Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/3.14.49/1047_linux-3.14.48.patch
diff options
context:
space:
mode:
Diffstat (limited to '3.14.49/1047_linux-3.14.48.patch')
-rw-r--r--3.14.49/1047_linux-3.14.48.patch1019
1 files changed, 0 insertions, 1019 deletions
diff --git a/3.14.49/1047_linux-3.14.48.patch b/3.14.49/1047_linux-3.14.48.patch
deleted file mode 100644
index 3a7169d..0000000
--- a/3.14.49/1047_linux-3.14.48.patch
+++ /dev/null
@@ -1,1019 +0,0 @@
-diff --git a/Makefile b/Makefile
-index f9041e6..25393e8 100644
---- a/Makefile
-+++ b/Makefile
-@@ -1,6 +1,6 @@
- VERSION = 3
- PATCHLEVEL = 14
--SUBLEVEL = 47
-+SUBLEVEL = 48
- EXTRAVERSION =
- NAME = Remembering Coco
-
-diff --git a/arch/arm/include/asm/kvm_mmu.h b/arch/arm/include/asm/kvm_mmu.h
-index 9f79231..7d35af3 100644
---- a/arch/arm/include/asm/kvm_mmu.h
-+++ b/arch/arm/include/asm/kvm_mmu.h
-@@ -117,13 +117,14 @@ static inline void kvm_set_s2pmd_writable(pmd_t *pmd)
- (__boundary - 1 < (end) - 1)? __boundary: (end); \
- })
-
-+#define kvm_pgd_index(addr) pgd_index(addr)
-+
- static inline bool kvm_page_empty(void *ptr)
- {
- struct page *ptr_page = virt_to_page(ptr);
- return page_count(ptr_page) == 1;
- }
-
--
- #define kvm_pte_table_empty(ptep) kvm_page_empty(ptep)
- #define kvm_pmd_table_empty(pmdp) kvm_page_empty(pmdp)
- #define kvm_pud_table_empty(pudp) (0)
-diff --git a/arch/arm/kvm/arm.c b/arch/arm/kvm/arm.c
-index 2e74a61..f6a52a2 100644
---- a/arch/arm/kvm/arm.c
-+++ b/arch/arm/kvm/arm.c
-@@ -441,6 +441,7 @@ static void update_vttbr(struct kvm *kvm)
-
- static int kvm_vcpu_first_run_init(struct kvm_vcpu *vcpu)
- {
-+ struct kvm *kvm = vcpu->kvm;
- int ret;
-
- if (likely(vcpu->arch.has_run_once))
-@@ -452,12 +453,20 @@ static int kvm_vcpu_first_run_init(struct kvm_vcpu *vcpu)
- * Initialize the VGIC before running a vcpu the first time on
- * this VM.
- */
-- if (unlikely(!vgic_initialized(vcpu->kvm))) {
-- ret = kvm_vgic_init(vcpu->kvm);
-+ if (unlikely(!vgic_initialized(kvm))) {
-+ ret = kvm_vgic_init(kvm);
- if (ret)
- return ret;
- }
-
-+ /*
-+ * Enable the arch timers only if we have an in-kernel VGIC
-+ * and it has been properly initialized, since we cannot handle
-+ * interrupts from the virtual timer with a userspace gic.
-+ */
-+ if (irqchip_in_kernel(kvm) && vgic_initialized(kvm))
-+ kvm_timer_enable(kvm);
-+
- return 0;
- }
-
-diff --git a/arch/arm/kvm/interrupts.S b/arch/arm/kvm/interrupts.S
-index 0d68d40..a1467e7 100644
---- a/arch/arm/kvm/interrupts.S
-+++ b/arch/arm/kvm/interrupts.S
-@@ -159,13 +159,9 @@ __kvm_vcpu_return:
- @ Don't trap coprocessor accesses for host kernel
- set_hstr vmexit
- set_hdcr vmexit
-- set_hcptr vmexit, (HCPTR_TTA | HCPTR_TCP(10) | HCPTR_TCP(11))
-+ set_hcptr vmexit, (HCPTR_TTA | HCPTR_TCP(10) | HCPTR_TCP(11)), after_vfp_restore
-
- #ifdef CONFIG_VFPv3
-- @ Save floating point registers we if let guest use them.
-- tst r2, #(HCPTR_TCP(10) | HCPTR_TCP(11))
-- bne after_vfp_restore
--
- @ Switch VFP/NEON hardware state to the host's
- add r7, vcpu, #VCPU_VFP_GUEST
- store_vfp_state r7
-@@ -177,6 +173,8 @@ after_vfp_restore:
- @ Restore FPEXC_EN which we clobbered on entry
- pop {r2}
- VFPFMXR FPEXC, r2
-+#else
-+after_vfp_restore:
- #endif
-
- @ Reset Hyp-role
-@@ -467,7 +465,7 @@ switch_to_guest_vfp:
- push {r3-r7}
-
- @ NEON/VFP used. Turn on VFP access.
-- set_hcptr vmexit, (HCPTR_TCP(10) | HCPTR_TCP(11))
-+ set_hcptr vmtrap, (HCPTR_TCP(10) | HCPTR_TCP(11))
-
- @ Switch VFP/NEON hardware state to the guest's
- add r7, r0, #VCPU_VFP_HOST
-diff --git a/arch/arm/kvm/interrupts_head.S b/arch/arm/kvm/interrupts_head.S
-index 76af9302..2973b2d 100644
---- a/arch/arm/kvm/interrupts_head.S
-+++ b/arch/arm/kvm/interrupts_head.S
-@@ -578,8 +578,13 @@ vcpu .req r0 @ vcpu pointer always in r0
- .endm
-
- /* Configures the HCPTR (Hyp Coprocessor Trap Register) on entry/return
-- * (hardware reset value is 0). Keep previous value in r2. */
--.macro set_hcptr operation, mask
-+ * (hardware reset value is 0). Keep previous value in r2.
-+ * An ISB is emited on vmexit/vmtrap, but executed on vmexit only if
-+ * VFP wasn't already enabled (always executed on vmtrap).
-+ * If a label is specified with vmexit, it is branched to if VFP wasn't
-+ * enabled.
-+ */
-+.macro set_hcptr operation, mask, label = none
- mrc p15, 4, r2, c1, c1, 2
- ldr r3, =\mask
- .if \operation == vmentry
-@@ -588,6 +593,17 @@ vcpu .req r0 @ vcpu pointer always in r0
- bic r3, r2, r3 @ Don't trap defined coproc-accesses
- .endif
- mcr p15, 4, r3, c1, c1, 2
-+ .if \operation != vmentry
-+ .if \operation == vmexit
-+ tst r2, #(HCPTR_TCP(10) | HCPTR_TCP(11))
-+ beq 1f
-+ .endif
-+ isb
-+ .if \label != none
-+ b \label
-+ .endif
-+1:
-+ .endif
- .endm
-
- /* Configures the HDCR (Hyp Debug Configuration Register) on entry/return
-diff --git a/arch/arm/kvm/mmu.c b/arch/arm/kvm/mmu.c
-index 524b4b5..c612e37 100644
---- a/arch/arm/kvm/mmu.c
-+++ b/arch/arm/kvm/mmu.c
-@@ -194,7 +194,7 @@ static void unmap_range(struct kvm *kvm, pgd_t *pgdp,
- phys_addr_t addr = start, end = start + size;
- phys_addr_t next;
-
-- pgd = pgdp + pgd_index(addr);
-+ pgd = pgdp + kvm_pgd_index(addr);
- do {
- next = kvm_pgd_addr_end(addr, end);
- if (!pgd_none(*pgd))
-@@ -264,7 +264,7 @@ static void stage2_flush_memslot(struct kvm *kvm,
- phys_addr_t next;
- pgd_t *pgd;
-
-- pgd = kvm->arch.pgd + pgd_index(addr);
-+ pgd = kvm->arch.pgd + kvm_pgd_index(addr);
- do {
- next = kvm_pgd_addr_end(addr, end);
- stage2_flush_puds(kvm, pgd, addr, next);
-@@ -649,7 +649,7 @@ static pmd_t *stage2_get_pmd(struct kvm *kvm, struct kvm_mmu_memory_cache *cache
- pud_t *pud;
- pmd_t *pmd;
-
-- pgd = kvm->arch.pgd + pgd_index(addr);
-+ pgd = kvm->arch.pgd + kvm_pgd_index(addr);
- pud = pud_offset(pgd, addr);
- if (pud_none(*pud)) {
- if (!cache)
-diff --git a/arch/arm64/include/asm/kvm_emulate.h b/arch/arm64/include/asm/kvm_emulate.h
-index 681cb90..91f33c2 100644
---- a/arch/arm64/include/asm/kvm_emulate.h
-+++ b/arch/arm64/include/asm/kvm_emulate.h
-@@ -41,6 +41,8 @@ void kvm_inject_pabt(struct kvm_vcpu *vcpu, unsigned long addr);
- static inline void vcpu_reset_hcr(struct kvm_vcpu *vcpu)
- {
- vcpu->arch.hcr_el2 = HCR_GUEST_FLAGS;
-+ if (test_bit(KVM_ARM_VCPU_EL1_32BIT, vcpu->arch.features))
-+ vcpu->arch.hcr_el2 &= ~HCR_RW;
- }
-
- static inline unsigned long *vcpu_pc(const struct kvm_vcpu *vcpu)
-diff --git a/arch/arm64/include/asm/kvm_mmu.h b/arch/arm64/include/asm/kvm_mmu.h
-index 0d51874..15a8a86 100644
---- a/arch/arm64/include/asm/kvm_mmu.h
-+++ b/arch/arm64/include/asm/kvm_mmu.h
-@@ -69,6 +69,8 @@
- #define PTRS_PER_S2_PGD (1 << (KVM_PHYS_SHIFT - PGDIR_SHIFT))
- #define S2_PGD_ORDER get_order(PTRS_PER_S2_PGD * sizeof(pgd_t))
-
-+#define kvm_pgd_index(addr) (((addr) >> PGDIR_SHIFT) & (PTRS_PER_S2_PGD - 1))
-+
- int create_hyp_mappings(void *from, void *to);
- int create_hyp_io_mappings(void *from, void *to, phys_addr_t);
- void free_boot_hyp_pgd(void);
-diff --git a/arch/arm64/kvm/hyp.S b/arch/arm64/kvm/hyp.S
-index 5dfc8331..3aaf3bc 100644
---- a/arch/arm64/kvm/hyp.S
-+++ b/arch/arm64/kvm/hyp.S
-@@ -629,6 +629,7 @@ ENTRY(__kvm_tlb_flush_vmid_ipa)
- * Instead, we invalidate Stage-2 for this IPA, and the
- * whole of Stage-1. Weep...
- */
-+ lsr x1, x1, #12
- tlbi ipas2e1is, x1
- /*
- * We have to ensure completion of the invalidation at Stage-2,
-diff --git a/arch/arm64/kvm/reset.c b/arch/arm64/kvm/reset.c
-index 70a7816..0b43265 100644
---- a/arch/arm64/kvm/reset.c
-+++ b/arch/arm64/kvm/reset.c
-@@ -90,7 +90,6 @@ int kvm_reset_vcpu(struct kvm_vcpu *vcpu)
- if (!cpu_has_32bit_el1())
- return -EINVAL;
- cpu_reset = &default_regs_reset32;
-- vcpu->arch.hcr_el2 &= ~HCR_RW;
- } else {
- cpu_reset = &default_regs_reset;
- }
-diff --git a/arch/mips/include/asm/mach-generic/spaces.h b/arch/mips/include/asm/mach-generic/spaces.h
-index 9488fa5..afc96ec 100644
---- a/arch/mips/include/asm/mach-generic/spaces.h
-+++ b/arch/mips/include/asm/mach-generic/spaces.h
-@@ -94,7 +94,11 @@
- #endif
-
- #ifndef FIXADDR_TOP
-+#ifdef CONFIG_KVM_GUEST
-+#define FIXADDR_TOP ((unsigned long)(long)(int)0x7ffe0000)
-+#else
- #define FIXADDR_TOP ((unsigned long)(long)(int)0xfffe0000)
- #endif
-+#endif
-
- #endif /* __ASM_MACH_GENERIC_SPACES_H */
-diff --git a/arch/powerpc/perf/core-book3s.c b/arch/powerpc/perf/core-book3s.c
-index 38265dc..65dfbd0 100644
---- a/arch/powerpc/perf/core-book3s.c
-+++ b/arch/powerpc/perf/core-book3s.c
-@@ -124,7 +124,16 @@ static inline void power_pmu_bhrb_read(struct cpu_hw_events *cpuhw) {}
-
- static bool regs_use_siar(struct pt_regs *regs)
- {
-- return !!regs->result;
-+ /*
-+ * When we take a performance monitor exception the regs are setup
-+ * using perf_read_regs() which overloads some fields, in particular
-+ * regs->result to tell us whether to use SIAR.
-+ *
-+ * However if the regs are from another exception, eg. a syscall, then
-+ * they have not been setup using perf_read_regs() and so regs->result
-+ * is something random.
-+ */
-+ return ((TRAP(regs) == 0xf00) && regs->result);
- }
-
- /*
-diff --git a/arch/sparc/kernel/ldc.c b/arch/sparc/kernel/ldc.c
-index 27bb554..7ef2862 100644
---- a/arch/sparc/kernel/ldc.c
-+++ b/arch/sparc/kernel/ldc.c
-@@ -2307,7 +2307,7 @@ void *ldc_alloc_exp_dring(struct ldc_channel *lp, unsigned int len,
- if (len & (8UL - 1))
- return ERR_PTR(-EINVAL);
-
-- buf = kzalloc(len, GFP_KERNEL);
-+ buf = kzalloc(len, GFP_ATOMIC);
- if (!buf)
- return ERR_PTR(-ENOMEM);
-
-diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
-index 5dab54a..96e743a 100644
---- a/arch/x86/Kconfig
-+++ b/arch/x86/Kconfig
-@@ -2440,9 +2440,19 @@ config X86_DMA_REMAP
- depends on STA2X11
-
- config IOSF_MBI
-- tristate
-- default m
-+ tristate "Intel System On Chip IOSF Sideband support"
- depends on PCI
-+ ---help---
-+ Enables sideband access to mailbox registers on SoC's. The sideband is
-+ available on the following platforms. This list is not meant to be
-+ exclusive.
-+ - BayTrail
-+ - Cherryview
-+ - Braswell
-+ - Quark
-+
-+ You should say Y if you are running a kernel on one of these
-+ platforms.
-
- source "net/Kconfig"
-
-diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
-index e9dc029..ac03bd7 100644
---- a/arch/x86/include/asm/kvm_host.h
-+++ b/arch/x86/include/asm/kvm_host.h
-@@ -571,7 +571,7 @@ struct kvm_arch {
- struct kvm_pic *vpic;
- struct kvm_ioapic *vioapic;
- struct kvm_pit *vpit;
-- int vapics_in_nmi_mode;
-+ atomic_t vapics_in_nmi_mode;
- struct mutex apic_map_lock;
- struct kvm_apic_map *apic_map;
-
-diff --git a/arch/x86/kvm/i8254.c b/arch/x86/kvm/i8254.c
-index 298781d..1406ffd 100644
---- a/arch/x86/kvm/i8254.c
-+++ b/arch/x86/kvm/i8254.c
-@@ -305,7 +305,7 @@ static void pit_do_work(struct kthread_work *work)
- * LVT0 to NMI delivery. Other PIC interrupts are just sent to
- * VCPU0, and only if its LVT0 is in EXTINT mode.
- */
-- if (kvm->arch.vapics_in_nmi_mode > 0)
-+ if (atomic_read(&kvm->arch.vapics_in_nmi_mode) > 0)
- kvm_for_each_vcpu(i, vcpu, kvm)
- kvm_apic_nmi_wd_deliver(vcpu);
- }
-diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
-index 453e5fb..6456734 100644
---- a/arch/x86/kvm/lapic.c
-+++ b/arch/x86/kvm/lapic.c
-@@ -1109,10 +1109,10 @@ static void apic_manage_nmi_watchdog(struct kvm_lapic *apic, u32 lvt0_val)
- if (!nmi_wd_enabled) {
- apic_debug("Receive NMI setting on APIC_LVT0 "
- "for cpu %d\n", apic->vcpu->vcpu_id);
-- apic->vcpu->kvm->arch.vapics_in_nmi_mode++;
-+ atomic_inc(&apic->vcpu->kvm->arch.vapics_in_nmi_mode);
- }
- } else if (nmi_wd_enabled)
-- apic->vcpu->kvm->arch.vapics_in_nmi_mode--;
-+ atomic_dec(&apic->vcpu->kvm->arch.vapics_in_nmi_mode);
- }
-
- static int apic_reg_write(struct kvm_lapic *apic, u32 reg, u32 val)
-diff --git a/arch/x86/pci/acpi.c b/arch/x86/pci/acpi.c
-index 4f25ec0..bf00138 100644
---- a/arch/x86/pci/acpi.c
-+++ b/arch/x86/pci/acpi.c
-@@ -84,6 +84,17 @@ static const struct dmi_system_id pci_crs_quirks[] __initconst = {
- DMI_MATCH(DMI_BIOS_VENDOR, "Phoenix Technologies, LTD"),
- },
- },
-+ /* https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/931368 */
-+ /* https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1033299 */
-+ {
-+ .callback = set_use_crs,
-+ .ident = "Foxconn K8M890-8237A",
-+ .matches = {
-+ DMI_MATCH(DMI_BOARD_VENDOR, "Foxconn"),
-+ DMI_MATCH(DMI_BOARD_NAME, "K8M890-8237A"),
-+ DMI_MATCH(DMI_BIOS_VENDOR, "Phoenix Technologies, LTD"),
-+ },
-+ },
-
- /* Now for the blacklist.. */
-
-@@ -124,8 +135,10 @@ void __init pci_acpi_crs_quirks(void)
- {
- int year;
-
-- if (dmi_get_date(DMI_BIOS_DATE, &year, NULL, NULL) && year < 2008)
-- pci_use_crs = false;
-+ if (dmi_get_date(DMI_BIOS_DATE, &year, NULL, NULL) && year < 2008) {
-+ if (iomem_resource.end <= 0xffffffff)
-+ pci_use_crs = false;
-+ }
-
- dmi_check_system(pci_crs_quirks);
-
-diff --git a/drivers/cpufreq/intel_pstate.c b/drivers/cpufreq/intel_pstate.c
-index 533a509..fbc693b 100644
---- a/drivers/cpufreq/intel_pstate.c
-+++ b/drivers/cpufreq/intel_pstate.c
-@@ -417,7 +417,7 @@ static void byt_set_pstate(struct cpudata *cpudata, int pstate)
-
- val |= vid;
-
-- wrmsrl(MSR_IA32_PERF_CTL, val);
-+ wrmsrl_on_cpu(cpudata->cpu, MSR_IA32_PERF_CTL, val);
- }
-
- #define BYT_BCLK_FREQS 5
-diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
-index 5967667..1f35487 100644
---- a/drivers/crypto/talitos.c
-+++ b/drivers/crypto/talitos.c
-@@ -927,7 +927,8 @@ static int sg_to_link_tbl(struct scatterlist *sg, int sg_count,
- sg_count--;
- link_tbl_ptr--;
- }
-- be16_add_cpu(&link_tbl_ptr->len, cryptlen);
-+ link_tbl_ptr->len = cpu_to_be16(be16_to_cpu(link_tbl_ptr->len)
-+ + cryptlen);
-
- /* tag end of link table */
- link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN;
-@@ -2563,6 +2564,7 @@ static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev,
- break;
- default:
- dev_err(dev, "unknown algorithm type %d\n", t_alg->algt.type);
-+ kfree(t_alg);
- return ERR_PTR(-EINVAL);
- }
-
-diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
-index 9cbef59..9359740 100644
---- a/drivers/iommu/amd_iommu.c
-+++ b/drivers/iommu/amd_iommu.c
-@@ -1922,9 +1922,15 @@ static void free_pt_##LVL (unsigned long __pt) \
- pt = (u64 *)__pt; \
- \
- for (i = 0; i < 512; ++i) { \
-+ /* PTE present? */ \
- if (!IOMMU_PTE_PRESENT(pt[i])) \
- continue; \
- \
-+ /* Large PTE? */ \
-+ if (PM_PTE_LEVEL(pt[i]) == 0 || \
-+ PM_PTE_LEVEL(pt[i]) == 7) \
-+ continue; \
-+ \
- p = (unsigned long)IOMMU_PTE_PAGE(pt[i]); \
- FN(p); \
- } \
-diff --git a/drivers/net/phy/phy_device.c b/drivers/net/phy/phy_device.c
-index 25f7419..62c3fb9 100644
---- a/drivers/net/phy/phy_device.c
-+++ b/drivers/net/phy/phy_device.c
-@@ -765,10 +765,11 @@ static int genphy_config_advert(struct phy_device *phydev)
- if (phydev->supported & (SUPPORTED_1000baseT_Half |
- SUPPORTED_1000baseT_Full)) {
- adv |= ethtool_adv_to_mii_ctrl1000_t(advertise);
-- if (adv != oldadv)
-- changed = 1;
- }
-
-+ if (adv != oldadv)
-+ changed = 1;
-+
- err = phy_write(phydev, MII_CTRL1000, adv);
- if (err < 0)
- return err;
-diff --git a/fs/dcache.c b/fs/dcache.c
-index 1d7e8a3..aa24f7d 100644
---- a/fs/dcache.c
-+++ b/fs/dcache.c
-@@ -2905,17 +2905,6 @@ restart:
- vfsmnt = &mnt->mnt;
- continue;
- }
-- /*
-- * Filesystems needing to implement special "root names"
-- * should do so with ->d_dname()
-- */
-- if (IS_ROOT(dentry) &&
-- (dentry->d_name.len != 1 ||
-- dentry->d_name.name[0] != '/')) {
-- WARN(1, "Root dentry has weird name <%.*s>\n",
-- (int) dentry->d_name.len,
-- dentry->d_name.name);
-- }
- if (!error)
- error = is_mounted(vfsmnt) ? 1 : 2;
- break;
-diff --git a/fs/inode.c b/fs/inode.c
-index e846a32..644875b 100644
---- a/fs/inode.c
-+++ b/fs/inode.c
-@@ -1631,8 +1631,8 @@ int file_remove_suid(struct file *file)
- error = security_inode_killpriv(dentry);
- if (!error && killsuid)
- error = __remove_suid(dentry, killsuid);
-- if (!error && (inode->i_sb->s_flags & MS_NOSEC))
-- inode->i_flags |= S_NOSEC;
-+ if (!error)
-+ inode_has_no_xattr(inode);
-
- return error;
- }
-diff --git a/fs/namespace.c b/fs/namespace.c
-index 2faa7ea..fc99d18 100644
---- a/fs/namespace.c
-+++ b/fs/namespace.c
-@@ -3031,11 +3031,15 @@ bool fs_fully_visible(struct file_system_type *type)
- if (mnt->mnt.mnt_root != mnt->mnt.mnt_sb->s_root)
- continue;
-
-- /* This mount is not fully visible if there are any child mounts
-- * that cover anything except for empty directories.
-+ /* This mount is not fully visible if there are any
-+ * locked child mounts that cover anything except for
-+ * empty directories.
- */
- list_for_each_entry(child, &mnt->mnt_mounts, mnt_child) {
- struct inode *inode = child->mnt_mountpoint->d_inode;
-+ /* Only worry about locked mounts */
-+ if (!(mnt->mnt.mnt_flags & MNT_LOCKED))
-+ continue;
- if (!S_ISDIR(inode->i_mode))
- goto next;
- if (inode->i_nlink > 2)
-diff --git a/include/kvm/arm_arch_timer.h b/include/kvm/arm_arch_timer.h
-index 6d9aedd..327b155 100644
---- a/include/kvm/arm_arch_timer.h
-+++ b/include/kvm/arm_arch_timer.h
-@@ -60,7 +60,8 @@ struct arch_timer_cpu {
-
- #ifdef CONFIG_KVM_ARM_TIMER
- int kvm_timer_hyp_init(void);
--int kvm_timer_init(struct kvm *kvm);
-+void kvm_timer_enable(struct kvm *kvm);
-+void kvm_timer_init(struct kvm *kvm);
- void kvm_timer_vcpu_reset(struct kvm_vcpu *vcpu,
- const struct kvm_irq_level *irq);
- void kvm_timer_vcpu_init(struct kvm_vcpu *vcpu);
-@@ -73,11 +74,8 @@ static inline int kvm_timer_hyp_init(void)
- return 0;
- };
-
--static inline int kvm_timer_init(struct kvm *kvm)
--{
-- return 0;
--}
--
-+static inline void kvm_timer_enable(struct kvm *kvm) {}
-+static inline void kvm_timer_init(struct kvm *kvm) {}
- static inline void kvm_timer_vcpu_reset(struct kvm_vcpu *vcpu,
- const struct kvm_irq_level *irq) {}
- static inline void kvm_timer_vcpu_init(struct kvm_vcpu *vcpu) {}
-diff --git a/include/net/netns/sctp.h b/include/net/netns/sctp.h
-index 3573a81..8ba379f 100644
---- a/include/net/netns/sctp.h
-+++ b/include/net/netns/sctp.h
-@@ -31,6 +31,7 @@ struct netns_sctp {
- struct list_head addr_waitq;
- struct timer_list addr_wq_timer;
- struct list_head auto_asconf_splist;
-+ /* Lock that protects both addr_waitq and auto_asconf_splist */
- spinlock_t addr_wq_lock;
-
- /* Lock that protects the local_addr_list writers */
-diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h
-index 0dfcc92..2c2d388 100644
---- a/include/net/sctp/structs.h
-+++ b/include/net/sctp/structs.h
-@@ -219,6 +219,10 @@ struct sctp_sock {
- atomic_t pd_mode;
- /* Receive to here while partial delivery is in effect. */
- struct sk_buff_head pd_lobby;
-+
-+ /* These must be the last fields, as they will skipped on copies,
-+ * like on accept and peeloff operations
-+ */
- struct list_head auto_asconf_list;
- int do_auto_asconf;
- };
-diff --git a/net/bridge/br_ioctl.c b/net/bridge/br_ioctl.c
-index a9a4a1b..8d423bc 100644
---- a/net/bridge/br_ioctl.c
-+++ b/net/bridge/br_ioctl.c
-@@ -247,9 +247,7 @@ static int old_dev_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
- if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN))
- return -EPERM;
-
-- spin_lock_bh(&br->lock);
- br_stp_set_bridge_priority(br, args[1]);
-- spin_unlock_bh(&br->lock);
- return 0;
-
- case BRCTL_SET_PORT_PRIORITY:
-diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c
-index 11a2e6c..7bbc8fe 100644
---- a/net/bridge/br_multicast.c
-+++ b/net/bridge/br_multicast.c
-@@ -1086,6 +1086,9 @@ static void br_multicast_add_router(struct net_bridge *br,
- struct net_bridge_port *p;
- struct hlist_node *slot = NULL;
-
-+ if (!hlist_unhashed(&port->rlist))
-+ return;
-+
- hlist_for_each_entry(p, &br->router_list, rlist) {
- if ((unsigned long) port >= (unsigned long) p)
- break;
-@@ -1113,12 +1116,8 @@ static void br_multicast_mark_router(struct net_bridge *br,
- if (port->multicast_router != 1)
- return;
-
-- if (!hlist_unhashed(&port->rlist))
-- goto timer;
--
- br_multicast_add_router(br, port);
-
--timer:
- mod_timer(&port->multicast_router_timer,
- now + br->multicast_querier_interval);
- }
-diff --git a/net/bridge/br_stp_if.c b/net/bridge/br_stp_if.c
-index 189ba1e..9a0005a 100644
---- a/net/bridge/br_stp_if.c
-+++ b/net/bridge/br_stp_if.c
-@@ -243,12 +243,13 @@ bool br_stp_recalculate_bridge_id(struct net_bridge *br)
- return true;
- }
-
--/* called under bridge lock */
-+/* Acquires and releases bridge lock */
- void br_stp_set_bridge_priority(struct net_bridge *br, u16 newprio)
- {
- struct net_bridge_port *p;
- int wasroot;
-
-+ spin_lock_bh(&br->lock);
- wasroot = br_is_root_bridge(br);
-
- list_for_each_entry(p, &br->port_list, list) {
-@@ -266,6 +267,7 @@ void br_stp_set_bridge_priority(struct net_bridge *br, u16 newprio)
- br_port_state_selection(br);
- if (br_is_root_bridge(br) && !wasroot)
- br_become_root_bridge(br);
-+ spin_unlock_bh(&br->lock);
- }
-
- /* called under bridge lock */
-diff --git a/net/core/neighbour.c b/net/core/neighbour.c
-index 7d95f69..0f062c6 100644
---- a/net/core/neighbour.c
-+++ b/net/core/neighbour.c
-@@ -976,6 +976,8 @@ int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb)
- rc = 0;
- if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE))
- goto out_unlock_bh;
-+ if (neigh->dead)
-+ goto out_dead;
-
- if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) {
- if (NEIGH_VAR(neigh->parms, MCAST_PROBES) +
-@@ -1032,6 +1034,13 @@ out_unlock_bh:
- write_unlock(&neigh->lock);
- local_bh_enable();
- return rc;
-+
-+out_dead:
-+ if (neigh->nud_state & NUD_STALE)
-+ goto out_unlock_bh;
-+ write_unlock_bh(&neigh->lock);
-+ kfree_skb(skb);
-+ return 1;
- }
- EXPORT_SYMBOL(__neigh_event_send);
-
-@@ -1095,6 +1104,8 @@ int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new,
- if (!(flags & NEIGH_UPDATE_F_ADMIN) &&
- (old & (NUD_NOARP | NUD_PERMANENT)))
- goto out;
-+ if (neigh->dead)
-+ goto out;
-
- if (!(new & NUD_VALID)) {
- neigh_del_timer(neigh);
-@@ -1244,6 +1255,8 @@ EXPORT_SYMBOL(neigh_update);
- */
- void __neigh_set_probe_once(struct neighbour *neigh)
- {
-+ if (neigh->dead)
-+ return;
- neigh->updated = jiffies;
- if (!(neigh->nud_state & NUD_FAILED))
- return;
-diff --git a/net/core/skbuff.c b/net/core/skbuff.c
-index 69ec61a..8207f8d 100644
---- a/net/core/skbuff.c
-+++ b/net/core/skbuff.c
-@@ -368,9 +368,11 @@ refill:
- for (order = NETDEV_FRAG_PAGE_MAX_ORDER; ;) {
- gfp_t gfp = gfp_mask;
-
-- if (order)
-+ if (order) {
- gfp |= __GFP_COMP | __GFP_NOWARN |
- __GFP_NOMEMALLOC;
-+ gfp &= ~__GFP_WAIT;
-+ }
- nc->frag.page = alloc_pages(gfp, order);
- if (likely(nc->frag.page))
- break;
-diff --git a/net/core/sock.c b/net/core/sock.c
-index 650dd58..8ebfa52 100644
---- a/net/core/sock.c
-+++ b/net/core/sock.c
-@@ -1914,8 +1914,10 @@ bool skb_page_frag_refill(unsigned int sz, struct page_frag *pfrag, gfp_t prio)
- do {
- gfp_t gfp = prio;
-
-- if (order)
-+ if (order) {
- gfp |= __GFP_COMP | __GFP_NOWARN | __GFP_NORETRY;
-+ gfp &= ~__GFP_WAIT;
-+ }
- pfrag->page = alloc_pages(gfp, order);
- if (likely(pfrag->page)) {
- pfrag->offset = 0;
-diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
-index 07bd8ed..951fe55 100644
---- a/net/ipv4/af_inet.c
-+++ b/net/ipv4/af_inet.c
-@@ -228,6 +228,8 @@ int inet_listen(struct socket *sock, int backlog)
- err = 0;
- if (err)
- goto out;
-+
-+ tcp_fastopen_init_key_once(true);
- }
- err = inet_csk_listen_start(sk, backlog);
- if (err)
-diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
-index 29d240b..dc45221 100644
---- a/net/ipv4/tcp.c
-+++ b/net/ipv4/tcp.c
-@@ -2684,10 +2684,13 @@ static int do_tcp_setsockopt(struct sock *sk, int level,
-
- case TCP_FASTOPEN:
- if (val >= 0 && ((1 << sk->sk_state) & (TCPF_CLOSE |
-- TCPF_LISTEN)))
-+ TCPF_LISTEN))) {
-+ tcp_fastopen_init_key_once(true);
-+
- err = fastopen_init_queue(sk, val);
-- else
-+ } else {
- err = -EINVAL;
-+ }
- break;
- case TCP_TIMESTAMP:
- if (!tp->repair)
-diff --git a/net/ipv4/tcp_fastopen.c b/net/ipv4/tcp_fastopen.c
-index f195d93..ee6518d 100644
---- a/net/ipv4/tcp_fastopen.c
-+++ b/net/ipv4/tcp_fastopen.c
-@@ -84,8 +84,6 @@ void tcp_fastopen_cookie_gen(__be32 src, __be32 dst,
- __be32 path[4] = { src, dst, 0, 0 };
- struct tcp_fastopen_context *ctx;
-
-- tcp_fastopen_init_key_once(true);
--
- rcu_read_lock();
- ctx = rcu_dereference(tcp_fastopen_ctx);
- if (ctx) {
-diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
-index 48b1817..84a60b8 100644
---- a/net/packet/af_packet.c
-+++ b/net/packet/af_packet.c
-@@ -1264,16 +1264,6 @@ static void packet_sock_destruct(struct sock *sk)
- sk_refcnt_debug_dec(sk);
- }
-
--static int fanout_rr_next(struct packet_fanout *f, unsigned int num)
--{
-- int x = atomic_read(&f->rr_cur) + 1;
--
-- if (x >= num)
-- x = 0;
--
-- return x;
--}
--
- static unsigned int fanout_demux_hash(struct packet_fanout *f,
- struct sk_buff *skb,
- unsigned int num)
-@@ -1285,13 +1275,9 @@ static unsigned int fanout_demux_lb(struct packet_fanout *f,
- struct sk_buff *skb,
- unsigned int num)
- {
-- int cur, old;
-+ unsigned int val = atomic_inc_return(&f->rr_cur);
-
-- cur = atomic_read(&f->rr_cur);
-- while ((old = atomic_cmpxchg(&f->rr_cur, cur,
-- fanout_rr_next(f, num))) != cur)
-- cur = old;
-- return cur;
-+ return val % num;
- }
-
- static unsigned int fanout_demux_cpu(struct packet_fanout *f,
-@@ -1345,7 +1331,7 @@ static int packet_rcv_fanout(struct sk_buff *skb, struct net_device *dev,
- struct packet_type *pt, struct net_device *orig_dev)
- {
- struct packet_fanout *f = pt->af_packet_priv;
-- unsigned int num = f->num_members;
-+ unsigned int num = ACCESS_ONCE(f->num_members);
- struct packet_sock *po;
- unsigned int idx;
-
-diff --git a/net/sctp/output.c b/net/sctp/output.c
-index 740ca5f..e39e6d5 100644
---- a/net/sctp/output.c
-+++ b/net/sctp/output.c
-@@ -599,7 +599,9 @@ out:
- return err;
- no_route:
- kfree_skb(nskb);
-- IP_INC_STATS(sock_net(asoc->base.sk), IPSTATS_MIB_OUTNOROUTES);
-+
-+ if (asoc)
-+ IP_INC_STATS(sock_net(asoc->base.sk), IPSTATS_MIB_OUTNOROUTES);
-
- /* FIXME: Returning the 'err' will effect all the associations
- * associated with a socket, although only one of the paths of the
-diff --git a/net/sctp/socket.c b/net/sctp/socket.c
-index 604a6ac..f940fdc 100644
---- a/net/sctp/socket.c
-+++ b/net/sctp/socket.c
-@@ -1532,8 +1532,10 @@ static void sctp_close(struct sock *sk, long timeout)
-
- /* Supposedly, no process has access to the socket, but
- * the net layers still may.
-+ * Also, sctp_destroy_sock() needs to be called with addr_wq_lock
-+ * held and that should be grabbed before socket lock.
- */
-- local_bh_disable();
-+ spin_lock_bh(&net->sctp.addr_wq_lock);
- bh_lock_sock(sk);
-
- /* Hold the sock, since sk_common_release() will put sock_put()
-@@ -1543,7 +1545,7 @@ static void sctp_close(struct sock *sk, long timeout)
- sk_common_release(sk);
-
- bh_unlock_sock(sk);
-- local_bh_enable();
-+ spin_unlock_bh(&net->sctp.addr_wq_lock);
-
- sock_put(sk);
-
-@@ -3511,6 +3513,7 @@ static int sctp_setsockopt_auto_asconf(struct sock *sk, char __user *optval,
- if ((val && sp->do_auto_asconf) || (!val && !sp->do_auto_asconf))
- return 0;
-
-+ spin_lock_bh(&sock_net(sk)->sctp.addr_wq_lock);
- if (val == 0 && sp->do_auto_asconf) {
- list_del(&sp->auto_asconf_list);
- sp->do_auto_asconf = 0;
-@@ -3519,6 +3522,7 @@ static int sctp_setsockopt_auto_asconf(struct sock *sk, char __user *optval,
- &sock_net(sk)->sctp.auto_asconf_splist);
- sp->do_auto_asconf = 1;
- }
-+ spin_unlock_bh(&sock_net(sk)->sctp.addr_wq_lock);
- return 0;
- }
-
-@@ -4009,18 +4013,28 @@ static int sctp_init_sock(struct sock *sk)
- local_bh_disable();
- percpu_counter_inc(&sctp_sockets_allocated);
- sock_prot_inuse_add(net, sk->sk_prot, 1);
-+
-+ /* Nothing can fail after this block, otherwise
-+ * sctp_destroy_sock() will be called without addr_wq_lock held
-+ */
- if (net->sctp.default_auto_asconf) {
-+ spin_lock(&sock_net(sk)->sctp.addr_wq_lock);
- list_add_tail(&sp->auto_asconf_list,
- &net->sctp.auto_asconf_splist);
- sp->do_auto_asconf = 1;
-- } else
-+ spin_unlock(&sock_net(sk)->sctp.addr_wq_lock);
-+ } else {
- sp->do_auto_asconf = 0;
-+ }
-+
- local_bh_enable();
-
- return 0;
- }
-
--/* Cleanup any SCTP per socket resources. */
-+/* Cleanup any SCTP per socket resources. Must be called with
-+ * sock_net(sk)->sctp.addr_wq_lock held if sp->do_auto_asconf is true
-+ */
- static void sctp_destroy_sock(struct sock *sk)
- {
- struct sctp_sock *sp;
-@@ -6973,6 +6987,19 @@ void sctp_copy_sock(struct sock *newsk, struct sock *sk,
- newinet->mc_list = NULL;
- }
-
-+static inline void sctp_copy_descendant(struct sock *sk_to,
-+ const struct sock *sk_from)
-+{
-+ int ancestor_size = sizeof(struct inet_sock) +
-+ sizeof(struct sctp_sock) -
-+ offsetof(struct sctp_sock, auto_asconf_list);
-+
-+ if (sk_from->sk_family == PF_INET6)
-+ ancestor_size += sizeof(struct ipv6_pinfo);
-+
-+ __inet_sk_copy_descendant(sk_to, sk_from, ancestor_size);
-+}
-+
- /* Populate the fields of the newsk from the oldsk and migrate the assoc
- * and its messages to the newsk.
- */
-@@ -6987,7 +7014,6 @@ static void sctp_sock_migrate(struct sock *oldsk, struct sock *newsk,
- struct sk_buff *skb, *tmp;
- struct sctp_ulpevent *event;
- struct sctp_bind_hashbucket *head;
-- struct list_head tmplist;
-
- /* Migrate socket buffer sizes and all the socket level options to the
- * new socket.
-@@ -6995,12 +7021,7 @@ static void sctp_sock_migrate(struct sock *oldsk, struct sock *newsk,
- newsk->sk_sndbuf = oldsk->sk_sndbuf;
- newsk->sk_rcvbuf = oldsk->sk_rcvbuf;
- /* Brute force copy old sctp opt. */
-- if (oldsp->do_auto_asconf) {
-- memcpy(&tmplist, &newsp->auto_asconf_list, sizeof(tmplist));
-- inet_sk_copy_descendant(newsk, oldsk);
-- memcpy(&newsp->auto_asconf_list, &tmplist, sizeof(tmplist));
-- } else
-- inet_sk_copy_descendant(newsk, oldsk);
-+ sctp_copy_descendant(newsk, oldsk);
-
- /* Restore the ep value that was overwritten with the above structure
- * copy.
-diff --git a/virt/kvm/arm/arch_timer.c b/virt/kvm/arm/arch_timer.c
-index 5081e80..c6fe405 100644
---- a/virt/kvm/arm/arch_timer.c
-+++ b/virt/kvm/arm/arch_timer.c
-@@ -61,12 +61,14 @@ static void timer_disarm(struct arch_timer_cpu *timer)
-
- static void kvm_timer_inject_irq(struct kvm_vcpu *vcpu)
- {
-+ int ret;
- struct arch_timer_cpu *timer = &vcpu->arch.timer_cpu;
-
- timer->cntv_ctl |= ARCH_TIMER_CTRL_IT_MASK;
-- kvm_vgic_inject_irq(vcpu->kvm, vcpu->vcpu_id,
-- timer->irq->irq,
-- timer->irq->level);
-+ ret = kvm_vgic_inject_irq(vcpu->kvm, vcpu->vcpu_id,
-+ timer->irq->irq,
-+ timer->irq->level);
-+ WARN_ON(ret);
- }
-
- static irqreturn_t kvm_arch_timer_handler(int irq, void *dev_id)
-@@ -307,12 +309,24 @@ void kvm_timer_vcpu_terminate(struct kvm_vcpu *vcpu)
- timer_disarm(timer);
- }
-
--int kvm_timer_init(struct kvm *kvm)
-+void kvm_timer_enable(struct kvm *kvm)
- {
-- if (timecounter && wqueue) {
-- kvm->arch.timer.cntvoff = kvm_phys_timer_read();
-+ if (kvm->arch.timer.enabled)
-+ return;
-+
-+ /*
-+ * There is a potential race here between VCPUs starting for the first
-+ * time, which may be enabling the timer multiple times. That doesn't
-+ * hurt though, because we're just setting a variable to the same
-+ * variable that it already was. The important thing is that all
-+ * VCPUs have the enabled variable set, before entering the guest, if
-+ * the arch timers are enabled.
-+ */
-+ if (timecounter && wqueue)
- kvm->arch.timer.enabled = 1;
-- }
-+}
-
-- return 0;
-+void kvm_timer_init(struct kvm *kvm)
-+{
-+ kvm->arch.timer.cntvoff = kvm_phys_timer_read();
- }
-diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
-index c324a52..152ec76 100644
---- a/virt/kvm/arm/vgic.c
-+++ b/virt/kvm/arm/vgic.c
-@@ -1042,6 +1042,7 @@ static bool vgic_queue_irq(struct kvm_vcpu *vcpu, u8 sgi_source_id, int irq)
- lr, irq, vgic_cpu->vgic_lr[lr]);
- BUG_ON(!test_bit(lr, vgic_cpu->lr_used));
- vgic_cpu->vgic_lr[lr] |= GICH_LR_PENDING_BIT;
-+ __clear_bit(lr, (unsigned long *)vgic_cpu->vgic_elrsr);
- return true;
- }
-
-@@ -1055,6 +1056,7 @@ static bool vgic_queue_irq(struct kvm_vcpu *vcpu, u8 sgi_source_id, int irq)
- vgic_cpu->vgic_lr[lr] = MK_LR_PEND(sgi_source_id, irq);
- vgic_cpu->vgic_irq_lr_map[irq] = lr;
- set_bit(lr, vgic_cpu->lr_used);
-+ __clear_bit(lr, (unsigned long *)vgic_cpu->vgic_elrsr);
-
- if (!vgic_irq_is_edge(vcpu, irq))
- vgic_cpu->vgic_lr[lr] |= GICH_LR_EOI;
-@@ -1209,6 +1211,14 @@ static bool vgic_process_maintenance(struct kvm_vcpu *vcpu)
- if (vgic_cpu->vgic_misr & GICH_MISR_U)
- vgic_cpu->vgic_hcr &= ~GICH_HCR_UIE;
-
-+ /*
-+ * In the next iterations of the vcpu loop, if we sync the vgic state
-+ * after flushing it, but before entering the guest (this happens for
-+ * pending signals and vmid rollovers), then make sure we don't pick
-+ * up any old maintenance interrupts here.
-+ */
-+ memset(vgic_cpu->vgic_eisr, 0, sizeof(vgic_cpu->vgic_eisr[0]) * 2);
-+
- return level_pending;
- }
-