_size)
+ return NULL;
+
+- (*pos)++;
+ return data;
+ }
+
+@@ -101,6 +101,9 @@ static int pstore_ftrace_seq_show(struct
+ struct pstore_ftrace_seq_data *data = v;
+ struct pstore_ftrace_record *rec;
+
++ if (!data)
++ return 0;
++
+ rec = (struct pstore_ftrace_record *)(ps->record->buf + data->off);
+
+ seq_printf(s, "CPU:%d ts:%llu %08lx %08lx %ps <- %pS\n",
--- /dev/null
+From 127e29815b4b2206c0a97ac1d83f92ffc0e25c34 Mon Sep 17 00:00:00 2001
+From: "Paul E. McKenney" <paulmck@kernel.org>
+Date: Tue, 11 Feb 2020 06:17:33 -0800
+Subject: rcu: Make rcu_barrier() account for offline no-CBs CPUs
+
+From: Paul E. McKenney <paulmck@kernel.org>
+
+commit 127e29815b4b2206c0a97ac1d83f92ffc0e25c34 upstream.
+
+Currently, rcu_barrier() ignores offline CPUs, However, it is possible
+for an offline no-CBs CPU to have callbacks queued, and rcu_barrier()
+must wait for those callbacks. This commit therefore makes rcu_barrier()
+directly invoke the rcu_barrier_func() with interrupts disabled for such
+CPUs. This requires passing the CPU number into this function so that
+it can entrain the rcu_barrier() callback onto the correct CPU's callback
+list, given that the code must instead execute on the current CPU.
+
+While in the area, this commit fixes a bug where the first CPU's callback
+might have been invoked before rcu_segcblist_entrain() returned, which
+would also result in an early wakeup.
+
+Fixes: 5d6742b37727 ("rcu/nocb: Use rcu_segcblist for no-CBs CPUs")
+Signed-off-by: Paul E. McKenney <paulmck@kernel.org>
+[ paulmck: Apply optimization feedback from Boqun Feng. ]
+Cc: <stable@vger.kernel.org> # 5.5.x
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ include/trace/events/rcu.h | 1 +
+ kernel/rcu/tree.c | 36 ++++++++++++++++++++++++------------
+ 2 files changed, 25 insertions(+), 12 deletions(-)
+
+--- a/include/trace/events/rcu.h
++++ b/include/trace/events/rcu.h
+@@ -720,6 +720,7 @@ TRACE_EVENT_RCU(rcu_torture_read,
+ * "Begin": rcu_barrier() started.
+ * "EarlyExit": rcu_barrier() piggybacked, thus early exit.
+ * "Inc1": rcu_barrier() piggyback check counter incremented.
++ * "OfflineNoCBQ": rcu_barrier() found offline no-CBs CPU with callbacks.
+ * "OnlineQ": rcu_barrier() found online CPU with callbacks.
+ * "OnlineNQ": rcu_barrier() found online CPU, no callbacks.
+ * "IRQ": An rcu_barrier_callback() callback posted on remote CPU.
+--- a/kernel/rcu/tree.c
++++ b/kernel/rcu/tree.c
+@@ -2888,9 +2888,10 @@ static void rcu_barrier_callback(struct
+ /*
+ * Called with preemption disabled, and from cross-cpu IRQ context.
+ */
+-static void rcu_barrier_func(void *unused)
++static void rcu_barrier_func(void *cpu_in)
+ {
+- struct rcu_data *rdp = raw_cpu_ptr(&rcu_data);
++ uintptr_t cpu = (uintptr_t)cpu_in;
++ struct rcu_data *rdp = per_cpu_ptr(&rcu_data, cpu);
+
+ rcu_barrier_trace(TPS("IRQ"), -1, rcu_state.barrier_sequence);
+ rdp->barrier_head.func = rcu_barrier_callback;
+@@ -2917,7 +2918,7 @@ static void rcu_barrier_func(void *unuse
+ */
+ void rcu_barrier(void)
+ {
+- int cpu;
++ uintptr_t cpu;
+ struct rcu_data *rdp;
+ unsigned long s = rcu_seq_snap(&rcu_state.barrier_sequence);
+
+@@ -2940,13 +2941,14 @@ void rcu_barrier(void)
+ rcu_barrier_trace(TPS("Inc1"), -1, rcu_state.barrier_sequence);
+
+ /*
+- * Initialize the count to one rather than to zero in order to
+- * avoid a too-soon return to zero in case of a short grace period
+- * (or preemption of this task). Exclude CPU-hotplug operations
+- * to ensure that no offline CPU has callbacks queued.
++ * Initialize the count to two rather than to zero in order
++ * to avoid a too-soon return to zero in case of an immediate
++ * invocation of the just-enqueued callback (or preemption of
++ * this task). Exclude CPU-hotplug operations to ensure that no
++ * offline non-offloaded CPU has callbacks queued.
+ */
+ init_completion(&rcu_state.barrier_completion);
+- atomic_set(&rcu_state.barrier_cpu_count, 1);
++ atomic_set(&rcu_state.barrier_cpu_count, 2);
+ get_online_cpus();
+
+ /*
+@@ -2956,13 +2958,23 @@ void rcu_barrier(void)
+ */
+ for_each_possible_cpu(cpu) {
+ rdp = per_cpu_ptr(&rcu_data, cpu);
+- if (!cpu_online(cpu) &&
++ if (cpu_is_offline(cpu) &&
+ !rcu_segcblist_is_offloaded(&rdp->cblist))
+ continue;
+- if (rcu_segcblist_n_cbs(&rdp->cblist)) {
++ if (rcu_segcblist_n_cbs(&rdp->cblist) && cpu_online(cpu)) {
+ rcu_barrier_trace(TPS("OnlineQ"), cpu,
+ rcu_state.barrier_sequence);
+- smp_call_function_single(cpu, rcu_barrier_func, NULL, 1);
++ smp_call_function_single(cpu, rcu_barrier_func, (void *)cpu, 1);
++ } else if (rcu_segcblist_n_cbs(&rdp->cblist) &&
++ cpu_is_offline(cpu)) {
++ rcu_barrier_trace(TPS("OfflineNoCBQ"), cpu,
++ rcu_state.barrier_sequence);
++ local_irq_disable();
++ rcu_barrier_func((void *)cpu);
++ local_irq_enable();
++ } else if (cpu_is_offline(cpu)) {
++ rcu_barrier_trace(TPS("OfflineNoCBNoQ"), cpu,
++ rcu_state.barrier_sequence);
+ } else {
+ rcu_barrier_trace(TPS("OnlineNQ"), cpu,
+ rcu_state.barrier_sequence);
+@@ -2974,7 +2986,7 @@ void rcu_barrier(void)
+ * Now that we have an rcu_barrier_callback() callback on each
+ * CPU, and thus each counted, remove the initial count.
+ */
+- if (atomic_dec_and_test(&rcu_state.barrier_cpu_count))
++ if (atomic_sub_and_test(2, &rcu_state.barrier_cpu_count))
+ complete(&rcu_state.barrier_completion);
+
+ /* Wait for all rcu_barrier_callback() callbacks to be invoked. */
--- /dev/null
+From 5e958e4aacf44e1cc98b0d88d8e66e98f03bbf66 Mon Sep 17 00:00:00 2001
+From: Sowjanya Komatineni <skomatineni@nvidia.com>
+Date: Wed, 11 Mar 2020 08:47:54 -0700
+Subject: sdhci: tegra: Implement Tegra specific set_timeout callback
+
+From: Sowjanya Komatineni <skomatineni@nvidia.com>
+
+commit 5e958e4aacf44e1cc98b0d88d8e66e98f03bbf66 upstream.
+
+Tegra host supports HW busy detection and timeouts based on the
+count programmed in SDHCI_TIMEOUT_CONTROL register and max busy
+timeout it supports is 11s in finite busy wait mode.
+
+Some operations like SLEEP_AWAKE, ERASE and flush cache through
+SWITCH commands take longer than 11s and Tegra host supports
+infinite HW busy wait mode where HW waits forever till the card
+is busy without HW timeout.
+
+This patch implements Tegra specific set_timeout sdhci_ops to allow
+switching between finite and infinite HW busy detection wait modes
+based on the device command expected operation time.
+
+Signed-off-by: Sowjanya Komatineni <skomatineni@nvidia.com>
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/1583941675-9884-1-git-send-email-skomatineni@nvidia.com
+Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+diff --git a/drivers/mmc/host/sdhci-tegra.c b/drivers/mmc/host/sdhci-tegra.c
+index a25c3a4d3f6c..fa8f6a4dcc7c 100644
+--- a/drivers/mmc/host/sdhci-tegra.c
++++ b/drivers/mmc/host/sdhci-tegra.c
+@@ -45,6 +45,7 @@
+ #define SDHCI_TEGRA_CAP_OVERRIDES_DQS_TRIM_SHIFT 8
+
+ #define SDHCI_TEGRA_VENDOR_MISC_CTRL 0x120
++#define SDHCI_MISC_CTRL_ERASE_TIMEOUT_LIMIT BIT(0)
+ #define SDHCI_MISC_CTRL_ENABLE_SDR104 0x8
+ #define SDHCI_MISC_CTRL_ENABLE_SDR50 0x10
+ #define SDHCI_MISC_CTRL_ENABLE_SDHCI_SPEC_300 0x20
+@@ -1227,6 +1228,34 @@ static u32 sdhci_tegra_cqhci_irq(struct sdhci_host *host, u32 intmask)
+ return 0;
+ }
+
++static void tegra_sdhci_set_timeout(struct sdhci_host *host,
++ struct mmc_command *cmd)
++{
++ u32 val;
++
++ /*
++ * HW busy detection timeout is based on programmed data timeout
++ * counter and maximum supported timeout is 11s which may not be
++ * enough for long operations like cache flush, sleep awake, erase.
++ *
++ * ERASE_TIMEOUT_LIMIT bit of VENDOR_MISC_CTRL register allows
++ * host controller to wait for busy state until the card is busy
++ * without HW timeout.
++ *
++ * So, use infinite busy wait mode for operations that may take
++ * more than maximum HW busy timeout of 11s otherwise use finite
++ * busy wait mode.
++ */
++ val = sdhci_readl(host, SDHCI_TEGRA_VENDOR_MISC_CTRL);
++ if (cmd && cmd->busy_timeout >= 11 * HZ)
++ val |= SDHCI_MISC_CTRL_ERASE_TIMEOUT_LIMIT;
++ else
++ val &= ~SDHCI_MISC_CTRL_ERASE_TIMEOUT_LIMIT;
++ sdhci_writel(host, val, SDHCI_TEGRA_VENDOR_MISC_CTRL);
++
++ __sdhci_set_timeout(host, cmd);
++}
++
+ static const struct cqhci_host_ops sdhci_tegra_cqhci_ops = {
+ .write_l = tegra_cqhci_writel,
+ .enable = sdhci_tegra_cqe_enable,
+@@ -1366,6 +1395,7 @@ static const struct sdhci_ops tegra210_sdhci_ops = {
+ .set_uhs_signaling = tegra_sdhci_set_uhs_signaling,
+ .voltage_switch = tegra_sdhci_voltage_switch,
+ .get_max_clock = tegra_sdhci_get_max_clock,
++ .set_timeout = tegra_sdhci_set_timeout,
+ };
+
+ static const struct sdhci_pltfm_data sdhci_tegra210_pdata = {
+@@ -1403,6 +1433,7 @@ static const struct sdhci_ops tegra186_sdhci_ops = {
+ .voltage_switch = tegra_sdhci_voltage_switch,
+ .get_max_clock = tegra_sdhci_get_max_clock,
+ .irq = sdhci_tegra_cqhci_irq,
++ .set_timeout = tegra_sdhci_set_timeout,
+ };
+
+ static const struct sdhci_pltfm_data sdhci_tegra186_pdata = {
tpm-tpm2_bios_measurements_next-should-increase-position-index.patch
keys-reaching-the-keys-quotas-correctly.patch
mmc-mmci_sdmmc-fix-clear-busyd0end-irq-flag.patch
+rcu-make-rcu_barrier-account-for-offline-no-cbs-cpus.patch
+cpu-hotplug-ignore-pm_wakeup_pending-for-disable_nonboot_cpus.patch
+genirq-debugfs-add-missing-sanity-checks-to-interrupt-injection.patch
+irqchip-versatile-fpga-apply-clear-mask-earlier.patch
+io_uring-remove-bogus-rlimit_nofile-check-in-file-registration.patch
+pstore-pstore_ftrace_seq_next-should-increase-position-index.patch
+mips-tlbex-fix-lddir-usage-in-setup_pw-for-loongson-3.patch
+mips-octeon-irq-fix-potential-null-pointer-dereference.patch
+pm-domains-allow-no-domain-idle-states-dt-property-in-genpd-when-parsing.patch
+pm-sleep-wakeup-skip-wakeup_source_sysfs_remove-if-device-is-not-there.patch
+sdhci-tegra-implement-tegra-specific-set_timeout-callback.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
