12 files changed, 134 insertions, 142 deletions

diff --git a/arch/powerpc/kernel/cputable.c b/arch/powerpc/kernel/cputable.c
index c60bbec25c1f..2a45d0f04385 100644
--- a/arch/powerpc/kernel/cputable.c
+++ b/arch/powerpc/kernel/cputable.c
@@ -452,7 +452,7 @@ static struct cpu_spec __initdata cpu_specs[] = {
                 .mmu_features           = MMU_FTRS_POWER8,
                 .icache_bsize           = 128,
                 .dcache_bsize           = 128,
-                .oprofile_type          = PPC_OPROFILE_POWER4,
+                .oprofile_type          = PPC_OPROFILE_INVALID,
                 .oprofile_cpu_type      = "ppc64/ibm-compat-v1",
                 .cpu_setup              = __setup_cpu_power8,
                 .cpu_restore            = __restore_cpu_power8,
@@ -482,7 +482,7 @@ static struct cpu_spec __initdata cpu_specs[] = {
                 .cpu_name               = "POWER7+ (raw)",
                 .cpu_features           = CPU_FTRS_POWER7,
                 .cpu_user_features      = COMMON_USER_POWER7,
-                .cpu_user_features      = COMMON_USER2_POWER7,
+                .cpu_user_features2     = COMMON_USER2_POWER7,
                 .mmu_features           = MMU_FTRS_POWER7,
                 .icache_bsize           = 128,
                 .dcache_bsize           = 128,
@@ -507,7 +507,7 @@ static struct cpu_spec __initdata cpu_specs[] = {
                 .num_pmcs               = 6,
                 .pmc_type               = PPC_PMC_IBM,
                 .oprofile_cpu_type      = "ppc64/power8",
-                .oprofile_type          = PPC_OPROFILE_POWER4,
+                .oprofile_type          = PPC_OPROFILE_INVALID,
                 .cpu_setup              = __setup_cpu_power8,
                 .cpu_restore            = __restore_cpu_power8,
                 .platform               = "power8",
diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S
index d22e73e4618b..22b45a4955cd 100644
--- a/arch/powerpc/kernel/entry_32.S
+++ b/arch/powerpc/kernel/entry_32.S
@@ -849,7 +849,7 @@ resume_kernel:
         /* check current_thread_info, _TIF_EMULATE_STACK_STORE */
         CURRENT_THREAD_INFO(r9, r1)
         lwz     r8,TI_FLAGS(r9)
-        andis.  r8,r8,_TIF_EMULATE_STACK_STORE@h
+        andis.  r0,r8,_TIF_EMULATE_STACK_STORE@h
         beq+    1f
 
         addi    r8,r1,INT_FRAME_SIZE    /* Get the kprobed function entry */
diff --git a/arch/powerpc/kernel/entry_64.S b/arch/powerpc/kernel/entry_64.S
index 0e9095e47b5b..8741c854e03d 100644
--- a/arch/powerpc/kernel/entry_64.S
+++ b/arch/powerpc/kernel/entry_64.S
@@ -465,20 +465,6 @@ BEGIN_FTR_SECTION
         std     r0, THREAD_EBBHR(r3)
         mfspr   r0, SPRN_EBBRR
         std     r0, THREAD_EBBRR(r3)
-
-        /* PMU registers made user read/(write) by EBB */
-        mfspr   r0, SPRN_SIAR
-        std     r0, THREAD_SIAR(r3)
-        mfspr   r0, SPRN_SDAR
-        std     r0, THREAD_SDAR(r3)
-        mfspr   r0, SPRN_SIER
-        std     r0, THREAD_SIER(r3)
-        mfspr   r0, SPRN_MMCR0
-        std     r0, THREAD_MMCR0(r3)
-        mfspr   r0, SPRN_MMCR2
-        std     r0, THREAD_MMCR2(r3)
-        mfspr   r0, SPRN_MMCRA
-        std     r0, THREAD_MMCRA(r3)
 END_FTR_SECTION_IFSET(CPU_FTR_ARCH_207S)
 #endif
 
@@ -501,6 +487,13 @@ BEGIN_FTR_SECTION
         ldarx   r6,0,r1
 END_FTR_SECTION_IFSET(CPU_FTR_STCX_CHECKS_ADDRESS)
 
+#ifdef CONFIG_PPC_BOOK3S
+/* Cancel all explict user streams as they will have no use after context
+ * switch and will stop the HW from creating streams itself
+ */
+        DCBT_STOP_ALL_STREAM_IDS(r6)
+#endif
+
         addi    r6,r4,-THREAD   /* Convert THREAD to 'current' */
         std     r6,PACACURRENT(r13)     /* Set new 'current' */
 
@@ -574,20 +567,6 @@ BEGIN_FTR_SECTION
         ld      r0, THREAD_EBBRR(r4)
         mtspr   SPRN_EBBRR, r0
 
-        /* PMU registers made user read/(write) by EBB */
-        ld      r0, THREAD_SIAR(r4)
-        mtspr   SPRN_SIAR, r0
-        ld      r0, THREAD_SDAR(r4)
-        mtspr   SPRN_SDAR, r0
-        ld      r0, THREAD_SIER(r4)
-        mtspr   SPRN_SIER, r0
-        ld      r0, THREAD_MMCR0(r4)
-        mtspr   SPRN_MMCR0, r0
-        ld      r0, THREAD_MMCR2(r4)
-        mtspr   SPRN_MMCR2, r0
-        ld      r0, THREAD_MMCRA(r4)
-        mtspr   SPRN_MMCRA, r0
-
         ld      r0,THREAD_TAR(r4)
         mtspr   SPRN_TAR,r0
 END_FTR_SECTION_IFSET(CPU_FTR_ARCH_207S)
diff --git a/arch/powerpc/kernel/exceptions-64s.S b/arch/powerpc/kernel/exceptions-64s.S
index e6eba1bf61ad..40e4a17c8ba0 100644
--- a/arch/powerpc/kernel/exceptions-64s.S
+++ b/arch/powerpc/kernel/exceptions-64s.S
@@ -454,38 +454,14 @@ BEGIN_FTR_SECTION
         xori    r10,r10,(MSR_FE0|MSR_FE1)
         mtmsrd  r10
         sync
-        fmr     0,0
-        fmr     1,1
-        fmr     2,2
-        fmr     3,3
-        fmr     4,4
-        fmr     5,5
-        fmr     6,6
-        fmr     7,7
-        fmr     8,8
-        fmr     9,9
-        fmr     10,10
-        fmr     11,11
-        fmr     12,12
-        fmr     13,13
-        fmr     14,14
-        fmr     15,15
-        fmr     16,16
-        fmr     17,17
-        fmr     18,18
-        fmr     19,19
-        fmr     20,20
-        fmr     21,21
-        fmr     22,22
-        fmr     23,23
-        fmr     24,24
-        fmr     25,25
-        fmr     26,26
-        fmr     27,27
-        fmr     28,28
-        fmr     29,29
-        fmr     30,30
-        fmr     31,31
+
+#define FMR2(n)  fmr (n), (n) ; fmr n+1, n+1
+#define FMR4(n)  FMR2(n) ; FMR2(n+2)
+#define FMR8(n)  FMR4(n) ; FMR4(n+4)
+#define FMR16(n) FMR8(n) ; FMR8(n+8)
+#define FMR32(n) FMR16(n) ; FMR16(n+16)
+        FMR32(0)
+
 FTR_SECTION_ELSE
 /*
  * To denormalise we need to move a copy of the register to itself.
@@ -495,39 +471,25 @@ FTR_SECTION_ELSE
         oris    r10,r10,MSR_VSX@h
         mtmsrd  r10
         sync
-        XVCPSGNDP(0,0,0)
-        XVCPSGNDP(1,1,1)
-        XVCPSGNDP(2,2,2)
-        XVCPSGNDP(3,3,3)
-        XVCPSGNDP(4,4,4)
-        XVCPSGNDP(5,5,5)
-        XVCPSGNDP(6,6,6)
-        XVCPSGNDP(7,7,7)
-        XVCPSGNDP(8,8,8)
-        XVCPSGNDP(9,9,9)
-        XVCPSGNDP(10,10,10)
-        XVCPSGNDP(11,11,11)
-        XVCPSGNDP(12,12,12)
-        XVCPSGNDP(13,13,13)
-        XVCPSGNDP(14,14,14)
-        XVCPSGNDP(15,15,15)
-        XVCPSGNDP(16,16,16)
-        XVCPSGNDP(17,17,17)
-        XVCPSGNDP(18,18,18)
-        XVCPSGNDP(19,19,19)
-        XVCPSGNDP(20,20,20)
-        XVCPSGNDP(21,21,21)
-        XVCPSGNDP(22,22,22)
-        XVCPSGNDP(23,23,23)
-        XVCPSGNDP(24,24,24)
-        XVCPSGNDP(25,25,25)
-        XVCPSGNDP(26,26,26)
-        XVCPSGNDP(27,27,27)
-        XVCPSGNDP(28,28,28)
-        XVCPSGNDP(29,29,29)
-        XVCPSGNDP(30,30,30)
-        XVCPSGNDP(31,31,31)
+
+#define XVCPSGNDP2(n) XVCPSGNDP(n,n,n) ; XVCPSGNDP(n+1,n+1,n+1)
+#define XVCPSGNDP4(n) XVCPSGNDP2(n) ; XVCPSGNDP2(n+2)
+#define XVCPSGNDP8(n) XVCPSGNDP4(n) ; XVCPSGNDP4(n+4)
+#define XVCPSGNDP16(n) XVCPSGNDP8(n) ; XVCPSGNDP8(n+8)
+#define XVCPSGNDP32(n) XVCPSGNDP16(n) ; XVCPSGNDP16(n+16)
+        XVCPSGNDP32(0)
+
 ALT_FTR_SECTION_END_IFCLR(CPU_FTR_ARCH_206)
+
+BEGIN_FTR_SECTION
+        b       denorm_done
+END_FTR_SECTION_IFCLR(CPU_FTR_ARCH_207S)
+/*
+ * To denormalise we need to move a copy of the register to itself.
+ * For POWER8 we need to do that for all 64 VSX registers
+ */
+        XVCPSGNDP32(32)
+denorm_done:
         mtspr   SPRN_HSRR0,r11
         mtcrf   0x80,r9
         ld      r9,PACA_EXGEN+EX_R9(r13)
@@ -721,7 +683,7 @@ machine_check_common:
         STD_EXCEPTION_COMMON(0xb00, trap_0b, .unknown_exception)
         STD_EXCEPTION_COMMON(0xd00, single_step, .single_step_exception)
         STD_EXCEPTION_COMMON(0xe00, trap_0e, .unknown_exception)
-        STD_EXCEPTION_COMMON(0xe40, emulation_assist, .program_check_exception)
+        STD_EXCEPTION_COMMON(0xe40, emulation_assist, .emulation_assist_interrupt)
         STD_EXCEPTION_COMMON(0xe60, hmi_exception, .unknown_exception)
 #ifdef CONFIG_PPC_DOORBELL
         STD_EXCEPTION_COMMON_ASYNC(0xe80, h_doorbell, .doorbell_exception)
diff --git a/arch/powerpc/kernel/irq.c b/arch/powerpc/kernel/irq.c
index 5cbcf4d5a808..ea185e0b3cae 100644
--- a/arch/powerpc/kernel/irq.c
+++ b/arch/powerpc/kernel/irq.c
@@ -162,7 +162,7 @@ notrace unsigned int __check_irq_replay(void)
          * in case we also had a rollover while hard disabled
          */
         local_paca->irq_happened &= ~PACA_IRQ_DEC;
-        if (decrementer_check_overflow())
+        if ((happened & PACA_IRQ_DEC) || decrementer_check_overflow())
                 return 0x900;
 
         /* Finally check if an external interrupt happened */
diff --git a/arch/powerpc/kernel/pci-common.c b/arch/powerpc/kernel/pci-common.c
index e9acf50dd5b2..eabeec991016 100644
--- a/arch/powerpc/kernel/pci-common.c
+++ b/arch/powerpc/kernel/pci-common.c
@@ -657,15 +657,6 @@ void pci_resource_to_user(const struct pci_dev *dev, int bar,
  *     ranges. However, some machines (thanks Apple !) tend to split their
  *     space into lots of small contiguous ranges. So we have to coalesce.
  *
- *   - We can only cope with all memory ranges having the same offset
- *     between CPU addresses and PCI addresses. Unfortunately, some bridges
- *     are setup for a large 1:1 mapping along with a small "window" which
- *     maps PCI address 0 to some arbitrary high address of the CPU space in
- *     order to give access to the ISA memory hole.
- *     The way out of here that I've chosen for now is to always set the
- *     offset based on the first resource found, then override it if we
- *     have a different offset and the previous was set by an ISA hole.
- *
  *   - Some busses have IO space not starting at 0, which causes trouble with
  *     the way we do our IO resource renumbering. The code somewhat deals with
  *     it for 64 bits but I would expect problems on 32 bits.
@@ -680,10 +671,9 @@ void pci_process_bridge_OF_ranges(struct pci_controller *hose,
         int rlen;
         int pna = of_n_addr_cells(dev);
         int np = pna + 5;
-        int memno = 0, isa_hole = -1;
+        int memno = 0;
         u32 pci_space;
         unsigned long long pci_addr, cpu_addr, pci_next, cpu_next, size;
-        unsigned long long isa_mb = 0;
         struct resource *res;
 
         printk(KERN_INFO "PCI host bridge %s %s ranges:\n",
@@ -777,8 +767,6 @@ void pci_process_bridge_OF_ranges(struct pci_controller *hose,
                         }
                         /* Handles ISA memory hole space here */
                         if (pci_addr == 0) {
-                                isa_mb = cpu_addr;
-                                isa_hole = memno;
                                 if (primary || isa_mem_base == 0)
                                         isa_mem_base = cpu_addr;
                                 hose->isa_mem_phys = cpu_addr;
@@ -839,6 +827,7 @@ static void pcibios_fixup_resources(struct pci_dev *dev)
         }
         for (i = 0; i < DEVICE_COUNT_RESOURCE; i++) {
                 struct resource *res = dev->resource + i;
+                struct pci_bus_region reg;
                 if (!res->flags)
                         continue;
 
@@ -847,8 +836,9 @@ static void pcibios_fixup_resources(struct pci_dev *dev)
                  * at 0 as unset as well, except if PCI_PROBE_ONLY is also set
                  * since in that case, we don't want to re-assign anything
                  */
+                pcibios_resource_to_bus(dev, &reg, res);
                 if (pci_has_flag(PCI_REASSIGN_ALL_RSRC) ||
-                    (res->start == 0 && !pci_has_flag(PCI_PROBE_ONLY))) {
+                    (reg.start == 0 && !pci_has_flag(PCI_PROBE_ONLY))) {
                         /* Only print message if not re-assigning */
                         if (!pci_has_flag(PCI_REASSIGN_ALL_RSRC))
                                 pr_debug("PCI:%s Resource %d %016llx-%016llx [%x] "
diff --git a/arch/powerpc/kernel/process.c b/arch/powerpc/kernel/process.c
index a902723fdc69..076d1242507a 100644
--- a/arch/powerpc/kernel/process.c
+++ b/arch/powerpc/kernel/process.c
@@ -399,7 +399,8 @@ static inline int __set_dabr(unsigned long dabr, unsigned long dabrx)
 static inline int __set_dabr(unsigned long dabr, unsigned long dabrx)
 {
         mtspr(SPRN_DABR, dabr);
-        mtspr(SPRN_DABRX, dabrx);
+        if (cpu_has_feature(CPU_FTR_DABRX))
+                mtspr(SPRN_DABRX, dabrx);
         return 0;
 }
 #else
@@ -1368,7 +1369,7 @@ void show_stack(struct task_struct *tsk, unsigned long *stack)
 
 #ifdef CONFIG_PPC64
 /* Called with hard IRQs off */
-void __ppc64_runlatch_on(void)
+void notrace __ppc64_runlatch_on(void)
 {
         struct thread_info *ti = current_thread_info();
         unsigned long ctrl;
@@ -1381,7 +1382,7 @@ void __ppc64_runlatch_on(void)
 }
 
 /* Called with hard IRQs off */
-void __ppc64_runlatch_off(void)
+void notrace __ppc64_runlatch_off(void)
 {
         struct thread_info *ti = current_thread_info();
         unsigned long ctrl;
diff --git a/arch/powerpc/kernel/signal.c b/arch/powerpc/kernel/signal.c
index 577a8aa69c6e..457e97aa2945 100644
--- a/arch/powerpc/kernel/signal.c
+++ b/arch/powerpc/kernel/signal.c
@@ -18,6 +18,7 @@
 #include <asm/uaccess.h>
 #include <asm/unistd.h>
 #include <asm/debug.h>
+#include <asm/tm.h>
 
 #include "signal.h"
 
@@ -30,13 +31,13 @@ int show_unhandled_signals = 1;
 /*
  * Allocate space for the signal frame
  */
-void __user * get_sigframe(struct k_sigaction *ka, struct pt_regs *regs,
+void __user * get_sigframe(struct k_sigaction *ka, unsigned long sp,
                            size_t frame_size, int is_32)
 {
         unsigned long oldsp, newsp;
 
         /* Default to using normal stack */
-        oldsp = get_clean_sp(regs, is_32);
+        oldsp = get_clean_sp(sp, is_32);
 
         /* Check for alt stack */
         if ((ka->sa.sa_flags & SA_ONSTACK) &&
@@ -175,3 +176,38 @@ void do_notify_resume(struct pt_regs *regs, unsigned long thread_info_flags)
 
         user_enter();
 }
+
+unsigned long get_tm_stackpointer(struct pt_regs *regs)
+{
+        /* When in an active transaction that takes a signal, we need to be
+         * careful with the stack.  It's possible that the stack has moved back
+         * up after the tbegin.  The obvious case here is when the tbegin is
+         * called inside a function that returns before a tend.  In this case,
+         * the stack is part of the checkpointed transactional memory state.
+         * If we write over this non transactionally or in suspend, we are in
+         * trouble because if we get a tm abort, the program counter and stack
+         * pointer will be back at the tbegin but our in memory stack won't be
+         * valid anymore.
+         *
+         * To avoid this, when taking a signal in an active transaction, we
+         * need to use the stack pointer from the checkpointed state, rather
+         * than the speculated state.  This ensures that the signal context
+         * (written tm suspended) will be written below the stack required for
+         * the rollback.  The transaction is aborted becuase of the treclaim,
+         * so any memory written between the tbegin and the signal will be
+         * rolled back anyway.
+         *
+         * For signals taken in non-TM or suspended mode, we use the
+         * normal/non-checkpointed stack pointer.
+         */
+
+#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
+        if (MSR_TM_ACTIVE(regs->msr)) {
+                tm_enable();
+                tm_reclaim(&current->thread, regs->msr, TM_CAUSE_SIGNAL);
+                if (MSR_TM_TRANSACTIONAL(regs->msr))
+                        return current->thread.ckpt_regs.gpr[1];
+        }
+#endif
+        return regs->gpr[1];
+}
diff --git a/arch/powerpc/kernel/signal.h b/arch/powerpc/kernel/signal.h
index ec84c901ceab..c69b9aeb9f23 100644
--- a/arch/powerpc/kernel/signal.h
+++ b/arch/powerpc/kernel/signal.h
@@ -12,7 +12,7 @@
 
 extern void do_notify_resume(struct pt_regs *regs, unsigned long thread_info_flags);
 
-extern void __user * get_sigframe(struct k_sigaction *ka, struct pt_regs *regs,
+extern void __user * get_sigframe(struct k_sigaction *ka, unsigned long sp,
                                   size_t frame_size, int is_32);
 
 extern int handle_signal32(unsigned long sig, struct k_sigaction *ka,
diff --git a/arch/powerpc/kernel/signal_32.c b/arch/powerpc/kernel/signal_32.c
index 95068bf569ad..201385c3a1ae 100644
--- a/arch/powerpc/kernel/signal_32.c
+++ b/arch/powerpc/kernel/signal_32.c
@@ -503,12 +503,6 @@ static int save_tm_user_regs(struct pt_regs *regs,
 {
         unsigned long msr = regs->msr;
 
-        /* tm_reclaim rolls back all reg states, updating thread.ckpt_regs,
-         * thread.transact_fpr[], thread.transact_vr[], etc.
-         */
-        tm_enable();
-        tm_reclaim(&current->thread, msr, TM_CAUSE_SIGNAL);
-
         /* Make sure floating point registers are stored in regs */
         flush_fp_to_thread(current);
 
@@ -965,7 +959,7 @@ int handle_rt_signal32(unsigned long sig, struct k_sigaction *ka,
 
         /* Set up Signal Frame */
         /* Put a Real Time Context onto stack */
-        rt_sf = get_sigframe(ka, regs, sizeof(*rt_sf), 1);
+        rt_sf = get_sigframe(ka, get_tm_stackpointer(regs), sizeof(*rt_sf), 1);
         addr = rt_sf;
         if (unlikely(rt_sf == NULL))
                 goto badframe;
@@ -1403,7 +1397,7 @@ int handle_signal32(unsigned long sig, struct k_sigaction *ka,
         unsigned long tramp;
 
         /* Set up Signal Frame */
-        frame = get_sigframe(ka, regs, sizeof(*frame), 1);
+        frame = get_sigframe(ka, get_tm_stackpointer(regs), sizeof(*frame), 1);
         if (unlikely(frame == NULL))
                 goto badframe;
         sc = (struct sigcontext __user *) &frame->sctx;
diff --git a/arch/powerpc/kernel/signal_64.c b/arch/powerpc/kernel/signal_64.c
index c1794286098c..345947367ec0 100644
--- a/arch/powerpc/kernel/signal_64.c
+++ b/arch/powerpc/kernel/signal_64.c
@@ -154,11 +154,12 @@ static long setup_sigcontext(struct sigcontext __user *sc, struct pt_regs *regs,
  * As above, but Transactional Memory is in use, so deliver sigcontexts
  * containing checkpointed and transactional register states.
  *
- * To do this, we treclaim to gather both sets of registers and set up the
- * 'normal' sigcontext registers with rolled-back register values such that a
- * simple signal handler sees a correct checkpointed register state.
- * If interested, a TM-aware sighandler can examine the transactional registers
- * in the 2nd sigcontext to determine the real origin of the signal.
+ * To do this, we treclaim (done before entering here) to gather both sets of
+ * registers and set up the 'normal' sigcontext registers with rolled-back
+ * register values such that a simple signal handler sees a correct
+ * checkpointed register state.  If interested, a TM-aware sighandler can
+ * examine the transactional registers in the 2nd sigcontext to determine the
+ * real origin of the signal.
  */
 static long setup_tm_sigcontexts(struct sigcontext __user *sc,
                                  struct sigcontext __user *tm_sc,
@@ -184,16 +185,6 @@ static long setup_tm_sigcontexts(struct sigcontext __user *sc,
 
         BUG_ON(!MSR_TM_ACTIVE(regs->msr));
 
-        /* tm_reclaim rolls back all reg states, saving checkpointed (older)
-         * GPRs to thread.ckpt_regs and (if used) FPRs to (newer)
-         * thread.transact_fp and/or VRs to (newer) thread.transact_vr.
-         * THEN we save out FP/VRs, if necessary, to the checkpointed (older)
-         * thread.fr[]/vr[]s.  The transactional (newer) GPRs are on the
-         * stack, in *regs.
-         */
-        tm_enable();
-        tm_reclaim(&current->thread, msr, TM_CAUSE_SIGNAL);
-
         flush_fp_to_thread(current);
 
 #ifdef CONFIG_ALTIVEC
@@ -711,7 +702,7 @@ int handle_rt_signal64(int signr, struct k_sigaction *ka, siginfo_t *info,
         unsigned long newsp = 0;
         long err = 0;
 
-        frame = get_sigframe(ka, regs, sizeof(*frame), 0);
+        frame = get_sigframe(ka, get_tm_stackpointer(regs), sizeof(*frame), 0);
         if (unlikely(frame == NULL))
                 goto badframe;
 
diff --git a/arch/powerpc/kernel/traps.c b/arch/powerpc/kernel/traps.c
index a7a648f6b750..c0e5caf8ccc7 100644
--- a/arch/powerpc/kernel/traps.c
+++ b/arch/powerpc/kernel/traps.c
@@ -53,6 +53,7 @@
 #ifdef CONFIG_PPC64
 #include <asm/firmware.h>
 #include <asm/processor.h>
+#include <asm/tm.h>
 #endif
 #include <asm/kexec.h>
 #include <asm/ppc-opcode.h>
@@ -932,6 +933,28 @@ static int emulate_isel(struct pt_regs *regs, u32 instword)
         return 0;
 }
 
+#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
+static inline bool tm_abort_check(struct pt_regs *regs, int cause)
+{
+        /* If we're emulating a load/store in an active transaction, we cannot
+         * emulate it as the kernel operates in transaction suspended context.
+         * We need to abort the transaction.  This creates a persistent TM
+         * abort so tell the user what caused it with a new code.
+         */
+        if (MSR_TM_TRANSACTIONAL(regs->msr)) {
+                tm_enable();
+                tm_abort(cause);
+                return true;
+        }
+        return false;
+}
+#else
+static inline bool tm_abort_check(struct pt_regs *regs, int reason)
+{
+        return false;
+}
+#endif
+
 static int emulate_instruction(struct pt_regs *regs)
 {
         u32 instword;
@@ -971,6 +994,9 @@ static int emulate_instruction(struct pt_regs *regs)
 
         /* Emulate load/store string insn. */
         if ((instword & PPC_INST_STRING_GEN_MASK) == PPC_INST_STRING) {
+                if (tm_abort_check(regs,
+                                   TM_CAUSE_EMULATE | TM_CAUSE_PERSISTENT))
+                        return -EINVAL;
                 PPC_WARN_EMULATED(string, regs);
                 return emulate_string_inst(regs, instword);
         }
@@ -1139,6 +1165,16 @@ bail:
         exception_exit(prev_state);
 }
 
+/*
+ * This occurs when running in hypervisor mode on POWER6 or later
+ * and an illegal instruction is encountered.
+ */
+void __kprobes emulation_assist_interrupt(struct pt_regs *regs)
+{
+        regs->msr |= REASON_ILLEGAL;
+        program_check_exception(regs);
+}
+
 void alignment_exception(struct pt_regs *regs)
 {
         enum ctx_state prev_state = exception_enter();
@@ -1148,6 +1184,9 @@ void alignment_exception(struct pt_regs *regs)
         if (!arch_irq_disabled_regs(regs))
                 local_irq_enable();
 
+        if (tm_abort_check(regs, TM_CAUSE_ALIGNMENT | TM_CAUSE_PERSISTENT))
+                goto bail;
+
         /* we don't implement logging of alignment exceptions */
         if (!(current->thread.align_ctl & PR_UNALIGN_SIGBUS))
                 fixed = fix_alignment(regs);