1 |
commit: 18c77bab22d8887efd5b3439655f1b258b7aafce |
2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Oct 11 17:04:36 2019 +0000 |
4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Oct 11 17:04:36 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=18c77bab |
7 |
|
8 |
Linux patch 4.19.79 |
9 |
|
10 |
Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org> |
11 |
|
12 |
0000_README | 4 + |
13 |
1078_linux-4.19.79.patch | 4369 ++++++++++++++++++++++++++++++++++++++++++++++ |
14 |
2 files changed, 4373 insertions(+) |
15 |
|
16 |
diff --git a/0000_README b/0000_README |
17 |
index 021985c..e1f1ada 100644 |
18 |
--- a/0000_README |
19 |
+++ b/0000_README |
20 |
@@ -351,6 +351,10 @@ Patch: 1077_linux-4.19.78.patch |
21 |
From: https://www.kernel.org |
22 |
Desc: Linux 4.19.78 |
23 |
|
24 |
+Patch: 1078_linux-4.19.79.patch |
25 |
+From: https://www.kernel.org |
26 |
+Desc: Linux 4.19.79 |
27 |
+ |
28 |
Patch: 1500_XATTR_USER_PREFIX.patch |
29 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
30 |
Desc: Support for namespace user.pax.* on tmpfs. |
31 |
|
32 |
diff --git a/1078_linux-4.19.79.patch b/1078_linux-4.19.79.patch |
33 |
new file mode 100644 |
34 |
index 0000000..46d1d23 |
35 |
--- /dev/null |
36 |
+++ b/1078_linux-4.19.79.patch |
37 |
@@ -0,0 +1,4369 @@ |
38 |
+diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt |
39 |
+index e8ddf0ef232e..16607b178b47 100644 |
40 |
+--- a/Documentation/admin-guide/kernel-parameters.txt |
41 |
++++ b/Documentation/admin-guide/kernel-parameters.txt |
42 |
+@@ -2503,8 +2503,8 @@ |
43 |
+ http://repo.or.cz/w/linux-2.6/mini2440.git |
44 |
+ |
45 |
+ mitigations= |
46 |
+- [X86,PPC,S390] Control optional mitigations for CPU |
47 |
+- vulnerabilities. This is a set of curated, |
48 |
++ [X86,PPC,S390,ARM64] Control optional mitigations for |
49 |
++ CPU vulnerabilities. This is a set of curated, |
50 |
+ arch-independent options, each of which is an |
51 |
+ aggregation of existing arch-specific options. |
52 |
+ |
53 |
+@@ -2513,12 +2513,14 @@ |
54 |
+ improves system performance, but it may also |
55 |
+ expose users to several CPU vulnerabilities. |
56 |
+ Equivalent to: nopti [X86,PPC] |
57 |
++ kpti=0 [ARM64] |
58 |
+ nospectre_v1 [PPC] |
59 |
+ nobp=0 [S390] |
60 |
+ nospectre_v1 [X86] |
61 |
+- nospectre_v2 [X86,PPC,S390] |
62 |
++ nospectre_v2 [X86,PPC,S390,ARM64] |
63 |
+ spectre_v2_user=off [X86] |
64 |
+ spec_store_bypass_disable=off [X86,PPC] |
65 |
++ ssbd=force-off [ARM64] |
66 |
+ l1tf=off [X86] |
67 |
+ mds=off [X86] |
68 |
+ |
69 |
+@@ -2866,10 +2868,10 @@ |
70 |
+ (bounds check bypass). With this option data leaks |
71 |
+ are possible in the system. |
72 |
+ |
73 |
+- nospectre_v2 [X86,PPC_FSL_BOOK3E] Disable all mitigations for the Spectre variant 2 |
74 |
+- (indirect branch prediction) vulnerability. System may |
75 |
+- allow data leaks with this option, which is equivalent |
76 |
+- to spectre_v2=off. |
77 |
++ nospectre_v2 [X86,PPC_FSL_BOOK3E,ARM64] Disable all mitigations for |
78 |
++ the Spectre variant 2 (indirect branch prediction) |
79 |
++ vulnerability. System may allow data leaks with this |
80 |
++ option. |
81 |
+ |
82 |
+ nospec_store_bypass_disable |
83 |
+ [HW] Disable all mitigations for the Speculative Store Bypass vulnerability |
84 |
+diff --git a/Documentation/arm64/elf_hwcaps.txt b/Documentation/arm64/elf_hwcaps.txt |
85 |
+index d6aff2c5e9e2..6feaffe90e22 100644 |
86 |
+--- a/Documentation/arm64/elf_hwcaps.txt |
87 |
++++ b/Documentation/arm64/elf_hwcaps.txt |
88 |
+@@ -178,3 +178,7 @@ HWCAP_ILRCPC |
89 |
+ HWCAP_FLAGM |
90 |
+ |
91 |
+ Functionality implied by ID_AA64ISAR0_EL1.TS == 0b0001. |
92 |
++ |
93 |
++HWCAP_SSBS |
94 |
++ |
95 |
++ Functionality implied by ID_AA64PFR1_EL1.SSBS == 0b0010. |
96 |
+diff --git a/Makefile b/Makefile |
97 |
+index 440c5b5c4f4b..4d29c7370b46 100644 |
98 |
+--- a/Makefile |
99 |
++++ b/Makefile |
100 |
+@@ -1,7 +1,7 @@ |
101 |
+ # SPDX-License-Identifier: GPL-2.0 |
102 |
+ VERSION = 4 |
103 |
+ PATCHLEVEL = 19 |
104 |
+-SUBLEVEL = 78 |
105 |
++SUBLEVEL = 79 |
106 |
+ EXTRAVERSION = |
107 |
+ NAME = "People's Front" |
108 |
+ |
109 |
+diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig |
110 |
+index e3ebece79617..51fe21f5d078 100644 |
111 |
+--- a/arch/arm64/Kconfig |
112 |
++++ b/arch/arm64/Kconfig |
113 |
+@@ -84,6 +84,7 @@ config ARM64 |
114 |
+ select GENERIC_CLOCKEVENTS |
115 |
+ select GENERIC_CLOCKEVENTS_BROADCAST |
116 |
+ select GENERIC_CPU_AUTOPROBE |
117 |
++ select GENERIC_CPU_VULNERABILITIES |
118 |
+ select GENERIC_EARLY_IOREMAP |
119 |
+ select GENERIC_IDLE_POLL_SETUP |
120 |
+ select GENERIC_IRQ_MULTI_HANDLER |
121 |
+diff --git a/arch/arm64/include/asm/cpucaps.h b/arch/arm64/include/asm/cpucaps.h |
122 |
+index 25ce9056cf64..c3de0bbf0e9a 100644 |
123 |
+--- a/arch/arm64/include/asm/cpucaps.h |
124 |
++++ b/arch/arm64/include/asm/cpucaps.h |
125 |
+@@ -52,7 +52,8 @@ |
126 |
+ #define ARM64_MISMATCHED_CACHE_TYPE 31 |
127 |
+ #define ARM64_HAS_STAGE2_FWB 32 |
128 |
+ #define ARM64_WORKAROUND_1463225 33 |
129 |
++#define ARM64_SSBS 34 |
130 |
+ |
131 |
+-#define ARM64_NCAPS 34 |
132 |
++#define ARM64_NCAPS 35 |
133 |
+ |
134 |
+ #endif /* __ASM_CPUCAPS_H */ |
135 |
+diff --git a/arch/arm64/include/asm/cpufeature.h b/arch/arm64/include/asm/cpufeature.h |
136 |
+index 510f687d269a..dda6e5056810 100644 |
137 |
+--- a/arch/arm64/include/asm/cpufeature.h |
138 |
++++ b/arch/arm64/include/asm/cpufeature.h |
139 |
+@@ -525,11 +525,7 @@ static inline int arm64_get_ssbd_state(void) |
140 |
+ #endif |
141 |
+ } |
142 |
+ |
143 |
+-#ifdef CONFIG_ARM64_SSBD |
144 |
+ void arm64_set_ssbd_mitigation(bool state); |
145 |
+-#else |
146 |
+-static inline void arm64_set_ssbd_mitigation(bool state) {} |
147 |
+-#endif |
148 |
+ |
149 |
+ #endif /* __ASSEMBLY__ */ |
150 |
+ |
151 |
+diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h |
152 |
+index 6abe4002945f..367b2e0b6d76 100644 |
153 |
+--- a/arch/arm64/include/asm/kvm_host.h |
154 |
++++ b/arch/arm64/include/asm/kvm_host.h |
155 |
+@@ -398,6 +398,8 @@ struct kvm_vcpu *kvm_mpidr_to_vcpu(struct kvm *kvm, unsigned long mpidr); |
156 |
+ |
157 |
+ DECLARE_PER_CPU(kvm_cpu_context_t, kvm_host_cpu_state); |
158 |
+ |
159 |
++void __kvm_enable_ssbs(void); |
160 |
++ |
161 |
+ static inline void __cpu_init_hyp_mode(phys_addr_t pgd_ptr, |
162 |
+ unsigned long hyp_stack_ptr, |
163 |
+ unsigned long vector_ptr) |
164 |
+@@ -418,6 +420,15 @@ static inline void __cpu_init_hyp_mode(phys_addr_t pgd_ptr, |
165 |
+ */ |
166 |
+ BUG_ON(!static_branch_likely(&arm64_const_caps_ready)); |
167 |
+ __kvm_call_hyp((void *)pgd_ptr, hyp_stack_ptr, vector_ptr, tpidr_el2); |
168 |
++ |
169 |
++ /* |
170 |
++ * Disabling SSBD on a non-VHE system requires us to enable SSBS |
171 |
++ * at EL2. |
172 |
++ */ |
173 |
++ if (!has_vhe() && this_cpu_has_cap(ARM64_SSBS) && |
174 |
++ arm64_get_ssbd_state() == ARM64_SSBD_FORCE_DISABLE) { |
175 |
++ kvm_call_hyp(__kvm_enable_ssbs); |
176 |
++ } |
177 |
+ } |
178 |
+ |
179 |
+ static inline bool kvm_arch_check_sve_has_vhe(void) |
180 |
+diff --git a/arch/arm64/include/asm/processor.h b/arch/arm64/include/asm/processor.h |
181 |
+index def5a5e807f0..773ea8e0e442 100644 |
182 |
+--- a/arch/arm64/include/asm/processor.h |
183 |
++++ b/arch/arm64/include/asm/processor.h |
184 |
+@@ -177,11 +177,25 @@ static inline void start_thread_common(struct pt_regs *regs, unsigned long pc) |
185 |
+ regs->pc = pc; |
186 |
+ } |
187 |
+ |
188 |
++static inline void set_ssbs_bit(struct pt_regs *regs) |
189 |
++{ |
190 |
++ regs->pstate |= PSR_SSBS_BIT; |
191 |
++} |
192 |
++ |
193 |
++static inline void set_compat_ssbs_bit(struct pt_regs *regs) |
194 |
++{ |
195 |
++ regs->pstate |= PSR_AA32_SSBS_BIT; |
196 |
++} |
197 |
++ |
198 |
+ static inline void start_thread(struct pt_regs *regs, unsigned long pc, |
199 |
+ unsigned long sp) |
200 |
+ { |
201 |
+ start_thread_common(regs, pc); |
202 |
+ regs->pstate = PSR_MODE_EL0t; |
203 |
++ |
204 |
++ if (arm64_get_ssbd_state() != ARM64_SSBD_FORCE_ENABLE) |
205 |
++ set_ssbs_bit(regs); |
206 |
++ |
207 |
+ regs->sp = sp; |
208 |
+ } |
209 |
+ |
210 |
+@@ -198,6 +212,9 @@ static inline void compat_start_thread(struct pt_regs *regs, unsigned long pc, |
211 |
+ regs->pstate |= PSR_AA32_E_BIT; |
212 |
+ #endif |
213 |
+ |
214 |
++ if (arm64_get_ssbd_state() != ARM64_SSBD_FORCE_ENABLE) |
215 |
++ set_compat_ssbs_bit(regs); |
216 |
++ |
217 |
+ regs->compat_sp = sp; |
218 |
+ } |
219 |
+ #endif |
220 |
+diff --git a/arch/arm64/include/asm/ptrace.h b/arch/arm64/include/asm/ptrace.h |
221 |
+index 177b851ca6d9..6bc43889d11e 100644 |
222 |
+--- a/arch/arm64/include/asm/ptrace.h |
223 |
++++ b/arch/arm64/include/asm/ptrace.h |
224 |
+@@ -50,6 +50,7 @@ |
225 |
+ #define PSR_AA32_I_BIT 0x00000080 |
226 |
+ #define PSR_AA32_A_BIT 0x00000100 |
227 |
+ #define PSR_AA32_E_BIT 0x00000200 |
228 |
++#define PSR_AA32_SSBS_BIT 0x00800000 |
229 |
+ #define PSR_AA32_DIT_BIT 0x01000000 |
230 |
+ #define PSR_AA32_Q_BIT 0x08000000 |
231 |
+ #define PSR_AA32_V_BIT 0x10000000 |
232 |
+diff --git a/arch/arm64/include/asm/sysreg.h b/arch/arm64/include/asm/sysreg.h |
233 |
+index c1470931b897..3091ae5975a3 100644 |
234 |
+--- a/arch/arm64/include/asm/sysreg.h |
235 |
++++ b/arch/arm64/include/asm/sysreg.h |
236 |
+@@ -86,11 +86,14 @@ |
237 |
+ |
238 |
+ #define REG_PSTATE_PAN_IMM sys_reg(0, 0, 4, 0, 4) |
239 |
+ #define REG_PSTATE_UAO_IMM sys_reg(0, 0, 4, 0, 3) |
240 |
++#define REG_PSTATE_SSBS_IMM sys_reg(0, 3, 4, 0, 1) |
241 |
+ |
242 |
+ #define SET_PSTATE_PAN(x) __emit_inst(0xd5000000 | REG_PSTATE_PAN_IMM | \ |
243 |
+ (!!x)<<8 | 0x1f) |
244 |
+ #define SET_PSTATE_UAO(x) __emit_inst(0xd5000000 | REG_PSTATE_UAO_IMM | \ |
245 |
+ (!!x)<<8 | 0x1f) |
246 |
++#define SET_PSTATE_SSBS(x) __emit_inst(0xd5000000 | REG_PSTATE_SSBS_IMM | \ |
247 |
++ (!!x)<<8 | 0x1f) |
248 |
+ |
249 |
+ #define SYS_DC_ISW sys_insn(1, 0, 7, 6, 2) |
250 |
+ #define SYS_DC_CSW sys_insn(1, 0, 7, 10, 2) |
251 |
+@@ -419,6 +422,7 @@ |
252 |
+ #define SYS_ICH_LR15_EL2 __SYS__LR8_EL2(7) |
253 |
+ |
254 |
+ /* Common SCTLR_ELx flags. */ |
255 |
++#define SCTLR_ELx_DSSBS (1UL << 44) |
256 |
+ #define SCTLR_ELx_EE (1 << 25) |
257 |
+ #define SCTLR_ELx_IESB (1 << 21) |
258 |
+ #define SCTLR_ELx_WXN (1 << 19) |
259 |
+@@ -439,7 +443,7 @@ |
260 |
+ (1 << 10) | (1 << 13) | (1 << 14) | (1 << 15) | \ |
261 |
+ (1 << 17) | (1 << 20) | (1 << 24) | (1 << 26) | \ |
262 |
+ (1 << 27) | (1 << 30) | (1 << 31) | \ |
263 |
+- (0xffffffffUL << 32)) |
264 |
++ (0xffffefffUL << 32)) |
265 |
+ |
266 |
+ #ifdef CONFIG_CPU_BIG_ENDIAN |
267 |
+ #define ENDIAN_SET_EL2 SCTLR_ELx_EE |
268 |
+@@ -453,7 +457,7 @@ |
269 |
+ #define SCTLR_EL2_SET (SCTLR_ELx_IESB | ENDIAN_SET_EL2 | SCTLR_EL2_RES1) |
270 |
+ #define SCTLR_EL2_CLEAR (SCTLR_ELx_M | SCTLR_ELx_A | SCTLR_ELx_C | \ |
271 |
+ SCTLR_ELx_SA | SCTLR_ELx_I | SCTLR_ELx_WXN | \ |
272 |
+- ENDIAN_CLEAR_EL2 | SCTLR_EL2_RES0) |
273 |
++ SCTLR_ELx_DSSBS | ENDIAN_CLEAR_EL2 | SCTLR_EL2_RES0) |
274 |
+ |
275 |
+ #if (SCTLR_EL2_SET ^ SCTLR_EL2_CLEAR) != 0xffffffffffffffff |
276 |
+ #error "Inconsistent SCTLR_EL2 set/clear bits" |
277 |
+@@ -477,7 +481,7 @@ |
278 |
+ (1 << 29)) |
279 |
+ #define SCTLR_EL1_RES0 ((1 << 6) | (1 << 10) | (1 << 13) | (1 << 17) | \ |
280 |
+ (1 << 27) | (1 << 30) | (1 << 31) | \ |
281 |
+- (0xffffffffUL << 32)) |
282 |
++ (0xffffefffUL << 32)) |
283 |
+ |
284 |
+ #ifdef CONFIG_CPU_BIG_ENDIAN |
285 |
+ #define ENDIAN_SET_EL1 (SCTLR_EL1_E0E | SCTLR_ELx_EE) |
286 |
+@@ -494,7 +498,7 @@ |
287 |
+ ENDIAN_SET_EL1 | SCTLR_EL1_UCI | SCTLR_EL1_RES1) |
288 |
+ #define SCTLR_EL1_CLEAR (SCTLR_ELx_A | SCTLR_EL1_CP15BEN | SCTLR_EL1_ITD |\ |
289 |
+ SCTLR_EL1_UMA | SCTLR_ELx_WXN | ENDIAN_CLEAR_EL1 |\ |
290 |
+- SCTLR_EL1_RES0) |
291 |
++ SCTLR_ELx_DSSBS | SCTLR_EL1_RES0) |
292 |
+ |
293 |
+ #if (SCTLR_EL1_SET ^ SCTLR_EL1_CLEAR) != 0xffffffffffffffff |
294 |
+ #error "Inconsistent SCTLR_EL1 set/clear bits" |
295 |
+@@ -544,6 +548,13 @@ |
296 |
+ #define ID_AA64PFR0_EL0_64BIT_ONLY 0x1 |
297 |
+ #define ID_AA64PFR0_EL0_32BIT_64BIT 0x2 |
298 |
+ |
299 |
++/* id_aa64pfr1 */ |
300 |
++#define ID_AA64PFR1_SSBS_SHIFT 4 |
301 |
++ |
302 |
++#define ID_AA64PFR1_SSBS_PSTATE_NI 0 |
303 |
++#define ID_AA64PFR1_SSBS_PSTATE_ONLY 1 |
304 |
++#define ID_AA64PFR1_SSBS_PSTATE_INSNS 2 |
305 |
++ |
306 |
+ /* id_aa64mmfr0 */ |
307 |
+ #define ID_AA64MMFR0_TGRAN4_SHIFT 28 |
308 |
+ #define ID_AA64MMFR0_TGRAN64_SHIFT 24 |
309 |
+diff --git a/arch/arm64/include/uapi/asm/hwcap.h b/arch/arm64/include/uapi/asm/hwcap.h |
310 |
+index 17c65c8f33cb..2bcd6e4f3474 100644 |
311 |
+--- a/arch/arm64/include/uapi/asm/hwcap.h |
312 |
++++ b/arch/arm64/include/uapi/asm/hwcap.h |
313 |
+@@ -48,5 +48,6 @@ |
314 |
+ #define HWCAP_USCAT (1 << 25) |
315 |
+ #define HWCAP_ILRCPC (1 << 26) |
316 |
+ #define HWCAP_FLAGM (1 << 27) |
317 |
++#define HWCAP_SSBS (1 << 28) |
318 |
+ |
319 |
+ #endif /* _UAPI__ASM_HWCAP_H */ |
320 |
+diff --git a/arch/arm64/include/uapi/asm/ptrace.h b/arch/arm64/include/uapi/asm/ptrace.h |
321 |
+index 5dff8eccd17d..b0fd1d300154 100644 |
322 |
+--- a/arch/arm64/include/uapi/asm/ptrace.h |
323 |
++++ b/arch/arm64/include/uapi/asm/ptrace.h |
324 |
+@@ -46,6 +46,7 @@ |
325 |
+ #define PSR_I_BIT 0x00000080 |
326 |
+ #define PSR_A_BIT 0x00000100 |
327 |
+ #define PSR_D_BIT 0x00000200 |
328 |
++#define PSR_SSBS_BIT 0x00001000 |
329 |
+ #define PSR_PAN_BIT 0x00400000 |
330 |
+ #define PSR_UAO_BIT 0x00800000 |
331 |
+ #define PSR_V_BIT 0x10000000 |
332 |
+diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c |
333 |
+index dc6c535cbd13..9ccf16939d13 100644 |
334 |
+--- a/arch/arm64/kernel/cpu_errata.c |
335 |
++++ b/arch/arm64/kernel/cpu_errata.c |
336 |
+@@ -19,6 +19,7 @@ |
337 |
+ #include <linux/arm-smccc.h> |
338 |
+ #include <linux/psci.h> |
339 |
+ #include <linux/types.h> |
340 |
++#include <linux/cpu.h> |
341 |
+ #include <asm/cpu.h> |
342 |
+ #include <asm/cputype.h> |
343 |
+ #include <asm/cpufeature.h> |
344 |
+@@ -87,7 +88,6 @@ cpu_enable_trap_ctr_access(const struct arm64_cpu_capabilities *__unused) |
345 |
+ |
346 |
+ atomic_t arm64_el2_vector_last_slot = ATOMIC_INIT(-1); |
347 |
+ |
348 |
+-#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR |
349 |
+ #include <asm/mmu_context.h> |
350 |
+ #include <asm/cacheflush.h> |
351 |
+ |
352 |
+@@ -109,9 +109,9 @@ static void __copy_hyp_vect_bpi(int slot, const char *hyp_vecs_start, |
353 |
+ __flush_icache_range((uintptr_t)dst, (uintptr_t)dst + SZ_2K); |
354 |
+ } |
355 |
+ |
356 |
+-static void __install_bp_hardening_cb(bp_hardening_cb_t fn, |
357 |
+- const char *hyp_vecs_start, |
358 |
+- const char *hyp_vecs_end) |
359 |
++static void install_bp_hardening_cb(bp_hardening_cb_t fn, |
360 |
++ const char *hyp_vecs_start, |
361 |
++ const char *hyp_vecs_end) |
362 |
+ { |
363 |
+ static DEFINE_SPINLOCK(bp_lock); |
364 |
+ int cpu, slot = -1; |
365 |
+@@ -138,7 +138,7 @@ static void __install_bp_hardening_cb(bp_hardening_cb_t fn, |
366 |
+ #define __smccc_workaround_1_smc_start NULL |
367 |
+ #define __smccc_workaround_1_smc_end NULL |
368 |
+ |
369 |
+-static void __install_bp_hardening_cb(bp_hardening_cb_t fn, |
370 |
++static void install_bp_hardening_cb(bp_hardening_cb_t fn, |
371 |
+ const char *hyp_vecs_start, |
372 |
+ const char *hyp_vecs_end) |
373 |
+ { |
374 |
+@@ -146,23 +146,6 @@ static void __install_bp_hardening_cb(bp_hardening_cb_t fn, |
375 |
+ } |
376 |
+ #endif /* CONFIG_KVM_INDIRECT_VECTORS */ |
377 |
+ |
378 |
+-static void install_bp_hardening_cb(const struct arm64_cpu_capabilities *entry, |
379 |
+- bp_hardening_cb_t fn, |
380 |
+- const char *hyp_vecs_start, |
381 |
+- const char *hyp_vecs_end) |
382 |
+-{ |
383 |
+- u64 pfr0; |
384 |
+- |
385 |
+- if (!entry->matches(entry, SCOPE_LOCAL_CPU)) |
386 |
+- return; |
387 |
+- |
388 |
+- pfr0 = read_cpuid(ID_AA64PFR0_EL1); |
389 |
+- if (cpuid_feature_extract_unsigned_field(pfr0, ID_AA64PFR0_CSV2_SHIFT)) |
390 |
+- return; |
391 |
+- |
392 |
+- __install_bp_hardening_cb(fn, hyp_vecs_start, hyp_vecs_end); |
393 |
+-} |
394 |
+- |
395 |
+ #include <uapi/linux/psci.h> |
396 |
+ #include <linux/arm-smccc.h> |
397 |
+ #include <linux/psci.h> |
398 |
+@@ -189,60 +172,83 @@ static void qcom_link_stack_sanitization(void) |
399 |
+ : "=&r" (tmp)); |
400 |
+ } |
401 |
+ |
402 |
+-static void |
403 |
+-enable_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry) |
404 |
++static bool __nospectre_v2; |
405 |
++static int __init parse_nospectre_v2(char *str) |
406 |
++{ |
407 |
++ __nospectre_v2 = true; |
408 |
++ return 0; |
409 |
++} |
410 |
++early_param("nospectre_v2", parse_nospectre_v2); |
411 |
++ |
412 |
++/* |
413 |
++ * -1: No workaround |
414 |
++ * 0: No workaround required |
415 |
++ * 1: Workaround installed |
416 |
++ */ |
417 |
++static int detect_harden_bp_fw(void) |
418 |
+ { |
419 |
+ bp_hardening_cb_t cb; |
420 |
+ void *smccc_start, *smccc_end; |
421 |
+ struct arm_smccc_res res; |
422 |
+ u32 midr = read_cpuid_id(); |
423 |
+ |
424 |
+- if (!entry->matches(entry, SCOPE_LOCAL_CPU)) |
425 |
+- return; |
426 |
+- |
427 |
+ if (psci_ops.smccc_version == SMCCC_VERSION_1_0) |
428 |
+- return; |
429 |
++ return -1; |
430 |
+ |
431 |
+ switch (psci_ops.conduit) { |
432 |
+ case PSCI_CONDUIT_HVC: |
433 |
+ arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID, |
434 |
+ ARM_SMCCC_ARCH_WORKAROUND_1, &res); |
435 |
+- if ((int)res.a0 < 0) |
436 |
+- return; |
437 |
+- cb = call_hvc_arch_workaround_1; |
438 |
+- /* This is a guest, no need to patch KVM vectors */ |
439 |
+- smccc_start = NULL; |
440 |
+- smccc_end = NULL; |
441 |
++ switch ((int)res.a0) { |
442 |
++ case 1: |
443 |
++ /* Firmware says we're just fine */ |
444 |
++ return 0; |
445 |
++ case 0: |
446 |
++ cb = call_hvc_arch_workaround_1; |
447 |
++ /* This is a guest, no need to patch KVM vectors */ |
448 |
++ smccc_start = NULL; |
449 |
++ smccc_end = NULL; |
450 |
++ break; |
451 |
++ default: |
452 |
++ return -1; |
453 |
++ } |
454 |
+ break; |
455 |
+ |
456 |
+ case PSCI_CONDUIT_SMC: |
457 |
+ arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID, |
458 |
+ ARM_SMCCC_ARCH_WORKAROUND_1, &res); |
459 |
+- if ((int)res.a0 < 0) |
460 |
+- return; |
461 |
+- cb = call_smc_arch_workaround_1; |
462 |
+- smccc_start = __smccc_workaround_1_smc_start; |
463 |
+- smccc_end = __smccc_workaround_1_smc_end; |
464 |
++ switch ((int)res.a0) { |
465 |
++ case 1: |
466 |
++ /* Firmware says we're just fine */ |
467 |
++ return 0; |
468 |
++ case 0: |
469 |
++ cb = call_smc_arch_workaround_1; |
470 |
++ smccc_start = __smccc_workaround_1_smc_start; |
471 |
++ smccc_end = __smccc_workaround_1_smc_end; |
472 |
++ break; |
473 |
++ default: |
474 |
++ return -1; |
475 |
++ } |
476 |
+ break; |
477 |
+ |
478 |
+ default: |
479 |
+- return; |
480 |
++ return -1; |
481 |
+ } |
482 |
+ |
483 |
+ if (((midr & MIDR_CPU_MODEL_MASK) == MIDR_QCOM_FALKOR) || |
484 |
+ ((midr & MIDR_CPU_MODEL_MASK) == MIDR_QCOM_FALKOR_V1)) |
485 |
+ cb = qcom_link_stack_sanitization; |
486 |
+ |
487 |
+- install_bp_hardening_cb(entry, cb, smccc_start, smccc_end); |
488 |
++ if (IS_ENABLED(CONFIG_HARDEN_BRANCH_PREDICTOR)) |
489 |
++ install_bp_hardening_cb(cb, smccc_start, smccc_end); |
490 |
+ |
491 |
+- return; |
492 |
++ return 1; |
493 |
+ } |
494 |
+-#endif /* CONFIG_HARDEN_BRANCH_PREDICTOR */ |
495 |
+ |
496 |
+-#ifdef CONFIG_ARM64_SSBD |
497 |
+ DEFINE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required); |
498 |
+ |
499 |
+ int ssbd_state __read_mostly = ARM64_SSBD_KERNEL; |
500 |
++static bool __ssb_safe = true; |
501 |
+ |
502 |
+ static const struct ssbd_options { |
503 |
+ const char *str; |
504 |
+@@ -312,6 +318,19 @@ void __init arm64_enable_wa2_handling(struct alt_instr *alt, |
505 |
+ |
506 |
+ void arm64_set_ssbd_mitigation(bool state) |
507 |
+ { |
508 |
++ if (!IS_ENABLED(CONFIG_ARM64_SSBD)) { |
509 |
++ pr_info_once("SSBD disabled by kernel configuration\n"); |
510 |
++ return; |
511 |
++ } |
512 |
++ |
513 |
++ if (this_cpu_has_cap(ARM64_SSBS)) { |
514 |
++ if (state) |
515 |
++ asm volatile(SET_PSTATE_SSBS(0)); |
516 |
++ else |
517 |
++ asm volatile(SET_PSTATE_SSBS(1)); |
518 |
++ return; |
519 |
++ } |
520 |
++ |
521 |
+ switch (psci_ops.conduit) { |
522 |
+ case PSCI_CONDUIT_HVC: |
523 |
+ arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_WORKAROUND_2, state, NULL); |
524 |
+@@ -333,11 +352,28 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, |
525 |
+ struct arm_smccc_res res; |
526 |
+ bool required = true; |
527 |
+ s32 val; |
528 |
++ bool this_cpu_safe = false; |
529 |
+ |
530 |
+ WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible()); |
531 |
+ |
532 |
++ if (cpu_mitigations_off()) |
533 |
++ ssbd_state = ARM64_SSBD_FORCE_DISABLE; |
534 |
++ |
535 |
++ /* delay setting __ssb_safe until we get a firmware response */ |
536 |
++ if (is_midr_in_range_list(read_cpuid_id(), entry->midr_range_list)) |
537 |
++ this_cpu_safe = true; |
538 |
++ |
539 |
++ if (this_cpu_has_cap(ARM64_SSBS)) { |
540 |
++ if (!this_cpu_safe) |
541 |
++ __ssb_safe = false; |
542 |
++ required = false; |
543 |
++ goto out_printmsg; |
544 |
++ } |
545 |
++ |
546 |
+ if (psci_ops.smccc_version == SMCCC_VERSION_1_0) { |
547 |
+ ssbd_state = ARM64_SSBD_UNKNOWN; |
548 |
++ if (!this_cpu_safe) |
549 |
++ __ssb_safe = false; |
550 |
+ return false; |
551 |
+ } |
552 |
+ |
553 |
+@@ -354,6 +390,8 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, |
554 |
+ |
555 |
+ default: |
556 |
+ ssbd_state = ARM64_SSBD_UNKNOWN; |
557 |
++ if (!this_cpu_safe) |
558 |
++ __ssb_safe = false; |
559 |
+ return false; |
560 |
+ } |
561 |
+ |
562 |
+@@ -362,14 +400,18 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, |
563 |
+ switch (val) { |
564 |
+ case SMCCC_RET_NOT_SUPPORTED: |
565 |
+ ssbd_state = ARM64_SSBD_UNKNOWN; |
566 |
++ if (!this_cpu_safe) |
567 |
++ __ssb_safe = false; |
568 |
+ return false; |
569 |
+ |
570 |
++ /* machines with mixed mitigation requirements must not return this */ |
571 |
+ case SMCCC_RET_NOT_REQUIRED: |
572 |
+ pr_info_once("%s mitigation not required\n", entry->desc); |
573 |
+ ssbd_state = ARM64_SSBD_MITIGATED; |
574 |
+ return false; |
575 |
+ |
576 |
+ case SMCCC_RET_SUCCESS: |
577 |
++ __ssb_safe = false; |
578 |
+ required = true; |
579 |
+ break; |
580 |
+ |
581 |
+@@ -379,12 +421,13 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, |
582 |
+ |
583 |
+ default: |
584 |
+ WARN_ON(1); |
585 |
++ if (!this_cpu_safe) |
586 |
++ __ssb_safe = false; |
587 |
+ return false; |
588 |
+ } |
589 |
+ |
590 |
+ switch (ssbd_state) { |
591 |
+ case ARM64_SSBD_FORCE_DISABLE: |
592 |
+- pr_info_once("%s disabled from command-line\n", entry->desc); |
593 |
+ arm64_set_ssbd_mitigation(false); |
594 |
+ required = false; |
595 |
+ break; |
596 |
+@@ -397,7 +440,6 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, |
597 |
+ break; |
598 |
+ |
599 |
+ case ARM64_SSBD_FORCE_ENABLE: |
600 |
+- pr_info_once("%s forced from command-line\n", entry->desc); |
601 |
+ arm64_set_ssbd_mitigation(true); |
602 |
+ required = true; |
603 |
+ break; |
604 |
+@@ -407,9 +449,27 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, |
605 |
+ break; |
606 |
+ } |
607 |
+ |
608 |
++out_printmsg: |
609 |
++ switch (ssbd_state) { |
610 |
++ case ARM64_SSBD_FORCE_DISABLE: |
611 |
++ pr_info_once("%s disabled from command-line\n", entry->desc); |
612 |
++ break; |
613 |
++ |
614 |
++ case ARM64_SSBD_FORCE_ENABLE: |
615 |
++ pr_info_once("%s forced from command-line\n", entry->desc); |
616 |
++ break; |
617 |
++ } |
618 |
++ |
619 |
+ return required; |
620 |
+ } |
621 |
+-#endif /* CONFIG_ARM64_SSBD */ |
622 |
++ |
623 |
++/* known invulnerable cores */ |
624 |
++static const struct midr_range arm64_ssb_cpus[] = { |
625 |
++ MIDR_ALL_VERSIONS(MIDR_CORTEX_A35), |
626 |
++ MIDR_ALL_VERSIONS(MIDR_CORTEX_A53), |
627 |
++ MIDR_ALL_VERSIONS(MIDR_CORTEX_A55), |
628 |
++ {}, |
629 |
++}; |
630 |
+ |
631 |
+ #ifdef CONFIG_ARM64_ERRATUM_1463225 |
632 |
+ DEFINE_PER_CPU(int, __in_cortex_a76_erratum_1463225_wa); |
633 |
+@@ -464,6 +524,10 @@ has_cortex_a76_erratum_1463225(const struct arm64_cpu_capabilities *entry, |
634 |
+ .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, \ |
635 |
+ CAP_MIDR_RANGE_LIST(midr_list) |
636 |
+ |
637 |
++/* Track overall mitigation state. We are only mitigated if all cores are ok */ |
638 |
++static bool __hardenbp_enab = true; |
639 |
++static bool __spectrev2_safe = true; |
640 |
++ |
641 |
+ /* |
642 |
+ * Generic helper for handling capabilties with multiple (match,enable) pairs |
643 |
+ * of call backs, sharing the same capability bit. |
644 |
+@@ -496,26 +560,63 @@ multi_entry_cap_cpu_enable(const struct arm64_cpu_capabilities *entry) |
645 |
+ caps->cpu_enable(caps); |
646 |
+ } |
647 |
+ |
648 |
+-#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR |
649 |
+- |
650 |
+ /* |
651 |
+- * List of CPUs where we need to issue a psci call to |
652 |
+- * harden the branch predictor. |
653 |
++ * List of CPUs that do not need any Spectre-v2 mitigation at all. |
654 |
+ */ |
655 |
+-static const struct midr_range arm64_bp_harden_smccc_cpus[] = { |
656 |
+- MIDR_ALL_VERSIONS(MIDR_CORTEX_A57), |
657 |
+- MIDR_ALL_VERSIONS(MIDR_CORTEX_A72), |
658 |
+- MIDR_ALL_VERSIONS(MIDR_CORTEX_A73), |
659 |
+- MIDR_ALL_VERSIONS(MIDR_CORTEX_A75), |
660 |
+- MIDR_ALL_VERSIONS(MIDR_BRCM_VULCAN), |
661 |
+- MIDR_ALL_VERSIONS(MIDR_CAVIUM_THUNDERX2), |
662 |
+- MIDR_ALL_VERSIONS(MIDR_QCOM_FALKOR_V1), |
663 |
+- MIDR_ALL_VERSIONS(MIDR_QCOM_FALKOR), |
664 |
+- MIDR_ALL_VERSIONS(MIDR_NVIDIA_DENVER), |
665 |
+- {}, |
666 |
++static const struct midr_range spectre_v2_safe_list[] = { |
667 |
++ MIDR_ALL_VERSIONS(MIDR_CORTEX_A35), |
668 |
++ MIDR_ALL_VERSIONS(MIDR_CORTEX_A53), |
669 |
++ MIDR_ALL_VERSIONS(MIDR_CORTEX_A55), |
670 |
++ { /* sentinel */ } |
671 |
+ }; |
672 |
+ |
673 |
+-#endif |
674 |
++/* |
675 |
++ * Track overall bp hardening for all heterogeneous cores in the machine. |
676 |
++ * We are only considered "safe" if all booted cores are known safe. |
677 |
++ */ |
678 |
++static bool __maybe_unused |
679 |
++check_branch_predictor(const struct arm64_cpu_capabilities *entry, int scope) |
680 |
++{ |
681 |
++ int need_wa; |
682 |
++ |
683 |
++ WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible()); |
684 |
++ |
685 |
++ /* If the CPU has CSV2 set, we're safe */ |
686 |
++ if (cpuid_feature_extract_unsigned_field(read_cpuid(ID_AA64PFR0_EL1), |
687 |
++ ID_AA64PFR0_CSV2_SHIFT)) |
688 |
++ return false; |
689 |
++ |
690 |
++ /* Alternatively, we have a list of unaffected CPUs */ |
691 |
++ if (is_midr_in_range_list(read_cpuid_id(), spectre_v2_safe_list)) |
692 |
++ return false; |
693 |
++ |
694 |
++ /* Fallback to firmware detection */ |
695 |
++ need_wa = detect_harden_bp_fw(); |
696 |
++ if (!need_wa) |
697 |
++ return false; |
698 |
++ |
699 |
++ __spectrev2_safe = false; |
700 |
++ |
701 |
++ if (!IS_ENABLED(CONFIG_HARDEN_BRANCH_PREDICTOR)) { |
702 |
++ pr_warn_once("spectrev2 mitigation disabled by kernel configuration\n"); |
703 |
++ __hardenbp_enab = false; |
704 |
++ return false; |
705 |
++ } |
706 |
++ |
707 |
++ /* forced off */ |
708 |
++ if (__nospectre_v2 || cpu_mitigations_off()) { |
709 |
++ pr_info_once("spectrev2 mitigation disabled by command line option\n"); |
710 |
++ __hardenbp_enab = false; |
711 |
++ return false; |
712 |
++ } |
713 |
++ |
714 |
++ if (need_wa < 0) { |
715 |
++ pr_warn_once("ARM_SMCCC_ARCH_WORKAROUND_1 missing from firmware\n"); |
716 |
++ __hardenbp_enab = false; |
717 |
++ } |
718 |
++ |
719 |
++ return (need_wa > 0); |
720 |
++} |
721 |
+ |
722 |
+ #ifdef CONFIG_HARDEN_EL2_VECTORS |
723 |
+ |
724 |
+@@ -674,13 +775,11 @@ const struct arm64_cpu_capabilities arm64_errata[] = { |
725 |
+ ERRATA_MIDR_ALL_VERSIONS(MIDR_CORTEX_A73), |
726 |
+ }, |
727 |
+ #endif |
728 |
+-#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR |
729 |
+ { |
730 |
+ .capability = ARM64_HARDEN_BRANCH_PREDICTOR, |
731 |
+- .cpu_enable = enable_smccc_arch_workaround_1, |
732 |
+- ERRATA_MIDR_RANGE_LIST(arm64_bp_harden_smccc_cpus), |
733 |
++ .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, |
734 |
++ .matches = check_branch_predictor, |
735 |
+ }, |
736 |
+-#endif |
737 |
+ #ifdef CONFIG_HARDEN_EL2_VECTORS |
738 |
+ { |
739 |
+ .desc = "EL2 vector hardening", |
740 |
+@@ -688,14 +787,13 @@ const struct arm64_cpu_capabilities arm64_errata[] = { |
741 |
+ ERRATA_MIDR_RANGE_LIST(arm64_harden_el2_vectors), |
742 |
+ }, |
743 |
+ #endif |
744 |
+-#ifdef CONFIG_ARM64_SSBD |
745 |
+ { |
746 |
+ .desc = "Speculative Store Bypass Disable", |
747 |
+ .capability = ARM64_SSBD, |
748 |
+ .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, |
749 |
+ .matches = has_ssbd_mitigation, |
750 |
++ .midr_range_list = arm64_ssb_cpus, |
751 |
+ }, |
752 |
+-#endif |
753 |
+ #ifdef CONFIG_ARM64_ERRATUM_1463225 |
754 |
+ { |
755 |
+ .desc = "ARM erratum 1463225", |
756 |
+@@ -707,3 +805,38 @@ const struct arm64_cpu_capabilities arm64_errata[] = { |
757 |
+ { |
758 |
+ } |
759 |
+ }; |
760 |
++ |
761 |
++ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr, |
762 |
++ char *buf) |
763 |
++{ |
764 |
++ return sprintf(buf, "Mitigation: __user pointer sanitization\n"); |
765 |
++} |
766 |
++ |
767 |
++ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, |
768 |
++ char *buf) |
769 |
++{ |
770 |
++ if (__spectrev2_safe) |
771 |
++ return sprintf(buf, "Not affected\n"); |
772 |
++ |
773 |
++ if (__hardenbp_enab) |
774 |
++ return sprintf(buf, "Mitigation: Branch predictor hardening\n"); |
775 |
++ |
776 |
++ return sprintf(buf, "Vulnerable\n"); |
777 |
++} |
778 |
++ |
779 |
++ssize_t cpu_show_spec_store_bypass(struct device *dev, |
780 |
++ struct device_attribute *attr, char *buf) |
781 |
++{ |
782 |
++ if (__ssb_safe) |
783 |
++ return sprintf(buf, "Not affected\n"); |
784 |
++ |
785 |
++ switch (ssbd_state) { |
786 |
++ case ARM64_SSBD_KERNEL: |
787 |
++ case ARM64_SSBD_FORCE_ENABLE: |
788 |
++ if (IS_ENABLED(CONFIG_ARM64_SSBD)) |
789 |
++ return sprintf(buf, |
790 |
++ "Mitigation: Speculative Store Bypass disabled via prctl\n"); |
791 |
++ } |
792 |
++ |
793 |
++ return sprintf(buf, "Vulnerable\n"); |
794 |
++} |
795 |
+diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c |
796 |
+index a897efdb3ddd..ff5beb59b3dc 100644 |
797 |
+--- a/arch/arm64/kernel/cpufeature.c |
798 |
++++ b/arch/arm64/kernel/cpufeature.c |
799 |
+@@ -24,6 +24,7 @@ |
800 |
+ #include <linux/stop_machine.h> |
801 |
+ #include <linux/types.h> |
802 |
+ #include <linux/mm.h> |
803 |
++#include <linux/cpu.h> |
804 |
+ #include <asm/cpu.h> |
805 |
+ #include <asm/cpufeature.h> |
806 |
+ #include <asm/cpu_ops.h> |
807 |
+@@ -164,6 +165,11 @@ static const struct arm64_ftr_bits ftr_id_aa64pfr0[] = { |
808 |
+ ARM64_FTR_END, |
809 |
+ }; |
810 |
+ |
811 |
++static const struct arm64_ftr_bits ftr_id_aa64pfr1[] = { |
812 |
++ ARM64_FTR_BITS(FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64PFR1_SSBS_SHIFT, 4, ID_AA64PFR1_SSBS_PSTATE_NI), |
813 |
++ ARM64_FTR_END, |
814 |
++}; |
815 |
++ |
816 |
+ static const struct arm64_ftr_bits ftr_id_aa64mmfr0[] = { |
817 |
+ /* |
818 |
+ * We already refuse to boot CPUs that don't support our configured |
819 |
+@@ -379,7 +385,7 @@ static const struct __ftr_reg_entry { |
820 |
+ |
821 |
+ /* Op1 = 0, CRn = 0, CRm = 4 */ |
822 |
+ ARM64_FTR_REG(SYS_ID_AA64PFR0_EL1, ftr_id_aa64pfr0), |
823 |
+- ARM64_FTR_REG(SYS_ID_AA64PFR1_EL1, ftr_raz), |
824 |
++ ARM64_FTR_REG(SYS_ID_AA64PFR1_EL1, ftr_id_aa64pfr1), |
825 |
+ ARM64_FTR_REG(SYS_ID_AA64ZFR0_EL1, ftr_raz), |
826 |
+ |
827 |
+ /* Op1 = 0, CRn = 0, CRm = 5 */ |
828 |
+@@ -669,7 +675,6 @@ void update_cpu_features(int cpu, |
829 |
+ |
830 |
+ /* |
831 |
+ * EL3 is not our concern. |
832 |
+- * ID_AA64PFR1 is currently RES0. |
833 |
+ */ |
834 |
+ taint |= check_update_ftr_reg(SYS_ID_AA64PFR0_EL1, cpu, |
835 |
+ info->reg_id_aa64pfr0, boot->reg_id_aa64pfr0); |
836 |
+@@ -885,7 +890,7 @@ static bool has_cache_dic(const struct arm64_cpu_capabilities *entry, |
837 |
+ return ctr & BIT(CTR_DIC_SHIFT); |
838 |
+ } |
839 |
+ |
840 |
+-#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 |
841 |
++static bool __meltdown_safe = true; |
842 |
+ static int __kpti_forced; /* 0: not forced, >0: forced on, <0: forced off */ |
843 |
+ |
844 |
+ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, |
845 |
+@@ -903,7 +908,17 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, |
846 |
+ MIDR_ALL_VERSIONS(MIDR_CORTEX_A73), |
847 |
+ { /* sentinel */ } |
848 |
+ }; |
849 |
+- char const *str = "command line option"; |
850 |
++ char const *str = "kpti command line option"; |
851 |
++ bool meltdown_safe; |
852 |
++ |
853 |
++ meltdown_safe = is_midr_in_range_list(read_cpuid_id(), kpti_safe_list); |
854 |
++ |
855 |
++ /* Defer to CPU feature registers */ |
856 |
++ if (has_cpuid_feature(entry, scope)) |
857 |
++ meltdown_safe = true; |
858 |
++ |
859 |
++ if (!meltdown_safe) |
860 |
++ __meltdown_safe = false; |
861 |
+ |
862 |
+ /* |
863 |
+ * For reasons that aren't entirely clear, enabling KPTI on Cavium |
864 |
+@@ -915,6 +930,24 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, |
865 |
+ __kpti_forced = -1; |
866 |
+ } |
867 |
+ |
868 |
++ /* Useful for KASLR robustness */ |
869 |
++ if (IS_ENABLED(CONFIG_RANDOMIZE_BASE) && kaslr_offset() > 0) { |
870 |
++ if (!__kpti_forced) { |
871 |
++ str = "KASLR"; |
872 |
++ __kpti_forced = 1; |
873 |
++ } |
874 |
++ } |
875 |
++ |
876 |
++ if (cpu_mitigations_off() && !__kpti_forced) { |
877 |
++ str = "mitigations=off"; |
878 |
++ __kpti_forced = -1; |
879 |
++ } |
880 |
++ |
881 |
++ if (!IS_ENABLED(CONFIG_UNMAP_KERNEL_AT_EL0)) { |
882 |
++ pr_info_once("kernel page table isolation disabled by kernel configuration\n"); |
883 |
++ return false; |
884 |
++ } |
885 |
++ |
886 |
+ /* Forced? */ |
887 |
+ if (__kpti_forced) { |
888 |
+ pr_info_once("kernel page table isolation forced %s by %s\n", |
889 |
+@@ -922,18 +955,10 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, |
890 |
+ return __kpti_forced > 0; |
891 |
+ } |
892 |
+ |
893 |
+- /* Useful for KASLR robustness */ |
894 |
+- if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) |
895 |
+- return true; |
896 |
+- |
897 |
+- /* Don't force KPTI for CPUs that are not vulnerable */ |
898 |
+- if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list)) |
899 |
+- return false; |
900 |
+- |
901 |
+- /* Defer to CPU feature registers */ |
902 |
+- return !has_cpuid_feature(entry, scope); |
903 |
++ return !meltdown_safe; |
904 |
+ } |
905 |
+ |
906 |
++#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 |
907 |
+ static void |
908 |
+ kpti_install_ng_mappings(const struct arm64_cpu_capabilities *__unused) |
909 |
+ { |
910 |
+@@ -958,6 +983,12 @@ kpti_install_ng_mappings(const struct arm64_cpu_capabilities *__unused) |
911 |
+ |
912 |
+ return; |
913 |
+ } |
914 |
++#else |
915 |
++static void |
916 |
++kpti_install_ng_mappings(const struct arm64_cpu_capabilities *__unused) |
917 |
++{ |
918 |
++} |
919 |
++#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ |
920 |
+ |
921 |
+ static int __init parse_kpti(char *str) |
922 |
+ { |
923 |
+@@ -971,7 +1002,6 @@ static int __init parse_kpti(char *str) |
924 |
+ return 0; |
925 |
+ } |
926 |
+ early_param("kpti", parse_kpti); |
927 |
+-#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ |
928 |
+ |
929 |
+ #ifdef CONFIG_ARM64_HW_AFDBM |
930 |
+ static inline void __cpu_enable_hw_dbm(void) |
931 |
+@@ -1067,6 +1097,48 @@ static void cpu_has_fwb(const struct arm64_cpu_capabilities *__unused) |
932 |
+ WARN_ON(val & (7 << 27 | 7 << 21)); |
933 |
+ } |
934 |
+ |
935 |
++#ifdef CONFIG_ARM64_SSBD |
936 |
++static int ssbs_emulation_handler(struct pt_regs *regs, u32 instr) |
937 |
++{ |
938 |
++ if (user_mode(regs)) |
939 |
++ return 1; |
940 |
++ |
941 |
++ if (instr & BIT(CRm_shift)) |
942 |
++ regs->pstate |= PSR_SSBS_BIT; |
943 |
++ else |
944 |
++ regs->pstate &= ~PSR_SSBS_BIT; |
945 |
++ |
946 |
++ arm64_skip_faulting_instruction(regs, 4); |
947 |
++ return 0; |
948 |
++} |
949 |
++ |
950 |
++static struct undef_hook ssbs_emulation_hook = { |
951 |
++ .instr_mask = ~(1U << CRm_shift), |
952 |
++ .instr_val = 0xd500001f | REG_PSTATE_SSBS_IMM, |
953 |
++ .fn = ssbs_emulation_handler, |
954 |
++}; |
955 |
++ |
956 |
++static void cpu_enable_ssbs(const struct arm64_cpu_capabilities *__unused) |
957 |
++{ |
958 |
++ static bool undef_hook_registered = false; |
959 |
++ static DEFINE_SPINLOCK(hook_lock); |
960 |
++ |
961 |
++ spin_lock(&hook_lock); |
962 |
++ if (!undef_hook_registered) { |
963 |
++ register_undef_hook(&ssbs_emulation_hook); |
964 |
++ undef_hook_registered = true; |
965 |
++ } |
966 |
++ spin_unlock(&hook_lock); |
967 |
++ |
968 |
++ if (arm64_get_ssbd_state() == ARM64_SSBD_FORCE_DISABLE) { |
969 |
++ sysreg_clear_set(sctlr_el1, 0, SCTLR_ELx_DSSBS); |
970 |
++ arm64_set_ssbd_mitigation(false); |
971 |
++ } else { |
972 |
++ arm64_set_ssbd_mitigation(true); |
973 |
++ } |
974 |
++} |
975 |
++#endif /* CONFIG_ARM64_SSBD */ |
976 |
++ |
977 |
+ static const struct arm64_cpu_capabilities arm64_features[] = { |
978 |
+ { |
979 |
+ .desc = "GIC system register CPU interface", |
980 |
+@@ -1150,7 +1222,6 @@ static const struct arm64_cpu_capabilities arm64_features[] = { |
981 |
+ .field_pos = ID_AA64PFR0_EL0_SHIFT, |
982 |
+ .min_field_value = ID_AA64PFR0_EL0_32BIT_64BIT, |
983 |
+ }, |
984 |
+-#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 |
985 |
+ { |
986 |
+ .desc = "Kernel page table isolation (KPTI)", |
987 |
+ .capability = ARM64_UNMAP_KERNEL_AT_EL0, |
988 |
+@@ -1166,7 +1237,6 @@ static const struct arm64_cpu_capabilities arm64_features[] = { |
989 |
+ .matches = unmap_kernel_at_el0, |
990 |
+ .cpu_enable = kpti_install_ng_mappings, |
991 |
+ }, |
992 |
+-#endif |
993 |
+ { |
994 |
+ /* FP/SIMD is not implemented */ |
995 |
+ .capability = ARM64_HAS_NO_FPSIMD, |
996 |
+@@ -1253,6 +1323,19 @@ static const struct arm64_cpu_capabilities arm64_features[] = { |
997 |
+ .matches = has_hw_dbm, |
998 |
+ .cpu_enable = cpu_enable_hw_dbm, |
999 |
+ }, |
1000 |
++#endif |
1001 |
++#ifdef CONFIG_ARM64_SSBD |
1002 |
++ { |
1003 |
++ .desc = "Speculative Store Bypassing Safe (SSBS)", |
1004 |
++ .capability = ARM64_SSBS, |
1005 |
++ .type = ARM64_CPUCAP_WEAK_LOCAL_CPU_FEATURE, |
1006 |
++ .matches = has_cpuid_feature, |
1007 |
++ .sys_reg = SYS_ID_AA64PFR1_EL1, |
1008 |
++ .field_pos = ID_AA64PFR1_SSBS_SHIFT, |
1009 |
++ .sign = FTR_UNSIGNED, |
1010 |
++ .min_field_value = ID_AA64PFR1_SSBS_PSTATE_ONLY, |
1011 |
++ .cpu_enable = cpu_enable_ssbs, |
1012 |
++ }, |
1013 |
+ #endif |
1014 |
+ {}, |
1015 |
+ }; |
1016 |
+@@ -1299,6 +1382,7 @@ static const struct arm64_cpu_capabilities arm64_elf_hwcaps[] = { |
1017 |
+ #ifdef CONFIG_ARM64_SVE |
1018 |
+ HWCAP_CAP(SYS_ID_AA64PFR0_EL1, ID_AA64PFR0_SVE_SHIFT, FTR_UNSIGNED, ID_AA64PFR0_SVE, CAP_HWCAP, HWCAP_SVE), |
1019 |
+ #endif |
1020 |
++ HWCAP_CAP(SYS_ID_AA64PFR1_EL1, ID_AA64PFR1_SSBS_SHIFT, FTR_UNSIGNED, ID_AA64PFR1_SSBS_PSTATE_INSNS, CAP_HWCAP, HWCAP_SSBS), |
1021 |
+ {}, |
1022 |
+ }; |
1023 |
+ |
1024 |
+@@ -1793,3 +1877,15 @@ void cpu_clear_disr(const struct arm64_cpu_capabilities *__unused) |
1025 |
+ /* Firmware may have left a deferred SError in this register. */ |
1026 |
+ write_sysreg_s(0, SYS_DISR_EL1); |
1027 |
+ } |
1028 |
++ |
1029 |
++ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, |
1030 |
++ char *buf) |
1031 |
++{ |
1032 |
++ if (__meltdown_safe) |
1033 |
++ return sprintf(buf, "Not affected\n"); |
1034 |
++ |
1035 |
++ if (arm64_kernel_unmapped_at_el0()) |
1036 |
++ return sprintf(buf, "Mitigation: PTI\n"); |
1037 |
++ |
1038 |
++ return sprintf(buf, "Vulnerable\n"); |
1039 |
++} |
1040 |
+diff --git a/arch/arm64/kernel/cpuinfo.c b/arch/arm64/kernel/cpuinfo.c |
1041 |
+index e9ab7b3ed317..dce971f2c167 100644 |
1042 |
+--- a/arch/arm64/kernel/cpuinfo.c |
1043 |
++++ b/arch/arm64/kernel/cpuinfo.c |
1044 |
+@@ -81,6 +81,7 @@ static const char *const hwcap_str[] = { |
1045 |
+ "uscat", |
1046 |
+ "ilrcpc", |
1047 |
+ "flagm", |
1048 |
++ "ssbs", |
1049 |
+ NULL |
1050 |
+ }; |
1051 |
+ |
1052 |
+diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c |
1053 |
+index 7f1628effe6d..bc2226608e13 100644 |
1054 |
+--- a/arch/arm64/kernel/process.c |
1055 |
++++ b/arch/arm64/kernel/process.c |
1056 |
+@@ -358,6 +358,10 @@ int copy_thread(unsigned long clone_flags, unsigned long stack_start, |
1057 |
+ if (IS_ENABLED(CONFIG_ARM64_UAO) && |
1058 |
+ cpus_have_const_cap(ARM64_HAS_UAO)) |
1059 |
+ childregs->pstate |= PSR_UAO_BIT; |
1060 |
++ |
1061 |
++ if (arm64_get_ssbd_state() == ARM64_SSBD_FORCE_DISABLE) |
1062 |
++ set_ssbs_bit(childregs); |
1063 |
++ |
1064 |
+ p->thread.cpu_context.x19 = stack_start; |
1065 |
+ p->thread.cpu_context.x20 = stk_sz; |
1066 |
+ } |
1067 |
+@@ -397,6 +401,32 @@ void uao_thread_switch(struct task_struct *next) |
1068 |
+ } |
1069 |
+ } |
1070 |
+ |
1071 |
++/* |
1072 |
++ * Force SSBS state on context-switch, since it may be lost after migrating |
1073 |
++ * from a CPU which treats the bit as RES0 in a heterogeneous system. |
1074 |
++ */ |
1075 |
++static void ssbs_thread_switch(struct task_struct *next) |
1076 |
++{ |
1077 |
++ struct pt_regs *regs = task_pt_regs(next); |
1078 |
++ |
1079 |
++ /* |
1080 |
++ * Nothing to do for kernel threads, but 'regs' may be junk |
1081 |
++ * (e.g. idle task) so check the flags and bail early. |
1082 |
++ */ |
1083 |
++ if (unlikely(next->flags & PF_KTHREAD)) |
1084 |
++ return; |
1085 |
++ |
1086 |
++ /* If the mitigation is enabled, then we leave SSBS clear. */ |
1087 |
++ if ((arm64_get_ssbd_state() == ARM64_SSBD_FORCE_ENABLE) || |
1088 |
++ test_tsk_thread_flag(next, TIF_SSBD)) |
1089 |
++ return; |
1090 |
++ |
1091 |
++ if (compat_user_mode(regs)) |
1092 |
++ set_compat_ssbs_bit(regs); |
1093 |
++ else if (user_mode(regs)) |
1094 |
++ set_ssbs_bit(regs); |
1095 |
++} |
1096 |
++ |
1097 |
+ /* |
1098 |
+ * We store our current task in sp_el0, which is clobbered by userspace. Keep a |
1099 |
+ * shadow copy so that we can restore this upon entry from userspace. |
1100 |
+@@ -425,6 +455,7 @@ __notrace_funcgraph struct task_struct *__switch_to(struct task_struct *prev, |
1101 |
+ contextidr_thread_switch(next); |
1102 |
+ entry_task_switch(next); |
1103 |
+ uao_thread_switch(next); |
1104 |
++ ssbs_thread_switch(next); |
1105 |
+ |
1106 |
+ /* |
1107 |
+ * Complete any pending TLB or cache maintenance on this CPU in case |
1108 |
+diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c |
1109 |
+index 6219486fa25f..0211c3c7533b 100644 |
1110 |
+--- a/arch/arm64/kernel/ptrace.c |
1111 |
++++ b/arch/arm64/kernel/ptrace.c |
1112 |
+@@ -1666,19 +1666,20 @@ void syscall_trace_exit(struct pt_regs *regs) |
1113 |
+ } |
1114 |
+ |
1115 |
+ /* |
1116 |
+- * SPSR_ELx bits which are always architecturally RES0 per ARM DDI 0487C.a |
1117 |
+- * We also take into account DIT (bit 24), which is not yet documented, and |
1118 |
+- * treat PAN and UAO as RES0 bits, as they are meaningless at EL0, and may be |
1119 |
+- * allocated an EL0 meaning in future. |
1120 |
++ * SPSR_ELx bits which are always architecturally RES0 per ARM DDI 0487D.a. |
1121 |
++ * We permit userspace to set SSBS (AArch64 bit 12, AArch32 bit 23) which is |
1122 |
++ * not described in ARM DDI 0487D.a. |
1123 |
++ * We treat PAN and UAO as RES0 bits, as they are meaningless at EL0, and may |
1124 |
++ * be allocated an EL0 meaning in future. |
1125 |
+ * Userspace cannot use these until they have an architectural meaning. |
1126 |
+ * Note that this follows the SPSR_ELx format, not the AArch32 PSR format. |
1127 |
+ * We also reserve IL for the kernel; SS is handled dynamically. |
1128 |
+ */ |
1129 |
+ #define SPSR_EL1_AARCH64_RES0_BITS \ |
1130 |
+- (GENMASK_ULL(63,32) | GENMASK_ULL(27, 25) | GENMASK_ULL(23, 22) | \ |
1131 |
+- GENMASK_ULL(20, 10) | GENMASK_ULL(5, 5)) |
1132 |
++ (GENMASK_ULL(63, 32) | GENMASK_ULL(27, 25) | GENMASK_ULL(23, 22) | \ |
1133 |
++ GENMASK_ULL(20, 13) | GENMASK_ULL(11, 10) | GENMASK_ULL(5, 5)) |
1134 |
+ #define SPSR_EL1_AARCH32_RES0_BITS \ |
1135 |
+- (GENMASK_ULL(63,32) | GENMASK_ULL(23, 22) | GENMASK_ULL(20,20)) |
1136 |
++ (GENMASK_ULL(63, 32) | GENMASK_ULL(22, 22) | GENMASK_ULL(20, 20)) |
1137 |
+ |
1138 |
+ static int valid_compat_regs(struct user_pt_regs *regs) |
1139 |
+ { |
1140 |
+diff --git a/arch/arm64/kernel/ssbd.c b/arch/arm64/kernel/ssbd.c |
1141 |
+index 388f8fc13080..f496fb2f7122 100644 |
1142 |
+--- a/arch/arm64/kernel/ssbd.c |
1143 |
++++ b/arch/arm64/kernel/ssbd.c |
1144 |
+@@ -3,13 +3,31 @@ |
1145 |
+ * Copyright (C) 2018 ARM Ltd, All Rights Reserved. |
1146 |
+ */ |
1147 |
+ |
1148 |
++#include <linux/compat.h> |
1149 |
+ #include <linux/errno.h> |
1150 |
+ #include <linux/prctl.h> |
1151 |
+ #include <linux/sched.h> |
1152 |
++#include <linux/sched/task_stack.h> |
1153 |
+ #include <linux/thread_info.h> |
1154 |
+ |
1155 |
+ #include <asm/cpufeature.h> |
1156 |
+ |
1157 |
++static void ssbd_ssbs_enable(struct task_struct *task) |
1158 |
++{ |
1159 |
++ u64 val = is_compat_thread(task_thread_info(task)) ? |
1160 |
++ PSR_AA32_SSBS_BIT : PSR_SSBS_BIT; |
1161 |
++ |
1162 |
++ task_pt_regs(task)->pstate |= val; |
1163 |
++} |
1164 |
++ |
1165 |
++static void ssbd_ssbs_disable(struct task_struct *task) |
1166 |
++{ |
1167 |
++ u64 val = is_compat_thread(task_thread_info(task)) ? |
1168 |
++ PSR_AA32_SSBS_BIT : PSR_SSBS_BIT; |
1169 |
++ |
1170 |
++ task_pt_regs(task)->pstate &= ~val; |
1171 |
++} |
1172 |
++ |
1173 |
+ /* |
1174 |
+ * prctl interface for SSBD |
1175 |
+ * FIXME: Drop the below ifdefery once merged in 4.18. |
1176 |
+@@ -47,12 +65,14 @@ static int ssbd_prctl_set(struct task_struct *task, unsigned long ctrl) |
1177 |
+ return -EPERM; |
1178 |
+ task_clear_spec_ssb_disable(task); |
1179 |
+ clear_tsk_thread_flag(task, TIF_SSBD); |
1180 |
++ ssbd_ssbs_enable(task); |
1181 |
+ break; |
1182 |
+ case PR_SPEC_DISABLE: |
1183 |
+ if (state == ARM64_SSBD_FORCE_DISABLE) |
1184 |
+ return -EPERM; |
1185 |
+ task_set_spec_ssb_disable(task); |
1186 |
+ set_tsk_thread_flag(task, TIF_SSBD); |
1187 |
++ ssbd_ssbs_disable(task); |
1188 |
+ break; |
1189 |
+ case PR_SPEC_FORCE_DISABLE: |
1190 |
+ if (state == ARM64_SSBD_FORCE_DISABLE) |
1191 |
+@@ -60,6 +80,7 @@ static int ssbd_prctl_set(struct task_struct *task, unsigned long ctrl) |
1192 |
+ task_set_spec_ssb_disable(task); |
1193 |
+ task_set_spec_ssb_force_disable(task); |
1194 |
+ set_tsk_thread_flag(task, TIF_SSBD); |
1195 |
++ ssbd_ssbs_disable(task); |
1196 |
+ break; |
1197 |
+ default: |
1198 |
+ return -ERANGE; |
1199 |
+diff --git a/arch/arm64/kvm/hyp/sysreg-sr.c b/arch/arm64/kvm/hyp/sysreg-sr.c |
1200 |
+index 963d669ae3a2..7414b76191c2 100644 |
1201 |
+--- a/arch/arm64/kvm/hyp/sysreg-sr.c |
1202 |
++++ b/arch/arm64/kvm/hyp/sysreg-sr.c |
1203 |
+@@ -293,3 +293,14 @@ void kvm_vcpu_put_sysregs(struct kvm_vcpu *vcpu) |
1204 |
+ |
1205 |
+ vcpu->arch.sysregs_loaded_on_cpu = false; |
1206 |
+ } |
1207 |
++ |
1208 |
++void __hyp_text __kvm_enable_ssbs(void) |
1209 |
++{ |
1210 |
++ u64 tmp; |
1211 |
++ |
1212 |
++ asm volatile( |
1213 |
++ "mrs %0, sctlr_el2\n" |
1214 |
++ "orr %0, %0, %1\n" |
1215 |
++ "msr sctlr_el2, %0" |
1216 |
++ : "=&r" (tmp) : "L" (SCTLR_ELx_DSSBS)); |
1217 |
++} |
1218 |
+diff --git a/arch/mips/include/asm/cpu-features.h b/arch/mips/include/asm/cpu-features.h |
1219 |
+index 0edba3e75747..4e2ee743088f 100644 |
1220 |
+--- a/arch/mips/include/asm/cpu-features.h |
1221 |
++++ b/arch/mips/include/asm/cpu-features.h |
1222 |
+@@ -387,6 +387,22 @@ |
1223 |
+ #define cpu_has_dsp3 __ase(MIPS_ASE_DSP3) |
1224 |
+ #endif |
1225 |
+ |
1226 |
++#ifndef cpu_has_loongson_mmi |
1227 |
++#define cpu_has_loongson_mmi __ase(MIPS_ASE_LOONGSON_MMI) |
1228 |
++#endif |
1229 |
++ |
1230 |
++#ifndef cpu_has_loongson_cam |
1231 |
++#define cpu_has_loongson_cam __ase(MIPS_ASE_LOONGSON_CAM) |
1232 |
++#endif |
1233 |
++ |
1234 |
++#ifndef cpu_has_loongson_ext |
1235 |
++#define cpu_has_loongson_ext __ase(MIPS_ASE_LOONGSON_EXT) |
1236 |
++#endif |
1237 |
++ |
1238 |
++#ifndef cpu_has_loongson_ext2 |
1239 |
++#define cpu_has_loongson_ext2 __ase(MIPS_ASE_LOONGSON_EXT2) |
1240 |
++#endif |
1241 |
++ |
1242 |
+ #ifndef cpu_has_mipsmt |
1243 |
+ #define cpu_has_mipsmt __isa_lt_and_ase(6, MIPS_ASE_MIPSMT) |
1244 |
+ #endif |
1245 |
+diff --git a/arch/mips/include/asm/cpu.h b/arch/mips/include/asm/cpu.h |
1246 |
+index dacbdb84516a..2b4b14a56575 100644 |
1247 |
+--- a/arch/mips/include/asm/cpu.h |
1248 |
++++ b/arch/mips/include/asm/cpu.h |
1249 |
+@@ -436,5 +436,9 @@ enum cpu_type_enum { |
1250 |
+ #define MIPS_ASE_MSA 0x00000100 /* MIPS SIMD Architecture */ |
1251 |
+ #define MIPS_ASE_DSP3 0x00000200 /* Signal Processing ASE Rev 3*/ |
1252 |
+ #define MIPS_ASE_MIPS16E2 0x00000400 /* MIPS16e2 */ |
1253 |
++#define MIPS_ASE_LOONGSON_MMI 0x00000800 /* Loongson MultiMedia extensions Instructions */ |
1254 |
++#define MIPS_ASE_LOONGSON_CAM 0x00001000 /* Loongson CAM */ |
1255 |
++#define MIPS_ASE_LOONGSON_EXT 0x00002000 /* Loongson EXTensions */ |
1256 |
++#define MIPS_ASE_LOONGSON_EXT2 0x00004000 /* Loongson EXTensions R2 */ |
1257 |
+ |
1258 |
+ #endif /* _ASM_CPU_H */ |
1259 |
+diff --git a/arch/mips/kernel/cpu-probe.c b/arch/mips/kernel/cpu-probe.c |
1260 |
+index 25cd8737e7fe..958b627592c3 100644 |
1261 |
+--- a/arch/mips/kernel/cpu-probe.c |
1262 |
++++ b/arch/mips/kernel/cpu-probe.c |
1263 |
+@@ -1489,6 +1489,8 @@ static inline void cpu_probe_legacy(struct cpuinfo_mips *c, unsigned int cpu) |
1264 |
+ __cpu_name[cpu] = "ICT Loongson-3"; |
1265 |
+ set_elf_platform(cpu, "loongson3a"); |
1266 |
+ set_isa(c, MIPS_CPU_ISA_M64R1); |
1267 |
++ c->ases |= (MIPS_ASE_LOONGSON_MMI | MIPS_ASE_LOONGSON_CAM | |
1268 |
++ MIPS_ASE_LOONGSON_EXT); |
1269 |
+ break; |
1270 |
+ case PRID_REV_LOONGSON3B_R1: |
1271 |
+ case PRID_REV_LOONGSON3B_R2: |
1272 |
+@@ -1496,6 +1498,8 @@ static inline void cpu_probe_legacy(struct cpuinfo_mips *c, unsigned int cpu) |
1273 |
+ __cpu_name[cpu] = "ICT Loongson-3"; |
1274 |
+ set_elf_platform(cpu, "loongson3b"); |
1275 |
+ set_isa(c, MIPS_CPU_ISA_M64R1); |
1276 |
++ c->ases |= (MIPS_ASE_LOONGSON_MMI | MIPS_ASE_LOONGSON_CAM | |
1277 |
++ MIPS_ASE_LOONGSON_EXT); |
1278 |
+ break; |
1279 |
+ } |
1280 |
+ |
1281 |
+@@ -1861,6 +1865,8 @@ static inline void cpu_probe_loongson(struct cpuinfo_mips *c, unsigned int cpu) |
1282 |
+ decode_configs(c); |
1283 |
+ c->options |= MIPS_CPU_FTLB | MIPS_CPU_TLBINV | MIPS_CPU_LDPTE; |
1284 |
+ c->writecombine = _CACHE_UNCACHED_ACCELERATED; |
1285 |
++ c->ases |= (MIPS_ASE_LOONGSON_MMI | MIPS_ASE_LOONGSON_CAM | |
1286 |
++ MIPS_ASE_LOONGSON_EXT | MIPS_ASE_LOONGSON_EXT2); |
1287 |
+ break; |
1288 |
+ default: |
1289 |
+ panic("Unknown Loongson Processor ID!"); |
1290 |
+diff --git a/arch/mips/kernel/proc.c b/arch/mips/kernel/proc.c |
1291 |
+index b2de408a259e..f8d36710cd58 100644 |
1292 |
+--- a/arch/mips/kernel/proc.c |
1293 |
++++ b/arch/mips/kernel/proc.c |
1294 |
+@@ -124,6 +124,10 @@ static int show_cpuinfo(struct seq_file *m, void *v) |
1295 |
+ if (cpu_has_eva) seq_printf(m, "%s", " eva"); |
1296 |
+ if (cpu_has_htw) seq_printf(m, "%s", " htw"); |
1297 |
+ if (cpu_has_xpa) seq_printf(m, "%s", " xpa"); |
1298 |
++ if (cpu_has_loongson_mmi) seq_printf(m, "%s", " loongson-mmi"); |
1299 |
++ if (cpu_has_loongson_cam) seq_printf(m, "%s", " loongson-cam"); |
1300 |
++ if (cpu_has_loongson_ext) seq_printf(m, "%s", " loongson-ext"); |
1301 |
++ if (cpu_has_loongson_ext2) seq_printf(m, "%s", " loongson-ext2"); |
1302 |
+ seq_printf(m, "\n"); |
1303 |
+ |
1304 |
+ if (cpu_has_mmips) { |
1305 |
+diff --git a/arch/powerpc/include/asm/cputable.h b/arch/powerpc/include/asm/cputable.h |
1306 |
+index 29f49a35d6ee..6a6804c2e1b0 100644 |
1307 |
+--- a/arch/powerpc/include/asm/cputable.h |
1308 |
++++ b/arch/powerpc/include/asm/cputable.h |
1309 |
+@@ -212,7 +212,7 @@ static inline void cpu_feature_keys_init(void) { } |
1310 |
+ #define CPU_FTR_POWER9_DD2_1 LONG_ASM_CONST(0x0000080000000000) |
1311 |
+ #define CPU_FTR_P9_TM_HV_ASSIST LONG_ASM_CONST(0x0000100000000000) |
1312 |
+ #define CPU_FTR_P9_TM_XER_SO_BUG LONG_ASM_CONST(0x0000200000000000) |
1313 |
+-#define CPU_FTR_P9_TLBIE_BUG LONG_ASM_CONST(0x0000400000000000) |
1314 |
++#define CPU_FTR_P9_TLBIE_STQ_BUG LONG_ASM_CONST(0x0000400000000000) |
1315 |
+ #define CPU_FTR_P9_TIDR LONG_ASM_CONST(0x0000800000000000) |
1316 |
+ |
1317 |
+ #ifndef __ASSEMBLY__ |
1318 |
+@@ -460,7 +460,7 @@ static inline void cpu_feature_keys_init(void) { } |
1319 |
+ CPU_FTR_CFAR | CPU_FTR_HVMODE | CPU_FTR_VMX_COPY | \ |
1320 |
+ CPU_FTR_DBELL | CPU_FTR_HAS_PPR | CPU_FTR_ARCH_207S | \ |
1321 |
+ CPU_FTR_TM_COMP | CPU_FTR_ARCH_300 | CPU_FTR_PKEY | \ |
1322 |
+- CPU_FTR_P9_TLBIE_BUG | CPU_FTR_P9_TIDR) |
1323 |
++ CPU_FTR_P9_TLBIE_STQ_BUG | CPU_FTR_P9_TIDR) |
1324 |
+ #define CPU_FTRS_POWER9_DD2_0 CPU_FTRS_POWER9 |
1325 |
+ #define CPU_FTRS_POWER9_DD2_1 (CPU_FTRS_POWER9 | CPU_FTR_POWER9_DD2_1) |
1326 |
+ #define CPU_FTRS_POWER9_DD2_2 (CPU_FTRS_POWER9 | CPU_FTR_POWER9_DD2_1 | \ |
1327 |
+diff --git a/arch/powerpc/kernel/dt_cpu_ftrs.c b/arch/powerpc/kernel/dt_cpu_ftrs.c |
1328 |
+index f432054234a4..f3b8e04eca9c 100644 |
1329 |
+--- a/arch/powerpc/kernel/dt_cpu_ftrs.c |
1330 |
++++ b/arch/powerpc/kernel/dt_cpu_ftrs.c |
1331 |
+@@ -694,9 +694,35 @@ static bool __init cpufeatures_process_feature(struct dt_cpu_feature *f) |
1332 |
+ return true; |
1333 |
+ } |
1334 |
+ |
1335 |
++/* |
1336 |
++ * Handle POWER9 broadcast tlbie invalidation issue using |
1337 |
++ * cpu feature flag. |
1338 |
++ */ |
1339 |
++static __init void update_tlbie_feature_flag(unsigned long pvr) |
1340 |
++{ |
1341 |
++ if (PVR_VER(pvr) == PVR_POWER9) { |
1342 |
++ /* |
1343 |
++ * Set the tlbie feature flag for anything below |
1344 |
++ * Nimbus DD 2.3 and Cumulus DD 1.3 |
1345 |
++ */ |
1346 |
++ if ((pvr & 0xe000) == 0) { |
1347 |
++ /* Nimbus */ |
1348 |
++ if ((pvr & 0xfff) < 0x203) |
1349 |
++ cur_cpu_spec->cpu_features |= CPU_FTR_P9_TLBIE_STQ_BUG; |
1350 |
++ } else if ((pvr & 0xc000) == 0) { |
1351 |
++ /* Cumulus */ |
1352 |
++ if ((pvr & 0xfff) < 0x103) |
1353 |
++ cur_cpu_spec->cpu_features |= CPU_FTR_P9_TLBIE_STQ_BUG; |
1354 |
++ } else { |
1355 |
++ WARN_ONCE(1, "Unknown PVR"); |
1356 |
++ cur_cpu_spec->cpu_features |= CPU_FTR_P9_TLBIE_STQ_BUG; |
1357 |
++ } |
1358 |
++ } |
1359 |
++} |
1360 |
++ |
1361 |
+ static __init void cpufeatures_cpu_quirks(void) |
1362 |
+ { |
1363 |
+- int version = mfspr(SPRN_PVR); |
1364 |
++ unsigned long version = mfspr(SPRN_PVR); |
1365 |
+ |
1366 |
+ /* |
1367 |
+ * Not all quirks can be derived from the cpufeatures device tree. |
1368 |
+@@ -715,10 +741,10 @@ static __init void cpufeatures_cpu_quirks(void) |
1369 |
+ |
1370 |
+ if ((version & 0xffff0000) == 0x004e0000) { |
1371 |
+ cur_cpu_spec->cpu_features &= ~(CPU_FTR_DAWR); |
1372 |
+- cur_cpu_spec->cpu_features |= CPU_FTR_P9_TLBIE_BUG; |
1373 |
+ cur_cpu_spec->cpu_features |= CPU_FTR_P9_TIDR; |
1374 |
+ } |
1375 |
+ |
1376 |
++ update_tlbie_feature_flag(version); |
1377 |
+ /* |
1378 |
+ * PKEY was not in the initial base or feature node |
1379 |
+ * specification, but it should become optional in the next |
1380 |
+diff --git a/arch/powerpc/kernel/mce.c b/arch/powerpc/kernel/mce.c |
1381 |
+index efdd16a79075..93e06778b136 100644 |
1382 |
+--- a/arch/powerpc/kernel/mce.c |
1383 |
++++ b/arch/powerpc/kernel/mce.c |
1384 |
+@@ -45,6 +45,7 @@ static DEFINE_PER_CPU(struct machine_check_event[MAX_MC_EVT], |
1385 |
+ mce_ue_event_queue); |
1386 |
+ |
1387 |
+ static void machine_check_process_queued_event(struct irq_work *work); |
1388 |
++static void machine_check_ue_irq_work(struct irq_work *work); |
1389 |
+ void machine_check_ue_event(struct machine_check_event *evt); |
1390 |
+ static void machine_process_ue_event(struct work_struct *work); |
1391 |
+ |
1392 |
+@@ -52,6 +53,10 @@ static struct irq_work mce_event_process_work = { |
1393 |
+ .func = machine_check_process_queued_event, |
1394 |
+ }; |
1395 |
+ |
1396 |
++static struct irq_work mce_ue_event_irq_work = { |
1397 |
++ .func = machine_check_ue_irq_work, |
1398 |
++}; |
1399 |
++ |
1400 |
+ DECLARE_WORK(mce_ue_event_work, machine_process_ue_event); |
1401 |
+ |
1402 |
+ static void mce_set_error_info(struct machine_check_event *mce, |
1403 |
+@@ -208,6 +213,10 @@ void release_mce_event(void) |
1404 |
+ get_mce_event(NULL, true); |
1405 |
+ } |
1406 |
+ |
1407 |
++static void machine_check_ue_irq_work(struct irq_work *work) |
1408 |
++{ |
1409 |
++ schedule_work(&mce_ue_event_work); |
1410 |
++} |
1411 |
+ |
1412 |
+ /* |
1413 |
+ * Queue up the MCE event which then can be handled later. |
1414 |
+@@ -225,7 +234,7 @@ void machine_check_ue_event(struct machine_check_event *evt) |
1415 |
+ memcpy(this_cpu_ptr(&mce_ue_event_queue[index]), evt, sizeof(*evt)); |
1416 |
+ |
1417 |
+ /* Queue work to process this event later. */ |
1418 |
+- schedule_work(&mce_ue_event_work); |
1419 |
++ irq_work_queue(&mce_ue_event_irq_work); |
1420 |
+ } |
1421 |
+ |
1422 |
+ /* |
1423 |
+diff --git a/arch/powerpc/kernel/mce_power.c b/arch/powerpc/kernel/mce_power.c |
1424 |
+index 3022d67f0c48..37a110b8e7e1 100644 |
1425 |
+--- a/arch/powerpc/kernel/mce_power.c |
1426 |
++++ b/arch/powerpc/kernel/mce_power.c |
1427 |
+@@ -39,6 +39,7 @@ |
1428 |
+ static unsigned long addr_to_pfn(struct pt_regs *regs, unsigned long addr) |
1429 |
+ { |
1430 |
+ pte_t *ptep; |
1431 |
++ unsigned int shift; |
1432 |
+ unsigned long flags; |
1433 |
+ struct mm_struct *mm; |
1434 |
+ |
1435 |
+@@ -48,13 +49,18 @@ static unsigned long addr_to_pfn(struct pt_regs *regs, unsigned long addr) |
1436 |
+ mm = &init_mm; |
1437 |
+ |
1438 |
+ local_irq_save(flags); |
1439 |
+- if (mm == current->mm) |
1440 |
+- ptep = find_current_mm_pte(mm->pgd, addr, NULL, NULL); |
1441 |
+- else |
1442 |
+- ptep = find_init_mm_pte(addr, NULL); |
1443 |
++ ptep = __find_linux_pte(mm->pgd, addr, NULL, &shift); |
1444 |
+ local_irq_restore(flags); |
1445 |
++ |
1446 |
+ if (!ptep || pte_special(*ptep)) |
1447 |
+ return ULONG_MAX; |
1448 |
++ |
1449 |
++ if (shift > PAGE_SHIFT) { |
1450 |
++ unsigned long rpnmask = (1ul << shift) - PAGE_SIZE; |
1451 |
++ |
1452 |
++ return pte_pfn(__pte(pte_val(*ptep) | (addr & rpnmask))); |
1453 |
++ } |
1454 |
++ |
1455 |
+ return pte_pfn(*ptep); |
1456 |
+ } |
1457 |
+ |
1458 |
+@@ -339,7 +345,7 @@ static const struct mce_derror_table mce_p9_derror_table[] = { |
1459 |
+ MCE_INITIATOR_CPU, MCE_SEV_ERROR_SYNC, }, |
1460 |
+ { 0, false, 0, 0, 0, 0 } }; |
1461 |
+ |
1462 |
+-static int mce_find_instr_ea_and_pfn(struct pt_regs *regs, uint64_t *addr, |
1463 |
++static int mce_find_instr_ea_and_phys(struct pt_regs *regs, uint64_t *addr, |
1464 |
+ uint64_t *phys_addr) |
1465 |
+ { |
1466 |
+ /* |
1467 |
+@@ -530,7 +536,8 @@ static int mce_handle_derror(struct pt_regs *regs, |
1468 |
+ * kernel/exception-64s.h |
1469 |
+ */ |
1470 |
+ if (get_paca()->in_mce < MAX_MCE_DEPTH) |
1471 |
+- mce_find_instr_ea_and_pfn(regs, addr, phys_addr); |
1472 |
++ mce_find_instr_ea_and_phys(regs, addr, |
1473 |
++ phys_addr); |
1474 |
+ } |
1475 |
+ found = 1; |
1476 |
+ } |
1477 |
+diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c |
1478 |
+index 05b32cc12e41..3ae3e8d141e3 100644 |
1479 |
+--- a/arch/powerpc/kvm/book3s_hv.c |
1480 |
++++ b/arch/powerpc/kvm/book3s_hv.c |
1481 |
+@@ -1407,7 +1407,14 @@ static int kvmppc_get_one_reg_hv(struct kvm_vcpu *vcpu, u64 id, |
1482 |
+ *val = get_reg_val(id, vcpu->arch.pspb); |
1483 |
+ break; |
1484 |
+ case KVM_REG_PPC_DPDES: |
1485 |
+- *val = get_reg_val(id, vcpu->arch.vcore->dpdes); |
1486 |
++ /* |
1487 |
++ * On POWER9, where we are emulating msgsndp etc., |
1488 |
++ * we return 1 bit for each vcpu, which can come from |
1489 |
++ * either vcore->dpdes or doorbell_request. |
1490 |
++ * On POWER8, doorbell_request is 0. |
1491 |
++ */ |
1492 |
++ *val = get_reg_val(id, vcpu->arch.vcore->dpdes | |
1493 |
++ vcpu->arch.doorbell_request); |
1494 |
+ break; |
1495 |
+ case KVM_REG_PPC_VTB: |
1496 |
+ *val = get_reg_val(id, vcpu->arch.vcore->vtb); |
1497 |
+@@ -2550,7 +2557,7 @@ static void collect_piggybacks(struct core_info *cip, int target_threads) |
1498 |
+ if (!spin_trylock(&pvc->lock)) |
1499 |
+ continue; |
1500 |
+ prepare_threads(pvc); |
1501 |
+- if (!pvc->n_runnable) { |
1502 |
++ if (!pvc->n_runnable || !pvc->kvm->arch.mmu_ready) { |
1503 |
+ list_del_init(&pvc->preempt_list); |
1504 |
+ if (pvc->runner == NULL) { |
1505 |
+ pvc->vcore_state = VCORE_INACTIVE; |
1506 |
+@@ -2571,15 +2578,20 @@ static void collect_piggybacks(struct core_info *cip, int target_threads) |
1507 |
+ spin_unlock(&lp->lock); |
1508 |
+ } |
1509 |
+ |
1510 |
+-static bool recheck_signals(struct core_info *cip) |
1511 |
++static bool recheck_signals_and_mmu(struct core_info *cip) |
1512 |
+ { |
1513 |
+ int sub, i; |
1514 |
+ struct kvm_vcpu *vcpu; |
1515 |
++ struct kvmppc_vcore *vc; |
1516 |
+ |
1517 |
+- for (sub = 0; sub < cip->n_subcores; ++sub) |
1518 |
+- for_each_runnable_thread(i, vcpu, cip->vc[sub]) |
1519 |
++ for (sub = 0; sub < cip->n_subcores; ++sub) { |
1520 |
++ vc = cip->vc[sub]; |
1521 |
++ if (!vc->kvm->arch.mmu_ready) |
1522 |
++ return true; |
1523 |
++ for_each_runnable_thread(i, vcpu, vc) |
1524 |
+ if (signal_pending(vcpu->arch.run_task)) |
1525 |
+ return true; |
1526 |
++ } |
1527 |
+ return false; |
1528 |
+ } |
1529 |
+ |
1530 |
+@@ -2800,7 +2812,7 @@ static noinline void kvmppc_run_core(struct kvmppc_vcore *vc) |
1531 |
+ local_irq_disable(); |
1532 |
+ hard_irq_disable(); |
1533 |
+ if (lazy_irq_pending() || need_resched() || |
1534 |
+- recheck_signals(&core_info) || !vc->kvm->arch.mmu_ready) { |
1535 |
++ recheck_signals_and_mmu(&core_info)) { |
1536 |
+ local_irq_enable(); |
1537 |
+ vc->vcore_state = VCORE_INACTIVE; |
1538 |
+ /* Unlock all except the primary vcore */ |
1539 |
+diff --git a/arch/powerpc/kvm/book3s_hv_rm_mmu.c b/arch/powerpc/kvm/book3s_hv_rm_mmu.c |
1540 |
+index a67cf1cdeda4..7c68d834c94a 100644 |
1541 |
+--- a/arch/powerpc/kvm/book3s_hv_rm_mmu.c |
1542 |
++++ b/arch/powerpc/kvm/book3s_hv_rm_mmu.c |
1543 |
+@@ -452,7 +452,7 @@ static void do_tlbies(struct kvm *kvm, unsigned long *rbvalues, |
1544 |
+ "r" (rbvalues[i]), "r" (kvm->arch.lpid)); |
1545 |
+ } |
1546 |
+ |
1547 |
+- if (cpu_has_feature(CPU_FTR_P9_TLBIE_BUG)) { |
1548 |
++ if (cpu_has_feature(CPU_FTR_P9_TLBIE_STQ_BUG)) { |
1549 |
+ /* |
1550 |
+ * Need the extra ptesync to make sure we don't |
1551 |
+ * re-order the tlbie |
1552 |
+diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/book3s_hv_rmhandlers.S |
1553 |
+index 68c7591f2b5f..f1878e13dd56 100644 |
1554 |
+--- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S |
1555 |
++++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S |
1556 |
+@@ -2903,29 +2903,39 @@ kvm_cede_prodded: |
1557 |
+ kvm_cede_exit: |
1558 |
+ ld r9, HSTATE_KVM_VCPU(r13) |
1559 |
+ #ifdef CONFIG_KVM_XICS |
1560 |
+- /* Abort if we still have a pending escalation */ |
1561 |
++ /* are we using XIVE with single escalation? */ |
1562 |
++ ld r10, VCPU_XIVE_ESC_VADDR(r9) |
1563 |
++ cmpdi r10, 0 |
1564 |
++ beq 3f |
1565 |
++ li r6, XIVE_ESB_SET_PQ_00 |
1566 |
++ /* |
1567 |
++ * If we still have a pending escalation, abort the cede, |
1568 |
++ * and we must set PQ to 10 rather than 00 so that we don't |
1569 |
++ * potentially end up with two entries for the escalation |
1570 |
++ * interrupt in the XIVE interrupt queue. In that case |
1571 |
++ * we also don't want to set xive_esc_on to 1 here in |
1572 |
++ * case we race with xive_esc_irq(). |
1573 |
++ */ |
1574 |
+ lbz r5, VCPU_XIVE_ESC_ON(r9) |
1575 |
+ cmpwi r5, 0 |
1576 |
+- beq 1f |
1577 |
++ beq 4f |
1578 |
+ li r0, 0 |
1579 |
+ stb r0, VCPU_CEDED(r9) |
1580 |
+-1: /* Enable XIVE escalation */ |
1581 |
+- li r5, XIVE_ESB_SET_PQ_00 |
1582 |
++ li r6, XIVE_ESB_SET_PQ_10 |
1583 |
++ b 5f |
1584 |
++4: li r0, 1 |
1585 |
++ stb r0, VCPU_XIVE_ESC_ON(r9) |
1586 |
++ /* make sure store to xive_esc_on is seen before xive_esc_irq runs */ |
1587 |
++ sync |
1588 |
++5: /* Enable XIVE escalation */ |
1589 |
+ mfmsr r0 |
1590 |
+ andi. r0, r0, MSR_DR /* in real mode? */ |
1591 |
+ beq 1f |
1592 |
+- ld r10, VCPU_XIVE_ESC_VADDR(r9) |
1593 |
+- cmpdi r10, 0 |
1594 |
+- beq 3f |
1595 |
+- ldx r0, r10, r5 |
1596 |
++ ldx r0, r10, r6 |
1597 |
+ b 2f |
1598 |
+ 1: ld r10, VCPU_XIVE_ESC_RADDR(r9) |
1599 |
+- cmpdi r10, 0 |
1600 |
+- beq 3f |
1601 |
+- ldcix r0, r10, r5 |
1602 |
++ ldcix r0, r10, r6 |
1603 |
+ 2: sync |
1604 |
+- li r0, 1 |
1605 |
+- stb r0, VCPU_XIVE_ESC_ON(r9) |
1606 |
+ #endif /* CONFIG_KVM_XICS */ |
1607 |
+ 3: b guest_exit_cont |
1608 |
+ |
1609 |
+diff --git a/arch/powerpc/kvm/book3s_xive.c b/arch/powerpc/kvm/book3s_xive.c |
1610 |
+index aae34f218ab4..031f07f048af 100644 |
1611 |
+--- a/arch/powerpc/kvm/book3s_xive.c |
1612 |
++++ b/arch/powerpc/kvm/book3s_xive.c |
1613 |
+@@ -1037,20 +1037,22 @@ void kvmppc_xive_cleanup_vcpu(struct kvm_vcpu *vcpu) |
1614 |
+ /* Mask the VP IPI */ |
1615 |
+ xive_vm_esb_load(&xc->vp_ipi_data, XIVE_ESB_SET_PQ_01); |
1616 |
+ |
1617 |
+- /* Disable the VP */ |
1618 |
+- xive_native_disable_vp(xc->vp_id); |
1619 |
+- |
1620 |
+- /* Free the queues & associated interrupts */ |
1621 |
++ /* Free escalations */ |
1622 |
+ for (i = 0; i < KVMPPC_XIVE_Q_COUNT; i++) { |
1623 |
+- struct xive_q *q = &xc->queues[i]; |
1624 |
+- |
1625 |
+- /* Free the escalation irq */ |
1626 |
+ if (xc->esc_virq[i]) { |
1627 |
+ free_irq(xc->esc_virq[i], vcpu); |
1628 |
+ irq_dispose_mapping(xc->esc_virq[i]); |
1629 |
+ kfree(xc->esc_virq_names[i]); |
1630 |
+ } |
1631 |
+- /* Free the queue */ |
1632 |
++ } |
1633 |
++ |
1634 |
++ /* Disable the VP */ |
1635 |
++ xive_native_disable_vp(xc->vp_id); |
1636 |
++ |
1637 |
++ /* Free the queues */ |
1638 |
++ for (i = 0; i < KVMPPC_XIVE_Q_COUNT; i++) { |
1639 |
++ struct xive_q *q = &xc->queues[i]; |
1640 |
++ |
1641 |
+ xive_native_disable_queue(xc->vp_id, q, i); |
1642 |
+ if (q->qpage) { |
1643 |
+ free_pages((unsigned long)q->qpage, |
1644 |
+diff --git a/arch/powerpc/mm/hash_native_64.c b/arch/powerpc/mm/hash_native_64.c |
1645 |
+index aaa28fd918fe..0c13561d8b80 100644 |
1646 |
+--- a/arch/powerpc/mm/hash_native_64.c |
1647 |
++++ b/arch/powerpc/mm/hash_native_64.c |
1648 |
+@@ -203,7 +203,7 @@ static inline unsigned long ___tlbie(unsigned long vpn, int psize, |
1649 |
+ |
1650 |
+ static inline void fixup_tlbie(unsigned long vpn, int psize, int apsize, int ssize) |
1651 |
+ { |
1652 |
+- if (cpu_has_feature(CPU_FTR_P9_TLBIE_BUG)) { |
1653 |
++ if (cpu_has_feature(CPU_FTR_P9_TLBIE_STQ_BUG)) { |
1654 |
+ /* Need the extra ptesync to ensure we don't reorder tlbie*/ |
1655 |
+ asm volatile("ptesync": : :"memory"); |
1656 |
+ ___tlbie(vpn, psize, apsize, ssize); |
1657 |
+diff --git a/arch/powerpc/mm/hash_utils_64.c b/arch/powerpc/mm/hash_utils_64.c |
1658 |
+index 29fd8940867e..b1007e9a31ba 100644 |
1659 |
+--- a/arch/powerpc/mm/hash_utils_64.c |
1660 |
++++ b/arch/powerpc/mm/hash_utils_64.c |
1661 |
+@@ -37,6 +37,7 @@ |
1662 |
+ #include <linux/context_tracking.h> |
1663 |
+ #include <linux/libfdt.h> |
1664 |
+ #include <linux/pkeys.h> |
1665 |
++#include <linux/cpu.h> |
1666 |
+ |
1667 |
+ #include <asm/debugfs.h> |
1668 |
+ #include <asm/processor.h> |
1669 |
+@@ -1891,10 +1892,16 @@ static int hpt_order_get(void *data, u64 *val) |
1670 |
+ |
1671 |
+ static int hpt_order_set(void *data, u64 val) |
1672 |
+ { |
1673 |
++ int ret; |
1674 |
++ |
1675 |
+ if (!mmu_hash_ops.resize_hpt) |
1676 |
+ return -ENODEV; |
1677 |
+ |
1678 |
+- return mmu_hash_ops.resize_hpt(val); |
1679 |
++ cpus_read_lock(); |
1680 |
++ ret = mmu_hash_ops.resize_hpt(val); |
1681 |
++ cpus_read_unlock(); |
1682 |
++ |
1683 |
++ return ret; |
1684 |
+ } |
1685 |
+ |
1686 |
+ DEFINE_SIMPLE_ATTRIBUTE(fops_hpt_order, hpt_order_get, hpt_order_set, "%llu\n"); |
1687 |
+diff --git a/arch/powerpc/mm/tlb-radix.c b/arch/powerpc/mm/tlb-radix.c |
1688 |
+index fef3e1eb3a19..0cddae4263f9 100644 |
1689 |
+--- a/arch/powerpc/mm/tlb-radix.c |
1690 |
++++ b/arch/powerpc/mm/tlb-radix.c |
1691 |
+@@ -220,7 +220,7 @@ static inline void fixup_tlbie(void) |
1692 |
+ unsigned long pid = 0; |
1693 |
+ unsigned long va = ((1UL << 52) - 1); |
1694 |
+ |
1695 |
+- if (cpu_has_feature(CPU_FTR_P9_TLBIE_BUG)) { |
1696 |
++ if (cpu_has_feature(CPU_FTR_P9_TLBIE_STQ_BUG)) { |
1697 |
+ asm volatile("ptesync": : :"memory"); |
1698 |
+ __tlbie_va(va, pid, mmu_get_ap(MMU_PAGE_64K), RIC_FLUSH_TLB); |
1699 |
+ } |
1700 |
+@@ -230,7 +230,7 @@ static inline void fixup_tlbie_lpid(unsigned long lpid) |
1701 |
+ { |
1702 |
+ unsigned long va = ((1UL << 52) - 1); |
1703 |
+ |
1704 |
+- if (cpu_has_feature(CPU_FTR_P9_TLBIE_BUG)) { |
1705 |
++ if (cpu_has_feature(CPU_FTR_P9_TLBIE_STQ_BUG)) { |
1706 |
+ asm volatile("ptesync": : :"memory"); |
1707 |
+ __tlbie_lpid_va(va, lpid, mmu_get_ap(MMU_PAGE_64K), RIC_FLUSH_TLB); |
1708 |
+ } |
1709 |
+diff --git a/arch/powerpc/platforms/powernv/opal.c b/arch/powerpc/platforms/powernv/opal.c |
1710 |
+index 38fe4087484a..edf9032e2e5c 100644 |
1711 |
+--- a/arch/powerpc/platforms/powernv/opal.c |
1712 |
++++ b/arch/powerpc/platforms/powernv/opal.c |
1713 |
+@@ -680,7 +680,10 @@ static ssize_t symbol_map_read(struct file *fp, struct kobject *kobj, |
1714 |
+ bin_attr->size); |
1715 |
+ } |
1716 |
+ |
1717 |
+-static BIN_ATTR_RO(symbol_map, 0); |
1718 |
++static struct bin_attribute symbol_map_attr = { |
1719 |
++ .attr = {.name = "symbol_map", .mode = 0400}, |
1720 |
++ .read = symbol_map_read |
1721 |
++}; |
1722 |
+ |
1723 |
+ static void opal_export_symmap(void) |
1724 |
+ { |
1725 |
+@@ -697,10 +700,10 @@ static void opal_export_symmap(void) |
1726 |
+ return; |
1727 |
+ |
1728 |
+ /* Setup attributes */ |
1729 |
+- bin_attr_symbol_map.private = __va(be64_to_cpu(syms[0])); |
1730 |
+- bin_attr_symbol_map.size = be64_to_cpu(syms[1]); |
1731 |
++ symbol_map_attr.private = __va(be64_to_cpu(syms[0])); |
1732 |
++ symbol_map_attr.size = be64_to_cpu(syms[1]); |
1733 |
+ |
1734 |
+- rc = sysfs_create_bin_file(opal_kobj, &bin_attr_symbol_map); |
1735 |
++ rc = sysfs_create_bin_file(opal_kobj, &symbol_map_attr); |
1736 |
+ if (rc) |
1737 |
+ pr_warn("Error %d creating OPAL symbols file\n", rc); |
1738 |
+ } |
1739 |
+diff --git a/arch/powerpc/platforms/powernv/pci-ioda-tce.c b/arch/powerpc/platforms/powernv/pci-ioda-tce.c |
1740 |
+index 29e66d6e5763..15a567128c0f 100644 |
1741 |
+--- a/arch/powerpc/platforms/powernv/pci-ioda-tce.c |
1742 |
++++ b/arch/powerpc/platforms/powernv/pci-ioda-tce.c |
1743 |
+@@ -49,6 +49,9 @@ static __be64 *pnv_alloc_tce_level(int nid, unsigned int shift) |
1744 |
+ return addr; |
1745 |
+ } |
1746 |
+ |
1747 |
++static void pnv_pci_ioda2_table_do_free_pages(__be64 *addr, |
1748 |
++ unsigned long size, unsigned int levels); |
1749 |
++ |
1750 |
+ static __be64 *pnv_tce(struct iommu_table *tbl, bool user, long idx, bool alloc) |
1751 |
+ { |
1752 |
+ __be64 *tmp = user ? tbl->it_userspace : (__be64 *) tbl->it_base; |
1753 |
+@@ -58,9 +61,9 @@ static __be64 *pnv_tce(struct iommu_table *tbl, bool user, long idx, bool alloc) |
1754 |
+ |
1755 |
+ while (level) { |
1756 |
+ int n = (idx & mask) >> (level * shift); |
1757 |
+- unsigned long tce; |
1758 |
++ unsigned long oldtce, tce = be64_to_cpu(READ_ONCE(tmp[n])); |
1759 |
+ |
1760 |
+- if (tmp[n] == 0) { |
1761 |
++ if (!tce) { |
1762 |
+ __be64 *tmp2; |
1763 |
+ |
1764 |
+ if (!alloc) |
1765 |
+@@ -71,10 +74,15 @@ static __be64 *pnv_tce(struct iommu_table *tbl, bool user, long idx, bool alloc) |
1766 |
+ if (!tmp2) |
1767 |
+ return NULL; |
1768 |
+ |
1769 |
+- tmp[n] = cpu_to_be64(__pa(tmp2) | |
1770 |
+- TCE_PCI_READ | TCE_PCI_WRITE); |
1771 |
++ tce = __pa(tmp2) | TCE_PCI_READ | TCE_PCI_WRITE; |
1772 |
++ oldtce = be64_to_cpu(cmpxchg(&tmp[n], 0, |
1773 |
++ cpu_to_be64(tce))); |
1774 |
++ if (oldtce) { |
1775 |
++ pnv_pci_ioda2_table_do_free_pages(tmp2, |
1776 |
++ ilog2(tbl->it_level_size) + 3, 1); |
1777 |
++ tce = oldtce; |
1778 |
++ } |
1779 |
+ } |
1780 |
+- tce = be64_to_cpu(tmp[n]); |
1781 |
+ |
1782 |
+ tmp = __va(tce & ~(TCE_PCI_READ | TCE_PCI_WRITE)); |
1783 |
+ idx &= ~mask; |
1784 |
+diff --git a/arch/powerpc/platforms/pseries/lpar.c b/arch/powerpc/platforms/pseries/lpar.c |
1785 |
+index 9e52b686a8fa..ea602f7f97ce 100644 |
1786 |
+--- a/arch/powerpc/platforms/pseries/lpar.c |
1787 |
++++ b/arch/powerpc/platforms/pseries/lpar.c |
1788 |
+@@ -647,7 +647,10 @@ static int pseries_lpar_resize_hpt_commit(void *data) |
1789 |
+ return 0; |
1790 |
+ } |
1791 |
+ |
1792 |
+-/* Must be called in user context */ |
1793 |
++/* |
1794 |
++ * Must be called in process context. The caller must hold the |
1795 |
++ * cpus_lock. |
1796 |
++ */ |
1797 |
+ static int pseries_lpar_resize_hpt(unsigned long shift) |
1798 |
+ { |
1799 |
+ struct hpt_resize_state state = { |
1800 |
+@@ -699,7 +702,8 @@ static int pseries_lpar_resize_hpt(unsigned long shift) |
1801 |
+ |
1802 |
+ t1 = ktime_get(); |
1803 |
+ |
1804 |
+- rc = stop_machine(pseries_lpar_resize_hpt_commit, &state, NULL); |
1805 |
++ rc = stop_machine_cpuslocked(pseries_lpar_resize_hpt_commit, |
1806 |
++ &state, NULL); |
1807 |
+ |
1808 |
+ t2 = ktime_get(); |
1809 |
+ |
1810 |
+diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S |
1811 |
+index fa2c08e3c05e..a03821b2656a 100644 |
1812 |
+--- a/arch/riscv/kernel/entry.S |
1813 |
++++ b/arch/riscv/kernel/entry.S |
1814 |
+@@ -171,9 +171,13 @@ ENTRY(handle_exception) |
1815 |
+ move a1, s4 /* scause */ |
1816 |
+ tail do_IRQ |
1817 |
+ 1: |
1818 |
+- /* Exceptions run with interrupts enabled */ |
1819 |
++ /* Exceptions run with interrupts enabled or disabled |
1820 |
++ depending on the state of sstatus.SR_SPIE */ |
1821 |
++ andi t0, s1, SR_SPIE |
1822 |
++ beqz t0, 1f |
1823 |
+ csrs sstatus, SR_SIE |
1824 |
+ |
1825 |
++1: |
1826 |
+ /* Handle syscalls */ |
1827 |
+ li t0, EXC_SYSCALL |
1828 |
+ beq s4, t0, handle_syscall |
1829 |
+diff --git a/arch/s390/kernel/process.c b/arch/s390/kernel/process.c |
1830 |
+index 6e758bb6cd29..99ef537e548a 100644 |
1831 |
+--- a/arch/s390/kernel/process.c |
1832 |
++++ b/arch/s390/kernel/process.c |
1833 |
+@@ -183,20 +183,30 @@ unsigned long get_wchan(struct task_struct *p) |
1834 |
+ |
1835 |
+ if (!p || p == current || p->state == TASK_RUNNING || !task_stack_page(p)) |
1836 |
+ return 0; |
1837 |
++ |
1838 |
++ if (!try_get_task_stack(p)) |
1839 |
++ return 0; |
1840 |
++ |
1841 |
+ low = task_stack_page(p); |
1842 |
+ high = (struct stack_frame *) task_pt_regs(p); |
1843 |
+ sf = (struct stack_frame *) p->thread.ksp; |
1844 |
+- if (sf <= low || sf > high) |
1845 |
+- return 0; |
1846 |
++ if (sf <= low || sf > high) { |
1847 |
++ return_address = 0; |
1848 |
++ goto out; |
1849 |
++ } |
1850 |
+ for (count = 0; count < 16; count++) { |
1851 |
+ sf = (struct stack_frame *) sf->back_chain; |
1852 |
+- if (sf <= low || sf > high) |
1853 |
+- return 0; |
1854 |
++ if (sf <= low || sf > high) { |
1855 |
++ return_address = 0; |
1856 |
++ goto out; |
1857 |
++ } |
1858 |
+ return_address = sf->gprs[8]; |
1859 |
+ if (!in_sched_functions(return_address)) |
1860 |
+- return return_address; |
1861 |
++ goto out; |
1862 |
+ } |
1863 |
+- return 0; |
1864 |
++out: |
1865 |
++ put_task_stack(p); |
1866 |
++ return return_address; |
1867 |
+ } |
1868 |
+ |
1869 |
+ unsigned long arch_align_stack(unsigned long sp) |
1870 |
+diff --git a/arch/s390/kernel/topology.c b/arch/s390/kernel/topology.c |
1871 |
+index e8184a15578a..7b96888974db 100644 |
1872 |
+--- a/arch/s390/kernel/topology.c |
1873 |
++++ b/arch/s390/kernel/topology.c |
1874 |
+@@ -311,7 +311,8 @@ int arch_update_cpu_topology(void) |
1875 |
+ on_each_cpu(__arch_update_dedicated_flag, NULL, 0); |
1876 |
+ for_each_online_cpu(cpu) { |
1877 |
+ dev = get_cpu_device(cpu); |
1878 |
+- kobject_uevent(&dev->kobj, KOBJ_CHANGE); |
1879 |
++ if (dev) |
1880 |
++ kobject_uevent(&dev->kobj, KOBJ_CHANGE); |
1881 |
+ } |
1882 |
+ return rc; |
1883 |
+ } |
1884 |
+diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c |
1885 |
+index e0551c948c59..fac1d4eaa426 100644 |
1886 |
+--- a/arch/s390/kvm/kvm-s390.c |
1887 |
++++ b/arch/s390/kvm/kvm-s390.c |
1888 |
+@@ -3890,7 +3890,7 @@ static long kvm_s390_guest_mem_op(struct kvm_vcpu *vcpu, |
1889 |
+ const u64 supported_flags = KVM_S390_MEMOP_F_INJECT_EXCEPTION |
1890 |
+ | KVM_S390_MEMOP_F_CHECK_ONLY; |
1891 |
+ |
1892 |
+- if (mop->flags & ~supported_flags) |
1893 |
++ if (mop->flags & ~supported_flags || mop->ar >= NUM_ACRS || !mop->size) |
1894 |
+ return -EINVAL; |
1895 |
+ |
1896 |
+ if (mop->size > MEM_OP_MAX_SIZE) |
1897 |
+diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c |
1898 |
+index e83f4f6bfdac..6f7b3acdab26 100644 |
1899 |
+--- a/arch/x86/kvm/vmx.c |
1900 |
++++ b/arch/x86/kvm/vmx.c |
1901 |
+@@ -8801,7 +8801,7 @@ static int handle_vmread(struct kvm_vcpu *vcpu) |
1902 |
+ /* _system ok, nested_vmx_check_permission has verified cpl=0 */ |
1903 |
+ if (kvm_write_guest_virt_system(vcpu, gva, &field_value, |
1904 |
+ (is_long_mode(vcpu) ? 8 : 4), |
1905 |
+- NULL)) |
1906 |
++ &e)) |
1907 |
+ kvm_inject_page_fault(vcpu, &e); |
1908 |
+ } |
1909 |
+ |
1910 |
+@@ -12574,7 +12574,7 @@ static int check_vmentry_prereqs(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12) |
1911 |
+ |
1912 |
+ /* VM-entry exception error code */ |
1913 |
+ if (has_error_code && |
1914 |
+- vmcs12->vm_entry_exception_error_code & GENMASK(31, 15)) |
1915 |
++ vmcs12->vm_entry_exception_error_code & GENMASK(31, 16)) |
1916 |
+ return VMXERR_ENTRY_INVALID_CONTROL_FIELD; |
1917 |
+ |
1918 |
+ /* VM-entry interruption-info field: reserved bits */ |
1919 |
+diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c |
1920 |
+index 05cb5855255e..6ae8a013af31 100644 |
1921 |
+--- a/arch/x86/kvm/x86.c |
1922 |
++++ b/arch/x86/kvm/x86.c |
1923 |
+@@ -791,34 +791,42 @@ int kvm_set_xcr(struct kvm_vcpu *vcpu, u32 index, u64 xcr) |
1924 |
+ } |
1925 |
+ EXPORT_SYMBOL_GPL(kvm_set_xcr); |
1926 |
+ |
1927 |
+-int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) |
1928 |
++static int kvm_valid_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) |
1929 |
+ { |
1930 |
+- unsigned long old_cr4 = kvm_read_cr4(vcpu); |
1931 |
+- unsigned long pdptr_bits = X86_CR4_PGE | X86_CR4_PSE | X86_CR4_PAE | |
1932 |
+- X86_CR4_SMEP | X86_CR4_SMAP | X86_CR4_PKE; |
1933 |
+- |
1934 |
+ if (cr4 & CR4_RESERVED_BITS) |
1935 |
+- return 1; |
1936 |
++ return -EINVAL; |
1937 |
+ |
1938 |
+ if (!guest_cpuid_has(vcpu, X86_FEATURE_XSAVE) && (cr4 & X86_CR4_OSXSAVE)) |
1939 |
+- return 1; |
1940 |
++ return -EINVAL; |
1941 |
+ |
1942 |
+ if (!guest_cpuid_has(vcpu, X86_FEATURE_SMEP) && (cr4 & X86_CR4_SMEP)) |
1943 |
+- return 1; |
1944 |
++ return -EINVAL; |
1945 |
+ |
1946 |
+ if (!guest_cpuid_has(vcpu, X86_FEATURE_SMAP) && (cr4 & X86_CR4_SMAP)) |
1947 |
+- return 1; |
1948 |
++ return -EINVAL; |
1949 |
+ |
1950 |
+ if (!guest_cpuid_has(vcpu, X86_FEATURE_FSGSBASE) && (cr4 & X86_CR4_FSGSBASE)) |
1951 |
+- return 1; |
1952 |
++ return -EINVAL; |
1953 |
+ |
1954 |
+ if (!guest_cpuid_has(vcpu, X86_FEATURE_PKU) && (cr4 & X86_CR4_PKE)) |
1955 |
+- return 1; |
1956 |
++ return -EINVAL; |
1957 |
+ |
1958 |
+ if (!guest_cpuid_has(vcpu, X86_FEATURE_LA57) && (cr4 & X86_CR4_LA57)) |
1959 |
+- return 1; |
1960 |
++ return -EINVAL; |
1961 |
+ |
1962 |
+ if (!guest_cpuid_has(vcpu, X86_FEATURE_UMIP) && (cr4 & X86_CR4_UMIP)) |
1963 |
++ return -EINVAL; |
1964 |
++ |
1965 |
++ return 0; |
1966 |
++} |
1967 |
++ |
1968 |
++int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) |
1969 |
++{ |
1970 |
++ unsigned long old_cr4 = kvm_read_cr4(vcpu); |
1971 |
++ unsigned long pdptr_bits = X86_CR4_PGE | X86_CR4_PSE | X86_CR4_PAE | |
1972 |
++ X86_CR4_SMEP | X86_CR4_SMAP | X86_CR4_PKE; |
1973 |
++ |
1974 |
++ if (kvm_valid_cr4(vcpu, cr4)) |
1975 |
+ return 1; |
1976 |
+ |
1977 |
+ if (is_long_mode(vcpu)) { |
1978 |
+@@ -8237,10 +8245,6 @@ EXPORT_SYMBOL_GPL(kvm_task_switch); |
1979 |
+ |
1980 |
+ static int kvm_valid_sregs(struct kvm_vcpu *vcpu, struct kvm_sregs *sregs) |
1981 |
+ { |
1982 |
+- if (!guest_cpuid_has(vcpu, X86_FEATURE_XSAVE) && |
1983 |
+- (sregs->cr4 & X86_CR4_OSXSAVE)) |
1984 |
+- return -EINVAL; |
1985 |
+- |
1986 |
+ if ((sregs->efer & EFER_LME) && (sregs->cr0 & X86_CR0_PG)) { |
1987 |
+ /* |
1988 |
+ * When EFER.LME and CR0.PG are set, the processor is in |
1989 |
+@@ -8259,7 +8263,7 @@ static int kvm_valid_sregs(struct kvm_vcpu *vcpu, struct kvm_sregs *sregs) |
1990 |
+ return -EINVAL; |
1991 |
+ } |
1992 |
+ |
1993 |
+- return 0; |
1994 |
++ return kvm_valid_cr4(vcpu, sregs->cr4); |
1995 |
+ } |
1996 |
+ |
1997 |
+ static int __set_sregs(struct kvm_vcpu *vcpu, struct kvm_sregs *sregs) |
1998 |
+diff --git a/arch/x86/purgatory/Makefile b/arch/x86/purgatory/Makefile |
1999 |
+index 10fb42da0007..b81b5172cf99 100644 |
2000 |
+--- a/arch/x86/purgatory/Makefile |
2001 |
++++ b/arch/x86/purgatory/Makefile |
2002 |
+@@ -23,6 +23,7 @@ KCOV_INSTRUMENT := n |
2003 |
+ |
2004 |
+ PURGATORY_CFLAGS_REMOVE := -mcmodel=kernel |
2005 |
+ PURGATORY_CFLAGS := -mcmodel=large -ffreestanding -fno-zero-initialized-in-bss |
2006 |
++PURGATORY_CFLAGS += $(DISABLE_STACKLEAK_PLUGIN) |
2007 |
+ |
2008 |
+ # Default KBUILD_CFLAGS can have -pg option set when FTRACE is enabled. That |
2009 |
+ # in turn leaves some undefined symbols like __fentry__ in purgatory and not |
2010 |
+diff --git a/crypto/skcipher.c b/crypto/skcipher.c |
2011 |
+index b664cf867f5f..a8750b4ebf26 100644 |
2012 |
+--- a/crypto/skcipher.c |
2013 |
++++ b/crypto/skcipher.c |
2014 |
+@@ -95,7 +95,7 @@ static inline u8 *skcipher_get_spot(u8 *start, unsigned int len) |
2015 |
+ return max(start, end_page); |
2016 |
+ } |
2017 |
+ |
2018 |
+-static void skcipher_done_slow(struct skcipher_walk *walk, unsigned int bsize) |
2019 |
++static int skcipher_done_slow(struct skcipher_walk *walk, unsigned int bsize) |
2020 |
+ { |
2021 |
+ u8 *addr; |
2022 |
+ |
2023 |
+@@ -103,19 +103,21 @@ static void skcipher_done_slow(struct skcipher_walk *walk, unsigned int bsize) |
2024 |
+ addr = skcipher_get_spot(addr, bsize); |
2025 |
+ scatterwalk_copychunks(addr, &walk->out, bsize, |
2026 |
+ (walk->flags & SKCIPHER_WALK_PHYS) ? 2 : 1); |
2027 |
++ return 0; |
2028 |
+ } |
2029 |
+ |
2030 |
+ int skcipher_walk_done(struct skcipher_walk *walk, int err) |
2031 |
+ { |
2032 |
+- unsigned int n; /* bytes processed */ |
2033 |
+- bool more; |
2034 |
++ unsigned int n = walk->nbytes; |
2035 |
++ unsigned int nbytes = 0; |
2036 |
+ |
2037 |
+- if (unlikely(err < 0)) |
2038 |
++ if (!n) |
2039 |
+ goto finish; |
2040 |
+ |
2041 |
+- n = walk->nbytes - err; |
2042 |
+- walk->total -= n; |
2043 |
+- more = (walk->total != 0); |
2044 |
++ if (likely(err >= 0)) { |
2045 |
++ n -= err; |
2046 |
++ nbytes = walk->total - n; |
2047 |
++ } |
2048 |
+ |
2049 |
+ if (likely(!(walk->flags & (SKCIPHER_WALK_PHYS | |
2050 |
+ SKCIPHER_WALK_SLOW | |
2051 |
+@@ -131,7 +133,7 @@ unmap_src: |
2052 |
+ memcpy(walk->dst.virt.addr, walk->page, n); |
2053 |
+ skcipher_unmap_dst(walk); |
2054 |
+ } else if (unlikely(walk->flags & SKCIPHER_WALK_SLOW)) { |
2055 |
+- if (err) { |
2056 |
++ if (err > 0) { |
2057 |
+ /* |
2058 |
+ * Didn't process all bytes. Either the algorithm is |
2059 |
+ * broken, or this was the last step and it turned out |
2060 |
+@@ -139,27 +141,29 @@ unmap_src: |
2061 |
+ * the algorithm requires it. |
2062 |
+ */ |
2063 |
+ err = -EINVAL; |
2064 |
+- goto finish; |
2065 |
+- } |
2066 |
+- skcipher_done_slow(walk, n); |
2067 |
+- goto already_advanced; |
2068 |
++ nbytes = 0; |
2069 |
++ } else |
2070 |
++ n = skcipher_done_slow(walk, n); |
2071 |
+ } |
2072 |
+ |
2073 |
++ if (err > 0) |
2074 |
++ err = 0; |
2075 |
++ |
2076 |
++ walk->total = nbytes; |
2077 |
++ walk->nbytes = 0; |
2078 |
++ |
2079 |
+ scatterwalk_advance(&walk->in, n); |
2080 |
+ scatterwalk_advance(&walk->out, n); |
2081 |
+-already_advanced: |
2082 |
+- scatterwalk_done(&walk->in, 0, more); |
2083 |
+- scatterwalk_done(&walk->out, 1, more); |
2084 |
++ scatterwalk_done(&walk->in, 0, nbytes); |
2085 |
++ scatterwalk_done(&walk->out, 1, nbytes); |
2086 |
+ |
2087 |
+- if (more) { |
2088 |
++ if (nbytes) { |
2089 |
+ crypto_yield(walk->flags & SKCIPHER_WALK_SLEEP ? |
2090 |
+ CRYPTO_TFM_REQ_MAY_SLEEP : 0); |
2091 |
+ return skcipher_walk_next(walk); |
2092 |
+ } |
2093 |
+- err = 0; |
2094 |
+-finish: |
2095 |
+- walk->nbytes = 0; |
2096 |
+ |
2097 |
++finish: |
2098 |
+ /* Short-circuit for the common/fast path. */ |
2099 |
+ if (!((unsigned long)walk->buffer | (unsigned long)walk->page)) |
2100 |
+ goto out; |
2101 |
+diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c |
2102 |
+index b1c7009de1f4..bc2fa4e85f0c 100644 |
2103 |
+--- a/drivers/block/nbd.c |
2104 |
++++ b/drivers/block/nbd.c |
2105 |
+@@ -106,6 +106,7 @@ struct nbd_device { |
2106 |
+ struct nbd_config *config; |
2107 |
+ struct mutex config_lock; |
2108 |
+ struct gendisk *disk; |
2109 |
++ struct workqueue_struct *recv_workq; |
2110 |
+ |
2111 |
+ struct list_head list; |
2112 |
+ struct task_struct *task_recv; |
2113 |
+@@ -132,9 +133,10 @@ static struct dentry *nbd_dbg_dir; |
2114 |
+ |
2115 |
+ #define NBD_MAGIC 0x68797548 |
2116 |
+ |
2117 |
++#define NBD_DEF_BLKSIZE 1024 |
2118 |
++ |
2119 |
+ static unsigned int nbds_max = 16; |
2120 |
+ static int max_part = 16; |
2121 |
+-static struct workqueue_struct *recv_workqueue; |
2122 |
+ static int part_shift; |
2123 |
+ |
2124 |
+ static int nbd_dev_dbg_init(struct nbd_device *nbd); |
2125 |
+@@ -1025,7 +1027,7 @@ static int nbd_reconnect_socket(struct nbd_device *nbd, unsigned long arg) |
2126 |
+ /* We take the tx_mutex in an error path in the recv_work, so we |
2127 |
+ * need to queue_work outside of the tx_mutex. |
2128 |
+ */ |
2129 |
+- queue_work(recv_workqueue, &args->work); |
2130 |
++ queue_work(nbd->recv_workq, &args->work); |
2131 |
+ |
2132 |
+ atomic_inc(&config->live_connections); |
2133 |
+ wake_up(&config->conn_wait); |
2134 |
+@@ -1126,6 +1128,10 @@ static void nbd_config_put(struct nbd_device *nbd) |
2135 |
+ kfree(nbd->config); |
2136 |
+ nbd->config = NULL; |
2137 |
+ |
2138 |
++ if (nbd->recv_workq) |
2139 |
++ destroy_workqueue(nbd->recv_workq); |
2140 |
++ nbd->recv_workq = NULL; |
2141 |
++ |
2142 |
+ nbd->tag_set.timeout = 0; |
2143 |
+ nbd->disk->queue->limits.discard_granularity = 0; |
2144 |
+ nbd->disk->queue->limits.discard_alignment = 0; |
2145 |
+@@ -1154,6 +1160,14 @@ static int nbd_start_device(struct nbd_device *nbd) |
2146 |
+ return -EINVAL; |
2147 |
+ } |
2148 |
+ |
2149 |
++ nbd->recv_workq = alloc_workqueue("knbd%d-recv", |
2150 |
++ WQ_MEM_RECLAIM | WQ_HIGHPRI | |
2151 |
++ WQ_UNBOUND, 0, nbd->index); |
2152 |
++ if (!nbd->recv_workq) { |
2153 |
++ dev_err(disk_to_dev(nbd->disk), "Could not allocate knbd recv work queue.\n"); |
2154 |
++ return -ENOMEM; |
2155 |
++ } |
2156 |
++ |
2157 |
+ blk_mq_update_nr_hw_queues(&nbd->tag_set, config->num_connections); |
2158 |
+ nbd->task_recv = current; |
2159 |
+ |
2160 |
+@@ -1184,7 +1198,7 @@ static int nbd_start_device(struct nbd_device *nbd) |
2161 |
+ INIT_WORK(&args->work, recv_work); |
2162 |
+ args->nbd = nbd; |
2163 |
+ args->index = i; |
2164 |
+- queue_work(recv_workqueue, &args->work); |
2165 |
++ queue_work(nbd->recv_workq, &args->work); |
2166 |
+ } |
2167 |
+ nbd_size_update(nbd); |
2168 |
+ return error; |
2169 |
+@@ -1204,8 +1218,10 @@ static int nbd_start_device_ioctl(struct nbd_device *nbd, struct block_device *b |
2170 |
+ mutex_unlock(&nbd->config_lock); |
2171 |
+ ret = wait_event_interruptible(config->recv_wq, |
2172 |
+ atomic_read(&config->recv_threads) == 0); |
2173 |
+- if (ret) |
2174 |
++ if (ret) { |
2175 |
+ sock_shutdown(nbd); |
2176 |
++ flush_workqueue(nbd->recv_workq); |
2177 |
++ } |
2178 |
+ mutex_lock(&nbd->config_lock); |
2179 |
+ nbd_bdev_reset(bdev); |
2180 |
+ /* user requested, ignore socket errors */ |
2181 |
+@@ -1227,6 +1243,14 @@ static void nbd_clear_sock_ioctl(struct nbd_device *nbd, |
2182 |
+ nbd_config_put(nbd); |
2183 |
+ } |
2184 |
+ |
2185 |
++static bool nbd_is_valid_blksize(unsigned long blksize) |
2186 |
++{ |
2187 |
++ if (!blksize || !is_power_of_2(blksize) || blksize < 512 || |
2188 |
++ blksize > PAGE_SIZE) |
2189 |
++ return false; |
2190 |
++ return true; |
2191 |
++} |
2192 |
++ |
2193 |
+ /* Must be called with config_lock held */ |
2194 |
+ static int __nbd_ioctl(struct block_device *bdev, struct nbd_device *nbd, |
2195 |
+ unsigned int cmd, unsigned long arg) |
2196 |
+@@ -1242,8 +1266,9 @@ static int __nbd_ioctl(struct block_device *bdev, struct nbd_device *nbd, |
2197 |
+ case NBD_SET_SOCK: |
2198 |
+ return nbd_add_socket(nbd, arg, false); |
2199 |
+ case NBD_SET_BLKSIZE: |
2200 |
+- if (!arg || !is_power_of_2(arg) || arg < 512 || |
2201 |
+- arg > PAGE_SIZE) |
2202 |
++ if (!arg) |
2203 |
++ arg = NBD_DEF_BLKSIZE; |
2204 |
++ if (!nbd_is_valid_blksize(arg)) |
2205 |
+ return -EINVAL; |
2206 |
+ nbd_size_set(nbd, arg, |
2207 |
+ div_s64(config->bytesize, arg)); |
2208 |
+@@ -1323,7 +1348,7 @@ static struct nbd_config *nbd_alloc_config(void) |
2209 |
+ atomic_set(&config->recv_threads, 0); |
2210 |
+ init_waitqueue_head(&config->recv_wq); |
2211 |
+ init_waitqueue_head(&config->conn_wait); |
2212 |
+- config->blksize = 1024; |
2213 |
++ config->blksize = NBD_DEF_BLKSIZE; |
2214 |
+ atomic_set(&config->live_connections, 0); |
2215 |
+ try_module_get(THIS_MODULE); |
2216 |
+ return config; |
2217 |
+@@ -1759,6 +1784,12 @@ again: |
2218 |
+ if (info->attrs[NBD_ATTR_BLOCK_SIZE_BYTES]) { |
2219 |
+ u64 bsize = |
2220 |
+ nla_get_u64(info->attrs[NBD_ATTR_BLOCK_SIZE_BYTES]); |
2221 |
++ if (!bsize) |
2222 |
++ bsize = NBD_DEF_BLKSIZE; |
2223 |
++ if (!nbd_is_valid_blksize(bsize)) { |
2224 |
++ ret = -EINVAL; |
2225 |
++ goto out; |
2226 |
++ } |
2227 |
+ nbd_size_set(nbd, bsize, div64_u64(config->bytesize, bsize)); |
2228 |
+ } |
2229 |
+ if (info->attrs[NBD_ATTR_TIMEOUT]) { |
2230 |
+@@ -1835,6 +1866,12 @@ static void nbd_disconnect_and_put(struct nbd_device *nbd) |
2231 |
+ nbd_disconnect(nbd); |
2232 |
+ nbd_clear_sock(nbd); |
2233 |
+ mutex_unlock(&nbd->config_lock); |
2234 |
++ /* |
2235 |
++ * Make sure recv thread has finished, so it does not drop the last |
2236 |
++ * config ref and try to destroy the workqueue from inside the work |
2237 |
++ * queue. |
2238 |
++ */ |
2239 |
++ flush_workqueue(nbd->recv_workq); |
2240 |
+ if (test_and_clear_bit(NBD_HAS_CONFIG_REF, |
2241 |
+ &nbd->config->runtime_flags)) |
2242 |
+ nbd_config_put(nbd); |
2243 |
+@@ -2215,20 +2252,12 @@ static int __init nbd_init(void) |
2244 |
+ |
2245 |
+ if (nbds_max > 1UL << (MINORBITS - part_shift)) |
2246 |
+ return -EINVAL; |
2247 |
+- recv_workqueue = alloc_workqueue("knbd-recv", |
2248 |
+- WQ_MEM_RECLAIM | WQ_HIGHPRI | |
2249 |
+- WQ_UNBOUND, 0); |
2250 |
+- if (!recv_workqueue) |
2251 |
+- return -ENOMEM; |
2252 |
+ |
2253 |
+- if (register_blkdev(NBD_MAJOR, "nbd")) { |
2254 |
+- destroy_workqueue(recv_workqueue); |
2255 |
++ if (register_blkdev(NBD_MAJOR, "nbd")) |
2256 |
+ return -EIO; |
2257 |
+- } |
2258 |
+ |
2259 |
+ if (genl_register_family(&nbd_genl_family)) { |
2260 |
+ unregister_blkdev(NBD_MAJOR, "nbd"); |
2261 |
+- destroy_workqueue(recv_workqueue); |
2262 |
+ return -EINVAL; |
2263 |
+ } |
2264 |
+ nbd_dbg_init(); |
2265 |
+@@ -2270,7 +2299,6 @@ static void __exit nbd_cleanup(void) |
2266 |
+ |
2267 |
+ idr_destroy(&nbd_index_idr); |
2268 |
+ genl_unregister_family(&nbd_genl_family); |
2269 |
+- destroy_workqueue(recv_workqueue); |
2270 |
+ unregister_blkdev(NBD_MAJOR, "nbd"); |
2271 |
+ } |
2272 |
+ |
2273 |
+diff --git a/drivers/crypto/caam/caamalg_desc.c b/drivers/crypto/caam/caamalg_desc.c |
2274 |
+index a408edd84f34..edacf9b39b63 100644 |
2275 |
+--- a/drivers/crypto/caam/caamalg_desc.c |
2276 |
++++ b/drivers/crypto/caam/caamalg_desc.c |
2277 |
+@@ -509,6 +509,7 @@ void cnstr_shdsc_aead_givencap(u32 * const desc, struct alginfo *cdata, |
2278 |
+ const bool is_qi, int era) |
2279 |
+ { |
2280 |
+ u32 geniv, moveiv; |
2281 |
++ u32 *wait_cmd; |
2282 |
+ |
2283 |
+ /* Note: Context registers are saved. */ |
2284 |
+ init_sh_desc_key_aead(desc, cdata, adata, is_rfc3686, nonce, era); |
2285 |
+@@ -604,6 +605,14 @@ copy_iv: |
2286 |
+ |
2287 |
+ /* Will read cryptlen */ |
2288 |
+ append_math_add(desc, VARSEQINLEN, SEQINLEN, REG0, CAAM_CMD_SZ); |
2289 |
++ |
2290 |
++ /* |
2291 |
++ * Wait for IV transfer (ofifo -> class2) to finish before starting |
2292 |
++ * ciphertext transfer (ofifo -> external memory). |
2293 |
++ */ |
2294 |
++ wait_cmd = append_jump(desc, JUMP_JSL | JUMP_TEST_ALL | JUMP_COND_NIFP); |
2295 |
++ set_jump_tgt_here(desc, wait_cmd); |
2296 |
++ |
2297 |
+ append_seq_fifo_load(desc, 0, FIFOLD_CLASS_BOTH | KEY_VLF | |
2298 |
+ FIFOLD_TYPE_MSG1OUT2 | FIFOLD_TYPE_LASTBOTH); |
2299 |
+ append_seq_fifo_store(desc, 0, FIFOST_TYPE_MESSAGE_DATA | KEY_VLF); |
2300 |
+diff --git a/drivers/crypto/caam/caamalg_desc.h b/drivers/crypto/caam/caamalg_desc.h |
2301 |
+index a917af5776ce..05516b0a4240 100644 |
2302 |
+--- a/drivers/crypto/caam/caamalg_desc.h |
2303 |
++++ b/drivers/crypto/caam/caamalg_desc.h |
2304 |
+@@ -12,7 +12,7 @@ |
2305 |
+ #define DESC_AEAD_BASE (4 * CAAM_CMD_SZ) |
2306 |
+ #define DESC_AEAD_ENC_LEN (DESC_AEAD_BASE + 11 * CAAM_CMD_SZ) |
2307 |
+ #define DESC_AEAD_DEC_LEN (DESC_AEAD_BASE + 15 * CAAM_CMD_SZ) |
2308 |
+-#define DESC_AEAD_GIVENC_LEN (DESC_AEAD_ENC_LEN + 7 * CAAM_CMD_SZ) |
2309 |
++#define DESC_AEAD_GIVENC_LEN (DESC_AEAD_ENC_LEN + 8 * CAAM_CMD_SZ) |
2310 |
+ #define DESC_QI_AEAD_ENC_LEN (DESC_AEAD_ENC_LEN + 3 * CAAM_CMD_SZ) |
2311 |
+ #define DESC_QI_AEAD_DEC_LEN (DESC_AEAD_DEC_LEN + 3 * CAAM_CMD_SZ) |
2312 |
+ #define DESC_QI_AEAD_GIVENC_LEN (DESC_AEAD_GIVENC_LEN + 3 * CAAM_CMD_SZ) |
2313 |
+diff --git a/drivers/crypto/cavium/zip/zip_main.c b/drivers/crypto/cavium/zip/zip_main.c |
2314 |
+index 6183f9128a8a..ea901bc5733c 100644 |
2315 |
+--- a/drivers/crypto/cavium/zip/zip_main.c |
2316 |
++++ b/drivers/crypto/cavium/zip/zip_main.c |
2317 |
+@@ -593,6 +593,7 @@ static const struct file_operations zip_stats_fops = { |
2318 |
+ .owner = THIS_MODULE, |
2319 |
+ .open = zip_stats_open, |
2320 |
+ .read = seq_read, |
2321 |
++ .release = single_release, |
2322 |
+ }; |
2323 |
+ |
2324 |
+ static int zip_clear_open(struct inode *inode, struct file *file) |
2325 |
+@@ -604,6 +605,7 @@ static const struct file_operations zip_clear_fops = { |
2326 |
+ .owner = THIS_MODULE, |
2327 |
+ .open = zip_clear_open, |
2328 |
+ .read = seq_read, |
2329 |
++ .release = single_release, |
2330 |
+ }; |
2331 |
+ |
2332 |
+ static int zip_regs_open(struct inode *inode, struct file *file) |
2333 |
+@@ -615,6 +617,7 @@ static const struct file_operations zip_regs_fops = { |
2334 |
+ .owner = THIS_MODULE, |
2335 |
+ .open = zip_regs_open, |
2336 |
+ .read = seq_read, |
2337 |
++ .release = single_release, |
2338 |
+ }; |
2339 |
+ |
2340 |
+ /* Root directory for thunderx_zip debugfs entry */ |
2341 |
+diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c |
2342 |
+index 0669033f5be5..aa6b45bc13b9 100644 |
2343 |
+--- a/drivers/crypto/ccree/cc_aead.c |
2344 |
++++ b/drivers/crypto/ccree/cc_aead.c |
2345 |
+@@ -227,7 +227,7 @@ static void cc_aead_complete(struct device *dev, void *cc_req, int err) |
2346 |
+ /* In case of payload authentication failure, MUST NOT |
2347 |
+ * revealed the decrypted message --> zero its memory. |
2348 |
+ */ |
2349 |
+- cc_zero_sgl(areq->dst, areq_ctx->cryptlen); |
2350 |
++ cc_zero_sgl(areq->dst, areq->cryptlen); |
2351 |
+ err = -EBADMSG; |
2352 |
+ } |
2353 |
+ } else { /*ENCRYPT*/ |
2354 |
+diff --git a/drivers/crypto/ccree/cc_fips.c b/drivers/crypto/ccree/cc_fips.c |
2355 |
+index 09f708f6418e..bac278d274b0 100644 |
2356 |
+--- a/drivers/crypto/ccree/cc_fips.c |
2357 |
++++ b/drivers/crypto/ccree/cc_fips.c |
2358 |
+@@ -21,7 +21,13 @@ static bool cc_get_tee_fips_status(struct cc_drvdata *drvdata) |
2359 |
+ u32 reg; |
2360 |
+ |
2361 |
+ reg = cc_ioread(drvdata, CC_REG(GPR_HOST)); |
2362 |
+- return (reg == (CC_FIPS_SYNC_TEE_STATUS | CC_FIPS_SYNC_MODULE_OK)); |
2363 |
++ /* Did the TEE report status? */ |
2364 |
++ if (reg & CC_FIPS_SYNC_TEE_STATUS) |
2365 |
++ /* Yes. Is it OK? */ |
2366 |
++ return (reg & CC_FIPS_SYNC_MODULE_OK); |
2367 |
++ |
2368 |
++ /* No. It's either not in use or will be reported later */ |
2369 |
++ return true; |
2370 |
+ } |
2371 |
+ |
2372 |
+ /* |
2373 |
+diff --git a/drivers/crypto/qat/qat_common/adf_common_drv.h b/drivers/crypto/qat/qat_common/adf_common_drv.h |
2374 |
+index 5c4c0a253129..d78f8d5c89c3 100644 |
2375 |
+--- a/drivers/crypto/qat/qat_common/adf_common_drv.h |
2376 |
++++ b/drivers/crypto/qat/qat_common/adf_common_drv.h |
2377 |
+@@ -95,7 +95,7 @@ struct service_hndl { |
2378 |
+ |
2379 |
+ static inline int get_current_node(void) |
2380 |
+ { |
2381 |
+- return topology_physical_package_id(smp_processor_id()); |
2382 |
++ return topology_physical_package_id(raw_smp_processor_id()); |
2383 |
+ } |
2384 |
+ |
2385 |
+ int adf_service_register(struct service_hndl *service); |
2386 |
+diff --git a/drivers/devfreq/tegra-devfreq.c b/drivers/devfreq/tegra-devfreq.c |
2387 |
+index c59d2eee5d30..06768074d2d8 100644 |
2388 |
+--- a/drivers/devfreq/tegra-devfreq.c |
2389 |
++++ b/drivers/devfreq/tegra-devfreq.c |
2390 |
+@@ -486,11 +486,11 @@ static int tegra_devfreq_target(struct device *dev, unsigned long *freq, |
2391 |
+ { |
2392 |
+ struct tegra_devfreq *tegra = dev_get_drvdata(dev); |
2393 |
+ struct dev_pm_opp *opp; |
2394 |
+- unsigned long rate = *freq * KHZ; |
2395 |
++ unsigned long rate; |
2396 |
+ |
2397 |
+- opp = devfreq_recommended_opp(dev, &rate, flags); |
2398 |
++ opp = devfreq_recommended_opp(dev, freq, flags); |
2399 |
+ if (IS_ERR(opp)) { |
2400 |
+- dev_err(dev, "Failed to find opp for %lu KHz\n", *freq); |
2401 |
++ dev_err(dev, "Failed to find opp for %lu Hz\n", *freq); |
2402 |
+ return PTR_ERR(opp); |
2403 |
+ } |
2404 |
+ rate = dev_pm_opp_get_freq(opp); |
2405 |
+@@ -499,8 +499,6 @@ static int tegra_devfreq_target(struct device *dev, unsigned long *freq, |
2406 |
+ clk_set_min_rate(tegra->emc_clock, rate); |
2407 |
+ clk_set_rate(tegra->emc_clock, 0); |
2408 |
+ |
2409 |
+- *freq = rate; |
2410 |
+- |
2411 |
+ return 0; |
2412 |
+ } |
2413 |
+ |
2414 |
+@@ -510,7 +508,7 @@ static int tegra_devfreq_get_dev_status(struct device *dev, |
2415 |
+ struct tegra_devfreq *tegra = dev_get_drvdata(dev); |
2416 |
+ struct tegra_devfreq_device *actmon_dev; |
2417 |
+ |
2418 |
+- stat->current_frequency = tegra->cur_freq; |
2419 |
++ stat->current_frequency = tegra->cur_freq * KHZ; |
2420 |
+ |
2421 |
+ /* To be used by the tegra governor */ |
2422 |
+ stat->private_data = tegra; |
2423 |
+@@ -565,7 +563,7 @@ static int tegra_governor_get_target(struct devfreq *devfreq, |
2424 |
+ target_freq = max(target_freq, dev->target_freq); |
2425 |
+ } |
2426 |
+ |
2427 |
+- *freq = target_freq; |
2428 |
++ *freq = target_freq * KHZ; |
2429 |
+ |
2430 |
+ return 0; |
2431 |
+ } |
2432 |
+diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c |
2433 |
+index 51b5e977ca88..f4e9d1b10e3e 100644 |
2434 |
+--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c |
2435 |
++++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c |
2436 |
+@@ -139,7 +139,8 @@ int amdgpu_ib_schedule(struct amdgpu_ring *ring, unsigned num_ibs, |
2437 |
+ /* ring tests don't use a job */ |
2438 |
+ if (job) { |
2439 |
+ vm = job->vm; |
2440 |
+- fence_ctx = job->base.s_fence->scheduled.context; |
2441 |
++ fence_ctx = job->base.s_fence ? |
2442 |
++ job->base.s_fence->scheduled.context : 0; |
2443 |
+ } else { |
2444 |
+ vm = NULL; |
2445 |
+ fence_ctx = 0; |
2446 |
+diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c |
2447 |
+index c0396e83f352..fc93b103f777 100644 |
2448 |
+--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c |
2449 |
++++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c |
2450 |
+@@ -562,6 +562,9 @@ static int amdgpu_info_ioctl(struct drm_device *dev, void *data, struct drm_file |
2451 |
+ if (sh_num == AMDGPU_INFO_MMR_SH_INDEX_MASK) |
2452 |
+ sh_num = 0xffffffff; |
2453 |
+ |
2454 |
++ if (info->read_mmr_reg.count > 128) |
2455 |
++ return -EINVAL; |
2456 |
++ |
2457 |
+ regs = kmalloc_array(info->read_mmr_reg.count, sizeof(*regs), GFP_KERNEL); |
2458 |
+ if (!regs) |
2459 |
+ return -ENOMEM; |
2460 |
+diff --git a/drivers/gpu/drm/i915/gvt/scheduler.c b/drivers/gpu/drm/i915/gvt/scheduler.c |
2461 |
+index 663a7c9ca3d3..d0e216d85a22 100644 |
2462 |
+--- a/drivers/gpu/drm/i915/gvt/scheduler.c |
2463 |
++++ b/drivers/gpu/drm/i915/gvt/scheduler.c |
2464 |
+@@ -1276,9 +1276,6 @@ static int prepare_mm(struct intel_vgpu_workload *workload) |
2465 |
+ #define same_context(a, b) (((a)->context_id == (b)->context_id) && \ |
2466 |
+ ((a)->lrca == (b)->lrca)) |
2467 |
+ |
2468 |
+-#define get_last_workload(q) \ |
2469 |
+- (list_empty(q) ? NULL : container_of(q->prev, \ |
2470 |
+- struct intel_vgpu_workload, list)) |
2471 |
+ /** |
2472 |
+ * intel_vgpu_create_workload - create a vGPU workload |
2473 |
+ * @vgpu: a vGPU |
2474 |
+@@ -1297,7 +1294,7 @@ intel_vgpu_create_workload(struct intel_vgpu *vgpu, int ring_id, |
2475 |
+ { |
2476 |
+ struct intel_vgpu_submission *s = &vgpu->submission; |
2477 |
+ struct list_head *q = workload_q_head(vgpu, ring_id); |
2478 |
+- struct intel_vgpu_workload *last_workload = get_last_workload(q); |
2479 |
++ struct intel_vgpu_workload *last_workload = NULL; |
2480 |
+ struct intel_vgpu_workload *workload = NULL; |
2481 |
+ struct drm_i915_private *dev_priv = vgpu->gvt->dev_priv; |
2482 |
+ u64 ring_context_gpa; |
2483 |
+@@ -1320,15 +1317,20 @@ intel_vgpu_create_workload(struct intel_vgpu *vgpu, int ring_id, |
2484 |
+ head &= RB_HEAD_OFF_MASK; |
2485 |
+ tail &= RB_TAIL_OFF_MASK; |
2486 |
+ |
2487 |
+- if (last_workload && same_context(&last_workload->ctx_desc, desc)) { |
2488 |
+- gvt_dbg_el("ring id %d cur workload == last\n", ring_id); |
2489 |
+- gvt_dbg_el("ctx head %x real head %lx\n", head, |
2490 |
+- last_workload->rb_tail); |
2491 |
+- /* |
2492 |
+- * cannot use guest context head pointer here, |
2493 |
+- * as it might not be updated at this time |
2494 |
+- */ |
2495 |
+- head = last_workload->rb_tail; |
2496 |
++ list_for_each_entry_reverse(last_workload, q, list) { |
2497 |
++ |
2498 |
++ if (same_context(&last_workload->ctx_desc, desc)) { |
2499 |
++ gvt_dbg_el("ring id %d cur workload == last\n", |
2500 |
++ ring_id); |
2501 |
++ gvt_dbg_el("ctx head %x real head %lx\n", head, |
2502 |
++ last_workload->rb_tail); |
2503 |
++ /* |
2504 |
++ * cannot use guest context head pointer here, |
2505 |
++ * as it might not be updated at this time |
2506 |
++ */ |
2507 |
++ head = last_workload->rb_tail; |
2508 |
++ break; |
2509 |
++ } |
2510 |
+ } |
2511 |
+ |
2512 |
+ gvt_dbg_el("ring id %d begin a new workload\n", ring_id); |
2513 |
+diff --git a/drivers/gpu/drm/msm/dsi/dsi_host.c b/drivers/gpu/drm/msm/dsi/dsi_host.c |
2514 |
+index 96fb5f635314..cc4ea5502d6c 100644 |
2515 |
+--- a/drivers/gpu/drm/msm/dsi/dsi_host.c |
2516 |
++++ b/drivers/gpu/drm/msm/dsi/dsi_host.c |
2517 |
+@@ -429,15 +429,15 @@ static int dsi_clk_init(struct msm_dsi_host *msm_host) |
2518 |
+ } |
2519 |
+ |
2520 |
+ msm_host->byte_clk_src = clk_get_parent(msm_host->byte_clk); |
2521 |
+- if (!msm_host->byte_clk_src) { |
2522 |
+- ret = -ENODEV; |
2523 |
++ if (IS_ERR(msm_host->byte_clk_src)) { |
2524 |
++ ret = PTR_ERR(msm_host->byte_clk_src); |
2525 |
+ pr_err("%s: can't find byte_clk clock. ret=%d\n", __func__, ret); |
2526 |
+ goto exit; |
2527 |
+ } |
2528 |
+ |
2529 |
+ msm_host->pixel_clk_src = clk_get_parent(msm_host->pixel_clk); |
2530 |
+- if (!msm_host->pixel_clk_src) { |
2531 |
+- ret = -ENODEV; |
2532 |
++ if (IS_ERR(msm_host->pixel_clk_src)) { |
2533 |
++ ret = PTR_ERR(msm_host->pixel_clk_src); |
2534 |
+ pr_err("%s: can't find pixel_clk clock. ret=%d\n", __func__, ret); |
2535 |
+ goto exit; |
2536 |
+ } |
2537 |
+diff --git a/drivers/gpu/drm/nouveau/dispnv50/disp.c b/drivers/gpu/drm/nouveau/dispnv50/disp.c |
2538 |
+index 5e01bfb69d7a..10107e551fac 100644 |
2539 |
+--- a/drivers/gpu/drm/nouveau/dispnv50/disp.c |
2540 |
++++ b/drivers/gpu/drm/nouveau/dispnv50/disp.c |
2541 |
+@@ -1517,7 +1517,8 @@ nv50_sor_create(struct drm_connector *connector, struct dcb_output *dcbe) |
2542 |
+ nv_encoder->aux = aux; |
2543 |
+ } |
2544 |
+ |
2545 |
+- if ((data = nvbios_dp_table(bios, &ver, &hdr, &cnt, &len)) && |
2546 |
++ if (nv_connector->type != DCB_CONNECTOR_eDP && |
2547 |
++ (data = nvbios_dp_table(bios, &ver, &hdr, &cnt, &len)) && |
2548 |
+ ver >= 0x40 && (nvbios_rd08(bios, data + 0x08) & 0x04)) { |
2549 |
+ ret = nv50_mstm_new(nv_encoder, &nv_connector->aux, 16, |
2550 |
+ nv_connector->base.base.id, |
2551 |
+diff --git a/drivers/gpu/drm/omapdrm/dss/dss.c b/drivers/gpu/drm/omapdrm/dss/dss.c |
2552 |
+index cb80ddaa19d2..7e9e2f064454 100644 |
2553 |
+--- a/drivers/gpu/drm/omapdrm/dss/dss.c |
2554 |
++++ b/drivers/gpu/drm/omapdrm/dss/dss.c |
2555 |
+@@ -1110,7 +1110,7 @@ static const struct dss_features omap34xx_dss_feats = { |
2556 |
+ |
2557 |
+ static const struct dss_features omap3630_dss_feats = { |
2558 |
+ .model = DSS_MODEL_OMAP3, |
2559 |
+- .fck_div_max = 32, |
2560 |
++ .fck_div_max = 31, |
2561 |
+ .fck_freq_max = 173000000, |
2562 |
+ .dss_fck_multiplier = 1, |
2563 |
+ .parent_clk_name = "dpll4_ck", |
2564 |
+diff --git a/drivers/gpu/drm/radeon/radeon_drv.c b/drivers/gpu/drm/radeon/radeon_drv.c |
2565 |
+index 25b5407c74b5..d83310751a8e 100644 |
2566 |
+--- a/drivers/gpu/drm/radeon/radeon_drv.c |
2567 |
++++ b/drivers/gpu/drm/radeon/radeon_drv.c |
2568 |
+@@ -340,8 +340,39 @@ static int radeon_kick_out_firmware_fb(struct pci_dev *pdev) |
2569 |
+ static int radeon_pci_probe(struct pci_dev *pdev, |
2570 |
+ const struct pci_device_id *ent) |
2571 |
+ { |
2572 |
++ unsigned long flags = 0; |
2573 |
+ int ret; |
2574 |
+ |
2575 |
++ if (!ent) |
2576 |
++ return -ENODEV; /* Avoid NULL-ptr deref in drm_get_pci_dev */ |
2577 |
++ |
2578 |
++ flags = ent->driver_data; |
2579 |
++ |
2580 |
++ if (!radeon_si_support) { |
2581 |
++ switch (flags & RADEON_FAMILY_MASK) { |
2582 |
++ case CHIP_TAHITI: |
2583 |
++ case CHIP_PITCAIRN: |
2584 |
++ case CHIP_VERDE: |
2585 |
++ case CHIP_OLAND: |
2586 |
++ case CHIP_HAINAN: |
2587 |
++ dev_info(&pdev->dev, |
2588 |
++ "SI support disabled by module param\n"); |
2589 |
++ return -ENODEV; |
2590 |
++ } |
2591 |
++ } |
2592 |
++ if (!radeon_cik_support) { |
2593 |
++ switch (flags & RADEON_FAMILY_MASK) { |
2594 |
++ case CHIP_KAVERI: |
2595 |
++ case CHIP_BONAIRE: |
2596 |
++ case CHIP_HAWAII: |
2597 |
++ case CHIP_KABINI: |
2598 |
++ case CHIP_MULLINS: |
2599 |
++ dev_info(&pdev->dev, |
2600 |
++ "CIK support disabled by module param\n"); |
2601 |
++ return -ENODEV; |
2602 |
++ } |
2603 |
++ } |
2604 |
++ |
2605 |
+ if (vga_switcheroo_client_probe_defer(pdev)) |
2606 |
+ return -EPROBE_DEFER; |
2607 |
+ |
2608 |
+diff --git a/drivers/gpu/drm/radeon/radeon_kms.c b/drivers/gpu/drm/radeon/radeon_kms.c |
2609 |
+index 6a8fb6fd183c..3ff835767ac5 100644 |
2610 |
+--- a/drivers/gpu/drm/radeon/radeon_kms.c |
2611 |
++++ b/drivers/gpu/drm/radeon/radeon_kms.c |
2612 |
+@@ -95,31 +95,6 @@ int radeon_driver_load_kms(struct drm_device *dev, unsigned long flags) |
2613 |
+ struct radeon_device *rdev; |
2614 |
+ int r, acpi_status; |
2615 |
+ |
2616 |
+- if (!radeon_si_support) { |
2617 |
+- switch (flags & RADEON_FAMILY_MASK) { |
2618 |
+- case CHIP_TAHITI: |
2619 |
+- case CHIP_PITCAIRN: |
2620 |
+- case CHIP_VERDE: |
2621 |
+- case CHIP_OLAND: |
2622 |
+- case CHIP_HAINAN: |
2623 |
+- dev_info(dev->dev, |
2624 |
+- "SI support disabled by module param\n"); |
2625 |
+- return -ENODEV; |
2626 |
+- } |
2627 |
+- } |
2628 |
+- if (!radeon_cik_support) { |
2629 |
+- switch (flags & RADEON_FAMILY_MASK) { |
2630 |
+- case CHIP_KAVERI: |
2631 |
+- case CHIP_BONAIRE: |
2632 |
+- case CHIP_HAWAII: |
2633 |
+- case CHIP_KABINI: |
2634 |
+- case CHIP_MULLINS: |
2635 |
+- dev_info(dev->dev, |
2636 |
+- "CIK support disabled by module param\n"); |
2637 |
+- return -ENODEV; |
2638 |
+- } |
2639 |
+- } |
2640 |
+- |
2641 |
+ rdev = kzalloc(sizeof(struct radeon_device), GFP_KERNEL); |
2642 |
+ if (rdev == NULL) { |
2643 |
+ return -ENOMEM; |
2644 |
+diff --git a/drivers/hwtracing/coresight/coresight-etm4x.c b/drivers/hwtracing/coresight/coresight-etm4x.c |
2645 |
+index 2bce7cf0b0af..e45b5ec2f451 100644 |
2646 |
+--- a/drivers/hwtracing/coresight/coresight-etm4x.c |
2647 |
++++ b/drivers/hwtracing/coresight/coresight-etm4x.c |
2648 |
+@@ -174,6 +174,12 @@ static void etm4_enable_hw(void *info) |
2649 |
+ if (coresight_timeout(drvdata->base, TRCSTATR, TRCSTATR_IDLE_BIT, 0)) |
2650 |
+ dev_err(drvdata->dev, |
2651 |
+ "timeout while waiting for Idle Trace Status\n"); |
2652 |
++ /* |
2653 |
++ * As recommended by section 4.3.7 ("Synchronization when using the |
2654 |
++ * memory-mapped interface") of ARM IHI 0064D |
2655 |
++ */ |
2656 |
++ dsb(sy); |
2657 |
++ isb(); |
2658 |
+ |
2659 |
+ CS_LOCK(drvdata->base); |
2660 |
+ |
2661 |
+@@ -324,8 +330,12 @@ static void etm4_disable_hw(void *info) |
2662 |
+ /* EN, bit[0] Trace unit enable bit */ |
2663 |
+ control &= ~0x1; |
2664 |
+ |
2665 |
+- /* make sure everything completes before disabling */ |
2666 |
+- mb(); |
2667 |
++ /* |
2668 |
++ * Make sure everything completes before disabling, as recommended |
2669 |
++ * by section 7.3.77 ("TRCVICTLR, ViewInst Main Control Register, |
2670 |
++ * SSTATUS") of ARM IHI 0064D |
2671 |
++ */ |
2672 |
++ dsb(sy); |
2673 |
+ isb(); |
2674 |
+ writel_relaxed(control, drvdata->base + TRCPRGCTLR); |
2675 |
+ |
2676 |
+diff --git a/drivers/mmc/host/sdhci-of-esdhc.c b/drivers/mmc/host/sdhci-of-esdhc.c |
2677 |
+index e5c598ae5f24..6627523e728b 100644 |
2678 |
+--- a/drivers/mmc/host/sdhci-of-esdhc.c |
2679 |
++++ b/drivers/mmc/host/sdhci-of-esdhc.c |
2680 |
+@@ -480,7 +480,12 @@ static int esdhc_of_enable_dma(struct sdhci_host *host) |
2681 |
+ dma_set_mask_and_coherent(dev, DMA_BIT_MASK(40)); |
2682 |
+ |
2683 |
+ value = sdhci_readl(host, ESDHC_DMA_SYSCTL); |
2684 |
+- value |= ESDHC_DMA_SNOOP; |
2685 |
++ |
2686 |
++ if (of_dma_is_coherent(dev->of_node)) |
2687 |
++ value |= ESDHC_DMA_SNOOP; |
2688 |
++ else |
2689 |
++ value &= ~ESDHC_DMA_SNOOP; |
2690 |
++ |
2691 |
+ sdhci_writel(host, value, ESDHC_DMA_SYSCTL); |
2692 |
+ return 0; |
2693 |
+ } |
2694 |
+diff --git a/drivers/mmc/host/sdhci.c b/drivers/mmc/host/sdhci.c |
2695 |
+index eb33b892b484..e99d5632d8fa 100644 |
2696 |
+--- a/drivers/mmc/host/sdhci.c |
2697 |
++++ b/drivers/mmc/host/sdhci.c |
2698 |
+@@ -2720,6 +2720,7 @@ static void sdhci_cmd_irq(struct sdhci_host *host, u32 intmask, u32 *intmask_p) |
2699 |
+ static void sdhci_adma_show_error(struct sdhci_host *host) |
2700 |
+ { |
2701 |
+ void *desc = host->adma_table; |
2702 |
++ dma_addr_t dma = host->adma_addr; |
2703 |
+ |
2704 |
+ sdhci_dumpregs(host); |
2705 |
+ |
2706 |
+@@ -2727,18 +2728,21 @@ static void sdhci_adma_show_error(struct sdhci_host *host) |
2707 |
+ struct sdhci_adma2_64_desc *dma_desc = desc; |
2708 |
+ |
2709 |
+ if (host->flags & SDHCI_USE_64_BIT_DMA) |
2710 |
+- DBG("%p: DMA 0x%08x%08x, LEN 0x%04x, Attr=0x%02x\n", |
2711 |
+- desc, le32_to_cpu(dma_desc->addr_hi), |
2712 |
++ SDHCI_DUMP("%08llx: DMA 0x%08x%08x, LEN 0x%04x, Attr=0x%02x\n", |
2713 |
++ (unsigned long long)dma, |
2714 |
++ le32_to_cpu(dma_desc->addr_hi), |
2715 |
+ le32_to_cpu(dma_desc->addr_lo), |
2716 |
+ le16_to_cpu(dma_desc->len), |
2717 |
+ le16_to_cpu(dma_desc->cmd)); |
2718 |
+ else |
2719 |
+- DBG("%p: DMA 0x%08x, LEN 0x%04x, Attr=0x%02x\n", |
2720 |
+- desc, le32_to_cpu(dma_desc->addr_lo), |
2721 |
++ SDHCI_DUMP("%08llx: DMA 0x%08x, LEN 0x%04x, Attr=0x%02x\n", |
2722 |
++ (unsigned long long)dma, |
2723 |
++ le32_to_cpu(dma_desc->addr_lo), |
2724 |
+ le16_to_cpu(dma_desc->len), |
2725 |
+ le16_to_cpu(dma_desc->cmd)); |
2726 |
+ |
2727 |
+ desc += host->desc_sz; |
2728 |
++ dma += host->desc_sz; |
2729 |
+ |
2730 |
+ if (dma_desc->cmd & cpu_to_le16(ADMA2_END)) |
2731 |
+ break; |
2732 |
+@@ -2814,7 +2818,8 @@ static void sdhci_data_irq(struct sdhci_host *host, u32 intmask) |
2733 |
+ != MMC_BUS_TEST_R) |
2734 |
+ host->data->error = -EILSEQ; |
2735 |
+ else if (intmask & SDHCI_INT_ADMA_ERROR) { |
2736 |
+- pr_err("%s: ADMA error\n", mmc_hostname(host->mmc)); |
2737 |
++ pr_err("%s: ADMA error: 0x%08x\n", mmc_hostname(host->mmc), |
2738 |
++ intmask); |
2739 |
+ sdhci_adma_show_error(host); |
2740 |
+ host->data->error = -EIO; |
2741 |
+ if (host->ops->adma_workaround) |
2742 |
+diff --git a/drivers/net/can/spi/mcp251x.c b/drivers/net/can/spi/mcp251x.c |
2743 |
+index fccb6bf21fad..de8d9dceb123 100644 |
2744 |
+--- a/drivers/net/can/spi/mcp251x.c |
2745 |
++++ b/drivers/net/can/spi/mcp251x.c |
2746 |
+@@ -626,7 +626,7 @@ static int mcp251x_setup(struct net_device *net, struct spi_device *spi) |
2747 |
+ static int mcp251x_hw_reset(struct spi_device *spi) |
2748 |
+ { |
2749 |
+ struct mcp251x_priv *priv = spi_get_drvdata(spi); |
2750 |
+- u8 reg; |
2751 |
++ unsigned long timeout; |
2752 |
+ int ret; |
2753 |
+ |
2754 |
+ /* Wait for oscillator startup timer after power up */ |
2755 |
+@@ -640,10 +640,19 @@ static int mcp251x_hw_reset(struct spi_device *spi) |
2756 |
+ /* Wait for oscillator startup timer after reset */ |
2757 |
+ mdelay(MCP251X_OST_DELAY_MS); |
2758 |
+ |
2759 |
+- reg = mcp251x_read_reg(spi, CANSTAT); |
2760 |
+- if ((reg & CANCTRL_REQOP_MASK) != CANCTRL_REQOP_CONF) |
2761 |
+- return -ENODEV; |
2762 |
+- |
2763 |
++ /* Wait for reset to finish */ |
2764 |
++ timeout = jiffies + HZ; |
2765 |
++ while ((mcp251x_read_reg(spi, CANSTAT) & CANCTRL_REQOP_MASK) != |
2766 |
++ CANCTRL_REQOP_CONF) { |
2767 |
++ usleep_range(MCP251X_OST_DELAY_MS * 1000, |
2768 |
++ MCP251X_OST_DELAY_MS * 1000 * 2); |
2769 |
++ |
2770 |
++ if (time_after(jiffies, timeout)) { |
2771 |
++ dev_err(&spi->dev, |
2772 |
++ "MCP251x didn't enter in conf mode after reset\n"); |
2773 |
++ return -EBUSY; |
2774 |
++ } |
2775 |
++ } |
2776 |
+ return 0; |
2777 |
+ } |
2778 |
+ |
2779 |
+diff --git a/drivers/net/ethernet/netronome/nfp/flower/main.c b/drivers/net/ethernet/netronome/nfp/flower/main.c |
2780 |
+index 22c572a09b32..c19e88efe958 100644 |
2781 |
+--- a/drivers/net/ethernet/netronome/nfp/flower/main.c |
2782 |
++++ b/drivers/net/ethernet/netronome/nfp/flower/main.c |
2783 |
+@@ -272,6 +272,7 @@ nfp_flower_spawn_vnic_reprs(struct nfp_app *app, |
2784 |
+ port = nfp_port_alloc(app, port_type, repr); |
2785 |
+ if (IS_ERR(port)) { |
2786 |
+ err = PTR_ERR(port); |
2787 |
++ kfree(repr_priv); |
2788 |
+ nfp_repr_free(repr); |
2789 |
+ goto err_reprs_clean; |
2790 |
+ } |
2791 |
+diff --git a/drivers/net/ieee802154/atusb.c b/drivers/net/ieee802154/atusb.c |
2792 |
+index 4f684cbcdc57..078027bbe002 100644 |
2793 |
+--- a/drivers/net/ieee802154/atusb.c |
2794 |
++++ b/drivers/net/ieee802154/atusb.c |
2795 |
+@@ -1140,10 +1140,11 @@ static void atusb_disconnect(struct usb_interface *interface) |
2796 |
+ |
2797 |
+ ieee802154_unregister_hw(atusb->hw); |
2798 |
+ |
2799 |
++ usb_put_dev(atusb->usb_dev); |
2800 |
++ |
2801 |
+ ieee802154_free_hw(atusb->hw); |
2802 |
+ |
2803 |
+ usb_set_intfdata(interface, NULL); |
2804 |
+- usb_put_dev(atusb->usb_dev); |
2805 |
+ |
2806 |
+ pr_debug("%s done\n", __func__); |
2807 |
+ } |
2808 |
+diff --git a/drivers/ntb/test/ntb_perf.c b/drivers/ntb/test/ntb_perf.c |
2809 |
+index 2a9d6b0d1f19..80508da3c8b5 100644 |
2810 |
+--- a/drivers/ntb/test/ntb_perf.c |
2811 |
++++ b/drivers/ntb/test/ntb_perf.c |
2812 |
+@@ -1373,7 +1373,7 @@ static int perf_setup_peer_mw(struct perf_peer *peer) |
2813 |
+ int ret; |
2814 |
+ |
2815 |
+ /* Get outbound MW parameters and map it */ |
2816 |
+- ret = ntb_peer_mw_get_addr(perf->ntb, peer->gidx, &phys_addr, |
2817 |
++ ret = ntb_peer_mw_get_addr(perf->ntb, perf->gidx, &phys_addr, |
2818 |
+ &peer->outbuf_size); |
2819 |
+ if (ret) |
2820 |
+ return ret; |
2821 |
+diff --git a/drivers/nvdimm/bus.c b/drivers/nvdimm/bus.c |
2822 |
+index 2ba22cd1331b..54a633e8cb5d 100644 |
2823 |
+--- a/drivers/nvdimm/bus.c |
2824 |
++++ b/drivers/nvdimm/bus.c |
2825 |
+@@ -189,7 +189,7 @@ static int nvdimm_clear_badblocks_region(struct device *dev, void *data) |
2826 |
+ sector_t sector; |
2827 |
+ |
2828 |
+ /* make sure device is a region */ |
2829 |
+- if (!is_nd_pmem(dev)) |
2830 |
++ if (!is_memory(dev)) |
2831 |
+ return 0; |
2832 |
+ |
2833 |
+ nd_region = to_nd_region(dev); |
2834 |
+diff --git a/drivers/nvdimm/region.c b/drivers/nvdimm/region.c |
2835 |
+index f9130cc157e8..22224b21c34d 100644 |
2836 |
+--- a/drivers/nvdimm/region.c |
2837 |
++++ b/drivers/nvdimm/region.c |
2838 |
+@@ -42,7 +42,7 @@ static int nd_region_probe(struct device *dev) |
2839 |
+ if (rc) |
2840 |
+ return rc; |
2841 |
+ |
2842 |
+- if (is_nd_pmem(&nd_region->dev)) { |
2843 |
++ if (is_memory(&nd_region->dev)) { |
2844 |
+ struct resource ndr_res; |
2845 |
+ |
2846 |
+ if (devm_init_badblocks(dev, &nd_region->bb)) |
2847 |
+@@ -131,7 +131,7 @@ static void nd_region_notify(struct device *dev, enum nvdimm_event event) |
2848 |
+ struct nd_region *nd_region = to_nd_region(dev); |
2849 |
+ struct resource res; |
2850 |
+ |
2851 |
+- if (is_nd_pmem(&nd_region->dev)) { |
2852 |
++ if (is_memory(&nd_region->dev)) { |
2853 |
+ res.start = nd_region->ndr_start; |
2854 |
+ res.end = nd_region->ndr_start + |
2855 |
+ nd_region->ndr_size - 1; |
2856 |
+diff --git a/drivers/nvdimm/region_devs.c b/drivers/nvdimm/region_devs.c |
2857 |
+index 0303296e6d5b..609fc450522a 100644 |
2858 |
+--- a/drivers/nvdimm/region_devs.c |
2859 |
++++ b/drivers/nvdimm/region_devs.c |
2860 |
+@@ -633,11 +633,11 @@ static umode_t region_visible(struct kobject *kobj, struct attribute *a, int n) |
2861 |
+ if (!is_memory(dev) && a == &dev_attr_dax_seed.attr) |
2862 |
+ return 0; |
2863 |
+ |
2864 |
+- if (!is_nd_pmem(dev) && a == &dev_attr_badblocks.attr) |
2865 |
++ if (!is_memory(dev) && a == &dev_attr_badblocks.attr) |
2866 |
+ return 0; |
2867 |
+ |
2868 |
+ if (a == &dev_attr_resource.attr) { |
2869 |
+- if (is_nd_pmem(dev)) |
2870 |
++ if (is_memory(dev)) |
2871 |
+ return 0400; |
2872 |
+ else |
2873 |
+ return 0; |
2874 |
+diff --git a/drivers/pci/controller/vmd.c b/drivers/pci/controller/vmd.c |
2875 |
+index fd2dbd7eed7b..52d4fa4161dc 100644 |
2876 |
+--- a/drivers/pci/controller/vmd.c |
2877 |
++++ b/drivers/pci/controller/vmd.c |
2878 |
+@@ -31,6 +31,9 @@ |
2879 |
+ #define PCI_REG_VMLOCK 0x70 |
2880 |
+ #define MB2_SHADOW_EN(vmlock) (vmlock & 0x2) |
2881 |
+ |
2882 |
++#define MB2_SHADOW_OFFSET 0x2000 |
2883 |
++#define MB2_SHADOW_SIZE 16 |
2884 |
++ |
2885 |
+ enum vmd_features { |
2886 |
+ /* |
2887 |
+ * Device may contain registers which hint the physical location of the |
2888 |
+@@ -600,7 +603,7 @@ static int vmd_enable_domain(struct vmd_dev *vmd, unsigned long features) |
2889 |
+ u32 vmlock; |
2890 |
+ int ret; |
2891 |
+ |
2892 |
+- membar2_offset = 0x2018; |
2893 |
++ membar2_offset = MB2_SHADOW_OFFSET + MB2_SHADOW_SIZE; |
2894 |
+ ret = pci_read_config_dword(vmd->dev, PCI_REG_VMLOCK, &vmlock); |
2895 |
+ if (ret || vmlock == ~0) |
2896 |
+ return -ENODEV; |
2897 |
+@@ -612,9 +615,9 @@ static int vmd_enable_domain(struct vmd_dev *vmd, unsigned long features) |
2898 |
+ if (!membar2) |
2899 |
+ return -ENOMEM; |
2900 |
+ offset[0] = vmd->dev->resource[VMD_MEMBAR1].start - |
2901 |
+- readq(membar2 + 0x2008); |
2902 |
++ readq(membar2 + MB2_SHADOW_OFFSET); |
2903 |
+ offset[1] = vmd->dev->resource[VMD_MEMBAR2].start - |
2904 |
+- readq(membar2 + 0x2010); |
2905 |
++ readq(membar2 + MB2_SHADOW_OFFSET + 8); |
2906 |
+ pci_iounmap(vmd->dev, membar2); |
2907 |
+ } |
2908 |
+ } |
2909 |
+diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c |
2910 |
+index c65465385d8c..6384930a6749 100644 |
2911 |
+--- a/drivers/pci/pci.c |
2912 |
++++ b/drivers/pci/pci.c |
2913 |
+@@ -1366,7 +1366,7 @@ static void pci_restore_rebar_state(struct pci_dev *pdev) |
2914 |
+ pci_read_config_dword(pdev, pos + PCI_REBAR_CTRL, &ctrl); |
2915 |
+ bar_idx = ctrl & PCI_REBAR_CTRL_BAR_IDX; |
2916 |
+ res = pdev->resource + bar_idx; |
2917 |
+- size = order_base_2((resource_size(res) >> 20) | 1) - 1; |
2918 |
++ size = ilog2(resource_size(res)) - 20; |
2919 |
+ ctrl &= ~PCI_REBAR_CTRL_BAR_SIZE; |
2920 |
+ ctrl |= size << PCI_REBAR_CTRL_BAR_SHIFT; |
2921 |
+ pci_write_config_dword(pdev, pos + PCI_REBAR_CTRL, ctrl); |
2922 |
+diff --git a/drivers/power/supply/sbs-battery.c b/drivers/power/supply/sbs-battery.c |
2923 |
+index 8ba6abf584de..3958ee03eec1 100644 |
2924 |
+--- a/drivers/power/supply/sbs-battery.c |
2925 |
++++ b/drivers/power/supply/sbs-battery.c |
2926 |
+@@ -323,17 +323,22 @@ static int sbs_get_battery_presence_and_health( |
2927 |
+ { |
2928 |
+ int ret; |
2929 |
+ |
2930 |
+- if (psp == POWER_SUPPLY_PROP_PRESENT) { |
2931 |
+- /* Dummy command; if it succeeds, battery is present. */ |
2932 |
+- ret = sbs_read_word_data(client, sbs_data[REG_STATUS].addr); |
2933 |
+- if (ret < 0) |
2934 |
+- val->intval = 0; /* battery disconnected */ |
2935 |
+- else |
2936 |
+- val->intval = 1; /* battery present */ |
2937 |
+- } else { /* POWER_SUPPLY_PROP_HEALTH */ |
2938 |
++ /* Dummy command; if it succeeds, battery is present. */ |
2939 |
++ ret = sbs_read_word_data(client, sbs_data[REG_STATUS].addr); |
2940 |
++ |
2941 |
++ if (ret < 0) { /* battery not present*/ |
2942 |
++ if (psp == POWER_SUPPLY_PROP_PRESENT) { |
2943 |
++ val->intval = 0; |
2944 |
++ return 0; |
2945 |
++ } |
2946 |
++ return ret; |
2947 |
++ } |
2948 |
++ |
2949 |
++ if (psp == POWER_SUPPLY_PROP_PRESENT) |
2950 |
++ val->intval = 1; /* battery present */ |
2951 |
++ else /* POWER_SUPPLY_PROP_HEALTH */ |
2952 |
+ /* SBS spec doesn't have a general health command. */ |
2953 |
+ val->intval = POWER_SUPPLY_HEALTH_UNKNOWN; |
2954 |
+- } |
2955 |
+ |
2956 |
+ return 0; |
2957 |
+ } |
2958 |
+@@ -629,12 +634,14 @@ static int sbs_get_property(struct power_supply *psy, |
2959 |
+ switch (psp) { |
2960 |
+ case POWER_SUPPLY_PROP_PRESENT: |
2961 |
+ case POWER_SUPPLY_PROP_HEALTH: |
2962 |
+- if (client->flags & SBS_FLAGS_TI_BQ20Z75) |
2963 |
++ if (chip->flags & SBS_FLAGS_TI_BQ20Z75) |
2964 |
+ ret = sbs_get_ti_battery_presence_and_health(client, |
2965 |
+ psp, val); |
2966 |
+ else |
2967 |
+ ret = sbs_get_battery_presence_and_health(client, psp, |
2968 |
+ val); |
2969 |
++ |
2970 |
++ /* this can only be true if no gpio is used */ |
2971 |
+ if (psp == POWER_SUPPLY_PROP_PRESENT) |
2972 |
+ return 0; |
2973 |
+ break; |
2974 |
+diff --git a/drivers/pwm/pwm-stm32-lp.c b/drivers/pwm/pwm-stm32-lp.c |
2975 |
+index 0059b24cfdc3..28e1f6413476 100644 |
2976 |
+--- a/drivers/pwm/pwm-stm32-lp.c |
2977 |
++++ b/drivers/pwm/pwm-stm32-lp.c |
2978 |
+@@ -58,6 +58,12 @@ static int stm32_pwm_lp_apply(struct pwm_chip *chip, struct pwm_device *pwm, |
2979 |
+ /* Calculate the period and prescaler value */ |
2980 |
+ div = (unsigned long long)clk_get_rate(priv->clk) * state->period; |
2981 |
+ do_div(div, NSEC_PER_SEC); |
2982 |
++ if (!div) { |
2983 |
++ /* Clock is too slow to achieve requested period. */ |
2984 |
++ dev_dbg(priv->chip.dev, "Can't reach %u ns\n", state->period); |
2985 |
++ return -EINVAL; |
2986 |
++ } |
2987 |
++ |
2988 |
+ prd = div; |
2989 |
+ while (div > STM32_LPTIM_MAX_ARR) { |
2990 |
+ presc++; |
2991 |
+diff --git a/drivers/s390/cio/ccwgroup.c b/drivers/s390/cio/ccwgroup.c |
2992 |
+index 93b2862bd3fa..674d848e377c 100644 |
2993 |
+--- a/drivers/s390/cio/ccwgroup.c |
2994 |
++++ b/drivers/s390/cio/ccwgroup.c |
2995 |
+@@ -372,7 +372,7 @@ int ccwgroup_create_dev(struct device *parent, struct ccwgroup_driver *gdrv, |
2996 |
+ goto error; |
2997 |
+ } |
2998 |
+ /* Check for trailing stuff. */ |
2999 |
+- if (i == num_devices && strlen(buf) > 0) { |
3000 |
++ if (i == num_devices && buf && strlen(buf) > 0) { |
3001 |
+ rc = -EINVAL; |
3002 |
+ goto error; |
3003 |
+ } |
3004 |
+diff --git a/drivers/s390/cio/css.c b/drivers/s390/cio/css.c |
3005 |
+index aea502922646..df09ed53ab45 100644 |
3006 |
+--- a/drivers/s390/cio/css.c |
3007 |
++++ b/drivers/s390/cio/css.c |
3008 |
+@@ -1213,6 +1213,8 @@ device_initcall(cio_settle_init); |
3009 |
+ |
3010 |
+ int sch_is_pseudo_sch(struct subchannel *sch) |
3011 |
+ { |
3012 |
++ if (!sch->dev.parent) |
3013 |
++ return 0; |
3014 |
+ return sch == to_css(sch->dev.parent)->pseudo_subchannel; |
3015 |
+ } |
3016 |
+ |
3017 |
+diff --git a/drivers/staging/erofs/dir.c b/drivers/staging/erofs/dir.c |
3018 |
+index 0a089cf5c78f..fe6683effd05 100644 |
3019 |
+--- a/drivers/staging/erofs/dir.c |
3020 |
++++ b/drivers/staging/erofs/dir.c |
3021 |
+@@ -100,8 +100,15 @@ static int erofs_readdir(struct file *f, struct dir_context *ctx) |
3022 |
+ unsigned nameoff, maxsize; |
3023 |
+ |
3024 |
+ dentry_page = read_mapping_page(mapping, i, NULL); |
3025 |
+- if (IS_ERR(dentry_page)) |
3026 |
+- continue; |
3027 |
++ if (dentry_page == ERR_PTR(-ENOMEM)) { |
3028 |
++ err = -ENOMEM; |
3029 |
++ break; |
3030 |
++ } else if (IS_ERR(dentry_page)) { |
3031 |
++ errln("fail to readdir of logical block %u of nid %llu", |
3032 |
++ i, EROFS_V(dir)->nid); |
3033 |
++ err = PTR_ERR(dentry_page); |
3034 |
++ break; |
3035 |
++ } |
3036 |
+ |
3037 |
+ lock_page(dentry_page); |
3038 |
+ de = (struct erofs_dirent *)kmap(dentry_page); |
3039 |
+diff --git a/drivers/staging/erofs/unzip_vle.c b/drivers/staging/erofs/unzip_vle.c |
3040 |
+index ad6fe6d9d00a..0f1558c6747e 100644 |
3041 |
+--- a/drivers/staging/erofs/unzip_vle.c |
3042 |
++++ b/drivers/staging/erofs/unzip_vle.c |
3043 |
+@@ -311,7 +311,11 @@ z_erofs_vle_work_lookup(struct super_block *sb, |
3044 |
+ /* if multiref is disabled, `primary' is always true */ |
3045 |
+ primary = true; |
3046 |
+ |
3047 |
+- DBG_BUGON(work->pageofs != pageofs); |
3048 |
++ if (work->pageofs != pageofs) { |
3049 |
++ DBG_BUGON(1); |
3050 |
++ erofs_workgroup_put(egrp); |
3051 |
++ return ERR_PTR(-EIO); |
3052 |
++ } |
3053 |
+ |
3054 |
+ /* |
3055 |
+ * lock must be taken first to avoid grp->next == NIL between |
3056 |
+@@ -853,6 +857,7 @@ repeat: |
3057 |
+ for (i = 0; i < nr_pages; ++i) |
3058 |
+ pages[i] = NULL; |
3059 |
+ |
3060 |
++ err = 0; |
3061 |
+ z_erofs_pagevec_ctor_init(&ctor, |
3062 |
+ Z_EROFS_VLE_INLINE_PAGEVECS, work->pagevec, 0); |
3063 |
+ |
3064 |
+@@ -874,8 +879,17 @@ repeat: |
3065 |
+ pagenr = z_erofs_onlinepage_index(page); |
3066 |
+ |
3067 |
+ DBG_BUGON(pagenr >= nr_pages); |
3068 |
+- DBG_BUGON(pages[pagenr]); |
3069 |
+ |
3070 |
++ /* |
3071 |
++ * currently EROFS doesn't support multiref(dedup), |
3072 |
++ * so here erroring out one multiref page. |
3073 |
++ */ |
3074 |
++ if (pages[pagenr]) { |
3075 |
++ DBG_BUGON(1); |
3076 |
++ SetPageError(pages[pagenr]); |
3077 |
++ z_erofs_onlinepage_endio(pages[pagenr]); |
3078 |
++ err = -EIO; |
3079 |
++ } |
3080 |
+ pages[pagenr] = page; |
3081 |
+ } |
3082 |
+ sparsemem_pages = i; |
3083 |
+@@ -885,7 +899,6 @@ repeat: |
3084 |
+ overlapped = false; |
3085 |
+ compressed_pages = grp->compressed_pages; |
3086 |
+ |
3087 |
+- err = 0; |
3088 |
+ for (i = 0; i < clusterpages; ++i) { |
3089 |
+ unsigned pagenr; |
3090 |
+ |
3091 |
+@@ -911,7 +924,12 @@ repeat: |
3092 |
+ pagenr = z_erofs_onlinepage_index(page); |
3093 |
+ |
3094 |
+ DBG_BUGON(pagenr >= nr_pages); |
3095 |
+- DBG_BUGON(pages[pagenr]); |
3096 |
++ if (pages[pagenr]) { |
3097 |
++ DBG_BUGON(1); |
3098 |
++ SetPageError(pages[pagenr]); |
3099 |
++ z_erofs_onlinepage_endio(pages[pagenr]); |
3100 |
++ err = -EIO; |
3101 |
++ } |
3102 |
+ ++sparsemem_pages; |
3103 |
+ pages[pagenr] = page; |
3104 |
+ |
3105 |
+@@ -1335,19 +1353,18 @@ static int z_erofs_vle_normalaccess_readpage(struct file *file, |
3106 |
+ err = z_erofs_do_read_page(&f, page, &pagepool); |
3107 |
+ (void)z_erofs_vle_work_iter_end(&f.builder); |
3108 |
+ |
3109 |
+- if (err) { |
3110 |
++ /* if some compressed cluster ready, need submit them anyway */ |
3111 |
++ z_erofs_submit_and_unzip(&f, &pagepool, true); |
3112 |
++ |
3113 |
++ if (err) |
3114 |
+ errln("%s, failed to read, err [%d]", __func__, err); |
3115 |
+- goto out; |
3116 |
+- } |
3117 |
+ |
3118 |
+- z_erofs_submit_and_unzip(&f, &pagepool, true); |
3119 |
+-out: |
3120 |
+ if (f.m_iter.mpage != NULL) |
3121 |
+ put_page(f.m_iter.mpage); |
3122 |
+ |
3123 |
+ /* clean up the remaining free pages */ |
3124 |
+ put_pages_list(&pagepool); |
3125 |
+- return 0; |
3126 |
++ return err; |
3127 |
+ } |
3128 |
+ |
3129 |
+ static inline int __z_erofs_vle_normalaccess_readpages( |
3130 |
+diff --git a/drivers/thermal/thermal_core.c b/drivers/thermal/thermal_core.c |
3131 |
+index bf9721fc2824..be3eafc7682b 100644 |
3132 |
+--- a/drivers/thermal/thermal_core.c |
3133 |
++++ b/drivers/thermal/thermal_core.c |
3134 |
+@@ -296,7 +296,7 @@ static void thermal_zone_device_set_polling(struct thermal_zone_device *tz, |
3135 |
+ mod_delayed_work(system_freezable_wq, &tz->poll_queue, |
3136 |
+ msecs_to_jiffies(delay)); |
3137 |
+ else |
3138 |
+- cancel_delayed_work(&tz->poll_queue); |
3139 |
++ cancel_delayed_work_sync(&tz->poll_queue); |
3140 |
+ } |
3141 |
+ |
3142 |
+ static void monitor_thermal_zone(struct thermal_zone_device *tz) |
3143 |
+diff --git a/drivers/thermal/thermal_hwmon.c b/drivers/thermal/thermal_hwmon.c |
3144 |
+index 40c69a533b24..dd5d8ee37928 100644 |
3145 |
+--- a/drivers/thermal/thermal_hwmon.c |
3146 |
++++ b/drivers/thermal/thermal_hwmon.c |
3147 |
+@@ -87,13 +87,17 @@ static struct thermal_hwmon_device * |
3148 |
+ thermal_hwmon_lookup_by_type(const struct thermal_zone_device *tz) |
3149 |
+ { |
3150 |
+ struct thermal_hwmon_device *hwmon; |
3151 |
++ char type[THERMAL_NAME_LENGTH]; |
3152 |
+ |
3153 |
+ mutex_lock(&thermal_hwmon_list_lock); |
3154 |
+- list_for_each_entry(hwmon, &thermal_hwmon_list, node) |
3155 |
+- if (!strcmp(hwmon->type, tz->type)) { |
3156 |
++ list_for_each_entry(hwmon, &thermal_hwmon_list, node) { |
3157 |
++ strcpy(type, tz->type); |
3158 |
++ strreplace(type, '-', '_'); |
3159 |
++ if (!strcmp(hwmon->type, type)) { |
3160 |
+ mutex_unlock(&thermal_hwmon_list_lock); |
3161 |
+ return hwmon; |
3162 |
+ } |
3163 |
++ } |
3164 |
+ mutex_unlock(&thermal_hwmon_list_lock); |
3165 |
+ |
3166 |
+ return NULL; |
3167 |
+diff --git a/drivers/watchdog/aspeed_wdt.c b/drivers/watchdog/aspeed_wdt.c |
3168 |
+index 1abe4d021fd2..ffde179a9bb2 100644 |
3169 |
+--- a/drivers/watchdog/aspeed_wdt.c |
3170 |
++++ b/drivers/watchdog/aspeed_wdt.c |
3171 |
+@@ -38,6 +38,7 @@ static const struct aspeed_wdt_config ast2500_config = { |
3172 |
+ static const struct of_device_id aspeed_wdt_of_table[] = { |
3173 |
+ { .compatible = "aspeed,ast2400-wdt", .data = &ast2400_config }, |
3174 |
+ { .compatible = "aspeed,ast2500-wdt", .data = &ast2500_config }, |
3175 |
++ { .compatible = "aspeed,ast2600-wdt", .data = &ast2500_config }, |
3176 |
+ { }, |
3177 |
+ }; |
3178 |
+ MODULE_DEVICE_TABLE(of, aspeed_wdt_of_table); |
3179 |
+@@ -264,7 +265,8 @@ static int aspeed_wdt_probe(struct platform_device *pdev) |
3180 |
+ set_bit(WDOG_HW_RUNNING, &wdt->wdd.status); |
3181 |
+ } |
3182 |
+ |
3183 |
+- if (of_device_is_compatible(np, "aspeed,ast2500-wdt")) { |
3184 |
++ if ((of_device_is_compatible(np, "aspeed,ast2500-wdt")) || |
3185 |
++ (of_device_is_compatible(np, "aspeed,ast2600-wdt"))) { |
3186 |
+ u32 reg = readl(wdt->base + WDT_RESET_WIDTH); |
3187 |
+ |
3188 |
+ reg &= config->ext_pulse_width_mask; |
3189 |
+diff --git a/drivers/watchdog/imx2_wdt.c b/drivers/watchdog/imx2_wdt.c |
3190 |
+index 7e7bdcbbc741..9f3123b04536 100644 |
3191 |
+--- a/drivers/watchdog/imx2_wdt.c |
3192 |
++++ b/drivers/watchdog/imx2_wdt.c |
3193 |
+@@ -55,7 +55,7 @@ |
3194 |
+ |
3195 |
+ #define IMX2_WDT_WMCR 0x08 /* Misc Register */ |
3196 |
+ |
3197 |
+-#define IMX2_WDT_MAX_TIME 128 |
3198 |
++#define IMX2_WDT_MAX_TIME 128U |
3199 |
+ #define IMX2_WDT_DEFAULT_TIME 60 /* in seconds */ |
3200 |
+ |
3201 |
+ #define WDOG_SEC_TO_COUNT(s) ((s * 2 - 1) << 8) |
3202 |
+@@ -180,7 +180,7 @@ static int imx2_wdt_set_timeout(struct watchdog_device *wdog, |
3203 |
+ { |
3204 |
+ unsigned int actual; |
3205 |
+ |
3206 |
+- actual = min(new_timeout, wdog->max_hw_heartbeat_ms * 1000); |
3207 |
++ actual = min(new_timeout, IMX2_WDT_MAX_TIME); |
3208 |
+ __imx2_wdt_set_timeout(wdog, actual); |
3209 |
+ wdog->timeout = new_timeout; |
3210 |
+ return 0; |
3211 |
+diff --git a/drivers/xen/pci.c b/drivers/xen/pci.c |
3212 |
+index 7494dbeb4409..db58aaa4dc59 100644 |
3213 |
+--- a/drivers/xen/pci.c |
3214 |
++++ b/drivers/xen/pci.c |
3215 |
+@@ -29,6 +29,8 @@ |
3216 |
+ #include "../pci/pci.h" |
3217 |
+ #ifdef CONFIG_PCI_MMCONFIG |
3218 |
+ #include <asm/pci_x86.h> |
3219 |
++ |
3220 |
++static int xen_mcfg_late(void); |
3221 |
+ #endif |
3222 |
+ |
3223 |
+ static bool __read_mostly pci_seg_supported = true; |
3224 |
+@@ -40,7 +42,18 @@ static int xen_add_device(struct device *dev) |
3225 |
+ #ifdef CONFIG_PCI_IOV |
3226 |
+ struct pci_dev *physfn = pci_dev->physfn; |
3227 |
+ #endif |
3228 |
+- |
3229 |
++#ifdef CONFIG_PCI_MMCONFIG |
3230 |
++ static bool pci_mcfg_reserved = false; |
3231 |
++ /* |
3232 |
++ * Reserve MCFG areas in Xen on first invocation due to this being |
3233 |
++ * potentially called from inside of acpi_init immediately after |
3234 |
++ * MCFG table has been finally parsed. |
3235 |
++ */ |
3236 |
++ if (!pci_mcfg_reserved) { |
3237 |
++ xen_mcfg_late(); |
3238 |
++ pci_mcfg_reserved = true; |
3239 |
++ } |
3240 |
++#endif |
3241 |
+ if (pci_seg_supported) { |
3242 |
+ struct { |
3243 |
+ struct physdev_pci_device_add add; |
3244 |
+@@ -213,7 +226,7 @@ static int __init register_xen_pci_notifier(void) |
3245 |
+ arch_initcall(register_xen_pci_notifier); |
3246 |
+ |
3247 |
+ #ifdef CONFIG_PCI_MMCONFIG |
3248 |
+-static int __init xen_mcfg_late(void) |
3249 |
++static int xen_mcfg_late(void) |
3250 |
+ { |
3251 |
+ struct pci_mmcfg_region *cfg; |
3252 |
+ int rc; |
3253 |
+@@ -252,8 +265,4 @@ static int __init xen_mcfg_late(void) |
3254 |
+ } |
3255 |
+ return 0; |
3256 |
+ } |
3257 |
+-/* |
3258 |
+- * Needs to be done after acpi_init which are subsys_initcall. |
3259 |
+- */ |
3260 |
+-subsys_initcall_sync(xen_mcfg_late); |
3261 |
+ #endif |
3262 |
+diff --git a/drivers/xen/xenbus/xenbus_dev_frontend.c b/drivers/xen/xenbus/xenbus_dev_frontend.c |
3263 |
+index 39c63152a358..454c6826abdb 100644 |
3264 |
+--- a/drivers/xen/xenbus/xenbus_dev_frontend.c |
3265 |
++++ b/drivers/xen/xenbus/xenbus_dev_frontend.c |
3266 |
+@@ -55,6 +55,7 @@ |
3267 |
+ #include <linux/string.h> |
3268 |
+ #include <linux/slab.h> |
3269 |
+ #include <linux/miscdevice.h> |
3270 |
++#include <linux/workqueue.h> |
3271 |
+ |
3272 |
+ #include <xen/xenbus.h> |
3273 |
+ #include <xen/xen.h> |
3274 |
+@@ -116,6 +117,8 @@ struct xenbus_file_priv { |
3275 |
+ wait_queue_head_t read_waitq; |
3276 |
+ |
3277 |
+ struct kref kref; |
3278 |
++ |
3279 |
++ struct work_struct wq; |
3280 |
+ }; |
3281 |
+ |
3282 |
+ /* Read out any raw xenbus messages queued up. */ |
3283 |
+@@ -300,14 +303,14 @@ static void watch_fired(struct xenbus_watch *watch, |
3284 |
+ mutex_unlock(&adap->dev_data->reply_mutex); |
3285 |
+ } |
3286 |
+ |
3287 |
+-static void xenbus_file_free(struct kref *kref) |
3288 |
++static void xenbus_worker(struct work_struct *wq) |
3289 |
+ { |
3290 |
+ struct xenbus_file_priv *u; |
3291 |
+ struct xenbus_transaction_holder *trans, *tmp; |
3292 |
+ struct watch_adapter *watch, *tmp_watch; |
3293 |
+ struct read_buffer *rb, *tmp_rb; |
3294 |
+ |
3295 |
+- u = container_of(kref, struct xenbus_file_priv, kref); |
3296 |
++ u = container_of(wq, struct xenbus_file_priv, wq); |
3297 |
+ |
3298 |
+ /* |
3299 |
+ * No need for locking here because there are no other users, |
3300 |
+@@ -333,6 +336,18 @@ static void xenbus_file_free(struct kref *kref) |
3301 |
+ kfree(u); |
3302 |
+ } |
3303 |
+ |
3304 |
++static void xenbus_file_free(struct kref *kref) |
3305 |
++{ |
3306 |
++ struct xenbus_file_priv *u; |
3307 |
++ |
3308 |
++ /* |
3309 |
++ * We might be called in xenbus_thread(). |
3310 |
++ * Use workqueue to avoid deadlock. |
3311 |
++ */ |
3312 |
++ u = container_of(kref, struct xenbus_file_priv, kref); |
3313 |
++ schedule_work(&u->wq); |
3314 |
++} |
3315 |
++ |
3316 |
+ static struct xenbus_transaction_holder *xenbus_get_transaction( |
3317 |
+ struct xenbus_file_priv *u, uint32_t tx_id) |
3318 |
+ { |
3319 |
+@@ -652,6 +667,7 @@ static int xenbus_file_open(struct inode *inode, struct file *filp) |
3320 |
+ INIT_LIST_HEAD(&u->watches); |
3321 |
+ INIT_LIST_HEAD(&u->read_buffers); |
3322 |
+ init_waitqueue_head(&u->read_waitq); |
3323 |
++ INIT_WORK(&u->wq, xenbus_worker); |
3324 |
+ |
3325 |
+ mutex_init(&u->reply_mutex); |
3326 |
+ mutex_init(&u->msgbuffer_mutex); |
3327 |
+diff --git a/fs/9p/vfs_file.c b/fs/9p/vfs_file.c |
3328 |
+index 05454a7e22dc..550d0b169d7c 100644 |
3329 |
+--- a/fs/9p/vfs_file.c |
3330 |
++++ b/fs/9p/vfs_file.c |
3331 |
+@@ -528,6 +528,7 @@ v9fs_mmap_file_mmap(struct file *filp, struct vm_area_struct *vma) |
3332 |
+ v9inode = V9FS_I(inode); |
3333 |
+ mutex_lock(&v9inode->v_mutex); |
3334 |
+ if (!v9inode->writeback_fid && |
3335 |
++ (vma->vm_flags & VM_SHARED) && |
3336 |
+ (vma->vm_flags & VM_WRITE)) { |
3337 |
+ /* |
3338 |
+ * clone a fid and add it to writeback_fid |
3339 |
+@@ -629,6 +630,8 @@ static void v9fs_mmap_vm_close(struct vm_area_struct *vma) |
3340 |
+ (vma->vm_end - vma->vm_start - 1), |
3341 |
+ }; |
3342 |
+ |
3343 |
++ if (!(vma->vm_flags & VM_SHARED)) |
3344 |
++ return; |
3345 |
+ |
3346 |
+ p9_debug(P9_DEBUG_VFS, "9p VMA close, %p, flushing", vma); |
3347 |
+ |
3348 |
+diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c |
3349 |
+index c06845237cba..8196c21d8623 100644 |
3350 |
+--- a/fs/ceph/inode.c |
3351 |
++++ b/fs/ceph/inode.c |
3352 |
+@@ -807,7 +807,12 @@ static int fill_inode(struct inode *inode, struct page *locked_page, |
3353 |
+ |
3354 |
+ /* update inode */ |
3355 |
+ inode->i_rdev = le32_to_cpu(info->rdev); |
3356 |
+- inode->i_blkbits = fls(le32_to_cpu(info->layout.fl_stripe_unit)) - 1; |
3357 |
++ /* directories have fl_stripe_unit set to zero */ |
3358 |
++ if (le32_to_cpu(info->layout.fl_stripe_unit)) |
3359 |
++ inode->i_blkbits = |
3360 |
++ fls(le32_to_cpu(info->layout.fl_stripe_unit)) - 1; |
3361 |
++ else |
3362 |
++ inode->i_blkbits = CEPH_BLOCK_SHIFT; |
3363 |
+ |
3364 |
+ __ceph_update_quota(ci, iinfo->max_bytes, iinfo->max_files); |
3365 |
+ |
3366 |
+diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c |
3367 |
+index bfcf11c70bfa..09db6d08614d 100644 |
3368 |
+--- a/fs/ceph/mds_client.c |
3369 |
++++ b/fs/ceph/mds_client.c |
3370 |
+@@ -3640,7 +3640,9 @@ static void delayed_work(struct work_struct *work) |
3371 |
+ pr_info("mds%d hung\n", s->s_mds); |
3372 |
+ } |
3373 |
+ } |
3374 |
+- if (s->s_state < CEPH_MDS_SESSION_OPEN) { |
3375 |
++ if (s->s_state == CEPH_MDS_SESSION_NEW || |
3376 |
++ s->s_state == CEPH_MDS_SESSION_RESTARTING || |
3377 |
++ s->s_state == CEPH_MDS_SESSION_REJECTED) { |
3378 |
+ /* this mds is failed or recovering, just wait */ |
3379 |
+ ceph_put_mds_session(s); |
3380 |
+ continue; |
3381 |
+diff --git a/fs/fuse/cuse.c b/fs/fuse/cuse.c |
3382 |
+index 8f68181256c0..f057c213c453 100644 |
3383 |
+--- a/fs/fuse/cuse.c |
3384 |
++++ b/fs/fuse/cuse.c |
3385 |
+@@ -518,6 +518,7 @@ static int cuse_channel_open(struct inode *inode, struct file *file) |
3386 |
+ rc = cuse_send_init(cc); |
3387 |
+ if (rc) { |
3388 |
+ fuse_dev_free(fud); |
3389 |
++ fuse_conn_put(&cc->fc); |
3390 |
+ return rc; |
3391 |
+ } |
3392 |
+ file->private_data = fud; |
3393 |
+diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c |
3394 |
+index b7bde12d8cd5..1c0227c78a7b 100644 |
3395 |
+--- a/fs/nfs/nfs4xdr.c |
3396 |
++++ b/fs/nfs/nfs4xdr.c |
3397 |
+@@ -1171,7 +1171,7 @@ static void encode_attrs(struct xdr_stream *xdr, const struct iattr *iap, |
3398 |
+ } else |
3399 |
+ *p++ = cpu_to_be32(NFS4_SET_TO_SERVER_TIME); |
3400 |
+ } |
3401 |
+- if (bmval[2] & FATTR4_WORD2_SECURITY_LABEL) { |
3402 |
++ if (label && (bmval[2] & FATTR4_WORD2_SECURITY_LABEL)) { |
3403 |
+ *p++ = cpu_to_be32(label->lfs); |
3404 |
+ *p++ = cpu_to_be32(label->pi); |
3405 |
+ *p++ = cpu_to_be32(label->len); |
3406 |
+diff --git a/fs/nfs/pnfs.c b/fs/nfs/pnfs.c |
3407 |
+index 4931c3a75f03..c818f9886f61 100644 |
3408 |
+--- a/fs/nfs/pnfs.c |
3409 |
++++ b/fs/nfs/pnfs.c |
3410 |
+@@ -1426,10 +1426,15 @@ void pnfs_roc_release(struct nfs4_layoutreturn_args *args, |
3411 |
+ const nfs4_stateid *res_stateid = NULL; |
3412 |
+ struct nfs4_xdr_opaque_data *ld_private = args->ld_private; |
3413 |
+ |
3414 |
+- if (ret == 0) { |
3415 |
+- arg_stateid = &args->stateid; |
3416 |
++ switch (ret) { |
3417 |
++ case -NFS4ERR_NOMATCHING_LAYOUT: |
3418 |
++ break; |
3419 |
++ case 0: |
3420 |
+ if (res->lrs_present) |
3421 |
+ res_stateid = &res->stateid; |
3422 |
++ /* Fallthrough */ |
3423 |
++ default: |
3424 |
++ arg_stateid = &args->stateid; |
3425 |
+ } |
3426 |
+ pnfs_layoutreturn_free_lsegs(lo, arg_stateid, &args->range, |
3427 |
+ res_stateid); |
3428 |
+diff --git a/fs/statfs.c b/fs/statfs.c |
3429 |
+index f0216629621d..56f655f757ff 100644 |
3430 |
+--- a/fs/statfs.c |
3431 |
++++ b/fs/statfs.c |
3432 |
+@@ -304,19 +304,10 @@ COMPAT_SYSCALL_DEFINE2(fstatfs, unsigned int, fd, struct compat_statfs __user *, |
3433 |
+ static int put_compat_statfs64(struct compat_statfs64 __user *ubuf, struct kstatfs *kbuf) |
3434 |
+ { |
3435 |
+ struct compat_statfs64 buf; |
3436 |
+- if (sizeof(ubuf->f_bsize) == 4) { |
3437 |
+- if ((kbuf->f_type | kbuf->f_bsize | kbuf->f_namelen | |
3438 |
+- kbuf->f_frsize | kbuf->f_flags) & 0xffffffff00000000ULL) |
3439 |
+- return -EOVERFLOW; |
3440 |
+- /* f_files and f_ffree may be -1; it's okay |
3441 |
+- * to stuff that into 32 bits */ |
3442 |
+- if (kbuf->f_files != 0xffffffffffffffffULL |
3443 |
+- && (kbuf->f_files & 0xffffffff00000000ULL)) |
3444 |
+- return -EOVERFLOW; |
3445 |
+- if (kbuf->f_ffree != 0xffffffffffffffffULL |
3446 |
+- && (kbuf->f_ffree & 0xffffffff00000000ULL)) |
3447 |
+- return -EOVERFLOW; |
3448 |
+- } |
3449 |
++ |
3450 |
++ if ((kbuf->f_bsize | kbuf->f_frsize) & 0xffffffff00000000ULL) |
3451 |
++ return -EOVERFLOW; |
3452 |
++ |
3453 |
+ memset(&buf, 0, sizeof(struct compat_statfs64)); |
3454 |
+ buf.f_type = kbuf->f_type; |
3455 |
+ buf.f_bsize = kbuf->f_bsize; |
3456 |
+diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h |
3457 |
+index 9c03a7d5e400..c83478271c2e 100644 |
3458 |
+--- a/include/linux/ieee80211.h |
3459 |
++++ b/include/linux/ieee80211.h |
3460 |
+@@ -3185,4 +3185,57 @@ static inline bool ieee80211_action_contains_tpc(struct sk_buff *skb) |
3461 |
+ return true; |
3462 |
+ } |
3463 |
+ |
3464 |
++struct element { |
3465 |
++ u8 id; |
3466 |
++ u8 datalen; |
3467 |
++ u8 data[]; |
3468 |
++} __packed; |
3469 |
++ |
3470 |
++/* element iteration helpers */ |
3471 |
++#define for_each_element(_elem, _data, _datalen) \ |
3472 |
++ for (_elem = (const struct element *)(_data); \ |
3473 |
++ (const u8 *)(_data) + (_datalen) - (const u8 *)_elem >= \ |
3474 |
++ (int)sizeof(*_elem) && \ |
3475 |
++ (const u8 *)(_data) + (_datalen) - (const u8 *)_elem >= \ |
3476 |
++ (int)sizeof(*_elem) + _elem->datalen; \ |
3477 |
++ _elem = (const struct element *)(_elem->data + _elem->datalen)) |
3478 |
++ |
3479 |
++#define for_each_element_id(element, _id, data, datalen) \ |
3480 |
++ for_each_element(element, data, datalen) \ |
3481 |
++ if (element->id == (_id)) |
3482 |
++ |
3483 |
++#define for_each_element_extid(element, extid, data, datalen) \ |
3484 |
++ for_each_element(element, data, datalen) \ |
3485 |
++ if (element->id == WLAN_EID_EXTENSION && \ |
3486 |
++ element->datalen > 0 && \ |
3487 |
++ element->data[0] == (extid)) |
3488 |
++ |
3489 |
++#define for_each_subelement(sub, element) \ |
3490 |
++ for_each_element(sub, (element)->data, (element)->datalen) |
3491 |
++ |
3492 |
++#define for_each_subelement_id(sub, id, element) \ |
3493 |
++ for_each_element_id(sub, id, (element)->data, (element)->datalen) |
3494 |
++ |
3495 |
++#define for_each_subelement_extid(sub, extid, element) \ |
3496 |
++ for_each_element_extid(sub, extid, (element)->data, (element)->datalen) |
3497 |
++ |
3498 |
++/** |
3499 |
++ * for_each_element_completed - determine if element parsing consumed all data |
3500 |
++ * @element: element pointer after for_each_element() or friends |
3501 |
++ * @data: same data pointer as passed to for_each_element() or friends |
3502 |
++ * @datalen: same data length as passed to for_each_element() or friends |
3503 |
++ * |
3504 |
++ * This function returns %true if all the data was parsed or considered |
3505 |
++ * while walking the elements. Only use this if your for_each_element() |
3506 |
++ * loop cannot be broken out of, otherwise it always returns %false. |
3507 |
++ * |
3508 |
++ * If some data was malformed, this returns %false since the last parsed |
3509 |
++ * element will not fill the whole remaining data. |
3510 |
++ */ |
3511 |
++static inline bool for_each_element_completed(const struct element *element, |
3512 |
++ const void *data, size_t datalen) |
3513 |
++{ |
3514 |
++ return (const u8 *)element == (const u8 *)data + datalen; |
3515 |
++} |
3516 |
++ |
3517 |
+ #endif /* LINUX_IEEE80211_H */ |
3518 |
+diff --git a/include/linux/sched/mm.h b/include/linux/sched/mm.h |
3519 |
+index 0d10b7ce0da7..e9d4e389aed9 100644 |
3520 |
+--- a/include/linux/sched/mm.h |
3521 |
++++ b/include/linux/sched/mm.h |
3522 |
+@@ -330,6 +330,8 @@ enum { |
3523 |
+ |
3524 |
+ static inline void membarrier_mm_sync_core_before_usermode(struct mm_struct *mm) |
3525 |
+ { |
3526 |
++ if (current->mm != mm) |
3527 |
++ return; |
3528 |
+ if (likely(!(atomic_read(&mm->membarrier_state) & |
3529 |
+ MEMBARRIER_STATE_PRIVATE_EXPEDITED_SYNC_CORE))) |
3530 |
+ return; |
3531 |
+diff --git a/include/sound/soc-dapm.h b/include/sound/soc-dapm.h |
3532 |
+index fdaaafdc7a00..5165e3b30899 100644 |
3533 |
+--- a/include/sound/soc-dapm.h |
3534 |
++++ b/include/sound/soc-dapm.h |
3535 |
+@@ -353,6 +353,8 @@ struct device; |
3536 |
+ #define SND_SOC_DAPM_WILL_PMD 0x80 /* called at start of sequence */ |
3537 |
+ #define SND_SOC_DAPM_PRE_POST_PMD \ |
3538 |
+ (SND_SOC_DAPM_PRE_PMD | SND_SOC_DAPM_POST_PMD) |
3539 |
++#define SND_SOC_DAPM_PRE_POST_PMU \ |
3540 |
++ (SND_SOC_DAPM_PRE_PMU | SND_SOC_DAPM_POST_PMU) |
3541 |
+ |
3542 |
+ /* convenience event type detection */ |
3543 |
+ #define SND_SOC_DAPM_EVENT_ON(e) \ |
3544 |
+diff --git a/kernel/elfcore.c b/kernel/elfcore.c |
3545 |
+index fc482c8e0bd8..57fb4dcff434 100644 |
3546 |
+--- a/kernel/elfcore.c |
3547 |
++++ b/kernel/elfcore.c |
3548 |
+@@ -3,6 +3,7 @@ |
3549 |
+ #include <linux/fs.h> |
3550 |
+ #include <linux/mm.h> |
3551 |
+ #include <linux/binfmts.h> |
3552 |
++#include <linux/elfcore.h> |
3553 |
+ |
3554 |
+ Elf_Half __weak elf_core_extra_phdrs(void) |
3555 |
+ { |
3556 |
+diff --git a/kernel/locking/qspinlock_paravirt.h b/kernel/locking/qspinlock_paravirt.h |
3557 |
+index 5a0cf5f9008c..82104d3dd18e 100644 |
3558 |
+--- a/kernel/locking/qspinlock_paravirt.h |
3559 |
++++ b/kernel/locking/qspinlock_paravirt.h |
3560 |
+@@ -271,7 +271,7 @@ pv_wait_early(struct pv_node *prev, int loop) |
3561 |
+ if ((loop & PV_PREV_CHECK_MASK) != 0) |
3562 |
+ return false; |
3563 |
+ |
3564 |
+- return READ_ONCE(prev->state) != vcpu_running || vcpu_is_preempted(prev->cpu); |
3565 |
++ return READ_ONCE(prev->state) != vcpu_running; |
3566 |
+ } |
3567 |
+ |
3568 |
+ /* |
3569 |
+diff --git a/kernel/sched/core.c b/kernel/sched/core.c |
3570 |
+index f4e050681ba1..78ecdfae25b6 100644 |
3571 |
+--- a/kernel/sched/core.c |
3572 |
++++ b/kernel/sched/core.c |
3573 |
+@@ -1077,7 +1077,8 @@ static int __set_cpus_allowed_ptr(struct task_struct *p, |
3574 |
+ if (cpumask_equal(&p->cpus_allowed, new_mask)) |
3575 |
+ goto out; |
3576 |
+ |
3577 |
+- if (!cpumask_intersects(new_mask, cpu_valid_mask)) { |
3578 |
++ dest_cpu = cpumask_any_and(cpu_valid_mask, new_mask); |
3579 |
++ if (dest_cpu >= nr_cpu_ids) { |
3580 |
+ ret = -EINVAL; |
3581 |
+ goto out; |
3582 |
+ } |
3583 |
+@@ -1098,7 +1099,6 @@ static int __set_cpus_allowed_ptr(struct task_struct *p, |
3584 |
+ if (cpumask_test_cpu(task_cpu(p), new_mask)) |
3585 |
+ goto out; |
3586 |
+ |
3587 |
+- dest_cpu = cpumask_any_and(cpu_valid_mask, new_mask); |
3588 |
+ if (task_running(rq, p) || p->state == TASK_WAKING) { |
3589 |
+ struct migration_arg arg = { p, dest_cpu }; |
3590 |
+ /* Need help from migration thread: drop lock and wait. */ |
3591 |
+diff --git a/kernel/sched/membarrier.c b/kernel/sched/membarrier.c |
3592 |
+index 76e0eaf4654e..dd27e632b1ba 100644 |
3593 |
+--- a/kernel/sched/membarrier.c |
3594 |
++++ b/kernel/sched/membarrier.c |
3595 |
+@@ -235,7 +235,7 @@ static int membarrier_register_private_expedited(int flags) |
3596 |
+ * groups, which use the same mm. (CLONE_VM but not |
3597 |
+ * CLONE_THREAD). |
3598 |
+ */ |
3599 |
+- if (atomic_read(&mm->membarrier_state) & state) |
3600 |
++ if ((atomic_read(&mm->membarrier_state) & state) == state) |
3601 |
+ return 0; |
3602 |
+ atomic_or(MEMBARRIER_STATE_PRIVATE_EXPEDITED, &mm->membarrier_state); |
3603 |
+ if (flags & MEMBARRIER_FLAG_SYNC_CORE) |
3604 |
+diff --git a/kernel/time/tick-broadcast-hrtimer.c b/kernel/time/tick-broadcast-hrtimer.c |
3605 |
+index a59641fb88b6..a836efd34589 100644 |
3606 |
+--- a/kernel/time/tick-broadcast-hrtimer.c |
3607 |
++++ b/kernel/time/tick-broadcast-hrtimer.c |
3608 |
+@@ -44,34 +44,39 @@ static int bc_shutdown(struct clock_event_device *evt) |
3609 |
+ */ |
3610 |
+ static int bc_set_next(ktime_t expires, struct clock_event_device *bc) |
3611 |
+ { |
3612 |
+- int bc_moved; |
3613 |
+ /* |
3614 |
+- * We try to cancel the timer first. If the callback is on |
3615 |
+- * flight on some other cpu then we let it handle it. If we |
3616 |
+- * were able to cancel the timer nothing can rearm it as we |
3617 |
+- * own broadcast_lock. |
3618 |
++ * This is called either from enter/exit idle code or from the |
3619 |
++ * broadcast handler. In all cases tick_broadcast_lock is held. |
3620 |
+ * |
3621 |
+- * However we can also be called from the event handler of |
3622 |
+- * ce_broadcast_hrtimer itself when it expires. We cannot |
3623 |
+- * restart the timer because we are in the callback, but we |
3624 |
+- * can set the expiry time and let the callback return |
3625 |
+- * HRTIMER_RESTART. |
3626 |
++ * hrtimer_cancel() cannot be called here neither from the |
3627 |
++ * broadcast handler nor from the enter/exit idle code. The idle |
3628 |
++ * code can run into the problem described in bc_shutdown() and the |
3629 |
++ * broadcast handler cannot wait for itself to complete for obvious |
3630 |
++ * reasons. |
3631 |
+ * |
3632 |
+- * Since we are in the idle loop at this point and because |
3633 |
+- * hrtimer_{start/cancel} functions call into tracing, |
3634 |
+- * calls to these functions must be bound within RCU_NONIDLE. |
3635 |
++ * Each caller tries to arm the hrtimer on its own CPU, but if the |
3636 |
++ * hrtimer callbback function is currently running, then |
3637 |
++ * hrtimer_start() cannot move it and the timer stays on the CPU on |
3638 |
++ * which it is assigned at the moment. |
3639 |
++ * |
3640 |
++ * As this can be called from idle code, the hrtimer_start() |
3641 |
++ * invocation has to be wrapped with RCU_NONIDLE() as |
3642 |
++ * hrtimer_start() can call into tracing. |
3643 |
+ */ |
3644 |
+- RCU_NONIDLE({ |
3645 |
+- bc_moved = hrtimer_try_to_cancel(&bctimer) >= 0; |
3646 |
+- if (bc_moved) |
3647 |
+- hrtimer_start(&bctimer, expires, |
3648 |
+- HRTIMER_MODE_ABS_PINNED);}); |
3649 |
+- if (bc_moved) { |
3650 |
+- /* Bind the "device" to the cpu */ |
3651 |
+- bc->bound_on = smp_processor_id(); |
3652 |
+- } else if (bc->bound_on == smp_processor_id()) { |
3653 |
+- hrtimer_set_expires(&bctimer, expires); |
3654 |
+- } |
3655 |
++ RCU_NONIDLE( { |
3656 |
++ hrtimer_start(&bctimer, expires, HRTIMER_MODE_ABS_PINNED); |
3657 |
++ /* |
3658 |
++ * The core tick broadcast mode expects bc->bound_on to be set |
3659 |
++ * correctly to prevent a CPU which has the broadcast hrtimer |
3660 |
++ * armed from going deep idle. |
3661 |
++ * |
3662 |
++ * As tick_broadcast_lock is held, nothing can change the cpu |
3663 |
++ * base which was just established in hrtimer_start() above. So |
3664 |
++ * the below access is safe even without holding the hrtimer |
3665 |
++ * base lock. |
3666 |
++ */ |
3667 |
++ bc->bound_on = bctimer.base->cpu_base->cpu; |
3668 |
++ } ); |
3669 |
+ return 0; |
3670 |
+ } |
3671 |
+ |
3672 |
+@@ -97,10 +102,6 @@ static enum hrtimer_restart bc_handler(struct hrtimer *t) |
3673 |
+ { |
3674 |
+ ce_broadcast_hrtimer.event_handler(&ce_broadcast_hrtimer); |
3675 |
+ |
3676 |
+- if (clockevent_state_oneshot(&ce_broadcast_hrtimer)) |
3677 |
+- if (ce_broadcast_hrtimer.next_event != KTIME_MAX) |
3678 |
+- return HRTIMER_RESTART; |
3679 |
+- |
3680 |
+ return HRTIMER_NORESTART; |
3681 |
+ } |
3682 |
+ |
3683 |
+diff --git a/kernel/time/timer.c b/kernel/time/timer.c |
3684 |
+index fa49cd753dea..ae64cb819a9a 100644 |
3685 |
+--- a/kernel/time/timer.c |
3686 |
++++ b/kernel/time/timer.c |
3687 |
+@@ -1590,24 +1590,26 @@ void timer_clear_idle(void) |
3688 |
+ static int collect_expired_timers(struct timer_base *base, |
3689 |
+ struct hlist_head *heads) |
3690 |
+ { |
3691 |
++ unsigned long now = READ_ONCE(jiffies); |
3692 |
++ |
3693 |
+ /* |
3694 |
+ * NOHZ optimization. After a long idle sleep we need to forward the |
3695 |
+ * base to current jiffies. Avoid a loop by searching the bitfield for |
3696 |
+ * the next expiring timer. |
3697 |
+ */ |
3698 |
+- if ((long)(jiffies - base->clk) > 2) { |
3699 |
++ if ((long)(now - base->clk) > 2) { |
3700 |
+ unsigned long next = __next_timer_interrupt(base); |
3701 |
+ |
3702 |
+ /* |
3703 |
+ * If the next timer is ahead of time forward to current |
3704 |
+ * jiffies, otherwise forward to the next expiry time: |
3705 |
+ */ |
3706 |
+- if (time_after(next, jiffies)) { |
3707 |
++ if (time_after(next, now)) { |
3708 |
+ /* |
3709 |
+ * The call site will increment base->clk and then |
3710 |
+ * terminate the expiry loop immediately. |
3711 |
+ */ |
3712 |
+- base->clk = jiffies; |
3713 |
++ base->clk = now; |
3714 |
+ return 0; |
3715 |
+ } |
3716 |
+ base->clk = next; |
3717 |
+diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c |
3718 |
+index 3f34cfb66a85..bdf104596d12 100644 |
3719 |
+--- a/kernel/trace/trace_events_hist.c |
3720 |
++++ b/kernel/trace/trace_events_hist.c |
3721 |
+@@ -2526,6 +2526,8 @@ static struct hist_field *create_alias(struct hist_trigger_data *hist_data, |
3722 |
+ return NULL; |
3723 |
+ } |
3724 |
+ |
3725 |
++ alias->var_ref_idx = var_ref->var_ref_idx; |
3726 |
++ |
3727 |
+ return alias; |
3728 |
+ } |
3729 |
+ |
3730 |
+diff --git a/mm/usercopy.c b/mm/usercopy.c |
3731 |
+index 51411f9c4068..e81d11715d95 100644 |
3732 |
+--- a/mm/usercopy.c |
3733 |
++++ b/mm/usercopy.c |
3734 |
+@@ -15,6 +15,7 @@ |
3735 |
+ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt |
3736 |
+ |
3737 |
+ #include <linux/mm.h> |
3738 |
++#include <linux/highmem.h> |
3739 |
+ #include <linux/slab.h> |
3740 |
+ #include <linux/sched.h> |
3741 |
+ #include <linux/sched/task.h> |
3742 |
+@@ -231,7 +232,12 @@ static inline void check_heap_object(const void *ptr, unsigned long n, |
3743 |
+ if (!virt_addr_valid(ptr)) |
3744 |
+ return; |
3745 |
+ |
3746 |
+- page = virt_to_head_page(ptr); |
3747 |
++ /* |
3748 |
++ * When CONFIG_HIGHMEM=y, kmap_to_page() will give either the |
3749 |
++ * highmem page or fallback to virt_to_page(). The following |
3750 |
++ * is effectively a highmem-aware virt_to_head_page(). |
3751 |
++ */ |
3752 |
++ page = compound_head(kmap_to_page((void *)ptr)); |
3753 |
+ |
3754 |
+ if (PageSlab(page)) { |
3755 |
+ /* Check slab allocator for flags and size. */ |
3756 |
+diff --git a/net/9p/client.c b/net/9p/client.c |
3757 |
+index b615aae5a0f8..d62f83f93d7b 100644 |
3758 |
+--- a/net/9p/client.c |
3759 |
++++ b/net/9p/client.c |
3760 |
+@@ -296,6 +296,7 @@ p9_tag_alloc(struct p9_client *c, int8_t type, unsigned int max_size) |
3761 |
+ |
3762 |
+ p9pdu_reset(&req->tc); |
3763 |
+ p9pdu_reset(&req->rc); |
3764 |
++ req->t_err = 0; |
3765 |
+ req->status = REQ_STATUS_ALLOC; |
3766 |
+ init_waitqueue_head(&req->wq); |
3767 |
+ INIT_LIST_HEAD(&req->req_list); |
3768 |
+diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c |
3769 |
+index 2145581d7b3d..24fddf032279 100644 |
3770 |
+--- a/net/netfilter/nf_tables_api.c |
3771 |
++++ b/net/netfilter/nf_tables_api.c |
3772 |
+@@ -3429,8 +3429,11 @@ static int nf_tables_newset(struct net *net, struct sock *nlsk, |
3773 |
+ NFT_SET_OBJECT)) |
3774 |
+ return -EINVAL; |
3775 |
+ /* Only one of these operations is supported */ |
3776 |
+- if ((flags & (NFT_SET_MAP | NFT_SET_EVAL | NFT_SET_OBJECT)) == |
3777 |
+- (NFT_SET_MAP | NFT_SET_EVAL | NFT_SET_OBJECT)) |
3778 |
++ if ((flags & (NFT_SET_MAP | NFT_SET_OBJECT)) == |
3779 |
++ (NFT_SET_MAP | NFT_SET_OBJECT)) |
3780 |
++ return -EOPNOTSUPP; |
3781 |
++ if ((flags & (NFT_SET_EVAL | NFT_SET_OBJECT)) == |
3782 |
++ (NFT_SET_EVAL | NFT_SET_OBJECT)) |
3783 |
+ return -EOPNOTSUPP; |
3784 |
+ } |
3785 |
+ |
3786 |
+diff --git a/net/netfilter/nft_lookup.c b/net/netfilter/nft_lookup.c |
3787 |
+index 161c3451a747..55754d9939b5 100644 |
3788 |
+--- a/net/netfilter/nft_lookup.c |
3789 |
++++ b/net/netfilter/nft_lookup.c |
3790 |
+@@ -76,9 +76,6 @@ static int nft_lookup_init(const struct nft_ctx *ctx, |
3791 |
+ if (IS_ERR(set)) |
3792 |
+ return PTR_ERR(set); |
3793 |
+ |
3794 |
+- if (set->flags & NFT_SET_EVAL) |
3795 |
+- return -EOPNOTSUPP; |
3796 |
+- |
3797 |
+ priv->sreg = nft_parse_register(tb[NFTA_LOOKUP_SREG]); |
3798 |
+ err = nft_validate_register_load(priv->sreg, set->klen); |
3799 |
+ if (err < 0) |
3800 |
+diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c |
3801 |
+index 6168db3c35e4..334e3181f1c5 100644 |
3802 |
+--- a/net/wireless/nl80211.c |
3803 |
++++ b/net/wireless/nl80211.c |
3804 |
+@@ -200,6 +200,38 @@ cfg80211_get_dev_from_info(struct net *netns, struct genl_info *info) |
3805 |
+ return __cfg80211_rdev_from_attrs(netns, info->attrs); |
3806 |
+ } |
3807 |
+ |
3808 |
++static int validate_beacon_head(const struct nlattr *attr, |
3809 |
++ struct netlink_ext_ack *extack) |
3810 |
++{ |
3811 |
++ const u8 *data = nla_data(attr); |
3812 |
++ unsigned int len = nla_len(attr); |
3813 |
++ const struct element *elem; |
3814 |
++ const struct ieee80211_mgmt *mgmt = (void *)data; |
3815 |
++ unsigned int fixedlen = offsetof(struct ieee80211_mgmt, |
3816 |
++ u.beacon.variable); |
3817 |
++ |
3818 |
++ if (len < fixedlen) |
3819 |
++ goto err; |
3820 |
++ |
3821 |
++ if (ieee80211_hdrlen(mgmt->frame_control) != |
3822 |
++ offsetof(struct ieee80211_mgmt, u.beacon)) |
3823 |
++ goto err; |
3824 |
++ |
3825 |
++ data += fixedlen; |
3826 |
++ len -= fixedlen; |
3827 |
++ |
3828 |
++ for_each_element(elem, data, len) { |
3829 |
++ /* nothing */ |
3830 |
++ } |
3831 |
++ |
3832 |
++ if (for_each_element_completed(elem, data, len)) |
3833 |
++ return 0; |
3834 |
++ |
3835 |
++err: |
3836 |
++ NL_SET_ERR_MSG_ATTR(extack, attr, "malformed beacon head"); |
3837 |
++ return -EINVAL; |
3838 |
++} |
3839 |
++ |
3840 |
+ /* policy for the attributes */ |
3841 |
+ static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = { |
3842 |
+ [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, |
3843 |
+@@ -2299,6 +2331,8 @@ static int nl80211_parse_chandef(struct cfg80211_registered_device *rdev, |
3844 |
+ |
3845 |
+ control_freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); |
3846 |
+ |
3847 |
++ memset(chandef, 0, sizeof(*chandef)); |
3848 |
++ |
3849 |
+ chandef->chan = ieee80211_get_channel(&rdev->wiphy, control_freq); |
3850 |
+ chandef->width = NL80211_CHAN_WIDTH_20_NOHT; |
3851 |
+ chandef->center_freq1 = control_freq; |
3852 |
+@@ -2819,7 +2853,7 @@ static int nl80211_send_iface(struct sk_buff *msg, u32 portid, u32 seq, int flag |
3853 |
+ |
3854 |
+ if (rdev->ops->get_channel) { |
3855 |
+ int ret; |
3856 |
+- struct cfg80211_chan_def chandef; |
3857 |
++ struct cfg80211_chan_def chandef = {}; |
3858 |
+ |
3859 |
+ ret = rdev_get_channel(rdev, wdev, &chandef); |
3860 |
+ if (ret == 0) { |
3861 |
+@@ -4014,6 +4048,12 @@ static int nl80211_parse_beacon(struct nlattr *attrs[], |
3862 |
+ memset(bcn, 0, sizeof(*bcn)); |
3863 |
+ |
3864 |
+ if (attrs[NL80211_ATTR_BEACON_HEAD]) { |
3865 |
++ int ret = validate_beacon_head(attrs[NL80211_ATTR_BEACON_HEAD], |
3866 |
++ NULL); |
3867 |
++ |
3868 |
++ if (ret) |
3869 |
++ return ret; |
3870 |
++ |
3871 |
+ bcn->head = nla_data(attrs[NL80211_ATTR_BEACON_HEAD]); |
3872 |
+ bcn->head_len = nla_len(attrs[NL80211_ATTR_BEACON_HEAD]); |
3873 |
+ if (!bcn->head_len) |
3874 |
+diff --git a/net/wireless/reg.c b/net/wireless/reg.c |
3875 |
+index d8ebf4f0ef6e..cccbf845079c 100644 |
3876 |
+--- a/net/wireless/reg.c |
3877 |
++++ b/net/wireless/reg.c |
3878 |
+@@ -2095,7 +2095,7 @@ static void reg_call_notifier(struct wiphy *wiphy, |
3879 |
+ |
3880 |
+ static bool reg_wdev_chan_valid(struct wiphy *wiphy, struct wireless_dev *wdev) |
3881 |
+ { |
3882 |
+- struct cfg80211_chan_def chandef; |
3883 |
++ struct cfg80211_chan_def chandef = {}; |
3884 |
+ struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
3885 |
+ enum nl80211_iftype iftype; |
3886 |
+ |
3887 |
+diff --git a/net/wireless/scan.c b/net/wireless/scan.c |
3888 |
+index d0e7472dd9fd..e5d61ba837ad 100644 |
3889 |
+--- a/net/wireless/scan.c |
3890 |
++++ b/net/wireless/scan.c |
3891 |
+@@ -484,6 +484,8 @@ const u8 *cfg80211_find_ie_match(u8 eid, const u8 *ies, int len, |
3892 |
+ const u8 *match, int match_len, |
3893 |
+ int match_offset) |
3894 |
+ { |
3895 |
++ const struct element *elem; |
3896 |
++ |
3897 |
+ /* match_offset can't be smaller than 2, unless match_len is |
3898 |
+ * zero, in which case match_offset must be zero as well. |
3899 |
+ */ |
3900 |
+@@ -491,14 +493,10 @@ const u8 *cfg80211_find_ie_match(u8 eid, const u8 *ies, int len, |
3901 |
+ (!match_len && match_offset))) |
3902 |
+ return NULL; |
3903 |
+ |
3904 |
+- while (len >= 2 && len >= ies[1] + 2) { |
3905 |
+- if ((ies[0] == eid) && |
3906 |
+- (ies[1] + 2 >= match_offset + match_len) && |
3907 |
+- !memcmp(ies + match_offset, match, match_len)) |
3908 |
+- return ies; |
3909 |
+- |
3910 |
+- len -= ies[1] + 2; |
3911 |
+- ies += ies[1] + 2; |
3912 |
++ for_each_element_id(elem, eid, ies, len) { |
3913 |
++ if (elem->datalen >= match_offset - 2 + match_len && |
3914 |
++ !memcmp(elem->data + match_offset - 2, match, match_len)) |
3915 |
++ return (void *)elem; |
3916 |
+ } |
3917 |
+ |
3918 |
+ return NULL; |
3919 |
+diff --git a/net/wireless/wext-compat.c b/net/wireless/wext-compat.c |
3920 |
+index 06943d9c9835..4f0cfb8cc682 100644 |
3921 |
+--- a/net/wireless/wext-compat.c |
3922 |
++++ b/net/wireless/wext-compat.c |
3923 |
+@@ -800,7 +800,7 @@ static int cfg80211_wext_giwfreq(struct net_device *dev, |
3924 |
+ { |
3925 |
+ struct wireless_dev *wdev = dev->ieee80211_ptr; |
3926 |
+ struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); |
3927 |
+- struct cfg80211_chan_def chandef; |
3928 |
++ struct cfg80211_chan_def chandef = {}; |
3929 |
+ int ret; |
3930 |
+ |
3931 |
+ switch (wdev->iftype) { |
3932 |
+diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c |
3933 |
+index d9e7728027c6..f63b4bd45d60 100644 |
3934 |
+--- a/security/integrity/ima/ima_crypto.c |
3935 |
++++ b/security/integrity/ima/ima_crypto.c |
3936 |
+@@ -271,8 +271,16 @@ static int ima_calc_file_hash_atfm(struct file *file, |
3937 |
+ rbuf_len = min_t(loff_t, i_size - offset, rbuf_size[active]); |
3938 |
+ rc = integrity_kernel_read(file, offset, rbuf[active], |
3939 |
+ rbuf_len); |
3940 |
+- if (rc != rbuf_len) |
3941 |
++ if (rc != rbuf_len) { |
3942 |
++ if (rc >= 0) |
3943 |
++ rc = -EINVAL; |
3944 |
++ /* |
3945 |
++ * Forward current rc, do not overwrite with return value |
3946 |
++ * from ahash_wait() |
3947 |
++ */ |
3948 |
++ ahash_wait(ahash_rc, &wait); |
3949 |
+ goto out3; |
3950 |
++ } |
3951 |
+ |
3952 |
+ if (rbuf[1] && offset) { |
3953 |
+ /* Using two buffers, and it is not the first |
3954 |
+diff --git a/sound/soc/codecs/sgtl5000.c b/sound/soc/codecs/sgtl5000.c |
3955 |
+index 18cddf1729a6..64a52d495b1f 100644 |
3956 |
+--- a/sound/soc/codecs/sgtl5000.c |
3957 |
++++ b/sound/soc/codecs/sgtl5000.c |
3958 |
+@@ -31,6 +31,13 @@ |
3959 |
+ #define SGTL5000_DAP_REG_OFFSET 0x0100 |
3960 |
+ #define SGTL5000_MAX_REG_OFFSET 0x013A |
3961 |
+ |
3962 |
++/* Delay for the VAG ramp up */ |
3963 |
++#define SGTL5000_VAG_POWERUP_DELAY 500 /* ms */ |
3964 |
++/* Delay for the VAG ramp down */ |
3965 |
++#define SGTL5000_VAG_POWERDOWN_DELAY 500 /* ms */ |
3966 |
++ |
3967 |
++#define SGTL5000_OUTPUTS_MUTE (SGTL5000_HP_MUTE | SGTL5000_LINE_OUT_MUTE) |
3968 |
++ |
3969 |
+ /* default value of sgtl5000 registers */ |
3970 |
+ static const struct reg_default sgtl5000_reg_defaults[] = { |
3971 |
+ { SGTL5000_CHIP_DIG_POWER, 0x0000 }, |
3972 |
+@@ -116,6 +123,13 @@ enum { |
3973 |
+ I2S_LRCLK_STRENGTH_HIGH, |
3974 |
+ }; |
3975 |
+ |
3976 |
++enum { |
3977 |
++ HP_POWER_EVENT, |
3978 |
++ DAC_POWER_EVENT, |
3979 |
++ ADC_POWER_EVENT, |
3980 |
++ LAST_POWER_EVENT = ADC_POWER_EVENT |
3981 |
++}; |
3982 |
++ |
3983 |
+ /* sgtl5000 private structure in codec */ |
3984 |
+ struct sgtl5000_priv { |
3985 |
+ int sysclk; /* sysclk rate */ |
3986 |
+@@ -129,8 +143,109 @@ struct sgtl5000_priv { |
3987 |
+ u8 micbias_resistor; |
3988 |
+ u8 micbias_voltage; |
3989 |
+ u8 lrclk_strength; |
3990 |
++ u16 mute_state[LAST_POWER_EVENT + 1]; |
3991 |
+ }; |
3992 |
+ |
3993 |
++static inline int hp_sel_input(struct snd_soc_component *component) |
3994 |
++{ |
3995 |
++ return (snd_soc_component_read32(component, SGTL5000_CHIP_ANA_CTRL) & |
3996 |
++ SGTL5000_HP_SEL_MASK) >> SGTL5000_HP_SEL_SHIFT; |
3997 |
++} |
3998 |
++ |
3999 |
++static inline u16 mute_output(struct snd_soc_component *component, |
4000 |
++ u16 mute_mask) |
4001 |
++{ |
4002 |
++ u16 mute_reg = snd_soc_component_read32(component, |
4003 |
++ SGTL5000_CHIP_ANA_CTRL); |
4004 |
++ |
4005 |
++ snd_soc_component_update_bits(component, SGTL5000_CHIP_ANA_CTRL, |
4006 |
++ mute_mask, mute_mask); |
4007 |
++ return mute_reg; |
4008 |
++} |
4009 |
++ |
4010 |
++static inline void restore_output(struct snd_soc_component *component, |
4011 |
++ u16 mute_mask, u16 mute_reg) |
4012 |
++{ |
4013 |
++ snd_soc_component_update_bits(component, SGTL5000_CHIP_ANA_CTRL, |
4014 |
++ mute_mask, mute_reg); |
4015 |
++} |
4016 |
++ |
4017 |
++static void vag_power_on(struct snd_soc_component *component, u32 source) |
4018 |
++{ |
4019 |
++ if (snd_soc_component_read32(component, SGTL5000_CHIP_ANA_POWER) & |
4020 |
++ SGTL5000_VAG_POWERUP) |
4021 |
++ return; |
4022 |
++ |
4023 |
++ snd_soc_component_update_bits(component, SGTL5000_CHIP_ANA_POWER, |
4024 |
++ SGTL5000_VAG_POWERUP, SGTL5000_VAG_POWERUP); |
4025 |
++ |
4026 |
++ /* When VAG powering on to get local loop from Line-In, the sleep |
4027 |
++ * is required to avoid loud pop. |
4028 |
++ */ |
4029 |
++ if (hp_sel_input(component) == SGTL5000_HP_SEL_LINE_IN && |
4030 |
++ source == HP_POWER_EVENT) |
4031 |
++ msleep(SGTL5000_VAG_POWERUP_DELAY); |
4032 |
++} |
4033 |
++ |
4034 |
++static int vag_power_consumers(struct snd_soc_component *component, |
4035 |
++ u16 ana_pwr_reg, u32 source) |
4036 |
++{ |
4037 |
++ int consumers = 0; |
4038 |
++ |
4039 |
++ /* count dac/adc consumers unconditional */ |
4040 |
++ if (ana_pwr_reg & SGTL5000_DAC_POWERUP) |
4041 |
++ consumers++; |
4042 |
++ if (ana_pwr_reg & SGTL5000_ADC_POWERUP) |
4043 |
++ consumers++; |
4044 |
++ |
4045 |
++ /* |
4046 |
++ * If the event comes from HP and Line-In is selected, |
4047 |
++ * current action is 'DAC to be powered down'. |
4048 |
++ * As HP_POWERUP is not set when HP muxed to line-in, |
4049 |
++ * we need to keep VAG power ON. |
4050 |
++ */ |
4051 |
++ if (source == HP_POWER_EVENT) { |
4052 |
++ if (hp_sel_input(component) == SGTL5000_HP_SEL_LINE_IN) |
4053 |
++ consumers++; |
4054 |
++ } else { |
4055 |
++ if (ana_pwr_reg & SGTL5000_HP_POWERUP) |
4056 |
++ consumers++; |
4057 |
++ } |
4058 |
++ |
4059 |
++ return consumers; |
4060 |
++} |
4061 |
++ |
4062 |
++static void vag_power_off(struct snd_soc_component *component, u32 source) |
4063 |
++{ |
4064 |
++ u16 ana_pwr = snd_soc_component_read32(component, |
4065 |
++ SGTL5000_CHIP_ANA_POWER); |
4066 |
++ |
4067 |
++ if (!(ana_pwr & SGTL5000_VAG_POWERUP)) |
4068 |
++ return; |
4069 |
++ |
4070 |
++ /* |
4071 |
++ * This function calls when any of VAG power consumers is disappearing. |
4072 |
++ * Thus, if there is more than one consumer at the moment, as minimum |
4073 |
++ * one consumer will definitely stay after the end of the current |
4074 |
++ * event. |
4075 |
++ * Don't clear VAG_POWERUP if 2 or more consumers of VAG present: |
4076 |
++ * - LINE_IN (for HP events) / HP (for DAC/ADC events) |
4077 |
++ * - DAC |
4078 |
++ * - ADC |
4079 |
++ * (the current consumer is disappearing right now) |
4080 |
++ */ |
4081 |
++ if (vag_power_consumers(component, ana_pwr, source) >= 2) |
4082 |
++ return; |
4083 |
++ |
4084 |
++ snd_soc_component_update_bits(component, SGTL5000_CHIP_ANA_POWER, |
4085 |
++ SGTL5000_VAG_POWERUP, 0); |
4086 |
++ /* In power down case, we need wait 400-1000 ms |
4087 |
++ * when VAG fully ramped down. |
4088 |
++ * As longer we wait, as smaller pop we've got. |
4089 |
++ */ |
4090 |
++ msleep(SGTL5000_VAG_POWERDOWN_DELAY); |
4091 |
++} |
4092 |
++ |
4093 |
+ /* |
4094 |
+ * mic_bias power on/off share the same register bits with |
4095 |
+ * output impedance of mic bias, when power on mic bias, we |
4096 |
+@@ -162,36 +277,46 @@ static int mic_bias_event(struct snd_soc_dapm_widget *w, |
4097 |
+ return 0; |
4098 |
+ } |
4099 |
+ |
4100 |
+-/* |
4101 |
+- * As manual described, ADC/DAC only works when VAG powerup, |
4102 |
+- * So enabled VAG before ADC/DAC up. |
4103 |
+- * In power down case, we need wait 400ms when vag fully ramped down. |
4104 |
+- */ |
4105 |
+-static int power_vag_event(struct snd_soc_dapm_widget *w, |
4106 |
+- struct snd_kcontrol *kcontrol, int event) |
4107 |
++static int vag_and_mute_control(struct snd_soc_component *component, |
4108 |
++ int event, int event_source) |
4109 |
+ { |
4110 |
+- struct snd_soc_component *component = snd_soc_dapm_to_component(w->dapm); |
4111 |
+- const u32 mask = SGTL5000_DAC_POWERUP | SGTL5000_ADC_POWERUP; |
4112 |
++ static const u16 mute_mask[] = { |
4113 |
++ /* |
4114 |
++ * Mask for HP_POWER_EVENT. |
4115 |
++ * Muxing Headphones have to be wrapped with mute/unmute |
4116 |
++ * headphones only. |
4117 |
++ */ |
4118 |
++ SGTL5000_HP_MUTE, |
4119 |
++ /* |
4120 |
++ * Masks for DAC_POWER_EVENT/ADC_POWER_EVENT. |
4121 |
++ * Muxing DAC or ADC block have to wrapped with mute/unmute |
4122 |
++ * both headphones and line-out. |
4123 |
++ */ |
4124 |
++ SGTL5000_OUTPUTS_MUTE, |
4125 |
++ SGTL5000_OUTPUTS_MUTE |
4126 |
++ }; |
4127 |
++ |
4128 |
++ struct sgtl5000_priv *sgtl5000 = |
4129 |
++ snd_soc_component_get_drvdata(component); |
4130 |
+ |
4131 |
+ switch (event) { |
4132 |
++ case SND_SOC_DAPM_PRE_PMU: |
4133 |
++ sgtl5000->mute_state[event_source] = |
4134 |
++ mute_output(component, mute_mask[event_source]); |
4135 |
++ break; |
4136 |
+ case SND_SOC_DAPM_POST_PMU: |
4137 |
+- snd_soc_component_update_bits(component, SGTL5000_CHIP_ANA_POWER, |
4138 |
+- SGTL5000_VAG_POWERUP, SGTL5000_VAG_POWERUP); |
4139 |
+- msleep(400); |
4140 |
++ vag_power_on(component, event_source); |
4141 |
++ restore_output(component, mute_mask[event_source], |
4142 |
++ sgtl5000->mute_state[event_source]); |
4143 |
+ break; |
4144 |
+- |
4145 |
+ case SND_SOC_DAPM_PRE_PMD: |
4146 |
+- /* |
4147 |
+- * Don't clear VAG_POWERUP, when both DAC and ADC are |
4148 |
+- * operational to prevent inadvertently starving the |
4149 |
+- * other one of them. |
4150 |
+- */ |
4151 |
+- if ((snd_soc_component_read32(component, SGTL5000_CHIP_ANA_POWER) & |
4152 |
+- mask) != mask) { |
4153 |
+- snd_soc_component_update_bits(component, SGTL5000_CHIP_ANA_POWER, |
4154 |
+- SGTL5000_VAG_POWERUP, 0); |
4155 |
+- msleep(400); |
4156 |
+- } |
4157 |
++ sgtl5000->mute_state[event_source] = |
4158 |
++ mute_output(component, mute_mask[event_source]); |
4159 |
++ vag_power_off(component, event_source); |
4160 |
++ break; |
4161 |
++ case SND_SOC_DAPM_POST_PMD: |
4162 |
++ restore_output(component, mute_mask[event_source], |
4163 |
++ sgtl5000->mute_state[event_source]); |
4164 |
+ break; |
4165 |
+ default: |
4166 |
+ break; |
4167 |
+@@ -200,6 +325,41 @@ static int power_vag_event(struct snd_soc_dapm_widget *w, |
4168 |
+ return 0; |
4169 |
+ } |
4170 |
+ |
4171 |
++/* |
4172 |
++ * Mute Headphone when power it up/down. |
4173 |
++ * Control VAG power on HP power path. |
4174 |
++ */ |
4175 |
++static int headphone_pga_event(struct snd_soc_dapm_widget *w, |
4176 |
++ struct snd_kcontrol *kcontrol, int event) |
4177 |
++{ |
4178 |
++ struct snd_soc_component *component = |
4179 |
++ snd_soc_dapm_to_component(w->dapm); |
4180 |
++ |
4181 |
++ return vag_and_mute_control(component, event, HP_POWER_EVENT); |
4182 |
++} |
4183 |
++ |
4184 |
++/* As manual describes, ADC/DAC powering up/down requires |
4185 |
++ * to mute outputs to avoid pops. |
4186 |
++ * Control VAG power on ADC/DAC power path. |
4187 |
++ */ |
4188 |
++static int adc_updown_depop(struct snd_soc_dapm_widget *w, |
4189 |
++ struct snd_kcontrol *kcontrol, int event) |
4190 |
++{ |
4191 |
++ struct snd_soc_component *component = |
4192 |
++ snd_soc_dapm_to_component(w->dapm); |
4193 |
++ |
4194 |
++ return vag_and_mute_control(component, event, ADC_POWER_EVENT); |
4195 |
++} |
4196 |
++ |
4197 |
++static int dac_updown_depop(struct snd_soc_dapm_widget *w, |
4198 |
++ struct snd_kcontrol *kcontrol, int event) |
4199 |
++{ |
4200 |
++ struct snd_soc_component *component = |
4201 |
++ snd_soc_dapm_to_component(w->dapm); |
4202 |
++ |
4203 |
++ return vag_and_mute_control(component, event, DAC_POWER_EVENT); |
4204 |
++} |
4205 |
++ |
4206 |
+ /* input sources for ADC */ |
4207 |
+ static const char *adc_mux_text[] = { |
4208 |
+ "MIC_IN", "LINE_IN" |
4209 |
+@@ -272,7 +432,10 @@ static const struct snd_soc_dapm_widget sgtl5000_dapm_widgets[] = { |
4210 |
+ mic_bias_event, |
4211 |
+ SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_PRE_PMD), |
4212 |
+ |
4213 |
+- SND_SOC_DAPM_PGA("HP", SGTL5000_CHIP_ANA_POWER, 4, 0, NULL, 0), |
4214 |
++ SND_SOC_DAPM_PGA_E("HP", SGTL5000_CHIP_ANA_POWER, 4, 0, NULL, 0, |
4215 |
++ headphone_pga_event, |
4216 |
++ SND_SOC_DAPM_PRE_POST_PMU | |
4217 |
++ SND_SOC_DAPM_PRE_POST_PMD), |
4218 |
+ SND_SOC_DAPM_PGA("LO", SGTL5000_CHIP_ANA_POWER, 0, 0, NULL, 0), |
4219 |
+ |
4220 |
+ SND_SOC_DAPM_MUX("Capture Mux", SND_SOC_NOPM, 0, 0, &adc_mux), |
4221 |
+@@ -293,11 +456,12 @@ static const struct snd_soc_dapm_widget sgtl5000_dapm_widgets[] = { |
4222 |
+ 0, SGTL5000_CHIP_DIG_POWER, |
4223 |
+ 1, 0), |
4224 |
+ |
4225 |
+- SND_SOC_DAPM_ADC("ADC", "Capture", SGTL5000_CHIP_ANA_POWER, 1, 0), |
4226 |
+- SND_SOC_DAPM_DAC("DAC", "Playback", SGTL5000_CHIP_ANA_POWER, 3, 0), |
4227 |
+- |
4228 |
+- SND_SOC_DAPM_PRE("VAG_POWER_PRE", power_vag_event), |
4229 |
+- SND_SOC_DAPM_POST("VAG_POWER_POST", power_vag_event), |
4230 |
++ SND_SOC_DAPM_ADC_E("ADC", "Capture", SGTL5000_CHIP_ANA_POWER, 1, 0, |
4231 |
++ adc_updown_depop, SND_SOC_DAPM_PRE_POST_PMU | |
4232 |
++ SND_SOC_DAPM_PRE_POST_PMD), |
4233 |
++ SND_SOC_DAPM_DAC_E("DAC", "Playback", SGTL5000_CHIP_ANA_POWER, 3, 0, |
4234 |
++ dac_updown_depop, SND_SOC_DAPM_PRE_POST_PMU | |
4235 |
++ SND_SOC_DAPM_PRE_POST_PMD), |
4236 |
+ }; |
4237 |
+ |
4238 |
+ /* routes for sgtl5000 */ |
4239 |
+diff --git a/tools/lib/traceevent/Makefile b/tools/lib/traceevent/Makefile |
4240 |
+index 95a43ccb6dd0..bca0c9e5452c 100644 |
4241 |
+--- a/tools/lib/traceevent/Makefile |
4242 |
++++ b/tools/lib/traceevent/Makefile |
4243 |
+@@ -259,8 +259,8 @@ endef |
4244 |
+ |
4245 |
+ define do_generate_dynamic_list_file |
4246 |
+ symbol_type=`$(NM) -u -D $1 | awk 'NF>1 {print $$1}' | \ |
4247 |
+- xargs echo "U W w" | tr ' ' '\n' | sort -u | xargs echo`;\ |
4248 |
+- if [ "$$symbol_type" = "U W w" ];then \ |
4249 |
++ xargs echo "U w W" | tr 'w ' 'W\n' | sort -u | xargs echo`;\ |
4250 |
++ if [ "$$symbol_type" = "U W" ];then \ |
4251 |
+ (echo '{'; \ |
4252 |
+ $(NM) -u -D $1 | awk 'NF>1 {print "\t"$$2";"}' | sort -u;\ |
4253 |
+ echo '};'; \ |
4254 |
+diff --git a/tools/lib/traceevent/event-parse.c b/tools/lib/traceevent/event-parse.c |
4255 |
+index 6ccfd13d5cf9..382e476629fb 100644 |
4256 |
+--- a/tools/lib/traceevent/event-parse.c |
4257 |
++++ b/tools/lib/traceevent/event-parse.c |
4258 |
+@@ -254,10 +254,10 @@ static int add_new_comm(struct tep_handle *pevent, const char *comm, int pid) |
4259 |
+ errno = ENOMEM; |
4260 |
+ return -1; |
4261 |
+ } |
4262 |
++ pevent->cmdlines = cmdlines; |
4263 |
+ |
4264 |
+ cmdlines[pevent->cmdline_count].comm = strdup(comm); |
4265 |
+ if (!cmdlines[pevent->cmdline_count].comm) { |
4266 |
+- free(cmdlines); |
4267 |
+ errno = ENOMEM; |
4268 |
+ return -1; |
4269 |
+ } |
4270 |
+@@ -268,7 +268,6 @@ static int add_new_comm(struct tep_handle *pevent, const char *comm, int pid) |
4271 |
+ pevent->cmdline_count++; |
4272 |
+ |
4273 |
+ qsort(cmdlines, pevent->cmdline_count, sizeof(*cmdlines), cmdline_cmp); |
4274 |
+- pevent->cmdlines = cmdlines; |
4275 |
+ |
4276 |
+ return 0; |
4277 |
+ } |
4278 |
+diff --git a/tools/perf/Makefile.config b/tools/perf/Makefile.config |
4279 |
+index 849b3be15bd8..510caedd7319 100644 |
4280 |
+--- a/tools/perf/Makefile.config |
4281 |
++++ b/tools/perf/Makefile.config |
4282 |
+@@ -837,7 +837,7 @@ ifndef NO_JVMTI |
4283 |
+ JDIR=$(shell /usr/sbin/update-java-alternatives -l | head -1 | awk '{print $$3}') |
4284 |
+ else |
4285 |
+ ifneq (,$(wildcard /usr/sbin/alternatives)) |
4286 |
+- JDIR=$(shell /usr/sbin/alternatives --display java | tail -1 | cut -d' ' -f 5 | sed 's%/jre/bin/java.%%g') |
4287 |
++ JDIR=$(shell /usr/sbin/alternatives --display java | tail -1 | cut -d' ' -f 5 | sed -e 's%/jre/bin/java.%%g' -e 's%/bin/java.%%g') |
4288 |
+ endif |
4289 |
+ endif |
4290 |
+ ifndef JDIR |
4291 |
+diff --git a/tools/perf/arch/x86/util/unwind-libunwind.c b/tools/perf/arch/x86/util/unwind-libunwind.c |
4292 |
+index 05920e3edf7a..47357973b55b 100644 |
4293 |
+--- a/tools/perf/arch/x86/util/unwind-libunwind.c |
4294 |
++++ b/tools/perf/arch/x86/util/unwind-libunwind.c |
4295 |
+@@ -1,11 +1,11 @@ |
4296 |
+ // SPDX-License-Identifier: GPL-2.0 |
4297 |
+ |
4298 |
+ #include <errno.h> |
4299 |
++#include "../../util/debug.h" |
4300 |
+ #ifndef REMOTE_UNWIND_LIBUNWIND |
4301 |
+ #include <libunwind.h> |
4302 |
+ #include "perf_regs.h" |
4303 |
+ #include "../../util/unwind.h" |
4304 |
+-#include "../../util/debug.h" |
4305 |
+ #endif |
4306 |
+ |
4307 |
+ #ifdef HAVE_ARCH_X86_64_SUPPORT |
4308 |
+diff --git a/tools/perf/builtin-stat.c b/tools/perf/builtin-stat.c |
4309 |
+index 789962565c9c..6aae10ff954c 100644 |
4310 |
+--- a/tools/perf/builtin-stat.c |
4311 |
++++ b/tools/perf/builtin-stat.c |
4312 |
+@@ -3090,8 +3090,11 @@ int cmd_stat(int argc, const char **argv) |
4313 |
+ fprintf(output, "[ perf stat: executing run #%d ... ]\n", |
4314 |
+ run_idx + 1); |
4315 |
+ |
4316 |
++ if (run_idx != 0) |
4317 |
++ perf_evlist__reset_prev_raw_counts(evsel_list); |
4318 |
++ |
4319 |
+ status = run_perf_stat(argc, argv, run_idx); |
4320 |
+- if (forever && status != -1) { |
4321 |
++ if (forever && status != -1 && !interval) { |
4322 |
+ print_counters(NULL, argc, argv); |
4323 |
+ perf_stat__reset_stats(); |
4324 |
+ } |
4325 |
+diff --git a/tools/perf/util/header.c b/tools/perf/util/header.c |
4326 |
+index 0c70788593c8..3c0d74fc1ff2 100644 |
4327 |
+--- a/tools/perf/util/header.c |
4328 |
++++ b/tools/perf/util/header.c |
4329 |
+@@ -1114,7 +1114,7 @@ static int cpu_cache_level__read(struct cpu_cache_level *cache, u32 cpu, u16 lev |
4330 |
+ |
4331 |
+ scnprintf(file, PATH_MAX, "%s/shared_cpu_list", path); |
4332 |
+ if (sysfs__read_str(file, &cache->map, &len)) { |
4333 |
+- free(cache->map); |
4334 |
++ free(cache->size); |
4335 |
+ free(cache->type); |
4336 |
+ return -1; |
4337 |
+ } |
4338 |
+diff --git a/tools/perf/util/stat.c b/tools/perf/util/stat.c |
4339 |
+index a0061e0b0fad..6917ba8a0024 100644 |
4340 |
+--- a/tools/perf/util/stat.c |
4341 |
++++ b/tools/perf/util/stat.c |
4342 |
+@@ -154,6 +154,15 @@ static void perf_evsel__free_prev_raw_counts(struct perf_evsel *evsel) |
4343 |
+ evsel->prev_raw_counts = NULL; |
4344 |
+ } |
4345 |
+ |
4346 |
++static void perf_evsel__reset_prev_raw_counts(struct perf_evsel *evsel) |
4347 |
++{ |
4348 |
++ if (evsel->prev_raw_counts) { |
4349 |
++ evsel->prev_raw_counts->aggr.val = 0; |
4350 |
++ evsel->prev_raw_counts->aggr.ena = 0; |
4351 |
++ evsel->prev_raw_counts->aggr.run = 0; |
4352 |
++ } |
4353 |
++} |
4354 |
++ |
4355 |
+ static int perf_evsel__alloc_stats(struct perf_evsel *evsel, bool alloc_raw) |
4356 |
+ { |
4357 |
+ int ncpus = perf_evsel__nr_cpus(evsel); |
4358 |
+@@ -204,6 +213,14 @@ void perf_evlist__reset_stats(struct perf_evlist *evlist) |
4359 |
+ } |
4360 |
+ } |
4361 |
+ |
4362 |
++void perf_evlist__reset_prev_raw_counts(struct perf_evlist *evlist) |
4363 |
++{ |
4364 |
++ struct perf_evsel *evsel; |
4365 |
++ |
4366 |
++ evlist__for_each_entry(evlist, evsel) |
4367 |
++ perf_evsel__reset_prev_raw_counts(evsel); |
4368 |
++} |
4369 |
++ |
4370 |
+ static void zero_per_pkg(struct perf_evsel *counter) |
4371 |
+ { |
4372 |
+ if (counter->per_pkg_mask) |
4373 |
+diff --git a/tools/perf/util/stat.h b/tools/perf/util/stat.h |
4374 |
+index 36efb986f7fc..e19abb1635c4 100644 |
4375 |
+--- a/tools/perf/util/stat.h |
4376 |
++++ b/tools/perf/util/stat.h |
4377 |
+@@ -158,6 +158,7 @@ void perf_stat__collect_metric_expr(struct perf_evlist *); |
4378 |
+ int perf_evlist__alloc_stats(struct perf_evlist *evlist, bool alloc_raw); |
4379 |
+ void perf_evlist__free_stats(struct perf_evlist *evlist); |
4380 |
+ void perf_evlist__reset_stats(struct perf_evlist *evlist); |
4381 |
++void perf_evlist__reset_prev_raw_counts(struct perf_evlist *evlist); |
4382 |
+ |
4383 |
+ int perf_stat_process_counter(struct perf_stat_config *config, |
4384 |
+ struct perf_evsel *counter); |
4385 |
+diff --git a/tools/testing/nvdimm/test/nfit_test.h b/tools/testing/nvdimm/test/nfit_test.h |
4386 |
+index 33752e06ff8d..3de57cc8716b 100644 |
4387 |
+--- a/tools/testing/nvdimm/test/nfit_test.h |
4388 |
++++ b/tools/testing/nvdimm/test/nfit_test.h |
4389 |
+@@ -12,6 +12,7 @@ |
4390 |
+ */ |
4391 |
+ #ifndef __NFIT_TEST_H__ |
4392 |
+ #define __NFIT_TEST_H__ |
4393 |
++#include <linux/acpi.h> |
4394 |
+ #include <linux/list.h> |
4395 |
+ #include <linux/uuid.h> |
4396 |
+ #include <linux/ioport.h> |
4397 |
+@@ -234,9 +235,6 @@ struct nd_intel_lss { |
4398 |
+ __u32 status; |
4399 |
+ } __packed; |
4400 |
+ |
4401 |
+-union acpi_object; |
4402 |
+-typedef void *acpi_handle; |
4403 |
+- |
4404 |
+ typedef struct nfit_test_resource *(*nfit_test_lookup_fn)(resource_size_t); |
4405 |
+ typedef union acpi_object *(*nfit_test_evaluate_dsm_fn)(acpi_handle handle, |
4406 |
+ const guid_t *guid, u64 rev, u64 func, |