Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Mike Pagano <mpagano@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/linux-patches:4.4 commit in: /
Date: Tue, 05 Dec 2017 11:39:50
Message-Id: 1512473979.b9b0a047e12066039346071e8ee8efa10ce0984c.mpagano@gentoo
1 commit: b9b0a047e12066039346071e8ee8efa10ce0984c
2 Author: Mike Pagano <mpagano <AT> gentoo <DOT> org>
3 AuthorDate: Tue Dec 5 11:39:39 2017 +0000
4 Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org>
5 CommitDate: Tue Dec 5 11:39:39 2017 +0000
6 URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=b9b0a047
7
8 Linux patch 4.4.104
9
10 0000_README | 4 +
11 1103_linux-4.4.104.patch | 1469 ++++++++++++++++++++++++++++++++++++++++++++++
12 2 files changed, 1473 insertions(+)
13
14 diff --git a/0000_README b/0000_README
15 index 21ecaf0..a31f5b0 100644
16 --- a/0000_README
17 +++ b/0000_README
18 @@ -455,6 +455,10 @@ Patch: 1102_linux-4.4.103.patch
19 From: http://www.kernel.org
20 Desc: Linux 4.4.103
21
22 +Patch: 1103_linux-4.4.104.patch
23 +From: http://www.kernel.org
24 +Desc: Linux 4.4.104
25 +
26 Patch: 1500_XATTR_USER_PREFIX.patch
27 From: https://bugs.gentoo.org/show_bug.cgi?id=470644
28 Desc: Support for namespace user.pax.* on tmpfs.
29
30 diff --git a/1103_linux-4.4.104.patch b/1103_linux-4.4.104.patch
31 new file mode 100644
32 index 0000000..49bb49f
33 --- /dev/null
34 +++ b/1103_linux-4.4.104.patch
35 @@ -0,0 +1,1469 @@
36 +diff --git a/Makefile b/Makefile
37 +index f5a51cd7ca49..55500e023f61 100644
38 +--- a/Makefile
39 ++++ b/Makefile
40 +@@ -1,6 +1,6 @@
41 + VERSION = 4
42 + PATCHLEVEL = 4
43 +-SUBLEVEL = 103
44 ++SUBLEVEL = 104
45 + EXTRAVERSION =
46 + NAME = Blurry Fish Butt
47 +
48 +diff --git a/arch/arm/boot/dts/logicpd-torpedo-37xx-devkit.dts b/arch/arm/boot/dts/logicpd-torpedo-37xx-devkit.dts
49 +index 5b0430041ec6..fec92cd36ae3 100644
50 +--- a/arch/arm/boot/dts/logicpd-torpedo-37xx-devkit.dts
51 ++++ b/arch/arm/boot/dts/logicpd-torpedo-37xx-devkit.dts
52 +@@ -88,7 +88,7 @@
53 + interrupts-extended = <&intc 83 &omap3_pmx_core 0x11a>;
54 + pinctrl-names = "default";
55 + pinctrl-0 = <&mmc1_pins &mmc1_cd>;
56 +- cd-gpios = <&gpio4 31 IRQ_TYPE_LEVEL_LOW>; /* gpio127 */
57 ++ cd-gpios = <&gpio4 31 GPIO_ACTIVE_LOW>; /* gpio127 */
58 + vmmc-supply = <&vmmc1>;
59 + bus-width = <4>;
60 + cap-power-off-card;
61 +diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
62 +index 0010c78c4998..8fd9e637629a 100644
63 +--- a/arch/x86/include/asm/efi.h
64 ++++ b/arch/x86/include/asm/efi.h
65 +@@ -3,6 +3,7 @@
66 +
67 + #include <asm/fpu/api.h>
68 + #include <asm/pgtable.h>
69 ++#include <asm/tlb.h>
70 +
71 + /*
72 + * We map the EFI regions needed for runtime services non-contiguously,
73 +@@ -64,6 +65,17 @@ extern u64 asmlinkage efi_call(void *fp, ...);
74 +
75 + #define efi_call_phys(f, args...) efi_call((f), args)
76 +
77 ++/*
78 ++ * Scratch space used for switching the pagetable in the EFI stub
79 ++ */
80 ++struct efi_scratch {
81 ++ u64 r15;
82 ++ u64 prev_cr3;
83 ++ pgd_t *efi_pgt;
84 ++ bool use_pgd;
85 ++ u64 phys_stack;
86 ++} __packed;
87 ++
88 + #define efi_call_virt(f, ...) \
89 + ({ \
90 + efi_status_t __s; \
91 +@@ -71,7 +83,20 @@ extern u64 asmlinkage efi_call(void *fp, ...);
92 + efi_sync_low_kernel_mappings(); \
93 + preempt_disable(); \
94 + __kernel_fpu_begin(); \
95 ++ \
96 ++ if (efi_scratch.use_pgd) { \
97 ++ efi_scratch.prev_cr3 = read_cr3(); \
98 ++ write_cr3((unsigned long)efi_scratch.efi_pgt); \
99 ++ __flush_tlb_all(); \
100 ++ } \
101 ++ \
102 + __s = efi_call((void *)efi.systab->runtime->f, __VA_ARGS__); \
103 ++ \
104 ++ if (efi_scratch.use_pgd) { \
105 ++ write_cr3(efi_scratch.prev_cr3); \
106 ++ __flush_tlb_all(); \
107 ++ } \
108 ++ \
109 + __kernel_fpu_end(); \
110 + preempt_enable(); \
111 + __s; \
112 +@@ -111,6 +136,7 @@ extern void __init efi_memory_uc(u64 addr, unsigned long size);
113 + extern void __init efi_map_region(efi_memory_desc_t *md);
114 + extern void __init efi_map_region_fixed(efi_memory_desc_t *md);
115 + extern void efi_sync_low_kernel_mappings(void);
116 ++extern int __init efi_alloc_page_tables(void);
117 + extern int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages);
118 + extern void __init efi_cleanup_page_tables(unsigned long pa_memmap, unsigned num_pages);
119 + extern void __init old_map_region(efi_memory_desc_t *md);
120 +diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
121 +index 4e1b254c3695..4b1152e57340 100644
122 +--- a/arch/x86/kvm/svm.c
123 ++++ b/arch/x86/kvm/svm.c
124 +@@ -1696,6 +1696,8 @@ static int ud_interception(struct vcpu_svm *svm)
125 + int er;
126 +
127 + er = emulate_instruction(&svm->vcpu, EMULTYPE_TRAP_UD);
128 ++ if (er == EMULATE_USER_EXIT)
129 ++ return 0;
130 + if (er != EMULATE_DONE)
131 + kvm_queue_exception(&svm->vcpu, UD_VECTOR);
132 + return 1;
133 +diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
134 +index 67ba0d8f87c7..253a8c8207bb 100644
135 +--- a/arch/x86/kvm/vmx.c
136 ++++ b/arch/x86/kvm/vmx.c
137 +@@ -5267,6 +5267,8 @@ static int handle_exception(struct kvm_vcpu *vcpu)
138 + return 1;
139 + }
140 + er = emulate_instruction(vcpu, EMULTYPE_TRAP_UD);
141 ++ if (er == EMULATE_USER_EXIT)
142 ++ return 0;
143 + if (er != EMULATE_DONE)
144 + kvm_queue_exception(vcpu, UD_VECTOR);
145 + return 1;
146 +diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
147 +index 3ffd5900da5b..df81717a92f3 100644
148 +--- a/arch/x86/kvm/x86.c
149 ++++ b/arch/x86/kvm/x86.c
150 +@@ -1812,6 +1812,9 @@ static int kvm_guest_time_update(struct kvm_vcpu *v)
151 + */
152 + BUILD_BUG_ON(offsetof(struct pvclock_vcpu_time_info, version) != 0);
153 +
154 ++ if (guest_hv_clock.version & 1)
155 ++ ++guest_hv_clock.version; /* first time write, random junk */
156 ++
157 + vcpu->hv_clock.version = guest_hv_clock.version + 1;
158 + kvm_write_guest_cached(v->kvm, &vcpu->pv_time,
159 + &vcpu->hv_clock,
160 +@@ -5426,6 +5429,8 @@ int x86_emulate_instruction(struct kvm_vcpu *vcpu,
161 + if (reexecute_instruction(vcpu, cr2, write_fault_to_spt,
162 + emulation_type))
163 + return EMULATE_DONE;
164 ++ if (ctxt->have_exception && inject_emulated_exception(vcpu))
165 ++ return EMULATE_DONE;
166 + if (emulation_type & EMULTYPE_SKIP)
167 + return EMULATE_FAIL;
168 + return handle_emulation_failure(vcpu);
169 +diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c
170 +index b599a780a5a9..a0fe62e3f4a3 100644
171 +--- a/arch/x86/mm/pageattr.c
172 ++++ b/arch/x86/mm/pageattr.c
173 +@@ -911,15 +911,10 @@ static void populate_pte(struct cpa_data *cpa,
174 + pte = pte_offset_kernel(pmd, start);
175 +
176 + while (num_pages-- && start < end) {
177 +-
178 +- /* deal with the NX bit */
179 +- if (!(pgprot_val(pgprot) & _PAGE_NX))
180 +- cpa->pfn &= ~_PAGE_NX;
181 +-
182 +- set_pte(pte, pfn_pte(cpa->pfn >> PAGE_SHIFT, pgprot));
183 ++ set_pte(pte, pfn_pte(cpa->pfn, pgprot));
184 +
185 + start += PAGE_SIZE;
186 +- cpa->pfn += PAGE_SIZE;
187 ++ cpa->pfn++;
188 + pte++;
189 + }
190 + }
191 +@@ -975,11 +970,11 @@ static int populate_pmd(struct cpa_data *cpa,
192 +
193 + pmd = pmd_offset(pud, start);
194 +
195 +- set_pmd(pmd, __pmd(cpa->pfn | _PAGE_PSE |
196 ++ set_pmd(pmd, __pmd(cpa->pfn << PAGE_SHIFT | _PAGE_PSE |
197 + massage_pgprot(pmd_pgprot)));
198 +
199 + start += PMD_SIZE;
200 +- cpa->pfn += PMD_SIZE;
201 ++ cpa->pfn += PMD_SIZE >> PAGE_SHIFT;
202 + cur_pages += PMD_SIZE >> PAGE_SHIFT;
203 + }
204 +
205 +@@ -1048,11 +1043,11 @@ static int populate_pud(struct cpa_data *cpa, unsigned long start, pgd_t *pgd,
206 + * Map everything starting from the Gb boundary, possibly with 1G pages
207 + */
208 + while (end - start >= PUD_SIZE) {
209 +- set_pud(pud, __pud(cpa->pfn | _PAGE_PSE |
210 ++ set_pud(pud, __pud(cpa->pfn << PAGE_SHIFT | _PAGE_PSE |
211 + massage_pgprot(pud_pgprot)));
212 +
213 + start += PUD_SIZE;
214 +- cpa->pfn += PUD_SIZE;
215 ++ cpa->pfn += PUD_SIZE >> PAGE_SHIFT;
216 + cur_pages += PUD_SIZE >> PAGE_SHIFT;
217 + pud++;
218 + }
219 +diff --git a/arch/x86/platform/efi/efi-bgrt.c b/arch/x86/platform/efi/efi-bgrt.c
220 +index ea48449b2e63..64fbc7e33226 100644
221 +--- a/arch/x86/platform/efi/efi-bgrt.c
222 ++++ b/arch/x86/platform/efi/efi-bgrt.c
223 +@@ -28,8 +28,7 @@ struct bmp_header {
224 + void __init efi_bgrt_init(void)
225 + {
226 + acpi_status status;
227 +- void __iomem *image;
228 +- bool ioremapped = false;
229 ++ void *image;
230 + struct bmp_header bmp_header;
231 +
232 + if (acpi_disabled)
233 +@@ -70,20 +69,14 @@ void __init efi_bgrt_init(void)
234 + return;
235 + }
236 +
237 +- image = efi_lookup_mapped_addr(bgrt_tab->image_address);
238 ++ image = memremap(bgrt_tab->image_address, sizeof(bmp_header), MEMREMAP_WB);
239 + if (!image) {
240 +- image = early_ioremap(bgrt_tab->image_address,
241 +- sizeof(bmp_header));
242 +- ioremapped = true;
243 +- if (!image) {
244 +- pr_err("Ignoring BGRT: failed to map image header memory\n");
245 +- return;
246 +- }
247 ++ pr_err("Ignoring BGRT: failed to map image header memory\n");
248 ++ return;
249 + }
250 +
251 +- memcpy_fromio(&bmp_header, image, sizeof(bmp_header));
252 +- if (ioremapped)
253 +- early_iounmap(image, sizeof(bmp_header));
254 ++ memcpy(&bmp_header, image, sizeof(bmp_header));
255 ++ memunmap(image);
256 + bgrt_image_size = bmp_header.size;
257 +
258 + bgrt_image = kmalloc(bgrt_image_size, GFP_KERNEL | __GFP_NOWARN);
259 +@@ -93,18 +86,14 @@ void __init efi_bgrt_init(void)
260 + return;
261 + }
262 +
263 +- if (ioremapped) {
264 +- image = early_ioremap(bgrt_tab->image_address,
265 +- bmp_header.size);
266 +- if (!image) {
267 +- pr_err("Ignoring BGRT: failed to map image memory\n");
268 +- kfree(bgrt_image);
269 +- bgrt_image = NULL;
270 +- return;
271 +- }
272 ++ image = memremap(bgrt_tab->image_address, bmp_header.size, MEMREMAP_WB);
273 ++ if (!image) {
274 ++ pr_err("Ignoring BGRT: failed to map image memory\n");
275 ++ kfree(bgrt_image);
276 ++ bgrt_image = NULL;
277 ++ return;
278 + }
279 +
280 +- memcpy_fromio(bgrt_image, image, bgrt_image_size);
281 +- if (ioremapped)
282 +- early_iounmap(image, bmp_header.size);
283 ++ memcpy(bgrt_image, image, bgrt_image_size);
284 ++ memunmap(image);
285 + }
286 +diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c
287 +index ad285404ea7f..3c1f3cd7b2ba 100644
288 +--- a/arch/x86/platform/efi/efi.c
289 ++++ b/arch/x86/platform/efi/efi.c
290 +@@ -869,7 +869,7 @@ static void __init kexec_enter_virtual_mode(void)
291 + * This function will switch the EFI runtime services to virtual mode.
292 + * Essentially, we look through the EFI memmap and map every region that
293 + * has the runtime attribute bit set in its memory descriptor into the
294 +- * ->trampoline_pgd page table using a top-down VA allocation scheme.
295 ++ * efi_pgd page table.
296 + *
297 + * The old method which used to update that memory descriptor with the
298 + * virtual address obtained from ioremap() is still supported when the
299 +@@ -879,8 +879,8 @@ static void __init kexec_enter_virtual_mode(void)
300 + *
301 + * The new method does a pagetable switch in a preemption-safe manner
302 + * so that we're in a different address space when calling a runtime
303 +- * function. For function arguments passing we do copy the PGDs of the
304 +- * kernel page table into ->trampoline_pgd prior to each call.
305 ++ * function. For function arguments passing we do copy the PUDs of the
306 ++ * kernel page table into efi_pgd prior to each call.
307 + *
308 + * Specially for kexec boot, efi runtime maps in previous kernel should
309 + * be passed in via setup_data. In that case runtime ranges will be mapped
310 +@@ -895,6 +895,12 @@ static void __init __efi_enter_virtual_mode(void)
311 +
312 + efi.systab = NULL;
313 +
314 ++ if (efi_alloc_page_tables()) {
315 ++ pr_err("Failed to allocate EFI page tables\n");
316 ++ clear_bit(EFI_RUNTIME_SERVICES, &efi.flags);
317 ++ return;
318 ++ }
319 ++
320 + efi_merge_regions();
321 + new_memmap = efi_map_regions(&count, &pg_shift);
322 + if (!new_memmap) {
323 +@@ -954,28 +960,11 @@ static void __init __efi_enter_virtual_mode(void)
324 + efi_runtime_mkexec();
325 +
326 + /*
327 +- * We mapped the descriptor array into the EFI pagetable above but we're
328 +- * not unmapping it here. Here's why:
329 +- *
330 +- * We're copying select PGDs from the kernel page table to the EFI page
331 +- * table and when we do so and make changes to those PGDs like unmapping
332 +- * stuff from them, those changes appear in the kernel page table and we
333 +- * go boom.
334 +- *
335 +- * From setup_real_mode():
336 +- *
337 +- * ...
338 +- * trampoline_pgd[0] = init_level4_pgt[pgd_index(__PAGE_OFFSET)].pgd;
339 +- *
340 +- * In this particular case, our allocation is in PGD 0 of the EFI page
341 +- * table but we've copied that PGD from PGD[272] of the EFI page table:
342 +- *
343 +- * pgd_index(__PAGE_OFFSET = 0xffff880000000000) = 272
344 +- *
345 +- * where the direct memory mapping in kernel space is.
346 +- *
347 +- * new_memmap's VA comes from that direct mapping and thus clearing it,
348 +- * it would get cleared in the kernel page table too.
349 ++ * We mapped the descriptor array into the EFI pagetable above
350 ++ * but we're not unmapping it here because if we're running in
351 ++ * EFI mixed mode we need all of memory to be accessible when
352 ++ * we pass parameters to the EFI runtime services in the
353 ++ * thunking code.
354 + *
355 + * efi_cleanup_page_tables(__pa(new_memmap), 1 << pg_shift);
356 + */
357 +diff --git a/arch/x86/platform/efi/efi_32.c b/arch/x86/platform/efi/efi_32.c
358 +index ed5b67338294..58d669bc8250 100644
359 +--- a/arch/x86/platform/efi/efi_32.c
360 ++++ b/arch/x86/platform/efi/efi_32.c
361 +@@ -38,6 +38,11 @@
362 + * say 0 - 3G.
363 + */
364 +
365 ++int __init efi_alloc_page_tables(void)
366 ++{
367 ++ return 0;
368 ++}
369 ++
370 + void efi_sync_low_kernel_mappings(void) {}
371 + void __init efi_dump_pagetable(void) {}
372 + int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
373 +diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c
374 +index a0ac0f9c307f..18dfaad71c99 100644
375 +--- a/arch/x86/platform/efi/efi_64.c
376 ++++ b/arch/x86/platform/efi/efi_64.c
377 +@@ -40,6 +40,7 @@
378 + #include <asm/fixmap.h>
379 + #include <asm/realmode.h>
380 + #include <asm/time.h>
381 ++#include <asm/pgalloc.h>
382 +
383 + /*
384 + * We allocate runtime services regions bottom-up, starting from -4G, i.e.
385 +@@ -47,16 +48,7 @@
386 + */
387 + static u64 efi_va = EFI_VA_START;
388 +
389 +-/*
390 +- * Scratch space used for switching the pagetable in the EFI stub
391 +- */
392 +-struct efi_scratch {
393 +- u64 r15;
394 +- u64 prev_cr3;
395 +- pgd_t *efi_pgt;
396 +- bool use_pgd;
397 +- u64 phys_stack;
398 +-} __packed;
399 ++struct efi_scratch efi_scratch;
400 +
401 + static void __init early_code_mapping_set_exec(int executable)
402 + {
403 +@@ -83,8 +75,11 @@ pgd_t * __init efi_call_phys_prolog(void)
404 + int pgd;
405 + int n_pgds;
406 +
407 +- if (!efi_enabled(EFI_OLD_MEMMAP))
408 +- return NULL;
409 ++ if (!efi_enabled(EFI_OLD_MEMMAP)) {
410 ++ save_pgd = (pgd_t *)read_cr3();
411 ++ write_cr3((unsigned long)efi_scratch.efi_pgt);
412 ++ goto out;
413 ++ }
414 +
415 + early_code_mapping_set_exec(1);
416 +
417 +@@ -96,6 +91,7 @@ pgd_t * __init efi_call_phys_prolog(void)
418 + vaddress = (unsigned long)__va(pgd * PGDIR_SIZE);
419 + set_pgd(pgd_offset_k(pgd * PGDIR_SIZE), *pgd_offset_k(vaddress));
420 + }
421 ++out:
422 + __flush_tlb_all();
423 +
424 + return save_pgd;
425 +@@ -109,8 +105,11 @@ void __init efi_call_phys_epilog(pgd_t *save_pgd)
426 + int pgd_idx;
427 + int nr_pgds;
428 +
429 +- if (!save_pgd)
430 ++ if (!efi_enabled(EFI_OLD_MEMMAP)) {
431 ++ write_cr3((unsigned long)save_pgd);
432 ++ __flush_tlb_all();
433 + return;
434 ++ }
435 +
436 + nr_pgds = DIV_ROUND_UP((max_pfn << PAGE_SHIFT) , PGDIR_SIZE);
437 +
438 +@@ -123,27 +122,97 @@ void __init efi_call_phys_epilog(pgd_t *save_pgd)
439 + early_code_mapping_set_exec(0);
440 + }
441 +
442 ++static pgd_t *efi_pgd;
443 ++
444 ++/*
445 ++ * We need our own copy of the higher levels of the page tables
446 ++ * because we want to avoid inserting EFI region mappings (EFI_VA_END
447 ++ * to EFI_VA_START) into the standard kernel page tables. Everything
448 ++ * else can be shared, see efi_sync_low_kernel_mappings().
449 ++ */
450 ++int __init efi_alloc_page_tables(void)
451 ++{
452 ++ pgd_t *pgd;
453 ++ pud_t *pud;
454 ++ gfp_t gfp_mask;
455 ++
456 ++ if (efi_enabled(EFI_OLD_MEMMAP))
457 ++ return 0;
458 ++
459 ++ gfp_mask = GFP_KERNEL | __GFP_NOTRACK | __GFP_REPEAT | __GFP_ZERO;
460 ++ efi_pgd = (pgd_t *)__get_free_page(gfp_mask);
461 ++ if (!efi_pgd)
462 ++ return -ENOMEM;
463 ++
464 ++ pgd = efi_pgd + pgd_index(EFI_VA_END);
465 ++
466 ++ pud = pud_alloc_one(NULL, 0);
467 ++ if (!pud) {
468 ++ free_page((unsigned long)efi_pgd);
469 ++ return -ENOMEM;
470 ++ }
471 ++
472 ++ pgd_populate(NULL, pgd, pud);
473 ++
474 ++ return 0;
475 ++}
476 ++
477 + /*
478 + * Add low kernel mappings for passing arguments to EFI functions.
479 + */
480 + void efi_sync_low_kernel_mappings(void)
481 + {
482 +- unsigned num_pgds;
483 +- pgd_t *pgd = (pgd_t *)__va(real_mode_header->trampoline_pgd);
484 ++ unsigned num_entries;
485 ++ pgd_t *pgd_k, *pgd_efi;
486 ++ pud_t *pud_k, *pud_efi;
487 +
488 + if (efi_enabled(EFI_OLD_MEMMAP))
489 + return;
490 +
491 +- num_pgds = pgd_index(MODULES_END - 1) - pgd_index(PAGE_OFFSET);
492 ++ /*
493 ++ * We can share all PGD entries apart from the one entry that
494 ++ * covers the EFI runtime mapping space.
495 ++ *
496 ++ * Make sure the EFI runtime region mappings are guaranteed to
497 ++ * only span a single PGD entry and that the entry also maps
498 ++ * other important kernel regions.
499 ++ */
500 ++ BUILD_BUG_ON(pgd_index(EFI_VA_END) != pgd_index(MODULES_END));
501 ++ BUILD_BUG_ON((EFI_VA_START & PGDIR_MASK) !=
502 ++ (EFI_VA_END & PGDIR_MASK));
503 ++
504 ++ pgd_efi = efi_pgd + pgd_index(PAGE_OFFSET);
505 ++ pgd_k = pgd_offset_k(PAGE_OFFSET);
506 +
507 +- memcpy(pgd + pgd_index(PAGE_OFFSET),
508 +- init_mm.pgd + pgd_index(PAGE_OFFSET),
509 +- sizeof(pgd_t) * num_pgds);
510 ++ num_entries = pgd_index(EFI_VA_END) - pgd_index(PAGE_OFFSET);
511 ++ memcpy(pgd_efi, pgd_k, sizeof(pgd_t) * num_entries);
512 ++
513 ++ /*
514 ++ * We share all the PUD entries apart from those that map the
515 ++ * EFI regions. Copy around them.
516 ++ */
517 ++ BUILD_BUG_ON((EFI_VA_START & ~PUD_MASK) != 0);
518 ++ BUILD_BUG_ON((EFI_VA_END & ~PUD_MASK) != 0);
519 ++
520 ++ pgd_efi = efi_pgd + pgd_index(EFI_VA_END);
521 ++ pud_efi = pud_offset(pgd_efi, 0);
522 ++
523 ++ pgd_k = pgd_offset_k(EFI_VA_END);
524 ++ pud_k = pud_offset(pgd_k, 0);
525 ++
526 ++ num_entries = pud_index(EFI_VA_END);
527 ++ memcpy(pud_efi, pud_k, sizeof(pud_t) * num_entries);
528 ++
529 ++ pud_efi = pud_offset(pgd_efi, EFI_VA_START);
530 ++ pud_k = pud_offset(pgd_k, EFI_VA_START);
531 ++
532 ++ num_entries = PTRS_PER_PUD - pud_index(EFI_VA_START);
533 ++ memcpy(pud_efi, pud_k, sizeof(pud_t) * num_entries);
534 + }
535 +
536 + int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
537 + {
538 +- unsigned long text;
539 ++ unsigned long pfn, text;
540 + struct page *page;
541 + unsigned npages;
542 + pgd_t *pgd;
543 +@@ -151,8 +220,8 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
544 + if (efi_enabled(EFI_OLD_MEMMAP))
545 + return 0;
546 +
547 +- efi_scratch.efi_pgt = (pgd_t *)(unsigned long)real_mode_header->trampoline_pgd;
548 +- pgd = __va(efi_scratch.efi_pgt);
549 ++ efi_scratch.efi_pgt = (pgd_t *)__pa(efi_pgd);
550 ++ pgd = efi_pgd;
551 +
552 + /*
553 + * It can happen that the physical address of new_memmap lands in memory
554 +@@ -160,7 +229,8 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
555 + * and ident-map those pages containing the map before calling
556 + * phys_efi_set_virtual_address_map().
557 + */
558 +- if (kernel_map_pages_in_pgd(pgd, pa_memmap, pa_memmap, num_pages, _PAGE_NX)) {
559 ++ pfn = pa_memmap >> PAGE_SHIFT;
560 ++ if (kernel_map_pages_in_pgd(pgd, pfn, pa_memmap, num_pages, _PAGE_NX)) {
561 + pr_err("Error ident-mapping new memmap (0x%lx)!\n", pa_memmap);
562 + return 1;
563 + }
564 +@@ -185,8 +255,9 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
565 +
566 + npages = (_end - _text) >> PAGE_SHIFT;
567 + text = __pa(_text);
568 ++ pfn = text >> PAGE_SHIFT;
569 +
570 +- if (kernel_map_pages_in_pgd(pgd, text >> PAGE_SHIFT, text, npages, 0)) {
571 ++ if (kernel_map_pages_in_pgd(pgd, pfn, text, npages, 0)) {
572 + pr_err("Failed to map kernel text 1:1\n");
573 + return 1;
574 + }
575 +@@ -196,20 +267,20 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
576 +
577 + void __init efi_cleanup_page_tables(unsigned long pa_memmap, unsigned num_pages)
578 + {
579 +- pgd_t *pgd = (pgd_t *)__va(real_mode_header->trampoline_pgd);
580 +-
581 +- kernel_unmap_pages_in_pgd(pgd, pa_memmap, num_pages);
582 ++ kernel_unmap_pages_in_pgd(efi_pgd, pa_memmap, num_pages);
583 + }
584 +
585 + static void __init __map_region(efi_memory_desc_t *md, u64 va)
586 + {
587 +- pgd_t *pgd = (pgd_t *)__va(real_mode_header->trampoline_pgd);
588 +- unsigned long pf = 0;
589 ++ unsigned long flags = 0;
590 ++ unsigned long pfn;
591 ++ pgd_t *pgd = efi_pgd;
592 +
593 + if (!(md->attribute & EFI_MEMORY_WB))
594 +- pf |= _PAGE_PCD;
595 ++ flags |= _PAGE_PCD;
596 +
597 +- if (kernel_map_pages_in_pgd(pgd, md->phys_addr, va, md->num_pages, pf))
598 ++ pfn = md->phys_addr >> PAGE_SHIFT;
599 ++ if (kernel_map_pages_in_pgd(pgd, pfn, va, md->num_pages, flags))
600 + pr_warn("Error mapping PA 0x%llx -> VA 0x%llx!\n",
601 + md->phys_addr, va);
602 + }
603 +@@ -312,9 +383,7 @@ void __init efi_runtime_mkexec(void)
604 + void __init efi_dump_pagetable(void)
605 + {
606 + #ifdef CONFIG_EFI_PGT_DUMP
607 +- pgd_t *pgd = (pgd_t *)__va(real_mode_header->trampoline_pgd);
608 +-
609 +- ptdump_walk_pgd_level(NULL, pgd);
610 ++ ptdump_walk_pgd_level(NULL, efi_pgd);
611 + #endif
612 + }
613 +
614 +diff --git a/arch/x86/platform/efi/efi_stub_64.S b/arch/x86/platform/efi/efi_stub_64.S
615 +index 86d0f9e08dd9..32020cb8bb08 100644
616 +--- a/arch/x86/platform/efi/efi_stub_64.S
617 ++++ b/arch/x86/platform/efi/efi_stub_64.S
618 +@@ -38,41 +38,6 @@
619 + mov %rsi, %cr0; \
620 + mov (%rsp), %rsp
621 +
622 +- /* stolen from gcc */
623 +- .macro FLUSH_TLB_ALL
624 +- movq %r15, efi_scratch(%rip)
625 +- movq %r14, efi_scratch+8(%rip)
626 +- movq %cr4, %r15
627 +- movq %r15, %r14
628 +- andb $0x7f, %r14b
629 +- movq %r14, %cr4
630 +- movq %r15, %cr4
631 +- movq efi_scratch+8(%rip), %r14
632 +- movq efi_scratch(%rip), %r15
633 +- .endm
634 +-
635 +- .macro SWITCH_PGT
636 +- cmpb $0, efi_scratch+24(%rip)
637 +- je 1f
638 +- movq %r15, efi_scratch(%rip) # r15
639 +- # save previous CR3
640 +- movq %cr3, %r15
641 +- movq %r15, efi_scratch+8(%rip) # prev_cr3
642 +- movq efi_scratch+16(%rip), %r15 # EFI pgt
643 +- movq %r15, %cr3
644 +- 1:
645 +- .endm
646 +-
647 +- .macro RESTORE_PGT
648 +- cmpb $0, efi_scratch+24(%rip)
649 +- je 2f
650 +- movq efi_scratch+8(%rip), %r15
651 +- movq %r15, %cr3
652 +- movq efi_scratch(%rip), %r15
653 +- FLUSH_TLB_ALL
654 +- 2:
655 +- .endm
656 +-
657 + ENTRY(efi_call)
658 + SAVE_XMM
659 + mov (%rsp), %rax
660 +@@ -83,16 +48,8 @@ ENTRY(efi_call)
661 + mov %r8, %r9
662 + mov %rcx, %r8
663 + mov %rsi, %rcx
664 +- SWITCH_PGT
665 + call *%rdi
666 +- RESTORE_PGT
667 + addq $48, %rsp
668 + RESTORE_XMM
669 + ret
670 + ENDPROC(efi_call)
671 +-
672 +- .data
673 +-ENTRY(efi_scratch)
674 +- .fill 3,8,0
675 +- .byte 0
676 +- .quad 0
677 +diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
678 +index 3b52677f459a..0cd8f039602e 100644
679 +--- a/drivers/firmware/efi/efi.c
680 ++++ b/drivers/firmware/efi/efi.c
681 +@@ -325,38 +325,6 @@ u64 __init efi_mem_desc_end(efi_memory_desc_t *md)
682 + return end;
683 + }
684 +
685 +-/*
686 +- * We can't ioremap data in EFI boot services RAM, because we've already mapped
687 +- * it as RAM. So, look it up in the existing EFI memory map instead. Only
688 +- * callable after efi_enter_virtual_mode and before efi_free_boot_services.
689 +- */
690 +-void __iomem *efi_lookup_mapped_addr(u64 phys_addr)
691 +-{
692 +- struct efi_memory_map *map;
693 +- void *p;
694 +- map = efi.memmap;
695 +- if (!map)
696 +- return NULL;
697 +- if (WARN_ON(!map->map))
698 +- return NULL;
699 +- for (p = map->map; p < map->map_end; p += map->desc_size) {
700 +- efi_memory_desc_t *md = p;
701 +- u64 size = md->num_pages << EFI_PAGE_SHIFT;
702 +- u64 end = md->phys_addr + size;
703 +- if (!(md->attribute & EFI_MEMORY_RUNTIME) &&
704 +- md->type != EFI_BOOT_SERVICES_CODE &&
705 +- md->type != EFI_BOOT_SERVICES_DATA)
706 +- continue;
707 +- if (!md->virt_addr)
708 +- continue;
709 +- if (phys_addr >= md->phys_addr && phys_addr < end) {
710 +- phys_addr += md->virt_addr - md->phys_addr;
711 +- return (__force void __iomem *)(unsigned long)phys_addr;
712 +- }
713 +- }
714 +- return NULL;
715 +-}
716 +-
717 + static __initdata efi_config_table_type_t common_tables[] = {
718 + {ACPI_20_TABLE_GUID, "ACPI 2.0", &efi.acpi20},
719 + {ACPI_TABLE_GUID, "ACPI", &efi.acpi},
720 +diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c
721 +index f4cae5357e40..3e90ddcbb24a 100644
722 +--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c
723 ++++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c
724 +@@ -1575,34 +1575,32 @@ void amdgpu_atombios_scratch_regs_restore(struct amdgpu_device *adev)
725 + WREG32(mmBIOS_SCRATCH_0 + i, adev->bios_scratch[i]);
726 + }
727 +
728 +-/* Atom needs data in little endian format
729 +- * so swap as appropriate when copying data to
730 +- * or from atom. Note that atom operates on
731 +- * dw units.
732 ++/* Atom needs data in little endian format so swap as appropriate when copying
733 ++ * data to or from atom. Note that atom operates on dw units.
734 ++ *
735 ++ * Use to_le=true when sending data to atom and provide at least
736 ++ * ALIGN(num_bytes,4) bytes in the dst buffer.
737 ++ *
738 ++ * Use to_le=false when receiving data from atom and provide ALIGN(num_bytes,4)
739 ++ * byes in the src buffer.
740 + */
741 + void amdgpu_atombios_copy_swap(u8 *dst, u8 *src, u8 num_bytes, bool to_le)
742 + {
743 + #ifdef __BIG_ENDIAN
744 +- u8 src_tmp[20], dst_tmp[20]; /* used for byteswapping */
745 +- u32 *dst32, *src32;
746 ++ u32 src_tmp[5], dst_tmp[5];
747 + int i;
748 ++ u8 align_num_bytes = ALIGN(num_bytes, 4);
749 +
750 +- memcpy(src_tmp, src, num_bytes);
751 +- src32 = (u32 *)src_tmp;
752 +- dst32 = (u32 *)dst_tmp;
753 + if (to_le) {
754 +- for (i = 0; i < ((num_bytes + 3) / 4); i++)
755 +- dst32[i] = cpu_to_le32(src32[i]);
756 +- memcpy(dst, dst_tmp, num_bytes);
757 ++ memcpy(src_tmp, src, num_bytes);
758 ++ for (i = 0; i < align_num_bytes / 4; i++)
759 ++ dst_tmp[i] = cpu_to_le32(src_tmp[i]);
760 ++ memcpy(dst, dst_tmp, align_num_bytes);
761 + } else {
762 +- u8 dws = num_bytes & ~3;
763 +- for (i = 0; i < ((num_bytes + 3) / 4); i++)
764 +- dst32[i] = le32_to_cpu(src32[i]);
765 +- memcpy(dst, dst_tmp, dws);
766 +- if (num_bytes % 4) {
767 +- for (i = 0; i < (num_bytes % 4); i++)
768 +- dst[dws+i] = dst_tmp[dws+i];
769 +- }
770 ++ memcpy(src_tmp, src, align_num_bytes);
771 ++ for (i = 0; i < align_num_bytes / 4; i++)
772 ++ dst_tmp[i] = le32_to_cpu(src_tmp[i]);
773 ++ memcpy(dst, dst_tmp, num_bytes);
774 + }
775 + #else
776 + memcpy(dst, src, num_bytes);
777 +diff --git a/drivers/gpu/drm/i915/intel_i2c.c b/drivers/gpu/drm/i915/intel_i2c.c
778 +index f3bee54c414f..cb4313c68f71 100644
779 +--- a/drivers/gpu/drm/i915/intel_i2c.c
780 ++++ b/drivers/gpu/drm/i915/intel_i2c.c
781 +@@ -440,7 +440,9 @@ static bool
782 + gmbus_is_index_read(struct i2c_msg *msgs, int i, int num)
783 + {
784 + return (i + 1 < num &&
785 +- !(msgs[i].flags & I2C_M_RD) && msgs[i].len <= 2 &&
786 ++ msgs[i].addr == msgs[i + 1].addr &&
787 ++ !(msgs[i].flags & I2C_M_RD) &&
788 ++ (msgs[i].len == 1 || msgs[i].len == 2) &&
789 + (msgs[i + 1].flags & I2C_M_RD));
790 + }
791 +
792 +diff --git a/drivers/gpu/drm/panel/panel-simple.c b/drivers/gpu/drm/panel/panel-simple.c
793 +index f97b73ec4713..f418c002d323 100644
794 +--- a/drivers/gpu/drm/panel/panel-simple.c
795 ++++ b/drivers/gpu/drm/panel/panel-simple.c
796 +@@ -352,6 +352,7 @@ static int panel_simple_remove(struct device *dev)
797 + drm_panel_remove(&panel->base);
798 +
799 + panel_simple_disable(&panel->base);
800 ++ panel_simple_unprepare(&panel->base);
801 +
802 + if (panel->ddc)
803 + put_device(&panel->ddc->dev);
804 +@@ -367,6 +368,7 @@ static void panel_simple_shutdown(struct device *dev)
805 + struct panel_simple *panel = dev_get_drvdata(dev);
806 +
807 + panel_simple_disable(&panel->base);
808 ++ panel_simple_unprepare(&panel->base);
809 + }
810 +
811 + static const struct drm_display_mode ampire_am800480r3tmqwa1h_mode = {
812 +diff --git a/drivers/gpu/drm/radeon/atombios_dp.c b/drivers/gpu/drm/radeon/atombios_dp.c
813 +index b5760851195c..0c6216a6ee9e 100644
814 +--- a/drivers/gpu/drm/radeon/atombios_dp.c
815 ++++ b/drivers/gpu/drm/radeon/atombios_dp.c
816 +@@ -45,34 +45,32 @@ static char *pre_emph_names[] = {
817 +
818 + /***** radeon AUX functions *****/
819 +
820 +-/* Atom needs data in little endian format
821 +- * so swap as appropriate when copying data to
822 +- * or from atom. Note that atom operates on
823 +- * dw units.
824 ++/* Atom needs data in little endian format so swap as appropriate when copying
825 ++ * data to or from atom. Note that atom operates on dw units.
826 ++ *
827 ++ * Use to_le=true when sending data to atom and provide at least
828 ++ * ALIGN(num_bytes,4) bytes in the dst buffer.
829 ++ *
830 ++ * Use to_le=false when receiving data from atom and provide ALIGN(num_bytes,4)
831 ++ * byes in the src buffer.
832 + */
833 + void radeon_atom_copy_swap(u8 *dst, u8 *src, u8 num_bytes, bool to_le)
834 + {
835 + #ifdef __BIG_ENDIAN
836 +- u8 src_tmp[20], dst_tmp[20]; /* used for byteswapping */
837 +- u32 *dst32, *src32;
838 ++ u32 src_tmp[5], dst_tmp[5];
839 + int i;
840 ++ u8 align_num_bytes = ALIGN(num_bytes, 4);
841 +
842 +- memcpy(src_tmp, src, num_bytes);
843 +- src32 = (u32 *)src_tmp;
844 +- dst32 = (u32 *)dst_tmp;
845 + if (to_le) {
846 +- for (i = 0; i < ((num_bytes + 3) / 4); i++)
847 +- dst32[i] = cpu_to_le32(src32[i]);
848 +- memcpy(dst, dst_tmp, num_bytes);
849 ++ memcpy(src_tmp, src, num_bytes);
850 ++ for (i = 0; i < align_num_bytes / 4; i++)
851 ++ dst_tmp[i] = cpu_to_le32(src_tmp[i]);
852 ++ memcpy(dst, dst_tmp, align_num_bytes);
853 + } else {
854 +- u8 dws = num_bytes & ~3;
855 +- for (i = 0; i < ((num_bytes + 3) / 4); i++)
856 +- dst32[i] = le32_to_cpu(src32[i]);
857 +- memcpy(dst, dst_tmp, dws);
858 +- if (num_bytes % 4) {
859 +- for (i = 0; i < (num_bytes % 4); i++)
860 +- dst[dws+i] = dst_tmp[dws+i];
861 +- }
862 ++ memcpy(src_tmp, src, align_num_bytes);
863 ++ for (i = 0; i < align_num_bytes / 4; i++)
864 ++ dst_tmp[i] = le32_to_cpu(src_tmp[i]);
865 ++ memcpy(dst, dst_tmp, num_bytes);
866 + }
867 + #else
868 + memcpy(dst, src, num_bytes);
869 +diff --git a/drivers/gpu/drm/radeon/radeon_fb.c b/drivers/gpu/drm/radeon/radeon_fb.c
870 +index 26da2f4d7b4f..a2937a693591 100644
871 +--- a/drivers/gpu/drm/radeon/radeon_fb.c
872 ++++ b/drivers/gpu/drm/radeon/radeon_fb.c
873 +@@ -226,7 +226,6 @@ static int radeonfb_create(struct drm_fb_helper *helper,
874 + }
875 +
876 + info->par = rfbdev;
877 +- info->skip_vt_switch = true;
878 +
879 + ret = radeon_framebuffer_init(rdev->ddev, &rfbdev->rfb, &mode_cmd, gobj);
880 + if (ret) {
881 +diff --git a/drivers/md/bcache/alloc.c b/drivers/md/bcache/alloc.c
882 +index ea47980949ef..4d46f2ce606f 100644
883 +--- a/drivers/md/bcache/alloc.c
884 ++++ b/drivers/md/bcache/alloc.c
885 +@@ -479,7 +479,7 @@ int __bch_bucket_alloc_set(struct cache_set *c, unsigned reserve,
886 + if (b == -1)
887 + goto err;
888 +
889 +- k->ptr[i] = PTR(ca->buckets[b].gen,
890 ++ k->ptr[i] = MAKE_PTR(ca->buckets[b].gen,
891 + bucket_to_sector(c, b),
892 + ca->sb.nr_this_dev);
893 +
894 +diff --git a/drivers/md/bcache/extents.c b/drivers/md/bcache/extents.c
895 +index 243de0bf15cd..4bf15182c4da 100644
896 +--- a/drivers/md/bcache/extents.c
897 ++++ b/drivers/md/bcache/extents.c
898 +@@ -584,7 +584,7 @@ static bool bch_extent_merge(struct btree_keys *bk, struct bkey *l, struct bkey
899 + return false;
900 +
901 + for (i = 0; i < KEY_PTRS(l); i++)
902 +- if (l->ptr[i] + PTR(0, KEY_SIZE(l), 0) != r->ptr[i] ||
903 ++ if (l->ptr[i] + MAKE_PTR(0, KEY_SIZE(l), 0) != r->ptr[i] ||
904 + PTR_BUCKET_NR(b->c, l, i) != PTR_BUCKET_NR(b->c, r, i))
905 + return false;
906 +
907 +diff --git a/drivers/md/bcache/journal.c b/drivers/md/bcache/journal.c
908 +index 29eba7219b01..6ed066a0e7c0 100644
909 +--- a/drivers/md/bcache/journal.c
910 ++++ b/drivers/md/bcache/journal.c
911 +@@ -508,7 +508,7 @@ static void journal_reclaim(struct cache_set *c)
912 + continue;
913 +
914 + ja->cur_idx = next;
915 +- k->ptr[n++] = PTR(0,
916 ++ k->ptr[n++] = MAKE_PTR(0,
917 + bucket_to_sector(c, ca->sb.d[ja->cur_idx]),
918 + ca->sb.nr_this_dev);
919 + }
920 +diff --git a/drivers/misc/eeprom/at24.c b/drivers/misc/eeprom/at24.c
921 +index 5d7c0900fa1b..f112c5bc082a 100644
922 +--- a/drivers/misc/eeprom/at24.c
923 ++++ b/drivers/misc/eeprom/at24.c
924 +@@ -257,6 +257,9 @@ static ssize_t at24_read(struct at24_data *at24,
925 + if (unlikely(!count))
926 + return count;
927 +
928 ++ if (off + count > at24->chip.byte_len)
929 ++ return -EINVAL;
930 ++
931 + /*
932 + * Read data from chip, protecting against concurrent updates
933 + * from this host, but not from other I2C masters.
934 +@@ -311,6 +314,9 @@ static ssize_t at24_eeprom_write(struct at24_data *at24, const char *buf,
935 + unsigned long timeout, write_time;
936 + unsigned next_page;
937 +
938 ++ if (offset + count > at24->chip.byte_len)
939 ++ return -EINVAL;
940 ++
941 + /* Get corresponding I2C address and adjust offset */
942 + client = at24_translate_offset(at24, &offset);
943 +
944 +diff --git a/drivers/mmc/core/bus.c b/drivers/mmc/core/bus.c
945 +index 972ff844cf5a..cf7c7bc1e940 100644
946 +--- a/drivers/mmc/core/bus.c
947 ++++ b/drivers/mmc/core/bus.c
948 +@@ -155,6 +155,9 @@ static int mmc_bus_suspend(struct device *dev)
949 + return ret;
950 +
951 + ret = host->bus_ops->suspend(host);
952 ++ if (ret)
953 ++ pm_generic_resume(dev);
954 ++
955 + return ret;
956 + }
957 +
958 +diff --git a/drivers/mtd/nand/nand_base.c b/drivers/mtd/nand/nand_base.c
959 +index 54ab48827258..7ba109e8cf88 100644
960 +--- a/drivers/mtd/nand/nand_base.c
961 ++++ b/drivers/mtd/nand/nand_base.c
962 +@@ -2663,15 +2663,18 @@ static int panic_nand_write(struct mtd_info *mtd, loff_t to, size_t len,
963 + size_t *retlen, const uint8_t *buf)
964 + {
965 + struct nand_chip *chip = mtd->priv;
966 ++ int chipnr = (int)(to >> chip->chip_shift);
967 + struct mtd_oob_ops ops;
968 + int ret;
969 +
970 +- /* Wait for the device to get ready */
971 +- panic_nand_wait(mtd, chip, 400);
972 +-
973 + /* Grab the device */
974 + panic_nand_get_device(chip, mtd, FL_WRITING);
975 +
976 ++ chip->select_chip(mtd, chipnr);
977 ++
978 ++ /* Wait for the device to get ready */
979 ++ panic_nand_wait(mtd, chip, 400);
980 ++
981 + memset(&ops, 0, sizeof(ops));
982 + ops.len = len;
983 + ops.datbuf = (uint8_t *)buf;
984 +diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
985 +index c36a03fa7678..260f94b019c9 100644
986 +--- a/fs/btrfs/extent-tree.c
987 ++++ b/fs/btrfs/extent-tree.c
988 +@@ -3361,13 +3361,6 @@ again:
989 + goto again;
990 + }
991 +
992 +- /* We've already setup this transaction, go ahead and exit */
993 +- if (block_group->cache_generation == trans->transid &&
994 +- i_size_read(inode)) {
995 +- dcs = BTRFS_DC_SETUP;
996 +- goto out_put;
997 +- }
998 +-
999 + /*
1000 + * We want to set the generation to 0, that way if anything goes wrong
1001 + * from here on out we know not to trust this cache when we load up next
1002 +@@ -3391,6 +3384,13 @@ again:
1003 + }
1004 + WARN_ON(ret);
1005 +
1006 ++ /* We've already setup this transaction, go ahead and exit */
1007 ++ if (block_group->cache_generation == trans->transid &&
1008 ++ i_size_read(inode)) {
1009 ++ dcs = BTRFS_DC_SETUP;
1010 ++ goto out_put;
1011 ++ }
1012 ++
1013 + if (i_size_read(inode) > 0) {
1014 + ret = btrfs_check_trunc_cache_free_space(root,
1015 + &root->fs_info->global_block_rsv);
1016 +diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c
1017 +index 348e0a05bd18..44e09483d2cd 100644
1018 +--- a/fs/nfs/dir.c
1019 ++++ b/fs/nfs/dir.c
1020 +@@ -1260,7 +1260,7 @@ static int nfs_weak_revalidate(struct dentry *dentry, unsigned int flags)
1021 + return 0;
1022 + }
1023 +
1024 +- error = nfs_revalidate_inode(NFS_SERVER(inode), inode);
1025 ++ error = nfs_lookup_verify_inode(inode, flags);
1026 + dfprintk(LOOKUPCACHE, "NFS: %s: inode %lu is %s\n",
1027 + __func__, inode->i_ino, error ? "invalid" : "valid");
1028 + return !error;
1029 +@@ -1420,6 +1420,7 @@ static int nfs4_lookup_revalidate(struct dentry *, unsigned int);
1030 +
1031 + const struct dentry_operations nfs4_dentry_operations = {
1032 + .d_revalidate = nfs4_lookup_revalidate,
1033 ++ .d_weak_revalidate = nfs_weak_revalidate,
1034 + .d_delete = nfs_dentry_delete,
1035 + .d_iput = nfs_dentry_iput,
1036 + .d_automount = nfs_d_automount,
1037 +diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
1038 +index 421935f3d909..11c67e8b939d 100644
1039 +--- a/fs/nfsd/nfs4state.c
1040 ++++ b/fs/nfsd/nfs4state.c
1041 +@@ -3379,7 +3379,9 @@ nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open)
1042 + /* ignore lock owners */
1043 + if (local->st_stateowner->so_is_open_owner == 0)
1044 + continue;
1045 +- if (local->st_stateowner == &oo->oo_owner) {
1046 ++ if (local->st_stateowner != &oo->oo_owner)
1047 ++ continue;
1048 ++ if (local->st_stid.sc_type == NFS4_OPEN_STID) {
1049 + ret = local;
1050 + atomic_inc(&ret->st_stid.sc_count);
1051 + break;
1052 +@@ -3388,6 +3390,52 @@ nfsd4_find_existing_open(struct nfs4_file *fp, struct nfsd4_open *open)
1053 + return ret;
1054 + }
1055 +
1056 ++static __be32
1057 ++nfsd4_verify_open_stid(struct nfs4_stid *s)
1058 ++{
1059 ++ __be32 ret = nfs_ok;
1060 ++
1061 ++ switch (s->sc_type) {
1062 ++ default:
1063 ++ break;
1064 ++ case NFS4_CLOSED_STID:
1065 ++ case NFS4_CLOSED_DELEG_STID:
1066 ++ ret = nfserr_bad_stateid;
1067 ++ break;
1068 ++ case NFS4_REVOKED_DELEG_STID:
1069 ++ ret = nfserr_deleg_revoked;
1070 ++ }
1071 ++ return ret;
1072 ++}
1073 ++
1074 ++/* Lock the stateid st_mutex, and deal with races with CLOSE */
1075 ++static __be32
1076 ++nfsd4_lock_ol_stateid(struct nfs4_ol_stateid *stp)
1077 ++{
1078 ++ __be32 ret;
1079 ++
1080 ++ mutex_lock(&stp->st_mutex);
1081 ++ ret = nfsd4_verify_open_stid(&stp->st_stid);
1082 ++ if (ret != nfs_ok)
1083 ++ mutex_unlock(&stp->st_mutex);
1084 ++ return ret;
1085 ++}
1086 ++
1087 ++static struct nfs4_ol_stateid *
1088 ++nfsd4_find_and_lock_existing_open(struct nfs4_file *fp, struct nfsd4_open *open)
1089 ++{
1090 ++ struct nfs4_ol_stateid *stp;
1091 ++ for (;;) {
1092 ++ spin_lock(&fp->fi_lock);
1093 ++ stp = nfsd4_find_existing_open(fp, open);
1094 ++ spin_unlock(&fp->fi_lock);
1095 ++ if (!stp || nfsd4_lock_ol_stateid(stp) == nfs_ok)
1096 ++ break;
1097 ++ nfs4_put_stid(&stp->st_stid);
1098 ++ }
1099 ++ return stp;
1100 ++}
1101 ++
1102 + static struct nfs4_openowner *
1103 + alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open,
1104 + struct nfsd4_compound_state *cstate)
1105 +@@ -3420,23 +3468,27 @@ alloc_init_open_stateowner(unsigned int strhashval, struct nfsd4_open *open,
1106 + }
1107 +
1108 + static struct nfs4_ol_stateid *
1109 +-init_open_stateid(struct nfs4_ol_stateid *stp, struct nfs4_file *fp,
1110 +- struct nfsd4_open *open)
1111 ++init_open_stateid(struct nfs4_file *fp, struct nfsd4_open *open)
1112 + {
1113 +
1114 + struct nfs4_openowner *oo = open->op_openowner;
1115 + struct nfs4_ol_stateid *retstp = NULL;
1116 ++ struct nfs4_ol_stateid *stp;
1117 +
1118 ++ stp = open->op_stp;
1119 + /* We are moving these outside of the spinlocks to avoid the warnings */
1120 + mutex_init(&stp->st_mutex);
1121 + mutex_lock(&stp->st_mutex);
1122 +
1123 ++retry:
1124 + spin_lock(&oo->oo_owner.so_client->cl_lock);
1125 + spin_lock(&fp->fi_lock);
1126 +
1127 + retstp = nfsd4_find_existing_open(fp, open);
1128 + if (retstp)
1129 + goto out_unlock;
1130 ++
1131 ++ open->op_stp = NULL;
1132 + atomic_inc(&stp->st_stid.sc_count);
1133 + stp->st_stid.sc_type = NFS4_OPEN_STID;
1134 + INIT_LIST_HEAD(&stp->st_locks);
1135 +@@ -3453,11 +3505,16 @@ out_unlock:
1136 + spin_unlock(&fp->fi_lock);
1137 + spin_unlock(&oo->oo_owner.so_client->cl_lock);
1138 + if (retstp) {
1139 +- mutex_lock(&retstp->st_mutex);
1140 +- /* Not that we need to, just for neatness */
1141 ++ /* Handle races with CLOSE */
1142 ++ if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) {
1143 ++ nfs4_put_stid(&retstp->st_stid);
1144 ++ goto retry;
1145 ++ }
1146 ++ /* To keep mutex tracking happy */
1147 + mutex_unlock(&stp->st_mutex);
1148 ++ stp = retstp;
1149 + }
1150 +- return retstp;
1151 ++ return stp;
1152 + }
1153 +
1154 + /*
1155 +@@ -4260,9 +4317,9 @@ nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nf
1156 + struct nfs4_client *cl = open->op_openowner->oo_owner.so_client;
1157 + struct nfs4_file *fp = NULL;
1158 + struct nfs4_ol_stateid *stp = NULL;
1159 +- struct nfs4_ol_stateid *swapstp = NULL;
1160 + struct nfs4_delegation *dp = NULL;
1161 + __be32 status;
1162 ++ bool new_stp = false;
1163 +
1164 + /*
1165 + * Lookup file; if found, lookup stateid and check open request,
1166 +@@ -4274,9 +4331,7 @@ nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nf
1167 + status = nfs4_check_deleg(cl, open, &dp);
1168 + if (status)
1169 + goto out;
1170 +- spin_lock(&fp->fi_lock);
1171 +- stp = nfsd4_find_existing_open(fp, open);
1172 +- spin_unlock(&fp->fi_lock);
1173 ++ stp = nfsd4_find_and_lock_existing_open(fp, open);
1174 + } else {
1175 + open->op_file = NULL;
1176 + status = nfserr_bad_stateid;
1177 +@@ -4284,41 +4339,31 @@ nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nf
1178 + goto out;
1179 + }
1180 +
1181 ++ if (!stp) {
1182 ++ stp = init_open_stateid(fp, open);
1183 ++ if (!open->op_stp)
1184 ++ new_stp = true;
1185 ++ }
1186 ++
1187 + /*
1188 + * OPEN the file, or upgrade an existing OPEN.
1189 + * If truncate fails, the OPEN fails.
1190 ++ *
1191 ++ * stp is already locked.
1192 + */
1193 +- if (stp) {
1194 ++ if (!new_stp) {
1195 + /* Stateid was found, this is an OPEN upgrade */
1196 +- mutex_lock(&stp->st_mutex);
1197 + status = nfs4_upgrade_open(rqstp, fp, current_fh, stp, open);
1198 + if (status) {
1199 + mutex_unlock(&stp->st_mutex);
1200 + goto out;
1201 + }
1202 + } else {
1203 +- stp = open->op_stp;
1204 +- open->op_stp = NULL;
1205 +- /*
1206 +- * init_open_stateid() either returns a locked stateid
1207 +- * it found, or initializes and locks the new one we passed in
1208 +- */
1209 +- swapstp = init_open_stateid(stp, fp, open);
1210 +- if (swapstp) {
1211 +- nfs4_put_stid(&stp->st_stid);
1212 +- stp = swapstp;
1213 +- status = nfs4_upgrade_open(rqstp, fp, current_fh,
1214 +- stp, open);
1215 +- if (status) {
1216 +- mutex_unlock(&stp->st_mutex);
1217 +- goto out;
1218 +- }
1219 +- goto upgrade_out;
1220 +- }
1221 + status = nfs4_get_vfs_file(rqstp, fp, current_fh, stp, open);
1222 + if (status) {
1223 +- mutex_unlock(&stp->st_mutex);
1224 ++ stp->st_stid.sc_type = NFS4_CLOSED_STID;
1225 + release_open_stateid(stp);
1226 ++ mutex_unlock(&stp->st_mutex);
1227 + goto out;
1228 + }
1229 +
1230 +@@ -4327,7 +4372,7 @@ nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nf
1231 + if (stp->st_clnt_odstate == open->op_odstate)
1232 + open->op_odstate = NULL;
1233 + }
1234 +-upgrade_out:
1235 ++
1236 + nfs4_inc_and_copy_stateid(&open->op_stateid, &stp->st_stid);
1237 + mutex_unlock(&stp->st_mutex);
1238 +
1239 +@@ -5153,7 +5198,6 @@ static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s)
1240 + bool unhashed;
1241 + LIST_HEAD(reaplist);
1242 +
1243 +- s->st_stid.sc_type = NFS4_CLOSED_STID;
1244 + spin_lock(&clp->cl_lock);
1245 + unhashed = unhash_open_stateid(s, &reaplist);
1246 +
1247 +@@ -5192,10 +5236,12 @@ nfsd4_close(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
1248 + nfsd4_bump_seqid(cstate, status);
1249 + if (status)
1250 + goto out;
1251 ++
1252 ++ stp->st_stid.sc_type = NFS4_CLOSED_STID;
1253 + nfs4_inc_and_copy_stateid(&close->cl_stateid, &stp->st_stid);
1254 +- mutex_unlock(&stp->st_mutex);
1255 +
1256 + nfsd4_close_open_stateid(stp);
1257 ++ mutex_unlock(&stp->st_mutex);
1258 +
1259 + /* put reference from nfs4_preprocess_seqid_op */
1260 + nfs4_put_stid(&stp->st_stid);
1261 +diff --git a/include/linux/netlink.h b/include/linux/netlink.h
1262 +index 639e9b8b0e4d..0b41959aab9f 100644
1263 +--- a/include/linux/netlink.h
1264 ++++ b/include/linux/netlink.h
1265 +@@ -131,6 +131,7 @@ netlink_skb_clone(struct sk_buff *skb, gfp_t gfp_mask)
1266 + struct netlink_callback {
1267 + struct sk_buff *skb;
1268 + const struct nlmsghdr *nlh;
1269 ++ int (*start)(struct netlink_callback *);
1270 + int (*dump)(struct sk_buff * skb,
1271 + struct netlink_callback *cb);
1272 + int (*done)(struct netlink_callback *cb);
1273 +@@ -153,6 +154,7 @@ struct nlmsghdr *
1274 + __nlmsg_put(struct sk_buff *skb, u32 portid, u32 seq, int type, int len, int flags);
1275 +
1276 + struct netlink_dump_control {
1277 ++ int (*start)(struct netlink_callback *);
1278 + int (*dump)(struct sk_buff *skb, struct netlink_callback *);
1279 + int (*done)(struct netlink_callback *);
1280 + void *data;
1281 +diff --git a/include/net/genetlink.h b/include/net/genetlink.h
1282 +index 1b6b6dcb018d..43c0e771f417 100644
1283 +--- a/include/net/genetlink.h
1284 ++++ b/include/net/genetlink.h
1285 +@@ -114,6 +114,7 @@ static inline void genl_info_net_set(struct genl_info *info, struct net *net)
1286 + * @flags: flags
1287 + * @policy: attribute validation policy
1288 + * @doit: standard command callback
1289 ++ * @start: start callback for dumps
1290 + * @dumpit: callback for dumpers
1291 + * @done: completion callback for dumps
1292 + * @ops_list: operations list
1293 +@@ -122,6 +123,7 @@ struct genl_ops {
1294 + const struct nla_policy *policy;
1295 + int (*doit)(struct sk_buff *skb,
1296 + struct genl_info *info);
1297 ++ int (*start)(struct netlink_callback *cb);
1298 + int (*dumpit)(struct sk_buff *skb,
1299 + struct netlink_callback *cb);
1300 + int (*done)(struct netlink_callback *cb);
1301 +diff --git a/include/uapi/linux/bcache.h b/include/uapi/linux/bcache.h
1302 +index 22b6ad31c706..8562b1cb776b 100644
1303 +--- a/include/uapi/linux/bcache.h
1304 ++++ b/include/uapi/linux/bcache.h
1305 +@@ -90,7 +90,7 @@ PTR_FIELD(PTR_GEN, 0, 8)
1306 +
1307 + #define PTR_CHECK_DEV ((1 << PTR_DEV_BITS) - 1)
1308 +
1309 +-#define PTR(gen, offset, dev) \
1310 ++#define MAKE_PTR(gen, offset, dev) \
1311 + ((((__u64) dev) << 51) | ((__u64) offset) << 8 | gen)
1312 +
1313 + /* Bkey utility code */
1314 +diff --git a/mm/huge_memory.c b/mm/huge_memory.c
1315 +index 6c6f5ccfcda1..8f3769ec8575 100644
1316 +--- a/mm/huge_memory.c
1317 ++++ b/mm/huge_memory.c
1318 +@@ -1304,17 +1304,11 @@ struct page *follow_trans_huge_pmd(struct vm_area_struct *vma,
1319 + VM_BUG_ON_PAGE(!PageHead(page), page);
1320 + if (flags & FOLL_TOUCH) {
1321 + pmd_t _pmd;
1322 +- /*
1323 +- * We should set the dirty bit only for FOLL_WRITE but
1324 +- * for now the dirty bit in the pmd is meaningless.
1325 +- * And if the dirty bit will become meaningful and
1326 +- * we'll only set it with FOLL_WRITE, an atomic
1327 +- * set_bit will be required on the pmd to set the
1328 +- * young bit, instead of the current set_pmd_at.
1329 +- */
1330 +- _pmd = pmd_mkyoung(pmd_mkdirty(*pmd));
1331 ++ _pmd = pmd_mkyoung(*pmd);
1332 ++ if (flags & FOLL_WRITE)
1333 ++ _pmd = pmd_mkdirty(_pmd);
1334 + if (pmdp_set_access_flags(vma, addr & HPAGE_PMD_MASK,
1335 +- pmd, _pmd, 1))
1336 ++ pmd, _pmd, flags & FOLL_WRITE))
1337 + update_mmu_cache_pmd(vma, addr, pmd);
1338 + }
1339 + if ((flags & FOLL_MLOCK) && (vma->vm_flags & VM_LOCKED)) {
1340 +diff --git a/mm/madvise.c b/mm/madvise.c
1341 +index c889fcbb530e..2a0f9a4504f1 100644
1342 +--- a/mm/madvise.c
1343 ++++ b/mm/madvise.c
1344 +@@ -223,15 +223,14 @@ static long madvise_willneed(struct vm_area_struct *vma,
1345 + {
1346 + struct file *file = vma->vm_file;
1347 +
1348 ++ *prev = vma;
1349 + #ifdef CONFIG_SWAP
1350 + if (!file) {
1351 +- *prev = vma;
1352 + force_swapin_readahead(vma, start, end);
1353 + return 0;
1354 + }
1355 +
1356 + if (shmem_mapping(file->f_mapping)) {
1357 +- *prev = vma;
1358 + force_shm_swapin_readahead(vma, start, end,
1359 + file->f_mapping);
1360 + return 0;
1361 +@@ -246,7 +245,6 @@ static long madvise_willneed(struct vm_area_struct *vma,
1362 + return 0;
1363 + }
1364 +
1365 +- *prev = vma;
1366 + start = ((start - vma->vm_start) >> PAGE_SHIFT) + vma->vm_pgoff;
1367 + if (end > vma->vm_end)
1368 + end = vma->vm_end;
1369 +diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
1370 +index 9ecdd61c6463..a87afc4f3c91 100644
1371 +--- a/net/netlink/af_netlink.c
1372 ++++ b/net/netlink/af_netlink.c
1373 +@@ -2203,6 +2203,7 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
1374 +
1375 + cb = &nlk->cb;
1376 + memset(cb, 0, sizeof(*cb));
1377 ++ cb->start = control->start;
1378 + cb->dump = control->dump;
1379 + cb->done = control->done;
1380 + cb->nlh = nlh;
1381 +@@ -2216,6 +2217,9 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
1382 +
1383 + mutex_unlock(nlk->cb_mutex);
1384 +
1385 ++ if (cb->start)
1386 ++ cb->start(cb);
1387 ++
1388 + ret = netlink_dump(sk);
1389 + sock_put(sk);
1390 +
1391 +diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c
1392 +index bc0e504f33a6..8e63662c6fb0 100644
1393 +--- a/net/netlink/genetlink.c
1394 ++++ b/net/netlink/genetlink.c
1395 +@@ -513,6 +513,20 @@ void *genlmsg_put(struct sk_buff *skb, u32 portid, u32 seq,
1396 + }
1397 + EXPORT_SYMBOL(genlmsg_put);
1398 +
1399 ++static int genl_lock_start(struct netlink_callback *cb)
1400 ++{
1401 ++ /* our ops are always const - netlink API doesn't propagate that */
1402 ++ const struct genl_ops *ops = cb->data;
1403 ++ int rc = 0;
1404 ++
1405 ++ if (ops->start) {
1406 ++ genl_lock();
1407 ++ rc = ops->start(cb);
1408 ++ genl_unlock();
1409 ++ }
1410 ++ return rc;
1411 ++}
1412 ++
1413 + static int genl_lock_dumpit(struct sk_buff *skb, struct netlink_callback *cb)
1414 + {
1415 + /* our ops are always const - netlink API doesn't propagate that */
1416 +@@ -577,6 +591,7 @@ static int genl_family_rcv_msg(struct genl_family *family,
1417 + .module = family->module,
1418 + /* we have const, but the netlink API doesn't */
1419 + .data = (void *)ops,
1420 ++ .start = genl_lock_start,
1421 + .dump = genl_lock_dumpit,
1422 + .done = genl_lock_done,
1423 + };
1424 +@@ -588,6 +603,7 @@ static int genl_family_rcv_msg(struct genl_family *family,
1425 + } else {
1426 + struct netlink_dump_control c = {
1427 + .module = family->module,
1428 ++ .start = ops->start,
1429 + .dump = ops->dumpit,
1430 + .done = ops->done,
1431 + };
1432 +diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
1433 +index 7a5a64e70b4d..76944a4839a5 100644
1434 +--- a/net/xfrm/xfrm_user.c
1435 ++++ b/net/xfrm/xfrm_user.c
1436 +@@ -1652,32 +1652,34 @@ static int dump_one_policy(struct xfrm_policy *xp, int dir, int count, void *ptr
1437 +
1438 + static int xfrm_dump_policy_done(struct netlink_callback *cb)
1439 + {
1440 +- struct xfrm_policy_walk *walk = (struct xfrm_policy_walk *) &cb->args[1];
1441 ++ struct xfrm_policy_walk *walk = (struct xfrm_policy_walk *)cb->args;
1442 + struct net *net = sock_net(cb->skb->sk);
1443 +
1444 + xfrm_policy_walk_done(walk, net);
1445 + return 0;
1446 + }
1447 +
1448 ++static int xfrm_dump_policy_start(struct netlink_callback *cb)
1449 ++{
1450 ++ struct xfrm_policy_walk *walk = (struct xfrm_policy_walk *)cb->args;
1451 ++
1452 ++ BUILD_BUG_ON(sizeof(*walk) > sizeof(cb->args));
1453 ++
1454 ++ xfrm_policy_walk_init(walk, XFRM_POLICY_TYPE_ANY);
1455 ++ return 0;
1456 ++}
1457 ++
1458 + static int xfrm_dump_policy(struct sk_buff *skb, struct netlink_callback *cb)
1459 + {
1460 + struct net *net = sock_net(skb->sk);
1461 +- struct xfrm_policy_walk *walk = (struct xfrm_policy_walk *) &cb->args[1];
1462 ++ struct xfrm_policy_walk *walk = (struct xfrm_policy_walk *)cb->args;
1463 + struct xfrm_dump_info info;
1464 +
1465 +- BUILD_BUG_ON(sizeof(struct xfrm_policy_walk) >
1466 +- sizeof(cb->args) - sizeof(cb->args[0]));
1467 +-
1468 + info.in_skb = cb->skb;
1469 + info.out_skb = skb;
1470 + info.nlmsg_seq = cb->nlh->nlmsg_seq;
1471 + info.nlmsg_flags = NLM_F_MULTI;
1472 +
1473 +- if (!cb->args[0]) {
1474 +- cb->args[0] = 1;
1475 +- xfrm_policy_walk_init(walk, XFRM_POLICY_TYPE_ANY);
1476 +- }
1477 +-
1478 + (void) xfrm_policy_walk(net, walk, dump_one_policy, &info);
1479 +
1480 + return skb->len;
1481 +@@ -2415,6 +2417,7 @@ static const struct nla_policy xfrma_spd_policy[XFRMA_SPD_MAX+1] = {
1482 +
1483 + static const struct xfrm_link {
1484 + int (*doit)(struct sk_buff *, struct nlmsghdr *, struct nlattr **);
1485 ++ int (*start)(struct netlink_callback *);
1486 + int (*dump)(struct sk_buff *, struct netlink_callback *);
1487 + int (*done)(struct netlink_callback *);
1488 + const struct nla_policy *nla_pol;
1489 +@@ -2428,6 +2431,7 @@ static const struct xfrm_link {
1490 + [XFRM_MSG_NEWPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_add_policy },
1491 + [XFRM_MSG_DELPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_get_policy },
1492 + [XFRM_MSG_GETPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_get_policy,
1493 ++ .start = xfrm_dump_policy_start,
1494 + .dump = xfrm_dump_policy,
1495 + .done = xfrm_dump_policy_done },
1496 + [XFRM_MSG_ALLOCSPI - XFRM_MSG_BASE] = { .doit = xfrm_alloc_userspi },
1497 +@@ -2479,6 +2483,7 @@ static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
1498 +
1499 + {
1500 + struct netlink_dump_control c = {
1501 ++ .start = link->start,
1502 + .dump = link->dump,
1503 + .done = link->done,
1504 + };
Report Message
Find on MARC Find on Google Groups