Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

Conflicts:
	net/bridge/br_mdb.c

br_mdb.c conflict was a function call being removed to fix a bug in
'net' but whose signature was changed in 'net-next'.

Signed-off-by: David S. Miller <davem@davemloft.net>

4 files changed, 104 insertions, 72 deletions

diff --git a/arch/x86/kernel/fpu/init.c b/arch/x86/kernel/fpu/init.c
index 32826791e675..0b39173dd971 100644
--- a/arch/x86/kernel/fpu/init.c
+++ b/arch/x86/kernel/fpu/init.c
@@ -4,6 +4,8 @@
 #include <asm/fpu/internal.h>
 #include <asm/tlbflush.h>
 
+#include <linux/sched.h>
+
 /*
  * Initialize the TS bit in CR0 according to the style of context-switches
  * we are using:
@@ -136,6 +138,43 @@ static void __init fpu__init_system_generic(void)
 unsigned int xstate_size;
 EXPORT_SYMBOL_GPL(xstate_size);
 
+/* Enforce that 'MEMBER' is the last field of 'TYPE': */
+#define CHECK_MEMBER_AT_END_OF(TYPE, MEMBER) \
+        BUILD_BUG_ON(sizeof(TYPE) != offsetofend(TYPE, MEMBER))
+
+/*
+ * We append the 'struct fpu' to the task_struct:
+ */
+static void __init fpu__init_task_struct_size(void)
+{
+        int task_size = sizeof(struct task_struct);
+
+        /*
+         * Subtract off the static size of the register state.
+         * It potentially has a bunch of padding.
+         */
+        task_size -= sizeof(((struct task_struct *)0)->thread.fpu.state);
+
+        /*
+         * Add back the dynamically-calculated register state
+         * size.
+         */
+        task_size += xstate_size;
+
+        /*
+         * We dynamically size 'struct fpu', so we require that
+         * it be at the end of 'thread_struct' and that
+         * 'thread_struct' be at the end of 'task_struct'.  If
+         * you hit a compile error here, check the structure to
+         * see if something got added to the end.
+         */
+        CHECK_MEMBER_AT_END_OF(struct fpu, state);
+        CHECK_MEMBER_AT_END_OF(struct thread_struct, fpu);
+        CHECK_MEMBER_AT_END_OF(struct task_struct, thread);
+
+        arch_task_struct_size = task_size;
+}
+
 /*
  * Set up the xstate_size based on the legacy FPU context size.
  *
@@ -287,6 +326,7 @@ void __init fpu__init_system(struct cpuinfo_x86 *c)
         fpu__init_system_generic();
         fpu__init_system_xstate_size_legacy();
         fpu__init_system_xstate();
+        fpu__init_task_struct_size();
 
         fpu__init_system_ctx_switch();
 }
diff --git a/arch/x86/kernel/nmi.c b/arch/x86/kernel/nmi.c
index c3e985d1751c..d05bd2e2ee91 100644
--- a/arch/x86/kernel/nmi.c
+++ b/arch/x86/kernel/nmi.c
@@ -408,15 +408,15 @@ static void default_do_nmi(struct pt_regs *regs)
 NOKPROBE_SYMBOL(default_do_nmi);
 
 /*
- * NMIs can hit breakpoints which will cause it to lose its
- * NMI context with the CPU when the breakpoint does an iret.
- */
-#ifdef CONFIG_X86_32
-/*
- * For i386, NMIs use the same stack as the kernel, and we can
- * add a workaround to the iret problem in C (preventing nested
- * NMIs if an NMI takes a trap). Simply have 3 states the NMI
- * can be in:
+ * NMIs can page fault or hit breakpoints which will cause it to lose
+ * its NMI context with the CPU when the breakpoint or page fault does an IRET.
+ *
+ * As a result, NMIs can nest if NMIs get unmasked due an IRET during
+ * NMI processing.  On x86_64, the asm glue protects us from nested NMIs
+ * if the outer NMI came from kernel mode, but we can still nest if the
+ * outer NMI came from user mode.
+ *
+ * To handle these nested NMIs, we have three states:
  *
  *  1) not running
  *  2) executing
@@ -430,15 +430,14 @@ NOKPROBE_SYMBOL(default_do_nmi);
  * (Note, the latch is binary, thus multiple NMIs triggering,
  *  when one is running, are ignored. Only one NMI is restarted.)
  *
- * If an NMI hits a breakpoint that executes an iret, another
- * NMI can preempt it. We do not want to allow this new NMI
- * to run, but we want to execute it when the first one finishes.
- * We set the state to "latched", and the exit of the first NMI will
- * perform a dec_return, if the result is zero (NOT_RUNNING), then
- * it will simply exit the NMI handler. If not, the dec_return
- * would have set the state to NMI_EXECUTING (what we want it to
- * be when we are running). In this case, we simply jump back
- * to rerun the NMI handler again, and restart the 'latched' NMI.
+ * If an NMI executes an iret, another NMI can preempt it. We do not
+ * want to allow this new NMI to run, but we want to execute it when the
+ * first one finishes.  We set the state to "latched", and the exit of
+ * the first NMI will perform a dec_return, if the result is zero
+ * (NOT_RUNNING), then it will simply exit the NMI handler. If not, the
+ * dec_return would have set the state to NMI_EXECUTING (what we want it
+ * to be when we are running). In this case, we simply jump back to
+ * rerun the NMI handler again, and restart the 'latched' NMI.
  *
  * No trap (breakpoint or page fault) should be hit before nmi_restart,
  * thus there is no race between the first check of state for NOT_RUNNING
@@ -461,49 +460,36 @@ enum nmi_states {
 static DEFINE_PER_CPU(enum nmi_states, nmi_state);
 static DEFINE_PER_CPU(unsigned long, nmi_cr2);
 
-#define nmi_nesting_preprocess(regs)                                    \
-        do {                                                            \
-                if (this_cpu_read(nmi_state) != NMI_NOT_RUNNING) {      \
-                        this_cpu_write(nmi_state, NMI_LATCHED);         \
-                        return;                                         \
-                }                                                       \
-                this_cpu_write(nmi_state, NMI_EXECUTING);               \
-                this_cpu_write(nmi_cr2, read_cr2());                    \
-        } while (0);                                                    \
-        nmi_restart:
-
-#define nmi_nesting_postprocess()                                       \
-        do {                                                            \
-                if (unlikely(this_cpu_read(nmi_cr2) != read_cr2()))     \
-                        write_cr2(this_cpu_read(nmi_cr2));              \
-                if (this_cpu_dec_return(nmi_state))                     \
-                        goto nmi_restart;                               \
-        } while (0)
-#else /* x86_64 */
+#ifdef CONFIG_X86_64
 /*
- * In x86_64 things are a bit more difficult. This has the same problem
- * where an NMI hitting a breakpoint that calls iret will remove the
- * NMI context, allowing a nested NMI to enter. What makes this more
- * difficult is that both NMIs and breakpoints have their own stack.
- * When a new NMI or breakpoint is executed, the stack is set to a fixed
- * point. If an NMI is nested, it will have its stack set at that same
- * fixed address that the first NMI had, and will start corrupting the
- * stack. This is handled in entry_64.S, but the same problem exists with
- * the breakpoint stack.
+ * In x86_64, we need to handle breakpoint -> NMI -> breakpoint.  Without
+ * some care, the inner breakpoint will clobber the outer breakpoint's
+ * stack.
  *
- * If a breakpoint is being processed, and the debug stack is being used,
- * if an NMI comes in and also hits a breakpoint, the stack pointer
- * will be set to the same fixed address as the breakpoint that was
- * interrupted, causing that stack to be corrupted. To handle this case,
- * check if the stack that was interrupted is the debug stack, and if
- * so, change the IDT so that new breakpoints will use the current stack
- * and not switch to the fixed address. On return of the NMI, switch back
- * to the original IDT.
+ * If a breakpoint is being processed, and the debug stack is being
+ * used, if an NMI comes in and also hits a breakpoint, the stack
+ * pointer will be set to the same fixed address as the breakpoint that
+ * was interrupted, causing that stack to be corrupted. To handle this
+ * case, check if the stack that was interrupted is the debug stack, and
+ * if so, change the IDT so that new breakpoints will use the current
+ * stack and not switch to the fixed address. On return of the NMI,
+ * switch back to the original IDT.
  */
 static DEFINE_PER_CPU(int, update_debug_stack);
+#endif
 
-static inline void nmi_nesting_preprocess(struct pt_regs *regs)
+dotraplinkage notrace void
+do_nmi(struct pt_regs *regs, long error_code)
 {
+        if (this_cpu_read(nmi_state) != NMI_NOT_RUNNING) {
+                this_cpu_write(nmi_state, NMI_LATCHED);
+                return;
+        }
+        this_cpu_write(nmi_state, NMI_EXECUTING);
+        this_cpu_write(nmi_cr2, read_cr2());
+nmi_restart:
+
+#ifdef CONFIG_X86_64
         /*
          * If we interrupted a breakpoint, it is possible that
          * the nmi handler will have breakpoints too. We need to
@@ -514,22 +500,8 @@ static inline void nmi_nesting_preprocess(struct pt_regs *regs)
                 debug_stack_set_zero();
                 this_cpu_write(update_debug_stack, 1);
         }
-}
-
-static inline void nmi_nesting_postprocess(void)
-{
-        if (unlikely(this_cpu_read(update_debug_stack))) {
-                debug_stack_reset();
-                this_cpu_write(update_debug_stack, 0);
-        }
-}
 #endif
 
-dotraplinkage notrace void
-do_nmi(struct pt_regs *regs, long error_code)
-{
-        nmi_nesting_preprocess(regs);
-
         nmi_enter();
 
         inc_irq_stat(__nmi_count);
@@ -539,8 +511,17 @@ do_nmi(struct pt_regs *regs, long error_code)
 
         nmi_exit();
 
-        /* On i386, may loop back to preprocess */
-        nmi_nesting_postprocess();
+#ifdef CONFIG_X86_64
+        if (unlikely(this_cpu_read(update_debug_stack))) {
+                debug_stack_reset();
+                this_cpu_write(update_debug_stack, 0);
+        }
+#endif
+
+        if (unlikely(this_cpu_read(nmi_cr2) != read_cr2()))
+                write_cr2(this_cpu_read(nmi_cr2));
+        if (this_cpu_dec_return(nmi_state))
+                goto nmi_restart;
 }
 NOKPROBE_SYMBOL(do_nmi);
 
diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
index 9cad694ed7c4..397688beed4b 100644
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -81,7 +81,7 @@ EXPORT_SYMBOL_GPL(idle_notifier_unregister);
  */
 int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src)
 {
-        *dst = *src;
+        memcpy(dst, src, arch_task_struct_size);
 
         return fpu__copy(&dst->thread.fpu, &src->thread.fpu);
 }
diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c
index d3010aa79daf..b1f3ed9c7a9e 100644
--- a/arch/x86/kernel/smpboot.c
+++ b/arch/x86/kernel/smpboot.c
@@ -992,8 +992,17 @@ int native_cpu_up(unsigned int cpu, struct task_struct *tidle)
 
         common_cpu_up(cpu, tidle);
 
+        /*
+         * We have to walk the irq descriptors to setup the vector
+         * space for the cpu which comes online.  Prevent irq
+         * alloc/free across the bringup.
+         */
+        irq_lock_sparse();
+
         err = do_boot_cpu(apicid, cpu, tidle);
+
         if (err) {
+                irq_unlock_sparse();
                 pr_err("do_boot_cpu failed(%d) to wakeup CPU#%u\n", err, cpu);
                 return -EIO;
         }
@@ -1011,6 +1020,8 @@ int native_cpu_up(unsigned int cpu, struct task_struct *tidle)
                 touch_nmi_watchdog();
         }
 
+        irq_unlock_sparse();
+
         return 0;
 }