From 3354d4aba4fb3f1fd28df25f1f3011467e8474ab Mon Sep 17 00:00:00 2001
From: Sasha Levin <sashal@kernel.org>
Date: Mon, 22 Jun 2020 21:30:17 -0400
Subject: [PATCH] Fixes for 4.4

Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 ...rite-disable-preemption-on-seqcount-.patch | 48 ++++++++++++++++
 queue-4.4/series                              |  2 +
 ...ses-of-access_process_vm-in-genregs3.patch | 57 +++++++++++++++++++
 3 files changed, 107 insertions(+)
 create mode 100644 queue-4.4/block-nr_sects_write-disable-preemption-on-seqcount-.patch
 create mode 100644 queue-4.4/sparc64-fix-misuses-of-access_process_vm-in-genregs3.patch

diff --git a/queue-4.4/block-nr_sects_write-disable-preemption-on-seqcount-.patch b/queue-4.4/block-nr_sects_write-disable-preemption-on-seqcount-.patch
new file mode 100644
index 00000000000..7eaba7b6722
--- /dev/null
+++ b/queue-4.4/block-nr_sects_write-disable-preemption-on-seqcount-.patch
@@ -0,0 +1,48 @@
+From 36589f3f166bf131b05ffcf79f090c1d628c3b94 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 3 Jun 2020 16:49:48 +0200
+Subject: block: nr_sects_write(): Disable preemption on seqcount write
+
+From: Ahmed S. Darwish <a.darwish@linutronix.de>
+
+[ Upstream commit 15b81ce5abdc4b502aa31dff2d415b79d2349d2f ]
+
+For optimized block readers not holding a mutex, the "number of sectors"
+64-bit value is protected from tearing on 32-bit architectures by a
+sequence counter.
+
+Disable preemption before entering that sequence counter's write side
+critical section. Otherwise, the read side can preempt the write side
+section and spin for the entire scheduler tick. If the reader belongs to
+a real-time scheduling class, it can spin forever and the kernel will
+livelock.
+
+Fixes: c83f6bf98dc1 ("block: add partition resize function to blkpg ioctl")
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Ahmed S. Darwish <a.darwish@linutronix.de>
+Reviewed-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ include/linux/genhd.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/include/linux/genhd.h b/include/linux/genhd.h
+index 5012fcdb4c9ed..a27d0aef07f66 100644
+--- a/include/linux/genhd.h
++++ b/include/linux/genhd.h
+@@ -727,9 +727,11 @@ static inline sector_t part_nr_sects_read(struct hd_struct *part)
+ static inline void part_nr_sects_write(struct hd_struct *part, sector_t size)
+ {
+ #if BITS_PER_LONG==32 && defined(CONFIG_LBDAF) && defined(CONFIG_SMP)
++	preempt_disable();
+ 	write_seqcount_begin(&part->nr_sects_seq);
+ 	part->nr_sects = size;
+ 	write_seqcount_end(&part->nr_sects_seq);
++	preempt_enable();
+ #elif BITS_PER_LONG==32 && defined(CONFIG_LBDAF) && defined(CONFIG_PREEMPT)
+ 	preempt_disable();
+ 	part->nr_sects = size;
+-- 
+2.25.1
+
diff --git a/queue-4.4/series b/queue-4.4/series
index cffc7b594a7..780abf3990e 100644
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -65,3 +65,5 @@ drm-qxl-use-correct-notify-port-address-when-creating-cursor-ring.patch
 selinux-fix-double-free.patch
 ext4-fix-partial-cluster-initialization-when-splitti.patch
 drm-dp_mst-increase-act-retry-timeout-to-3s.patch
+sparc64-fix-misuses-of-access_process_vm-in-genregs3.patch
+block-nr_sects_write-disable-preemption-on-seqcount-.patch
diff --git a/queue-4.4/sparc64-fix-misuses-of-access_process_vm-in-genregs3.patch b/queue-4.4/sparc64-fix-misuses-of-access_process_vm-in-genregs3.patch
new file mode 100644
index 00000000000..7aee94d7587
--- /dev/null
+++ b/queue-4.4/sparc64-fix-misuses-of-access_process_vm-in-genregs3.patch
@@ -0,0 +1,57 @@
+From 3bef72ad88d0aca6201468da6e64fc2f2be2e251 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Sun, 17 May 2020 15:37:50 -0400
+Subject: sparc64: fix misuses of access_process_vm() in genregs32_[sg]et()
+
+From: Al Viro <viro@zeniv.linux.org.uk>
+
+[ Upstream commit 142cd25293f6a7ecbdff4fb0af17de6438d46433 ]
+
+We do need access_process_vm() to access the target's reg_window.
+However, access to caller's memory (storing the result in
+genregs32_get(), fetching the new values in case of genregs32_set())
+should be done by normal uaccess primitives.
+
+Fixes: ad4f95764040 ([SPARC64]: Fix user accesses in regset code.)
+Cc: stable@kernel.org
+Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/sparc/kernel/ptrace_64.c | 13 ++-----------
+ 1 file changed, 2 insertions(+), 11 deletions(-)
+
+diff --git a/arch/sparc/kernel/ptrace_64.c b/arch/sparc/kernel/ptrace_64.c
+index c1566170964f3..829592d5efe0b 100644
+--- a/arch/sparc/kernel/ptrace_64.c
++++ b/arch/sparc/kernel/ptrace_64.c
+@@ -534,13 +534,8 @@ static int genregs32_get(struct task_struct *target,
+ 						      &reg, sizeof(reg), 0)
+ 				    != sizeof(reg))
+ 					return -EFAULT;
+-				if (access_process_vm(target,
+-						      (unsigned long) u,
+-						      &reg, sizeof(reg), 1)
+-				    != sizeof(reg))
++				if (put_user(reg, u++))
+ 					return -EFAULT;
+-				pos++;
+-				u++;
+ 			}
+ 		}
+ 	}
+@@ -639,11 +634,7 @@ static int genregs32_set(struct task_struct *target,
+ 			}
+ 		} else {
+ 			for (; count > 0 && pos < 32; count--) {
+-				if (access_process_vm(target,
+-						      (unsigned long)
+-						      u,
+-						      &reg, sizeof(reg), 0)
+-				    != sizeof(reg))
++				if (get_user(reg, u++))
+ 					return -EFAULT;
+ 				if (access_process_vm(target,
+ 						      (unsigned long)
+-- 
+2.25.1
+
-- 
2.47.3