diff options
Diffstat (limited to 'target/linux/patches/3.18.9/realtime.patch')
-rw-r--r-- | target/linux/patches/3.18.9/realtime.patch | 38720 |
1 files changed, 38720 insertions, 0 deletions
diff --git a/target/linux/patches/3.18.9/realtime.patch b/target/linux/patches/3.18.9/realtime.patch new file mode 100644 index 000000000..3d8984076 --- /dev/null +++ b/target/linux/patches/3.18.9/realtime.patch @@ -0,0 +1,38720 @@ +diff -Nur linux-3.18.9.orig/arch/alpha/mm/fault.c linux-3.18.9/arch/alpha/mm/fault.c +--- linux-3.18.9.orig/arch/alpha/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/alpha/mm/fault.c 2015-03-15 16:03:03.672094877 -0500 +@@ -107,7 +107,7 @@ + + /* If we're in an interrupt context, or have no user context, + we must not take the fault. */ +- if (!mm || in_atomic()) ++ if (!mm || pagefault_disabled()) + goto no_context; + + #ifdef CONFIG_ALPHA_LARGE_VMALLOC +diff -Nur linux-3.18.9.orig/arch/arm/include/asm/cmpxchg.h linux-3.18.9/arch/arm/include/asm/cmpxchg.h +--- linux-3.18.9.orig/arch/arm/include/asm/cmpxchg.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/include/asm/cmpxchg.h 2015-03-15 16:03:03.672094877 -0500 +@@ -129,6 +129,8 @@ + + #else /* min ARCH >= ARMv6 */ + ++#define __HAVE_ARCH_CMPXCHG 1 ++ + extern void __bad_cmpxchg(volatile void *ptr, int size); + + /* +diff -Nur linux-3.18.9.orig/arch/arm/include/asm/futex.h linux-3.18.9/arch/arm/include/asm/futex.h +--- linux-3.18.9.orig/arch/arm/include/asm/futex.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/include/asm/futex.h 2015-03-15 16:03:03.672094877 -0500 +@@ -93,6 +93,8 @@ + if (!access_ok(VERIFY_WRITE, uaddr, sizeof(u32))) + return -EFAULT; + ++ preempt_disable_rt(); ++ + __asm__ __volatile__("@futex_atomic_cmpxchg_inatomic\n" + "1: " TUSER(ldr) " %1, [%4]\n" + " teq %1, %2\n" +@@ -104,6 +106,8 @@ + : "cc", "memory"); + + *uval = val; ++ ++ preempt_enable_rt(); + return ret; + } + +diff -Nur linux-3.18.9.orig/arch/arm/include/asm/switch_to.h linux-3.18.9/arch/arm/include/asm/switch_to.h +--- linux-3.18.9.orig/arch/arm/include/asm/switch_to.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/include/asm/switch_to.h 2015-03-15 16:03:03.672094877 -0500 +@@ -3,6 +3,13 @@ + + #include <linux/thread_info.h> + ++#if defined CONFIG_PREEMPT_RT_FULL && defined CONFIG_HIGHMEM ++void switch_kmaps(struct task_struct *prev_p, struct task_struct *next_p); ++#else ++static inline void ++switch_kmaps(struct task_struct *prev_p, struct task_struct *next_p) { } ++#endif ++ + /* + * For v7 SMP cores running a preemptible kernel we may be pre-empted + * during a TLB maintenance operation, so execute an inner-shareable dsb +@@ -22,6 +29,7 @@ + + #define switch_to(prev,next,last) \ + do { \ ++ switch_kmaps(prev, next); \ + last = __switch_to(prev,task_thread_info(prev), task_thread_info(next)); \ + } while (0) + +diff -Nur linux-3.18.9.orig/arch/arm/include/asm/thread_info.h linux-3.18.9/arch/arm/include/asm/thread_info.h +--- linux-3.18.9.orig/arch/arm/include/asm/thread_info.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/include/asm/thread_info.h 2015-03-15 16:03:03.672094877 -0500 +@@ -51,6 +51,7 @@ + struct thread_info { + unsigned long flags; /* low level flags */ + int preempt_count; /* 0 => preemptable, <0 => bug */ ++ int preempt_lazy_count; /* 0 => preemptable, <0 => bug */ + mm_segment_t addr_limit; /* address limit */ + struct task_struct *task; /* main task structure */ + struct exec_domain *exec_domain; /* execution domain */ +@@ -149,6 +150,7 @@ + #define TIF_SIGPENDING 0 + #define TIF_NEED_RESCHED 1 + #define TIF_NOTIFY_RESUME 2 /* callback before returning to user */ ++#define TIF_NEED_RESCHED_LAZY 3 + #define TIF_UPROBE 7 + #define TIF_SYSCALL_TRACE 8 + #define TIF_SYSCALL_AUDIT 9 +@@ -162,6 +164,7 @@ + #define _TIF_SIGPENDING (1 << TIF_SIGPENDING) + #define _TIF_NEED_RESCHED (1 << TIF_NEED_RESCHED) + #define _TIF_NOTIFY_RESUME (1 << TIF_NOTIFY_RESUME) ++#define _TIF_NEED_RESCHED_LAZY (1 << TIF_NEED_RESCHED_LAZY) + #define _TIF_UPROBE (1 << TIF_UPROBE) + #define _TIF_SYSCALL_TRACE (1 << TIF_SYSCALL_TRACE) + #define _TIF_SYSCALL_AUDIT (1 << TIF_SYSCALL_AUDIT) +diff -Nur linux-3.18.9.orig/arch/arm/Kconfig linux-3.18.9/arch/arm/Kconfig +--- linux-3.18.9.orig/arch/arm/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/Kconfig 2015-03-15 16:03:03.672094877 -0500 +@@ -62,6 +62,7 @@ + select HAVE_PERF_EVENTS + select HAVE_PERF_REGS + select HAVE_PERF_USER_STACK_DUMP ++ select HAVE_PREEMPT_LAZY + select HAVE_RCU_TABLE_FREE if (SMP && ARM_LPAE) + select HAVE_REGS_AND_STACK_ACCESS_API + select HAVE_SYSCALL_TRACEPOINTS +diff -Nur linux-3.18.9.orig/arch/arm/kernel/asm-offsets.c linux-3.18.9/arch/arm/kernel/asm-offsets.c +--- linux-3.18.9.orig/arch/arm/kernel/asm-offsets.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/kernel/asm-offsets.c 2015-03-15 16:03:03.672094877 -0500 +@@ -64,6 +64,7 @@ + BLANK(); + DEFINE(TI_FLAGS, offsetof(struct thread_info, flags)); + DEFINE(TI_PREEMPT, offsetof(struct thread_info, preempt_count)); ++ DEFINE(TI_PREEMPT_LAZY, offsetof(struct thread_info, preempt_lazy_count)); + DEFINE(TI_ADDR_LIMIT, offsetof(struct thread_info, addr_limit)); + DEFINE(TI_TASK, offsetof(struct thread_info, task)); + DEFINE(TI_EXEC_DOMAIN, offsetof(struct thread_info, exec_domain)); +diff -Nur linux-3.18.9.orig/arch/arm/kernel/entry-armv.S linux-3.18.9/arch/arm/kernel/entry-armv.S +--- linux-3.18.9.orig/arch/arm/kernel/entry-armv.S 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/kernel/entry-armv.S 2015-03-15 16:03:03.672094877 -0500 +@@ -207,11 +207,18 @@ + #ifdef CONFIG_PREEMPT + get_thread_info tsk + ldr r8, [tsk, #TI_PREEMPT] @ get preempt count +- ldr r0, [tsk, #TI_FLAGS] @ get flags + teq r8, #0 @ if preempt count != 0 ++ bne 1f @ return from exeption ++ ldr r0, [tsk, #TI_FLAGS] @ get flags ++ tst r0, #_TIF_NEED_RESCHED @ if NEED_RESCHED is set ++ blne svc_preempt @ preempt! ++ ++ ldr r8, [tsk, #TI_PREEMPT_LAZY] @ get preempt lazy count ++ teq r8, #0 @ if preempt lazy count != 0 + movne r0, #0 @ force flags to 0 +- tst r0, #_TIF_NEED_RESCHED ++ tst r0, #_TIF_NEED_RESCHED_LAZY + blne svc_preempt ++1: + #endif + + svc_exit r5, irq = 1 @ return from exception +@@ -226,6 +233,8 @@ + 1: bl preempt_schedule_irq @ irq en/disable is done inside + ldr r0, [tsk, #TI_FLAGS] @ get new tasks TI_FLAGS + tst r0, #_TIF_NEED_RESCHED ++ bne 1b ++ tst r0, #_TIF_NEED_RESCHED_LAZY + reteq r8 @ go again + b 1b + #endif +diff -Nur linux-3.18.9.orig/arch/arm/kernel/process.c linux-3.18.9/arch/arm/kernel/process.c +--- linux-3.18.9.orig/arch/arm/kernel/process.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/kernel/process.c 2015-03-15 16:03:03.672094877 -0500 +@@ -431,6 +431,30 @@ + } + + #ifdef CONFIG_MMU ++/* ++ * CONFIG_SPLIT_PTLOCK_CPUS results in a page->ptl lock. If the lock is not ++ * initialized by pgtable_page_ctor() then a coredump of the vector page will ++ * fail. ++ */ ++static int __init vectors_user_mapping_init_page(void) ++{ ++ struct page *page; ++ unsigned long addr = 0xffff0000; ++ pgd_t *pgd; ++ pud_t *pud; ++ pmd_t *pmd; ++ ++ pgd = pgd_offset_k(addr); ++ pud = pud_offset(pgd, addr); ++ pmd = pmd_offset(pud, addr); ++ page = pmd_page(*(pmd)); ++ ++ pgtable_page_ctor(page); ++ ++ return 0; ++} ++late_initcall(vectors_user_mapping_init_page); ++ + #ifdef CONFIG_KUSER_HELPERS + /* + * The vectors page is always readable from user space for the +diff -Nur linux-3.18.9.orig/arch/arm/kernel/signal.c linux-3.18.9/arch/arm/kernel/signal.c +--- linux-3.18.9.orig/arch/arm/kernel/signal.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/kernel/signal.c 2015-03-15 16:03:03.672094877 -0500 +@@ -574,7 +574,8 @@ + do_work_pending(struct pt_regs *regs, unsigned int thread_flags, int syscall) + { + do { +- if (likely(thread_flags & _TIF_NEED_RESCHED)) { ++ if (likely(thread_flags & (_TIF_NEED_RESCHED | ++ _TIF_NEED_RESCHED_LAZY))) { + schedule(); + } else { + if (unlikely(!user_mode(regs))) +diff -Nur linux-3.18.9.orig/arch/arm/kernel/smp.c linux-3.18.9/arch/arm/kernel/smp.c +--- linux-3.18.9.orig/arch/arm/kernel/smp.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/kernel/smp.c 2015-03-15 16:03:03.672094877 -0500 +@@ -506,12 +506,14 @@ + } + + #ifdef CONFIG_IRQ_WORK ++#ifndef CONFIG_PREEMPT_RT_FULL + void arch_irq_work_raise(void) + { + if (arch_irq_work_has_interrupt()) + smp_cross_call(cpumask_of(smp_processor_id()), IPI_IRQ_WORK); + } + #endif ++#endif + + #ifdef CONFIG_GENERIC_CLOCKEVENTS_BROADCAST + void tick_broadcast(const struct cpumask *mask) +diff -Nur linux-3.18.9.orig/arch/arm/kernel/unwind.c linux-3.18.9/arch/arm/kernel/unwind.c +--- linux-3.18.9.orig/arch/arm/kernel/unwind.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/kernel/unwind.c 2015-03-15 16:03:03.672094877 -0500 +@@ -93,7 +93,7 @@ + static const struct unwind_idx *__origin_unwind_idx; + extern const struct unwind_idx __stop_unwind_idx[]; + +-static DEFINE_SPINLOCK(unwind_lock); ++static DEFINE_RAW_SPINLOCK(unwind_lock); + static LIST_HEAD(unwind_tables); + + /* Convert a prel31 symbol to an absolute address */ +@@ -201,7 +201,7 @@ + /* module unwind tables */ + struct unwind_table *table; + +- spin_lock_irqsave(&unwind_lock, flags); ++ raw_spin_lock_irqsave(&unwind_lock, flags); + list_for_each_entry(table, &unwind_tables, list) { + if (addr >= table->begin_addr && + addr < table->end_addr) { +@@ -213,7 +213,7 @@ + break; + } + } +- spin_unlock_irqrestore(&unwind_lock, flags); ++ raw_spin_unlock_irqrestore(&unwind_lock, flags); + } + + pr_debug("%s: idx = %p\n", __func__, idx); +@@ -530,9 +530,9 @@ + tab->begin_addr = text_addr; + tab->end_addr = text_addr + text_size; + +- spin_lock_irqsave(&unwind_lock, flags); ++ raw_spin_lock_irqsave(&unwind_lock, flags); + list_add_tail(&tab->list, &unwind_tables); +- spin_unlock_irqrestore(&unwind_lock, flags); ++ raw_spin_unlock_irqrestore(&unwind_lock, flags); + + return tab; + } +@@ -544,9 +544,9 @@ + if (!tab) + return; + +- spin_lock_irqsave(&unwind_lock, flags); ++ raw_spin_lock_irqsave(&unwind_lock, flags); + list_del(&tab->list); +- spin_unlock_irqrestore(&unwind_lock, flags); ++ raw_spin_unlock_irqrestore(&unwind_lock, flags); + + kfree(tab); + } +diff -Nur linux-3.18.9.orig/arch/arm/mach-at91/at91rm9200_time.c linux-3.18.9/arch/arm/mach-at91/at91rm9200_time.c +--- linux-3.18.9.orig/arch/arm/mach-at91/at91rm9200_time.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/mach-at91/at91rm9200_time.c 2015-03-15 16:03:03.672094877 -0500 +@@ -135,6 +135,7 @@ + break; + case CLOCK_EVT_MODE_SHUTDOWN: + case CLOCK_EVT_MODE_UNUSED: ++ remove_irq(NR_IRQS_LEGACY + AT91_ID_SYS, &at91rm9200_timer_irq); + case CLOCK_EVT_MODE_RESUME: + irqmask = 0; + break; +diff -Nur linux-3.18.9.orig/arch/arm/mach-exynos/platsmp.c linux-3.18.9/arch/arm/mach-exynos/platsmp.c +--- linux-3.18.9.orig/arch/arm/mach-exynos/platsmp.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/mach-exynos/platsmp.c 2015-03-15 16:03:03.672094877 -0500 +@@ -137,7 +137,7 @@ + return (void __iomem *)(S5P_VA_SCU); + } + +-static DEFINE_SPINLOCK(boot_lock); ++static DEFINE_RAW_SPINLOCK(boot_lock); + + static void exynos_secondary_init(unsigned int cpu) + { +@@ -150,8 +150,8 @@ + /* + * Synchronise with the boot thread. + */ +- spin_lock(&boot_lock); +- spin_unlock(&boot_lock); ++ raw_spin_lock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + } + + static int exynos_boot_secondary(unsigned int cpu, struct task_struct *idle) +@@ -165,7 +165,7 @@ + * Set synchronisation state between this boot processor + * and the secondary one + */ +- spin_lock(&boot_lock); ++ raw_spin_lock(&boot_lock); + + /* + * The secondary processor is waiting to be released from +@@ -192,7 +192,7 @@ + + if (timeout == 0) { + printk(KERN_ERR "cpu1 power enable failed"); +- spin_unlock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + return -ETIMEDOUT; + } + } +@@ -242,7 +242,7 @@ + * calibrations, then wait for it to finish + */ + fail: +- spin_unlock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + + return pen_release != -1 ? ret : 0; + } +diff -Nur linux-3.18.9.orig/arch/arm/mach-hisi/platmcpm.c linux-3.18.9/arch/arm/mach-hisi/platmcpm.c +--- linux-3.18.9.orig/arch/arm/mach-hisi/platmcpm.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/mach-hisi/platmcpm.c 2015-03-15 16:03:03.672094877 -0500 +@@ -57,7 +57,7 @@ + + static void __iomem *sysctrl, *fabric; + static int hip04_cpu_table[HIP04_MAX_CLUSTERS][HIP04_MAX_CPUS_PER_CLUSTER]; +-static DEFINE_SPINLOCK(boot_lock); ++static DEFINE_RAW_SPINLOCK(boot_lock); + static u32 fabric_phys_addr; + /* + * [0]: bootwrapper physical address +@@ -104,7 +104,7 @@ + if (cluster >= HIP04_MAX_CLUSTERS || cpu >= HIP04_MAX_CPUS_PER_CLUSTER) + return -EINVAL; + +- spin_lock_irq(&boot_lock); ++ raw_spin_lock_irq(&boot_lock); + + if (hip04_cpu_table[cluster][cpu]) + goto out; +@@ -133,7 +133,7 @@ + udelay(20); + out: + hip04_cpu_table[cluster][cpu]++; +- spin_unlock_irq(&boot_lock); ++ raw_spin_unlock_irq(&boot_lock); + + return 0; + } +@@ -149,7 +149,7 @@ + + __mcpm_cpu_going_down(cpu, cluster); + +- spin_lock(&boot_lock); ++ raw_spin_lock(&boot_lock); + BUG_ON(__mcpm_cluster_state(cluster) != CLUSTER_UP); + hip04_cpu_table[cluster][cpu]--; + if (hip04_cpu_table[cluster][cpu] == 1) { +@@ -162,7 +162,7 @@ + + last_man = hip04_cluster_is_down(cluster); + if (last_man && __mcpm_outbound_enter_critical(cpu, cluster)) { +- spin_unlock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + /* Since it's Cortex A15, disable L2 prefetching. */ + asm volatile( + "mcr p15, 1, %0, c15, c0, 3 \n\t" +@@ -173,7 +173,7 @@ + hip04_set_snoop_filter(cluster, 0); + __mcpm_outbound_leave_critical(cluster, CLUSTER_DOWN); + } else { +- spin_unlock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + v7_exit_coherency_flush(louis); + } + +@@ -192,7 +192,7 @@ + cpu >= HIP04_MAX_CPUS_PER_CLUSTER); + + count = TIMEOUT_MSEC / POLL_MSEC; +- spin_lock_irq(&boot_lock); ++ raw_spin_lock_irq(&boot_lock); + for (tries = 0; tries < count; tries++) { + if (hip04_cpu_table[cluster][cpu]) { + ret = -EBUSY; +@@ -202,10 +202,10 @@ + data = readl_relaxed(sysctrl + SC_CPU_RESET_STATUS(cluster)); + if (data & CORE_WFI_STATUS(cpu)) + break; +- spin_unlock_irq(&boot_lock); ++ raw_spin_unlock_irq(&boot_lock); + /* Wait for clean L2 when the whole cluster is down. */ + msleep(POLL_MSEC); +- spin_lock_irq(&boot_lock); ++ raw_spin_lock_irq(&boot_lock); + } + if (tries >= count) + goto err; +@@ -220,10 +220,10 @@ + } + if (tries >= count) + goto err; +- spin_unlock_irq(&boot_lock); ++ raw_spin_unlock_irq(&boot_lock); + return 0; + err: +- spin_unlock_irq(&boot_lock); ++ raw_spin_unlock_irq(&boot_lock); + return ret; + } + +@@ -235,10 +235,10 @@ + cpu = MPIDR_AFFINITY_LEVEL(mpidr, 0); + cluster = MPIDR_AFFINITY_LEVEL(mpidr, 1); + +- spin_lock(&boot_lock); ++ raw_spin_lock(&boot_lock); + if (!hip04_cpu_table[cluster][cpu]) + hip04_cpu_table[cluster][cpu] = 1; +- spin_unlock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + } + + static void __naked hip04_mcpm_power_up_setup(unsigned int affinity_level) +diff -Nur linux-3.18.9.orig/arch/arm/mach-omap2/omap-smp.c linux-3.18.9/arch/arm/mach-omap2/omap-smp.c +--- linux-3.18.9.orig/arch/arm/mach-omap2/omap-smp.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/mach-omap2/omap-smp.c 2015-03-15 16:03:03.672094877 -0500 +@@ -43,7 +43,7 @@ + /* SCU base address */ + static void __iomem *scu_base; + +-static DEFINE_SPINLOCK(boot_lock); ++static DEFINE_RAW_SPINLOCK(boot_lock); + + void __iomem *omap4_get_scu_base(void) + { +@@ -74,8 +74,8 @@ + /* + * Synchronise with the boot thread. + */ +- spin_lock(&boot_lock); +- spin_unlock(&boot_lock); ++ raw_spin_lock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + } + + static int omap4_boot_secondary(unsigned int cpu, struct task_struct *idle) +@@ -89,7 +89,7 @@ + * Set synchronisation state between this boot processor + * and the secondary one + */ +- spin_lock(&boot_lock); ++ raw_spin_lock(&boot_lock); + + /* + * Update the AuxCoreBoot0 with boot state for secondary core. +@@ -166,7 +166,7 @@ + * Now the secondary core is starting up let it run its + * calibrations, then wait for it to finish + */ +- spin_unlock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + + return 0; + } +diff -Nur linux-3.18.9.orig/arch/arm/mach-prima2/platsmp.c linux-3.18.9/arch/arm/mach-prima2/platsmp.c +--- linux-3.18.9.orig/arch/arm/mach-prima2/platsmp.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/mach-prima2/platsmp.c 2015-03-15 16:03:03.676094877 -0500 +@@ -23,7 +23,7 @@ + static void __iomem *scu_base; + static void __iomem *rsc_base; + +-static DEFINE_SPINLOCK(boot_lock); ++static DEFINE_RAW_SPINLOCK(boot_lock); + + static struct map_desc scu_io_desc __initdata = { + .length = SZ_4K, +@@ -56,8 +56,8 @@ + /* + * Synchronise with the boot thread. + */ +- spin_lock(&boot_lock); +- spin_unlock(&boot_lock); ++ raw_spin_lock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + } + + static struct of_device_id rsc_ids[] = { +@@ -95,7 +95,7 @@ + /* make sure write buffer is drained */ + mb(); + +- spin_lock(&boot_lock); ++ raw_spin_lock(&boot_lock); + + /* + * The secondary processor is waiting to be released from +@@ -127,7 +127,7 @@ + * now the secondary core is starting up let it run its + * calibrations, then wait for it to finish + */ +- spin_unlock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + + return pen_release != -1 ? -ENOSYS : 0; + } +diff -Nur linux-3.18.9.orig/arch/arm/mach-qcom/platsmp.c linux-3.18.9/arch/arm/mach-qcom/platsmp.c +--- linux-3.18.9.orig/arch/arm/mach-qcom/platsmp.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/mach-qcom/platsmp.c 2015-03-15 16:03:03.676094877 -0500 +@@ -46,7 +46,7 @@ + + extern void secondary_startup(void); + +-static DEFINE_SPINLOCK(boot_lock); ++static DEFINE_RAW_SPINLOCK(boot_lock); + + #ifdef CONFIG_HOTPLUG_CPU + static void __ref qcom_cpu_die(unsigned int cpu) +@@ -60,8 +60,8 @@ + /* + * Synchronise with the boot thread. + */ +- spin_lock(&boot_lock); +- spin_unlock(&boot_lock); ++ raw_spin_lock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + } + + static int scss_release_secondary(unsigned int cpu) +@@ -284,7 +284,7 @@ + * set synchronisation state between this boot processor + * and the secondary one + */ +- spin_lock(&boot_lock); ++ raw_spin_lock(&boot_lock); + + /* + * Send the secondary CPU a soft interrupt, thereby causing +@@ -297,7 +297,7 @@ + * now the secondary core is starting up let it run its + * calibrations, then wait for it to finish + */ +- spin_unlock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + + return ret; + } +diff -Nur linux-3.18.9.orig/arch/arm/mach-spear/platsmp.c linux-3.18.9/arch/arm/mach-spear/platsmp.c +--- linux-3.18.9.orig/arch/arm/mach-spear/platsmp.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/mach-spear/platsmp.c 2015-03-15 16:03:03.676094877 -0500 +@@ -32,7 +32,7 @@ + sync_cache_w(&pen_release); + } + +-static DEFINE_SPINLOCK(boot_lock); ++static DEFINE_RAW_SPINLOCK(boot_lock); + + static void __iomem *scu_base = IOMEM(VA_SCU_BASE); + +@@ -47,8 +47,8 @@ + /* + * Synchronise with the boot thread. + */ +- spin_lock(&boot_lock); +- spin_unlock(&boot_lock); ++ raw_spin_lock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + } + + static int spear13xx_boot_secondary(unsigned int cpu, struct task_struct *idle) +@@ -59,7 +59,7 @@ + * set synchronisation state between this boot processor + * and the secondary one + */ +- spin_lock(&boot_lock); ++ raw_spin_lock(&boot_lock); + + /* + * The secondary processor is waiting to be released from +@@ -84,7 +84,7 @@ + * now the secondary core is starting up let it run its + * calibrations, then wait for it to finish + */ +- spin_unlock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + + return pen_release != -1 ? -ENOSYS : 0; + } +diff -Nur linux-3.18.9.orig/arch/arm/mach-sti/platsmp.c linux-3.18.9/arch/arm/mach-sti/platsmp.c +--- linux-3.18.9.orig/arch/arm/mach-sti/platsmp.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/mach-sti/platsmp.c 2015-03-15 16:03:03.676094877 -0500 +@@ -34,7 +34,7 @@ + sync_cache_w(&pen_release); + } + +-static DEFINE_SPINLOCK(boot_lock); ++static DEFINE_RAW_SPINLOCK(boot_lock); + + static void sti_secondary_init(unsigned int cpu) + { +@@ -49,8 +49,8 @@ + /* + * Synchronise with the boot thread. + */ +- spin_lock(&boot_lock); +- spin_unlock(&boot_lock); ++ raw_spin_lock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + } + + static int sti_boot_secondary(unsigned int cpu, struct task_struct *idle) +@@ -61,7 +61,7 @@ + * set synchronisation state between this boot processor + * and the secondary one + */ +- spin_lock(&boot_lock); ++ raw_spin_lock(&boot_lock); + + /* + * The secondary processor is waiting to be released from +@@ -92,7 +92,7 @@ + * now the secondary core is starting up let it run its + * calibrations, then wait for it to finish + */ +- spin_unlock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + + return pen_release != -1 ? -ENOSYS : 0; + } +diff -Nur linux-3.18.9.orig/arch/arm/mach-ux500/platsmp.c linux-3.18.9/arch/arm/mach-ux500/platsmp.c +--- linux-3.18.9.orig/arch/arm/mach-ux500/platsmp.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/mach-ux500/platsmp.c 2015-03-15 16:03:03.676094877 -0500 +@@ -51,7 +51,7 @@ + return NULL; + } + +-static DEFINE_SPINLOCK(boot_lock); ++static DEFINE_RAW_SPINLOCK(boot_lock); + + static void ux500_secondary_init(unsigned int cpu) + { +@@ -64,8 +64,8 @@ + /* + * Synchronise with the boot thread. + */ +- spin_lock(&boot_lock); +- spin_unlock(&boot_lock); ++ raw_spin_lock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + } + + static int ux500_boot_secondary(unsigned int cpu, struct task_struct *idle) +@@ -76,7 +76,7 @@ + * set synchronisation state between this boot processor + * and the secondary one + */ +- spin_lock(&boot_lock); ++ raw_spin_lock(&boot_lock); + + /* + * The secondary processor is waiting to be released from +@@ -97,7 +97,7 @@ + * now the secondary core is starting up let it run its + * calibrations, then wait for it to finish + */ +- spin_unlock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + + return pen_release != -1 ? -ENOSYS : 0; + } +diff -Nur linux-3.18.9.orig/arch/arm/mm/fault.c linux-3.18.9/arch/arm/mm/fault.c +--- linux-3.18.9.orig/arch/arm/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/mm/fault.c 2015-03-15 16:03:03.676094877 -0500 +@@ -277,7 +277,7 @@ + * If we're in an interrupt or have no user + * context, we must not take the fault.. + */ +- if (in_atomic() || !mm) ++ if (!mm || pagefault_disabled()) + goto no_context; + + if (user_mode(regs)) +@@ -431,6 +431,9 @@ + if (addr < TASK_SIZE) + return do_page_fault(addr, fsr, regs); + ++ if (interrupts_enabled(regs)) ++ local_irq_enable(); ++ + if (user_mode(regs)) + goto bad_area; + +@@ -498,6 +501,9 @@ + static int + do_sect_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs) + { ++ if (interrupts_enabled(regs)) ++ local_irq_enable(); ++ + do_bad_area(addr, fsr, regs); + return 0; + } +diff -Nur linux-3.18.9.orig/arch/arm/mm/highmem.c linux-3.18.9/arch/arm/mm/highmem.c +--- linux-3.18.9.orig/arch/arm/mm/highmem.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/mm/highmem.c 2015-03-15 16:03:03.676094877 -0500 +@@ -53,6 +53,7 @@ + + void *kmap_atomic(struct page *page) + { ++ pte_t pte = mk_pte(page, kmap_prot); + unsigned int idx; + unsigned long vaddr; + void *kmap; +@@ -91,7 +92,10 @@ + * in place, so the contained TLB flush ensures the TLB is updated + * with the new mapping. + */ +- set_fixmap_pte(idx, mk_pte(page, kmap_prot)); ++#ifdef CONFIG_PREEMPT_RT_FULL ++ current->kmap_pte[type] = pte; ++#endif ++ set_fixmap_pte(idx, pte); + + return (void *)vaddr; + } +@@ -108,12 +112,15 @@ + + if (cache_is_vivt()) + __cpuc_flush_dcache_area((void *)vaddr, PAGE_SIZE); ++#ifdef CONFIG_PREEMPT_RT_FULL ++ current->kmap_pte[type] = __pte(0); ++#endif + #ifdef CONFIG_DEBUG_HIGHMEM + BUG_ON(vaddr != __fix_to_virt(idx)); +- set_fixmap_pte(idx, __pte(0)); + #else + (void) idx; /* to kill a warning */ + #endif ++ set_fixmap_pte(idx, __pte(0)); + kmap_atomic_idx_pop(); + } else if (vaddr >= PKMAP_ADDR(0) && vaddr < PKMAP_ADDR(LAST_PKMAP)) { + /* this address was obtained through kmap_high_get() */ +@@ -125,6 +132,7 @@ + + void *kmap_atomic_pfn(unsigned long pfn) + { ++ pte_t pte = pfn_pte(pfn, kmap_prot); + unsigned long vaddr; + int idx, type; + struct page *page = pfn_to_page(pfn); +@@ -139,7 +147,10 @@ + #ifdef CONFIG_DEBUG_HIGHMEM + BUG_ON(!pte_none(*(fixmap_page_table + idx))); + #endif +- set_fixmap_pte(idx, pfn_pte(pfn, kmap_prot)); ++#ifdef CONFIG_PREEMPT_RT_FULL ++ current->kmap_pte[type] = pte; ++#endif ++ set_fixmap_pte(idx, pte); + + return (void *)vaddr; + } +@@ -153,3 +164,28 @@ + + return pte_page(get_fixmap_pte(vaddr)); + } ++ ++#if defined CONFIG_PREEMPT_RT_FULL ++void switch_kmaps(struct task_struct *prev_p, struct task_struct *next_p) ++{ ++ int i; ++ ++ /* ++ * Clear @prev's kmap_atomic mappings ++ */ ++ for (i = 0; i < prev_p->kmap_idx; i++) { ++ int idx = i + KM_TYPE_NR * smp_processor_id(); ++ ++ set_fixmap_pte(idx, __pte(0)); ++ } ++ /* ++ * Restore @next_p's kmap_atomic mappings ++ */ ++ for (i = 0; i < next_p->kmap_idx; i++) { ++ int idx = i + KM_TYPE_NR * smp_processor_id(); ++ ++ if (!pte_none(next_p->kmap_pte[i])) ++ set_fixmap_pte(idx, next_p->kmap_pte[i]); ++ } ++} ++#endif +diff -Nur linux-3.18.9.orig/arch/arm/plat-versatile/platsmp.c linux-3.18.9/arch/arm/plat-versatile/platsmp.c +--- linux-3.18.9.orig/arch/arm/plat-versatile/platsmp.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm/plat-versatile/platsmp.c 2015-03-15 16:03:03.676094877 -0500 +@@ -30,7 +30,7 @@ + sync_cache_w(&pen_release); + } + +-static DEFINE_SPINLOCK(boot_lock); ++static DEFINE_RAW_SPINLOCK(boot_lock); + + void versatile_secondary_init(unsigned int cpu) + { +@@ -43,8 +43,8 @@ + /* + * Synchronise with the boot thread. + */ +- spin_lock(&boot_lock); +- spin_unlock(&boot_lock); ++ raw_spin_lock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + } + + int versatile_boot_secondary(unsigned int cpu, struct task_struct *idle) +@@ -55,7 +55,7 @@ + * Set synchronisation state between this boot processor + * and the secondary one + */ +- spin_lock(&boot_lock); ++ raw_spin_lock(&boot_lock); + + /* + * This is really belt and braces; we hold unintended secondary +@@ -85,7 +85,7 @@ + * now the secondary core is starting up let it run its + * calibrations, then wait for it to finish + */ +- spin_unlock(&boot_lock); ++ raw_spin_unlock(&boot_lock); + + return pen_release != -1 ? -ENOSYS : 0; + } +diff -Nur linux-3.18.9.orig/arch/arm64/kernel/smp.c linux-3.18.9/arch/arm64/kernel/smp.c +--- linux-3.18.9.orig/arch/arm64/kernel/smp.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/arm64/kernel/smp.c 2015-03-15 16:03:03.676094877 -0500 +@@ -529,12 +529,14 @@ + } + + #ifdef CONFIG_IRQ_WORK ++#ifndef CONFIG_PREEMPT_RT_FULL + void arch_irq_work_raise(void) + { + if (__smp_cross_call) + smp_cross_call(cpumask_of(smp_processor_id()), IPI_IRQ_WORK); + } + #endif ++#endif + + static DEFINE_RAW_SPINLOCK(stop_lock); + +diff -Nur linux-3.18.9.orig/arch/avr32/mm/fault.c linux-3.18.9/arch/avr32/mm/fault.c +--- linux-3.18.9.orig/arch/avr32/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/avr32/mm/fault.c 2015-03-15 16:03:03.676094877 -0500 +@@ -81,7 +81,7 @@ + * If we're in an interrupt or have no user context, we must + * not take the fault... + */ +- if (in_atomic() || !mm || regs->sr & SYSREG_BIT(GM)) ++ if (!mm || regs->sr & SYSREG_BIT(GM) || pagefault_disabled()) + goto no_context; + + local_irq_enable(); +diff -Nur linux-3.18.9.orig/arch/cris/mm/fault.c linux-3.18.9/arch/cris/mm/fault.c +--- linux-3.18.9.orig/arch/cris/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/cris/mm/fault.c 2015-03-15 16:03:03.676094877 -0500 +@@ -113,7 +113,7 @@ + * user context, we must not take the fault. + */ + +- if (in_atomic() || !mm) ++ if (!mm || pagefault_disabled()) + goto no_context; + + if (user_mode(regs)) +diff -Nur linux-3.18.9.orig/arch/frv/mm/fault.c linux-3.18.9/arch/frv/mm/fault.c +--- linux-3.18.9.orig/arch/frv/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/frv/mm/fault.c 2015-03-15 16:03:03.676094877 -0500 +@@ -78,7 +78,7 @@ + * If we're in an interrupt or have no user + * context, we must not take the fault.. + */ +- if (in_atomic() || !mm) ++ if (!mm || pagefault_disabled()) + goto no_context; + + if (user_mode(__frame)) +diff -Nur linux-3.18.9.orig/arch/ia64/mm/fault.c linux-3.18.9/arch/ia64/mm/fault.c +--- linux-3.18.9.orig/arch/ia64/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/ia64/mm/fault.c 2015-03-15 16:03:03.676094877 -0500 +@@ -96,7 +96,7 @@ + /* + * If we're in an interrupt or have no user context, we must not take the fault.. + */ +- if (in_atomic() || !mm) ++ if (!mm || pagefault_disabled()) + goto no_context; + + #ifdef CONFIG_VIRTUAL_MEM_MAP +diff -Nur linux-3.18.9.orig/arch/Kconfig linux-3.18.9/arch/Kconfig +--- linux-3.18.9.orig/arch/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/Kconfig 2015-03-15 16:03:03.676094877 -0500 +@@ -6,6 +6,7 @@ + tristate "OProfile system profiling" + depends on PROFILING + depends on HAVE_OPROFILE ++ depends on !PREEMPT_RT_FULL + select RING_BUFFER + select RING_BUFFER_ALLOW_SWAP + help +diff -Nur linux-3.18.9.orig/arch/m32r/mm/fault.c linux-3.18.9/arch/m32r/mm/fault.c +--- linux-3.18.9.orig/arch/m32r/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/m32r/mm/fault.c 2015-03-15 16:03:03.676094877 -0500 +@@ -114,7 +114,7 @@ + * If we're in an interrupt or have no user context or are running in an + * atomic region then we must not take the fault.. + */ +- if (in_atomic() || !mm) ++ if (!mm || pagefault_disabled()) + goto bad_area_nosemaphore; + + if (error_code & ACE_USERMODE) +diff -Nur linux-3.18.9.orig/arch/m68k/mm/fault.c linux-3.18.9/arch/m68k/mm/fault.c +--- linux-3.18.9.orig/arch/m68k/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/m68k/mm/fault.c 2015-03-15 16:03:03.676094877 -0500 +@@ -81,7 +81,7 @@ + * If we're in an interrupt or have no user + * context, we must not take the fault.. + */ +- if (in_atomic() || !mm) ++ if (!mm || pagefault_disabled()) + goto no_context; + + if (user_mode(regs)) +diff -Nur linux-3.18.9.orig/arch/microblaze/mm/fault.c linux-3.18.9/arch/microblaze/mm/fault.c +--- linux-3.18.9.orig/arch/microblaze/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/microblaze/mm/fault.c 2015-03-15 16:03:03.676094877 -0500 +@@ -107,7 +107,7 @@ + if ((error_code & 0x13) == 0x13 || (error_code & 0x11) == 0x11) + is_write = 0; + +- if (unlikely(in_atomic() || !mm)) { ++ if (unlikely(!mm || pagefault_disabled())) { + if (kernel_mode(regs)) + goto bad_area_nosemaphore; + +diff -Nur linux-3.18.9.orig/arch/mips/Kconfig linux-3.18.9/arch/mips/Kconfig +--- linux-3.18.9.orig/arch/mips/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/mips/Kconfig 2015-03-15 16:03:03.676094877 -0500 +@@ -2196,7 +2196,7 @@ + # + config HIGHMEM + bool "High Memory Support" +- depends on 32BIT && CPU_SUPPORTS_HIGHMEM && SYS_SUPPORTS_HIGHMEM && !CPU_MIPS32_3_5_EVA ++ depends on 32BIT && CPU_SUPPORTS_HIGHMEM && SYS_SUPPORTS_HIGHMEM && !CPU_MIPS32_3_5_EVA && !PREEMPT_RT_FULL + + config CPU_SUPPORTS_HIGHMEM + bool +diff -Nur linux-3.18.9.orig/arch/mips/kernel/signal.c linux-3.18.9/arch/mips/kernel/signal.c +--- linux-3.18.9.orig/arch/mips/kernel/signal.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/mips/kernel/signal.c 2015-03-15 16:03:03.676094877 -0500 +@@ -613,6 +613,7 @@ + __u32 thread_info_flags) + { + local_irq_enable(); ++ preempt_check_resched(); + + user_exit(); + +diff -Nur linux-3.18.9.orig/arch/mips/mm/fault.c linux-3.18.9/arch/mips/mm/fault.c +--- linux-3.18.9.orig/arch/mips/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/mips/mm/fault.c 2015-03-15 16:03:03.676094877 -0500 +@@ -89,7 +89,7 @@ + * If we're in an interrupt or have no user + * context, we must not take the fault.. + */ +- if (in_atomic() || !mm) ++ if (!mm || pagefault_disabled()) + goto bad_area_nosemaphore; + + if (user_mode(regs)) +diff -Nur linux-3.18.9.orig/arch/mips/mm/init.c linux-3.18.9/arch/mips/mm/init.c +--- linux-3.18.9.orig/arch/mips/mm/init.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/mips/mm/init.c 2015-03-15 16:03:03.676094877 -0500 +@@ -90,7 +90,7 @@ + + BUG_ON(Page_dcache_dirty(page)); + +- pagefault_disable(); ++ raw_pagefault_disable(); + idx = (addr >> PAGE_SHIFT) & (FIX_N_COLOURS - 1); + idx += in_interrupt() ? FIX_N_COLOURS : 0; + vaddr = __fix_to_virt(FIX_CMAP_END - idx); +@@ -146,7 +146,7 @@ + tlbw_use_hazard(); + write_c0_entryhi(old_ctx); + local_irq_restore(flags); +- pagefault_enable(); ++ raw_pagefault_enable(); + } + + void copy_user_highpage(struct page *to, struct page *from, +diff -Nur linux-3.18.9.orig/arch/mn10300/mm/fault.c linux-3.18.9/arch/mn10300/mm/fault.c +--- linux-3.18.9.orig/arch/mn10300/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/mn10300/mm/fault.c 2015-03-15 16:03:03.676094877 -0500 +@@ -168,7 +168,7 @@ + * If we're in an interrupt or have no user + * context, we must not take the fault.. + */ +- if (in_atomic() || !mm) ++ if (!mm || pagefault_disabled()) + goto no_context; + + if ((fault_code & MMUFCR_xFC_ACCESS) == MMUFCR_xFC_ACCESS_USR) +diff -Nur linux-3.18.9.orig/arch/parisc/mm/fault.c linux-3.18.9/arch/parisc/mm/fault.c +--- linux-3.18.9.orig/arch/parisc/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/parisc/mm/fault.c 2015-03-15 16:03:03.676094877 -0500 +@@ -207,7 +207,7 @@ + int fault; + unsigned int flags; + +- if (in_atomic()) ++ if (pagefault_disabled()) + goto no_context; + + tsk = current; +diff -Nur linux-3.18.9.orig/arch/powerpc/include/asm/thread_info.h linux-3.18.9/arch/powerpc/include/asm/thread_info.h +--- linux-3.18.9.orig/arch/powerpc/include/asm/thread_info.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/powerpc/include/asm/thread_info.h 2015-03-15 16:03:03.676094877 -0500 +@@ -43,6 +43,8 @@ + int cpu; /* cpu we're on */ + int preempt_count; /* 0 => preemptable, + <0 => BUG */ ++ int preempt_lazy_count; /* 0 => preemptable, ++ <0 => BUG */ + struct restart_block restart_block; + unsigned long local_flags; /* private flags for thread */ + +@@ -88,8 +90,7 @@ + #define TIF_SYSCALL_TRACE 0 /* syscall trace active */ + #define TIF_SIGPENDING 1 /* signal pending */ + #define TIF_NEED_RESCHED 2 /* rescheduling necessary */ +-#define TIF_POLLING_NRFLAG 3 /* true if poll_idle() is polling +- TIF_NEED_RESCHED */ ++#define TIF_NEED_RESCHED_LAZY 3 /* lazy rescheduling necessary */ + #define TIF_32BIT 4 /* 32 bit binary */ + #define TIF_RESTORE_TM 5 /* need to restore TM FP/VEC/VSX */ + #define TIF_SYSCALL_AUDIT 7 /* syscall auditing active */ +@@ -107,6 +108,8 @@ + #if defined(CONFIG_PPC64) + #define TIF_ELF2ABI 18 /* function descriptors must die! */ + #endif ++#define TIF_POLLING_NRFLAG 19 /* true if poll_idle() is polling ++ TIF_NEED_RESCHED */ + + /* as above, but as bit values */ + #define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE) +@@ -125,14 +128,16 @@ + #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT) + #define _TIF_EMULATE_STACK_STORE (1<<TIF_EMULATE_STACK_STORE) + #define _TIF_NOHZ (1<<TIF_NOHZ) ++#define _TIF_NEED_RESCHED_LAZY (1<<TIF_NEED_RESCHED_LAZY) + #define _TIF_SYSCALL_T_OR_A (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | \ + _TIF_SECCOMP | _TIF_SYSCALL_TRACEPOINT | \ + _TIF_NOHZ) + + #define _TIF_USER_WORK_MASK (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \ + _TIF_NOTIFY_RESUME | _TIF_UPROBE | \ +- _TIF_RESTORE_TM) ++ _TIF_RESTORE_TM | _TIF_NEED_RESCHED_LAZY) + #define _TIF_PERSYSCALL_MASK (_TIF_RESTOREALL|_TIF_NOERROR) ++#define _TIF_NEED_RESCHED_MASK (_TIF_NEED_RESCHED | _TIF_NEED_RESCHED_LAZY) + + /* Bits in local_flags */ + /* Don't move TLF_NAPPING without adjusting the code in entry_32.S */ +diff -Nur linux-3.18.9.orig/arch/powerpc/Kconfig linux-3.18.9/arch/powerpc/Kconfig +--- linux-3.18.9.orig/arch/powerpc/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/powerpc/Kconfig 2015-03-15 16:03:03.680094877 -0500 +@@ -60,10 +60,11 @@ + + config RWSEM_GENERIC_SPINLOCK + bool ++ default y if PREEMPT_RT_FULL + + config RWSEM_XCHGADD_ALGORITHM + bool +- default y ++ default y if !PREEMPT_RT_FULL + + config GENERIC_LOCKBREAK + bool +@@ -136,6 +137,7 @@ + select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST + select GENERIC_STRNCPY_FROM_USER + select GENERIC_STRNLEN_USER ++ select HAVE_PREEMPT_LAZY + select HAVE_MOD_ARCH_SPECIFIC + select MODULES_USE_ELF_RELA + select CLONE_BACKWARDS +@@ -303,7 +305,7 @@ + + config HIGHMEM + bool "High memory support" +- depends on PPC32 ++ depends on PPC32 && !PREEMPT_RT_FULL + + source kernel/Kconfig.hz + source kernel/Kconfig.preempt +diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/asm-offsets.c linux-3.18.9/arch/powerpc/kernel/asm-offsets.c +--- linux-3.18.9.orig/arch/powerpc/kernel/asm-offsets.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/powerpc/kernel/asm-offsets.c 2015-03-15 16:03:03.680094877 -0500 +@@ -159,6 +159,7 @@ + DEFINE(TI_FLAGS, offsetof(struct thread_info, flags)); + DEFINE(TI_LOCAL_FLAGS, offsetof(struct thread_info, local_flags)); + DEFINE(TI_PREEMPT, offsetof(struct thread_info, preempt_count)); ++ DEFINE(TI_PREEMPT_LAZY, offsetof(struct thread_info, preempt_lazy_count)); + DEFINE(TI_TASK, offsetof(struct thread_info, task)); + DEFINE(TI_CPU, offsetof(struct thread_info, cpu)); + +diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/entry_32.S linux-3.18.9/arch/powerpc/kernel/entry_32.S +--- linux-3.18.9.orig/arch/powerpc/kernel/entry_32.S 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/powerpc/kernel/entry_32.S 2015-03-15 16:03:03.680094877 -0500 +@@ -890,7 +890,14 @@ + cmpwi 0,r0,0 /* if non-zero, just restore regs and return */ + bne restore + andi. r8,r8,_TIF_NEED_RESCHED ++ bne+ 1f ++ lwz r0,TI_PREEMPT_LAZY(r9) ++ cmpwi 0,r0,0 /* if non-zero, just restore regs and return */ ++ bne restore ++ lwz r0,TI_FLAGS(r9) ++ andi. r0,r0,_TIF_NEED_RESCHED_LAZY + beq+ restore ++1: + lwz r3,_MSR(r1) + andi. r0,r3,MSR_EE /* interrupts off? */ + beq restore /* don't schedule if so */ +@@ -901,11 +908,11 @@ + */ + bl trace_hardirqs_off + #endif +-1: bl preempt_schedule_irq ++2: bl preempt_schedule_irq + CURRENT_THREAD_INFO(r9, r1) + lwz r3,TI_FLAGS(r9) +- andi. r0,r3,_TIF_NEED_RESCHED +- bne- 1b ++ andi. r0,r3,_TIF_NEED_RESCHED_MASK ++ bne- 2b + #ifdef CONFIG_TRACE_IRQFLAGS + /* And now, to properly rebalance the above, we tell lockdep they + * are being turned back on, which will happen when we return +@@ -1226,7 +1233,7 @@ + #endif /* !(CONFIG_4xx || CONFIG_BOOKE) */ + + do_work: /* r10 contains MSR_KERNEL here */ +- andi. r0,r9,_TIF_NEED_RESCHED ++ andi. r0,r9,_TIF_NEED_RESCHED_MASK + beq do_user_signal + + do_resched: /* r10 contains MSR_KERNEL here */ +@@ -1247,7 +1254,7 @@ + MTMSRD(r10) /* disable interrupts */ + CURRENT_THREAD_INFO(r9, r1) + lwz r9,TI_FLAGS(r9) +- andi. r0,r9,_TIF_NEED_RESCHED ++ andi. r0,r9,_TIF_NEED_RESCHED_MASK + bne- do_resched + andi. r0,r9,_TIF_USER_WORK_MASK + beq restore_user +diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/entry_64.S linux-3.18.9/arch/powerpc/kernel/entry_64.S +--- linux-3.18.9.orig/arch/powerpc/kernel/entry_64.S 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/powerpc/kernel/entry_64.S 2015-03-15 16:03:03.680094877 -0500 +@@ -644,7 +644,7 @@ + #else + beq restore + #endif +-1: andi. r0,r4,_TIF_NEED_RESCHED ++1: andi. r0,r4,_TIF_NEED_RESCHED_MASK + beq 2f + bl restore_interrupts + SCHEDULE_USER +@@ -706,10 +706,18 @@ + + #ifdef CONFIG_PREEMPT + /* Check if we need to preempt */ ++ lwz r8,TI_PREEMPT(r9) ++ cmpwi 0,r8,0 /* if non-zero, just restore regs and return */ ++ bne restore + andi. r0,r4,_TIF_NEED_RESCHED ++ bne+ check_count ++ ++ andi. r0,r4,_TIF_NEED_RESCHED_LAZY + beq+ restore ++ lwz r8,TI_PREEMPT_LAZY(r9) ++ + /* Check that preempt_count() == 0 and interrupts are enabled */ +- lwz r8,TI_PREEMPT(r9) ++check_count: + cmpwi cr1,r8,0 + ld r0,SOFTE(r1) + cmpdi r0,0 +@@ -726,7 +734,7 @@ + /* Re-test flags and eventually loop */ + CURRENT_THREAD_INFO(r9, r1) + ld r4,TI_FLAGS(r9) +- andi. r0,r4,_TIF_NEED_RESCHED ++ andi. r0,r4,_TIF_NEED_RESCHED_MASK + bne 1b + + /* +diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/irq.c linux-3.18.9/arch/powerpc/kernel/irq.c +--- linux-3.18.9.orig/arch/powerpc/kernel/irq.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/powerpc/kernel/irq.c 2015-03-15 16:03:03.680094877 -0500 +@@ -615,6 +615,7 @@ + } + } + ++#ifndef CONFIG_PREEMPT_RT_FULL + void do_softirq_own_stack(void) + { + struct thread_info *curtp, *irqtp; +@@ -632,6 +633,7 @@ + if (irqtp->flags) + set_bits(irqtp->flags, &curtp->flags); + } ++#endif + + irq_hw_number_t virq_to_hw(unsigned int virq) + { +diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/misc_32.S linux-3.18.9/arch/powerpc/kernel/misc_32.S +--- linux-3.18.9.orig/arch/powerpc/kernel/misc_32.S 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/powerpc/kernel/misc_32.S 2015-03-15 16:03:03.680094877 -0500 +@@ -40,6 +40,7 @@ + * We store the saved ksp_limit in the unused part + * of the STACK_FRAME_OVERHEAD + */ ++#ifndef CONFIG_PREEMPT_RT_FULL + _GLOBAL(call_do_softirq) + mflr r0 + stw r0,4(r1) +@@ -56,6 +57,7 @@ + stw r10,THREAD+KSP_LIMIT(r2) + mtlr r0 + blr ++#endif + + /* + * void call_do_irq(struct pt_regs *regs, struct thread_info *irqtp); +diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/misc_64.S linux-3.18.9/arch/powerpc/kernel/misc_64.S +--- linux-3.18.9.orig/arch/powerpc/kernel/misc_64.S 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/powerpc/kernel/misc_64.S 2015-03-15 16:03:03.680094877 -0500 +@@ -29,6 +29,7 @@ + + .text + ++#ifndef CONFIG_PREEMPT_RT_FULL + _GLOBAL(call_do_softirq) + mflr r0 + std r0,16(r1) +@@ -39,6 +40,7 @@ + ld r0,16(r1) + mtlr r0 + blr ++#endif + + _GLOBAL(call_do_irq) + mflr r0 +diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/time.c linux-3.18.9/arch/powerpc/kernel/time.c +--- linux-3.18.9.orig/arch/powerpc/kernel/time.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/powerpc/kernel/time.c 2015-03-15 16:03:03.680094877 -0500 +@@ -424,7 +424,7 @@ + EXPORT_SYMBOL(profile_pc); + #endif + +-#ifdef CONFIG_IRQ_WORK ++#if defined(CONFIG_IRQ_WORK) && !defined(CONFIG_PREEMPT_RT_FULL) + + /* + * 64-bit uses a byte in the PACA, 32-bit uses a per-cpu variable... +diff -Nur linux-3.18.9.orig/arch/powerpc/mm/fault.c linux-3.18.9/arch/powerpc/mm/fault.c +--- linux-3.18.9.orig/arch/powerpc/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/powerpc/mm/fault.c 2015-03-15 16:03:03.680094877 -0500 +@@ -273,7 +273,7 @@ + if (!arch_irq_disabled_regs(regs)) + local_irq_enable(); + +- if (in_atomic() || mm == NULL) { ++ if (in_atomic() || mm == NULL || pagefault_disabled()) { + if (!user_mode(regs)) { + rc = SIGSEGV; + goto bail; +diff -Nur linux-3.18.9.orig/arch/s390/mm/fault.c linux-3.18.9/arch/s390/mm/fault.c +--- linux-3.18.9.orig/arch/s390/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/s390/mm/fault.c 2015-03-15 16:03:03.680094877 -0500 +@@ -435,7 +435,8 @@ + * user context. + */ + fault = VM_FAULT_BADCONTEXT; +- if (unlikely(!user_space_fault(regs) || in_atomic() || !mm)) ++ if (unlikely(!user_space_fault(regs) || !mm || ++ tsk->pagefault_disabled)) + goto out; + + address = trans_exc_code & __FAIL_ADDR_MASK; +diff -Nur linux-3.18.9.orig/arch/score/mm/fault.c linux-3.18.9/arch/score/mm/fault.c +--- linux-3.18.9.orig/arch/score/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/score/mm/fault.c 2015-03-15 16:03:03.680094877 -0500 +@@ -73,7 +73,7 @@ + * If we're in an interrupt or have no user + * context, we must not take the fault.. + */ +- if (in_atomic() || !mm) ++ if (!mm || pagefault_disabled()) + goto bad_area_nosemaphore; + + if (user_mode(regs)) +diff -Nur linux-3.18.9.orig/arch/sh/kernel/irq.c linux-3.18.9/arch/sh/kernel/irq.c +--- linux-3.18.9.orig/arch/sh/kernel/irq.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/sh/kernel/irq.c 2015-03-15 16:03:03.680094877 -0500 +@@ -149,6 +149,7 @@ + hardirq_ctx[cpu] = NULL; + } + ++#ifndef CONFIG_PREEMPT_RT_FULL + void do_softirq_own_stack(void) + { + struct thread_info *curctx; +@@ -176,6 +177,7 @@ + "r5", "r6", "r7", "r8", "r9", "r15", "t", "pr" + ); + } ++#endif + #else + static inline void handle_one_irq(unsigned int irq) + { +diff -Nur linux-3.18.9.orig/arch/sh/mm/fault.c linux-3.18.9/arch/sh/mm/fault.c +--- linux-3.18.9.orig/arch/sh/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/sh/mm/fault.c 2015-03-15 16:03:03.680094877 -0500 +@@ -440,7 +440,7 @@ + * If we're in an interrupt, have no user context or are running + * in an atomic region then we must not take the fault: + */ +- if (unlikely(in_atomic() || !mm)) { ++ if (unlikely(!mm || pagefault_disabled())) { + bad_area_nosemaphore(regs, error_code, address); + return; + } +diff -Nur linux-3.18.9.orig/arch/sparc/Kconfig linux-3.18.9/arch/sparc/Kconfig +--- linux-3.18.9.orig/arch/sparc/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/sparc/Kconfig 2015-03-15 16:03:03.680094877 -0500 +@@ -182,12 +182,10 @@ + source kernel/Kconfig.hz + + config RWSEM_GENERIC_SPINLOCK +- bool +- default y if SPARC32 ++ def_bool PREEMPT_RT_FULL + + config RWSEM_XCHGADD_ALGORITHM +- bool +- default y if SPARC64 ++ def_bool !RWSEM_GENERIC_SPINLOCK && !PREEMPT_RT_FULL + + config GENERIC_HWEIGHT + bool +@@ -528,6 +526,10 @@ + + source "fs/Kconfig.binfmt" + ++config EARLY_PRINTK ++ bool ++ default y ++ + config COMPAT + bool + depends on SPARC64 +diff -Nur linux-3.18.9.orig/arch/sparc/kernel/irq_64.c linux-3.18.9/arch/sparc/kernel/irq_64.c +--- linux-3.18.9.orig/arch/sparc/kernel/irq_64.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/sparc/kernel/irq_64.c 2015-03-15 16:03:03.680094877 -0500 +@@ -849,6 +849,7 @@ + set_irq_regs(old_regs); + } + ++#ifndef CONFIG_PREEMPT_RT_FULL + void do_softirq_own_stack(void) + { + void *orig_sp, *sp = softirq_stack[smp_processor_id()]; +@@ -863,6 +864,7 @@ + __asm__ __volatile__("mov %0, %%sp" + : : "r" (orig_sp)); + } ++#endif + + #ifdef CONFIG_HOTPLUG_CPU + void fixup_irqs(void) +diff -Nur linux-3.18.9.orig/arch/sparc/kernel/pcr.c linux-3.18.9/arch/sparc/kernel/pcr.c +--- linux-3.18.9.orig/arch/sparc/kernel/pcr.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/sparc/kernel/pcr.c 2015-03-15 16:03:03.684094876 -0500 +@@ -43,10 +43,12 @@ + set_irq_regs(old_regs); + } + ++#ifndef CONFIG_PREEMPT_RT_FULL + void arch_irq_work_raise(void) + { + set_softint(1 << PIL_DEFERRED_PCR_WORK); + } ++#endif + + const struct pcr_ops *pcr_ops; + EXPORT_SYMBOL_GPL(pcr_ops); +diff -Nur linux-3.18.9.orig/arch/sparc/kernel/setup_32.c linux-3.18.9/arch/sparc/kernel/setup_32.c +--- linux-3.18.9.orig/arch/sparc/kernel/setup_32.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/sparc/kernel/setup_32.c 2015-03-15 16:03:03.684094876 -0500 +@@ -309,6 +309,7 @@ + + boot_flags_init(*cmdline_p); + ++ early_console = &prom_early_console; + register_console(&prom_early_console); + + printk("ARCH: "); +diff -Nur linux-3.18.9.orig/arch/sparc/kernel/setup_64.c linux-3.18.9/arch/sparc/kernel/setup_64.c +--- linux-3.18.9.orig/arch/sparc/kernel/setup_64.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/sparc/kernel/setup_64.c 2015-03-15 16:03:03.684094876 -0500 +@@ -563,6 +563,12 @@ + pause_patch(); + } + ++static inline void register_prom_console(void) ++{ ++ early_console = &prom_early_console; ++ register_console(&prom_early_console); ++} ++ + void __init setup_arch(char **cmdline_p) + { + /* Initialize PROM console and command line. */ +@@ -574,7 +580,7 @@ + #ifdef CONFIG_EARLYFB + if (btext_find_display()) + #endif +- register_console(&prom_early_console); ++ register_prom_console(); + + if (tlb_type == hypervisor) + printk("ARCH: SUN4V\n"); +diff -Nur linux-3.18.9.orig/arch/sparc/mm/fault_32.c linux-3.18.9/arch/sparc/mm/fault_32.c +--- linux-3.18.9.orig/arch/sparc/mm/fault_32.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/sparc/mm/fault_32.c 2015-03-15 16:03:03.684094876 -0500 +@@ -196,7 +196,7 @@ + * If we're in an interrupt or have no user + * context, we must not take the fault.. + */ +- if (in_atomic() || !mm) ++ if (!mm || pagefault_disabled()) + goto no_context; + + perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address); +diff -Nur linux-3.18.9.orig/arch/sparc/mm/fault_64.c linux-3.18.9/arch/sparc/mm/fault_64.c +--- linux-3.18.9.orig/arch/sparc/mm/fault_64.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/sparc/mm/fault_64.c 2015-03-15 16:03:03.684094876 -0500 +@@ -330,7 +330,7 @@ + * If we're in an interrupt or have no user + * context, we must not take the fault.. + */ +- if (in_atomic() || !mm) ++ if (!mm || pagefault_disabled()) + goto intr_or_no_mm; + + perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address); +diff -Nur linux-3.18.9.orig/arch/tile/mm/fault.c linux-3.18.9/arch/tile/mm/fault.c +--- linux-3.18.9.orig/arch/tile/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/tile/mm/fault.c 2015-03-15 16:03:03.684094876 -0500 +@@ -357,7 +357,7 @@ + * If we're in an interrupt, have no user context or are running in an + * atomic region then we must not take the fault. + */ +- if (in_atomic() || !mm) { ++ if (!mm || pagefault_disabled()) { + vma = NULL; /* happy compiler */ + goto bad_area_nosemaphore; + } +diff -Nur linux-3.18.9.orig/arch/um/kernel/trap.c linux-3.18.9/arch/um/kernel/trap.c +--- linux-3.18.9.orig/arch/um/kernel/trap.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/um/kernel/trap.c 2015-03-15 16:03:03.684094876 -0500 +@@ -38,7 +38,7 @@ + * If the fault was during atomic operation, don't take the fault, just + * fail. + */ +- if (in_atomic()) ++ if (pagefault_disabled()) + goto out_nosemaphore; + + if (is_user) +diff -Nur linux-3.18.9.orig/arch/x86/crypto/aesni-intel_glue.c linux-3.18.9/arch/x86/crypto/aesni-intel_glue.c +--- linux-3.18.9.orig/arch/x86/crypto/aesni-intel_glue.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/crypto/aesni-intel_glue.c 2015-03-15 16:03:03.684094876 -0500 +@@ -381,14 +381,14 @@ + err = blkcipher_walk_virt(desc, &walk); + desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; + +- kernel_fpu_begin(); + while ((nbytes = walk.nbytes)) { ++ kernel_fpu_begin(); + aesni_ecb_enc(ctx, walk.dst.virt.addr, walk.src.virt.addr, +- nbytes & AES_BLOCK_MASK); ++ nbytes & AES_BLOCK_MASK); ++ kernel_fpu_end(); + nbytes &= AES_BLOCK_SIZE - 1; + err = blkcipher_walk_done(desc, &walk, nbytes); + } +- kernel_fpu_end(); + + return err; + } +@@ -405,14 +405,14 @@ + err = blkcipher_walk_virt(desc, &walk); + desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; + +- kernel_fpu_begin(); + while ((nbytes = walk.nbytes)) { ++ kernel_fpu_begin(); + aesni_ecb_dec(ctx, walk.dst.virt.addr, walk.src.virt.addr, + nbytes & AES_BLOCK_MASK); ++ kernel_fpu_end(); + nbytes &= AES_BLOCK_SIZE - 1; + err = blkcipher_walk_done(desc, &walk, nbytes); + } +- kernel_fpu_end(); + + return err; + } +@@ -429,14 +429,14 @@ + err = blkcipher_walk_virt(desc, &walk); + desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; + +- kernel_fpu_begin(); + while ((nbytes = walk.nbytes)) { ++ kernel_fpu_begin(); + aesni_cbc_enc(ctx, walk.dst.virt.addr, walk.src.virt.addr, + nbytes & AES_BLOCK_MASK, walk.iv); ++ kernel_fpu_end(); + nbytes &= AES_BLOCK_SIZE - 1; + err = blkcipher_walk_done(desc, &walk, nbytes); + } +- kernel_fpu_end(); + + return err; + } +@@ -453,14 +453,14 @@ + err = blkcipher_walk_virt(desc, &walk); + desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; + +- kernel_fpu_begin(); + while ((nbytes = walk.nbytes)) { ++ kernel_fpu_begin(); + aesni_cbc_dec(ctx, walk.dst.virt.addr, walk.src.virt.addr, + nbytes & AES_BLOCK_MASK, walk.iv); ++ kernel_fpu_end(); + nbytes &= AES_BLOCK_SIZE - 1; + err = blkcipher_walk_done(desc, &walk, nbytes); + } +- kernel_fpu_end(); + + return err; + } +@@ -512,18 +512,20 @@ + err = blkcipher_walk_virt_block(desc, &walk, AES_BLOCK_SIZE); + desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; + +- kernel_fpu_begin(); + while ((nbytes = walk.nbytes) >= AES_BLOCK_SIZE) { ++ kernel_fpu_begin(); + aesni_ctr_enc_tfm(ctx, walk.dst.virt.addr, walk.src.virt.addr, + nbytes & AES_BLOCK_MASK, walk.iv); ++ kernel_fpu_end(); + nbytes &= AES_BLOCK_SIZE - 1; + err = blkcipher_walk_done(desc, &walk, nbytes); + } + if (walk.nbytes) { ++ kernel_fpu_begin(); + ctr_crypt_final(ctx, &walk); ++ kernel_fpu_end(); + err = blkcipher_walk_done(desc, &walk, 0); + } +- kernel_fpu_end(); + + return err; + } +diff -Nur linux-3.18.9.orig/arch/x86/crypto/cast5_avx_glue.c linux-3.18.9/arch/x86/crypto/cast5_avx_glue.c +--- linux-3.18.9.orig/arch/x86/crypto/cast5_avx_glue.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/crypto/cast5_avx_glue.c 2015-03-15 16:03:03.684094876 -0500 +@@ -60,7 +60,7 @@ + static int ecb_crypt(struct blkcipher_desc *desc, struct blkcipher_walk *walk, + bool enc) + { +- bool fpu_enabled = false; ++ bool fpu_enabled; + struct cast5_ctx *ctx = crypto_blkcipher_ctx(desc->tfm); + const unsigned int bsize = CAST5_BLOCK_SIZE; + unsigned int nbytes; +@@ -76,7 +76,7 @@ + u8 *wsrc = walk->src.virt.addr; + u8 *wdst = walk->dst.virt.addr; + +- fpu_enabled = cast5_fpu_begin(fpu_enabled, nbytes); ++ fpu_enabled = cast5_fpu_begin(false, nbytes); + + /* Process multi-block batch */ + if (nbytes >= bsize * CAST5_PARALLEL_BLOCKS) { +@@ -104,10 +104,9 @@ + } while (nbytes >= bsize); + + done: ++ cast5_fpu_end(fpu_enabled); + err = blkcipher_walk_done(desc, walk, nbytes); + } +- +- cast5_fpu_end(fpu_enabled); + return err; + } + +@@ -228,7 +227,7 @@ + static int cbc_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst, + struct scatterlist *src, unsigned int nbytes) + { +- bool fpu_enabled = false; ++ bool fpu_enabled; + struct blkcipher_walk walk; + int err; + +@@ -237,12 +236,11 @@ + desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; + + while ((nbytes = walk.nbytes)) { +- fpu_enabled = cast5_fpu_begin(fpu_enabled, nbytes); ++ fpu_enabled = cast5_fpu_begin(false, nbytes); + nbytes = __cbc_decrypt(desc, &walk); ++ cast5_fpu_end(fpu_enabled); + err = blkcipher_walk_done(desc, &walk, nbytes); + } +- +- cast5_fpu_end(fpu_enabled); + return err; + } + +@@ -312,7 +310,7 @@ + static int ctr_crypt(struct blkcipher_desc *desc, struct scatterlist *dst, + struct scatterlist *src, unsigned int nbytes) + { +- bool fpu_enabled = false; ++ bool fpu_enabled; + struct blkcipher_walk walk; + int err; + +@@ -321,13 +319,12 @@ + desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; + + while ((nbytes = walk.nbytes) >= CAST5_BLOCK_SIZE) { +- fpu_enabled = cast5_fpu_begin(fpu_enabled, nbytes); ++ fpu_enabled = cast5_fpu_begin(false, nbytes); + nbytes = __ctr_crypt(desc, &walk); ++ cast5_fpu_end(fpu_enabled); + err = blkcipher_walk_done(desc, &walk, nbytes); + } + +- cast5_fpu_end(fpu_enabled); +- + if (walk.nbytes) { + ctr_crypt_final(desc, &walk); + err = blkcipher_walk_done(desc, &walk, 0); +diff -Nur linux-3.18.9.orig/arch/x86/crypto/glue_helper.c linux-3.18.9/arch/x86/crypto/glue_helper.c +--- linux-3.18.9.orig/arch/x86/crypto/glue_helper.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/crypto/glue_helper.c 2015-03-15 16:03:03.684094876 -0500 +@@ -39,7 +39,7 @@ + void *ctx = crypto_blkcipher_ctx(desc->tfm); + const unsigned int bsize = 128 / 8; + unsigned int nbytes, i, func_bytes; +- bool fpu_enabled = false; ++ bool fpu_enabled; + int err; + + err = blkcipher_walk_virt(desc, walk); +@@ -49,7 +49,7 @@ + u8 *wdst = walk->dst.virt.addr; + + fpu_enabled = glue_fpu_begin(bsize, gctx->fpu_blocks_limit, +- desc, fpu_enabled, nbytes); ++ desc, false, nbytes); + + for (i = 0; i < gctx->num_funcs; i++) { + func_bytes = bsize * gctx->funcs[i].num_blocks; +@@ -71,10 +71,10 @@ + } + + done: ++ glue_fpu_end(fpu_enabled); + err = blkcipher_walk_done(desc, walk, nbytes); + } + +- glue_fpu_end(fpu_enabled); + return err; + } + +@@ -194,7 +194,7 @@ + struct scatterlist *src, unsigned int nbytes) + { + const unsigned int bsize = 128 / 8; +- bool fpu_enabled = false; ++ bool fpu_enabled; + struct blkcipher_walk walk; + int err; + +@@ -203,12 +203,12 @@ + + while ((nbytes = walk.nbytes)) { + fpu_enabled = glue_fpu_begin(bsize, gctx->fpu_blocks_limit, +- desc, fpu_enabled, nbytes); ++ desc, false, nbytes); + nbytes = __glue_cbc_decrypt_128bit(gctx, desc, &walk); ++ glue_fpu_end(fpu_enabled); + err = blkcipher_walk_done(desc, &walk, nbytes); + } + +- glue_fpu_end(fpu_enabled); + return err; + } + EXPORT_SYMBOL_GPL(glue_cbc_decrypt_128bit); +@@ -278,7 +278,7 @@ + struct scatterlist *src, unsigned int nbytes) + { + const unsigned int bsize = 128 / 8; +- bool fpu_enabled = false; ++ bool fpu_enabled; + struct blkcipher_walk walk; + int err; + +@@ -287,13 +287,12 @@ + + while ((nbytes = walk.nbytes) >= bsize) { + fpu_enabled = glue_fpu_begin(bsize, gctx->fpu_blocks_limit, +- desc, fpu_enabled, nbytes); ++ desc, false, nbytes); + nbytes = __glue_ctr_crypt_128bit(gctx, desc, &walk); ++ glue_fpu_end(fpu_enabled); + err = blkcipher_walk_done(desc, &walk, nbytes); + } + +- glue_fpu_end(fpu_enabled); +- + if (walk.nbytes) { + glue_ctr_crypt_final_128bit( + gctx->funcs[gctx->num_funcs - 1].fn_u.ctr, desc, &walk); +@@ -348,7 +347,7 @@ + void *tweak_ctx, void *crypt_ctx) + { + const unsigned int bsize = 128 / 8; +- bool fpu_enabled = false; ++ bool fpu_enabled; + struct blkcipher_walk walk; + int err; + +@@ -361,21 +360,21 @@ + + /* set minimum length to bsize, for tweak_fn */ + fpu_enabled = glue_fpu_begin(bsize, gctx->fpu_blocks_limit, +- desc, fpu_enabled, ++ desc, false, + nbytes < bsize ? bsize : nbytes); +- + /* calculate first value of T */ + tweak_fn(tweak_ctx, walk.iv, walk.iv); ++ glue_fpu_end(fpu_enabled); + + while (nbytes) { ++ fpu_enabled = glue_fpu_begin(bsize, gctx->fpu_blocks_limit, ++ desc, false, nbytes); + nbytes = __glue_xts_crypt_128bit(gctx, crypt_ctx, desc, &walk); + ++ glue_fpu_end(fpu_enabled); + err = blkcipher_walk_done(desc, &walk, nbytes); + nbytes = walk.nbytes; + } +- +- glue_fpu_end(fpu_enabled); +- + return err; + } + EXPORT_SYMBOL_GPL(glue_xts_crypt_128bit); +diff -Nur linux-3.18.9.orig/arch/x86/include/asm/preempt.h linux-3.18.9/arch/x86/include/asm/preempt.h +--- linux-3.18.9.orig/arch/x86/include/asm/preempt.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/include/asm/preempt.h 2015-03-15 16:03:03.684094876 -0500 +@@ -85,17 +85,33 @@ + * a decrement which hits zero means we have no preempt_count and should + * reschedule. + */ +-static __always_inline bool __preempt_count_dec_and_test(void) ++static __always_inline bool ____preempt_count_dec_and_test(void) + { + GEN_UNARY_RMWcc("decl", __preempt_count, __percpu_arg(0), "e"); + } + ++static __always_inline bool __preempt_count_dec_and_test(void) ++{ ++ if (____preempt_count_dec_and_test()) ++ return true; ++#ifdef CONFIG_PREEMPT_LAZY ++ return test_thread_flag(TIF_NEED_RESCHED_LAZY); ++#else ++ return false; ++#endif ++} ++ + /* + * Returns true when we need to resched and can (barring IRQ state). + */ + static __always_inline bool should_resched(void) + { ++#ifdef CONFIG_PREEMPT_LAZY ++ return unlikely(!raw_cpu_read_4(__preempt_count) || \ ++ test_thread_flag(TIF_NEED_RESCHED_LAZY)); ++#else + return unlikely(!raw_cpu_read_4(__preempt_count)); ++#endif + } + + #ifdef CONFIG_PREEMPT +diff -Nur linux-3.18.9.orig/arch/x86/include/asm/signal.h linux-3.18.9/arch/x86/include/asm/signal.h +--- linux-3.18.9.orig/arch/x86/include/asm/signal.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/include/asm/signal.h 2015-03-15 16:03:03.684094876 -0500 +@@ -23,6 +23,19 @@ + unsigned long sig[_NSIG_WORDS]; + } sigset_t; + ++/* ++ * Because some traps use the IST stack, we must keep preemption ++ * disabled while calling do_trap(), but do_trap() may call ++ * force_sig_info() which will grab the signal spin_locks for the ++ * task, which in PREEMPT_RT_FULL are mutexes. By defining ++ * ARCH_RT_DELAYS_SIGNAL_SEND the force_sig_info() will set ++ * TIF_NOTIFY_RESUME and set up the signal to be sent on exit of the ++ * trap. ++ */ ++#if defined(CONFIG_PREEMPT_RT_FULL) && defined(CONFIG_X86_64) ++#define ARCH_RT_DELAYS_SIGNAL_SEND ++#endif ++ + #ifndef CONFIG_COMPAT + typedef sigset_t compat_sigset_t; + #endif +diff -Nur linux-3.18.9.orig/arch/x86/include/asm/stackprotector.h linux-3.18.9/arch/x86/include/asm/stackprotector.h +--- linux-3.18.9.orig/arch/x86/include/asm/stackprotector.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/include/asm/stackprotector.h 2015-03-15 16:03:03.684094876 -0500 +@@ -57,7 +57,7 @@ + */ + static __always_inline void boot_init_stack_canary(void) + { +- u64 canary; ++ u64 uninitialized_var(canary); + u64 tsc; + + #ifdef CONFIG_X86_64 +@@ -68,8 +68,16 @@ + * of randomness. The TSC only matters for very early init, + * there it already has some randomness on most systems. Later + * on during the bootup the random pool has true entropy too. ++ * ++ * For preempt-rt we need to weaken the randomness a bit, as ++ * we can't call into the random generator from atomic context ++ * due to locking constraints. We just leave canary ++ * uninitialized and use the TSC based randomness on top of ++ * it. + */ ++#ifndef CONFIG_PREEMPT_RT_FULL + get_random_bytes(&canary, sizeof(canary)); ++#endif + tsc = __native_read_tsc(); + canary += tsc + (tsc << 32UL); + +diff -Nur linux-3.18.9.orig/arch/x86/include/asm/thread_info.h linux-3.18.9/arch/x86/include/asm/thread_info.h +--- linux-3.18.9.orig/arch/x86/include/asm/thread_info.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/include/asm/thread_info.h 2015-03-15 16:03:03.684094876 -0500 +@@ -30,6 +30,8 @@ + __u32 status; /* thread synchronous flags */ + __u32 cpu; /* current CPU */ + int saved_preempt_count; ++ int preempt_lazy_count; /* 0 => lazy preemptable ++ <0 => BUG */ + mm_segment_t addr_limit; + struct restart_block restart_block; + void __user *sysenter_return; +@@ -75,6 +77,7 @@ + #define TIF_SYSCALL_EMU 6 /* syscall emulation active */ + #define TIF_SYSCALL_AUDIT 7 /* syscall auditing active */ + #define TIF_SECCOMP 8 /* secure computing */ ++#define TIF_NEED_RESCHED_LAZY 9 /* lazy rescheduling necessary */ + #define TIF_MCE_NOTIFY 10 /* notify userspace of an MCE */ + #define TIF_USER_RETURN_NOTIFY 11 /* notify kernel of userspace return */ + #define TIF_UPROBE 12 /* breakpointed or singlestepping */ +@@ -100,6 +103,7 @@ + #define _TIF_SYSCALL_EMU (1 << TIF_SYSCALL_EMU) + #define _TIF_SYSCALL_AUDIT (1 << TIF_SYSCALL_AUDIT) + #define _TIF_SECCOMP (1 << TIF_SECCOMP) ++#define _TIF_NEED_RESCHED_LAZY (1 << TIF_NEED_RESCHED_LAZY) + #define _TIF_MCE_NOTIFY (1 << TIF_MCE_NOTIFY) + #define _TIF_USER_RETURN_NOTIFY (1 << TIF_USER_RETURN_NOTIFY) + #define _TIF_UPROBE (1 << TIF_UPROBE) +@@ -150,6 +154,8 @@ + #define _TIF_WORK_CTXSW_PREV (_TIF_WORK_CTXSW|_TIF_USER_RETURN_NOTIFY) + #define _TIF_WORK_CTXSW_NEXT (_TIF_WORK_CTXSW) + ++#define _TIF_NEED_RESCHED_MASK (_TIF_NEED_RESCHED | _TIF_NEED_RESCHED_LAZY) ++ + #define STACK_WARN (THREAD_SIZE/8) + #define KERNEL_STACK_OFFSET (5*(BITS_PER_LONG/8)) + +diff -Nur linux-3.18.9.orig/arch/x86/include/asm/uv/uv_bau.h linux-3.18.9/arch/x86/include/asm/uv/uv_bau.h +--- linux-3.18.9.orig/arch/x86/include/asm/uv/uv_bau.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/include/asm/uv/uv_bau.h 2015-03-15 16:03:03.684094876 -0500 +@@ -615,9 +615,9 @@ + cycles_t send_message; + cycles_t period_end; + cycles_t period_time; +- spinlock_t uvhub_lock; +- spinlock_t queue_lock; +- spinlock_t disable_lock; ++ raw_spinlock_t uvhub_lock; ++ raw_spinlock_t queue_lock; ++ raw_spinlock_t disable_lock; + /* tunables */ + int max_concurr; + int max_concurr_const; +@@ -776,15 +776,15 @@ + * to be lowered below the current 'v'. atomic_add_unless can only stop + * on equal. + */ +-static inline int atomic_inc_unless_ge(spinlock_t *lock, atomic_t *v, int u) ++static inline int atomic_inc_unless_ge(raw_spinlock_t *lock, atomic_t *v, int u) + { +- spin_lock(lock); ++ raw_spin_lock(lock); + if (atomic_read(v) >= u) { +- spin_unlock(lock); ++ raw_spin_unlock(lock); + return 0; + } + atomic_inc(v); +- spin_unlock(lock); ++ raw_spin_unlock(lock); + return 1; + } + +diff -Nur linux-3.18.9.orig/arch/x86/include/asm/uv/uv_hub.h linux-3.18.9/arch/x86/include/asm/uv/uv_hub.h +--- linux-3.18.9.orig/arch/x86/include/asm/uv/uv_hub.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/include/asm/uv/uv_hub.h 2015-03-15 16:03:03.684094876 -0500 +@@ -492,7 +492,7 @@ + unsigned short nr_online_cpus; + unsigned short pnode; + short memory_nid; +- spinlock_t nmi_lock; /* obsolete, see uv_hub_nmi */ ++ raw_spinlock_t nmi_lock; /* obsolete, see uv_hub_nmi */ + unsigned long nmi_count; /* obsolete, see uv_hub_nmi */ + }; + extern struct uv_blade_info *uv_blade_info; +diff -Nur linux-3.18.9.orig/arch/x86/Kconfig linux-3.18.9/arch/x86/Kconfig +--- linux-3.18.9.orig/arch/x86/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/Kconfig 2015-03-15 16:03:03.684094876 -0500 +@@ -21,6 +21,7 @@ + ### Arch settings + config X86 + def_bool y ++ select HAVE_PREEMPT_LAZY if X86_32 + select ARCH_MIGHT_HAVE_ACPI_PDC if ACPI + select ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS + select ARCH_HAS_FAST_MULTIPLIER +@@ -197,8 +198,11 @@ + def_bool y + depends on ISA_DMA_API + ++config RWSEM_GENERIC_SPINLOCK ++ def_bool PREEMPT_RT_FULL ++ + config RWSEM_XCHGADD_ALGORITHM +- def_bool y ++ def_bool !RWSEM_GENERIC_SPINLOCK && !PREEMPT_RT_FULL + + config GENERIC_CALIBRATE_DELAY + def_bool y +@@ -811,7 +815,7 @@ + config MAXSMP + bool "Enable Maximum number of SMP Processors and NUMA Nodes" + depends on X86_64 && SMP && DEBUG_KERNEL +- select CPUMASK_OFFSTACK ++ select CPUMASK_OFFSTACK if !PREEMPT_RT_FULL + ---help--- + Enable maximum number of CPUS and NUMA Nodes for this architecture. + If unsure, say N. +diff -Nur linux-3.18.9.orig/arch/x86/kernel/apic/io_apic.c linux-3.18.9/arch/x86/kernel/apic/io_apic.c +--- linux-3.18.9.orig/arch/x86/kernel/apic/io_apic.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/kernel/apic/io_apic.c 2015-03-15 16:03:03.688094875 -0500 +@@ -2494,7 +2494,8 @@ + static inline bool ioapic_irqd_mask(struct irq_data *data, struct irq_cfg *cfg) + { + /* If we are moving the irq we need to mask it */ +- if (unlikely(irqd_is_setaffinity_pending(data))) { ++ if (unlikely(irqd_is_setaffinity_pending(data) && ++ !irqd_irq_inprogress(data))) { + mask_ioapic(cfg); + return true; + } +diff -Nur linux-3.18.9.orig/arch/x86/kernel/apic/x2apic_uv_x.c linux-3.18.9/arch/x86/kernel/apic/x2apic_uv_x.c +--- linux-3.18.9.orig/arch/x86/kernel/apic/x2apic_uv_x.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/kernel/apic/x2apic_uv_x.c 2015-03-15 16:03:03.688094875 -0500 +@@ -918,7 +918,7 @@ + uv_blade_info[blade].pnode = pnode; + uv_blade_info[blade].nr_possible_cpus = 0; + uv_blade_info[blade].nr_online_cpus = 0; +- spin_lock_init(&uv_blade_info[blade].nmi_lock); ++ raw_spin_lock_init(&uv_blade_info[blade].nmi_lock); + min_pnode = min(pnode, min_pnode); + max_pnode = max(pnode, max_pnode); + blade++; +diff -Nur linux-3.18.9.orig/arch/x86/kernel/asm-offsets.c linux-3.18.9/arch/x86/kernel/asm-offsets.c +--- linux-3.18.9.orig/arch/x86/kernel/asm-offsets.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/kernel/asm-offsets.c 2015-03-15 16:03:03.688094875 -0500 +@@ -32,6 +32,7 @@ + OFFSET(TI_flags, thread_info, flags); + OFFSET(TI_status, thread_info, status); + OFFSET(TI_addr_limit, thread_info, addr_limit); ++ OFFSET(TI_preempt_lazy_count, thread_info, preempt_lazy_count); + + BLANK(); + OFFSET(crypto_tfm_ctx_offset, crypto_tfm, __crt_ctx); +@@ -71,4 +72,5 @@ + + BLANK(); + DEFINE(PTREGS_SIZE, sizeof(struct pt_regs)); ++ DEFINE(_PREEMPT_ENABLED, PREEMPT_ENABLED); + } +diff -Nur linux-3.18.9.orig/arch/x86/kernel/cpu/mcheck/mce.c linux-3.18.9/arch/x86/kernel/cpu/mcheck/mce.c +--- linux-3.18.9.orig/arch/x86/kernel/cpu/mcheck/mce.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/kernel/cpu/mcheck/mce.c 2015-03-15 16:03:03.688094875 -0500 +@@ -18,6 +18,7 @@ + #include <linux/rcupdate.h> + #include <linux/kobject.h> + #include <linux/uaccess.h> ++#include <linux/kthread.h> + #include <linux/kdebug.h> + #include <linux/kernel.h> + #include <linux/percpu.h> +@@ -41,6 +42,7 @@ + #include <linux/debugfs.h> + #include <linux/irq_work.h> + #include <linux/export.h> ++#include <linux/jiffies.h> + + #include <asm/processor.h> + #include <asm/mce.h> +@@ -1266,7 +1268,7 @@ + static unsigned long check_interval = 5 * 60; /* 5 minutes */ + + static DEFINE_PER_CPU(unsigned long, mce_next_interval); /* in jiffies */ +-static DEFINE_PER_CPU(struct timer_list, mce_timer); ++static DEFINE_PER_CPU(struct hrtimer, mce_timer); + + static unsigned long mce_adjust_timer_default(unsigned long interval) + { +@@ -1283,14 +1285,11 @@ + return test_and_clear_bit(0, v); + } + +-static void mce_timer_fn(unsigned long data) ++static enum hrtimer_restart mce_timer_fn(struct hrtimer *timer) + { +- struct timer_list *t = this_cpu_ptr(&mce_timer); + unsigned long iv; + int notify; + +- WARN_ON(smp_processor_id() != data); +- + if (mce_available(this_cpu_ptr(&cpu_info))) { + machine_check_poll(MCP_TIMESTAMP, + this_cpu_ptr(&mce_poll_banks)); +@@ -1313,9 +1312,11 @@ + __this_cpu_write(mce_next_interval, iv); + /* Might have become 0 after CMCI storm subsided */ + if (iv) { +- t->expires = jiffies + iv; +- add_timer_on(t, smp_processor_id()); ++ hrtimer_forward_now(timer, ns_to_ktime( ++ jiffies_to_usecs(iv) * 1000ULL)); ++ return HRTIMER_RESTART; + } ++ return HRTIMER_NORESTART; + } + + /* +@@ -1323,28 +1324,37 @@ + */ + void mce_timer_kick(unsigned long interval) + { +- struct timer_list *t = this_cpu_ptr(&mce_timer); +- unsigned long when = jiffies + interval; ++ struct hrtimer *t = this_cpu_ptr(&mce_timer); + unsigned long iv = __this_cpu_read(mce_next_interval); + +- if (timer_pending(t)) { +- if (time_before(when, t->expires)) +- mod_timer_pinned(t, when); ++ if (hrtimer_active(t)) { ++ s64 exp; ++ s64 intv_us; ++ ++ intv_us = jiffies_to_usecs(interval); ++ exp = ktime_to_us(hrtimer_expires_remaining(t)); ++ if (intv_us < exp) { ++ hrtimer_cancel(t); ++ hrtimer_start_range_ns(t, ++ ns_to_ktime(intv_us * 1000), ++ 0, HRTIMER_MODE_REL_PINNED); ++ } + } else { +- t->expires = round_jiffies(when); +- add_timer_on(t, smp_processor_id()); ++ hrtimer_start_range_ns(t, ++ ns_to_ktime(jiffies_to_usecs(interval) * 1000ULL), ++ 0, HRTIMER_MODE_REL_PINNED); + } + if (interval < iv) + __this_cpu_write(mce_next_interval, interval); + } + +-/* Must not be called in IRQ context where del_timer_sync() can deadlock */ ++/* Must not be called in IRQ context where hrtimer_cancel() can deadlock */ + static void mce_timer_delete_all(void) + { + int cpu; + + for_each_online_cpu(cpu) +- del_timer_sync(&per_cpu(mce_timer, cpu)); ++ hrtimer_cancel(&per_cpu(mce_timer, cpu)); + } + + static void mce_do_trigger(struct work_struct *work) +@@ -1354,6 +1364,68 @@ + + static DECLARE_WORK(mce_trigger_work, mce_do_trigger); + ++static void __mce_notify_work(void) ++{ ++ /* Not more than two messages every minute */ ++ static DEFINE_RATELIMIT_STATE(ratelimit, 60*HZ, 2); ++ ++ /* wake processes polling /dev/mcelog */ ++ wake_up_interruptible(&mce_chrdev_wait); ++ ++ /* ++ * There is no risk of missing notifications because ++ * work_pending is always cleared before the function is ++ * executed. ++ */ ++ if (mce_helper[0] && !work_pending(&mce_trigger_work)) ++ schedule_work(&mce_trigger_work); ++ ++ if (__ratelimit(&ratelimit)) ++ pr_info(HW_ERR "Machine check events logged\n"); ++} ++ ++#ifdef CONFIG_PREEMPT_RT_FULL ++struct task_struct *mce_notify_helper; ++ ++static int mce_notify_helper_thread(void *unused) ++{ ++ while (1) { ++ set_current_state(TASK_INTERRUPTIBLE); ++ schedule(); ++ if (kthread_should_stop()) ++ break; ++ __mce_notify_work(); ++ } ++ return 0; ++} ++ ++static int mce_notify_work_init(void) ++{ ++ mce_notify_helper = kthread_run(mce_notify_helper_thread, NULL, ++ "mce-notify"); ++ if (!mce_notify_helper) ++ return -ENOMEM; ++ ++ return 0; ++} ++ ++static void mce_notify_work(void) ++{ ++ if (WARN_ON_ONCE(!mce_notify_helper)) { ++ pr_info(HW_ERR "Machine check event before MCE init; ignored\n"); ++ return; ++ } ++ ++ wake_up_process(mce_notify_helper); ++} ++#else ++static void mce_notify_work(void) ++{ ++ __mce_notify_work(); ++} ++static inline int mce_notify_work_init(void) { return 0; } ++#endif ++ + /* + * Notify the user(s) about new machine check events. + * Can be called from interrupt context, but not from machine check/NMI +@@ -1361,19 +1433,8 @@ + */ + int mce_notify_irq(void) + { +- /* Not more than two messages every minute */ +- static DEFINE_RATELIMIT_STATE(ratelimit, 60*HZ, 2); +- + if (test_and_clear_bit(0, &mce_need_notify)) { +- /* wake processes polling /dev/mcelog */ +- wake_up_interruptible(&mce_chrdev_wait); +- +- if (mce_helper[0]) +- schedule_work(&mce_trigger_work); +- +- if (__ratelimit(&ratelimit)) +- pr_info(HW_ERR "Machine check events logged\n"); +- ++ mce_notify_work(); + return 1; + } + return 0; +@@ -1644,7 +1705,7 @@ + } + } + +-static void mce_start_timer(unsigned int cpu, struct timer_list *t) ++static void mce_start_timer(unsigned int cpu, struct hrtimer *t) + { + unsigned long iv = check_interval * HZ; + +@@ -1653,16 +1714,17 @@ + + per_cpu(mce_next_interval, cpu) = iv; + +- t->expires = round_jiffies(jiffies + iv); +- add_timer_on(t, cpu); ++ hrtimer_start_range_ns(t, ns_to_ktime(jiffies_to_usecs(iv) * 1000ULL), ++ 0, HRTIMER_MODE_REL_PINNED); + } + + static void __mcheck_cpu_init_timer(void) + { +- struct timer_list *t = this_cpu_ptr(&mce_timer); ++ struct hrtimer *t = this_cpu_ptr(&mce_timer); + unsigned int cpu = smp_processor_id(); + +- setup_timer(t, mce_timer_fn, cpu); ++ hrtimer_init(t, CLOCK_MONOTONIC, HRTIMER_MODE_REL); ++ t->function = mce_timer_fn; + mce_start_timer(cpu, t); + } + +@@ -2339,6 +2401,8 @@ + if (!mce_available(raw_cpu_ptr(&cpu_info))) + return; + ++ hrtimer_cancel(this_cpu_ptr(&mce_timer)); ++ + if (!(action & CPU_TASKS_FROZEN)) + cmci_clear(); + for (i = 0; i < mca_cfg.banks; i++) { +@@ -2365,6 +2429,7 @@ + if (b->init) + wrmsrl(MSR_IA32_MCx_CTL(i), b->ctl); + } ++ __mcheck_cpu_init_timer(); + } + + /* Get notified when a cpu comes on/off. Be hotplug friendly. */ +@@ -2372,7 +2437,6 @@ + mce_cpu_callback(struct notifier_block *nfb, unsigned long action, void *hcpu) + { + unsigned int cpu = (unsigned long)hcpu; +- struct timer_list *t = &per_cpu(mce_timer, cpu); + + switch (action & ~CPU_TASKS_FROZEN) { + case CPU_ONLINE: +@@ -2392,11 +2456,9 @@ + break; + case CPU_DOWN_PREPARE: + smp_call_function_single(cpu, mce_disable_cpu, &action, 1); +- del_timer_sync(t); + break; + case CPU_DOWN_FAILED: + smp_call_function_single(cpu, mce_reenable_cpu, &action, 1); +- mce_start_timer(cpu, t); + break; + } + +@@ -2471,8 +2533,15 @@ + if (err) + goto err_register; + ++ err = mce_notify_work_init(); ++ if (err) ++ goto err_notify; ++ + return 0; + ++err_notify: ++ misc_deregister(&mce_chrdev_device); ++ + err_register: + unregister_syscore_ops(&mce_syscore_ops); + +diff -Nur linux-3.18.9.orig/arch/x86/kernel/entry_32.S linux-3.18.9/arch/x86/kernel/entry_32.S +--- linux-3.18.9.orig/arch/x86/kernel/entry_32.S 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/kernel/entry_32.S 2015-03-15 16:03:03.688094875 -0500 +@@ -359,8 +359,24 @@ + ENTRY(resume_kernel) + DISABLE_INTERRUPTS(CLBR_ANY) + need_resched: ++ # preempt count == 0 + NEED_RS set? + cmpl $0,PER_CPU_VAR(__preempt_count) ++#ifndef CONFIG_PREEMPT_LAZY + jnz restore_all ++#else ++ jz test_int_off ++ ++ # atleast preempt count == 0 ? ++ cmpl $_PREEMPT_ENABLED,PER_CPU_VAR(__preempt_count) ++ jne restore_all ++ ++ cmpl $0,TI_preempt_lazy_count(%ebp) # non-zero preempt_lazy_count ? ++ jnz restore_all ++ ++ testl $_TIF_NEED_RESCHED_LAZY, TI_flags(%ebp) ++ jz restore_all ++test_int_off: ++#endif + testl $X86_EFLAGS_IF,PT_EFLAGS(%esp) # interrupts off (exception path) ? + jz restore_all + call preempt_schedule_irq +@@ -591,7 +607,7 @@ + ALIGN + RING0_PTREGS_FRAME # can't unwind into user space anyway + work_pending: +- testb $_TIF_NEED_RESCHED, %cl ++ testl $_TIF_NEED_RESCHED_MASK, %ecx + jz work_notifysig + work_resched: + call schedule +@@ -604,7 +620,7 @@ + andl $_TIF_WORK_MASK, %ecx # is there any work to be done other + # than syscall tracing? + jz restore_all +- testb $_TIF_NEED_RESCHED, %cl ++ testl $_TIF_NEED_RESCHED_MASK, %ecx + jnz work_resched + + work_notifysig: # deal with pending signals and +diff -Nur linux-3.18.9.orig/arch/x86/kernel/entry_64.S linux-3.18.9/arch/x86/kernel/entry_64.S +--- linux-3.18.9.orig/arch/x86/kernel/entry_64.S 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/kernel/entry_64.S 2015-03-15 16:03:03.688094875 -0500 +@@ -451,8 +451,8 @@ + /* Handle reschedules */ + /* edx: work, edi: workmask */ + sysret_careful: +- bt $TIF_NEED_RESCHED,%edx +- jnc sysret_signal ++ testl $_TIF_NEED_RESCHED_MASK,%edx ++ jz sysret_signal + TRACE_IRQS_ON + ENABLE_INTERRUPTS(CLBR_NONE) + pushq_cfi %rdi +@@ -551,8 +551,8 @@ + /* First do a reschedule test. */ + /* edx: work, edi: workmask */ + int_careful: +- bt $TIF_NEED_RESCHED,%edx +- jnc int_very_careful ++ testl $_TIF_NEED_RESCHED_MASK,%edx ++ jz int_very_careful + TRACE_IRQS_ON + ENABLE_INTERRUPTS(CLBR_NONE) + pushq_cfi %rdi +@@ -867,8 +867,8 @@ + /* edi: workmask, edx: work */ + retint_careful: + CFI_RESTORE_STATE +- bt $TIF_NEED_RESCHED,%edx +- jnc retint_signal ++ testl $_TIF_NEED_RESCHED_MASK,%edx ++ jz retint_signal + TRACE_IRQS_ON + ENABLE_INTERRUPTS(CLBR_NONE) + pushq_cfi %rdi +@@ -900,7 +900,22 @@ + /* rcx: threadinfo. interrupts off. */ + ENTRY(retint_kernel) + cmpl $0,PER_CPU_VAR(__preempt_count) ++#ifndef CONFIG_PREEMPT_LAZY + jnz retint_restore_args ++#else ++ jz check_int_off ++ ++ # atleast preempt count == 0 ? ++ cmpl $_PREEMPT_ENABLED,PER_CPU_VAR(__preempt_count) ++ jnz retint_restore_args ++ ++ cmpl $0, TI_preempt_lazy_count(%rcx) ++ jnz retint_restore_args ++ ++ bt $TIF_NEED_RESCHED_LAZY,TI_flags(%rcx) ++ jnc retint_restore_args ++check_int_off: ++#endif + bt $9,EFLAGS-ARGOFFSET(%rsp) /* interrupts off? */ + jnc retint_restore_args + call preempt_schedule_irq +@@ -1116,6 +1131,7 @@ + jmp 2b + .previous + ++#ifndef CONFIG_PREEMPT_RT_FULL + /* Call softirq on interrupt stack. Interrupts are off. */ + ENTRY(do_softirq_own_stack) + CFI_STARTPROC +@@ -1135,6 +1151,7 @@ + ret + CFI_ENDPROC + END(do_softirq_own_stack) ++#endif + + #ifdef CONFIG_XEN + idtentry xen_hypervisor_callback xen_do_hypervisor_callback has_error_code=0 +@@ -1299,7 +1316,7 @@ + movq %rsp,%rdi /* &pt_regs */ + call sync_regs + movq %rax,%rsp /* switch stack for scheduling */ +- testl $_TIF_NEED_RESCHED,%ebx ++ testl $_TIF_NEED_RESCHED_MASK,%ebx + jnz paranoid_schedule + movl %ebx,%edx /* arg3: thread flags */ + TRACE_IRQS_ON +diff -Nur linux-3.18.9.orig/arch/x86/kernel/irq_32.c linux-3.18.9/arch/x86/kernel/irq_32.c +--- linux-3.18.9.orig/arch/x86/kernel/irq_32.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/kernel/irq_32.c 2015-03-15 16:03:03.688094875 -0500 +@@ -142,6 +142,7 @@ + cpu, per_cpu(hardirq_stack, cpu), per_cpu(softirq_stack, cpu)); + } + ++#ifndef CONFIG_PREEMPT_RT_FULL + void do_softirq_own_stack(void) + { + struct thread_info *curstk; +@@ -160,6 +161,7 @@ + + call_on_stack(__do_softirq, isp); + } ++#endif + + bool handle_irq(unsigned irq, struct pt_regs *regs) + { +diff -Nur linux-3.18.9.orig/arch/x86/kernel/irq_work.c linux-3.18.9/arch/x86/kernel/irq_work.c +--- linux-3.18.9.orig/arch/x86/kernel/irq_work.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/kernel/irq_work.c 2015-03-15 16:03:03.688094875 -0500 +@@ -38,6 +38,7 @@ + exiting_irq(); + } + ++#ifndef CONFIG_PREEMPT_RT_FULL + void arch_irq_work_raise(void) + { + #ifdef CONFIG_X86_LOCAL_APIC +@@ -48,3 +49,4 @@ + apic_wait_icr_idle(); + #endif + } ++#endif +diff -Nur linux-3.18.9.orig/arch/x86/kernel/process_32.c linux-3.18.9/arch/x86/kernel/process_32.c +--- linux-3.18.9.orig/arch/x86/kernel/process_32.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/kernel/process_32.c 2015-03-15 16:03:03.688094875 -0500 +@@ -35,6 +35,7 @@ + #include <linux/uaccess.h> + #include <linux/io.h> + #include <linux/kdebug.h> ++#include <linux/highmem.h> + + #include <asm/pgtable.h> + #include <asm/ldt.h> +@@ -214,6 +215,35 @@ + } + EXPORT_SYMBOL_GPL(start_thread); + ++#ifdef CONFIG_PREEMPT_RT_FULL ++static void switch_kmaps(struct task_struct *prev_p, struct task_struct *next_p) ++{ ++ int i; ++ ++ /* ++ * Clear @prev's kmap_atomic mappings ++ */ ++ for (i = 0; i < prev_p->kmap_idx; i++) { ++ int idx = i + KM_TYPE_NR * smp_processor_id(); ++ pte_t *ptep = kmap_pte - idx; ++ ++ kpte_clear_flush(ptep, __fix_to_virt(FIX_KMAP_BEGIN + idx)); ++ } ++ /* ++ * Restore @next_p's kmap_atomic mappings ++ */ ++ for (i = 0; i < next_p->kmap_idx; i++) { ++ int idx = i + KM_TYPE_NR * smp_processor_id(); ++ ++ if (!pte_none(next_p->kmap_pte[i])) ++ set_pte(kmap_pte - idx, next_p->kmap_pte[i]); ++ } ++} ++#else ++static inline void ++switch_kmaps(struct task_struct *prev_p, struct task_struct *next_p) { } ++#endif ++ + + /* + * switch_to(x,y) should switch tasks from x to y. +@@ -301,6 +331,8 @@ + task_thread_info(next_p)->flags & _TIF_WORK_CTXSW_NEXT)) + __switch_to_xtra(prev_p, next_p, tss); + ++ switch_kmaps(prev_p, next_p); ++ + /* + * Leave lazy mode, flushing any hypercalls made here. + * This must be done before restoring TLS segments so +diff -Nur linux-3.18.9.orig/arch/x86/kernel/signal.c linux-3.18.9/arch/x86/kernel/signal.c +--- linux-3.18.9.orig/arch/x86/kernel/signal.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/kernel/signal.c 2015-03-15 16:03:03.688094875 -0500 +@@ -746,6 +746,14 @@ + mce_notify_process(); + #endif /* CONFIG_X86_64 && CONFIG_X86_MCE */ + ++#ifdef ARCH_RT_DELAYS_SIGNAL_SEND ++ if (unlikely(current->forced_info.si_signo)) { ++ struct task_struct *t = current; ++ force_sig_info(t->forced_info.si_signo, &t->forced_info, t); ++ t->forced_info.si_signo = 0; ++ } ++#endif ++ + if (thread_info_flags & _TIF_UPROBE) + uprobe_notify_resume(regs); + +diff -Nur linux-3.18.9.orig/arch/x86/kernel/traps.c linux-3.18.9/arch/x86/kernel/traps.c +--- linux-3.18.9.orig/arch/x86/kernel/traps.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/kernel/traps.c 2015-03-15 16:03:03.688094875 -0500 +@@ -87,9 +87,21 @@ + local_irq_enable(); + } + +-static inline void preempt_conditional_sti(struct pt_regs *regs) ++static inline void conditional_sti_ist(struct pt_regs *regs) + { ++#ifdef CONFIG_X86_64 ++ /* ++ * X86_64 uses a per CPU stack on the IST for certain traps ++ * like int3. The task can not be preempted when using one ++ * of these stacks, thus preemption must be disabled, otherwise ++ * the stack can be corrupted if the task is scheduled out, ++ * and another task comes in and uses this stack. ++ * ++ * On x86_32 the task keeps its own stack and it is OK if the ++ * task schedules out. ++ */ + preempt_count_inc(); ++#endif + if (regs->flags & X86_EFLAGS_IF) + local_irq_enable(); + } +@@ -100,11 +112,13 @@ + local_irq_disable(); + } + +-static inline void preempt_conditional_cli(struct pt_regs *regs) ++static inline void conditional_cli_ist(struct pt_regs *regs) + { + if (regs->flags & X86_EFLAGS_IF) + local_irq_disable(); ++#ifdef CONFIG_X86_64 + preempt_count_dec(); ++#endif + } + + static nokprobe_inline int +@@ -372,9 +386,9 @@ + * as we may switch to the interrupt stack. + */ + debug_stack_usage_inc(); +- preempt_conditional_sti(regs); ++ conditional_sti_ist(regs); + do_trap(X86_TRAP_BP, SIGTRAP, "int3", regs, error_code, NULL); +- preempt_conditional_cli(regs); ++ conditional_cli_ist(regs); + debug_stack_usage_dec(); + exit: + exception_exit(prev_state); +@@ -517,12 +531,12 @@ + debug_stack_usage_inc(); + + /* It's safe to allow irq's after DR6 has been saved */ +- preempt_conditional_sti(regs); ++ conditional_sti_ist(regs); + + if (regs->flags & X86_VM_MASK) { + handle_vm86_trap((struct kernel_vm86_regs *) regs, error_code, + X86_TRAP_DB); +- preempt_conditional_cli(regs); ++ conditional_cli_ist(regs); + debug_stack_usage_dec(); + goto exit; + } +@@ -542,7 +556,7 @@ + si_code = get_si_code(tsk->thread.debugreg6); + if (tsk->thread.debugreg6 & (DR_STEP | DR_TRAP_BITS) || user_icebp) + send_sigtrap(tsk, regs, error_code, si_code); +- preempt_conditional_cli(regs); ++ conditional_cli_ist(regs); + debug_stack_usage_dec(); + + exit: +diff -Nur linux-3.18.9.orig/arch/x86/kvm/x86.c linux-3.18.9/arch/x86/kvm/x86.c +--- linux-3.18.9.orig/arch/x86/kvm/x86.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/kvm/x86.c 2015-03-15 16:03:03.696094875 -0500 +@@ -5773,6 +5773,13 @@ + goto out; + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++ if (!boot_cpu_has(X86_FEATURE_CONSTANT_TSC)) { ++ printk(KERN_ERR "RT requires X86_FEATURE_CONSTANT_TSC\n"); ++ return -EOPNOTSUPP; ++ } ++#endif ++ + r = kvm_mmu_module_init(); + if (r) + goto out_free_percpu; +diff -Nur linux-3.18.9.orig/arch/x86/kvm/x86.c.orig linux-3.18.9/arch/x86/kvm/x86.c.orig +--- linux-3.18.9.orig/arch/x86/kvm/x86.c.orig 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/arch/x86/kvm/x86.c.orig 2015-03-06 16:53:42.000000000 -0600 +@@ -0,0 +1,7824 @@ ++/* ++ * Kernel-based Virtual Machine driver for Linux ++ * ++ * derived from drivers/kvm/kvm_main.c ++ * ++ * Copyright (C) 2006 Qumranet, Inc. ++ * Copyright (C) 2008 Qumranet, Inc. ++ * Copyright IBM Corporation, 2008 ++ * Copyright 2010 Red Hat, Inc. and/or its affiliates. ++ * ++ * Authors: ++ * Avi Kivity <avi@qumranet.com> ++ * Yaniv Kamay <yaniv@qumranet.com> ++ * Amit Shah <amit.shah@qumranet.com> ++ * Ben-Ami Yassour <benami@il.ibm.com> ++ * ++ * This work is licensed under the terms of the GNU GPL, version 2. See ++ * the COPYING file in the top-level directory. ++ * ++ */ ++ ++#include <linux/kvm_host.h> ++#include "irq.h" ++#include "mmu.h" ++#include "i8254.h" ++#include "tss.h" ++#include "kvm_cache_regs.h" ++#include "x86.h" ++#include "cpuid.h" ++ ++#include <linux/clocksource.h> ++#include <linux/interrupt.h> ++#include <linux/kvm.h> ++#include <linux/fs.h> ++#include <linux/vmalloc.h> ++#include <linux/module.h> ++#include <linux/mman.h> ++#include <linux/highmem.h> ++#include <linux/iommu.h> ++#include <linux/intel-iommu.h> ++#include <linux/cpufreq.h> ++#include <linux/user-return-notifier.h> ++#include <linux/srcu.h> ++#include <linux/slab.h> ++#include <linux/perf_event.h> ++#include <linux/uaccess.h> ++#include <linux/hash.h> ++#include <linux/pci.h> ++#include <linux/timekeeper_internal.h> ++#include <linux/pvclock_gtod.h> ++#include <trace/events/kvm.h> ++ ++#define CREATE_TRACE_POINTS ++#include "trace.h" ++ ++#include <asm/debugreg.h> ++#include <asm/msr.h> ++#include <asm/desc.h> ++#include <asm/mtrr.h> ++#include <asm/mce.h> ++#include <asm/i387.h> ++#include <asm/fpu-internal.h> /* Ugh! */ ++#include <asm/xcr.h> ++#include <asm/pvclock.h> ++#include <asm/div64.h> ++ ++#define MAX_IO_MSRS 256 ++#define KVM_MAX_MCE_BANKS 32 ++#define KVM_MCE_CAP_SUPPORTED (MCG_CTL_P | MCG_SER_P) ++ ++#define emul_to_vcpu(ctxt) \ ++ container_of(ctxt, struct kvm_vcpu, arch.emulate_ctxt) ++ ++/* EFER defaults: ++ * - enable syscall per default because its emulated by KVM ++ * - enable LME and LMA per default on 64 bit KVM ++ */ ++#ifdef CONFIG_X86_64 ++static ++u64 __read_mostly efer_reserved_bits = ~((u64)(EFER_SCE | EFER_LME | EFER_LMA)); ++#else ++static u64 __read_mostly efer_reserved_bits = ~((u64)EFER_SCE); ++#endif ++ ++#define VM_STAT(x) offsetof(struct kvm, stat.x), KVM_STAT_VM ++#define VCPU_STAT(x) offsetof(struct kvm_vcpu, stat.x), KVM_STAT_VCPU ++ ++static void update_cr8_intercept(struct kvm_vcpu *vcpu); ++static void process_nmi(struct kvm_vcpu *vcpu); ++static void __kvm_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags); ++ ++struct kvm_x86_ops *kvm_x86_ops; ++EXPORT_SYMBOL_GPL(kvm_x86_ops); ++ ++static bool ignore_msrs = 0; ++module_param(ignore_msrs, bool, S_IRUGO | S_IWUSR); ++ ++unsigned int min_timer_period_us = 500; ++module_param(min_timer_period_us, uint, S_IRUGO | S_IWUSR); ++ ++bool kvm_has_tsc_control; ++EXPORT_SYMBOL_GPL(kvm_has_tsc_control); ++u32 kvm_max_guest_tsc_khz; ++EXPORT_SYMBOL_GPL(kvm_max_guest_tsc_khz); ++ ++/* tsc tolerance in parts per million - default to 1/2 of the NTP threshold */ ++static u32 tsc_tolerance_ppm = 250; ++module_param(tsc_tolerance_ppm, uint, S_IRUGO | S_IWUSR); ++ ++static bool backwards_tsc_observed = false; ++ ++#define KVM_NR_SHARED_MSRS 16 ++ ++struct kvm_shared_msrs_global { ++ int nr; ++ u32 msrs[KVM_NR_SHARED_MSRS]; ++}; ++ ++struct kvm_shared_msrs { ++ struct user_return_notifier urn; ++ bool registered; ++ struct kvm_shared_msr_values { ++ u64 host; ++ u64 curr; ++ } values[KVM_NR_SHARED_MSRS]; ++}; ++ ++static struct kvm_shared_msrs_global __read_mostly shared_msrs_global; ++static struct kvm_shared_msrs __percpu *shared_msrs; ++ ++struct kvm_stats_debugfs_item debugfs_entries[] = { ++ { "pf_fixed", VCPU_STAT(pf_fixed) }, ++ { "pf_guest", VCPU_STAT(pf_guest) }, ++ { "tlb_flush", VCPU_STAT(tlb_flush) }, ++ { "invlpg", VCPU_STAT(invlpg) }, ++ { "exits", VCPU_STAT(exits) }, ++ { "io_exits", VCPU_STAT(io_exits) }, ++ { "mmio_exits", VCPU_STAT(mmio_exits) }, ++ { "signal_exits", VCPU_STAT(signal_exits) }, ++ { "irq_window", VCPU_STAT(irq_window_exits) }, ++ { "nmi_window", VCPU_STAT(nmi_window_exits) }, ++ { "halt_exits", VCPU_STAT(halt_exits) }, ++ { "halt_wakeup", VCPU_STAT(halt_wakeup) }, ++ { "hypercalls", VCPU_STAT(hypercalls) }, ++ { "request_irq", VCPU_STAT(request_irq_exits) }, ++ { "irq_exits", VCPU_STAT(irq_exits) }, ++ { "host_state_reload", VCPU_STAT(host_state_reload) }, ++ { "efer_reload", VCPU_STAT(efer_reload) }, ++ { "fpu_reload", VCPU_STAT(fpu_reload) }, ++ { "insn_emulation", VCPU_STAT(insn_emulation) }, ++ { "insn_emulation_fail", VCPU_STAT(insn_emulation_fail) }, ++ { "irq_injections", VCPU_STAT(irq_injections) }, ++ { "nmi_injections", VCPU_STAT(nmi_injections) }, ++ { "mmu_shadow_zapped", VM_STAT(mmu_shadow_zapped) }, ++ { "mmu_pte_write", VM_STAT(mmu_pte_write) }, ++ { "mmu_pte_updated", VM_STAT(mmu_pte_updated) }, ++ { "mmu_pde_zapped", VM_STAT(mmu_pde_zapped) }, ++ { "mmu_flooded", VM_STAT(mmu_flooded) }, ++ { "mmu_recycled", VM_STAT(mmu_recycled) }, ++ { "mmu_cache_miss", VM_STAT(mmu_cache_miss) }, ++ { "mmu_unsync", VM_STAT(mmu_unsync) }, ++ { "remote_tlb_flush", VM_STAT(remote_tlb_flush) }, ++ { "largepages", VM_STAT(lpages) }, ++ { NULL } ++}; ++ ++u64 __read_mostly host_xcr0; ++ ++static int emulator_fix_hypercall(struct x86_emulate_ctxt *ctxt); ++ ++static inline void kvm_async_pf_hash_reset(struct kvm_vcpu *vcpu) ++{ ++ int i; ++ for (i = 0; i < roundup_pow_of_two(ASYNC_PF_PER_VCPU); i++) ++ vcpu->arch.apf.gfns[i] = ~0; ++} ++ ++static void kvm_on_user_return(struct user_return_notifier *urn) ++{ ++ unsigned slot; ++ struct kvm_shared_msrs *locals ++ = container_of(urn, struct kvm_shared_msrs, urn); ++ struct kvm_shared_msr_values *values; ++ ++ for (slot = 0; slot < shared_msrs_global.nr; ++slot) { ++ values = &locals->values[slot]; ++ if (values->host != values->curr) { ++ wrmsrl(shared_msrs_global.msrs[slot], values->host); ++ values->curr = values->host; ++ } ++ } ++ locals->registered = false; ++ user_return_notifier_unregister(urn); ++} ++ ++static void shared_msr_update(unsigned slot, u32 msr) ++{ ++ u64 value; ++ unsigned int cpu = smp_processor_id(); ++ struct kvm_shared_msrs *smsr = per_cpu_ptr(shared_msrs, cpu); ++ ++ /* only read, and nobody should modify it at this time, ++ * so don't need lock */ ++ if (slot >= shared_msrs_global.nr) { ++ printk(KERN_ERR "kvm: invalid MSR slot!"); ++ return; ++ } ++ rdmsrl_safe(msr, &value); ++ smsr->values[slot].host = value; ++ smsr->values[slot].curr = value; ++} ++ ++void kvm_define_shared_msr(unsigned slot, u32 msr) ++{ ++ BUG_ON(slot >= KVM_NR_SHARED_MSRS); ++ if (slot >= shared_msrs_global.nr) ++ shared_msrs_global.nr = slot + 1; ++ shared_msrs_global.msrs[slot] = msr; ++ /* we need ensured the shared_msr_global have been updated */ ++ smp_wmb(); ++} ++EXPORT_SYMBOL_GPL(kvm_define_shared_msr); ++ ++static void kvm_shared_msr_cpu_online(void) ++{ ++ unsigned i; ++ ++ for (i = 0; i < shared_msrs_global.nr; ++i) ++ shared_msr_update(i, shared_msrs_global.msrs[i]); ++} ++ ++int kvm_set_shared_msr(unsigned slot, u64 value, u64 mask) ++{ ++ unsigned int cpu = smp_processor_id(); ++ struct kvm_shared_msrs *smsr = per_cpu_ptr(shared_msrs, cpu); ++ int err; ++ ++ if (((value ^ smsr->values[slot].curr) & mask) == 0) ++ return 0; ++ smsr->values[slot].curr = value; ++ err = wrmsrl_safe(shared_msrs_global.msrs[slot], value); ++ if (err) ++ return 1; ++ ++ if (!smsr->registered) { ++ smsr->urn.on_user_return = kvm_on_user_return; ++ user_return_notifier_register(&smsr->urn); ++ smsr->registered = true; ++ } ++ return 0; ++} ++EXPORT_SYMBOL_GPL(kvm_set_shared_msr); ++ ++static void drop_user_return_notifiers(void) ++{ ++ unsigned int cpu = smp_processor_id(); ++ struct kvm_shared_msrs *smsr = per_cpu_ptr(shared_msrs, cpu); ++ ++ if (smsr->registered) ++ kvm_on_user_return(&smsr->urn); ++} ++ ++u64 kvm_get_apic_base(struct kvm_vcpu *vcpu) ++{ ++ return vcpu->arch.apic_base; ++} ++EXPORT_SYMBOL_GPL(kvm_get_apic_base); ++ ++int kvm_set_apic_base(struct kvm_vcpu *vcpu, struct msr_data *msr_info) ++{ ++ u64 old_state = vcpu->arch.apic_base & ++ (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE); ++ u64 new_state = msr_info->data & ++ (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE); ++ u64 reserved_bits = ((~0ULL) << cpuid_maxphyaddr(vcpu)) | ++ 0x2ff | (guest_cpuid_has_x2apic(vcpu) ? 0 : X2APIC_ENABLE); ++ ++ if (!msr_info->host_initiated && ++ ((msr_info->data & reserved_bits) != 0 || ++ new_state == X2APIC_ENABLE || ++ (new_state == MSR_IA32_APICBASE_ENABLE && ++ old_state == (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE)) || ++ (new_state == (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE) && ++ old_state == 0))) ++ return 1; ++ ++ kvm_lapic_set_base(vcpu, msr_info->data); ++ return 0; ++} ++EXPORT_SYMBOL_GPL(kvm_set_apic_base); ++ ++asmlinkage __visible void kvm_spurious_fault(void) ++{ ++ /* Fault while not rebooting. We want the trace. */ ++ BUG(); ++} ++EXPORT_SYMBOL_GPL(kvm_spurious_fault); ++ ++#define EXCPT_BENIGN 0 ++#define EXCPT_CONTRIBUTORY 1 ++#define EXCPT_PF 2 ++ ++static int exception_class(int vector) ++{ ++ switch (vector) { ++ case PF_VECTOR: ++ return EXCPT_PF; ++ case DE_VECTOR: ++ case TS_VECTOR: ++ case NP_VECTOR: ++ case SS_VECTOR: ++ case GP_VECTOR: ++ return EXCPT_CONTRIBUTORY; ++ default: ++ break; ++ } ++ return EXCPT_BENIGN; ++} ++ ++#define EXCPT_FAULT 0 ++#define EXCPT_TRAP 1 ++#define EXCPT_ABORT 2 ++#define EXCPT_INTERRUPT 3 ++ ++static int exception_type(int vector) ++{ ++ unsigned int mask; ++ ++ if (WARN_ON(vector > 31 || vector == NMI_VECTOR)) ++ return EXCPT_INTERRUPT; ++ ++ mask = 1 << vector; ++ ++ /* #DB is trap, as instruction watchpoints are handled elsewhere */ ++ if (mask & ((1 << DB_VECTOR) | (1 << BP_VECTOR) | (1 << OF_VECTOR))) ++ return EXCPT_TRAP; ++ ++ if (mask & ((1 << DF_VECTOR) | (1 << MC_VECTOR))) ++ return EXCPT_ABORT; ++ ++ /* Reserved exceptions will result in fault */ ++ return EXCPT_FAULT; ++} ++ ++static void kvm_multiple_exception(struct kvm_vcpu *vcpu, ++ unsigned nr, bool has_error, u32 error_code, ++ bool reinject) ++{ ++ u32 prev_nr; ++ int class1, class2; ++ ++ kvm_make_request(KVM_REQ_EVENT, vcpu); ++ ++ if (!vcpu->arch.exception.pending) { ++ queue: ++ vcpu->arch.exception.pending = true; ++ vcpu->arch.exception.has_error_code = has_error; ++ vcpu->arch.exception.nr = nr; ++ vcpu->arch.exception.error_code = error_code; ++ vcpu->arch.exception.reinject = reinject; ++ return; ++ } ++ ++ /* to check exception */ ++ prev_nr = vcpu->arch.exception.nr; ++ if (prev_nr == DF_VECTOR) { ++ /* triple fault -> shutdown */ ++ kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu); ++ return; ++ } ++ class1 = exception_class(prev_nr); ++ class2 = exception_class(nr); ++ if ((class1 == EXCPT_CONTRIBUTORY && class2 == EXCPT_CONTRIBUTORY) ++ || (class1 == EXCPT_PF && class2 != EXCPT_BENIGN)) { ++ /* generate double fault per SDM Table 5-5 */ ++ vcpu->arch.exception.pending = true; ++ vcpu->arch.exception.has_error_code = true; ++ vcpu->arch.exception.nr = DF_VECTOR; ++ vcpu->arch.exception.error_code = 0; ++ } else ++ /* replace previous exception with a new one in a hope ++ that instruction re-execution will regenerate lost ++ exception */ ++ goto queue; ++} ++ ++void kvm_queue_exception(struct kvm_vcpu *vcpu, unsigned nr) ++{ ++ kvm_multiple_exception(vcpu, nr, false, 0, false); ++} ++EXPORT_SYMBOL_GPL(kvm_queue_exception); ++ ++void kvm_requeue_exception(struct kvm_vcpu *vcpu, unsigned nr) ++{ ++ kvm_multiple_exception(vcpu, nr, false, 0, true); ++} ++EXPORT_SYMBOL_GPL(kvm_requeue_exception); ++ ++void kvm_complete_insn_gp(struct kvm_vcpu *vcpu, int err) ++{ ++ if (err) ++ kvm_inject_gp(vcpu, 0); ++ else ++ kvm_x86_ops->skip_emulated_instruction(vcpu); ++} ++EXPORT_SYMBOL_GPL(kvm_complete_insn_gp); ++ ++void kvm_inject_page_fault(struct kvm_vcpu *vcpu, struct x86_exception *fault) ++{ ++ ++vcpu->stat.pf_guest; ++ vcpu->arch.cr2 = fault->address; ++ kvm_queue_exception_e(vcpu, PF_VECTOR, fault->error_code); ++} ++EXPORT_SYMBOL_GPL(kvm_inject_page_fault); ++ ++static bool kvm_propagate_fault(struct kvm_vcpu *vcpu, struct x86_exception *fault) ++{ ++ if (mmu_is_nested(vcpu) && !fault->nested_page_fault) ++ vcpu->arch.nested_mmu.inject_page_fault(vcpu, fault); ++ else ++ vcpu->arch.mmu.inject_page_fault(vcpu, fault); ++ ++ return fault->nested_page_fault; ++} ++ ++void kvm_inject_nmi(struct kvm_vcpu *vcpu) ++{ ++ atomic_inc(&vcpu->arch.nmi_queued); ++ kvm_make_request(KVM_REQ_NMI, vcpu); ++} ++EXPORT_SYMBOL_GPL(kvm_inject_nmi); ++ ++void kvm_queue_exception_e(struct kvm_vcpu *vcpu, unsigned nr, u32 error_code) ++{ ++ kvm_multiple_exception(vcpu, nr, true, error_code, false); ++} ++EXPORT_SYMBOL_GPL(kvm_queue_exception_e); ++ ++void kvm_requeue_exception_e(struct kvm_vcpu *vcpu, unsigned nr, u32 error_code) ++{ ++ kvm_multiple_exception(vcpu, nr, true, error_code, true); ++} ++EXPORT_SYMBOL_GPL(kvm_requeue_exception_e); ++ ++/* ++ * Checks if cpl <= required_cpl; if true, return true. Otherwise queue ++ * a #GP and return false. ++ */ ++bool kvm_require_cpl(struct kvm_vcpu *vcpu, int required_cpl) ++{ ++ if (kvm_x86_ops->get_cpl(vcpu) <= required_cpl) ++ return true; ++ kvm_queue_exception_e(vcpu, GP_VECTOR, 0); ++ return false; ++} ++EXPORT_SYMBOL_GPL(kvm_require_cpl); ++ ++/* ++ * This function will be used to read from the physical memory of the currently ++ * running guest. The difference to kvm_read_guest_page is that this function ++ * can read from guest physical or from the guest's guest physical memory. ++ */ ++int kvm_read_guest_page_mmu(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu, ++ gfn_t ngfn, void *data, int offset, int len, ++ u32 access) ++{ ++ struct x86_exception exception; ++ gfn_t real_gfn; ++ gpa_t ngpa; ++ ++ ngpa = gfn_to_gpa(ngfn); ++ real_gfn = mmu->translate_gpa(vcpu, ngpa, access, &exception); ++ if (real_gfn == UNMAPPED_GVA) ++ return -EFAULT; ++ ++ real_gfn = gpa_to_gfn(real_gfn); ++ ++ return kvm_read_guest_page(vcpu->kvm, real_gfn, data, offset, len); ++} ++EXPORT_SYMBOL_GPL(kvm_read_guest_page_mmu); ++ ++int kvm_read_nested_guest_page(struct kvm_vcpu *vcpu, gfn_t gfn, ++ void *data, int offset, int len, u32 access) ++{ ++ return kvm_read_guest_page_mmu(vcpu, vcpu->arch.walk_mmu, gfn, ++ data, offset, len, access); ++} ++ ++/* ++ * Load the pae pdptrs. Return true is they are all valid. ++ */ ++int load_pdptrs(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu, unsigned long cr3) ++{ ++ gfn_t pdpt_gfn = cr3 >> PAGE_SHIFT; ++ unsigned offset = ((cr3 & (PAGE_SIZE-1)) >> 5) << 2; ++ int i; ++ int ret; ++ u64 pdpte[ARRAY_SIZE(mmu->pdptrs)]; ++ ++ ret = kvm_read_guest_page_mmu(vcpu, mmu, pdpt_gfn, pdpte, ++ offset * sizeof(u64), sizeof(pdpte), ++ PFERR_USER_MASK|PFERR_WRITE_MASK); ++ if (ret < 0) { ++ ret = 0; ++ goto out; ++ } ++ for (i = 0; i < ARRAY_SIZE(pdpte); ++i) { ++ if (is_present_gpte(pdpte[i]) && ++ (pdpte[i] & vcpu->arch.mmu.rsvd_bits_mask[0][2])) { ++ ret = 0; ++ goto out; ++ } ++ } ++ ret = 1; ++ ++ memcpy(mmu->pdptrs, pdpte, sizeof(mmu->pdptrs)); ++ __set_bit(VCPU_EXREG_PDPTR, ++ (unsigned long *)&vcpu->arch.regs_avail); ++ __set_bit(VCPU_EXREG_PDPTR, ++ (unsigned long *)&vcpu->arch.regs_dirty); ++out: ++ ++ return ret; ++} ++EXPORT_SYMBOL_GPL(load_pdptrs); ++ ++static bool pdptrs_changed(struct kvm_vcpu *vcpu) ++{ ++ u64 pdpte[ARRAY_SIZE(vcpu->arch.walk_mmu->pdptrs)]; ++ bool changed = true; ++ int offset; ++ gfn_t gfn; ++ int r; ++ ++ if (is_long_mode(vcpu) || !is_pae(vcpu)) ++ return false; ++ ++ if (!test_bit(VCPU_EXREG_PDPTR, ++ (unsigned long *)&vcpu->arch.regs_avail)) ++ return true; ++ ++ gfn = (kvm_read_cr3(vcpu) & ~31u) >> PAGE_SHIFT; ++ offset = (kvm_read_cr3(vcpu) & ~31u) & (PAGE_SIZE - 1); ++ r = kvm_read_nested_guest_page(vcpu, gfn, pdpte, offset, sizeof(pdpte), ++ PFERR_USER_MASK | PFERR_WRITE_MASK); ++ if (r < 0) ++ goto out; ++ changed = memcmp(pdpte, vcpu->arch.walk_mmu->pdptrs, sizeof(pdpte)) != 0; ++out: ++ ++ return changed; ++} ++ ++int kvm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0) ++{ ++ unsigned long old_cr0 = kvm_read_cr0(vcpu); ++ unsigned long update_bits = X86_CR0_PG | X86_CR0_WP | ++ X86_CR0_CD | X86_CR0_NW; ++ ++ cr0 |= X86_CR0_ET; ++ ++#ifdef CONFIG_X86_64 ++ if (cr0 & 0xffffffff00000000UL) ++ return 1; ++#endif ++ ++ cr0 &= ~CR0_RESERVED_BITS; ++ ++ if ((cr0 & X86_CR0_NW) && !(cr0 & X86_CR0_CD)) ++ return 1; ++ ++ if ((cr0 & X86_CR0_PG) && !(cr0 & X86_CR0_PE)) ++ return 1; ++ ++ if (!is_paging(vcpu) && (cr0 & X86_CR0_PG)) { ++#ifdef CONFIG_X86_64 ++ if ((vcpu->arch.efer & EFER_LME)) { ++ int cs_db, cs_l; ++ ++ if (!is_pae(vcpu)) ++ return 1; ++ kvm_x86_ops->get_cs_db_l_bits(vcpu, &cs_db, &cs_l); ++ if (cs_l) ++ return 1; ++ } else ++#endif ++ if (is_pae(vcpu) && !load_pdptrs(vcpu, vcpu->arch.walk_mmu, ++ kvm_read_cr3(vcpu))) ++ return 1; ++ } ++ ++ if (!(cr0 & X86_CR0_PG) && kvm_read_cr4_bits(vcpu, X86_CR4_PCIDE)) ++ return 1; ++ ++ kvm_x86_ops->set_cr0(vcpu, cr0); ++ ++ if ((cr0 ^ old_cr0) & X86_CR0_PG) { ++ kvm_clear_async_pf_completion_queue(vcpu); ++ kvm_async_pf_hash_reset(vcpu); ++ } ++ ++ if ((cr0 ^ old_cr0) & update_bits) ++ kvm_mmu_reset_context(vcpu); ++ return 0; ++} ++EXPORT_SYMBOL_GPL(kvm_set_cr0); ++ ++void kvm_lmsw(struct kvm_vcpu *vcpu, unsigned long msw) ++{ ++ (void)kvm_set_cr0(vcpu, kvm_read_cr0_bits(vcpu, ~0x0eul) | (msw & 0x0f)); ++} ++EXPORT_SYMBOL_GPL(kvm_lmsw); ++ ++static void kvm_load_guest_xcr0(struct kvm_vcpu *vcpu) ++{ ++ if (kvm_read_cr4_bits(vcpu, X86_CR4_OSXSAVE) && ++ !vcpu->guest_xcr0_loaded) { ++ /* kvm_set_xcr() also depends on this */ ++ xsetbv(XCR_XFEATURE_ENABLED_MASK, vcpu->arch.xcr0); ++ vcpu->guest_xcr0_loaded = 1; ++ } ++} ++ ++static void kvm_put_guest_xcr0(struct kvm_vcpu *vcpu) ++{ ++ if (vcpu->guest_xcr0_loaded) { ++ if (vcpu->arch.xcr0 != host_xcr0) ++ xsetbv(XCR_XFEATURE_ENABLED_MASK, host_xcr0); ++ vcpu->guest_xcr0_loaded = 0; ++ } ++} ++ ++int __kvm_set_xcr(struct kvm_vcpu *vcpu, u32 index, u64 xcr) ++{ ++ u64 xcr0 = xcr; ++ u64 old_xcr0 = vcpu->arch.xcr0; ++ u64 valid_bits; ++ ++ /* Only support XCR_XFEATURE_ENABLED_MASK(xcr0) now */ ++ if (index != XCR_XFEATURE_ENABLED_MASK) ++ return 1; ++ if (!(xcr0 & XSTATE_FP)) ++ return 1; ++ if ((xcr0 & XSTATE_YMM) && !(xcr0 & XSTATE_SSE)) ++ return 1; ++ ++ /* ++ * Do not allow the guest to set bits that we do not support ++ * saving. However, xcr0 bit 0 is always set, even if the ++ * emulated CPU does not support XSAVE (see fx_init). ++ */ ++ valid_bits = vcpu->arch.guest_supported_xcr0 | XSTATE_FP; ++ if (xcr0 & ~valid_bits) ++ return 1; ++ ++ if ((!(xcr0 & XSTATE_BNDREGS)) != (!(xcr0 & XSTATE_BNDCSR))) ++ return 1; ++ ++ kvm_put_guest_xcr0(vcpu); ++ vcpu->arch.xcr0 = xcr0; ++ ++ if ((xcr0 ^ old_xcr0) & XSTATE_EXTEND_MASK) ++ kvm_update_cpuid(vcpu); ++ return 0; ++} ++ ++int kvm_set_xcr(struct kvm_vcpu *vcpu, u32 index, u64 xcr) ++{ ++ if (kvm_x86_ops->get_cpl(vcpu) != 0 || ++ __kvm_set_xcr(vcpu, index, xcr)) { ++ kvm_inject_gp(vcpu, 0); ++ return 1; ++ } ++ return 0; ++} ++EXPORT_SYMBOL_GPL(kvm_set_xcr); ++ ++int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) ++{ ++ unsigned long old_cr4 = kvm_read_cr4(vcpu); ++ unsigned long pdptr_bits = X86_CR4_PGE | X86_CR4_PSE | ++ X86_CR4_PAE | X86_CR4_SMEP; ++ if (cr4 & CR4_RESERVED_BITS) ++ return 1; ++ ++ if (!guest_cpuid_has_xsave(vcpu) && (cr4 & X86_CR4_OSXSAVE)) ++ return 1; ++ ++ if (!guest_cpuid_has_smep(vcpu) && (cr4 & X86_CR4_SMEP)) ++ return 1; ++ ++ if (!guest_cpuid_has_smap(vcpu) && (cr4 & X86_CR4_SMAP)) ++ return 1; ++ ++ if (!guest_cpuid_has_fsgsbase(vcpu) && (cr4 & X86_CR4_FSGSBASE)) ++ return 1; ++ ++ if (is_long_mode(vcpu)) { ++ if (!(cr4 & X86_CR4_PAE)) ++ return 1; ++ } else if (is_paging(vcpu) && (cr4 & X86_CR4_PAE) ++ && ((cr4 ^ old_cr4) & pdptr_bits) ++ && !load_pdptrs(vcpu, vcpu->arch.walk_mmu, ++ kvm_read_cr3(vcpu))) ++ return 1; ++ ++ if ((cr4 & X86_CR4_PCIDE) && !(old_cr4 & X86_CR4_PCIDE)) { ++ if (!guest_cpuid_has_pcid(vcpu)) ++ return 1; ++ ++ /* PCID can not be enabled when cr3[11:0]!=000H or EFER.LMA=0 */ ++ if ((kvm_read_cr3(vcpu) & X86_CR3_PCID_MASK) || !is_long_mode(vcpu)) ++ return 1; ++ } ++ ++ if (kvm_x86_ops->set_cr4(vcpu, cr4)) ++ return 1; ++ ++ if (((cr4 ^ old_cr4) & pdptr_bits) || ++ (!(cr4 & X86_CR4_PCIDE) && (old_cr4 & X86_CR4_PCIDE))) ++ kvm_mmu_reset_context(vcpu); ++ ++ if ((cr4 ^ old_cr4) & X86_CR4_SMAP) ++ update_permission_bitmask(vcpu, vcpu->arch.walk_mmu, false); ++ ++ if ((cr4 ^ old_cr4) & X86_CR4_OSXSAVE) ++ kvm_update_cpuid(vcpu); ++ ++ return 0; ++} ++EXPORT_SYMBOL_GPL(kvm_set_cr4); ++ ++int kvm_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3) ++{ ++ if (cr3 == kvm_read_cr3(vcpu) && !pdptrs_changed(vcpu)) { ++ kvm_mmu_sync_roots(vcpu); ++ kvm_make_request(KVM_REQ_TLB_FLUSH, vcpu); ++ return 0; ++ } ++ ++ if (is_long_mode(vcpu)) { ++ if (cr3 & CR3_L_MODE_RESERVED_BITS) ++ return 1; ++ } else if (is_pae(vcpu) && is_paging(vcpu) && ++ !load_pdptrs(vcpu, vcpu->arch.walk_mmu, cr3)) ++ return 1; ++ ++ vcpu->arch.cr3 = cr3; ++ __set_bit(VCPU_EXREG_CR3, (ulong *)&vcpu->arch.regs_avail); ++ kvm_mmu_new_cr3(vcpu); ++ return 0; ++} ++EXPORT_SYMBOL_GPL(kvm_set_cr3); ++ ++int kvm_set_cr8(struct kvm_vcpu *vcpu, unsigned long cr8) ++{ ++ if (cr8 & CR8_RESERVED_BITS) ++ return 1; ++ if (irqchip_in_kernel(vcpu->kvm)) ++ kvm_lapic_set_tpr(vcpu, cr8); ++ else ++ vcpu->arch.cr8 = cr8; ++ return 0; ++} ++EXPORT_SYMBOL_GPL(kvm_set_cr8); ++ ++unsigned long kvm_get_cr8(struct kvm_vcpu *vcpu) ++{ ++ if (irqchip_in_kernel(vcpu->kvm)) ++ return kvm_lapic_get_cr8(vcpu); ++ else ++ return vcpu->arch.cr8; ++} ++EXPORT_SYMBOL_GPL(kvm_get_cr8); ++ ++static void kvm_update_dr6(struct kvm_vcpu *vcpu) ++{ ++ if (!(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP)) ++ kvm_x86_ops->set_dr6(vcpu, vcpu->arch.dr6); ++} ++ ++static void kvm_update_dr7(struct kvm_vcpu *vcpu) ++{ ++ unsigned long dr7; ++ ++ if (vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP) ++ dr7 = vcpu->arch.guest_debug_dr7; ++ else ++ dr7 = vcpu->arch.dr7; ++ kvm_x86_ops->set_dr7(vcpu, dr7); ++ vcpu->arch.switch_db_regs &= ~KVM_DEBUGREG_BP_ENABLED; ++ if (dr7 & DR7_BP_EN_MASK) ++ vcpu->arch.switch_db_regs |= KVM_DEBUGREG_BP_ENABLED; ++} ++ ++static u64 kvm_dr6_fixed(struct kvm_vcpu *vcpu) ++{ ++ u64 fixed = DR6_FIXED_1; ++ ++ if (!guest_cpuid_has_rtm(vcpu)) ++ fixed |= DR6_RTM; ++ return fixed; ++} ++ ++static int __kvm_set_dr(struct kvm_vcpu *vcpu, int dr, unsigned long val) ++{ ++ switch (dr) { ++ case 0 ... 3: ++ vcpu->arch.db[dr] = val; ++ if (!(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP)) ++ vcpu->arch.eff_db[dr] = val; ++ break; ++ case 4: ++ if (kvm_read_cr4_bits(vcpu, X86_CR4_DE)) ++ return 1; /* #UD */ ++ /* fall through */ ++ case 6: ++ if (val & 0xffffffff00000000ULL) ++ return -1; /* #GP */ ++ vcpu->arch.dr6 = (val & DR6_VOLATILE) | kvm_dr6_fixed(vcpu); ++ kvm_update_dr6(vcpu); ++ break; ++ case 5: ++ if (kvm_read_cr4_bits(vcpu, X86_CR4_DE)) ++ return 1; /* #UD */ ++ /* fall through */ ++ default: /* 7 */ ++ if (val & 0xffffffff00000000ULL) ++ return -1; /* #GP */ ++ vcpu->arch.dr7 = (val & DR7_VOLATILE) | DR7_FIXED_1; ++ kvm_update_dr7(vcpu); ++ break; ++ } ++ ++ return 0; ++} ++ ++int kvm_set_dr(struct kvm_vcpu *vcpu, int dr, unsigned long val) ++{ ++ int res; ++ ++ res = __kvm_set_dr(vcpu, dr, val); ++ if (res > 0) ++ kvm_queue_exception(vcpu, UD_VECTOR); ++ else if (res < 0) ++ kvm_inject_gp(vcpu, 0); ++ ++ return res; ++} ++EXPORT_SYMBOL_GPL(kvm_set_dr); ++ ++static int _kvm_get_dr(struct kvm_vcpu *vcpu, int dr, unsigned long *val) ++{ ++ switch (dr) { ++ case 0 ... 3: ++ *val = vcpu->arch.db[dr]; ++ break; ++ case 4: ++ if (kvm_read_cr4_bits(vcpu, X86_CR4_DE)) ++ return 1; ++ /* fall through */ ++ case 6: ++ if (vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP) ++ *val = vcpu->arch.dr6; ++ else ++ *val = kvm_x86_ops->get_dr6(vcpu); ++ break; ++ case 5: ++ if (kvm_read_cr4_bits(vcpu, X86_CR4_DE)) ++ return 1; ++ /* fall through */ ++ default: /* 7 */ ++ *val = vcpu->arch.dr7; ++ break; ++ } ++ ++ return 0; ++} ++ ++int kvm_get_dr(struct kvm_vcpu *vcpu, int dr, unsigned long *val) ++{ ++ if (_kvm_get_dr(vcpu, dr, val)) { ++ kvm_queue_exception(vcpu, UD_VECTOR); ++ return 1; ++ } ++ return 0; ++} ++EXPORT_SYMBOL_GPL(kvm_get_dr); ++ ++bool kvm_rdpmc(struct kvm_vcpu *vcpu) ++{ ++ u32 ecx = kvm_register_read(vcpu, VCPU_REGS_RCX); ++ u64 data; ++ int err; ++ ++ err = kvm_pmu_read_pmc(vcpu, ecx, &data); ++ if (err) ++ return err; ++ kvm_register_write(vcpu, VCPU_REGS_RAX, (u32)data); ++ kvm_register_write(vcpu, VCPU_REGS_RDX, data >> 32); ++ return err; ++} ++EXPORT_SYMBOL_GPL(kvm_rdpmc); ++ ++/* ++ * List of msr numbers which we expose to userspace through KVM_GET_MSRS ++ * and KVM_SET_MSRS, and KVM_GET_MSR_INDEX_LIST. ++ * ++ * This list is modified at module load time to reflect the ++ * capabilities of the host cpu. This capabilities test skips MSRs that are ++ * kvm-specific. Those are put in the beginning of the list. ++ */ ++ ++#define KVM_SAVE_MSRS_BEGIN 12 ++static u32 msrs_to_save[] = { ++ MSR_KVM_SYSTEM_TIME, MSR_KVM_WALL_CLOCK, ++ MSR_KVM_SYSTEM_TIME_NEW, MSR_KVM_WALL_CLOCK_NEW, ++ HV_X64_MSR_GUEST_OS_ID, HV_X64_MSR_HYPERCALL, ++ HV_X64_MSR_TIME_REF_COUNT, HV_X64_MSR_REFERENCE_TSC, ++ HV_X64_MSR_APIC_ASSIST_PAGE, MSR_KVM_ASYNC_PF_EN, MSR_KVM_STEAL_TIME, ++ MSR_KVM_PV_EOI_EN, ++ MSR_IA32_SYSENTER_CS, MSR_IA32_SYSENTER_ESP, MSR_IA32_SYSENTER_EIP, ++ MSR_STAR, ++#ifdef CONFIG_X86_64 ++ MSR_CSTAR, MSR_KERNEL_GS_BASE, MSR_SYSCALL_MASK, MSR_LSTAR, ++#endif ++ MSR_IA32_TSC, MSR_IA32_CR_PAT, MSR_VM_HSAVE_PA, ++ MSR_IA32_FEATURE_CONTROL, MSR_IA32_BNDCFGS ++}; ++ ++static unsigned num_msrs_to_save; ++ ++static const u32 emulated_msrs[] = { ++ MSR_IA32_TSC_ADJUST, ++ MSR_IA32_TSCDEADLINE, ++ MSR_IA32_MISC_ENABLE, ++ MSR_IA32_MCG_STATUS, ++ MSR_IA32_MCG_CTL, ++}; ++ ++bool kvm_valid_efer(struct kvm_vcpu *vcpu, u64 efer) ++{ ++ if (efer & efer_reserved_bits) ++ return false; ++ ++ if (efer & EFER_FFXSR) { ++ struct kvm_cpuid_entry2 *feat; ++ ++ feat = kvm_find_cpuid_entry(vcpu, 0x80000001, 0); ++ if (!feat || !(feat->edx & bit(X86_FEATURE_FXSR_OPT))) ++ return false; ++ } ++ ++ if (efer & EFER_SVME) { ++ struct kvm_cpuid_entry2 *feat; ++ ++ feat = kvm_find_cpuid_entry(vcpu, 0x80000001, 0); ++ if (!feat || !(feat->ecx & bit(X86_FEATURE_SVM))) ++ return false; ++ } ++ ++ return true; ++} ++EXPORT_SYMBOL_GPL(kvm_valid_efer); ++ ++static int set_efer(struct kvm_vcpu *vcpu, u64 efer) ++{ ++ u64 old_efer = vcpu->arch.efer; ++ ++ if (!kvm_valid_efer(vcpu, efer)) ++ return 1; ++ ++ if (is_paging(vcpu) ++ && (vcpu->arch.efer & EFER_LME) != (efer & EFER_LME)) ++ return 1; ++ ++ efer &= ~EFER_LMA; ++ efer |= vcpu->arch.efer & EFER_LMA; ++ ++ kvm_x86_ops->set_efer(vcpu, efer); ++ ++ /* Update reserved bits */ ++ if ((efer ^ old_efer) & EFER_NX) ++ kvm_mmu_reset_context(vcpu); ++ ++ return 0; ++} ++ ++void kvm_enable_efer_bits(u64 mask) ++{ ++ efer_reserved_bits &= ~mask; ++} ++EXPORT_SYMBOL_GPL(kvm_enable_efer_bits); ++ ++/* ++ * Writes msr value into into the appropriate "register". ++ * Returns 0 on success, non-0 otherwise. ++ * Assumes vcpu_load() was already called. ++ */ ++int kvm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) ++{ ++ switch (msr->index) { ++ case MSR_FS_BASE: ++ case MSR_GS_BASE: ++ case MSR_KERNEL_GS_BASE: ++ case MSR_CSTAR: ++ case MSR_LSTAR: ++ if (is_noncanonical_address(msr->data)) ++ return 1; ++ break; ++ case MSR_IA32_SYSENTER_EIP: ++ case MSR_IA32_SYSENTER_ESP: ++ /* ++ * IA32_SYSENTER_ESP and IA32_SYSENTER_EIP cause #GP if ++ * non-canonical address is written on Intel but not on ++ * AMD (which ignores the top 32-bits, because it does ++ * not implement 64-bit SYSENTER). ++ * ++ * 64-bit code should hence be able to write a non-canonical ++ * value on AMD. Making the address canonical ensures that ++ * vmentry does not fail on Intel after writing a non-canonical ++ * value, and that something deterministic happens if the guest ++ * invokes 64-bit SYSENTER. ++ */ ++ msr->data = get_canonical(msr->data); ++ } ++ return kvm_x86_ops->set_msr(vcpu, msr); ++} ++EXPORT_SYMBOL_GPL(kvm_set_msr); ++ ++/* ++ * Adapt set_msr() to msr_io()'s calling convention ++ */ ++static int do_set_msr(struct kvm_vcpu *vcpu, unsigned index, u64 *data) ++{ ++ struct msr_data msr; ++ ++ msr.data = *data; ++ msr.index = index; ++ msr.host_initiated = true; ++ return kvm_set_msr(vcpu, &msr); ++} ++ ++#ifdef CONFIG_X86_64 ++struct pvclock_gtod_data { ++ seqcount_t seq; ++ ++ struct { /* extract of a clocksource struct */ ++ int vclock_mode; ++ cycle_t cycle_last; ++ cycle_t mask; ++ u32 mult; ++ u32 shift; ++ } clock; ++ ++ u64 boot_ns; ++ u64 nsec_base; ++}; ++ ++static struct pvclock_gtod_data pvclock_gtod_data; ++ ++static void update_pvclock_gtod(struct timekeeper *tk) ++{ ++ struct pvclock_gtod_data *vdata = &pvclock_gtod_data; ++ u64 boot_ns; ++ ++ boot_ns = ktime_to_ns(ktime_add(tk->tkr.base_mono, tk->offs_boot)); ++ ++ write_seqcount_begin(&vdata->seq); ++ ++ /* copy pvclock gtod data */ ++ vdata->clock.vclock_mode = tk->tkr.clock->archdata.vclock_mode; ++ vdata->clock.cycle_last = tk->tkr.cycle_last; ++ vdata->clock.mask = tk->tkr.mask; ++ vdata->clock.mult = tk->tkr.mult; ++ vdata->clock.shift = tk->tkr.shift; ++ ++ vdata->boot_ns = boot_ns; ++ vdata->nsec_base = tk->tkr.xtime_nsec; ++ ++ write_seqcount_end(&vdata->seq); ++} ++#endif ++ ++ ++static void kvm_write_wall_clock(struct kvm *kvm, gpa_t wall_clock) ++{ ++ int version; ++ int r; ++ struct pvclock_wall_clock wc; ++ struct timespec boot; ++ ++ if (!wall_clock) ++ return; ++ ++ r = kvm_read_guest(kvm, wall_clock, &version, sizeof(version)); ++ if (r) ++ return; ++ ++ if (version & 1) ++ ++version; /* first time write, random junk */ ++ ++ ++version; ++ ++ kvm_write_guest(kvm, wall_clock, &version, sizeof(version)); ++ ++ /* ++ * The guest calculates current wall clock time by adding ++ * system time (updated by kvm_guest_time_update below) to the ++ * wall clock specified here. guest system time equals host ++ * system time for us, thus we must fill in host boot time here. ++ */ ++ getboottime(&boot); ++ ++ if (kvm->arch.kvmclock_offset) { ++ struct timespec ts = ns_to_timespec(kvm->arch.kvmclock_offset); ++ boot = timespec_sub(boot, ts); ++ } ++ wc.sec = boot.tv_sec; ++ wc.nsec = boot.tv_nsec; ++ wc.version = version; ++ ++ kvm_write_guest(kvm, wall_clock, &wc, sizeof(wc)); ++ ++ version++; ++ kvm_write_guest(kvm, wall_clock, &version, sizeof(version)); ++} ++ ++static uint32_t div_frac(uint32_t dividend, uint32_t divisor) ++{ ++ uint32_t quotient, remainder; ++ ++ /* Don't try to replace with do_div(), this one calculates ++ * "(dividend << 32) / divisor" */ ++ __asm__ ( "divl %4" ++ : "=a" (quotient), "=d" (remainder) ++ : "0" (0), "1" (dividend), "r" (divisor) ); ++ return quotient; ++} ++ ++static void kvm_get_time_scale(uint32_t scaled_khz, uint32_t base_khz, ++ s8 *pshift, u32 *pmultiplier) ++{ ++ uint64_t scaled64; ++ int32_t shift = 0; ++ uint64_t tps64; ++ uint32_t tps32; ++ ++ tps64 = base_khz * 1000LL; ++ scaled64 = scaled_khz * 1000LL; ++ while (tps64 > scaled64*2 || tps64 & 0xffffffff00000000ULL) { ++ tps64 >>= 1; ++ shift--; ++ } ++ ++ tps32 = (uint32_t)tps64; ++ while (tps32 <= scaled64 || scaled64 & 0xffffffff00000000ULL) { ++ if (scaled64 & 0xffffffff00000000ULL || tps32 & 0x80000000) ++ scaled64 >>= 1; ++ else ++ tps32 <<= 1; ++ shift++; ++ } ++ ++ *pshift = shift; ++ *pmultiplier = div_frac(scaled64, tps32); ++ ++ pr_debug("%s: base_khz %u => %u, shift %d, mul %u\n", ++ __func__, base_khz, scaled_khz, shift, *pmultiplier); ++} ++ ++static inline u64 get_kernel_ns(void) ++{ ++ return ktime_get_boot_ns(); ++} ++ ++#ifdef CONFIG_X86_64 ++static atomic_t kvm_guest_has_master_clock = ATOMIC_INIT(0); ++#endif ++ ++static DEFINE_PER_CPU(unsigned long, cpu_tsc_khz); ++unsigned long max_tsc_khz; ++ ++static inline u64 nsec_to_cycles(struct kvm_vcpu *vcpu, u64 nsec) ++{ ++ return pvclock_scale_delta(nsec, vcpu->arch.virtual_tsc_mult, ++ vcpu->arch.virtual_tsc_shift); ++} ++ ++static u32 adjust_tsc_khz(u32 khz, s32 ppm) ++{ ++ u64 v = (u64)khz * (1000000 + ppm); ++ do_div(v, 1000000); ++ return v; ++} ++ ++static void kvm_set_tsc_khz(struct kvm_vcpu *vcpu, u32 this_tsc_khz) ++{ ++ u32 thresh_lo, thresh_hi; ++ int use_scaling = 0; ++ ++ /* tsc_khz can be zero if TSC calibration fails */ ++ if (this_tsc_khz == 0) ++ return; ++ ++ /* Compute a scale to convert nanoseconds in TSC cycles */ ++ kvm_get_time_scale(this_tsc_khz, NSEC_PER_SEC / 1000, ++ &vcpu->arch.virtual_tsc_shift, ++ &vcpu->arch.virtual_tsc_mult); ++ vcpu->arch.virtual_tsc_khz = this_tsc_khz; ++ ++ /* ++ * Compute the variation in TSC rate which is acceptable ++ * within the range of tolerance and decide if the ++ * rate being applied is within that bounds of the hardware ++ * rate. If so, no scaling or compensation need be done. ++ */ ++ thresh_lo = adjust_tsc_khz(tsc_khz, -tsc_tolerance_ppm); ++ thresh_hi = adjust_tsc_khz(tsc_khz, tsc_tolerance_ppm); ++ if (this_tsc_khz < thresh_lo || this_tsc_khz > thresh_hi) { ++ pr_debug("kvm: requested TSC rate %u falls outside tolerance [%u,%u]\n", this_tsc_khz, thresh_lo, thresh_hi); ++ use_scaling = 1; ++ } ++ kvm_x86_ops->set_tsc_khz(vcpu, this_tsc_khz, use_scaling); ++} ++ ++static u64 compute_guest_tsc(struct kvm_vcpu *vcpu, s64 kernel_ns) ++{ ++ u64 tsc = pvclock_scale_delta(kernel_ns-vcpu->arch.this_tsc_nsec, ++ vcpu->arch.virtual_tsc_mult, ++ vcpu->arch.virtual_tsc_shift); ++ tsc += vcpu->arch.this_tsc_write; ++ return tsc; ++} ++ ++void kvm_track_tsc_matching(struct kvm_vcpu *vcpu) ++{ ++#ifdef CONFIG_X86_64 ++ bool vcpus_matched; ++ struct kvm_arch *ka = &vcpu->kvm->arch; ++ struct pvclock_gtod_data *gtod = &pvclock_gtod_data; ++ ++ vcpus_matched = (ka->nr_vcpus_matched_tsc + 1 == ++ atomic_read(&vcpu->kvm->online_vcpus)); ++ ++ /* ++ * Once the masterclock is enabled, always perform request in ++ * order to update it. ++ * ++ * In order to enable masterclock, the host clocksource must be TSC ++ * and the vcpus need to have matched TSCs. When that happens, ++ * perform request to enable masterclock. ++ */ ++ if (ka->use_master_clock || ++ (gtod->clock.vclock_mode == VCLOCK_TSC && vcpus_matched)) ++ kvm_make_request(KVM_REQ_MASTERCLOCK_UPDATE, vcpu); ++ ++ trace_kvm_track_tsc(vcpu->vcpu_id, ka->nr_vcpus_matched_tsc, ++ atomic_read(&vcpu->kvm->online_vcpus), ++ ka->use_master_clock, gtod->clock.vclock_mode); ++#endif ++} ++ ++static void update_ia32_tsc_adjust_msr(struct kvm_vcpu *vcpu, s64 offset) ++{ ++ u64 curr_offset = kvm_x86_ops->read_tsc_offset(vcpu); ++ vcpu->arch.ia32_tsc_adjust_msr += offset - curr_offset; ++} ++ ++void kvm_write_tsc(struct kvm_vcpu *vcpu, struct msr_data *msr) ++{ ++ struct kvm *kvm = vcpu->kvm; ++ u64 offset, ns, elapsed; ++ unsigned long flags; ++ s64 usdiff; ++ bool matched; ++ bool already_matched; ++ u64 data = msr->data; ++ ++ raw_spin_lock_irqsave(&kvm->arch.tsc_write_lock, flags); ++ offset = kvm_x86_ops->compute_tsc_offset(vcpu, data); ++ ns = get_kernel_ns(); ++ elapsed = ns - kvm->arch.last_tsc_nsec; ++ ++ if (vcpu->arch.virtual_tsc_khz) { ++ int faulted = 0; ++ ++ /* n.b - signed multiplication and division required */ ++ usdiff = data - kvm->arch.last_tsc_write; ++#ifdef CONFIG_X86_64 ++ usdiff = (usdiff * 1000) / vcpu->arch.virtual_tsc_khz; ++#else ++ /* do_div() only does unsigned */ ++ asm("1: idivl %[divisor]\n" ++ "2: xor %%edx, %%edx\n" ++ " movl $0, %[faulted]\n" ++ "3:\n" ++ ".section .fixup,\"ax\"\n" ++ "4: movl $1, %[faulted]\n" ++ " jmp 3b\n" ++ ".previous\n" ++ ++ _ASM_EXTABLE(1b, 4b) ++ ++ : "=A"(usdiff), [faulted] "=r" (faulted) ++ : "A"(usdiff * 1000), [divisor] "rm"(vcpu->arch.virtual_tsc_khz)); ++ ++#endif ++ do_div(elapsed, 1000); ++ usdiff -= elapsed; ++ if (usdiff < 0) ++ usdiff = -usdiff; ++ ++ /* idivl overflow => difference is larger than USEC_PER_SEC */ ++ if (faulted) ++ usdiff = USEC_PER_SEC; ++ } else ++ usdiff = USEC_PER_SEC; /* disable TSC match window below */ ++ ++ /* ++ * Special case: TSC write with a small delta (1 second) of virtual ++ * cycle time against real time is interpreted as an attempt to ++ * synchronize the CPU. ++ * ++ * For a reliable TSC, we can match TSC offsets, and for an unstable ++ * TSC, we add elapsed time in this computation. We could let the ++ * compensation code attempt to catch up if we fall behind, but ++ * it's better to try to match offsets from the beginning. ++ */ ++ if (usdiff < USEC_PER_SEC && ++ vcpu->arch.virtual_tsc_khz == kvm->arch.last_tsc_khz) { ++ if (!check_tsc_unstable()) { ++ offset = kvm->arch.cur_tsc_offset; ++ pr_debug("kvm: matched tsc offset for %llu\n", data); ++ } else { ++ u64 delta = nsec_to_cycles(vcpu, elapsed); ++ data += delta; ++ offset = kvm_x86_ops->compute_tsc_offset(vcpu, data); ++ pr_debug("kvm: adjusted tsc offset by %llu\n", delta); ++ } ++ matched = true; ++ already_matched = (vcpu->arch.this_tsc_generation == kvm->arch.cur_tsc_generation); ++ } else { ++ /* ++ * We split periods of matched TSC writes into generations. ++ * For each generation, we track the original measured ++ * nanosecond time, offset, and write, so if TSCs are in ++ * sync, we can match exact offset, and if not, we can match ++ * exact software computation in compute_guest_tsc() ++ * ++ * These values are tracked in kvm->arch.cur_xxx variables. ++ */ ++ kvm->arch.cur_tsc_generation++; ++ kvm->arch.cur_tsc_nsec = ns; ++ kvm->arch.cur_tsc_write = data; ++ kvm->arch.cur_tsc_offset = offset; ++ matched = false; ++ pr_debug("kvm: new tsc generation %llu, clock %llu\n", ++ kvm->arch.cur_tsc_generation, data); ++ } ++ ++ /* ++ * We also track th most recent recorded KHZ, write and time to ++ * allow the matching interval to be extended at each write. ++ */ ++ kvm->arch.last_tsc_nsec = ns; ++ kvm->arch.last_tsc_write = data; ++ kvm->arch.last_tsc_khz = vcpu->arch.virtual_tsc_khz; ++ ++ vcpu->arch.last_guest_tsc = data; ++ ++ /* Keep track of which generation this VCPU has synchronized to */ ++ vcpu->arch.this_tsc_generation = kvm->arch.cur_tsc_generation; ++ vcpu->arch.this_tsc_nsec = kvm->arch.cur_tsc_nsec; ++ vcpu->arch.this_tsc_write = kvm->arch.cur_tsc_write; ++ ++ if (guest_cpuid_has_tsc_adjust(vcpu) && !msr->host_initiated) ++ update_ia32_tsc_adjust_msr(vcpu, offset); ++ kvm_x86_ops->write_tsc_offset(vcpu, offset); ++ raw_spin_unlock_irqrestore(&kvm->arch.tsc_write_lock, flags); ++ ++ spin_lock(&kvm->arch.pvclock_gtod_sync_lock); ++ if (!matched) { ++ kvm->arch.nr_vcpus_matched_tsc = 0; ++ } else if (!already_matched) { ++ kvm->arch.nr_vcpus_matched_tsc++; ++ } ++ ++ kvm_track_tsc_matching(vcpu); ++ spin_unlock(&kvm->arch.pvclock_gtod_sync_lock); ++} ++ ++EXPORT_SYMBOL_GPL(kvm_write_tsc); ++ ++#ifdef CONFIG_X86_64 ++ ++static cycle_t read_tsc(void) ++{ ++ cycle_t ret; ++ u64 last; ++ ++ /* ++ * Empirically, a fence (of type that depends on the CPU) ++ * before rdtsc is enough to ensure that rdtsc is ordered ++ * with respect to loads. The various CPU manuals are unclear ++ * as to whether rdtsc can be reordered with later loads, ++ * but no one has ever seen it happen. ++ */ ++ rdtsc_barrier(); ++ ret = (cycle_t)vget_cycles(); ++ ++ last = pvclock_gtod_data.clock.cycle_last; ++ ++ if (likely(ret >= last)) ++ return ret; ++ ++ /* ++ * GCC likes to generate cmov here, but this branch is extremely ++ * predictable (it's just a funciton of time and the likely is ++ * very likely) and there's a data dependence, so force GCC ++ * to generate a branch instead. I don't barrier() because ++ * we don't actually need a barrier, and if this function ++ * ever gets inlined it will generate worse code. ++ */ ++ asm volatile (""); ++ return last; ++} ++ ++static inline u64 vgettsc(cycle_t *cycle_now) ++{ ++ long v; ++ struct pvclock_gtod_data *gtod = &pvclock_gtod_data; ++ ++ *cycle_now = read_tsc(); ++ ++ v = (*cycle_now - gtod->clock.cycle_last) & gtod->clock.mask; ++ return v * gtod->clock.mult; ++} ++ ++static int do_monotonic_boot(s64 *t, cycle_t *cycle_now) ++{ ++ struct pvclock_gtod_data *gtod = &pvclock_gtod_data; ++ unsigned long seq; ++ int mode; ++ u64 ns; ++ ++ do { ++ seq = read_seqcount_begin(>od->seq); ++ mode = gtod->clock.vclock_mode; ++ ns = gtod->nsec_base; ++ ns += vgettsc(cycle_now); ++ ns >>= gtod->clock.shift; ++ ns += gtod->boot_ns; ++ } while (unlikely(read_seqcount_retry(>od->seq, seq))); ++ *t = ns; ++ ++ return mode; ++} ++ ++/* returns true if host is using tsc clocksource */ ++static bool kvm_get_time_and_clockread(s64 *kernel_ns, cycle_t *cycle_now) ++{ ++ /* checked again under seqlock below */ ++ if (pvclock_gtod_data.clock.vclock_mode != VCLOCK_TSC) ++ return false; ++ ++ return do_monotonic_boot(kernel_ns, cycle_now) == VCLOCK_TSC; ++} ++#endif ++ ++/* ++ * ++ * Assuming a stable TSC across physical CPUS, and a stable TSC ++ * across virtual CPUs, the following condition is possible. ++ * Each numbered line represents an event visible to both ++ * CPUs at the next numbered event. ++ * ++ * "timespecX" represents host monotonic time. "tscX" represents ++ * RDTSC value. ++ * ++ * VCPU0 on CPU0 | VCPU1 on CPU1 ++ * ++ * 1. read timespec0,tsc0 ++ * 2. | timespec1 = timespec0 + N ++ * | tsc1 = tsc0 + M ++ * 3. transition to guest | transition to guest ++ * 4. ret0 = timespec0 + (rdtsc - tsc0) | ++ * 5. | ret1 = timespec1 + (rdtsc - tsc1) ++ * | ret1 = timespec0 + N + (rdtsc - (tsc0 + M)) ++ * ++ * Since ret0 update is visible to VCPU1 at time 5, to obey monotonicity: ++ * ++ * - ret0 < ret1 ++ * - timespec0 + (rdtsc - tsc0) < timespec0 + N + (rdtsc - (tsc0 + M)) ++ * ... ++ * - 0 < N - M => M < N ++ * ++ * That is, when timespec0 != timespec1, M < N. Unfortunately that is not ++ * always the case (the difference between two distinct xtime instances ++ * might be smaller then the difference between corresponding TSC reads, ++ * when updating guest vcpus pvclock areas). ++ * ++ * To avoid that problem, do not allow visibility of distinct ++ * system_timestamp/tsc_timestamp values simultaneously: use a master ++ * copy of host monotonic time values. Update that master copy ++ * in lockstep. ++ * ++ * Rely on synchronization of host TSCs and guest TSCs for monotonicity. ++ * ++ */ ++ ++static void pvclock_update_vm_gtod_copy(struct kvm *kvm) ++{ ++#ifdef CONFIG_X86_64 ++ struct kvm_arch *ka = &kvm->arch; ++ int vclock_mode; ++ bool host_tsc_clocksource, vcpus_matched; ++ ++ vcpus_matched = (ka->nr_vcpus_matched_tsc + 1 == ++ atomic_read(&kvm->online_vcpus)); ++ ++ /* ++ * If the host uses TSC clock, then passthrough TSC as stable ++ * to the guest. ++ */ ++ host_tsc_clocksource = kvm_get_time_and_clockread( ++ &ka->master_kernel_ns, ++ &ka->master_cycle_now); ++ ++ ka->use_master_clock = host_tsc_clocksource && vcpus_matched ++ && !backwards_tsc_observed; ++ ++ if (ka->use_master_clock) ++ atomic_set(&kvm_guest_has_master_clock, 1); ++ ++ vclock_mode = pvclock_gtod_data.clock.vclock_mode; ++ trace_kvm_update_master_clock(ka->use_master_clock, vclock_mode, ++ vcpus_matched); ++#endif ++} ++ ++static void kvm_gen_update_masterclock(struct kvm *kvm) ++{ ++#ifdef CONFIG_X86_64 ++ int i; ++ struct kvm_vcpu *vcpu; ++ struct kvm_arch *ka = &kvm->arch; ++ ++ spin_lock(&ka->pvclock_gtod_sync_lock); ++ kvm_make_mclock_inprogress_request(kvm); ++ /* no guest entries from this point */ ++ pvclock_update_vm_gtod_copy(kvm); ++ ++ kvm_for_each_vcpu(i, vcpu, kvm) ++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu); ++ ++ /* guest entries allowed */ ++ kvm_for_each_vcpu(i, vcpu, kvm) ++ clear_bit(KVM_REQ_MCLOCK_INPROGRESS, &vcpu->requests); ++ ++ spin_unlock(&ka->pvclock_gtod_sync_lock); ++#endif ++} ++ ++static int kvm_guest_time_update(struct kvm_vcpu *v) ++{ ++ unsigned long flags, this_tsc_khz; ++ struct kvm_vcpu_arch *vcpu = &v->arch; ++ struct kvm_arch *ka = &v->kvm->arch; ++ s64 kernel_ns; ++ u64 tsc_timestamp, host_tsc; ++ struct pvclock_vcpu_time_info guest_hv_clock; ++ u8 pvclock_flags; ++ bool use_master_clock; ++ ++ kernel_ns = 0; ++ host_tsc = 0; ++ ++ /* ++ * If the host uses TSC clock, then passthrough TSC as stable ++ * to the guest. ++ */ ++ spin_lock(&ka->pvclock_gtod_sync_lock); ++ use_master_clock = ka->use_master_clock; ++ if (use_master_clock) { ++ host_tsc = ka->master_cycle_now; ++ kernel_ns = ka->master_kernel_ns; ++ } ++ spin_unlock(&ka->pvclock_gtod_sync_lock); ++ ++ /* Keep irq disabled to prevent changes to the clock */ ++ local_irq_save(flags); ++ this_tsc_khz = __this_cpu_read(cpu_tsc_khz); ++ if (unlikely(this_tsc_khz == 0)) { ++ local_irq_restore(flags); ++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, v); ++ return 1; ++ } ++ if (!use_master_clock) { ++ host_tsc = native_read_tsc(); ++ kernel_ns = get_kernel_ns(); ++ } ++ ++ tsc_timestamp = kvm_x86_ops->read_l1_tsc(v, host_tsc); ++ ++ /* ++ * We may have to catch up the TSC to match elapsed wall clock ++ * time for two reasons, even if kvmclock is used. ++ * 1) CPU could have been running below the maximum TSC rate ++ * 2) Broken TSC compensation resets the base at each VCPU ++ * entry to avoid unknown leaps of TSC even when running ++ * again on the same CPU. This may cause apparent elapsed ++ * time to disappear, and the guest to stand still or run ++ * very slowly. ++ */ ++ if (vcpu->tsc_catchup) { ++ u64 tsc = compute_guest_tsc(v, kernel_ns); ++ if (tsc > tsc_timestamp) { ++ adjust_tsc_offset_guest(v, tsc - tsc_timestamp); ++ tsc_timestamp = tsc; ++ } ++ } ++ ++ local_irq_restore(flags); ++ ++ if (!vcpu->pv_time_enabled) ++ return 0; ++ ++ if (unlikely(vcpu->hw_tsc_khz != this_tsc_khz)) { ++ kvm_get_time_scale(NSEC_PER_SEC / 1000, this_tsc_khz, ++ &vcpu->hv_clock.tsc_shift, ++ &vcpu->hv_clock.tsc_to_system_mul); ++ vcpu->hw_tsc_khz = this_tsc_khz; ++ } ++ ++ /* With all the info we got, fill in the values */ ++ vcpu->hv_clock.tsc_timestamp = tsc_timestamp; ++ vcpu->hv_clock.system_time = kernel_ns + v->kvm->arch.kvmclock_offset; ++ vcpu->last_guest_tsc = tsc_timestamp; ++ ++ /* ++ * The interface expects us to write an even number signaling that the ++ * update is finished. Since the guest won't see the intermediate ++ * state, we just increase by 2 at the end. ++ */ ++ vcpu->hv_clock.version += 2; ++ ++ if (unlikely(kvm_read_guest_cached(v->kvm, &vcpu->pv_time, ++ &guest_hv_clock, sizeof(guest_hv_clock)))) ++ return 0; ++ ++ /* retain PVCLOCK_GUEST_STOPPED if set in guest copy */ ++ pvclock_flags = (guest_hv_clock.flags & PVCLOCK_GUEST_STOPPED); ++ ++ if (vcpu->pvclock_set_guest_stopped_request) { ++ pvclock_flags |= PVCLOCK_GUEST_STOPPED; ++ vcpu->pvclock_set_guest_stopped_request = false; ++ } ++ ++ /* If the host uses TSC clocksource, then it is stable */ ++ if (use_master_clock) ++ pvclock_flags |= PVCLOCK_TSC_STABLE_BIT; ++ ++ vcpu->hv_clock.flags = pvclock_flags; ++ ++ kvm_write_guest_cached(v->kvm, &vcpu->pv_time, ++ &vcpu->hv_clock, ++ sizeof(vcpu->hv_clock)); ++ return 0; ++} ++ ++/* ++ * kvmclock updates which are isolated to a given vcpu, such as ++ * vcpu->cpu migration, should not allow system_timestamp from ++ * the rest of the vcpus to remain static. Otherwise ntp frequency ++ * correction applies to one vcpu's system_timestamp but not ++ * the others. ++ * ++ * So in those cases, request a kvmclock update for all vcpus. ++ * We need to rate-limit these requests though, as they can ++ * considerably slow guests that have a large number of vcpus. ++ * The time for a remote vcpu to update its kvmclock is bound ++ * by the delay we use to rate-limit the updates. ++ */ ++ ++#define KVMCLOCK_UPDATE_DELAY msecs_to_jiffies(100) ++ ++static void kvmclock_update_fn(struct work_struct *work) ++{ ++ int i; ++ struct delayed_work *dwork = to_delayed_work(work); ++ struct kvm_arch *ka = container_of(dwork, struct kvm_arch, ++ kvmclock_update_work); ++ struct kvm *kvm = container_of(ka, struct kvm, arch); ++ struct kvm_vcpu *vcpu; ++ ++ kvm_for_each_vcpu(i, vcpu, kvm) { ++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu); ++ kvm_vcpu_kick(vcpu); ++ } ++} ++ ++static void kvm_gen_kvmclock_update(struct kvm_vcpu *v) ++{ ++ struct kvm *kvm = v->kvm; ++ ++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, v); ++ schedule_delayed_work(&kvm->arch.kvmclock_update_work, ++ KVMCLOCK_UPDATE_DELAY); ++} ++ ++#define KVMCLOCK_SYNC_PERIOD (300 * HZ) ++ ++static void kvmclock_sync_fn(struct work_struct *work) ++{ ++ struct delayed_work *dwork = to_delayed_work(work); ++ struct kvm_arch *ka = container_of(dwork, struct kvm_arch, ++ kvmclock_sync_work); ++ struct kvm *kvm = container_of(ka, struct kvm, arch); ++ ++ schedule_delayed_work(&kvm->arch.kvmclock_update_work, 0); ++ schedule_delayed_work(&kvm->arch.kvmclock_sync_work, ++ KVMCLOCK_SYNC_PERIOD); ++} ++ ++static bool msr_mtrr_valid(unsigned msr) ++{ ++ switch (msr) { ++ case 0x200 ... 0x200 + 2 * KVM_NR_VAR_MTRR - 1: ++ case MSR_MTRRfix64K_00000: ++ case MSR_MTRRfix16K_80000: ++ case MSR_MTRRfix16K_A0000: ++ case MSR_MTRRfix4K_C0000: ++ case MSR_MTRRfix4K_C8000: ++ case MSR_MTRRfix4K_D0000: ++ case MSR_MTRRfix4K_D8000: ++ case MSR_MTRRfix4K_E0000: ++ case MSR_MTRRfix4K_E8000: ++ case MSR_MTRRfix4K_F0000: ++ case MSR_MTRRfix4K_F8000: ++ case MSR_MTRRdefType: ++ case MSR_IA32_CR_PAT: ++ return true; ++ case 0x2f8: ++ return true; ++ } ++ return false; ++} ++ ++static bool valid_pat_type(unsigned t) ++{ ++ return t < 8 && (1 << t) & 0xf3; /* 0, 1, 4, 5, 6, 7 */ ++} ++ ++static bool valid_mtrr_type(unsigned t) ++{ ++ return t < 8 && (1 << t) & 0x73; /* 0, 1, 4, 5, 6 */ ++} ++ ++bool kvm_mtrr_valid(struct kvm_vcpu *vcpu, u32 msr, u64 data) ++{ ++ int i; ++ u64 mask; ++ ++ if (!msr_mtrr_valid(msr)) ++ return false; ++ ++ if (msr == MSR_IA32_CR_PAT) { ++ for (i = 0; i < 8; i++) ++ if (!valid_pat_type((data >> (i * 8)) & 0xff)) ++ return false; ++ return true; ++ } else if (msr == MSR_MTRRdefType) { ++ if (data & ~0xcff) ++ return false; ++ return valid_mtrr_type(data & 0xff); ++ } else if (msr >= MSR_MTRRfix64K_00000 && msr <= MSR_MTRRfix4K_F8000) { ++ for (i = 0; i < 8 ; i++) ++ if (!valid_mtrr_type((data >> (i * 8)) & 0xff)) ++ return false; ++ return true; ++ } ++ ++ /* variable MTRRs */ ++ WARN_ON(!(msr >= 0x200 && msr < 0x200 + 2 * KVM_NR_VAR_MTRR)); ++ ++ mask = (~0ULL) << cpuid_maxphyaddr(vcpu); ++ if ((msr & 1) == 0) { ++ /* MTRR base */ ++ if (!valid_mtrr_type(data & 0xff)) ++ return false; ++ mask |= 0xf00; ++ } else ++ /* MTRR mask */ ++ mask |= 0x7ff; ++ if (data & mask) { ++ kvm_inject_gp(vcpu, 0); ++ return false; ++ } ++ ++ return true; ++} ++EXPORT_SYMBOL_GPL(kvm_mtrr_valid); ++ ++static int set_msr_mtrr(struct kvm_vcpu *vcpu, u32 msr, u64 data) ++{ ++ u64 *p = (u64 *)&vcpu->arch.mtrr_state.fixed_ranges; ++ ++ if (!kvm_mtrr_valid(vcpu, msr, data)) ++ return 1; ++ ++ if (msr == MSR_MTRRdefType) { ++ vcpu->arch.mtrr_state.def_type = data; ++ vcpu->arch.mtrr_state.enabled = (data & 0xc00) >> 10; ++ } else if (msr == MSR_MTRRfix64K_00000) ++ p[0] = data; ++ else if (msr == MSR_MTRRfix16K_80000 || msr == MSR_MTRRfix16K_A0000) ++ p[1 + msr - MSR_MTRRfix16K_80000] = data; ++ else if (msr >= MSR_MTRRfix4K_C0000 && msr <= MSR_MTRRfix4K_F8000) ++ p[3 + msr - MSR_MTRRfix4K_C0000] = data; ++ else if (msr == MSR_IA32_CR_PAT) ++ vcpu->arch.pat = data; ++ else { /* Variable MTRRs */ ++ int idx, is_mtrr_mask; ++ u64 *pt; ++ ++ idx = (msr - 0x200) / 2; ++ is_mtrr_mask = msr - 0x200 - 2 * idx; ++ if (!is_mtrr_mask) ++ pt = ++ (u64 *)&vcpu->arch.mtrr_state.var_ranges[idx].base_lo; ++ else ++ pt = ++ (u64 *)&vcpu->arch.mtrr_state.var_ranges[idx].mask_lo; ++ *pt = data; ++ } ++ ++ kvm_mmu_reset_context(vcpu); ++ return 0; ++} ++ ++static int set_msr_mce(struct kvm_vcpu *vcpu, u32 msr, u64 data) ++{ ++ u64 mcg_cap = vcpu->arch.mcg_cap; ++ unsigned bank_num = mcg_cap & 0xff; ++ ++ switch (msr) { ++ case MSR_IA32_MCG_STATUS: ++ vcpu->arch.mcg_status = data; ++ break; ++ case MSR_IA32_MCG_CTL: ++ if (!(mcg_cap & MCG_CTL_P)) ++ return 1; ++ if (data != 0 && data != ~(u64)0) ++ return -1; ++ vcpu->arch.mcg_ctl = data; ++ break; ++ default: ++ if (msr >= MSR_IA32_MC0_CTL && ++ msr < MSR_IA32_MCx_CTL(bank_num)) { ++ u32 offset = msr - MSR_IA32_MC0_CTL; ++ /* only 0 or all 1s can be written to IA32_MCi_CTL ++ * some Linux kernels though clear bit 10 in bank 4 to ++ * workaround a BIOS/GART TBL issue on AMD K8s, ignore ++ * this to avoid an uncatched #GP in the guest ++ */ ++ if ((offset & 0x3) == 0 && ++ data != 0 && (data | (1 << 10)) != ~(u64)0) ++ return -1; ++ vcpu->arch.mce_banks[offset] = data; ++ break; ++ } ++ return 1; ++ } ++ return 0; ++} ++ ++static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data) ++{ ++ struct kvm *kvm = vcpu->kvm; ++ int lm = is_long_mode(vcpu); ++ u8 *blob_addr = lm ? (u8 *)(long)kvm->arch.xen_hvm_config.blob_addr_64 ++ : (u8 *)(long)kvm->arch.xen_hvm_config.blob_addr_32; ++ u8 blob_size = lm ? kvm->arch.xen_hvm_config.blob_size_64 ++ : kvm->arch.xen_hvm_config.blob_size_32; ++ u32 page_num = data & ~PAGE_MASK; ++ u64 page_addr = data & PAGE_MASK; ++ u8 *page; ++ int r; ++ ++ r = -E2BIG; ++ if (page_num >= blob_size) ++ goto out; ++ r = -ENOMEM; ++ page = memdup_user(blob_addr + (page_num * PAGE_SIZE), PAGE_SIZE); ++ if (IS_ERR(page)) { ++ r = PTR_ERR(page); ++ goto out; ++ } ++ if (kvm_write_guest(kvm, page_addr, page, PAGE_SIZE)) ++ goto out_free; ++ r = 0; ++out_free: ++ kfree(page); ++out: ++ return r; ++} ++ ++static bool kvm_hv_hypercall_enabled(struct kvm *kvm) ++{ ++ return kvm->arch.hv_hypercall & HV_X64_MSR_HYPERCALL_ENABLE; ++} ++ ++static bool kvm_hv_msr_partition_wide(u32 msr) ++{ ++ bool r = false; ++ switch (msr) { ++ case HV_X64_MSR_GUEST_OS_ID: ++ case HV_X64_MSR_HYPERCALL: ++ case HV_X64_MSR_REFERENCE_TSC: ++ case HV_X64_MSR_TIME_REF_COUNT: ++ r = true; ++ break; ++ } ++ ++ return r; ++} ++ ++static int set_msr_hyperv_pw(struct kvm_vcpu *vcpu, u32 msr, u64 data) ++{ ++ struct kvm *kvm = vcpu->kvm; ++ ++ switch (msr) { ++ case HV_X64_MSR_GUEST_OS_ID: ++ kvm->arch.hv_guest_os_id = data; ++ /* setting guest os id to zero disables hypercall page */ ++ if (!kvm->arch.hv_guest_os_id) ++ kvm->arch.hv_hypercall &= ~HV_X64_MSR_HYPERCALL_ENABLE; ++ break; ++ case HV_X64_MSR_HYPERCALL: { ++ u64 gfn; ++ unsigned long addr; ++ u8 instructions[4]; ++ ++ /* if guest os id is not set hypercall should remain disabled */ ++ if (!kvm->arch.hv_guest_os_id) ++ break; ++ if (!(data & HV_X64_MSR_HYPERCALL_ENABLE)) { ++ kvm->arch.hv_hypercall = data; ++ break; ++ } ++ gfn = data >> HV_X64_MSR_HYPERCALL_PAGE_ADDRESS_SHIFT; ++ addr = gfn_to_hva(kvm, gfn); ++ if (kvm_is_error_hva(addr)) ++ return 1; ++ kvm_x86_ops->patch_hypercall(vcpu, instructions); ++ ((unsigned char *)instructions)[3] = 0xc3; /* ret */ ++ if (__copy_to_user((void __user *)addr, instructions, 4)) ++ return 1; ++ kvm->arch.hv_hypercall = data; ++ mark_page_dirty(kvm, gfn); ++ break; ++ } ++ case HV_X64_MSR_REFERENCE_TSC: { ++ u64 gfn; ++ HV_REFERENCE_TSC_PAGE tsc_ref; ++ memset(&tsc_ref, 0, sizeof(tsc_ref)); ++ kvm->arch.hv_tsc_page = data; ++ if (!(data & HV_X64_MSR_TSC_REFERENCE_ENABLE)) ++ break; ++ gfn = data >> HV_X64_MSR_TSC_REFERENCE_ADDRESS_SHIFT; ++ if (kvm_write_guest(kvm, gfn << HV_X64_MSR_TSC_REFERENCE_ADDRESS_SHIFT, ++ &tsc_ref, sizeof(tsc_ref))) ++ return 1; ++ mark_page_dirty(kvm, gfn); ++ break; ++ } ++ default: ++ vcpu_unimpl(vcpu, "HYPER-V unimplemented wrmsr: 0x%x " ++ "data 0x%llx\n", msr, data); ++ return 1; ++ } ++ return 0; ++} ++ ++static int set_msr_hyperv(struct kvm_vcpu *vcpu, u32 msr, u64 data) ++{ ++ switch (msr) { ++ case HV_X64_MSR_APIC_ASSIST_PAGE: { ++ u64 gfn; ++ unsigned long addr; ++ ++ if (!(data & HV_X64_MSR_APIC_ASSIST_PAGE_ENABLE)) { ++ vcpu->arch.hv_vapic = data; ++ if (kvm_lapic_enable_pv_eoi(vcpu, 0)) ++ return 1; ++ break; ++ } ++ gfn = data >> HV_X64_MSR_APIC_ASSIST_PAGE_ADDRESS_SHIFT; ++ addr = gfn_to_hva(vcpu->kvm, gfn); ++ if (kvm_is_error_hva(addr)) ++ return 1; ++ if (__clear_user((void __user *)addr, PAGE_SIZE)) ++ return 1; ++ vcpu->arch.hv_vapic = data; ++ mark_page_dirty(vcpu->kvm, gfn); ++ if (kvm_lapic_enable_pv_eoi(vcpu, gfn_to_gpa(gfn) | KVM_MSR_ENABLED)) ++ return 1; ++ break; ++ } ++ case HV_X64_MSR_EOI: ++ return kvm_hv_vapic_msr_write(vcpu, APIC_EOI, data); ++ case HV_X64_MSR_ICR: ++ return kvm_hv_vapic_msr_write(vcpu, APIC_ICR, data); ++ case HV_X64_MSR_TPR: ++ return kvm_hv_vapic_msr_write(vcpu, APIC_TASKPRI, data); ++ default: ++ vcpu_unimpl(vcpu, "HYPER-V unimplemented wrmsr: 0x%x " ++ "data 0x%llx\n", msr, data); ++ return 1; ++ } ++ ++ return 0; ++} ++ ++static int kvm_pv_enable_async_pf(struct kvm_vcpu *vcpu, u64 data) ++{ ++ gpa_t gpa = data & ~0x3f; ++ ++ /* Bits 2:5 are reserved, Should be zero */ ++ if (data & 0x3c) ++ return 1; ++ ++ vcpu->arch.apf.msr_val = data; ++ ++ if (!(data & KVM_ASYNC_PF_ENABLED)) { ++ kvm_clear_async_pf_completion_queue(vcpu); ++ kvm_async_pf_hash_reset(vcpu); ++ return 0; ++ } ++ ++ if (kvm_gfn_to_hva_cache_init(vcpu->kvm, &vcpu->arch.apf.data, gpa, ++ sizeof(u32))) ++ return 1; ++ ++ vcpu->arch.apf.send_user_only = !(data & KVM_ASYNC_PF_SEND_ALWAYS); ++ kvm_async_pf_wakeup_all(vcpu); ++ return 0; ++} ++ ++static void kvmclock_reset(struct kvm_vcpu *vcpu) ++{ ++ vcpu->arch.pv_time_enabled = false; ++} ++ ++static void accumulate_steal_time(struct kvm_vcpu *vcpu) ++{ ++ u64 delta; ++ ++ if (!(vcpu->arch.st.msr_val & KVM_MSR_ENABLED)) ++ return; ++ ++ delta = current->sched_info.run_delay - vcpu->arch.st.last_steal; ++ vcpu->arch.st.last_steal = current->sched_info.run_delay; ++ vcpu->arch.st.accum_steal = delta; ++} ++ ++static void record_steal_time(struct kvm_vcpu *vcpu) ++{ ++ if (!(vcpu->arch.st.msr_val & KVM_MSR_ENABLED)) ++ return; ++ ++ if (unlikely(kvm_read_guest_cached(vcpu->kvm, &vcpu->arch.st.stime, ++ &vcpu->arch.st.steal, sizeof(struct kvm_steal_time)))) ++ return; ++ ++ vcpu->arch.st.steal.steal += vcpu->arch.st.accum_steal; ++ vcpu->arch.st.steal.version += 2; ++ vcpu->arch.st.accum_steal = 0; ++ ++ kvm_write_guest_cached(vcpu->kvm, &vcpu->arch.st.stime, ++ &vcpu->arch.st.steal, sizeof(struct kvm_steal_time)); ++} ++ ++int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) ++{ ++ bool pr = false; ++ u32 msr = msr_info->index; ++ u64 data = msr_info->data; ++ ++ switch (msr) { ++ case MSR_AMD64_NB_CFG: ++ case MSR_IA32_UCODE_REV: ++ case MSR_IA32_UCODE_WRITE: ++ case MSR_VM_HSAVE_PA: ++ case MSR_AMD64_PATCH_LOADER: ++ case MSR_AMD64_BU_CFG2: ++ break; ++ ++ case MSR_EFER: ++ return set_efer(vcpu, data); ++ case MSR_K7_HWCR: ++ data &= ~(u64)0x40; /* ignore flush filter disable */ ++ data &= ~(u64)0x100; /* ignore ignne emulation enable */ ++ data &= ~(u64)0x8; /* ignore TLB cache disable */ ++ data &= ~(u64)0x40000; /* ignore Mc status write enable */ ++ if (data != 0) { ++ vcpu_unimpl(vcpu, "unimplemented HWCR wrmsr: 0x%llx\n", ++ data); ++ return 1; ++ } ++ break; ++ case MSR_FAM10H_MMIO_CONF_BASE: ++ if (data != 0) { ++ vcpu_unimpl(vcpu, "unimplemented MMIO_CONF_BASE wrmsr: " ++ "0x%llx\n", data); ++ return 1; ++ } ++ break; ++ case MSR_IA32_DEBUGCTLMSR: ++ if (!data) { ++ /* We support the non-activated case already */ ++ break; ++ } else if (data & ~(DEBUGCTLMSR_LBR | DEBUGCTLMSR_BTF)) { ++ /* Values other than LBR and BTF are vendor-specific, ++ thus reserved and should throw a #GP */ ++ return 1; ++ } ++ vcpu_unimpl(vcpu, "%s: MSR_IA32_DEBUGCTLMSR 0x%llx, nop\n", ++ __func__, data); ++ break; ++ case 0x200 ... 0x2ff: ++ return set_msr_mtrr(vcpu, msr, data); ++ case MSR_IA32_APICBASE: ++ return kvm_set_apic_base(vcpu, msr_info); ++ case APIC_BASE_MSR ... APIC_BASE_MSR + 0x3ff: ++ return kvm_x2apic_msr_write(vcpu, msr, data); ++ case MSR_IA32_TSCDEADLINE: ++ kvm_set_lapic_tscdeadline_msr(vcpu, data); ++ break; ++ case MSR_IA32_TSC_ADJUST: ++ if (guest_cpuid_has_tsc_adjust(vcpu)) { ++ if (!msr_info->host_initiated) { ++ u64 adj = data - vcpu->arch.ia32_tsc_adjust_msr; ++ kvm_x86_ops->adjust_tsc_offset(vcpu, adj, true); ++ } ++ vcpu->arch.ia32_tsc_adjust_msr = data; ++ } ++ break; ++ case MSR_IA32_MISC_ENABLE: ++ vcpu->arch.ia32_misc_enable_msr = data; ++ break; ++ case MSR_KVM_WALL_CLOCK_NEW: ++ case MSR_KVM_WALL_CLOCK: ++ vcpu->kvm->arch.wall_clock = data; ++ kvm_write_wall_clock(vcpu->kvm, data); ++ break; ++ case MSR_KVM_SYSTEM_TIME_NEW: ++ case MSR_KVM_SYSTEM_TIME: { ++ u64 gpa_offset; ++ kvmclock_reset(vcpu); ++ ++ vcpu->arch.time = data; ++ kvm_make_request(KVM_REQ_GLOBAL_CLOCK_UPDATE, vcpu); ++ ++ /* we verify if the enable bit is set... */ ++ if (!(data & 1)) ++ break; ++ ++ gpa_offset = data & ~(PAGE_MASK | 1); ++ ++ if (kvm_gfn_to_hva_cache_init(vcpu->kvm, ++ &vcpu->arch.pv_time, data & ~1ULL, ++ sizeof(struct pvclock_vcpu_time_info))) ++ vcpu->arch.pv_time_enabled = false; ++ else ++ vcpu->arch.pv_time_enabled = true; ++ ++ break; ++ } ++ case MSR_KVM_ASYNC_PF_EN: ++ if (kvm_pv_enable_async_pf(vcpu, data)) ++ return 1; ++ break; ++ case MSR_KVM_STEAL_TIME: ++ ++ if (unlikely(!sched_info_on())) ++ return 1; ++ ++ if (data & KVM_STEAL_RESERVED_MASK) ++ return 1; ++ ++ if (kvm_gfn_to_hva_cache_init(vcpu->kvm, &vcpu->arch.st.stime, ++ data & KVM_STEAL_VALID_BITS, ++ sizeof(struct kvm_steal_time))) ++ return 1; ++ ++ vcpu->arch.st.msr_val = data; ++ ++ if (!(data & KVM_MSR_ENABLED)) ++ break; ++ ++ vcpu->arch.st.last_steal = current->sched_info.run_delay; ++ ++ preempt_disable(); ++ accumulate_steal_time(vcpu); ++ preempt_enable(); ++ ++ kvm_make_request(KVM_REQ_STEAL_UPDATE, vcpu); ++ ++ break; ++ case MSR_KVM_PV_EOI_EN: ++ if (kvm_lapic_enable_pv_eoi(vcpu, data)) ++ return 1; ++ break; ++ ++ case MSR_IA32_MCG_CTL: ++ case MSR_IA32_MCG_STATUS: ++ case MSR_IA32_MC0_CTL ... MSR_IA32_MCx_CTL(KVM_MAX_MCE_BANKS) - 1: ++ return set_msr_mce(vcpu, msr, data); ++ ++ /* Performance counters are not protected by a CPUID bit, ++ * so we should check all of them in the generic path for the sake of ++ * cross vendor migration. ++ * Writing a zero into the event select MSRs disables them, ++ * which we perfectly emulate ;-). Any other value should be at least ++ * reported, some guests depend on them. ++ */ ++ case MSR_K7_EVNTSEL0: ++ case MSR_K7_EVNTSEL1: ++ case MSR_K7_EVNTSEL2: ++ case MSR_K7_EVNTSEL3: ++ if (data != 0) ++ vcpu_unimpl(vcpu, "unimplemented perfctr wrmsr: " ++ "0x%x data 0x%llx\n", msr, data); ++ break; ++ /* at least RHEL 4 unconditionally writes to the perfctr registers, ++ * so we ignore writes to make it happy. ++ */ ++ case MSR_K7_PERFCTR0: ++ case MSR_K7_PERFCTR1: ++ case MSR_K7_PERFCTR2: ++ case MSR_K7_PERFCTR3: ++ vcpu_unimpl(vcpu, "unimplemented perfctr wrmsr: " ++ "0x%x data 0x%llx\n", msr, data); ++ break; ++ case MSR_P6_PERFCTR0: ++ case MSR_P6_PERFCTR1: ++ pr = true; ++ case MSR_P6_EVNTSEL0: ++ case MSR_P6_EVNTSEL1: ++ if (kvm_pmu_msr(vcpu, msr)) ++ return kvm_pmu_set_msr(vcpu, msr_info); ++ ++ if (pr || data != 0) ++ vcpu_unimpl(vcpu, "disabled perfctr wrmsr: " ++ "0x%x data 0x%llx\n", msr, data); ++ break; ++ case MSR_K7_CLK_CTL: ++ /* ++ * Ignore all writes to this no longer documented MSR. ++ * Writes are only relevant for old K7 processors, ++ * all pre-dating SVM, but a recommended workaround from ++ * AMD for these chips. It is possible to specify the ++ * affected processor models on the command line, hence ++ * the need to ignore the workaround. ++ */ ++ break; ++ case HV_X64_MSR_GUEST_OS_ID ... HV_X64_MSR_SINT15: ++ if (kvm_hv_msr_partition_wide(msr)) { ++ int r; ++ mutex_lock(&vcpu->kvm->lock); ++ r = set_msr_hyperv_pw(vcpu, msr, data); ++ mutex_unlock(&vcpu->kvm->lock); ++ return r; ++ } else ++ return set_msr_hyperv(vcpu, msr, data); ++ break; ++ case MSR_IA32_BBL_CR_CTL3: ++ /* Drop writes to this legacy MSR -- see rdmsr ++ * counterpart for further detail. ++ */ ++ vcpu_unimpl(vcpu, "ignored wrmsr: 0x%x data %llx\n", msr, data); ++ break; ++ case MSR_AMD64_OSVW_ID_LENGTH: ++ if (!guest_cpuid_has_osvw(vcpu)) ++ return 1; ++ vcpu->arch.osvw.length = data; ++ break; ++ case MSR_AMD64_OSVW_STATUS: ++ if (!guest_cpuid_has_osvw(vcpu)) ++ return 1; ++ vcpu->arch.osvw.status = data; ++ break; ++ default: ++ if (msr && (msr == vcpu->kvm->arch.xen_hvm_config.msr)) ++ return xen_hvm_config(vcpu, data); ++ if (kvm_pmu_msr(vcpu, msr)) ++ return kvm_pmu_set_msr(vcpu, msr_info); ++ if (!ignore_msrs) { ++ vcpu_unimpl(vcpu, "unhandled wrmsr: 0x%x data %llx\n", ++ msr, data); ++ return 1; ++ } else { ++ vcpu_unimpl(vcpu, "ignored wrmsr: 0x%x data %llx\n", ++ msr, data); ++ break; ++ } ++ } ++ return 0; ++} ++EXPORT_SYMBOL_GPL(kvm_set_msr_common); ++ ++ ++/* ++ * Reads an msr value (of 'msr_index') into 'pdata'. ++ * Returns 0 on success, non-0 otherwise. ++ * Assumes vcpu_load() was already called. ++ */ ++int kvm_get_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata) ++{ ++ return kvm_x86_ops->get_msr(vcpu, msr_index, pdata); ++} ++ ++static int get_msr_mtrr(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata) ++{ ++ u64 *p = (u64 *)&vcpu->arch.mtrr_state.fixed_ranges; ++ ++ if (!msr_mtrr_valid(msr)) ++ return 1; ++ ++ if (msr == MSR_MTRRdefType) ++ *pdata = vcpu->arch.mtrr_state.def_type + ++ (vcpu->arch.mtrr_state.enabled << 10); ++ else if (msr == MSR_MTRRfix64K_00000) ++ *pdata = p[0]; ++ else if (msr == MSR_MTRRfix16K_80000 || msr == MSR_MTRRfix16K_A0000) ++ *pdata = p[1 + msr - MSR_MTRRfix16K_80000]; ++ else if (msr >= MSR_MTRRfix4K_C0000 && msr <= MSR_MTRRfix4K_F8000) ++ *pdata = p[3 + msr - MSR_MTRRfix4K_C0000]; ++ else if (msr == MSR_IA32_CR_PAT) ++ *pdata = vcpu->arch.pat; ++ else { /* Variable MTRRs */ ++ int idx, is_mtrr_mask; ++ u64 *pt; ++ ++ idx = (msr - 0x200) / 2; ++ is_mtrr_mask = msr - 0x200 - 2 * idx; ++ if (!is_mtrr_mask) ++ pt = ++ (u64 *)&vcpu->arch.mtrr_state.var_ranges[idx].base_lo; ++ else ++ pt = ++ (u64 *)&vcpu->arch.mtrr_state.var_ranges[idx].mask_lo; ++ *pdata = *pt; ++ } ++ ++ return 0; ++} ++ ++static int get_msr_mce(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata) ++{ ++ u64 data; ++ u64 mcg_cap = vcpu->arch.mcg_cap; ++ unsigned bank_num = mcg_cap & 0xff; ++ ++ switch (msr) { ++ case MSR_IA32_P5_MC_ADDR: ++ case MSR_IA32_P5_MC_TYPE: ++ data = 0; ++ break; ++ case MSR_IA32_MCG_CAP: ++ data = vcpu->arch.mcg_cap; ++ break; ++ case MSR_IA32_MCG_CTL: ++ if (!(mcg_cap & MCG_CTL_P)) ++ return 1; ++ data = vcpu->arch.mcg_ctl; ++ break; ++ case MSR_IA32_MCG_STATUS: ++ data = vcpu->arch.mcg_status; ++ break; ++ default: ++ if (msr >= MSR_IA32_MC0_CTL && ++ msr < MSR_IA32_MCx_CTL(bank_num)) { ++ u32 offset = msr - MSR_IA32_MC0_CTL; ++ data = vcpu->arch.mce_banks[offset]; ++ break; ++ } ++ return 1; ++ } ++ *pdata = data; ++ return 0; ++} ++ ++static int get_msr_hyperv_pw(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata) ++{ ++ u64 data = 0; ++ struct kvm *kvm = vcpu->kvm; ++ ++ switch (msr) { ++ case HV_X64_MSR_GUEST_OS_ID: ++ data = kvm->arch.hv_guest_os_id; ++ break; ++ case HV_X64_MSR_HYPERCALL: ++ data = kvm->arch.hv_hypercall; ++ break; ++ case HV_X64_MSR_TIME_REF_COUNT: { ++ data = ++ div_u64(get_kernel_ns() + kvm->arch.kvmclock_offset, 100); ++ break; ++ } ++ case HV_X64_MSR_REFERENCE_TSC: ++ data = kvm->arch.hv_tsc_page; ++ break; ++ default: ++ vcpu_unimpl(vcpu, "Hyper-V unhandled rdmsr: 0x%x\n", msr); ++ return 1; ++ } ++ ++ *pdata = data; ++ return 0; ++} ++ ++static int get_msr_hyperv(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata) ++{ ++ u64 data = 0; ++ ++ switch (msr) { ++ case HV_X64_MSR_VP_INDEX: { ++ int r; ++ struct kvm_vcpu *v; ++ kvm_for_each_vcpu(r, v, vcpu->kvm) { ++ if (v == vcpu) { ++ data = r; ++ break; ++ } ++ } ++ break; ++ } ++ case HV_X64_MSR_EOI: ++ return kvm_hv_vapic_msr_read(vcpu, APIC_EOI, pdata); ++ case HV_X64_MSR_ICR: ++ return kvm_hv_vapic_msr_read(vcpu, APIC_ICR, pdata); ++ case HV_X64_MSR_TPR: ++ return kvm_hv_vapic_msr_read(vcpu, APIC_TASKPRI, pdata); ++ case HV_X64_MSR_APIC_ASSIST_PAGE: ++ data = vcpu->arch.hv_vapic; ++ break; ++ default: ++ vcpu_unimpl(vcpu, "Hyper-V unhandled rdmsr: 0x%x\n", msr); ++ return 1; ++ } ++ *pdata = data; ++ return 0; ++} ++ ++int kvm_get_msr_common(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata) ++{ ++ u64 data; ++ ++ switch (msr) { ++ case MSR_IA32_PLATFORM_ID: ++ case MSR_IA32_EBL_CR_POWERON: ++ case MSR_IA32_DEBUGCTLMSR: ++ case MSR_IA32_LASTBRANCHFROMIP: ++ case MSR_IA32_LASTBRANCHTOIP: ++ case MSR_IA32_LASTINTFROMIP: ++ case MSR_IA32_LASTINTTOIP: ++ case MSR_K8_SYSCFG: ++ case MSR_K7_HWCR: ++ case MSR_VM_HSAVE_PA: ++ case MSR_K7_EVNTSEL0: ++ case MSR_K7_EVNTSEL1: ++ case MSR_K7_EVNTSEL2: ++ case MSR_K7_EVNTSEL3: ++ case MSR_K7_PERFCTR0: ++ case MSR_K7_PERFCTR1: ++ case MSR_K7_PERFCTR2: ++ case MSR_K7_PERFCTR3: ++ case MSR_K8_INT_PENDING_MSG: ++ case MSR_AMD64_NB_CFG: ++ case MSR_FAM10H_MMIO_CONF_BASE: ++ case MSR_AMD64_BU_CFG2: ++ data = 0; ++ break; ++ case MSR_P6_PERFCTR0: ++ case MSR_P6_PERFCTR1: ++ case MSR_P6_EVNTSEL0: ++ case MSR_P6_EVNTSEL1: ++ if (kvm_pmu_msr(vcpu, msr)) ++ return kvm_pmu_get_msr(vcpu, msr, pdata); ++ data = 0; ++ break; ++ case MSR_IA32_UCODE_REV: ++ data = 0x100000000ULL; ++ break; ++ case MSR_MTRRcap: ++ data = 0x500 | KVM_NR_VAR_MTRR; ++ break; ++ case 0x200 ... 0x2ff: ++ return get_msr_mtrr(vcpu, msr, pdata); ++ case 0xcd: /* fsb frequency */ ++ data = 3; ++ break; ++ /* ++ * MSR_EBC_FREQUENCY_ID ++ * Conservative value valid for even the basic CPU models. ++ * Models 0,1: 000 in bits 23:21 indicating a bus speed of ++ * 100MHz, model 2 000 in bits 18:16 indicating 100MHz, ++ * and 266MHz for model 3, or 4. Set Core Clock ++ * Frequency to System Bus Frequency Ratio to 1 (bits ++ * 31:24) even though these are only valid for CPU ++ * models > 2, however guests may end up dividing or ++ * multiplying by zero otherwise. ++ */ ++ case MSR_EBC_FREQUENCY_ID: ++ data = 1 << 24; ++ break; ++ case MSR_IA32_APICBASE: ++ data = kvm_get_apic_base(vcpu); ++ break; ++ case APIC_BASE_MSR ... APIC_BASE_MSR + 0x3ff: ++ return kvm_x2apic_msr_read(vcpu, msr, pdata); ++ break; ++ case MSR_IA32_TSCDEADLINE: ++ data = kvm_get_lapic_tscdeadline_msr(vcpu); ++ break; ++ case MSR_IA32_TSC_ADJUST: ++ data = (u64)vcpu->arch.ia32_tsc_adjust_msr; ++ break; ++ case MSR_IA32_MISC_ENABLE: ++ data = vcpu->arch.ia32_misc_enable_msr; ++ break; ++ case MSR_IA32_PERF_STATUS: ++ /* TSC increment by tick */ ++ data = 1000ULL; ++ /* CPU multiplier */ ++ data |= (((uint64_t)4ULL) << 40); ++ break; ++ case MSR_EFER: ++ data = vcpu->arch.efer; ++ break; ++ case MSR_KVM_WALL_CLOCK: ++ case MSR_KVM_WALL_CLOCK_NEW: ++ data = vcpu->kvm->arch.wall_clock; ++ break; ++ case MSR_KVM_SYSTEM_TIME: ++ case MSR_KVM_SYSTEM_TIME_NEW: ++ data = vcpu->arch.time; ++ break; ++ case MSR_KVM_ASYNC_PF_EN: ++ data = vcpu->arch.apf.msr_val; ++ break; ++ case MSR_KVM_STEAL_TIME: ++ data = vcpu->arch.st.msr_val; ++ break; ++ case MSR_KVM_PV_EOI_EN: ++ data = vcpu->arch.pv_eoi.msr_val; ++ break; ++ case MSR_IA32_P5_MC_ADDR: ++ case MSR_IA32_P5_MC_TYPE: ++ case MSR_IA32_MCG_CAP: ++ case MSR_IA32_MCG_CTL: ++ case MSR_IA32_MCG_STATUS: ++ case MSR_IA32_MC0_CTL ... MSR_IA32_MCx_CTL(KVM_MAX_MCE_BANKS) - 1: ++ return get_msr_mce(vcpu, msr, pdata); ++ case MSR_K7_CLK_CTL: ++ /* ++ * Provide expected ramp-up count for K7. All other ++ * are set to zero, indicating minimum divisors for ++ * every field. ++ * ++ * This prevents guest kernels on AMD host with CPU ++ * type 6, model 8 and higher from exploding due to ++ * the rdmsr failing. ++ */ ++ data = 0x20000000; ++ break; ++ case HV_X64_MSR_GUEST_OS_ID ... HV_X64_MSR_SINT15: ++ if (kvm_hv_msr_partition_wide(msr)) { ++ int r; ++ mutex_lock(&vcpu->kvm->lock); ++ r = get_msr_hyperv_pw(vcpu, msr, pdata); ++ mutex_unlock(&vcpu->kvm->lock); ++ return r; ++ } else ++ return get_msr_hyperv(vcpu, msr, pdata); ++ break; ++ case MSR_IA32_BBL_CR_CTL3: ++ /* This legacy MSR exists but isn't fully documented in current ++ * silicon. It is however accessed by winxp in very narrow ++ * scenarios where it sets bit #19, itself documented as ++ * a "reserved" bit. Best effort attempt to source coherent ++ * read data here should the balance of the register be ++ * interpreted by the guest: ++ * ++ * L2 cache control register 3: 64GB range, 256KB size, ++ * enabled, latency 0x1, configured ++ */ ++ data = 0xbe702111; ++ break; ++ case MSR_AMD64_OSVW_ID_LENGTH: ++ if (!guest_cpuid_has_osvw(vcpu)) ++ return 1; ++ data = vcpu->arch.osvw.length; ++ break; ++ case MSR_AMD64_OSVW_STATUS: ++ if (!guest_cpuid_has_osvw(vcpu)) ++ return 1; ++ data = vcpu->arch.osvw.status; ++ break; ++ default: ++ if (kvm_pmu_msr(vcpu, msr)) ++ return kvm_pmu_get_msr(vcpu, msr, pdata); ++ if (!ignore_msrs) { ++ vcpu_unimpl(vcpu, "unhandled rdmsr: 0x%x\n", msr); ++ return 1; ++ } else { ++ vcpu_unimpl(vcpu, "ignored rdmsr: 0x%x\n", msr); ++ data = 0; ++ } ++ break; ++ } ++ *pdata = data; ++ return 0; ++} ++EXPORT_SYMBOL_GPL(kvm_get_msr_common); ++ ++/* ++ * Read or write a bunch of msrs. All parameters are kernel addresses. ++ * ++ * @return number of msrs set successfully. ++ */ ++static int __msr_io(struct kvm_vcpu *vcpu, struct kvm_msrs *msrs, ++ struct kvm_msr_entry *entries, ++ int (*do_msr)(struct kvm_vcpu *vcpu, ++ unsigned index, u64 *data)) ++{ ++ int i, idx; ++ ++ idx = srcu_read_lock(&vcpu->kvm->srcu); ++ for (i = 0; i < msrs->nmsrs; ++i) ++ if (do_msr(vcpu, entries[i].index, &entries[i].data)) ++ break; ++ srcu_read_unlock(&vcpu->kvm->srcu, idx); ++ ++ return i; ++} ++ ++/* ++ * Read or write a bunch of msrs. Parameters are user addresses. ++ * ++ * @return number of msrs set successfully. ++ */ ++static int msr_io(struct kvm_vcpu *vcpu, struct kvm_msrs __user *user_msrs, ++ int (*do_msr)(struct kvm_vcpu *vcpu, ++ unsigned index, u64 *data), ++ int writeback) ++{ ++ struct kvm_msrs msrs; ++ struct kvm_msr_entry *entries; ++ int r, n; ++ unsigned size; ++ ++ r = -EFAULT; ++ if (copy_from_user(&msrs, user_msrs, sizeof msrs)) ++ goto out; ++ ++ r = -E2BIG; ++ if (msrs.nmsrs >= MAX_IO_MSRS) ++ goto out; ++ ++ size = sizeof(struct kvm_msr_entry) * msrs.nmsrs; ++ entries = memdup_user(user_msrs->entries, size); ++ if (IS_ERR(entries)) { ++ r = PTR_ERR(entries); ++ goto out; ++ } ++ ++ r = n = __msr_io(vcpu, &msrs, entries, do_msr); ++ if (r < 0) ++ goto out_free; ++ ++ r = -EFAULT; ++ if (writeback && copy_to_user(user_msrs->entries, entries, size)) ++ goto out_free; ++ ++ r = n; ++ ++out_free: ++ kfree(entries); ++out: ++ return r; ++} ++ ++int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext) ++{ ++ int r; ++ ++ switch (ext) { ++ case KVM_CAP_IRQCHIP: ++ case KVM_CAP_HLT: ++ case KVM_CAP_MMU_SHADOW_CACHE_CONTROL: ++ case KVM_CAP_SET_TSS_ADDR: ++ case KVM_CAP_EXT_CPUID: ++ case KVM_CAP_EXT_EMUL_CPUID: ++ case KVM_CAP_CLOCKSOURCE: ++ case KVM_CAP_PIT: ++ case KVM_CAP_NOP_IO_DELAY: ++ case KVM_CAP_MP_STATE: ++ case KVM_CAP_SYNC_MMU: ++ case KVM_CAP_USER_NMI: ++ case KVM_CAP_REINJECT_CONTROL: ++ case KVM_CAP_IRQ_INJECT_STATUS: ++ case KVM_CAP_IRQFD: ++ case KVM_CAP_IOEVENTFD: ++ case KVM_CAP_IOEVENTFD_NO_LENGTH: ++ case KVM_CAP_PIT2: ++ case KVM_CAP_PIT_STATE2: ++ case KVM_CAP_SET_IDENTITY_MAP_ADDR: ++ case KVM_CAP_XEN_HVM: ++ case KVM_CAP_ADJUST_CLOCK: ++ case KVM_CAP_VCPU_EVENTS: ++ case KVM_CAP_HYPERV: ++ case KVM_CAP_HYPERV_VAPIC: ++ case KVM_CAP_HYPERV_SPIN: ++ case KVM_CAP_PCI_SEGMENT: ++ case KVM_CAP_DEBUGREGS: ++ case KVM_CAP_X86_ROBUST_SINGLESTEP: ++ case KVM_CAP_XSAVE: ++ case KVM_CAP_ASYNC_PF: ++ case KVM_CAP_GET_TSC_KHZ: ++ case KVM_CAP_KVMCLOCK_CTRL: ++ case KVM_CAP_READONLY_MEM: ++ case KVM_CAP_HYPERV_TIME: ++ case KVM_CAP_IOAPIC_POLARITY_IGNORED: ++#ifdef CONFIG_KVM_DEVICE_ASSIGNMENT ++ case KVM_CAP_ASSIGN_DEV_IRQ: ++ case KVM_CAP_PCI_2_3: ++#endif ++ r = 1; ++ break; ++ case KVM_CAP_COALESCED_MMIO: ++ r = KVM_COALESCED_MMIO_PAGE_OFFSET; ++ break; ++ case KVM_CAP_VAPIC: ++ r = !kvm_x86_ops->cpu_has_accelerated_tpr(); ++ break; ++ case KVM_CAP_NR_VCPUS: ++ r = KVM_SOFT_MAX_VCPUS; ++ break; ++ case KVM_CAP_MAX_VCPUS: ++ r = KVM_MAX_VCPUS; ++ break; ++ case KVM_CAP_NR_MEMSLOTS: ++ r = KVM_USER_MEM_SLOTS; ++ break; ++ case KVM_CAP_PV_MMU: /* obsolete */ ++ r = 0; ++ break; ++#ifdef CONFIG_KVM_DEVICE_ASSIGNMENT ++ case KVM_CAP_IOMMU: ++ r = iommu_present(&pci_bus_type); ++ break; ++#endif ++ case KVM_CAP_MCE: ++ r = KVM_MAX_MCE_BANKS; ++ break; ++ case KVM_CAP_XCRS: ++ r = cpu_has_xsave; ++ break; ++ case KVM_CAP_TSC_CONTROL: ++ r = kvm_has_tsc_control; ++ break; ++ case KVM_CAP_TSC_DEADLINE_TIMER: ++ r = boot_cpu_has(X86_FEATURE_TSC_DEADLINE_TIMER); ++ break; ++ default: ++ r = 0; ++ break; ++ } ++ return r; ++ ++} ++ ++long kvm_arch_dev_ioctl(struct file *filp, ++ unsigned int ioctl, unsigned long arg) ++{ ++ void __user *argp = (void __user *)arg; ++ long r; ++ ++ switch (ioctl) { ++ case KVM_GET_MSR_INDEX_LIST: { ++ struct kvm_msr_list __user *user_msr_list = argp; ++ struct kvm_msr_list msr_list; ++ unsigned n; ++ ++ r = -EFAULT; ++ if (copy_from_user(&msr_list, user_msr_list, sizeof msr_list)) ++ goto out; ++ n = msr_list.nmsrs; ++ msr_list.nmsrs = num_msrs_to_save + ARRAY_SIZE(emulated_msrs); ++ if (copy_to_user(user_msr_list, &msr_list, sizeof msr_list)) ++ goto out; ++ r = -E2BIG; ++ if (n < msr_list.nmsrs) ++ goto out; ++ r = -EFAULT; ++ if (copy_to_user(user_msr_list->indices, &msrs_to_save, ++ num_msrs_to_save * sizeof(u32))) ++ goto out; ++ if (copy_to_user(user_msr_list->indices + num_msrs_to_save, ++ &emulated_msrs, ++ ARRAY_SIZE(emulated_msrs) * sizeof(u32))) ++ goto out; ++ r = 0; ++ break; ++ } ++ case KVM_GET_SUPPORTED_CPUID: ++ case KVM_GET_EMULATED_CPUID: { ++ struct kvm_cpuid2 __user *cpuid_arg = argp; ++ struct kvm_cpuid2 cpuid; ++ ++ r = -EFAULT; ++ if (copy_from_user(&cpuid, cpuid_arg, sizeof cpuid)) ++ goto out; ++ ++ r = kvm_dev_ioctl_get_cpuid(&cpuid, cpuid_arg->entries, ++ ioctl); ++ if (r) ++ goto out; ++ ++ r = -EFAULT; ++ if (copy_to_user(cpuid_arg, &cpuid, sizeof cpuid)) ++ goto out; ++ r = 0; ++ break; ++ } ++ case KVM_X86_GET_MCE_CAP_SUPPORTED: { ++ u64 mce_cap; ++ ++ mce_cap = KVM_MCE_CAP_SUPPORTED; ++ r = -EFAULT; ++ if (copy_to_user(argp, &mce_cap, sizeof mce_cap)) ++ goto out; ++ r = 0; ++ break; ++ } ++ default: ++ r = -EINVAL; ++ } ++out: ++ return r; ++} ++ ++static void wbinvd_ipi(void *garbage) ++{ ++ wbinvd(); ++} ++ ++static bool need_emulate_wbinvd(struct kvm_vcpu *vcpu) ++{ ++ return kvm_arch_has_noncoherent_dma(vcpu->kvm); ++} ++ ++void kvm_arch_vcpu_load(struct kvm_vcpu *vcpu, int cpu) ++{ ++ /* Address WBINVD may be executed by guest */ ++ if (need_emulate_wbinvd(vcpu)) { ++ if (kvm_x86_ops->has_wbinvd_exit()) ++ cpumask_set_cpu(cpu, vcpu->arch.wbinvd_dirty_mask); ++ else if (vcpu->cpu != -1 && vcpu->cpu != cpu) ++ smp_call_function_single(vcpu->cpu, ++ wbinvd_ipi, NULL, 1); ++ } ++ ++ kvm_x86_ops->vcpu_load(vcpu, cpu); ++ ++ /* Apply any externally detected TSC adjustments (due to suspend) */ ++ if (unlikely(vcpu->arch.tsc_offset_adjustment)) { ++ adjust_tsc_offset_host(vcpu, vcpu->arch.tsc_offset_adjustment); ++ vcpu->arch.tsc_offset_adjustment = 0; ++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu); ++ } ++ ++ if (unlikely(vcpu->cpu != cpu) || check_tsc_unstable()) { ++ s64 tsc_delta = !vcpu->arch.last_host_tsc ? 0 : ++ native_read_tsc() - vcpu->arch.last_host_tsc; ++ if (tsc_delta < 0) ++ mark_tsc_unstable("KVM discovered backwards TSC"); ++ if (check_tsc_unstable()) { ++ u64 offset = kvm_x86_ops->compute_tsc_offset(vcpu, ++ vcpu->arch.last_guest_tsc); ++ kvm_x86_ops->write_tsc_offset(vcpu, offset); ++ vcpu->arch.tsc_catchup = 1; ++ } ++ /* ++ * On a host with synchronized TSC, there is no need to update ++ * kvmclock on vcpu->cpu migration ++ */ ++ if (!vcpu->kvm->arch.use_master_clock || vcpu->cpu == -1) ++ kvm_make_request(KVM_REQ_GLOBAL_CLOCK_UPDATE, vcpu); ++ if (vcpu->cpu != cpu) ++ kvm_migrate_timers(vcpu); ++ vcpu->cpu = cpu; ++ } ++ ++ accumulate_steal_time(vcpu); ++ kvm_make_request(KVM_REQ_STEAL_UPDATE, vcpu); ++} ++ ++void kvm_arch_vcpu_put(struct kvm_vcpu *vcpu) ++{ ++ kvm_x86_ops->vcpu_put(vcpu); ++ kvm_put_guest_fpu(vcpu); ++ vcpu->arch.last_host_tsc = native_read_tsc(); ++} ++ ++static int kvm_vcpu_ioctl_get_lapic(struct kvm_vcpu *vcpu, ++ struct kvm_lapic_state *s) ++{ ++ kvm_x86_ops->sync_pir_to_irr(vcpu); ++ memcpy(s->regs, vcpu->arch.apic->regs, sizeof *s); ++ ++ return 0; ++} ++ ++static int kvm_vcpu_ioctl_set_lapic(struct kvm_vcpu *vcpu, ++ struct kvm_lapic_state *s) ++{ ++ kvm_apic_post_state_restore(vcpu, s); ++ update_cr8_intercept(vcpu); ++ ++ return 0; ++} ++ ++static int kvm_vcpu_ioctl_interrupt(struct kvm_vcpu *vcpu, ++ struct kvm_interrupt *irq) ++{ ++ if (irq->irq >= KVM_NR_INTERRUPTS) ++ return -EINVAL; ++ if (irqchip_in_kernel(vcpu->kvm)) ++ return -ENXIO; ++ ++ kvm_queue_interrupt(vcpu, irq->irq, false); ++ kvm_make_request(KVM_REQ_EVENT, vcpu); ++ ++ return 0; ++} ++ ++static int kvm_vcpu_ioctl_nmi(struct kvm_vcpu *vcpu) ++{ ++ kvm_inject_nmi(vcpu); ++ ++ return 0; ++} ++ ++static int vcpu_ioctl_tpr_access_reporting(struct kvm_vcpu *vcpu, ++ struct kvm_tpr_access_ctl *tac) ++{ ++ if (tac->flags) ++ return -EINVAL; ++ vcpu->arch.tpr_access_reporting = !!tac->enabled; ++ return 0; ++} ++ ++static int kvm_vcpu_ioctl_x86_setup_mce(struct kvm_vcpu *vcpu, ++ u64 mcg_cap) ++{ ++ int r; ++ unsigned bank_num = mcg_cap & 0xff, bank; ++ ++ r = -EINVAL; ++ if (!bank_num || bank_num >= KVM_MAX_MCE_BANKS) ++ goto out; ++ if (mcg_cap & ~(KVM_MCE_CAP_SUPPORTED | 0xff | 0xff0000)) ++ goto out; ++ r = 0; ++ vcpu->arch.mcg_cap = mcg_cap; ++ /* Init IA32_MCG_CTL to all 1s */ ++ if (mcg_cap & MCG_CTL_P) ++ vcpu->arch.mcg_ctl = ~(u64)0; ++ /* Init IA32_MCi_CTL to all 1s */ ++ for (bank = 0; bank < bank_num; bank++) ++ vcpu->arch.mce_banks[bank*4] = ~(u64)0; ++out: ++ return r; ++} ++ ++static int kvm_vcpu_ioctl_x86_set_mce(struct kvm_vcpu *vcpu, ++ struct kvm_x86_mce *mce) ++{ ++ u64 mcg_cap = vcpu->arch.mcg_cap; ++ unsigned bank_num = mcg_cap & 0xff; ++ u64 *banks = vcpu->arch.mce_banks; ++ ++ if (mce->bank >= bank_num || !(mce->status & MCI_STATUS_VAL)) ++ return -EINVAL; ++ /* ++ * if IA32_MCG_CTL is not all 1s, the uncorrected error ++ * reporting is disabled ++ */ ++ if ((mce->status & MCI_STATUS_UC) && (mcg_cap & MCG_CTL_P) && ++ vcpu->arch.mcg_ctl != ~(u64)0) ++ return 0; ++ banks += 4 * mce->bank; ++ /* ++ * if IA32_MCi_CTL is not all 1s, the uncorrected error ++ * reporting is disabled for the bank ++ */ ++ if ((mce->status & MCI_STATUS_UC) && banks[0] != ~(u64)0) ++ return 0; ++ if (mce->status & MCI_STATUS_UC) { ++ if ((vcpu->arch.mcg_status & MCG_STATUS_MCIP) || ++ !kvm_read_cr4_bits(vcpu, X86_CR4_MCE)) { ++ kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu); ++ return 0; ++ } ++ if (banks[1] & MCI_STATUS_VAL) ++ mce->status |= MCI_STATUS_OVER; ++ banks[2] = mce->addr; ++ banks[3] = mce->misc; ++ vcpu->arch.mcg_status = mce->mcg_status; ++ banks[1] = mce->status; ++ kvm_queue_exception(vcpu, MC_VECTOR); ++ } else if (!(banks[1] & MCI_STATUS_VAL) ++ || !(banks[1] & MCI_STATUS_UC)) { ++ if (banks[1] & MCI_STATUS_VAL) ++ mce->status |= MCI_STATUS_OVER; ++ banks[2] = mce->addr; ++ banks[3] = mce->misc; ++ banks[1] = mce->status; ++ } else ++ banks[1] |= MCI_STATUS_OVER; ++ return 0; ++} ++ ++static void kvm_vcpu_ioctl_x86_get_vcpu_events(struct kvm_vcpu *vcpu, ++ struct kvm_vcpu_events *events) ++{ ++ process_nmi(vcpu); ++ events->exception.injected = ++ vcpu->arch.exception.pending && ++ !kvm_exception_is_soft(vcpu->arch.exception.nr); ++ events->exception.nr = vcpu->arch.exception.nr; ++ events->exception.has_error_code = vcpu->arch.exception.has_error_code; ++ events->exception.pad = 0; ++ events->exception.error_code = vcpu->arch.exception.error_code; ++ ++ events->interrupt.injected = ++ vcpu->arch.interrupt.pending && !vcpu->arch.interrupt.soft; ++ events->interrupt.nr = vcpu->arch.interrupt.nr; ++ events->interrupt.soft = 0; ++ events->interrupt.shadow = kvm_x86_ops->get_interrupt_shadow(vcpu); ++ ++ events->nmi.injected = vcpu->arch.nmi_injected; ++ events->nmi.pending = vcpu->arch.nmi_pending != 0; ++ events->nmi.masked = kvm_x86_ops->get_nmi_mask(vcpu); ++ events->nmi.pad = 0; ++ ++ events->sipi_vector = 0; /* never valid when reporting to user space */ ++ ++ events->flags = (KVM_VCPUEVENT_VALID_NMI_PENDING ++ | KVM_VCPUEVENT_VALID_SHADOW); ++ memset(&events->reserved, 0, sizeof(events->reserved)); ++} ++ ++static int kvm_vcpu_ioctl_x86_set_vcpu_events(struct kvm_vcpu *vcpu, ++ struct kvm_vcpu_events *events) ++{ ++ if (events->flags & ~(KVM_VCPUEVENT_VALID_NMI_PENDING ++ | KVM_VCPUEVENT_VALID_SIPI_VECTOR ++ | KVM_VCPUEVENT_VALID_SHADOW)) ++ return -EINVAL; ++ ++ process_nmi(vcpu); ++ vcpu->arch.exception.pending = events->exception.injected; ++ vcpu->arch.exception.nr = events->exception.nr; ++ vcpu->arch.exception.has_error_code = events->exception.has_error_code; ++ vcpu->arch.exception.error_code = events->exception.error_code; ++ ++ vcpu->arch.interrupt.pending = events->interrupt.injected; ++ vcpu->arch.interrupt.nr = events->interrupt.nr; ++ vcpu->arch.interrupt.soft = events->interrupt.soft; ++ if (events->flags & KVM_VCPUEVENT_VALID_SHADOW) ++ kvm_x86_ops->set_interrupt_shadow(vcpu, ++ events->interrupt.shadow); ++ ++ vcpu->arch.nmi_injected = events->nmi.injected; ++ if (events->flags & KVM_VCPUEVENT_VALID_NMI_PENDING) ++ vcpu->arch.nmi_pending = events->nmi.pending; ++ kvm_x86_ops->set_nmi_mask(vcpu, events->nmi.masked); ++ ++ if (events->flags & KVM_VCPUEVENT_VALID_SIPI_VECTOR && ++ kvm_vcpu_has_lapic(vcpu)) ++ vcpu->arch.apic->sipi_vector = events->sipi_vector; ++ ++ kvm_make_request(KVM_REQ_EVENT, vcpu); ++ ++ return 0; ++} ++ ++static void kvm_vcpu_ioctl_x86_get_debugregs(struct kvm_vcpu *vcpu, ++ struct kvm_debugregs *dbgregs) ++{ ++ unsigned long val; ++ ++ memcpy(dbgregs->db, vcpu->arch.db, sizeof(vcpu->arch.db)); ++ _kvm_get_dr(vcpu, 6, &val); ++ dbgregs->dr6 = val; ++ dbgregs->dr7 = vcpu->arch.dr7; ++ dbgregs->flags = 0; ++ memset(&dbgregs->reserved, 0, sizeof(dbgregs->reserved)); ++} ++ ++static int kvm_vcpu_ioctl_x86_set_debugregs(struct kvm_vcpu *vcpu, ++ struct kvm_debugregs *dbgregs) ++{ ++ if (dbgregs->flags) ++ return -EINVAL; ++ ++ memcpy(vcpu->arch.db, dbgregs->db, sizeof(vcpu->arch.db)); ++ vcpu->arch.dr6 = dbgregs->dr6; ++ kvm_update_dr6(vcpu); ++ vcpu->arch.dr7 = dbgregs->dr7; ++ kvm_update_dr7(vcpu); ++ ++ return 0; ++} ++ ++#define XSTATE_COMPACTION_ENABLED (1ULL << 63) ++ ++static void fill_xsave(u8 *dest, struct kvm_vcpu *vcpu) ++{ ++ struct xsave_struct *xsave = &vcpu->arch.guest_fpu.state->xsave; ++ u64 xstate_bv = xsave->xsave_hdr.xstate_bv; ++ u64 valid; ++ ++ /* ++ * Copy legacy XSAVE area, to avoid complications with CPUID ++ * leaves 0 and 1 in the loop below. ++ */ ++ memcpy(dest, xsave, XSAVE_HDR_OFFSET); ++ ++ /* Set XSTATE_BV */ ++ *(u64 *)(dest + XSAVE_HDR_OFFSET) = xstate_bv; ++ ++ /* ++ * Copy each region from the possibly compacted offset to the ++ * non-compacted offset. ++ */ ++ valid = xstate_bv & ~XSTATE_FPSSE; ++ while (valid) { ++ u64 feature = valid & -valid; ++ int index = fls64(feature) - 1; ++ void *src = get_xsave_addr(xsave, feature); ++ ++ if (src) { ++ u32 size, offset, ecx, edx; ++ cpuid_count(XSTATE_CPUID, index, ++ &size, &offset, &ecx, &edx); ++ memcpy(dest + offset, src, size); ++ } ++ ++ valid -= feature; ++ } ++} ++ ++static void load_xsave(struct kvm_vcpu *vcpu, u8 *src) ++{ ++ struct xsave_struct *xsave = &vcpu->arch.guest_fpu.state->xsave; ++ u64 xstate_bv = *(u64 *)(src + XSAVE_HDR_OFFSET); ++ u64 valid; ++ ++ /* ++ * Copy legacy XSAVE area, to avoid complications with CPUID ++ * leaves 0 and 1 in the loop below. ++ */ ++ memcpy(xsave, src, XSAVE_HDR_OFFSET); ++ ++ /* Set XSTATE_BV and possibly XCOMP_BV. */ ++ xsave->xsave_hdr.xstate_bv = xstate_bv; ++ if (cpu_has_xsaves) ++ xsave->xsave_hdr.xcomp_bv = host_xcr0 | XSTATE_COMPACTION_ENABLED; ++ ++ /* ++ * Copy each region from the non-compacted offset to the ++ * possibly compacted offset. ++ */ ++ valid = xstate_bv & ~XSTATE_FPSSE; ++ while (valid) { ++ u64 feature = valid & -valid; ++ int index = fls64(feature) - 1; ++ void *dest = get_xsave_addr(xsave, feature); ++ ++ if (dest) { ++ u32 size, offset, ecx, edx; ++ cpuid_count(XSTATE_CPUID, index, ++ &size, &offset, &ecx, &edx); ++ memcpy(dest, src + offset, size); ++ } else ++ WARN_ON_ONCE(1); ++ ++ valid -= feature; ++ } ++} ++ ++static void kvm_vcpu_ioctl_x86_get_xsave(struct kvm_vcpu *vcpu, ++ struct kvm_xsave *guest_xsave) ++{ ++ if (cpu_has_xsave) { ++ memset(guest_xsave, 0, sizeof(struct kvm_xsave)); ++ fill_xsave((u8 *) guest_xsave->region, vcpu); ++ } else { ++ memcpy(guest_xsave->region, ++ &vcpu->arch.guest_fpu.state->fxsave, ++ sizeof(struct i387_fxsave_struct)); ++ *(u64 *)&guest_xsave->region[XSAVE_HDR_OFFSET / sizeof(u32)] = ++ XSTATE_FPSSE; ++ } ++} ++ ++static int kvm_vcpu_ioctl_x86_set_xsave(struct kvm_vcpu *vcpu, ++ struct kvm_xsave *guest_xsave) ++{ ++ u64 xstate_bv = ++ *(u64 *)&guest_xsave->region[XSAVE_HDR_OFFSET / sizeof(u32)]; ++ ++ if (cpu_has_xsave) { ++ /* ++ * Here we allow setting states that are not present in ++ * CPUID leaf 0xD, index 0, EDX:EAX. This is for compatibility ++ * with old userspace. ++ */ ++ if (xstate_bv & ~kvm_supported_xcr0()) ++ return -EINVAL; ++ load_xsave(vcpu, (u8 *)guest_xsave->region); ++ } else { ++ if (xstate_bv & ~XSTATE_FPSSE) ++ return -EINVAL; ++ memcpy(&vcpu->arch.guest_fpu.state->fxsave, ++ guest_xsave->region, sizeof(struct i387_fxsave_struct)); ++ } ++ return 0; ++} ++ ++static void kvm_vcpu_ioctl_x86_get_xcrs(struct kvm_vcpu *vcpu, ++ struct kvm_xcrs *guest_xcrs) ++{ ++ if (!cpu_has_xsave) { ++ guest_xcrs->nr_xcrs = 0; ++ return; ++ } ++ ++ guest_xcrs->nr_xcrs = 1; ++ guest_xcrs->flags = 0; ++ guest_xcrs->xcrs[0].xcr = XCR_XFEATURE_ENABLED_MASK; ++ guest_xcrs->xcrs[0].value = vcpu->arch.xcr0; ++} ++ ++static int kvm_vcpu_ioctl_x86_set_xcrs(struct kvm_vcpu *vcpu, ++ struct kvm_xcrs *guest_xcrs) ++{ ++ int i, r = 0; ++ ++ if (!cpu_has_xsave) ++ return -EINVAL; ++ ++ if (guest_xcrs->nr_xcrs > KVM_MAX_XCRS || guest_xcrs->flags) ++ return -EINVAL; ++ ++ for (i = 0; i < guest_xcrs->nr_xcrs; i++) ++ /* Only support XCR0 currently */ ++ if (guest_xcrs->xcrs[i].xcr == XCR_XFEATURE_ENABLED_MASK) { ++ r = __kvm_set_xcr(vcpu, XCR_XFEATURE_ENABLED_MASK, ++ guest_xcrs->xcrs[i].value); ++ break; ++ } ++ if (r) ++ r = -EINVAL; ++ return r; ++} ++ ++/* ++ * kvm_set_guest_paused() indicates to the guest kernel that it has been ++ * stopped by the hypervisor. This function will be called from the host only. ++ * EINVAL is returned when the host attempts to set the flag for a guest that ++ * does not support pv clocks. ++ */ ++static int kvm_set_guest_paused(struct kvm_vcpu *vcpu) ++{ ++ if (!vcpu->arch.pv_time_enabled) ++ return -EINVAL; ++ vcpu->arch.pvclock_set_guest_stopped_request = true; ++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu); ++ return 0; ++} ++ ++long kvm_arch_vcpu_ioctl(struct file *filp, ++ unsigned int ioctl, unsigned long arg) ++{ ++ struct kvm_vcpu *vcpu = filp->private_data; ++ void __user *argp = (void __user *)arg; ++ int r; ++ union { ++ struct kvm_lapic_state *lapic; ++ struct kvm_xsave *xsave; ++ struct kvm_xcrs *xcrs; ++ void *buffer; ++ } u; ++ ++ u.buffer = NULL; ++ switch (ioctl) { ++ case KVM_GET_LAPIC: { ++ r = -EINVAL; ++ if (!vcpu->arch.apic) ++ goto out; ++ u.lapic = kzalloc(sizeof(struct kvm_lapic_state), GFP_KERNEL); ++ ++ r = -ENOMEM; ++ if (!u.lapic) ++ goto out; ++ r = kvm_vcpu_ioctl_get_lapic(vcpu, u.lapic); ++ if (r) ++ goto out; ++ r = -EFAULT; ++ if (copy_to_user(argp, u.lapic, sizeof(struct kvm_lapic_state))) ++ goto out; ++ r = 0; ++ break; ++ } ++ case KVM_SET_LAPIC: { ++ r = -EINVAL; ++ if (!vcpu->arch.apic) ++ goto out; ++ u.lapic = memdup_user(argp, sizeof(*u.lapic)); ++ if (IS_ERR(u.lapic)) ++ return PTR_ERR(u.lapic); ++ ++ r = kvm_vcpu_ioctl_set_lapic(vcpu, u.lapic); ++ break; ++ } ++ case KVM_INTERRUPT: { ++ struct kvm_interrupt irq; ++ ++ r = -EFAULT; ++ if (copy_from_user(&irq, argp, sizeof irq)) ++ goto out; ++ r = kvm_vcpu_ioctl_interrupt(vcpu, &irq); ++ break; ++ } ++ case KVM_NMI: { ++ r = kvm_vcpu_ioctl_nmi(vcpu); ++ break; ++ } ++ case KVM_SET_CPUID: { ++ struct kvm_cpuid __user *cpuid_arg = argp; ++ struct kvm_cpuid cpuid; ++ ++ r = -EFAULT; ++ if (copy_from_user(&cpuid, cpuid_arg, sizeof cpuid)) ++ goto out; ++ r = kvm_vcpu_ioctl_set_cpuid(vcpu, &cpuid, cpuid_arg->entries); ++ break; ++ } ++ case KVM_SET_CPUID2: { ++ struct kvm_cpuid2 __user *cpuid_arg = argp; ++ struct kvm_cpuid2 cpuid; ++ ++ r = -EFAULT; ++ if (copy_from_user(&cpuid, cpuid_arg, sizeof cpuid)) ++ goto out; ++ r = kvm_vcpu_ioctl_set_cpuid2(vcpu, &cpuid, ++ cpuid_arg->entries); ++ break; ++ } ++ case KVM_GET_CPUID2: { ++ struct kvm_cpuid2 __user *cpuid_arg = argp; ++ struct kvm_cpuid2 cpuid; ++ ++ r = -EFAULT; ++ if (copy_from_user(&cpuid, cpuid_arg, sizeof cpuid)) ++ goto out; ++ r = kvm_vcpu_ioctl_get_cpuid2(vcpu, &cpuid, ++ cpuid_arg->entries); ++ if (r) ++ goto out; ++ r = -EFAULT; ++ if (copy_to_user(cpuid_arg, &cpuid, sizeof cpuid)) ++ goto out; ++ r = 0; ++ break; ++ } ++ case KVM_GET_MSRS: ++ r = msr_io(vcpu, argp, kvm_get_msr, 1); ++ break; ++ case KVM_SET_MSRS: ++ r = msr_io(vcpu, argp, do_set_msr, 0); ++ break; ++ case KVM_TPR_ACCESS_REPORTING: { ++ struct kvm_tpr_access_ctl tac; ++ ++ r = -EFAULT; ++ if (copy_from_user(&tac, argp, sizeof tac)) ++ goto out; ++ r = vcpu_ioctl_tpr_access_reporting(vcpu, &tac); ++ if (r) ++ goto out; ++ r = -EFAULT; ++ if (copy_to_user(argp, &tac, sizeof tac)) ++ goto out; ++ r = 0; ++ break; ++ }; ++ case KVM_SET_VAPIC_ADDR: { ++ struct kvm_vapic_addr va; ++ ++ r = -EINVAL; ++ if (!irqchip_in_kernel(vcpu->kvm)) ++ goto out; ++ r = -EFAULT; ++ if (copy_from_user(&va, argp, sizeof va)) ++ goto out; ++ r = kvm_lapic_set_vapic_addr(vcpu, va.vapic_addr); ++ break; ++ } ++ case KVM_X86_SETUP_MCE: { ++ u64 mcg_cap; ++ ++ r = -EFAULT; ++ if (copy_from_user(&mcg_cap, argp, sizeof mcg_cap)) ++ goto out; ++ r = kvm_vcpu_ioctl_x86_setup_mce(vcpu, mcg_cap); ++ break; ++ } ++ case KVM_X86_SET_MCE: { ++ struct kvm_x86_mce mce; ++ ++ r = -EFAULT; ++ if (copy_from_user(&mce, argp, sizeof mce)) ++ goto out; ++ r = kvm_vcpu_ioctl_x86_set_mce(vcpu, &mce); ++ break; ++ } ++ case KVM_GET_VCPU_EVENTS: { ++ struct kvm_vcpu_events events; ++ ++ kvm_vcpu_ioctl_x86_get_vcpu_events(vcpu, &events); ++ ++ r = -EFAULT; ++ if (copy_to_user(argp, &events, sizeof(struct kvm_vcpu_events))) ++ break; ++ r = 0; ++ break; ++ } ++ case KVM_SET_VCPU_EVENTS: { ++ struct kvm_vcpu_events events; ++ ++ r = -EFAULT; ++ if (copy_from_user(&events, argp, sizeof(struct kvm_vcpu_events))) ++ break; ++ ++ r = kvm_vcpu_ioctl_x86_set_vcpu_events(vcpu, &events); ++ break; ++ } ++ case KVM_GET_DEBUGREGS: { ++ struct kvm_debugregs dbgregs; ++ ++ kvm_vcpu_ioctl_x86_get_debugregs(vcpu, &dbgregs); ++ ++ r = -EFAULT; ++ if (copy_to_user(argp, &dbgregs, ++ sizeof(struct kvm_debugregs))) ++ break; ++ r = 0; ++ break; ++ } ++ case KVM_SET_DEBUGREGS: { ++ struct kvm_debugregs dbgregs; ++ ++ r = -EFAULT; ++ if (copy_from_user(&dbgregs, argp, ++ sizeof(struct kvm_debugregs))) ++ break; ++ ++ r = kvm_vcpu_ioctl_x86_set_debugregs(vcpu, &dbgregs); ++ break; ++ } ++ case KVM_GET_XSAVE: { ++ u.xsave = kzalloc(sizeof(struct kvm_xsave), GFP_KERNEL); ++ r = -ENOMEM; ++ if (!u.xsave) ++ break; ++ ++ kvm_vcpu_ioctl_x86_get_xsave(vcpu, u.xsave); ++ ++ r = -EFAULT; ++ if (copy_to_user(argp, u.xsave, sizeof(struct kvm_xsave))) ++ break; ++ r = 0; ++ break; ++ } ++ case KVM_SET_XSAVE: { ++ u.xsave = memdup_user(argp, sizeof(*u.xsave)); ++ if (IS_ERR(u.xsave)) ++ return PTR_ERR(u.xsave); ++ ++ r = kvm_vcpu_ioctl_x86_set_xsave(vcpu, u.xsave); ++ break; ++ } ++ case KVM_GET_XCRS: { ++ u.xcrs = kzalloc(sizeof(struct kvm_xcrs), GFP_KERNEL); ++ r = -ENOMEM; ++ if (!u.xcrs) ++ break; ++ ++ kvm_vcpu_ioctl_x86_get_xcrs(vcpu, u.xcrs); ++ ++ r = -EFAULT; ++ if (copy_to_user(argp, u.xcrs, ++ sizeof(struct kvm_xcrs))) ++ break; ++ r = 0; ++ break; ++ } ++ case KVM_SET_XCRS: { ++ u.xcrs = memdup_user(argp, sizeof(*u.xcrs)); ++ if (IS_ERR(u.xcrs)) ++ return PTR_ERR(u.xcrs); ++ ++ r = kvm_vcpu_ioctl_x86_set_xcrs(vcpu, u.xcrs); ++ break; ++ } ++ case KVM_SET_TSC_KHZ: { ++ u32 user_tsc_khz; ++ ++ r = -EINVAL; ++ user_tsc_khz = (u32)arg; ++ ++ if (user_tsc_khz >= kvm_max_guest_tsc_khz) ++ goto out; ++ ++ if (user_tsc_khz == 0) ++ user_tsc_khz = tsc_khz; ++ ++ kvm_set_tsc_khz(vcpu, user_tsc_khz); ++ ++ r = 0; ++ goto out; ++ } ++ case KVM_GET_TSC_KHZ: { ++ r = vcpu->arch.virtual_tsc_khz; ++ goto out; ++ } ++ case KVM_KVMCLOCK_CTRL: { ++ r = kvm_set_guest_paused(vcpu); ++ goto out; ++ } ++ default: ++ r = -EINVAL; ++ } ++out: ++ kfree(u.buffer); ++ return r; ++} ++ ++int kvm_arch_vcpu_fault(struct kvm_vcpu *vcpu, struct vm_fault *vmf) ++{ ++ return VM_FAULT_SIGBUS; ++} ++ ++static int kvm_vm_ioctl_set_tss_addr(struct kvm *kvm, unsigned long addr) ++{ ++ int ret; ++ ++ if (addr > (unsigned int)(-3 * PAGE_SIZE)) ++ return -EINVAL; ++ ret = kvm_x86_ops->set_tss_addr(kvm, addr); ++ return ret; ++} ++ ++static int kvm_vm_ioctl_set_identity_map_addr(struct kvm *kvm, ++ u64 ident_addr) ++{ ++ kvm->arch.ept_identity_map_addr = ident_addr; ++ return 0; ++} ++ ++static int kvm_vm_ioctl_set_nr_mmu_pages(struct kvm *kvm, ++ u32 kvm_nr_mmu_pages) ++{ ++ if (kvm_nr_mmu_pages < KVM_MIN_ALLOC_MMU_PAGES) ++ return -EINVAL; ++ ++ mutex_lock(&kvm->slots_lock); ++ ++ kvm_mmu_change_mmu_pages(kvm, kvm_nr_mmu_pages); ++ kvm->arch.n_requested_mmu_pages = kvm_nr_mmu_pages; ++ ++ mutex_unlock(&kvm->slots_lock); ++ return 0; ++} ++ ++static int kvm_vm_ioctl_get_nr_mmu_pages(struct kvm *kvm) ++{ ++ return kvm->arch.n_max_mmu_pages; ++} ++ ++static int kvm_vm_ioctl_get_irqchip(struct kvm *kvm, struct kvm_irqchip *chip) ++{ ++ int r; ++ ++ r = 0; ++ switch (chip->chip_id) { ++ case KVM_IRQCHIP_PIC_MASTER: ++ memcpy(&chip->chip.pic, ++ &pic_irqchip(kvm)->pics[0], ++ sizeof(struct kvm_pic_state)); ++ break; ++ case KVM_IRQCHIP_PIC_SLAVE: ++ memcpy(&chip->chip.pic, ++ &pic_irqchip(kvm)->pics[1], ++ sizeof(struct kvm_pic_state)); ++ break; ++ case KVM_IRQCHIP_IOAPIC: ++ r = kvm_get_ioapic(kvm, &chip->chip.ioapic); ++ break; ++ default: ++ r = -EINVAL; ++ break; ++ } ++ return r; ++} ++ ++static int kvm_vm_ioctl_set_irqchip(struct kvm *kvm, struct kvm_irqchip *chip) ++{ ++ int r; ++ ++ r = 0; ++ switch (chip->chip_id) { ++ case KVM_IRQCHIP_PIC_MASTER: ++ spin_lock(&pic_irqchip(kvm)->lock); ++ memcpy(&pic_irqchip(kvm)->pics[0], ++ &chip->chip.pic, ++ sizeof(struct kvm_pic_state)); ++ spin_unlock(&pic_irqchip(kvm)->lock); ++ break; ++ case KVM_IRQCHIP_PIC_SLAVE: ++ spin_lock(&pic_irqchip(kvm)->lock); ++ memcpy(&pic_irqchip(kvm)->pics[1], ++ &chip->chip.pic, ++ sizeof(struct kvm_pic_state)); ++ spin_unlock(&pic_irqchip(kvm)->lock); ++ break; ++ case KVM_IRQCHIP_IOAPIC: ++ r = kvm_set_ioapic(kvm, &chip->chip.ioapic); ++ break; ++ default: ++ r = -EINVAL; ++ break; ++ } ++ kvm_pic_update_irq(pic_irqchip(kvm)); ++ return r; ++} ++ ++static int kvm_vm_ioctl_get_pit(struct kvm *kvm, struct kvm_pit_state *ps) ++{ ++ int r = 0; ++ ++ mutex_lock(&kvm->arch.vpit->pit_state.lock); ++ memcpy(ps, &kvm->arch.vpit->pit_state, sizeof(struct kvm_pit_state)); ++ mutex_unlock(&kvm->arch.vpit->pit_state.lock); ++ return r; ++} ++ ++static int kvm_vm_ioctl_set_pit(struct kvm *kvm, struct kvm_pit_state *ps) ++{ ++ int r = 0; ++ ++ mutex_lock(&kvm->arch.vpit->pit_state.lock); ++ memcpy(&kvm->arch.vpit->pit_state, ps, sizeof(struct kvm_pit_state)); ++ kvm_pit_load_count(kvm, 0, ps->channels[0].count, 0); ++ mutex_unlock(&kvm->arch.vpit->pit_state.lock); ++ return r; ++} ++ ++static int kvm_vm_ioctl_get_pit2(struct kvm *kvm, struct kvm_pit_state2 *ps) ++{ ++ int r = 0; ++ ++ mutex_lock(&kvm->arch.vpit->pit_state.lock); ++ memcpy(ps->channels, &kvm->arch.vpit->pit_state.channels, ++ sizeof(ps->channels)); ++ ps->flags = kvm->arch.vpit->pit_state.flags; ++ mutex_unlock(&kvm->arch.vpit->pit_state.lock); ++ memset(&ps->reserved, 0, sizeof(ps->reserved)); ++ return r; ++} ++ ++static int kvm_vm_ioctl_set_pit2(struct kvm *kvm, struct kvm_pit_state2 *ps) ++{ ++ int r = 0, start = 0; ++ u32 prev_legacy, cur_legacy; ++ mutex_lock(&kvm->arch.vpit->pit_state.lock); ++ prev_legacy = kvm->arch.vpit->pit_state.flags & KVM_PIT_FLAGS_HPET_LEGACY; ++ cur_legacy = ps->flags & KVM_PIT_FLAGS_HPET_LEGACY; ++ if (!prev_legacy && cur_legacy) ++ start = 1; ++ memcpy(&kvm->arch.vpit->pit_state.channels, &ps->channels, ++ sizeof(kvm->arch.vpit->pit_state.channels)); ++ kvm->arch.vpit->pit_state.flags = ps->flags; ++ kvm_pit_load_count(kvm, 0, kvm->arch.vpit->pit_state.channels[0].count, start); ++ mutex_unlock(&kvm->arch.vpit->pit_state.lock); ++ return r; ++} ++ ++static int kvm_vm_ioctl_reinject(struct kvm *kvm, ++ struct kvm_reinject_control *control) ++{ ++ if (!kvm->arch.vpit) ++ return -ENXIO; ++ mutex_lock(&kvm->arch.vpit->pit_state.lock); ++ kvm->arch.vpit->pit_state.reinject = control->pit_reinject; ++ mutex_unlock(&kvm->arch.vpit->pit_state.lock); ++ return 0; ++} ++ ++/** ++ * kvm_vm_ioctl_get_dirty_log - get and clear the log of dirty pages in a slot ++ * @kvm: kvm instance ++ * @log: slot id and address to which we copy the log ++ * ++ * We need to keep it in mind that VCPU threads can write to the bitmap ++ * concurrently. So, to avoid losing data, we keep the following order for ++ * each bit: ++ * ++ * 1. Take a snapshot of the bit and clear it if needed. ++ * 2. Write protect the corresponding page. ++ * 3. Flush TLB's if needed. ++ * 4. Copy the snapshot to the userspace. ++ * ++ * Between 2 and 3, the guest may write to the page using the remaining TLB ++ * entry. This is not a problem because the page will be reported dirty at ++ * step 4 using the snapshot taken before and step 3 ensures that successive ++ * writes will be logged for the next call. ++ */ ++int kvm_vm_ioctl_get_dirty_log(struct kvm *kvm, struct kvm_dirty_log *log) ++{ ++ int r; ++ struct kvm_memory_slot *memslot; ++ unsigned long n, i; ++ unsigned long *dirty_bitmap; ++ unsigned long *dirty_bitmap_buffer; ++ bool is_dirty = false; ++ ++ mutex_lock(&kvm->slots_lock); ++ ++ r = -EINVAL; ++ if (log->slot >= KVM_USER_MEM_SLOTS) ++ goto out; ++ ++ memslot = id_to_memslot(kvm->memslots, log->slot); ++ ++ dirty_bitmap = memslot->dirty_bitmap; ++ r = -ENOENT; ++ if (!dirty_bitmap) ++ goto out; ++ ++ n = kvm_dirty_bitmap_bytes(memslot); ++ ++ dirty_bitmap_buffer = dirty_bitmap + n / sizeof(long); ++ memset(dirty_bitmap_buffer, 0, n); ++ ++ spin_lock(&kvm->mmu_lock); ++ ++ for (i = 0; i < n / sizeof(long); i++) { ++ unsigned long mask; ++ gfn_t offset; ++ ++ if (!dirty_bitmap[i]) ++ continue; ++ ++ is_dirty = true; ++ ++ mask = xchg(&dirty_bitmap[i], 0); ++ dirty_bitmap_buffer[i] = mask; ++ ++ offset = i * BITS_PER_LONG; ++ kvm_mmu_write_protect_pt_masked(kvm, memslot, offset, mask); ++ } ++ ++ spin_unlock(&kvm->mmu_lock); ++ ++ /* See the comments in kvm_mmu_slot_remove_write_access(). */ ++ lockdep_assert_held(&kvm->slots_lock); ++ ++ /* ++ * All the TLBs can be flushed out of mmu lock, see the comments in ++ * kvm_mmu_slot_remove_write_access(). ++ */ ++ if (is_dirty) ++ kvm_flush_remote_tlbs(kvm); ++ ++ r = -EFAULT; ++ if (copy_to_user(log->dirty_bitmap, dirty_bitmap_buffer, n)) ++ goto out; ++ ++ r = 0; ++out: ++ mutex_unlock(&kvm->slots_lock); ++ return r; ++} ++ ++int kvm_vm_ioctl_irq_line(struct kvm *kvm, struct kvm_irq_level *irq_event, ++ bool line_status) ++{ ++ if (!irqchip_in_kernel(kvm)) ++ return -ENXIO; ++ ++ irq_event->status = kvm_set_irq(kvm, KVM_USERSPACE_IRQ_SOURCE_ID, ++ irq_event->irq, irq_event->level, ++ line_status); ++ return 0; ++} ++ ++long kvm_arch_vm_ioctl(struct file *filp, ++ unsigned int ioctl, unsigned long arg) ++{ ++ struct kvm *kvm = filp->private_data; ++ void __user *argp = (void __user *)arg; ++ int r = -ENOTTY; ++ /* ++ * This union makes it completely explicit to gcc-3.x ++ * that these two variables' stack usage should be ++ * combined, not added together. ++ */ ++ union { ++ struct kvm_pit_state ps; ++ struct kvm_pit_state2 ps2; ++ struct kvm_pit_config pit_config; ++ } u; ++ ++ switch (ioctl) { ++ case KVM_SET_TSS_ADDR: ++ r = kvm_vm_ioctl_set_tss_addr(kvm, arg); ++ break; ++ case KVM_SET_IDENTITY_MAP_ADDR: { ++ u64 ident_addr; ++ ++ r = -EFAULT; ++ if (copy_from_user(&ident_addr, argp, sizeof ident_addr)) ++ goto out; ++ r = kvm_vm_ioctl_set_identity_map_addr(kvm, ident_addr); ++ break; ++ } ++ case KVM_SET_NR_MMU_PAGES: ++ r = kvm_vm_ioctl_set_nr_mmu_pages(kvm, arg); ++ break; ++ case KVM_GET_NR_MMU_PAGES: ++ r = kvm_vm_ioctl_get_nr_mmu_pages(kvm); ++ break; ++ case KVM_CREATE_IRQCHIP: { ++ struct kvm_pic *vpic; ++ ++ mutex_lock(&kvm->lock); ++ r = -EEXIST; ++ if (kvm->arch.vpic) ++ goto create_irqchip_unlock; ++ r = -EINVAL; ++ if (atomic_read(&kvm->online_vcpus)) ++ goto create_irqchip_unlock; ++ r = -ENOMEM; ++ vpic = kvm_create_pic(kvm); ++ if (vpic) { ++ r = kvm_ioapic_init(kvm); ++ if (r) { ++ mutex_lock(&kvm->slots_lock); ++ kvm_io_bus_unregister_dev(kvm, KVM_PIO_BUS, ++ &vpic->dev_master); ++ kvm_io_bus_unregister_dev(kvm, KVM_PIO_BUS, ++ &vpic->dev_slave); ++ kvm_io_bus_unregister_dev(kvm, KVM_PIO_BUS, ++ &vpic->dev_eclr); ++ mutex_unlock(&kvm->slots_lock); ++ kfree(vpic); ++ goto create_irqchip_unlock; ++ } ++ } else ++ goto create_irqchip_unlock; ++ smp_wmb(); ++ kvm->arch.vpic = vpic; ++ smp_wmb(); ++ r = kvm_setup_default_irq_routing(kvm); ++ if (r) { ++ mutex_lock(&kvm->slots_lock); ++ mutex_lock(&kvm->irq_lock); ++ kvm_ioapic_destroy(kvm); ++ kvm_destroy_pic(kvm); ++ mutex_unlock(&kvm->irq_lock); ++ mutex_unlock(&kvm->slots_lock); ++ } ++ create_irqchip_unlock: ++ mutex_unlock(&kvm->lock); ++ break; ++ } ++ case KVM_CREATE_PIT: ++ u.pit_config.flags = KVM_PIT_SPEAKER_DUMMY; ++ goto create_pit; ++ case KVM_CREATE_PIT2: ++ r = -EFAULT; ++ if (copy_from_user(&u.pit_config, argp, ++ sizeof(struct kvm_pit_config))) ++ goto out; ++ create_pit: ++ mutex_lock(&kvm->slots_lock); ++ r = -EEXIST; ++ if (kvm->arch.vpit) ++ goto create_pit_unlock; ++ r = -ENOMEM; ++ kvm->arch.vpit = kvm_create_pit(kvm, u.pit_config.flags); ++ if (kvm->arch.vpit) ++ r = 0; ++ create_pit_unlock: ++ mutex_unlock(&kvm->slots_lock); ++ break; ++ case KVM_GET_IRQCHIP: { ++ /* 0: PIC master, 1: PIC slave, 2: IOAPIC */ ++ struct kvm_irqchip *chip; ++ ++ chip = memdup_user(argp, sizeof(*chip)); ++ if (IS_ERR(chip)) { ++ r = PTR_ERR(chip); ++ goto out; ++ } ++ ++ r = -ENXIO; ++ if (!irqchip_in_kernel(kvm)) ++ goto get_irqchip_out; ++ r = kvm_vm_ioctl_get_irqchip(kvm, chip); ++ if (r) ++ goto get_irqchip_out; ++ r = -EFAULT; ++ if (copy_to_user(argp, chip, sizeof *chip)) ++ goto get_irqchip_out; ++ r = 0; ++ get_irqchip_out: ++ kfree(chip); ++ break; ++ } ++ case KVM_SET_IRQCHIP: { ++ /* 0: PIC master, 1: PIC slave, 2: IOAPIC */ ++ struct kvm_irqchip *chip; ++ ++ chip = memdup_user(argp, sizeof(*chip)); ++ if (IS_ERR(chip)) { ++ r = PTR_ERR(chip); ++ goto out; ++ } ++ ++ r = -ENXIO; ++ if (!irqchip_in_kernel(kvm)) ++ goto set_irqchip_out; ++ r = kvm_vm_ioctl_set_irqchip(kvm, chip); ++ if (r) ++ goto set_irqchip_out; ++ r = 0; ++ set_irqchip_out: ++ kfree(chip); ++ break; ++ } ++ case KVM_GET_PIT: { ++ r = -EFAULT; ++ if (copy_from_user(&u.ps, argp, sizeof(struct kvm_pit_state))) ++ goto out; ++ r = -ENXIO; ++ if (!kvm->arch.vpit) ++ goto out; ++ r = kvm_vm_ioctl_get_pit(kvm, &u.ps); ++ if (r) ++ goto out; ++ r = -EFAULT; ++ if (copy_to_user(argp, &u.ps, sizeof(struct kvm_pit_state))) ++ goto out; ++ r = 0; ++ break; ++ } ++ case KVM_SET_PIT: { ++ r = -EFAULT; ++ if (copy_from_user(&u.ps, argp, sizeof u.ps)) ++ goto out; ++ r = -ENXIO; ++ if (!kvm->arch.vpit) ++ goto out; ++ r = kvm_vm_ioctl_set_pit(kvm, &u.ps); ++ break; ++ } ++ case KVM_GET_PIT2: { ++ r = -ENXIO; ++ if (!kvm->arch.vpit) ++ goto out; ++ r = kvm_vm_ioctl_get_pit2(kvm, &u.ps2); ++ if (r) ++ goto out; ++ r = -EFAULT; ++ if (copy_to_user(argp, &u.ps2, sizeof(u.ps2))) ++ goto out; ++ r = 0; ++ break; ++ } ++ case KVM_SET_PIT2: { ++ r = -EFAULT; ++ if (copy_from_user(&u.ps2, argp, sizeof(u.ps2))) ++ goto out; ++ r = -ENXIO; ++ if (!kvm->arch.vpit) ++ goto out; ++ r = kvm_vm_ioctl_set_pit2(kvm, &u.ps2); ++ break; ++ } ++ case KVM_REINJECT_CONTROL: { ++ struct kvm_reinject_control control; ++ r = -EFAULT; ++ if (copy_from_user(&control, argp, sizeof(control))) ++ goto out; ++ r = kvm_vm_ioctl_reinject(kvm, &control); ++ break; ++ } ++ case KVM_XEN_HVM_CONFIG: { ++ r = -EFAULT; ++ if (copy_from_user(&kvm->arch.xen_hvm_config, argp, ++ sizeof(struct kvm_xen_hvm_config))) ++ goto out; ++ r = -EINVAL; ++ if (kvm->arch.xen_hvm_config.flags) ++ goto out; ++ r = 0; ++ break; ++ } ++ case KVM_SET_CLOCK: { ++ struct kvm_clock_data user_ns; ++ u64 now_ns; ++ s64 delta; ++ ++ r = -EFAULT; ++ if (copy_from_user(&user_ns, argp, sizeof(user_ns))) ++ goto out; ++ ++ r = -EINVAL; ++ if (user_ns.flags) ++ goto out; ++ ++ r = 0; ++ local_irq_disable(); ++ now_ns = get_kernel_ns(); ++ delta = user_ns.clock - now_ns; ++ local_irq_enable(); ++ kvm->arch.kvmclock_offset = delta; ++ kvm_gen_update_masterclock(kvm); ++ break; ++ } ++ case KVM_GET_CLOCK: { ++ struct kvm_clock_data user_ns; ++ u64 now_ns; ++ ++ local_irq_disable(); ++ now_ns = get_kernel_ns(); ++ user_ns.clock = kvm->arch.kvmclock_offset + now_ns; ++ local_irq_enable(); ++ user_ns.flags = 0; ++ memset(&user_ns.pad, 0, sizeof(user_ns.pad)); ++ ++ r = -EFAULT; ++ if (copy_to_user(argp, &user_ns, sizeof(user_ns))) ++ goto out; ++ r = 0; ++ break; ++ } ++ ++ default: ++ ; ++ } ++out: ++ return r; ++} ++ ++static void kvm_init_msr_list(void) ++{ ++ u32 dummy[2]; ++ unsigned i, j; ++ ++ /* skip the first msrs in the list. KVM-specific */ ++ for (i = j = KVM_SAVE_MSRS_BEGIN; i < ARRAY_SIZE(msrs_to_save); i++) { ++ if (rdmsr_safe(msrs_to_save[i], &dummy[0], &dummy[1]) < 0) ++ continue; ++ ++ /* ++ * Even MSRs that are valid in the host may not be exposed ++ * to the guests in some cases. We could work around this ++ * in VMX with the generic MSR save/load machinery, but it ++ * is not really worthwhile since it will really only ++ * happen with nested virtualization. ++ */ ++ switch (msrs_to_save[i]) { ++ case MSR_IA32_BNDCFGS: ++ if (!kvm_x86_ops->mpx_supported()) ++ continue; ++ break; ++ default: ++ break; ++ } ++ ++ if (j < i) ++ msrs_to_save[j] = msrs_to_save[i]; ++ j++; ++ } ++ num_msrs_to_save = j; ++} ++ ++static int vcpu_mmio_write(struct kvm_vcpu *vcpu, gpa_t addr, int len, ++ const void *v) ++{ ++ int handled = 0; ++ int n; ++ ++ do { ++ n = min(len, 8); ++ if (!(vcpu->arch.apic && ++ !kvm_iodevice_write(&vcpu->arch.apic->dev, addr, n, v)) ++ && kvm_io_bus_write(vcpu->kvm, KVM_MMIO_BUS, addr, n, v)) ++ break; ++ handled += n; ++ addr += n; ++ len -= n; ++ v += n; ++ } while (len); ++ ++ return handled; ++} ++ ++static int vcpu_mmio_read(struct kvm_vcpu *vcpu, gpa_t addr, int len, void *v) ++{ ++ int handled = 0; ++ int n; ++ ++ do { ++ n = min(len, 8); ++ if (!(vcpu->arch.apic && ++ !kvm_iodevice_read(&vcpu->arch.apic->dev, addr, n, v)) ++ && kvm_io_bus_read(vcpu->kvm, KVM_MMIO_BUS, addr, n, v)) ++ break; ++ trace_kvm_mmio(KVM_TRACE_MMIO_READ, n, addr, *(u64 *)v); ++ handled += n; ++ addr += n; ++ len -= n; ++ v += n; ++ } while (len); ++ ++ return handled; ++} ++ ++static void kvm_set_segment(struct kvm_vcpu *vcpu, ++ struct kvm_segment *var, int seg) ++{ ++ kvm_x86_ops->set_segment(vcpu, var, seg); ++} ++ ++void kvm_get_segment(struct kvm_vcpu *vcpu, ++ struct kvm_segment *var, int seg) ++{ ++ kvm_x86_ops->get_segment(vcpu, var, seg); ++} ++ ++gpa_t translate_nested_gpa(struct kvm_vcpu *vcpu, gpa_t gpa, u32 access, ++ struct x86_exception *exception) ++{ ++ gpa_t t_gpa; ++ ++ BUG_ON(!mmu_is_nested(vcpu)); ++ ++ /* NPT walks are always user-walks */ ++ access |= PFERR_USER_MASK; ++ t_gpa = vcpu->arch.mmu.gva_to_gpa(vcpu, gpa, access, exception); ++ ++ return t_gpa; ++} ++ ++gpa_t kvm_mmu_gva_to_gpa_read(struct kvm_vcpu *vcpu, gva_t gva, ++ struct x86_exception *exception) ++{ ++ u32 access = (kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0; ++ return vcpu->arch.walk_mmu->gva_to_gpa(vcpu, gva, access, exception); ++} ++ ++ gpa_t kvm_mmu_gva_to_gpa_fetch(struct kvm_vcpu *vcpu, gva_t gva, ++ struct x86_exception *exception) ++{ ++ u32 access = (kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0; ++ access |= PFERR_FETCH_MASK; ++ return vcpu->arch.walk_mmu->gva_to_gpa(vcpu, gva, access, exception); ++} ++ ++gpa_t kvm_mmu_gva_to_gpa_write(struct kvm_vcpu *vcpu, gva_t gva, ++ struct x86_exception *exception) ++{ ++ u32 access = (kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0; ++ access |= PFERR_WRITE_MASK; ++ return vcpu->arch.walk_mmu->gva_to_gpa(vcpu, gva, access, exception); ++} ++ ++/* uses this to access any guest's mapped memory without checking CPL */ ++gpa_t kvm_mmu_gva_to_gpa_system(struct kvm_vcpu *vcpu, gva_t gva, ++ struct x86_exception *exception) ++{ ++ return vcpu->arch.walk_mmu->gva_to_gpa(vcpu, gva, 0, exception); ++} ++ ++static int kvm_read_guest_virt_helper(gva_t addr, void *val, unsigned int bytes, ++ struct kvm_vcpu *vcpu, u32 access, ++ struct x86_exception *exception) ++{ ++ void *data = val; ++ int r = X86EMUL_CONTINUE; ++ ++ while (bytes) { ++ gpa_t gpa = vcpu->arch.walk_mmu->gva_to_gpa(vcpu, addr, access, ++ exception); ++ unsigned offset = addr & (PAGE_SIZE-1); ++ unsigned toread = min(bytes, (unsigned)PAGE_SIZE - offset); ++ int ret; ++ ++ if (gpa == UNMAPPED_GVA) ++ return X86EMUL_PROPAGATE_FAULT; ++ ret = kvm_read_guest_page(vcpu->kvm, gpa >> PAGE_SHIFT, data, ++ offset, toread); ++ if (ret < 0) { ++ r = X86EMUL_IO_NEEDED; ++ goto out; ++ } ++ ++ bytes -= toread; ++ data += toread; ++ addr += toread; ++ } ++out: ++ return r; ++} ++ ++/* used for instruction fetching */ ++static int kvm_fetch_guest_virt(struct x86_emulate_ctxt *ctxt, ++ gva_t addr, void *val, unsigned int bytes, ++ struct x86_exception *exception) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ u32 access = (kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0; ++ unsigned offset; ++ int ret; ++ ++ /* Inline kvm_read_guest_virt_helper for speed. */ ++ gpa_t gpa = vcpu->arch.walk_mmu->gva_to_gpa(vcpu, addr, access|PFERR_FETCH_MASK, ++ exception); ++ if (unlikely(gpa == UNMAPPED_GVA)) ++ return X86EMUL_PROPAGATE_FAULT; ++ ++ offset = addr & (PAGE_SIZE-1); ++ if (WARN_ON(offset + bytes > PAGE_SIZE)) ++ bytes = (unsigned)PAGE_SIZE - offset; ++ ret = kvm_read_guest_page(vcpu->kvm, gpa >> PAGE_SHIFT, val, ++ offset, bytes); ++ if (unlikely(ret < 0)) ++ return X86EMUL_IO_NEEDED; ++ ++ return X86EMUL_CONTINUE; ++} ++ ++int kvm_read_guest_virt(struct x86_emulate_ctxt *ctxt, ++ gva_t addr, void *val, unsigned int bytes, ++ struct x86_exception *exception) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ u32 access = (kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0; ++ ++ return kvm_read_guest_virt_helper(addr, val, bytes, vcpu, access, ++ exception); ++} ++EXPORT_SYMBOL_GPL(kvm_read_guest_virt); ++ ++static int kvm_read_guest_virt_system(struct x86_emulate_ctxt *ctxt, ++ gva_t addr, void *val, unsigned int bytes, ++ struct x86_exception *exception) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ return kvm_read_guest_virt_helper(addr, val, bytes, vcpu, 0, exception); ++} ++ ++int kvm_write_guest_virt_system(struct x86_emulate_ctxt *ctxt, ++ gva_t addr, void *val, ++ unsigned int bytes, ++ struct x86_exception *exception) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ void *data = val; ++ int r = X86EMUL_CONTINUE; ++ ++ while (bytes) { ++ gpa_t gpa = vcpu->arch.walk_mmu->gva_to_gpa(vcpu, addr, ++ PFERR_WRITE_MASK, ++ exception); ++ unsigned offset = addr & (PAGE_SIZE-1); ++ unsigned towrite = min(bytes, (unsigned)PAGE_SIZE - offset); ++ int ret; ++ ++ if (gpa == UNMAPPED_GVA) ++ return X86EMUL_PROPAGATE_FAULT; ++ ret = kvm_write_guest(vcpu->kvm, gpa, data, towrite); ++ if (ret < 0) { ++ r = X86EMUL_IO_NEEDED; ++ goto out; ++ } ++ ++ bytes -= towrite; ++ data += towrite; ++ addr += towrite; ++ } ++out: ++ return r; ++} ++EXPORT_SYMBOL_GPL(kvm_write_guest_virt_system); ++ ++static int vcpu_mmio_gva_to_gpa(struct kvm_vcpu *vcpu, unsigned long gva, ++ gpa_t *gpa, struct x86_exception *exception, ++ bool write) ++{ ++ u32 access = ((kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0) ++ | (write ? PFERR_WRITE_MASK : 0); ++ ++ if (vcpu_match_mmio_gva(vcpu, gva) ++ && !permission_fault(vcpu, vcpu->arch.walk_mmu, ++ vcpu->arch.access, access)) { ++ *gpa = vcpu->arch.mmio_gfn << PAGE_SHIFT | ++ (gva & (PAGE_SIZE - 1)); ++ trace_vcpu_match_mmio(gva, *gpa, write, false); ++ return 1; ++ } ++ ++ *gpa = vcpu->arch.walk_mmu->gva_to_gpa(vcpu, gva, access, exception); ++ ++ if (*gpa == UNMAPPED_GVA) ++ return -1; ++ ++ /* For APIC access vmexit */ ++ if ((*gpa & PAGE_MASK) == APIC_DEFAULT_PHYS_BASE) ++ return 1; ++ ++ if (vcpu_match_mmio_gpa(vcpu, *gpa)) { ++ trace_vcpu_match_mmio(gva, *gpa, write, true); ++ return 1; ++ } ++ ++ return 0; ++} ++ ++int emulator_write_phys(struct kvm_vcpu *vcpu, gpa_t gpa, ++ const void *val, int bytes) ++{ ++ int ret; ++ ++ ret = kvm_write_guest(vcpu->kvm, gpa, val, bytes); ++ if (ret < 0) ++ return 0; ++ kvm_mmu_pte_write(vcpu, gpa, val, bytes); ++ return 1; ++} ++ ++struct read_write_emulator_ops { ++ int (*read_write_prepare)(struct kvm_vcpu *vcpu, void *val, ++ int bytes); ++ int (*read_write_emulate)(struct kvm_vcpu *vcpu, gpa_t gpa, ++ void *val, int bytes); ++ int (*read_write_mmio)(struct kvm_vcpu *vcpu, gpa_t gpa, ++ int bytes, void *val); ++ int (*read_write_exit_mmio)(struct kvm_vcpu *vcpu, gpa_t gpa, ++ void *val, int bytes); ++ bool write; ++}; ++ ++static int read_prepare(struct kvm_vcpu *vcpu, void *val, int bytes) ++{ ++ if (vcpu->mmio_read_completed) { ++ trace_kvm_mmio(KVM_TRACE_MMIO_READ, bytes, ++ vcpu->mmio_fragments[0].gpa, *(u64 *)val); ++ vcpu->mmio_read_completed = 0; ++ return 1; ++ } ++ ++ return 0; ++} ++ ++static int read_emulate(struct kvm_vcpu *vcpu, gpa_t gpa, ++ void *val, int bytes) ++{ ++ return !kvm_read_guest(vcpu->kvm, gpa, val, bytes); ++} ++ ++static int write_emulate(struct kvm_vcpu *vcpu, gpa_t gpa, ++ void *val, int bytes) ++{ ++ return emulator_write_phys(vcpu, gpa, val, bytes); ++} ++ ++static int write_mmio(struct kvm_vcpu *vcpu, gpa_t gpa, int bytes, void *val) ++{ ++ trace_kvm_mmio(KVM_TRACE_MMIO_WRITE, bytes, gpa, *(u64 *)val); ++ return vcpu_mmio_write(vcpu, gpa, bytes, val); ++} ++ ++static int read_exit_mmio(struct kvm_vcpu *vcpu, gpa_t gpa, ++ void *val, int bytes) ++{ ++ trace_kvm_mmio(KVM_TRACE_MMIO_READ_UNSATISFIED, bytes, gpa, 0); ++ return X86EMUL_IO_NEEDED; ++} ++ ++static int write_exit_mmio(struct kvm_vcpu *vcpu, gpa_t gpa, ++ void *val, int bytes) ++{ ++ struct kvm_mmio_fragment *frag = &vcpu->mmio_fragments[0]; ++ ++ memcpy(vcpu->run->mmio.data, frag->data, min(8u, frag->len)); ++ return X86EMUL_CONTINUE; ++} ++ ++static const struct read_write_emulator_ops read_emultor = { ++ .read_write_prepare = read_prepare, ++ .read_write_emulate = read_emulate, ++ .read_write_mmio = vcpu_mmio_read, ++ .read_write_exit_mmio = read_exit_mmio, ++}; ++ ++static const struct read_write_emulator_ops write_emultor = { ++ .read_write_emulate = write_emulate, ++ .read_write_mmio = write_mmio, ++ .read_write_exit_mmio = write_exit_mmio, ++ .write = true, ++}; ++ ++static int emulator_read_write_onepage(unsigned long addr, void *val, ++ unsigned int bytes, ++ struct x86_exception *exception, ++ struct kvm_vcpu *vcpu, ++ const struct read_write_emulator_ops *ops) ++{ ++ gpa_t gpa; ++ int handled, ret; ++ bool write = ops->write; ++ struct kvm_mmio_fragment *frag; ++ ++ ret = vcpu_mmio_gva_to_gpa(vcpu, addr, &gpa, exception, write); ++ ++ if (ret < 0) ++ return X86EMUL_PROPAGATE_FAULT; ++ ++ /* For APIC access vmexit */ ++ if (ret) ++ goto mmio; ++ ++ if (ops->read_write_emulate(vcpu, gpa, val, bytes)) ++ return X86EMUL_CONTINUE; ++ ++mmio: ++ /* ++ * Is this MMIO handled locally? ++ */ ++ handled = ops->read_write_mmio(vcpu, gpa, bytes, val); ++ if (handled == bytes) ++ return X86EMUL_CONTINUE; ++ ++ gpa += handled; ++ bytes -= handled; ++ val += handled; ++ ++ WARN_ON(vcpu->mmio_nr_fragments >= KVM_MAX_MMIO_FRAGMENTS); ++ frag = &vcpu->mmio_fragments[vcpu->mmio_nr_fragments++]; ++ frag->gpa = gpa; ++ frag->data = val; ++ frag->len = bytes; ++ return X86EMUL_CONTINUE; ++} ++ ++int emulator_read_write(struct x86_emulate_ctxt *ctxt, unsigned long addr, ++ void *val, unsigned int bytes, ++ struct x86_exception *exception, ++ const struct read_write_emulator_ops *ops) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ gpa_t gpa; ++ int rc; ++ ++ if (ops->read_write_prepare && ++ ops->read_write_prepare(vcpu, val, bytes)) ++ return X86EMUL_CONTINUE; ++ ++ vcpu->mmio_nr_fragments = 0; ++ ++ /* Crossing a page boundary? */ ++ if (((addr + bytes - 1) ^ addr) & PAGE_MASK) { ++ int now; ++ ++ now = -addr & ~PAGE_MASK; ++ rc = emulator_read_write_onepage(addr, val, now, exception, ++ vcpu, ops); ++ ++ if (rc != X86EMUL_CONTINUE) ++ return rc; ++ addr += now; ++ val += now; ++ bytes -= now; ++ } ++ ++ rc = emulator_read_write_onepage(addr, val, bytes, exception, ++ vcpu, ops); ++ if (rc != X86EMUL_CONTINUE) ++ return rc; ++ ++ if (!vcpu->mmio_nr_fragments) ++ return rc; ++ ++ gpa = vcpu->mmio_fragments[0].gpa; ++ ++ vcpu->mmio_needed = 1; ++ vcpu->mmio_cur_fragment = 0; ++ ++ vcpu->run->mmio.len = min(8u, vcpu->mmio_fragments[0].len); ++ vcpu->run->mmio.is_write = vcpu->mmio_is_write = ops->write; ++ vcpu->run->exit_reason = KVM_EXIT_MMIO; ++ vcpu->run->mmio.phys_addr = gpa; ++ ++ return ops->read_write_exit_mmio(vcpu, gpa, val, bytes); ++} ++ ++static int emulator_read_emulated(struct x86_emulate_ctxt *ctxt, ++ unsigned long addr, ++ void *val, ++ unsigned int bytes, ++ struct x86_exception *exception) ++{ ++ return emulator_read_write(ctxt, addr, val, bytes, ++ exception, &read_emultor); ++} ++ ++int emulator_write_emulated(struct x86_emulate_ctxt *ctxt, ++ unsigned long addr, ++ const void *val, ++ unsigned int bytes, ++ struct x86_exception *exception) ++{ ++ return emulator_read_write(ctxt, addr, (void *)val, bytes, ++ exception, &write_emultor); ++} ++ ++#define CMPXCHG_TYPE(t, ptr, old, new) \ ++ (cmpxchg((t *)(ptr), *(t *)(old), *(t *)(new)) == *(t *)(old)) ++ ++#ifdef CONFIG_X86_64 ++# define CMPXCHG64(ptr, old, new) CMPXCHG_TYPE(u64, ptr, old, new) ++#else ++# define CMPXCHG64(ptr, old, new) \ ++ (cmpxchg64((u64 *)(ptr), *(u64 *)(old), *(u64 *)(new)) == *(u64 *)(old)) ++#endif ++ ++static int emulator_cmpxchg_emulated(struct x86_emulate_ctxt *ctxt, ++ unsigned long addr, ++ const void *old, ++ const void *new, ++ unsigned int bytes, ++ struct x86_exception *exception) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ gpa_t gpa; ++ struct page *page; ++ char *kaddr; ++ bool exchanged; ++ ++ /* guests cmpxchg8b have to be emulated atomically */ ++ if (bytes > 8 || (bytes & (bytes - 1))) ++ goto emul_write; ++ ++ gpa = kvm_mmu_gva_to_gpa_write(vcpu, addr, NULL); ++ ++ if (gpa == UNMAPPED_GVA || ++ (gpa & PAGE_MASK) == APIC_DEFAULT_PHYS_BASE) ++ goto emul_write; ++ ++ if (((gpa + bytes - 1) & PAGE_MASK) != (gpa & PAGE_MASK)) ++ goto emul_write; ++ ++ page = gfn_to_page(vcpu->kvm, gpa >> PAGE_SHIFT); ++ if (is_error_page(page)) ++ goto emul_write; ++ ++ kaddr = kmap_atomic(page); ++ kaddr += offset_in_page(gpa); ++ switch (bytes) { ++ case 1: ++ exchanged = CMPXCHG_TYPE(u8, kaddr, old, new); ++ break; ++ case 2: ++ exchanged = CMPXCHG_TYPE(u16, kaddr, old, new); ++ break; ++ case 4: ++ exchanged = CMPXCHG_TYPE(u32, kaddr, old, new); ++ break; ++ case 8: ++ exchanged = CMPXCHG64(kaddr, old, new); ++ break; ++ default: ++ BUG(); ++ } ++ kunmap_atomic(kaddr); ++ kvm_release_page_dirty(page); ++ ++ if (!exchanged) ++ return X86EMUL_CMPXCHG_FAILED; ++ ++ mark_page_dirty(vcpu->kvm, gpa >> PAGE_SHIFT); ++ kvm_mmu_pte_write(vcpu, gpa, new, bytes); ++ ++ return X86EMUL_CONTINUE; ++ ++emul_write: ++ printk_once(KERN_WARNING "kvm: emulating exchange as write\n"); ++ ++ return emulator_write_emulated(ctxt, addr, new, bytes, exception); ++} ++ ++static int kernel_pio(struct kvm_vcpu *vcpu, void *pd) ++{ ++ /* TODO: String I/O for in kernel device */ ++ int r; ++ ++ if (vcpu->arch.pio.in) ++ r = kvm_io_bus_read(vcpu->kvm, KVM_PIO_BUS, vcpu->arch.pio.port, ++ vcpu->arch.pio.size, pd); ++ else ++ r = kvm_io_bus_write(vcpu->kvm, KVM_PIO_BUS, ++ vcpu->arch.pio.port, vcpu->arch.pio.size, ++ pd); ++ return r; ++} ++ ++static int emulator_pio_in_out(struct kvm_vcpu *vcpu, int size, ++ unsigned short port, void *val, ++ unsigned int count, bool in) ++{ ++ vcpu->arch.pio.port = port; ++ vcpu->arch.pio.in = in; ++ vcpu->arch.pio.count = count; ++ vcpu->arch.pio.size = size; ++ ++ if (!kernel_pio(vcpu, vcpu->arch.pio_data)) { ++ vcpu->arch.pio.count = 0; ++ return 1; ++ } ++ ++ vcpu->run->exit_reason = KVM_EXIT_IO; ++ vcpu->run->io.direction = in ? KVM_EXIT_IO_IN : KVM_EXIT_IO_OUT; ++ vcpu->run->io.size = size; ++ vcpu->run->io.data_offset = KVM_PIO_PAGE_OFFSET * PAGE_SIZE; ++ vcpu->run->io.count = count; ++ vcpu->run->io.port = port; ++ ++ return 0; ++} ++ ++static int emulator_pio_in_emulated(struct x86_emulate_ctxt *ctxt, ++ int size, unsigned short port, void *val, ++ unsigned int count) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ int ret; ++ ++ if (vcpu->arch.pio.count) ++ goto data_avail; ++ ++ ret = emulator_pio_in_out(vcpu, size, port, val, count, true); ++ if (ret) { ++data_avail: ++ memcpy(val, vcpu->arch.pio_data, size * count); ++ trace_kvm_pio(KVM_PIO_IN, port, size, count, vcpu->arch.pio_data); ++ vcpu->arch.pio.count = 0; ++ return 1; ++ } ++ ++ return 0; ++} ++ ++static int emulator_pio_out_emulated(struct x86_emulate_ctxt *ctxt, ++ int size, unsigned short port, ++ const void *val, unsigned int count) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ ++ memcpy(vcpu->arch.pio_data, val, size * count); ++ trace_kvm_pio(KVM_PIO_OUT, port, size, count, vcpu->arch.pio_data); ++ return emulator_pio_in_out(vcpu, size, port, (void *)val, count, false); ++} ++ ++static unsigned long get_segment_base(struct kvm_vcpu *vcpu, int seg) ++{ ++ return kvm_x86_ops->get_segment_base(vcpu, seg); ++} ++ ++static void emulator_invlpg(struct x86_emulate_ctxt *ctxt, ulong address) ++{ ++ kvm_mmu_invlpg(emul_to_vcpu(ctxt), address); ++} ++ ++int kvm_emulate_wbinvd(struct kvm_vcpu *vcpu) ++{ ++ if (!need_emulate_wbinvd(vcpu)) ++ return X86EMUL_CONTINUE; ++ ++ if (kvm_x86_ops->has_wbinvd_exit()) { ++ int cpu = get_cpu(); ++ ++ cpumask_set_cpu(cpu, vcpu->arch.wbinvd_dirty_mask); ++ smp_call_function_many(vcpu->arch.wbinvd_dirty_mask, ++ wbinvd_ipi, NULL, 1); ++ put_cpu(); ++ cpumask_clear(vcpu->arch.wbinvd_dirty_mask); ++ } else ++ wbinvd(); ++ return X86EMUL_CONTINUE; ++} ++EXPORT_SYMBOL_GPL(kvm_emulate_wbinvd); ++ ++static void emulator_wbinvd(struct x86_emulate_ctxt *ctxt) ++{ ++ kvm_emulate_wbinvd(emul_to_vcpu(ctxt)); ++} ++ ++int emulator_get_dr(struct x86_emulate_ctxt *ctxt, int dr, unsigned long *dest) ++{ ++ return _kvm_get_dr(emul_to_vcpu(ctxt), dr, dest); ++} ++ ++int emulator_set_dr(struct x86_emulate_ctxt *ctxt, int dr, unsigned long value) ++{ ++ ++ return __kvm_set_dr(emul_to_vcpu(ctxt), dr, value); ++} ++ ++static u64 mk_cr_64(u64 curr_cr, u32 new_val) ++{ ++ return (curr_cr & ~((1ULL << 32) - 1)) | new_val; ++} ++ ++static unsigned long emulator_get_cr(struct x86_emulate_ctxt *ctxt, int cr) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ unsigned long value; ++ ++ switch (cr) { ++ case 0: ++ value = kvm_read_cr0(vcpu); ++ break; ++ case 2: ++ value = vcpu->arch.cr2; ++ break; ++ case 3: ++ value = kvm_read_cr3(vcpu); ++ break; ++ case 4: ++ value = kvm_read_cr4(vcpu); ++ break; ++ case 8: ++ value = kvm_get_cr8(vcpu); ++ break; ++ default: ++ kvm_err("%s: unexpected cr %u\n", __func__, cr); ++ return 0; ++ } ++ ++ return value; ++} ++ ++static int emulator_set_cr(struct x86_emulate_ctxt *ctxt, int cr, ulong val) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ int res = 0; ++ ++ switch (cr) { ++ case 0: ++ res = kvm_set_cr0(vcpu, mk_cr_64(kvm_read_cr0(vcpu), val)); ++ break; ++ case 2: ++ vcpu->arch.cr2 = val; ++ break; ++ case 3: ++ res = kvm_set_cr3(vcpu, val); ++ break; ++ case 4: ++ res = kvm_set_cr4(vcpu, mk_cr_64(kvm_read_cr4(vcpu), val)); ++ break; ++ case 8: ++ res = kvm_set_cr8(vcpu, val); ++ break; ++ default: ++ kvm_err("%s: unexpected cr %u\n", __func__, cr); ++ res = -1; ++ } ++ ++ return res; ++} ++ ++static int emulator_get_cpl(struct x86_emulate_ctxt *ctxt) ++{ ++ return kvm_x86_ops->get_cpl(emul_to_vcpu(ctxt)); ++} ++ ++static void emulator_get_gdt(struct x86_emulate_ctxt *ctxt, struct desc_ptr *dt) ++{ ++ kvm_x86_ops->get_gdt(emul_to_vcpu(ctxt), dt); ++} ++ ++static void emulator_get_idt(struct x86_emulate_ctxt *ctxt, struct desc_ptr *dt) ++{ ++ kvm_x86_ops->get_idt(emul_to_vcpu(ctxt), dt); ++} ++ ++static void emulator_set_gdt(struct x86_emulate_ctxt *ctxt, struct desc_ptr *dt) ++{ ++ kvm_x86_ops->set_gdt(emul_to_vcpu(ctxt), dt); ++} ++ ++static void emulator_set_idt(struct x86_emulate_ctxt *ctxt, struct desc_ptr *dt) ++{ ++ kvm_x86_ops->set_idt(emul_to_vcpu(ctxt), dt); ++} ++ ++static unsigned long emulator_get_cached_segment_base( ++ struct x86_emulate_ctxt *ctxt, int seg) ++{ ++ return get_segment_base(emul_to_vcpu(ctxt), seg); ++} ++ ++static bool emulator_get_segment(struct x86_emulate_ctxt *ctxt, u16 *selector, ++ struct desc_struct *desc, u32 *base3, ++ int seg) ++{ ++ struct kvm_segment var; ++ ++ kvm_get_segment(emul_to_vcpu(ctxt), &var, seg); ++ *selector = var.selector; ++ ++ if (var.unusable) { ++ memset(desc, 0, sizeof(*desc)); ++ return false; ++ } ++ ++ if (var.g) ++ var.limit >>= 12; ++ set_desc_limit(desc, var.limit); ++ set_desc_base(desc, (unsigned long)var.base); ++#ifdef CONFIG_X86_64 ++ if (base3) ++ *base3 = var.base >> 32; ++#endif ++ desc->type = var.type; ++ desc->s = var.s; ++ desc->dpl = var.dpl; ++ desc->p = var.present; ++ desc->avl = var.avl; ++ desc->l = var.l; ++ desc->d = var.db; ++ desc->g = var.g; ++ ++ return true; ++} ++ ++static void emulator_set_segment(struct x86_emulate_ctxt *ctxt, u16 selector, ++ struct desc_struct *desc, u32 base3, ++ int seg) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ struct kvm_segment var; ++ ++ var.selector = selector; ++ var.base = get_desc_base(desc); ++#ifdef CONFIG_X86_64 ++ var.base |= ((u64)base3) << 32; ++#endif ++ var.limit = get_desc_limit(desc); ++ if (desc->g) ++ var.limit = (var.limit << 12) | 0xfff; ++ var.type = desc->type; ++ var.dpl = desc->dpl; ++ var.db = desc->d; ++ var.s = desc->s; ++ var.l = desc->l; ++ var.g = desc->g; ++ var.avl = desc->avl; ++ var.present = desc->p; ++ var.unusable = !var.present; ++ var.padding = 0; ++ ++ kvm_set_segment(vcpu, &var, seg); ++ return; ++} ++ ++static int emulator_get_msr(struct x86_emulate_ctxt *ctxt, ++ u32 msr_index, u64 *pdata) ++{ ++ return kvm_get_msr(emul_to_vcpu(ctxt), msr_index, pdata); ++} ++ ++static int emulator_set_msr(struct x86_emulate_ctxt *ctxt, ++ u32 msr_index, u64 data) ++{ ++ struct msr_data msr; ++ ++ msr.data = data; ++ msr.index = msr_index; ++ msr.host_initiated = false; ++ return kvm_set_msr(emul_to_vcpu(ctxt), &msr); ++} ++ ++static int emulator_check_pmc(struct x86_emulate_ctxt *ctxt, ++ u32 pmc) ++{ ++ return kvm_pmu_check_pmc(emul_to_vcpu(ctxt), pmc); ++} ++ ++static int emulator_read_pmc(struct x86_emulate_ctxt *ctxt, ++ u32 pmc, u64 *pdata) ++{ ++ return kvm_pmu_read_pmc(emul_to_vcpu(ctxt), pmc, pdata); ++} ++ ++static void emulator_halt(struct x86_emulate_ctxt *ctxt) ++{ ++ emul_to_vcpu(ctxt)->arch.halt_request = 1; ++} ++ ++static void emulator_get_fpu(struct x86_emulate_ctxt *ctxt) ++{ ++ preempt_disable(); ++ kvm_load_guest_fpu(emul_to_vcpu(ctxt)); ++ /* ++ * CR0.TS may reference the host fpu state, not the guest fpu state, ++ * so it may be clear at this point. ++ */ ++ clts(); ++} ++ ++static void emulator_put_fpu(struct x86_emulate_ctxt *ctxt) ++{ ++ preempt_enable(); ++} ++ ++static int emulator_intercept(struct x86_emulate_ctxt *ctxt, ++ struct x86_instruction_info *info, ++ enum x86_intercept_stage stage) ++{ ++ return kvm_x86_ops->check_intercept(emul_to_vcpu(ctxt), info, stage); ++} ++ ++static void emulator_get_cpuid(struct x86_emulate_ctxt *ctxt, ++ u32 *eax, u32 *ebx, u32 *ecx, u32 *edx) ++{ ++ kvm_cpuid(emul_to_vcpu(ctxt), eax, ebx, ecx, edx); ++} ++ ++static ulong emulator_read_gpr(struct x86_emulate_ctxt *ctxt, unsigned reg) ++{ ++ return kvm_register_read(emul_to_vcpu(ctxt), reg); ++} ++ ++static void emulator_write_gpr(struct x86_emulate_ctxt *ctxt, unsigned reg, ulong val) ++{ ++ kvm_register_write(emul_to_vcpu(ctxt), reg, val); ++} ++ ++static const struct x86_emulate_ops emulate_ops = { ++ .read_gpr = emulator_read_gpr, ++ .write_gpr = emulator_write_gpr, ++ .read_std = kvm_read_guest_virt_system, ++ .write_std = kvm_write_guest_virt_system, ++ .fetch = kvm_fetch_guest_virt, ++ .read_emulated = emulator_read_emulated, ++ .write_emulated = emulator_write_emulated, ++ .cmpxchg_emulated = emulator_cmpxchg_emulated, ++ .invlpg = emulator_invlpg, ++ .pio_in_emulated = emulator_pio_in_emulated, ++ .pio_out_emulated = emulator_pio_out_emulated, ++ .get_segment = emulator_get_segment, ++ .set_segment = emulator_set_segment, ++ .get_cached_segment_base = emulator_get_cached_segment_base, ++ .get_gdt = emulator_get_gdt, ++ .get_idt = emulator_get_idt, ++ .set_gdt = emulator_set_gdt, ++ .set_idt = emulator_set_idt, ++ .get_cr = emulator_get_cr, ++ .set_cr = emulator_set_cr, ++ .cpl = emulator_get_cpl, ++ .get_dr = emulator_get_dr, ++ .set_dr = emulator_set_dr, ++ .set_msr = emulator_set_msr, ++ .get_msr = emulator_get_msr, ++ .check_pmc = emulator_check_pmc, ++ .read_pmc = emulator_read_pmc, ++ .halt = emulator_halt, ++ .wbinvd = emulator_wbinvd, ++ .fix_hypercall = emulator_fix_hypercall, ++ .get_fpu = emulator_get_fpu, ++ .put_fpu = emulator_put_fpu, ++ .intercept = emulator_intercept, ++ .get_cpuid = emulator_get_cpuid, ++}; ++ ++static void toggle_interruptibility(struct kvm_vcpu *vcpu, u32 mask) ++{ ++ u32 int_shadow = kvm_x86_ops->get_interrupt_shadow(vcpu); ++ /* ++ * an sti; sti; sequence only disable interrupts for the first ++ * instruction. So, if the last instruction, be it emulated or ++ * not, left the system with the INT_STI flag enabled, it ++ * means that the last instruction is an sti. We should not ++ * leave the flag on in this case. The same goes for mov ss ++ */ ++ if (int_shadow & mask) ++ mask = 0; ++ if (unlikely(int_shadow || mask)) { ++ kvm_x86_ops->set_interrupt_shadow(vcpu, mask); ++ if (!mask) ++ kvm_make_request(KVM_REQ_EVENT, vcpu); ++ } ++} ++ ++static bool inject_emulated_exception(struct kvm_vcpu *vcpu) ++{ ++ struct x86_emulate_ctxt *ctxt = &vcpu->arch.emulate_ctxt; ++ if (ctxt->exception.vector == PF_VECTOR) ++ return kvm_propagate_fault(vcpu, &ctxt->exception); ++ ++ if (ctxt->exception.error_code_valid) ++ kvm_queue_exception_e(vcpu, ctxt->exception.vector, ++ ctxt->exception.error_code); ++ else ++ kvm_queue_exception(vcpu, ctxt->exception.vector); ++ return false; ++} ++ ++static void init_emulate_ctxt(struct kvm_vcpu *vcpu) ++{ ++ struct x86_emulate_ctxt *ctxt = &vcpu->arch.emulate_ctxt; ++ int cs_db, cs_l; ++ ++ kvm_x86_ops->get_cs_db_l_bits(vcpu, &cs_db, &cs_l); ++ ++ ctxt->eflags = kvm_get_rflags(vcpu); ++ ctxt->eip = kvm_rip_read(vcpu); ++ ctxt->mode = (!is_protmode(vcpu)) ? X86EMUL_MODE_REAL : ++ (ctxt->eflags & X86_EFLAGS_VM) ? X86EMUL_MODE_VM86 : ++ (cs_l && is_long_mode(vcpu)) ? X86EMUL_MODE_PROT64 : ++ cs_db ? X86EMUL_MODE_PROT32 : ++ X86EMUL_MODE_PROT16; ++ ctxt->guest_mode = is_guest_mode(vcpu); ++ ++ init_decode_cache(ctxt); ++ vcpu->arch.emulate_regs_need_sync_from_vcpu = false; ++} ++ ++int kvm_inject_realmode_interrupt(struct kvm_vcpu *vcpu, int irq, int inc_eip) ++{ ++ struct x86_emulate_ctxt *ctxt = &vcpu->arch.emulate_ctxt; ++ int ret; ++ ++ init_emulate_ctxt(vcpu); ++ ++ ctxt->op_bytes = 2; ++ ctxt->ad_bytes = 2; ++ ctxt->_eip = ctxt->eip + inc_eip; ++ ret = emulate_int_real(ctxt, irq); ++ ++ if (ret != X86EMUL_CONTINUE) ++ return EMULATE_FAIL; ++ ++ ctxt->eip = ctxt->_eip; ++ kvm_rip_write(vcpu, ctxt->eip); ++ kvm_set_rflags(vcpu, ctxt->eflags); ++ ++ if (irq == NMI_VECTOR) ++ vcpu->arch.nmi_pending = 0; ++ else ++ vcpu->arch.interrupt.pending = false; ++ ++ return EMULATE_DONE; ++} ++EXPORT_SYMBOL_GPL(kvm_inject_realmode_interrupt); ++ ++static int handle_emulation_failure(struct kvm_vcpu *vcpu) ++{ ++ int r = EMULATE_DONE; ++ ++ ++vcpu->stat.insn_emulation_fail; ++ trace_kvm_emulate_insn_failed(vcpu); ++ if (!is_guest_mode(vcpu) && kvm_x86_ops->get_cpl(vcpu) == 0) { ++ vcpu->run->exit_reason = KVM_EXIT_INTERNAL_ERROR; ++ vcpu->run->internal.suberror = KVM_INTERNAL_ERROR_EMULATION; ++ vcpu->run->internal.ndata = 0; ++ r = EMULATE_FAIL; ++ } ++ kvm_queue_exception(vcpu, UD_VECTOR); ++ ++ return r; ++} ++ ++static bool reexecute_instruction(struct kvm_vcpu *vcpu, gva_t cr2, ++ bool write_fault_to_shadow_pgtable, ++ int emulation_type) ++{ ++ gpa_t gpa = cr2; ++ pfn_t pfn; ++ ++ if (emulation_type & EMULTYPE_NO_REEXECUTE) ++ return false; ++ ++ if (!vcpu->arch.mmu.direct_map) { ++ /* ++ * Write permission should be allowed since only ++ * write access need to be emulated. ++ */ ++ gpa = kvm_mmu_gva_to_gpa_write(vcpu, cr2, NULL); ++ ++ /* ++ * If the mapping is invalid in guest, let cpu retry ++ * it to generate fault. ++ */ ++ if (gpa == UNMAPPED_GVA) ++ return true; ++ } ++ ++ /* ++ * Do not retry the unhandleable instruction if it faults on the ++ * readonly host memory, otherwise it will goto a infinite loop: ++ * retry instruction -> write #PF -> emulation fail -> retry ++ * instruction -> ... ++ */ ++ pfn = gfn_to_pfn(vcpu->kvm, gpa_to_gfn(gpa)); ++ ++ /* ++ * If the instruction failed on the error pfn, it can not be fixed, ++ * report the error to userspace. ++ */ ++ if (is_error_noslot_pfn(pfn)) ++ return false; ++ ++ kvm_release_pfn_clean(pfn); ++ ++ /* The instructions are well-emulated on direct mmu. */ ++ if (vcpu->arch.mmu.direct_map) { ++ unsigned int indirect_shadow_pages; ++ ++ spin_lock(&vcpu->kvm->mmu_lock); ++ indirect_shadow_pages = vcpu->kvm->arch.indirect_shadow_pages; ++ spin_unlock(&vcpu->kvm->mmu_lock); ++ ++ if (indirect_shadow_pages) ++ kvm_mmu_unprotect_page(vcpu->kvm, gpa_to_gfn(gpa)); ++ ++ return true; ++ } ++ ++ /* ++ * if emulation was due to access to shadowed page table ++ * and it failed try to unshadow page and re-enter the ++ * guest to let CPU execute the instruction. ++ */ ++ kvm_mmu_unprotect_page(vcpu->kvm, gpa_to_gfn(gpa)); ++ ++ /* ++ * If the access faults on its page table, it can not ++ * be fixed by unprotecting shadow page and it should ++ * be reported to userspace. ++ */ ++ return !write_fault_to_shadow_pgtable; ++} ++ ++static bool retry_instruction(struct x86_emulate_ctxt *ctxt, ++ unsigned long cr2, int emulation_type) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ unsigned long last_retry_eip, last_retry_addr, gpa = cr2; ++ ++ last_retry_eip = vcpu->arch.last_retry_eip; ++ last_retry_addr = vcpu->arch.last_retry_addr; ++ ++ /* ++ * If the emulation is caused by #PF and it is non-page_table ++ * writing instruction, it means the VM-EXIT is caused by shadow ++ * page protected, we can zap the shadow page and retry this ++ * instruction directly. ++ * ++ * Note: if the guest uses a non-page-table modifying instruction ++ * on the PDE that points to the instruction, then we will unmap ++ * the instruction and go to an infinite loop. So, we cache the ++ * last retried eip and the last fault address, if we meet the eip ++ * and the address again, we can break out of the potential infinite ++ * loop. ++ */ ++ vcpu->arch.last_retry_eip = vcpu->arch.last_retry_addr = 0; ++ ++ if (!(emulation_type & EMULTYPE_RETRY)) ++ return false; ++ ++ if (x86_page_table_writing_insn(ctxt)) ++ return false; ++ ++ if (ctxt->eip == last_retry_eip && last_retry_addr == cr2) ++ return false; ++ ++ vcpu->arch.last_retry_eip = ctxt->eip; ++ vcpu->arch.last_retry_addr = cr2; ++ ++ if (!vcpu->arch.mmu.direct_map) ++ gpa = kvm_mmu_gva_to_gpa_write(vcpu, cr2, NULL); ++ ++ kvm_mmu_unprotect_page(vcpu->kvm, gpa_to_gfn(gpa)); ++ ++ return true; ++} ++ ++static int complete_emulated_mmio(struct kvm_vcpu *vcpu); ++static int complete_emulated_pio(struct kvm_vcpu *vcpu); ++ ++static int kvm_vcpu_check_hw_bp(unsigned long addr, u32 type, u32 dr7, ++ unsigned long *db) ++{ ++ u32 dr6 = 0; ++ int i; ++ u32 enable, rwlen; ++ ++ enable = dr7; ++ rwlen = dr7 >> 16; ++ for (i = 0; i < 4; i++, enable >>= 2, rwlen >>= 4) ++ if ((enable & 3) && (rwlen & 15) == type && db[i] == addr) ++ dr6 |= (1 << i); ++ return dr6; ++} ++ ++static void kvm_vcpu_check_singlestep(struct kvm_vcpu *vcpu, unsigned long rflags, int *r) ++{ ++ struct kvm_run *kvm_run = vcpu->run; ++ ++ /* ++ * rflags is the old, "raw" value of the flags. The new value has ++ * not been saved yet. ++ * ++ * This is correct even for TF set by the guest, because "the ++ * processor will not generate this exception after the instruction ++ * that sets the TF flag". ++ */ ++ if (unlikely(rflags & X86_EFLAGS_TF)) { ++ if (vcpu->guest_debug & KVM_GUESTDBG_SINGLESTEP) { ++ kvm_run->debug.arch.dr6 = DR6_BS | DR6_FIXED_1 | ++ DR6_RTM; ++ kvm_run->debug.arch.pc = vcpu->arch.singlestep_rip; ++ kvm_run->debug.arch.exception = DB_VECTOR; ++ kvm_run->exit_reason = KVM_EXIT_DEBUG; ++ *r = EMULATE_USER_EXIT; ++ } else { ++ vcpu->arch.emulate_ctxt.eflags &= ~X86_EFLAGS_TF; ++ /* ++ * "Certain debug exceptions may clear bit 0-3. The ++ * remaining contents of the DR6 register are never ++ * cleared by the processor". ++ */ ++ vcpu->arch.dr6 &= ~15; ++ vcpu->arch.dr6 |= DR6_BS | DR6_RTM; ++ kvm_queue_exception(vcpu, DB_VECTOR); ++ } ++ } ++} ++ ++static bool kvm_vcpu_check_breakpoint(struct kvm_vcpu *vcpu, int *r) ++{ ++ struct kvm_run *kvm_run = vcpu->run; ++ unsigned long eip = vcpu->arch.emulate_ctxt.eip; ++ u32 dr6 = 0; ++ ++ if (unlikely(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP) && ++ (vcpu->arch.guest_debug_dr7 & DR7_BP_EN_MASK)) { ++ dr6 = kvm_vcpu_check_hw_bp(eip, 0, ++ vcpu->arch.guest_debug_dr7, ++ vcpu->arch.eff_db); ++ ++ if (dr6 != 0) { ++ kvm_run->debug.arch.dr6 = dr6 | DR6_FIXED_1 | DR6_RTM; ++ kvm_run->debug.arch.pc = kvm_rip_read(vcpu) + ++ get_segment_base(vcpu, VCPU_SREG_CS); ++ ++ kvm_run->debug.arch.exception = DB_VECTOR; ++ kvm_run->exit_reason = KVM_EXIT_DEBUG; ++ *r = EMULATE_USER_EXIT; ++ return true; ++ } ++ } ++ ++ if (unlikely(vcpu->arch.dr7 & DR7_BP_EN_MASK) && ++ !(kvm_get_rflags(vcpu) & X86_EFLAGS_RF)) { ++ dr6 = kvm_vcpu_check_hw_bp(eip, 0, ++ vcpu->arch.dr7, ++ vcpu->arch.db); ++ ++ if (dr6 != 0) { ++ vcpu->arch.dr6 &= ~15; ++ vcpu->arch.dr6 |= dr6 | DR6_RTM; ++ kvm_queue_exception(vcpu, DB_VECTOR); ++ *r = EMULATE_DONE; ++ return true; ++ } ++ } ++ ++ return false; ++} ++ ++int x86_emulate_instruction(struct kvm_vcpu *vcpu, ++ unsigned long cr2, ++ int emulation_type, ++ void *insn, ++ int insn_len) ++{ ++ int r; ++ struct x86_emulate_ctxt *ctxt = &vcpu->arch.emulate_ctxt; ++ bool writeback = true; ++ bool write_fault_to_spt = vcpu->arch.write_fault_to_shadow_pgtable; ++ ++ /* ++ * Clear write_fault_to_shadow_pgtable here to ensure it is ++ * never reused. ++ */ ++ vcpu->arch.write_fault_to_shadow_pgtable = false; ++ kvm_clear_exception_queue(vcpu); ++ ++ if (!(emulation_type & EMULTYPE_NO_DECODE)) { ++ init_emulate_ctxt(vcpu); ++ ++ /* ++ * We will reenter on the same instruction since ++ * we do not set complete_userspace_io. This does not ++ * handle watchpoints yet, those would be handled in ++ * the emulate_ops. ++ */ ++ if (kvm_vcpu_check_breakpoint(vcpu, &r)) ++ return r; ++ ++ ctxt->interruptibility = 0; ++ ctxt->have_exception = false; ++ ctxt->exception.vector = -1; ++ ctxt->perm_ok = false; ++ ++ ctxt->ud = emulation_type & EMULTYPE_TRAP_UD; ++ ++ r = x86_decode_insn(ctxt, insn, insn_len); ++ ++ trace_kvm_emulate_insn_start(vcpu); ++ ++vcpu->stat.insn_emulation; ++ if (r != EMULATION_OK) { ++ if (emulation_type & EMULTYPE_TRAP_UD) ++ return EMULATE_FAIL; ++ if (reexecute_instruction(vcpu, cr2, write_fault_to_spt, ++ emulation_type)) ++ return EMULATE_DONE; ++ if (emulation_type & EMULTYPE_SKIP) ++ return EMULATE_FAIL; ++ return handle_emulation_failure(vcpu); ++ } ++ } ++ ++ if (emulation_type & EMULTYPE_SKIP) { ++ kvm_rip_write(vcpu, ctxt->_eip); ++ if (ctxt->eflags & X86_EFLAGS_RF) ++ kvm_set_rflags(vcpu, ctxt->eflags & ~X86_EFLAGS_RF); ++ return EMULATE_DONE; ++ } ++ ++ if (retry_instruction(ctxt, cr2, emulation_type)) ++ return EMULATE_DONE; ++ ++ /* this is needed for vmware backdoor interface to work since it ++ changes registers values during IO operation */ ++ if (vcpu->arch.emulate_regs_need_sync_from_vcpu) { ++ vcpu->arch.emulate_regs_need_sync_from_vcpu = false; ++ emulator_invalidate_register_cache(ctxt); ++ } ++ ++restart: ++ r = x86_emulate_insn(ctxt); ++ ++ if (r == EMULATION_INTERCEPTED) ++ return EMULATE_DONE; ++ ++ if (r == EMULATION_FAILED) { ++ if (reexecute_instruction(vcpu, cr2, write_fault_to_spt, ++ emulation_type)) ++ return EMULATE_DONE; ++ ++ return handle_emulation_failure(vcpu); ++ } ++ ++ if (ctxt->have_exception) { ++ r = EMULATE_DONE; ++ if (inject_emulated_exception(vcpu)) ++ return r; ++ } else if (vcpu->arch.pio.count) { ++ if (!vcpu->arch.pio.in) { ++ /* FIXME: return into emulator if single-stepping. */ ++ vcpu->arch.pio.count = 0; ++ } else { ++ writeback = false; ++ vcpu->arch.complete_userspace_io = complete_emulated_pio; ++ } ++ r = EMULATE_USER_EXIT; ++ } else if (vcpu->mmio_needed) { ++ if (!vcpu->mmio_is_write) ++ writeback = false; ++ r = EMULATE_USER_EXIT; ++ vcpu->arch.complete_userspace_io = complete_emulated_mmio; ++ } else if (r == EMULATION_RESTART) ++ goto restart; ++ else ++ r = EMULATE_DONE; ++ ++ if (writeback) { ++ unsigned long rflags = kvm_x86_ops->get_rflags(vcpu); ++ toggle_interruptibility(vcpu, ctxt->interruptibility); ++ vcpu->arch.emulate_regs_need_sync_to_vcpu = false; ++ kvm_rip_write(vcpu, ctxt->eip); ++ if (r == EMULATE_DONE) ++ kvm_vcpu_check_singlestep(vcpu, rflags, &r); ++ __kvm_set_rflags(vcpu, ctxt->eflags); ++ ++ /* ++ * For STI, interrupts are shadowed; so KVM_REQ_EVENT will ++ * do nothing, and it will be requested again as soon as ++ * the shadow expires. But we still need to check here, ++ * because POPF has no interrupt shadow. ++ */ ++ if (unlikely((ctxt->eflags & ~rflags) & X86_EFLAGS_IF)) ++ kvm_make_request(KVM_REQ_EVENT, vcpu); ++ } else ++ vcpu->arch.emulate_regs_need_sync_to_vcpu = true; ++ ++ return r; ++} ++EXPORT_SYMBOL_GPL(x86_emulate_instruction); ++ ++int kvm_fast_pio_out(struct kvm_vcpu *vcpu, int size, unsigned short port) ++{ ++ unsigned long val = kvm_register_read(vcpu, VCPU_REGS_RAX); ++ int ret = emulator_pio_out_emulated(&vcpu->arch.emulate_ctxt, ++ size, port, &val, 1); ++ /* do not return to emulator after return from userspace */ ++ vcpu->arch.pio.count = 0; ++ return ret; ++} ++EXPORT_SYMBOL_GPL(kvm_fast_pio_out); ++ ++static void tsc_bad(void *info) ++{ ++ __this_cpu_write(cpu_tsc_khz, 0); ++} ++ ++static void tsc_khz_changed(void *data) ++{ ++ struct cpufreq_freqs *freq = data; ++ unsigned long khz = 0; ++ ++ if (data) ++ khz = freq->new; ++ else if (!boot_cpu_has(X86_FEATURE_CONSTANT_TSC)) ++ khz = cpufreq_quick_get(raw_smp_processor_id()); ++ if (!khz) ++ khz = tsc_khz; ++ __this_cpu_write(cpu_tsc_khz, khz); ++} ++ ++static int kvmclock_cpufreq_notifier(struct notifier_block *nb, unsigned long val, ++ void *data) ++{ ++ struct cpufreq_freqs *freq = data; ++ struct kvm *kvm; ++ struct kvm_vcpu *vcpu; ++ int i, send_ipi = 0; ++ ++ /* ++ * We allow guests to temporarily run on slowing clocks, ++ * provided we notify them after, or to run on accelerating ++ * clocks, provided we notify them before. Thus time never ++ * goes backwards. ++ * ++ * However, we have a problem. We can't atomically update ++ * the frequency of a given CPU from this function; it is ++ * merely a notifier, which can be called from any CPU. ++ * Changing the TSC frequency at arbitrary points in time ++ * requires a recomputation of local variables related to ++ * the TSC for each VCPU. We must flag these local variables ++ * to be updated and be sure the update takes place with the ++ * new frequency before any guests proceed. ++ * ++ * Unfortunately, the combination of hotplug CPU and frequency ++ * change creates an intractable locking scenario; the order ++ * of when these callouts happen is undefined with respect to ++ * CPU hotplug, and they can race with each other. As such, ++ * merely setting per_cpu(cpu_tsc_khz) = X during a hotadd is ++ * undefined; you can actually have a CPU frequency change take ++ * place in between the computation of X and the setting of the ++ * variable. To protect against this problem, all updates of ++ * the per_cpu tsc_khz variable are done in an interrupt ++ * protected IPI, and all callers wishing to update the value ++ * must wait for a synchronous IPI to complete (which is trivial ++ * if the caller is on the CPU already). This establishes the ++ * necessary total order on variable updates. ++ * ++ * Note that because a guest time update may take place ++ * anytime after the setting of the VCPU's request bit, the ++ * correct TSC value must be set before the request. However, ++ * to ensure the update actually makes it to any guest which ++ * starts running in hardware virtualization between the set ++ * and the acquisition of the spinlock, we must also ping the ++ * CPU after setting the request bit. ++ * ++ */ ++ ++ if (val == CPUFREQ_PRECHANGE && freq->old > freq->new) ++ return 0; ++ if (val == CPUFREQ_POSTCHANGE && freq->old < freq->new) ++ return 0; ++ ++ smp_call_function_single(freq->cpu, tsc_khz_changed, freq, 1); ++ ++ spin_lock(&kvm_lock); ++ list_for_each_entry(kvm, &vm_list, vm_list) { ++ kvm_for_each_vcpu(i, vcpu, kvm) { ++ if (vcpu->cpu != freq->cpu) ++ continue; ++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu); ++ if (vcpu->cpu != smp_processor_id()) ++ send_ipi = 1; ++ } ++ } ++ spin_unlock(&kvm_lock); ++ ++ if (freq->old < freq->new && send_ipi) { ++ /* ++ * We upscale the frequency. Must make the guest ++ * doesn't see old kvmclock values while running with ++ * the new frequency, otherwise we risk the guest sees ++ * time go backwards. ++ * ++ * In case we update the frequency for another cpu ++ * (which might be in guest context) send an interrupt ++ * to kick the cpu out of guest context. Next time ++ * guest context is entered kvmclock will be updated, ++ * so the guest will not see stale values. ++ */ ++ smp_call_function_single(freq->cpu, tsc_khz_changed, freq, 1); ++ } ++ return 0; ++} ++ ++static struct notifier_block kvmclock_cpufreq_notifier_block = { ++ .notifier_call = kvmclock_cpufreq_notifier ++}; ++ ++static int kvmclock_cpu_notifier(struct notifier_block *nfb, ++ unsigned long action, void *hcpu) ++{ ++ unsigned int cpu = (unsigned long)hcpu; ++ ++ switch (action) { ++ case CPU_ONLINE: ++ case CPU_DOWN_FAILED: ++ smp_call_function_single(cpu, tsc_khz_changed, NULL, 1); ++ break; ++ case CPU_DOWN_PREPARE: ++ smp_call_function_single(cpu, tsc_bad, NULL, 1); ++ break; ++ } ++ return NOTIFY_OK; ++} ++ ++static struct notifier_block kvmclock_cpu_notifier_block = { ++ .notifier_call = kvmclock_cpu_notifier, ++ .priority = -INT_MAX ++}; ++ ++static void kvm_timer_init(void) ++{ ++ int cpu; ++ ++ max_tsc_khz = tsc_khz; ++ ++ cpu_notifier_register_begin(); ++ if (!boot_cpu_has(X86_FEATURE_CONSTANT_TSC)) { ++#ifdef CONFIG_CPU_FREQ ++ struct cpufreq_policy policy; ++ memset(&policy, 0, sizeof(policy)); ++ cpu = get_cpu(); ++ cpufreq_get_policy(&policy, cpu); ++ if (policy.cpuinfo.max_freq) ++ max_tsc_khz = policy.cpuinfo.max_freq; ++ put_cpu(); ++#endif ++ cpufreq_register_notifier(&kvmclock_cpufreq_notifier_block, ++ CPUFREQ_TRANSITION_NOTIFIER); ++ } ++ pr_debug("kvm: max_tsc_khz = %ld\n", max_tsc_khz); ++ for_each_online_cpu(cpu) ++ smp_call_function_single(cpu, tsc_khz_changed, NULL, 1); ++ ++ __register_hotcpu_notifier(&kvmclock_cpu_notifier_block); ++ cpu_notifier_register_done(); ++ ++} ++ ++static DEFINE_PER_CPU(struct kvm_vcpu *, current_vcpu); ++ ++int kvm_is_in_guest(void) ++{ ++ return __this_cpu_read(current_vcpu) != NULL; ++} ++ ++static int kvm_is_user_mode(void) ++{ ++ int user_mode = 3; ++ ++ if (__this_cpu_read(current_vcpu)) ++ user_mode = kvm_x86_ops->get_cpl(__this_cpu_read(current_vcpu)); ++ ++ return user_mode != 0; ++} ++ ++static unsigned long kvm_get_guest_ip(void) ++{ ++ unsigned long ip = 0; ++ ++ if (__this_cpu_read(current_vcpu)) ++ ip = kvm_rip_read(__this_cpu_read(current_vcpu)); ++ ++ return ip; ++} ++ ++static struct perf_guest_info_callbacks kvm_guest_cbs = { ++ .is_in_guest = kvm_is_in_guest, ++ .is_user_mode = kvm_is_user_mode, ++ .get_guest_ip = kvm_get_guest_ip, ++}; ++ ++void kvm_before_handle_nmi(struct kvm_vcpu *vcpu) ++{ ++ __this_cpu_write(current_vcpu, vcpu); ++} ++EXPORT_SYMBOL_GPL(kvm_before_handle_nmi); ++ ++void kvm_after_handle_nmi(struct kvm_vcpu *vcpu) ++{ ++ __this_cpu_write(current_vcpu, NULL); ++} ++EXPORT_SYMBOL_GPL(kvm_after_handle_nmi); ++ ++static void kvm_set_mmio_spte_mask(void) ++{ ++ u64 mask; ++ int maxphyaddr = boot_cpu_data.x86_phys_bits; ++ ++ /* ++ * Set the reserved bits and the present bit of an paging-structure ++ * entry to generate page fault with PFER.RSV = 1. ++ */ ++ /* Mask the reserved physical address bits. */ ++ mask = rsvd_bits(maxphyaddr, 51); ++ ++ /* Bit 62 is always reserved for 32bit host. */ ++ mask |= 0x3ull << 62; ++ ++ /* Set the present bit. */ ++ mask |= 1ull; ++ ++#ifdef CONFIG_X86_64 ++ /* ++ * If reserved bit is not supported, clear the present bit to disable ++ * mmio page fault. ++ */ ++ if (maxphyaddr == 52) ++ mask &= ~1ull; ++#endif ++ ++ kvm_mmu_set_mmio_spte_mask(mask); ++} ++ ++#ifdef CONFIG_X86_64 ++static void pvclock_gtod_update_fn(struct work_struct *work) ++{ ++ struct kvm *kvm; ++ ++ struct kvm_vcpu *vcpu; ++ int i; ++ ++ spin_lock(&kvm_lock); ++ list_for_each_entry(kvm, &vm_list, vm_list) ++ kvm_for_each_vcpu(i, vcpu, kvm) ++ kvm_make_request(KVM_REQ_MASTERCLOCK_UPDATE, vcpu); ++ atomic_set(&kvm_guest_has_master_clock, 0); ++ spin_unlock(&kvm_lock); ++} ++ ++static DECLARE_WORK(pvclock_gtod_work, pvclock_gtod_update_fn); ++ ++/* ++ * Notification about pvclock gtod data update. ++ */ ++static int pvclock_gtod_notify(struct notifier_block *nb, unsigned long unused, ++ void *priv) ++{ ++ struct pvclock_gtod_data *gtod = &pvclock_gtod_data; ++ struct timekeeper *tk = priv; ++ ++ update_pvclock_gtod(tk); ++ ++ /* disable master clock if host does not trust, or does not ++ * use, TSC clocksource ++ */ ++ if (gtod->clock.vclock_mode != VCLOCK_TSC && ++ atomic_read(&kvm_guest_has_master_clock) != 0) ++ queue_work(system_long_wq, &pvclock_gtod_work); ++ ++ return 0; ++} ++ ++static struct notifier_block pvclock_gtod_notifier = { ++ .notifier_call = pvclock_gtod_notify, ++}; ++#endif ++ ++int kvm_arch_init(void *opaque) ++{ ++ int r; ++ struct kvm_x86_ops *ops = opaque; ++ ++ if (kvm_x86_ops) { ++ printk(KERN_ERR "kvm: already loaded the other module\n"); ++ r = -EEXIST; ++ goto out; ++ } ++ ++ if (!ops->cpu_has_kvm_support()) { ++ printk(KERN_ERR "kvm: no hardware support\n"); ++ r = -EOPNOTSUPP; ++ goto out; ++ } ++ if (ops->disabled_by_bios()) { ++ printk(KERN_ERR "kvm: disabled by bios\n"); ++ r = -EOPNOTSUPP; ++ goto out; ++ } ++ ++ r = -ENOMEM; ++ shared_msrs = alloc_percpu(struct kvm_shared_msrs); ++ if (!shared_msrs) { ++ printk(KERN_ERR "kvm: failed to allocate percpu kvm_shared_msrs\n"); ++ goto out; ++ } ++ ++ r = kvm_mmu_module_init(); ++ if (r) ++ goto out_free_percpu; ++ ++ kvm_set_mmio_spte_mask(); ++ ++ kvm_x86_ops = ops; ++ kvm_init_msr_list(); ++ ++ kvm_mmu_set_mask_ptes(PT_USER_MASK, PT_ACCESSED_MASK, ++ PT_DIRTY_MASK, PT64_NX_MASK, 0); ++ ++ kvm_timer_init(); ++ ++ perf_register_guest_info_callbacks(&kvm_guest_cbs); ++ ++ if (cpu_has_xsave) ++ host_xcr0 = xgetbv(XCR_XFEATURE_ENABLED_MASK); ++ ++ kvm_lapic_init(); ++#ifdef CONFIG_X86_64 ++ pvclock_gtod_register_notifier(&pvclock_gtod_notifier); ++#endif ++ ++ return 0; ++ ++out_free_percpu: ++ free_percpu(shared_msrs); ++out: ++ return r; ++} ++ ++void kvm_arch_exit(void) ++{ ++ perf_unregister_guest_info_callbacks(&kvm_guest_cbs); ++ ++ if (!boot_cpu_has(X86_FEATURE_CONSTANT_TSC)) ++ cpufreq_unregister_notifier(&kvmclock_cpufreq_notifier_block, ++ CPUFREQ_TRANSITION_NOTIFIER); ++ unregister_hotcpu_notifier(&kvmclock_cpu_notifier_block); ++#ifdef CONFIG_X86_64 ++ pvclock_gtod_unregister_notifier(&pvclock_gtod_notifier); ++#endif ++ kvm_x86_ops = NULL; ++ kvm_mmu_module_exit(); ++ free_percpu(shared_msrs); ++} ++ ++int kvm_emulate_halt(struct kvm_vcpu *vcpu) ++{ ++ ++vcpu->stat.halt_exits; ++ if (irqchip_in_kernel(vcpu->kvm)) { ++ vcpu->arch.mp_state = KVM_MP_STATE_HALTED; ++ return 1; ++ } else { ++ vcpu->run->exit_reason = KVM_EXIT_HLT; ++ return 0; ++ } ++} ++EXPORT_SYMBOL_GPL(kvm_emulate_halt); ++ ++int kvm_hv_hypercall(struct kvm_vcpu *vcpu) ++{ ++ u64 param, ingpa, outgpa, ret; ++ uint16_t code, rep_idx, rep_cnt, res = HV_STATUS_SUCCESS, rep_done = 0; ++ bool fast, longmode; ++ ++ /* ++ * hypercall generates UD from non zero cpl and real mode ++ * per HYPER-V spec ++ */ ++ if (kvm_x86_ops->get_cpl(vcpu) != 0 || !is_protmode(vcpu)) { ++ kvm_queue_exception(vcpu, UD_VECTOR); ++ return 0; ++ } ++ ++ longmode = is_64_bit_mode(vcpu); ++ ++ if (!longmode) { ++ param = ((u64)kvm_register_read(vcpu, VCPU_REGS_RDX) << 32) | ++ (kvm_register_read(vcpu, VCPU_REGS_RAX) & 0xffffffff); ++ ingpa = ((u64)kvm_register_read(vcpu, VCPU_REGS_RBX) << 32) | ++ (kvm_register_read(vcpu, VCPU_REGS_RCX) & 0xffffffff); ++ outgpa = ((u64)kvm_register_read(vcpu, VCPU_REGS_RDI) << 32) | ++ (kvm_register_read(vcpu, VCPU_REGS_RSI) & 0xffffffff); ++ } ++#ifdef CONFIG_X86_64 ++ else { ++ param = kvm_register_read(vcpu, VCPU_REGS_RCX); ++ ingpa = kvm_register_read(vcpu, VCPU_REGS_RDX); ++ outgpa = kvm_register_read(vcpu, VCPU_REGS_R8); ++ } ++#endif ++ ++ code = param & 0xffff; ++ fast = (param >> 16) & 0x1; ++ rep_cnt = (param >> 32) & 0xfff; ++ rep_idx = (param >> 48) & 0xfff; ++ ++ trace_kvm_hv_hypercall(code, fast, rep_cnt, rep_idx, ingpa, outgpa); ++ ++ switch (code) { ++ case HV_X64_HV_NOTIFY_LONG_SPIN_WAIT: ++ kvm_vcpu_on_spin(vcpu); ++ break; ++ default: ++ res = HV_STATUS_INVALID_HYPERCALL_CODE; ++ break; ++ } ++ ++ ret = res | (((u64)rep_done & 0xfff) << 32); ++ if (longmode) { ++ kvm_register_write(vcpu, VCPU_REGS_RAX, ret); ++ } else { ++ kvm_register_write(vcpu, VCPU_REGS_RDX, ret >> 32); ++ kvm_register_write(vcpu, VCPU_REGS_RAX, ret & 0xffffffff); ++ } ++ ++ return 1; ++} ++ ++/* ++ * kvm_pv_kick_cpu_op: Kick a vcpu. ++ * ++ * @apicid - apicid of vcpu to be kicked. ++ */ ++static void kvm_pv_kick_cpu_op(struct kvm *kvm, unsigned long flags, int apicid) ++{ ++ struct kvm_lapic_irq lapic_irq; ++ ++ lapic_irq.shorthand = 0; ++ lapic_irq.dest_mode = 0; ++ lapic_irq.dest_id = apicid; ++ ++ lapic_irq.delivery_mode = APIC_DM_REMRD; ++ kvm_irq_delivery_to_apic(kvm, 0, &lapic_irq, NULL); ++} ++ ++int kvm_emulate_hypercall(struct kvm_vcpu *vcpu) ++{ ++ unsigned long nr, a0, a1, a2, a3, ret; ++ int op_64_bit, r = 1; ++ ++ if (kvm_hv_hypercall_enabled(vcpu->kvm)) ++ return kvm_hv_hypercall(vcpu); ++ ++ nr = kvm_register_read(vcpu, VCPU_REGS_RAX); ++ a0 = kvm_register_read(vcpu, VCPU_REGS_RBX); ++ a1 = kvm_register_read(vcpu, VCPU_REGS_RCX); ++ a2 = kvm_register_read(vcpu, VCPU_REGS_RDX); ++ a3 = kvm_register_read(vcpu, VCPU_REGS_RSI); ++ ++ trace_kvm_hypercall(nr, a0, a1, a2, a3); ++ ++ op_64_bit = is_64_bit_mode(vcpu); ++ if (!op_64_bit) { ++ nr &= 0xFFFFFFFF; ++ a0 &= 0xFFFFFFFF; ++ a1 &= 0xFFFFFFFF; ++ a2 &= 0xFFFFFFFF; ++ a3 &= 0xFFFFFFFF; ++ } ++ ++ if (kvm_x86_ops->get_cpl(vcpu) != 0) { ++ ret = -KVM_EPERM; ++ goto out; ++ } ++ ++ switch (nr) { ++ case KVM_HC_VAPIC_POLL_IRQ: ++ ret = 0; ++ break; ++ case KVM_HC_KICK_CPU: ++ kvm_pv_kick_cpu_op(vcpu->kvm, a0, a1); ++ ret = 0; ++ break; ++ default: ++ ret = -KVM_ENOSYS; ++ break; ++ } ++out: ++ if (!op_64_bit) ++ ret = (u32)ret; ++ kvm_register_write(vcpu, VCPU_REGS_RAX, ret); ++ ++vcpu->stat.hypercalls; ++ return r; ++} ++EXPORT_SYMBOL_GPL(kvm_emulate_hypercall); ++ ++static int emulator_fix_hypercall(struct x86_emulate_ctxt *ctxt) ++{ ++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); ++ char instruction[3]; ++ unsigned long rip = kvm_rip_read(vcpu); ++ ++ kvm_x86_ops->patch_hypercall(vcpu, instruction); ++ ++ return emulator_write_emulated(ctxt, rip, instruction, 3, NULL); ++} ++ ++/* ++ * Check if userspace requested an interrupt window, and that the ++ * interrupt window is open. ++ * ++ * No need to exit to userspace if we already have an interrupt queued. ++ */ ++static int dm_request_for_irq_injection(struct kvm_vcpu *vcpu) ++{ ++ return (!irqchip_in_kernel(vcpu->kvm) && !kvm_cpu_has_interrupt(vcpu) && ++ vcpu->run->request_interrupt_window && ++ kvm_arch_interrupt_allowed(vcpu)); ++} ++ ++static void post_kvm_run_save(struct kvm_vcpu *vcpu) ++{ ++ struct kvm_run *kvm_run = vcpu->run; ++ ++ kvm_run->if_flag = (kvm_get_rflags(vcpu) & X86_EFLAGS_IF) != 0; ++ kvm_run->cr8 = kvm_get_cr8(vcpu); ++ kvm_run->apic_base = kvm_get_apic_base(vcpu); ++ if (irqchip_in_kernel(vcpu->kvm)) ++ kvm_run->ready_for_interrupt_injection = 1; ++ else ++ kvm_run->ready_for_interrupt_injection = ++ kvm_arch_interrupt_allowed(vcpu) && ++ !kvm_cpu_has_interrupt(vcpu) && ++ !kvm_event_needs_reinjection(vcpu); ++} ++ ++static void update_cr8_intercept(struct kvm_vcpu *vcpu) ++{ ++ int max_irr, tpr; ++ ++ if (!kvm_x86_ops->update_cr8_intercept) ++ return; ++ ++ if (!vcpu->arch.apic) ++ return; ++ ++ if (!vcpu->arch.apic->vapic_addr) ++ max_irr = kvm_lapic_find_highest_irr(vcpu); ++ else ++ max_irr = -1; ++ ++ if (max_irr != -1) ++ max_irr >>= 4; ++ ++ tpr = kvm_lapic_get_cr8(vcpu); ++ ++ kvm_x86_ops->update_cr8_intercept(vcpu, tpr, max_irr); ++} ++ ++static int inject_pending_event(struct kvm_vcpu *vcpu, bool req_int_win) ++{ ++ int r; ++ ++ /* try to reinject previous events if any */ ++ if (vcpu->arch.exception.pending) { ++ trace_kvm_inj_exception(vcpu->arch.exception.nr, ++ vcpu->arch.exception.has_error_code, ++ vcpu->arch.exception.error_code); ++ ++ if (exception_type(vcpu->arch.exception.nr) == EXCPT_FAULT) ++ __kvm_set_rflags(vcpu, kvm_get_rflags(vcpu) | ++ X86_EFLAGS_RF); ++ ++ kvm_x86_ops->queue_exception(vcpu, vcpu->arch.exception.nr, ++ vcpu->arch.exception.has_error_code, ++ vcpu->arch.exception.error_code, ++ vcpu->arch.exception.reinject); ++ return 0; ++ } ++ ++ if (vcpu->arch.nmi_injected) { ++ kvm_x86_ops->set_nmi(vcpu); ++ return 0; ++ } ++ ++ if (vcpu->arch.interrupt.pending) { ++ kvm_x86_ops->set_irq(vcpu); ++ return 0; ++ } ++ ++ if (is_guest_mode(vcpu) && kvm_x86_ops->check_nested_events) { ++ r = kvm_x86_ops->check_nested_events(vcpu, req_int_win); ++ if (r != 0) ++ return r; ++ } ++ ++ /* try to inject new event if pending */ ++ if (vcpu->arch.nmi_pending) { ++ if (kvm_x86_ops->nmi_allowed(vcpu)) { ++ --vcpu->arch.nmi_pending; ++ vcpu->arch.nmi_injected = true; ++ kvm_x86_ops->set_nmi(vcpu); ++ } ++ } else if (kvm_cpu_has_injectable_intr(vcpu)) { ++ /* ++ * Because interrupts can be injected asynchronously, we are ++ * calling check_nested_events again here to avoid a race condition. ++ * See https://lkml.org/lkml/2014/7/2/60 for discussion about this ++ * proposal and current concerns. Perhaps we should be setting ++ * KVM_REQ_EVENT only on certain events and not unconditionally? ++ */ ++ if (is_guest_mode(vcpu) && kvm_x86_ops->check_nested_events) { ++ r = kvm_x86_ops->check_nested_events(vcpu, req_int_win); ++ if (r != 0) ++ return r; ++ } ++ if (kvm_x86_ops->interrupt_allowed(vcpu)) { ++ kvm_queue_interrupt(vcpu, kvm_cpu_get_interrupt(vcpu), ++ false); ++ kvm_x86_ops->set_irq(vcpu); ++ } ++ } ++ return 0; ++} ++ ++static void process_nmi(struct kvm_vcpu *vcpu) ++{ ++ unsigned limit = 2; ++ ++ /* ++ * x86 is limited to one NMI running, and one NMI pending after it. ++ * If an NMI is already in progress, limit further NMIs to just one. ++ * Otherwise, allow two (and we'll inject the first one immediately). ++ */ ++ if (kvm_x86_ops->get_nmi_mask(vcpu) || vcpu->arch.nmi_injected) ++ limit = 1; ++ ++ vcpu->arch.nmi_pending += atomic_xchg(&vcpu->arch.nmi_queued, 0); ++ vcpu->arch.nmi_pending = min(vcpu->arch.nmi_pending, limit); ++ kvm_make_request(KVM_REQ_EVENT, vcpu); ++} ++ ++static void vcpu_scan_ioapic(struct kvm_vcpu *vcpu) ++{ ++ u64 eoi_exit_bitmap[4]; ++ u32 tmr[8]; ++ ++ if (!kvm_apic_hw_enabled(vcpu->arch.apic)) ++ return; ++ ++ memset(eoi_exit_bitmap, 0, 32); ++ memset(tmr, 0, 32); ++ ++ kvm_ioapic_scan_entry(vcpu, eoi_exit_bitmap, tmr); ++ kvm_x86_ops->load_eoi_exitmap(vcpu, eoi_exit_bitmap); ++ kvm_apic_update_tmr(vcpu, tmr); ++} ++ ++static void kvm_vcpu_flush_tlb(struct kvm_vcpu *vcpu) ++{ ++ ++vcpu->stat.tlb_flush; ++ kvm_x86_ops->tlb_flush(vcpu); ++} ++ ++void kvm_vcpu_reload_apic_access_page(struct kvm_vcpu *vcpu) ++{ ++ struct page *page = NULL; ++ ++ if (!irqchip_in_kernel(vcpu->kvm)) ++ return; ++ ++ if (!kvm_x86_ops->set_apic_access_page_addr) ++ return; ++ ++ page = gfn_to_page(vcpu->kvm, APIC_DEFAULT_PHYS_BASE >> PAGE_SHIFT); ++ kvm_x86_ops->set_apic_access_page_addr(vcpu, page_to_phys(page)); ++ ++ /* ++ * Do not pin apic access page in memory, the MMU notifier ++ * will call us again if it is migrated or swapped out. ++ */ ++ put_page(page); ++} ++EXPORT_SYMBOL_GPL(kvm_vcpu_reload_apic_access_page); ++ ++void kvm_arch_mmu_notifier_invalidate_page(struct kvm *kvm, ++ unsigned long address) ++{ ++ /* ++ * The physical address of apic access page is stored in the VMCS. ++ * Update it when it becomes invalid. ++ */ ++ if (address == gfn_to_hva(kvm, APIC_DEFAULT_PHYS_BASE >> PAGE_SHIFT)) ++ kvm_make_all_cpus_request(kvm, KVM_REQ_APIC_PAGE_RELOAD); ++} ++ ++/* ++ * Returns 1 to let __vcpu_run() continue the guest execution loop without ++ * exiting to the userspace. Otherwise, the value will be returned to the ++ * userspace. ++ */ ++static int vcpu_enter_guest(struct kvm_vcpu *vcpu) ++{ ++ int r; ++ bool req_int_win = !irqchip_in_kernel(vcpu->kvm) && ++ vcpu->run->request_interrupt_window; ++ bool req_immediate_exit = false; ++ ++ if (vcpu->requests) { ++ if (kvm_check_request(KVM_REQ_MMU_RELOAD, vcpu)) ++ kvm_mmu_unload(vcpu); ++ if (kvm_check_request(KVM_REQ_MIGRATE_TIMER, vcpu)) ++ __kvm_migrate_timers(vcpu); ++ if (kvm_check_request(KVM_REQ_MASTERCLOCK_UPDATE, vcpu)) ++ kvm_gen_update_masterclock(vcpu->kvm); ++ if (kvm_check_request(KVM_REQ_GLOBAL_CLOCK_UPDATE, vcpu)) ++ kvm_gen_kvmclock_update(vcpu); ++ if (kvm_check_request(KVM_REQ_CLOCK_UPDATE, vcpu)) { ++ r = kvm_guest_time_update(vcpu); ++ if (unlikely(r)) ++ goto out; ++ } ++ if (kvm_check_request(KVM_REQ_MMU_SYNC, vcpu)) ++ kvm_mmu_sync_roots(vcpu); ++ if (kvm_check_request(KVM_REQ_TLB_FLUSH, vcpu)) ++ kvm_vcpu_flush_tlb(vcpu); ++ if (kvm_check_request(KVM_REQ_REPORT_TPR_ACCESS, vcpu)) { ++ vcpu->run->exit_reason = KVM_EXIT_TPR_ACCESS; ++ r = 0; ++ goto out; ++ } ++ if (kvm_check_request(KVM_REQ_TRIPLE_FAULT, vcpu)) { ++ vcpu->run->exit_reason = KVM_EXIT_SHUTDOWN; ++ r = 0; ++ goto out; ++ } ++ if (kvm_check_request(KVM_REQ_DEACTIVATE_FPU, vcpu)) { ++ vcpu->fpu_active = 0; ++ kvm_x86_ops->fpu_deactivate(vcpu); ++ } ++ if (kvm_check_request(KVM_REQ_APF_HALT, vcpu)) { ++ /* Page is swapped out. Do synthetic halt */ ++ vcpu->arch.apf.halted = true; ++ r = 1; ++ goto out; ++ } ++ if (kvm_check_request(KVM_REQ_STEAL_UPDATE, vcpu)) ++ record_steal_time(vcpu); ++ if (kvm_check_request(KVM_REQ_NMI, vcpu)) ++ process_nmi(vcpu); ++ if (kvm_check_request(KVM_REQ_PMU, vcpu)) ++ kvm_handle_pmu_event(vcpu); ++ if (kvm_check_request(KVM_REQ_PMI, vcpu)) ++ kvm_deliver_pmi(vcpu); ++ if (kvm_check_request(KVM_REQ_SCAN_IOAPIC, vcpu)) ++ vcpu_scan_ioapic(vcpu); ++ if (kvm_check_request(KVM_REQ_APIC_PAGE_RELOAD, vcpu)) ++ kvm_vcpu_reload_apic_access_page(vcpu); ++ } ++ ++ if (kvm_check_request(KVM_REQ_EVENT, vcpu) || req_int_win) { ++ kvm_apic_accept_events(vcpu); ++ if (vcpu->arch.mp_state == KVM_MP_STATE_INIT_RECEIVED) { ++ r = 1; ++ goto out; ++ } ++ ++ if (inject_pending_event(vcpu, req_int_win) != 0) ++ req_immediate_exit = true; ++ /* enable NMI/IRQ window open exits if needed */ ++ else if (vcpu->arch.nmi_pending) ++ kvm_x86_ops->enable_nmi_window(vcpu); ++ else if (kvm_cpu_has_injectable_intr(vcpu) || req_int_win) ++ kvm_x86_ops->enable_irq_window(vcpu); ++ ++ if (kvm_lapic_enabled(vcpu)) { ++ /* ++ * Update architecture specific hints for APIC ++ * virtual interrupt delivery. ++ */ ++ if (kvm_x86_ops->hwapic_irr_update) ++ kvm_x86_ops->hwapic_irr_update(vcpu, ++ kvm_lapic_find_highest_irr(vcpu)); ++ update_cr8_intercept(vcpu); ++ kvm_lapic_sync_to_vapic(vcpu); ++ } ++ } ++ ++ r = kvm_mmu_reload(vcpu); ++ if (unlikely(r)) { ++ goto cancel_injection; ++ } ++ ++ preempt_disable(); ++ ++ kvm_x86_ops->prepare_guest_switch(vcpu); ++ if (vcpu->fpu_active) ++ kvm_load_guest_fpu(vcpu); ++ kvm_load_guest_xcr0(vcpu); ++ ++ vcpu->mode = IN_GUEST_MODE; ++ ++ srcu_read_unlock(&vcpu->kvm->srcu, vcpu->srcu_idx); ++ ++ /* We should set ->mode before check ->requests, ++ * see the comment in make_all_cpus_request. ++ */ ++ smp_mb__after_srcu_read_unlock(); ++ ++ local_irq_disable(); ++ ++ if (vcpu->mode == EXITING_GUEST_MODE || vcpu->requests ++ || need_resched() || signal_pending(current)) { ++ vcpu->mode = OUTSIDE_GUEST_MODE; ++ smp_wmb(); ++ local_irq_enable(); ++ preempt_enable(); ++ vcpu->srcu_idx = srcu_read_lock(&vcpu->kvm->srcu); ++ r = 1; ++ goto cancel_injection; ++ } ++ ++ if (req_immediate_exit) ++ smp_send_reschedule(vcpu->cpu); ++ ++ kvm_guest_enter(); ++ ++ if (unlikely(vcpu->arch.switch_db_regs)) { ++ set_debugreg(0, 7); ++ set_debugreg(vcpu->arch.eff_db[0], 0); ++ set_debugreg(vcpu->arch.eff_db[1], 1); ++ set_debugreg(vcpu->arch.eff_db[2], 2); ++ set_debugreg(vcpu->arch.eff_db[3], 3); ++ set_debugreg(vcpu->arch.dr6, 6); ++ } ++ ++ trace_kvm_entry(vcpu->vcpu_id); ++ kvm_x86_ops->run(vcpu); ++ ++ /* ++ * Do this here before restoring debug registers on the host. And ++ * since we do this before handling the vmexit, a DR access vmexit ++ * can (a) read the correct value of the debug registers, (b) set ++ * KVM_DEBUGREG_WONT_EXIT again. ++ */ ++ if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT)) { ++ int i; ++ ++ WARN_ON(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP); ++ kvm_x86_ops->sync_dirty_debug_regs(vcpu); ++ for (i = 0; i < KVM_NR_DB_REGS; i++) ++ vcpu->arch.eff_db[i] = vcpu->arch.db[i]; ++ } ++ ++ /* ++ * If the guest has used debug registers, at least dr7 ++ * will be disabled while returning to the host. ++ * If we don't have active breakpoints in the host, we don't ++ * care about the messed up debug address registers. But if ++ * we have some of them active, restore the old state. ++ */ ++ if (hw_breakpoint_active()) ++ hw_breakpoint_restore(); ++ ++ vcpu->arch.last_guest_tsc = kvm_x86_ops->read_l1_tsc(vcpu, ++ native_read_tsc()); ++ ++ vcpu->mode = OUTSIDE_GUEST_MODE; ++ smp_wmb(); ++ ++ /* Interrupt is enabled by handle_external_intr() */ ++ kvm_x86_ops->handle_external_intr(vcpu); ++ ++ ++vcpu->stat.exits; ++ ++ /* ++ * We must have an instruction between local_irq_enable() and ++ * kvm_guest_exit(), so the timer interrupt isn't delayed by ++ * the interrupt shadow. The stat.exits increment will do nicely. ++ * But we need to prevent reordering, hence this barrier(): ++ */ ++ barrier(); ++ ++ kvm_guest_exit(); ++ ++ preempt_enable(); ++ ++ vcpu->srcu_idx = srcu_read_lock(&vcpu->kvm->srcu); ++ ++ /* ++ * Profile KVM exit RIPs: ++ */ ++ if (unlikely(prof_on == KVM_PROFILING)) { ++ unsigned long rip = kvm_rip_read(vcpu); ++ profile_hit(KVM_PROFILING, (void *)rip); ++ } ++ ++ if (unlikely(vcpu->arch.tsc_always_catchup)) ++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu); ++ ++ if (vcpu->arch.apic_attention) ++ kvm_lapic_sync_from_vapic(vcpu); ++ ++ r = kvm_x86_ops->handle_exit(vcpu); ++ return r; ++ ++cancel_injection: ++ kvm_x86_ops->cancel_injection(vcpu); ++ if (unlikely(vcpu->arch.apic_attention)) ++ kvm_lapic_sync_from_vapic(vcpu); ++out: ++ return r; ++} ++ ++ ++static int __vcpu_run(struct kvm_vcpu *vcpu) ++{ ++ int r; ++ struct kvm *kvm = vcpu->kvm; ++ ++ vcpu->srcu_idx = srcu_read_lock(&kvm->srcu); ++ ++ r = 1; ++ while (r > 0) { ++ if (vcpu->arch.mp_state == KVM_MP_STATE_RUNNABLE && ++ !vcpu->arch.apf.halted) ++ r = vcpu_enter_guest(vcpu); ++ else { ++ srcu_read_unlock(&kvm->srcu, vcpu->srcu_idx); ++ kvm_vcpu_block(vcpu); ++ vcpu->srcu_idx = srcu_read_lock(&kvm->srcu); ++ if (kvm_check_request(KVM_REQ_UNHALT, vcpu)) { ++ kvm_apic_accept_events(vcpu); ++ switch(vcpu->arch.mp_state) { ++ case KVM_MP_STATE_HALTED: ++ vcpu->arch.pv.pv_unhalted = false; ++ vcpu->arch.mp_state = ++ KVM_MP_STATE_RUNNABLE; ++ case KVM_MP_STATE_RUNNABLE: ++ vcpu->arch.apf.halted = false; ++ break; ++ case KVM_MP_STATE_INIT_RECEIVED: ++ break; ++ default: ++ r = -EINTR; ++ break; ++ } ++ } ++ } ++ ++ if (r <= 0) ++ break; ++ ++ clear_bit(KVM_REQ_PENDING_TIMER, &vcpu->requests); ++ if (kvm_cpu_has_pending_timer(vcpu)) ++ kvm_inject_pending_timer_irqs(vcpu); ++ ++ if (dm_request_for_irq_injection(vcpu)) { ++ r = -EINTR; ++ vcpu->run->exit_reason = KVM_EXIT_INTR; ++ ++vcpu->stat.request_irq_exits; ++ } ++ ++ kvm_check_async_pf_completion(vcpu); ++ ++ if (signal_pending(current)) { ++ r = -EINTR; ++ vcpu->run->exit_reason = KVM_EXIT_INTR; ++ ++vcpu->stat.signal_exits; ++ } ++ if (need_resched()) { ++ srcu_read_unlock(&kvm->srcu, vcpu->srcu_idx); ++ cond_resched(); ++ vcpu->srcu_idx = srcu_read_lock(&kvm->srcu); ++ } ++ } ++ ++ srcu_read_unlock(&kvm->srcu, vcpu->srcu_idx); ++ ++ return r; ++} ++ ++static inline int complete_emulated_io(struct kvm_vcpu *vcpu) ++{ ++ int r; ++ vcpu->srcu_idx = srcu_read_lock(&vcpu->kvm->srcu); ++ r = emulate_instruction(vcpu, EMULTYPE_NO_DECODE); ++ srcu_read_unlock(&vcpu->kvm->srcu, vcpu->srcu_idx); ++ if (r != EMULATE_DONE) ++ return 0; ++ return 1; ++} ++ ++static int complete_emulated_pio(struct kvm_vcpu *vcpu) ++{ ++ BUG_ON(!vcpu->arch.pio.count); ++ ++ return complete_emulated_io(vcpu); ++} ++ ++/* ++ * Implements the following, as a state machine: ++ * ++ * read: ++ * for each fragment ++ * for each mmio piece in the fragment ++ * write gpa, len ++ * exit ++ * copy data ++ * execute insn ++ * ++ * write: ++ * for each fragment ++ * for each mmio piece in the fragment ++ * write gpa, len ++ * copy data ++ * exit ++ */ ++static int complete_emulated_mmio(struct kvm_vcpu *vcpu) ++{ ++ struct kvm_run *run = vcpu->run; ++ struct kvm_mmio_fragment *frag; ++ unsigned len; ++ ++ BUG_ON(!vcpu->mmio_needed); ++ ++ /* Complete previous fragment */ ++ frag = &vcpu->mmio_fragments[vcpu->mmio_cur_fragment]; ++ len = min(8u, frag->len); ++ if (!vcpu->mmio_is_write) ++ memcpy(frag->data, run->mmio.data, len); ++ ++ if (frag->len <= 8) { ++ /* Switch to the next fragment. */ ++ frag++; ++ vcpu->mmio_cur_fragment++; ++ } else { ++ /* Go forward to the next mmio piece. */ ++ frag->data += len; ++ frag->gpa += len; ++ frag->len -= len; ++ } ++ ++ if (vcpu->mmio_cur_fragment >= vcpu->mmio_nr_fragments) { ++ vcpu->mmio_needed = 0; ++ ++ /* FIXME: return into emulator if single-stepping. */ ++ if (vcpu->mmio_is_write) ++ return 1; ++ vcpu->mmio_read_completed = 1; ++ return complete_emulated_io(vcpu); ++ } ++ ++ run->exit_reason = KVM_EXIT_MMIO; ++ run->mmio.phys_addr = frag->gpa; ++ if (vcpu->mmio_is_write) ++ memcpy(run->mmio.data, frag->data, min(8u, frag->len)); ++ run->mmio.len = min(8u, frag->len); ++ run->mmio.is_write = vcpu->mmio_is_write; ++ vcpu->arch.complete_userspace_io = complete_emulated_mmio; ++ return 0; ++} ++ ++ ++int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run) ++{ ++ int r; ++ sigset_t sigsaved; ++ ++ if (!tsk_used_math(current) && init_fpu(current)) ++ return -ENOMEM; ++ ++ if (vcpu->sigset_active) ++ sigprocmask(SIG_SETMASK, &vcpu->sigset, &sigsaved); ++ ++ if (unlikely(vcpu->arch.mp_state == KVM_MP_STATE_UNINITIALIZED)) { ++ kvm_vcpu_block(vcpu); ++ kvm_apic_accept_events(vcpu); ++ clear_bit(KVM_REQ_UNHALT, &vcpu->requests); ++ r = -EAGAIN; ++ goto out; ++ } ++ ++ /* re-sync apic's tpr */ ++ if (!irqchip_in_kernel(vcpu->kvm)) { ++ if (kvm_set_cr8(vcpu, kvm_run->cr8) != 0) { ++ r = -EINVAL; ++ goto out; ++ } ++ } ++ ++ if (unlikely(vcpu->arch.complete_userspace_io)) { ++ int (*cui)(struct kvm_vcpu *) = vcpu->arch.complete_userspace_io; ++ vcpu->arch.complete_userspace_io = NULL; ++ r = cui(vcpu); ++ if (r <= 0) ++ goto out; ++ } else ++ WARN_ON(vcpu->arch.pio.count || vcpu->mmio_needed); ++ ++ r = __vcpu_run(vcpu); ++ ++out: ++ post_kvm_run_save(vcpu); ++ if (vcpu->sigset_active) ++ sigprocmask(SIG_SETMASK, &sigsaved, NULL); ++ ++ return r; ++} ++ ++int kvm_arch_vcpu_ioctl_get_regs(struct kvm_vcpu *vcpu, struct kvm_regs *regs) ++{ ++ if (vcpu->arch.emulate_regs_need_sync_to_vcpu) { ++ /* ++ * We are here if userspace calls get_regs() in the middle of ++ * instruction emulation. Registers state needs to be copied ++ * back from emulation context to vcpu. Userspace shouldn't do ++ * that usually, but some bad designed PV devices (vmware ++ * backdoor interface) need this to work ++ */ ++ emulator_writeback_register_cache(&vcpu->arch.emulate_ctxt); ++ vcpu->arch.emulate_regs_need_sync_to_vcpu = false; ++ } ++ regs->rax = kvm_register_read(vcpu, VCPU_REGS_RAX); ++ regs->rbx = kvm_register_read(vcpu, VCPU_REGS_RBX); ++ regs->rcx = kvm_register_read(vcpu, VCPU_REGS_RCX); ++ regs->rdx = kvm_register_read(vcpu, VCPU_REGS_RDX); ++ regs->rsi = kvm_register_read(vcpu, VCPU_REGS_RSI); ++ regs->rdi = kvm_register_read(vcpu, VCPU_REGS_RDI); ++ regs->rsp = kvm_register_read(vcpu, VCPU_REGS_RSP); ++ regs->rbp = kvm_register_read(vcpu, VCPU_REGS_RBP); ++#ifdef CONFIG_X86_64 ++ regs->r8 = kvm_register_read(vcpu, VCPU_REGS_R8); ++ regs->r9 = kvm_register_read(vcpu, VCPU_REGS_R9); ++ regs->r10 = kvm_register_read(vcpu, VCPU_REGS_R10); ++ regs->r11 = kvm_register_read(vcpu, VCPU_REGS_R11); ++ regs->r12 = kvm_register_read(vcpu, VCPU_REGS_R12); ++ regs->r13 = kvm_register_read(vcpu, VCPU_REGS_R13); ++ regs->r14 = kvm_register_read(vcpu, VCPU_REGS_R14); ++ regs->r15 = kvm_register_read(vcpu, VCPU_REGS_R15); ++#endif ++ ++ regs->rip = kvm_rip_read(vcpu); ++ regs->rflags = kvm_get_rflags(vcpu); ++ ++ return 0; ++} ++ ++int kvm_arch_vcpu_ioctl_set_regs(struct kvm_vcpu *vcpu, struct kvm_regs *regs) ++{ ++ vcpu->arch.emulate_regs_need_sync_from_vcpu = true; ++ vcpu->arch.emulate_regs_need_sync_to_vcpu = false; ++ ++ kvm_register_write(vcpu, VCPU_REGS_RAX, regs->rax); ++ kvm_register_write(vcpu, VCPU_REGS_RBX, regs->rbx); ++ kvm_register_write(vcpu, VCPU_REGS_RCX, regs->rcx); ++ kvm_register_write(vcpu, VCPU_REGS_RDX, regs->rdx); ++ kvm_register_write(vcpu, VCPU_REGS_RSI, regs->rsi); ++ kvm_register_write(vcpu, VCPU_REGS_RDI, regs->rdi); ++ kvm_register_write(vcpu, VCPU_REGS_RSP, regs->rsp); ++ kvm_register_write(vcpu, VCPU_REGS_RBP, regs->rbp); ++#ifdef CONFIG_X86_64 ++ kvm_register_write(vcpu, VCPU_REGS_R8, regs->r8); ++ kvm_register_write(vcpu, VCPU_REGS_R9, regs->r9); ++ kvm_register_write(vcpu, VCPU_REGS_R10, regs->r10); ++ kvm_register_write(vcpu, VCPU_REGS_R11, regs->r11); ++ kvm_register_write(vcpu, VCPU_REGS_R12, regs->r12); ++ kvm_register_write(vcpu, VCPU_REGS_R13, regs->r13); ++ kvm_register_write(vcpu, VCPU_REGS_R14, regs->r14); ++ kvm_register_write(vcpu, VCPU_REGS_R15, regs->r15); ++#endif ++ ++ kvm_rip_write(vcpu, regs->rip); ++ kvm_set_rflags(vcpu, regs->rflags); ++ ++ vcpu->arch.exception.pending = false; ++ ++ kvm_make_request(KVM_REQ_EVENT, vcpu); ++ ++ return 0; ++} ++ ++void kvm_get_cs_db_l_bits(struct kvm_vcpu *vcpu, int *db, int *l) ++{ ++ struct kvm_segment cs; ++ ++ kvm_get_segment(vcpu, &cs, VCPU_SREG_CS); ++ *db = cs.db; ++ *l = cs.l; ++} ++EXPORT_SYMBOL_GPL(kvm_get_cs_db_l_bits); ++ ++int kvm_arch_vcpu_ioctl_get_sregs(struct kvm_vcpu *vcpu, ++ struct kvm_sregs *sregs) ++{ ++ struct desc_ptr dt; ++ ++ kvm_get_segment(vcpu, &sregs->cs, VCPU_SREG_CS); ++ kvm_get_segment(vcpu, &sregs->ds, VCPU_SREG_DS); ++ kvm_get_segment(vcpu, &sregs->es, VCPU_SREG_ES); ++ kvm_get_segment(vcpu, &sregs->fs, VCPU_SREG_FS); ++ kvm_get_segment(vcpu, &sregs->gs, VCPU_SREG_GS); ++ kvm_get_segment(vcpu, &sregs->ss, VCPU_SREG_SS); ++ ++ kvm_get_segment(vcpu, &sregs->tr, VCPU_SREG_TR); ++ kvm_get_segment(vcpu, &sregs->ldt, VCPU_SREG_LDTR); ++ ++ kvm_x86_ops->get_idt(vcpu, &dt); ++ sregs->idt.limit = dt.size; ++ sregs->idt.base = dt.address; ++ kvm_x86_ops->get_gdt(vcpu, &dt); ++ sregs->gdt.limit = dt.size; ++ sregs->gdt.base = dt.address; ++ ++ sregs->cr0 = kvm_read_cr0(vcpu); ++ sregs->cr2 = vcpu->arch.cr2; ++ sregs->cr3 = kvm_read_cr3(vcpu); ++ sregs->cr4 = kvm_read_cr4(vcpu); ++ sregs->cr8 = kvm_get_cr8(vcpu); ++ sregs->efer = vcpu->arch.efer; ++ sregs->apic_base = kvm_get_apic_base(vcpu); ++ ++ memset(sregs->interrupt_bitmap, 0, sizeof sregs->interrupt_bitmap); ++ ++ if (vcpu->arch.interrupt.pending && !vcpu->arch.interrupt.soft) ++ set_bit(vcpu->arch.interrupt.nr, ++ (unsigned long *)sregs->interrupt_bitmap); ++ ++ return 0; ++} ++ ++int kvm_arch_vcpu_ioctl_get_mpstate(struct kvm_vcpu *vcpu, ++ struct kvm_mp_state *mp_state) ++{ ++ kvm_apic_accept_events(vcpu); ++ if (vcpu->arch.mp_state == KVM_MP_STATE_HALTED && ++ vcpu->arch.pv.pv_unhalted) ++ mp_state->mp_state = KVM_MP_STATE_RUNNABLE; ++ else ++ mp_state->mp_state = vcpu->arch.mp_state; ++ ++ return 0; ++} ++ ++int kvm_arch_vcpu_ioctl_set_mpstate(struct kvm_vcpu *vcpu, ++ struct kvm_mp_state *mp_state) ++{ ++ if (!kvm_vcpu_has_lapic(vcpu) && ++ mp_state->mp_state != KVM_MP_STATE_RUNNABLE) ++ return -EINVAL; ++ ++ if (mp_state->mp_state == KVM_MP_STATE_SIPI_RECEIVED) { ++ vcpu->arch.mp_state = KVM_MP_STATE_INIT_RECEIVED; ++ set_bit(KVM_APIC_SIPI, &vcpu->arch.apic->pending_events); ++ } else ++ vcpu->arch.mp_state = mp_state->mp_state; ++ kvm_make_request(KVM_REQ_EVENT, vcpu); ++ return 0; ++} ++ ++int kvm_task_switch(struct kvm_vcpu *vcpu, u16 tss_selector, int idt_index, ++ int reason, bool has_error_code, u32 error_code) ++{ ++ struct x86_emulate_ctxt *ctxt = &vcpu->arch.emulate_ctxt; ++ int ret; ++ ++ init_emulate_ctxt(vcpu); ++ ++ ret = emulator_task_switch(ctxt, tss_selector, idt_index, reason, ++ has_error_code, error_code); ++ ++ if (ret) ++ return EMULATE_FAIL; ++ ++ kvm_rip_write(vcpu, ctxt->eip); ++ kvm_set_rflags(vcpu, ctxt->eflags); ++ kvm_make_request(KVM_REQ_EVENT, vcpu); ++ return EMULATE_DONE; ++} ++EXPORT_SYMBOL_GPL(kvm_task_switch); ++ ++int kvm_arch_vcpu_ioctl_set_sregs(struct kvm_vcpu *vcpu, ++ struct kvm_sregs *sregs) ++{ ++ struct msr_data apic_base_msr; ++ int mmu_reset_needed = 0; ++ int pending_vec, max_bits, idx; ++ struct desc_ptr dt; ++ ++ if (!guest_cpuid_has_xsave(vcpu) && (sregs->cr4 & X86_CR4_OSXSAVE)) ++ return -EINVAL; ++ ++ dt.size = sregs->idt.limit; ++ dt.address = sregs->idt.base; ++ kvm_x86_ops->set_idt(vcpu, &dt); ++ dt.size = sregs->gdt.limit; ++ dt.address = sregs->gdt.base; ++ kvm_x86_ops->set_gdt(vcpu, &dt); ++ ++ vcpu->arch.cr2 = sregs->cr2; ++ mmu_reset_needed |= kvm_read_cr3(vcpu) != sregs->cr3; ++ vcpu->arch.cr3 = sregs->cr3; ++ __set_bit(VCPU_EXREG_CR3, (ulong *)&vcpu->arch.regs_avail); ++ ++ kvm_set_cr8(vcpu, sregs->cr8); ++ ++ mmu_reset_needed |= vcpu->arch.efer != sregs->efer; ++ kvm_x86_ops->set_efer(vcpu, sregs->efer); ++ apic_base_msr.data = sregs->apic_base; ++ apic_base_msr.host_initiated = true; ++ kvm_set_apic_base(vcpu, &apic_base_msr); ++ ++ mmu_reset_needed |= kvm_read_cr0(vcpu) != sregs->cr0; ++ kvm_x86_ops->set_cr0(vcpu, sregs->cr0); ++ vcpu->arch.cr0 = sregs->cr0; ++ ++ mmu_reset_needed |= kvm_read_cr4(vcpu) != sregs->cr4; ++ kvm_x86_ops->set_cr4(vcpu, sregs->cr4); ++ if (sregs->cr4 & X86_CR4_OSXSAVE) ++ kvm_update_cpuid(vcpu); ++ ++ idx = srcu_read_lock(&vcpu->kvm->srcu); ++ if (!is_long_mode(vcpu) && is_pae(vcpu)) { ++ load_pdptrs(vcpu, vcpu->arch.walk_mmu, kvm_read_cr3(vcpu)); ++ mmu_reset_needed = 1; ++ } ++ srcu_read_unlock(&vcpu->kvm->srcu, idx); ++ ++ if (mmu_reset_needed) ++ kvm_mmu_reset_context(vcpu); ++ ++ max_bits = KVM_NR_INTERRUPTS; ++ pending_vec = find_first_bit( ++ (const unsigned long *)sregs->interrupt_bitmap, max_bits); ++ if (pending_vec < max_bits) { ++ kvm_queue_interrupt(vcpu, pending_vec, false); ++ pr_debug("Set back pending irq %d\n", pending_vec); ++ } ++ ++ kvm_set_segment(vcpu, &sregs->cs, VCPU_SREG_CS); ++ kvm_set_segment(vcpu, &sregs->ds, VCPU_SREG_DS); ++ kvm_set_segment(vcpu, &sregs->es, VCPU_SREG_ES); ++ kvm_set_segment(vcpu, &sregs->fs, VCPU_SREG_FS); ++ kvm_set_segment(vcpu, &sregs->gs, VCPU_SREG_GS); ++ kvm_set_segment(vcpu, &sregs->ss, VCPU_SREG_SS); ++ ++ kvm_set_segment(vcpu, &sregs->tr, VCPU_SREG_TR); ++ kvm_set_segment(vcpu, &sregs->ldt, VCPU_SREG_LDTR); ++ ++ update_cr8_intercept(vcpu); ++ ++ /* Older userspace won't unhalt the vcpu on reset. */ ++ if (kvm_vcpu_is_bsp(vcpu) && kvm_rip_read(vcpu) == 0xfff0 && ++ sregs->cs.selector == 0xf000 && sregs->cs.base == 0xffff0000 && ++ !is_protmode(vcpu)) ++ vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; ++ ++ kvm_make_request(KVM_REQ_EVENT, vcpu); ++ ++ return 0; ++} ++ ++int kvm_arch_vcpu_ioctl_set_guest_debug(struct kvm_vcpu *vcpu, ++ struct kvm_guest_debug *dbg) ++{ ++ unsigned long rflags; ++ int i, r; ++ ++ if (dbg->control & (KVM_GUESTDBG_INJECT_DB | KVM_GUESTDBG_INJECT_BP)) { ++ r = -EBUSY; ++ if (vcpu->arch.exception.pending) ++ goto out; ++ if (dbg->control & KVM_GUESTDBG_INJECT_DB) ++ kvm_queue_exception(vcpu, DB_VECTOR); ++ else ++ kvm_queue_exception(vcpu, BP_VECTOR); ++ } ++ ++ /* ++ * Read rflags as long as potentially injected trace flags are still ++ * filtered out. ++ */ ++ rflags = kvm_get_rflags(vcpu); ++ ++ vcpu->guest_debug = dbg->control; ++ if (!(vcpu->guest_debug & KVM_GUESTDBG_ENABLE)) ++ vcpu->guest_debug = 0; ++ ++ if (vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP) { ++ for (i = 0; i < KVM_NR_DB_REGS; ++i) ++ vcpu->arch.eff_db[i] = dbg->arch.debugreg[i]; ++ vcpu->arch.guest_debug_dr7 = dbg->arch.debugreg[7]; ++ } else { ++ for (i = 0; i < KVM_NR_DB_REGS; i++) ++ vcpu->arch.eff_db[i] = vcpu->arch.db[i]; ++ } ++ kvm_update_dr7(vcpu); ++ ++ if (vcpu->guest_debug & KVM_GUESTDBG_SINGLESTEP) ++ vcpu->arch.singlestep_rip = kvm_rip_read(vcpu) + ++ get_segment_base(vcpu, VCPU_SREG_CS); ++ ++ /* ++ * Trigger an rflags update that will inject or remove the trace ++ * flags. ++ */ ++ kvm_set_rflags(vcpu, rflags); ++ ++ kvm_x86_ops->update_db_bp_intercept(vcpu); ++ ++ r = 0; ++ ++out: ++ ++ return r; ++} ++ ++/* ++ * Translate a guest virtual address to a guest physical address. ++ */ ++int kvm_arch_vcpu_ioctl_translate(struct kvm_vcpu *vcpu, ++ struct kvm_translation *tr) ++{ ++ unsigned long vaddr = tr->linear_address; ++ gpa_t gpa; ++ int idx; ++ ++ idx = srcu_read_lock(&vcpu->kvm->srcu); ++ gpa = kvm_mmu_gva_to_gpa_system(vcpu, vaddr, NULL); ++ srcu_read_unlock(&vcpu->kvm->srcu, idx); ++ tr->physical_address = gpa; ++ tr->valid = gpa != UNMAPPED_GVA; ++ tr->writeable = 1; ++ tr->usermode = 0; ++ ++ return 0; ++} ++ ++int kvm_arch_vcpu_ioctl_get_fpu(struct kvm_vcpu *vcpu, struct kvm_fpu *fpu) ++{ ++ struct i387_fxsave_struct *fxsave = ++ &vcpu->arch.guest_fpu.state->fxsave; ++ ++ memcpy(fpu->fpr, fxsave->st_space, 128); ++ fpu->fcw = fxsave->cwd; ++ fpu->fsw = fxsave->swd; ++ fpu->ftwx = fxsave->twd; ++ fpu->last_opcode = fxsave->fop; ++ fpu->last_ip = fxsave->rip; ++ fpu->last_dp = fxsave->rdp; ++ memcpy(fpu->xmm, fxsave->xmm_space, sizeof fxsave->xmm_space); ++ ++ return 0; ++} ++ ++int kvm_arch_vcpu_ioctl_set_fpu(struct kvm_vcpu *vcpu, struct kvm_fpu *fpu) ++{ ++ struct i387_fxsave_struct *fxsave = ++ &vcpu->arch.guest_fpu.state->fxsave; ++ ++ memcpy(fxsave->st_space, fpu->fpr, 128); ++ fxsave->cwd = fpu->fcw; ++ fxsave->swd = fpu->fsw; ++ fxsave->twd = fpu->ftwx; ++ fxsave->fop = fpu->last_opcode; ++ fxsave->rip = fpu->last_ip; ++ fxsave->rdp = fpu->last_dp; ++ memcpy(fxsave->xmm_space, fpu->xmm, sizeof fxsave->xmm_space); ++ ++ return 0; ++} ++ ++int fx_init(struct kvm_vcpu *vcpu) ++{ ++ int err; ++ ++ err = fpu_alloc(&vcpu->arch.guest_fpu); ++ if (err) ++ return err; ++ ++ fpu_finit(&vcpu->arch.guest_fpu); ++ if (cpu_has_xsaves) ++ vcpu->arch.guest_fpu.state->xsave.xsave_hdr.xcomp_bv = ++ host_xcr0 | XSTATE_COMPACTION_ENABLED; ++ ++ /* ++ * Ensure guest xcr0 is valid for loading ++ */ ++ vcpu->arch.xcr0 = XSTATE_FP; ++ ++ vcpu->arch.cr0 |= X86_CR0_ET; ++ ++ return 0; ++} ++EXPORT_SYMBOL_GPL(fx_init); ++ ++static void fx_free(struct kvm_vcpu *vcpu) ++{ ++ fpu_free(&vcpu->arch.guest_fpu); ++} ++ ++void kvm_load_guest_fpu(struct kvm_vcpu *vcpu) ++{ ++ if (vcpu->guest_fpu_loaded) ++ return; ++ ++ /* ++ * Restore all possible states in the guest, ++ * and assume host would use all available bits. ++ * Guest xcr0 would be loaded later. ++ */ ++ kvm_put_guest_xcr0(vcpu); ++ vcpu->guest_fpu_loaded = 1; ++ __kernel_fpu_begin(); ++ fpu_restore_checking(&vcpu->arch.guest_fpu); ++ trace_kvm_fpu(1); ++} ++ ++void kvm_put_guest_fpu(struct kvm_vcpu *vcpu) ++{ ++ kvm_put_guest_xcr0(vcpu); ++ ++ if (!vcpu->guest_fpu_loaded) ++ return; ++ ++ vcpu->guest_fpu_loaded = 0; ++ fpu_save_init(&vcpu->arch.guest_fpu); ++ __kernel_fpu_end(); ++ ++vcpu->stat.fpu_reload; ++ kvm_make_request(KVM_REQ_DEACTIVATE_FPU, vcpu); ++ trace_kvm_fpu(0); ++} ++ ++void kvm_arch_vcpu_free(struct kvm_vcpu *vcpu) ++{ ++ kvmclock_reset(vcpu); ++ ++ free_cpumask_var(vcpu->arch.wbinvd_dirty_mask); ++ fx_free(vcpu); ++ kvm_x86_ops->vcpu_free(vcpu); ++} ++ ++struct kvm_vcpu *kvm_arch_vcpu_create(struct kvm *kvm, ++ unsigned int id) ++{ ++ if (check_tsc_unstable() && atomic_read(&kvm->online_vcpus) != 0) ++ printk_once(KERN_WARNING ++ "kvm: SMP vm created on host with unstable TSC; " ++ "guest TSC will not be reliable\n"); ++ return kvm_x86_ops->vcpu_create(kvm, id); ++} ++ ++int kvm_arch_vcpu_setup(struct kvm_vcpu *vcpu) ++{ ++ int r; ++ ++ vcpu->arch.mtrr_state.have_fixed = 1; ++ r = vcpu_load(vcpu); ++ if (r) ++ return r; ++ kvm_vcpu_reset(vcpu); ++ kvm_mmu_setup(vcpu); ++ vcpu_put(vcpu); ++ ++ return r; ++} ++ ++int kvm_arch_vcpu_postcreate(struct kvm_vcpu *vcpu) ++{ ++ int r; ++ struct msr_data msr; ++ struct kvm *kvm = vcpu->kvm; ++ ++ r = vcpu_load(vcpu); ++ if (r) ++ return r; ++ msr.data = 0x0; ++ msr.index = MSR_IA32_TSC; ++ msr.host_initiated = true; ++ kvm_write_tsc(vcpu, &msr); ++ vcpu_put(vcpu); ++ ++ schedule_delayed_work(&kvm->arch.kvmclock_sync_work, ++ KVMCLOCK_SYNC_PERIOD); ++ ++ return r; ++} ++ ++void kvm_arch_vcpu_destroy(struct kvm_vcpu *vcpu) ++{ ++ int r; ++ vcpu->arch.apf.msr_val = 0; ++ ++ r = vcpu_load(vcpu); ++ BUG_ON(r); ++ kvm_mmu_unload(vcpu); ++ vcpu_put(vcpu); ++ ++ fx_free(vcpu); ++ kvm_x86_ops->vcpu_free(vcpu); ++} ++ ++void kvm_vcpu_reset(struct kvm_vcpu *vcpu) ++{ ++ atomic_set(&vcpu->arch.nmi_queued, 0); ++ vcpu->arch.nmi_pending = 0; ++ vcpu->arch.nmi_injected = false; ++ kvm_clear_interrupt_queue(vcpu); ++ kvm_clear_exception_queue(vcpu); ++ ++ memset(vcpu->arch.db, 0, sizeof(vcpu->arch.db)); ++ vcpu->arch.dr6 = DR6_INIT; ++ kvm_update_dr6(vcpu); ++ vcpu->arch.dr7 = DR7_FIXED_1; ++ kvm_update_dr7(vcpu); ++ ++ kvm_make_request(KVM_REQ_EVENT, vcpu); ++ vcpu->arch.apf.msr_val = 0; ++ vcpu->arch.st.msr_val = 0; ++ ++ kvmclock_reset(vcpu); ++ ++ kvm_clear_async_pf_completion_queue(vcpu); ++ kvm_async_pf_hash_reset(vcpu); ++ vcpu->arch.apf.halted = false; ++ ++ kvm_pmu_reset(vcpu); ++ ++ memset(vcpu->arch.regs, 0, sizeof(vcpu->arch.regs)); ++ vcpu->arch.regs_avail = ~0; ++ vcpu->arch.regs_dirty = ~0; ++ ++ kvm_x86_ops->vcpu_reset(vcpu); ++} ++ ++void kvm_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, unsigned int vector) ++{ ++ struct kvm_segment cs; ++ ++ kvm_get_segment(vcpu, &cs, VCPU_SREG_CS); ++ cs.selector = vector << 8; ++ cs.base = vector << 12; ++ kvm_set_segment(vcpu, &cs, VCPU_SREG_CS); ++ kvm_rip_write(vcpu, 0); ++} ++ ++int kvm_arch_hardware_enable(void) ++{ ++ struct kvm *kvm; ++ struct kvm_vcpu *vcpu; ++ int i; ++ int ret; ++ u64 local_tsc; ++ u64 max_tsc = 0; ++ bool stable, backwards_tsc = false; ++ ++ kvm_shared_msr_cpu_online(); ++ ret = kvm_x86_ops->hardware_enable(); ++ if (ret != 0) ++ return ret; ++ ++ local_tsc = native_read_tsc(); ++ stable = !check_tsc_unstable(); ++ list_for_each_entry(kvm, &vm_list, vm_list) { ++ kvm_for_each_vcpu(i, vcpu, kvm) { ++ if (!stable && vcpu->cpu == smp_processor_id()) ++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu); ++ if (stable && vcpu->arch.last_host_tsc > local_tsc) { ++ backwards_tsc = true; ++ if (vcpu->arch.last_host_tsc > max_tsc) ++ max_tsc = vcpu->arch.last_host_tsc; ++ } ++ } ++ } ++ ++ /* ++ * Sometimes, even reliable TSCs go backwards. This happens on ++ * platforms that reset TSC during suspend or hibernate actions, but ++ * maintain synchronization. We must compensate. Fortunately, we can ++ * detect that condition here, which happens early in CPU bringup, ++ * before any KVM threads can be running. Unfortunately, we can't ++ * bring the TSCs fully up to date with real time, as we aren't yet far ++ * enough into CPU bringup that we know how much real time has actually ++ * elapsed; our helper function, get_kernel_ns() will be using boot ++ * variables that haven't been updated yet. ++ * ++ * So we simply find the maximum observed TSC above, then record the ++ * adjustment to TSC in each VCPU. When the VCPU later gets loaded, ++ * the adjustment will be applied. Note that we accumulate ++ * adjustments, in case multiple suspend cycles happen before some VCPU ++ * gets a chance to run again. In the event that no KVM threads get a ++ * chance to run, we will miss the entire elapsed period, as we'll have ++ * reset last_host_tsc, so VCPUs will not have the TSC adjusted and may ++ * loose cycle time. This isn't too big a deal, since the loss will be ++ * uniform across all VCPUs (not to mention the scenario is extremely ++ * unlikely). It is possible that a second hibernate recovery happens ++ * much faster than a first, causing the observed TSC here to be ++ * smaller; this would require additional padding adjustment, which is ++ * why we set last_host_tsc to the local tsc observed here. ++ * ++ * N.B. - this code below runs only on platforms with reliable TSC, ++ * as that is the only way backwards_tsc is set above. Also note ++ * that this runs for ALL vcpus, which is not a bug; all VCPUs should ++ * have the same delta_cyc adjustment applied if backwards_tsc ++ * is detected. Note further, this adjustment is only done once, ++ * as we reset last_host_tsc on all VCPUs to stop this from being ++ * called multiple times (one for each physical CPU bringup). ++ * ++ * Platforms with unreliable TSCs don't have to deal with this, they ++ * will be compensated by the logic in vcpu_load, which sets the TSC to ++ * catchup mode. This will catchup all VCPUs to real time, but cannot ++ * guarantee that they stay in perfect synchronization. ++ */ ++ if (backwards_tsc) { ++ u64 delta_cyc = max_tsc - local_tsc; ++ backwards_tsc_observed = true; ++ list_for_each_entry(kvm, &vm_list, vm_list) { ++ kvm_for_each_vcpu(i, vcpu, kvm) { ++ vcpu->arch.tsc_offset_adjustment += delta_cyc; ++ vcpu->arch.last_host_tsc = local_tsc; ++ kvm_make_request(KVM_REQ_MASTERCLOCK_UPDATE, vcpu); ++ } ++ ++ /* ++ * We have to disable TSC offset matching.. if you were ++ * booting a VM while issuing an S4 host suspend.... ++ * you may have some problem. Solving this issue is ++ * left as an exercise to the reader. ++ */ ++ kvm->arch.last_tsc_nsec = 0; ++ kvm->arch.last_tsc_write = 0; ++ } ++ ++ } ++ return 0; ++} ++ ++void kvm_arch_hardware_disable(void) ++{ ++ kvm_x86_ops->hardware_disable(); ++ drop_user_return_notifiers(); ++} ++ ++int kvm_arch_hardware_setup(void) ++{ ++ return kvm_x86_ops->hardware_setup(); ++} ++ ++void kvm_arch_hardware_unsetup(void) ++{ ++ kvm_x86_ops->hardware_unsetup(); ++} ++ ++void kvm_arch_check_processor_compat(void *rtn) ++{ ++ kvm_x86_ops->check_processor_compatibility(rtn); ++} ++ ++bool kvm_vcpu_compatible(struct kvm_vcpu *vcpu) ++{ ++ return irqchip_in_kernel(vcpu->kvm) == (vcpu->arch.apic != NULL); ++} ++ ++struct static_key kvm_no_apic_vcpu __read_mostly; ++ ++int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu) ++{ ++ struct page *page; ++ struct kvm *kvm; ++ int r; ++ ++ BUG_ON(vcpu->kvm == NULL); ++ kvm = vcpu->kvm; ++ ++ vcpu->arch.pv.pv_unhalted = false; ++ vcpu->arch.emulate_ctxt.ops = &emulate_ops; ++ if (!irqchip_in_kernel(kvm) || kvm_vcpu_is_bsp(vcpu)) ++ vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; ++ else ++ vcpu->arch.mp_state = KVM_MP_STATE_UNINITIALIZED; ++ ++ page = alloc_page(GFP_KERNEL | __GFP_ZERO); ++ if (!page) { ++ r = -ENOMEM; ++ goto fail; ++ } ++ vcpu->arch.pio_data = page_address(page); ++ ++ kvm_set_tsc_khz(vcpu, max_tsc_khz); ++ ++ r = kvm_mmu_create(vcpu); ++ if (r < 0) ++ goto fail_free_pio_data; ++ ++ if (irqchip_in_kernel(kvm)) { ++ r = kvm_create_lapic(vcpu); ++ if (r < 0) ++ goto fail_mmu_destroy; ++ } else ++ static_key_slow_inc(&kvm_no_apic_vcpu); ++ ++ vcpu->arch.mce_banks = kzalloc(KVM_MAX_MCE_BANKS * sizeof(u64) * 4, ++ GFP_KERNEL); ++ if (!vcpu->arch.mce_banks) { ++ r = -ENOMEM; ++ goto fail_free_lapic; ++ } ++ vcpu->arch.mcg_cap = KVM_MAX_MCE_BANKS; ++ ++ if (!zalloc_cpumask_var(&vcpu->arch.wbinvd_dirty_mask, GFP_KERNEL)) { ++ r = -ENOMEM; ++ goto fail_free_mce_banks; ++ } ++ ++ r = fx_init(vcpu); ++ if (r) ++ goto fail_free_wbinvd_dirty_mask; ++ ++ vcpu->arch.ia32_tsc_adjust_msr = 0x0; ++ vcpu->arch.pv_time_enabled = false; ++ ++ vcpu->arch.guest_supported_xcr0 = 0; ++ vcpu->arch.guest_xstate_size = XSAVE_HDR_SIZE + XSAVE_HDR_OFFSET; ++ ++ kvm_async_pf_hash_reset(vcpu); ++ kvm_pmu_init(vcpu); ++ ++ return 0; ++fail_free_wbinvd_dirty_mask: ++ free_cpumask_var(vcpu->arch.wbinvd_dirty_mask); ++fail_free_mce_banks: ++ kfree(vcpu->arch.mce_banks); ++fail_free_lapic: ++ kvm_free_lapic(vcpu); ++fail_mmu_destroy: ++ kvm_mmu_destroy(vcpu); ++fail_free_pio_data: ++ free_page((unsigned long)vcpu->arch.pio_data); ++fail: ++ return r; ++} ++ ++void kvm_arch_vcpu_uninit(struct kvm_vcpu *vcpu) ++{ ++ int idx; ++ ++ kvm_pmu_destroy(vcpu); ++ kfree(vcpu->arch.mce_banks); ++ kvm_free_lapic(vcpu); ++ idx = srcu_read_lock(&vcpu->kvm->srcu); ++ kvm_mmu_destroy(vcpu); ++ srcu_read_unlock(&vcpu->kvm->srcu, idx); ++ free_page((unsigned long)vcpu->arch.pio_data); ++ if (!irqchip_in_kernel(vcpu->kvm)) ++ static_key_slow_dec(&kvm_no_apic_vcpu); ++} ++ ++void kvm_arch_sched_in(struct kvm_vcpu *vcpu, int cpu) ++{ ++ kvm_x86_ops->sched_in(vcpu, cpu); ++} ++ ++int kvm_arch_init_vm(struct kvm *kvm, unsigned long type) ++{ ++ if (type) ++ return -EINVAL; ++ ++ INIT_LIST_HEAD(&kvm->arch.active_mmu_pages); ++ INIT_LIST_HEAD(&kvm->arch.zapped_obsolete_pages); ++ INIT_LIST_HEAD(&kvm->arch.assigned_dev_head); ++ atomic_set(&kvm->arch.noncoherent_dma_count, 0); ++ ++ /* Reserve bit 0 of irq_sources_bitmap for userspace irq source */ ++ set_bit(KVM_USERSPACE_IRQ_SOURCE_ID, &kvm->arch.irq_sources_bitmap); ++ /* Reserve bit 1 of irq_sources_bitmap for irqfd-resampler */ ++ set_bit(KVM_IRQFD_RESAMPLE_IRQ_SOURCE_ID, ++ &kvm->arch.irq_sources_bitmap); ++ ++ raw_spin_lock_init(&kvm->arch.tsc_write_lock); ++ mutex_init(&kvm->arch.apic_map_lock); ++ spin_lock_init(&kvm->arch.pvclock_gtod_sync_lock); ++ ++ pvclock_update_vm_gtod_copy(kvm); ++ ++ INIT_DELAYED_WORK(&kvm->arch.kvmclock_update_work, kvmclock_update_fn); ++ INIT_DELAYED_WORK(&kvm->arch.kvmclock_sync_work, kvmclock_sync_fn); ++ ++ return 0; ++} ++ ++static void kvm_unload_vcpu_mmu(struct kvm_vcpu *vcpu) ++{ ++ int r; ++ r = vcpu_load(vcpu); ++ BUG_ON(r); ++ kvm_mmu_unload(vcpu); ++ vcpu_put(vcpu); ++} ++ ++static void kvm_free_vcpus(struct kvm *kvm) ++{ ++ unsigned int i; ++ struct kvm_vcpu *vcpu; ++ ++ /* ++ * Unpin any mmu pages first. ++ */ ++ kvm_for_each_vcpu(i, vcpu, kvm) { ++ kvm_clear_async_pf_completion_queue(vcpu); ++ kvm_unload_vcpu_mmu(vcpu); ++ } ++ kvm_for_each_vcpu(i, vcpu, kvm) ++ kvm_arch_vcpu_free(vcpu); ++ ++ mutex_lock(&kvm->lock); ++ for (i = 0; i < atomic_read(&kvm->online_vcpus); i++) ++ kvm->vcpus[i] = NULL; ++ ++ atomic_set(&kvm->online_vcpus, 0); ++ mutex_unlock(&kvm->lock); ++} ++ ++void kvm_arch_sync_events(struct kvm *kvm) ++{ ++ cancel_delayed_work_sync(&kvm->arch.kvmclock_sync_work); ++ cancel_delayed_work_sync(&kvm->arch.kvmclock_update_work); ++ kvm_free_all_assigned_devices(kvm); ++ kvm_free_pit(kvm); ++} ++ ++void kvm_arch_destroy_vm(struct kvm *kvm) ++{ ++ if (current->mm == kvm->mm) { ++ /* ++ * Free memory regions allocated on behalf of userspace, ++ * unless the the memory map has changed due to process exit ++ * or fd copying. ++ */ ++ struct kvm_userspace_memory_region mem; ++ memset(&mem, 0, sizeof(mem)); ++ mem.slot = APIC_ACCESS_PAGE_PRIVATE_MEMSLOT; ++ kvm_set_memory_region(kvm, &mem); ++ ++ mem.slot = IDENTITY_PAGETABLE_PRIVATE_MEMSLOT; ++ kvm_set_memory_region(kvm, &mem); ++ ++ mem.slot = TSS_PRIVATE_MEMSLOT; ++ kvm_set_memory_region(kvm, &mem); ++ } ++ kvm_iommu_unmap_guest(kvm); ++ kfree(kvm->arch.vpic); ++ kfree(kvm->arch.vioapic); ++ kvm_free_vcpus(kvm); ++ kfree(rcu_dereference_check(kvm->arch.apic_map, 1)); ++} ++ ++void kvm_arch_free_memslot(struct kvm *kvm, struct kvm_memory_slot *free, ++ struct kvm_memory_slot *dont) ++{ ++ int i; ++ ++ for (i = 0; i < KVM_NR_PAGE_SIZES; ++i) { ++ if (!dont || free->arch.rmap[i] != dont->arch.rmap[i]) { ++ kvm_kvfree(free->arch.rmap[i]); ++ free->arch.rmap[i] = NULL; ++ } ++ if (i == 0) ++ continue; ++ ++ if (!dont || free->arch.lpage_info[i - 1] != ++ dont->arch.lpage_info[i - 1]) { ++ kvm_kvfree(free->arch.lpage_info[i - 1]); ++ free->arch.lpage_info[i - 1] = NULL; ++ } ++ } ++} ++ ++int kvm_arch_create_memslot(struct kvm *kvm, struct kvm_memory_slot *slot, ++ unsigned long npages) ++{ ++ int i; ++ ++ for (i = 0; i < KVM_NR_PAGE_SIZES; ++i) { ++ unsigned long ugfn; ++ int lpages; ++ int level = i + 1; ++ ++ lpages = gfn_to_index(slot->base_gfn + npages - 1, ++ slot->base_gfn, level) + 1; ++ ++ slot->arch.rmap[i] = ++ kvm_kvzalloc(lpages * sizeof(*slot->arch.rmap[i])); ++ if (!slot->arch.rmap[i]) ++ goto out_free; ++ if (i == 0) ++ continue; ++ ++ slot->arch.lpage_info[i - 1] = kvm_kvzalloc(lpages * ++ sizeof(*slot->arch.lpage_info[i - 1])); ++ if (!slot->arch.lpage_info[i - 1]) ++ goto out_free; ++ ++ if (slot->base_gfn & (KVM_PAGES_PER_HPAGE(level) - 1)) ++ slot->arch.lpage_info[i - 1][0].write_count = 1; ++ if ((slot->base_gfn + npages) & (KVM_PAGES_PER_HPAGE(level) - 1)) ++ slot->arch.lpage_info[i - 1][lpages - 1].write_count = 1; ++ ugfn = slot->userspace_addr >> PAGE_SHIFT; ++ /* ++ * If the gfn and userspace address are not aligned wrt each ++ * other, or if explicitly asked to, disable large page ++ * support for this slot ++ */ ++ if ((slot->base_gfn ^ ugfn) & (KVM_PAGES_PER_HPAGE(level) - 1) || ++ !kvm_largepages_enabled()) { ++ unsigned long j; ++ ++ for (j = 0; j < lpages; ++j) ++ slot->arch.lpage_info[i - 1][j].write_count = 1; ++ } ++ } ++ ++ return 0; ++ ++out_free: ++ for (i = 0; i < KVM_NR_PAGE_SIZES; ++i) { ++ kvm_kvfree(slot->arch.rmap[i]); ++ slot->arch.rmap[i] = NULL; ++ if (i == 0) ++ continue; ++ ++ kvm_kvfree(slot->arch.lpage_info[i - 1]); ++ slot->arch.lpage_info[i - 1] = NULL; ++ } ++ return -ENOMEM; ++} ++ ++void kvm_arch_memslots_updated(struct kvm *kvm) ++{ ++ /* ++ * memslots->generation has been incremented. ++ * mmio generation may have reached its maximum value. ++ */ ++ kvm_mmu_invalidate_mmio_sptes(kvm); ++} ++ ++int kvm_arch_prepare_memory_region(struct kvm *kvm, ++ struct kvm_memory_slot *memslot, ++ struct kvm_userspace_memory_region *mem, ++ enum kvm_mr_change change) ++{ ++ /* ++ * Only private memory slots need to be mapped here since ++ * KVM_SET_MEMORY_REGION ioctl is no longer supported. ++ */ ++ if ((memslot->id >= KVM_USER_MEM_SLOTS) && (change == KVM_MR_CREATE)) { ++ unsigned long userspace_addr; ++ ++ /* ++ * MAP_SHARED to prevent internal slot pages from being moved ++ * by fork()/COW. ++ */ ++ userspace_addr = vm_mmap(NULL, 0, memslot->npages * PAGE_SIZE, ++ PROT_READ | PROT_WRITE, ++ MAP_SHARED | MAP_ANONYMOUS, 0); ++ ++ if (IS_ERR((void *)userspace_addr)) ++ return PTR_ERR((void *)userspace_addr); ++ ++ memslot->userspace_addr = userspace_addr; ++ } ++ ++ return 0; ++} ++ ++void kvm_arch_commit_memory_region(struct kvm *kvm, ++ struct kvm_userspace_memory_region *mem, ++ const struct kvm_memory_slot *old, ++ enum kvm_mr_change change) ++{ ++ ++ int nr_mmu_pages = 0; ++ ++ if ((mem->slot >= KVM_USER_MEM_SLOTS) && (change == KVM_MR_DELETE)) { ++ int ret; ++ ++ ret = vm_munmap(old->userspace_addr, ++ old->npages * PAGE_SIZE); ++ if (ret < 0) ++ printk(KERN_WARNING ++ "kvm_vm_ioctl_set_memory_region: " ++ "failed to munmap memory\n"); ++ } ++ ++ if (!kvm->arch.n_requested_mmu_pages) ++ nr_mmu_pages = kvm_mmu_calculate_mmu_pages(kvm); ++ ++ if (nr_mmu_pages) ++ kvm_mmu_change_mmu_pages(kvm, nr_mmu_pages); ++ /* ++ * Write protect all pages for dirty logging. ++ * ++ * All the sptes including the large sptes which point to this ++ * slot are set to readonly. We can not create any new large ++ * spte on this slot until the end of the logging. ++ * ++ * See the comments in fast_page_fault(). ++ */ ++ if ((change != KVM_MR_DELETE) && (mem->flags & KVM_MEM_LOG_DIRTY_PAGES)) ++ kvm_mmu_slot_remove_write_access(kvm, mem->slot); ++} ++ ++void kvm_arch_flush_shadow_all(struct kvm *kvm) ++{ ++ kvm_mmu_invalidate_zap_all_pages(kvm); ++} ++ ++void kvm_arch_flush_shadow_memslot(struct kvm *kvm, ++ struct kvm_memory_slot *slot) ++{ ++ kvm_mmu_invalidate_zap_all_pages(kvm); ++} ++ ++int kvm_arch_vcpu_runnable(struct kvm_vcpu *vcpu) ++{ ++ if (is_guest_mode(vcpu) && kvm_x86_ops->check_nested_events) ++ kvm_x86_ops->check_nested_events(vcpu, false); ++ ++ return (vcpu->arch.mp_state == KVM_MP_STATE_RUNNABLE && ++ !vcpu->arch.apf.halted) ++ || !list_empty_careful(&vcpu->async_pf.done) ++ || kvm_apic_has_events(vcpu) ++ || vcpu->arch.pv.pv_unhalted ++ || atomic_read(&vcpu->arch.nmi_queued) || ++ (kvm_arch_interrupt_allowed(vcpu) && ++ kvm_cpu_has_interrupt(vcpu)); ++} ++ ++int kvm_arch_vcpu_should_kick(struct kvm_vcpu *vcpu) ++{ ++ return kvm_vcpu_exiting_guest_mode(vcpu) == IN_GUEST_MODE; ++} ++ ++int kvm_arch_interrupt_allowed(struct kvm_vcpu *vcpu) ++{ ++ return kvm_x86_ops->interrupt_allowed(vcpu); ++} ++ ++bool kvm_is_linear_rip(struct kvm_vcpu *vcpu, unsigned long linear_rip) ++{ ++ unsigned long current_rip = kvm_rip_read(vcpu) + ++ get_segment_base(vcpu, VCPU_SREG_CS); ++ ++ return current_rip == linear_rip; ++} ++EXPORT_SYMBOL_GPL(kvm_is_linear_rip); ++ ++unsigned long kvm_get_rflags(struct kvm_vcpu *vcpu) ++{ ++ unsigned long rflags; ++ ++ rflags = kvm_x86_ops->get_rflags(vcpu); ++ if (vcpu->guest_debug & KVM_GUESTDBG_SINGLESTEP) ++ rflags &= ~X86_EFLAGS_TF; ++ return rflags; ++} ++EXPORT_SYMBOL_GPL(kvm_get_rflags); ++ ++static void __kvm_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags) ++{ ++ if (vcpu->guest_debug & KVM_GUESTDBG_SINGLESTEP && ++ kvm_is_linear_rip(vcpu, vcpu->arch.singlestep_rip)) ++ rflags |= X86_EFLAGS_TF; ++ kvm_x86_ops->set_rflags(vcpu, rflags); ++} ++ ++void kvm_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags) ++{ ++ __kvm_set_rflags(vcpu, rflags); ++ kvm_make_request(KVM_REQ_EVENT, vcpu); ++} ++EXPORT_SYMBOL_GPL(kvm_set_rflags); ++ ++void kvm_arch_async_page_ready(struct kvm_vcpu *vcpu, struct kvm_async_pf *work) ++{ ++ int r; ++ ++ if ((vcpu->arch.mmu.direct_map != work->arch.direct_map) || ++ work->wakeup_all) ++ return; ++ ++ r = kvm_mmu_reload(vcpu); ++ if (unlikely(r)) ++ return; ++ ++ if (!vcpu->arch.mmu.direct_map && ++ work->arch.cr3 != vcpu->arch.mmu.get_cr3(vcpu)) ++ return; ++ ++ vcpu->arch.mmu.page_fault(vcpu, work->gva, 0, true); ++} ++ ++static inline u32 kvm_async_pf_hash_fn(gfn_t gfn) ++{ ++ return hash_32(gfn & 0xffffffff, order_base_2(ASYNC_PF_PER_VCPU)); ++} ++ ++static inline u32 kvm_async_pf_next_probe(u32 key) ++{ ++ return (key + 1) & (roundup_pow_of_two(ASYNC_PF_PER_VCPU) - 1); ++} ++ ++static void kvm_add_async_pf_gfn(struct kvm_vcpu *vcpu, gfn_t gfn) ++{ ++ u32 key = kvm_async_pf_hash_fn(gfn); ++ ++ while (vcpu->arch.apf.gfns[key] != ~0) ++ key = kvm_async_pf_next_probe(key); ++ ++ vcpu->arch.apf.gfns[key] = gfn; ++} ++ ++static u32 kvm_async_pf_gfn_slot(struct kvm_vcpu *vcpu, gfn_t gfn) ++{ ++ int i; ++ u32 key = kvm_async_pf_hash_fn(gfn); ++ ++ for (i = 0; i < roundup_pow_of_two(ASYNC_PF_PER_VCPU) && ++ (vcpu->arch.apf.gfns[key] != gfn && ++ vcpu->arch.apf.gfns[key] != ~0); i++) ++ key = kvm_async_pf_next_probe(key); ++ ++ return key; ++} ++ ++bool kvm_find_async_pf_gfn(struct kvm_vcpu *vcpu, gfn_t gfn) ++{ ++ return vcpu->arch.apf.gfns[kvm_async_pf_gfn_slot(vcpu, gfn)] == gfn; ++} ++ ++static void kvm_del_async_pf_gfn(struct kvm_vcpu *vcpu, gfn_t gfn) ++{ ++ u32 i, j, k; ++ ++ i = j = kvm_async_pf_gfn_slot(vcpu, gfn); ++ while (true) { ++ vcpu->arch.apf.gfns[i] = ~0; ++ do { ++ j = kvm_async_pf_next_probe(j); ++ if (vcpu->arch.apf.gfns[j] == ~0) ++ return; ++ k = kvm_async_pf_hash_fn(vcpu->arch.apf.gfns[j]); ++ /* ++ * k lies cyclically in ]i,j] ++ * | i.k.j | ++ * |....j i.k.| or |.k..j i...| ++ */ ++ } while ((i <= j) ? (i < k && k <= j) : (i < k || k <= j)); ++ vcpu->arch.apf.gfns[i] = vcpu->arch.apf.gfns[j]; ++ i = j; ++ } ++} ++ ++static int apf_put_user(struct kvm_vcpu *vcpu, u32 val) ++{ ++ ++ return kvm_write_guest_cached(vcpu->kvm, &vcpu->arch.apf.data, &val, ++ sizeof(val)); ++} ++ ++void kvm_arch_async_page_not_present(struct kvm_vcpu *vcpu, ++ struct kvm_async_pf *work) ++{ ++ struct x86_exception fault; ++ ++ trace_kvm_async_pf_not_present(work->arch.token, work->gva); ++ kvm_add_async_pf_gfn(vcpu, work->arch.gfn); ++ ++ if (!(vcpu->arch.apf.msr_val & KVM_ASYNC_PF_ENABLED) || ++ (vcpu->arch.apf.send_user_only && ++ kvm_x86_ops->get_cpl(vcpu) == 0)) ++ kvm_make_request(KVM_REQ_APF_HALT, vcpu); ++ else if (!apf_put_user(vcpu, KVM_PV_REASON_PAGE_NOT_PRESENT)) { ++ fault.vector = PF_VECTOR; ++ fault.error_code_valid = true; ++ fault.error_code = 0; ++ fault.nested_page_fault = false; ++ fault.address = work->arch.token; ++ kvm_inject_page_fault(vcpu, &fault); ++ } ++} ++ ++void kvm_arch_async_page_present(struct kvm_vcpu *vcpu, ++ struct kvm_async_pf *work) ++{ ++ struct x86_exception fault; ++ ++ trace_kvm_async_pf_ready(work->arch.token, work->gva); ++ if (work->wakeup_all) ++ work->arch.token = ~0; /* broadcast wakeup */ ++ else ++ kvm_del_async_pf_gfn(vcpu, work->arch.gfn); ++ ++ if ((vcpu->arch.apf.msr_val & KVM_ASYNC_PF_ENABLED) && ++ !apf_put_user(vcpu, KVM_PV_REASON_PAGE_READY)) { ++ fault.vector = PF_VECTOR; ++ fault.error_code_valid = true; ++ fault.error_code = 0; ++ fault.nested_page_fault = false; ++ fault.address = work->arch.token; ++ kvm_inject_page_fault(vcpu, &fault); ++ } ++ vcpu->arch.apf.halted = false; ++ vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; ++} ++ ++bool kvm_arch_can_inject_async_page_present(struct kvm_vcpu *vcpu) ++{ ++ if (!(vcpu->arch.apf.msr_val & KVM_ASYNC_PF_ENABLED)) ++ return true; ++ else ++ return !kvm_event_needs_reinjection(vcpu) && ++ kvm_x86_ops->interrupt_allowed(vcpu); ++} ++ ++void kvm_arch_register_noncoherent_dma(struct kvm *kvm) ++{ ++ atomic_inc(&kvm->arch.noncoherent_dma_count); ++} ++EXPORT_SYMBOL_GPL(kvm_arch_register_noncoherent_dma); ++ ++void kvm_arch_unregister_noncoherent_dma(struct kvm *kvm) ++{ ++ atomic_dec(&kvm->arch.noncoherent_dma_count); ++} ++EXPORT_SYMBOL_GPL(kvm_arch_unregister_noncoherent_dma); ++ ++bool kvm_arch_has_noncoherent_dma(struct kvm *kvm) ++{ ++ return atomic_read(&kvm->arch.noncoherent_dma_count); ++} ++EXPORT_SYMBOL_GPL(kvm_arch_has_noncoherent_dma); ++ ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_exit); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_inj_virq); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_page_fault); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_msr); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_cr); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_nested_vmrun); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_nested_vmexit); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_nested_vmexit_inject); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_nested_intr_vmexit); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_invlpga); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_skinit); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_nested_intercepts); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_write_tsc_offset); ++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_ple_window); +diff -Nur linux-3.18.9.orig/arch/x86/mm/fault.c linux-3.18.9/arch/x86/mm/fault.c +--- linux-3.18.9.orig/arch/x86/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/mm/fault.c 2015-03-15 16:03:03.696094875 -0500 +@@ -1128,7 +1128,7 @@ + * If we're in an interrupt, have no user context or are running + * in an atomic region then we must not take the fault: + */ +- if (unlikely(in_atomic() || !mm)) { ++ if (unlikely(!mm || pagefault_disabled())) { + bad_area_nosemaphore(regs, error_code, address); + return; + } +diff -Nur linux-3.18.9.orig/arch/x86/mm/highmem_32.c linux-3.18.9/arch/x86/mm/highmem_32.c +--- linux-3.18.9.orig/arch/x86/mm/highmem_32.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/mm/highmem_32.c 2015-03-15 16:03:03.696094875 -0500 +@@ -32,6 +32,7 @@ + */ + void *kmap_atomic_prot(struct page *page, pgprot_t prot) + { ++ pte_t pte = mk_pte(page, prot); + unsigned long vaddr; + int idx, type; + +@@ -45,7 +46,10 @@ + idx = type + KM_TYPE_NR*smp_processor_id(); + vaddr = __fix_to_virt(FIX_KMAP_BEGIN + idx); + BUG_ON(!pte_none(*(kmap_pte-idx))); +- set_pte(kmap_pte-idx, mk_pte(page, prot)); ++#ifdef CONFIG_PREEMPT_RT_FULL ++ current->kmap_pte[type] = pte; ++#endif ++ set_pte(kmap_pte-idx, pte); + arch_flush_lazy_mmu_mode(); + + return (void *)vaddr; +@@ -88,6 +92,9 @@ + * is a bad idea also, in case the page changes cacheability + * attributes or becomes a protected page in a hypervisor. + */ ++#ifdef CONFIG_PREEMPT_RT_FULL ++ current->kmap_pte[type] = __pte(0); ++#endif + kpte_clear_flush(kmap_pte-idx, vaddr); + kmap_atomic_idx_pop(); + arch_flush_lazy_mmu_mode(); +diff -Nur linux-3.18.9.orig/arch/x86/mm/iomap_32.c linux-3.18.9/arch/x86/mm/iomap_32.c +--- linux-3.18.9.orig/arch/x86/mm/iomap_32.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/mm/iomap_32.c 2015-03-15 16:03:03.696094875 -0500 +@@ -56,6 +56,7 @@ + + void *kmap_atomic_prot_pfn(unsigned long pfn, pgprot_t prot) + { ++ pte_t pte = pfn_pte(pfn, prot); + unsigned long vaddr; + int idx, type; + +@@ -64,7 +65,12 @@ + type = kmap_atomic_idx_push(); + idx = type + KM_TYPE_NR * smp_processor_id(); + vaddr = __fix_to_virt(FIX_KMAP_BEGIN + idx); +- set_pte(kmap_pte - idx, pfn_pte(pfn, prot)); ++ WARN_ON(!pte_none(*(kmap_pte - idx))); ++ ++#ifdef CONFIG_PREEMPT_RT_FULL ++ current->kmap_pte[type] = pte; ++#endif ++ set_pte(kmap_pte - idx, pte); + arch_flush_lazy_mmu_mode(); + + return (void *)vaddr; +@@ -110,6 +116,9 @@ + * is a bad idea also, in case the page changes cacheability + * attributes or becomes a protected page in a hypervisor. + */ ++#ifdef CONFIG_PREEMPT_RT_FULL ++ current->kmap_pte[type] = __pte(0); ++#endif + kpte_clear_flush(kmap_pte-idx, vaddr); + kmap_atomic_idx_pop(); + } +diff -Nur linux-3.18.9.orig/arch/x86/platform/uv/tlb_uv.c linux-3.18.9/arch/x86/platform/uv/tlb_uv.c +--- linux-3.18.9.orig/arch/x86/platform/uv/tlb_uv.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/platform/uv/tlb_uv.c 2015-03-15 16:03:03.696094875 -0500 +@@ -714,9 +714,9 @@ + + quiesce_local_uvhub(hmaster); + +- spin_lock(&hmaster->queue_lock); ++ raw_spin_lock(&hmaster->queue_lock); + reset_with_ipi(&bau_desc->distribution, bcp); +- spin_unlock(&hmaster->queue_lock); ++ raw_spin_unlock(&hmaster->queue_lock); + + end_uvhub_quiesce(hmaster); + +@@ -736,9 +736,9 @@ + + quiesce_local_uvhub(hmaster); + +- spin_lock(&hmaster->queue_lock); ++ raw_spin_lock(&hmaster->queue_lock); + reset_with_ipi(&bau_desc->distribution, bcp); +- spin_unlock(&hmaster->queue_lock); ++ raw_spin_unlock(&hmaster->queue_lock); + + end_uvhub_quiesce(hmaster); + +@@ -759,7 +759,7 @@ + cycles_t tm1; + + hmaster = bcp->uvhub_master; +- spin_lock(&hmaster->disable_lock); ++ raw_spin_lock(&hmaster->disable_lock); + if (!bcp->baudisabled) { + stat->s_bau_disabled++; + tm1 = get_cycles(); +@@ -772,7 +772,7 @@ + } + } + } +- spin_unlock(&hmaster->disable_lock); ++ raw_spin_unlock(&hmaster->disable_lock); + } + + static void count_max_concurr(int stat, struct bau_control *bcp, +@@ -835,7 +835,7 @@ + */ + static void uv1_throttle(struct bau_control *hmaster, struct ptc_stats *stat) + { +- spinlock_t *lock = &hmaster->uvhub_lock; ++ raw_spinlock_t *lock = &hmaster->uvhub_lock; + atomic_t *v; + + v = &hmaster->active_descriptor_count; +@@ -968,7 +968,7 @@ + struct bau_control *hmaster; + + hmaster = bcp->uvhub_master; +- spin_lock(&hmaster->disable_lock); ++ raw_spin_lock(&hmaster->disable_lock); + if (bcp->baudisabled && (get_cycles() >= bcp->set_bau_on_time)) { + stat->s_bau_reenabled++; + for_each_present_cpu(tcpu) { +@@ -980,10 +980,10 @@ + tbcp->period_giveups = 0; + } + } +- spin_unlock(&hmaster->disable_lock); ++ raw_spin_unlock(&hmaster->disable_lock); + return 0; + } +- spin_unlock(&hmaster->disable_lock); ++ raw_spin_unlock(&hmaster->disable_lock); + return -1; + } + +@@ -1899,9 +1899,9 @@ + bcp->cong_reps = congested_reps; + bcp->disabled_period = sec_2_cycles(disabled_period); + bcp->giveup_limit = giveup_limit; +- spin_lock_init(&bcp->queue_lock); +- spin_lock_init(&bcp->uvhub_lock); +- spin_lock_init(&bcp->disable_lock); ++ raw_spin_lock_init(&bcp->queue_lock); ++ raw_spin_lock_init(&bcp->uvhub_lock); ++ raw_spin_lock_init(&bcp->disable_lock); + } + } + +diff -Nur linux-3.18.9.orig/arch/x86/platform/uv/uv_time.c linux-3.18.9/arch/x86/platform/uv/uv_time.c +--- linux-3.18.9.orig/arch/x86/platform/uv/uv_time.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/x86/platform/uv/uv_time.c 2015-03-15 16:03:03.696094875 -0500 +@@ -58,7 +58,7 @@ + + /* There is one of these allocated per node */ + struct uv_rtc_timer_head { +- spinlock_t lock; ++ raw_spinlock_t lock; + /* next cpu waiting for timer, local node relative: */ + int next_cpu; + /* number of cpus on this node: */ +@@ -178,7 +178,7 @@ + uv_rtc_deallocate_timers(); + return -ENOMEM; + } +- spin_lock_init(&head->lock); ++ raw_spin_lock_init(&head->lock); + head->ncpus = uv_blade_nr_possible_cpus(bid); + head->next_cpu = -1; + blade_info[bid] = head; +@@ -232,7 +232,7 @@ + unsigned long flags; + int next_cpu; + +- spin_lock_irqsave(&head->lock, flags); ++ raw_spin_lock_irqsave(&head->lock, flags); + + next_cpu = head->next_cpu; + *t = expires; +@@ -244,12 +244,12 @@ + if (uv_setup_intr(cpu, expires)) { + *t = ULLONG_MAX; + uv_rtc_find_next_timer(head, pnode); +- spin_unlock_irqrestore(&head->lock, flags); ++ raw_spin_unlock_irqrestore(&head->lock, flags); + return -ETIME; + } + } + +- spin_unlock_irqrestore(&head->lock, flags); ++ raw_spin_unlock_irqrestore(&head->lock, flags); + return 0; + } + +@@ -268,7 +268,7 @@ + unsigned long flags; + int rc = 0; + +- spin_lock_irqsave(&head->lock, flags); ++ raw_spin_lock_irqsave(&head->lock, flags); + + if ((head->next_cpu == bcpu && uv_read_rtc(NULL) >= *t) || force) + rc = 1; +@@ -280,7 +280,7 @@ + uv_rtc_find_next_timer(head, pnode); + } + +- spin_unlock_irqrestore(&head->lock, flags); ++ raw_spin_unlock_irqrestore(&head->lock, flags); + + return rc; + } +@@ -300,13 +300,18 @@ + static cycle_t uv_read_rtc(struct clocksource *cs) + { + unsigned long offset; ++ cycle_t cycles; + ++ preempt_disable(); + if (uv_get_min_hub_revision_id() == 1) + offset = 0; + else + offset = (uv_blade_processor_id() * L1_CACHE_BYTES) % PAGE_SIZE; + +- return (cycle_t)uv_read_local_mmr(UVH_RTC | offset); ++ cycles = (cycle_t)uv_read_local_mmr(UVH_RTC | offset); ++ preempt_enable(); ++ ++ return cycles; + } + + /* +diff -Nur linux-3.18.9.orig/arch/xtensa/mm/fault.c linux-3.18.9/arch/xtensa/mm/fault.c +--- linux-3.18.9.orig/arch/xtensa/mm/fault.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/arch/xtensa/mm/fault.c 2015-03-15 16:03:03.696094875 -0500 +@@ -57,7 +57,7 @@ + /* If we're in an interrupt or have no user + * context, we must not take the fault.. + */ +- if (in_atomic() || !mm) { ++ if (!mm || pagefault_disabled()) { + bad_page_fault(regs, address, SIGSEGV); + return; + } +diff -Nur linux-3.18.9.orig/block/blk-core.c linux-3.18.9/block/blk-core.c +--- linux-3.18.9.orig/block/blk-core.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/block/blk-core.c 2015-03-15 16:03:03.696094875 -0500 +@@ -100,6 +100,9 @@ + + INIT_LIST_HEAD(&rq->queuelist); + INIT_LIST_HEAD(&rq->timeout_list); ++#if CONFIG_PREEMPT_RT_FULL ++ INIT_WORK(&rq->work, __blk_mq_complete_request_remote_work); ++#endif + rq->cpu = -1; + rq->q = q; + rq->__sector = (sector_t) -1; +@@ -194,7 +197,7 @@ + **/ + void blk_start_queue(struct request_queue *q) + { +- WARN_ON(!irqs_disabled()); ++ WARN_ON_NONRT(!irqs_disabled()); + + queue_flag_clear(QUEUE_FLAG_STOPPED, q); + __blk_run_queue(q); +@@ -627,7 +630,7 @@ + q->bypass_depth = 1; + __set_bit(QUEUE_FLAG_BYPASS, &q->queue_flags); + +- init_waitqueue_head(&q->mq_freeze_wq); ++ init_swait_head(&q->mq_freeze_wq); + + if (blkcg_init_queue(q)) + goto fail_bdi; +@@ -3037,7 +3040,7 @@ + blk_run_queue_async(q); + else + __blk_run_queue(q); +- spin_unlock(q->queue_lock); ++ spin_unlock_irq(q->queue_lock); + } + + static void flush_plug_callbacks(struct blk_plug *plug, bool from_schedule) +@@ -3085,7 +3088,6 @@ + void blk_flush_plug_list(struct blk_plug *plug, bool from_schedule) + { + struct request_queue *q; +- unsigned long flags; + struct request *rq; + LIST_HEAD(list); + unsigned int depth; +@@ -3105,11 +3107,6 @@ + q = NULL; + depth = 0; + +- /* +- * Save and disable interrupts here, to avoid doing it for every +- * queue lock we have to take. +- */ +- local_irq_save(flags); + while (!list_empty(&list)) { + rq = list_entry_rq(list.next); + list_del_init(&rq->queuelist); +@@ -3122,7 +3119,7 @@ + queue_unplugged(q, depth, from_schedule); + q = rq->q; + depth = 0; +- spin_lock(q->queue_lock); ++ spin_lock_irq(q->queue_lock); + } + + /* +@@ -3149,8 +3146,6 @@ + */ + if (q) + queue_unplugged(q, depth, from_schedule); +- +- local_irq_restore(flags); + } + + void blk_finish_plug(struct blk_plug *plug) +diff -Nur linux-3.18.9.orig/block/blk-ioc.c linux-3.18.9/block/blk-ioc.c +--- linux-3.18.9.orig/block/blk-ioc.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/block/blk-ioc.c 2015-03-15 16:03:03.696094875 -0500 +@@ -7,6 +7,7 @@ + #include <linux/bio.h> + #include <linux/blkdev.h> + #include <linux/slab.h> ++#include <linux/delay.h> + + #include "blk.h" + +@@ -109,7 +110,7 @@ + spin_unlock(q->queue_lock); + } else { + spin_unlock_irqrestore(&ioc->lock, flags); +- cpu_relax(); ++ cpu_chill(); + spin_lock_irqsave_nested(&ioc->lock, flags, 1); + } + } +@@ -187,7 +188,7 @@ + spin_unlock(icq->q->queue_lock); + } else { + spin_unlock_irqrestore(&ioc->lock, flags); +- cpu_relax(); ++ cpu_chill(); + goto retry; + } + } +diff -Nur linux-3.18.9.orig/block/blk-iopoll.c linux-3.18.9/block/blk-iopoll.c +--- linux-3.18.9.orig/block/blk-iopoll.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/block/blk-iopoll.c 2015-03-15 16:03:03.696094875 -0500 +@@ -35,6 +35,7 @@ + list_add_tail(&iop->list, this_cpu_ptr(&blk_cpu_iopoll)); + __raise_softirq_irqoff(BLOCK_IOPOLL_SOFTIRQ); + local_irq_restore(flags); ++ preempt_check_resched_rt(); + } + EXPORT_SYMBOL(blk_iopoll_sched); + +@@ -132,6 +133,7 @@ + __raise_softirq_irqoff(BLOCK_IOPOLL_SOFTIRQ); + + local_irq_enable(); ++ preempt_check_resched_rt(); + } + + /** +@@ -201,6 +203,7 @@ + this_cpu_ptr(&blk_cpu_iopoll)); + __raise_softirq_irqoff(BLOCK_IOPOLL_SOFTIRQ); + local_irq_enable(); ++ preempt_check_resched_rt(); + } + + return NOTIFY_OK; +diff -Nur linux-3.18.9.orig/block/blk-mq.c linux-3.18.9/block/blk-mq.c +--- linux-3.18.9.orig/block/blk-mq.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/block/blk-mq.c 2015-03-15 16:03:03.696094875 -0500 +@@ -85,7 +85,7 @@ + if (percpu_ref_tryget_live(&q->mq_usage_counter)) + return 0; + +- ret = wait_event_interruptible(q->mq_freeze_wq, ++ ret = swait_event_interruptible(q->mq_freeze_wq, + !q->mq_freeze_depth || blk_queue_dying(q)); + if (blk_queue_dying(q)) + return -ENODEV; +@@ -104,7 +104,7 @@ + struct request_queue *q = + container_of(ref, struct request_queue, mq_usage_counter); + +- wake_up_all(&q->mq_freeze_wq); ++ swait_wake_all(&q->mq_freeze_wq); + } + + static void blk_mq_freeze_queue_start(struct request_queue *q) +@@ -123,7 +123,7 @@ + + static void blk_mq_freeze_queue_wait(struct request_queue *q) + { +- wait_event(q->mq_freeze_wq, percpu_ref_is_zero(&q->mq_usage_counter)); ++ swait_event(q->mq_freeze_wq, percpu_ref_is_zero(&q->mq_usage_counter)); + } + + /* +@@ -146,7 +146,7 @@ + spin_unlock_irq(q->queue_lock); + if (wake) { + percpu_ref_reinit(&q->mq_usage_counter); +- wake_up_all(&q->mq_freeze_wq); ++ swait_wake_all(&q->mq_freeze_wq); + } + } + +@@ -194,6 +194,9 @@ + rq->resid_len = 0; + rq->sense = NULL; + ++#if CONFIG_PREEMPT_RT_FULL ++ INIT_WORK(&rq->work, __blk_mq_complete_request_remote_work); ++#endif + INIT_LIST_HEAD(&rq->timeout_list); + rq->timeout = 0; + +@@ -313,6 +316,17 @@ + } + EXPORT_SYMBOL(blk_mq_end_request); + ++#ifdef CONFIG_PREEMPT_RT_FULL ++ ++void __blk_mq_complete_request_remote_work(struct work_struct *work) ++{ ++ struct request *rq = container_of(work, struct request, work); ++ ++ rq->q->softirq_done_fn(rq); ++} ++ ++#else ++ + static void __blk_mq_complete_request_remote(void *data) + { + struct request *rq = data; +@@ -320,6 +334,8 @@ + rq->q->softirq_done_fn(rq); + } + ++#endif ++ + static void blk_mq_ipi_complete_request(struct request *rq) + { + struct blk_mq_ctx *ctx = rq->mq_ctx; +@@ -331,19 +347,23 @@ + return; + } + +- cpu = get_cpu(); ++ cpu = get_cpu_light(); + if (!test_bit(QUEUE_FLAG_SAME_FORCE, &rq->q->queue_flags)) + shared = cpus_share_cache(cpu, ctx->cpu); + + if (cpu != ctx->cpu && !shared && cpu_online(ctx->cpu)) { ++#if CONFIG_PREEMPT_RT_FULL ++ schedule_work_on(ctx->cpu, &rq->work); ++#else + rq->csd.func = __blk_mq_complete_request_remote; + rq->csd.info = rq; + rq->csd.flags = 0; + smp_call_function_single_async(ctx->cpu, &rq->csd); ++#endif + } else { + rq->q->softirq_done_fn(rq); + } +- put_cpu(); ++ put_cpu_light(); + } + + void __blk_mq_complete_request(struct request *rq) +@@ -814,9 +834,9 @@ + test_bit(BLK_MQ_S_STOPPED, &hctx->state)) + continue; + +- preempt_disable(); ++ migrate_disable(); + blk_mq_run_hw_queue(hctx, async); +- preempt_enable(); ++ migrate_enable(); + } + } + EXPORT_SYMBOL(blk_mq_run_queues); +@@ -843,9 +863,9 @@ + { + clear_bit(BLK_MQ_S_STOPPED, &hctx->state); + +- preempt_disable(); ++ migrate_disable(); + blk_mq_run_hw_queue(hctx, false); +- preempt_enable(); ++ migrate_enable(); + } + EXPORT_SYMBOL(blk_mq_start_hw_queue); + +@@ -870,9 +890,9 @@ + continue; + + clear_bit(BLK_MQ_S_STOPPED, &hctx->state); +- preempt_disable(); ++ migrate_disable(); + blk_mq_run_hw_queue(hctx, async); +- preempt_enable(); ++ migrate_enable(); + } + } + EXPORT_SYMBOL(blk_mq_start_stopped_hw_queues); +@@ -1494,7 +1514,7 @@ + { + struct blk_mq_hw_ctx *hctx = data; + +- if (action == CPU_DEAD || action == CPU_DEAD_FROZEN) ++ if (action == CPU_POST_DEAD) + return blk_mq_hctx_cpu_offline(hctx, cpu); + else if (action == CPU_ONLINE || action == CPU_ONLINE_FROZEN) + return blk_mq_hctx_cpu_online(hctx, cpu); +diff -Nur linux-3.18.9.orig/block/blk-mq-cpu.c linux-3.18.9/block/blk-mq-cpu.c +--- linux-3.18.9.orig/block/blk-mq-cpu.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/block/blk-mq-cpu.c 2015-03-15 16:03:03.696094875 -0500 +@@ -16,7 +16,7 @@ + #include "blk-mq.h" + + static LIST_HEAD(blk_mq_cpu_notify_list); +-static DEFINE_RAW_SPINLOCK(blk_mq_cpu_notify_lock); ++static DEFINE_SPINLOCK(blk_mq_cpu_notify_lock); + + static int blk_mq_main_cpu_notify(struct notifier_block *self, + unsigned long action, void *hcpu) +@@ -25,7 +25,10 @@ + struct blk_mq_cpu_notifier *notify; + int ret = NOTIFY_OK; + +- raw_spin_lock(&blk_mq_cpu_notify_lock); ++ if (action != CPU_POST_DEAD) ++ return NOTIFY_OK; ++ ++ spin_lock(&blk_mq_cpu_notify_lock); + + list_for_each_entry(notify, &blk_mq_cpu_notify_list, list) { + ret = notify->notify(notify->data, action, cpu); +@@ -33,7 +36,7 @@ + break; + } + +- raw_spin_unlock(&blk_mq_cpu_notify_lock); ++ spin_unlock(&blk_mq_cpu_notify_lock); + return ret; + } + +@@ -41,16 +44,16 @@ + { + BUG_ON(!notifier->notify); + +- raw_spin_lock(&blk_mq_cpu_notify_lock); ++ spin_lock(&blk_mq_cpu_notify_lock); + list_add_tail(¬ifier->list, &blk_mq_cpu_notify_list); +- raw_spin_unlock(&blk_mq_cpu_notify_lock); ++ spin_unlock(&blk_mq_cpu_notify_lock); + } + + void blk_mq_unregister_cpu_notifier(struct blk_mq_cpu_notifier *notifier) + { +- raw_spin_lock(&blk_mq_cpu_notify_lock); ++ spin_lock(&blk_mq_cpu_notify_lock); + list_del(¬ifier->list); +- raw_spin_unlock(&blk_mq_cpu_notify_lock); ++ spin_unlock(&blk_mq_cpu_notify_lock); + } + + void blk_mq_init_cpu_notifier(struct blk_mq_cpu_notifier *notifier, +diff -Nur linux-3.18.9.orig/block/blk-mq.h linux-3.18.9/block/blk-mq.h +--- linux-3.18.9.orig/block/blk-mq.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/block/blk-mq.h 2015-03-15 16:03:03.700094875 -0500 +@@ -73,7 +73,10 @@ + static inline struct blk_mq_ctx *__blk_mq_get_ctx(struct request_queue *q, + unsigned int cpu) + { +- return per_cpu_ptr(q->queue_ctx, cpu); ++ struct blk_mq_ctx *ctx; ++ ++ ctx = per_cpu_ptr(q->queue_ctx, cpu); ++ return ctx; + } + + /* +@@ -84,12 +87,12 @@ + */ + static inline struct blk_mq_ctx *blk_mq_get_ctx(struct request_queue *q) + { +- return __blk_mq_get_ctx(q, get_cpu()); ++ return __blk_mq_get_ctx(q, get_cpu_light()); + } + + static inline void blk_mq_put_ctx(struct blk_mq_ctx *ctx) + { +- put_cpu(); ++ put_cpu_light(); + } + + struct blk_mq_alloc_data { +diff -Nur linux-3.18.9.orig/block/blk-softirq.c linux-3.18.9/block/blk-softirq.c +--- linux-3.18.9.orig/block/blk-softirq.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/block/blk-softirq.c 2015-03-15 16:03:03.700094875 -0500 +@@ -51,6 +51,7 @@ + raise_softirq_irqoff(BLOCK_SOFTIRQ); + + local_irq_restore(flags); ++ preempt_check_resched_rt(); + } + + /* +@@ -93,6 +94,7 @@ + this_cpu_ptr(&blk_cpu_done)); + raise_softirq_irqoff(BLOCK_SOFTIRQ); + local_irq_enable(); ++ preempt_check_resched_rt(); + } + + return NOTIFY_OK; +@@ -150,6 +152,7 @@ + goto do_local; + + local_irq_restore(flags); ++ preempt_check_resched_rt(); + } + + /** +diff -Nur linux-3.18.9.orig/block/bounce.c linux-3.18.9/block/bounce.c +--- linux-3.18.9.orig/block/bounce.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/block/bounce.c 2015-03-15 16:03:03.700094875 -0500 +@@ -54,11 +54,11 @@ + unsigned long flags; + unsigned char *vto; + +- local_irq_save(flags); ++ local_irq_save_nort(flags); + vto = kmap_atomic(to->bv_page); + memcpy(vto + to->bv_offset, vfrom, to->bv_len); + kunmap_atomic(vto); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + } + + #else /* CONFIG_HIGHMEM */ +diff -Nur linux-3.18.9.orig/crypto/algapi.c linux-3.18.9/crypto/algapi.c +--- linux-3.18.9.orig/crypto/algapi.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/crypto/algapi.c 2015-03-15 16:03:03.700094875 -0500 +@@ -698,13 +698,13 @@ + + int crypto_register_notifier(struct notifier_block *nb) + { +- return blocking_notifier_chain_register(&crypto_chain, nb); ++ return srcu_notifier_chain_register(&crypto_chain, nb); + } + EXPORT_SYMBOL_GPL(crypto_register_notifier); + + int crypto_unregister_notifier(struct notifier_block *nb) + { +- return blocking_notifier_chain_unregister(&crypto_chain, nb); ++ return srcu_notifier_chain_unregister(&crypto_chain, nb); + } + EXPORT_SYMBOL_GPL(crypto_unregister_notifier); + +diff -Nur linux-3.18.9.orig/crypto/api.c linux-3.18.9/crypto/api.c +--- linux-3.18.9.orig/crypto/api.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/crypto/api.c 2015-03-15 16:03:03.700094875 -0500 +@@ -31,7 +31,7 @@ + DECLARE_RWSEM(crypto_alg_sem); + EXPORT_SYMBOL_GPL(crypto_alg_sem); + +-BLOCKING_NOTIFIER_HEAD(crypto_chain); ++SRCU_NOTIFIER_HEAD(crypto_chain); + EXPORT_SYMBOL_GPL(crypto_chain); + + static struct crypto_alg *crypto_larval_wait(struct crypto_alg *alg); +@@ -236,10 +236,10 @@ + { + int ok; + +- ok = blocking_notifier_call_chain(&crypto_chain, val, v); ++ ok = srcu_notifier_call_chain(&crypto_chain, val, v); + if (ok == NOTIFY_DONE) { + request_module("cryptomgr"); +- ok = blocking_notifier_call_chain(&crypto_chain, val, v); ++ ok = srcu_notifier_call_chain(&crypto_chain, val, v); + } + + return ok; +diff -Nur linux-3.18.9.orig/crypto/internal.h linux-3.18.9/crypto/internal.h +--- linux-3.18.9.orig/crypto/internal.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/crypto/internal.h 2015-03-15 16:03:03.700094875 -0500 +@@ -48,7 +48,7 @@ + + extern struct list_head crypto_alg_list; + extern struct rw_semaphore crypto_alg_sem; +-extern struct blocking_notifier_head crypto_chain; ++extern struct srcu_notifier_head crypto_chain; + + #ifdef CONFIG_PROC_FS + void __init crypto_init_proc(void); +@@ -142,7 +142,7 @@ + + static inline void crypto_notify(unsigned long val, void *v) + { +- blocking_notifier_call_chain(&crypto_chain, val, v); ++ srcu_notifier_call_chain(&crypto_chain, val, v); + } + + #endif /* _CRYPTO_INTERNAL_H */ +diff -Nur linux-3.18.9.orig/Documentation/hwlat_detector.txt linux-3.18.9/Documentation/hwlat_detector.txt +--- linux-3.18.9.orig/Documentation/hwlat_detector.txt 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/Documentation/hwlat_detector.txt 2015-03-15 16:03:03.704094875 -0500 +@@ -0,0 +1,64 @@ ++Introduction: ++------------- ++ ++The module hwlat_detector is a special purpose kernel module that is used to ++detect large system latencies induced by the behavior of certain underlying ++hardware or firmware, independent of Linux itself. The code was developed ++originally to detect SMIs (System Management Interrupts) on x86 systems, ++however there is nothing x86 specific about this patchset. It was ++originally written for use by the "RT" patch since the Real Time ++kernel is highly latency sensitive. ++ ++SMIs are usually not serviced by the Linux kernel, which typically does not ++even know that they are occuring. SMIs are instead are set up by BIOS code ++and are serviced by BIOS code, usually for "critical" events such as ++management of thermal sensors and fans. Sometimes though, SMIs are used for ++other tasks and those tasks can spend an inordinate amount of time in the ++handler (sometimes measured in milliseconds). Obviously this is a problem if ++you are trying to keep event service latencies down in the microsecond range. ++ ++The hardware latency detector works by hogging all of the cpus for configurable ++amounts of time (by calling stop_machine()), polling the CPU Time Stamp Counter ++for some period, then looking for gaps in the TSC data. Any gap indicates a ++time when the polling was interrupted and since the machine is stopped and ++interrupts turned off the only thing that could do that would be an SMI. ++ ++Note that the SMI detector should *NEVER* be used in a production environment. ++It is intended to be run manually to determine if the hardware platform has a ++problem with long system firmware service routines. ++ ++Usage: ++------ ++ ++Loading the module hwlat_detector passing the parameter "enabled=1" (or by ++setting the "enable" entry in "hwlat_detector" debugfs toggled on) is the only ++step required to start the hwlat_detector. It is possible to redefine the ++threshold in microseconds (us) above which latency spikes will be taken ++into account (parameter "threshold="). ++ ++Example: ++ ++ # modprobe hwlat_detector enabled=1 threshold=100 ++ ++After the module is loaded, it creates a directory named "hwlat_detector" under ++the debugfs mountpoint, "/debug/hwlat_detector" for this text. It is necessary ++to have debugfs mounted, which might be on /sys/debug on your system. ++ ++The /debug/hwlat_detector interface contains the following files: ++ ++count - number of latency spikes observed since last reset ++enable - a global enable/disable toggle (0/1), resets count ++max - maximum hardware latency actually observed (usecs) ++sample - a pipe from which to read current raw sample data ++ in the format <timestamp> <latency observed usecs> ++ (can be opened O_NONBLOCK for a single sample) ++threshold - minimum latency value to be considered (usecs) ++width - time period to sample with CPUs held (usecs) ++ must be less than the total window size (enforced) ++window - total period of sampling, width being inside (usecs) ++ ++By default we will set width to 500,000 and window to 1,000,000, meaning that ++we will sample every 1,000,000 usecs (1s) for 500,000 usecs (0.5s). If we ++observe any latencies that exceed the threshold (initially 100 usecs), ++then we write to a global sample ring buffer of 8K samples, which is ++consumed by reading from the "sample" (pipe) debugfs file interface. +diff -Nur linux-3.18.9.orig/Documentation/sysrq.txt linux-3.18.9/Documentation/sysrq.txt +--- linux-3.18.9.orig/Documentation/sysrq.txt 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/Documentation/sysrq.txt 2015-03-15 16:03:03.704094875 -0500 +@@ -59,10 +59,17 @@ + On other - If you know of the key combos for other architectures, please + let me know so I can add them to this section. + +-On all - write a character to /proc/sysrq-trigger. e.g.: +- ++On all - write a character to /proc/sysrq-trigger, e.g.: + echo t > /proc/sysrq-trigger + ++On all - Enable network SysRq by writing a cookie to icmp_echo_sysrq, e.g. ++ echo 0x01020304 >/proc/sys/net/ipv4/icmp_echo_sysrq ++ Send an ICMP echo request with this pattern plus the particular ++ SysRq command key. Example: ++ # ping -c1 -s57 -p0102030468 ++ will trigger the SysRq-H (help) command. ++ ++ + * What are the 'command' keys? + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + 'b' - Will immediately reboot the system without syncing or unmounting +diff -Nur linux-3.18.9.orig/Documentation/trace/histograms.txt linux-3.18.9/Documentation/trace/histograms.txt +--- linux-3.18.9.orig/Documentation/trace/histograms.txt 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/Documentation/trace/histograms.txt 2015-03-15 16:03:03.704094875 -0500 +@@ -0,0 +1,186 @@ ++ Using the Linux Kernel Latency Histograms ++ ++ ++This document gives a short explanation how to enable, configure and use ++latency histograms. Latency histograms are primarily relevant in the ++context of real-time enabled kernels (CONFIG_PREEMPT/CONFIG_PREEMPT_RT) ++and are used in the quality management of the Linux real-time ++capabilities. ++ ++ ++* Purpose of latency histograms ++ ++A latency histogram continuously accumulates the frequencies of latency ++data. There are two types of histograms ++- potential sources of latencies ++- effective latencies ++ ++ ++* Potential sources of latencies ++ ++Potential sources of latencies are code segments where interrupts, ++preemption or both are disabled (aka critical sections). To create ++histograms of potential sources of latency, the kernel stores the time ++stamp at the start of a critical section, determines the time elapsed ++when the end of the section is reached, and increments the frequency ++counter of that latency value - irrespective of whether any concurrently ++running process is affected by latency or not. ++- Configuration items (in the Kernel hacking/Tracers submenu) ++ CONFIG_INTERRUPT_OFF_LATENCY ++ CONFIG_PREEMPT_OFF_LATENCY ++ ++ ++* Effective latencies ++ ++Effective latencies are actually occuring during wakeup of a process. To ++determine effective latencies, the kernel stores the time stamp when a ++process is scheduled to be woken up, and determines the duration of the ++wakeup time shortly before control is passed over to this process. Note ++that the apparent latency in user space may be somewhat longer, since the ++process may be interrupted after control is passed over to it but before ++the execution in user space takes place. Simply measuring the interval ++between enqueuing and wakeup may also not appropriate in cases when a ++process is scheduled as a result of a timer expiration. The timer may have ++missed its deadline, e.g. due to disabled interrupts, but this latency ++would not be registered. Therefore, the offsets of missed timers are ++recorded in a separate histogram. If both wakeup latency and missed timer ++offsets are configured and enabled, a third histogram may be enabled that ++records the overall latency as a sum of the timer latency, if any, and the ++wakeup latency. This histogram is called "timerandwakeup". ++- Configuration items (in the Kernel hacking/Tracers submenu) ++ CONFIG_WAKEUP_LATENCY ++ CONFIG_MISSED_TIMER_OFSETS ++ ++ ++* Usage ++ ++The interface to the administration of the latency histograms is located ++in the debugfs file system. To mount it, either enter ++ ++mount -t sysfs nodev /sys ++mount -t debugfs nodev /sys/kernel/debug ++ ++from shell command line level, or add ++ ++nodev /sys sysfs defaults 0 0 ++nodev /sys/kernel/debug debugfs defaults 0 0 ++ ++to the file /etc/fstab. All latency histogram related files are then ++available in the directory /sys/kernel/debug/tracing/latency_hist. A ++particular histogram type is enabled by writing non-zero to the related ++variable in the /sys/kernel/debug/tracing/latency_hist/enable directory. ++Select "preemptirqsoff" for the histograms of potential sources of ++latencies and "wakeup" for histograms of effective latencies etc. The ++histogram data - one per CPU - are available in the files ++ ++/sys/kernel/debug/tracing/latency_hist/preemptoff/CPUx ++/sys/kernel/debug/tracing/latency_hist/irqsoff/CPUx ++/sys/kernel/debug/tracing/latency_hist/preemptirqsoff/CPUx ++/sys/kernel/debug/tracing/latency_hist/wakeup/CPUx ++/sys/kernel/debug/tracing/latency_hist/wakeup/sharedprio/CPUx ++/sys/kernel/debug/tracing/latency_hist/missed_timer_offsets/CPUx ++/sys/kernel/debug/tracing/latency_hist/timerandwakeup/CPUx ++ ++The histograms are reset by writing non-zero to the file "reset" in a ++particular latency directory. To reset all latency data, use ++ ++#!/bin/sh ++ ++TRACINGDIR=/sys/kernel/debug/tracing ++HISTDIR=$TRACINGDIR/latency_hist ++ ++if test -d $HISTDIR ++then ++ cd $HISTDIR ++ for i in `find . | grep /reset$` ++ do ++ echo 1 >$i ++ done ++fi ++ ++ ++* Data format ++ ++Latency data are stored with a resolution of one microsecond. The ++maximum latency is 10,240 microseconds. The data are only valid, if the ++overflow register is empty. Every output line contains the latency in ++microseconds in the first row and the number of samples in the second ++row. To display only lines with a positive latency count, use, for ++example, ++ ++grep -v " 0$" /sys/kernel/debug/tracing/latency_hist/preemptoff/CPU0 ++ ++#Minimum latency: 0 microseconds. ++#Average latency: 0 microseconds. ++#Maximum latency: 25 microseconds. ++#Total samples: 3104770694 ++#There are 0 samples greater or equal than 10240 microseconds ++#usecs samples ++ 0 2984486876 ++ 1 49843506 ++ 2 58219047 ++ 3 5348126 ++ 4 2187960 ++ 5 3388262 ++ 6 959289 ++ 7 208294 ++ 8 40420 ++ 9 4485 ++ 10 14918 ++ 11 18340 ++ 12 25052 ++ 13 19455 ++ 14 5602 ++ 15 969 ++ 16 47 ++ 17 18 ++ 18 14 ++ 19 1 ++ 20 3 ++ 21 2 ++ 22 5 ++ 23 2 ++ 25 1 ++ ++ ++* Wakeup latency of a selected process ++ ++To only collect wakeup latency data of a particular process, write the ++PID of the requested process to ++ ++/sys/kernel/debug/tracing/latency_hist/wakeup/pid ++ ++PIDs are not considered, if this variable is set to 0. ++ ++ ++* Details of the process with the highest wakeup latency so far ++ ++Selected data of the process that suffered from the highest wakeup ++latency that occurred in a particular CPU are available in the file ++ ++/sys/kernel/debug/tracing/latency_hist/wakeup/max_latency-CPUx. ++ ++In addition, other relevant system data at the time when the ++latency occurred are given. ++ ++The format of the data is (all in one line): ++<PID> <Priority> <Latency> (<Timeroffset>) <Command> \ ++<- <PID> <Priority> <Command> <Timestamp> ++ ++The value of <Timeroffset> is only relevant in the combined timer ++and wakeup latency recording. In the wakeup recording, it is ++always 0, in the missed_timer_offsets recording, it is the same ++as <Latency>. ++ ++When retrospectively searching for the origin of a latency and ++tracing was not enabled, it may be helpful to know the name and ++some basic data of the task that (finally) was switching to the ++late real-tlme task. In addition to the victim's data, also the ++data of the possible culprit are therefore displayed after the ++"<-" symbol. ++ ++Finally, the timestamp of the time when the latency occurred ++in <seconds>.<microseconds> after the most recent system boot ++is provided. ++ ++These data are also reset when the wakeup histogram is reset. +diff -Nur linux-3.18.9.orig/drivers/acpi/acpica/acglobal.h linux-3.18.9/drivers/acpi/acpica/acglobal.h +--- linux-3.18.9.orig/drivers/acpi/acpica/acglobal.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/acpi/acpica/acglobal.h 2015-03-15 16:03:03.704094875 -0500 +@@ -112,7 +112,7 @@ + * interrupt level + */ + ACPI_GLOBAL(acpi_spinlock, acpi_gbl_gpe_lock); /* For GPE data structs and registers */ +-ACPI_GLOBAL(acpi_spinlock, acpi_gbl_hardware_lock); /* For ACPI H/W except GPE registers */ ++ACPI_GLOBAL(acpi_raw_spinlock, acpi_gbl_hardware_lock); /* For ACPI H/W except GPE registers */ + ACPI_GLOBAL(acpi_spinlock, acpi_gbl_reference_count_lock); + + /* Mutex for _OSI support */ +diff -Nur linux-3.18.9.orig/drivers/acpi/acpica/hwregs.c linux-3.18.9/drivers/acpi/acpica/hwregs.c +--- linux-3.18.9.orig/drivers/acpi/acpica/hwregs.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/acpi/acpica/hwregs.c 2015-03-15 16:03:03.704094875 -0500 +@@ -269,14 +269,14 @@ + ACPI_BITMASK_ALL_FIXED_STATUS, + ACPI_FORMAT_UINT64(acpi_gbl_xpm1a_status.address))); + +- lock_flags = acpi_os_acquire_lock(acpi_gbl_hardware_lock); ++ raw_spin_lock_irqsave(acpi_gbl_hardware_lock, lock_flags); + + /* Clear the fixed events in PM1 A/B */ + + status = acpi_hw_register_write(ACPI_REGISTER_PM1_STATUS, + ACPI_BITMASK_ALL_FIXED_STATUS); + +- acpi_os_release_lock(acpi_gbl_hardware_lock, lock_flags); ++ raw_spin_unlock_irqrestore(acpi_gbl_hardware_lock, lock_flags); + + if (ACPI_FAILURE(status)) { + goto exit; +diff -Nur linux-3.18.9.orig/drivers/acpi/acpica/hwxface.c linux-3.18.9/drivers/acpi/acpica/hwxface.c +--- linux-3.18.9.orig/drivers/acpi/acpica/hwxface.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/acpi/acpica/hwxface.c 2015-03-15 16:03:03.704094875 -0500 +@@ -374,7 +374,7 @@ + return_ACPI_STATUS(AE_BAD_PARAMETER); + } + +- lock_flags = acpi_os_acquire_lock(acpi_gbl_hardware_lock); ++ raw_spin_lock_irqsave(acpi_gbl_hardware_lock, lock_flags); + + /* + * At this point, we know that the parent register is one of the +@@ -435,7 +435,7 @@ + + unlock_and_exit: + +- acpi_os_release_lock(acpi_gbl_hardware_lock, lock_flags); ++ raw_spin_unlock_irqrestore(acpi_gbl_hardware_lock, lock_flags); + return_ACPI_STATUS(status); + } + +diff -Nur linux-3.18.9.orig/drivers/acpi/acpica/utmutex.c linux-3.18.9/drivers/acpi/acpica/utmutex.c +--- linux-3.18.9.orig/drivers/acpi/acpica/utmutex.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/acpi/acpica/utmutex.c 2015-03-15 16:03:03.704094875 -0500 +@@ -88,7 +88,7 @@ + return_ACPI_STATUS (status); + } + +- status = acpi_os_create_lock (&acpi_gbl_hardware_lock); ++ status = acpi_os_create_raw_lock (&acpi_gbl_hardware_lock); + if (ACPI_FAILURE (status)) { + return_ACPI_STATUS (status); + } +@@ -141,7 +141,7 @@ + /* Delete the spinlocks */ + + acpi_os_delete_lock(acpi_gbl_gpe_lock); +- acpi_os_delete_lock(acpi_gbl_hardware_lock); ++ acpi_os_delete_raw_lock(acpi_gbl_hardware_lock); + acpi_os_delete_lock(acpi_gbl_reference_count_lock); + + /* Delete the reader/writer lock */ +diff -Nur linux-3.18.9.orig/drivers/ata/libata-sff.c linux-3.18.9/drivers/ata/libata-sff.c +--- linux-3.18.9.orig/drivers/ata/libata-sff.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/ata/libata-sff.c 2015-03-15 16:03:03.704094875 -0500 +@@ -678,9 +678,9 @@ + unsigned long flags; + unsigned int consumed; + +- local_irq_save(flags); ++ local_irq_save_nort(flags); + consumed = ata_sff_data_xfer32(dev, buf, buflen, rw); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + + return consumed; + } +@@ -719,7 +719,7 @@ + unsigned long flags; + + /* FIXME: use a bounce buffer */ +- local_irq_save(flags); ++ local_irq_save_nort(flags); + buf = kmap_atomic(page); + + /* do the actual data transfer */ +@@ -727,7 +727,7 @@ + do_write); + + kunmap_atomic(buf); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + } else { + buf = page_address(page); + ap->ops->sff_data_xfer(qc->dev, buf + offset, qc->sect_size, +@@ -864,7 +864,7 @@ + unsigned long flags; + + /* FIXME: use bounce buffer */ +- local_irq_save(flags); ++ local_irq_save_nort(flags); + buf = kmap_atomic(page); + + /* do the actual data transfer */ +@@ -872,7 +872,7 @@ + count, rw); + + kunmap_atomic(buf); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + } else { + buf = page_address(page); + consumed = ap->ops->sff_data_xfer(dev, buf + offset, +diff -Nur linux-3.18.9.orig/drivers/char/random.c linux-3.18.9/drivers/char/random.c +--- linux-3.18.9.orig/drivers/char/random.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/char/random.c 2015-03-15 16:03:03.708094875 -0500 +@@ -776,8 +776,6 @@ + } sample; + long delta, delta2, delta3; + +- preempt_disable(); +- + sample.jiffies = jiffies; + sample.cycles = random_get_entropy(); + sample.num = num; +@@ -818,7 +816,6 @@ + */ + credit_entropy_bits(r, min_t(int, fls(delta>>1), 11)); + } +- preempt_enable(); + } + + void add_input_randomness(unsigned int type, unsigned int code, +@@ -871,28 +868,27 @@ + return *(ptr + f->reg_idx++); + } + +-void add_interrupt_randomness(int irq, int irq_flags) ++void add_interrupt_randomness(int irq, int irq_flags, __u64 ip) + { + struct entropy_store *r; + struct fast_pool *fast_pool = this_cpu_ptr(&irq_randomness); +- struct pt_regs *regs = get_irq_regs(); + unsigned long now = jiffies; + cycles_t cycles = random_get_entropy(); + __u32 c_high, j_high; +- __u64 ip; + unsigned long seed; + int credit = 0; + + if (cycles == 0) +- cycles = get_reg(fast_pool, regs); ++ cycles = get_reg(fast_pool, NULL); + c_high = (sizeof(cycles) > 4) ? cycles >> 32 : 0; + j_high = (sizeof(now) > 4) ? now >> 32 : 0; + fast_pool->pool[0] ^= cycles ^ j_high ^ irq; + fast_pool->pool[1] ^= now ^ c_high; +- ip = regs ? instruction_pointer(regs) : _RET_IP_; ++ if (!ip) ++ ip = _RET_IP_; + fast_pool->pool[2] ^= ip; + fast_pool->pool[3] ^= (sizeof(ip) > 4) ? ip >> 32 : +- get_reg(fast_pool, regs); ++ get_reg(fast_pool, NULL); + + fast_mix(fast_pool); + add_interrupt_bench(cycles); +diff -Nur linux-3.18.9.orig/drivers/clocksource/tcb_clksrc.c linux-3.18.9/drivers/clocksource/tcb_clksrc.c +--- linux-3.18.9.orig/drivers/clocksource/tcb_clksrc.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/clocksource/tcb_clksrc.c 2015-03-15 16:03:03.708094875 -0500 +@@ -23,8 +23,7 @@ + * this 32 bit free-running counter. the second channel is not used. + * + * - The third channel may be used to provide a 16-bit clockevent +- * source, used in either periodic or oneshot mode. This runs +- * at 32 KiHZ, and can handle delays of up to two seconds. ++ * source, used in either periodic or oneshot mode. + * + * A boot clocksource and clockevent source are also currently needed, + * unless the relevant platforms (ARM/AT91, AVR32/AT32) are changed so +@@ -74,6 +73,7 @@ + struct tc_clkevt_device { + struct clock_event_device clkevt; + struct clk *clk; ++ u32 freq; + void __iomem *regs; + }; + +@@ -82,13 +82,6 @@ + return container_of(clkevt, struct tc_clkevt_device, clkevt); + } + +-/* For now, we always use the 32K clock ... this optimizes for NO_HZ, +- * because using one of the divided clocks would usually mean the +- * tick rate can never be less than several dozen Hz (vs 0.5 Hz). +- * +- * A divided clock could be good for high resolution timers, since +- * 30.5 usec resolution can seem "low". +- */ + static u32 timer_clock; + + static void tc_mode(enum clock_event_mode m, struct clock_event_device *d) +@@ -111,11 +104,12 @@ + case CLOCK_EVT_MODE_PERIODIC: + clk_enable(tcd->clk); + +- /* slow clock, count up to RC, then irq and restart */ ++ /* count up to RC, then irq and restart */ + __raw_writel(timer_clock + | ATMEL_TC_WAVE | ATMEL_TC_WAVESEL_UP_AUTO, + regs + ATMEL_TC_REG(2, CMR)); +- __raw_writel((32768 + HZ/2) / HZ, tcaddr + ATMEL_TC_REG(2, RC)); ++ __raw_writel((tcd->freq + HZ / 2) / HZ, ++ tcaddr + ATMEL_TC_REG(2, RC)); + + /* Enable clock and interrupts on RC compare */ + __raw_writel(ATMEL_TC_CPCS, regs + ATMEL_TC_REG(2, IER)); +@@ -128,7 +122,7 @@ + case CLOCK_EVT_MODE_ONESHOT: + clk_enable(tcd->clk); + +- /* slow clock, count up to RC, then irq and stop */ ++ /* count up to RC, then irq and stop */ + __raw_writel(timer_clock | ATMEL_TC_CPCSTOP + | ATMEL_TC_WAVE | ATMEL_TC_WAVESEL_UP_AUTO, + regs + ATMEL_TC_REG(2, CMR)); +@@ -157,8 +151,12 @@ + .name = "tc_clkevt", + .features = CLOCK_EVT_FEAT_PERIODIC + | CLOCK_EVT_FEAT_ONESHOT, ++#ifdef CONFIG_ATMEL_TCB_CLKSRC_USE_SLOW_CLOCK + /* Should be lower than at91rm9200's system timer */ + .rating = 125, ++#else ++ .rating = 200, ++#endif + .set_next_event = tc_next_event, + .set_mode = tc_mode, + }, +@@ -178,8 +176,9 @@ + return IRQ_NONE; + } + +-static int __init setup_clkevents(struct atmel_tc *tc, int clk32k_divisor_idx) ++static int __init setup_clkevents(struct atmel_tc *tc, int divisor_idx) + { ++ unsigned divisor = atmel_tc_divisors[divisor_idx]; + int ret; + struct clk *t2_clk = tc->clk[2]; + int irq = tc->irq[2]; +@@ -193,7 +192,11 @@ + clkevt.regs = tc->regs; + clkevt.clk = t2_clk; + +- timer_clock = clk32k_divisor_idx; ++ timer_clock = divisor_idx; ++ if (!divisor) ++ clkevt.freq = 32768; ++ else ++ clkevt.freq = clk_get_rate(t2_clk) / divisor; + + clkevt.clkevt.cpumask = cpumask_of(0); + +@@ -203,7 +206,7 @@ + return ret; + } + +- clockevents_config_and_register(&clkevt.clkevt, 32768, 1, 0xffff); ++ clockevents_config_and_register(&clkevt.clkevt, clkevt.freq, 1, 0xffff); + + return ret; + } +@@ -340,7 +343,11 @@ + goto err_disable_t1; + + /* channel 2: periodic and oneshot timer support */ ++#ifdef CONFIG_ATMEL_TCB_CLKSRC_USE_SLOW_CLOCK + ret = setup_clkevents(tc, clk32k_divisor_idx); ++#else ++ ret = setup_clkevents(tc, best_divisor_idx); ++#endif + if (ret) + goto err_unregister_clksrc; + +diff -Nur linux-3.18.9.orig/drivers/clocksource/timer-atmel-pit.c linux-3.18.9/drivers/clocksource/timer-atmel-pit.c +--- linux-3.18.9.orig/drivers/clocksource/timer-atmel-pit.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/clocksource/timer-atmel-pit.c 2015-03-15 16:03:03.708094875 -0500 +@@ -90,6 +90,7 @@ + return elapsed; + } + ++static struct irqaction at91sam926x_pit_irq; + /* + * Clockevent device: interrupts every 1/HZ (== pit_cycles * MCK/16) + */ +@@ -100,6 +101,8 @@ + + switch (mode) { + case CLOCK_EVT_MODE_PERIODIC: ++ /* Set up irq handler */ ++ setup_irq(at91sam926x_pit_irq.irq, &at91sam926x_pit_irq); + /* update clocksource counter */ + data->cnt += data->cycle * PIT_PICNT(pit_read(data->base, AT91_PIT_PIVR)); + pit_write(data->base, AT91_PIT_MR, +@@ -113,6 +116,7 @@ + /* disable irq, leaving the clocksource active */ + pit_write(data->base, AT91_PIT_MR, + (data->cycle - 1) | AT91_PIT_PITEN); ++ remove_irq(at91sam926x_pit_irq.irq, &at91sam926x_pit_irq); + break; + case CLOCK_EVT_MODE_RESUME: + break; +diff -Nur linux-3.18.9.orig/drivers/gpio/gpio-omap.c linux-3.18.9/drivers/gpio/gpio-omap.c +--- linux-3.18.9.orig/drivers/gpio/gpio-omap.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/gpio/gpio-omap.c 2015-03-15 16:03:03.708094875 -0500 +@@ -57,7 +57,7 @@ + u32 saved_datain; + u32 level_mask; + u32 toggle_mask; +- spinlock_t lock; ++ raw_spinlock_t lock; + struct gpio_chip chip; + struct clk *dbck; + u32 mod_usage; +@@ -503,19 +503,19 @@ + (type & (IRQ_TYPE_LEVEL_LOW|IRQ_TYPE_LEVEL_HIGH))) + return -EINVAL; + +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + offset = GPIO_INDEX(bank, gpio); + retval = omap_set_gpio_triggering(bank, offset, type); + if (!LINE_USED(bank->mod_usage, offset)) { + omap_enable_gpio_module(bank, offset); + omap_set_gpio_direction(bank, offset, 1); + } else if (!omap_gpio_is_input(bank, BIT(offset))) { +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + return -EINVAL; + } + + bank->irq_usage |= BIT(GPIO_INDEX(bank, gpio)); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + + if (type & (IRQ_TYPE_LEVEL_LOW | IRQ_TYPE_LEVEL_HIGH)) + __irq_set_handler_locked(d->irq, handle_level_irq); +@@ -633,14 +633,14 @@ + return -EINVAL; + } + +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + if (enable) + bank->context.wake_en |= gpio_bit; + else + bank->context.wake_en &= ~gpio_bit; + + writel_relaxed(bank->context.wake_en, bank->base + bank->regs->wkup_en); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + + return 0; + } +@@ -675,7 +675,7 @@ + if (!BANK_USED(bank)) + pm_runtime_get_sync(bank->dev); + +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + /* Set trigger to none. You need to enable the desired trigger with + * request_irq() or set_irq_type(). Only do this if the IRQ line has + * not already been requested. +@@ -685,7 +685,7 @@ + omap_enable_gpio_module(bank, offset); + } + bank->mod_usage |= BIT(offset); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + + return 0; + } +@@ -695,11 +695,11 @@ + struct gpio_bank *bank = container_of(chip, struct gpio_bank, chip); + unsigned long flags; + +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + bank->mod_usage &= ~(BIT(offset)); + omap_disable_gpio_module(bank, offset); + omap_reset_gpio(bank, bank->chip.base + offset); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + + /* + * If this is the last gpio to be freed in the bank, +@@ -799,12 +799,12 @@ + unsigned long flags; + unsigned offset = GPIO_INDEX(bank, gpio); + +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + gpio_unlock_as_irq(&bank->chip, offset); + bank->irq_usage &= ~(BIT(offset)); + omap_disable_gpio_module(bank, offset); + omap_reset_gpio(bank, gpio); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + + /* + * If this is the last IRQ to be freed in the bank, +@@ -828,10 +828,10 @@ + unsigned int gpio = omap_irq_to_gpio(bank, d->hwirq); + unsigned long flags; + +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + omap_set_gpio_irqenable(bank, gpio, 0); + omap_set_gpio_triggering(bank, GPIO_INDEX(bank, gpio), IRQ_TYPE_NONE); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + } + + static void omap_gpio_unmask_irq(struct irq_data *d) +@@ -842,7 +842,7 @@ + u32 trigger = irqd_get_trigger_type(d); + unsigned long flags; + +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + if (trigger) + omap_set_gpio_triggering(bank, GPIO_INDEX(bank, gpio), trigger); + +@@ -854,7 +854,7 @@ + } + + omap_set_gpio_irqenable(bank, gpio, 1); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + } + + /*---------------------------------------------------------------------*/ +@@ -867,9 +867,9 @@ + OMAP_MPUIO_GPIO_MASKIT / bank->stride; + unsigned long flags; + +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + writel_relaxed(0xffff & ~bank->context.wake_en, mask_reg); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + + return 0; + } +@@ -882,9 +882,9 @@ + OMAP_MPUIO_GPIO_MASKIT / bank->stride; + unsigned long flags; + +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + writel_relaxed(bank->context.wake_en, mask_reg); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + + return 0; + } +@@ -930,9 +930,9 @@ + + bank = container_of(chip, struct gpio_bank, chip); + reg = bank->base + bank->regs->direction; +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + dir = !!(readl_relaxed(reg) & BIT(offset)); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + return dir; + } + +@@ -942,9 +942,9 @@ + unsigned long flags; + + bank = container_of(chip, struct gpio_bank, chip); +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + omap_set_gpio_direction(bank, offset, 1); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + return 0; + } + +@@ -968,10 +968,10 @@ + unsigned long flags; + + bank = container_of(chip, struct gpio_bank, chip); +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + bank->set_dataout(bank, offset, value); + omap_set_gpio_direction(bank, offset, 0); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + return 0; + } + +@@ -983,9 +983,9 @@ + + bank = container_of(chip, struct gpio_bank, chip); + +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + omap2_set_gpio_debounce(bank, offset, debounce); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + + return 0; + } +@@ -996,9 +996,9 @@ + unsigned long flags; + + bank = container_of(chip, struct gpio_bank, chip); +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + bank->set_dataout(bank, offset, value); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + } + + /*---------------------------------------------------------------------*/ +@@ -1223,7 +1223,7 @@ + else + bank->set_dataout = omap_set_gpio_dataout_mask; + +- spin_lock_init(&bank->lock); ++ raw_spin_lock_init(&bank->lock); + + /* Static mapping, never released */ + res = platform_get_resource(pdev, IORESOURCE_MEM, 0); +@@ -1270,7 +1270,7 @@ + unsigned long flags; + u32 wake_low, wake_hi; + +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + + /* + * Only edges can generate a wakeup event to the PRCM. +@@ -1323,7 +1323,7 @@ + bank->get_context_loss_count(bank->dev); + + omap_gpio_dbck_disable(bank); +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + + return 0; + } +@@ -1338,7 +1338,7 @@ + unsigned long flags; + int c; + +- spin_lock_irqsave(&bank->lock, flags); ++ raw_spin_lock_irqsave(&bank->lock, flags); + + /* + * On the first resume during the probe, the context has not +@@ -1374,14 +1374,14 @@ + if (c != bank->context_loss_count) { + omap_gpio_restore_context(bank); + } else { +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + return 0; + } + } + } + + if (!bank->workaround_enabled) { +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + return 0; + } + +@@ -1436,7 +1436,7 @@ + } + + bank->workaround_enabled = false; +- spin_unlock_irqrestore(&bank->lock, flags); ++ raw_spin_unlock_irqrestore(&bank->lock, flags); + + return 0; + } +diff -Nur linux-3.18.9.orig/drivers/gpu/drm/i915/i915_gem.c linux-3.18.9/drivers/gpu/drm/i915/i915_gem.c +--- linux-3.18.9.orig/drivers/gpu/drm/i915/i915_gem.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/gpu/drm/i915/i915_gem.c 2015-03-15 16:03:03.712094875 -0500 +@@ -5144,7 +5144,7 @@ + if (!mutex_is_locked(mutex)) + return false; + +-#if defined(CONFIG_SMP) && !defined(CONFIG_DEBUG_MUTEXES) ++#if defined(CONFIG_SMP) && !defined(CONFIG_DEBUG_MUTEXES) && !defined(CONFIG_PREEMPT_RT_BASE) + return mutex->owner == task; + #else + /* Since UP may be pre-empted, we cannot assume that we own the lock */ +diff -Nur linux-3.18.9.orig/drivers/gpu/drm/i915/i915_gem_execbuffer.c linux-3.18.9/drivers/gpu/drm/i915/i915_gem_execbuffer.c +--- linux-3.18.9.orig/drivers/gpu/drm/i915/i915_gem_execbuffer.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/gpu/drm/i915/i915_gem_execbuffer.c 2015-03-15 16:03:03.712094875 -0500 +@@ -1170,7 +1170,9 @@ + return ret; + } + ++#ifndef CONFIG_PREEMPT_RT_BASE + trace_i915_gem_ring_dispatch(ring, intel_ring_get_seqno(ring), flags); ++#endif + + i915_gem_execbuffer_move_to_active(vmas, ring); + i915_gem_execbuffer_retire_commands(dev, file, ring, batch_obj); +diff -Nur linux-3.18.9.orig/drivers/i2c/busses/i2c-omap.c linux-3.18.9/drivers/i2c/busses/i2c-omap.c +--- linux-3.18.9.orig/drivers/i2c/busses/i2c-omap.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/i2c/busses/i2c-omap.c 2015-03-15 16:03:03.712094875 -0500 +@@ -875,15 +875,12 @@ + u16 mask; + u16 stat; + +- spin_lock(&dev->lock); +- mask = omap_i2c_read_reg(dev, OMAP_I2C_IE_REG); + stat = omap_i2c_read_reg(dev, OMAP_I2C_STAT_REG); ++ mask = omap_i2c_read_reg(dev, OMAP_I2C_IE_REG); + + if (stat & mask) + ret = IRQ_WAKE_THREAD; + +- spin_unlock(&dev->lock); +- + return ret; + } + +diff -Nur linux-3.18.9.orig/drivers/ide/alim15x3.c linux-3.18.9/drivers/ide/alim15x3.c +--- linux-3.18.9.orig/drivers/ide/alim15x3.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/ide/alim15x3.c 2015-03-15 16:03:03.712094875 -0500 +@@ -234,7 +234,7 @@ + + isa_dev = pci_get_device(PCI_VENDOR_ID_AL, PCI_DEVICE_ID_AL_M1533, NULL); + +- local_irq_save(flags); ++ local_irq_save_nort(flags); + + if (m5229_revision < 0xC2) { + /* +@@ -325,7 +325,7 @@ + } + pci_dev_put(north); + pci_dev_put(isa_dev); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + return 0; + } + +diff -Nur linux-3.18.9.orig/drivers/ide/hpt366.c linux-3.18.9/drivers/ide/hpt366.c +--- linux-3.18.9.orig/drivers/ide/hpt366.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/ide/hpt366.c 2015-03-15 16:03:03.716094875 -0500 +@@ -1241,7 +1241,7 @@ + + dma_old = inb(base + 2); + +- local_irq_save(flags); ++ local_irq_save_nort(flags); + + dma_new = dma_old; + pci_read_config_byte(dev, hwif->channel ? 0x4b : 0x43, &masterdma); +@@ -1252,7 +1252,7 @@ + if (dma_new != dma_old) + outb(dma_new, base + 2); + +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + + printk(KERN_INFO " %s: BM-DMA at 0x%04lx-0x%04lx\n", + hwif->name, base, base + 7); +diff -Nur linux-3.18.9.orig/drivers/ide/ide-io.c linux-3.18.9/drivers/ide/ide-io.c +--- linux-3.18.9.orig/drivers/ide/ide-io.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/ide/ide-io.c 2015-03-15 16:03:03.716094875 -0500 +@@ -659,7 +659,7 @@ + /* disable_irq_nosync ?? */ + disable_irq(hwif->irq); + /* local CPU only, as if we were handling an interrupt */ +- local_irq_disable(); ++ local_irq_disable_nort(); + if (hwif->polling) { + startstop = handler(drive); + } else if (drive_is_ready(drive)) { +diff -Nur linux-3.18.9.orig/drivers/ide/ide-iops.c linux-3.18.9/drivers/ide/ide-iops.c +--- linux-3.18.9.orig/drivers/ide/ide-iops.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/ide/ide-iops.c 2015-03-15 16:03:03.716094875 -0500 +@@ -129,12 +129,12 @@ + if ((stat & ATA_BUSY) == 0) + break; + +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + *rstat = stat; + return -EBUSY; + } + } +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + } + /* + * Allow status to settle, then read it again. +diff -Nur linux-3.18.9.orig/drivers/ide/ide-io-std.c linux-3.18.9/drivers/ide/ide-io-std.c +--- linux-3.18.9.orig/drivers/ide/ide-io-std.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/ide/ide-io-std.c 2015-03-15 16:03:03.716094875 -0500 +@@ -175,7 +175,7 @@ + unsigned long uninitialized_var(flags); + + if ((io_32bit & 2) && !mmio) { +- local_irq_save(flags); ++ local_irq_save_nort(flags); + ata_vlb_sync(io_ports->nsect_addr); + } + +@@ -186,7 +186,7 @@ + insl(data_addr, buf, words); + + if ((io_32bit & 2) && !mmio) +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + + if (((len + 1) & 3) < 2) + return; +@@ -219,7 +219,7 @@ + unsigned long uninitialized_var(flags); + + if ((io_32bit & 2) && !mmio) { +- local_irq_save(flags); ++ local_irq_save_nort(flags); + ata_vlb_sync(io_ports->nsect_addr); + } + +@@ -230,7 +230,7 @@ + outsl(data_addr, buf, words); + + if ((io_32bit & 2) && !mmio) +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + + if (((len + 1) & 3) < 2) + return; +diff -Nur linux-3.18.9.orig/drivers/ide/ide-probe.c linux-3.18.9/drivers/ide/ide-probe.c +--- linux-3.18.9.orig/drivers/ide/ide-probe.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/ide/ide-probe.c 2015-03-15 16:03:03.716094875 -0500 +@@ -196,10 +196,10 @@ + int bswap = 1; + + /* local CPU only; some systems need this */ +- local_irq_save(flags); ++ local_irq_save_nort(flags); + /* read 512 bytes of id info */ + hwif->tp_ops->input_data(drive, NULL, id, SECTOR_SIZE); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + + drive->dev_flags |= IDE_DFLAG_ID_READ; + #ifdef DEBUG +diff -Nur linux-3.18.9.orig/drivers/ide/ide-taskfile.c linux-3.18.9/drivers/ide/ide-taskfile.c +--- linux-3.18.9.orig/drivers/ide/ide-taskfile.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/ide/ide-taskfile.c 2015-03-15 16:03:03.716094875 -0500 +@@ -250,7 +250,7 @@ + + page_is_high = PageHighMem(page); + if (page_is_high) +- local_irq_save(flags); ++ local_irq_save_nort(flags); + + buf = kmap_atomic(page) + offset; + +@@ -271,7 +271,7 @@ + kunmap_atomic(buf); + + if (page_is_high) +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + + len -= nr_bytes; + } +@@ -414,7 +414,7 @@ + } + + if ((drive->dev_flags & IDE_DFLAG_UNMASK) == 0) +- local_irq_disable(); ++ local_irq_disable_nort(); + + ide_set_handler(drive, &task_pio_intr, WAIT_WORSTCASE); + +diff -Nur linux-3.18.9.orig/drivers/infiniband/ulp/ipoib/ipoib_multicast.c linux-3.18.9/drivers/infiniband/ulp/ipoib/ipoib_multicast.c +--- linux-3.18.9.orig/drivers/infiniband/ulp/ipoib/ipoib_multicast.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/infiniband/ulp/ipoib/ipoib_multicast.c 2015-03-15 16:03:03.716094875 -0500 +@@ -796,7 +796,7 @@ + + ipoib_mcast_stop_thread(dev, 0); + +- local_irq_save(flags); ++ local_irq_save_nort(flags); + netif_addr_lock(dev); + spin_lock(&priv->lock); + +@@ -878,7 +878,7 @@ + + spin_unlock(&priv->lock); + netif_addr_unlock(dev); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + + /* We have to cancel outside of the spinlock */ + list_for_each_entry_safe(mcast, tmcast, &remove_list, list) { +diff -Nur linux-3.18.9.orig/drivers/input/gameport/gameport.c linux-3.18.9/drivers/input/gameport/gameport.c +--- linux-3.18.9.orig/drivers/input/gameport/gameport.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/input/gameport/gameport.c 2015-03-15 16:03:03.716094875 -0500 +@@ -124,12 +124,12 @@ + tx = 1 << 30; + + for(i = 0; i < 50; i++) { +- local_irq_save(flags); ++ local_irq_save_nort(flags); + GET_TIME(t1); + for (t = 0; t < 50; t++) gameport_read(gameport); + GET_TIME(t2); + GET_TIME(t3); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + udelay(i * 10); + if ((t = DELTA(t2,t1) - DELTA(t3,t2)) < tx) tx = t; + } +@@ -148,11 +148,11 @@ + tx = 1 << 30; + + for(i = 0; i < 50; i++) { +- local_irq_save(flags); ++ local_irq_save_nort(flags); + rdtscl(t1); + for (t = 0; t < 50; t++) gameport_read(gameport); + rdtscl(t2); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + udelay(i * 10); + if (t2 - t1 < tx) tx = t2 - t1; + } +diff -Nur linux-3.18.9.orig/drivers/leds/trigger/Kconfig linux-3.18.9/drivers/leds/trigger/Kconfig +--- linux-3.18.9.orig/drivers/leds/trigger/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/leds/trigger/Kconfig 2015-03-15 16:03:03.716094875 -0500 +@@ -61,7 +61,7 @@ + + config LEDS_TRIGGER_CPU + bool "LED CPU Trigger" +- depends on LEDS_TRIGGERS ++ depends on LEDS_TRIGGERS && !PREEMPT_RT_BASE + help + This allows LEDs to be controlled by active CPUs. This shows + the active CPUs across an array of LEDs so you can see which +diff -Nur linux-3.18.9.orig/drivers/md/bcache/Kconfig linux-3.18.9/drivers/md/bcache/Kconfig +--- linux-3.18.9.orig/drivers/md/bcache/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/md/bcache/Kconfig 2015-03-15 16:03:03.720094875 -0500 +@@ -1,6 +1,7 @@ + + config BCACHE + tristate "Block device as cache" ++ depends on !PREEMPT_RT_FULL + ---help--- + Allows a block device to be used as cache for other devices; uses + a btree for indexing and the layout is optimized for SSDs. +diff -Nur linux-3.18.9.orig/drivers/md/dm.c linux-3.18.9/drivers/md/dm.c +--- linux-3.18.9.orig/drivers/md/dm.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/md/dm.c 2015-03-15 16:03:03.720094875 -0500 +@@ -1898,14 +1898,14 @@ + if (map_request(ti, clone, md)) + goto requeued; + +- BUG_ON(!irqs_disabled()); ++ BUG_ON_NONRT(!irqs_disabled()); + spin_lock(q->queue_lock); + } + + goto out; + + requeued: +- BUG_ON(!irqs_disabled()); ++ BUG_ON_NONRT(!irqs_disabled()); + spin_lock(q->queue_lock); + + delay_and_out: +diff -Nur linux-3.18.9.orig/drivers/md/raid5.c linux-3.18.9/drivers/md/raid5.c +--- linux-3.18.9.orig/drivers/md/raid5.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/md/raid5.c 2015-03-15 16:03:03.724094875 -0500 +@@ -1649,8 +1649,9 @@ + struct raid5_percpu *percpu; + unsigned long cpu; + +- cpu = get_cpu(); ++ cpu = get_cpu_light(); + percpu = per_cpu_ptr(conf->percpu, cpu); ++ spin_lock(&percpu->lock); + if (test_bit(STRIPE_OP_BIOFILL, &ops_request)) { + ops_run_biofill(sh); + overlap_clear++; +@@ -1702,7 +1703,8 @@ + if (test_and_clear_bit(R5_Overlap, &dev->flags)) + wake_up(&sh->raid_conf->wait_for_overlap); + } +- put_cpu(); ++ spin_unlock(&percpu->lock); ++ put_cpu_light(); + } + + static int grow_one_stripe(struct r5conf *conf, int hash) +@@ -5708,6 +5710,7 @@ + __func__, cpu); + break; + } ++ spin_lock_init(&per_cpu_ptr(conf->percpu, cpu)->lock); + } + put_online_cpus(); + +diff -Nur linux-3.18.9.orig/drivers/md/raid5.c.orig linux-3.18.9/drivers/md/raid5.c.orig +--- linux-3.18.9.orig/drivers/md/raid5.c.orig 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/drivers/md/raid5.c.orig 2015-03-06 16:53:42.000000000 -0600 +@@ -0,0 +1,7144 @@ ++/* ++ * raid5.c : Multiple Devices driver for Linux ++ * Copyright (C) 1996, 1997 Ingo Molnar, Miguel de Icaza, Gadi Oxman ++ * Copyright (C) 1999, 2000 Ingo Molnar ++ * Copyright (C) 2002, 2003 H. Peter Anvin ++ * ++ * RAID-4/5/6 management functions. ++ * Thanks to Penguin Computing for making the RAID-6 development possible ++ * by donating a test server! ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2, or (at your option) ++ * any later version. ++ * ++ * You should have received a copy of the GNU General Public License ++ * (for example /usr/src/linux/COPYING); if not, write to the Free ++ * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ */ ++ ++/* ++ * BITMAP UNPLUGGING: ++ * ++ * The sequencing for updating the bitmap reliably is a little ++ * subtle (and I got it wrong the first time) so it deserves some ++ * explanation. ++ * ++ * We group bitmap updates into batches. Each batch has a number. ++ * We may write out several batches at once, but that isn't very important. ++ * conf->seq_write is the number of the last batch successfully written. ++ * conf->seq_flush is the number of the last batch that was closed to ++ * new additions. ++ * When we discover that we will need to write to any block in a stripe ++ * (in add_stripe_bio) we update the in-memory bitmap and record in sh->bm_seq ++ * the number of the batch it will be in. This is seq_flush+1. ++ * When we are ready to do a write, if that batch hasn't been written yet, ++ * we plug the array and queue the stripe for later. ++ * When an unplug happens, we increment bm_flush, thus closing the current ++ * batch. ++ * When we notice that bm_flush > bm_write, we write out all pending updates ++ * to the bitmap, and advance bm_write to where bm_flush was. ++ * This may occasionally write a bit out twice, but is sure never to ++ * miss any bits. ++ */ ++ ++#include <linux/blkdev.h> ++#include <linux/kthread.h> ++#include <linux/raid/pq.h> ++#include <linux/async_tx.h> ++#include <linux/module.h> ++#include <linux/async.h> ++#include <linux/seq_file.h> ++#include <linux/cpu.h> ++#include <linux/slab.h> ++#include <linux/ratelimit.h> ++#include <linux/nodemask.h> ++#include <trace/events/block.h> ++ ++#include "md.h" ++#include "raid5.h" ++#include "raid0.h" ++#include "bitmap.h" ++ ++#define cpu_to_group(cpu) cpu_to_node(cpu) ++#define ANY_GROUP NUMA_NO_NODE ++ ++static bool devices_handle_discard_safely = false; ++module_param(devices_handle_discard_safely, bool, 0644); ++MODULE_PARM_DESC(devices_handle_discard_safely, ++ "Set to Y if all devices in each array reliably return zeroes on reads from discarded regions"); ++static struct workqueue_struct *raid5_wq; ++/* ++ * Stripe cache ++ */ ++ ++#define NR_STRIPES 256 ++#define STRIPE_SIZE PAGE_SIZE ++#define STRIPE_SHIFT (PAGE_SHIFT - 9) ++#define STRIPE_SECTORS (STRIPE_SIZE>>9) ++#define IO_THRESHOLD 1 ++#define BYPASS_THRESHOLD 1 ++#define NR_HASH (PAGE_SIZE / sizeof(struct hlist_head)) ++#define HASH_MASK (NR_HASH - 1) ++#define MAX_STRIPE_BATCH 8 ++ ++static inline struct hlist_head *stripe_hash(struct r5conf *conf, sector_t sect) ++{ ++ int hash = (sect >> STRIPE_SHIFT) & HASH_MASK; ++ return &conf->stripe_hashtbl[hash]; ++} ++ ++static inline int stripe_hash_locks_hash(sector_t sect) ++{ ++ return (sect >> STRIPE_SHIFT) & STRIPE_HASH_LOCKS_MASK; ++} ++ ++static inline void lock_device_hash_lock(struct r5conf *conf, int hash) ++{ ++ spin_lock_irq(conf->hash_locks + hash); ++ spin_lock(&conf->device_lock); ++} ++ ++static inline void unlock_device_hash_lock(struct r5conf *conf, int hash) ++{ ++ spin_unlock(&conf->device_lock); ++ spin_unlock_irq(conf->hash_locks + hash); ++} ++ ++static inline void lock_all_device_hash_locks_irq(struct r5conf *conf) ++{ ++ int i; ++ local_irq_disable(); ++ spin_lock(conf->hash_locks); ++ for (i = 1; i < NR_STRIPE_HASH_LOCKS; i++) ++ spin_lock_nest_lock(conf->hash_locks + i, conf->hash_locks); ++ spin_lock(&conf->device_lock); ++} ++ ++static inline void unlock_all_device_hash_locks_irq(struct r5conf *conf) ++{ ++ int i; ++ spin_unlock(&conf->device_lock); ++ for (i = NR_STRIPE_HASH_LOCKS; i; i--) ++ spin_unlock(conf->hash_locks + i - 1); ++ local_irq_enable(); ++} ++ ++/* bio's attached to a stripe+device for I/O are linked together in bi_sector ++ * order without overlap. There may be several bio's per stripe+device, and ++ * a bio could span several devices. ++ * When walking this list for a particular stripe+device, we must never proceed ++ * beyond a bio that extends past this device, as the next bio might no longer ++ * be valid. ++ * This function is used to determine the 'next' bio in the list, given the sector ++ * of the current stripe+device ++ */ ++static inline struct bio *r5_next_bio(struct bio *bio, sector_t sector) ++{ ++ int sectors = bio_sectors(bio); ++ if (bio->bi_iter.bi_sector + sectors < sector + STRIPE_SECTORS) ++ return bio->bi_next; ++ else ++ return NULL; ++} ++ ++/* ++ * We maintain a biased count of active stripes in the bottom 16 bits of ++ * bi_phys_segments, and a count of processed stripes in the upper 16 bits ++ */ ++static inline int raid5_bi_processed_stripes(struct bio *bio) ++{ ++ atomic_t *segments = (atomic_t *)&bio->bi_phys_segments; ++ return (atomic_read(segments) >> 16) & 0xffff; ++} ++ ++static inline int raid5_dec_bi_active_stripes(struct bio *bio) ++{ ++ atomic_t *segments = (atomic_t *)&bio->bi_phys_segments; ++ return atomic_sub_return(1, segments) & 0xffff; ++} ++ ++static inline void raid5_inc_bi_active_stripes(struct bio *bio) ++{ ++ atomic_t *segments = (atomic_t *)&bio->bi_phys_segments; ++ atomic_inc(segments); ++} ++ ++static inline void raid5_set_bi_processed_stripes(struct bio *bio, ++ unsigned int cnt) ++{ ++ atomic_t *segments = (atomic_t *)&bio->bi_phys_segments; ++ int old, new; ++ ++ do { ++ old = atomic_read(segments); ++ new = (old & 0xffff) | (cnt << 16); ++ } while (atomic_cmpxchg(segments, old, new) != old); ++} ++ ++static inline void raid5_set_bi_stripes(struct bio *bio, unsigned int cnt) ++{ ++ atomic_t *segments = (atomic_t *)&bio->bi_phys_segments; ++ atomic_set(segments, cnt); ++} ++ ++/* Find first data disk in a raid6 stripe */ ++static inline int raid6_d0(struct stripe_head *sh) ++{ ++ if (sh->ddf_layout) ++ /* ddf always start from first device */ ++ return 0; ++ /* md starts just after Q block */ ++ if (sh->qd_idx == sh->disks - 1) ++ return 0; ++ else ++ return sh->qd_idx + 1; ++} ++static inline int raid6_next_disk(int disk, int raid_disks) ++{ ++ disk++; ++ return (disk < raid_disks) ? disk : 0; ++} ++ ++/* When walking through the disks in a raid5, starting at raid6_d0, ++ * We need to map each disk to a 'slot', where the data disks are slot ++ * 0 .. raid_disks-3, the parity disk is raid_disks-2 and the Q disk ++ * is raid_disks-1. This help does that mapping. ++ */ ++static int raid6_idx_to_slot(int idx, struct stripe_head *sh, ++ int *count, int syndrome_disks) ++{ ++ int slot = *count; ++ ++ if (sh->ddf_layout) ++ (*count)++; ++ if (idx == sh->pd_idx) ++ return syndrome_disks; ++ if (idx == sh->qd_idx) ++ return syndrome_disks + 1; ++ if (!sh->ddf_layout) ++ (*count)++; ++ return slot; ++} ++ ++static void return_io(struct bio *return_bi) ++{ ++ struct bio *bi = return_bi; ++ while (bi) { ++ ++ return_bi = bi->bi_next; ++ bi->bi_next = NULL; ++ bi->bi_iter.bi_size = 0; ++ trace_block_bio_complete(bdev_get_queue(bi->bi_bdev), ++ bi, 0); ++ bio_endio(bi, 0); ++ bi = return_bi; ++ } ++} ++ ++static void print_raid5_conf (struct r5conf *conf); ++ ++static int stripe_operations_active(struct stripe_head *sh) ++{ ++ return sh->check_state || sh->reconstruct_state || ++ test_bit(STRIPE_BIOFILL_RUN, &sh->state) || ++ test_bit(STRIPE_COMPUTE_RUN, &sh->state); ++} ++ ++static void raid5_wakeup_stripe_thread(struct stripe_head *sh) ++{ ++ struct r5conf *conf = sh->raid_conf; ++ struct r5worker_group *group; ++ int thread_cnt; ++ int i, cpu = sh->cpu; ++ ++ if (!cpu_online(cpu)) { ++ cpu = cpumask_any(cpu_online_mask); ++ sh->cpu = cpu; ++ } ++ ++ if (list_empty(&sh->lru)) { ++ struct r5worker_group *group; ++ group = conf->worker_groups + cpu_to_group(cpu); ++ list_add_tail(&sh->lru, &group->handle_list); ++ group->stripes_cnt++; ++ sh->group = group; ++ } ++ ++ if (conf->worker_cnt_per_group == 0) { ++ md_wakeup_thread(conf->mddev->thread); ++ return; ++ } ++ ++ group = conf->worker_groups + cpu_to_group(sh->cpu); ++ ++ group->workers[0].working = true; ++ /* at least one worker should run to avoid race */ ++ queue_work_on(sh->cpu, raid5_wq, &group->workers[0].work); ++ ++ thread_cnt = group->stripes_cnt / MAX_STRIPE_BATCH - 1; ++ /* wakeup more workers */ ++ for (i = 1; i < conf->worker_cnt_per_group && thread_cnt > 0; i++) { ++ if (group->workers[i].working == false) { ++ group->workers[i].working = true; ++ queue_work_on(sh->cpu, raid5_wq, ++ &group->workers[i].work); ++ thread_cnt--; ++ } ++ } ++} ++ ++static void do_release_stripe(struct r5conf *conf, struct stripe_head *sh, ++ struct list_head *temp_inactive_list) ++{ ++ BUG_ON(!list_empty(&sh->lru)); ++ BUG_ON(atomic_read(&conf->active_stripes)==0); ++ if (test_bit(STRIPE_HANDLE, &sh->state)) { ++ if (test_bit(STRIPE_DELAYED, &sh->state) && ++ !test_bit(STRIPE_PREREAD_ACTIVE, &sh->state)) { ++ list_add_tail(&sh->lru, &conf->delayed_list); ++ if (atomic_read(&conf->preread_active_stripes) ++ < IO_THRESHOLD) ++ md_wakeup_thread(conf->mddev->thread); ++ } else if (test_bit(STRIPE_BIT_DELAY, &sh->state) && ++ sh->bm_seq - conf->seq_write > 0) ++ list_add_tail(&sh->lru, &conf->bitmap_list); ++ else { ++ clear_bit(STRIPE_DELAYED, &sh->state); ++ clear_bit(STRIPE_BIT_DELAY, &sh->state); ++ if (conf->worker_cnt_per_group == 0) { ++ list_add_tail(&sh->lru, &conf->handle_list); ++ } else { ++ raid5_wakeup_stripe_thread(sh); ++ return; ++ } ++ } ++ md_wakeup_thread(conf->mddev->thread); ++ } else { ++ BUG_ON(stripe_operations_active(sh)); ++ if (test_and_clear_bit(STRIPE_PREREAD_ACTIVE, &sh->state)) ++ if (atomic_dec_return(&conf->preread_active_stripes) ++ < IO_THRESHOLD) ++ md_wakeup_thread(conf->mddev->thread); ++ atomic_dec(&conf->active_stripes); ++ if (!test_bit(STRIPE_EXPANDING, &sh->state)) ++ list_add_tail(&sh->lru, temp_inactive_list); ++ } ++} ++ ++static void __release_stripe(struct r5conf *conf, struct stripe_head *sh, ++ struct list_head *temp_inactive_list) ++{ ++ if (atomic_dec_and_test(&sh->count)) ++ do_release_stripe(conf, sh, temp_inactive_list); ++} ++ ++/* ++ * @hash could be NR_STRIPE_HASH_LOCKS, then we have a list of inactive_list ++ * ++ * Be careful: Only one task can add/delete stripes from temp_inactive_list at ++ * given time. Adding stripes only takes device lock, while deleting stripes ++ * only takes hash lock. ++ */ ++static void release_inactive_stripe_list(struct r5conf *conf, ++ struct list_head *temp_inactive_list, ++ int hash) ++{ ++ int size; ++ bool do_wakeup = false; ++ unsigned long flags; ++ ++ if (hash == NR_STRIPE_HASH_LOCKS) { ++ size = NR_STRIPE_HASH_LOCKS; ++ hash = NR_STRIPE_HASH_LOCKS - 1; ++ } else ++ size = 1; ++ while (size) { ++ struct list_head *list = &temp_inactive_list[size - 1]; ++ ++ /* ++ * We don't hold any lock here yet, get_active_stripe() might ++ * remove stripes from the list ++ */ ++ if (!list_empty_careful(list)) { ++ spin_lock_irqsave(conf->hash_locks + hash, flags); ++ if (list_empty(conf->inactive_list + hash) && ++ !list_empty(list)) ++ atomic_dec(&conf->empty_inactive_list_nr); ++ list_splice_tail_init(list, conf->inactive_list + hash); ++ do_wakeup = true; ++ spin_unlock_irqrestore(conf->hash_locks + hash, flags); ++ } ++ size--; ++ hash--; ++ } ++ ++ if (do_wakeup) { ++ wake_up(&conf->wait_for_stripe); ++ if (conf->retry_read_aligned) ++ md_wakeup_thread(conf->mddev->thread); ++ } ++} ++ ++/* should hold conf->device_lock already */ ++static int release_stripe_list(struct r5conf *conf, ++ struct list_head *temp_inactive_list) ++{ ++ struct stripe_head *sh; ++ int count = 0; ++ struct llist_node *head; ++ ++ head = llist_del_all(&conf->released_stripes); ++ head = llist_reverse_order(head); ++ while (head) { ++ int hash; ++ ++ sh = llist_entry(head, struct stripe_head, release_list); ++ head = llist_next(head); ++ /* sh could be readded after STRIPE_ON_RELEASE_LIST is cleard */ ++ smp_mb(); ++ clear_bit(STRIPE_ON_RELEASE_LIST, &sh->state); ++ /* ++ * Don't worry the bit is set here, because if the bit is set ++ * again, the count is always > 1. This is true for ++ * STRIPE_ON_UNPLUG_LIST bit too. ++ */ ++ hash = sh->hash_lock_index; ++ __release_stripe(conf, sh, &temp_inactive_list[hash]); ++ count++; ++ } ++ ++ return count; ++} ++ ++static void release_stripe(struct stripe_head *sh) ++{ ++ struct r5conf *conf = sh->raid_conf; ++ unsigned long flags; ++ struct list_head list; ++ int hash; ++ bool wakeup; ++ ++ /* Avoid release_list until the last reference. ++ */ ++ if (atomic_add_unless(&sh->count, -1, 1)) ++ return; ++ ++ if (unlikely(!conf->mddev->thread) || ++ test_and_set_bit(STRIPE_ON_RELEASE_LIST, &sh->state)) ++ goto slow_path; ++ wakeup = llist_add(&sh->release_list, &conf->released_stripes); ++ if (wakeup) ++ md_wakeup_thread(conf->mddev->thread); ++ return; ++slow_path: ++ local_irq_save(flags); ++ /* we are ok here if STRIPE_ON_RELEASE_LIST is set or not */ ++ if (atomic_dec_and_lock(&sh->count, &conf->device_lock)) { ++ INIT_LIST_HEAD(&list); ++ hash = sh->hash_lock_index; ++ do_release_stripe(conf, sh, &list); ++ spin_unlock(&conf->device_lock); ++ release_inactive_stripe_list(conf, &list, hash); ++ } ++ local_irq_restore(flags); ++} ++ ++static inline void remove_hash(struct stripe_head *sh) ++{ ++ pr_debug("remove_hash(), stripe %llu\n", ++ (unsigned long long)sh->sector); ++ ++ hlist_del_init(&sh->hash); ++} ++ ++static inline void insert_hash(struct r5conf *conf, struct stripe_head *sh) ++{ ++ struct hlist_head *hp = stripe_hash(conf, sh->sector); ++ ++ pr_debug("insert_hash(), stripe %llu\n", ++ (unsigned long long)sh->sector); ++ ++ hlist_add_head(&sh->hash, hp); ++} ++ ++/* find an idle stripe, make sure it is unhashed, and return it. */ ++static struct stripe_head *get_free_stripe(struct r5conf *conf, int hash) ++{ ++ struct stripe_head *sh = NULL; ++ struct list_head *first; ++ ++ if (list_empty(conf->inactive_list + hash)) ++ goto out; ++ first = (conf->inactive_list + hash)->next; ++ sh = list_entry(first, struct stripe_head, lru); ++ list_del_init(first); ++ remove_hash(sh); ++ atomic_inc(&conf->active_stripes); ++ BUG_ON(hash != sh->hash_lock_index); ++ if (list_empty(conf->inactive_list + hash)) ++ atomic_inc(&conf->empty_inactive_list_nr); ++out: ++ return sh; ++} ++ ++static void shrink_buffers(struct stripe_head *sh) ++{ ++ struct page *p; ++ int i; ++ int num = sh->raid_conf->pool_size; ++ ++ for (i = 0; i < num ; i++) { ++ WARN_ON(sh->dev[i].page != sh->dev[i].orig_page); ++ p = sh->dev[i].page; ++ if (!p) ++ continue; ++ sh->dev[i].page = NULL; ++ put_page(p); ++ } ++} ++ ++static int grow_buffers(struct stripe_head *sh) ++{ ++ int i; ++ int num = sh->raid_conf->pool_size; ++ ++ for (i = 0; i < num; i++) { ++ struct page *page; ++ ++ if (!(page = alloc_page(GFP_KERNEL))) { ++ return 1; ++ } ++ sh->dev[i].page = page; ++ sh->dev[i].orig_page = page; ++ } ++ return 0; ++} ++ ++static void raid5_build_block(struct stripe_head *sh, int i, int previous); ++static void stripe_set_idx(sector_t stripe, struct r5conf *conf, int previous, ++ struct stripe_head *sh); ++ ++static void init_stripe(struct stripe_head *sh, sector_t sector, int previous) ++{ ++ struct r5conf *conf = sh->raid_conf; ++ int i, seq; ++ ++ BUG_ON(atomic_read(&sh->count) != 0); ++ BUG_ON(test_bit(STRIPE_HANDLE, &sh->state)); ++ BUG_ON(stripe_operations_active(sh)); ++ ++ pr_debug("init_stripe called, stripe %llu\n", ++ (unsigned long long)sector); ++retry: ++ seq = read_seqcount_begin(&conf->gen_lock); ++ sh->generation = conf->generation - previous; ++ sh->disks = previous ? conf->previous_raid_disks : conf->raid_disks; ++ sh->sector = sector; ++ stripe_set_idx(sector, conf, previous, sh); ++ sh->state = 0; ++ ++ for (i = sh->disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ ++ if (dev->toread || dev->read || dev->towrite || dev->written || ++ test_bit(R5_LOCKED, &dev->flags)) { ++ printk(KERN_ERR "sector=%llx i=%d %p %p %p %p %d\n", ++ (unsigned long long)sh->sector, i, dev->toread, ++ dev->read, dev->towrite, dev->written, ++ test_bit(R5_LOCKED, &dev->flags)); ++ WARN_ON(1); ++ } ++ dev->flags = 0; ++ raid5_build_block(sh, i, previous); ++ } ++ if (read_seqcount_retry(&conf->gen_lock, seq)) ++ goto retry; ++ insert_hash(conf, sh); ++ sh->cpu = smp_processor_id(); ++} ++ ++static struct stripe_head *__find_stripe(struct r5conf *conf, sector_t sector, ++ short generation) ++{ ++ struct stripe_head *sh; ++ ++ pr_debug("__find_stripe, sector %llu\n", (unsigned long long)sector); ++ hlist_for_each_entry(sh, stripe_hash(conf, sector), hash) ++ if (sh->sector == sector && sh->generation == generation) ++ return sh; ++ pr_debug("__stripe %llu not in cache\n", (unsigned long long)sector); ++ return NULL; ++} ++ ++/* ++ * Need to check if array has failed when deciding whether to: ++ * - start an array ++ * - remove non-faulty devices ++ * - add a spare ++ * - allow a reshape ++ * This determination is simple when no reshape is happening. ++ * However if there is a reshape, we need to carefully check ++ * both the before and after sections. ++ * This is because some failed devices may only affect one ++ * of the two sections, and some non-in_sync devices may ++ * be insync in the section most affected by failed devices. ++ */ ++static int calc_degraded(struct r5conf *conf) ++{ ++ int degraded, degraded2; ++ int i; ++ ++ rcu_read_lock(); ++ degraded = 0; ++ for (i = 0; i < conf->previous_raid_disks; i++) { ++ struct md_rdev *rdev = rcu_dereference(conf->disks[i].rdev); ++ if (rdev && test_bit(Faulty, &rdev->flags)) ++ rdev = rcu_dereference(conf->disks[i].replacement); ++ if (!rdev || test_bit(Faulty, &rdev->flags)) ++ degraded++; ++ else if (test_bit(In_sync, &rdev->flags)) ++ ; ++ else ++ /* not in-sync or faulty. ++ * If the reshape increases the number of devices, ++ * this is being recovered by the reshape, so ++ * this 'previous' section is not in_sync. ++ * If the number of devices is being reduced however, ++ * the device can only be part of the array if ++ * we are reverting a reshape, so this section will ++ * be in-sync. ++ */ ++ if (conf->raid_disks >= conf->previous_raid_disks) ++ degraded++; ++ } ++ rcu_read_unlock(); ++ if (conf->raid_disks == conf->previous_raid_disks) ++ return degraded; ++ rcu_read_lock(); ++ degraded2 = 0; ++ for (i = 0; i < conf->raid_disks; i++) { ++ struct md_rdev *rdev = rcu_dereference(conf->disks[i].rdev); ++ if (rdev && test_bit(Faulty, &rdev->flags)) ++ rdev = rcu_dereference(conf->disks[i].replacement); ++ if (!rdev || test_bit(Faulty, &rdev->flags)) ++ degraded2++; ++ else if (test_bit(In_sync, &rdev->flags)) ++ ; ++ else ++ /* not in-sync or faulty. ++ * If reshape increases the number of devices, this ++ * section has already been recovered, else it ++ * almost certainly hasn't. ++ */ ++ if (conf->raid_disks <= conf->previous_raid_disks) ++ degraded2++; ++ } ++ rcu_read_unlock(); ++ if (degraded2 > degraded) ++ return degraded2; ++ return degraded; ++} ++ ++static int has_failed(struct r5conf *conf) ++{ ++ int degraded; ++ ++ if (conf->mddev->reshape_position == MaxSector) ++ return conf->mddev->degraded > conf->max_degraded; ++ ++ degraded = calc_degraded(conf); ++ if (degraded > conf->max_degraded) ++ return 1; ++ return 0; ++} ++ ++static struct stripe_head * ++get_active_stripe(struct r5conf *conf, sector_t sector, ++ int previous, int noblock, int noquiesce) ++{ ++ struct stripe_head *sh; ++ int hash = stripe_hash_locks_hash(sector); ++ ++ pr_debug("get_stripe, sector %llu\n", (unsigned long long)sector); ++ ++ spin_lock_irq(conf->hash_locks + hash); ++ ++ do { ++ wait_event_lock_irq(conf->wait_for_stripe, ++ conf->quiesce == 0 || noquiesce, ++ *(conf->hash_locks + hash)); ++ sh = __find_stripe(conf, sector, conf->generation - previous); ++ if (!sh) { ++ if (!conf->inactive_blocked) ++ sh = get_free_stripe(conf, hash); ++ if (noblock && sh == NULL) ++ break; ++ if (!sh) { ++ conf->inactive_blocked = 1; ++ wait_event_lock_irq( ++ conf->wait_for_stripe, ++ !list_empty(conf->inactive_list + hash) && ++ (atomic_read(&conf->active_stripes) ++ < (conf->max_nr_stripes * 3 / 4) ++ || !conf->inactive_blocked), ++ *(conf->hash_locks + hash)); ++ conf->inactive_blocked = 0; ++ } else { ++ init_stripe(sh, sector, previous); ++ atomic_inc(&sh->count); ++ } ++ } else if (!atomic_inc_not_zero(&sh->count)) { ++ spin_lock(&conf->device_lock); ++ if (!atomic_read(&sh->count)) { ++ if (!test_bit(STRIPE_HANDLE, &sh->state)) ++ atomic_inc(&conf->active_stripes); ++ BUG_ON(list_empty(&sh->lru) && ++ !test_bit(STRIPE_EXPANDING, &sh->state)); ++ list_del_init(&sh->lru); ++ if (sh->group) { ++ sh->group->stripes_cnt--; ++ sh->group = NULL; ++ } ++ } ++ atomic_inc(&sh->count); ++ spin_unlock(&conf->device_lock); ++ } ++ } while (sh == NULL); ++ ++ spin_unlock_irq(conf->hash_locks + hash); ++ return sh; ++} ++ ++/* Determine if 'data_offset' or 'new_data_offset' should be used ++ * in this stripe_head. ++ */ ++static int use_new_offset(struct r5conf *conf, struct stripe_head *sh) ++{ ++ sector_t progress = conf->reshape_progress; ++ /* Need a memory barrier to make sure we see the value ++ * of conf->generation, or ->data_offset that was set before ++ * reshape_progress was updated. ++ */ ++ smp_rmb(); ++ if (progress == MaxSector) ++ return 0; ++ if (sh->generation == conf->generation - 1) ++ return 0; ++ /* We are in a reshape, and this is a new-generation stripe, ++ * so use new_data_offset. ++ */ ++ return 1; ++} ++ ++static void ++raid5_end_read_request(struct bio *bi, int error); ++static void ++raid5_end_write_request(struct bio *bi, int error); ++ ++static void ops_run_io(struct stripe_head *sh, struct stripe_head_state *s) ++{ ++ struct r5conf *conf = sh->raid_conf; ++ int i, disks = sh->disks; ++ ++ might_sleep(); ++ ++ for (i = disks; i--; ) { ++ int rw; ++ int replace_only = 0; ++ struct bio *bi, *rbi; ++ struct md_rdev *rdev, *rrdev = NULL; ++ if (test_and_clear_bit(R5_Wantwrite, &sh->dev[i].flags)) { ++ if (test_and_clear_bit(R5_WantFUA, &sh->dev[i].flags)) ++ rw = WRITE_FUA; ++ else ++ rw = WRITE; ++ if (test_bit(R5_Discard, &sh->dev[i].flags)) ++ rw |= REQ_DISCARD; ++ } else if (test_and_clear_bit(R5_Wantread, &sh->dev[i].flags)) ++ rw = READ; ++ else if (test_and_clear_bit(R5_WantReplace, ++ &sh->dev[i].flags)) { ++ rw = WRITE; ++ replace_only = 1; ++ } else ++ continue; ++ if (test_and_clear_bit(R5_SyncIO, &sh->dev[i].flags)) ++ rw |= REQ_SYNC; ++ ++ bi = &sh->dev[i].req; ++ rbi = &sh->dev[i].rreq; /* For writing to replacement */ ++ ++ rcu_read_lock(); ++ rrdev = rcu_dereference(conf->disks[i].replacement); ++ smp_mb(); /* Ensure that if rrdev is NULL, rdev won't be */ ++ rdev = rcu_dereference(conf->disks[i].rdev); ++ if (!rdev) { ++ rdev = rrdev; ++ rrdev = NULL; ++ } ++ if (rw & WRITE) { ++ if (replace_only) ++ rdev = NULL; ++ if (rdev == rrdev) ++ /* We raced and saw duplicates */ ++ rrdev = NULL; ++ } else { ++ if (test_bit(R5_ReadRepl, &sh->dev[i].flags) && rrdev) ++ rdev = rrdev; ++ rrdev = NULL; ++ } ++ ++ if (rdev && test_bit(Faulty, &rdev->flags)) ++ rdev = NULL; ++ if (rdev) ++ atomic_inc(&rdev->nr_pending); ++ if (rrdev && test_bit(Faulty, &rrdev->flags)) ++ rrdev = NULL; ++ if (rrdev) ++ atomic_inc(&rrdev->nr_pending); ++ rcu_read_unlock(); ++ ++ /* We have already checked bad blocks for reads. Now ++ * need to check for writes. We never accept write errors ++ * on the replacement, so we don't to check rrdev. ++ */ ++ while ((rw & WRITE) && rdev && ++ test_bit(WriteErrorSeen, &rdev->flags)) { ++ sector_t first_bad; ++ int bad_sectors; ++ int bad = is_badblock(rdev, sh->sector, STRIPE_SECTORS, ++ &first_bad, &bad_sectors); ++ if (!bad) ++ break; ++ ++ if (bad < 0) { ++ set_bit(BlockedBadBlocks, &rdev->flags); ++ if (!conf->mddev->external && ++ conf->mddev->flags) { ++ /* It is very unlikely, but we might ++ * still need to write out the ++ * bad block log - better give it ++ * a chance*/ ++ md_check_recovery(conf->mddev); ++ } ++ /* ++ * Because md_wait_for_blocked_rdev ++ * will dec nr_pending, we must ++ * increment it first. ++ */ ++ atomic_inc(&rdev->nr_pending); ++ md_wait_for_blocked_rdev(rdev, conf->mddev); ++ } else { ++ /* Acknowledged bad block - skip the write */ ++ rdev_dec_pending(rdev, conf->mddev); ++ rdev = NULL; ++ } ++ } ++ ++ if (rdev) { ++ if (s->syncing || s->expanding || s->expanded ++ || s->replacing) ++ md_sync_acct(rdev->bdev, STRIPE_SECTORS); ++ ++ set_bit(STRIPE_IO_STARTED, &sh->state); ++ ++ bio_reset(bi); ++ bi->bi_bdev = rdev->bdev; ++ bi->bi_rw = rw; ++ bi->bi_end_io = (rw & WRITE) ++ ? raid5_end_write_request ++ : raid5_end_read_request; ++ bi->bi_private = sh; ++ ++ pr_debug("%s: for %llu schedule op %ld on disc %d\n", ++ __func__, (unsigned long long)sh->sector, ++ bi->bi_rw, i); ++ atomic_inc(&sh->count); ++ if (use_new_offset(conf, sh)) ++ bi->bi_iter.bi_sector = (sh->sector ++ + rdev->new_data_offset); ++ else ++ bi->bi_iter.bi_sector = (sh->sector ++ + rdev->data_offset); ++ if (test_bit(R5_ReadNoMerge, &sh->dev[i].flags)) ++ bi->bi_rw |= REQ_NOMERGE; ++ ++ if (test_bit(R5_SkipCopy, &sh->dev[i].flags)) ++ WARN_ON(test_bit(R5_UPTODATE, &sh->dev[i].flags)); ++ sh->dev[i].vec.bv_page = sh->dev[i].page; ++ bi->bi_vcnt = 1; ++ bi->bi_io_vec[0].bv_len = STRIPE_SIZE; ++ bi->bi_io_vec[0].bv_offset = 0; ++ bi->bi_iter.bi_size = STRIPE_SIZE; ++ /* ++ * If this is discard request, set bi_vcnt 0. We don't ++ * want to confuse SCSI because SCSI will replace payload ++ */ ++ if (rw & REQ_DISCARD) ++ bi->bi_vcnt = 0; ++ if (rrdev) ++ set_bit(R5_DOUBLE_LOCKED, &sh->dev[i].flags); ++ ++ if (conf->mddev->gendisk) ++ trace_block_bio_remap(bdev_get_queue(bi->bi_bdev), ++ bi, disk_devt(conf->mddev->gendisk), ++ sh->dev[i].sector); ++ generic_make_request(bi); ++ } ++ if (rrdev) { ++ if (s->syncing || s->expanding || s->expanded ++ || s->replacing) ++ md_sync_acct(rrdev->bdev, STRIPE_SECTORS); ++ ++ set_bit(STRIPE_IO_STARTED, &sh->state); ++ ++ bio_reset(rbi); ++ rbi->bi_bdev = rrdev->bdev; ++ rbi->bi_rw = rw; ++ BUG_ON(!(rw & WRITE)); ++ rbi->bi_end_io = raid5_end_write_request; ++ rbi->bi_private = sh; ++ ++ pr_debug("%s: for %llu schedule op %ld on " ++ "replacement disc %d\n", ++ __func__, (unsigned long long)sh->sector, ++ rbi->bi_rw, i); ++ atomic_inc(&sh->count); ++ if (use_new_offset(conf, sh)) ++ rbi->bi_iter.bi_sector = (sh->sector ++ + rrdev->new_data_offset); ++ else ++ rbi->bi_iter.bi_sector = (sh->sector ++ + rrdev->data_offset); ++ if (test_bit(R5_SkipCopy, &sh->dev[i].flags)) ++ WARN_ON(test_bit(R5_UPTODATE, &sh->dev[i].flags)); ++ sh->dev[i].rvec.bv_page = sh->dev[i].page; ++ rbi->bi_vcnt = 1; ++ rbi->bi_io_vec[0].bv_len = STRIPE_SIZE; ++ rbi->bi_io_vec[0].bv_offset = 0; ++ rbi->bi_iter.bi_size = STRIPE_SIZE; ++ /* ++ * If this is discard request, set bi_vcnt 0. We don't ++ * want to confuse SCSI because SCSI will replace payload ++ */ ++ if (rw & REQ_DISCARD) ++ rbi->bi_vcnt = 0; ++ if (conf->mddev->gendisk) ++ trace_block_bio_remap(bdev_get_queue(rbi->bi_bdev), ++ rbi, disk_devt(conf->mddev->gendisk), ++ sh->dev[i].sector); ++ generic_make_request(rbi); ++ } ++ if (!rdev && !rrdev) { ++ if (rw & WRITE) ++ set_bit(STRIPE_DEGRADED, &sh->state); ++ pr_debug("skip op %ld on disc %d for sector %llu\n", ++ bi->bi_rw, i, (unsigned long long)sh->sector); ++ clear_bit(R5_LOCKED, &sh->dev[i].flags); ++ set_bit(STRIPE_HANDLE, &sh->state); ++ } ++ } ++} ++ ++static struct dma_async_tx_descriptor * ++async_copy_data(int frombio, struct bio *bio, struct page **page, ++ sector_t sector, struct dma_async_tx_descriptor *tx, ++ struct stripe_head *sh) ++{ ++ struct bio_vec bvl; ++ struct bvec_iter iter; ++ struct page *bio_page; ++ int page_offset; ++ struct async_submit_ctl submit; ++ enum async_tx_flags flags = 0; ++ ++ if (bio->bi_iter.bi_sector >= sector) ++ page_offset = (signed)(bio->bi_iter.bi_sector - sector) * 512; ++ else ++ page_offset = (signed)(sector - bio->bi_iter.bi_sector) * -512; ++ ++ if (frombio) ++ flags |= ASYNC_TX_FENCE; ++ init_async_submit(&submit, flags, tx, NULL, NULL, NULL); ++ ++ bio_for_each_segment(bvl, bio, iter) { ++ int len = bvl.bv_len; ++ int clen; ++ int b_offset = 0; ++ ++ if (page_offset < 0) { ++ b_offset = -page_offset; ++ page_offset += b_offset; ++ len -= b_offset; ++ } ++ ++ if (len > 0 && page_offset + len > STRIPE_SIZE) ++ clen = STRIPE_SIZE - page_offset; ++ else ++ clen = len; ++ ++ if (clen > 0) { ++ b_offset += bvl.bv_offset; ++ bio_page = bvl.bv_page; ++ if (frombio) { ++ if (sh->raid_conf->skip_copy && ++ b_offset == 0 && page_offset == 0 && ++ clen == STRIPE_SIZE) ++ *page = bio_page; ++ else ++ tx = async_memcpy(*page, bio_page, page_offset, ++ b_offset, clen, &submit); ++ } else ++ tx = async_memcpy(bio_page, *page, b_offset, ++ page_offset, clen, &submit); ++ } ++ /* chain the operations */ ++ submit.depend_tx = tx; ++ ++ if (clen < len) /* hit end of page */ ++ break; ++ page_offset += len; ++ } ++ ++ return tx; ++} ++ ++static void ops_complete_biofill(void *stripe_head_ref) ++{ ++ struct stripe_head *sh = stripe_head_ref; ++ struct bio *return_bi = NULL; ++ int i; ++ ++ pr_debug("%s: stripe %llu\n", __func__, ++ (unsigned long long)sh->sector); ++ ++ /* clear completed biofills */ ++ for (i = sh->disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ ++ /* acknowledge completion of a biofill operation */ ++ /* and check if we need to reply to a read request, ++ * new R5_Wantfill requests are held off until ++ * !STRIPE_BIOFILL_RUN ++ */ ++ if (test_and_clear_bit(R5_Wantfill, &dev->flags)) { ++ struct bio *rbi, *rbi2; ++ ++ BUG_ON(!dev->read); ++ rbi = dev->read; ++ dev->read = NULL; ++ while (rbi && rbi->bi_iter.bi_sector < ++ dev->sector + STRIPE_SECTORS) { ++ rbi2 = r5_next_bio(rbi, dev->sector); ++ if (!raid5_dec_bi_active_stripes(rbi)) { ++ rbi->bi_next = return_bi; ++ return_bi = rbi; ++ } ++ rbi = rbi2; ++ } ++ } ++ } ++ clear_bit(STRIPE_BIOFILL_RUN, &sh->state); ++ ++ return_io(return_bi); ++ ++ set_bit(STRIPE_HANDLE, &sh->state); ++ release_stripe(sh); ++} ++ ++static void ops_run_biofill(struct stripe_head *sh) ++{ ++ struct dma_async_tx_descriptor *tx = NULL; ++ struct async_submit_ctl submit; ++ int i; ++ ++ pr_debug("%s: stripe %llu\n", __func__, ++ (unsigned long long)sh->sector); ++ ++ for (i = sh->disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ if (test_bit(R5_Wantfill, &dev->flags)) { ++ struct bio *rbi; ++ spin_lock_irq(&sh->stripe_lock); ++ dev->read = rbi = dev->toread; ++ dev->toread = NULL; ++ spin_unlock_irq(&sh->stripe_lock); ++ while (rbi && rbi->bi_iter.bi_sector < ++ dev->sector + STRIPE_SECTORS) { ++ tx = async_copy_data(0, rbi, &dev->page, ++ dev->sector, tx, sh); ++ rbi = r5_next_bio(rbi, dev->sector); ++ } ++ } ++ } ++ ++ atomic_inc(&sh->count); ++ init_async_submit(&submit, ASYNC_TX_ACK, tx, ops_complete_biofill, sh, NULL); ++ async_trigger_callback(&submit); ++} ++ ++static void mark_target_uptodate(struct stripe_head *sh, int target) ++{ ++ struct r5dev *tgt; ++ ++ if (target < 0) ++ return; ++ ++ tgt = &sh->dev[target]; ++ set_bit(R5_UPTODATE, &tgt->flags); ++ BUG_ON(!test_bit(R5_Wantcompute, &tgt->flags)); ++ clear_bit(R5_Wantcompute, &tgt->flags); ++} ++ ++static void ops_complete_compute(void *stripe_head_ref) ++{ ++ struct stripe_head *sh = stripe_head_ref; ++ ++ pr_debug("%s: stripe %llu\n", __func__, ++ (unsigned long long)sh->sector); ++ ++ /* mark the computed target(s) as uptodate */ ++ mark_target_uptodate(sh, sh->ops.target); ++ mark_target_uptodate(sh, sh->ops.target2); ++ ++ clear_bit(STRIPE_COMPUTE_RUN, &sh->state); ++ if (sh->check_state == check_state_compute_run) ++ sh->check_state = check_state_compute_result; ++ set_bit(STRIPE_HANDLE, &sh->state); ++ release_stripe(sh); ++} ++ ++/* return a pointer to the address conversion region of the scribble buffer */ ++static addr_conv_t *to_addr_conv(struct stripe_head *sh, ++ struct raid5_percpu *percpu) ++{ ++ return percpu->scribble + sizeof(struct page *) * (sh->disks + 2); ++} ++ ++static struct dma_async_tx_descriptor * ++ops_run_compute5(struct stripe_head *sh, struct raid5_percpu *percpu) ++{ ++ int disks = sh->disks; ++ struct page **xor_srcs = percpu->scribble; ++ int target = sh->ops.target; ++ struct r5dev *tgt = &sh->dev[target]; ++ struct page *xor_dest = tgt->page; ++ int count = 0; ++ struct dma_async_tx_descriptor *tx; ++ struct async_submit_ctl submit; ++ int i; ++ ++ pr_debug("%s: stripe %llu block: %d\n", ++ __func__, (unsigned long long)sh->sector, target); ++ BUG_ON(!test_bit(R5_Wantcompute, &tgt->flags)); ++ ++ for (i = disks; i--; ) ++ if (i != target) ++ xor_srcs[count++] = sh->dev[i].page; ++ ++ atomic_inc(&sh->count); ++ ++ init_async_submit(&submit, ASYNC_TX_FENCE|ASYNC_TX_XOR_ZERO_DST, NULL, ++ ops_complete_compute, sh, to_addr_conv(sh, percpu)); ++ if (unlikely(count == 1)) ++ tx = async_memcpy(xor_dest, xor_srcs[0], 0, 0, STRIPE_SIZE, &submit); ++ else ++ tx = async_xor(xor_dest, xor_srcs, 0, count, STRIPE_SIZE, &submit); ++ ++ return tx; ++} ++ ++/* set_syndrome_sources - populate source buffers for gen_syndrome ++ * @srcs - (struct page *) array of size sh->disks ++ * @sh - stripe_head to parse ++ * ++ * Populates srcs in proper layout order for the stripe and returns the ++ * 'count' of sources to be used in a call to async_gen_syndrome. The P ++ * destination buffer is recorded in srcs[count] and the Q destination ++ * is recorded in srcs[count+1]]. ++ */ ++static int set_syndrome_sources(struct page **srcs, struct stripe_head *sh) ++{ ++ int disks = sh->disks; ++ int syndrome_disks = sh->ddf_layout ? disks : (disks - 2); ++ int d0_idx = raid6_d0(sh); ++ int count; ++ int i; ++ ++ for (i = 0; i < disks; i++) ++ srcs[i] = NULL; ++ ++ count = 0; ++ i = d0_idx; ++ do { ++ int slot = raid6_idx_to_slot(i, sh, &count, syndrome_disks); ++ ++ srcs[slot] = sh->dev[i].page; ++ i = raid6_next_disk(i, disks); ++ } while (i != d0_idx); ++ ++ return syndrome_disks; ++} ++ ++static struct dma_async_tx_descriptor * ++ops_run_compute6_1(struct stripe_head *sh, struct raid5_percpu *percpu) ++{ ++ int disks = sh->disks; ++ struct page **blocks = percpu->scribble; ++ int target; ++ int qd_idx = sh->qd_idx; ++ struct dma_async_tx_descriptor *tx; ++ struct async_submit_ctl submit; ++ struct r5dev *tgt; ++ struct page *dest; ++ int i; ++ int count; ++ ++ if (sh->ops.target < 0) ++ target = sh->ops.target2; ++ else if (sh->ops.target2 < 0) ++ target = sh->ops.target; ++ else ++ /* we should only have one valid target */ ++ BUG(); ++ BUG_ON(target < 0); ++ pr_debug("%s: stripe %llu block: %d\n", ++ __func__, (unsigned long long)sh->sector, target); ++ ++ tgt = &sh->dev[target]; ++ BUG_ON(!test_bit(R5_Wantcompute, &tgt->flags)); ++ dest = tgt->page; ++ ++ atomic_inc(&sh->count); ++ ++ if (target == qd_idx) { ++ count = set_syndrome_sources(blocks, sh); ++ blocks[count] = NULL; /* regenerating p is not necessary */ ++ BUG_ON(blocks[count+1] != dest); /* q should already be set */ ++ init_async_submit(&submit, ASYNC_TX_FENCE, NULL, ++ ops_complete_compute, sh, ++ to_addr_conv(sh, percpu)); ++ tx = async_gen_syndrome(blocks, 0, count+2, STRIPE_SIZE, &submit); ++ } else { ++ /* Compute any data- or p-drive using XOR */ ++ count = 0; ++ for (i = disks; i-- ; ) { ++ if (i == target || i == qd_idx) ++ continue; ++ blocks[count++] = sh->dev[i].page; ++ } ++ ++ init_async_submit(&submit, ASYNC_TX_FENCE|ASYNC_TX_XOR_ZERO_DST, ++ NULL, ops_complete_compute, sh, ++ to_addr_conv(sh, percpu)); ++ tx = async_xor(dest, blocks, 0, count, STRIPE_SIZE, &submit); ++ } ++ ++ return tx; ++} ++ ++static struct dma_async_tx_descriptor * ++ops_run_compute6_2(struct stripe_head *sh, struct raid5_percpu *percpu) ++{ ++ int i, count, disks = sh->disks; ++ int syndrome_disks = sh->ddf_layout ? disks : disks-2; ++ int d0_idx = raid6_d0(sh); ++ int faila = -1, failb = -1; ++ int target = sh->ops.target; ++ int target2 = sh->ops.target2; ++ struct r5dev *tgt = &sh->dev[target]; ++ struct r5dev *tgt2 = &sh->dev[target2]; ++ struct dma_async_tx_descriptor *tx; ++ struct page **blocks = percpu->scribble; ++ struct async_submit_ctl submit; ++ ++ pr_debug("%s: stripe %llu block1: %d block2: %d\n", ++ __func__, (unsigned long long)sh->sector, target, target2); ++ BUG_ON(target < 0 || target2 < 0); ++ BUG_ON(!test_bit(R5_Wantcompute, &tgt->flags)); ++ BUG_ON(!test_bit(R5_Wantcompute, &tgt2->flags)); ++ ++ /* we need to open-code set_syndrome_sources to handle the ++ * slot number conversion for 'faila' and 'failb' ++ */ ++ for (i = 0; i < disks ; i++) ++ blocks[i] = NULL; ++ count = 0; ++ i = d0_idx; ++ do { ++ int slot = raid6_idx_to_slot(i, sh, &count, syndrome_disks); ++ ++ blocks[slot] = sh->dev[i].page; ++ ++ if (i == target) ++ faila = slot; ++ if (i == target2) ++ failb = slot; ++ i = raid6_next_disk(i, disks); ++ } while (i != d0_idx); ++ ++ BUG_ON(faila == failb); ++ if (failb < faila) ++ swap(faila, failb); ++ pr_debug("%s: stripe: %llu faila: %d failb: %d\n", ++ __func__, (unsigned long long)sh->sector, faila, failb); ++ ++ atomic_inc(&sh->count); ++ ++ if (failb == syndrome_disks+1) { ++ /* Q disk is one of the missing disks */ ++ if (faila == syndrome_disks) { ++ /* Missing P+Q, just recompute */ ++ init_async_submit(&submit, ASYNC_TX_FENCE, NULL, ++ ops_complete_compute, sh, ++ to_addr_conv(sh, percpu)); ++ return async_gen_syndrome(blocks, 0, syndrome_disks+2, ++ STRIPE_SIZE, &submit); ++ } else { ++ struct page *dest; ++ int data_target; ++ int qd_idx = sh->qd_idx; ++ ++ /* Missing D+Q: recompute D from P, then recompute Q */ ++ if (target == qd_idx) ++ data_target = target2; ++ else ++ data_target = target; ++ ++ count = 0; ++ for (i = disks; i-- ; ) { ++ if (i == data_target || i == qd_idx) ++ continue; ++ blocks[count++] = sh->dev[i].page; ++ } ++ dest = sh->dev[data_target].page; ++ init_async_submit(&submit, ++ ASYNC_TX_FENCE|ASYNC_TX_XOR_ZERO_DST, ++ NULL, NULL, NULL, ++ to_addr_conv(sh, percpu)); ++ tx = async_xor(dest, blocks, 0, count, STRIPE_SIZE, ++ &submit); ++ ++ count = set_syndrome_sources(blocks, sh); ++ init_async_submit(&submit, ASYNC_TX_FENCE, tx, ++ ops_complete_compute, sh, ++ to_addr_conv(sh, percpu)); ++ return async_gen_syndrome(blocks, 0, count+2, ++ STRIPE_SIZE, &submit); ++ } ++ } else { ++ init_async_submit(&submit, ASYNC_TX_FENCE, NULL, ++ ops_complete_compute, sh, ++ to_addr_conv(sh, percpu)); ++ if (failb == syndrome_disks) { ++ /* We're missing D+P. */ ++ return async_raid6_datap_recov(syndrome_disks+2, ++ STRIPE_SIZE, faila, ++ blocks, &submit); ++ } else { ++ /* We're missing D+D. */ ++ return async_raid6_2data_recov(syndrome_disks+2, ++ STRIPE_SIZE, faila, failb, ++ blocks, &submit); ++ } ++ } ++} ++ ++static void ops_complete_prexor(void *stripe_head_ref) ++{ ++ struct stripe_head *sh = stripe_head_ref; ++ ++ pr_debug("%s: stripe %llu\n", __func__, ++ (unsigned long long)sh->sector); ++} ++ ++static struct dma_async_tx_descriptor * ++ops_run_prexor(struct stripe_head *sh, struct raid5_percpu *percpu, ++ struct dma_async_tx_descriptor *tx) ++{ ++ int disks = sh->disks; ++ struct page **xor_srcs = percpu->scribble; ++ int count = 0, pd_idx = sh->pd_idx, i; ++ struct async_submit_ctl submit; ++ ++ /* existing parity data subtracted */ ++ struct page *xor_dest = xor_srcs[count++] = sh->dev[pd_idx].page; ++ ++ pr_debug("%s: stripe %llu\n", __func__, ++ (unsigned long long)sh->sector); ++ ++ for (i = disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ /* Only process blocks that are known to be uptodate */ ++ if (test_bit(R5_Wantdrain, &dev->flags)) ++ xor_srcs[count++] = dev->page; ++ } ++ ++ init_async_submit(&submit, ASYNC_TX_FENCE|ASYNC_TX_XOR_DROP_DST, tx, ++ ops_complete_prexor, sh, to_addr_conv(sh, percpu)); ++ tx = async_xor(xor_dest, xor_srcs, 0, count, STRIPE_SIZE, &submit); ++ ++ return tx; ++} ++ ++static struct dma_async_tx_descriptor * ++ops_run_biodrain(struct stripe_head *sh, struct dma_async_tx_descriptor *tx) ++{ ++ int disks = sh->disks; ++ int i; ++ ++ pr_debug("%s: stripe %llu\n", __func__, ++ (unsigned long long)sh->sector); ++ ++ for (i = disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ struct bio *chosen; ++ ++ if (test_and_clear_bit(R5_Wantdrain, &dev->flags)) { ++ struct bio *wbi; ++ ++ spin_lock_irq(&sh->stripe_lock); ++ chosen = dev->towrite; ++ dev->towrite = NULL; ++ BUG_ON(dev->written); ++ wbi = dev->written = chosen; ++ spin_unlock_irq(&sh->stripe_lock); ++ WARN_ON(dev->page != dev->orig_page); ++ ++ while (wbi && wbi->bi_iter.bi_sector < ++ dev->sector + STRIPE_SECTORS) { ++ if (wbi->bi_rw & REQ_FUA) ++ set_bit(R5_WantFUA, &dev->flags); ++ if (wbi->bi_rw & REQ_SYNC) ++ set_bit(R5_SyncIO, &dev->flags); ++ if (wbi->bi_rw & REQ_DISCARD) ++ set_bit(R5_Discard, &dev->flags); ++ else { ++ tx = async_copy_data(1, wbi, &dev->page, ++ dev->sector, tx, sh); ++ if (dev->page != dev->orig_page) { ++ set_bit(R5_SkipCopy, &dev->flags); ++ clear_bit(R5_UPTODATE, &dev->flags); ++ clear_bit(R5_OVERWRITE, &dev->flags); ++ } ++ } ++ wbi = r5_next_bio(wbi, dev->sector); ++ } ++ } ++ } ++ ++ return tx; ++} ++ ++static void ops_complete_reconstruct(void *stripe_head_ref) ++{ ++ struct stripe_head *sh = stripe_head_ref; ++ int disks = sh->disks; ++ int pd_idx = sh->pd_idx; ++ int qd_idx = sh->qd_idx; ++ int i; ++ bool fua = false, sync = false, discard = false; ++ ++ pr_debug("%s: stripe %llu\n", __func__, ++ (unsigned long long)sh->sector); ++ ++ for (i = disks; i--; ) { ++ fua |= test_bit(R5_WantFUA, &sh->dev[i].flags); ++ sync |= test_bit(R5_SyncIO, &sh->dev[i].flags); ++ discard |= test_bit(R5_Discard, &sh->dev[i].flags); ++ } ++ ++ for (i = disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ ++ if (dev->written || i == pd_idx || i == qd_idx) { ++ if (!discard && !test_bit(R5_SkipCopy, &dev->flags)) ++ set_bit(R5_UPTODATE, &dev->flags); ++ if (fua) ++ set_bit(R5_WantFUA, &dev->flags); ++ if (sync) ++ set_bit(R5_SyncIO, &dev->flags); ++ } ++ } ++ ++ if (sh->reconstruct_state == reconstruct_state_drain_run) ++ sh->reconstruct_state = reconstruct_state_drain_result; ++ else if (sh->reconstruct_state == reconstruct_state_prexor_drain_run) ++ sh->reconstruct_state = reconstruct_state_prexor_drain_result; ++ else { ++ BUG_ON(sh->reconstruct_state != reconstruct_state_run); ++ sh->reconstruct_state = reconstruct_state_result; ++ } ++ ++ set_bit(STRIPE_HANDLE, &sh->state); ++ release_stripe(sh); ++} ++ ++static void ++ops_run_reconstruct5(struct stripe_head *sh, struct raid5_percpu *percpu, ++ struct dma_async_tx_descriptor *tx) ++{ ++ int disks = sh->disks; ++ struct page **xor_srcs = percpu->scribble; ++ struct async_submit_ctl submit; ++ int count = 0, pd_idx = sh->pd_idx, i; ++ struct page *xor_dest; ++ int prexor = 0; ++ unsigned long flags; ++ ++ pr_debug("%s: stripe %llu\n", __func__, ++ (unsigned long long)sh->sector); ++ ++ for (i = 0; i < sh->disks; i++) { ++ if (pd_idx == i) ++ continue; ++ if (!test_bit(R5_Discard, &sh->dev[i].flags)) ++ break; ++ } ++ if (i >= sh->disks) { ++ atomic_inc(&sh->count); ++ set_bit(R5_Discard, &sh->dev[pd_idx].flags); ++ ops_complete_reconstruct(sh); ++ return; ++ } ++ /* check if prexor is active which means only process blocks ++ * that are part of a read-modify-write (written) ++ */ ++ if (sh->reconstruct_state == reconstruct_state_prexor_drain_run) { ++ prexor = 1; ++ xor_dest = xor_srcs[count++] = sh->dev[pd_idx].page; ++ for (i = disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ if (dev->written) ++ xor_srcs[count++] = dev->page; ++ } ++ } else { ++ xor_dest = sh->dev[pd_idx].page; ++ for (i = disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ if (i != pd_idx) ++ xor_srcs[count++] = dev->page; ++ } ++ } ++ ++ /* 1/ if we prexor'd then the dest is reused as a source ++ * 2/ if we did not prexor then we are redoing the parity ++ * set ASYNC_TX_XOR_DROP_DST and ASYNC_TX_XOR_ZERO_DST ++ * for the synchronous xor case ++ */ ++ flags = ASYNC_TX_ACK | ++ (prexor ? ASYNC_TX_XOR_DROP_DST : ASYNC_TX_XOR_ZERO_DST); ++ ++ atomic_inc(&sh->count); ++ ++ init_async_submit(&submit, flags, tx, ops_complete_reconstruct, sh, ++ to_addr_conv(sh, percpu)); ++ if (unlikely(count == 1)) ++ tx = async_memcpy(xor_dest, xor_srcs[0], 0, 0, STRIPE_SIZE, &submit); ++ else ++ tx = async_xor(xor_dest, xor_srcs, 0, count, STRIPE_SIZE, &submit); ++} ++ ++static void ++ops_run_reconstruct6(struct stripe_head *sh, struct raid5_percpu *percpu, ++ struct dma_async_tx_descriptor *tx) ++{ ++ struct async_submit_ctl submit; ++ struct page **blocks = percpu->scribble; ++ int count, i; ++ ++ pr_debug("%s: stripe %llu\n", __func__, (unsigned long long)sh->sector); ++ ++ for (i = 0; i < sh->disks; i++) { ++ if (sh->pd_idx == i || sh->qd_idx == i) ++ continue; ++ if (!test_bit(R5_Discard, &sh->dev[i].flags)) ++ break; ++ } ++ if (i >= sh->disks) { ++ atomic_inc(&sh->count); ++ set_bit(R5_Discard, &sh->dev[sh->pd_idx].flags); ++ set_bit(R5_Discard, &sh->dev[sh->qd_idx].flags); ++ ops_complete_reconstruct(sh); ++ return; ++ } ++ ++ count = set_syndrome_sources(blocks, sh); ++ ++ atomic_inc(&sh->count); ++ ++ init_async_submit(&submit, ASYNC_TX_ACK, tx, ops_complete_reconstruct, ++ sh, to_addr_conv(sh, percpu)); ++ async_gen_syndrome(blocks, 0, count+2, STRIPE_SIZE, &submit); ++} ++ ++static void ops_complete_check(void *stripe_head_ref) ++{ ++ struct stripe_head *sh = stripe_head_ref; ++ ++ pr_debug("%s: stripe %llu\n", __func__, ++ (unsigned long long)sh->sector); ++ ++ sh->check_state = check_state_check_result; ++ set_bit(STRIPE_HANDLE, &sh->state); ++ release_stripe(sh); ++} ++ ++static void ops_run_check_p(struct stripe_head *sh, struct raid5_percpu *percpu) ++{ ++ int disks = sh->disks; ++ int pd_idx = sh->pd_idx; ++ int qd_idx = sh->qd_idx; ++ struct page *xor_dest; ++ struct page **xor_srcs = percpu->scribble; ++ struct dma_async_tx_descriptor *tx; ++ struct async_submit_ctl submit; ++ int count; ++ int i; ++ ++ pr_debug("%s: stripe %llu\n", __func__, ++ (unsigned long long)sh->sector); ++ ++ count = 0; ++ xor_dest = sh->dev[pd_idx].page; ++ xor_srcs[count++] = xor_dest; ++ for (i = disks; i--; ) { ++ if (i == pd_idx || i == qd_idx) ++ continue; ++ xor_srcs[count++] = sh->dev[i].page; ++ } ++ ++ init_async_submit(&submit, 0, NULL, NULL, NULL, ++ to_addr_conv(sh, percpu)); ++ tx = async_xor_val(xor_dest, xor_srcs, 0, count, STRIPE_SIZE, ++ &sh->ops.zero_sum_result, &submit); ++ ++ atomic_inc(&sh->count); ++ init_async_submit(&submit, ASYNC_TX_ACK, tx, ops_complete_check, sh, NULL); ++ tx = async_trigger_callback(&submit); ++} ++ ++static void ops_run_check_pq(struct stripe_head *sh, struct raid5_percpu *percpu, int checkp) ++{ ++ struct page **srcs = percpu->scribble; ++ struct async_submit_ctl submit; ++ int count; ++ ++ pr_debug("%s: stripe %llu checkp: %d\n", __func__, ++ (unsigned long long)sh->sector, checkp); ++ ++ count = set_syndrome_sources(srcs, sh); ++ if (!checkp) ++ srcs[count] = NULL; ++ ++ atomic_inc(&sh->count); ++ init_async_submit(&submit, ASYNC_TX_ACK, NULL, ops_complete_check, ++ sh, to_addr_conv(sh, percpu)); ++ async_syndrome_val(srcs, 0, count+2, STRIPE_SIZE, ++ &sh->ops.zero_sum_result, percpu->spare_page, &submit); ++} ++ ++static void raid_run_ops(struct stripe_head *sh, unsigned long ops_request) ++{ ++ int overlap_clear = 0, i, disks = sh->disks; ++ struct dma_async_tx_descriptor *tx = NULL; ++ struct r5conf *conf = sh->raid_conf; ++ int level = conf->level; ++ struct raid5_percpu *percpu; ++ unsigned long cpu; ++ ++ cpu = get_cpu(); ++ percpu = per_cpu_ptr(conf->percpu, cpu); ++ if (test_bit(STRIPE_OP_BIOFILL, &ops_request)) { ++ ops_run_biofill(sh); ++ overlap_clear++; ++ } ++ ++ if (test_bit(STRIPE_OP_COMPUTE_BLK, &ops_request)) { ++ if (level < 6) ++ tx = ops_run_compute5(sh, percpu); ++ else { ++ if (sh->ops.target2 < 0 || sh->ops.target < 0) ++ tx = ops_run_compute6_1(sh, percpu); ++ else ++ tx = ops_run_compute6_2(sh, percpu); ++ } ++ /* terminate the chain if reconstruct is not set to be run */ ++ if (tx && !test_bit(STRIPE_OP_RECONSTRUCT, &ops_request)) ++ async_tx_ack(tx); ++ } ++ ++ if (test_bit(STRIPE_OP_PREXOR, &ops_request)) ++ tx = ops_run_prexor(sh, percpu, tx); ++ ++ if (test_bit(STRIPE_OP_BIODRAIN, &ops_request)) { ++ tx = ops_run_biodrain(sh, tx); ++ overlap_clear++; ++ } ++ ++ if (test_bit(STRIPE_OP_RECONSTRUCT, &ops_request)) { ++ if (level < 6) ++ ops_run_reconstruct5(sh, percpu, tx); ++ else ++ ops_run_reconstruct6(sh, percpu, tx); ++ } ++ ++ if (test_bit(STRIPE_OP_CHECK, &ops_request)) { ++ if (sh->check_state == check_state_run) ++ ops_run_check_p(sh, percpu); ++ else if (sh->check_state == check_state_run_q) ++ ops_run_check_pq(sh, percpu, 0); ++ else if (sh->check_state == check_state_run_pq) ++ ops_run_check_pq(sh, percpu, 1); ++ else ++ BUG(); ++ } ++ ++ if (overlap_clear) ++ for (i = disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ if (test_and_clear_bit(R5_Overlap, &dev->flags)) ++ wake_up(&sh->raid_conf->wait_for_overlap); ++ } ++ put_cpu(); ++} ++ ++static int grow_one_stripe(struct r5conf *conf, int hash) ++{ ++ struct stripe_head *sh; ++ sh = kmem_cache_zalloc(conf->slab_cache, GFP_KERNEL); ++ if (!sh) ++ return 0; ++ ++ sh->raid_conf = conf; ++ ++ spin_lock_init(&sh->stripe_lock); ++ ++ if (grow_buffers(sh)) { ++ shrink_buffers(sh); ++ kmem_cache_free(conf->slab_cache, sh); ++ return 0; ++ } ++ sh->hash_lock_index = hash; ++ /* we just created an active stripe so... */ ++ atomic_set(&sh->count, 1); ++ atomic_inc(&conf->active_stripes); ++ INIT_LIST_HEAD(&sh->lru); ++ release_stripe(sh); ++ return 1; ++} ++ ++static int grow_stripes(struct r5conf *conf, int num) ++{ ++ struct kmem_cache *sc; ++ int devs = max(conf->raid_disks, conf->previous_raid_disks); ++ int hash; ++ ++ if (conf->mddev->gendisk) ++ sprintf(conf->cache_name[0], ++ "raid%d-%s", conf->level, mdname(conf->mddev)); ++ else ++ sprintf(conf->cache_name[0], ++ "raid%d-%p", conf->level, conf->mddev); ++ sprintf(conf->cache_name[1], "%s-alt", conf->cache_name[0]); ++ ++ conf->active_name = 0; ++ sc = kmem_cache_create(conf->cache_name[conf->active_name], ++ sizeof(struct stripe_head)+(devs-1)*sizeof(struct r5dev), ++ 0, 0, NULL); ++ if (!sc) ++ return 1; ++ conf->slab_cache = sc; ++ conf->pool_size = devs; ++ hash = conf->max_nr_stripes % NR_STRIPE_HASH_LOCKS; ++ while (num--) { ++ if (!grow_one_stripe(conf, hash)) ++ return 1; ++ conf->max_nr_stripes++; ++ hash = (hash + 1) % NR_STRIPE_HASH_LOCKS; ++ } ++ return 0; ++} ++ ++/** ++ * scribble_len - return the required size of the scribble region ++ * @num - total number of disks in the array ++ * ++ * The size must be enough to contain: ++ * 1/ a struct page pointer for each device in the array +2 ++ * 2/ room to convert each entry in (1) to its corresponding dma ++ * (dma_map_page()) or page (page_address()) address. ++ * ++ * Note: the +2 is for the destination buffers of the ddf/raid6 case where we ++ * calculate over all devices (not just the data blocks), using zeros in place ++ * of the P and Q blocks. ++ */ ++static size_t scribble_len(int num) ++{ ++ size_t len; ++ ++ len = sizeof(struct page *) * (num+2) + sizeof(addr_conv_t) * (num+2); ++ ++ return len; ++} ++ ++static int resize_stripes(struct r5conf *conf, int newsize) ++{ ++ /* Make all the stripes able to hold 'newsize' devices. ++ * New slots in each stripe get 'page' set to a new page. ++ * ++ * This happens in stages: ++ * 1/ create a new kmem_cache and allocate the required number of ++ * stripe_heads. ++ * 2/ gather all the old stripe_heads and transfer the pages across ++ * to the new stripe_heads. This will have the side effect of ++ * freezing the array as once all stripe_heads have been collected, ++ * no IO will be possible. Old stripe heads are freed once their ++ * pages have been transferred over, and the old kmem_cache is ++ * freed when all stripes are done. ++ * 3/ reallocate conf->disks to be suitable bigger. If this fails, ++ * we simple return a failre status - no need to clean anything up. ++ * 4/ allocate new pages for the new slots in the new stripe_heads. ++ * If this fails, we don't bother trying the shrink the ++ * stripe_heads down again, we just leave them as they are. ++ * As each stripe_head is processed the new one is released into ++ * active service. ++ * ++ * Once step2 is started, we cannot afford to wait for a write, ++ * so we use GFP_NOIO allocations. ++ */ ++ struct stripe_head *osh, *nsh; ++ LIST_HEAD(newstripes); ++ struct disk_info *ndisks; ++ unsigned long cpu; ++ int err; ++ struct kmem_cache *sc; ++ int i; ++ int hash, cnt; ++ ++ if (newsize <= conf->pool_size) ++ return 0; /* never bother to shrink */ ++ ++ err = md_allow_write(conf->mddev); ++ if (err) ++ return err; ++ ++ /* Step 1 */ ++ sc = kmem_cache_create(conf->cache_name[1-conf->active_name], ++ sizeof(struct stripe_head)+(newsize-1)*sizeof(struct r5dev), ++ 0, 0, NULL); ++ if (!sc) ++ return -ENOMEM; ++ ++ for (i = conf->max_nr_stripes; i; i--) { ++ nsh = kmem_cache_zalloc(sc, GFP_KERNEL); ++ if (!nsh) ++ break; ++ ++ nsh->raid_conf = conf; ++ spin_lock_init(&nsh->stripe_lock); ++ ++ list_add(&nsh->lru, &newstripes); ++ } ++ if (i) { ++ /* didn't get enough, give up */ ++ while (!list_empty(&newstripes)) { ++ nsh = list_entry(newstripes.next, struct stripe_head, lru); ++ list_del(&nsh->lru); ++ kmem_cache_free(sc, nsh); ++ } ++ kmem_cache_destroy(sc); ++ return -ENOMEM; ++ } ++ /* Step 2 - Must use GFP_NOIO now. ++ * OK, we have enough stripes, start collecting inactive ++ * stripes and copying them over ++ */ ++ hash = 0; ++ cnt = 0; ++ list_for_each_entry(nsh, &newstripes, lru) { ++ lock_device_hash_lock(conf, hash); ++ wait_event_cmd(conf->wait_for_stripe, ++ !list_empty(conf->inactive_list + hash), ++ unlock_device_hash_lock(conf, hash), ++ lock_device_hash_lock(conf, hash)); ++ osh = get_free_stripe(conf, hash); ++ unlock_device_hash_lock(conf, hash); ++ atomic_set(&nsh->count, 1); ++ for(i=0; i<conf->pool_size; i++) { ++ nsh->dev[i].page = osh->dev[i].page; ++ nsh->dev[i].orig_page = osh->dev[i].page; ++ } ++ for( ; i<newsize; i++) ++ nsh->dev[i].page = NULL; ++ nsh->hash_lock_index = hash; ++ kmem_cache_free(conf->slab_cache, osh); ++ cnt++; ++ if (cnt >= conf->max_nr_stripes / NR_STRIPE_HASH_LOCKS + ++ !!((conf->max_nr_stripes % NR_STRIPE_HASH_LOCKS) > hash)) { ++ hash++; ++ cnt = 0; ++ } ++ } ++ kmem_cache_destroy(conf->slab_cache); ++ ++ /* Step 3. ++ * At this point, we are holding all the stripes so the array ++ * is completely stalled, so now is a good time to resize ++ * conf->disks and the scribble region ++ */ ++ ndisks = kzalloc(newsize * sizeof(struct disk_info), GFP_NOIO); ++ if (ndisks) { ++ for (i=0; i<conf->raid_disks; i++) ++ ndisks[i] = conf->disks[i]; ++ kfree(conf->disks); ++ conf->disks = ndisks; ++ } else ++ err = -ENOMEM; ++ ++ get_online_cpus(); ++ conf->scribble_len = scribble_len(newsize); ++ for_each_present_cpu(cpu) { ++ struct raid5_percpu *percpu; ++ void *scribble; ++ ++ percpu = per_cpu_ptr(conf->percpu, cpu); ++ scribble = kmalloc(conf->scribble_len, GFP_NOIO); ++ ++ if (scribble) { ++ kfree(percpu->scribble); ++ percpu->scribble = scribble; ++ } else { ++ err = -ENOMEM; ++ break; ++ } ++ } ++ put_online_cpus(); ++ ++ /* Step 4, return new stripes to service */ ++ while(!list_empty(&newstripes)) { ++ nsh = list_entry(newstripes.next, struct stripe_head, lru); ++ list_del_init(&nsh->lru); ++ ++ for (i=conf->raid_disks; i < newsize; i++) ++ if (nsh->dev[i].page == NULL) { ++ struct page *p = alloc_page(GFP_NOIO); ++ nsh->dev[i].page = p; ++ nsh->dev[i].orig_page = p; ++ if (!p) ++ err = -ENOMEM; ++ } ++ release_stripe(nsh); ++ } ++ /* critical section pass, GFP_NOIO no longer needed */ ++ ++ conf->slab_cache = sc; ++ conf->active_name = 1-conf->active_name; ++ conf->pool_size = newsize; ++ return err; ++} ++ ++static int drop_one_stripe(struct r5conf *conf, int hash) ++{ ++ struct stripe_head *sh; ++ ++ spin_lock_irq(conf->hash_locks + hash); ++ sh = get_free_stripe(conf, hash); ++ spin_unlock_irq(conf->hash_locks + hash); ++ if (!sh) ++ return 0; ++ BUG_ON(atomic_read(&sh->count)); ++ shrink_buffers(sh); ++ kmem_cache_free(conf->slab_cache, sh); ++ atomic_dec(&conf->active_stripes); ++ return 1; ++} ++ ++static void shrink_stripes(struct r5conf *conf) ++{ ++ int hash; ++ for (hash = 0; hash < NR_STRIPE_HASH_LOCKS; hash++) ++ while (drop_one_stripe(conf, hash)) ++ ; ++ ++ if (conf->slab_cache) ++ kmem_cache_destroy(conf->slab_cache); ++ conf->slab_cache = NULL; ++} ++ ++static void raid5_end_read_request(struct bio * bi, int error) ++{ ++ struct stripe_head *sh = bi->bi_private; ++ struct r5conf *conf = sh->raid_conf; ++ int disks = sh->disks, i; ++ int uptodate = test_bit(BIO_UPTODATE, &bi->bi_flags); ++ char b[BDEVNAME_SIZE]; ++ struct md_rdev *rdev = NULL; ++ sector_t s; ++ ++ for (i=0 ; i<disks; i++) ++ if (bi == &sh->dev[i].req) ++ break; ++ ++ pr_debug("end_read_request %llu/%d, count: %d, uptodate %d.\n", ++ (unsigned long long)sh->sector, i, atomic_read(&sh->count), ++ uptodate); ++ if (i == disks) { ++ BUG(); ++ return; ++ } ++ if (test_bit(R5_ReadRepl, &sh->dev[i].flags)) ++ /* If replacement finished while this request was outstanding, ++ * 'replacement' might be NULL already. ++ * In that case it moved down to 'rdev'. ++ * rdev is not removed until all requests are finished. ++ */ ++ rdev = conf->disks[i].replacement; ++ if (!rdev) ++ rdev = conf->disks[i].rdev; ++ ++ if (use_new_offset(conf, sh)) ++ s = sh->sector + rdev->new_data_offset; ++ else ++ s = sh->sector + rdev->data_offset; ++ if (uptodate) { ++ set_bit(R5_UPTODATE, &sh->dev[i].flags); ++ if (test_bit(R5_ReadError, &sh->dev[i].flags)) { ++ /* Note that this cannot happen on a ++ * replacement device. We just fail those on ++ * any error ++ */ ++ printk_ratelimited( ++ KERN_INFO ++ "md/raid:%s: read error corrected" ++ " (%lu sectors at %llu on %s)\n", ++ mdname(conf->mddev), STRIPE_SECTORS, ++ (unsigned long long)s, ++ bdevname(rdev->bdev, b)); ++ atomic_add(STRIPE_SECTORS, &rdev->corrected_errors); ++ clear_bit(R5_ReadError, &sh->dev[i].flags); ++ clear_bit(R5_ReWrite, &sh->dev[i].flags); ++ } else if (test_bit(R5_ReadNoMerge, &sh->dev[i].flags)) ++ clear_bit(R5_ReadNoMerge, &sh->dev[i].flags); ++ ++ if (atomic_read(&rdev->read_errors)) ++ atomic_set(&rdev->read_errors, 0); ++ } else { ++ const char *bdn = bdevname(rdev->bdev, b); ++ int retry = 0; ++ int set_bad = 0; ++ ++ clear_bit(R5_UPTODATE, &sh->dev[i].flags); ++ atomic_inc(&rdev->read_errors); ++ if (test_bit(R5_ReadRepl, &sh->dev[i].flags)) ++ printk_ratelimited( ++ KERN_WARNING ++ "md/raid:%s: read error on replacement device " ++ "(sector %llu on %s).\n", ++ mdname(conf->mddev), ++ (unsigned long long)s, ++ bdn); ++ else if (conf->mddev->degraded >= conf->max_degraded) { ++ set_bad = 1; ++ printk_ratelimited( ++ KERN_WARNING ++ "md/raid:%s: read error not correctable " ++ "(sector %llu on %s).\n", ++ mdname(conf->mddev), ++ (unsigned long long)s, ++ bdn); ++ } else if (test_bit(R5_ReWrite, &sh->dev[i].flags)) { ++ /* Oh, no!!! */ ++ set_bad = 1; ++ printk_ratelimited( ++ KERN_WARNING ++ "md/raid:%s: read error NOT corrected!! " ++ "(sector %llu on %s).\n", ++ mdname(conf->mddev), ++ (unsigned long long)s, ++ bdn); ++ } else if (atomic_read(&rdev->read_errors) ++ > conf->max_nr_stripes) ++ printk(KERN_WARNING ++ "md/raid:%s: Too many read errors, failing device %s.\n", ++ mdname(conf->mddev), bdn); ++ else ++ retry = 1; ++ if (set_bad && test_bit(In_sync, &rdev->flags) ++ && !test_bit(R5_ReadNoMerge, &sh->dev[i].flags)) ++ retry = 1; ++ if (retry) ++ if (test_bit(R5_ReadNoMerge, &sh->dev[i].flags)) { ++ set_bit(R5_ReadError, &sh->dev[i].flags); ++ clear_bit(R5_ReadNoMerge, &sh->dev[i].flags); ++ } else ++ set_bit(R5_ReadNoMerge, &sh->dev[i].flags); ++ else { ++ clear_bit(R5_ReadError, &sh->dev[i].flags); ++ clear_bit(R5_ReWrite, &sh->dev[i].flags); ++ if (!(set_bad ++ && test_bit(In_sync, &rdev->flags) ++ && rdev_set_badblocks( ++ rdev, sh->sector, STRIPE_SECTORS, 0))) ++ md_error(conf->mddev, rdev); ++ } ++ } ++ rdev_dec_pending(rdev, conf->mddev); ++ clear_bit(R5_LOCKED, &sh->dev[i].flags); ++ set_bit(STRIPE_HANDLE, &sh->state); ++ release_stripe(sh); ++} ++ ++static void raid5_end_write_request(struct bio *bi, int error) ++{ ++ struct stripe_head *sh = bi->bi_private; ++ struct r5conf *conf = sh->raid_conf; ++ int disks = sh->disks, i; ++ struct md_rdev *uninitialized_var(rdev); ++ int uptodate = test_bit(BIO_UPTODATE, &bi->bi_flags); ++ sector_t first_bad; ++ int bad_sectors; ++ int replacement = 0; ++ ++ for (i = 0 ; i < disks; i++) { ++ if (bi == &sh->dev[i].req) { ++ rdev = conf->disks[i].rdev; ++ break; ++ } ++ if (bi == &sh->dev[i].rreq) { ++ rdev = conf->disks[i].replacement; ++ if (rdev) ++ replacement = 1; ++ else ++ /* rdev was removed and 'replacement' ++ * replaced it. rdev is not removed ++ * until all requests are finished. ++ */ ++ rdev = conf->disks[i].rdev; ++ break; ++ } ++ } ++ pr_debug("end_write_request %llu/%d, count %d, uptodate: %d.\n", ++ (unsigned long long)sh->sector, i, atomic_read(&sh->count), ++ uptodate); ++ if (i == disks) { ++ BUG(); ++ return; ++ } ++ ++ if (replacement) { ++ if (!uptodate) ++ md_error(conf->mddev, rdev); ++ else if (is_badblock(rdev, sh->sector, ++ STRIPE_SECTORS, ++ &first_bad, &bad_sectors)) ++ set_bit(R5_MadeGoodRepl, &sh->dev[i].flags); ++ } else { ++ if (!uptodate) { ++ set_bit(STRIPE_DEGRADED, &sh->state); ++ set_bit(WriteErrorSeen, &rdev->flags); ++ set_bit(R5_WriteError, &sh->dev[i].flags); ++ if (!test_and_set_bit(WantReplacement, &rdev->flags)) ++ set_bit(MD_RECOVERY_NEEDED, ++ &rdev->mddev->recovery); ++ } else if (is_badblock(rdev, sh->sector, ++ STRIPE_SECTORS, ++ &first_bad, &bad_sectors)) { ++ set_bit(R5_MadeGood, &sh->dev[i].flags); ++ if (test_bit(R5_ReadError, &sh->dev[i].flags)) ++ /* That was a successful write so make ++ * sure it looks like we already did ++ * a re-write. ++ */ ++ set_bit(R5_ReWrite, &sh->dev[i].flags); ++ } ++ } ++ rdev_dec_pending(rdev, conf->mddev); ++ ++ if (!test_and_clear_bit(R5_DOUBLE_LOCKED, &sh->dev[i].flags)) ++ clear_bit(R5_LOCKED, &sh->dev[i].flags); ++ set_bit(STRIPE_HANDLE, &sh->state); ++ release_stripe(sh); ++} ++ ++static sector_t compute_blocknr(struct stripe_head *sh, int i, int previous); ++ ++static void raid5_build_block(struct stripe_head *sh, int i, int previous) ++{ ++ struct r5dev *dev = &sh->dev[i]; ++ ++ bio_init(&dev->req); ++ dev->req.bi_io_vec = &dev->vec; ++ dev->req.bi_max_vecs = 1; ++ dev->req.bi_private = sh; ++ ++ bio_init(&dev->rreq); ++ dev->rreq.bi_io_vec = &dev->rvec; ++ dev->rreq.bi_max_vecs = 1; ++ dev->rreq.bi_private = sh; ++ ++ dev->flags = 0; ++ dev->sector = compute_blocknr(sh, i, previous); ++} ++ ++static void error(struct mddev *mddev, struct md_rdev *rdev) ++{ ++ char b[BDEVNAME_SIZE]; ++ struct r5conf *conf = mddev->private; ++ unsigned long flags; ++ pr_debug("raid456: error called\n"); ++ ++ spin_lock_irqsave(&conf->device_lock, flags); ++ clear_bit(In_sync, &rdev->flags); ++ mddev->degraded = calc_degraded(conf); ++ spin_unlock_irqrestore(&conf->device_lock, flags); ++ set_bit(MD_RECOVERY_INTR, &mddev->recovery); ++ ++ set_bit(Blocked, &rdev->flags); ++ set_bit(Faulty, &rdev->flags); ++ set_bit(MD_CHANGE_DEVS, &mddev->flags); ++ printk(KERN_ALERT ++ "md/raid:%s: Disk failure on %s, disabling device.\n" ++ "md/raid:%s: Operation continuing on %d devices.\n", ++ mdname(mddev), ++ bdevname(rdev->bdev, b), ++ mdname(mddev), ++ conf->raid_disks - mddev->degraded); ++} ++ ++/* ++ * Input: a 'big' sector number, ++ * Output: index of the data and parity disk, and the sector # in them. ++ */ ++static sector_t raid5_compute_sector(struct r5conf *conf, sector_t r_sector, ++ int previous, int *dd_idx, ++ struct stripe_head *sh) ++{ ++ sector_t stripe, stripe2; ++ sector_t chunk_number; ++ unsigned int chunk_offset; ++ int pd_idx, qd_idx; ++ int ddf_layout = 0; ++ sector_t new_sector; ++ int algorithm = previous ? conf->prev_algo ++ : conf->algorithm; ++ int sectors_per_chunk = previous ? conf->prev_chunk_sectors ++ : conf->chunk_sectors; ++ int raid_disks = previous ? conf->previous_raid_disks ++ : conf->raid_disks; ++ int data_disks = raid_disks - conf->max_degraded; ++ ++ /* First compute the information on this sector */ ++ ++ /* ++ * Compute the chunk number and the sector offset inside the chunk ++ */ ++ chunk_offset = sector_div(r_sector, sectors_per_chunk); ++ chunk_number = r_sector; ++ ++ /* ++ * Compute the stripe number ++ */ ++ stripe = chunk_number; ++ *dd_idx = sector_div(stripe, data_disks); ++ stripe2 = stripe; ++ /* ++ * Select the parity disk based on the user selected algorithm. ++ */ ++ pd_idx = qd_idx = -1; ++ switch(conf->level) { ++ case 4: ++ pd_idx = data_disks; ++ break; ++ case 5: ++ switch (algorithm) { ++ case ALGORITHM_LEFT_ASYMMETRIC: ++ pd_idx = data_disks - sector_div(stripe2, raid_disks); ++ if (*dd_idx >= pd_idx) ++ (*dd_idx)++; ++ break; ++ case ALGORITHM_RIGHT_ASYMMETRIC: ++ pd_idx = sector_div(stripe2, raid_disks); ++ if (*dd_idx >= pd_idx) ++ (*dd_idx)++; ++ break; ++ case ALGORITHM_LEFT_SYMMETRIC: ++ pd_idx = data_disks - sector_div(stripe2, raid_disks); ++ *dd_idx = (pd_idx + 1 + *dd_idx) % raid_disks; ++ break; ++ case ALGORITHM_RIGHT_SYMMETRIC: ++ pd_idx = sector_div(stripe2, raid_disks); ++ *dd_idx = (pd_idx + 1 + *dd_idx) % raid_disks; ++ break; ++ case ALGORITHM_PARITY_0: ++ pd_idx = 0; ++ (*dd_idx)++; ++ break; ++ case ALGORITHM_PARITY_N: ++ pd_idx = data_disks; ++ break; ++ default: ++ BUG(); ++ } ++ break; ++ case 6: ++ ++ switch (algorithm) { ++ case ALGORITHM_LEFT_ASYMMETRIC: ++ pd_idx = raid_disks - 1 - sector_div(stripe2, raid_disks); ++ qd_idx = pd_idx + 1; ++ if (pd_idx == raid_disks-1) { ++ (*dd_idx)++; /* Q D D D P */ ++ qd_idx = 0; ++ } else if (*dd_idx >= pd_idx) ++ (*dd_idx) += 2; /* D D P Q D */ ++ break; ++ case ALGORITHM_RIGHT_ASYMMETRIC: ++ pd_idx = sector_div(stripe2, raid_disks); ++ qd_idx = pd_idx + 1; ++ if (pd_idx == raid_disks-1) { ++ (*dd_idx)++; /* Q D D D P */ ++ qd_idx = 0; ++ } else if (*dd_idx >= pd_idx) ++ (*dd_idx) += 2; /* D D P Q D */ ++ break; ++ case ALGORITHM_LEFT_SYMMETRIC: ++ pd_idx = raid_disks - 1 - sector_div(stripe2, raid_disks); ++ qd_idx = (pd_idx + 1) % raid_disks; ++ *dd_idx = (pd_idx + 2 + *dd_idx) % raid_disks; ++ break; ++ case ALGORITHM_RIGHT_SYMMETRIC: ++ pd_idx = sector_div(stripe2, raid_disks); ++ qd_idx = (pd_idx + 1) % raid_disks; ++ *dd_idx = (pd_idx + 2 + *dd_idx) % raid_disks; ++ break; ++ ++ case ALGORITHM_PARITY_0: ++ pd_idx = 0; ++ qd_idx = 1; ++ (*dd_idx) += 2; ++ break; ++ case ALGORITHM_PARITY_N: ++ pd_idx = data_disks; ++ qd_idx = data_disks + 1; ++ break; ++ ++ case ALGORITHM_ROTATING_ZERO_RESTART: ++ /* Exactly the same as RIGHT_ASYMMETRIC, but or ++ * of blocks for computing Q is different. ++ */ ++ pd_idx = sector_div(stripe2, raid_disks); ++ qd_idx = pd_idx + 1; ++ if (pd_idx == raid_disks-1) { ++ (*dd_idx)++; /* Q D D D P */ ++ qd_idx = 0; ++ } else if (*dd_idx >= pd_idx) ++ (*dd_idx) += 2; /* D D P Q D */ ++ ddf_layout = 1; ++ break; ++ ++ case ALGORITHM_ROTATING_N_RESTART: ++ /* Same a left_asymmetric, by first stripe is ++ * D D D P Q rather than ++ * Q D D D P ++ */ ++ stripe2 += 1; ++ pd_idx = raid_disks - 1 - sector_div(stripe2, raid_disks); ++ qd_idx = pd_idx + 1; ++ if (pd_idx == raid_disks-1) { ++ (*dd_idx)++; /* Q D D D P */ ++ qd_idx = 0; ++ } else if (*dd_idx >= pd_idx) ++ (*dd_idx) += 2; /* D D P Q D */ ++ ddf_layout = 1; ++ break; ++ ++ case ALGORITHM_ROTATING_N_CONTINUE: ++ /* Same as left_symmetric but Q is before P */ ++ pd_idx = raid_disks - 1 - sector_div(stripe2, raid_disks); ++ qd_idx = (pd_idx + raid_disks - 1) % raid_disks; ++ *dd_idx = (pd_idx + 1 + *dd_idx) % raid_disks; ++ ddf_layout = 1; ++ break; ++ ++ case ALGORITHM_LEFT_ASYMMETRIC_6: ++ /* RAID5 left_asymmetric, with Q on last device */ ++ pd_idx = data_disks - sector_div(stripe2, raid_disks-1); ++ if (*dd_idx >= pd_idx) ++ (*dd_idx)++; ++ qd_idx = raid_disks - 1; ++ break; ++ ++ case ALGORITHM_RIGHT_ASYMMETRIC_6: ++ pd_idx = sector_div(stripe2, raid_disks-1); ++ if (*dd_idx >= pd_idx) ++ (*dd_idx)++; ++ qd_idx = raid_disks - 1; ++ break; ++ ++ case ALGORITHM_LEFT_SYMMETRIC_6: ++ pd_idx = data_disks - sector_div(stripe2, raid_disks-1); ++ *dd_idx = (pd_idx + 1 + *dd_idx) % (raid_disks-1); ++ qd_idx = raid_disks - 1; ++ break; ++ ++ case ALGORITHM_RIGHT_SYMMETRIC_6: ++ pd_idx = sector_div(stripe2, raid_disks-1); ++ *dd_idx = (pd_idx + 1 + *dd_idx) % (raid_disks-1); ++ qd_idx = raid_disks - 1; ++ break; ++ ++ case ALGORITHM_PARITY_0_6: ++ pd_idx = 0; ++ (*dd_idx)++; ++ qd_idx = raid_disks - 1; ++ break; ++ ++ default: ++ BUG(); ++ } ++ break; ++ } ++ ++ if (sh) { ++ sh->pd_idx = pd_idx; ++ sh->qd_idx = qd_idx; ++ sh->ddf_layout = ddf_layout; ++ } ++ /* ++ * Finally, compute the new sector number ++ */ ++ new_sector = (sector_t)stripe * sectors_per_chunk + chunk_offset; ++ return new_sector; ++} ++ ++static sector_t compute_blocknr(struct stripe_head *sh, int i, int previous) ++{ ++ struct r5conf *conf = sh->raid_conf; ++ int raid_disks = sh->disks; ++ int data_disks = raid_disks - conf->max_degraded; ++ sector_t new_sector = sh->sector, check; ++ int sectors_per_chunk = previous ? conf->prev_chunk_sectors ++ : conf->chunk_sectors; ++ int algorithm = previous ? conf->prev_algo ++ : conf->algorithm; ++ sector_t stripe; ++ int chunk_offset; ++ sector_t chunk_number; ++ int dummy1, dd_idx = i; ++ sector_t r_sector; ++ struct stripe_head sh2; ++ ++ chunk_offset = sector_div(new_sector, sectors_per_chunk); ++ stripe = new_sector; ++ ++ if (i == sh->pd_idx) ++ return 0; ++ switch(conf->level) { ++ case 4: break; ++ case 5: ++ switch (algorithm) { ++ case ALGORITHM_LEFT_ASYMMETRIC: ++ case ALGORITHM_RIGHT_ASYMMETRIC: ++ if (i > sh->pd_idx) ++ i--; ++ break; ++ case ALGORITHM_LEFT_SYMMETRIC: ++ case ALGORITHM_RIGHT_SYMMETRIC: ++ if (i < sh->pd_idx) ++ i += raid_disks; ++ i -= (sh->pd_idx + 1); ++ break; ++ case ALGORITHM_PARITY_0: ++ i -= 1; ++ break; ++ case ALGORITHM_PARITY_N: ++ break; ++ default: ++ BUG(); ++ } ++ break; ++ case 6: ++ if (i == sh->qd_idx) ++ return 0; /* It is the Q disk */ ++ switch (algorithm) { ++ case ALGORITHM_LEFT_ASYMMETRIC: ++ case ALGORITHM_RIGHT_ASYMMETRIC: ++ case ALGORITHM_ROTATING_ZERO_RESTART: ++ case ALGORITHM_ROTATING_N_RESTART: ++ if (sh->pd_idx == raid_disks-1) ++ i--; /* Q D D D P */ ++ else if (i > sh->pd_idx) ++ i -= 2; /* D D P Q D */ ++ break; ++ case ALGORITHM_LEFT_SYMMETRIC: ++ case ALGORITHM_RIGHT_SYMMETRIC: ++ if (sh->pd_idx == raid_disks-1) ++ i--; /* Q D D D P */ ++ else { ++ /* D D P Q D */ ++ if (i < sh->pd_idx) ++ i += raid_disks; ++ i -= (sh->pd_idx + 2); ++ } ++ break; ++ case ALGORITHM_PARITY_0: ++ i -= 2; ++ break; ++ case ALGORITHM_PARITY_N: ++ break; ++ case ALGORITHM_ROTATING_N_CONTINUE: ++ /* Like left_symmetric, but P is before Q */ ++ if (sh->pd_idx == 0) ++ i--; /* P D D D Q */ ++ else { ++ /* D D Q P D */ ++ if (i < sh->pd_idx) ++ i += raid_disks; ++ i -= (sh->pd_idx + 1); ++ } ++ break; ++ case ALGORITHM_LEFT_ASYMMETRIC_6: ++ case ALGORITHM_RIGHT_ASYMMETRIC_6: ++ if (i > sh->pd_idx) ++ i--; ++ break; ++ case ALGORITHM_LEFT_SYMMETRIC_6: ++ case ALGORITHM_RIGHT_SYMMETRIC_6: ++ if (i < sh->pd_idx) ++ i += data_disks + 1; ++ i -= (sh->pd_idx + 1); ++ break; ++ case ALGORITHM_PARITY_0_6: ++ i -= 1; ++ break; ++ default: ++ BUG(); ++ } ++ break; ++ } ++ ++ chunk_number = stripe * data_disks + i; ++ r_sector = chunk_number * sectors_per_chunk + chunk_offset; ++ ++ check = raid5_compute_sector(conf, r_sector, ++ previous, &dummy1, &sh2); ++ if (check != sh->sector || dummy1 != dd_idx || sh2.pd_idx != sh->pd_idx ++ || sh2.qd_idx != sh->qd_idx) { ++ printk(KERN_ERR "md/raid:%s: compute_blocknr: map not correct\n", ++ mdname(conf->mddev)); ++ return 0; ++ } ++ return r_sector; ++} ++ ++static void ++schedule_reconstruction(struct stripe_head *sh, struct stripe_head_state *s, ++ int rcw, int expand) ++{ ++ int i, pd_idx = sh->pd_idx, disks = sh->disks; ++ struct r5conf *conf = sh->raid_conf; ++ int level = conf->level; ++ ++ if (rcw) { ++ ++ for (i = disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ ++ if (dev->towrite) { ++ set_bit(R5_LOCKED, &dev->flags); ++ set_bit(R5_Wantdrain, &dev->flags); ++ if (!expand) ++ clear_bit(R5_UPTODATE, &dev->flags); ++ s->locked++; ++ } ++ } ++ /* if we are not expanding this is a proper write request, and ++ * there will be bios with new data to be drained into the ++ * stripe cache ++ */ ++ if (!expand) { ++ if (!s->locked) ++ /* False alarm, nothing to do */ ++ return; ++ sh->reconstruct_state = reconstruct_state_drain_run; ++ set_bit(STRIPE_OP_BIODRAIN, &s->ops_request); ++ } else ++ sh->reconstruct_state = reconstruct_state_run; ++ ++ set_bit(STRIPE_OP_RECONSTRUCT, &s->ops_request); ++ ++ if (s->locked + conf->max_degraded == disks) ++ if (!test_and_set_bit(STRIPE_FULL_WRITE, &sh->state)) ++ atomic_inc(&conf->pending_full_writes); ++ } else { ++ BUG_ON(level == 6); ++ BUG_ON(!(test_bit(R5_UPTODATE, &sh->dev[pd_idx].flags) || ++ test_bit(R5_Wantcompute, &sh->dev[pd_idx].flags))); ++ ++ for (i = disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ if (i == pd_idx) ++ continue; ++ ++ if (dev->towrite && ++ (test_bit(R5_UPTODATE, &dev->flags) || ++ test_bit(R5_Wantcompute, &dev->flags))) { ++ set_bit(R5_Wantdrain, &dev->flags); ++ set_bit(R5_LOCKED, &dev->flags); ++ clear_bit(R5_UPTODATE, &dev->flags); ++ s->locked++; ++ } ++ } ++ if (!s->locked) ++ /* False alarm - nothing to do */ ++ return; ++ sh->reconstruct_state = reconstruct_state_prexor_drain_run; ++ set_bit(STRIPE_OP_PREXOR, &s->ops_request); ++ set_bit(STRIPE_OP_BIODRAIN, &s->ops_request); ++ set_bit(STRIPE_OP_RECONSTRUCT, &s->ops_request); ++ } ++ ++ /* keep the parity disk(s) locked while asynchronous operations ++ * are in flight ++ */ ++ set_bit(R5_LOCKED, &sh->dev[pd_idx].flags); ++ clear_bit(R5_UPTODATE, &sh->dev[pd_idx].flags); ++ s->locked++; ++ ++ if (level == 6) { ++ int qd_idx = sh->qd_idx; ++ struct r5dev *dev = &sh->dev[qd_idx]; ++ ++ set_bit(R5_LOCKED, &dev->flags); ++ clear_bit(R5_UPTODATE, &dev->flags); ++ s->locked++; ++ } ++ ++ pr_debug("%s: stripe %llu locked: %d ops_request: %lx\n", ++ __func__, (unsigned long long)sh->sector, ++ s->locked, s->ops_request); ++} ++ ++/* ++ * Each stripe/dev can have one or more bion attached. ++ * toread/towrite point to the first in a chain. ++ * The bi_next chain must be in order. ++ */ ++static int add_stripe_bio(struct stripe_head *sh, struct bio *bi, int dd_idx, int forwrite) ++{ ++ struct bio **bip; ++ struct r5conf *conf = sh->raid_conf; ++ int firstwrite=0; ++ ++ pr_debug("adding bi b#%llu to stripe s#%llu\n", ++ (unsigned long long)bi->bi_iter.bi_sector, ++ (unsigned long long)sh->sector); ++ ++ /* ++ * If several bio share a stripe. The bio bi_phys_segments acts as a ++ * reference count to avoid race. The reference count should already be ++ * increased before this function is called (for example, in ++ * make_request()), so other bio sharing this stripe will not free the ++ * stripe. If a stripe is owned by one stripe, the stripe lock will ++ * protect it. ++ */ ++ spin_lock_irq(&sh->stripe_lock); ++ if (forwrite) { ++ bip = &sh->dev[dd_idx].towrite; ++ if (*bip == NULL) ++ firstwrite = 1; ++ } else ++ bip = &sh->dev[dd_idx].toread; ++ while (*bip && (*bip)->bi_iter.bi_sector < bi->bi_iter.bi_sector) { ++ if (bio_end_sector(*bip) > bi->bi_iter.bi_sector) ++ goto overlap; ++ bip = & (*bip)->bi_next; ++ } ++ if (*bip && (*bip)->bi_iter.bi_sector < bio_end_sector(bi)) ++ goto overlap; ++ ++ BUG_ON(*bip && bi->bi_next && (*bip) != bi->bi_next); ++ if (*bip) ++ bi->bi_next = *bip; ++ *bip = bi; ++ raid5_inc_bi_active_stripes(bi); ++ ++ if (forwrite) { ++ /* check if page is covered */ ++ sector_t sector = sh->dev[dd_idx].sector; ++ for (bi=sh->dev[dd_idx].towrite; ++ sector < sh->dev[dd_idx].sector + STRIPE_SECTORS && ++ bi && bi->bi_iter.bi_sector <= sector; ++ bi = r5_next_bio(bi, sh->dev[dd_idx].sector)) { ++ if (bio_end_sector(bi) >= sector) ++ sector = bio_end_sector(bi); ++ } ++ if (sector >= sh->dev[dd_idx].sector + STRIPE_SECTORS) ++ set_bit(R5_OVERWRITE, &sh->dev[dd_idx].flags); ++ } ++ ++ pr_debug("added bi b#%llu to stripe s#%llu, disk %d.\n", ++ (unsigned long long)(*bip)->bi_iter.bi_sector, ++ (unsigned long long)sh->sector, dd_idx); ++ spin_unlock_irq(&sh->stripe_lock); ++ ++ if (conf->mddev->bitmap && firstwrite) { ++ bitmap_startwrite(conf->mddev->bitmap, sh->sector, ++ STRIPE_SECTORS, 0); ++ sh->bm_seq = conf->seq_flush+1; ++ set_bit(STRIPE_BIT_DELAY, &sh->state); ++ } ++ return 1; ++ ++ overlap: ++ set_bit(R5_Overlap, &sh->dev[dd_idx].flags); ++ spin_unlock_irq(&sh->stripe_lock); ++ return 0; ++} ++ ++static void end_reshape(struct r5conf *conf); ++ ++static void stripe_set_idx(sector_t stripe, struct r5conf *conf, int previous, ++ struct stripe_head *sh) ++{ ++ int sectors_per_chunk = ++ previous ? conf->prev_chunk_sectors : conf->chunk_sectors; ++ int dd_idx; ++ int chunk_offset = sector_div(stripe, sectors_per_chunk); ++ int disks = previous ? conf->previous_raid_disks : conf->raid_disks; ++ ++ raid5_compute_sector(conf, ++ stripe * (disks - conf->max_degraded) ++ *sectors_per_chunk + chunk_offset, ++ previous, ++ &dd_idx, sh); ++} ++ ++static void ++handle_failed_stripe(struct r5conf *conf, struct stripe_head *sh, ++ struct stripe_head_state *s, int disks, ++ struct bio **return_bi) ++{ ++ int i; ++ for (i = disks; i--; ) { ++ struct bio *bi; ++ int bitmap_end = 0; ++ ++ if (test_bit(R5_ReadError, &sh->dev[i].flags)) { ++ struct md_rdev *rdev; ++ rcu_read_lock(); ++ rdev = rcu_dereference(conf->disks[i].rdev); ++ if (rdev && test_bit(In_sync, &rdev->flags)) ++ atomic_inc(&rdev->nr_pending); ++ else ++ rdev = NULL; ++ rcu_read_unlock(); ++ if (rdev) { ++ if (!rdev_set_badblocks( ++ rdev, ++ sh->sector, ++ STRIPE_SECTORS, 0)) ++ md_error(conf->mddev, rdev); ++ rdev_dec_pending(rdev, conf->mddev); ++ } ++ } ++ spin_lock_irq(&sh->stripe_lock); ++ /* fail all writes first */ ++ bi = sh->dev[i].towrite; ++ sh->dev[i].towrite = NULL; ++ spin_unlock_irq(&sh->stripe_lock); ++ if (bi) ++ bitmap_end = 1; ++ ++ if (test_and_clear_bit(R5_Overlap, &sh->dev[i].flags)) ++ wake_up(&conf->wait_for_overlap); ++ ++ while (bi && bi->bi_iter.bi_sector < ++ sh->dev[i].sector + STRIPE_SECTORS) { ++ struct bio *nextbi = r5_next_bio(bi, sh->dev[i].sector); ++ clear_bit(BIO_UPTODATE, &bi->bi_flags); ++ if (!raid5_dec_bi_active_stripes(bi)) { ++ md_write_end(conf->mddev); ++ bi->bi_next = *return_bi; ++ *return_bi = bi; ++ } ++ bi = nextbi; ++ } ++ if (bitmap_end) ++ bitmap_endwrite(conf->mddev->bitmap, sh->sector, ++ STRIPE_SECTORS, 0, 0); ++ bitmap_end = 0; ++ /* and fail all 'written' */ ++ bi = sh->dev[i].written; ++ sh->dev[i].written = NULL; ++ if (test_and_clear_bit(R5_SkipCopy, &sh->dev[i].flags)) { ++ WARN_ON(test_bit(R5_UPTODATE, &sh->dev[i].flags)); ++ sh->dev[i].page = sh->dev[i].orig_page; ++ } ++ ++ if (bi) bitmap_end = 1; ++ while (bi && bi->bi_iter.bi_sector < ++ sh->dev[i].sector + STRIPE_SECTORS) { ++ struct bio *bi2 = r5_next_bio(bi, sh->dev[i].sector); ++ clear_bit(BIO_UPTODATE, &bi->bi_flags); ++ if (!raid5_dec_bi_active_stripes(bi)) { ++ md_write_end(conf->mddev); ++ bi->bi_next = *return_bi; ++ *return_bi = bi; ++ } ++ bi = bi2; ++ } ++ ++ /* fail any reads if this device is non-operational and ++ * the data has not reached the cache yet. ++ */ ++ if (!test_bit(R5_Wantfill, &sh->dev[i].flags) && ++ (!test_bit(R5_Insync, &sh->dev[i].flags) || ++ test_bit(R5_ReadError, &sh->dev[i].flags))) { ++ spin_lock_irq(&sh->stripe_lock); ++ bi = sh->dev[i].toread; ++ sh->dev[i].toread = NULL; ++ spin_unlock_irq(&sh->stripe_lock); ++ if (test_and_clear_bit(R5_Overlap, &sh->dev[i].flags)) ++ wake_up(&conf->wait_for_overlap); ++ while (bi && bi->bi_iter.bi_sector < ++ sh->dev[i].sector + STRIPE_SECTORS) { ++ struct bio *nextbi = ++ r5_next_bio(bi, sh->dev[i].sector); ++ clear_bit(BIO_UPTODATE, &bi->bi_flags); ++ if (!raid5_dec_bi_active_stripes(bi)) { ++ bi->bi_next = *return_bi; ++ *return_bi = bi; ++ } ++ bi = nextbi; ++ } ++ } ++ if (bitmap_end) ++ bitmap_endwrite(conf->mddev->bitmap, sh->sector, ++ STRIPE_SECTORS, 0, 0); ++ /* If we were in the middle of a write the parity block might ++ * still be locked - so just clear all R5_LOCKED flags ++ */ ++ clear_bit(R5_LOCKED, &sh->dev[i].flags); ++ } ++ ++ if (test_and_clear_bit(STRIPE_FULL_WRITE, &sh->state)) ++ if (atomic_dec_and_test(&conf->pending_full_writes)) ++ md_wakeup_thread(conf->mddev->thread); ++} ++ ++static void ++handle_failed_sync(struct r5conf *conf, struct stripe_head *sh, ++ struct stripe_head_state *s) ++{ ++ int abort = 0; ++ int i; ++ ++ clear_bit(STRIPE_SYNCING, &sh->state); ++ if (test_and_clear_bit(R5_Overlap, &sh->dev[sh->pd_idx].flags)) ++ wake_up(&conf->wait_for_overlap); ++ s->syncing = 0; ++ s->replacing = 0; ++ /* There is nothing more to do for sync/check/repair. ++ * Don't even need to abort as that is handled elsewhere ++ * if needed, and not always wanted e.g. if there is a known ++ * bad block here. ++ * For recover/replace we need to record a bad block on all ++ * non-sync devices, or abort the recovery ++ */ ++ if (test_bit(MD_RECOVERY_RECOVER, &conf->mddev->recovery)) { ++ /* During recovery devices cannot be removed, so ++ * locking and refcounting of rdevs is not needed ++ */ ++ for (i = 0; i < conf->raid_disks; i++) { ++ struct md_rdev *rdev = conf->disks[i].rdev; ++ if (rdev ++ && !test_bit(Faulty, &rdev->flags) ++ && !test_bit(In_sync, &rdev->flags) ++ && !rdev_set_badblocks(rdev, sh->sector, ++ STRIPE_SECTORS, 0)) ++ abort = 1; ++ rdev = conf->disks[i].replacement; ++ if (rdev ++ && !test_bit(Faulty, &rdev->flags) ++ && !test_bit(In_sync, &rdev->flags) ++ && !rdev_set_badblocks(rdev, sh->sector, ++ STRIPE_SECTORS, 0)) ++ abort = 1; ++ } ++ if (abort) ++ conf->recovery_disabled = ++ conf->mddev->recovery_disabled; ++ } ++ md_done_sync(conf->mddev, STRIPE_SECTORS, !abort); ++} ++ ++static int want_replace(struct stripe_head *sh, int disk_idx) ++{ ++ struct md_rdev *rdev; ++ int rv = 0; ++ /* Doing recovery so rcu locking not required */ ++ rdev = sh->raid_conf->disks[disk_idx].replacement; ++ if (rdev ++ && !test_bit(Faulty, &rdev->flags) ++ && !test_bit(In_sync, &rdev->flags) ++ && (rdev->recovery_offset <= sh->sector ++ || rdev->mddev->recovery_cp <= sh->sector)) ++ rv = 1; ++ ++ return rv; ++} ++ ++/* fetch_block - checks the given member device to see if its data needs ++ * to be read or computed to satisfy a request. ++ * ++ * Returns 1 when no more member devices need to be checked, otherwise returns ++ * 0 to tell the loop in handle_stripe_fill to continue ++ */ ++static int fetch_block(struct stripe_head *sh, struct stripe_head_state *s, ++ int disk_idx, int disks) ++{ ++ struct r5dev *dev = &sh->dev[disk_idx]; ++ struct r5dev *fdev[2] = { &sh->dev[s->failed_num[0]], ++ &sh->dev[s->failed_num[1]] }; ++ ++ /* is the data in this block needed, and can we get it? */ ++ if (!test_bit(R5_LOCKED, &dev->flags) && ++ !test_bit(R5_UPTODATE, &dev->flags) && ++ (dev->toread || ++ (dev->towrite && !test_bit(R5_OVERWRITE, &dev->flags)) || ++ s->syncing || s->expanding || ++ (s->replacing && want_replace(sh, disk_idx)) || ++ (s->failed >= 1 && fdev[0]->toread) || ++ (s->failed >= 2 && fdev[1]->toread) || ++ (sh->raid_conf->level <= 5 && s->failed && fdev[0]->towrite && ++ (!test_bit(R5_Insync, &dev->flags) || test_bit(STRIPE_PREREAD_ACTIVE, &sh->state)) && ++ !test_bit(R5_OVERWRITE, &fdev[0]->flags)) || ++ ((sh->raid_conf->level == 6 || ++ sh->sector >= sh->raid_conf->mddev->recovery_cp) ++ && s->failed && s->to_write && ++ (s->to_write - s->non_overwrite < ++ sh->raid_conf->raid_disks - sh->raid_conf->max_degraded) && ++ (!test_bit(R5_Insync, &dev->flags) || test_bit(STRIPE_PREREAD_ACTIVE, &sh->state))))) { ++ /* we would like to get this block, possibly by computing it, ++ * otherwise read it if the backing disk is insync ++ */ ++ BUG_ON(test_bit(R5_Wantcompute, &dev->flags)); ++ BUG_ON(test_bit(R5_Wantread, &dev->flags)); ++ if ((s->uptodate == disks - 1) && ++ (s->failed && (disk_idx == s->failed_num[0] || ++ disk_idx == s->failed_num[1]))) { ++ /* have disk failed, and we're requested to fetch it; ++ * do compute it ++ */ ++ pr_debug("Computing stripe %llu block %d\n", ++ (unsigned long long)sh->sector, disk_idx); ++ set_bit(STRIPE_COMPUTE_RUN, &sh->state); ++ set_bit(STRIPE_OP_COMPUTE_BLK, &s->ops_request); ++ set_bit(R5_Wantcompute, &dev->flags); ++ sh->ops.target = disk_idx; ++ sh->ops.target2 = -1; /* no 2nd target */ ++ s->req_compute = 1; ++ /* Careful: from this point on 'uptodate' is in the eye ++ * of raid_run_ops which services 'compute' operations ++ * before writes. R5_Wantcompute flags a block that will ++ * be R5_UPTODATE by the time it is needed for a ++ * subsequent operation. ++ */ ++ s->uptodate++; ++ return 1; ++ } else if (s->uptodate == disks-2 && s->failed >= 2) { ++ /* Computing 2-failure is *very* expensive; only ++ * do it if failed >= 2 ++ */ ++ int other; ++ for (other = disks; other--; ) { ++ if (other == disk_idx) ++ continue; ++ if (!test_bit(R5_UPTODATE, ++ &sh->dev[other].flags)) ++ break; ++ } ++ BUG_ON(other < 0); ++ pr_debug("Computing stripe %llu blocks %d,%d\n", ++ (unsigned long long)sh->sector, ++ disk_idx, other); ++ set_bit(STRIPE_COMPUTE_RUN, &sh->state); ++ set_bit(STRIPE_OP_COMPUTE_BLK, &s->ops_request); ++ set_bit(R5_Wantcompute, &sh->dev[disk_idx].flags); ++ set_bit(R5_Wantcompute, &sh->dev[other].flags); ++ sh->ops.target = disk_idx; ++ sh->ops.target2 = other; ++ s->uptodate += 2; ++ s->req_compute = 1; ++ return 1; ++ } else if (test_bit(R5_Insync, &dev->flags)) { ++ set_bit(R5_LOCKED, &dev->flags); ++ set_bit(R5_Wantread, &dev->flags); ++ s->locked++; ++ pr_debug("Reading block %d (sync=%d)\n", ++ disk_idx, s->syncing); ++ } ++ } ++ ++ return 0; ++} ++ ++/** ++ * handle_stripe_fill - read or compute data to satisfy pending requests. ++ */ ++static void handle_stripe_fill(struct stripe_head *sh, ++ struct stripe_head_state *s, ++ int disks) ++{ ++ int i; ++ ++ /* look for blocks to read/compute, skip this if a compute ++ * is already in flight, or if the stripe contents are in the ++ * midst of changing due to a write ++ */ ++ if (!test_bit(STRIPE_COMPUTE_RUN, &sh->state) && !sh->check_state && ++ !sh->reconstruct_state) ++ for (i = disks; i--; ) ++ if (fetch_block(sh, s, i, disks)) ++ break; ++ set_bit(STRIPE_HANDLE, &sh->state); ++} ++ ++/* handle_stripe_clean_event ++ * any written block on an uptodate or failed drive can be returned. ++ * Note that if we 'wrote' to a failed drive, it will be UPTODATE, but ++ * never LOCKED, so we don't need to test 'failed' directly. ++ */ ++static void handle_stripe_clean_event(struct r5conf *conf, ++ struct stripe_head *sh, int disks, struct bio **return_bi) ++{ ++ int i; ++ struct r5dev *dev; ++ int discard_pending = 0; ++ ++ for (i = disks; i--; ) ++ if (sh->dev[i].written) { ++ dev = &sh->dev[i]; ++ if (!test_bit(R5_LOCKED, &dev->flags) && ++ (test_bit(R5_UPTODATE, &dev->flags) || ++ test_bit(R5_Discard, &dev->flags) || ++ test_bit(R5_SkipCopy, &dev->flags))) { ++ /* We can return any write requests */ ++ struct bio *wbi, *wbi2; ++ pr_debug("Return write for disc %d\n", i); ++ if (test_and_clear_bit(R5_Discard, &dev->flags)) ++ clear_bit(R5_UPTODATE, &dev->flags); ++ if (test_and_clear_bit(R5_SkipCopy, &dev->flags)) { ++ WARN_ON(test_bit(R5_UPTODATE, &dev->flags)); ++ dev->page = dev->orig_page; ++ } ++ wbi = dev->written; ++ dev->written = NULL; ++ while (wbi && wbi->bi_iter.bi_sector < ++ dev->sector + STRIPE_SECTORS) { ++ wbi2 = r5_next_bio(wbi, dev->sector); ++ if (!raid5_dec_bi_active_stripes(wbi)) { ++ md_write_end(conf->mddev); ++ wbi->bi_next = *return_bi; ++ *return_bi = wbi; ++ } ++ wbi = wbi2; ++ } ++ bitmap_endwrite(conf->mddev->bitmap, sh->sector, ++ STRIPE_SECTORS, ++ !test_bit(STRIPE_DEGRADED, &sh->state), ++ 0); ++ } else if (test_bit(R5_Discard, &dev->flags)) ++ discard_pending = 1; ++ WARN_ON(test_bit(R5_SkipCopy, &dev->flags)); ++ WARN_ON(dev->page != dev->orig_page); ++ } ++ if (!discard_pending && ++ test_bit(R5_Discard, &sh->dev[sh->pd_idx].flags)) { ++ clear_bit(R5_Discard, &sh->dev[sh->pd_idx].flags); ++ clear_bit(R5_UPTODATE, &sh->dev[sh->pd_idx].flags); ++ if (sh->qd_idx >= 0) { ++ clear_bit(R5_Discard, &sh->dev[sh->qd_idx].flags); ++ clear_bit(R5_UPTODATE, &sh->dev[sh->qd_idx].flags); ++ } ++ /* now that discard is done we can proceed with any sync */ ++ clear_bit(STRIPE_DISCARD, &sh->state); ++ /* ++ * SCSI discard will change some bio fields and the stripe has ++ * no updated data, so remove it from hash list and the stripe ++ * will be reinitialized ++ */ ++ spin_lock_irq(&conf->device_lock); ++ remove_hash(sh); ++ spin_unlock_irq(&conf->device_lock); ++ if (test_bit(STRIPE_SYNC_REQUESTED, &sh->state)) ++ set_bit(STRIPE_HANDLE, &sh->state); ++ ++ } ++ ++ if (test_and_clear_bit(STRIPE_FULL_WRITE, &sh->state)) ++ if (atomic_dec_and_test(&conf->pending_full_writes)) ++ md_wakeup_thread(conf->mddev->thread); ++} ++ ++static void handle_stripe_dirtying(struct r5conf *conf, ++ struct stripe_head *sh, ++ struct stripe_head_state *s, ++ int disks) ++{ ++ int rmw = 0, rcw = 0, i; ++ sector_t recovery_cp = conf->mddev->recovery_cp; ++ ++ /* RAID6 requires 'rcw' in current implementation. ++ * Otherwise, check whether resync is now happening or should start. ++ * If yes, then the array is dirty (after unclean shutdown or ++ * initial creation), so parity in some stripes might be inconsistent. ++ * In this case, we need to always do reconstruct-write, to ensure ++ * that in case of drive failure or read-error correction, we ++ * generate correct data from the parity. ++ */ ++ if (conf->max_degraded == 2 || ++ (recovery_cp < MaxSector && sh->sector >= recovery_cp && ++ s->failed == 0)) { ++ /* Calculate the real rcw later - for now make it ++ * look like rcw is cheaper ++ */ ++ rcw = 1; rmw = 2; ++ pr_debug("force RCW max_degraded=%u, recovery_cp=%llu sh->sector=%llu\n", ++ conf->max_degraded, (unsigned long long)recovery_cp, ++ (unsigned long long)sh->sector); ++ } else for (i = disks; i--; ) { ++ /* would I have to read this buffer for read_modify_write */ ++ struct r5dev *dev = &sh->dev[i]; ++ if ((dev->towrite || i == sh->pd_idx) && ++ !test_bit(R5_LOCKED, &dev->flags) && ++ !(test_bit(R5_UPTODATE, &dev->flags) || ++ test_bit(R5_Wantcompute, &dev->flags))) { ++ if (test_bit(R5_Insync, &dev->flags)) ++ rmw++; ++ else ++ rmw += 2*disks; /* cannot read it */ ++ } ++ /* Would I have to read this buffer for reconstruct_write */ ++ if (!test_bit(R5_OVERWRITE, &dev->flags) && i != sh->pd_idx && ++ !test_bit(R5_LOCKED, &dev->flags) && ++ !(test_bit(R5_UPTODATE, &dev->flags) || ++ test_bit(R5_Wantcompute, &dev->flags))) { ++ if (test_bit(R5_Insync, &dev->flags)) ++ rcw++; ++ else ++ rcw += 2*disks; ++ } ++ } ++ pr_debug("for sector %llu, rmw=%d rcw=%d\n", ++ (unsigned long long)sh->sector, rmw, rcw); ++ set_bit(STRIPE_HANDLE, &sh->state); ++ if (rmw < rcw && rmw > 0) { ++ /* prefer read-modify-write, but need to get some data */ ++ if (conf->mddev->queue) ++ blk_add_trace_msg(conf->mddev->queue, ++ "raid5 rmw %llu %d", ++ (unsigned long long)sh->sector, rmw); ++ for (i = disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ if ((dev->towrite || i == sh->pd_idx) && ++ !test_bit(R5_LOCKED, &dev->flags) && ++ !(test_bit(R5_UPTODATE, &dev->flags) || ++ test_bit(R5_Wantcompute, &dev->flags)) && ++ test_bit(R5_Insync, &dev->flags)) { ++ if (test_bit(STRIPE_PREREAD_ACTIVE, ++ &sh->state)) { ++ pr_debug("Read_old block %d for r-m-w\n", ++ i); ++ set_bit(R5_LOCKED, &dev->flags); ++ set_bit(R5_Wantread, &dev->flags); ++ s->locked++; ++ } else { ++ set_bit(STRIPE_DELAYED, &sh->state); ++ set_bit(STRIPE_HANDLE, &sh->state); ++ } ++ } ++ } ++ } ++ if (rcw <= rmw && rcw > 0) { ++ /* want reconstruct write, but need to get some data */ ++ int qread =0; ++ rcw = 0; ++ for (i = disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ if (!test_bit(R5_OVERWRITE, &dev->flags) && ++ i != sh->pd_idx && i != sh->qd_idx && ++ !test_bit(R5_LOCKED, &dev->flags) && ++ !(test_bit(R5_UPTODATE, &dev->flags) || ++ test_bit(R5_Wantcompute, &dev->flags))) { ++ rcw++; ++ if (test_bit(R5_Insync, &dev->flags) && ++ test_bit(STRIPE_PREREAD_ACTIVE, ++ &sh->state)) { ++ pr_debug("Read_old block " ++ "%d for Reconstruct\n", i); ++ set_bit(R5_LOCKED, &dev->flags); ++ set_bit(R5_Wantread, &dev->flags); ++ s->locked++; ++ qread++; ++ } else { ++ set_bit(STRIPE_DELAYED, &sh->state); ++ set_bit(STRIPE_HANDLE, &sh->state); ++ } ++ } ++ } ++ if (rcw && conf->mddev->queue) ++ blk_add_trace_msg(conf->mddev->queue, "raid5 rcw %llu %d %d %d", ++ (unsigned long long)sh->sector, ++ rcw, qread, test_bit(STRIPE_DELAYED, &sh->state)); ++ } ++ ++ if (rcw > disks && rmw > disks && ++ !test_bit(STRIPE_PREREAD_ACTIVE, &sh->state)) ++ set_bit(STRIPE_DELAYED, &sh->state); ++ ++ /* now if nothing is locked, and if we have enough data, ++ * we can start a write request ++ */ ++ /* since handle_stripe can be called at any time we need to handle the ++ * case where a compute block operation has been submitted and then a ++ * subsequent call wants to start a write request. raid_run_ops only ++ * handles the case where compute block and reconstruct are requested ++ * simultaneously. If this is not the case then new writes need to be ++ * held off until the compute completes. ++ */ ++ if ((s->req_compute || !test_bit(STRIPE_COMPUTE_RUN, &sh->state)) && ++ (s->locked == 0 && (rcw == 0 || rmw == 0) && ++ !test_bit(STRIPE_BIT_DELAY, &sh->state))) ++ schedule_reconstruction(sh, s, rcw == 0, 0); ++} ++ ++static void handle_parity_checks5(struct r5conf *conf, struct stripe_head *sh, ++ struct stripe_head_state *s, int disks) ++{ ++ struct r5dev *dev = NULL; ++ ++ set_bit(STRIPE_HANDLE, &sh->state); ++ ++ switch (sh->check_state) { ++ case check_state_idle: ++ /* start a new check operation if there are no failures */ ++ if (s->failed == 0) { ++ BUG_ON(s->uptodate != disks); ++ sh->check_state = check_state_run; ++ set_bit(STRIPE_OP_CHECK, &s->ops_request); ++ clear_bit(R5_UPTODATE, &sh->dev[sh->pd_idx].flags); ++ s->uptodate--; ++ break; ++ } ++ dev = &sh->dev[s->failed_num[0]]; ++ /* fall through */ ++ case check_state_compute_result: ++ sh->check_state = check_state_idle; ++ if (!dev) ++ dev = &sh->dev[sh->pd_idx]; ++ ++ /* check that a write has not made the stripe insync */ ++ if (test_bit(STRIPE_INSYNC, &sh->state)) ++ break; ++ ++ /* either failed parity check, or recovery is happening */ ++ BUG_ON(!test_bit(R5_UPTODATE, &dev->flags)); ++ BUG_ON(s->uptodate != disks); ++ ++ set_bit(R5_LOCKED, &dev->flags); ++ s->locked++; ++ set_bit(R5_Wantwrite, &dev->flags); ++ ++ clear_bit(STRIPE_DEGRADED, &sh->state); ++ set_bit(STRIPE_INSYNC, &sh->state); ++ break; ++ case check_state_run: ++ break; /* we will be called again upon completion */ ++ case check_state_check_result: ++ sh->check_state = check_state_idle; ++ ++ /* if a failure occurred during the check operation, leave ++ * STRIPE_INSYNC not set and let the stripe be handled again ++ */ ++ if (s->failed) ++ break; ++ ++ /* handle a successful check operation, if parity is correct ++ * we are done. Otherwise update the mismatch count and repair ++ * parity if !MD_RECOVERY_CHECK ++ */ ++ if ((sh->ops.zero_sum_result & SUM_CHECK_P_RESULT) == 0) ++ /* parity is correct (on disc, ++ * not in buffer any more) ++ */ ++ set_bit(STRIPE_INSYNC, &sh->state); ++ else { ++ atomic64_add(STRIPE_SECTORS, &conf->mddev->resync_mismatches); ++ if (test_bit(MD_RECOVERY_CHECK, &conf->mddev->recovery)) ++ /* don't try to repair!! */ ++ set_bit(STRIPE_INSYNC, &sh->state); ++ else { ++ sh->check_state = check_state_compute_run; ++ set_bit(STRIPE_COMPUTE_RUN, &sh->state); ++ set_bit(STRIPE_OP_COMPUTE_BLK, &s->ops_request); ++ set_bit(R5_Wantcompute, ++ &sh->dev[sh->pd_idx].flags); ++ sh->ops.target = sh->pd_idx; ++ sh->ops.target2 = -1; ++ s->uptodate++; ++ } ++ } ++ break; ++ case check_state_compute_run: ++ break; ++ default: ++ printk(KERN_ERR "%s: unknown check_state: %d sector: %llu\n", ++ __func__, sh->check_state, ++ (unsigned long long) sh->sector); ++ BUG(); ++ } ++} ++ ++static void handle_parity_checks6(struct r5conf *conf, struct stripe_head *sh, ++ struct stripe_head_state *s, ++ int disks) ++{ ++ int pd_idx = sh->pd_idx; ++ int qd_idx = sh->qd_idx; ++ struct r5dev *dev; ++ ++ set_bit(STRIPE_HANDLE, &sh->state); ++ ++ BUG_ON(s->failed > 2); ++ ++ /* Want to check and possibly repair P and Q. ++ * However there could be one 'failed' device, in which ++ * case we can only check one of them, possibly using the ++ * other to generate missing data ++ */ ++ ++ switch (sh->check_state) { ++ case check_state_idle: ++ /* start a new check operation if there are < 2 failures */ ++ if (s->failed == s->q_failed) { ++ /* The only possible failed device holds Q, so it ++ * makes sense to check P (If anything else were failed, ++ * we would have used P to recreate it). ++ */ ++ sh->check_state = check_state_run; ++ } ++ if (!s->q_failed && s->failed < 2) { ++ /* Q is not failed, and we didn't use it to generate ++ * anything, so it makes sense to check it ++ */ ++ if (sh->check_state == check_state_run) ++ sh->check_state = check_state_run_pq; ++ else ++ sh->check_state = check_state_run_q; ++ } ++ ++ /* discard potentially stale zero_sum_result */ ++ sh->ops.zero_sum_result = 0; ++ ++ if (sh->check_state == check_state_run) { ++ /* async_xor_zero_sum destroys the contents of P */ ++ clear_bit(R5_UPTODATE, &sh->dev[pd_idx].flags); ++ s->uptodate--; ++ } ++ if (sh->check_state >= check_state_run && ++ sh->check_state <= check_state_run_pq) { ++ /* async_syndrome_zero_sum preserves P and Q, so ++ * no need to mark them !uptodate here ++ */ ++ set_bit(STRIPE_OP_CHECK, &s->ops_request); ++ break; ++ } ++ ++ /* we have 2-disk failure */ ++ BUG_ON(s->failed != 2); ++ /* fall through */ ++ case check_state_compute_result: ++ sh->check_state = check_state_idle; ++ ++ /* check that a write has not made the stripe insync */ ++ if (test_bit(STRIPE_INSYNC, &sh->state)) ++ break; ++ ++ /* now write out any block on a failed drive, ++ * or P or Q if they were recomputed ++ */ ++ BUG_ON(s->uptodate < disks - 1); /* We don't need Q to recover */ ++ if (s->failed == 2) { ++ dev = &sh->dev[s->failed_num[1]]; ++ s->locked++; ++ set_bit(R5_LOCKED, &dev->flags); ++ set_bit(R5_Wantwrite, &dev->flags); ++ } ++ if (s->failed >= 1) { ++ dev = &sh->dev[s->failed_num[0]]; ++ s->locked++; ++ set_bit(R5_LOCKED, &dev->flags); ++ set_bit(R5_Wantwrite, &dev->flags); ++ } ++ if (sh->ops.zero_sum_result & SUM_CHECK_P_RESULT) { ++ dev = &sh->dev[pd_idx]; ++ s->locked++; ++ set_bit(R5_LOCKED, &dev->flags); ++ set_bit(R5_Wantwrite, &dev->flags); ++ } ++ if (sh->ops.zero_sum_result & SUM_CHECK_Q_RESULT) { ++ dev = &sh->dev[qd_idx]; ++ s->locked++; ++ set_bit(R5_LOCKED, &dev->flags); ++ set_bit(R5_Wantwrite, &dev->flags); ++ } ++ clear_bit(STRIPE_DEGRADED, &sh->state); ++ ++ set_bit(STRIPE_INSYNC, &sh->state); ++ break; ++ case check_state_run: ++ case check_state_run_q: ++ case check_state_run_pq: ++ break; /* we will be called again upon completion */ ++ case check_state_check_result: ++ sh->check_state = check_state_idle; ++ ++ /* handle a successful check operation, if parity is correct ++ * we are done. Otherwise update the mismatch count and repair ++ * parity if !MD_RECOVERY_CHECK ++ */ ++ if (sh->ops.zero_sum_result == 0) { ++ /* both parities are correct */ ++ if (!s->failed) ++ set_bit(STRIPE_INSYNC, &sh->state); ++ else { ++ /* in contrast to the raid5 case we can validate ++ * parity, but still have a failure to write ++ * back ++ */ ++ sh->check_state = check_state_compute_result; ++ /* Returning at this point means that we may go ++ * off and bring p and/or q uptodate again so ++ * we make sure to check zero_sum_result again ++ * to verify if p or q need writeback ++ */ ++ } ++ } else { ++ atomic64_add(STRIPE_SECTORS, &conf->mddev->resync_mismatches); ++ if (test_bit(MD_RECOVERY_CHECK, &conf->mddev->recovery)) ++ /* don't try to repair!! */ ++ set_bit(STRIPE_INSYNC, &sh->state); ++ else { ++ int *target = &sh->ops.target; ++ ++ sh->ops.target = -1; ++ sh->ops.target2 = -1; ++ sh->check_state = check_state_compute_run; ++ set_bit(STRIPE_COMPUTE_RUN, &sh->state); ++ set_bit(STRIPE_OP_COMPUTE_BLK, &s->ops_request); ++ if (sh->ops.zero_sum_result & SUM_CHECK_P_RESULT) { ++ set_bit(R5_Wantcompute, ++ &sh->dev[pd_idx].flags); ++ *target = pd_idx; ++ target = &sh->ops.target2; ++ s->uptodate++; ++ } ++ if (sh->ops.zero_sum_result & SUM_CHECK_Q_RESULT) { ++ set_bit(R5_Wantcompute, ++ &sh->dev[qd_idx].flags); ++ *target = qd_idx; ++ s->uptodate++; ++ } ++ } ++ } ++ break; ++ case check_state_compute_run: ++ break; ++ default: ++ printk(KERN_ERR "%s: unknown check_state: %d sector: %llu\n", ++ __func__, sh->check_state, ++ (unsigned long long) sh->sector); ++ BUG(); ++ } ++} ++ ++static void handle_stripe_expansion(struct r5conf *conf, struct stripe_head *sh) ++{ ++ int i; ++ ++ /* We have read all the blocks in this stripe and now we need to ++ * copy some of them into a target stripe for expand. ++ */ ++ struct dma_async_tx_descriptor *tx = NULL; ++ clear_bit(STRIPE_EXPAND_SOURCE, &sh->state); ++ for (i = 0; i < sh->disks; i++) ++ if (i != sh->pd_idx && i != sh->qd_idx) { ++ int dd_idx, j; ++ struct stripe_head *sh2; ++ struct async_submit_ctl submit; ++ ++ sector_t bn = compute_blocknr(sh, i, 1); ++ sector_t s = raid5_compute_sector(conf, bn, 0, ++ &dd_idx, NULL); ++ sh2 = get_active_stripe(conf, s, 0, 1, 1); ++ if (sh2 == NULL) ++ /* so far only the early blocks of this stripe ++ * have been requested. When later blocks ++ * get requested, we will try again ++ */ ++ continue; ++ if (!test_bit(STRIPE_EXPANDING, &sh2->state) || ++ test_bit(R5_Expanded, &sh2->dev[dd_idx].flags)) { ++ /* must have already done this block */ ++ release_stripe(sh2); ++ continue; ++ } ++ ++ /* place all the copies on one channel */ ++ init_async_submit(&submit, 0, tx, NULL, NULL, NULL); ++ tx = async_memcpy(sh2->dev[dd_idx].page, ++ sh->dev[i].page, 0, 0, STRIPE_SIZE, ++ &submit); ++ ++ set_bit(R5_Expanded, &sh2->dev[dd_idx].flags); ++ set_bit(R5_UPTODATE, &sh2->dev[dd_idx].flags); ++ for (j = 0; j < conf->raid_disks; j++) ++ if (j != sh2->pd_idx && ++ j != sh2->qd_idx && ++ !test_bit(R5_Expanded, &sh2->dev[j].flags)) ++ break; ++ if (j == conf->raid_disks) { ++ set_bit(STRIPE_EXPAND_READY, &sh2->state); ++ set_bit(STRIPE_HANDLE, &sh2->state); ++ } ++ release_stripe(sh2); ++ ++ } ++ /* done submitting copies, wait for them to complete */ ++ async_tx_quiesce(&tx); ++} ++ ++/* ++ * handle_stripe - do things to a stripe. ++ * ++ * We lock the stripe by setting STRIPE_ACTIVE and then examine the ++ * state of various bits to see what needs to be done. ++ * Possible results: ++ * return some read requests which now have data ++ * return some write requests which are safely on storage ++ * schedule a read on some buffers ++ * schedule a write of some buffers ++ * return confirmation of parity correctness ++ * ++ */ ++ ++static void analyse_stripe(struct stripe_head *sh, struct stripe_head_state *s) ++{ ++ struct r5conf *conf = sh->raid_conf; ++ int disks = sh->disks; ++ struct r5dev *dev; ++ int i; ++ int do_recovery = 0; ++ ++ memset(s, 0, sizeof(*s)); ++ ++ s->expanding = test_bit(STRIPE_EXPAND_SOURCE, &sh->state); ++ s->expanded = test_bit(STRIPE_EXPAND_READY, &sh->state); ++ s->failed_num[0] = -1; ++ s->failed_num[1] = -1; ++ ++ /* Now to look around and see what can be done */ ++ rcu_read_lock(); ++ for (i=disks; i--; ) { ++ struct md_rdev *rdev; ++ sector_t first_bad; ++ int bad_sectors; ++ int is_bad = 0; ++ ++ dev = &sh->dev[i]; ++ ++ pr_debug("check %d: state 0x%lx read %p write %p written %p\n", ++ i, dev->flags, ++ dev->toread, dev->towrite, dev->written); ++ /* maybe we can reply to a read ++ * ++ * new wantfill requests are only permitted while ++ * ops_complete_biofill is guaranteed to be inactive ++ */ ++ if (test_bit(R5_UPTODATE, &dev->flags) && dev->toread && ++ !test_bit(STRIPE_BIOFILL_RUN, &sh->state)) ++ set_bit(R5_Wantfill, &dev->flags); ++ ++ /* now count some things */ ++ if (test_bit(R5_LOCKED, &dev->flags)) ++ s->locked++; ++ if (test_bit(R5_UPTODATE, &dev->flags)) ++ s->uptodate++; ++ if (test_bit(R5_Wantcompute, &dev->flags)) { ++ s->compute++; ++ BUG_ON(s->compute > 2); ++ } ++ ++ if (test_bit(R5_Wantfill, &dev->flags)) ++ s->to_fill++; ++ else if (dev->toread) ++ s->to_read++; ++ if (dev->towrite) { ++ s->to_write++; ++ if (!test_bit(R5_OVERWRITE, &dev->flags)) ++ s->non_overwrite++; ++ } ++ if (dev->written) ++ s->written++; ++ /* Prefer to use the replacement for reads, but only ++ * if it is recovered enough and has no bad blocks. ++ */ ++ rdev = rcu_dereference(conf->disks[i].replacement); ++ if (rdev && !test_bit(Faulty, &rdev->flags) && ++ rdev->recovery_offset >= sh->sector + STRIPE_SECTORS && ++ !is_badblock(rdev, sh->sector, STRIPE_SECTORS, ++ &first_bad, &bad_sectors)) ++ set_bit(R5_ReadRepl, &dev->flags); ++ else { ++ if (rdev) ++ set_bit(R5_NeedReplace, &dev->flags); ++ rdev = rcu_dereference(conf->disks[i].rdev); ++ clear_bit(R5_ReadRepl, &dev->flags); ++ } ++ if (rdev && test_bit(Faulty, &rdev->flags)) ++ rdev = NULL; ++ if (rdev) { ++ is_bad = is_badblock(rdev, sh->sector, STRIPE_SECTORS, ++ &first_bad, &bad_sectors); ++ if (s->blocked_rdev == NULL ++ && (test_bit(Blocked, &rdev->flags) ++ || is_bad < 0)) { ++ if (is_bad < 0) ++ set_bit(BlockedBadBlocks, ++ &rdev->flags); ++ s->blocked_rdev = rdev; ++ atomic_inc(&rdev->nr_pending); ++ } ++ } ++ clear_bit(R5_Insync, &dev->flags); ++ if (!rdev) ++ /* Not in-sync */; ++ else if (is_bad) { ++ /* also not in-sync */ ++ if (!test_bit(WriteErrorSeen, &rdev->flags) && ++ test_bit(R5_UPTODATE, &dev->flags)) { ++ /* treat as in-sync, but with a read error ++ * which we can now try to correct ++ */ ++ set_bit(R5_Insync, &dev->flags); ++ set_bit(R5_ReadError, &dev->flags); ++ } ++ } else if (test_bit(In_sync, &rdev->flags)) ++ set_bit(R5_Insync, &dev->flags); ++ else if (sh->sector + STRIPE_SECTORS <= rdev->recovery_offset) ++ /* in sync if before recovery_offset */ ++ set_bit(R5_Insync, &dev->flags); ++ else if (test_bit(R5_UPTODATE, &dev->flags) && ++ test_bit(R5_Expanded, &dev->flags)) ++ /* If we've reshaped into here, we assume it is Insync. ++ * We will shortly update recovery_offset to make ++ * it official. ++ */ ++ set_bit(R5_Insync, &dev->flags); ++ ++ if (test_bit(R5_WriteError, &dev->flags)) { ++ /* This flag does not apply to '.replacement' ++ * only to .rdev, so make sure to check that*/ ++ struct md_rdev *rdev2 = rcu_dereference( ++ conf->disks[i].rdev); ++ if (rdev2 == rdev) ++ clear_bit(R5_Insync, &dev->flags); ++ if (rdev2 && !test_bit(Faulty, &rdev2->flags)) { ++ s->handle_bad_blocks = 1; ++ atomic_inc(&rdev2->nr_pending); ++ } else ++ clear_bit(R5_WriteError, &dev->flags); ++ } ++ if (test_bit(R5_MadeGood, &dev->flags)) { ++ /* This flag does not apply to '.replacement' ++ * only to .rdev, so make sure to check that*/ ++ struct md_rdev *rdev2 = rcu_dereference( ++ conf->disks[i].rdev); ++ if (rdev2 && !test_bit(Faulty, &rdev2->flags)) { ++ s->handle_bad_blocks = 1; ++ atomic_inc(&rdev2->nr_pending); ++ } else ++ clear_bit(R5_MadeGood, &dev->flags); ++ } ++ if (test_bit(R5_MadeGoodRepl, &dev->flags)) { ++ struct md_rdev *rdev2 = rcu_dereference( ++ conf->disks[i].replacement); ++ if (rdev2 && !test_bit(Faulty, &rdev2->flags)) { ++ s->handle_bad_blocks = 1; ++ atomic_inc(&rdev2->nr_pending); ++ } else ++ clear_bit(R5_MadeGoodRepl, &dev->flags); ++ } ++ if (!test_bit(R5_Insync, &dev->flags)) { ++ /* The ReadError flag will just be confusing now */ ++ clear_bit(R5_ReadError, &dev->flags); ++ clear_bit(R5_ReWrite, &dev->flags); ++ } ++ if (test_bit(R5_ReadError, &dev->flags)) ++ clear_bit(R5_Insync, &dev->flags); ++ if (!test_bit(R5_Insync, &dev->flags)) { ++ if (s->failed < 2) ++ s->failed_num[s->failed] = i; ++ s->failed++; ++ if (rdev && !test_bit(Faulty, &rdev->flags)) ++ do_recovery = 1; ++ } ++ } ++ if (test_bit(STRIPE_SYNCING, &sh->state)) { ++ /* If there is a failed device being replaced, ++ * we must be recovering. ++ * else if we are after recovery_cp, we must be syncing ++ * else if MD_RECOVERY_REQUESTED is set, we also are syncing. ++ * else we can only be replacing ++ * sync and recovery both need to read all devices, and so ++ * use the same flag. ++ */ ++ if (do_recovery || ++ sh->sector >= conf->mddev->recovery_cp || ++ test_bit(MD_RECOVERY_REQUESTED, &(conf->mddev->recovery))) ++ s->syncing = 1; ++ else ++ s->replacing = 1; ++ } ++ rcu_read_unlock(); ++} ++ ++static void handle_stripe(struct stripe_head *sh) ++{ ++ struct stripe_head_state s; ++ struct r5conf *conf = sh->raid_conf; ++ int i; ++ int prexor; ++ int disks = sh->disks; ++ struct r5dev *pdev, *qdev; ++ ++ clear_bit(STRIPE_HANDLE, &sh->state); ++ if (test_and_set_bit_lock(STRIPE_ACTIVE, &sh->state)) { ++ /* already being handled, ensure it gets handled ++ * again when current action finishes */ ++ set_bit(STRIPE_HANDLE, &sh->state); ++ return; ++ } ++ ++ if (test_bit(STRIPE_SYNC_REQUESTED, &sh->state)) { ++ spin_lock(&sh->stripe_lock); ++ /* Cannot process 'sync' concurrently with 'discard' */ ++ if (!test_bit(STRIPE_DISCARD, &sh->state) && ++ test_and_clear_bit(STRIPE_SYNC_REQUESTED, &sh->state)) { ++ set_bit(STRIPE_SYNCING, &sh->state); ++ clear_bit(STRIPE_INSYNC, &sh->state); ++ clear_bit(STRIPE_REPLACED, &sh->state); ++ } ++ spin_unlock(&sh->stripe_lock); ++ } ++ clear_bit(STRIPE_DELAYED, &sh->state); ++ ++ pr_debug("handling stripe %llu, state=%#lx cnt=%d, " ++ "pd_idx=%d, qd_idx=%d\n, check:%d, reconstruct:%d\n", ++ (unsigned long long)sh->sector, sh->state, ++ atomic_read(&sh->count), sh->pd_idx, sh->qd_idx, ++ sh->check_state, sh->reconstruct_state); ++ ++ analyse_stripe(sh, &s); ++ ++ if (s.handle_bad_blocks) { ++ set_bit(STRIPE_HANDLE, &sh->state); ++ goto finish; ++ } ++ ++ if (unlikely(s.blocked_rdev)) { ++ if (s.syncing || s.expanding || s.expanded || ++ s.replacing || s.to_write || s.written) { ++ set_bit(STRIPE_HANDLE, &sh->state); ++ goto finish; ++ } ++ /* There is nothing for the blocked_rdev to block */ ++ rdev_dec_pending(s.blocked_rdev, conf->mddev); ++ s.blocked_rdev = NULL; ++ } ++ ++ if (s.to_fill && !test_bit(STRIPE_BIOFILL_RUN, &sh->state)) { ++ set_bit(STRIPE_OP_BIOFILL, &s.ops_request); ++ set_bit(STRIPE_BIOFILL_RUN, &sh->state); ++ } ++ ++ pr_debug("locked=%d uptodate=%d to_read=%d" ++ " to_write=%d failed=%d failed_num=%d,%d\n", ++ s.locked, s.uptodate, s.to_read, s.to_write, s.failed, ++ s.failed_num[0], s.failed_num[1]); ++ /* check if the array has lost more than max_degraded devices and, ++ * if so, some requests might need to be failed. ++ */ ++ if (s.failed > conf->max_degraded) { ++ sh->check_state = 0; ++ sh->reconstruct_state = 0; ++ if (s.to_read+s.to_write+s.written) ++ handle_failed_stripe(conf, sh, &s, disks, &s.return_bi); ++ if (s.syncing + s.replacing) ++ handle_failed_sync(conf, sh, &s); ++ } ++ ++ /* Now we check to see if any write operations have recently ++ * completed ++ */ ++ prexor = 0; ++ if (sh->reconstruct_state == reconstruct_state_prexor_drain_result) ++ prexor = 1; ++ if (sh->reconstruct_state == reconstruct_state_drain_result || ++ sh->reconstruct_state == reconstruct_state_prexor_drain_result) { ++ sh->reconstruct_state = reconstruct_state_idle; ++ ++ /* All the 'written' buffers and the parity block are ready to ++ * be written back to disk ++ */ ++ BUG_ON(!test_bit(R5_UPTODATE, &sh->dev[sh->pd_idx].flags) && ++ !test_bit(R5_Discard, &sh->dev[sh->pd_idx].flags)); ++ BUG_ON(sh->qd_idx >= 0 && ++ !test_bit(R5_UPTODATE, &sh->dev[sh->qd_idx].flags) && ++ !test_bit(R5_Discard, &sh->dev[sh->qd_idx].flags)); ++ for (i = disks; i--; ) { ++ struct r5dev *dev = &sh->dev[i]; ++ if (test_bit(R5_LOCKED, &dev->flags) && ++ (i == sh->pd_idx || i == sh->qd_idx || ++ dev->written)) { ++ pr_debug("Writing block %d\n", i); ++ set_bit(R5_Wantwrite, &dev->flags); ++ if (prexor) ++ continue; ++ if (s.failed > 1) ++ continue; ++ if (!test_bit(R5_Insync, &dev->flags) || ++ ((i == sh->pd_idx || i == sh->qd_idx) && ++ s.failed == 0)) ++ set_bit(STRIPE_INSYNC, &sh->state); ++ } ++ } ++ if (test_and_clear_bit(STRIPE_PREREAD_ACTIVE, &sh->state)) ++ s.dec_preread_active = 1; ++ } ++ ++ /* ++ * might be able to return some write requests if the parity blocks ++ * are safe, or on a failed drive ++ */ ++ pdev = &sh->dev[sh->pd_idx]; ++ s.p_failed = (s.failed >= 1 && s.failed_num[0] == sh->pd_idx) ++ || (s.failed >= 2 && s.failed_num[1] == sh->pd_idx); ++ qdev = &sh->dev[sh->qd_idx]; ++ s.q_failed = (s.failed >= 1 && s.failed_num[0] == sh->qd_idx) ++ || (s.failed >= 2 && s.failed_num[1] == sh->qd_idx) ++ || conf->level < 6; ++ ++ if (s.written && ++ (s.p_failed || ((test_bit(R5_Insync, &pdev->flags) ++ && !test_bit(R5_LOCKED, &pdev->flags) ++ && (test_bit(R5_UPTODATE, &pdev->flags) || ++ test_bit(R5_Discard, &pdev->flags))))) && ++ (s.q_failed || ((test_bit(R5_Insync, &qdev->flags) ++ && !test_bit(R5_LOCKED, &qdev->flags) ++ && (test_bit(R5_UPTODATE, &qdev->flags) || ++ test_bit(R5_Discard, &qdev->flags)))))) ++ handle_stripe_clean_event(conf, sh, disks, &s.return_bi); ++ ++ /* Now we might consider reading some blocks, either to check/generate ++ * parity, or to satisfy requests ++ * or to load a block that is being partially written. ++ */ ++ if (s.to_read || s.non_overwrite ++ || (conf->level == 6 && s.to_write && s.failed) ++ || (s.syncing && (s.uptodate + s.compute < disks)) ++ || s.replacing ++ || s.expanding) ++ handle_stripe_fill(sh, &s, disks); ++ ++ /* Now to consider new write requests and what else, if anything ++ * should be read. We do not handle new writes when: ++ * 1/ A 'write' operation (copy+xor) is already in flight. ++ * 2/ A 'check' operation is in flight, as it may clobber the parity ++ * block. ++ */ ++ if (s.to_write && !sh->reconstruct_state && !sh->check_state) ++ handle_stripe_dirtying(conf, sh, &s, disks); ++ ++ /* maybe we need to check and possibly fix the parity for this stripe ++ * Any reads will already have been scheduled, so we just see if enough ++ * data is available. The parity check is held off while parity ++ * dependent operations are in flight. ++ */ ++ if (sh->check_state || ++ (s.syncing && s.locked == 0 && ++ !test_bit(STRIPE_COMPUTE_RUN, &sh->state) && ++ !test_bit(STRIPE_INSYNC, &sh->state))) { ++ if (conf->level == 6) ++ handle_parity_checks6(conf, sh, &s, disks); ++ else ++ handle_parity_checks5(conf, sh, &s, disks); ++ } ++ ++ if ((s.replacing || s.syncing) && s.locked == 0 ++ && !test_bit(STRIPE_COMPUTE_RUN, &sh->state) ++ && !test_bit(STRIPE_REPLACED, &sh->state)) { ++ /* Write out to replacement devices where possible */ ++ for (i = 0; i < conf->raid_disks; i++) ++ if (test_bit(R5_NeedReplace, &sh->dev[i].flags)) { ++ WARN_ON(!test_bit(R5_UPTODATE, &sh->dev[i].flags)); ++ set_bit(R5_WantReplace, &sh->dev[i].flags); ++ set_bit(R5_LOCKED, &sh->dev[i].flags); ++ s.locked++; ++ } ++ if (s.replacing) ++ set_bit(STRIPE_INSYNC, &sh->state); ++ set_bit(STRIPE_REPLACED, &sh->state); ++ } ++ if ((s.syncing || s.replacing) && s.locked == 0 && ++ !test_bit(STRIPE_COMPUTE_RUN, &sh->state) && ++ test_bit(STRIPE_INSYNC, &sh->state)) { ++ md_done_sync(conf->mddev, STRIPE_SECTORS, 1); ++ clear_bit(STRIPE_SYNCING, &sh->state); ++ if (test_and_clear_bit(R5_Overlap, &sh->dev[sh->pd_idx].flags)) ++ wake_up(&conf->wait_for_overlap); ++ } ++ ++ /* If the failed drives are just a ReadError, then we might need ++ * to progress the repair/check process ++ */ ++ if (s.failed <= conf->max_degraded && !conf->mddev->ro) ++ for (i = 0; i < s.failed; i++) { ++ struct r5dev *dev = &sh->dev[s.failed_num[i]]; ++ if (test_bit(R5_ReadError, &dev->flags) ++ && !test_bit(R5_LOCKED, &dev->flags) ++ && test_bit(R5_UPTODATE, &dev->flags) ++ ) { ++ if (!test_bit(R5_ReWrite, &dev->flags)) { ++ set_bit(R5_Wantwrite, &dev->flags); ++ set_bit(R5_ReWrite, &dev->flags); ++ set_bit(R5_LOCKED, &dev->flags); ++ s.locked++; ++ } else { ++ /* let's read it back */ ++ set_bit(R5_Wantread, &dev->flags); ++ set_bit(R5_LOCKED, &dev->flags); ++ s.locked++; ++ } ++ } ++ } ++ ++ /* Finish reconstruct operations initiated by the expansion process */ ++ if (sh->reconstruct_state == reconstruct_state_result) { ++ struct stripe_head *sh_src ++ = get_active_stripe(conf, sh->sector, 1, 1, 1); ++ if (sh_src && test_bit(STRIPE_EXPAND_SOURCE, &sh_src->state)) { ++ /* sh cannot be written until sh_src has been read. ++ * so arrange for sh to be delayed a little ++ */ ++ set_bit(STRIPE_DELAYED, &sh->state); ++ set_bit(STRIPE_HANDLE, &sh->state); ++ if (!test_and_set_bit(STRIPE_PREREAD_ACTIVE, ++ &sh_src->state)) ++ atomic_inc(&conf->preread_active_stripes); ++ release_stripe(sh_src); ++ goto finish; ++ } ++ if (sh_src) ++ release_stripe(sh_src); ++ ++ sh->reconstruct_state = reconstruct_state_idle; ++ clear_bit(STRIPE_EXPANDING, &sh->state); ++ for (i = conf->raid_disks; i--; ) { ++ set_bit(R5_Wantwrite, &sh->dev[i].flags); ++ set_bit(R5_LOCKED, &sh->dev[i].flags); ++ s.locked++; ++ } ++ } ++ ++ if (s.expanded && test_bit(STRIPE_EXPANDING, &sh->state) && ++ !sh->reconstruct_state) { ++ /* Need to write out all blocks after computing parity */ ++ sh->disks = conf->raid_disks; ++ stripe_set_idx(sh->sector, conf, 0, sh); ++ schedule_reconstruction(sh, &s, 1, 1); ++ } else if (s.expanded && !sh->reconstruct_state && s.locked == 0) { ++ clear_bit(STRIPE_EXPAND_READY, &sh->state); ++ atomic_dec(&conf->reshape_stripes); ++ wake_up(&conf->wait_for_overlap); ++ md_done_sync(conf->mddev, STRIPE_SECTORS, 1); ++ } ++ ++ if (s.expanding && s.locked == 0 && ++ !test_bit(STRIPE_COMPUTE_RUN, &sh->state)) ++ handle_stripe_expansion(conf, sh); ++ ++finish: ++ /* wait for this device to become unblocked */ ++ if (unlikely(s.blocked_rdev)) { ++ if (conf->mddev->external) ++ md_wait_for_blocked_rdev(s.blocked_rdev, ++ conf->mddev); ++ else ++ /* Internal metadata will immediately ++ * be written by raid5d, so we don't ++ * need to wait here. ++ */ ++ rdev_dec_pending(s.blocked_rdev, ++ conf->mddev); ++ } ++ ++ if (s.handle_bad_blocks) ++ for (i = disks; i--; ) { ++ struct md_rdev *rdev; ++ struct r5dev *dev = &sh->dev[i]; ++ if (test_and_clear_bit(R5_WriteError, &dev->flags)) { ++ /* We own a safe reference to the rdev */ ++ rdev = conf->disks[i].rdev; ++ if (!rdev_set_badblocks(rdev, sh->sector, ++ STRIPE_SECTORS, 0)) ++ md_error(conf->mddev, rdev); ++ rdev_dec_pending(rdev, conf->mddev); ++ } ++ if (test_and_clear_bit(R5_MadeGood, &dev->flags)) { ++ rdev = conf->disks[i].rdev; ++ rdev_clear_badblocks(rdev, sh->sector, ++ STRIPE_SECTORS, 0); ++ rdev_dec_pending(rdev, conf->mddev); ++ } ++ if (test_and_clear_bit(R5_MadeGoodRepl, &dev->flags)) { ++ rdev = conf->disks[i].replacement; ++ if (!rdev) ++ /* rdev have been moved down */ ++ rdev = conf->disks[i].rdev; ++ rdev_clear_badblocks(rdev, sh->sector, ++ STRIPE_SECTORS, 0); ++ rdev_dec_pending(rdev, conf->mddev); ++ } ++ } ++ ++ if (s.ops_request) ++ raid_run_ops(sh, s.ops_request); ++ ++ ops_run_io(sh, &s); ++ ++ if (s.dec_preread_active) { ++ /* We delay this until after ops_run_io so that if make_request ++ * is waiting on a flush, it won't continue until the writes ++ * have actually been submitted. ++ */ ++ atomic_dec(&conf->preread_active_stripes); ++ if (atomic_read(&conf->preread_active_stripes) < ++ IO_THRESHOLD) ++ md_wakeup_thread(conf->mddev->thread); ++ } ++ ++ return_io(s.return_bi); ++ ++ clear_bit_unlock(STRIPE_ACTIVE, &sh->state); ++} ++ ++static void raid5_activate_delayed(struct r5conf *conf) ++{ ++ if (atomic_read(&conf->preread_active_stripes) < IO_THRESHOLD) { ++ while (!list_empty(&conf->delayed_list)) { ++ struct list_head *l = conf->delayed_list.next; ++ struct stripe_head *sh; ++ sh = list_entry(l, struct stripe_head, lru); ++ list_del_init(l); ++ clear_bit(STRIPE_DELAYED, &sh->state); ++ if (!test_and_set_bit(STRIPE_PREREAD_ACTIVE, &sh->state)) ++ atomic_inc(&conf->preread_active_stripes); ++ list_add_tail(&sh->lru, &conf->hold_list); ++ raid5_wakeup_stripe_thread(sh); ++ } ++ } ++} ++ ++static void activate_bit_delay(struct r5conf *conf, ++ struct list_head *temp_inactive_list) ++{ ++ /* device_lock is held */ ++ struct list_head head; ++ list_add(&head, &conf->bitmap_list); ++ list_del_init(&conf->bitmap_list); ++ while (!list_empty(&head)) { ++ struct stripe_head *sh = list_entry(head.next, struct stripe_head, lru); ++ int hash; ++ list_del_init(&sh->lru); ++ atomic_inc(&sh->count); ++ hash = sh->hash_lock_index; ++ __release_stripe(conf, sh, &temp_inactive_list[hash]); ++ } ++} ++ ++int md_raid5_congested(struct mddev *mddev, int bits) ++{ ++ struct r5conf *conf = mddev->private; ++ ++ /* No difference between reads and writes. Just check ++ * how busy the stripe_cache is ++ */ ++ ++ if (conf->inactive_blocked) ++ return 1; ++ if (conf->quiesce) ++ return 1; ++ if (atomic_read(&conf->empty_inactive_list_nr)) ++ return 1; ++ ++ return 0; ++} ++EXPORT_SYMBOL_GPL(md_raid5_congested); ++ ++static int raid5_congested(void *data, int bits) ++{ ++ struct mddev *mddev = data; ++ ++ return mddev_congested(mddev, bits) || ++ md_raid5_congested(mddev, bits); ++} ++ ++/* We want read requests to align with chunks where possible, ++ * but write requests don't need to. ++ */ ++static int raid5_mergeable_bvec(struct request_queue *q, ++ struct bvec_merge_data *bvm, ++ struct bio_vec *biovec) ++{ ++ struct mddev *mddev = q->queuedata; ++ sector_t sector = bvm->bi_sector + get_start_sect(bvm->bi_bdev); ++ int max; ++ unsigned int chunk_sectors = mddev->chunk_sectors; ++ unsigned int bio_sectors = bvm->bi_size >> 9; ++ ++ if ((bvm->bi_rw & 1) == WRITE) ++ return biovec->bv_len; /* always allow writes to be mergeable */ ++ ++ if (mddev->new_chunk_sectors < mddev->chunk_sectors) ++ chunk_sectors = mddev->new_chunk_sectors; ++ max = (chunk_sectors - ((sector & (chunk_sectors - 1)) + bio_sectors)) << 9; ++ if (max < 0) max = 0; ++ if (max <= biovec->bv_len && bio_sectors == 0) ++ return biovec->bv_len; ++ else ++ return max; ++} ++ ++static int in_chunk_boundary(struct mddev *mddev, struct bio *bio) ++{ ++ sector_t sector = bio->bi_iter.bi_sector + get_start_sect(bio->bi_bdev); ++ unsigned int chunk_sectors = mddev->chunk_sectors; ++ unsigned int bio_sectors = bio_sectors(bio); ++ ++ if (mddev->new_chunk_sectors < mddev->chunk_sectors) ++ chunk_sectors = mddev->new_chunk_sectors; ++ return chunk_sectors >= ++ ((sector & (chunk_sectors - 1)) + bio_sectors); ++} ++ ++/* ++ * add bio to the retry LIFO ( in O(1) ... we are in interrupt ) ++ * later sampled by raid5d. ++ */ ++static void add_bio_to_retry(struct bio *bi,struct r5conf *conf) ++{ ++ unsigned long flags; ++ ++ spin_lock_irqsave(&conf->device_lock, flags); ++ ++ bi->bi_next = conf->retry_read_aligned_list; ++ conf->retry_read_aligned_list = bi; ++ ++ spin_unlock_irqrestore(&conf->device_lock, flags); ++ md_wakeup_thread(conf->mddev->thread); ++} ++ ++static struct bio *remove_bio_from_retry(struct r5conf *conf) ++{ ++ struct bio *bi; ++ ++ bi = conf->retry_read_aligned; ++ if (bi) { ++ conf->retry_read_aligned = NULL; ++ return bi; ++ } ++ bi = conf->retry_read_aligned_list; ++ if(bi) { ++ conf->retry_read_aligned_list = bi->bi_next; ++ bi->bi_next = NULL; ++ /* ++ * this sets the active strip count to 1 and the processed ++ * strip count to zero (upper 8 bits) ++ */ ++ raid5_set_bi_stripes(bi, 1); /* biased count of active stripes */ ++ } ++ ++ return bi; ++} ++ ++/* ++ * The "raid5_align_endio" should check if the read succeeded and if it ++ * did, call bio_endio on the original bio (having bio_put the new bio ++ * first). ++ * If the read failed.. ++ */ ++static void raid5_align_endio(struct bio *bi, int error) ++{ ++ struct bio* raid_bi = bi->bi_private; ++ struct mddev *mddev; ++ struct r5conf *conf; ++ int uptodate = test_bit(BIO_UPTODATE, &bi->bi_flags); ++ struct md_rdev *rdev; ++ ++ bio_put(bi); ++ ++ rdev = (void*)raid_bi->bi_next; ++ raid_bi->bi_next = NULL; ++ mddev = rdev->mddev; ++ conf = mddev->private; ++ ++ rdev_dec_pending(rdev, conf->mddev); ++ ++ if (!error && uptodate) { ++ trace_block_bio_complete(bdev_get_queue(raid_bi->bi_bdev), ++ raid_bi, 0); ++ bio_endio(raid_bi, 0); ++ if (atomic_dec_and_test(&conf->active_aligned_reads)) ++ wake_up(&conf->wait_for_stripe); ++ return; ++ } ++ ++ pr_debug("raid5_align_endio : io error...handing IO for a retry\n"); ++ ++ add_bio_to_retry(raid_bi, conf); ++} ++ ++static int bio_fits_rdev(struct bio *bi) ++{ ++ struct request_queue *q = bdev_get_queue(bi->bi_bdev); ++ ++ if (bio_sectors(bi) > queue_max_sectors(q)) ++ return 0; ++ blk_recount_segments(q, bi); ++ if (bi->bi_phys_segments > queue_max_segments(q)) ++ return 0; ++ ++ if (q->merge_bvec_fn) ++ /* it's too hard to apply the merge_bvec_fn at this stage, ++ * just just give up ++ */ ++ return 0; ++ ++ return 1; ++} ++ ++static int chunk_aligned_read(struct mddev *mddev, struct bio * raid_bio) ++{ ++ struct r5conf *conf = mddev->private; ++ int dd_idx; ++ struct bio* align_bi; ++ struct md_rdev *rdev; ++ sector_t end_sector; ++ ++ if (!in_chunk_boundary(mddev, raid_bio)) { ++ pr_debug("chunk_aligned_read : non aligned\n"); ++ return 0; ++ } ++ /* ++ * use bio_clone_mddev to make a copy of the bio ++ */ ++ align_bi = bio_clone_mddev(raid_bio, GFP_NOIO, mddev); ++ if (!align_bi) ++ return 0; ++ /* ++ * set bi_end_io to a new function, and set bi_private to the ++ * original bio. ++ */ ++ align_bi->bi_end_io = raid5_align_endio; ++ align_bi->bi_private = raid_bio; ++ /* ++ * compute position ++ */ ++ align_bi->bi_iter.bi_sector = ++ raid5_compute_sector(conf, raid_bio->bi_iter.bi_sector, ++ 0, &dd_idx, NULL); ++ ++ end_sector = bio_end_sector(align_bi); ++ rcu_read_lock(); ++ rdev = rcu_dereference(conf->disks[dd_idx].replacement); ++ if (!rdev || test_bit(Faulty, &rdev->flags) || ++ rdev->recovery_offset < end_sector) { ++ rdev = rcu_dereference(conf->disks[dd_idx].rdev); ++ if (rdev && ++ (test_bit(Faulty, &rdev->flags) || ++ !(test_bit(In_sync, &rdev->flags) || ++ rdev->recovery_offset >= end_sector))) ++ rdev = NULL; ++ } ++ if (rdev) { ++ sector_t first_bad; ++ int bad_sectors; ++ ++ atomic_inc(&rdev->nr_pending); ++ rcu_read_unlock(); ++ raid_bio->bi_next = (void*)rdev; ++ align_bi->bi_bdev = rdev->bdev; ++ __clear_bit(BIO_SEG_VALID, &align_bi->bi_flags); ++ ++ if (!bio_fits_rdev(align_bi) || ++ is_badblock(rdev, align_bi->bi_iter.bi_sector, ++ bio_sectors(align_bi), ++ &first_bad, &bad_sectors)) { ++ /* too big in some way, or has a known bad block */ ++ bio_put(align_bi); ++ rdev_dec_pending(rdev, mddev); ++ return 0; ++ } ++ ++ /* No reshape active, so we can trust rdev->data_offset */ ++ align_bi->bi_iter.bi_sector += rdev->data_offset; ++ ++ spin_lock_irq(&conf->device_lock); ++ wait_event_lock_irq(conf->wait_for_stripe, ++ conf->quiesce == 0, ++ conf->device_lock); ++ atomic_inc(&conf->active_aligned_reads); ++ spin_unlock_irq(&conf->device_lock); ++ ++ if (mddev->gendisk) ++ trace_block_bio_remap(bdev_get_queue(align_bi->bi_bdev), ++ align_bi, disk_devt(mddev->gendisk), ++ raid_bio->bi_iter.bi_sector); ++ generic_make_request(align_bi); ++ return 1; ++ } else { ++ rcu_read_unlock(); ++ bio_put(align_bi); ++ return 0; ++ } ++} ++ ++/* __get_priority_stripe - get the next stripe to process ++ * ++ * Full stripe writes are allowed to pass preread active stripes up until ++ * the bypass_threshold is exceeded. In general the bypass_count ++ * increments when the handle_list is handled before the hold_list; however, it ++ * will not be incremented when STRIPE_IO_STARTED is sampled set signifying a ++ * stripe with in flight i/o. The bypass_count will be reset when the ++ * head of the hold_list has changed, i.e. the head was promoted to the ++ * handle_list. ++ */ ++static struct stripe_head *__get_priority_stripe(struct r5conf *conf, int group) ++{ ++ struct stripe_head *sh = NULL, *tmp; ++ struct list_head *handle_list = NULL; ++ struct r5worker_group *wg = NULL; ++ ++ if (conf->worker_cnt_per_group == 0) { ++ handle_list = &conf->handle_list; ++ } else if (group != ANY_GROUP) { ++ handle_list = &conf->worker_groups[group].handle_list; ++ wg = &conf->worker_groups[group]; ++ } else { ++ int i; ++ for (i = 0; i < conf->group_cnt; i++) { ++ handle_list = &conf->worker_groups[i].handle_list; ++ wg = &conf->worker_groups[i]; ++ if (!list_empty(handle_list)) ++ break; ++ } ++ } ++ ++ pr_debug("%s: handle: %s hold: %s full_writes: %d bypass_count: %d\n", ++ __func__, ++ list_empty(handle_list) ? "empty" : "busy", ++ list_empty(&conf->hold_list) ? "empty" : "busy", ++ atomic_read(&conf->pending_full_writes), conf->bypass_count); ++ ++ if (!list_empty(handle_list)) { ++ sh = list_entry(handle_list->next, typeof(*sh), lru); ++ ++ if (list_empty(&conf->hold_list)) ++ conf->bypass_count = 0; ++ else if (!test_bit(STRIPE_IO_STARTED, &sh->state)) { ++ if (conf->hold_list.next == conf->last_hold) ++ conf->bypass_count++; ++ else { ++ conf->last_hold = conf->hold_list.next; ++ conf->bypass_count -= conf->bypass_threshold; ++ if (conf->bypass_count < 0) ++ conf->bypass_count = 0; ++ } ++ } ++ } else if (!list_empty(&conf->hold_list) && ++ ((conf->bypass_threshold && ++ conf->bypass_count > conf->bypass_threshold) || ++ atomic_read(&conf->pending_full_writes) == 0)) { ++ ++ list_for_each_entry(tmp, &conf->hold_list, lru) { ++ if (conf->worker_cnt_per_group == 0 || ++ group == ANY_GROUP || ++ !cpu_online(tmp->cpu) || ++ cpu_to_group(tmp->cpu) == group) { ++ sh = tmp; ++ break; ++ } ++ } ++ ++ if (sh) { ++ conf->bypass_count -= conf->bypass_threshold; ++ if (conf->bypass_count < 0) ++ conf->bypass_count = 0; ++ } ++ wg = NULL; ++ } ++ ++ if (!sh) ++ return NULL; ++ ++ if (wg) { ++ wg->stripes_cnt--; ++ sh->group = NULL; ++ } ++ list_del_init(&sh->lru); ++ BUG_ON(atomic_inc_return(&sh->count) != 1); ++ return sh; ++} ++ ++struct raid5_plug_cb { ++ struct blk_plug_cb cb; ++ struct list_head list; ++ struct list_head temp_inactive_list[NR_STRIPE_HASH_LOCKS]; ++}; ++ ++static void raid5_unplug(struct blk_plug_cb *blk_cb, bool from_schedule) ++{ ++ struct raid5_plug_cb *cb = container_of( ++ blk_cb, struct raid5_plug_cb, cb); ++ struct stripe_head *sh; ++ struct mddev *mddev = cb->cb.data; ++ struct r5conf *conf = mddev->private; ++ int cnt = 0; ++ int hash; ++ ++ if (cb->list.next && !list_empty(&cb->list)) { ++ spin_lock_irq(&conf->device_lock); ++ while (!list_empty(&cb->list)) { ++ sh = list_first_entry(&cb->list, struct stripe_head, lru); ++ list_del_init(&sh->lru); ++ /* ++ * avoid race release_stripe_plug() sees ++ * STRIPE_ON_UNPLUG_LIST clear but the stripe ++ * is still in our list ++ */ ++ smp_mb__before_atomic(); ++ clear_bit(STRIPE_ON_UNPLUG_LIST, &sh->state); ++ /* ++ * STRIPE_ON_RELEASE_LIST could be set here. In that ++ * case, the count is always > 1 here ++ */ ++ hash = sh->hash_lock_index; ++ __release_stripe(conf, sh, &cb->temp_inactive_list[hash]); ++ cnt++; ++ } ++ spin_unlock_irq(&conf->device_lock); ++ } ++ release_inactive_stripe_list(conf, cb->temp_inactive_list, ++ NR_STRIPE_HASH_LOCKS); ++ if (mddev->queue) ++ trace_block_unplug(mddev->queue, cnt, !from_schedule); ++ kfree(cb); ++} ++ ++static void release_stripe_plug(struct mddev *mddev, ++ struct stripe_head *sh) ++{ ++ struct blk_plug_cb *blk_cb = blk_check_plugged( ++ raid5_unplug, mddev, ++ sizeof(struct raid5_plug_cb)); ++ struct raid5_plug_cb *cb; ++ ++ if (!blk_cb) { ++ release_stripe(sh); ++ return; ++ } ++ ++ cb = container_of(blk_cb, struct raid5_plug_cb, cb); ++ ++ if (cb->list.next == NULL) { ++ int i; ++ INIT_LIST_HEAD(&cb->list); ++ for (i = 0; i < NR_STRIPE_HASH_LOCKS; i++) ++ INIT_LIST_HEAD(cb->temp_inactive_list + i); ++ } ++ ++ if (!test_and_set_bit(STRIPE_ON_UNPLUG_LIST, &sh->state)) ++ list_add_tail(&sh->lru, &cb->list); ++ else ++ release_stripe(sh); ++} ++ ++static void make_discard_request(struct mddev *mddev, struct bio *bi) ++{ ++ struct r5conf *conf = mddev->private; ++ sector_t logical_sector, last_sector; ++ struct stripe_head *sh; ++ int remaining; ++ int stripe_sectors; ++ ++ if (mddev->reshape_position != MaxSector) ++ /* Skip discard while reshape is happening */ ++ return; ++ ++ logical_sector = bi->bi_iter.bi_sector & ~((sector_t)STRIPE_SECTORS-1); ++ last_sector = bi->bi_iter.bi_sector + (bi->bi_iter.bi_size>>9); ++ ++ bi->bi_next = NULL; ++ bi->bi_phys_segments = 1; /* over-loaded to count active stripes */ ++ ++ stripe_sectors = conf->chunk_sectors * ++ (conf->raid_disks - conf->max_degraded); ++ logical_sector = DIV_ROUND_UP_SECTOR_T(logical_sector, ++ stripe_sectors); ++ sector_div(last_sector, stripe_sectors); ++ ++ logical_sector *= conf->chunk_sectors; ++ last_sector *= conf->chunk_sectors; ++ ++ for (; logical_sector < last_sector; ++ logical_sector += STRIPE_SECTORS) { ++ DEFINE_WAIT(w); ++ int d; ++ again: ++ sh = get_active_stripe(conf, logical_sector, 0, 0, 0); ++ prepare_to_wait(&conf->wait_for_overlap, &w, ++ TASK_UNINTERRUPTIBLE); ++ set_bit(R5_Overlap, &sh->dev[sh->pd_idx].flags); ++ if (test_bit(STRIPE_SYNCING, &sh->state)) { ++ release_stripe(sh); ++ schedule(); ++ goto again; ++ } ++ clear_bit(R5_Overlap, &sh->dev[sh->pd_idx].flags); ++ spin_lock_irq(&sh->stripe_lock); ++ for (d = 0; d < conf->raid_disks; d++) { ++ if (d == sh->pd_idx || d == sh->qd_idx) ++ continue; ++ if (sh->dev[d].towrite || sh->dev[d].toread) { ++ set_bit(R5_Overlap, &sh->dev[d].flags); ++ spin_unlock_irq(&sh->stripe_lock); ++ release_stripe(sh); ++ schedule(); ++ goto again; ++ } ++ } ++ set_bit(STRIPE_DISCARD, &sh->state); ++ finish_wait(&conf->wait_for_overlap, &w); ++ for (d = 0; d < conf->raid_disks; d++) { ++ if (d == sh->pd_idx || d == sh->qd_idx) ++ continue; ++ sh->dev[d].towrite = bi; ++ set_bit(R5_OVERWRITE, &sh->dev[d].flags); ++ raid5_inc_bi_active_stripes(bi); ++ } ++ spin_unlock_irq(&sh->stripe_lock); ++ if (conf->mddev->bitmap) { ++ for (d = 0; ++ d < conf->raid_disks - conf->max_degraded; ++ d++) ++ bitmap_startwrite(mddev->bitmap, ++ sh->sector, ++ STRIPE_SECTORS, ++ 0); ++ sh->bm_seq = conf->seq_flush + 1; ++ set_bit(STRIPE_BIT_DELAY, &sh->state); ++ } ++ ++ set_bit(STRIPE_HANDLE, &sh->state); ++ clear_bit(STRIPE_DELAYED, &sh->state); ++ if (!test_and_set_bit(STRIPE_PREREAD_ACTIVE, &sh->state)) ++ atomic_inc(&conf->preread_active_stripes); ++ release_stripe_plug(mddev, sh); ++ } ++ ++ remaining = raid5_dec_bi_active_stripes(bi); ++ if (remaining == 0) { ++ md_write_end(mddev); ++ bio_endio(bi, 0); ++ } ++} ++ ++static void make_request(struct mddev *mddev, struct bio * bi) ++{ ++ struct r5conf *conf = mddev->private; ++ int dd_idx; ++ sector_t new_sector; ++ sector_t logical_sector, last_sector; ++ struct stripe_head *sh; ++ const int rw = bio_data_dir(bi); ++ int remaining; ++ DEFINE_WAIT(w); ++ bool do_prepare; ++ ++ if (unlikely(bi->bi_rw & REQ_FLUSH)) { ++ md_flush_request(mddev, bi); ++ return; ++ } ++ ++ md_write_start(mddev, bi); ++ ++ if (rw == READ && ++ mddev->reshape_position == MaxSector && ++ chunk_aligned_read(mddev,bi)) ++ return; ++ ++ if (unlikely(bi->bi_rw & REQ_DISCARD)) { ++ make_discard_request(mddev, bi); ++ return; ++ } ++ ++ logical_sector = bi->bi_iter.bi_sector & ~((sector_t)STRIPE_SECTORS-1); ++ last_sector = bio_end_sector(bi); ++ bi->bi_next = NULL; ++ bi->bi_phys_segments = 1; /* over-loaded to count active stripes */ ++ ++ prepare_to_wait(&conf->wait_for_overlap, &w, TASK_UNINTERRUPTIBLE); ++ for (;logical_sector < last_sector; logical_sector += STRIPE_SECTORS) { ++ int previous; ++ int seq; ++ ++ do_prepare = false; ++ retry: ++ seq = read_seqcount_begin(&conf->gen_lock); ++ previous = 0; ++ if (do_prepare) ++ prepare_to_wait(&conf->wait_for_overlap, &w, ++ TASK_UNINTERRUPTIBLE); ++ if (unlikely(conf->reshape_progress != MaxSector)) { ++ /* spinlock is needed as reshape_progress may be ++ * 64bit on a 32bit platform, and so it might be ++ * possible to see a half-updated value ++ * Of course reshape_progress could change after ++ * the lock is dropped, so once we get a reference ++ * to the stripe that we think it is, we will have ++ * to check again. ++ */ ++ spin_lock_irq(&conf->device_lock); ++ if (mddev->reshape_backwards ++ ? logical_sector < conf->reshape_progress ++ : logical_sector >= conf->reshape_progress) { ++ previous = 1; ++ } else { ++ if (mddev->reshape_backwards ++ ? logical_sector < conf->reshape_safe ++ : logical_sector >= conf->reshape_safe) { ++ spin_unlock_irq(&conf->device_lock); ++ schedule(); ++ do_prepare = true; ++ goto retry; ++ } ++ } ++ spin_unlock_irq(&conf->device_lock); ++ } ++ ++ new_sector = raid5_compute_sector(conf, logical_sector, ++ previous, ++ &dd_idx, NULL); ++ pr_debug("raid456: make_request, sector %llu logical %llu\n", ++ (unsigned long long)new_sector, ++ (unsigned long long)logical_sector); ++ ++ sh = get_active_stripe(conf, new_sector, previous, ++ (bi->bi_rw&RWA_MASK), 0); ++ if (sh) { ++ if (unlikely(previous)) { ++ /* expansion might have moved on while waiting for a ++ * stripe, so we must do the range check again. ++ * Expansion could still move past after this ++ * test, but as we are holding a reference to ++ * 'sh', we know that if that happens, ++ * STRIPE_EXPANDING will get set and the expansion ++ * won't proceed until we finish with the stripe. ++ */ ++ int must_retry = 0; ++ spin_lock_irq(&conf->device_lock); ++ if (mddev->reshape_backwards ++ ? logical_sector >= conf->reshape_progress ++ : logical_sector < conf->reshape_progress) ++ /* mismatch, need to try again */ ++ must_retry = 1; ++ spin_unlock_irq(&conf->device_lock); ++ if (must_retry) { ++ release_stripe(sh); ++ schedule(); ++ do_prepare = true; ++ goto retry; ++ } ++ } ++ if (read_seqcount_retry(&conf->gen_lock, seq)) { ++ /* Might have got the wrong stripe_head ++ * by accident ++ */ ++ release_stripe(sh); ++ goto retry; ++ } ++ ++ if (rw == WRITE && ++ logical_sector >= mddev->suspend_lo && ++ logical_sector < mddev->suspend_hi) { ++ release_stripe(sh); ++ /* As the suspend_* range is controlled by ++ * userspace, we want an interruptible ++ * wait. ++ */ ++ flush_signals(current); ++ prepare_to_wait(&conf->wait_for_overlap, ++ &w, TASK_INTERRUPTIBLE); ++ if (logical_sector >= mddev->suspend_lo && ++ logical_sector < mddev->suspend_hi) { ++ schedule(); ++ do_prepare = true; ++ } ++ goto retry; ++ } ++ ++ if (test_bit(STRIPE_EXPANDING, &sh->state) || ++ !add_stripe_bio(sh, bi, dd_idx, rw)) { ++ /* Stripe is busy expanding or ++ * add failed due to overlap. Flush everything ++ * and wait a while ++ */ ++ md_wakeup_thread(mddev->thread); ++ release_stripe(sh); ++ schedule(); ++ do_prepare = true; ++ goto retry; ++ } ++ set_bit(STRIPE_HANDLE, &sh->state); ++ clear_bit(STRIPE_DELAYED, &sh->state); ++ if ((bi->bi_rw & REQ_SYNC) && ++ !test_and_set_bit(STRIPE_PREREAD_ACTIVE, &sh->state)) ++ atomic_inc(&conf->preread_active_stripes); ++ release_stripe_plug(mddev, sh); ++ } else { ++ /* cannot get stripe for read-ahead, just give-up */ ++ clear_bit(BIO_UPTODATE, &bi->bi_flags); ++ break; ++ } ++ } ++ finish_wait(&conf->wait_for_overlap, &w); ++ ++ remaining = raid5_dec_bi_active_stripes(bi); ++ if (remaining == 0) { ++ ++ if ( rw == WRITE ) ++ md_write_end(mddev); ++ ++ trace_block_bio_complete(bdev_get_queue(bi->bi_bdev), ++ bi, 0); ++ bio_endio(bi, 0); ++ } ++} ++ ++static sector_t raid5_size(struct mddev *mddev, sector_t sectors, int raid_disks); ++ ++static sector_t reshape_request(struct mddev *mddev, sector_t sector_nr, int *skipped) ++{ ++ /* reshaping is quite different to recovery/resync so it is ++ * handled quite separately ... here. ++ * ++ * On each call to sync_request, we gather one chunk worth of ++ * destination stripes and flag them as expanding. ++ * Then we find all the source stripes and request reads. ++ * As the reads complete, handle_stripe will copy the data ++ * into the destination stripe and release that stripe. ++ */ ++ struct r5conf *conf = mddev->private; ++ struct stripe_head *sh; ++ sector_t first_sector, last_sector; ++ int raid_disks = conf->previous_raid_disks; ++ int data_disks = raid_disks - conf->max_degraded; ++ int new_data_disks = conf->raid_disks - conf->max_degraded; ++ int i; ++ int dd_idx; ++ sector_t writepos, readpos, safepos; ++ sector_t stripe_addr; ++ int reshape_sectors; ++ struct list_head stripes; ++ ++ if (sector_nr == 0) { ++ /* If restarting in the middle, skip the initial sectors */ ++ if (mddev->reshape_backwards && ++ conf->reshape_progress < raid5_size(mddev, 0, 0)) { ++ sector_nr = raid5_size(mddev, 0, 0) ++ - conf->reshape_progress; ++ } else if (!mddev->reshape_backwards && ++ conf->reshape_progress > 0) ++ sector_nr = conf->reshape_progress; ++ sector_div(sector_nr, new_data_disks); ++ if (sector_nr) { ++ mddev->curr_resync_completed = sector_nr; ++ sysfs_notify(&mddev->kobj, NULL, "sync_completed"); ++ *skipped = 1; ++ return sector_nr; ++ } ++ } ++ ++ /* We need to process a full chunk at a time. ++ * If old and new chunk sizes differ, we need to process the ++ * largest of these ++ */ ++ if (mddev->new_chunk_sectors > mddev->chunk_sectors) ++ reshape_sectors = mddev->new_chunk_sectors; ++ else ++ reshape_sectors = mddev->chunk_sectors; ++ ++ /* We update the metadata at least every 10 seconds, or when ++ * the data about to be copied would over-write the source of ++ * the data at the front of the range. i.e. one new_stripe ++ * along from reshape_progress new_maps to after where ++ * reshape_safe old_maps to ++ */ ++ writepos = conf->reshape_progress; ++ sector_div(writepos, new_data_disks); ++ readpos = conf->reshape_progress; ++ sector_div(readpos, data_disks); ++ safepos = conf->reshape_safe; ++ sector_div(safepos, data_disks); ++ if (mddev->reshape_backwards) { ++ writepos -= min_t(sector_t, reshape_sectors, writepos); ++ readpos += reshape_sectors; ++ safepos += reshape_sectors; ++ } else { ++ writepos += reshape_sectors; ++ readpos -= min_t(sector_t, reshape_sectors, readpos); ++ safepos -= min_t(sector_t, reshape_sectors, safepos); ++ } ++ ++ /* Having calculated the 'writepos' possibly use it ++ * to set 'stripe_addr' which is where we will write to. ++ */ ++ if (mddev->reshape_backwards) { ++ BUG_ON(conf->reshape_progress == 0); ++ stripe_addr = writepos; ++ BUG_ON((mddev->dev_sectors & ++ ~((sector_t)reshape_sectors - 1)) ++ - reshape_sectors - stripe_addr ++ != sector_nr); ++ } else { ++ BUG_ON(writepos != sector_nr + reshape_sectors); ++ stripe_addr = sector_nr; ++ } ++ ++ /* 'writepos' is the most advanced device address we might write. ++ * 'readpos' is the least advanced device address we might read. ++ * 'safepos' is the least address recorded in the metadata as having ++ * been reshaped. ++ * If there is a min_offset_diff, these are adjusted either by ++ * increasing the safepos/readpos if diff is negative, or ++ * increasing writepos if diff is positive. ++ * If 'readpos' is then behind 'writepos', there is no way that we can ++ * ensure safety in the face of a crash - that must be done by userspace ++ * making a backup of the data. So in that case there is no particular ++ * rush to update metadata. ++ * Otherwise if 'safepos' is behind 'writepos', then we really need to ++ * update the metadata to advance 'safepos' to match 'readpos' so that ++ * we can be safe in the event of a crash. ++ * So we insist on updating metadata if safepos is behind writepos and ++ * readpos is beyond writepos. ++ * In any case, update the metadata every 10 seconds. ++ * Maybe that number should be configurable, but I'm not sure it is ++ * worth it.... maybe it could be a multiple of safemode_delay??? ++ */ ++ if (conf->min_offset_diff < 0) { ++ safepos += -conf->min_offset_diff; ++ readpos += -conf->min_offset_diff; ++ } else ++ writepos += conf->min_offset_diff; ++ ++ if ((mddev->reshape_backwards ++ ? (safepos > writepos && readpos < writepos) ++ : (safepos < writepos && readpos > writepos)) || ++ time_after(jiffies, conf->reshape_checkpoint + 10*HZ)) { ++ /* Cannot proceed until we've updated the superblock... */ ++ wait_event(conf->wait_for_overlap, ++ atomic_read(&conf->reshape_stripes)==0 ++ || test_bit(MD_RECOVERY_INTR, &mddev->recovery)); ++ if (atomic_read(&conf->reshape_stripes) != 0) ++ return 0; ++ mddev->reshape_position = conf->reshape_progress; ++ mddev->curr_resync_completed = sector_nr; ++ conf->reshape_checkpoint = jiffies; ++ set_bit(MD_CHANGE_DEVS, &mddev->flags); ++ md_wakeup_thread(mddev->thread); ++ wait_event(mddev->sb_wait, mddev->flags == 0 || ++ test_bit(MD_RECOVERY_INTR, &mddev->recovery)); ++ if (test_bit(MD_RECOVERY_INTR, &mddev->recovery)) ++ return 0; ++ spin_lock_irq(&conf->device_lock); ++ conf->reshape_safe = mddev->reshape_position; ++ spin_unlock_irq(&conf->device_lock); ++ wake_up(&conf->wait_for_overlap); ++ sysfs_notify(&mddev->kobj, NULL, "sync_completed"); ++ } ++ ++ INIT_LIST_HEAD(&stripes); ++ for (i = 0; i < reshape_sectors; i += STRIPE_SECTORS) { ++ int j; ++ int skipped_disk = 0; ++ sh = get_active_stripe(conf, stripe_addr+i, 0, 0, 1); ++ set_bit(STRIPE_EXPANDING, &sh->state); ++ atomic_inc(&conf->reshape_stripes); ++ /* If any of this stripe is beyond the end of the old ++ * array, then we need to zero those blocks ++ */ ++ for (j=sh->disks; j--;) { ++ sector_t s; ++ if (j == sh->pd_idx) ++ continue; ++ if (conf->level == 6 && ++ j == sh->qd_idx) ++ continue; ++ s = compute_blocknr(sh, j, 0); ++ if (s < raid5_size(mddev, 0, 0)) { ++ skipped_disk = 1; ++ continue; ++ } ++ memset(page_address(sh->dev[j].page), 0, STRIPE_SIZE); ++ set_bit(R5_Expanded, &sh->dev[j].flags); ++ set_bit(R5_UPTODATE, &sh->dev[j].flags); ++ } ++ if (!skipped_disk) { ++ set_bit(STRIPE_EXPAND_READY, &sh->state); ++ set_bit(STRIPE_HANDLE, &sh->state); ++ } ++ list_add(&sh->lru, &stripes); ++ } ++ spin_lock_irq(&conf->device_lock); ++ if (mddev->reshape_backwards) ++ conf->reshape_progress -= reshape_sectors * new_data_disks; ++ else ++ conf->reshape_progress += reshape_sectors * new_data_disks; ++ spin_unlock_irq(&conf->device_lock); ++ /* Ok, those stripe are ready. We can start scheduling ++ * reads on the source stripes. ++ * The source stripes are determined by mapping the first and last ++ * block on the destination stripes. ++ */ ++ first_sector = ++ raid5_compute_sector(conf, stripe_addr*(new_data_disks), ++ 1, &dd_idx, NULL); ++ last_sector = ++ raid5_compute_sector(conf, ((stripe_addr+reshape_sectors) ++ * new_data_disks - 1), ++ 1, &dd_idx, NULL); ++ if (last_sector >= mddev->dev_sectors) ++ last_sector = mddev->dev_sectors - 1; ++ while (first_sector <= last_sector) { ++ sh = get_active_stripe(conf, first_sector, 1, 0, 1); ++ set_bit(STRIPE_EXPAND_SOURCE, &sh->state); ++ set_bit(STRIPE_HANDLE, &sh->state); ++ release_stripe(sh); ++ first_sector += STRIPE_SECTORS; ++ } ++ /* Now that the sources are clearly marked, we can release ++ * the destination stripes ++ */ ++ while (!list_empty(&stripes)) { ++ sh = list_entry(stripes.next, struct stripe_head, lru); ++ list_del_init(&sh->lru); ++ release_stripe(sh); ++ } ++ /* If this takes us to the resync_max point where we have to pause, ++ * then we need to write out the superblock. ++ */ ++ sector_nr += reshape_sectors; ++ if ((sector_nr - mddev->curr_resync_completed) * 2 ++ >= mddev->resync_max - mddev->curr_resync_completed) { ++ /* Cannot proceed until we've updated the superblock... */ ++ wait_event(conf->wait_for_overlap, ++ atomic_read(&conf->reshape_stripes) == 0 ++ || test_bit(MD_RECOVERY_INTR, &mddev->recovery)); ++ if (atomic_read(&conf->reshape_stripes) != 0) ++ goto ret; ++ mddev->reshape_position = conf->reshape_progress; ++ mddev->curr_resync_completed = sector_nr; ++ conf->reshape_checkpoint = jiffies; ++ set_bit(MD_CHANGE_DEVS, &mddev->flags); ++ md_wakeup_thread(mddev->thread); ++ wait_event(mddev->sb_wait, ++ !test_bit(MD_CHANGE_DEVS, &mddev->flags) ++ || test_bit(MD_RECOVERY_INTR, &mddev->recovery)); ++ if (test_bit(MD_RECOVERY_INTR, &mddev->recovery)) ++ goto ret; ++ spin_lock_irq(&conf->device_lock); ++ conf->reshape_safe = mddev->reshape_position; ++ spin_unlock_irq(&conf->device_lock); ++ wake_up(&conf->wait_for_overlap); ++ sysfs_notify(&mddev->kobj, NULL, "sync_completed"); ++ } ++ret: ++ return reshape_sectors; ++} ++ ++/* FIXME go_faster isn't used */ ++static inline sector_t sync_request(struct mddev *mddev, sector_t sector_nr, int *skipped, int go_faster) ++{ ++ struct r5conf *conf = mddev->private; ++ struct stripe_head *sh; ++ sector_t max_sector = mddev->dev_sectors; ++ sector_t sync_blocks; ++ int still_degraded = 0; ++ int i; ++ ++ if (sector_nr >= max_sector) { ++ /* just being told to finish up .. nothing much to do */ ++ ++ if (test_bit(MD_RECOVERY_RESHAPE, &mddev->recovery)) { ++ end_reshape(conf); ++ return 0; ++ } ++ ++ if (mddev->curr_resync < max_sector) /* aborted */ ++ bitmap_end_sync(mddev->bitmap, mddev->curr_resync, ++ &sync_blocks, 1); ++ else /* completed sync */ ++ conf->fullsync = 0; ++ bitmap_close_sync(mddev->bitmap); ++ ++ return 0; ++ } ++ ++ /* Allow raid5_quiesce to complete */ ++ wait_event(conf->wait_for_overlap, conf->quiesce != 2); ++ ++ if (test_bit(MD_RECOVERY_RESHAPE, &mddev->recovery)) ++ return reshape_request(mddev, sector_nr, skipped); ++ ++ /* No need to check resync_max as we never do more than one ++ * stripe, and as resync_max will always be on a chunk boundary, ++ * if the check in md_do_sync didn't fire, there is no chance ++ * of overstepping resync_max here ++ */ ++ ++ /* if there is too many failed drives and we are trying ++ * to resync, then assert that we are finished, because there is ++ * nothing we can do. ++ */ ++ if (mddev->degraded >= conf->max_degraded && ++ test_bit(MD_RECOVERY_SYNC, &mddev->recovery)) { ++ sector_t rv = mddev->dev_sectors - sector_nr; ++ *skipped = 1; ++ return rv; ++ } ++ if (!test_bit(MD_RECOVERY_REQUESTED, &mddev->recovery) && ++ !conf->fullsync && ++ !bitmap_start_sync(mddev->bitmap, sector_nr, &sync_blocks, 1) && ++ sync_blocks >= STRIPE_SECTORS) { ++ /* we can skip this block, and probably more */ ++ sync_blocks /= STRIPE_SECTORS; ++ *skipped = 1; ++ return sync_blocks * STRIPE_SECTORS; /* keep things rounded to whole stripes */ ++ } ++ ++ bitmap_cond_end_sync(mddev->bitmap, sector_nr); ++ ++ sh = get_active_stripe(conf, sector_nr, 0, 1, 0); ++ if (sh == NULL) { ++ sh = get_active_stripe(conf, sector_nr, 0, 0, 0); ++ /* make sure we don't swamp the stripe cache if someone else ++ * is trying to get access ++ */ ++ schedule_timeout_uninterruptible(1); ++ } ++ /* Need to check if array will still be degraded after recovery/resync ++ * We don't need to check the 'failed' flag as when that gets set, ++ * recovery aborts. ++ */ ++ for (i = 0; i < conf->raid_disks; i++) ++ if (conf->disks[i].rdev == NULL) ++ still_degraded = 1; ++ ++ bitmap_start_sync(mddev->bitmap, sector_nr, &sync_blocks, still_degraded); ++ ++ set_bit(STRIPE_SYNC_REQUESTED, &sh->state); ++ set_bit(STRIPE_HANDLE, &sh->state); ++ ++ release_stripe(sh); ++ ++ return STRIPE_SECTORS; ++} ++ ++static int retry_aligned_read(struct r5conf *conf, struct bio *raid_bio) ++{ ++ /* We may not be able to submit a whole bio at once as there ++ * may not be enough stripe_heads available. ++ * We cannot pre-allocate enough stripe_heads as we may need ++ * more than exist in the cache (if we allow ever large chunks). ++ * So we do one stripe head at a time and record in ++ * ->bi_hw_segments how many have been done. ++ * ++ * We *know* that this entire raid_bio is in one chunk, so ++ * it will be only one 'dd_idx' and only need one call to raid5_compute_sector. ++ */ ++ struct stripe_head *sh; ++ int dd_idx; ++ sector_t sector, logical_sector, last_sector; ++ int scnt = 0; ++ int remaining; ++ int handled = 0; ++ ++ logical_sector = raid_bio->bi_iter.bi_sector & ++ ~((sector_t)STRIPE_SECTORS-1); ++ sector = raid5_compute_sector(conf, logical_sector, ++ 0, &dd_idx, NULL); ++ last_sector = bio_end_sector(raid_bio); ++ ++ for (; logical_sector < last_sector; ++ logical_sector += STRIPE_SECTORS, ++ sector += STRIPE_SECTORS, ++ scnt++) { ++ ++ if (scnt < raid5_bi_processed_stripes(raid_bio)) ++ /* already done this stripe */ ++ continue; ++ ++ sh = get_active_stripe(conf, sector, 0, 1, 1); ++ ++ if (!sh) { ++ /* failed to get a stripe - must wait */ ++ raid5_set_bi_processed_stripes(raid_bio, scnt); ++ conf->retry_read_aligned = raid_bio; ++ return handled; ++ } ++ ++ if (!add_stripe_bio(sh, raid_bio, dd_idx, 0)) { ++ release_stripe(sh); ++ raid5_set_bi_processed_stripes(raid_bio, scnt); ++ conf->retry_read_aligned = raid_bio; ++ return handled; ++ } ++ ++ set_bit(R5_ReadNoMerge, &sh->dev[dd_idx].flags); ++ handle_stripe(sh); ++ release_stripe(sh); ++ handled++; ++ } ++ remaining = raid5_dec_bi_active_stripes(raid_bio); ++ if (remaining == 0) { ++ trace_block_bio_complete(bdev_get_queue(raid_bio->bi_bdev), ++ raid_bio, 0); ++ bio_endio(raid_bio, 0); ++ } ++ if (atomic_dec_and_test(&conf->active_aligned_reads)) ++ wake_up(&conf->wait_for_stripe); ++ return handled; ++} ++ ++static int handle_active_stripes(struct r5conf *conf, int group, ++ struct r5worker *worker, ++ struct list_head *temp_inactive_list) ++{ ++ struct stripe_head *batch[MAX_STRIPE_BATCH], *sh; ++ int i, batch_size = 0, hash; ++ bool release_inactive = false; ++ ++ while (batch_size < MAX_STRIPE_BATCH && ++ (sh = __get_priority_stripe(conf, group)) != NULL) ++ batch[batch_size++] = sh; ++ ++ if (batch_size == 0) { ++ for (i = 0; i < NR_STRIPE_HASH_LOCKS; i++) ++ if (!list_empty(temp_inactive_list + i)) ++ break; ++ if (i == NR_STRIPE_HASH_LOCKS) ++ return batch_size; ++ release_inactive = true; ++ } ++ spin_unlock_irq(&conf->device_lock); ++ ++ release_inactive_stripe_list(conf, temp_inactive_list, ++ NR_STRIPE_HASH_LOCKS); ++ ++ if (release_inactive) { ++ spin_lock_irq(&conf->device_lock); ++ return 0; ++ } ++ ++ for (i = 0; i < batch_size; i++) ++ handle_stripe(batch[i]); ++ ++ cond_resched(); ++ ++ spin_lock_irq(&conf->device_lock); ++ for (i = 0; i < batch_size; i++) { ++ hash = batch[i]->hash_lock_index; ++ __release_stripe(conf, batch[i], &temp_inactive_list[hash]); ++ } ++ return batch_size; ++} ++ ++static void raid5_do_work(struct work_struct *work) ++{ ++ struct r5worker *worker = container_of(work, struct r5worker, work); ++ struct r5worker_group *group = worker->group; ++ struct r5conf *conf = group->conf; ++ int group_id = group - conf->worker_groups; ++ int handled; ++ struct blk_plug plug; ++ ++ pr_debug("+++ raid5worker active\n"); ++ ++ blk_start_plug(&plug); ++ handled = 0; ++ spin_lock_irq(&conf->device_lock); ++ while (1) { ++ int batch_size, released; ++ ++ released = release_stripe_list(conf, worker->temp_inactive_list); ++ ++ batch_size = handle_active_stripes(conf, group_id, worker, ++ worker->temp_inactive_list); ++ worker->working = false; ++ if (!batch_size && !released) ++ break; ++ handled += batch_size; ++ } ++ pr_debug("%d stripes handled\n", handled); ++ ++ spin_unlock_irq(&conf->device_lock); ++ blk_finish_plug(&plug); ++ ++ pr_debug("--- raid5worker inactive\n"); ++} ++ ++/* ++ * This is our raid5 kernel thread. ++ * ++ * We scan the hash table for stripes which can be handled now. ++ * During the scan, completed stripes are saved for us by the interrupt ++ * handler, so that they will not have to wait for our next wakeup. ++ */ ++static void raid5d(struct md_thread *thread) ++{ ++ struct mddev *mddev = thread->mddev; ++ struct r5conf *conf = mddev->private; ++ int handled; ++ struct blk_plug plug; ++ ++ pr_debug("+++ raid5d active\n"); ++ ++ md_check_recovery(mddev); ++ ++ blk_start_plug(&plug); ++ handled = 0; ++ spin_lock_irq(&conf->device_lock); ++ while (1) { ++ struct bio *bio; ++ int batch_size, released; ++ ++ released = release_stripe_list(conf, conf->temp_inactive_list); ++ ++ if ( ++ !list_empty(&conf->bitmap_list)) { ++ /* Now is a good time to flush some bitmap updates */ ++ conf->seq_flush++; ++ spin_unlock_irq(&conf->device_lock); ++ bitmap_unplug(mddev->bitmap); ++ spin_lock_irq(&conf->device_lock); ++ conf->seq_write = conf->seq_flush; ++ activate_bit_delay(conf, conf->temp_inactive_list); ++ } ++ raid5_activate_delayed(conf); ++ ++ while ((bio = remove_bio_from_retry(conf))) { ++ int ok; ++ spin_unlock_irq(&conf->device_lock); ++ ok = retry_aligned_read(conf, bio); ++ spin_lock_irq(&conf->device_lock); ++ if (!ok) ++ break; ++ handled++; ++ } ++ ++ batch_size = handle_active_stripes(conf, ANY_GROUP, NULL, ++ conf->temp_inactive_list); ++ if (!batch_size && !released) ++ break; ++ handled += batch_size; ++ ++ if (mddev->flags & ~(1<<MD_CHANGE_PENDING)) { ++ spin_unlock_irq(&conf->device_lock); ++ md_check_recovery(mddev); ++ spin_lock_irq(&conf->device_lock); ++ } ++ } ++ pr_debug("%d stripes handled\n", handled); ++ ++ spin_unlock_irq(&conf->device_lock); ++ ++ async_tx_issue_pending_all(); ++ blk_finish_plug(&plug); ++ ++ pr_debug("--- raid5d inactive\n"); ++} ++ ++static ssize_t ++raid5_show_stripe_cache_size(struct mddev *mddev, char *page) ++{ ++ struct r5conf *conf = mddev->private; ++ if (conf) ++ return sprintf(page, "%d\n", conf->max_nr_stripes); ++ else ++ return 0; ++} ++ ++int ++raid5_set_cache_size(struct mddev *mddev, int size) ++{ ++ struct r5conf *conf = mddev->private; ++ int err; ++ int hash; ++ ++ if (size <= 16 || size > 32768) ++ return -EINVAL; ++ hash = (conf->max_nr_stripes - 1) % NR_STRIPE_HASH_LOCKS; ++ while (size < conf->max_nr_stripes) { ++ if (drop_one_stripe(conf, hash)) ++ conf->max_nr_stripes--; ++ else ++ break; ++ hash--; ++ if (hash < 0) ++ hash = NR_STRIPE_HASH_LOCKS - 1; ++ } ++ err = md_allow_write(mddev); ++ if (err) ++ return err; ++ hash = conf->max_nr_stripes % NR_STRIPE_HASH_LOCKS; ++ while (size > conf->max_nr_stripes) { ++ if (grow_one_stripe(conf, hash)) ++ conf->max_nr_stripes++; ++ else break; ++ hash = (hash + 1) % NR_STRIPE_HASH_LOCKS; ++ } ++ return 0; ++} ++EXPORT_SYMBOL(raid5_set_cache_size); ++ ++static ssize_t ++raid5_store_stripe_cache_size(struct mddev *mddev, const char *page, size_t len) ++{ ++ struct r5conf *conf = mddev->private; ++ unsigned long new; ++ int err; ++ ++ if (len >= PAGE_SIZE) ++ return -EINVAL; ++ if (!conf) ++ return -ENODEV; ++ ++ if (kstrtoul(page, 10, &new)) ++ return -EINVAL; ++ err = raid5_set_cache_size(mddev, new); ++ if (err) ++ return err; ++ return len; ++} ++ ++static struct md_sysfs_entry ++raid5_stripecache_size = __ATTR(stripe_cache_size, S_IRUGO | S_IWUSR, ++ raid5_show_stripe_cache_size, ++ raid5_store_stripe_cache_size); ++ ++static ssize_t ++raid5_show_preread_threshold(struct mddev *mddev, char *page) ++{ ++ struct r5conf *conf = mddev->private; ++ if (conf) ++ return sprintf(page, "%d\n", conf->bypass_threshold); ++ else ++ return 0; ++} ++ ++static ssize_t ++raid5_store_preread_threshold(struct mddev *mddev, const char *page, size_t len) ++{ ++ struct r5conf *conf = mddev->private; ++ unsigned long new; ++ if (len >= PAGE_SIZE) ++ return -EINVAL; ++ if (!conf) ++ return -ENODEV; ++ ++ if (kstrtoul(page, 10, &new)) ++ return -EINVAL; ++ if (new > conf->max_nr_stripes) ++ return -EINVAL; ++ conf->bypass_threshold = new; ++ return len; ++} ++ ++static struct md_sysfs_entry ++raid5_preread_bypass_threshold = __ATTR(preread_bypass_threshold, ++ S_IRUGO | S_IWUSR, ++ raid5_show_preread_threshold, ++ raid5_store_preread_threshold); ++ ++static ssize_t ++raid5_show_skip_copy(struct mddev *mddev, char *page) ++{ ++ struct r5conf *conf = mddev->private; ++ if (conf) ++ return sprintf(page, "%d\n", conf->skip_copy); ++ else ++ return 0; ++} ++ ++static ssize_t ++raid5_store_skip_copy(struct mddev *mddev, const char *page, size_t len) ++{ ++ struct r5conf *conf = mddev->private; ++ unsigned long new; ++ if (len >= PAGE_SIZE) ++ return -EINVAL; ++ if (!conf) ++ return -ENODEV; ++ ++ if (kstrtoul(page, 10, &new)) ++ return -EINVAL; ++ new = !!new; ++ if (new == conf->skip_copy) ++ return len; ++ ++ mddev_suspend(mddev); ++ conf->skip_copy = new; ++ if (new) ++ mddev->queue->backing_dev_info.capabilities |= ++ BDI_CAP_STABLE_WRITES; ++ else ++ mddev->queue->backing_dev_info.capabilities &= ++ ~BDI_CAP_STABLE_WRITES; ++ mddev_resume(mddev); ++ return len; ++} ++ ++static struct md_sysfs_entry ++raid5_skip_copy = __ATTR(skip_copy, S_IRUGO | S_IWUSR, ++ raid5_show_skip_copy, ++ raid5_store_skip_copy); ++ ++static ssize_t ++stripe_cache_active_show(struct mddev *mddev, char *page) ++{ ++ struct r5conf *conf = mddev->private; ++ if (conf) ++ return sprintf(page, "%d\n", atomic_read(&conf->active_stripes)); ++ else ++ return 0; ++} ++ ++static struct md_sysfs_entry ++raid5_stripecache_active = __ATTR_RO(stripe_cache_active); ++ ++static ssize_t ++raid5_show_group_thread_cnt(struct mddev *mddev, char *page) ++{ ++ struct r5conf *conf = mddev->private; ++ if (conf) ++ return sprintf(page, "%d\n", conf->worker_cnt_per_group); ++ else ++ return 0; ++} ++ ++static int alloc_thread_groups(struct r5conf *conf, int cnt, ++ int *group_cnt, ++ int *worker_cnt_per_group, ++ struct r5worker_group **worker_groups); ++static ssize_t ++raid5_store_group_thread_cnt(struct mddev *mddev, const char *page, size_t len) ++{ ++ struct r5conf *conf = mddev->private; ++ unsigned long new; ++ int err; ++ struct r5worker_group *new_groups, *old_groups; ++ int group_cnt, worker_cnt_per_group; ++ ++ if (len >= PAGE_SIZE) ++ return -EINVAL; ++ if (!conf) ++ return -ENODEV; ++ ++ if (kstrtoul(page, 10, &new)) ++ return -EINVAL; ++ ++ if (new == conf->worker_cnt_per_group) ++ return len; ++ ++ mddev_suspend(mddev); ++ ++ old_groups = conf->worker_groups; ++ if (old_groups) ++ flush_workqueue(raid5_wq); ++ ++ err = alloc_thread_groups(conf, new, ++ &group_cnt, &worker_cnt_per_group, ++ &new_groups); ++ if (!err) { ++ spin_lock_irq(&conf->device_lock); ++ conf->group_cnt = group_cnt; ++ conf->worker_cnt_per_group = worker_cnt_per_group; ++ conf->worker_groups = new_groups; ++ spin_unlock_irq(&conf->device_lock); ++ ++ if (old_groups) ++ kfree(old_groups[0].workers); ++ kfree(old_groups); ++ } ++ ++ mddev_resume(mddev); ++ ++ if (err) ++ return err; ++ return len; ++} ++ ++static struct md_sysfs_entry ++raid5_group_thread_cnt = __ATTR(group_thread_cnt, S_IRUGO | S_IWUSR, ++ raid5_show_group_thread_cnt, ++ raid5_store_group_thread_cnt); ++ ++static struct attribute *raid5_attrs[] = { ++ &raid5_stripecache_size.attr, ++ &raid5_stripecache_active.attr, ++ &raid5_preread_bypass_threshold.attr, ++ &raid5_group_thread_cnt.attr, ++ &raid5_skip_copy.attr, ++ NULL, ++}; ++static struct attribute_group raid5_attrs_group = { ++ .name = NULL, ++ .attrs = raid5_attrs, ++}; ++ ++static int alloc_thread_groups(struct r5conf *conf, int cnt, ++ int *group_cnt, ++ int *worker_cnt_per_group, ++ struct r5worker_group **worker_groups) ++{ ++ int i, j, k; ++ ssize_t size; ++ struct r5worker *workers; ++ ++ *worker_cnt_per_group = cnt; ++ if (cnt == 0) { ++ *group_cnt = 0; ++ *worker_groups = NULL; ++ return 0; ++ } ++ *group_cnt = num_possible_nodes(); ++ size = sizeof(struct r5worker) * cnt; ++ workers = kzalloc(size * *group_cnt, GFP_NOIO); ++ *worker_groups = kzalloc(sizeof(struct r5worker_group) * ++ *group_cnt, GFP_NOIO); ++ if (!*worker_groups || !workers) { ++ kfree(workers); ++ kfree(*worker_groups); ++ return -ENOMEM; ++ } ++ ++ for (i = 0; i < *group_cnt; i++) { ++ struct r5worker_group *group; ++ ++ group = &(*worker_groups)[i]; ++ INIT_LIST_HEAD(&group->handle_list); ++ group->conf = conf; ++ group->workers = workers + i * cnt; ++ ++ for (j = 0; j < cnt; j++) { ++ struct r5worker *worker = group->workers + j; ++ worker->group = group; ++ INIT_WORK(&worker->work, raid5_do_work); ++ ++ for (k = 0; k < NR_STRIPE_HASH_LOCKS; k++) ++ INIT_LIST_HEAD(worker->temp_inactive_list + k); ++ } ++ } ++ ++ return 0; ++} ++ ++static void free_thread_groups(struct r5conf *conf) ++{ ++ if (conf->worker_groups) ++ kfree(conf->worker_groups[0].workers); ++ kfree(conf->worker_groups); ++ conf->worker_groups = NULL; ++} ++ ++static sector_t ++raid5_size(struct mddev *mddev, sector_t sectors, int raid_disks) ++{ ++ struct r5conf *conf = mddev->private; ++ ++ if (!sectors) ++ sectors = mddev->dev_sectors; ++ if (!raid_disks) ++ /* size is defined by the smallest of previous and new size */ ++ raid_disks = min(conf->raid_disks, conf->previous_raid_disks); ++ ++ sectors &= ~((sector_t)mddev->chunk_sectors - 1); ++ sectors &= ~((sector_t)mddev->new_chunk_sectors - 1); ++ return sectors * (raid_disks - conf->max_degraded); ++} ++ ++static void free_scratch_buffer(struct r5conf *conf, struct raid5_percpu *percpu) ++{ ++ safe_put_page(percpu->spare_page); ++ kfree(percpu->scribble); ++ percpu->spare_page = NULL; ++ percpu->scribble = NULL; ++} ++ ++static int alloc_scratch_buffer(struct r5conf *conf, struct raid5_percpu *percpu) ++{ ++ if (conf->level == 6 && !percpu->spare_page) ++ percpu->spare_page = alloc_page(GFP_KERNEL); ++ if (!percpu->scribble) ++ percpu->scribble = kmalloc(conf->scribble_len, GFP_KERNEL); ++ ++ if (!percpu->scribble || (conf->level == 6 && !percpu->spare_page)) { ++ free_scratch_buffer(conf, percpu); ++ return -ENOMEM; ++ } ++ ++ return 0; ++} ++ ++static void raid5_free_percpu(struct r5conf *conf) ++{ ++ unsigned long cpu; ++ ++ if (!conf->percpu) ++ return; ++ ++#ifdef CONFIG_HOTPLUG_CPU ++ unregister_cpu_notifier(&conf->cpu_notify); ++#endif ++ ++ get_online_cpus(); ++ for_each_possible_cpu(cpu) ++ free_scratch_buffer(conf, per_cpu_ptr(conf->percpu, cpu)); ++ put_online_cpus(); ++ ++ free_percpu(conf->percpu); ++} ++ ++static void free_conf(struct r5conf *conf) ++{ ++ free_thread_groups(conf); ++ shrink_stripes(conf); ++ raid5_free_percpu(conf); ++ kfree(conf->disks); ++ kfree(conf->stripe_hashtbl); ++ kfree(conf); ++} ++ ++#ifdef CONFIG_HOTPLUG_CPU ++static int raid456_cpu_notify(struct notifier_block *nfb, unsigned long action, ++ void *hcpu) ++{ ++ struct r5conf *conf = container_of(nfb, struct r5conf, cpu_notify); ++ long cpu = (long)hcpu; ++ struct raid5_percpu *percpu = per_cpu_ptr(conf->percpu, cpu); ++ ++ switch (action) { ++ case CPU_UP_PREPARE: ++ case CPU_UP_PREPARE_FROZEN: ++ if (alloc_scratch_buffer(conf, percpu)) { ++ pr_err("%s: failed memory allocation for cpu%ld\n", ++ __func__, cpu); ++ return notifier_from_errno(-ENOMEM); ++ } ++ break; ++ case CPU_DEAD: ++ case CPU_DEAD_FROZEN: ++ free_scratch_buffer(conf, per_cpu_ptr(conf->percpu, cpu)); ++ break; ++ default: ++ break; ++ } ++ return NOTIFY_OK; ++} ++#endif ++ ++static int raid5_alloc_percpu(struct r5conf *conf) ++{ ++ unsigned long cpu; ++ int err = 0; ++ ++ conf->percpu = alloc_percpu(struct raid5_percpu); ++ if (!conf->percpu) ++ return -ENOMEM; ++ ++#ifdef CONFIG_HOTPLUG_CPU ++ conf->cpu_notify.notifier_call = raid456_cpu_notify; ++ conf->cpu_notify.priority = 0; ++ err = register_cpu_notifier(&conf->cpu_notify); ++ if (err) ++ return err; ++#endif ++ ++ get_online_cpus(); ++ for_each_present_cpu(cpu) { ++ err = alloc_scratch_buffer(conf, per_cpu_ptr(conf->percpu, cpu)); ++ if (err) { ++ pr_err("%s: failed memory allocation for cpu%ld\n", ++ __func__, cpu); ++ break; ++ } ++ } ++ put_online_cpus(); ++ ++ return err; ++} ++ ++static struct r5conf *setup_conf(struct mddev *mddev) ++{ ++ struct r5conf *conf; ++ int raid_disk, memory, max_disks; ++ struct md_rdev *rdev; ++ struct disk_info *disk; ++ char pers_name[6]; ++ int i; ++ int group_cnt, worker_cnt_per_group; ++ struct r5worker_group *new_group; ++ ++ if (mddev->new_level != 5 ++ && mddev->new_level != 4 ++ && mddev->new_level != 6) { ++ printk(KERN_ERR "md/raid:%s: raid level not set to 4/5/6 (%d)\n", ++ mdname(mddev), mddev->new_level); ++ return ERR_PTR(-EIO); ++ } ++ if ((mddev->new_level == 5 ++ && !algorithm_valid_raid5(mddev->new_layout)) || ++ (mddev->new_level == 6 ++ && !algorithm_valid_raid6(mddev->new_layout))) { ++ printk(KERN_ERR "md/raid:%s: layout %d not supported\n", ++ mdname(mddev), mddev->new_layout); ++ return ERR_PTR(-EIO); ++ } ++ if (mddev->new_level == 6 && mddev->raid_disks < 4) { ++ printk(KERN_ERR "md/raid:%s: not enough configured devices (%d, minimum 4)\n", ++ mdname(mddev), mddev->raid_disks); ++ return ERR_PTR(-EINVAL); ++ } ++ ++ if (!mddev->new_chunk_sectors || ++ (mddev->new_chunk_sectors << 9) % PAGE_SIZE || ++ !is_power_of_2(mddev->new_chunk_sectors)) { ++ printk(KERN_ERR "md/raid:%s: invalid chunk size %d\n", ++ mdname(mddev), mddev->new_chunk_sectors << 9); ++ return ERR_PTR(-EINVAL); ++ } ++ ++ conf = kzalloc(sizeof(struct r5conf), GFP_KERNEL); ++ if (conf == NULL) ++ goto abort; ++ /* Don't enable multi-threading by default*/ ++ if (!alloc_thread_groups(conf, 0, &group_cnt, &worker_cnt_per_group, ++ &new_group)) { ++ conf->group_cnt = group_cnt; ++ conf->worker_cnt_per_group = worker_cnt_per_group; ++ conf->worker_groups = new_group; ++ } else ++ goto abort; ++ spin_lock_init(&conf->device_lock); ++ seqcount_init(&conf->gen_lock); ++ init_waitqueue_head(&conf->wait_for_stripe); ++ init_waitqueue_head(&conf->wait_for_overlap); ++ INIT_LIST_HEAD(&conf->handle_list); ++ INIT_LIST_HEAD(&conf->hold_list); ++ INIT_LIST_HEAD(&conf->delayed_list); ++ INIT_LIST_HEAD(&conf->bitmap_list); ++ init_llist_head(&conf->released_stripes); ++ atomic_set(&conf->active_stripes, 0); ++ atomic_set(&conf->preread_active_stripes, 0); ++ atomic_set(&conf->active_aligned_reads, 0); ++ conf->bypass_threshold = BYPASS_THRESHOLD; ++ conf->recovery_disabled = mddev->recovery_disabled - 1; ++ ++ conf->raid_disks = mddev->raid_disks; ++ if (mddev->reshape_position == MaxSector) ++ conf->previous_raid_disks = mddev->raid_disks; ++ else ++ conf->previous_raid_disks = mddev->raid_disks - mddev->delta_disks; ++ max_disks = max(conf->raid_disks, conf->previous_raid_disks); ++ conf->scribble_len = scribble_len(max_disks); ++ ++ conf->disks = kzalloc(max_disks * sizeof(struct disk_info), ++ GFP_KERNEL); ++ if (!conf->disks) ++ goto abort; ++ ++ conf->mddev = mddev; ++ ++ if ((conf->stripe_hashtbl = kzalloc(PAGE_SIZE, GFP_KERNEL)) == NULL) ++ goto abort; ++ ++ /* We init hash_locks[0] separately to that it can be used ++ * as the reference lock in the spin_lock_nest_lock() call ++ * in lock_all_device_hash_locks_irq in order to convince ++ * lockdep that we know what we are doing. ++ */ ++ spin_lock_init(conf->hash_locks); ++ for (i = 1; i < NR_STRIPE_HASH_LOCKS; i++) ++ spin_lock_init(conf->hash_locks + i); ++ ++ for (i = 0; i < NR_STRIPE_HASH_LOCKS; i++) ++ INIT_LIST_HEAD(conf->inactive_list + i); ++ ++ for (i = 0; i < NR_STRIPE_HASH_LOCKS; i++) ++ INIT_LIST_HEAD(conf->temp_inactive_list + i); ++ ++ conf->level = mddev->new_level; ++ if (raid5_alloc_percpu(conf) != 0) ++ goto abort; ++ ++ pr_debug("raid456: run(%s) called.\n", mdname(mddev)); ++ ++ rdev_for_each(rdev, mddev) { ++ raid_disk = rdev->raid_disk; ++ if (raid_disk >= max_disks ++ || raid_disk < 0) ++ continue; ++ disk = conf->disks + raid_disk; ++ ++ if (test_bit(Replacement, &rdev->flags)) { ++ if (disk->replacement) ++ goto abort; ++ disk->replacement = rdev; ++ } else { ++ if (disk->rdev) ++ goto abort; ++ disk->rdev = rdev; ++ } ++ ++ if (test_bit(In_sync, &rdev->flags)) { ++ char b[BDEVNAME_SIZE]; ++ printk(KERN_INFO "md/raid:%s: device %s operational as raid" ++ " disk %d\n", ++ mdname(mddev), bdevname(rdev->bdev, b), raid_disk); ++ } else if (rdev->saved_raid_disk != raid_disk) ++ /* Cannot rely on bitmap to complete recovery */ ++ conf->fullsync = 1; ++ } ++ ++ conf->chunk_sectors = mddev->new_chunk_sectors; ++ conf->level = mddev->new_level; ++ if (conf->level == 6) ++ conf->max_degraded = 2; ++ else ++ conf->max_degraded = 1; ++ conf->algorithm = mddev->new_layout; ++ conf->reshape_progress = mddev->reshape_position; ++ if (conf->reshape_progress != MaxSector) { ++ conf->prev_chunk_sectors = mddev->chunk_sectors; ++ conf->prev_algo = mddev->layout; ++ } ++ ++ memory = conf->max_nr_stripes * (sizeof(struct stripe_head) + ++ max_disks * ((sizeof(struct bio) + PAGE_SIZE))) / 1024; ++ atomic_set(&conf->empty_inactive_list_nr, NR_STRIPE_HASH_LOCKS); ++ if (grow_stripes(conf, NR_STRIPES)) { ++ printk(KERN_ERR ++ "md/raid:%s: couldn't allocate %dkB for buffers\n", ++ mdname(mddev), memory); ++ goto abort; ++ } else ++ printk(KERN_INFO "md/raid:%s: allocated %dkB\n", ++ mdname(mddev), memory); ++ ++ sprintf(pers_name, "raid%d", mddev->new_level); ++ conf->thread = md_register_thread(raid5d, mddev, pers_name); ++ if (!conf->thread) { ++ printk(KERN_ERR ++ "md/raid:%s: couldn't allocate thread.\n", ++ mdname(mddev)); ++ goto abort; ++ } ++ ++ return conf; ++ ++ abort: ++ if (conf) { ++ free_conf(conf); ++ return ERR_PTR(-EIO); ++ } else ++ return ERR_PTR(-ENOMEM); ++} ++ ++static int only_parity(int raid_disk, int algo, int raid_disks, int max_degraded) ++{ ++ switch (algo) { ++ case ALGORITHM_PARITY_0: ++ if (raid_disk < max_degraded) ++ return 1; ++ break; ++ case ALGORITHM_PARITY_N: ++ if (raid_disk >= raid_disks - max_degraded) ++ return 1; ++ break; ++ case ALGORITHM_PARITY_0_6: ++ if (raid_disk == 0 || ++ raid_disk == raid_disks - 1) ++ return 1; ++ break; ++ case ALGORITHM_LEFT_ASYMMETRIC_6: ++ case ALGORITHM_RIGHT_ASYMMETRIC_6: ++ case ALGORITHM_LEFT_SYMMETRIC_6: ++ case ALGORITHM_RIGHT_SYMMETRIC_6: ++ if (raid_disk == raid_disks - 1) ++ return 1; ++ } ++ return 0; ++} ++ ++static int run(struct mddev *mddev) ++{ ++ struct r5conf *conf; ++ int working_disks = 0; ++ int dirty_parity_disks = 0; ++ struct md_rdev *rdev; ++ sector_t reshape_offset = 0; ++ int i; ++ long long min_offset_diff = 0; ++ int first = 1; ++ ++ if (mddev->recovery_cp != MaxSector) ++ printk(KERN_NOTICE "md/raid:%s: not clean" ++ " -- starting background reconstruction\n", ++ mdname(mddev)); ++ ++ rdev_for_each(rdev, mddev) { ++ long long diff; ++ if (rdev->raid_disk < 0) ++ continue; ++ diff = (rdev->new_data_offset - rdev->data_offset); ++ if (first) { ++ min_offset_diff = diff; ++ first = 0; ++ } else if (mddev->reshape_backwards && ++ diff < min_offset_diff) ++ min_offset_diff = diff; ++ else if (!mddev->reshape_backwards && ++ diff > min_offset_diff) ++ min_offset_diff = diff; ++ } ++ ++ if (mddev->reshape_position != MaxSector) { ++ /* Check that we can continue the reshape. ++ * Difficulties arise if the stripe we would write to ++ * next is at or after the stripe we would read from next. ++ * For a reshape that changes the number of devices, this ++ * is only possible for a very short time, and mdadm makes ++ * sure that time appears to have past before assembling ++ * the array. So we fail if that time hasn't passed. ++ * For a reshape that keeps the number of devices the same ++ * mdadm must be monitoring the reshape can keeping the ++ * critical areas read-only and backed up. It will start ++ * the array in read-only mode, so we check for that. ++ */ ++ sector_t here_new, here_old; ++ int old_disks; ++ int max_degraded = (mddev->level == 6 ? 2 : 1); ++ ++ if (mddev->new_level != mddev->level) { ++ printk(KERN_ERR "md/raid:%s: unsupported reshape " ++ "required - aborting.\n", ++ mdname(mddev)); ++ return -EINVAL; ++ } ++ old_disks = mddev->raid_disks - mddev->delta_disks; ++ /* reshape_position must be on a new-stripe boundary, and one ++ * further up in new geometry must map after here in old ++ * geometry. ++ */ ++ here_new = mddev->reshape_position; ++ if (sector_div(here_new, mddev->new_chunk_sectors * ++ (mddev->raid_disks - max_degraded))) { ++ printk(KERN_ERR "md/raid:%s: reshape_position not " ++ "on a stripe boundary\n", mdname(mddev)); ++ return -EINVAL; ++ } ++ reshape_offset = here_new * mddev->new_chunk_sectors; ++ /* here_new is the stripe we will write to */ ++ here_old = mddev->reshape_position; ++ sector_div(here_old, mddev->chunk_sectors * ++ (old_disks-max_degraded)); ++ /* here_old is the first stripe that we might need to read ++ * from */ ++ if (mddev->delta_disks == 0) { ++ if ((here_new * mddev->new_chunk_sectors != ++ here_old * mddev->chunk_sectors)) { ++ printk(KERN_ERR "md/raid:%s: reshape position is" ++ " confused - aborting\n", mdname(mddev)); ++ return -EINVAL; ++ } ++ /* We cannot be sure it is safe to start an in-place ++ * reshape. It is only safe if user-space is monitoring ++ * and taking constant backups. ++ * mdadm always starts a situation like this in ++ * readonly mode so it can take control before ++ * allowing any writes. So just check for that. ++ */ ++ if (abs(min_offset_diff) >= mddev->chunk_sectors && ++ abs(min_offset_diff) >= mddev->new_chunk_sectors) ++ /* not really in-place - so OK */; ++ else if (mddev->ro == 0) { ++ printk(KERN_ERR "md/raid:%s: in-place reshape " ++ "must be started in read-only mode " ++ "- aborting\n", ++ mdname(mddev)); ++ return -EINVAL; ++ } ++ } else if (mddev->reshape_backwards ++ ? (here_new * mddev->new_chunk_sectors + min_offset_diff <= ++ here_old * mddev->chunk_sectors) ++ : (here_new * mddev->new_chunk_sectors >= ++ here_old * mddev->chunk_sectors + (-min_offset_diff))) { ++ /* Reading from the same stripe as writing to - bad */ ++ printk(KERN_ERR "md/raid:%s: reshape_position too early for " ++ "auto-recovery - aborting.\n", ++ mdname(mddev)); ++ return -EINVAL; ++ } ++ printk(KERN_INFO "md/raid:%s: reshape will continue\n", ++ mdname(mddev)); ++ /* OK, we should be able to continue; */ ++ } else { ++ BUG_ON(mddev->level != mddev->new_level); ++ BUG_ON(mddev->layout != mddev->new_layout); ++ BUG_ON(mddev->chunk_sectors != mddev->new_chunk_sectors); ++ BUG_ON(mddev->delta_disks != 0); ++ } ++ ++ if (mddev->private == NULL) ++ conf = setup_conf(mddev); ++ else ++ conf = mddev->private; ++ ++ if (IS_ERR(conf)) ++ return PTR_ERR(conf); ++ ++ conf->min_offset_diff = min_offset_diff; ++ mddev->thread = conf->thread; ++ conf->thread = NULL; ++ mddev->private = conf; ++ ++ for (i = 0; i < conf->raid_disks && conf->previous_raid_disks; ++ i++) { ++ rdev = conf->disks[i].rdev; ++ if (!rdev && conf->disks[i].replacement) { ++ /* The replacement is all we have yet */ ++ rdev = conf->disks[i].replacement; ++ conf->disks[i].replacement = NULL; ++ clear_bit(Replacement, &rdev->flags); ++ conf->disks[i].rdev = rdev; ++ } ++ if (!rdev) ++ continue; ++ if (conf->disks[i].replacement && ++ conf->reshape_progress != MaxSector) { ++ /* replacements and reshape simply do not mix. */ ++ printk(KERN_ERR "md: cannot handle concurrent " ++ "replacement and reshape.\n"); ++ goto abort; ++ } ++ if (test_bit(In_sync, &rdev->flags)) { ++ working_disks++; ++ continue; ++ } ++ /* This disc is not fully in-sync. However if it ++ * just stored parity (beyond the recovery_offset), ++ * when we don't need to be concerned about the ++ * array being dirty. ++ * When reshape goes 'backwards', we never have ++ * partially completed devices, so we only need ++ * to worry about reshape going forwards. ++ */ ++ /* Hack because v0.91 doesn't store recovery_offset properly. */ ++ if (mddev->major_version == 0 && ++ mddev->minor_version > 90) ++ rdev->recovery_offset = reshape_offset; ++ ++ if (rdev->recovery_offset < reshape_offset) { ++ /* We need to check old and new layout */ ++ if (!only_parity(rdev->raid_disk, ++ conf->algorithm, ++ conf->raid_disks, ++ conf->max_degraded)) ++ continue; ++ } ++ if (!only_parity(rdev->raid_disk, ++ conf->prev_algo, ++ conf->previous_raid_disks, ++ conf->max_degraded)) ++ continue; ++ dirty_parity_disks++; ++ } ++ ++ /* ++ * 0 for a fully functional array, 1 or 2 for a degraded array. ++ */ ++ mddev->degraded = calc_degraded(conf); ++ ++ if (has_failed(conf)) { ++ printk(KERN_ERR "md/raid:%s: not enough operational devices" ++ " (%d/%d failed)\n", ++ mdname(mddev), mddev->degraded, conf->raid_disks); ++ goto abort; ++ } ++ ++ /* device size must be a multiple of chunk size */ ++ mddev->dev_sectors &= ~(mddev->chunk_sectors - 1); ++ mddev->resync_max_sectors = mddev->dev_sectors; ++ ++ if (mddev->degraded > dirty_parity_disks && ++ mddev->recovery_cp != MaxSector) { ++ if (mddev->ok_start_degraded) ++ printk(KERN_WARNING ++ "md/raid:%s: starting dirty degraded array" ++ " - data corruption possible.\n", ++ mdname(mddev)); ++ else { ++ printk(KERN_ERR ++ "md/raid:%s: cannot start dirty degraded array.\n", ++ mdname(mddev)); ++ goto abort; ++ } ++ } ++ ++ if (mddev->degraded == 0) ++ printk(KERN_INFO "md/raid:%s: raid level %d active with %d out of %d" ++ " devices, algorithm %d\n", mdname(mddev), conf->level, ++ mddev->raid_disks-mddev->degraded, mddev->raid_disks, ++ mddev->new_layout); ++ else ++ printk(KERN_ALERT "md/raid:%s: raid level %d active with %d" ++ " out of %d devices, algorithm %d\n", ++ mdname(mddev), conf->level, ++ mddev->raid_disks - mddev->degraded, ++ mddev->raid_disks, mddev->new_layout); ++ ++ print_raid5_conf(conf); ++ ++ if (conf->reshape_progress != MaxSector) { ++ conf->reshape_safe = conf->reshape_progress; ++ atomic_set(&conf->reshape_stripes, 0); ++ clear_bit(MD_RECOVERY_SYNC, &mddev->recovery); ++ clear_bit(MD_RECOVERY_CHECK, &mddev->recovery); ++ set_bit(MD_RECOVERY_RESHAPE, &mddev->recovery); ++ set_bit(MD_RECOVERY_RUNNING, &mddev->recovery); ++ mddev->sync_thread = md_register_thread(md_do_sync, mddev, ++ "reshape"); ++ } ++ ++ /* Ok, everything is just fine now */ ++ if (mddev->to_remove == &raid5_attrs_group) ++ mddev->to_remove = NULL; ++ else if (mddev->kobj.sd && ++ sysfs_create_group(&mddev->kobj, &raid5_attrs_group)) ++ printk(KERN_WARNING ++ "raid5: failed to create sysfs attributes for %s\n", ++ mdname(mddev)); ++ md_set_array_sectors(mddev, raid5_size(mddev, 0, 0)); ++ ++ if (mddev->queue) { ++ int chunk_size; ++ bool discard_supported = true; ++ /* read-ahead size must cover two whole stripes, which ++ * is 2 * (datadisks) * chunksize where 'n' is the ++ * number of raid devices ++ */ ++ int data_disks = conf->previous_raid_disks - conf->max_degraded; ++ int stripe = data_disks * ++ ((mddev->chunk_sectors << 9) / PAGE_SIZE); ++ if (mddev->queue->backing_dev_info.ra_pages < 2 * stripe) ++ mddev->queue->backing_dev_info.ra_pages = 2 * stripe; ++ ++ blk_queue_merge_bvec(mddev->queue, raid5_mergeable_bvec); ++ ++ mddev->queue->backing_dev_info.congested_data = mddev; ++ mddev->queue->backing_dev_info.congested_fn = raid5_congested; ++ ++ chunk_size = mddev->chunk_sectors << 9; ++ blk_queue_io_min(mddev->queue, chunk_size); ++ blk_queue_io_opt(mddev->queue, chunk_size * ++ (conf->raid_disks - conf->max_degraded)); ++ mddev->queue->limits.raid_partial_stripes_expensive = 1; ++ /* ++ * We can only discard a whole stripe. It doesn't make sense to ++ * discard data disk but write parity disk ++ */ ++ stripe = stripe * PAGE_SIZE; ++ /* Round up to power of 2, as discard handling ++ * currently assumes that */ ++ while ((stripe-1) & stripe) ++ stripe = (stripe | (stripe-1)) + 1; ++ mddev->queue->limits.discard_alignment = stripe; ++ mddev->queue->limits.discard_granularity = stripe; ++ /* ++ * unaligned part of discard request will be ignored, so can't ++ * guarantee discard_zeroes_data ++ */ ++ mddev->queue->limits.discard_zeroes_data = 0; ++ ++ blk_queue_max_write_same_sectors(mddev->queue, 0); ++ ++ rdev_for_each(rdev, mddev) { ++ disk_stack_limits(mddev->gendisk, rdev->bdev, ++ rdev->data_offset << 9); ++ disk_stack_limits(mddev->gendisk, rdev->bdev, ++ rdev->new_data_offset << 9); ++ /* ++ * discard_zeroes_data is required, otherwise data ++ * could be lost. Consider a scenario: discard a stripe ++ * (the stripe could be inconsistent if ++ * discard_zeroes_data is 0); write one disk of the ++ * stripe (the stripe could be inconsistent again ++ * depending on which disks are used to calculate ++ * parity); the disk is broken; The stripe data of this ++ * disk is lost. ++ */ ++ if (!blk_queue_discard(bdev_get_queue(rdev->bdev)) || ++ !bdev_get_queue(rdev->bdev)-> ++ limits.discard_zeroes_data) ++ discard_supported = false; ++ /* Unfortunately, discard_zeroes_data is not currently ++ * a guarantee - just a hint. So we only allow DISCARD ++ * if the sysadmin has confirmed that only safe devices ++ * are in use by setting a module parameter. ++ */ ++ if (!devices_handle_discard_safely) { ++ if (discard_supported) { ++ pr_info("md/raid456: discard support disabled due to uncertainty.\n"); ++ pr_info("Set raid456.devices_handle_discard_safely=Y to override.\n"); ++ } ++ discard_supported = false; ++ } ++ } ++ ++ if (discard_supported && ++ mddev->queue->limits.max_discard_sectors >= stripe && ++ mddev->queue->limits.discard_granularity >= stripe) ++ queue_flag_set_unlocked(QUEUE_FLAG_DISCARD, ++ mddev->queue); ++ else ++ queue_flag_clear_unlocked(QUEUE_FLAG_DISCARD, ++ mddev->queue); ++ } ++ ++ return 0; ++abort: ++ md_unregister_thread(&mddev->thread); ++ print_raid5_conf(conf); ++ free_conf(conf); ++ mddev->private = NULL; ++ printk(KERN_ALERT "md/raid:%s: failed to run raid set.\n", mdname(mddev)); ++ return -EIO; ++} ++ ++static int stop(struct mddev *mddev) ++{ ++ struct r5conf *conf = mddev->private; ++ ++ md_unregister_thread(&mddev->thread); ++ if (mddev->queue) ++ mddev->queue->backing_dev_info.congested_fn = NULL; ++ free_conf(conf); ++ mddev->private = NULL; ++ mddev->to_remove = &raid5_attrs_group; ++ return 0; ++} ++ ++static void status(struct seq_file *seq, struct mddev *mddev) ++{ ++ struct r5conf *conf = mddev->private; ++ int i; ++ ++ seq_printf(seq, " level %d, %dk chunk, algorithm %d", mddev->level, ++ mddev->chunk_sectors / 2, mddev->layout); ++ seq_printf (seq, " [%d/%d] [", conf->raid_disks, conf->raid_disks - mddev->degraded); ++ for (i = 0; i < conf->raid_disks; i++) ++ seq_printf (seq, "%s", ++ conf->disks[i].rdev && ++ test_bit(In_sync, &conf->disks[i].rdev->flags) ? "U" : "_"); ++ seq_printf (seq, "]"); ++} ++ ++static void print_raid5_conf (struct r5conf *conf) ++{ ++ int i; ++ struct disk_info *tmp; ++ ++ printk(KERN_DEBUG "RAID conf printout:\n"); ++ if (!conf) { ++ printk("(conf==NULL)\n"); ++ return; ++ } ++ printk(KERN_DEBUG " --- level:%d rd:%d wd:%d\n", conf->level, ++ conf->raid_disks, ++ conf->raid_disks - conf->mddev->degraded); ++ ++ for (i = 0; i < conf->raid_disks; i++) { ++ char b[BDEVNAME_SIZE]; ++ tmp = conf->disks + i; ++ if (tmp->rdev) ++ printk(KERN_DEBUG " disk %d, o:%d, dev:%s\n", ++ i, !test_bit(Faulty, &tmp->rdev->flags), ++ bdevname(tmp->rdev->bdev, b)); ++ } ++} ++ ++static int raid5_spare_active(struct mddev *mddev) ++{ ++ int i; ++ struct r5conf *conf = mddev->private; ++ struct disk_info *tmp; ++ int count = 0; ++ unsigned long flags; ++ ++ for (i = 0; i < conf->raid_disks; i++) { ++ tmp = conf->disks + i; ++ if (tmp->replacement ++ && tmp->replacement->recovery_offset == MaxSector ++ && !test_bit(Faulty, &tmp->replacement->flags) ++ && !test_and_set_bit(In_sync, &tmp->replacement->flags)) { ++ /* Replacement has just become active. */ ++ if (!tmp->rdev ++ || !test_and_clear_bit(In_sync, &tmp->rdev->flags)) ++ count++; ++ if (tmp->rdev) { ++ /* Replaced device not technically faulty, ++ * but we need to be sure it gets removed ++ * and never re-added. ++ */ ++ set_bit(Faulty, &tmp->rdev->flags); ++ sysfs_notify_dirent_safe( ++ tmp->rdev->sysfs_state); ++ } ++ sysfs_notify_dirent_safe(tmp->replacement->sysfs_state); ++ } else if (tmp->rdev ++ && tmp->rdev->recovery_offset == MaxSector ++ && !test_bit(Faulty, &tmp->rdev->flags) ++ && !test_and_set_bit(In_sync, &tmp->rdev->flags)) { ++ count++; ++ sysfs_notify_dirent_safe(tmp->rdev->sysfs_state); ++ } ++ } ++ spin_lock_irqsave(&conf->device_lock, flags); ++ mddev->degraded = calc_degraded(conf); ++ spin_unlock_irqrestore(&conf->device_lock, flags); ++ print_raid5_conf(conf); ++ return count; ++} ++ ++static int raid5_remove_disk(struct mddev *mddev, struct md_rdev *rdev) ++{ ++ struct r5conf *conf = mddev->private; ++ int err = 0; ++ int number = rdev->raid_disk; ++ struct md_rdev **rdevp; ++ struct disk_info *p = conf->disks + number; ++ ++ print_raid5_conf(conf); ++ if (rdev == p->rdev) ++ rdevp = &p->rdev; ++ else if (rdev == p->replacement) ++ rdevp = &p->replacement; ++ else ++ return 0; ++ ++ if (number >= conf->raid_disks && ++ conf->reshape_progress == MaxSector) ++ clear_bit(In_sync, &rdev->flags); ++ ++ if (test_bit(In_sync, &rdev->flags) || ++ atomic_read(&rdev->nr_pending)) { ++ err = -EBUSY; ++ goto abort; ++ } ++ /* Only remove non-faulty devices if recovery ++ * isn't possible. ++ */ ++ if (!test_bit(Faulty, &rdev->flags) && ++ mddev->recovery_disabled != conf->recovery_disabled && ++ !has_failed(conf) && ++ (!p->replacement || p->replacement == rdev) && ++ number < conf->raid_disks) { ++ err = -EBUSY; ++ goto abort; ++ } ++ *rdevp = NULL; ++ synchronize_rcu(); ++ if (atomic_read(&rdev->nr_pending)) { ++ /* lost the race, try later */ ++ err = -EBUSY; ++ *rdevp = rdev; ++ } else if (p->replacement) { ++ /* We must have just cleared 'rdev' */ ++ p->rdev = p->replacement; ++ clear_bit(Replacement, &p->replacement->flags); ++ smp_mb(); /* Make sure other CPUs may see both as identical ++ * but will never see neither - if they are careful ++ */ ++ p->replacement = NULL; ++ clear_bit(WantReplacement, &rdev->flags); ++ } else ++ /* We might have just removed the Replacement as faulty- ++ * clear the bit just in case ++ */ ++ clear_bit(WantReplacement, &rdev->flags); ++abort: ++ ++ print_raid5_conf(conf); ++ return err; ++} ++ ++static int raid5_add_disk(struct mddev *mddev, struct md_rdev *rdev) ++{ ++ struct r5conf *conf = mddev->private; ++ int err = -EEXIST; ++ int disk; ++ struct disk_info *p; ++ int first = 0; ++ int last = conf->raid_disks - 1; ++ ++ if (mddev->recovery_disabled == conf->recovery_disabled) ++ return -EBUSY; ++ ++ if (rdev->saved_raid_disk < 0 && has_failed(conf)) ++ /* no point adding a device */ ++ return -EINVAL; ++ ++ if (rdev->raid_disk >= 0) ++ first = last = rdev->raid_disk; ++ ++ /* ++ * find the disk ... but prefer rdev->saved_raid_disk ++ * if possible. ++ */ ++ if (rdev->saved_raid_disk >= 0 && ++ rdev->saved_raid_disk >= first && ++ conf->disks[rdev->saved_raid_disk].rdev == NULL) ++ first = rdev->saved_raid_disk; ++ ++ for (disk = first; disk <= last; disk++) { ++ p = conf->disks + disk; ++ if (p->rdev == NULL) { ++ clear_bit(In_sync, &rdev->flags); ++ rdev->raid_disk = disk; ++ err = 0; ++ if (rdev->saved_raid_disk != disk) ++ conf->fullsync = 1; ++ rcu_assign_pointer(p->rdev, rdev); ++ goto out; ++ } ++ } ++ for (disk = first; disk <= last; disk++) { ++ p = conf->disks + disk; ++ if (test_bit(WantReplacement, &p->rdev->flags) && ++ p->replacement == NULL) { ++ clear_bit(In_sync, &rdev->flags); ++ set_bit(Replacement, &rdev->flags); ++ rdev->raid_disk = disk; ++ err = 0; ++ conf->fullsync = 1; ++ rcu_assign_pointer(p->replacement, rdev); ++ break; ++ } ++ } ++out: ++ print_raid5_conf(conf); ++ return err; ++} ++ ++static int raid5_resize(struct mddev *mddev, sector_t sectors) ++{ ++ /* no resync is happening, and there is enough space ++ * on all devices, so we can resize. ++ * We need to make sure resync covers any new space. ++ * If the array is shrinking we should possibly wait until ++ * any io in the removed space completes, but it hardly seems ++ * worth it. ++ */ ++ sector_t newsize; ++ sectors &= ~((sector_t)mddev->chunk_sectors - 1); ++ newsize = raid5_size(mddev, sectors, mddev->raid_disks); ++ if (mddev->external_size && ++ mddev->array_sectors > newsize) ++ return -EINVAL; ++ if (mddev->bitmap) { ++ int ret = bitmap_resize(mddev->bitmap, sectors, 0, 0); ++ if (ret) ++ return ret; ++ } ++ md_set_array_sectors(mddev, newsize); ++ set_capacity(mddev->gendisk, mddev->array_sectors); ++ revalidate_disk(mddev->gendisk); ++ if (sectors > mddev->dev_sectors && ++ mddev->recovery_cp > mddev->dev_sectors) { ++ mddev->recovery_cp = mddev->dev_sectors; ++ set_bit(MD_RECOVERY_NEEDED, &mddev->recovery); ++ } ++ mddev->dev_sectors = sectors; ++ mddev->resync_max_sectors = sectors; ++ return 0; ++} ++ ++static int check_stripe_cache(struct mddev *mddev) ++{ ++ /* Can only proceed if there are plenty of stripe_heads. ++ * We need a minimum of one full stripe,, and for sensible progress ++ * it is best to have about 4 times that. ++ * If we require 4 times, then the default 256 4K stripe_heads will ++ * allow for chunk sizes up to 256K, which is probably OK. ++ * If the chunk size is greater, user-space should request more ++ * stripe_heads first. ++ */ ++ struct r5conf *conf = mddev->private; ++ if (((mddev->chunk_sectors << 9) / STRIPE_SIZE) * 4 ++ > conf->max_nr_stripes || ++ ((mddev->new_chunk_sectors << 9) / STRIPE_SIZE) * 4 ++ > conf->max_nr_stripes) { ++ printk(KERN_WARNING "md/raid:%s: reshape: not enough stripes. Needed %lu\n", ++ mdname(mddev), ++ ((max(mddev->chunk_sectors, mddev->new_chunk_sectors) << 9) ++ / STRIPE_SIZE)*4); ++ return 0; ++ } ++ return 1; ++} ++ ++static int check_reshape(struct mddev *mddev) ++{ ++ struct r5conf *conf = mddev->private; ++ ++ if (mddev->delta_disks == 0 && ++ mddev->new_layout == mddev->layout && ++ mddev->new_chunk_sectors == mddev->chunk_sectors) ++ return 0; /* nothing to do */ ++ if (has_failed(conf)) ++ return -EINVAL; ++ if (mddev->delta_disks < 0 && mddev->reshape_position == MaxSector) { ++ /* We might be able to shrink, but the devices must ++ * be made bigger first. ++ * For raid6, 4 is the minimum size. ++ * Otherwise 2 is the minimum ++ */ ++ int min = 2; ++ if (mddev->level == 6) ++ min = 4; ++ if (mddev->raid_disks + mddev->delta_disks < min) ++ return -EINVAL; ++ } ++ ++ if (!check_stripe_cache(mddev)) ++ return -ENOSPC; ++ ++ return resize_stripes(conf, (conf->previous_raid_disks ++ + mddev->delta_disks)); ++} ++ ++static int raid5_start_reshape(struct mddev *mddev) ++{ ++ struct r5conf *conf = mddev->private; ++ struct md_rdev *rdev; ++ int spares = 0; ++ unsigned long flags; ++ ++ if (test_bit(MD_RECOVERY_RUNNING, &mddev->recovery)) ++ return -EBUSY; ++ ++ if (!check_stripe_cache(mddev)) ++ return -ENOSPC; ++ ++ if (has_failed(conf)) ++ return -EINVAL; ++ ++ rdev_for_each(rdev, mddev) { ++ if (!test_bit(In_sync, &rdev->flags) ++ && !test_bit(Faulty, &rdev->flags)) ++ spares++; ++ } ++ ++ if (spares - mddev->degraded < mddev->delta_disks - conf->max_degraded) ++ /* Not enough devices even to make a degraded array ++ * of that size ++ */ ++ return -EINVAL; ++ ++ /* Refuse to reduce size of the array. Any reductions in ++ * array size must be through explicit setting of array_size ++ * attribute. ++ */ ++ if (raid5_size(mddev, 0, conf->raid_disks + mddev->delta_disks) ++ < mddev->array_sectors) { ++ printk(KERN_ERR "md/raid:%s: array size must be reduced " ++ "before number of disks\n", mdname(mddev)); ++ return -EINVAL; ++ } ++ ++ atomic_set(&conf->reshape_stripes, 0); ++ spin_lock_irq(&conf->device_lock); ++ write_seqcount_begin(&conf->gen_lock); ++ conf->previous_raid_disks = conf->raid_disks; ++ conf->raid_disks += mddev->delta_disks; ++ conf->prev_chunk_sectors = conf->chunk_sectors; ++ conf->chunk_sectors = mddev->new_chunk_sectors; ++ conf->prev_algo = conf->algorithm; ++ conf->algorithm = mddev->new_layout; ++ conf->generation++; ++ /* Code that selects data_offset needs to see the generation update ++ * if reshape_progress has been set - so a memory barrier needed. ++ */ ++ smp_mb(); ++ if (mddev->reshape_backwards) ++ conf->reshape_progress = raid5_size(mddev, 0, 0); ++ else ++ conf->reshape_progress = 0; ++ conf->reshape_safe = conf->reshape_progress; ++ write_seqcount_end(&conf->gen_lock); ++ spin_unlock_irq(&conf->device_lock); ++ ++ /* Now make sure any requests that proceeded on the assumption ++ * the reshape wasn't running - like Discard or Read - have ++ * completed. ++ */ ++ mddev_suspend(mddev); ++ mddev_resume(mddev); ++ ++ /* Add some new drives, as many as will fit. ++ * We know there are enough to make the newly sized array work. ++ * Don't add devices if we are reducing the number of ++ * devices in the array. This is because it is not possible ++ * to correctly record the "partially reconstructed" state of ++ * such devices during the reshape and confusion could result. ++ */ ++ if (mddev->delta_disks >= 0) { ++ rdev_for_each(rdev, mddev) ++ if (rdev->raid_disk < 0 && ++ !test_bit(Faulty, &rdev->flags)) { ++ if (raid5_add_disk(mddev, rdev) == 0) { ++ if (rdev->raid_disk ++ >= conf->previous_raid_disks) ++ set_bit(In_sync, &rdev->flags); ++ else ++ rdev->recovery_offset = 0; ++ ++ if (sysfs_link_rdev(mddev, rdev)) ++ /* Failure here is OK */; ++ } ++ } else if (rdev->raid_disk >= conf->previous_raid_disks ++ && !test_bit(Faulty, &rdev->flags)) { ++ /* This is a spare that was manually added */ ++ set_bit(In_sync, &rdev->flags); ++ } ++ ++ /* When a reshape changes the number of devices, ++ * ->degraded is measured against the larger of the ++ * pre and post number of devices. ++ */ ++ spin_lock_irqsave(&conf->device_lock, flags); ++ mddev->degraded = calc_degraded(conf); ++ spin_unlock_irqrestore(&conf->device_lock, flags); ++ } ++ mddev->raid_disks = conf->raid_disks; ++ mddev->reshape_position = conf->reshape_progress; ++ set_bit(MD_CHANGE_DEVS, &mddev->flags); ++ ++ clear_bit(MD_RECOVERY_SYNC, &mddev->recovery); ++ clear_bit(MD_RECOVERY_CHECK, &mddev->recovery); ++ set_bit(MD_RECOVERY_RESHAPE, &mddev->recovery); ++ set_bit(MD_RECOVERY_RUNNING, &mddev->recovery); ++ mddev->sync_thread = md_register_thread(md_do_sync, mddev, ++ "reshape"); ++ if (!mddev->sync_thread) { ++ mddev->recovery = 0; ++ spin_lock_irq(&conf->device_lock); ++ write_seqcount_begin(&conf->gen_lock); ++ mddev->raid_disks = conf->raid_disks = conf->previous_raid_disks; ++ mddev->new_chunk_sectors = ++ conf->chunk_sectors = conf->prev_chunk_sectors; ++ mddev->new_layout = conf->algorithm = conf->prev_algo; ++ rdev_for_each(rdev, mddev) ++ rdev->new_data_offset = rdev->data_offset; ++ smp_wmb(); ++ conf->generation --; ++ conf->reshape_progress = MaxSector; ++ mddev->reshape_position = MaxSector; ++ write_seqcount_end(&conf->gen_lock); ++ spin_unlock_irq(&conf->device_lock); ++ return -EAGAIN; ++ } ++ conf->reshape_checkpoint = jiffies; ++ md_wakeup_thread(mddev->sync_thread); ++ md_new_event(mddev); ++ return 0; ++} ++ ++/* This is called from the reshape thread and should make any ++ * changes needed in 'conf' ++ */ ++static void end_reshape(struct r5conf *conf) ++{ ++ ++ if (!test_bit(MD_RECOVERY_INTR, &conf->mddev->recovery)) { ++ struct md_rdev *rdev; ++ ++ spin_lock_irq(&conf->device_lock); ++ conf->previous_raid_disks = conf->raid_disks; ++ rdev_for_each(rdev, conf->mddev) ++ rdev->data_offset = rdev->new_data_offset; ++ smp_wmb(); ++ conf->reshape_progress = MaxSector; ++ spin_unlock_irq(&conf->device_lock); ++ wake_up(&conf->wait_for_overlap); ++ ++ /* read-ahead size must cover two whole stripes, which is ++ * 2 * (datadisks) * chunksize where 'n' is the number of raid devices ++ */ ++ if (conf->mddev->queue) { ++ int data_disks = conf->raid_disks - conf->max_degraded; ++ int stripe = data_disks * ((conf->chunk_sectors << 9) ++ / PAGE_SIZE); ++ if (conf->mddev->queue->backing_dev_info.ra_pages < 2 * stripe) ++ conf->mddev->queue->backing_dev_info.ra_pages = 2 * stripe; ++ } ++ } ++} ++ ++/* This is called from the raid5d thread with mddev_lock held. ++ * It makes config changes to the device. ++ */ ++static void raid5_finish_reshape(struct mddev *mddev) ++{ ++ struct r5conf *conf = mddev->private; ++ ++ if (!test_bit(MD_RECOVERY_INTR, &mddev->recovery)) { ++ ++ if (mddev->delta_disks > 0) { ++ md_set_array_sectors(mddev, raid5_size(mddev, 0, 0)); ++ set_capacity(mddev->gendisk, mddev->array_sectors); ++ revalidate_disk(mddev->gendisk); ++ } else { ++ int d; ++ spin_lock_irq(&conf->device_lock); ++ mddev->degraded = calc_degraded(conf); ++ spin_unlock_irq(&conf->device_lock); ++ for (d = conf->raid_disks ; ++ d < conf->raid_disks - mddev->delta_disks; ++ d++) { ++ struct md_rdev *rdev = conf->disks[d].rdev; ++ if (rdev) ++ clear_bit(In_sync, &rdev->flags); ++ rdev = conf->disks[d].replacement; ++ if (rdev) ++ clear_bit(In_sync, &rdev->flags); ++ } ++ } ++ mddev->layout = conf->algorithm; ++ mddev->chunk_sectors = conf->chunk_sectors; ++ mddev->reshape_position = MaxSector; ++ mddev->delta_disks = 0; ++ mddev->reshape_backwards = 0; ++ } ++} ++ ++static void raid5_quiesce(struct mddev *mddev, int state) ++{ ++ struct r5conf *conf = mddev->private; ++ ++ switch(state) { ++ case 2: /* resume for a suspend */ ++ wake_up(&conf->wait_for_overlap); ++ break; ++ ++ case 1: /* stop all writes */ ++ lock_all_device_hash_locks_irq(conf); ++ /* '2' tells resync/reshape to pause so that all ++ * active stripes can drain ++ */ ++ conf->quiesce = 2; ++ wait_event_cmd(conf->wait_for_stripe, ++ atomic_read(&conf->active_stripes) == 0 && ++ atomic_read(&conf->active_aligned_reads) == 0, ++ unlock_all_device_hash_locks_irq(conf), ++ lock_all_device_hash_locks_irq(conf)); ++ conf->quiesce = 1; ++ unlock_all_device_hash_locks_irq(conf); ++ /* allow reshape to continue */ ++ wake_up(&conf->wait_for_overlap); ++ break; ++ ++ case 0: /* re-enable writes */ ++ lock_all_device_hash_locks_irq(conf); ++ conf->quiesce = 0; ++ wake_up(&conf->wait_for_stripe); ++ wake_up(&conf->wait_for_overlap); ++ unlock_all_device_hash_locks_irq(conf); ++ break; ++ } ++} ++ ++static void *raid45_takeover_raid0(struct mddev *mddev, int level) ++{ ++ struct r0conf *raid0_conf = mddev->private; ++ sector_t sectors; ++ ++ /* for raid0 takeover only one zone is supported */ ++ if (raid0_conf->nr_strip_zones > 1) { ++ printk(KERN_ERR "md/raid:%s: cannot takeover raid0 with more than one zone.\n", ++ mdname(mddev)); ++ return ERR_PTR(-EINVAL); ++ } ++ ++ sectors = raid0_conf->strip_zone[0].zone_end; ++ sector_div(sectors, raid0_conf->strip_zone[0].nb_dev); ++ mddev->dev_sectors = sectors; ++ mddev->new_level = level; ++ mddev->new_layout = ALGORITHM_PARITY_N; ++ mddev->new_chunk_sectors = mddev->chunk_sectors; ++ mddev->raid_disks += 1; ++ mddev->delta_disks = 1; ++ /* make sure it will be not marked as dirty */ ++ mddev->recovery_cp = MaxSector; ++ ++ return setup_conf(mddev); ++} ++ ++static void *raid5_takeover_raid1(struct mddev *mddev) ++{ ++ int chunksect; ++ ++ if (mddev->raid_disks != 2 || ++ mddev->degraded > 1) ++ return ERR_PTR(-EINVAL); ++ ++ /* Should check if there are write-behind devices? */ ++ ++ chunksect = 64*2; /* 64K by default */ ++ ++ /* The array must be an exact multiple of chunksize */ ++ while (chunksect && (mddev->array_sectors & (chunksect-1))) ++ chunksect >>= 1; ++ ++ if ((chunksect<<9) < STRIPE_SIZE) ++ /* array size does not allow a suitable chunk size */ ++ return ERR_PTR(-EINVAL); ++ ++ mddev->new_level = 5; ++ mddev->new_layout = ALGORITHM_LEFT_SYMMETRIC; ++ mddev->new_chunk_sectors = chunksect; ++ ++ return setup_conf(mddev); ++} ++ ++static void *raid5_takeover_raid6(struct mddev *mddev) ++{ ++ int new_layout; ++ ++ switch (mddev->layout) { ++ case ALGORITHM_LEFT_ASYMMETRIC_6: ++ new_layout = ALGORITHM_LEFT_ASYMMETRIC; ++ break; ++ case ALGORITHM_RIGHT_ASYMMETRIC_6: ++ new_layout = ALGORITHM_RIGHT_ASYMMETRIC; ++ break; ++ case ALGORITHM_LEFT_SYMMETRIC_6: ++ new_layout = ALGORITHM_LEFT_SYMMETRIC; ++ break; ++ case ALGORITHM_RIGHT_SYMMETRIC_6: ++ new_layout = ALGORITHM_RIGHT_SYMMETRIC; ++ break; ++ case ALGORITHM_PARITY_0_6: ++ new_layout = ALGORITHM_PARITY_0; ++ break; ++ case ALGORITHM_PARITY_N: ++ new_layout = ALGORITHM_PARITY_N; ++ break; ++ default: ++ return ERR_PTR(-EINVAL); ++ } ++ mddev->new_level = 5; ++ mddev->new_layout = new_layout; ++ mddev->delta_disks = -1; ++ mddev->raid_disks -= 1; ++ return setup_conf(mddev); ++} ++ ++static int raid5_check_reshape(struct mddev *mddev) ++{ ++ /* For a 2-drive array, the layout and chunk size can be changed ++ * immediately as not restriping is needed. ++ * For larger arrays we record the new value - after validation ++ * to be used by a reshape pass. ++ */ ++ struct r5conf *conf = mddev->private; ++ int new_chunk = mddev->new_chunk_sectors; ++ ++ if (mddev->new_layout >= 0 && !algorithm_valid_raid5(mddev->new_layout)) ++ return -EINVAL; ++ if (new_chunk > 0) { ++ if (!is_power_of_2(new_chunk)) ++ return -EINVAL; ++ if (new_chunk < (PAGE_SIZE>>9)) ++ return -EINVAL; ++ if (mddev->array_sectors & (new_chunk-1)) ++ /* not factor of array size */ ++ return -EINVAL; ++ } ++ ++ /* They look valid */ ++ ++ if (mddev->raid_disks == 2) { ++ /* can make the change immediately */ ++ if (mddev->new_layout >= 0) { ++ conf->algorithm = mddev->new_layout; ++ mddev->layout = mddev->new_layout; ++ } ++ if (new_chunk > 0) { ++ conf->chunk_sectors = new_chunk ; ++ mddev->chunk_sectors = new_chunk; ++ } ++ set_bit(MD_CHANGE_DEVS, &mddev->flags); ++ md_wakeup_thread(mddev->thread); ++ } ++ return check_reshape(mddev); ++} ++ ++static int raid6_check_reshape(struct mddev *mddev) ++{ ++ int new_chunk = mddev->new_chunk_sectors; ++ ++ if (mddev->new_layout >= 0 && !algorithm_valid_raid6(mddev->new_layout)) ++ return -EINVAL; ++ if (new_chunk > 0) { ++ if (!is_power_of_2(new_chunk)) ++ return -EINVAL; ++ if (new_chunk < (PAGE_SIZE >> 9)) ++ return -EINVAL; ++ if (mddev->array_sectors & (new_chunk-1)) ++ /* not factor of array size */ ++ return -EINVAL; ++ } ++ ++ /* They look valid */ ++ return check_reshape(mddev); ++} ++ ++static void *raid5_takeover(struct mddev *mddev) ++{ ++ /* raid5 can take over: ++ * raid0 - if there is only one strip zone - make it a raid4 layout ++ * raid1 - if there are two drives. We need to know the chunk size ++ * raid4 - trivial - just use a raid4 layout. ++ * raid6 - Providing it is a *_6 layout ++ */ ++ if (mddev->level == 0) ++ return raid45_takeover_raid0(mddev, 5); ++ if (mddev->level == 1) ++ return raid5_takeover_raid1(mddev); ++ if (mddev->level == 4) { ++ mddev->new_layout = ALGORITHM_PARITY_N; ++ mddev->new_level = 5; ++ return setup_conf(mddev); ++ } ++ if (mddev->level == 6) ++ return raid5_takeover_raid6(mddev); ++ ++ return ERR_PTR(-EINVAL); ++} ++ ++static void *raid4_takeover(struct mddev *mddev) ++{ ++ /* raid4 can take over: ++ * raid0 - if there is only one strip zone ++ * raid5 - if layout is right ++ */ ++ if (mddev->level == 0) ++ return raid45_takeover_raid0(mddev, 4); ++ if (mddev->level == 5 && ++ mddev->layout == ALGORITHM_PARITY_N) { ++ mddev->new_layout = 0; ++ mddev->new_level = 4; ++ return setup_conf(mddev); ++ } ++ return ERR_PTR(-EINVAL); ++} ++ ++static struct md_personality raid5_personality; ++ ++static void *raid6_takeover(struct mddev *mddev) ++{ ++ /* Currently can only take over a raid5. We map the ++ * personality to an equivalent raid6 personality ++ * with the Q block at the end. ++ */ ++ int new_layout; ++ ++ if (mddev->pers != &raid5_personality) ++ return ERR_PTR(-EINVAL); ++ if (mddev->degraded > 1) ++ return ERR_PTR(-EINVAL); ++ if (mddev->raid_disks > 253) ++ return ERR_PTR(-EINVAL); ++ if (mddev->raid_disks < 3) ++ return ERR_PTR(-EINVAL); ++ ++ switch (mddev->layout) { ++ case ALGORITHM_LEFT_ASYMMETRIC: ++ new_layout = ALGORITHM_LEFT_ASYMMETRIC_6; ++ break; ++ case ALGORITHM_RIGHT_ASYMMETRIC: ++ new_layout = ALGORITHM_RIGHT_ASYMMETRIC_6; ++ break; ++ case ALGORITHM_LEFT_SYMMETRIC: ++ new_layout = ALGORITHM_LEFT_SYMMETRIC_6; ++ break; ++ case ALGORITHM_RIGHT_SYMMETRIC: ++ new_layout = ALGORITHM_RIGHT_SYMMETRIC_6; ++ break; ++ case ALGORITHM_PARITY_0: ++ new_layout = ALGORITHM_PARITY_0_6; ++ break; ++ case ALGORITHM_PARITY_N: ++ new_layout = ALGORITHM_PARITY_N; ++ break; ++ default: ++ return ERR_PTR(-EINVAL); ++ } ++ mddev->new_level = 6; ++ mddev->new_layout = new_layout; ++ mddev->delta_disks = 1; ++ mddev->raid_disks += 1; ++ return setup_conf(mddev); ++} ++ ++static struct md_personality raid6_personality = ++{ ++ .name = "raid6", ++ .level = 6, ++ .owner = THIS_MODULE, ++ .make_request = make_request, ++ .run = run, ++ .stop = stop, ++ .status = status, ++ .error_handler = error, ++ .hot_add_disk = raid5_add_disk, ++ .hot_remove_disk= raid5_remove_disk, ++ .spare_active = raid5_spare_active, ++ .sync_request = sync_request, ++ .resize = raid5_resize, ++ .size = raid5_size, ++ .check_reshape = raid6_check_reshape, ++ .start_reshape = raid5_start_reshape, ++ .finish_reshape = raid5_finish_reshape, ++ .quiesce = raid5_quiesce, ++ .takeover = raid6_takeover, ++}; ++static struct md_personality raid5_personality = ++{ ++ .name = "raid5", ++ .level = 5, ++ .owner = THIS_MODULE, ++ .make_request = make_request, ++ .run = run, ++ .stop = stop, ++ .status = status, ++ .error_handler = error, ++ .hot_add_disk = raid5_add_disk, ++ .hot_remove_disk= raid5_remove_disk, ++ .spare_active = raid5_spare_active, ++ .sync_request = sync_request, ++ .resize = raid5_resize, ++ .size = raid5_size, ++ .check_reshape = raid5_check_reshape, ++ .start_reshape = raid5_start_reshape, ++ .finish_reshape = raid5_finish_reshape, ++ .quiesce = raid5_quiesce, ++ .takeover = raid5_takeover, ++}; ++ ++static struct md_personality raid4_personality = ++{ ++ .name = "raid4", ++ .level = 4, ++ .owner = THIS_MODULE, ++ .make_request = make_request, ++ .run = run, ++ .stop = stop, ++ .status = status, ++ .error_handler = error, ++ .hot_add_disk = raid5_add_disk, ++ .hot_remove_disk= raid5_remove_disk, ++ .spare_active = raid5_spare_active, ++ .sync_request = sync_request, ++ .resize = raid5_resize, ++ .size = raid5_size, ++ .check_reshape = raid5_check_reshape, ++ .start_reshape = raid5_start_reshape, ++ .finish_reshape = raid5_finish_reshape, ++ .quiesce = raid5_quiesce, ++ .takeover = raid4_takeover, ++}; ++ ++static int __init raid5_init(void) ++{ ++ raid5_wq = alloc_workqueue("raid5wq", ++ WQ_UNBOUND|WQ_MEM_RECLAIM|WQ_CPU_INTENSIVE|WQ_SYSFS, 0); ++ if (!raid5_wq) ++ return -ENOMEM; ++ register_md_personality(&raid6_personality); ++ register_md_personality(&raid5_personality); ++ register_md_personality(&raid4_personality); ++ return 0; ++} ++ ++static void raid5_exit(void) ++{ ++ unregister_md_personality(&raid6_personality); ++ unregister_md_personality(&raid5_personality); ++ unregister_md_personality(&raid4_personality); ++ destroy_workqueue(raid5_wq); ++} ++ ++module_init(raid5_init); ++module_exit(raid5_exit); ++MODULE_LICENSE("GPL"); ++MODULE_DESCRIPTION("RAID4/5/6 (striping with parity) personality for MD"); ++MODULE_ALIAS("md-personality-4"); /* RAID5 */ ++MODULE_ALIAS("md-raid5"); ++MODULE_ALIAS("md-raid4"); ++MODULE_ALIAS("md-level-5"); ++MODULE_ALIAS("md-level-4"); ++MODULE_ALIAS("md-personality-8"); /* RAID6 */ ++MODULE_ALIAS("md-raid6"); ++MODULE_ALIAS("md-level-6"); ++ ++/* This used to be two separate modules, they were: */ ++MODULE_ALIAS("raid5"); ++MODULE_ALIAS("raid6"); +diff -Nur linux-3.18.9.orig/drivers/md/raid5.h linux-3.18.9/drivers/md/raid5.h +--- linux-3.18.9.orig/drivers/md/raid5.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/md/raid5.h 2015-03-15 16:03:03.724094875 -0500 +@@ -457,6 +457,7 @@ + int recovery_disabled; + /* per cpu variables */ + struct raid5_percpu { ++ spinlock_t lock; /* Protection for -RT */ + struct page *spare_page; /* Used when checking P/Q in raid6 */ + void *scribble; /* space for constructing buffer + * lists and performing address +diff -Nur linux-3.18.9.orig/drivers/misc/hwlat_detector.c linux-3.18.9/drivers/misc/hwlat_detector.c +--- linux-3.18.9.orig/drivers/misc/hwlat_detector.c 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/drivers/misc/hwlat_detector.c 2015-03-15 16:03:03.724094875 -0500 +@@ -0,0 +1,1240 @@ ++/* ++ * hwlat_detector.c - A simple Hardware Latency detector. ++ * ++ * Use this module to detect large system latencies induced by the behavior of ++ * certain underlying system hardware or firmware, independent of Linux itself. ++ * The code was developed originally to detect the presence of SMIs on Intel ++ * and AMD systems, although there is no dependency upon x86 herein. ++ * ++ * The classical example usage of this module is in detecting the presence of ++ * SMIs or System Management Interrupts on Intel and AMD systems. An SMI is a ++ * somewhat special form of hardware interrupt spawned from earlier CPU debug ++ * modes in which the (BIOS/EFI/etc.) firmware arranges for the South Bridge ++ * LPC (or other device) to generate a special interrupt under certain ++ * circumstances, for example, upon expiration of a special SMI timer device, ++ * due to certain external thermal readings, on certain I/O address accesses, ++ * and other situations. An SMI hits a special CPU pin, triggers a special ++ * SMI mode (complete with special memory map), and the OS is unaware. ++ * ++ * Although certain hardware-inducing latencies are necessary (for example, ++ * a modern system often requires an SMI handler for correct thermal control ++ * and remote management) they can wreak havoc upon any OS-level performance ++ * guarantees toward low-latency, especially when the OS is not even made ++ * aware of the presence of these interrupts. For this reason, we need a ++ * somewhat brute force mechanism to detect these interrupts. In this case, ++ * we do it by hogging all of the CPU(s) for configurable timer intervals, ++ * sampling the built-in CPU timer, looking for discontiguous readings. ++ * ++ * WARNING: This implementation necessarily introduces latencies. Therefore, ++ * you should NEVER use this module in a production environment ++ * requiring any kind of low-latency performance guarantee(s). ++ * ++ * Copyright (C) 2008-2009 Jon Masters, Red Hat, Inc. <jcm@redhat.com> ++ * ++ * Includes useful feedback from Clark Williams <clark@redhat.com> ++ * ++ * This file is licensed under the terms of the GNU General Public ++ * License version 2. This program is licensed "as is" without any ++ * warranty of any kind, whether express or implied. ++ */ ++ ++#include <linux/module.h> ++#include <linux/init.h> ++#include <linux/ring_buffer.h> ++#include <linux/time.h> ++#include <linux/hrtimer.h> ++#include <linux/kthread.h> ++#include <linux/debugfs.h> ++#include <linux/seq_file.h> ++#include <linux/uaccess.h> ++#include <linux/version.h> ++#include <linux/delay.h> ++#include <linux/slab.h> ++#include <linux/trace_clock.h> ++ ++#define BUF_SIZE_DEFAULT 262144UL /* 8K*(sizeof(entry)) */ ++#define BUF_FLAGS (RB_FL_OVERWRITE) /* no block on full */ ++#define U64STR_SIZE 22 /* 20 digits max */ ++ ++#define VERSION "1.0.0" ++#define BANNER "hwlat_detector: " ++#define DRVNAME "hwlat_detector" ++#define DEFAULT_SAMPLE_WINDOW 1000000 /* 1s */ ++#define DEFAULT_SAMPLE_WIDTH 500000 /* 0.5s */ ++#define DEFAULT_LAT_THRESHOLD 10 /* 10us */ ++ ++/* Module metadata */ ++ ++MODULE_LICENSE("GPL"); ++MODULE_AUTHOR("Jon Masters <jcm@redhat.com>"); ++MODULE_DESCRIPTION("A simple hardware latency detector"); ++MODULE_VERSION(VERSION); ++ ++/* Module parameters */ ++ ++static int debug; ++static int enabled; ++static int threshold; ++ ++module_param(debug, int, 0); /* enable debug */ ++module_param(enabled, int, 0); /* enable detector */ ++module_param(threshold, int, 0); /* latency threshold */ ++ ++/* Buffering and sampling */ ++ ++static struct ring_buffer *ring_buffer; /* sample buffer */ ++static DEFINE_MUTEX(ring_buffer_mutex); /* lock changes */ ++static unsigned long buf_size = BUF_SIZE_DEFAULT; ++static struct task_struct *kthread; /* sampling thread */ ++ ++/* DebugFS filesystem entries */ ++ ++static struct dentry *debug_dir; /* debugfs directory */ ++static struct dentry *debug_max; /* maximum TSC delta */ ++static struct dentry *debug_count; /* total detect count */ ++static struct dentry *debug_sample_width; /* sample width us */ ++static struct dentry *debug_sample_window; /* sample window us */ ++static struct dentry *debug_sample; /* raw samples us */ ++static struct dentry *debug_threshold; /* threshold us */ ++static struct dentry *debug_enable; /* enable/disable */ ++ ++/* Individual samples and global state */ ++ ++struct sample; /* latency sample */ ++struct data; /* Global state */ ++ ++/* Sampling functions */ ++static int __buffer_add_sample(struct sample *sample); ++static struct sample *buffer_get_sample(struct sample *sample); ++ ++/* Threading and state */ ++static int kthread_fn(void *unused); ++static int start_kthread(void); ++static int stop_kthread(void); ++static void __reset_stats(void); ++static int init_stats(void); ++ ++/* Debugfs interface */ ++static ssize_t simple_data_read(struct file *filp, char __user *ubuf, ++ size_t cnt, loff_t *ppos, const u64 *entry); ++static ssize_t simple_data_write(struct file *filp, const char __user *ubuf, ++ size_t cnt, loff_t *ppos, u64 *entry); ++static int debug_sample_fopen(struct inode *inode, struct file *filp); ++static ssize_t debug_sample_fread(struct file *filp, char __user *ubuf, ++ size_t cnt, loff_t *ppos); ++static int debug_sample_release(struct inode *inode, struct file *filp); ++static int debug_enable_fopen(struct inode *inode, struct file *filp); ++static ssize_t debug_enable_fread(struct file *filp, char __user *ubuf, ++ size_t cnt, loff_t *ppos); ++static ssize_t debug_enable_fwrite(struct file *file, ++ const char __user *user_buffer, ++ size_t user_size, loff_t *offset); ++ ++/* Initialization functions */ ++static int init_debugfs(void); ++static void free_debugfs(void); ++static int detector_init(void); ++static void detector_exit(void); ++ ++/* Individual latency samples are stored here when detected and packed into ++ * the ring_buffer circular buffer, where they are overwritten when ++ * more than buf_size/sizeof(sample) samples are received. */ ++struct sample { ++ u64 seqnum; /* unique sequence */ ++ u64 duration; /* ktime delta */ ++ u64 outer_duration; /* ktime delta (outer loop) */ ++ struct timespec timestamp; /* wall time */ ++ unsigned long lost; ++}; ++ ++/* keep the global state somewhere. */ ++static struct data { ++ ++ struct mutex lock; /* protect changes */ ++ ++ u64 count; /* total since reset */ ++ u64 max_sample; /* max hardware latency */ ++ u64 threshold; /* sample threshold level */ ++ ++ u64 sample_window; /* total sampling window (on+off) */ ++ u64 sample_width; /* active sampling portion of window */ ++ ++ atomic_t sample_open; /* whether the sample file is open */ ++ ++ wait_queue_head_t wq; /* waitqeue for new sample values */ ++ ++} data; ++ ++/** ++ * __buffer_add_sample - add a new latency sample recording to the ring buffer ++ * @sample: The new latency sample value ++ * ++ * This receives a new latency sample and records it in a global ring buffer. ++ * No additional locking is used in this case. ++ */ ++static int __buffer_add_sample(struct sample *sample) ++{ ++ return ring_buffer_write(ring_buffer, ++ sizeof(struct sample), sample); ++} ++ ++/** ++ * buffer_get_sample - remove a hardware latency sample from the ring buffer ++ * @sample: Pre-allocated storage for the sample ++ * ++ * This retrieves a hardware latency sample from the global circular buffer ++ */ ++static struct sample *buffer_get_sample(struct sample *sample) ++{ ++ struct ring_buffer_event *e = NULL; ++ struct sample *s = NULL; ++ unsigned int cpu = 0; ++ ++ if (!sample) ++ return NULL; ++ ++ mutex_lock(&ring_buffer_mutex); ++ for_each_online_cpu(cpu) { ++ e = ring_buffer_consume(ring_buffer, cpu, NULL, &sample->lost); ++ if (e) ++ break; ++ } ++ ++ if (e) { ++ s = ring_buffer_event_data(e); ++ memcpy(sample, s, sizeof(struct sample)); ++ } else ++ sample = NULL; ++ mutex_unlock(&ring_buffer_mutex); ++ ++ return sample; ++} ++ ++#ifndef CONFIG_TRACING ++#define time_type ktime_t ++#define time_get() ktime_get() ++#define time_to_us(x) ktime_to_us(x) ++#define time_sub(a, b) ktime_sub(a, b) ++#define init_time(a, b) (a).tv64 = b ++#define time_u64(a) ((a).tv64) ++#else ++#define time_type u64 ++#define time_get() trace_clock_local() ++#define time_to_us(x) div_u64(x, 1000) ++#define time_sub(a, b) ((a) - (b)) ++#define init_time(a, b) (a = b) ++#define time_u64(a) a ++#endif ++/** ++ * get_sample - sample the CPU TSC and look for likely hardware latencies ++ * ++ * Used to repeatedly capture the CPU TSC (or similar), looking for potential ++ * hardware-induced latency. Called with interrupts disabled and with ++ * data.lock held. ++ */ ++static int get_sample(void) ++{ ++ time_type start, t1, t2, last_t2; ++ s64 diff, total = 0; ++ u64 sample = 0; ++ u64 outer_sample = 0; ++ int ret = -1; ++ ++ init_time(last_t2, 0); ++ start = time_get(); /* start timestamp */ ++ ++ do { ++ ++ t1 = time_get(); /* we'll look for a discontinuity */ ++ t2 = time_get(); ++ ++ if (time_u64(last_t2)) { ++ /* Check the delta from outer loop (t2 to next t1) */ ++ diff = time_to_us(time_sub(t1, last_t2)); ++ /* This shouldn't happen */ ++ if (diff < 0) { ++ pr_err(BANNER "time running backwards\n"); ++ goto out; ++ } ++ if (diff > outer_sample) ++ outer_sample = diff; ++ } ++ last_t2 = t2; ++ ++ total = time_to_us(time_sub(t2, start)); /* sample width */ ++ ++ /* This checks the inner loop (t1 to t2) */ ++ diff = time_to_us(time_sub(t2, t1)); /* current diff */ ++ ++ /* This shouldn't happen */ ++ if (diff < 0) { ++ pr_err(BANNER "time running backwards\n"); ++ goto out; ++ } ++ ++ if (diff > sample) ++ sample = diff; /* only want highest value */ ++ ++ } while (total <= data.sample_width); ++ ++ ret = 0; ++ ++ /* If we exceed the threshold value, we have found a hardware latency */ ++ if (sample > data.threshold || outer_sample > data.threshold) { ++ struct sample s; ++ ++ ret = 1; ++ ++ data.count++; ++ s.seqnum = data.count; ++ s.duration = sample; ++ s.outer_duration = outer_sample; ++ s.timestamp = CURRENT_TIME; ++ __buffer_add_sample(&s); ++ ++ /* Keep a running maximum ever recorded hardware latency */ ++ if (sample > data.max_sample) ++ data.max_sample = sample; ++ } ++ ++out: ++ return ret; ++} ++ ++/* ++ * kthread_fn - The CPU time sampling/hardware latency detection kernel thread ++ * @unused: A required part of the kthread API. ++ * ++ * Used to periodically sample the CPU TSC via a call to get_sample. We ++ * disable interrupts, which does (intentionally) introduce latency since we ++ * need to ensure nothing else might be running (and thus pre-empting). ++ * Obviously this should never be used in production environments. ++ * ++ * Currently this runs on which ever CPU it was scheduled on, but most ++ * real-worald hardware latency situations occur across several CPUs, ++ * but we might later generalize this if we find there are any actualy ++ * systems with alternate SMI delivery or other hardware latencies. ++ */ ++static int kthread_fn(void *unused) ++{ ++ int ret; ++ u64 interval; ++ ++ while (!kthread_should_stop()) { ++ ++ mutex_lock(&data.lock); ++ ++ local_irq_disable(); ++ ret = get_sample(); ++ local_irq_enable(); ++ ++ if (ret > 0) ++ wake_up(&data.wq); /* wake up reader(s) */ ++ ++ interval = data.sample_window - data.sample_width; ++ do_div(interval, USEC_PER_MSEC); /* modifies interval value */ ++ ++ mutex_unlock(&data.lock); ++ ++ if (msleep_interruptible(interval)) ++ break; ++ } ++ ++ return 0; ++} ++ ++/** ++ * start_kthread - Kick off the hardware latency sampling/detector kthread ++ * ++ * This starts a kernel thread that will sit and sample the CPU timestamp ++ * counter (TSC or similar) and look for potential hardware latencies. ++ */ ++static int start_kthread(void) ++{ ++ kthread = kthread_run(kthread_fn, NULL, ++ DRVNAME); ++ if (IS_ERR(kthread)) { ++ pr_err(BANNER "could not start sampling thread\n"); ++ enabled = 0; ++ return -ENOMEM; ++ } ++ ++ return 0; ++} ++ ++/** ++ * stop_kthread - Inform the hardware latency samping/detector kthread to stop ++ * ++ * This kicks the running hardware latency sampling/detector kernel thread and ++ * tells it to stop sampling now. Use this on unload and at system shutdown. ++ */ ++static int stop_kthread(void) ++{ ++ int ret; ++ ++ ret = kthread_stop(kthread); ++ ++ return ret; ++} ++ ++/** ++ * __reset_stats - Reset statistics for the hardware latency detector ++ * ++ * We use data to store various statistics and global state. We call this ++ * function in order to reset those when "enable" is toggled on or off, and ++ * also at initialization. Should be called with data.lock held. ++ */ ++static void __reset_stats(void) ++{ ++ data.count = 0; ++ data.max_sample = 0; ++ ring_buffer_reset(ring_buffer); /* flush out old sample entries */ ++} ++ ++/** ++ * init_stats - Setup global state statistics for the hardware latency detector ++ * ++ * We use data to store various statistics and global state. We also use ++ * a global ring buffer (ring_buffer) to keep raw samples of detected hardware ++ * induced system latencies. This function initializes these structures and ++ * allocates the global ring buffer also. ++ */ ++static int init_stats(void) ++{ ++ int ret = -ENOMEM; ++ ++ mutex_init(&data.lock); ++ init_waitqueue_head(&data.wq); ++ atomic_set(&data.sample_open, 0); ++ ++ ring_buffer = ring_buffer_alloc(buf_size, BUF_FLAGS); ++ ++ if (WARN(!ring_buffer, KERN_ERR BANNER ++ "failed to allocate ring buffer!\n")) ++ goto out; ++ ++ __reset_stats(); ++ data.threshold = threshold ?: DEFAULT_LAT_THRESHOLD; /* threshold us */ ++ data.sample_window = DEFAULT_SAMPLE_WINDOW; /* window us */ ++ data.sample_width = DEFAULT_SAMPLE_WIDTH; /* width us */ ++ ++ ret = 0; ++ ++out: ++ return ret; ++ ++} ++ ++/* ++ * simple_data_read - Wrapper read function for global state debugfs entries ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The userspace provided buffer to read value into ++ * @cnt: The maximum number of bytes to read ++ * @ppos: The current "file" position ++ * @entry: The entry to read from ++ * ++ * This function provides a generic read implementation for the global state ++ * "data" structure debugfs filesystem entries. It would be nice to use ++ * simple_attr_read directly, but we need to make sure that the data.lock ++ * is held during the actual read. ++ */ ++static ssize_t simple_data_read(struct file *filp, char __user *ubuf, ++ size_t cnt, loff_t *ppos, const u64 *entry) ++{ ++ char buf[U64STR_SIZE]; ++ u64 val = 0; ++ int len = 0; ++ ++ memset(buf, 0, sizeof(buf)); ++ ++ if (!entry) ++ return -EFAULT; ++ ++ mutex_lock(&data.lock); ++ val = *entry; ++ mutex_unlock(&data.lock); ++ ++ len = snprintf(buf, sizeof(buf), "%llu\n", (unsigned long long)val); ++ ++ return simple_read_from_buffer(ubuf, cnt, ppos, buf, len); ++ ++} ++ ++/* ++ * simple_data_write - Wrapper write function for global state debugfs entries ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The userspace provided buffer to write value from ++ * @cnt: The maximum number of bytes to write ++ * @ppos: The current "file" position ++ * @entry: The entry to write to ++ * ++ * This function provides a generic write implementation for the global state ++ * "data" structure debugfs filesystem entries. It would be nice to use ++ * simple_attr_write directly, but we need to make sure that the data.lock ++ * is held during the actual write. ++ */ ++static ssize_t simple_data_write(struct file *filp, const char __user *ubuf, ++ size_t cnt, loff_t *ppos, u64 *entry) ++{ ++ char buf[U64STR_SIZE]; ++ int csize = min(cnt, sizeof(buf)); ++ u64 val = 0; ++ int err = 0; ++ ++ memset(buf, '\0', sizeof(buf)); ++ if (copy_from_user(buf, ubuf, csize)) ++ return -EFAULT; ++ ++ buf[U64STR_SIZE-1] = '\0'; /* just in case */ ++ err = kstrtoull(buf, 10, &val); ++ if (err) ++ return -EINVAL; ++ ++ mutex_lock(&data.lock); ++ *entry = val; ++ mutex_unlock(&data.lock); ++ ++ return csize; ++} ++ ++/** ++ * debug_count_fopen - Open function for "count" debugfs entry ++ * @inode: The in-kernel inode representation of the debugfs "file" ++ * @filp: The active open file structure for the debugfs "file" ++ * ++ * This function provides an open implementation for the "count" debugfs ++ * interface to the hardware latency detector. ++ */ ++static int debug_count_fopen(struct inode *inode, struct file *filp) ++{ ++ return 0; ++} ++ ++/** ++ * debug_count_fread - Read function for "count" debugfs entry ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The userspace provided buffer to read value into ++ * @cnt: The maximum number of bytes to read ++ * @ppos: The current "file" position ++ * ++ * This function provides a read implementation for the "count" debugfs ++ * interface to the hardware latency detector. Can be used to read the ++ * number of latency readings exceeding the configured threshold since ++ * the detector was last reset (e.g. by writing a zero into "count"). ++ */ ++static ssize_t debug_count_fread(struct file *filp, char __user *ubuf, ++ size_t cnt, loff_t *ppos) ++{ ++ return simple_data_read(filp, ubuf, cnt, ppos, &data.count); ++} ++ ++/** ++ * debug_count_fwrite - Write function for "count" debugfs entry ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The user buffer that contains the value to write ++ * @cnt: The maximum number of bytes to write to "file" ++ * @ppos: The current position in the debugfs "file" ++ * ++ * This function provides a write implementation for the "count" debugfs ++ * interface to the hardware latency detector. Can be used to write a ++ * desired value, especially to zero the total count. ++ */ ++static ssize_t debug_count_fwrite(struct file *filp, ++ const char __user *ubuf, ++ size_t cnt, ++ loff_t *ppos) ++{ ++ return simple_data_write(filp, ubuf, cnt, ppos, &data.count); ++} ++ ++/** ++ * debug_enable_fopen - Dummy open function for "enable" debugfs interface ++ * @inode: The in-kernel inode representation of the debugfs "file" ++ * @filp: The active open file structure for the debugfs "file" ++ * ++ * This function provides an open implementation for the "enable" debugfs ++ * interface to the hardware latency detector. ++ */ ++static int debug_enable_fopen(struct inode *inode, struct file *filp) ++{ ++ return 0; ++} ++ ++/** ++ * debug_enable_fread - Read function for "enable" debugfs interface ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The userspace provided buffer to read value into ++ * @cnt: The maximum number of bytes to read ++ * @ppos: The current "file" position ++ * ++ * This function provides a read implementation for the "enable" debugfs ++ * interface to the hardware latency detector. Can be used to determine ++ * whether the detector is currently enabled ("0\n" or "1\n" returned). ++ */ ++static ssize_t debug_enable_fread(struct file *filp, char __user *ubuf, ++ size_t cnt, loff_t *ppos) ++{ ++ char buf[4]; ++ ++ if ((cnt < sizeof(buf)) || (*ppos)) ++ return 0; ++ ++ buf[0] = enabled ? '1' : '0'; ++ buf[1] = '\n'; ++ buf[2] = '\0'; ++ if (copy_to_user(ubuf, buf, strlen(buf))) ++ return -EFAULT; ++ return *ppos = strlen(buf); ++} ++ ++/** ++ * debug_enable_fwrite - Write function for "enable" debugfs interface ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The user buffer that contains the value to write ++ * @cnt: The maximum number of bytes to write to "file" ++ * @ppos: The current position in the debugfs "file" ++ * ++ * This function provides a write implementation for the "enable" debugfs ++ * interface to the hardware latency detector. Can be used to enable or ++ * disable the detector, which will have the side-effect of possibly ++ * also resetting the global stats and kicking off the measuring ++ * kthread (on an enable) or the converse (upon a disable). ++ */ ++static ssize_t debug_enable_fwrite(struct file *filp, ++ const char __user *ubuf, ++ size_t cnt, ++ loff_t *ppos) ++{ ++ char buf[4]; ++ int csize = min(cnt, sizeof(buf)); ++ long val = 0; ++ int err = 0; ++ ++ memset(buf, '\0', sizeof(buf)); ++ if (copy_from_user(buf, ubuf, csize)) ++ return -EFAULT; ++ ++ buf[sizeof(buf)-1] = '\0'; /* just in case */ ++ err = kstrtoul(buf, 10, &val); ++ if (0 != err) ++ return -EINVAL; ++ ++ if (val) { ++ if (enabled) ++ goto unlock; ++ enabled = 1; ++ __reset_stats(); ++ if (start_kthread()) ++ return -EFAULT; ++ } else { ++ if (!enabled) ++ goto unlock; ++ enabled = 0; ++ err = stop_kthread(); ++ if (err) { ++ pr_err(BANNER "cannot stop kthread\n"); ++ return -EFAULT; ++ } ++ wake_up(&data.wq); /* reader(s) should return */ ++ } ++unlock: ++ return csize; ++} ++ ++/** ++ * debug_max_fopen - Open function for "max" debugfs entry ++ * @inode: The in-kernel inode representation of the debugfs "file" ++ * @filp: The active open file structure for the debugfs "file" ++ * ++ * This function provides an open implementation for the "max" debugfs ++ * interface to the hardware latency detector. ++ */ ++static int debug_max_fopen(struct inode *inode, struct file *filp) ++{ ++ return 0; ++} ++ ++/** ++ * debug_max_fread - Read function for "max" debugfs entry ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The userspace provided buffer to read value into ++ * @cnt: The maximum number of bytes to read ++ * @ppos: The current "file" position ++ * ++ * This function provides a read implementation for the "max" debugfs ++ * interface to the hardware latency detector. Can be used to determine ++ * the maximum latency value observed since it was last reset. ++ */ ++static ssize_t debug_max_fread(struct file *filp, char __user *ubuf, ++ size_t cnt, loff_t *ppos) ++{ ++ return simple_data_read(filp, ubuf, cnt, ppos, &data.max_sample); ++} ++ ++/** ++ * debug_max_fwrite - Write function for "max" debugfs entry ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The user buffer that contains the value to write ++ * @cnt: The maximum number of bytes to write to "file" ++ * @ppos: The current position in the debugfs "file" ++ * ++ * This function provides a write implementation for the "max" debugfs ++ * interface to the hardware latency detector. Can be used to reset the ++ * maximum or set it to some other desired value - if, then, subsequent ++ * measurements exceed this value, the maximum will be updated. ++ */ ++static ssize_t debug_max_fwrite(struct file *filp, ++ const char __user *ubuf, ++ size_t cnt, ++ loff_t *ppos) ++{ ++ return simple_data_write(filp, ubuf, cnt, ppos, &data.max_sample); ++} ++ ++ ++/** ++ * debug_sample_fopen - An open function for "sample" debugfs interface ++ * @inode: The in-kernel inode representation of this debugfs "file" ++ * @filp: The active open file structure for the debugfs "file" ++ * ++ * This function handles opening the "sample" file within the hardware ++ * latency detector debugfs directory interface. This file is used to read ++ * raw samples from the global ring_buffer and allows the user to see a ++ * running latency history. Can be opened blocking or non-blocking, ++ * affecting whether it behaves as a buffer read pipe, or does not. ++ * Implements simple locking to prevent multiple simultaneous use. ++ */ ++static int debug_sample_fopen(struct inode *inode, struct file *filp) ++{ ++ if (!atomic_add_unless(&data.sample_open, 1, 1)) ++ return -EBUSY; ++ else ++ return 0; ++} ++ ++/** ++ * debug_sample_fread - A read function for "sample" debugfs interface ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The user buffer that will contain the samples read ++ * @cnt: The maximum bytes to read from the debugfs "file" ++ * @ppos: The current position in the debugfs "file" ++ * ++ * This function handles reading from the "sample" file within the hardware ++ * latency detector debugfs directory interface. This file is used to read ++ * raw samples from the global ring_buffer and allows the user to see a ++ * running latency history. By default this will block pending a new ++ * value written into the sample buffer, unless there are already a ++ * number of value(s) waiting in the buffer, or the sample file was ++ * previously opened in a non-blocking mode of operation. ++ */ ++static ssize_t debug_sample_fread(struct file *filp, char __user *ubuf, ++ size_t cnt, loff_t *ppos) ++{ ++ int len = 0; ++ char buf[64]; ++ struct sample *sample = NULL; ++ ++ if (!enabled) ++ return 0; ++ ++ sample = kzalloc(sizeof(struct sample), GFP_KERNEL); ++ if (!sample) ++ return -ENOMEM; ++ ++ while (!buffer_get_sample(sample)) { ++ ++ DEFINE_WAIT(wait); ++ ++ if (filp->f_flags & O_NONBLOCK) { ++ len = -EAGAIN; ++ goto out; ++ } ++ ++ prepare_to_wait(&data.wq, &wait, TASK_INTERRUPTIBLE); ++ schedule(); ++ finish_wait(&data.wq, &wait); ++ ++ if (signal_pending(current)) { ++ len = -EINTR; ++ goto out; ++ } ++ ++ if (!enabled) { /* enable was toggled */ ++ len = 0; ++ goto out; ++ } ++ } ++ ++ len = snprintf(buf, sizeof(buf), "%010lu.%010lu\t%llu\t%llu\n", ++ sample->timestamp.tv_sec, ++ sample->timestamp.tv_nsec, ++ sample->duration, ++ sample->outer_duration); ++ ++ ++ /* handling partial reads is more trouble than it's worth */ ++ if (len > cnt) ++ goto out; ++ ++ if (copy_to_user(ubuf, buf, len)) ++ len = -EFAULT; ++ ++out: ++ kfree(sample); ++ return len; ++} ++ ++/** ++ * debug_sample_release - Release function for "sample" debugfs interface ++ * @inode: The in-kernel inode represenation of the debugfs "file" ++ * @filp: The active open file structure for the debugfs "file" ++ * ++ * This function completes the close of the debugfs interface "sample" file. ++ * Frees the sample_open "lock" so that other users may open the interface. ++ */ ++static int debug_sample_release(struct inode *inode, struct file *filp) ++{ ++ atomic_dec(&data.sample_open); ++ ++ return 0; ++} ++ ++/** ++ * debug_threshold_fopen - Open function for "threshold" debugfs entry ++ * @inode: The in-kernel inode representation of the debugfs "file" ++ * @filp: The active open file structure for the debugfs "file" ++ * ++ * This function provides an open implementation for the "threshold" debugfs ++ * interface to the hardware latency detector. ++ */ ++static int debug_threshold_fopen(struct inode *inode, struct file *filp) ++{ ++ return 0; ++} ++ ++/** ++ * debug_threshold_fread - Read function for "threshold" debugfs entry ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The userspace provided buffer to read value into ++ * @cnt: The maximum number of bytes to read ++ * @ppos: The current "file" position ++ * ++ * This function provides a read implementation for the "threshold" debugfs ++ * interface to the hardware latency detector. It can be used to determine ++ * the current threshold level at which a latency will be recorded in the ++ * global ring buffer, typically on the order of 10us. ++ */ ++static ssize_t debug_threshold_fread(struct file *filp, char __user *ubuf, ++ size_t cnt, loff_t *ppos) ++{ ++ return simple_data_read(filp, ubuf, cnt, ppos, &data.threshold); ++} ++ ++/** ++ * debug_threshold_fwrite - Write function for "threshold" debugfs entry ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The user buffer that contains the value to write ++ * @cnt: The maximum number of bytes to write to "file" ++ * @ppos: The current position in the debugfs "file" ++ * ++ * This function provides a write implementation for the "threshold" debugfs ++ * interface to the hardware latency detector. It can be used to configure ++ * the threshold level at which any subsequently detected latencies will ++ * be recorded into the global ring buffer. ++ */ ++static ssize_t debug_threshold_fwrite(struct file *filp, ++ const char __user *ubuf, ++ size_t cnt, ++ loff_t *ppos) ++{ ++ int ret; ++ ++ ret = simple_data_write(filp, ubuf, cnt, ppos, &data.threshold); ++ ++ if (enabled) ++ wake_up_process(kthread); ++ ++ return ret; ++} ++ ++/** ++ * debug_width_fopen - Open function for "width" debugfs entry ++ * @inode: The in-kernel inode representation of the debugfs "file" ++ * @filp: The active open file structure for the debugfs "file" ++ * ++ * This function provides an open implementation for the "width" debugfs ++ * interface to the hardware latency detector. ++ */ ++static int debug_width_fopen(struct inode *inode, struct file *filp) ++{ ++ return 0; ++} ++ ++/** ++ * debug_width_fread - Read function for "width" debugfs entry ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The userspace provided buffer to read value into ++ * @cnt: The maximum number of bytes to read ++ * @ppos: The current "file" position ++ * ++ * This function provides a read implementation for the "width" debugfs ++ * interface to the hardware latency detector. It can be used to determine ++ * for how many us of the total window us we will actively sample for any ++ * hardware-induced latecy periods. Obviously, it is not possible to ++ * sample constantly and have the system respond to a sample reader, or, ++ * worse, without having the system appear to have gone out to lunch. ++ */ ++static ssize_t debug_width_fread(struct file *filp, char __user *ubuf, ++ size_t cnt, loff_t *ppos) ++{ ++ return simple_data_read(filp, ubuf, cnt, ppos, &data.sample_width); ++} ++ ++/** ++ * debug_width_fwrite - Write function for "width" debugfs entry ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The user buffer that contains the value to write ++ * @cnt: The maximum number of bytes to write to "file" ++ * @ppos: The current position in the debugfs "file" ++ * ++ * This function provides a write implementation for the "width" debugfs ++ * interface to the hardware latency detector. It can be used to configure ++ * for how many us of the total window us we will actively sample for any ++ * hardware-induced latency periods. Obviously, it is not possible to ++ * sample constantly and have the system respond to a sample reader, or, ++ * worse, without having the system appear to have gone out to lunch. It ++ * is enforced that width is less that the total window size. ++ */ ++static ssize_t debug_width_fwrite(struct file *filp, ++ const char __user *ubuf, ++ size_t cnt, ++ loff_t *ppos) ++{ ++ char buf[U64STR_SIZE]; ++ int csize = min(cnt, sizeof(buf)); ++ u64 val = 0; ++ int err = 0; ++ ++ memset(buf, '\0', sizeof(buf)); ++ if (copy_from_user(buf, ubuf, csize)) ++ return -EFAULT; ++ ++ buf[U64STR_SIZE-1] = '\0'; /* just in case */ ++ err = kstrtoull(buf, 10, &val); ++ if (0 != err) ++ return -EINVAL; ++ ++ mutex_lock(&data.lock); ++ if (val < data.sample_window) ++ data.sample_width = val; ++ else { ++ mutex_unlock(&data.lock); ++ return -EINVAL; ++ } ++ mutex_unlock(&data.lock); ++ ++ if (enabled) ++ wake_up_process(kthread); ++ ++ return csize; ++} ++ ++/** ++ * debug_window_fopen - Open function for "window" debugfs entry ++ * @inode: The in-kernel inode representation of the debugfs "file" ++ * @filp: The active open file structure for the debugfs "file" ++ * ++ * This function provides an open implementation for the "window" debugfs ++ * interface to the hardware latency detector. The window is the total time ++ * in us that will be considered one sample period. Conceptually, windows ++ * occur back-to-back and contain a sample width period during which ++ * actual sampling occurs. ++ */ ++static int debug_window_fopen(struct inode *inode, struct file *filp) ++{ ++ return 0; ++} ++ ++/** ++ * debug_window_fread - Read function for "window" debugfs entry ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The userspace provided buffer to read value into ++ * @cnt: The maximum number of bytes to read ++ * @ppos: The current "file" position ++ * ++ * This function provides a read implementation for the "window" debugfs ++ * interface to the hardware latency detector. The window is the total time ++ * in us that will be considered one sample period. Conceptually, windows ++ * occur back-to-back and contain a sample width period during which ++ * actual sampling occurs. Can be used to read the total window size. ++ */ ++static ssize_t debug_window_fread(struct file *filp, char __user *ubuf, ++ size_t cnt, loff_t *ppos) ++{ ++ return simple_data_read(filp, ubuf, cnt, ppos, &data.sample_window); ++} ++ ++/** ++ * debug_window_fwrite - Write function for "window" debugfs entry ++ * @filp: The active open file structure for the debugfs "file" ++ * @ubuf: The user buffer that contains the value to write ++ * @cnt: The maximum number of bytes to write to "file" ++ * @ppos: The current position in the debugfs "file" ++ * ++ * This function provides a write implementation for the "window" debufds ++ * interface to the hardware latency detetector. The window is the total time ++ * in us that will be considered one sample period. Conceptually, windows ++ * occur back-to-back and contain a sample width period during which ++ * actual sampling occurs. Can be used to write a new total window size. It ++ * is enfoced that any value written must be greater than the sample width ++ * size, or an error results. ++ */ ++static ssize_t debug_window_fwrite(struct file *filp, ++ const char __user *ubuf, ++ size_t cnt, ++ loff_t *ppos) ++{ ++ char buf[U64STR_SIZE]; ++ int csize = min(cnt, sizeof(buf)); ++ u64 val = 0; ++ int err = 0; ++ ++ memset(buf, '\0', sizeof(buf)); ++ if (copy_from_user(buf, ubuf, csize)) ++ return -EFAULT; ++ ++ buf[U64STR_SIZE-1] = '\0'; /* just in case */ ++ err = kstrtoull(buf, 10, &val); ++ if (0 != err) ++ return -EINVAL; ++ ++ mutex_lock(&data.lock); ++ if (data.sample_width < val) ++ data.sample_window = val; ++ else { ++ mutex_unlock(&data.lock); ++ return -EINVAL; ++ } ++ mutex_unlock(&data.lock); ++ ++ return csize; ++} ++ ++/* ++ * Function pointers for the "count" debugfs file operations ++ */ ++static const struct file_operations count_fops = { ++ .open = debug_count_fopen, ++ .read = debug_count_fread, ++ .write = debug_count_fwrite, ++ .owner = THIS_MODULE, ++}; ++ ++/* ++ * Function pointers for the "enable" debugfs file operations ++ */ ++static const struct file_operations enable_fops = { ++ .open = debug_enable_fopen, ++ .read = debug_enable_fread, ++ .write = debug_enable_fwrite, ++ .owner = THIS_MODULE, ++}; ++ ++/* ++ * Function pointers for the "max" debugfs file operations ++ */ ++static const struct file_operations max_fops = { ++ .open = debug_max_fopen, ++ .read = debug_max_fread, ++ .write = debug_max_fwrite, ++ .owner = THIS_MODULE, ++}; ++ ++/* ++ * Function pointers for the "sample" debugfs file operations ++ */ ++static const struct file_operations sample_fops = { ++ .open = debug_sample_fopen, ++ .read = debug_sample_fread, ++ .release = debug_sample_release, ++ .owner = THIS_MODULE, ++}; ++ ++/* ++ * Function pointers for the "threshold" debugfs file operations ++ */ ++static const struct file_operations threshold_fops = { ++ .open = debug_threshold_fopen, ++ .read = debug_threshold_fread, ++ .write = debug_threshold_fwrite, ++ .owner = THIS_MODULE, ++}; ++ ++/* ++ * Function pointers for the "width" debugfs file operations ++ */ ++static const struct file_operations width_fops = { ++ .open = debug_width_fopen, ++ .read = debug_width_fread, ++ .write = debug_width_fwrite, ++ .owner = THIS_MODULE, ++}; ++ ++/* ++ * Function pointers for the "window" debugfs file operations ++ */ ++static const struct file_operations window_fops = { ++ .open = debug_window_fopen, ++ .read = debug_window_fread, ++ .write = debug_window_fwrite, ++ .owner = THIS_MODULE, ++}; ++ ++/** ++ * init_debugfs - A function to initialize the debugfs interface files ++ * ++ * This function creates entries in debugfs for "hwlat_detector", including ++ * files to read values from the detector, current samples, and the ++ * maximum sample that has been captured since the hardware latency ++ * dectector was started. ++ */ ++static int init_debugfs(void) ++{ ++ int ret = -ENOMEM; ++ ++ debug_dir = debugfs_create_dir(DRVNAME, NULL); ++ if (!debug_dir) ++ goto err_debug_dir; ++ ++ debug_sample = debugfs_create_file("sample", 0444, ++ debug_dir, NULL, ++ &sample_fops); ++ if (!debug_sample) ++ goto err_sample; ++ ++ debug_count = debugfs_create_file("count", 0444, ++ debug_dir, NULL, ++ &count_fops); ++ if (!debug_count) ++ goto err_count; ++ ++ debug_max = debugfs_create_file("max", 0444, ++ debug_dir, NULL, ++ &max_fops); ++ if (!debug_max) ++ goto err_max; ++ ++ debug_sample_window = debugfs_create_file("window", 0644, ++ debug_dir, NULL, ++ &window_fops); ++ if (!debug_sample_window) ++ goto err_window; ++ ++ debug_sample_width = debugfs_create_file("width", 0644, ++ debug_dir, NULL, ++ &width_fops); ++ if (!debug_sample_width) ++ goto err_width; ++ ++ debug_threshold = debugfs_create_file("threshold", 0644, ++ debug_dir, NULL, ++ &threshold_fops); ++ if (!debug_threshold) ++ goto err_threshold; ++ ++ debug_enable = debugfs_create_file("enable", 0644, ++ debug_dir, &enabled, ++ &enable_fops); ++ if (!debug_enable) ++ goto err_enable; ++ ++ else { ++ ret = 0; ++ goto out; ++ } ++ ++err_enable: ++ debugfs_remove(debug_threshold); ++err_threshold: ++ debugfs_remove(debug_sample_width); ++err_width: ++ debugfs_remove(debug_sample_window); ++err_window: ++ debugfs_remove(debug_max); ++err_max: ++ debugfs_remove(debug_count); ++err_count: ++ debugfs_remove(debug_sample); ++err_sample: ++ debugfs_remove(debug_dir); ++err_debug_dir: ++out: ++ return ret; ++} ++ ++/** ++ * free_debugfs - A function to cleanup the debugfs file interface ++ */ ++static void free_debugfs(void) ++{ ++ /* could also use a debugfs_remove_recursive */ ++ debugfs_remove(debug_enable); ++ debugfs_remove(debug_threshold); ++ debugfs_remove(debug_sample_width); ++ debugfs_remove(debug_sample_window); ++ debugfs_remove(debug_max); ++ debugfs_remove(debug_count); ++ debugfs_remove(debug_sample); ++ debugfs_remove(debug_dir); ++} ++ ++/** ++ * detector_init - Standard module initialization code ++ */ ++static int detector_init(void) ++{ ++ int ret = -ENOMEM; ++ ++ pr_info(BANNER "version %s\n", VERSION); ++ ++ ret = init_stats(); ++ if (0 != ret) ++ goto out; ++ ++ ret = init_debugfs(); ++ if (0 != ret) ++ goto err_stats; ++ ++ if (enabled) ++ ret = start_kthread(); ++ ++ goto out; ++ ++err_stats: ++ ring_buffer_free(ring_buffer); ++out: ++ return ret; ++ ++} ++ ++/** ++ * detector_exit - Standard module cleanup code ++ */ ++static void detector_exit(void) ++{ ++ int err; ++ ++ if (enabled) { ++ enabled = 0; ++ err = stop_kthread(); ++ if (err) ++ pr_err(BANNER "cannot stop kthread\n"); ++ } ++ ++ free_debugfs(); ++ ring_buffer_free(ring_buffer); /* free up the ring buffer */ ++ ++} ++ ++module_init(detector_init); ++module_exit(detector_exit); +diff -Nur linux-3.18.9.orig/drivers/misc/Kconfig linux-3.18.9/drivers/misc/Kconfig +--- linux-3.18.9.orig/drivers/misc/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/misc/Kconfig 2015-03-15 16:03:03.724094875 -0500 +@@ -54,6 +54,7 @@ + config ATMEL_TCLIB + bool "Atmel AT32/AT91 Timer/Counter Library" + depends on (AVR32 || ARCH_AT91) ++ default y if PREEMPT_RT_FULL + help + Select this if you want a library to allocate the Timer/Counter + blocks found on many Atmel processors. This facilitates using +@@ -69,8 +70,7 @@ + are combined to make a single 32-bit timer. + + When GENERIC_CLOCKEVENTS is defined, the third timer channel +- may be used as a clock event device supporting oneshot mode +- (delays of up to two seconds) based on the 32 KiHz clock. ++ may be used as a clock event device supporting oneshot mode. + + config ATMEL_TCB_CLKSRC_BLOCK + int +@@ -84,6 +84,15 @@ + TC can be used for other purposes, such as PWM generation and + interval timing. + ++config ATMEL_TCB_CLKSRC_USE_SLOW_CLOCK ++ bool "TC Block use 32 KiHz clock" ++ depends on ATMEL_TCB_CLKSRC ++ default y if !PREEMPT_RT_FULL ++ help ++ Select this to use 32 KiHz base clock rate as TC block clock ++ source for clock events. ++ ++ + config DUMMY_IRQ + tristate "Dummy IRQ handler" + default n +@@ -113,6 +122,35 @@ + for information on the specific driver level and support statement + for your IBM server. + ++config HWLAT_DETECTOR ++ tristate "Testing module to detect hardware-induced latencies" ++ depends on DEBUG_FS ++ depends on RING_BUFFER ++ default m ++ ---help--- ++ A simple hardware latency detector. Use this module to detect ++ large latencies introduced by the behavior of the underlying ++ system firmware external to Linux. We do this using periodic ++ use of stop_machine to grab all available CPUs and measure ++ for unexplainable gaps in the CPU timestamp counter(s). By ++ default, the module is not enabled until the "enable" file ++ within the "hwlat_detector" debugfs directory is toggled. ++ ++ This module is often used to detect SMI (System Management ++ Interrupts) on x86 systems, though is not x86 specific. To ++ this end, we default to using a sample window of 1 second, ++ during which we will sample for 0.5 seconds. If an SMI or ++ similar event occurs during that time, it is recorded ++ into an 8K samples global ring buffer until retreived. ++ ++ WARNING: This software should never be enabled (it can be built ++ but should not be turned on after it is loaded) in a production ++ environment where high latencies are a concern since the ++ sampling mechanism actually introduces latencies for ++ regular tasks while the CPU(s) are being held. ++ ++ If unsure, say N ++ + config PHANTOM + tristate "Sensable PHANToM (PCI)" + depends on PCI +diff -Nur linux-3.18.9.orig/drivers/misc/Makefile linux-3.18.9/drivers/misc/Makefile +--- linux-3.18.9.orig/drivers/misc/Makefile 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/misc/Makefile 2015-03-15 16:03:03.724094875 -0500 +@@ -38,6 +38,7 @@ + obj-$(CONFIG_HMC6352) += hmc6352.o + obj-y += eeprom/ + obj-y += cb710/ ++obj-$(CONFIG_HWLAT_DETECTOR) += hwlat_detector.o + obj-$(CONFIG_SPEAR13XX_PCIE_GADGET) += spear13xx_pcie_gadget.o + obj-$(CONFIG_VMWARE_BALLOON) += vmw_balloon.o + obj-$(CONFIG_ARM_CHARLCD) += arm-charlcd.o +diff -Nur linux-3.18.9.orig/drivers/mmc/host/mmci.c linux-3.18.9/drivers/mmc/host/mmci.c +--- linux-3.18.9.orig/drivers/mmc/host/mmci.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/mmc/host/mmci.c 2015-03-15 16:03:03.732094876 -0500 +@@ -1153,15 +1153,12 @@ + struct sg_mapping_iter *sg_miter = &host->sg_miter; + struct variant_data *variant = host->variant; + void __iomem *base = host->base; +- unsigned long flags; + u32 status; + + status = readl(base + MMCISTATUS); + + dev_dbg(mmc_dev(host->mmc), "irq1 (pio) %08x\n", status); + +- local_irq_save(flags); +- + do { + unsigned int remain, len; + char *buffer; +@@ -1201,8 +1198,6 @@ + + sg_miter_stop(sg_miter); + +- local_irq_restore(flags); +- + /* + * If we have less than the fifo 'half-full' threshold to transfer, + * trigger a PIO interrupt as soon as any data is available. +diff -Nur linux-3.18.9.orig/drivers/net/ethernet/3com/3c59x.c linux-3.18.9/drivers/net/ethernet/3com/3c59x.c +--- linux-3.18.9.orig/drivers/net/ethernet/3com/3c59x.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/net/ethernet/3com/3c59x.c 2015-03-15 16:03:03.732094876 -0500 +@@ -842,9 +842,9 @@ + { + struct vortex_private *vp = netdev_priv(dev); + unsigned long flags; +- local_irq_save(flags); ++ local_irq_save_nort(flags); + (vp->full_bus_master_rx ? boomerang_interrupt:vortex_interrupt)(dev->irq,dev); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + } + #endif + +@@ -1916,12 +1916,12 @@ + * Block interrupts because vortex_interrupt does a bare spin_lock() + */ + unsigned long flags; +- local_irq_save(flags); ++ local_irq_save_nort(flags); + if (vp->full_bus_master_tx) + boomerang_interrupt(dev->irq, dev); + else + vortex_interrupt(dev->irq, dev); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + } + } + +diff -Nur linux-3.18.9.orig/drivers/net/ethernet/atheros/atl1c/atl1c_main.c linux-3.18.9/drivers/net/ethernet/atheros/atl1c/atl1c_main.c +--- linux-3.18.9.orig/drivers/net/ethernet/atheros/atl1c/atl1c_main.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/net/ethernet/atheros/atl1c/atl1c_main.c 2015-03-15 16:03:03.732094876 -0500 +@@ -2213,11 +2213,7 @@ + } + + tpd_req = atl1c_cal_tpd_req(skb); +- if (!spin_trylock_irqsave(&adapter->tx_lock, flags)) { +- if (netif_msg_pktdata(adapter)) +- dev_info(&adapter->pdev->dev, "tx locked\n"); +- return NETDEV_TX_LOCKED; +- } ++ spin_lock_irqsave(&adapter->tx_lock, flags); + + if (atl1c_tpd_avail(adapter, type) < tpd_req) { + /* no enough descriptor, just stop queue */ +diff -Nur linux-3.18.9.orig/drivers/net/ethernet/atheros/atl1e/atl1e_main.c linux-3.18.9/drivers/net/ethernet/atheros/atl1e/atl1e_main.c +--- linux-3.18.9.orig/drivers/net/ethernet/atheros/atl1e/atl1e_main.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/net/ethernet/atheros/atl1e/atl1e_main.c 2015-03-15 16:03:03.732094876 -0500 +@@ -1880,8 +1880,7 @@ + return NETDEV_TX_OK; + } + tpd_req = atl1e_cal_tdp_req(skb); +- if (!spin_trylock_irqsave(&adapter->tx_lock, flags)) +- return NETDEV_TX_LOCKED; ++ spin_lock_irqsave(&adapter->tx_lock, flags); + + if (atl1e_tpd_avail(adapter) < tpd_req) { + /* no enough descriptor, just stop queue */ +diff -Nur linux-3.18.9.orig/drivers/net/ethernet/chelsio/cxgb/sge.c linux-3.18.9/drivers/net/ethernet/chelsio/cxgb/sge.c +--- linux-3.18.9.orig/drivers/net/ethernet/chelsio/cxgb/sge.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/net/ethernet/chelsio/cxgb/sge.c 2015-03-15 16:03:03.732094876 -0500 +@@ -1663,8 +1663,7 @@ + struct cmdQ *q = &sge->cmdQ[qid]; + unsigned int credits, pidx, genbit, count, use_sched_skb = 0; + +- if (!spin_trylock(&q->lock)) +- return NETDEV_TX_LOCKED; ++ spin_lock(&q->lock); + + reclaim_completed_tx(sge, q); + +diff -Nur linux-3.18.9.orig/drivers/net/ethernet/freescale/gianfar.c linux-3.18.9/drivers/net/ethernet/freescale/gianfar.c +--- linux-3.18.9.orig/drivers/net/ethernet/freescale/gianfar.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/net/ethernet/freescale/gianfar.c 2015-03-15 16:03:03.732094876 -0500 +@@ -1483,7 +1483,7 @@ + + if (netif_running(ndev)) { + +- local_irq_save(flags); ++ local_irq_save_nort(flags); + lock_tx_qs(priv); + + gfar_halt_nodisable(priv); +@@ -1499,7 +1499,7 @@ + gfar_write(®s->maccfg1, tempval); + + unlock_tx_qs(priv); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + + disable_napi(priv); + +@@ -1541,7 +1541,7 @@ + /* Disable Magic Packet mode, in case something + * else woke us up. + */ +- local_irq_save(flags); ++ local_irq_save_nort(flags); + lock_tx_qs(priv); + + tempval = gfar_read(®s->maccfg2); +@@ -1551,7 +1551,7 @@ + gfar_start(priv); + + unlock_tx_qs(priv); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + + netif_device_attach(ndev); + +@@ -3307,14 +3307,14 @@ + dev->stats.tx_dropped++; + atomic64_inc(&priv->extra_stats.tx_underrun); + +- local_irq_save(flags); ++ local_irq_save_nort(flags); + lock_tx_qs(priv); + + /* Reactivate the Tx Queues */ + gfar_write(®s->tstat, gfargrp->tstat); + + unlock_tx_qs(priv); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + } + netif_dbg(priv, tx_err, dev, "Transmit Error\n"); + } +diff -Nur linux-3.18.9.orig/drivers/net/ethernet/neterion/s2io.c linux-3.18.9/drivers/net/ethernet/neterion/s2io.c +--- linux-3.18.9.orig/drivers/net/ethernet/neterion/s2io.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/net/ethernet/neterion/s2io.c 2015-03-15 16:03:03.736094876 -0500 +@@ -4084,12 +4084,7 @@ + [skb->priority & (MAX_TX_FIFOS - 1)]; + fifo = &mac_control->fifos[queue]; + +- if (do_spin_lock) +- spin_lock_irqsave(&fifo->tx_lock, flags); +- else { +- if (unlikely(!spin_trylock_irqsave(&fifo->tx_lock, flags))) +- return NETDEV_TX_LOCKED; +- } ++ spin_lock_irqsave(&fifo->tx_lock, flags); + + if (sp->config.multiq) { + if (__netif_subqueue_stopped(dev, fifo->fifo_no)) { +diff -Nur linux-3.18.9.orig/drivers/net/ethernet/oki-semi/pch_gbe/pch_gbe_main.c linux-3.18.9/drivers/net/ethernet/oki-semi/pch_gbe/pch_gbe_main.c +--- linux-3.18.9.orig/drivers/net/ethernet/oki-semi/pch_gbe/pch_gbe_main.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/net/ethernet/oki-semi/pch_gbe/pch_gbe_main.c 2015-03-15 16:03:03.736094876 -0500 +@@ -2137,10 +2137,8 @@ + struct pch_gbe_tx_ring *tx_ring = adapter->tx_ring; + unsigned long flags; + +- if (!spin_trylock_irqsave(&tx_ring->tx_lock, flags)) { +- /* Collision - tell upper layer to requeue */ +- return NETDEV_TX_LOCKED; +- } ++ spin_lock_irqsave(&tx_ring->tx_lock, flags); ++ + if (unlikely(!PCH_GBE_DESC_UNUSED(tx_ring))) { + netif_stop_queue(netdev); + spin_unlock_irqrestore(&tx_ring->tx_lock, flags); +diff -Nur linux-3.18.9.orig/drivers/net/ethernet/realtek/8139too.c linux-3.18.9/drivers/net/ethernet/realtek/8139too.c +--- linux-3.18.9.orig/drivers/net/ethernet/realtek/8139too.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/net/ethernet/realtek/8139too.c 2015-03-15 16:03:03.736094876 -0500 +@@ -2215,7 +2215,7 @@ + struct rtl8139_private *tp = netdev_priv(dev); + const int irq = tp->pci_dev->irq; + +- disable_irq(irq); ++ disable_irq_nosync(irq); + rtl8139_interrupt(irq, dev); + enable_irq(irq); + } +diff -Nur linux-3.18.9.orig/drivers/net/ethernet/tehuti/tehuti.c linux-3.18.9/drivers/net/ethernet/tehuti/tehuti.c +--- linux-3.18.9.orig/drivers/net/ethernet/tehuti/tehuti.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/net/ethernet/tehuti/tehuti.c 2015-03-15 16:03:03.744094876 -0500 +@@ -1629,13 +1629,8 @@ + unsigned long flags; + + ENTER; +- local_irq_save(flags); +- if (!spin_trylock(&priv->tx_lock)) { +- local_irq_restore(flags); +- DBG("%s[%s]: TX locked, returning NETDEV_TX_LOCKED\n", +- BDX_DRV_NAME, ndev->name); +- return NETDEV_TX_LOCKED; +- } ++ ++ spin_lock_irqsave(&priv->tx_lock, flags); + + /* build tx descriptor */ + BDX_ASSERT(f->m.wptr >= f->m.memsz); /* started with valid wptr */ +diff -Nur linux-3.18.9.orig/drivers/net/rionet.c linux-3.18.9/drivers/net/rionet.c +--- linux-3.18.9.orig/drivers/net/rionet.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/net/rionet.c 2015-03-15 16:03:03.744094876 -0500 +@@ -174,11 +174,7 @@ + unsigned long flags; + int add_num = 1; + +- local_irq_save(flags); +- if (!spin_trylock(&rnet->tx_lock)) { +- local_irq_restore(flags); +- return NETDEV_TX_LOCKED; +- } ++ spin_lock_irqsave(&rnet->tx_lock, flags); + + if (is_multicast_ether_addr(eth->h_dest)) + add_num = nets[rnet->mport->id].nact; +diff -Nur linux-3.18.9.orig/drivers/net/wireless/orinoco/orinoco_usb.c linux-3.18.9/drivers/net/wireless/orinoco/orinoco_usb.c +--- linux-3.18.9.orig/drivers/net/wireless/orinoco/orinoco_usb.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/net/wireless/orinoco/orinoco_usb.c 2015-03-15 16:03:03.744094876 -0500 +@@ -699,7 +699,7 @@ + while (!ctx->done.done && msecs--) + udelay(1000); + } else { +- wait_event_interruptible(ctx->done.wait, ++ swait_event_interruptible(ctx->done.wait, + ctx->done.done); + } + break; +diff -Nur linux-3.18.9.orig/drivers/pci/access.c linux-3.18.9/drivers/pci/access.c +--- linux-3.18.9.orig/drivers/pci/access.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/pci/access.c 2015-03-15 16:03:03.744094876 -0500 +@@ -434,7 +434,7 @@ + WARN_ON(!dev->block_cfg_access); + + dev->block_cfg_access = 0; +- wake_up_all(&pci_cfg_wait); ++ wake_up_all_locked(&pci_cfg_wait); + raw_spin_unlock_irqrestore(&pci_lock, flags); + } + EXPORT_SYMBOL_GPL(pci_cfg_access_unlock); +diff -Nur linux-3.18.9.orig/drivers/scsi/fcoe/fcoe.c linux-3.18.9/drivers/scsi/fcoe/fcoe.c +--- linux-3.18.9.orig/drivers/scsi/fcoe/fcoe.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/scsi/fcoe/fcoe.c 2015-03-15 16:03:03.744094876 -0500 +@@ -1286,7 +1286,7 @@ + struct sk_buff *skb; + #ifdef CONFIG_SMP + struct fcoe_percpu_s *p0; +- unsigned targ_cpu = get_cpu(); ++ unsigned targ_cpu = get_cpu_light(); + #endif /* CONFIG_SMP */ + + FCOE_DBG("Destroying receive thread for CPU %d\n", cpu); +@@ -1342,7 +1342,7 @@ + kfree_skb(skb); + spin_unlock_bh(&p->fcoe_rx_list.lock); + } +- put_cpu(); ++ put_cpu_light(); + #else + /* + * This a non-SMP scenario where the singular Rx thread is +@@ -1566,11 +1566,11 @@ + static int fcoe_alloc_paged_crc_eof(struct sk_buff *skb, int tlen) + { + struct fcoe_percpu_s *fps; +- int rc; ++ int rc, cpu = get_cpu_light(); + +- fps = &get_cpu_var(fcoe_percpu); ++ fps = &per_cpu(fcoe_percpu, cpu); + rc = fcoe_get_paged_crc_eof(skb, tlen, fps); +- put_cpu_var(fcoe_percpu); ++ put_cpu_light(); + + return rc; + } +@@ -1768,11 +1768,11 @@ + return 0; + } + +- stats = per_cpu_ptr(lport->stats, get_cpu()); ++ stats = per_cpu_ptr(lport->stats, get_cpu_light()); + stats->InvalidCRCCount++; + if (stats->InvalidCRCCount < 5) + printk(KERN_WARNING "fcoe: dropping frame with CRC error\n"); +- put_cpu(); ++ put_cpu_light(); + return -EINVAL; + } + +@@ -1848,13 +1848,13 @@ + goto drop; + + if (!fcoe_filter_frames(lport, fp)) { +- put_cpu(); ++ put_cpu_light(); + fc_exch_recv(lport, fp); + return; + } + drop: + stats->ErrorFrames++; +- put_cpu(); ++ put_cpu_light(); + kfree_skb(skb); + } + +diff -Nur linux-3.18.9.orig/drivers/scsi/fcoe/fcoe_ctlr.c linux-3.18.9/drivers/scsi/fcoe/fcoe_ctlr.c +--- linux-3.18.9.orig/drivers/scsi/fcoe/fcoe_ctlr.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/scsi/fcoe/fcoe_ctlr.c 2015-03-15 16:03:03.744094876 -0500 +@@ -831,7 +831,7 @@ + + INIT_LIST_HEAD(&del_list); + +- stats = per_cpu_ptr(fip->lp->stats, get_cpu()); ++ stats = per_cpu_ptr(fip->lp->stats, get_cpu_light()); + + list_for_each_entry_safe(fcf, next, &fip->fcfs, list) { + deadline = fcf->time + fcf->fka_period + fcf->fka_period / 2; +@@ -867,7 +867,7 @@ + sel_time = fcf->time; + } + } +- put_cpu(); ++ put_cpu_light(); + + list_for_each_entry_safe(fcf, next, &del_list, list) { + /* Removes fcf from current list */ +diff -Nur linux-3.18.9.orig/drivers/scsi/libfc/fc_exch.c linux-3.18.9/drivers/scsi/libfc/fc_exch.c +--- linux-3.18.9.orig/drivers/scsi/libfc/fc_exch.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/scsi/libfc/fc_exch.c 2015-03-15 16:03:03.744094876 -0500 +@@ -816,10 +816,10 @@ + } + memset(ep, 0, sizeof(*ep)); + +- cpu = get_cpu(); ++ cpu = get_cpu_light(); + pool = per_cpu_ptr(mp->pool, cpu); + spin_lock_bh(&pool->lock); +- put_cpu(); ++ put_cpu_light(); + + /* peek cache of free slot */ + if (pool->left != FC_XID_UNKNOWN) { +diff -Nur linux-3.18.9.orig/drivers/scsi/libsas/sas_ata.c linux-3.18.9/drivers/scsi/libsas/sas_ata.c +--- linux-3.18.9.orig/drivers/scsi/libsas/sas_ata.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/scsi/libsas/sas_ata.c 2015-03-15 16:03:03.744094876 -0500 +@@ -191,7 +191,7 @@ + /* TODO: audit callers to ensure they are ready for qc_issue to + * unconditionally re-enable interrupts + */ +- local_irq_save(flags); ++ local_irq_save_nort(flags); + spin_unlock(ap->lock); + + /* If the device fell off, no sense in issuing commands */ +@@ -261,7 +261,7 @@ + + out: + spin_lock(ap->lock); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + return ret; + } + +diff -Nur linux-3.18.9.orig/drivers/scsi/qla2xxx/qla_inline.h linux-3.18.9/drivers/scsi/qla2xxx/qla_inline.h +--- linux-3.18.9.orig/drivers/scsi/qla2xxx/qla_inline.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/scsi/qla2xxx/qla_inline.h 2015-03-15 16:03:03.744094876 -0500 +@@ -59,12 +59,12 @@ + { + unsigned long flags; + struct qla_hw_data *ha = rsp->hw; +- local_irq_save(flags); ++ local_irq_save_nort(flags); + if (IS_P3P_TYPE(ha)) + qla82xx_poll(0, rsp); + else + ha->isp_ops->intr_handler(0, rsp); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + } + + static inline uint8_t * +diff -Nur linux-3.18.9.orig/drivers/tty/serial/8250/8250_core.c linux-3.18.9/drivers/tty/serial/8250/8250_core.c +--- linux-3.18.9.orig/drivers/tty/serial/8250/8250_core.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/tty/serial/8250/8250_core.c 2015-03-15 16:03:03.784094876 -0500 +@@ -37,6 +37,7 @@ + #include <linux/nmi.h> + #include <linux/mutex.h> + #include <linux/slab.h> ++#include <linux/kdb.h> + #include <linux/uaccess.h> + #include <linux/pm_runtime.h> + #ifdef CONFIG_SPARC +@@ -81,7 +82,16 @@ + #define DEBUG_INTR(fmt...) do { } while (0) + #endif + +-#define PASS_LIMIT 512 ++/* ++ * On -rt we can have a more delays, and legitimately ++ * so - so don't drop work spuriously and spam the ++ * syslog: ++ */ ++#ifdef CONFIG_PREEMPT_RT_FULL ++# define PASS_LIMIT 1000000 ++#else ++# define PASS_LIMIT 512 ++#endif + + #define BOTH_EMPTY (UART_LSR_TEMT | UART_LSR_THRE) + +@@ -3198,7 +3208,7 @@ + + serial8250_rpm_get(up); + +- if (port->sysrq || oops_in_progress) ++ if (port->sysrq || oops_in_progress || in_kdb_printk()) + locked = spin_trylock_irqsave(&port->lock, flags); + else + spin_lock_irqsave(&port->lock, flags); +diff -Nur linux-3.18.9.orig/drivers/tty/serial/amba-pl011.c linux-3.18.9/drivers/tty/serial/amba-pl011.c +--- linux-3.18.9.orig/drivers/tty/serial/amba-pl011.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/tty/serial/amba-pl011.c 2015-03-15 16:03:03.784094876 -0500 +@@ -1935,13 +1935,19 @@ + + clk_enable(uap->clk); + +- local_irq_save(flags); ++ /* ++ * local_irq_save(flags); ++ * ++ * This local_irq_save() is nonsense. If we come in via sysrq ++ * handling then interrupts are already disabled. Aside of ++ * that the port.sysrq check is racy on SMP regardless. ++ */ + if (uap->port.sysrq) + locked = 0; + else if (oops_in_progress) +- locked = spin_trylock(&uap->port.lock); ++ locked = spin_trylock_irqsave(&uap->port.lock, flags); + else +- spin_lock(&uap->port.lock); ++ spin_lock_irqsave(&uap->port.lock, flags); + + /* + * First save the CR then disable the interrupts +@@ -1963,8 +1969,7 @@ + writew(old_cr, uap->port.membase + UART011_CR); + + if (locked) +- spin_unlock(&uap->port.lock); +- local_irq_restore(flags); ++ spin_unlock_irqrestore(&uap->port.lock, flags); + + clk_disable(uap->clk); + } +diff -Nur linux-3.18.9.orig/drivers/tty/serial/omap-serial.c linux-3.18.9/drivers/tty/serial/omap-serial.c +--- linux-3.18.9.orig/drivers/tty/serial/omap-serial.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/tty/serial/omap-serial.c 2015-03-15 16:03:03.784094876 -0500 +@@ -1270,13 +1270,10 @@ + + pm_runtime_get_sync(up->dev); + +- local_irq_save(flags); +- if (up->port.sysrq) +- locked = 0; +- else if (oops_in_progress) +- locked = spin_trylock(&up->port.lock); ++ if (up->port.sysrq || oops_in_progress) ++ locked = spin_trylock_irqsave(&up->port.lock, flags); + else +- spin_lock(&up->port.lock); ++ spin_lock_irqsave(&up->port.lock, flags); + + /* + * First save the IER then disable the interrupts +@@ -1305,8 +1302,7 @@ + pm_runtime_mark_last_busy(up->dev); + pm_runtime_put_autosuspend(up->dev); + if (locked) +- spin_unlock(&up->port.lock); +- local_irq_restore(flags); ++ spin_unlock_irqrestore(&up->port.lock, flags); + } + + static int __init +diff -Nur linux-3.18.9.orig/drivers/usb/core/hcd.c linux-3.18.9/drivers/usb/core/hcd.c +--- linux-3.18.9.orig/drivers/usb/core/hcd.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/usb/core/hcd.c 2015-03-15 16:03:03.784094876 -0500 +@@ -1681,9 +1681,9 @@ + * and no one may trigger the above deadlock situation when + * running complete() in tasklet. + */ +- local_irq_save(flags); ++ local_irq_save_nort(flags); + urb->complete(urb); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + + usb_anchor_resume_wakeups(anchor); + atomic_dec(&urb->use_count); +diff -Nur linux-3.18.9.orig/drivers/usb/gadget/function/f_fs.c linux-3.18.9/drivers/usb/gadget/function/f_fs.c +--- linux-3.18.9.orig/drivers/usb/gadget/function/f_fs.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/usb/gadget/function/f_fs.c 2015-03-15 16:03:03.784094876 -0500 +@@ -1428,7 +1428,7 @@ + pr_info("%s(): freeing\n", __func__); + ffs_data_clear(ffs); + BUG_ON(waitqueue_active(&ffs->ev.waitq) || +- waitqueue_active(&ffs->ep0req_completion.wait)); ++ swaitqueue_active(&ffs->ep0req_completion.wait)); + kfree(ffs->dev_name); + kfree(ffs); + } +diff -Nur linux-3.18.9.orig/drivers/usb/gadget/legacy/inode.c linux-3.18.9/drivers/usb/gadget/legacy/inode.c +--- linux-3.18.9.orig/drivers/usb/gadget/legacy/inode.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/drivers/usb/gadget/legacy/inode.c 2015-03-15 16:03:03.784094876 -0500 +@@ -339,7 +339,7 @@ + spin_unlock_irq (&epdata->dev->lock); + + if (likely (value == 0)) { +- value = wait_event_interruptible (done.wait, done.done); ++ value = swait_event_interruptible (done.wait, done.done); + if (value != 0) { + spin_lock_irq (&epdata->dev->lock); + if (likely (epdata->ep != NULL)) { +@@ -348,7 +348,7 @@ + usb_ep_dequeue (epdata->ep, epdata->req); + spin_unlock_irq (&epdata->dev->lock); + +- wait_event (done.wait, done.done); ++ swait_event (done.wait, done.done); + if (epdata->status == -ECONNRESET) + epdata->status = -EINTR; + } else { +diff -Nur linux-3.18.9.orig/fs/aio.c linux-3.18.9/fs/aio.c +--- linux-3.18.9.orig/fs/aio.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/fs/aio.c 2015-03-15 16:03:03.788094876 -0500 +@@ -40,6 +40,7 @@ + #include <linux/ramfs.h> + #include <linux/percpu-refcount.h> + #include <linux/mount.h> ++#include <linux/work-simple.h> + + #include <asm/kmap_types.h> + #include <asm/uaccess.h> +@@ -110,7 +111,7 @@ + struct page **ring_pages; + long nr_pages; + +- struct work_struct free_work; ++ struct swork_event free_work; + + /* + * signals when all in-flight requests are done +@@ -226,6 +227,7 @@ + .mount = aio_mount, + .kill_sb = kill_anon_super, + }; ++ BUG_ON(swork_get()); + aio_mnt = kern_mount(&aio_fs); + if (IS_ERR(aio_mnt)) + panic("Failed to create aio fs mount."); +@@ -505,9 +507,9 @@ + return cancel(kiocb); + } + +-static void free_ioctx(struct work_struct *work) ++static void free_ioctx(struct swork_event *sev) + { +- struct kioctx *ctx = container_of(work, struct kioctx, free_work); ++ struct kioctx *ctx = container_of(sev, struct kioctx, free_work); + + pr_debug("freeing %p\n", ctx); + +@@ -526,8 +528,8 @@ + if (ctx->requests_done) + complete(ctx->requests_done); + +- INIT_WORK(&ctx->free_work, free_ioctx); +- schedule_work(&ctx->free_work); ++ INIT_SWORK(&ctx->free_work, free_ioctx); ++ swork_queue(&ctx->free_work); + } + + /* +@@ -535,9 +537,9 @@ + * and ctx->users has dropped to 0, so we know no more kiocbs can be submitted - + * now it's safe to cancel any that need to be. + */ +-static void free_ioctx_users(struct percpu_ref *ref) ++static void free_ioctx_users_work(struct swork_event *sev) + { +- struct kioctx *ctx = container_of(ref, struct kioctx, users); ++ struct kioctx *ctx = container_of(sev, struct kioctx, free_work); + struct kiocb *req; + + spin_lock_irq(&ctx->ctx_lock); +@@ -556,6 +558,14 @@ + percpu_ref_put(&ctx->reqs); + } + ++static void free_ioctx_users(struct percpu_ref *ref) ++{ ++ struct kioctx *ctx = container_of(ref, struct kioctx, users); ++ ++ INIT_SWORK(&ctx->free_work, free_ioctx_users_work); ++ swork_queue(&ctx->free_work); ++} ++ + static int ioctx_add_table(struct kioctx *ctx, struct mm_struct *mm) + { + unsigned i, new_nr; +diff -Nur linux-3.18.9.orig/fs/autofs4/autofs_i.h linux-3.18.9/fs/autofs4/autofs_i.h +--- linux-3.18.9.orig/fs/autofs4/autofs_i.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/fs/autofs4/autofs_i.h 2015-03-15 16:03:03.788094876 -0500 +@@ -34,6 +34,7 @@ + #include <linux/sched.h> + #include <linux/mount.h> + #include <linux/namei.h> ++#include <linux/delay.h> + #include <asm/current.h> + #include <asm/uaccess.h> + +diff -Nur linux-3.18.9.orig/fs/autofs4/expire.c linux-3.18.9/fs/autofs4/expire.c +--- linux-3.18.9.orig/fs/autofs4/expire.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/fs/autofs4/expire.c 2015-03-15 16:03:03.788094876 -0500 +@@ -151,7 +151,7 @@ + parent = p->d_parent; + if (!spin_trylock(&parent->d_lock)) { + spin_unlock(&p->d_lock); +- cpu_relax(); ++ cpu_chill(); + goto relock; + } + spin_unlock(&p->d_lock); +diff -Nur linux-3.18.9.orig/fs/buffer.c linux-3.18.9/fs/buffer.c +--- linux-3.18.9.orig/fs/buffer.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/fs/buffer.c 2015-03-15 16:03:03.788094876 -0500 +@@ -301,8 +301,7 @@ + * decide that the page is now completely done. + */ + first = page_buffers(page); +- local_irq_save(flags); +- bit_spin_lock(BH_Uptodate_Lock, &first->b_state); ++ flags = bh_uptodate_lock_irqsave(first); + clear_buffer_async_read(bh); + unlock_buffer(bh); + tmp = bh; +@@ -315,8 +314,7 @@ + } + tmp = tmp->b_this_page; + } while (tmp != bh); +- bit_spin_unlock(BH_Uptodate_Lock, &first->b_state); +- local_irq_restore(flags); ++ bh_uptodate_unlock_irqrestore(first, flags); + + /* + * If none of the buffers had errors and they are all +@@ -328,9 +326,7 @@ + return; + + still_busy: +- bit_spin_unlock(BH_Uptodate_Lock, &first->b_state); +- local_irq_restore(flags); +- return; ++ bh_uptodate_unlock_irqrestore(first, flags); + } + + /* +@@ -358,8 +354,7 @@ + } + + first = page_buffers(page); +- local_irq_save(flags); +- bit_spin_lock(BH_Uptodate_Lock, &first->b_state); ++ flags = bh_uptodate_lock_irqsave(first); + + clear_buffer_async_write(bh); + unlock_buffer(bh); +@@ -371,15 +366,12 @@ + } + tmp = tmp->b_this_page; + } +- bit_spin_unlock(BH_Uptodate_Lock, &first->b_state); +- local_irq_restore(flags); ++ bh_uptodate_unlock_irqrestore(first, flags); + end_page_writeback(page); + return; + + still_busy: +- bit_spin_unlock(BH_Uptodate_Lock, &first->b_state); +- local_irq_restore(flags); +- return; ++ bh_uptodate_unlock_irqrestore(first, flags); + } + EXPORT_SYMBOL(end_buffer_async_write); + +@@ -3325,6 +3317,7 @@ + struct buffer_head *ret = kmem_cache_zalloc(bh_cachep, gfp_flags); + if (ret) { + INIT_LIST_HEAD(&ret->b_assoc_buffers); ++ buffer_head_init_locks(ret); + preempt_disable(); + __this_cpu_inc(bh_accounting.nr); + recalc_bh_state(); +diff -Nur linux-3.18.9.orig/fs/dcache.c linux-3.18.9/fs/dcache.c +--- linux-3.18.9.orig/fs/dcache.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/fs/dcache.c 2015-03-15 16:03:03.788094876 -0500 +@@ -19,6 +19,7 @@ + #include <linux/mm.h> + #include <linux/fs.h> + #include <linux/fsnotify.h> ++#include <linux/delay.h> + #include <linux/slab.h> + #include <linux/init.h> + #include <linux/hash.h> +@@ -552,7 +553,7 @@ + + failed: + spin_unlock(&dentry->d_lock); +- cpu_relax(); ++ cpu_chill(); + return dentry; /* try again with same dentry */ + } + +@@ -2285,7 +2286,7 @@ + if (dentry->d_lockref.count == 1) { + if (!spin_trylock(&inode->i_lock)) { + spin_unlock(&dentry->d_lock); +- cpu_relax(); ++ cpu_chill(); + goto again; + } + dentry->d_flags &= ~DCACHE_CANT_MOUNT; +diff -Nur linux-3.18.9.orig/fs/eventpoll.c linux-3.18.9/fs/eventpoll.c +--- linux-3.18.9.orig/fs/eventpoll.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/fs/eventpoll.c 2015-03-15 16:03:03.788094876 -0500 +@@ -505,12 +505,12 @@ + */ + static void ep_poll_safewake(wait_queue_head_t *wq) + { +- int this_cpu = get_cpu(); ++ int this_cpu = get_cpu_light(); + + ep_call_nested(&poll_safewake_ncalls, EP_MAX_NESTS, + ep_poll_wakeup_proc, NULL, wq, (void *) (long) this_cpu); + +- put_cpu(); ++ put_cpu_light(); + } + + static void ep_remove_wait_queue(struct eppoll_entry *pwq) +diff -Nur linux-3.18.9.orig/fs/exec.c linux-3.18.9/fs/exec.c +--- linux-3.18.9.orig/fs/exec.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/fs/exec.c 2015-03-15 16:03:03.788094876 -0500 +@@ -841,12 +841,14 @@ + } + } + task_lock(tsk); ++ preempt_disable_rt(); + active_mm = tsk->active_mm; + tsk->mm = mm; + tsk->active_mm = mm; + activate_mm(active_mm, mm); + tsk->mm->vmacache_seqnum = 0; + vmacache_flush(tsk); ++ preempt_enable_rt(); + task_unlock(tsk); + if (old_mm) { + up_read(&old_mm->mmap_sem); +diff -Nur linux-3.18.9.orig/fs/jbd/checkpoint.c linux-3.18.9/fs/jbd/checkpoint.c +--- linux-3.18.9.orig/fs/jbd/checkpoint.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/fs/jbd/checkpoint.c 2015-03-15 16:03:03.788094876 -0500 +@@ -129,6 +129,8 @@ + if (journal->j_flags & JFS_ABORT) + return; + spin_unlock(&journal->j_state_lock); ++ if (current->plug) ++ io_schedule(); + mutex_lock(&journal->j_checkpoint_mutex); + + /* +diff -Nur linux-3.18.9.orig/fs/jbd2/checkpoint.c linux-3.18.9/fs/jbd2/checkpoint.c +--- linux-3.18.9.orig/fs/jbd2/checkpoint.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/fs/jbd2/checkpoint.c 2015-03-15 16:03:03.788094876 -0500 +@@ -116,6 +116,8 @@ + nblocks = jbd2_space_needed(journal); + while (jbd2_log_space_left(journal) < nblocks) { + write_unlock(&journal->j_state_lock); ++ if (current->plug) ++ io_schedule(); + mutex_lock(&journal->j_checkpoint_mutex); + + /* +diff -Nur linux-3.18.9.orig/fs/namespace.c linux-3.18.9/fs/namespace.c +--- linux-3.18.9.orig/fs/namespace.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/fs/namespace.c 2015-03-15 16:03:03.788094876 -0500 +@@ -14,6 +14,7 @@ + #include <linux/mnt_namespace.h> + #include <linux/user_namespace.h> + #include <linux/namei.h> ++#include <linux/delay.h> + #include <linux/security.h> + #include <linux/idr.h> + #include <linux/init.h> /* init_rootfs */ +@@ -344,8 +345,11 @@ + * incremented count after it has set MNT_WRITE_HOLD. + */ + smp_mb(); +- while (ACCESS_ONCE(mnt->mnt.mnt_flags) & MNT_WRITE_HOLD) +- cpu_relax(); ++ while (ACCESS_ONCE(mnt->mnt.mnt_flags) & MNT_WRITE_HOLD) { ++ preempt_enable(); ++ cpu_chill(); ++ preempt_disable(); ++ } + /* + * After the slowpath clears MNT_WRITE_HOLD, mnt_is_readonly will + * be set to match its requirements. So we must not load that until +diff -Nur linux-3.18.9.orig/fs/ntfs/aops.c linux-3.18.9/fs/ntfs/aops.c +--- linux-3.18.9.orig/fs/ntfs/aops.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/fs/ntfs/aops.c 2015-03-15 16:03:03.788094876 -0500 +@@ -107,8 +107,7 @@ + "0x%llx.", (unsigned long long)bh->b_blocknr); + } + first = page_buffers(page); +- local_irq_save(flags); +- bit_spin_lock(BH_Uptodate_Lock, &first->b_state); ++ flags = bh_uptodate_lock_irqsave(first); + clear_buffer_async_read(bh); + unlock_buffer(bh); + tmp = bh; +@@ -123,8 +122,7 @@ + } + tmp = tmp->b_this_page; + } while (tmp != bh); +- bit_spin_unlock(BH_Uptodate_Lock, &first->b_state); +- local_irq_restore(flags); ++ bh_uptodate_unlock_irqrestore(first, flags); + /* + * If none of the buffers had errors then we can set the page uptodate, + * but we first have to perform the post read mst fixups, if the +@@ -145,13 +143,13 @@ + recs = PAGE_CACHE_SIZE / rec_size; + /* Should have been verified before we got here... */ + BUG_ON(!recs); +- local_irq_save(flags); ++ local_irq_save_nort(flags); + kaddr = kmap_atomic(page); + for (i = 0; i < recs; i++) + post_read_mst_fixup((NTFS_RECORD*)(kaddr + + i * rec_size), rec_size); + kunmap_atomic(kaddr); +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + flush_dcache_page(page); + if (likely(page_uptodate && !PageError(page))) + SetPageUptodate(page); +@@ -159,9 +157,7 @@ + unlock_page(page); + return; + still_busy: +- bit_spin_unlock(BH_Uptodate_Lock, &first->b_state); +- local_irq_restore(flags); +- return; ++ bh_uptodate_unlock_irqrestore(first, flags); + } + + /** +diff -Nur linux-3.18.9.orig/fs/timerfd.c linux-3.18.9/fs/timerfd.c +--- linux-3.18.9.orig/fs/timerfd.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/fs/timerfd.c 2015-03-15 16:03:03.788094876 -0500 +@@ -449,7 +449,10 @@ + break; + } + spin_unlock_irq(&ctx->wqh.lock); +- cpu_relax(); ++ if (isalarm(ctx)) ++ hrtimer_wait_for_timer(&ctx->t.alarm.timer); ++ else ++ hrtimer_wait_for_timer(&ctx->t.tmr); + } + + /* +diff -Nur linux-3.18.9.orig/include/acpi/platform/aclinux.h linux-3.18.9/include/acpi/platform/aclinux.h +--- linux-3.18.9.orig/include/acpi/platform/aclinux.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/acpi/platform/aclinux.h 2015-03-15 16:03:03.788094876 -0500 +@@ -123,6 +123,7 @@ + + #define acpi_cache_t struct kmem_cache + #define acpi_spinlock spinlock_t * ++#define acpi_raw_spinlock raw_spinlock_t * + #define acpi_cpu_flags unsigned long + + /* Use native linux version of acpi_os_allocate_zeroed */ +@@ -141,6 +142,20 @@ + #define ACPI_USE_ALTERNATE_PROTOTYPE_acpi_os_get_thread_id + #define ACPI_USE_ALTERNATE_PROTOTYPE_acpi_os_create_lock + ++#define acpi_os_create_raw_lock(__handle) \ ++({ \ ++ raw_spinlock_t *lock = ACPI_ALLOCATE(sizeof(*lock)); \ ++ \ ++ if (lock) { \ ++ *(__handle) = lock; \ ++ raw_spin_lock_init(*(__handle)); \ ++ } \ ++ lock ? AE_OK : AE_NO_MEMORY; \ ++ }) ++ ++#define acpi_os_delete_raw_lock(__handle) kfree(__handle) ++ ++ + /* + * OSL interfaces used by debugger/disassembler + */ +diff -Nur linux-3.18.9.orig/include/asm-generic/bug.h linux-3.18.9/include/asm-generic/bug.h +--- linux-3.18.9.orig/include/asm-generic/bug.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/asm-generic/bug.h 2015-03-15 16:03:03.792094875 -0500 +@@ -206,6 +206,20 @@ + # define WARN_ON_SMP(x) ({0;}) + #endif + ++#ifdef CONFIG_PREEMPT_RT_BASE ++# define BUG_ON_RT(c) BUG_ON(c) ++# define BUG_ON_NONRT(c) do { } while (0) ++# define WARN_ON_RT(condition) WARN_ON(condition) ++# define WARN_ON_NONRT(condition) do { } while (0) ++# define WARN_ON_ONCE_NONRT(condition) do { } while (0) ++#else ++# define BUG_ON_RT(c) do { } while (0) ++# define BUG_ON_NONRT(c) BUG_ON(c) ++# define WARN_ON_RT(condition) do { } while (0) ++# define WARN_ON_NONRT(condition) WARN_ON(condition) ++# define WARN_ON_ONCE_NONRT(condition) WARN_ON_ONCE(condition) ++#endif ++ + #endif /* __ASSEMBLY__ */ + + #endif +diff -Nur linux-3.18.9.orig/include/linux/blkdev.h linux-3.18.9/include/linux/blkdev.h +--- linux-3.18.9.orig/include/linux/blkdev.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/blkdev.h 2015-03-15 16:03:03.792094875 -0500 +@@ -101,6 +101,7 @@ + struct list_head queuelist; + union { + struct call_single_data csd; ++ struct work_struct work; + unsigned long fifo_time; + }; + +@@ -478,7 +479,7 @@ + struct throtl_data *td; + #endif + struct rcu_head rcu_head; +- wait_queue_head_t mq_freeze_wq; ++ struct swait_head mq_freeze_wq; + struct percpu_ref mq_usage_counter; + struct list_head all_q_node; + +diff -Nur linux-3.18.9.orig/include/linux/blk-mq.h linux-3.18.9/include/linux/blk-mq.h +--- linux-3.18.9.orig/include/linux/blk-mq.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/blk-mq.h 2015-03-15 16:03:03.792094875 -0500 +@@ -169,6 +169,7 @@ + + struct blk_mq_hw_ctx *blk_mq_map_queue(struct request_queue *, const int ctx_index); + struct blk_mq_hw_ctx *blk_mq_alloc_single_hw_queue(struct blk_mq_tag_set *, unsigned int, int); ++void __blk_mq_complete_request_remote_work(struct work_struct *work); + + void blk_mq_start_request(struct request *rq); + void blk_mq_end_request(struct request *rq, int error); +diff -Nur linux-3.18.9.orig/include/linux/bottom_half.h linux-3.18.9/include/linux/bottom_half.h +--- linux-3.18.9.orig/include/linux/bottom_half.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/bottom_half.h 2015-03-15 16:03:03.792094875 -0500 +@@ -4,6 +4,17 @@ + #include <linux/preempt.h> + #include <linux/preempt_mask.h> + ++#ifdef CONFIG_PREEMPT_RT_FULL ++ ++extern void local_bh_disable(void); ++extern void _local_bh_enable(void); ++extern void local_bh_enable(void); ++extern void local_bh_enable_ip(unsigned long ip); ++extern void __local_bh_disable_ip(unsigned long ip, unsigned int cnt); ++extern void __local_bh_enable_ip(unsigned long ip, unsigned int cnt); ++ ++#else ++ + #ifdef CONFIG_TRACE_IRQFLAGS + extern void __local_bh_disable_ip(unsigned long ip, unsigned int cnt); + #else +@@ -31,5 +42,6 @@ + { + __local_bh_enable_ip(_THIS_IP_, SOFTIRQ_DISABLE_OFFSET); + } ++#endif + + #endif /* _LINUX_BH_H */ +diff -Nur linux-3.18.9.orig/include/linux/buffer_head.h linux-3.18.9/include/linux/buffer_head.h +--- linux-3.18.9.orig/include/linux/buffer_head.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/buffer_head.h 2015-03-15 16:03:03.792094875 -0500 +@@ -75,8 +75,52 @@ + struct address_space *b_assoc_map; /* mapping this buffer is + associated with */ + atomic_t b_count; /* users using this buffer_head */ ++#ifdef CONFIG_PREEMPT_RT_BASE ++ spinlock_t b_uptodate_lock; ++#if defined(CONFIG_JBD) || defined(CONFIG_JBD_MODULE) || \ ++ defined(CONFIG_JBD2) || defined(CONFIG_JBD2_MODULE) ++ spinlock_t b_state_lock; ++ spinlock_t b_journal_head_lock; ++#endif ++#endif + }; + ++static inline unsigned long bh_uptodate_lock_irqsave(struct buffer_head *bh) ++{ ++ unsigned long flags; ++ ++#ifndef CONFIG_PREEMPT_RT_BASE ++ local_irq_save(flags); ++ bit_spin_lock(BH_Uptodate_Lock, &bh->b_state); ++#else ++ spin_lock_irqsave(&bh->b_uptodate_lock, flags); ++#endif ++ return flags; ++} ++ ++static inline void ++bh_uptodate_unlock_irqrestore(struct buffer_head *bh, unsigned long flags) ++{ ++#ifndef CONFIG_PREEMPT_RT_BASE ++ bit_spin_unlock(BH_Uptodate_Lock, &bh->b_state); ++ local_irq_restore(flags); ++#else ++ spin_unlock_irqrestore(&bh->b_uptodate_lock, flags); ++#endif ++} ++ ++static inline void buffer_head_init_locks(struct buffer_head *bh) ++{ ++#ifdef CONFIG_PREEMPT_RT_BASE ++ spin_lock_init(&bh->b_uptodate_lock); ++#if defined(CONFIG_JBD) || defined(CONFIG_JBD_MODULE) || \ ++ defined(CONFIG_JBD2) || defined(CONFIG_JBD2_MODULE) ++ spin_lock_init(&bh->b_state_lock); ++ spin_lock_init(&bh->b_journal_head_lock); ++#endif ++#endif ++} ++ + /* + * macro tricks to expand the set_buffer_foo(), clear_buffer_foo() + * and buffer_foo() functions. +diff -Nur linux-3.18.9.orig/include/linux/cgroup.h linux-3.18.9/include/linux/cgroup.h +--- linux-3.18.9.orig/include/linux/cgroup.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/cgroup.h 2015-03-15 16:03:03.792094875 -0500 +@@ -22,6 +22,7 @@ + #include <linux/seq_file.h> + #include <linux/kernfs.h> + #include <linux/wait.h> ++#include <linux/work-simple.h> + + #ifdef CONFIG_CGROUPS + +@@ -91,6 +92,7 @@ + /* percpu_ref killing and RCU release */ + struct rcu_head rcu_head; + struct work_struct destroy_work; ++ struct swork_event destroy_swork; + }; + + /* bits in struct cgroup_subsys_state flags field */ +diff -Nur linux-3.18.9.orig/include/linux/completion.h linux-3.18.9/include/linux/completion.h +--- linux-3.18.9.orig/include/linux/completion.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/completion.h 2015-03-15 16:03:03.792094875 -0500 +@@ -7,8 +7,7 @@ + * Atomic wait-for-completion handler data structures. + * See kernel/sched/completion.c for details. + */ +- +-#include <linux/wait.h> ++#include <linux/wait-simple.h> + + /* + * struct completion - structure used to maintain state for a "completion" +@@ -24,11 +23,11 @@ + */ + struct completion { + unsigned int done; +- wait_queue_head_t wait; ++ struct swait_head wait; + }; + + #define COMPLETION_INITIALIZER(work) \ +- { 0, __WAIT_QUEUE_HEAD_INITIALIZER((work).wait) } ++ { 0, SWAIT_HEAD_INITIALIZER((work).wait) } + + #define COMPLETION_INITIALIZER_ONSTACK(work) \ + ({ init_completion(&work); work; }) +@@ -73,7 +72,7 @@ + static inline void init_completion(struct completion *x) + { + x->done = 0; +- init_waitqueue_head(&x->wait); ++ init_swait_head(&x->wait); + } + + /** +diff -Nur linux-3.18.9.orig/include/linux/cpu.h linux-3.18.9/include/linux/cpu.h +--- linux-3.18.9.orig/include/linux/cpu.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/cpu.h 2015-03-15 16:03:03.792094875 -0500 +@@ -217,6 +217,8 @@ + extern void put_online_cpus(void); + extern void cpu_hotplug_disable(void); + extern void cpu_hotplug_enable(void); ++extern void pin_current_cpu(void); ++extern void unpin_current_cpu(void); + #define hotcpu_notifier(fn, pri) cpu_notifier(fn, pri) + #define __hotcpu_notifier(fn, pri) __cpu_notifier(fn, pri) + #define register_hotcpu_notifier(nb) register_cpu_notifier(nb) +@@ -235,6 +237,8 @@ + #define put_online_cpus() do { } while (0) + #define cpu_hotplug_disable() do { } while (0) + #define cpu_hotplug_enable() do { } while (0) ++static inline void pin_current_cpu(void) { } ++static inline void unpin_current_cpu(void) { } + #define hotcpu_notifier(fn, pri) do { (void)(fn); } while (0) + #define __hotcpu_notifier(fn, pri) do { (void)(fn); } while (0) + /* These aren't inline functions due to a GCC bug. */ +diff -Nur linux-3.18.9.orig/include/linux/delay.h linux-3.18.9/include/linux/delay.h +--- linux-3.18.9.orig/include/linux/delay.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/delay.h 2015-03-15 16:03:03.792094875 -0500 +@@ -52,4 +52,10 @@ + msleep(seconds * 1000); + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++extern void cpu_chill(void); ++#else ++# define cpu_chill() cpu_relax() ++#endif ++ + #endif /* defined(_LINUX_DELAY_H) */ +diff -Nur linux-3.18.9.orig/include/linux/ftrace_event.h linux-3.18.9/include/linux/ftrace_event.h +--- linux-3.18.9.orig/include/linux/ftrace_event.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/ftrace_event.h 2015-03-15 16:03:03.804094874 -0500 +@@ -61,6 +61,9 @@ + unsigned char flags; + unsigned char preempt_count; + int pid; ++ unsigned short migrate_disable; ++ unsigned short padding; ++ unsigned char preempt_lazy_count; + }; + + #define FTRACE_MAX_EVENT \ +diff -Nur linux-3.18.9.orig/include/linux/highmem.h linux-3.18.9/include/linux/highmem.h +--- linux-3.18.9.orig/include/linux/highmem.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/highmem.h 2015-03-15 16:03:03.804094874 -0500 +@@ -7,6 +7,7 @@ + #include <linux/mm.h> + #include <linux/uaccess.h> + #include <linux/hardirq.h> ++#include <linux/sched.h> + + #include <asm/cacheflush.h> + +@@ -85,32 +86,51 @@ + + #if defined(CONFIG_HIGHMEM) || defined(CONFIG_X86_32) + ++#ifndef CONFIG_PREEMPT_RT_FULL + DECLARE_PER_CPU(int, __kmap_atomic_idx); ++#endif + + static inline int kmap_atomic_idx_push(void) + { ++#ifndef CONFIG_PREEMPT_RT_FULL + int idx = __this_cpu_inc_return(__kmap_atomic_idx) - 1; + +-#ifdef CONFIG_DEBUG_HIGHMEM ++# ifdef CONFIG_DEBUG_HIGHMEM + WARN_ON_ONCE(in_irq() && !irqs_disabled()); + BUG_ON(idx >= KM_TYPE_NR); +-#endif ++# endif + return idx; ++#else ++ current->kmap_idx++; ++ BUG_ON(current->kmap_idx > KM_TYPE_NR); ++ return current->kmap_idx - 1; ++#endif + } + + static inline int kmap_atomic_idx(void) + { ++#ifndef CONFIG_PREEMPT_RT_FULL + return __this_cpu_read(__kmap_atomic_idx) - 1; ++#else ++ return current->kmap_idx - 1; ++#endif + } + + static inline void kmap_atomic_idx_pop(void) + { +-#ifdef CONFIG_DEBUG_HIGHMEM ++#ifndef CONFIG_PREEMPT_RT_FULL ++# ifdef CONFIG_DEBUG_HIGHMEM + int idx = __this_cpu_dec_return(__kmap_atomic_idx); + + BUG_ON(idx < 0); +-#else ++# else + __this_cpu_dec(__kmap_atomic_idx); ++# endif ++#else ++ current->kmap_idx--; ++# ifdef CONFIG_DEBUG_HIGHMEM ++ BUG_ON(current->kmap_idx < 0); ++# endif + #endif + } + +diff -Nur linux-3.18.9.orig/include/linux/hrtimer.h linux-3.18.9/include/linux/hrtimer.h +--- linux-3.18.9.orig/include/linux/hrtimer.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/hrtimer.h 2015-03-15 16:03:03.804094874 -0500 +@@ -111,6 +111,11 @@ + enum hrtimer_restart (*function)(struct hrtimer *); + struct hrtimer_clock_base *base; + unsigned long state; ++ struct list_head cb_entry; ++ int irqsafe; ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++ ktime_t praecox; ++#endif + #ifdef CONFIG_TIMER_STATS + int start_pid; + void *start_site; +@@ -147,6 +152,7 @@ + int index; + clockid_t clockid; + struct timerqueue_head active; ++ struct list_head expired; + ktime_t resolution; + ktime_t (*get_time)(void); + ktime_t softirq_time; +@@ -192,6 +198,9 @@ + unsigned long nr_hangs; + ktime_t max_hang_time; + #endif ++#ifdef CONFIG_PREEMPT_RT_BASE ++ wait_queue_head_t wait; ++#endif + struct hrtimer_clock_base clock_base[HRTIMER_MAX_CLOCK_BASES]; + }; + +@@ -379,6 +388,13 @@ + return hrtimer_start_expires(timer, HRTIMER_MODE_ABS); + } + ++/* Softirq preemption could deadlock timer removal */ ++#ifdef CONFIG_PREEMPT_RT_BASE ++ extern void hrtimer_wait_for_timer(const struct hrtimer *timer); ++#else ++# define hrtimer_wait_for_timer(timer) do { cpu_relax(); } while (0) ++#endif ++ + /* Query timers: */ + extern ktime_t hrtimer_get_remaining(const struct hrtimer *timer); + extern int hrtimer_get_res(const clockid_t which_clock, struct timespec *tp); +diff -Nur linux-3.18.9.orig/include/linux/idr.h linux-3.18.9/include/linux/idr.h +--- linux-3.18.9.orig/include/linux/idr.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/idr.h 2015-03-15 16:03:03.804094874 -0500 +@@ -95,10 +95,14 @@ + * Each idr_preload() should be matched with an invocation of this + * function. See idr_preload() for details. + */ ++#ifdef CONFIG_PREEMPT_RT_FULL ++void idr_preload_end(void); ++#else + static inline void idr_preload_end(void) + { + preempt_enable(); + } ++#endif + + /** + * idr_find - return pointer for given id +diff -Nur linux-3.18.9.orig/include/linux/init_task.h linux-3.18.9/include/linux/init_task.h +--- linux-3.18.9.orig/include/linux/init_task.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/init_task.h 2015-03-15 16:03:03.804094874 -0500 +@@ -147,9 +147,16 @@ + # define INIT_PERF_EVENTS(tsk) + #endif + ++#ifdef CONFIG_PREEMPT_RT_BASE ++# define INIT_TIMER_LIST .posix_timer_list = NULL, ++#else ++# define INIT_TIMER_LIST ++#endif ++ + #ifdef CONFIG_VIRT_CPU_ACCOUNTING_GEN + # define INIT_VTIME(tsk) \ +- .vtime_seqlock = __SEQLOCK_UNLOCKED(tsk.vtime_seqlock), \ ++ .vtime_lock = __RAW_SPIN_LOCK_UNLOCKED(tsk.vtime_lock), \ ++ .vtime_seq = SEQCNT_ZERO(tsk.vtime_seq), \ + .vtime_snap = 0, \ + .vtime_snap_whence = VTIME_SYS, + #else +@@ -219,6 +226,7 @@ + .cpu_timers = INIT_CPU_TIMERS(tsk.cpu_timers), \ + .pi_lock = __RAW_SPIN_LOCK_UNLOCKED(tsk.pi_lock), \ + .timer_slack_ns = 50000, /* 50 usec default slack */ \ ++ INIT_TIMER_LIST \ + .pids = { \ + [PIDTYPE_PID] = INIT_PID_LINK(PIDTYPE_PID), \ + [PIDTYPE_PGID] = INIT_PID_LINK(PIDTYPE_PGID), \ +diff -Nur linux-3.18.9.orig/include/linux/interrupt.h linux-3.18.9/include/linux/interrupt.h +--- linux-3.18.9.orig/include/linux/interrupt.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/interrupt.h 2015-03-15 16:03:03.804094874 -0500 +@@ -57,6 +57,7 @@ + * IRQF_NO_THREAD - Interrupt cannot be threaded + * IRQF_EARLY_RESUME - Resume IRQ early during syscore instead of at device + * resume time. ++ * IRQF_NO_SOFTIRQ_CALL - Do not process softirqs in the irq thread context (RT) + */ + #define IRQF_DISABLED 0x00000020 + #define IRQF_SHARED 0x00000080 +@@ -70,6 +71,7 @@ + #define IRQF_FORCE_RESUME 0x00008000 + #define IRQF_NO_THREAD 0x00010000 + #define IRQF_EARLY_RESUME 0x00020000 ++#define IRQF_NO_SOFTIRQ_CALL 0x00080000 + + #define IRQF_TIMER (__IRQF_TIMER | IRQF_NO_SUSPEND | IRQF_NO_THREAD) + +@@ -180,7 +182,7 @@ + #ifdef CONFIG_LOCKDEP + # define local_irq_enable_in_hardirq() do { } while (0) + #else +-# define local_irq_enable_in_hardirq() local_irq_enable() ++# define local_irq_enable_in_hardirq() local_irq_enable_nort() + #endif + + extern void disable_irq_nosync(unsigned int irq); +@@ -210,6 +212,7 @@ + unsigned int irq; + struct kref kref; + struct work_struct work; ++ struct list_head list; + void (*notify)(struct irq_affinity_notify *, const cpumask_t *mask); + void (*release)(struct kref *ref); + }; +@@ -358,9 +361,13 @@ + + + #ifdef CONFIG_IRQ_FORCED_THREADING ++# ifndef CONFIG_PREEMPT_RT_BASE + extern bool force_irqthreads; ++# else ++# define force_irqthreads (true) ++# endif + #else +-#define force_irqthreads (0) ++#define force_irqthreads (false) + #endif + + #ifndef __ARCH_SET_SOFTIRQ_PENDING +@@ -416,9 +423,10 @@ + void (*action)(struct softirq_action *); + }; + ++#ifndef CONFIG_PREEMPT_RT_FULL + asmlinkage void do_softirq(void); + asmlinkage void __do_softirq(void); +- ++static inline void thread_do_softirq(void) { do_softirq(); } + #ifdef __ARCH_HAS_DO_SOFTIRQ + void do_softirq_own_stack(void); + #else +@@ -427,6 +435,9 @@ + __do_softirq(); + } + #endif ++#else ++extern void thread_do_softirq(void); ++#endif + + extern void open_softirq(int nr, void (*action)(struct softirq_action *)); + extern void softirq_init(void); +@@ -434,6 +445,7 @@ + + extern void raise_softirq_irqoff(unsigned int nr); + extern void raise_softirq(unsigned int nr); ++extern void softirq_check_pending_idle(void); + + DECLARE_PER_CPU(struct task_struct *, ksoftirqd); + +@@ -455,8 +467,9 @@ + to be executed on some cpu at least once after this. + * If the tasklet is already scheduled, but its execution is still not + started, it will be executed only once. +- * If this tasklet is already running on another CPU (or schedule is called +- from tasklet itself), it is rescheduled for later. ++ * If this tasklet is already running on another CPU, it is rescheduled ++ for later. ++ * Schedule must not be called from the tasklet itself (a lockup occurs) + * Tasklet is strictly serialized wrt itself, but not + wrt another tasklets. If client needs some intertask synchronization, + he makes it with spinlocks. +@@ -481,27 +494,36 @@ + enum + { + TASKLET_STATE_SCHED, /* Tasklet is scheduled for execution */ +- TASKLET_STATE_RUN /* Tasklet is running (SMP only) */ ++ TASKLET_STATE_RUN, /* Tasklet is running (SMP only) */ ++ TASKLET_STATE_PENDING /* Tasklet is pending */ + }; + +-#ifdef CONFIG_SMP ++#define TASKLET_STATEF_SCHED (1 << TASKLET_STATE_SCHED) ++#define TASKLET_STATEF_RUN (1 << TASKLET_STATE_RUN) ++#define TASKLET_STATEF_PENDING (1 << TASKLET_STATE_PENDING) ++ ++#if defined(CONFIG_SMP) || defined(CONFIG_PREEMPT_RT_FULL) + static inline int tasklet_trylock(struct tasklet_struct *t) + { + return !test_and_set_bit(TASKLET_STATE_RUN, &(t)->state); + } + ++static inline int tasklet_tryunlock(struct tasklet_struct *t) ++{ ++ return cmpxchg(&t->state, TASKLET_STATEF_RUN, 0) == TASKLET_STATEF_RUN; ++} ++ + static inline void tasklet_unlock(struct tasklet_struct *t) + { + smp_mb__before_atomic(); + clear_bit(TASKLET_STATE_RUN, &(t)->state); + } + +-static inline void tasklet_unlock_wait(struct tasklet_struct *t) +-{ +- while (test_bit(TASKLET_STATE_RUN, &(t)->state)) { barrier(); } +-} ++extern void tasklet_unlock_wait(struct tasklet_struct *t); ++ + #else + #define tasklet_trylock(t) 1 ++#define tasklet_tryunlock(t) 1 + #define tasklet_unlock_wait(t) do { } while (0) + #define tasklet_unlock(t) do { } while (0) + #endif +@@ -550,17 +572,8 @@ + smp_mb(); + } + +-static inline void tasklet_enable(struct tasklet_struct *t) +-{ +- smp_mb__before_atomic(); +- atomic_dec(&t->count); +-} +- +-static inline void tasklet_hi_enable(struct tasklet_struct *t) +-{ +- smp_mb__before_atomic(); +- atomic_dec(&t->count); +-} ++extern void tasklet_enable(struct tasklet_struct *t); ++extern void tasklet_hi_enable(struct tasklet_struct *t); + + extern void tasklet_kill(struct tasklet_struct *t); + extern void tasklet_kill_immediate(struct tasklet_struct *t, unsigned int cpu); +@@ -592,6 +605,12 @@ + tasklet_kill(&ttimer->tasklet); + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++extern void softirq_early_init(void); ++#else ++static inline void softirq_early_init(void) { } ++#endif ++ + /* + * Autoprobing for irqs: + * +diff -Nur linux-3.18.9.orig/include/linux/irqdesc.h linux-3.18.9/include/linux/irqdesc.h +--- linux-3.18.9.orig/include/linux/irqdesc.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/irqdesc.h 2015-03-15 16:03:03.804094874 -0500 +@@ -63,6 +63,7 @@ + unsigned int irqs_unhandled; + atomic_t threads_handled; + int threads_handled_last; ++ u64 random_ip; + raw_spinlock_t lock; + struct cpumask *percpu_enabled; + #ifdef CONFIG_SMP +diff -Nur linux-3.18.9.orig/include/linux/irqflags.h linux-3.18.9/include/linux/irqflags.h +--- linux-3.18.9.orig/include/linux/irqflags.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/irqflags.h 2015-03-15 16:03:03.804094874 -0500 +@@ -25,8 +25,6 @@ + # define trace_softirqs_enabled(p) ((p)->softirqs_enabled) + # define trace_hardirq_enter() do { current->hardirq_context++; } while (0) + # define trace_hardirq_exit() do { current->hardirq_context--; } while (0) +-# define lockdep_softirq_enter() do { current->softirq_context++; } while (0) +-# define lockdep_softirq_exit() do { current->softirq_context--; } while (0) + # define INIT_TRACE_IRQFLAGS .softirqs_enabled = 1, + #else + # define trace_hardirqs_on() do { } while (0) +@@ -39,9 +37,15 @@ + # define trace_softirqs_enabled(p) 0 + # define trace_hardirq_enter() do { } while (0) + # define trace_hardirq_exit() do { } while (0) ++# define INIT_TRACE_IRQFLAGS ++#endif ++ ++#if defined(CONFIG_TRACE_IRQFLAGS) && !defined(CONFIG_PREEMPT_RT_FULL) ++# define lockdep_softirq_enter() do { current->softirq_context++; } while (0) ++# define lockdep_softirq_exit() do { current->softirq_context--; } while (0) ++#else + # define lockdep_softirq_enter() do { } while (0) + # define lockdep_softirq_exit() do { } while (0) +-# define INIT_TRACE_IRQFLAGS + #endif + + #if defined(CONFIG_IRQSOFF_TRACER) || \ +@@ -147,4 +151,23 @@ + + #endif /* CONFIG_TRACE_IRQFLAGS_SUPPORT */ + ++/* ++ * local_irq* variants depending on RT/!RT ++ */ ++#ifdef CONFIG_PREEMPT_RT_FULL ++# define local_irq_disable_nort() do { } while (0) ++# define local_irq_enable_nort() do { } while (0) ++# define local_irq_save_nort(flags) local_save_flags(flags) ++# define local_irq_restore_nort(flags) (void)(flags) ++# define local_irq_disable_rt() local_irq_disable() ++# define local_irq_enable_rt() local_irq_enable() ++#else ++# define local_irq_disable_nort() local_irq_disable() ++# define local_irq_enable_nort() local_irq_enable() ++# define local_irq_save_nort(flags) local_irq_save(flags) ++# define local_irq_restore_nort(flags) local_irq_restore(flags) ++# define local_irq_disable_rt() do { } while (0) ++# define local_irq_enable_rt() do { } while (0) ++#endif ++ + #endif +diff -Nur linux-3.18.9.orig/include/linux/irq.h linux-3.18.9/include/linux/irq.h +--- linux-3.18.9.orig/include/linux/irq.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/irq.h 2015-03-15 16:03:03.804094874 -0500 +@@ -73,6 +73,7 @@ + * IRQ_IS_POLLED - Always polled by another interrupt. Exclude + * it from the spurious interrupt detection + * mechanism and from core side polling. ++ * IRQ_NO_SOFTIRQ_CALL - No softirq processing in the irq thread context (RT) + */ + enum { + IRQ_TYPE_NONE = 0x00000000, +@@ -98,13 +99,14 @@ + IRQ_NOTHREAD = (1 << 16), + IRQ_PER_CPU_DEVID = (1 << 17), + IRQ_IS_POLLED = (1 << 18), ++ IRQ_NO_SOFTIRQ_CALL = (1 << 19), + }; + + #define IRQF_MODIFY_MASK \ + (IRQ_TYPE_SENSE_MASK | IRQ_NOPROBE | IRQ_NOREQUEST | \ + IRQ_NOAUTOEN | IRQ_MOVE_PCNTXT | IRQ_LEVEL | IRQ_NO_BALANCING | \ + IRQ_PER_CPU | IRQ_NESTED_THREAD | IRQ_NOTHREAD | IRQ_PER_CPU_DEVID | \ +- IRQ_IS_POLLED) ++ IRQ_IS_POLLED | IRQ_NO_SOFTIRQ_CALL) + + #define IRQ_NO_BALANCING_MASK (IRQ_PER_CPU | IRQ_NO_BALANCING) + +diff -Nur linux-3.18.9.orig/include/linux/irq_work.h linux-3.18.9/include/linux/irq_work.h +--- linux-3.18.9.orig/include/linux/irq_work.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/irq_work.h 2015-03-15 16:03:03.804094874 -0500 +@@ -16,6 +16,7 @@ + #define IRQ_WORK_BUSY 2UL + #define IRQ_WORK_FLAGS 3UL + #define IRQ_WORK_LAZY 4UL /* Doesn't want IPI, wait for tick */ ++#define IRQ_WORK_HARD_IRQ 8UL /* Run hard IRQ context, even on RT */ + + struct irq_work { + unsigned long flags; +diff -Nur linux-3.18.9.orig/include/linux/jbd_common.h linux-3.18.9/include/linux/jbd_common.h +--- linux-3.18.9.orig/include/linux/jbd_common.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/jbd_common.h 2015-03-15 16:03:03.804094874 -0500 +@@ -15,32 +15,56 @@ + + static inline void jbd_lock_bh_state(struct buffer_head *bh) + { ++#ifndef CONFIG_PREEMPT_RT_BASE + bit_spin_lock(BH_State, &bh->b_state); ++#else ++ spin_lock(&bh->b_state_lock); ++#endif + } + + static inline int jbd_trylock_bh_state(struct buffer_head *bh) + { ++#ifndef CONFIG_PREEMPT_RT_BASE + return bit_spin_trylock(BH_State, &bh->b_state); ++#else ++ return spin_trylock(&bh->b_state_lock); ++#endif + } + + static inline int jbd_is_locked_bh_state(struct buffer_head *bh) + { ++#ifndef CONFIG_PREEMPT_RT_BASE + return bit_spin_is_locked(BH_State, &bh->b_state); ++#else ++ return spin_is_locked(&bh->b_state_lock); ++#endif + } + + static inline void jbd_unlock_bh_state(struct buffer_head *bh) + { ++#ifndef CONFIG_PREEMPT_RT_BASE + bit_spin_unlock(BH_State, &bh->b_state); ++#else ++ spin_unlock(&bh->b_state_lock); ++#endif + } + + static inline void jbd_lock_bh_journal_head(struct buffer_head *bh) + { ++#ifndef CONFIG_PREEMPT_RT_BASE + bit_spin_lock(BH_JournalHead, &bh->b_state); ++#else ++ spin_lock(&bh->b_journal_head_lock); ++#endif + } + + static inline void jbd_unlock_bh_journal_head(struct buffer_head *bh) + { ++#ifndef CONFIG_PREEMPT_RT_BASE + bit_spin_unlock(BH_JournalHead, &bh->b_state); ++#else ++ spin_unlock(&bh->b_journal_head_lock); ++#endif + } + + #endif +diff -Nur linux-3.18.9.orig/include/linux/jump_label.h linux-3.18.9/include/linux/jump_label.h +--- linux-3.18.9.orig/include/linux/jump_label.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/jump_label.h 2015-03-15 16:03:03.804094874 -0500 +@@ -55,7 +55,8 @@ + "%s used before call to jump_label_init", \ + __func__) + +-#if defined(CC_HAVE_ASM_GOTO) && defined(CONFIG_JUMP_LABEL) ++#if defined(CC_HAVE_ASM_GOTO) && defined(CONFIG_JUMP_LABEL) && \ ++ !defined(CONFIG_PREEMPT_BASE) + + struct static_key { + atomic_t enabled; +diff -Nur linux-3.18.9.orig/include/linux/kdb.h linux-3.18.9/include/linux/kdb.h +--- linux-3.18.9.orig/include/linux/kdb.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/kdb.h 2015-03-15 16:03:03.804094874 -0500 +@@ -116,7 +116,7 @@ + extern __printf(1, 0) int vkdb_printf(const char *fmt, va_list args); + extern __printf(1, 2) int kdb_printf(const char *, ...); + typedef __printf(1, 2) int (*kdb_printf_t)(const char *, ...); +- ++#define in_kdb_printk() (kdb_trap_printk) + extern void kdb_init(int level); + + /* Access to kdb specific polling devices */ +@@ -151,6 +151,7 @@ + extern int kdb_unregister(char *); + #else /* ! CONFIG_KGDB_KDB */ + static inline __printf(1, 2) int kdb_printf(const char *fmt, ...) { return 0; } ++#define in_kdb_printk() (0) + static inline void kdb_init(int level) {} + static inline int kdb_register(char *cmd, kdb_func_t func, char *usage, + char *help, short minlen) { return 0; } +diff -Nur linux-3.18.9.orig/include/linux/kernel.h linux-3.18.9/include/linux/kernel.h +--- linux-3.18.9.orig/include/linux/kernel.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/kernel.h 2015-03-15 16:03:03.804094874 -0500 +@@ -451,6 +451,7 @@ + SYSTEM_HALT, + SYSTEM_POWER_OFF, + SYSTEM_RESTART, ++ SYSTEM_SUSPEND, + } system_state; + + #define TAINT_PROPRIETARY_MODULE 0 +diff -Nur linux-3.18.9.orig/include/linux/lglock.h linux-3.18.9/include/linux/lglock.h +--- linux-3.18.9.orig/include/linux/lglock.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/lglock.h 2015-03-15 16:03:03.804094874 -0500 +@@ -34,22 +34,39 @@ + #endif + + struct lglock { ++#ifndef CONFIG_PREEMPT_RT_FULL + arch_spinlock_t __percpu *lock; ++#else ++ struct rt_mutex __percpu *lock; ++#endif + #ifdef CONFIG_DEBUG_LOCK_ALLOC + struct lock_class_key lock_key; + struct lockdep_map lock_dep_map; + #endif + }; + +-#define DEFINE_LGLOCK(name) \ ++#ifndef CONFIG_PREEMPT_RT_FULL ++# define DEFINE_LGLOCK(name) \ + static DEFINE_PER_CPU(arch_spinlock_t, name ## _lock) \ + = __ARCH_SPIN_LOCK_UNLOCKED; \ + struct lglock name = { .lock = &name ## _lock } + +-#define DEFINE_STATIC_LGLOCK(name) \ ++# define DEFINE_STATIC_LGLOCK(name) \ + static DEFINE_PER_CPU(arch_spinlock_t, name ## _lock) \ + = __ARCH_SPIN_LOCK_UNLOCKED; \ + static struct lglock name = { .lock = &name ## _lock } ++#else ++ ++# define DEFINE_LGLOCK(name) \ ++ static DEFINE_PER_CPU(struct rt_mutex, name ## _lock) \ ++ = __RT_MUTEX_INITIALIZER( name ## _lock); \ ++ struct lglock name = { .lock = &name ## _lock } ++ ++# define DEFINE_STATIC_LGLOCK(name) \ ++ static DEFINE_PER_CPU(struct rt_mutex, name ## _lock) \ ++ = __RT_MUTEX_INITIALIZER( name ## _lock); \ ++ static struct lglock name = { .lock = &name ## _lock } ++#endif + + void lg_lock_init(struct lglock *lg, char *name); + void lg_local_lock(struct lglock *lg); +@@ -59,6 +76,12 @@ + void lg_global_lock(struct lglock *lg); + void lg_global_unlock(struct lglock *lg); + ++#ifndef CONFIG_PREEMPT_RT_FULL ++#define lg_global_trylock_relax(name) lg_global_lock(name) ++#else ++void lg_global_trylock_relax(struct lglock *lg); ++#endif ++ + #else + /* When !CONFIG_SMP, map lglock to spinlock */ + #define lglock spinlock +diff -Nur linux-3.18.9.orig/include/linux/list_bl.h linux-3.18.9/include/linux/list_bl.h +--- linux-3.18.9.orig/include/linux/list_bl.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/list_bl.h 2015-03-15 16:03:03.808094874 -0500 +@@ -2,6 +2,7 @@ + #define _LINUX_LIST_BL_H + + #include <linux/list.h> ++#include <linux/spinlock.h> + #include <linux/bit_spinlock.h> + + /* +@@ -32,13 +33,22 @@ + + struct hlist_bl_head { + struct hlist_bl_node *first; ++#ifdef CONFIG_PREEMPT_RT_BASE ++ raw_spinlock_t lock; ++#endif + }; + + struct hlist_bl_node { + struct hlist_bl_node *next, **pprev; + }; +-#define INIT_HLIST_BL_HEAD(ptr) \ +- ((ptr)->first = NULL) ++ ++static inline void INIT_HLIST_BL_HEAD(struct hlist_bl_head *h) ++{ ++ h->first = NULL; ++#ifdef CONFIG_PREEMPT_RT_BASE ++ raw_spin_lock_init(&h->lock); ++#endif ++} + + static inline void INIT_HLIST_BL_NODE(struct hlist_bl_node *h) + { +@@ -117,12 +127,26 @@ + + static inline void hlist_bl_lock(struct hlist_bl_head *b) + { ++#ifndef CONFIG_PREEMPT_RT_BASE + bit_spin_lock(0, (unsigned long *)b); ++#else ++ raw_spin_lock(&b->lock); ++#if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK) ++ __set_bit(0, (unsigned long *)b); ++#endif ++#endif + } + + static inline void hlist_bl_unlock(struct hlist_bl_head *b) + { ++#ifndef CONFIG_PREEMPT_RT_BASE + __bit_spin_unlock(0, (unsigned long *)b); ++#else ++#if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK) ++ __clear_bit(0, (unsigned long *)b); ++#endif ++ raw_spin_unlock(&b->lock); ++#endif + } + + static inline bool hlist_bl_is_locked(struct hlist_bl_head *b) +diff -Nur linux-3.18.9.orig/include/linux/locallock.h linux-3.18.9/include/linux/locallock.h +--- linux-3.18.9.orig/include/linux/locallock.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/linux/locallock.h 2015-03-15 16:03:03.808094874 -0500 +@@ -0,0 +1,270 @@ ++#ifndef _LINUX_LOCALLOCK_H ++#define _LINUX_LOCALLOCK_H ++ ++#include <linux/percpu.h> ++#include <linux/spinlock.h> ++ ++#ifdef CONFIG_PREEMPT_RT_BASE ++ ++#ifdef CONFIG_DEBUG_SPINLOCK ++# define LL_WARN(cond) WARN_ON(cond) ++#else ++# define LL_WARN(cond) do { } while (0) ++#endif ++ ++/* ++ * per cpu lock based substitute for local_irq_*() ++ */ ++struct local_irq_lock { ++ spinlock_t lock; ++ struct task_struct *owner; ++ int nestcnt; ++ unsigned long flags; ++}; ++ ++#define DEFINE_LOCAL_IRQ_LOCK(lvar) \ ++ DEFINE_PER_CPU(struct local_irq_lock, lvar) = { \ ++ .lock = __SPIN_LOCK_UNLOCKED((lvar).lock) } ++ ++#define DECLARE_LOCAL_IRQ_LOCK(lvar) \ ++ DECLARE_PER_CPU(struct local_irq_lock, lvar) ++ ++#define local_irq_lock_init(lvar) \ ++ do { \ ++ int __cpu; \ ++ for_each_possible_cpu(__cpu) \ ++ spin_lock_init(&per_cpu(lvar, __cpu).lock); \ ++ } while (0) ++ ++/* ++ * spin_lock|trylock|unlock_local flavour that does not migrate disable ++ * used for __local_lock|trylock|unlock where get_local_var/put_local_var ++ * already takes care of the migrate_disable/enable ++ * for CONFIG_PREEMPT_BASE map to the normal spin_* calls. ++ */ ++#ifdef CONFIG_PREEMPT_RT_FULL ++# define spin_lock_local(lock) rt_spin_lock(lock) ++# define spin_trylock_local(lock) rt_spin_trylock(lock) ++# define spin_unlock_local(lock) rt_spin_unlock(lock) ++#else ++# define spin_lock_local(lock) spin_lock(lock) ++# define spin_trylock_local(lock) spin_trylock(lock) ++# define spin_unlock_local(lock) spin_unlock(lock) ++#endif ++ ++static inline void __local_lock(struct local_irq_lock *lv) ++{ ++ if (lv->owner != current) { ++ spin_lock_local(&lv->lock); ++ LL_WARN(lv->owner); ++ LL_WARN(lv->nestcnt); ++ lv->owner = current; ++ } ++ lv->nestcnt++; ++} ++ ++#define local_lock(lvar) \ ++ do { __local_lock(&get_local_var(lvar)); } while (0) ++ ++static inline int __local_trylock(struct local_irq_lock *lv) ++{ ++ if (lv->owner != current && spin_trylock_local(&lv->lock)) { ++ LL_WARN(lv->owner); ++ LL_WARN(lv->nestcnt); ++ lv->owner = current; ++ lv->nestcnt = 1; ++ return 1; ++ } ++ return 0; ++} ++ ++#define local_trylock(lvar) \ ++ ({ \ ++ int __locked; \ ++ __locked = __local_trylock(&get_local_var(lvar)); \ ++ if (!__locked) \ ++ put_local_var(lvar); \ ++ __locked; \ ++ }) ++ ++static inline void __local_unlock(struct local_irq_lock *lv) ++{ ++ LL_WARN(lv->nestcnt == 0); ++ LL_WARN(lv->owner != current); ++ if (--lv->nestcnt) ++ return; ++ ++ lv->owner = NULL; ++ spin_unlock_local(&lv->lock); ++} ++ ++#define local_unlock(lvar) \ ++ do { \ ++ __local_unlock(&__get_cpu_var(lvar)); \ ++ put_local_var(lvar); \ ++ } while (0) ++ ++static inline void __local_lock_irq(struct local_irq_lock *lv) ++{ ++ spin_lock_irqsave(&lv->lock, lv->flags); ++ LL_WARN(lv->owner); ++ LL_WARN(lv->nestcnt); ++ lv->owner = current; ++ lv->nestcnt = 1; ++} ++ ++#define local_lock_irq(lvar) \ ++ do { __local_lock_irq(&get_local_var(lvar)); } while (0) ++ ++#define local_lock_irq_on(lvar, cpu) \ ++ do { __local_lock_irq(&per_cpu(lvar, cpu)); } while (0) ++ ++static inline void __local_unlock_irq(struct local_irq_lock *lv) ++{ ++ LL_WARN(!lv->nestcnt); ++ LL_WARN(lv->owner != current); ++ lv->owner = NULL; ++ lv->nestcnt = 0; ++ spin_unlock_irq(&lv->lock); ++} ++ ++#define local_unlock_irq(lvar) \ ++ do { \ ++ __local_unlock_irq(&__get_cpu_var(lvar)); \ ++ put_local_var(lvar); \ ++ } while (0) ++ ++#define local_unlock_irq_on(lvar, cpu) \ ++ do { \ ++ __local_unlock_irq(&per_cpu(lvar, cpu)); \ ++ } while (0) ++ ++static inline int __local_lock_irqsave(struct local_irq_lock *lv) ++{ ++ if (lv->owner != current) { ++ __local_lock_irq(lv); ++ return 0; ++ } else { ++ lv->nestcnt++; ++ return 1; ++ } ++} ++ ++#define local_lock_irqsave(lvar, _flags) \ ++ do { \ ++ if (__local_lock_irqsave(&get_local_var(lvar))) \ ++ put_local_var(lvar); \ ++ _flags = __get_cpu_var(lvar).flags; \ ++ } while (0) ++ ++#define local_lock_irqsave_on(lvar, _flags, cpu) \ ++ do { \ ++ __local_lock_irqsave(&per_cpu(lvar, cpu)); \ ++ _flags = per_cpu(lvar, cpu).flags; \ ++ } while (0) ++ ++static inline int __local_unlock_irqrestore(struct local_irq_lock *lv, ++ unsigned long flags) ++{ ++ LL_WARN(!lv->nestcnt); ++ LL_WARN(lv->owner != current); ++ if (--lv->nestcnt) ++ return 0; ++ ++ lv->owner = NULL; ++ spin_unlock_irqrestore(&lv->lock, lv->flags); ++ return 1; ++} ++ ++#define local_unlock_irqrestore(lvar, flags) \ ++ do { \ ++ if (__local_unlock_irqrestore(&__get_cpu_var(lvar), flags)) \ ++ put_local_var(lvar); \ ++ } while (0) ++ ++#define local_unlock_irqrestore_on(lvar, flags, cpu) \ ++ do { \ ++ __local_unlock_irqrestore(&per_cpu(lvar, cpu), flags); \ ++ } while (0) ++ ++#define local_spin_trylock_irq(lvar, lock) \ ++ ({ \ ++ int __locked; \ ++ local_lock_irq(lvar); \ ++ __locked = spin_trylock(lock); \ ++ if (!__locked) \ ++ local_unlock_irq(lvar); \ ++ __locked; \ ++ }) ++ ++#define local_spin_lock_irq(lvar, lock) \ ++ do { \ ++ local_lock_irq(lvar); \ ++ spin_lock(lock); \ ++ } while (0) ++ ++#define local_spin_unlock_irq(lvar, lock) \ ++ do { \ ++ spin_unlock(lock); \ ++ local_unlock_irq(lvar); \ ++ } while (0) ++ ++#define local_spin_lock_irqsave(lvar, lock, flags) \ ++ do { \ ++ local_lock_irqsave(lvar, flags); \ ++ spin_lock(lock); \ ++ } while (0) ++ ++#define local_spin_unlock_irqrestore(lvar, lock, flags) \ ++ do { \ ++ spin_unlock(lock); \ ++ local_unlock_irqrestore(lvar, flags); \ ++ } while (0) ++ ++#define get_locked_var(lvar, var) \ ++ (*({ \ ++ local_lock(lvar); \ ++ &__get_cpu_var(var); \ ++ })) ++ ++#define put_locked_var(lvar, var) local_unlock(lvar); ++ ++#define local_lock_cpu(lvar) \ ++ ({ \ ++ local_lock(lvar); \ ++ smp_processor_id(); \ ++ }) ++ ++#define local_unlock_cpu(lvar) local_unlock(lvar) ++ ++#else /* PREEMPT_RT_BASE */ ++ ++#define DEFINE_LOCAL_IRQ_LOCK(lvar) __typeof__(const int) lvar ++#define DECLARE_LOCAL_IRQ_LOCK(lvar) extern __typeof__(const int) lvar ++ ++static inline void local_irq_lock_init(int lvar) { } ++ ++#define local_lock(lvar) preempt_disable() ++#define local_unlock(lvar) preempt_enable() ++#define local_lock_irq(lvar) local_irq_disable() ++#define local_unlock_irq(lvar) local_irq_enable() ++#define local_lock_irqsave(lvar, flags) local_irq_save(flags) ++#define local_unlock_irqrestore(lvar, flags) local_irq_restore(flags) ++ ++#define local_spin_trylock_irq(lvar, lock) spin_trylock_irq(lock) ++#define local_spin_lock_irq(lvar, lock) spin_lock_irq(lock) ++#define local_spin_unlock_irq(lvar, lock) spin_unlock_irq(lock) ++#define local_spin_lock_irqsave(lvar, lock, flags) \ ++ spin_lock_irqsave(lock, flags) ++#define local_spin_unlock_irqrestore(lvar, lock, flags) \ ++ spin_unlock_irqrestore(lock, flags) ++ ++#define get_locked_var(lvar, var) get_cpu_var(var) ++#define put_locked_var(lvar, var) put_cpu_var(var) ++ ++#define local_lock_cpu(lvar) get_cpu() ++#define local_unlock_cpu(lvar) put_cpu() ++ ++#endif ++ ++#endif +diff -Nur linux-3.18.9.orig/include/linux/mm_types.h linux-3.18.9/include/linux/mm_types.h +--- linux-3.18.9.orig/include/linux/mm_types.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/mm_types.h 2015-03-15 16:03:03.808094874 -0500 +@@ -11,6 +11,7 @@ + #include <linux/completion.h> + #include <linux/cpumask.h> + #include <linux/page-debug-flags.h> ++#include <linux/rcupdate.h> + #include <linux/uprobes.h> + #include <linux/page-flags-layout.h> + #include <asm/page.h> +@@ -454,6 +455,9 @@ + bool tlb_flush_pending; + #endif + struct uprobes_state uprobes_state; ++#ifdef CONFIG_PREEMPT_RT_BASE ++ struct rcu_head delayed_drop; ++#endif + }; + + static inline void mm_init_cpumask(struct mm_struct *mm) +diff -Nur linux-3.18.9.orig/include/linux/mutex.h linux-3.18.9/include/linux/mutex.h +--- linux-3.18.9.orig/include/linux/mutex.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/mutex.h 2015-03-15 16:03:03.808094874 -0500 +@@ -19,6 +19,17 @@ + #include <asm/processor.h> + #include <linux/osq_lock.h> + ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++# define __DEP_MAP_MUTEX_INITIALIZER(lockname) \ ++ , .dep_map = { .name = #lockname } ++#else ++# define __DEP_MAP_MUTEX_INITIALIZER(lockname) ++#endif ++ ++#ifdef CONFIG_PREEMPT_RT_FULL ++# include <linux/mutex_rt.h> ++#else ++ + /* + * Simple, straightforward mutexes with strict semantics: + * +@@ -100,13 +111,6 @@ + static inline void mutex_destroy(struct mutex *lock) {} + #endif + +-#ifdef CONFIG_DEBUG_LOCK_ALLOC +-# define __DEP_MAP_MUTEX_INITIALIZER(lockname) \ +- , .dep_map = { .name = #lockname } +-#else +-# define __DEP_MAP_MUTEX_INITIALIZER(lockname) +-#endif +- + #define __MUTEX_INITIALIZER(lockname) \ + { .count = ATOMIC_INIT(1) \ + , .wait_lock = __SPIN_LOCK_UNLOCKED(lockname.wait_lock) \ +@@ -174,6 +178,8 @@ + extern int mutex_trylock(struct mutex *lock); + extern void mutex_unlock(struct mutex *lock); + ++#endif /* !PREEMPT_RT_FULL */ ++ + extern int atomic_dec_and_mutex_lock(atomic_t *cnt, struct mutex *lock); + + #endif /* __LINUX_MUTEX_H */ +diff -Nur linux-3.18.9.orig/include/linux/mutex_rt.h linux-3.18.9/include/linux/mutex_rt.h +--- linux-3.18.9.orig/include/linux/mutex_rt.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/linux/mutex_rt.h 2015-03-15 16:03:03.808094874 -0500 +@@ -0,0 +1,84 @@ ++#ifndef __LINUX_MUTEX_RT_H ++#define __LINUX_MUTEX_RT_H ++ ++#ifndef __LINUX_MUTEX_H ++#error "Please include mutex.h" ++#endif ++ ++#include <linux/rtmutex.h> ++ ++/* FIXME: Just for __lockfunc */ ++#include <linux/spinlock.h> ++ ++struct mutex { ++ struct rt_mutex lock; ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++ struct lockdep_map dep_map; ++#endif ++}; ++ ++#define __MUTEX_INITIALIZER(mutexname) \ ++ { \ ++ .lock = __RT_MUTEX_INITIALIZER(mutexname.lock) \ ++ __DEP_MAP_MUTEX_INITIALIZER(mutexname) \ ++ } ++ ++#define DEFINE_MUTEX(mutexname) \ ++ struct mutex mutexname = __MUTEX_INITIALIZER(mutexname) ++ ++extern void __mutex_do_init(struct mutex *lock, const char *name, struct lock_class_key *key); ++extern void __lockfunc _mutex_lock(struct mutex *lock); ++extern int __lockfunc _mutex_lock_interruptible(struct mutex *lock); ++extern int __lockfunc _mutex_lock_killable(struct mutex *lock); ++extern void __lockfunc _mutex_lock_nested(struct mutex *lock, int subclass); ++extern void __lockfunc _mutex_lock_nest_lock(struct mutex *lock, struct lockdep_map *nest_lock); ++extern int __lockfunc _mutex_lock_interruptible_nested(struct mutex *lock, int subclass); ++extern int __lockfunc _mutex_lock_killable_nested(struct mutex *lock, int subclass); ++extern int __lockfunc _mutex_trylock(struct mutex *lock); ++extern void __lockfunc _mutex_unlock(struct mutex *lock); ++ ++#define mutex_is_locked(l) rt_mutex_is_locked(&(l)->lock) ++#define mutex_lock(l) _mutex_lock(l) ++#define mutex_lock_interruptible(l) _mutex_lock_interruptible(l) ++#define mutex_lock_killable(l) _mutex_lock_killable(l) ++#define mutex_trylock(l) _mutex_trylock(l) ++#define mutex_unlock(l) _mutex_unlock(l) ++#define mutex_destroy(l) rt_mutex_destroy(&(l)->lock) ++ ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++# define mutex_lock_nested(l, s) _mutex_lock_nested(l, s) ++# define mutex_lock_interruptible_nested(l, s) \ ++ _mutex_lock_interruptible_nested(l, s) ++# define mutex_lock_killable_nested(l, s) \ ++ _mutex_lock_killable_nested(l, s) ++ ++# define mutex_lock_nest_lock(lock, nest_lock) \ ++do { \ ++ typecheck(struct lockdep_map *, &(nest_lock)->dep_map); \ ++ _mutex_lock_nest_lock(lock, &(nest_lock)->dep_map); \ ++} while (0) ++ ++#else ++# define mutex_lock_nested(l, s) _mutex_lock(l) ++# define mutex_lock_interruptible_nested(l, s) \ ++ _mutex_lock_interruptible(l) ++# define mutex_lock_killable_nested(l, s) \ ++ _mutex_lock_killable(l) ++# define mutex_lock_nest_lock(lock, nest_lock) mutex_lock(lock) ++#endif ++ ++# define mutex_init(mutex) \ ++do { \ ++ static struct lock_class_key __key; \ ++ \ ++ rt_mutex_init(&(mutex)->lock); \ ++ __mutex_do_init((mutex), #mutex, &__key); \ ++} while (0) ++ ++# define __mutex_init(mutex, name, key) \ ++do { \ ++ rt_mutex_init(&(mutex)->lock); \ ++ __mutex_do_init((mutex), name, key); \ ++} while (0) ++ ++#endif +diff -Nur linux-3.18.9.orig/include/linux/netdevice.h linux-3.18.9/include/linux/netdevice.h +--- linux-3.18.9.orig/include/linux/netdevice.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/netdevice.h 2015-03-15 16:03:03.808094874 -0500 +@@ -2345,6 +2345,7 @@ + unsigned int dropped; + struct sk_buff_head input_pkt_queue; + struct napi_struct backlog; ++ struct sk_buff_head tofree_queue; + + #ifdef CONFIG_NET_FLOW_LIMIT + struct sd_flow_limit __rcu *flow_limit; +diff -Nur linux-3.18.9.orig/include/linux/netfilter/x_tables.h linux-3.18.9/include/linux/netfilter/x_tables.h +--- linux-3.18.9.orig/include/linux/netfilter/x_tables.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/netfilter/x_tables.h 2015-03-15 16:03:03.808094874 -0500 +@@ -3,6 +3,7 @@ + + + #include <linux/netdevice.h> ++#include <linux/locallock.h> + #include <uapi/linux/netfilter/x_tables.h> + + /** +@@ -282,6 +283,8 @@ + */ + DECLARE_PER_CPU(seqcount_t, xt_recseq); + ++DECLARE_LOCAL_IRQ_LOCK(xt_write_lock); ++ + /** + * xt_write_recseq_begin - start of a write section + * +@@ -296,6 +299,9 @@ + { + unsigned int addend; + ++ /* RT protection */ ++ local_lock(xt_write_lock); ++ + /* + * Low order bit of sequence is set if we already + * called xt_write_recseq_begin(). +@@ -326,6 +332,7 @@ + /* this is kind of a write_seqcount_end(), but addend is 0 or 1 */ + smp_wmb(); + __this_cpu_add(xt_recseq.sequence, addend); ++ local_unlock(xt_write_lock); + } + + /* +diff -Nur linux-3.18.9.orig/include/linux/notifier.h linux-3.18.9/include/linux/notifier.h +--- linux-3.18.9.orig/include/linux/notifier.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/notifier.h 2015-03-15 16:03:03.808094874 -0500 +@@ -6,7 +6,7 @@ + * + * Alan Cox <Alan.Cox@linux.org> + */ +- ++ + #ifndef _LINUX_NOTIFIER_H + #define _LINUX_NOTIFIER_H + #include <linux/errno.h> +@@ -42,9 +42,7 @@ + * in srcu_notifier_call_chain(): no cache bounces and no memory barriers. + * As compensation, srcu_notifier_chain_unregister() is rather expensive. + * SRCU notifier chains should be used when the chain will be called very +- * often but notifier_blocks will seldom be removed. Also, SRCU notifier +- * chains are slightly more difficult to use because they require special +- * runtime initialization. ++ * often but notifier_blocks will seldom be removed. + */ + + typedef int (*notifier_fn_t)(struct notifier_block *nb, +@@ -88,7 +86,7 @@ + (name)->head = NULL; \ + } while (0) + +-/* srcu_notifier_heads must be initialized and cleaned up dynamically */ ++/* srcu_notifier_heads must be cleaned up dynamically */ + extern void srcu_init_notifier_head(struct srcu_notifier_head *nh); + #define srcu_cleanup_notifier_head(name) \ + cleanup_srcu_struct(&(name)->srcu); +@@ -101,7 +99,13 @@ + .head = NULL } + #define RAW_NOTIFIER_INIT(name) { \ + .head = NULL } +-/* srcu_notifier_heads cannot be initialized statically */ ++ ++#define SRCU_NOTIFIER_INIT(name, pcpu) \ ++ { \ ++ .mutex = __MUTEX_INITIALIZER(name.mutex), \ ++ .head = NULL, \ ++ .srcu = __SRCU_STRUCT_INIT(name.srcu, pcpu), \ ++ } + + #define ATOMIC_NOTIFIER_HEAD(name) \ + struct atomic_notifier_head name = \ +@@ -113,6 +117,18 @@ + struct raw_notifier_head name = \ + RAW_NOTIFIER_INIT(name) + ++#define _SRCU_NOTIFIER_HEAD(name, mod) \ ++ static DEFINE_PER_CPU(struct srcu_struct_array, \ ++ name##_head_srcu_array); \ ++ mod struct srcu_notifier_head name = \ ++ SRCU_NOTIFIER_INIT(name, name##_head_srcu_array) ++ ++#define SRCU_NOTIFIER_HEAD(name) \ ++ _SRCU_NOTIFIER_HEAD(name, ) ++ ++#define SRCU_NOTIFIER_HEAD_STATIC(name) \ ++ _SRCU_NOTIFIER_HEAD(name, static) ++ + #ifdef __KERNEL__ + + extern int atomic_notifier_chain_register(struct atomic_notifier_head *nh, +@@ -182,12 +198,12 @@ + + /* + * Declared notifiers so far. I can imagine quite a few more chains +- * over time (eg laptop power reset chains, reboot chain (to clean ++ * over time (eg laptop power reset chains, reboot chain (to clean + * device units up), device [un]mount chain, module load/unload chain, +- * low memory chain, screenblank chain (for plug in modular screenblankers) ++ * low memory chain, screenblank chain (for plug in modular screenblankers) + * VC switch chains (for loadable kernel svgalib VC switch helpers) etc... + */ +- ++ + /* CPU notfiers are defined in include/linux/cpu.h. */ + + /* netdevice notifiers are defined in include/linux/netdevice.h */ +diff -Nur linux-3.18.9.orig/include/linux/percpu.h linux-3.18.9/include/linux/percpu.h +--- linux-3.18.9.orig/include/linux/percpu.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/percpu.h 2015-03-15 16:03:03.808094874 -0500 +@@ -23,6 +23,35 @@ + PERCPU_MODULE_RESERVE) + #endif + ++#ifdef CONFIG_PREEMPT_RT_FULL ++ ++#define get_local_var(var) (*({ \ ++ migrate_disable(); \ ++ &__get_cpu_var(var); })) ++ ++#define put_local_var(var) do { \ ++ (void)&(var); \ ++ migrate_enable(); \ ++} while (0) ++ ++# define get_local_ptr(var) ({ \ ++ migrate_disable(); \ ++ this_cpu_ptr(var); }) ++ ++# define put_local_ptr(var) do { \ ++ (void)(var); \ ++ migrate_enable(); \ ++} while (0) ++ ++#else ++ ++#define get_local_var(var) get_cpu_var(var) ++#define put_local_var(var) put_cpu_var(var) ++#define get_local_ptr(var) get_cpu_ptr(var) ++#define put_local_ptr(var) put_cpu_ptr(var) ++ ++#endif ++ + /* minimum unit size, also is the maximum supported allocation size */ + #define PCPU_MIN_UNIT_SIZE PFN_ALIGN(32 << 10) + +diff -Nur linux-3.18.9.orig/include/linux/pid.h linux-3.18.9/include/linux/pid.h +--- linux-3.18.9.orig/include/linux/pid.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/pid.h 2015-03-15 16:03:03.808094874 -0500 +@@ -2,6 +2,7 @@ + #define _LINUX_PID_H + + #include <linux/rcupdate.h> ++#include <linux/atomic.h> + + enum pid_type + { +diff -Nur linux-3.18.9.orig/include/linux/preempt.h linux-3.18.9/include/linux/preempt.h +--- linux-3.18.9.orig/include/linux/preempt.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/preempt.h 2015-03-15 16:03:03.808094874 -0500 +@@ -33,6 +33,20 @@ + #define preempt_count_inc() preempt_count_add(1) + #define preempt_count_dec() preempt_count_sub(1) + ++#ifdef CONFIG_PREEMPT_LAZY ++#define add_preempt_lazy_count(val) do { preempt_lazy_count() += (val); } while (0) ++#define sub_preempt_lazy_count(val) do { preempt_lazy_count() -= (val); } while (0) ++#define inc_preempt_lazy_count() add_preempt_lazy_count(1) ++#define dec_preempt_lazy_count() sub_preempt_lazy_count(1) ++#define preempt_lazy_count() (current_thread_info()->preempt_lazy_count) ++#else ++#define add_preempt_lazy_count(val) do { } while (0) ++#define sub_preempt_lazy_count(val) do { } while (0) ++#define inc_preempt_lazy_count() do { } while (0) ++#define dec_preempt_lazy_count() do { } while (0) ++#define preempt_lazy_count() (0) ++#endif ++ + #ifdef CONFIG_PREEMPT_COUNT + + #define preempt_disable() \ +@@ -41,13 +55,25 @@ + barrier(); \ + } while (0) + ++#define preempt_lazy_disable() \ ++do { \ ++ inc_preempt_lazy_count(); \ ++ barrier(); \ ++} while (0) ++ + #define sched_preempt_enable_no_resched() \ + do { \ + barrier(); \ + preempt_count_dec(); \ + } while (0) + +-#define preempt_enable_no_resched() sched_preempt_enable_no_resched() ++#ifdef CONFIG_PREEMPT_RT_BASE ++# define preempt_enable_no_resched() sched_preempt_enable_no_resched() ++# define preempt_check_resched_rt() preempt_check_resched() ++#else ++# define preempt_enable_no_resched() preempt_enable() ++# define preempt_check_resched_rt() barrier(); ++#endif + + #ifdef CONFIG_PREEMPT + #define preempt_enable() \ +@@ -63,6 +89,13 @@ + __preempt_schedule(); \ + } while (0) + ++#define preempt_lazy_enable() \ ++do { \ ++ dec_preempt_lazy_count(); \ ++ barrier(); \ ++ preempt_check_resched(); \ ++} while (0) ++ + #else + #define preempt_enable() \ + do { \ +@@ -121,6 +154,7 @@ + #define preempt_disable_notrace() barrier() + #define preempt_enable_no_resched_notrace() barrier() + #define preempt_enable_notrace() barrier() ++#define preempt_check_resched_rt() barrier() + + #endif /* CONFIG_PREEMPT_COUNT */ + +@@ -140,10 +174,31 @@ + } while (0) + #define preempt_fold_need_resched() \ + do { \ +- if (tif_need_resched()) \ ++ if (tif_need_resched_now()) \ + set_preempt_need_resched(); \ + } while (0) + ++#ifdef CONFIG_PREEMPT_RT_FULL ++# define preempt_disable_rt() preempt_disable() ++# define preempt_enable_rt() preempt_enable() ++# define preempt_disable_nort() barrier() ++# define preempt_enable_nort() barrier() ++# ifdef CONFIG_SMP ++ extern void migrate_disable(void); ++ extern void migrate_enable(void); ++# else /* CONFIG_SMP */ ++# define migrate_disable() barrier() ++# define migrate_enable() barrier() ++# endif /* CONFIG_SMP */ ++#else ++# define preempt_disable_rt() barrier() ++# define preempt_enable_rt() barrier() ++# define preempt_disable_nort() preempt_disable() ++# define preempt_enable_nort() preempt_enable() ++# define migrate_disable() preempt_disable() ++# define migrate_enable() preempt_enable() ++#endif ++ + #ifdef CONFIG_PREEMPT_NOTIFIERS + + struct preempt_notifier; +diff -Nur linux-3.18.9.orig/include/linux/preempt_mask.h linux-3.18.9/include/linux/preempt_mask.h +--- linux-3.18.9.orig/include/linux/preempt_mask.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/preempt_mask.h 2015-03-15 16:03:03.808094874 -0500 +@@ -44,16 +44,26 @@ + #define HARDIRQ_OFFSET (1UL << HARDIRQ_SHIFT) + #define NMI_OFFSET (1UL << NMI_SHIFT) + +-#define SOFTIRQ_DISABLE_OFFSET (2 * SOFTIRQ_OFFSET) ++#ifndef CONFIG_PREEMPT_RT_FULL ++# define SOFTIRQ_DISABLE_OFFSET (2 * SOFTIRQ_OFFSET) ++#else ++# define SOFTIRQ_DISABLE_OFFSET (0) ++#endif + + #define PREEMPT_ACTIVE_BITS 1 + #define PREEMPT_ACTIVE_SHIFT (NMI_SHIFT + NMI_BITS) + #define PREEMPT_ACTIVE (__IRQ_MASK(PREEMPT_ACTIVE_BITS) << PREEMPT_ACTIVE_SHIFT) + + #define hardirq_count() (preempt_count() & HARDIRQ_MASK) +-#define softirq_count() (preempt_count() & SOFTIRQ_MASK) + #define irq_count() (preempt_count() & (HARDIRQ_MASK | SOFTIRQ_MASK \ + | NMI_MASK)) ++#ifndef CONFIG_PREEMPT_RT_FULL ++# define softirq_count() (preempt_count() & SOFTIRQ_MASK) ++# define in_serving_softirq() (softirq_count() & SOFTIRQ_OFFSET) ++#else ++# define softirq_count() (0UL) ++extern int in_serving_softirq(void); ++#endif + + /* + * Are we doing bottom half or hardware interrupt processing? +@@ -64,7 +74,6 @@ + #define in_irq() (hardirq_count()) + #define in_softirq() (softirq_count()) + #define in_interrupt() (irq_count()) +-#define in_serving_softirq() (softirq_count() & SOFTIRQ_OFFSET) + + /* + * Are we in NMI context? +diff -Nur linux-3.18.9.orig/include/linux/printk.h linux-3.18.9/include/linux/printk.h +--- linux-3.18.9.orig/include/linux/printk.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/printk.h 2015-03-15 16:03:03.808094874 -0500 +@@ -119,9 +119,11 @@ + extern asmlinkage __printf(1, 2) + void early_printk(const char *fmt, ...); + void early_vprintk(const char *fmt, va_list ap); ++extern void printk_kill(void); + #else + static inline __printf(1, 2) __cold + void early_printk(const char *s, ...) { } ++static inline void printk_kill(void) { } + #endif + + #ifdef CONFIG_PRINTK +@@ -155,7 +157,6 @@ + #define printk_ratelimit() __printk_ratelimit(__func__) + extern bool printk_timed_ratelimit(unsigned long *caller_jiffies, + unsigned int interval_msec); +- + extern int printk_delay_msec; + extern int dmesg_restrict; + extern int kptr_restrict; +diff -Nur linux-3.18.9.orig/include/linux/radix-tree.h linux-3.18.9/include/linux/radix-tree.h +--- linux-3.18.9.orig/include/linux/radix-tree.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/radix-tree.h 2015-03-15 16:03:03.808094874 -0500 +@@ -277,8 +277,13 @@ + unsigned int radix_tree_gang_lookup_slot(struct radix_tree_root *root, + void ***results, unsigned long *indices, + unsigned long first_index, unsigned int max_items); ++#ifndef CONFIG_PREEMPT_RT_FULL + int radix_tree_preload(gfp_t gfp_mask); + int radix_tree_maybe_preload(gfp_t gfp_mask); ++#else ++static inline int radix_tree_preload(gfp_t gm) { return 0; } ++static inline int radix_tree_maybe_preload(gfp_t gfp_mask) { return 0; } ++#endif + void radix_tree_init(void); + void *radix_tree_tag_set(struct radix_tree_root *root, + unsigned long index, unsigned int tag); +@@ -303,7 +308,7 @@ + + static inline void radix_tree_preload_end(void) + { +- preempt_enable(); ++ preempt_enable_nort(); + } + + /** +diff -Nur linux-3.18.9.orig/include/linux/random.h linux-3.18.9/include/linux/random.h +--- linux-3.18.9.orig/include/linux/random.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/random.h 2015-03-15 16:03:03.808094874 -0500 +@@ -11,7 +11,7 @@ + extern void add_device_randomness(const void *, unsigned int); + extern void add_input_randomness(unsigned int type, unsigned int code, + unsigned int value); +-extern void add_interrupt_randomness(int irq, int irq_flags); ++extern void add_interrupt_randomness(int irq, int irq_flags, __u64 ip); + + extern void get_random_bytes(void *buf, int nbytes); + extern void get_random_bytes_arch(void *buf, int nbytes); +diff -Nur linux-3.18.9.orig/include/linux/rcupdate.h linux-3.18.9/include/linux/rcupdate.h +--- linux-3.18.9.orig/include/linux/rcupdate.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/rcupdate.h 2015-03-15 16:03:03.812094874 -0500 +@@ -147,6 +147,9 @@ + + #endif /* #else #ifdef CONFIG_PREEMPT_RCU */ + ++#ifdef CONFIG_PREEMPT_RT_FULL ++#define call_rcu_bh call_rcu ++#else + /** + * call_rcu_bh() - Queue an RCU for invocation after a quicker grace period. + * @head: structure to be used for queueing the RCU updates. +@@ -170,6 +173,7 @@ + */ + void call_rcu_bh(struct rcu_head *head, + void (*func)(struct rcu_head *head)); ++#endif + + /** + * call_rcu_sched() - Queue an RCU for invocation after sched grace period. +@@ -231,6 +235,11 @@ + * types of kernel builds, the rcu_read_lock() nesting depth is unknowable. + */ + #define rcu_preempt_depth() (current->rcu_read_lock_nesting) ++#ifndef CONFIG_PREEMPT_RT_FULL ++#define sched_rcu_preempt_depth() rcu_preempt_depth() ++#else ++static inline int sched_rcu_preempt_depth(void) { return 0; } ++#endif + + #else /* #ifdef CONFIG_PREEMPT_RCU */ + +@@ -254,6 +263,8 @@ + return 0; + } + ++#define sched_rcu_preempt_depth() rcu_preempt_depth() ++ + #endif /* #else #ifdef CONFIG_PREEMPT_RCU */ + + /* Internal to kernel */ +@@ -430,7 +441,14 @@ + int debug_lockdep_rcu_enabled(void); + + int rcu_read_lock_held(void); ++#ifdef CONFIG_PREEMPT_RT_FULL ++static inline int rcu_read_lock_bh_held(void) ++{ ++ return rcu_read_lock_held(); ++} ++#else + int rcu_read_lock_bh_held(void); ++#endif + + /** + * rcu_read_lock_sched_held() - might we be in RCU-sched read-side critical section? +@@ -955,10 +973,14 @@ + static inline void rcu_read_lock_bh(void) + { + local_bh_disable(); ++#ifdef CONFIG_PREEMPT_RT_FULL ++ rcu_read_lock(); ++#else + __acquire(RCU_BH); + rcu_lock_acquire(&rcu_bh_lock_map); + rcu_lockdep_assert(rcu_is_watching(), + "rcu_read_lock_bh() used illegally while idle"); ++#endif + } + + /* +@@ -968,10 +990,14 @@ + */ + static inline void rcu_read_unlock_bh(void) + { ++#ifdef CONFIG_PREEMPT_RT_FULL ++ rcu_read_unlock(); ++#else + rcu_lockdep_assert(rcu_is_watching(), + "rcu_read_unlock_bh() used illegally while idle"); + rcu_lock_release(&rcu_bh_lock_map); + __release(RCU_BH); ++#endif + local_bh_enable(); + } + +diff -Nur linux-3.18.9.orig/include/linux/rcutree.h linux-3.18.9/include/linux/rcutree.h +--- linux-3.18.9.orig/include/linux/rcutree.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/rcutree.h 2015-03-15 16:03:03.812094874 -0500 +@@ -46,7 +46,11 @@ + rcu_note_context_switch(cpu); + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++# define synchronize_rcu_bh synchronize_rcu ++#else + void synchronize_rcu_bh(void); ++#endif + void synchronize_sched_expedited(void); + void synchronize_rcu_expedited(void); + +@@ -74,7 +78,11 @@ + } + + void rcu_barrier(void); ++#ifdef CONFIG_PREEMPT_RT_FULL ++# define rcu_barrier_bh rcu_barrier ++#else + void rcu_barrier_bh(void); ++#endif + void rcu_barrier_sched(void); + unsigned long get_state_synchronize_rcu(void); + void cond_synchronize_rcu(unsigned long oldstate); +@@ -82,12 +90,10 @@ + extern unsigned long rcutorture_testseq; + extern unsigned long rcutorture_vernum; + long rcu_batches_completed(void); +-long rcu_batches_completed_bh(void); + long rcu_batches_completed_sched(void); + void show_rcu_gp_kthreads(void); + + void rcu_force_quiescent_state(void); +-void rcu_bh_force_quiescent_state(void); + void rcu_sched_force_quiescent_state(void); + + void exit_rcu(void); +@@ -97,4 +103,12 @@ + + bool rcu_is_watching(void); + ++#ifndef CONFIG_PREEMPT_RT_FULL ++void rcu_bh_force_quiescent_state(void); ++long rcu_batches_completed_bh(void); ++#else ++# define rcu_bh_force_quiescent_state rcu_force_quiescent_state ++# define rcu_batches_completed_bh rcu_batches_completed ++#endif ++ + #endif /* __LINUX_RCUTREE_H */ +diff -Nur linux-3.18.9.orig/include/linux/rtmutex.h linux-3.18.9/include/linux/rtmutex.h +--- linux-3.18.9.orig/include/linux/rtmutex.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/rtmutex.h 2015-03-15 16:03:03.812094874 -0500 +@@ -14,10 +14,14 @@ + + #include <linux/linkage.h> + #include <linux/rbtree.h> +-#include <linux/spinlock_types.h> ++#include <linux/spinlock_types_raw.h> + + extern int max_lock_depth; /* for sysctl */ + ++#ifdef CONFIG_DEBUG_MUTEXES ++#include <linux/debug_locks.h> ++#endif ++ + /** + * The rt_mutex structure + * +@@ -31,8 +35,8 @@ + struct rb_root waiters; + struct rb_node *waiters_leftmost; + struct task_struct *owner; +-#ifdef CONFIG_DEBUG_RT_MUTEXES + int save_state; ++#ifdef CONFIG_DEBUG_RT_MUTEXES + const char *name, *file; + int line; + void *magic; +@@ -55,22 +59,33 @@ + # define rt_mutex_debug_check_no_locks_held(task) do { } while (0) + #endif + ++# define rt_mutex_init(mutex) \ ++ do { \ ++ raw_spin_lock_init(&(mutex)->wait_lock); \ ++ __rt_mutex_init(mutex, #mutex); \ ++ } while (0) ++ + #ifdef CONFIG_DEBUG_RT_MUTEXES + # define __DEBUG_RT_MUTEX_INITIALIZER(mutexname) \ + , .name = #mutexname, .file = __FILE__, .line = __LINE__ +-# define rt_mutex_init(mutex) __rt_mutex_init(mutex, __func__) + extern void rt_mutex_debug_task_free(struct task_struct *tsk); + #else + # define __DEBUG_RT_MUTEX_INITIALIZER(mutexname) +-# define rt_mutex_init(mutex) __rt_mutex_init(mutex, NULL) + # define rt_mutex_debug_task_free(t) do { } while (0) + #endif + +-#define __RT_MUTEX_INITIALIZER(mutexname) \ +- { .wait_lock = __RAW_SPIN_LOCK_UNLOCKED(mutexname.wait_lock) \ ++#define __RT_MUTEX_INITIALIZER_PLAIN(mutexname) \ ++ .wait_lock = __RAW_SPIN_LOCK_UNLOCKED(mutexname.wait_lock) \ + , .waiters = RB_ROOT \ + , .owner = NULL \ +- __DEBUG_RT_MUTEX_INITIALIZER(mutexname)} ++ __DEBUG_RT_MUTEX_INITIALIZER(mutexname) ++ ++#define __RT_MUTEX_INITIALIZER(mutexname) \ ++ { __RT_MUTEX_INITIALIZER_PLAIN(mutexname) } ++ ++#define __RT_MUTEX_INITIALIZER_SAVE_STATE(mutexname) \ ++ { __RT_MUTEX_INITIALIZER_PLAIN(mutexname) \ ++ , .save_state = 1 } + + #define DEFINE_RT_MUTEX(mutexname) \ + struct rt_mutex mutexname = __RT_MUTEX_INITIALIZER(mutexname) +@@ -91,6 +106,7 @@ + + extern void rt_mutex_lock(struct rt_mutex *lock); + extern int rt_mutex_lock_interruptible(struct rt_mutex *lock); ++extern int rt_mutex_lock_killable(struct rt_mutex *lock); + extern int rt_mutex_timed_lock(struct rt_mutex *lock, + struct hrtimer_sleeper *timeout); + +diff -Nur linux-3.18.9.orig/include/linux/rwlock_rt.h linux-3.18.9/include/linux/rwlock_rt.h +--- linux-3.18.9.orig/include/linux/rwlock_rt.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/linux/rwlock_rt.h 2015-03-15 16:03:03.812094874 -0500 +@@ -0,0 +1,99 @@ ++#ifndef __LINUX_RWLOCK_RT_H ++#define __LINUX_RWLOCK_RT_H ++ ++#ifndef __LINUX_SPINLOCK_H ++#error Do not include directly. Use spinlock.h ++#endif ++ ++#define rwlock_init(rwl) \ ++do { \ ++ static struct lock_class_key __key; \ ++ \ ++ rt_mutex_init(&(rwl)->lock); \ ++ __rt_rwlock_init(rwl, #rwl, &__key); \ ++} while (0) ++ ++extern void __lockfunc rt_write_lock(rwlock_t *rwlock); ++extern void __lockfunc rt_read_lock(rwlock_t *rwlock); ++extern int __lockfunc rt_write_trylock(rwlock_t *rwlock); ++extern int __lockfunc rt_write_trylock_irqsave(rwlock_t *trylock, unsigned long *flags); ++extern int __lockfunc rt_read_trylock(rwlock_t *rwlock); ++extern void __lockfunc rt_write_unlock(rwlock_t *rwlock); ++extern void __lockfunc rt_read_unlock(rwlock_t *rwlock); ++extern unsigned long __lockfunc rt_write_lock_irqsave(rwlock_t *rwlock); ++extern unsigned long __lockfunc rt_read_lock_irqsave(rwlock_t *rwlock); ++extern void __rt_rwlock_init(rwlock_t *rwlock, char *name, struct lock_class_key *key); ++ ++#define read_trylock(lock) __cond_lock(lock, rt_read_trylock(lock)) ++#define write_trylock(lock) __cond_lock(lock, rt_write_trylock(lock)) ++ ++#define write_trylock_irqsave(lock, flags) \ ++ __cond_lock(lock, rt_write_trylock_irqsave(lock, &flags)) ++ ++#define read_lock_irqsave(lock, flags) \ ++ do { \ ++ typecheck(unsigned long, flags); \ ++ flags = rt_read_lock_irqsave(lock); \ ++ } while (0) ++ ++#define write_lock_irqsave(lock, flags) \ ++ do { \ ++ typecheck(unsigned long, flags); \ ++ flags = rt_write_lock_irqsave(lock); \ ++ } while (0) ++ ++#define read_lock(lock) rt_read_lock(lock) ++ ++#define read_lock_bh(lock) \ ++ do { \ ++ local_bh_disable(); \ ++ rt_read_lock(lock); \ ++ } while (0) ++ ++#define read_lock_irq(lock) read_lock(lock) ++ ++#define write_lock(lock) rt_write_lock(lock) ++ ++#define write_lock_bh(lock) \ ++ do { \ ++ local_bh_disable(); \ ++ rt_write_lock(lock); \ ++ } while (0) ++ ++#define write_lock_irq(lock) write_lock(lock) ++ ++#define read_unlock(lock) rt_read_unlock(lock) ++ ++#define read_unlock_bh(lock) \ ++ do { \ ++ rt_read_unlock(lock); \ ++ local_bh_enable(); \ ++ } while (0) ++ ++#define read_unlock_irq(lock) read_unlock(lock) ++ ++#define write_unlock(lock) rt_write_unlock(lock) ++ ++#define write_unlock_bh(lock) \ ++ do { \ ++ rt_write_unlock(lock); \ ++ local_bh_enable(); \ ++ } while (0) ++ ++#define write_unlock_irq(lock) write_unlock(lock) ++ ++#define read_unlock_irqrestore(lock, flags) \ ++ do { \ ++ typecheck(unsigned long, flags); \ ++ (void) flags; \ ++ rt_read_unlock(lock); \ ++ } while (0) ++ ++#define write_unlock_irqrestore(lock, flags) \ ++ do { \ ++ typecheck(unsigned long, flags); \ ++ (void) flags; \ ++ rt_write_unlock(lock); \ ++ } while (0) ++ ++#endif +diff -Nur linux-3.18.9.orig/include/linux/rwlock_types.h linux-3.18.9/include/linux/rwlock_types.h +--- linux-3.18.9.orig/include/linux/rwlock_types.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/rwlock_types.h 2015-03-15 16:03:03.812094874 -0500 +@@ -1,6 +1,10 @@ + #ifndef __LINUX_RWLOCK_TYPES_H + #define __LINUX_RWLOCK_TYPES_H + ++#if !defined(__LINUX_SPINLOCK_TYPES_H) ++# error "Do not include directly, include spinlock_types.h" ++#endif ++ + /* + * include/linux/rwlock_types.h - generic rwlock type definitions + * and initializers +@@ -43,6 +47,7 @@ + RW_DEP_MAP_INIT(lockname) } + #endif + +-#define DEFINE_RWLOCK(x) rwlock_t x = __RW_LOCK_UNLOCKED(x) ++#define DEFINE_RWLOCK(name) \ ++ rwlock_t name __cacheline_aligned_in_smp = __RW_LOCK_UNLOCKED(name) + + #endif /* __LINUX_RWLOCK_TYPES_H */ +diff -Nur linux-3.18.9.orig/include/linux/rwlock_types_rt.h linux-3.18.9/include/linux/rwlock_types_rt.h +--- linux-3.18.9.orig/include/linux/rwlock_types_rt.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/linux/rwlock_types_rt.h 2015-03-15 16:03:03.812094874 -0500 +@@ -0,0 +1,33 @@ ++#ifndef __LINUX_RWLOCK_TYPES_RT_H ++#define __LINUX_RWLOCK_TYPES_RT_H ++ ++#ifndef __LINUX_SPINLOCK_TYPES_H ++#error "Do not include directly. Include spinlock_types.h instead" ++#endif ++ ++/* ++ * rwlocks - rtmutex which allows single reader recursion ++ */ ++typedef struct { ++ struct rt_mutex lock; ++ int read_depth; ++ unsigned int break_lock; ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++ struct lockdep_map dep_map; ++#endif ++} rwlock_t; ++ ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++# define RW_DEP_MAP_INIT(lockname) .dep_map = { .name = #lockname } ++#else ++# define RW_DEP_MAP_INIT(lockname) ++#endif ++ ++#define __RW_LOCK_UNLOCKED(name) \ ++ { .lock = __RT_MUTEX_INITIALIZER_SAVE_STATE(name.lock), \ ++ RW_DEP_MAP_INIT(name) } ++ ++#define DEFINE_RWLOCK(name) \ ++ rwlock_t name __cacheline_aligned_in_smp = __RW_LOCK_UNLOCKED(name) ++ ++#endif +diff -Nur linux-3.18.9.orig/include/linux/rwsem.h linux-3.18.9/include/linux/rwsem.h +--- linux-3.18.9.orig/include/linux/rwsem.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/rwsem.h 2015-03-15 16:03:03.812094874 -0500 +@@ -18,6 +18,10 @@ + #include <linux/osq_lock.h> + #endif + ++#ifdef CONFIG_PREEMPT_RT_FULL ++#include <linux/rwsem_rt.h> ++#else /* PREEMPT_RT_FULL */ ++ + struct rw_semaphore; + + #ifdef CONFIG_RWSEM_GENERIC_SPINLOCK +@@ -177,4 +181,6 @@ + # define up_read_non_owner(sem) up_read(sem) + #endif + ++#endif /* !PREEMPT_RT_FULL */ ++ + #endif /* _LINUX_RWSEM_H */ +diff -Nur linux-3.18.9.orig/include/linux/rwsem_rt.h linux-3.18.9/include/linux/rwsem_rt.h +--- linux-3.18.9.orig/include/linux/rwsem_rt.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/linux/rwsem_rt.h 2015-03-15 16:03:03.812094874 -0500 +@@ -0,0 +1,133 @@ ++#ifndef _LINUX_RWSEM_RT_H ++#define _LINUX_RWSEM_RT_H ++ ++#ifndef _LINUX_RWSEM_H ++#error "Include rwsem.h" ++#endif ++ ++/* ++ * RW-semaphores are a spinlock plus a reader-depth count. ++ * ++ * Note that the semantics are different from the usual ++ * Linux rw-sems, in PREEMPT_RT mode we do not allow ++ * multiple readers to hold the lock at once, we only allow ++ * a read-lock owner to read-lock recursively. This is ++ * better for latency, makes the implementation inherently ++ * fair and makes it simpler as well. ++ */ ++ ++#include <linux/rtmutex.h> ++ ++struct rw_semaphore { ++ struct rt_mutex lock; ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++ struct lockdep_map dep_map; ++#endif ++}; ++ ++#define __RWSEM_INITIALIZER(name) \ ++ { .lock = __RT_MUTEX_INITIALIZER(name.lock), \ ++ RW_DEP_MAP_INIT(name) } ++ ++#define DECLARE_RWSEM(lockname) \ ++ struct rw_semaphore lockname = __RWSEM_INITIALIZER(lockname) ++ ++extern void __rt_rwsem_init(struct rw_semaphore *rwsem, const char *name, ++ struct lock_class_key *key); ++ ++#define __rt_init_rwsem(sem, name, key) \ ++ do { \ ++ rt_mutex_init(&(sem)->lock); \ ++ __rt_rwsem_init((sem), (name), (key));\ ++ } while (0) ++ ++#define __init_rwsem(sem, name, key) __rt_init_rwsem(sem, name, key) ++ ++# define rt_init_rwsem(sem) \ ++do { \ ++ static struct lock_class_key __key; \ ++ \ ++ __rt_init_rwsem((sem), #sem, &__key); \ ++} while (0) ++ ++extern void rt_down_write(struct rw_semaphore *rwsem); ++extern void rt_down_read_nested(struct rw_semaphore *rwsem, int subclass); ++extern void rt_down_write_nested(struct rw_semaphore *rwsem, int subclass); ++extern void rt_down_write_nested_lock(struct rw_semaphore *rwsem, ++ struct lockdep_map *nest); ++extern void rt_down_read(struct rw_semaphore *rwsem); ++extern int rt_down_write_trylock(struct rw_semaphore *rwsem); ++extern int rt_down_read_trylock(struct rw_semaphore *rwsem); ++extern void rt_up_read(struct rw_semaphore *rwsem); ++extern void rt_up_write(struct rw_semaphore *rwsem); ++extern void rt_downgrade_write(struct rw_semaphore *rwsem); ++ ++#define init_rwsem(sem) rt_init_rwsem(sem) ++#define rwsem_is_locked(s) rt_mutex_is_locked(&(s)->lock) ++ ++static inline int rwsem_is_contended(struct rw_semaphore *sem) ++{ ++ /* rt_mutex_has_waiters() */ ++ return !RB_EMPTY_ROOT(&sem->lock.waiters); ++} ++ ++static inline void down_read(struct rw_semaphore *sem) ++{ ++ rt_down_read(sem); ++} ++ ++static inline int down_read_trylock(struct rw_semaphore *sem) ++{ ++ return rt_down_read_trylock(sem); ++} ++ ++static inline void down_write(struct rw_semaphore *sem) ++{ ++ rt_down_write(sem); ++} ++ ++static inline int down_write_trylock(struct rw_semaphore *sem) ++{ ++ return rt_down_write_trylock(sem); ++} ++ ++static inline void up_read(struct rw_semaphore *sem) ++{ ++ rt_up_read(sem); ++} ++ ++static inline void up_write(struct rw_semaphore *sem) ++{ ++ rt_up_write(sem); ++} ++ ++static inline void downgrade_write(struct rw_semaphore *sem) ++{ ++ rt_downgrade_write(sem); ++} ++ ++static inline void down_read_nested(struct rw_semaphore *sem, int subclass) ++{ ++ return rt_down_read_nested(sem, subclass); ++} ++ ++static inline void down_write_nested(struct rw_semaphore *sem, int subclass) ++{ ++ rt_down_write_nested(sem, subclass); ++} ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++static inline void down_write_nest_lock(struct rw_semaphore *sem, ++ struct rw_semaphore *nest_lock) ++{ ++ rt_down_write_nested_lock(sem, &nest_lock->dep_map); ++} ++ ++#else ++ ++static inline void down_write_nest_lock(struct rw_semaphore *sem, ++ struct rw_semaphore *nest_lock) ++{ ++ rt_down_write_nested_lock(sem, NULL); ++} ++#endif ++#endif +diff -Nur linux-3.18.9.orig/include/linux/sched.h linux-3.18.9/include/linux/sched.h +--- linux-3.18.9.orig/include/linux/sched.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/sched.h 2015-03-15 16:03:03.812094874 -0500 +@@ -26,6 +26,7 @@ + #include <linux/nodemask.h> + #include <linux/mm_types.h> + #include <linux/preempt_mask.h> ++#include <asm/kmap_types.h> + + #include <asm/page.h> + #include <asm/ptrace.h> +@@ -56,6 +57,7 @@ + #include <linux/cred.h> + #include <linux/llist.h> + #include <linux/uidgid.h> ++#include <linux/hardirq.h> + #include <linux/gfp.h> + #include <linux/magic.h> + +@@ -235,10 +237,7 @@ + TASK_UNINTERRUPTIBLE | __TASK_STOPPED | \ + __TASK_TRACED | EXIT_ZOMBIE | EXIT_DEAD) + +-#define task_is_traced(task) ((task->state & __TASK_TRACED) != 0) + #define task_is_stopped(task) ((task->state & __TASK_STOPPED) != 0) +-#define task_is_stopped_or_traced(task) \ +- ((task->state & (__TASK_STOPPED | __TASK_TRACED)) != 0) + #define task_contributes_to_load(task) \ + ((task->state & TASK_UNINTERRUPTIBLE) != 0 && \ + (task->flags & PF_FROZEN) == 0) +@@ -1234,6 +1233,7 @@ + + struct task_struct { + volatile long state; /* -1 unrunnable, 0 runnable, >0 stopped */ ++ volatile long saved_state; /* saved state for "spinlock sleepers" */ + void *stack; + atomic_t usage; + unsigned int flags; /* per process flags, defined below */ +@@ -1270,6 +1270,12 @@ + #endif + + unsigned int policy; ++#ifdef CONFIG_PREEMPT_RT_FULL ++ int migrate_disable; ++# ifdef CONFIG_SCHED_DEBUG ++ int migrate_disable_atomic; ++# endif ++#endif + int nr_cpus_allowed; + cpumask_t cpus_allowed; + +@@ -1371,7 +1377,8 @@ + struct cputime prev_cputime; + #endif + #ifdef CONFIG_VIRT_CPU_ACCOUNTING_GEN +- seqlock_t vtime_seqlock; ++ raw_spinlock_t vtime_lock; ++ seqcount_t vtime_seq; + unsigned long long vtime_snap; + enum { + VTIME_SLEEPING = 0, +@@ -1387,6 +1394,9 @@ + + struct task_cputime cputime_expires; + struct list_head cpu_timers[3]; ++#ifdef CONFIG_PREEMPT_RT_BASE ++ struct task_struct *posix_timer_list; ++#endif + + /* process credentials */ + const struct cred __rcu *real_cred; /* objective and real subjective task +@@ -1419,10 +1429,15 @@ + /* signal handlers */ + struct signal_struct *signal; + struct sighand_struct *sighand; ++ struct sigqueue *sigqueue_cache; + + sigset_t blocked, real_blocked; + sigset_t saved_sigmask; /* restored if set_restore_sigmask() was used */ + struct sigpending pending; ++#ifdef CONFIG_PREEMPT_RT_FULL ++ /* TODO: move me into ->restart_block ? */ ++ struct siginfo forced_info; ++#endif + + unsigned long sas_ss_sp; + size_t sas_ss_size; +@@ -1460,6 +1475,9 @@ + /* mutex deadlock detection */ + struct mutex_waiter *blocked_on; + #endif ++#ifdef CONFIG_PREEMPT_RT_FULL ++ int pagefault_disabled; ++#endif + #ifdef CONFIG_TRACE_IRQFLAGS + unsigned int irq_events; + unsigned long hardirq_enable_ip; +@@ -1644,6 +1662,12 @@ + unsigned long trace; + /* bitmask and counter of trace recursion */ + unsigned long trace_recursion; ++#ifdef CONFIG_WAKEUP_LATENCY_HIST ++ u64 preempt_timestamp_hist; ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++ long timer_offset; ++#endif ++#endif + #endif /* CONFIG_TRACING */ + #ifdef CONFIG_MEMCG /* memcg uses this to do batch job */ + unsigned int memcg_kmem_skip_account; +@@ -1661,11 +1685,19 @@ + unsigned int sequential_io; + unsigned int sequential_io_avg; + #endif ++#ifdef CONFIG_PREEMPT_RT_BASE ++ struct rcu_head put_rcu; ++ int softirq_nestcnt; ++ unsigned int softirqs_raised; ++#endif ++#ifdef CONFIG_PREEMPT_RT_FULL ++# if defined CONFIG_HIGHMEM || defined CONFIG_X86_32 ++ int kmap_idx; ++ pte_t kmap_pte[KM_TYPE_NR]; ++# endif ++#endif + }; + +-/* Future-safe accessor for struct task_struct's cpus_allowed. */ +-#define tsk_cpus_allowed(tsk) (&(tsk)->cpus_allowed) +- + #define TNF_MIGRATED 0x01 + #define TNF_NO_GROUP 0x02 + #define TNF_SHARED 0x04 +@@ -1700,6 +1732,17 @@ + } + #endif + ++#ifdef CONFIG_PREEMPT_RT_FULL ++static inline bool cur_pf_disabled(void) { return current->pagefault_disabled; } ++#else ++static inline bool cur_pf_disabled(void) { return false; } ++#endif ++ ++static inline bool pagefault_disabled(void) ++{ ++ return in_atomic() || cur_pf_disabled(); ++} ++ + static inline struct pid *task_pid(struct task_struct *task) + { + return task->pids[PIDTYPE_PID].pid; +@@ -1853,6 +1896,15 @@ + extern void free_task(struct task_struct *tsk); + #define get_task_struct(tsk) do { atomic_inc(&(tsk)->usage); } while(0) + ++#ifdef CONFIG_PREEMPT_RT_BASE ++extern void __put_task_struct_cb(struct rcu_head *rhp); ++ ++static inline void put_task_struct(struct task_struct *t) ++{ ++ if (atomic_dec_and_test(&t->usage)) ++ call_rcu(&t->put_rcu, __put_task_struct_cb); ++} ++#else + extern void __put_task_struct(struct task_struct *t); + + static inline void put_task_struct(struct task_struct *t) +@@ -1860,6 +1912,7 @@ + if (atomic_dec_and_test(&t->usage)) + __put_task_struct(t); + } ++#endif + + #ifdef CONFIG_VIRT_CPU_ACCOUNTING_GEN + extern void task_cputime(struct task_struct *t, +@@ -1898,6 +1951,7 @@ + /* + * Per process flags + */ ++#define PF_IN_SOFTIRQ 0x00000001 /* Task is serving softirq */ + #define PF_EXITING 0x00000004 /* getting shut down */ + #define PF_EXITPIDONE 0x00000008 /* pi exit done on shut down */ + #define PF_VCPU 0x00000010 /* I'm a virtual CPU */ +@@ -2058,6 +2112,10 @@ + + extern int set_cpus_allowed_ptr(struct task_struct *p, + const struct cpumask *new_mask); ++int migrate_me(void); ++void tell_sched_cpu_down_begin(int cpu); ++void tell_sched_cpu_down_done(int cpu); ++ + #else + static inline void do_set_cpus_allowed(struct task_struct *p, + const struct cpumask *new_mask) +@@ -2070,6 +2128,9 @@ + return -EINVAL; + return 0; + } ++static inline int migrate_me(void) { return 0; } ++static inline void tell_sched_cpu_down_begin(int cpu) { } ++static inline void tell_sched_cpu_down_done(int cpu) { } + #endif + + #ifdef CONFIG_NO_HZ_COMMON +@@ -2290,6 +2351,7 @@ + + extern int wake_up_state(struct task_struct *tsk, unsigned int state); + extern int wake_up_process(struct task_struct *tsk); ++extern int wake_up_lock_sleeper(struct task_struct * tsk); + extern void wake_up_new_task(struct task_struct *tsk); + #ifdef CONFIG_SMP + extern void kick_process(struct task_struct *tsk); +@@ -2406,12 +2468,24 @@ + + /* mmdrop drops the mm and the page tables */ + extern void __mmdrop(struct mm_struct *); ++ + static inline void mmdrop(struct mm_struct * mm) + { + if (unlikely(atomic_dec_and_test(&mm->mm_count))) + __mmdrop(mm); + } + ++#ifdef CONFIG_PREEMPT_RT_BASE ++extern void __mmdrop_delayed(struct rcu_head *rhp); ++static inline void mmdrop_delayed(struct mm_struct *mm) ++{ ++ if (atomic_dec_and_test(&mm->mm_count)) ++ call_rcu(&mm->delayed_drop, __mmdrop_delayed); ++} ++#else ++# define mmdrop_delayed(mm) mmdrop(mm) ++#endif ++ + /* mmput gets rid of the mappings and all user-space */ + extern void mmput(struct mm_struct *); + /* Grab a reference to a task's mm, if it is not already going away */ +@@ -2719,6 +2793,43 @@ + return unlikely(test_tsk_thread_flag(tsk,TIF_NEED_RESCHED)); + } + ++#ifdef CONFIG_PREEMPT_LAZY ++static inline void set_tsk_need_resched_lazy(struct task_struct *tsk) ++{ ++ set_tsk_thread_flag(tsk,TIF_NEED_RESCHED_LAZY); ++} ++ ++static inline void clear_tsk_need_resched_lazy(struct task_struct *tsk) ++{ ++ clear_tsk_thread_flag(tsk,TIF_NEED_RESCHED_LAZY); ++} ++ ++static inline int test_tsk_need_resched_lazy(struct task_struct *tsk) ++{ ++ return unlikely(test_tsk_thread_flag(tsk,TIF_NEED_RESCHED_LAZY)); ++} ++ ++static inline int need_resched_lazy(void) ++{ ++ return test_thread_flag(TIF_NEED_RESCHED_LAZY); ++} ++ ++static inline int need_resched_now(void) ++{ ++ return test_thread_flag(TIF_NEED_RESCHED); ++} ++ ++#else ++static inline void clear_tsk_need_resched_lazy(struct task_struct *tsk) { } ++static inline int need_resched_lazy(void) { return 0; } ++ ++static inline int need_resched_now(void) ++{ ++ return test_thread_flag(TIF_NEED_RESCHED); ++} ++ ++#endif ++ + static inline int restart_syscall(void) + { + set_tsk_thread_flag(current, TIF_SIGPENDING); +@@ -2750,6 +2861,51 @@ + return (state & TASK_INTERRUPTIBLE) || __fatal_signal_pending(p); + } + ++static inline bool __task_is_stopped_or_traced(struct task_struct *task) ++{ ++ if (task->state & (__TASK_STOPPED | __TASK_TRACED)) ++ return true; ++#ifdef CONFIG_PREEMPT_RT_FULL ++ if (task->saved_state & (__TASK_STOPPED | __TASK_TRACED)) ++ return true; ++#endif ++ return false; ++} ++ ++static inline bool task_is_stopped_or_traced(struct task_struct *task) ++{ ++ bool traced_stopped; ++ ++#ifdef CONFIG_PREEMPT_RT_FULL ++ unsigned long flags; ++ ++ raw_spin_lock_irqsave(&task->pi_lock, flags); ++ traced_stopped = __task_is_stopped_or_traced(task); ++ raw_spin_unlock_irqrestore(&task->pi_lock, flags); ++#else ++ traced_stopped = __task_is_stopped_or_traced(task); ++#endif ++ return traced_stopped; ++} ++ ++static inline bool task_is_traced(struct task_struct *task) ++{ ++ bool traced = false; ++ ++ if (task->state & __TASK_TRACED) ++ return true; ++#ifdef CONFIG_PREEMPT_RT_FULL ++ /* in case the task is sleeping on tasklist_lock */ ++ raw_spin_lock_irq(&task->pi_lock); ++ if (task->state & __TASK_TRACED) ++ traced = true; ++ else if (task->saved_state & __TASK_TRACED) ++ traced = true; ++ raw_spin_unlock_irq(&task->pi_lock); ++#endif ++ return traced; ++} ++ + /* + * cond_resched() and cond_resched_lock(): latency reduction via + * explicit rescheduling in places that are safe. The return +@@ -2766,7 +2922,7 @@ + + extern int __cond_resched_lock(spinlock_t *lock); + +-#ifdef CONFIG_PREEMPT_COUNT ++#if defined(CONFIG_PREEMPT_COUNT) && !defined(CONFIG_PREEMPT_RT_FULL) + #define PREEMPT_LOCK_OFFSET PREEMPT_OFFSET + #else + #define PREEMPT_LOCK_OFFSET 0 +@@ -2777,12 +2933,16 @@ + __cond_resched_lock(lock); \ + }) + ++#ifndef CONFIG_PREEMPT_RT_FULL + extern int __cond_resched_softirq(void); + + #define cond_resched_softirq() ({ \ + __might_sleep(__FILE__, __LINE__, SOFTIRQ_DISABLE_OFFSET); \ + __cond_resched_softirq(); \ + }) ++#else ++# define cond_resched_softirq() cond_resched() ++#endif + + static inline void cond_resched_rcu(void) + { +@@ -2949,6 +3109,26 @@ + + #endif /* CONFIG_SMP */ + ++static inline int __migrate_disabled(struct task_struct *p) ++{ ++#ifdef CONFIG_PREEMPT_RT_FULL ++ return p->migrate_disable; ++#else ++ return 0; ++#endif ++} ++ ++/* Future-safe accessor for struct task_struct's cpus_allowed. */ ++static inline const struct cpumask *tsk_cpus_allowed(struct task_struct *p) ++{ ++#ifdef CONFIG_PREEMPT_RT_FULL ++ if (p->migrate_disable) ++ return cpumask_of(task_cpu(p)); ++#endif ++ ++ return &p->cpus_allowed; ++} ++ + extern long sched_setaffinity(pid_t pid, const struct cpumask *new_mask); + extern long sched_getaffinity(pid_t pid, struct cpumask *mask); + +diff -Nur linux-3.18.9.orig/include/linux/seqlock.h linux-3.18.9/include/linux/seqlock.h +--- linux-3.18.9.orig/include/linux/seqlock.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/seqlock.h 2015-03-15 16:03:03.812094874 -0500 +@@ -219,20 +219,30 @@ + return __read_seqcount_retry(s, start); + } + +- +- +-static inline void raw_write_seqcount_begin(seqcount_t *s) ++static inline void __raw_write_seqcount_begin(seqcount_t *s) + { + s->sequence++; + smp_wmb(); + } + +-static inline void raw_write_seqcount_end(seqcount_t *s) ++static inline void raw_write_seqcount_begin(seqcount_t *s) ++{ ++ preempt_disable_rt(); ++ __raw_write_seqcount_begin(s); ++} ++ ++static inline void __raw_write_seqcount_end(seqcount_t *s) + { + smp_wmb(); + s->sequence++; + } + ++static inline void raw_write_seqcount_end(seqcount_t *s) ++{ ++ __raw_write_seqcount_end(s); ++ preempt_enable_rt(); ++} ++ + /* + * raw_write_seqcount_latch - redirect readers to even/odd copy + * @s: pointer to seqcount_t +@@ -305,10 +315,32 @@ + /* + * Read side functions for starting and finalizing a read side section. + */ ++#ifndef CONFIG_PREEMPT_RT_FULL + static inline unsigned read_seqbegin(const seqlock_t *sl) + { + return read_seqcount_begin(&sl->seqcount); + } ++#else ++/* ++ * Starvation safe read side for RT ++ */ ++static inline unsigned read_seqbegin(seqlock_t *sl) ++{ ++ unsigned ret; ++ ++repeat: ++ ret = ACCESS_ONCE(sl->seqcount.sequence); ++ if (unlikely(ret & 1)) { ++ /* ++ * Take the lock and let the writer proceed (i.e. evtl ++ * boost it), otherwise we could loop here forever. ++ */ ++ spin_unlock_wait(&sl->lock); ++ goto repeat; ++ } ++ return ret; ++} ++#endif + + static inline unsigned read_seqretry(const seqlock_t *sl, unsigned start) + { +@@ -323,36 +355,36 @@ + static inline void write_seqlock(seqlock_t *sl) + { + spin_lock(&sl->lock); +- write_seqcount_begin(&sl->seqcount); ++ __raw_write_seqcount_begin(&sl->seqcount); + } + + static inline void write_sequnlock(seqlock_t *sl) + { +- write_seqcount_end(&sl->seqcount); ++ __raw_write_seqcount_end(&sl->seqcount); + spin_unlock(&sl->lock); + } + + static inline void write_seqlock_bh(seqlock_t *sl) + { + spin_lock_bh(&sl->lock); +- write_seqcount_begin(&sl->seqcount); ++ __raw_write_seqcount_begin(&sl->seqcount); + } + + static inline void write_sequnlock_bh(seqlock_t *sl) + { +- write_seqcount_end(&sl->seqcount); ++ __raw_write_seqcount_end(&sl->seqcount); + spin_unlock_bh(&sl->lock); + } + + static inline void write_seqlock_irq(seqlock_t *sl) + { + spin_lock_irq(&sl->lock); +- write_seqcount_begin(&sl->seqcount); ++ __raw_write_seqcount_begin(&sl->seqcount); + } + + static inline void write_sequnlock_irq(seqlock_t *sl) + { +- write_seqcount_end(&sl->seqcount); ++ __raw_write_seqcount_end(&sl->seqcount); + spin_unlock_irq(&sl->lock); + } + +@@ -361,7 +393,7 @@ + unsigned long flags; + + spin_lock_irqsave(&sl->lock, flags); +- write_seqcount_begin(&sl->seqcount); ++ __raw_write_seqcount_begin(&sl->seqcount); + return flags; + } + +@@ -371,7 +403,7 @@ + static inline void + write_sequnlock_irqrestore(seqlock_t *sl, unsigned long flags) + { +- write_seqcount_end(&sl->seqcount); ++ __raw_write_seqcount_end(&sl->seqcount); + spin_unlock_irqrestore(&sl->lock, flags); + } + +diff -Nur linux-3.18.9.orig/include/linux/signal.h linux-3.18.9/include/linux/signal.h +--- linux-3.18.9.orig/include/linux/signal.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/signal.h 2015-03-15 16:03:03.812094874 -0500 +@@ -218,6 +218,7 @@ + } + + extern void flush_sigqueue(struct sigpending *queue); ++extern void flush_task_sigqueue(struct task_struct *tsk); + + /* Test if 'sig' is valid signal. Use this instead of testing _NSIG directly */ + static inline int valid_signal(unsigned long sig) +diff -Nur linux-3.18.9.orig/include/linux/skbuff.h linux-3.18.9/include/linux/skbuff.h +--- linux-3.18.9.orig/include/linux/skbuff.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/skbuff.h 2015-03-15 16:03:03.816094874 -0500 +@@ -172,6 +172,7 @@ + + __u32 qlen; + spinlock_t lock; ++ raw_spinlock_t raw_lock; + }; + + struct sk_buff; +@@ -1327,6 +1328,12 @@ + __skb_queue_head_init(list); + } + ++static inline void skb_queue_head_init_raw(struct sk_buff_head *list) ++{ ++ raw_spin_lock_init(&list->raw_lock); ++ __skb_queue_head_init(list); ++} ++ + static inline void skb_queue_head_init_class(struct sk_buff_head *list, + struct lock_class_key *class) + { +diff -Nur linux-3.18.9.orig/include/linux/smp.h linux-3.18.9/include/linux/smp.h +--- linux-3.18.9.orig/include/linux/smp.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/smp.h 2015-03-15 16:03:03.816094874 -0500 +@@ -178,6 +178,9 @@ + #define get_cpu() ({ preempt_disable(); smp_processor_id(); }) + #define put_cpu() preempt_enable() + ++#define get_cpu_light() ({ migrate_disable(); smp_processor_id(); }) ++#define put_cpu_light() migrate_enable() ++ + /* + * Callback to arch code if there's nosmp or maxcpus=0 on the + * boot command line: +diff -Nur linux-3.18.9.orig/include/linux/spinlock_api_smp.h linux-3.18.9/include/linux/spinlock_api_smp.h +--- linux-3.18.9.orig/include/linux/spinlock_api_smp.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/spinlock_api_smp.h 2015-03-15 16:03:03.816094874 -0500 +@@ -187,6 +187,8 @@ + return 0; + } + +-#include <linux/rwlock_api_smp.h> ++#ifndef CONFIG_PREEMPT_RT_FULL ++# include <linux/rwlock_api_smp.h> ++#endif + + #endif /* __LINUX_SPINLOCK_API_SMP_H */ +diff -Nur linux-3.18.9.orig/include/linux/spinlock.h linux-3.18.9/include/linux/spinlock.h +--- linux-3.18.9.orig/include/linux/spinlock.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/spinlock.h 2015-03-15 16:03:03.816094874 -0500 +@@ -278,7 +278,11 @@ + #define raw_spin_can_lock(lock) (!raw_spin_is_locked(lock)) + + /* Include rwlock functions */ +-#include <linux/rwlock.h> ++#ifdef CONFIG_PREEMPT_RT_FULL ++# include <linux/rwlock_rt.h> ++#else ++# include <linux/rwlock.h> ++#endif + + /* + * Pull the _spin_*()/_read_*()/_write_*() functions/declarations: +@@ -289,6 +293,10 @@ + # include <linux/spinlock_api_up.h> + #endif + ++#ifdef CONFIG_PREEMPT_RT_FULL ++# include <linux/spinlock_rt.h> ++#else /* PREEMPT_RT_FULL */ ++ + /* + * Map the spin_lock functions to the raw variants for PREEMPT_RT=n + */ +@@ -418,4 +426,6 @@ + #define atomic_dec_and_lock(atomic, lock) \ + __cond_lock(lock, _atomic_dec_and_lock(atomic, lock)) + ++#endif /* !PREEMPT_RT_FULL */ ++ + #endif /* __LINUX_SPINLOCK_H */ +diff -Nur linux-3.18.9.orig/include/linux/spinlock_rt.h linux-3.18.9/include/linux/spinlock_rt.h +--- linux-3.18.9.orig/include/linux/spinlock_rt.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/linux/spinlock_rt.h 2015-03-15 16:03:03.816094874 -0500 +@@ -0,0 +1,167 @@ ++#ifndef __LINUX_SPINLOCK_RT_H ++#define __LINUX_SPINLOCK_RT_H ++ ++#ifndef __LINUX_SPINLOCK_H ++#error Do not include directly. Use spinlock.h ++#endif ++ ++#include <linux/bug.h> ++ ++extern void ++__rt_spin_lock_init(spinlock_t *lock, char *name, struct lock_class_key *key); ++ ++#define spin_lock_init(slock) \ ++do { \ ++ static struct lock_class_key __key; \ ++ \ ++ rt_mutex_init(&(slock)->lock); \ ++ __rt_spin_lock_init(slock, #slock, &__key); \ ++} while (0) ++ ++extern void __lockfunc rt_spin_lock(spinlock_t *lock); ++extern unsigned long __lockfunc rt_spin_lock_trace_flags(spinlock_t *lock); ++extern void __lockfunc rt_spin_lock_nested(spinlock_t *lock, int subclass); ++extern void __lockfunc rt_spin_unlock(spinlock_t *lock); ++extern void __lockfunc rt_spin_unlock_after_trylock_in_irq(spinlock_t *lock); ++extern void __lockfunc rt_spin_unlock_wait(spinlock_t *lock); ++extern int __lockfunc rt_spin_trylock_irqsave(spinlock_t *lock, unsigned long *flags); ++extern int __lockfunc rt_spin_trylock_bh(spinlock_t *lock); ++extern int __lockfunc rt_spin_trylock(spinlock_t *lock); ++extern int atomic_dec_and_spin_lock(atomic_t *atomic, spinlock_t *lock); ++ ++/* ++ * lockdep-less calls, for derived types like rwlock: ++ * (for trylock they can use rt_mutex_trylock() directly. ++ */ ++extern void __lockfunc __rt_spin_lock(struct rt_mutex *lock); ++extern void __lockfunc __rt_spin_unlock(struct rt_mutex *lock); ++extern int __lockfunc __rt_spin_trylock(struct rt_mutex *lock); ++ ++#define spin_lock(lock) \ ++ do { \ ++ migrate_disable(); \ ++ rt_spin_lock(lock); \ ++ } while (0) ++ ++#define spin_lock_bh(lock) \ ++ do { \ ++ local_bh_disable(); \ ++ migrate_disable(); \ ++ rt_spin_lock(lock); \ ++ } while (0) ++ ++#define spin_lock_irq(lock) spin_lock(lock) ++ ++#define spin_do_trylock(lock) __cond_lock(lock, rt_spin_trylock(lock)) ++ ++#define spin_trylock(lock) \ ++({ \ ++ int __locked; \ ++ migrate_disable(); \ ++ __locked = spin_do_trylock(lock); \ ++ if (!__locked) \ ++ migrate_enable(); \ ++ __locked; \ ++}) ++ ++#ifdef CONFIG_LOCKDEP ++# define spin_lock_nested(lock, subclass) \ ++ do { \ ++ migrate_disable(); \ ++ rt_spin_lock_nested(lock, subclass); \ ++ } while (0) ++ ++# define spin_lock_irqsave_nested(lock, flags, subclass) \ ++ do { \ ++ typecheck(unsigned long, flags); \ ++ flags = 0; \ ++ migrate_disable(); \ ++ rt_spin_lock_nested(lock, subclass); \ ++ } while (0) ++#else ++# define spin_lock_nested(lock, subclass) spin_lock(lock) ++ ++# define spin_lock_irqsave_nested(lock, flags, subclass) \ ++ do { \ ++ typecheck(unsigned long, flags); \ ++ flags = 0; \ ++ spin_lock(lock); \ ++ } while (0) ++#endif ++ ++#define spin_lock_irqsave(lock, flags) \ ++ do { \ ++ typecheck(unsigned long, flags); \ ++ flags = 0; \ ++ spin_lock(lock); \ ++ } while (0) ++ ++static inline unsigned long spin_lock_trace_flags(spinlock_t *lock) ++{ ++ unsigned long flags = 0; ++#ifdef CONFIG_TRACE_IRQFLAGS ++ flags = rt_spin_lock_trace_flags(lock); ++#else ++ spin_lock(lock); /* lock_local */ ++#endif ++ return flags; ++} ++ ++/* FIXME: we need rt_spin_lock_nest_lock */ ++#define spin_lock_nest_lock(lock, nest_lock) spin_lock_nested(lock, 0) ++ ++#define spin_unlock(lock) \ ++ do { \ ++ rt_spin_unlock(lock); \ ++ migrate_enable(); \ ++ } while (0) ++ ++#define spin_unlock_bh(lock) \ ++ do { \ ++ rt_spin_unlock(lock); \ ++ migrate_enable(); \ ++ local_bh_enable(); \ ++ } while (0) ++ ++#define spin_unlock_irq(lock) spin_unlock(lock) ++ ++#define spin_unlock_irqrestore(lock, flags) \ ++ do { \ ++ typecheck(unsigned long, flags); \ ++ (void) flags; \ ++ spin_unlock(lock); \ ++ } while (0) ++ ++#define spin_trylock_bh(lock) __cond_lock(lock, rt_spin_trylock_bh(lock)) ++#define spin_trylock_irq(lock) spin_trylock(lock) ++ ++#define spin_trylock_irqsave(lock, flags) \ ++ rt_spin_trylock_irqsave(lock, &(flags)) ++ ++#define spin_unlock_wait(lock) rt_spin_unlock_wait(lock) ++ ++#ifdef CONFIG_GENERIC_LOCKBREAK ++# define spin_is_contended(lock) ((lock)->break_lock) ++#else ++# define spin_is_contended(lock) (((void)(lock), 0)) ++#endif ++ ++static inline int spin_can_lock(spinlock_t *lock) ++{ ++ return !rt_mutex_is_locked(&lock->lock); ++} ++ ++static inline int spin_is_locked(spinlock_t *lock) ++{ ++ return rt_mutex_is_locked(&lock->lock); ++} ++ ++static inline void assert_spin_locked(spinlock_t *lock) ++{ ++ BUG_ON(!spin_is_locked(lock)); ++} ++ ++#define atomic_dec_and_lock(atomic, lock) \ ++ atomic_dec_and_spin_lock(atomic, lock) ++ ++#endif +diff -Nur linux-3.18.9.orig/include/linux/spinlock_types.h linux-3.18.9/include/linux/spinlock_types.h +--- linux-3.18.9.orig/include/linux/spinlock_types.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/spinlock_types.h 2015-03-15 16:03:03.816094874 -0500 +@@ -9,80 +9,15 @@ + * Released under the General Public License (GPL). + */ + +-#if defined(CONFIG_SMP) +-# include <asm/spinlock_types.h> +-#else +-# include <linux/spinlock_types_up.h> +-#endif +- +-#include <linux/lockdep.h> +- +-typedef struct raw_spinlock { +- arch_spinlock_t raw_lock; +-#ifdef CONFIG_GENERIC_LOCKBREAK +- unsigned int break_lock; +-#endif +-#ifdef CONFIG_DEBUG_SPINLOCK +- unsigned int magic, owner_cpu; +- void *owner; +-#endif +-#ifdef CONFIG_DEBUG_LOCK_ALLOC +- struct lockdep_map dep_map; +-#endif +-} raw_spinlock_t; +- +-#define SPINLOCK_MAGIC 0xdead4ead +- +-#define SPINLOCK_OWNER_INIT ((void *)-1L) +- +-#ifdef CONFIG_DEBUG_LOCK_ALLOC +-# define SPIN_DEP_MAP_INIT(lockname) .dep_map = { .name = #lockname } +-#else +-# define SPIN_DEP_MAP_INIT(lockname) +-#endif ++#include <linux/spinlock_types_raw.h> + +-#ifdef CONFIG_DEBUG_SPINLOCK +-# define SPIN_DEBUG_INIT(lockname) \ +- .magic = SPINLOCK_MAGIC, \ +- .owner_cpu = -1, \ +- .owner = SPINLOCK_OWNER_INIT, ++#ifndef CONFIG_PREEMPT_RT_FULL ++# include <linux/spinlock_types_nort.h> ++# include <linux/rwlock_types.h> + #else +-# define SPIN_DEBUG_INIT(lockname) ++# include <linux/rtmutex.h> ++# include <linux/spinlock_types_rt.h> ++# include <linux/rwlock_types_rt.h> + #endif + +-#define __RAW_SPIN_LOCK_INITIALIZER(lockname) \ +- { \ +- .raw_lock = __ARCH_SPIN_LOCK_UNLOCKED, \ +- SPIN_DEBUG_INIT(lockname) \ +- SPIN_DEP_MAP_INIT(lockname) } +- +-#define __RAW_SPIN_LOCK_UNLOCKED(lockname) \ +- (raw_spinlock_t) __RAW_SPIN_LOCK_INITIALIZER(lockname) +- +-#define DEFINE_RAW_SPINLOCK(x) raw_spinlock_t x = __RAW_SPIN_LOCK_UNLOCKED(x) +- +-typedef struct spinlock { +- union { +- struct raw_spinlock rlock; +- +-#ifdef CONFIG_DEBUG_LOCK_ALLOC +-# define LOCK_PADSIZE (offsetof(struct raw_spinlock, dep_map)) +- struct { +- u8 __padding[LOCK_PADSIZE]; +- struct lockdep_map dep_map; +- }; +-#endif +- }; +-} spinlock_t; +- +-#define __SPIN_LOCK_INITIALIZER(lockname) \ +- { { .rlock = __RAW_SPIN_LOCK_INITIALIZER(lockname) } } +- +-#define __SPIN_LOCK_UNLOCKED(lockname) \ +- (spinlock_t ) __SPIN_LOCK_INITIALIZER(lockname) +- +-#define DEFINE_SPINLOCK(x) spinlock_t x = __SPIN_LOCK_UNLOCKED(x) +- +-#include <linux/rwlock_types.h> +- + #endif /* __LINUX_SPINLOCK_TYPES_H */ +diff -Nur linux-3.18.9.orig/include/linux/spinlock_types_nort.h linux-3.18.9/include/linux/spinlock_types_nort.h +--- linux-3.18.9.orig/include/linux/spinlock_types_nort.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/linux/spinlock_types_nort.h 2015-03-15 16:03:03.816094874 -0500 +@@ -0,0 +1,33 @@ ++#ifndef __LINUX_SPINLOCK_TYPES_NORT_H ++#define __LINUX_SPINLOCK_TYPES_NORT_H ++ ++#ifndef __LINUX_SPINLOCK_TYPES_H ++#error "Do not include directly. Include spinlock_types.h instead" ++#endif ++ ++/* ++ * The non RT version maps spinlocks to raw_spinlocks ++ */ ++typedef struct spinlock { ++ union { ++ struct raw_spinlock rlock; ++ ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++# define LOCK_PADSIZE (offsetof(struct raw_spinlock, dep_map)) ++ struct { ++ u8 __padding[LOCK_PADSIZE]; ++ struct lockdep_map dep_map; ++ }; ++#endif ++ }; ++} spinlock_t; ++ ++#define __SPIN_LOCK_INITIALIZER(lockname) \ ++ { { .rlock = __RAW_SPIN_LOCK_INITIALIZER(lockname) } } ++ ++#define __SPIN_LOCK_UNLOCKED(lockname) \ ++ (spinlock_t ) __SPIN_LOCK_INITIALIZER(lockname) ++ ++#define DEFINE_SPINLOCK(x) spinlock_t x = __SPIN_LOCK_UNLOCKED(x) ++ ++#endif +diff -Nur linux-3.18.9.orig/include/linux/spinlock_types_raw.h linux-3.18.9/include/linux/spinlock_types_raw.h +--- linux-3.18.9.orig/include/linux/spinlock_types_raw.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/linux/spinlock_types_raw.h 2015-03-15 16:03:03.816094874 -0500 +@@ -0,0 +1,56 @@ ++#ifndef __LINUX_SPINLOCK_TYPES_RAW_H ++#define __LINUX_SPINLOCK_TYPES_RAW_H ++ ++#if defined(CONFIG_SMP) ++# include <asm/spinlock_types.h> ++#else ++# include <linux/spinlock_types_up.h> ++#endif ++ ++#include <linux/lockdep.h> ++ ++typedef struct raw_spinlock { ++ arch_spinlock_t raw_lock; ++#ifdef CONFIG_GENERIC_LOCKBREAK ++ unsigned int break_lock; ++#endif ++#ifdef CONFIG_DEBUG_SPINLOCK ++ unsigned int magic, owner_cpu; ++ void *owner; ++#endif ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++ struct lockdep_map dep_map; ++#endif ++} raw_spinlock_t; ++ ++#define SPINLOCK_MAGIC 0xdead4ead ++ ++#define SPINLOCK_OWNER_INIT ((void *)-1L) ++ ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++# define SPIN_DEP_MAP_INIT(lockname) .dep_map = { .name = #lockname } ++#else ++# define SPIN_DEP_MAP_INIT(lockname) ++#endif ++ ++#ifdef CONFIG_DEBUG_SPINLOCK ++# define SPIN_DEBUG_INIT(lockname) \ ++ .magic = SPINLOCK_MAGIC, \ ++ .owner_cpu = -1, \ ++ .owner = SPINLOCK_OWNER_INIT, ++#else ++# define SPIN_DEBUG_INIT(lockname) ++#endif ++ ++#define __RAW_SPIN_LOCK_INITIALIZER(lockname) \ ++ { \ ++ .raw_lock = __ARCH_SPIN_LOCK_UNLOCKED, \ ++ SPIN_DEBUG_INIT(lockname) \ ++ SPIN_DEP_MAP_INIT(lockname) } ++ ++#define __RAW_SPIN_LOCK_UNLOCKED(lockname) \ ++ (raw_spinlock_t) __RAW_SPIN_LOCK_INITIALIZER(lockname) ++ ++#define DEFINE_RAW_SPINLOCK(x) raw_spinlock_t x = __RAW_SPIN_LOCK_UNLOCKED(x) ++ ++#endif +diff -Nur linux-3.18.9.orig/include/linux/spinlock_types_rt.h linux-3.18.9/include/linux/spinlock_types_rt.h +--- linux-3.18.9.orig/include/linux/spinlock_types_rt.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/linux/spinlock_types_rt.h 2015-03-15 16:03:03.816094874 -0500 +@@ -0,0 +1,51 @@ ++#ifndef __LINUX_SPINLOCK_TYPES_RT_H ++#define __LINUX_SPINLOCK_TYPES_RT_H ++ ++#ifndef __LINUX_SPINLOCK_TYPES_H ++#error "Do not include directly. Include spinlock_types.h instead" ++#endif ++ ++#include <linux/cache.h> ++ ++/* ++ * PREEMPT_RT: spinlocks - an RT mutex plus lock-break field: ++ */ ++typedef struct spinlock { ++ struct rt_mutex lock; ++ unsigned int break_lock; ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++ struct lockdep_map dep_map; ++#endif ++} spinlock_t; ++ ++#ifdef CONFIG_DEBUG_RT_MUTEXES ++# define __RT_SPIN_INITIALIZER(name) \ ++ { \ ++ .wait_lock = __RAW_SPIN_LOCK_UNLOCKED(name.wait_lock), \ ++ .save_state = 1, \ ++ .file = __FILE__, \ ++ .line = __LINE__ , \ ++ } ++#else ++# define __RT_SPIN_INITIALIZER(name) \ ++ { \ ++ .wait_lock = __RAW_SPIN_LOCK_UNLOCKED(name.wait_lock), \ ++ .save_state = 1, \ ++ } ++#endif ++ ++/* ++.wait_list = PLIST_HEAD_INIT_RAW((name).lock.wait_list, (name).lock.wait_lock) ++*/ ++ ++#define __SPIN_LOCK_UNLOCKED(name) \ ++ { .lock = __RT_SPIN_INITIALIZER(name.lock), \ ++ SPIN_DEP_MAP_INIT(name) } ++ ++#define __DEFINE_SPINLOCK(name) \ ++ spinlock_t name = __SPIN_LOCK_UNLOCKED(name) ++ ++#define DEFINE_SPINLOCK(name) \ ++ spinlock_t name __cacheline_aligned_in_smp = __SPIN_LOCK_UNLOCKED(name) ++ ++#endif +diff -Nur linux-3.18.9.orig/include/linux/srcu.h linux-3.18.9/include/linux/srcu.h +--- linux-3.18.9.orig/include/linux/srcu.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/srcu.h 2015-03-15 16:03:03.820094874 -0500 +@@ -84,10 +84,10 @@ + + void process_srcu(struct work_struct *work); + +-#define __SRCU_STRUCT_INIT(name) \ ++#define __SRCU_STRUCT_INIT(name, pcpu_name) \ + { \ + .completed = -300, \ +- .per_cpu_ref = &name##_srcu_array, \ ++ .per_cpu_ref = &pcpu_name, \ + .queue_lock = __SPIN_LOCK_UNLOCKED(name.queue_lock), \ + .running = false, \ + .batch_queue = RCU_BATCH_INIT(name.batch_queue), \ +@@ -104,11 +104,12 @@ + */ + #define DEFINE_SRCU(name) \ + static DEFINE_PER_CPU(struct srcu_struct_array, name##_srcu_array);\ +- struct srcu_struct name = __SRCU_STRUCT_INIT(name); ++ struct srcu_struct name = __SRCU_STRUCT_INIT(name, name##_srcu_array); + + #define DEFINE_STATIC_SRCU(name) \ + static DEFINE_PER_CPU(struct srcu_struct_array, name##_srcu_array);\ +- static struct srcu_struct name = __SRCU_STRUCT_INIT(name); ++ static struct srcu_struct name = __SRCU_STRUCT_INIT(\ ++ name, name##_srcu_array); + + /** + * call_srcu() - Queue a callback for invocation after an SRCU grace period +diff -Nur linux-3.18.9.orig/include/linux/swap.h linux-3.18.9/include/linux/swap.h +--- linux-3.18.9.orig/include/linux/swap.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/swap.h 2015-03-15 16:03:03.824094874 -0500 +@@ -11,6 +11,7 @@ + #include <linux/fs.h> + #include <linux/atomic.h> + #include <linux/page-flags.h> ++#include <linux/locallock.h> + #include <asm/page.h> + + struct notifier_block; +@@ -260,7 +261,8 @@ + void *workingset_eviction(struct address_space *mapping, struct page *page); + bool workingset_refault(void *shadow); + void workingset_activation(struct page *page); +-extern struct list_lru workingset_shadow_nodes; ++extern struct list_lru __workingset_shadow_nodes; ++DECLARE_LOCAL_IRQ_LOCK(workingset_shadow_lock); + + static inline unsigned int workingset_node_pages(struct radix_tree_node *node) + { +diff -Nur linux-3.18.9.orig/include/linux/sysctl.h linux-3.18.9/include/linux/sysctl.h +--- linux-3.18.9.orig/include/linux/sysctl.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/sysctl.h 2015-03-15 16:03:03.824094874 -0500 +@@ -25,6 +25,7 @@ + #include <linux/rcupdate.h> + #include <linux/wait.h> + #include <linux/rbtree.h> ++#include <linux/atomic.h> + #include <uapi/linux/sysctl.h> + + /* For the /proc/sys support */ +diff -Nur linux-3.18.9.orig/include/linux/thread_info.h linux-3.18.9/include/linux/thread_info.h +--- linux-3.18.9.orig/include/linux/thread_info.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/thread_info.h 2015-03-15 16:03:03.824094874 -0500 +@@ -102,7 +102,17 @@ + #define test_thread_flag(flag) \ + test_ti_thread_flag(current_thread_info(), flag) + +-#define tif_need_resched() test_thread_flag(TIF_NEED_RESCHED) ++#ifdef CONFIG_PREEMPT_LAZY ++#define tif_need_resched() (test_thread_flag(TIF_NEED_RESCHED) || \ ++ test_thread_flag(TIF_NEED_RESCHED_LAZY)) ++#define tif_need_resched_now() (test_thread_flag(TIF_NEED_RESCHED)) ++#define tif_need_resched_lazy() test_thread_flag(TIF_NEED_RESCHED_LAZY)) ++ ++#else ++#define tif_need_resched() test_thread_flag(TIF_NEED_RESCHED) ++#define tif_need_resched_now() test_thread_flag(TIF_NEED_RESCHED) ++#define tif_need_resched_lazy() 0 ++#endif + + #if defined TIF_RESTORE_SIGMASK && !defined HAVE_SET_RESTORE_SIGMASK + /* +diff -Nur linux-3.18.9.orig/include/linux/timer.h linux-3.18.9/include/linux/timer.h +--- linux-3.18.9.orig/include/linux/timer.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/timer.h 2015-03-15 16:03:03.824094874 -0500 +@@ -241,7 +241,7 @@ + + extern int try_to_del_timer_sync(struct timer_list *timer); + +-#ifdef CONFIG_SMP ++#if defined(CONFIG_SMP) || defined(CONFIG_PREEMPT_RT_FULL) + extern int del_timer_sync(struct timer_list *timer); + #else + # define del_timer_sync(t) del_timer(t) +diff -Nur linux-3.18.9.orig/include/linux/uaccess.h linux-3.18.9/include/linux/uaccess.h +--- linux-3.18.9.orig/include/linux/uaccess.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/uaccess.h 2015-03-15 16:03:03.824094874 -0500 +@@ -6,14 +6,9 @@ + + /* + * These routines enable/disable the pagefault handler in that +- * it will not take any locks and go straight to the fixup table. +- * +- * They have great resemblance to the preempt_disable/enable calls +- * and in fact they are identical; this is because currently there is +- * no other way to make the pagefault handlers do this. So we do +- * disable preemption but we don't necessarily care about that. ++ * it will not take any MM locks and go straight to the fixup table. + */ +-static inline void pagefault_disable(void) ++static inline void raw_pagefault_disable(void) + { + preempt_count_inc(); + /* +@@ -23,7 +18,7 @@ + barrier(); + } + +-static inline void pagefault_enable(void) ++static inline void raw_pagefault_enable(void) + { + #ifndef CONFIG_PREEMPT + /* +@@ -37,6 +32,21 @@ + #endif + } + ++#ifndef CONFIG_PREEMPT_RT_FULL ++static inline void pagefault_disable(void) ++{ ++ raw_pagefault_disable(); ++} ++ ++static inline void pagefault_enable(void) ++{ ++ raw_pagefault_enable(); ++} ++#else ++extern void pagefault_disable(void); ++extern void pagefault_enable(void); ++#endif ++ + #ifndef ARCH_HAS_NOCACHE_UACCESS + + static inline unsigned long __copy_from_user_inatomic_nocache(void *to, +@@ -76,9 +86,9 @@ + mm_segment_t old_fs = get_fs(); \ + \ + set_fs(KERNEL_DS); \ +- pagefault_disable(); \ ++ raw_pagefault_disable(); \ + ret = __copy_from_user_inatomic(&(retval), (__force typeof(retval) __user *)(addr), sizeof(retval)); \ +- pagefault_enable(); \ ++ raw_pagefault_enable(); \ + set_fs(old_fs); \ + ret; \ + }) +diff -Nur linux-3.18.9.orig/include/linux/uprobes.h linux-3.18.9/include/linux/uprobes.h +--- linux-3.18.9.orig/include/linux/uprobes.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/uprobes.h 2015-03-15 16:03:03.824094874 -0500 +@@ -27,6 +27,7 @@ + #include <linux/errno.h> + #include <linux/rbtree.h> + #include <linux/types.h> ++#include <linux/wait.h> + + struct vm_area_struct; + struct mm_struct; +diff -Nur linux-3.18.9.orig/include/linux/vmstat.h linux-3.18.9/include/linux/vmstat.h +--- linux-3.18.9.orig/include/linux/vmstat.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/vmstat.h 2015-03-15 16:03:03.824094874 -0500 +@@ -33,7 +33,9 @@ + */ + static inline void __count_vm_event(enum vm_event_item item) + { ++ preempt_disable_rt(); + raw_cpu_inc(vm_event_states.event[item]); ++ preempt_enable_rt(); + } + + static inline void count_vm_event(enum vm_event_item item) +@@ -43,7 +45,9 @@ + + static inline void __count_vm_events(enum vm_event_item item, long delta) + { ++ preempt_disable_rt(); + raw_cpu_add(vm_event_states.event[item], delta); ++ preempt_enable_rt(); + } + + static inline void count_vm_events(enum vm_event_item item, long delta) +diff -Nur linux-3.18.9.orig/include/linux/wait.h linux-3.18.9/include/linux/wait.h +--- linux-3.18.9.orig/include/linux/wait.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/linux/wait.h 2015-03-15 16:03:03.824094874 -0500 +@@ -8,6 +8,7 @@ + #include <linux/spinlock.h> + #include <asm/current.h> + #include <uapi/linux/wait.h> ++#include <linux/atomic.h> + + typedef struct __wait_queue wait_queue_t; + typedef int (*wait_queue_func_t)(wait_queue_t *wait, unsigned mode, int flags, void *key); +diff -Nur linux-3.18.9.orig/include/linux/wait-simple.h linux-3.18.9/include/linux/wait-simple.h +--- linux-3.18.9.orig/include/linux/wait-simple.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/linux/wait-simple.h 2015-03-15 16:03:03.824094874 -0500 +@@ -0,0 +1,207 @@ ++#ifndef _LINUX_WAIT_SIMPLE_H ++#define _LINUX_WAIT_SIMPLE_H ++ ++#include <linux/spinlock.h> ++#include <linux/list.h> ++ ++#include <asm/current.h> ++ ++struct swaiter { ++ struct task_struct *task; ++ struct list_head node; ++}; ++ ++#define DEFINE_SWAITER(name) \ ++ struct swaiter name = { \ ++ .task = current, \ ++ .node = LIST_HEAD_INIT((name).node), \ ++ } ++ ++struct swait_head { ++ raw_spinlock_t lock; ++ struct list_head list; ++}; ++ ++#define SWAIT_HEAD_INITIALIZER(name) { \ ++ .lock = __RAW_SPIN_LOCK_UNLOCKED(name.lock), \ ++ .list = LIST_HEAD_INIT((name).list), \ ++ } ++ ++#define DEFINE_SWAIT_HEAD(name) \ ++ struct swait_head name = SWAIT_HEAD_INITIALIZER(name) ++ ++extern void __init_swait_head(struct swait_head *h, struct lock_class_key *key); ++ ++#define init_swait_head(swh) \ ++ do { \ ++ static struct lock_class_key __key; \ ++ \ ++ __init_swait_head((swh), &__key); \ ++ } while (0) ++ ++/* ++ * Waiter functions ++ */ ++extern void swait_prepare_locked(struct swait_head *head, struct swaiter *w); ++extern void swait_prepare(struct swait_head *head, struct swaiter *w, int state); ++extern void swait_finish_locked(struct swait_head *head, struct swaiter *w); ++extern void swait_finish(struct swait_head *head, struct swaiter *w); ++ ++/* Check whether a head has waiters enqueued */ ++static inline bool swaitqueue_active(struct swait_head *h) ++{ ++ /* Make sure the condition is visible before checking list_empty() */ ++ smp_mb(); ++ return !list_empty(&h->list); ++} ++ ++/* ++ * Wakeup functions ++ */ ++extern unsigned int __swait_wake(struct swait_head *head, unsigned int state, unsigned int num); ++extern unsigned int __swait_wake_locked(struct swait_head *head, unsigned int state, unsigned int num); ++ ++#define swait_wake(head) __swait_wake(head, TASK_NORMAL, 1) ++#define swait_wake_interruptible(head) __swait_wake(head, TASK_INTERRUPTIBLE, 1) ++#define swait_wake_all(head) __swait_wake(head, TASK_NORMAL, 0) ++#define swait_wake_all_interruptible(head) __swait_wake(head, TASK_INTERRUPTIBLE, 0) ++ ++/* ++ * Event API ++ */ ++#define __swait_event(wq, condition) \ ++do { \ ++ DEFINE_SWAITER(__wait); \ ++ \ ++ for (;;) { \ ++ swait_prepare(&wq, &__wait, TASK_UNINTERRUPTIBLE); \ ++ if (condition) \ ++ break; \ ++ schedule(); \ ++ } \ ++ swait_finish(&wq, &__wait); \ ++} while (0) ++ ++/** ++ * swait_event - sleep until a condition gets true ++ * @wq: the waitqueue to wait on ++ * @condition: a C expression for the event to wait for ++ * ++ * The process is put to sleep (TASK_UNINTERRUPTIBLE) until the ++ * @condition evaluates to true. The @condition is checked each time ++ * the waitqueue @wq is woken up. ++ * ++ * wake_up() has to be called after changing any variable that could ++ * change the result of the wait condition. ++ */ ++#define swait_event(wq, condition) \ ++do { \ ++ if (condition) \ ++ break; \ ++ __swait_event(wq, condition); \ ++} while (0) ++ ++#define __swait_event_interruptible(wq, condition, ret) \ ++do { \ ++ DEFINE_SWAITER(__wait); \ ++ \ ++ for (;;) { \ ++ swait_prepare(&wq, &__wait, TASK_INTERRUPTIBLE); \ ++ if (condition) \ ++ break; \ ++ if (signal_pending(current)) { \ ++ ret = -ERESTARTSYS; \ ++ break; \ ++ } \ ++ schedule(); \ ++ } \ ++ swait_finish(&wq, &__wait); \ ++} while (0) ++ ++#define __swait_event_interruptible_timeout(wq, condition, ret) \ ++do { \ ++ DEFINE_SWAITER(__wait); \ ++ \ ++ for (;;) { \ ++ swait_prepare(&wq, &__wait, TASK_INTERRUPTIBLE); \ ++ if (condition) \ ++ break; \ ++ if (signal_pending(current)) { \ ++ ret = -ERESTARTSYS; \ ++ break; \ ++ } \ ++ ret = schedule_timeout(ret); \ ++ if (!ret) \ ++ break; \ ++ } \ ++ swait_finish(&wq, &__wait); \ ++} while (0) ++ ++/** ++ * swait_event_interruptible - sleep until a condition gets true ++ * @wq: the waitqueue to wait on ++ * @condition: a C expression for the event to wait for ++ * ++ * The process is put to sleep (TASK_INTERRUPTIBLE) until the ++ * @condition evaluates to true. The @condition is checked each time ++ * the waitqueue @wq is woken up. ++ * ++ * wake_up() has to be called after changing any variable that could ++ * change the result of the wait condition. ++ */ ++#define swait_event_interruptible(wq, condition) \ ++({ \ ++ int __ret = 0; \ ++ if (!(condition)) \ ++ __swait_event_interruptible(wq, condition, __ret); \ ++ __ret; \ ++}) ++ ++#define swait_event_interruptible_timeout(wq, condition, timeout) \ ++({ \ ++ int __ret = timeout; \ ++ if (!(condition)) \ ++ __swait_event_interruptible_timeout(wq, condition, __ret); \ ++ __ret; \ ++}) ++ ++#define __swait_event_timeout(wq, condition, ret) \ ++do { \ ++ DEFINE_SWAITER(__wait); \ ++ \ ++ for (;;) { \ ++ swait_prepare(&wq, &__wait, TASK_UNINTERRUPTIBLE); \ ++ if (condition) \ ++ break; \ ++ ret = schedule_timeout(ret); \ ++ if (!ret) \ ++ break; \ ++ } \ ++ swait_finish(&wq, &__wait); \ ++} while (0) ++ ++/** ++ * swait_event_timeout - sleep until a condition gets true or a timeout elapses ++ * @wq: the waitqueue to wait on ++ * @condition: a C expression for the event to wait for ++ * @timeout: timeout, in jiffies ++ * ++ * The process is put to sleep (TASK_UNINTERRUPTIBLE) until the ++ * @condition evaluates to true. The @condition is checked each time ++ * the waitqueue @wq is woken up. ++ * ++ * wake_up() has to be called after changing any variable that could ++ * change the result of the wait condition. ++ * ++ * The function returns 0 if the @timeout elapsed, and the remaining ++ * jiffies if the condition evaluated to true before the timeout elapsed. ++ */ ++#define swait_event_timeout(wq, condition, timeout) \ ++({ \ ++ long __ret = timeout; \ ++ if (!(condition)) \ ++ __swait_event_timeout(wq, condition, __ret); \ ++ __ret; \ ++}) ++ ++#endif +diff -Nur linux-3.18.9.orig/include/linux/work-simple.h linux-3.18.9/include/linux/work-simple.h +--- linux-3.18.9.orig/include/linux/work-simple.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/linux/work-simple.h 2015-03-15 16:03:03.824094874 -0500 +@@ -0,0 +1,24 @@ ++#ifndef _LINUX_SWORK_H ++#define _LINUX_SWORK_H ++ ++#include <linux/list.h> ++ ++struct swork_event { ++ struct list_head item; ++ unsigned long flags; ++ void (*func)(struct swork_event *); ++}; ++ ++static inline void INIT_SWORK(struct swork_event *event, ++ void (*func)(struct swork_event *)) ++{ ++ event->flags = 0; ++ event->func = func; ++} ++ ++bool swork_queue(struct swork_event *sev); ++ ++int swork_get(void); ++void swork_put(void); ++ ++#endif /* _LINUX_SWORK_H */ +diff -Nur linux-3.18.9.orig/include/net/dst.h linux-3.18.9/include/net/dst.h +--- linux-3.18.9.orig/include/net/dst.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/net/dst.h 2015-03-15 16:03:03.824094874 -0500 +@@ -403,7 +403,7 @@ + static inline int dst_neigh_output(struct dst_entry *dst, struct neighbour *n, + struct sk_buff *skb) + { +- const struct hh_cache *hh; ++ struct hh_cache *hh; + + if (dst->pending_confirm) { + unsigned long now = jiffies; +diff -Nur linux-3.18.9.orig/include/net/neighbour.h linux-3.18.9/include/net/neighbour.h +--- linux-3.18.9.orig/include/net/neighbour.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/net/neighbour.h 2015-03-15 16:03:03.824094874 -0500 +@@ -387,7 +387,7 @@ + } + #endif + +-static inline int neigh_hh_output(const struct hh_cache *hh, struct sk_buff *skb) ++static inline int neigh_hh_output(struct hh_cache *hh, struct sk_buff *skb) + { + unsigned int seq; + int hh_len; +@@ -442,7 +442,7 @@ + + #define NEIGH_CB(skb) ((struct neighbour_cb *)(skb)->cb) + +-static inline void neigh_ha_snapshot(char *dst, const struct neighbour *n, ++static inline void neigh_ha_snapshot(char *dst, struct neighbour *n, + const struct net_device *dev) + { + unsigned int seq; +diff -Nur linux-3.18.9.orig/include/net/netns/ipv4.h linux-3.18.9/include/net/netns/ipv4.h +--- linux-3.18.9.orig/include/net/netns/ipv4.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/include/net/netns/ipv4.h 2015-03-15 16:03:03.824094874 -0500 +@@ -67,6 +67,7 @@ + + int sysctl_icmp_echo_ignore_all; + int sysctl_icmp_echo_ignore_broadcasts; ++ int sysctl_icmp_echo_sysrq; + int sysctl_icmp_ignore_bogus_error_responses; + int sysctl_icmp_ratelimit; + int sysctl_icmp_ratemask; +diff -Nur linux-3.18.9.orig/include/trace/events/hist.h linux-3.18.9/include/trace/events/hist.h +--- linux-3.18.9.orig/include/trace/events/hist.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/trace/events/hist.h 2015-03-15 16:03:03.824094874 -0500 +@@ -0,0 +1,72 @@ ++#undef TRACE_SYSTEM ++#define TRACE_SYSTEM hist ++ ++#if !defined(_TRACE_HIST_H) || defined(TRACE_HEADER_MULTI_READ) ++#define _TRACE_HIST_H ++ ++#include "latency_hist.h" ++#include <linux/tracepoint.h> ++ ++#if !defined(CONFIG_PREEMPT_OFF_HIST) && !defined(CONFIG_INTERRUPT_OFF_HIST) ++#define trace_preemptirqsoff_hist(a, b) ++#else ++TRACE_EVENT(preemptirqsoff_hist, ++ ++ TP_PROTO(int reason, int starthist), ++ ++ TP_ARGS(reason, starthist), ++ ++ TP_STRUCT__entry( ++ __field(int, reason) ++ __field(int, starthist) ++ ), ++ ++ TP_fast_assign( ++ __entry->reason = reason; ++ __entry->starthist = starthist; ++ ), ++ ++ TP_printk("reason=%s starthist=%s", getaction(__entry->reason), ++ __entry->starthist ? "start" : "stop") ++); ++#endif ++ ++#ifndef CONFIG_MISSED_TIMER_OFFSETS_HIST ++#define trace_hrtimer_interrupt(a, b, c, d) ++#else ++TRACE_EVENT(hrtimer_interrupt, ++ ++ TP_PROTO(int cpu, long long offset, struct task_struct *curr, ++ struct task_struct *task), ++ ++ TP_ARGS(cpu, offset, curr, task), ++ ++ TP_STRUCT__entry( ++ __field(int, cpu) ++ __field(long long, offset) ++ __array(char, ccomm, TASK_COMM_LEN) ++ __field(int, cprio) ++ __array(char, tcomm, TASK_COMM_LEN) ++ __field(int, tprio) ++ ), ++ ++ TP_fast_assign( ++ __entry->cpu = cpu; ++ __entry->offset = offset; ++ memcpy(__entry->ccomm, curr->comm, TASK_COMM_LEN); ++ __entry->cprio = curr->prio; ++ memcpy(__entry->tcomm, task != NULL ? task->comm : "<none>", ++ task != NULL ? TASK_COMM_LEN : 7); ++ __entry->tprio = task != NULL ? task->prio : -1; ++ ), ++ ++ TP_printk("cpu=%d offset=%lld curr=%s[%d] thread=%s[%d]", ++ __entry->cpu, __entry->offset, __entry->ccomm, ++ __entry->cprio, __entry->tcomm, __entry->tprio) ++); ++#endif ++ ++#endif /* _TRACE_HIST_H */ ++ ++/* This part must be outside protection */ ++#include <trace/define_trace.h> +diff -Nur linux-3.18.9.orig/include/trace/events/latency_hist.h linux-3.18.9/include/trace/events/latency_hist.h +--- linux-3.18.9.orig/include/trace/events/latency_hist.h 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/include/trace/events/latency_hist.h 2015-03-15 16:03:03.824094874 -0500 +@@ -0,0 +1,29 @@ ++#ifndef _LATENCY_HIST_H ++#define _LATENCY_HIST_H ++ ++enum hist_action { ++ IRQS_ON, ++ PREEMPT_ON, ++ TRACE_STOP, ++ IRQS_OFF, ++ PREEMPT_OFF, ++ TRACE_START, ++}; ++ ++static char *actions[] = { ++ "IRQS_ON", ++ "PREEMPT_ON", ++ "TRACE_STOP", ++ "IRQS_OFF", ++ "PREEMPT_OFF", ++ "TRACE_START", ++}; ++ ++static inline char *getaction(int action) ++{ ++ if (action >= 0 && action <= sizeof(actions)/sizeof(actions[0])) ++ return actions[action]; ++ return "unknown"; ++} ++ ++#endif /* _LATENCY_HIST_H */ +diff -Nur linux-3.18.9.orig/init/Kconfig linux-3.18.9/init/Kconfig +--- linux-3.18.9.orig/init/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/init/Kconfig 2015-03-15 16:03:03.824094874 -0500 +@@ -635,7 +635,7 @@ + + config RCU_FAST_NO_HZ + bool "Accelerate last non-dyntick-idle CPU's grace periods" +- depends on NO_HZ_COMMON && SMP ++ depends on NO_HZ_COMMON && SMP && !PREEMPT_RT_FULL + default n + help + This option permits CPUs to enter dynticks-idle state even if +@@ -662,7 +662,7 @@ + config RCU_BOOST + bool "Enable RCU priority boosting" + depends on RT_MUTEXES && PREEMPT_RCU +- default n ++ default y if PREEMPT_RT_FULL + help + This option boosts the priority of preempted RCU readers that + block the current preemptible RCU grace period for too long. +@@ -1106,6 +1106,7 @@ + config RT_GROUP_SCHED + bool "Group scheduling for SCHED_RR/FIFO" + depends on CGROUP_SCHED ++ depends on !PREEMPT_RT_FULL + default n + help + This feature lets you explicitly allocate real CPU bandwidth +@@ -1677,6 +1678,7 @@ + + config SLAB + bool "SLAB" ++ depends on !PREEMPT_RT_FULL + help + The regular slab allocator that is established and known to work + well in all environments. It organizes cache hot objects in +@@ -1695,6 +1697,7 @@ + config SLOB + depends on EXPERT + bool "SLOB (Simple Allocator)" ++ depends on !PREEMPT_RT_FULL + help + SLOB replaces the stock allocator with a drastically simpler + allocator. SLOB is generally more space efficient but +diff -Nur linux-3.18.9.orig/init/main.c linux-3.18.9/init/main.c +--- linux-3.18.9.orig/init/main.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/init/main.c 2015-03-15 16:03:03.828094874 -0500 +@@ -533,6 +533,7 @@ + setup_command_line(command_line); + setup_nr_cpu_ids(); + setup_per_cpu_areas(); ++ softirq_early_init(); + smp_prepare_boot_cpu(); /* arch-specific boot-cpu hooks */ + + build_all_zonelists(NULL, NULL); +diff -Nur linux-3.18.9.orig/init/Makefile linux-3.18.9/init/Makefile +--- linux-3.18.9.orig/init/Makefile 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/init/Makefile 2015-03-15 16:03:03.828094874 -0500 +@@ -33,4 +33,4 @@ + include/generated/compile.h: FORCE + @$($(quiet)chk_compile.h) + $(Q)$(CONFIG_SHELL) $(srctree)/scripts/mkcompile_h $@ \ +- "$(UTS_MACHINE)" "$(CONFIG_SMP)" "$(CONFIG_PREEMPT)" "$(CC) $(KBUILD_CFLAGS)" ++ "$(UTS_MACHINE)" "$(CONFIG_SMP)" "$(CONFIG_PREEMPT)" "$(CONFIG_PREEMPT_RT_FULL)" "$(CC) $(KBUILD_CFLAGS)" +diff -Nur linux-3.18.9.orig/ipc/mqueue.c linux-3.18.9/ipc/mqueue.c +--- linux-3.18.9.orig/ipc/mqueue.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/ipc/mqueue.c 2015-03-15 16:03:03.828094874 -0500 +@@ -923,12 +923,17 @@ + struct msg_msg *message, + struct ext_wait_queue *receiver) + { ++ /* ++ * Keep them in one critical section for PREEMPT_RT: ++ */ ++ preempt_disable_rt(); + receiver->msg = message; + list_del(&receiver->list); + receiver->state = STATE_PENDING; + wake_up_process(receiver->task); + smp_wmb(); + receiver->state = STATE_READY; ++ preempt_enable_rt(); + } + + /* pipelined_receive() - if there is task waiting in sys_mq_timedsend() +@@ -942,13 +947,18 @@ + wake_up_interruptible(&info->wait_q); + return; + } +- if (msg_insert(sender->msg, info)) +- return; +- list_del(&sender->list); +- sender->state = STATE_PENDING; +- wake_up_process(sender->task); +- smp_wmb(); +- sender->state = STATE_READY; ++ /* ++ * Keep them in one critical section for PREEMPT_RT: ++ */ ++ preempt_disable_rt(); ++ if (!msg_insert(sender->msg, info)) { ++ list_del(&sender->list); ++ sender->state = STATE_PENDING; ++ wake_up_process(sender->task); ++ smp_wmb(); ++ sender->state = STATE_READY; ++ } ++ preempt_enable_rt(); + } + + SYSCALL_DEFINE5(mq_timedsend, mqd_t, mqdes, const char __user *, u_msg_ptr, +diff -Nur linux-3.18.9.orig/ipc/msg.c linux-3.18.9/ipc/msg.c +--- linux-3.18.9.orig/ipc/msg.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/ipc/msg.c 2015-03-15 16:03:03.828094874 -0500 +@@ -188,6 +188,12 @@ + struct msg_receiver *msr, *t; + + list_for_each_entry_safe(msr, t, &msq->q_receivers, r_list) { ++ /* ++ * Make sure that the wakeup doesnt preempt ++ * this CPU prematurely. (on PREEMPT_RT) ++ */ ++ preempt_disable_rt(); ++ + msr->r_msg = NULL; /* initialize expunge ordering */ + wake_up_process(msr->r_tsk); + /* +@@ -198,6 +204,8 @@ + */ + smp_mb(); + msr->r_msg = ERR_PTR(res); ++ ++ preempt_enable_rt(); + } + } + +@@ -574,6 +582,11 @@ + if (testmsg(msg, msr->r_msgtype, msr->r_mode) && + !security_msg_queue_msgrcv(msq, msg, msr->r_tsk, + msr->r_msgtype, msr->r_mode)) { ++ /* ++ * Make sure that the wakeup doesnt preempt ++ * this CPU prematurely. (on PREEMPT_RT) ++ */ ++ preempt_disable_rt(); + + list_del(&msr->r_list); + if (msr->r_maxsize < msg->m_ts) { +@@ -595,12 +608,13 @@ + */ + smp_mb(); + msr->r_msg = msg; ++ preempt_enable_rt(); + + return 1; + } ++ preempt_enable_rt(); + } + } +- + return 0; + } + +diff -Nur linux-3.18.9.orig/ipc/sem.c linux-3.18.9/ipc/sem.c +--- linux-3.18.9.orig/ipc/sem.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/ipc/sem.c 2015-03-15 16:03:03.828094874 -0500 +@@ -673,6 +673,13 @@ + static void wake_up_sem_queue_prepare(struct list_head *pt, + struct sem_queue *q, int error) + { ++#ifdef CONFIG_PREEMPT_RT_BASE ++ struct task_struct *p = q->sleeper; ++ get_task_struct(p); ++ q->status = error; ++ wake_up_process(p); ++ put_task_struct(p); ++#else + if (list_empty(pt)) { + /* + * Hold preempt off so that we don't get preempted and have the +@@ -684,6 +691,7 @@ + q->pid = error; + + list_add_tail(&q->list, pt); ++#endif + } + + /** +@@ -697,6 +705,7 @@ + */ + static void wake_up_sem_queue_do(struct list_head *pt) + { ++#ifndef CONFIG_PREEMPT_RT_BASE + struct sem_queue *q, *t; + int did_something; + +@@ -709,6 +718,7 @@ + } + if (did_something) + preempt_enable(); ++#endif + } + + static void unlink_queue(struct sem_array *sma, struct sem_queue *q) +diff -Nur linux-3.18.9.orig/kernel/cgroup.c linux-3.18.9/kernel/cgroup.c +--- linux-3.18.9.orig/kernel/cgroup.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/cgroup.c 2015-03-15 16:03:03.828094874 -0500 +@@ -4355,10 +4355,10 @@ + queue_work(cgroup_destroy_wq, &css->destroy_work); + } + +-static void css_release_work_fn(struct work_struct *work) ++static void css_release_work_fn(struct swork_event *sev) + { + struct cgroup_subsys_state *css = +- container_of(work, struct cgroup_subsys_state, destroy_work); ++ container_of(sev, struct cgroup_subsys_state, destroy_swork); + struct cgroup_subsys *ss = css->ss; + struct cgroup *cgrp = css->cgroup; + +@@ -4395,8 +4395,8 @@ + struct cgroup_subsys_state *css = + container_of(ref, struct cgroup_subsys_state, refcnt); + +- INIT_WORK(&css->destroy_work, css_release_work_fn); +- queue_work(cgroup_destroy_wq, &css->destroy_work); ++ INIT_SWORK(&css->destroy_swork, css_release_work_fn); ++ swork_queue(&css->destroy_swork); + } + + static void init_and_link_css(struct cgroup_subsys_state *css, +@@ -4997,6 +4997,7 @@ + */ + cgroup_destroy_wq = alloc_workqueue("cgroup_destroy", 0, 1); + BUG_ON(!cgroup_destroy_wq); ++ BUG_ON(swork_get()); + + /* + * Used to destroy pidlists and separate to serve as flush domain. +diff -Nur linux-3.18.9.orig/kernel/cpu.c linux-3.18.9/kernel/cpu.c +--- linux-3.18.9.orig/kernel/cpu.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/cpu.c 2015-03-15 16:03:03.828094874 -0500 +@@ -86,6 +86,290 @@ + #define cpuhp_lock_acquire() lock_map_acquire(&cpu_hotplug.dep_map) + #define cpuhp_lock_release() lock_map_release(&cpu_hotplug.dep_map) + ++/** ++ * hotplug_pcp - per cpu hotplug descriptor ++ * @unplug: set when pin_current_cpu() needs to sync tasks ++ * @sync_tsk: the task that waits for tasks to finish pinned sections ++ * @refcount: counter of tasks in pinned sections ++ * @grab_lock: set when the tasks entering pinned sections should wait ++ * @synced: notifier for @sync_tsk to tell cpu_down it's finished ++ * @mutex: the mutex to make tasks wait (used when @grab_lock is true) ++ * @mutex_init: zero if the mutex hasn't been initialized yet. ++ * ++ * Although @unplug and @sync_tsk may point to the same task, the @unplug ++ * is used as a flag and still exists after @sync_tsk has exited and ++ * @sync_tsk set to NULL. ++ */ ++struct hotplug_pcp { ++ struct task_struct *unplug; ++ struct task_struct *sync_tsk; ++ int refcount; ++ int grab_lock; ++ struct completion synced; ++ struct completion unplug_wait; ++#ifdef CONFIG_PREEMPT_RT_FULL ++ /* ++ * Note, on PREEMPT_RT, the hotplug lock must save the state of ++ * the task, otherwise the mutex will cause the task to fail ++ * to sleep when required. (Because it's called from migrate_disable()) ++ * ++ * The spinlock_t on PREEMPT_RT is a mutex that saves the task's ++ * state. ++ */ ++ spinlock_t lock; ++#else ++ struct mutex mutex; ++#endif ++ int mutex_init; ++}; ++ ++#ifdef CONFIG_PREEMPT_RT_FULL ++# define hotplug_lock(hp) rt_spin_lock(&(hp)->lock) ++# define hotplug_unlock(hp) rt_spin_unlock(&(hp)->lock) ++#else ++# define hotplug_lock(hp) mutex_lock(&(hp)->mutex) ++# define hotplug_unlock(hp) mutex_unlock(&(hp)->mutex) ++#endif ++ ++static DEFINE_PER_CPU(struct hotplug_pcp, hotplug_pcp); ++ ++/** ++ * pin_current_cpu - Prevent the current cpu from being unplugged ++ * ++ * Lightweight version of get_online_cpus() to prevent cpu from being ++ * unplugged when code runs in a migration disabled region. ++ * ++ * Must be called with preemption disabled (preempt_count = 1)! ++ */ ++void pin_current_cpu(void) ++{ ++ struct hotplug_pcp *hp; ++ int force = 0; ++ ++retry: ++ hp = &__get_cpu_var(hotplug_pcp); ++ ++ if (!hp->unplug || hp->refcount || force || preempt_count() > 1 || ++ hp->unplug == current) { ++ hp->refcount++; ++ return; ++ } ++ if (hp->grab_lock) { ++ preempt_enable(); ++ hotplug_lock(hp); ++ hotplug_unlock(hp); ++ } else { ++ preempt_enable(); ++ /* ++ * Try to push this task off of this CPU. ++ */ ++ if (!migrate_me()) { ++ preempt_disable(); ++ hp = &__get_cpu_var(hotplug_pcp); ++ if (!hp->grab_lock) { ++ /* ++ * Just let it continue it's already pinned ++ * or about to sleep. ++ */ ++ force = 1; ++ goto retry; ++ } ++ preempt_enable(); ++ } ++ } ++ preempt_disable(); ++ goto retry; ++} ++ ++/** ++ * unpin_current_cpu - Allow unplug of current cpu ++ * ++ * Must be called with preemption or interrupts disabled! ++ */ ++void unpin_current_cpu(void) ++{ ++ struct hotplug_pcp *hp = &__get_cpu_var(hotplug_pcp); ++ ++ WARN_ON(hp->refcount <= 0); ++ ++ /* This is safe. sync_unplug_thread is pinned to this cpu */ ++ if (!--hp->refcount && hp->unplug && hp->unplug != current) ++ wake_up_process(hp->unplug); ++} ++ ++static void wait_for_pinned_cpus(struct hotplug_pcp *hp) ++{ ++ set_current_state(TASK_UNINTERRUPTIBLE); ++ while (hp->refcount) { ++ schedule_preempt_disabled(); ++ set_current_state(TASK_UNINTERRUPTIBLE); ++ } ++} ++ ++static int sync_unplug_thread(void *data) ++{ ++ struct hotplug_pcp *hp = data; ++ ++ wait_for_completion(&hp->unplug_wait); ++ preempt_disable(); ++ hp->unplug = current; ++ wait_for_pinned_cpus(hp); ++ ++ /* ++ * This thread will synchronize the cpu_down() with threads ++ * that have pinned the CPU. When the pinned CPU count reaches ++ * zero, we inform the cpu_down code to continue to the next step. ++ */ ++ set_current_state(TASK_UNINTERRUPTIBLE); ++ preempt_enable(); ++ complete(&hp->synced); ++ ++ /* ++ * If all succeeds, the next step will need tasks to wait till ++ * the CPU is offline before continuing. To do this, the grab_lock ++ * is set and tasks going into pin_current_cpu() will block on the ++ * mutex. But we still need to wait for those that are already in ++ * pinned CPU sections. If the cpu_down() failed, the kthread_should_stop() ++ * will kick this thread out. ++ */ ++ while (!hp->grab_lock && !kthread_should_stop()) { ++ schedule(); ++ set_current_state(TASK_UNINTERRUPTIBLE); ++ } ++ ++ /* Make sure grab_lock is seen before we see a stale completion */ ++ smp_mb(); ++ ++ /* ++ * Now just before cpu_down() enters stop machine, we need to make ++ * sure all tasks that are in pinned CPU sections are out, and new ++ * tasks will now grab the lock, keeping them from entering pinned ++ * CPU sections. ++ */ ++ if (!kthread_should_stop()) { ++ preempt_disable(); ++ wait_for_pinned_cpus(hp); ++ preempt_enable(); ++ complete(&hp->synced); ++ } ++ ++ set_current_state(TASK_UNINTERRUPTIBLE); ++ while (!kthread_should_stop()) { ++ schedule(); ++ set_current_state(TASK_UNINTERRUPTIBLE); ++ } ++ set_current_state(TASK_RUNNING); ++ ++ /* ++ * Force this thread off this CPU as it's going down and ++ * we don't want any more work on this CPU. ++ */ ++ current->flags &= ~PF_NO_SETAFFINITY; ++ do_set_cpus_allowed(current, cpu_present_mask); ++ migrate_me(); ++ return 0; ++} ++ ++static void __cpu_unplug_sync(struct hotplug_pcp *hp) ++{ ++ wake_up_process(hp->sync_tsk); ++ wait_for_completion(&hp->synced); ++} ++ ++static void __cpu_unplug_wait(unsigned int cpu) ++{ ++ struct hotplug_pcp *hp = &per_cpu(hotplug_pcp, cpu); ++ ++ complete(&hp->unplug_wait); ++ wait_for_completion(&hp->synced); ++} ++ ++/* ++ * Start the sync_unplug_thread on the target cpu and wait for it to ++ * complete. ++ */ ++static int cpu_unplug_begin(unsigned int cpu) ++{ ++ struct hotplug_pcp *hp = &per_cpu(hotplug_pcp, cpu); ++ int err; ++ ++ /* Protected by cpu_hotplug.lock */ ++ if (!hp->mutex_init) { ++#ifdef CONFIG_PREEMPT_RT_FULL ++ spin_lock_init(&hp->lock); ++#else ++ mutex_init(&hp->mutex); ++#endif ++ hp->mutex_init = 1; ++ } ++ ++ /* Inform the scheduler to migrate tasks off this CPU */ ++ tell_sched_cpu_down_begin(cpu); ++ ++ init_completion(&hp->synced); ++ init_completion(&hp->unplug_wait); ++ ++ hp->sync_tsk = kthread_create(sync_unplug_thread, hp, "sync_unplug/%d", cpu); ++ if (IS_ERR(hp->sync_tsk)) { ++ err = PTR_ERR(hp->sync_tsk); ++ hp->sync_tsk = NULL; ++ return err; ++ } ++ kthread_bind(hp->sync_tsk, cpu); ++ ++ /* ++ * Wait for tasks to get out of the pinned sections, ++ * it's still OK if new tasks enter. Some CPU notifiers will ++ * wait for tasks that are going to enter these sections and ++ * we must not have them block. ++ */ ++ wake_up_process(hp->sync_tsk); ++ return 0; ++} ++ ++static void cpu_unplug_sync(unsigned int cpu) ++{ ++ struct hotplug_pcp *hp = &per_cpu(hotplug_pcp, cpu); ++ ++ init_completion(&hp->synced); ++ /* The completion needs to be initialzied before setting grab_lock */ ++ smp_wmb(); ++ ++ /* Grab the mutex before setting grab_lock */ ++ hotplug_lock(hp); ++ hp->grab_lock = 1; ++ ++ /* ++ * The CPU notifiers have been completed. ++ * Wait for tasks to get out of pinned CPU sections and have new ++ * tasks block until the CPU is completely down. ++ */ ++ __cpu_unplug_sync(hp); ++ ++ /* All done with the sync thread */ ++ kthread_stop(hp->sync_tsk); ++ hp->sync_tsk = NULL; ++} ++ ++static void cpu_unplug_done(unsigned int cpu) ++{ ++ struct hotplug_pcp *hp = &per_cpu(hotplug_pcp, cpu); ++ ++ hp->unplug = NULL; ++ /* Let all tasks know cpu unplug is finished before cleaning up */ ++ smp_wmb(); ++ ++ if (hp->sync_tsk) ++ kthread_stop(hp->sync_tsk); ++ ++ if (hp->grab_lock) { ++ hotplug_unlock(hp); ++ /* protected by cpu_hotplug.lock */ ++ hp->grab_lock = 0; ++ } ++ tell_sched_cpu_down_done(cpu); ++} ++ + void get_online_cpus(void) + { + might_sleep(); +@@ -102,6 +386,7 @@ + { + if (cpu_hotplug.active_writer == current) + return true; ++ + if (!mutex_trylock(&cpu_hotplug.lock)) + return false; + cpuhp_lock_acquire_tryread(); +@@ -349,13 +634,15 @@ + /* Requires cpu_add_remove_lock to be held */ + static int __ref _cpu_down(unsigned int cpu, int tasks_frozen) + { +- int err, nr_calls = 0; ++ int mycpu, err, nr_calls = 0; + void *hcpu = (void *)(long)cpu; + unsigned long mod = tasks_frozen ? CPU_TASKS_FROZEN : 0; + struct take_cpu_down_param tcd_param = { + .mod = mod, + .hcpu = hcpu, + }; ++ cpumask_var_t cpumask; ++ cpumask_var_t cpumask_org; + + if (num_online_cpus() == 1) + return -EBUSY; +@@ -363,7 +650,34 @@ + if (!cpu_online(cpu)) + return -EINVAL; + ++ /* Move the downtaker off the unplug cpu */ ++ if (!alloc_cpumask_var(&cpumask, GFP_KERNEL)) ++ return -ENOMEM; ++ if (!alloc_cpumask_var(&cpumask_org, GFP_KERNEL)) { ++ free_cpumask_var(cpumask); ++ return -ENOMEM; ++ } ++ ++ cpumask_copy(cpumask_org, tsk_cpus_allowed(current)); ++ cpumask_andnot(cpumask, cpu_online_mask, cpumask_of(cpu)); ++ set_cpus_allowed_ptr(current, cpumask); ++ free_cpumask_var(cpumask); ++ migrate_disable(); ++ mycpu = smp_processor_id(); ++ if (mycpu == cpu) { ++ printk(KERN_ERR "Yuck! Still on unplug CPU\n!"); ++ migrate_enable(); ++ err = -EBUSY; ++ goto restore_cpus; ++ } ++ migrate_enable(); ++ + cpu_hotplug_begin(); ++ err = cpu_unplug_begin(cpu); ++ if (err) { ++ printk("cpu_unplug_begin(%d) failed\n", cpu); ++ goto out_cancel; ++ } + + err = __cpu_notify(CPU_DOWN_PREPARE | mod, hcpu, -1, &nr_calls); + if (err) { +@@ -389,8 +703,12 @@ + #endif + synchronize_rcu(); + ++ __cpu_unplug_wait(cpu); + smpboot_park_threads(cpu); + ++ /* Notifiers are done. Don't let any more tasks pin this CPU. */ ++ cpu_unplug_sync(cpu); ++ + /* + * So now all preempt/rcu users must observe !cpu_active(). + */ +@@ -423,9 +741,14 @@ + check_for_tasks(cpu); + + out_release: ++ cpu_unplug_done(cpu); ++out_cancel: + cpu_hotplug_done(); + if (!err) + cpu_notify_nofail(CPU_POST_DEAD | mod, hcpu); ++restore_cpus: ++ set_cpus_allowed_ptr(current, cpumask_org); ++ free_cpumask_var(cpumask_org); + return err; + } + +diff -Nur linux-3.18.9.orig/kernel/debug/kdb/kdb_io.c linux-3.18.9/kernel/debug/kdb/kdb_io.c +--- linux-3.18.9.orig/kernel/debug/kdb/kdb_io.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/debug/kdb/kdb_io.c 2015-03-15 16:03:03.828094874 -0500 +@@ -554,7 +554,6 @@ + int linecount; + int colcount; + int logging, saved_loglevel = 0; +- int saved_trap_printk; + int got_printf_lock = 0; + int retlen = 0; + int fnd, len; +@@ -565,8 +564,6 @@ + unsigned long uninitialized_var(flags); + + preempt_disable(); +- saved_trap_printk = kdb_trap_printk; +- kdb_trap_printk = 0; + + /* Serialize kdb_printf if multiple cpus try to write at once. + * But if any cpu goes recursive in kdb, just print the output, +@@ -833,7 +830,6 @@ + } else { + __release(kdb_printf_lock); + } +- kdb_trap_printk = saved_trap_printk; + preempt_enable(); + return retlen; + } +@@ -843,9 +839,11 @@ + va_list ap; + int r; + ++ kdb_trap_printk++; + va_start(ap, fmt); + r = vkdb_printf(fmt, ap); + va_end(ap); ++ kdb_trap_printk--; + + return r; + } +diff -Nur linux-3.18.9.orig/kernel/events/core.c linux-3.18.9/kernel/events/core.c +--- linux-3.18.9.orig/kernel/events/core.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/events/core.c 2015-03-15 16:03:03.832094874 -0500 +@@ -6336,6 +6336,7 @@ + + hrtimer_init(&hwc->hrtimer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hwc->hrtimer.function = perf_swevent_hrtimer; ++ hwc->hrtimer.irqsafe = 1; + + /* + * Since hrtimers have a fixed rate, we can do a static freq->period +diff -Nur linux-3.18.9.orig/kernel/exit.c linux-3.18.9/kernel/exit.c +--- linux-3.18.9.orig/kernel/exit.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/exit.c 2015-03-15 16:03:03.832094874 -0500 +@@ -147,7 +147,7 @@ + * Do this under ->siglock, we can race with another thread + * doing sigqueue_free() if we have SIGQUEUE_PREALLOC signals. + */ +- flush_sigqueue(&tsk->pending); ++ flush_task_sigqueue(tsk); + tsk->sighand = NULL; + spin_unlock(&sighand->siglock); + +diff -Nur linux-3.18.9.orig/kernel/fork.c linux-3.18.9/kernel/fork.c +--- linux-3.18.9.orig/kernel/fork.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/fork.c 2015-03-15 16:03:03.832094874 -0500 +@@ -97,7 +97,7 @@ + + DEFINE_PER_CPU(unsigned long, process_counts) = 0; + +-__cacheline_aligned DEFINE_RWLOCK(tasklist_lock); /* outer */ ++DEFINE_RWLOCK(tasklist_lock); /* outer */ + + #ifdef CONFIG_PROVE_RCU + int lockdep_tasklist_lock_is_held(void) +@@ -233,7 +233,9 @@ + if (atomic_dec_and_test(&sig->sigcnt)) + free_signal_struct(sig); + } +- ++#ifdef CONFIG_PREEMPT_RT_BASE ++static ++#endif + void __put_task_struct(struct task_struct *tsk) + { + WARN_ON(!tsk->exit_state); +@@ -249,7 +251,18 @@ + if (!profile_handoff_task(tsk)) + free_task(tsk); + } ++#ifndef CONFIG_PREEMPT_RT_BASE + EXPORT_SYMBOL_GPL(__put_task_struct); ++#else ++void __put_task_struct_cb(struct rcu_head *rhp) ++{ ++ struct task_struct *tsk = container_of(rhp, struct task_struct, put_rcu); ++ ++ __put_task_struct(tsk); ++ ++} ++EXPORT_SYMBOL_GPL(__put_task_struct_cb); ++#endif + + void __init __weak arch_task_cache_init(void) { } + +@@ -643,6 +656,19 @@ + } + EXPORT_SYMBOL_GPL(__mmdrop); + ++#ifdef CONFIG_PREEMPT_RT_BASE ++/* ++ * RCU callback for delayed mm drop. Not strictly rcu, but we don't ++ * want another facility to make this work. ++ */ ++void __mmdrop_delayed(struct rcu_head *rhp) ++{ ++ struct mm_struct *mm = container_of(rhp, struct mm_struct, delayed_drop); ++ ++ __mmdrop(mm); ++} ++#endif ++ + /* + * Decrement the use count and release all resources for an mm. + */ +@@ -1157,6 +1183,9 @@ + */ + static void posix_cpu_timers_init(struct task_struct *tsk) + { ++#ifdef CONFIG_PREEMPT_RT_BASE ++ tsk->posix_timer_list = NULL; ++#endif + tsk->cputime_expires.prof_exp = 0; + tsk->cputime_expires.virt_exp = 0; + tsk->cputime_expires.sched_exp = 0; +@@ -1284,6 +1313,7 @@ + spin_lock_init(&p->alloc_lock); + + init_sigpending(&p->pending); ++ p->sigqueue_cache = NULL; + + p->utime = p->stime = p->gtime = 0; + p->utimescaled = p->stimescaled = 0; +@@ -1291,7 +1321,8 @@ + p->prev_cputime.utime = p->prev_cputime.stime = 0; + #endif + #ifdef CONFIG_VIRT_CPU_ACCOUNTING_GEN +- seqlock_init(&p->vtime_seqlock); ++ raw_spin_lock_init(&p->vtime_lock); ++ seqcount_init(&p->vtime_seq); + p->vtime_snap = 0; + p->vtime_snap_whence = VTIME_SLEEPING; + #endif +@@ -1342,6 +1373,9 @@ + p->hardirq_context = 0; + p->softirq_context = 0; + #endif ++#ifdef CONFIG_PREEMPT_RT_FULL ++ p->pagefault_disabled = 0; ++#endif + #ifdef CONFIG_LOCKDEP + p->lockdep_depth = 0; /* no locks held yet */ + p->curr_chain_key = 0; +diff -Nur linux-3.18.9.orig/kernel/futex.c linux-3.18.9/kernel/futex.c +--- linux-3.18.9.orig/kernel/futex.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/futex.c 2015-03-15 16:03:03.832094874 -0500 +@@ -738,7 +738,9 @@ + * task still owns the PI-state: + */ + if (head->next != next) { ++ raw_spin_unlock_irq(&curr->pi_lock); + spin_unlock(&hb->lock); ++ raw_spin_lock_irq(&curr->pi_lock); + continue; + } + +@@ -1705,6 +1707,16 @@ + requeue_pi_wake_futex(this, &key2, hb2); + drop_count++; + continue; ++ } else if (ret == -EAGAIN) { ++ /* ++ * Waiter was woken by timeout or ++ * signal and has set pi_blocked_on to ++ * PI_WAKEUP_INPROGRESS before we ++ * tried to enqueue it on the rtmutex. ++ */ ++ this->pi_state = NULL; ++ free_pi_state(pi_state); ++ continue; + } else if (ret) { + /* -EDEADLK */ + this->pi_state = NULL; +@@ -2549,7 +2561,7 @@ + struct hrtimer_sleeper timeout, *to = NULL; + struct rt_mutex_waiter rt_waiter; + struct rt_mutex *pi_mutex = NULL; +- struct futex_hash_bucket *hb; ++ struct futex_hash_bucket *hb, *hb2; + union futex_key key2 = FUTEX_KEY_INIT; + struct futex_q q = futex_q_init; + int res, ret; +@@ -2574,10 +2586,7 @@ + * The waiter is allocated on our stack, manipulated by the requeue + * code while we sleep on uaddr. + */ +- debug_rt_mutex_init_waiter(&rt_waiter); +- RB_CLEAR_NODE(&rt_waiter.pi_tree_entry); +- RB_CLEAR_NODE(&rt_waiter.tree_entry); +- rt_waiter.task = NULL; ++ rt_mutex_init_waiter(&rt_waiter, false); + + ret = get_futex_key(uaddr2, flags & FLAGS_SHARED, &key2, VERIFY_WRITE); + if (unlikely(ret != 0)) +@@ -2608,20 +2617,55 @@ + /* Queue the futex_q, drop the hb lock, wait for wakeup. */ + futex_wait_queue_me(hb, &q, to); + +- spin_lock(&hb->lock); +- ret = handle_early_requeue_pi_wakeup(hb, &q, &key2, to); +- spin_unlock(&hb->lock); +- if (ret) +- goto out_put_keys; ++ /* ++ * On RT we must avoid races with requeue and trying to block ++ * on two mutexes (hb->lock and uaddr2's rtmutex) by ++ * serializing access to pi_blocked_on with pi_lock. ++ */ ++ raw_spin_lock_irq(¤t->pi_lock); ++ if (current->pi_blocked_on) { ++ /* ++ * We have been requeued or are in the process of ++ * being requeued. ++ */ ++ raw_spin_unlock_irq(¤t->pi_lock); ++ } else { ++ /* ++ * Setting pi_blocked_on to PI_WAKEUP_INPROGRESS ++ * prevents a concurrent requeue from moving us to the ++ * uaddr2 rtmutex. After that we can safely acquire ++ * (and possibly block on) hb->lock. ++ */ ++ current->pi_blocked_on = PI_WAKEUP_INPROGRESS; ++ raw_spin_unlock_irq(¤t->pi_lock); ++ ++ spin_lock(&hb->lock); ++ ++ /* ++ * Clean up pi_blocked_on. We might leak it otherwise ++ * when we succeeded with the hb->lock in the fast ++ * path. ++ */ ++ raw_spin_lock_irq(¤t->pi_lock); ++ current->pi_blocked_on = NULL; ++ raw_spin_unlock_irq(¤t->pi_lock); ++ ++ ret = handle_early_requeue_pi_wakeup(hb, &q, &key2, to); ++ spin_unlock(&hb->lock); ++ if (ret) ++ goto out_put_keys; ++ } + + /* +- * In order for us to be here, we know our q.key == key2, and since +- * we took the hb->lock above, we also know that futex_requeue() has +- * completed and we no longer have to concern ourselves with a wakeup +- * race with the atomic proxy lock acquisition by the requeue code. The +- * futex_requeue dropped our key1 reference and incremented our key2 +- * reference count. ++ * In order to be here, we have either been requeued, are in ++ * the process of being requeued, or requeue successfully ++ * acquired uaddr2 on our behalf. If pi_blocked_on was ++ * non-null above, we may be racing with a requeue. Do not ++ * rely on q->lock_ptr to be hb2->lock until after blocking on ++ * hb->lock or hb2->lock. The futex_requeue dropped our key1 ++ * reference and incremented our key2 reference count. + */ ++ hb2 = hash_futex(&key2); + + /* Check if the requeue code acquired the second futex for us. */ + if (!q.rt_waiter) { +@@ -2630,9 +2674,10 @@ + * did a lock-steal - fix up the PI-state in that case. + */ + if (q.pi_state && (q.pi_state->owner != current)) { +- spin_lock(q.lock_ptr); ++ spin_lock(&hb2->lock); ++ BUG_ON(&hb2->lock != q.lock_ptr); + ret = fixup_pi_state_owner(uaddr2, &q, current); +- spin_unlock(q.lock_ptr); ++ spin_unlock(&hb2->lock); + } + } else { + /* +@@ -2645,7 +2690,8 @@ + ret = rt_mutex_finish_proxy_lock(pi_mutex, to, &rt_waiter); + debug_rt_mutex_free_waiter(&rt_waiter); + +- spin_lock(q.lock_ptr); ++ spin_lock(&hb2->lock); ++ BUG_ON(&hb2->lock != q.lock_ptr); + /* + * Fixup the pi_state owner and possibly acquire the lock if we + * haven't already. +diff -Nur linux-3.18.9.orig/kernel/irq/handle.c linux-3.18.9/kernel/irq/handle.c +--- linux-3.18.9.orig/kernel/irq/handle.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/irq/handle.c 2015-03-15 16:03:03.832094874 -0500 +@@ -133,6 +133,8 @@ + irqreturn_t + handle_irq_event_percpu(struct irq_desc *desc, struct irqaction *action) + { ++ struct pt_regs *regs = get_irq_regs(); ++ u64 ip = regs ? instruction_pointer(regs) : 0; + irqreturn_t retval = IRQ_NONE; + unsigned int flags = 0, irq = desc->irq_data.irq; + +@@ -173,7 +175,11 @@ + action = action->next; + } while (action); + +- add_interrupt_randomness(irq, flags); ++#ifndef CONFIG_PREEMPT_RT_FULL ++ add_interrupt_randomness(irq, flags, ip); ++#else ++ desc->random_ip = ip; ++#endif + + if (!noirqdebug) + note_interrupt(irq, desc, retval); +diff -Nur linux-3.18.9.orig/kernel/irq/manage.c linux-3.18.9/kernel/irq/manage.c +--- linux-3.18.9.orig/kernel/irq/manage.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/irq/manage.c 2015-03-15 16:03:03.832094874 -0500 +@@ -22,6 +22,7 @@ + #include "internals.h" + + #ifdef CONFIG_IRQ_FORCED_THREADING ++# ifndef CONFIG_PREEMPT_RT_BASE + __read_mostly bool force_irqthreads; + + static int __init setup_forced_irqthreads(char *arg) +@@ -30,6 +31,7 @@ + return 0; + } + early_param("threadirqs", setup_forced_irqthreads); ++# endif + #endif + + static void __synchronize_hardirq(struct irq_desc *desc) +@@ -173,6 +175,62 @@ + irq_get_pending(struct cpumask *mask, struct irq_desc *desc) { } + #endif + ++#ifdef CONFIG_PREEMPT_RT_FULL ++static void _irq_affinity_notify(struct irq_affinity_notify *notify); ++static struct task_struct *set_affinity_helper; ++static LIST_HEAD(affinity_list); ++static DEFINE_RAW_SPINLOCK(affinity_list_lock); ++ ++static int set_affinity_thread(void *unused) ++{ ++ while (1) { ++ struct irq_affinity_notify *notify; ++ int empty; ++ ++ set_current_state(TASK_INTERRUPTIBLE); ++ ++ raw_spin_lock_irq(&affinity_list_lock); ++ empty = list_empty(&affinity_list); ++ raw_spin_unlock_irq(&affinity_list_lock); ++ ++ if (empty) ++ schedule(); ++ if (kthread_should_stop()) ++ break; ++ set_current_state(TASK_RUNNING); ++try_next: ++ notify = NULL; ++ ++ raw_spin_lock_irq(&affinity_list_lock); ++ if (!list_empty(&affinity_list)) { ++ notify = list_first_entry(&affinity_list, ++ struct irq_affinity_notify, list); ++ list_del_init(¬ify->list); ++ } ++ raw_spin_unlock_irq(&affinity_list_lock); ++ ++ if (!notify) ++ continue; ++ _irq_affinity_notify(notify); ++ goto try_next; ++ } ++ return 0; ++} ++ ++static void init_helper_thread(void) ++{ ++ if (set_affinity_helper) ++ return; ++ set_affinity_helper = kthread_run(set_affinity_thread, NULL, ++ "affinity-cb"); ++ WARN_ON(IS_ERR(set_affinity_helper)); ++} ++#else ++ ++static inline void init_helper_thread(void) { } ++ ++#endif ++ + int irq_do_set_affinity(struct irq_data *data, const struct cpumask *mask, + bool force) + { +@@ -211,7 +269,17 @@ + + if (desc->affinity_notify) { + kref_get(&desc->affinity_notify->kref); ++ ++#ifdef CONFIG_PREEMPT_RT_FULL ++ raw_spin_lock(&affinity_list_lock); ++ if (list_empty(&desc->affinity_notify->list)) ++ list_add_tail(&affinity_list, ++ &desc->affinity_notify->list); ++ raw_spin_unlock(&affinity_list_lock); ++ wake_up_process(set_affinity_helper); ++#else + schedule_work(&desc->affinity_notify->work); ++#endif + } + irqd_set(data, IRQD_AFFINITY_SET); + +@@ -246,10 +314,8 @@ + } + EXPORT_SYMBOL_GPL(irq_set_affinity_hint); + +-static void irq_affinity_notify(struct work_struct *work) ++static void _irq_affinity_notify(struct irq_affinity_notify *notify) + { +- struct irq_affinity_notify *notify = +- container_of(work, struct irq_affinity_notify, work); + struct irq_desc *desc = irq_to_desc(notify->irq); + cpumask_var_t cpumask; + unsigned long flags; +@@ -271,6 +337,13 @@ + kref_put(¬ify->kref, notify->release); + } + ++static void irq_affinity_notify(struct work_struct *work) ++{ ++ struct irq_affinity_notify *notify = ++ container_of(work, struct irq_affinity_notify, work); ++ _irq_affinity_notify(notify); ++} ++ + /** + * irq_set_affinity_notifier - control notification of IRQ affinity changes + * @irq: Interrupt for which to enable/disable notification +@@ -300,6 +373,8 @@ + notify->irq = irq; + kref_init(¬ify->kref); + INIT_WORK(¬ify->work, irq_affinity_notify); ++ INIT_LIST_HEAD(¬ify->list); ++ init_helper_thread(); + } + + raw_spin_lock_irqsave(&desc->lock, flags); +@@ -788,7 +863,15 @@ + local_bh_disable(); + ret = action->thread_fn(action->irq, action->dev_id); + irq_finalize_oneshot(desc, action); +- local_bh_enable(); ++ /* ++ * Interrupts which have real time requirements can be set up ++ * to avoid softirq processing in the thread handler. This is ++ * safe as these interrupts do not raise soft interrupts. ++ */ ++ if (irq_settings_no_softirq_call(desc)) ++ _local_bh_enable(); ++ else ++ local_bh_enable(); + return ret; + } + +@@ -871,6 +954,12 @@ + if (action_ret == IRQ_HANDLED) + atomic_inc(&desc->threads_handled); + ++#ifdef CONFIG_PREEMPT_RT_FULL ++ migrate_disable(); ++ add_interrupt_randomness(action->irq, 0, ++ desc->random_ip ^ (unsigned long) action); ++ migrate_enable(); ++#endif + wake_threads_waitq(desc); + } + +@@ -1184,6 +1273,9 @@ + irqd_set(&desc->irq_data, IRQD_NO_BALANCING); + } + ++ if (new->flags & IRQF_NO_SOFTIRQ_CALL) ++ irq_settings_set_no_softirq_call(desc); ++ + /* Set default affinity mask once everything is setup */ + setup_affinity(irq, desc, mask); + +diff -Nur linux-3.18.9.orig/kernel/irq/settings.h linux-3.18.9/kernel/irq/settings.h +--- linux-3.18.9.orig/kernel/irq/settings.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/irq/settings.h 2015-03-15 16:03:03.836094874 -0500 +@@ -15,6 +15,7 @@ + _IRQ_NESTED_THREAD = IRQ_NESTED_THREAD, + _IRQ_PER_CPU_DEVID = IRQ_PER_CPU_DEVID, + _IRQ_IS_POLLED = IRQ_IS_POLLED, ++ _IRQ_NO_SOFTIRQ_CALL = IRQ_NO_SOFTIRQ_CALL, + _IRQF_MODIFY_MASK = IRQF_MODIFY_MASK, + }; + +@@ -28,6 +29,7 @@ + #define IRQ_NESTED_THREAD GOT_YOU_MORON + #define IRQ_PER_CPU_DEVID GOT_YOU_MORON + #define IRQ_IS_POLLED GOT_YOU_MORON ++#define IRQ_NO_SOFTIRQ_CALL GOT_YOU_MORON + #undef IRQF_MODIFY_MASK + #define IRQF_MODIFY_MASK GOT_YOU_MORON + +@@ -38,6 +40,16 @@ + desc->status_use_accessors |= (set & _IRQF_MODIFY_MASK); + } + ++static inline bool irq_settings_no_softirq_call(struct irq_desc *desc) ++{ ++ return desc->status_use_accessors & _IRQ_NO_SOFTIRQ_CALL; ++} ++ ++static inline void irq_settings_set_no_softirq_call(struct irq_desc *desc) ++{ ++ desc->status_use_accessors |= _IRQ_NO_SOFTIRQ_CALL; ++} ++ + static inline bool irq_settings_is_per_cpu(struct irq_desc *desc) + { + return desc->status_use_accessors & _IRQ_PER_CPU; +diff -Nur linux-3.18.9.orig/kernel/irq/spurious.c linux-3.18.9/kernel/irq/spurious.c +--- linux-3.18.9.orig/kernel/irq/spurious.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/irq/spurious.c 2015-03-15 16:03:03.836094874 -0500 +@@ -444,6 +444,10 @@ + + static int __init irqfixup_setup(char *str) + { ++#ifdef CONFIG_PREEMPT_RT_BASE ++ pr_warn("irqfixup boot option not supported w/ CONFIG_PREEMPT_RT_BASE\n"); ++ return 1; ++#endif + irqfixup = 1; + printk(KERN_WARNING "Misrouted IRQ fixup support enabled.\n"); + printk(KERN_WARNING "This may impact system performance.\n"); +@@ -456,6 +460,10 @@ + + static int __init irqpoll_setup(char *str) + { ++#ifdef CONFIG_PREEMPT_RT_BASE ++ pr_warn("irqpoll boot option not supported w/ CONFIG_PREEMPT_RT_BASE\n"); ++ return 1; ++#endif + irqfixup = 2; + printk(KERN_WARNING "Misrouted IRQ fixup and polling support " + "enabled\n"); +diff -Nur linux-3.18.9.orig/kernel/irq_work.c linux-3.18.9/kernel/irq_work.c +--- linux-3.18.9.orig/kernel/irq_work.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/irq_work.c 2015-03-15 16:03:03.836094874 -0500 +@@ -22,7 +22,9 @@ + + static DEFINE_PER_CPU(struct llist_head, raised_list); + static DEFINE_PER_CPU(struct llist_head, lazy_list); +- ++#ifdef CONFIG_PREEMPT_RT_FULL ++static DEFINE_PER_CPU(struct llist_head, hirq_work_list); ++#endif + /* + * Claim the entry so that no one else will poke at it. + */ +@@ -49,7 +51,11 @@ + return true; + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++void arch_irq_work_raise(void) ++#else + void __weak arch_irq_work_raise(void) ++#endif + { + /* + * Lame architectures will get the timer tick callback +@@ -93,8 +99,21 @@ + /* Queue the entry and raise the IPI if needed. */ + preempt_disable(); + ++#ifdef CONFIG_PREEMPT_RT_FULL ++ if (work->flags & IRQ_WORK_HARD_IRQ) { ++ if (llist_add(&work->llnode, this_cpu_ptr(&hirq_work_list))) { ++ if (work->flags & IRQ_WORK_LAZY) { ++ if (tick_nohz_tick_stopped()) ++ arch_irq_work_raise(); ++ } else { ++ arch_irq_work_raise(); ++ } ++ } + /* If the work is "lazy", handle it from next tick if any */ ++ } else if (work->flags & IRQ_WORK_LAZY) { ++#else + if (work->flags & IRQ_WORK_LAZY) { ++#endif + if (llist_add(&work->llnode, this_cpu_ptr(&lazy_list)) && + tick_nohz_tick_stopped()) + arch_irq_work_raise(); +@@ -116,7 +135,7 @@ + raised = this_cpu_ptr(&raised_list); + lazy = this_cpu_ptr(&lazy_list); + +- if (llist_empty(raised) || arch_irq_work_has_interrupt()) ++ if (llist_empty(raised)) + if (llist_empty(lazy)) + return false; + +@@ -132,7 +151,9 @@ + struct irq_work *work; + struct llist_node *llnode; + ++#ifndef CONFIG_PREEMPT_RT_FULL + BUG_ON(!irqs_disabled()); ++#endif + + if (llist_empty(list)) + return; +@@ -168,6 +189,12 @@ + */ + void irq_work_run(void) + { ++#ifdef CONFIG_PREEMPT_RT_FULL ++ if (in_irq()) { ++ irq_work_run_list(this_cpu_ptr(&hirq_work_list)); ++ return; ++ } ++#endif + irq_work_run_list(this_cpu_ptr(&raised_list)); + irq_work_run_list(this_cpu_ptr(&lazy_list)); + } +@@ -175,9 +202,16 @@ + + void irq_work_tick(void) + { +- struct llist_head *raised = &__get_cpu_var(raised_list); ++ struct llist_head *raised; + +- if (!llist_empty(raised) && !arch_irq_work_has_interrupt()) ++#ifdef CONFIG_PREEMPT_RT_FULL ++ if (in_irq()) { ++ irq_work_run_list(this_cpu_ptr(&hirq_work_list)); ++ return; ++ } ++#endif ++ raised = &__get_cpu_var(raised_list); ++ if (!llist_empty(raised)) + irq_work_run_list(raised); + irq_work_run_list(&__get_cpu_var(lazy_list)); + } +diff -Nur linux-3.18.9.orig/kernel/Kconfig.locks linux-3.18.9/kernel/Kconfig.locks +--- linux-3.18.9.orig/kernel/Kconfig.locks 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/Kconfig.locks 2015-03-15 16:03:03.836094874 -0500 +@@ -225,11 +225,11 @@ + + config MUTEX_SPIN_ON_OWNER + def_bool y +- depends on SMP && !DEBUG_MUTEXES && ARCH_SUPPORTS_ATOMIC_RMW ++ depends on SMP && !DEBUG_MUTEXES && ARCH_SUPPORTS_ATOMIC_RMW && !PREEMPT_RT_FULL + + config RWSEM_SPIN_ON_OWNER + def_bool y +- depends on SMP && RWSEM_XCHGADD_ALGORITHM && ARCH_SUPPORTS_ATOMIC_RMW ++ depends on SMP && RWSEM_XCHGADD_ALGORITHM && ARCH_SUPPORTS_ATOMIC_RMW && !PREEMPT_RT_FULL + + config ARCH_USE_QUEUE_RWLOCK + bool +diff -Nur linux-3.18.9.orig/kernel/Kconfig.preempt linux-3.18.9/kernel/Kconfig.preempt +--- linux-3.18.9.orig/kernel/Kconfig.preempt 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/Kconfig.preempt 2015-03-15 16:03:03.836094874 -0500 +@@ -1,3 +1,16 @@ ++config PREEMPT ++ bool ++ select PREEMPT_COUNT ++ ++config PREEMPT_RT_BASE ++ bool ++ select PREEMPT ++ ++config HAVE_PREEMPT_LAZY ++ bool ++ ++config PREEMPT_LAZY ++ def_bool y if HAVE_PREEMPT_LAZY && PREEMPT_RT_FULL + + choice + prompt "Preemption Model" +@@ -33,9 +46,9 @@ + + Select this if you are building a kernel for a desktop system. + +-config PREEMPT ++config PREEMPT__LL + bool "Preemptible Kernel (Low-Latency Desktop)" +- select PREEMPT_COUNT ++ select PREEMPT + select UNINLINE_SPIN_UNLOCK if !ARCH_INLINE_SPIN_UNLOCK + help + This option reduces the latency of the kernel by making +@@ -52,6 +65,22 @@ + embedded system with latency requirements in the milliseconds + range. + ++config PREEMPT_RTB ++ bool "Preemptible Kernel (Basic RT)" ++ select PREEMPT_RT_BASE ++ help ++ This option is basically the same as (Low-Latency Desktop) but ++ enables changes which are preliminary for the full preemptible ++ RT kernel. ++ ++config PREEMPT_RT_FULL ++ bool "Fully Preemptible Kernel (RT)" ++ depends on IRQ_FORCED_THREADING ++ select PREEMPT_RT_BASE ++ select PREEMPT_RCU ++ help ++ All and everything ++ + endchoice + + config PREEMPT_COUNT +diff -Nur linux-3.18.9.orig/kernel/ksysfs.c linux-3.18.9/kernel/ksysfs.c +--- linux-3.18.9.orig/kernel/ksysfs.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/ksysfs.c 2015-03-15 16:03:03.836094874 -0500 +@@ -136,6 +136,15 @@ + + #endif /* CONFIG_KEXEC */ + ++#if defined(CONFIG_PREEMPT_RT_FULL) ++static ssize_t realtime_show(struct kobject *kobj, ++ struct kobj_attribute *attr, char *buf) ++{ ++ return sprintf(buf, "%d\n", 1); ++} ++KERNEL_ATTR_RO(realtime); ++#endif ++ + /* whether file capabilities are enabled */ + static ssize_t fscaps_show(struct kobject *kobj, + struct kobj_attribute *attr, char *buf) +@@ -203,6 +212,9 @@ + &vmcoreinfo_attr.attr, + #endif + &rcu_expedited_attr.attr, ++#ifdef CONFIG_PREEMPT_RT_FULL ++ &realtime_attr.attr, ++#endif + NULL + }; + +diff -Nur linux-3.18.9.orig/kernel/locking/lglock.c linux-3.18.9/kernel/locking/lglock.c +--- linux-3.18.9.orig/kernel/locking/lglock.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/locking/lglock.c 2015-03-15 16:03:03.836094874 -0500 +@@ -4,6 +4,15 @@ + #include <linux/cpu.h> + #include <linux/string.h> + ++#ifndef CONFIG_PREEMPT_RT_FULL ++# define lg_lock_ptr arch_spinlock_t ++# define lg_do_lock(l) arch_spin_lock(l) ++# define lg_do_unlock(l) arch_spin_unlock(l) ++#else ++# define lg_lock_ptr struct rt_mutex ++# define lg_do_lock(l) __rt_spin_lock(l) ++# define lg_do_unlock(l) __rt_spin_unlock(l) ++#endif + /* + * Note there is no uninit, so lglocks cannot be defined in + * modules (but it's fine to use them from there) +@@ -12,51 +21,60 @@ + + void lg_lock_init(struct lglock *lg, char *name) + { ++#ifdef CONFIG_PREEMPT_RT_FULL ++ int i; ++ ++ for_each_possible_cpu(i) { ++ struct rt_mutex *lock = per_cpu_ptr(lg->lock, i); ++ ++ rt_mutex_init(lock); ++ } ++#endif + LOCKDEP_INIT_MAP(&lg->lock_dep_map, name, &lg->lock_key, 0); + } + EXPORT_SYMBOL(lg_lock_init); + + void lg_local_lock(struct lglock *lg) + { +- arch_spinlock_t *lock; ++ lg_lock_ptr *lock; + +- preempt_disable(); ++ migrate_disable(); + lock_acquire_shared(&lg->lock_dep_map, 0, 0, NULL, _RET_IP_); + lock = this_cpu_ptr(lg->lock); +- arch_spin_lock(lock); ++ lg_do_lock(lock); + } + EXPORT_SYMBOL(lg_local_lock); + + void lg_local_unlock(struct lglock *lg) + { +- arch_spinlock_t *lock; ++ lg_lock_ptr *lock; + + lock_release(&lg->lock_dep_map, 1, _RET_IP_); + lock = this_cpu_ptr(lg->lock); +- arch_spin_unlock(lock); +- preempt_enable(); ++ lg_do_unlock(lock); ++ migrate_enable(); + } + EXPORT_SYMBOL(lg_local_unlock); + + void lg_local_lock_cpu(struct lglock *lg, int cpu) + { +- arch_spinlock_t *lock; ++ lg_lock_ptr *lock; + +- preempt_disable(); ++ preempt_disable_nort(); + lock_acquire_shared(&lg->lock_dep_map, 0, 0, NULL, _RET_IP_); + lock = per_cpu_ptr(lg->lock, cpu); +- arch_spin_lock(lock); ++ lg_do_lock(lock); + } + EXPORT_SYMBOL(lg_local_lock_cpu); + + void lg_local_unlock_cpu(struct lglock *lg, int cpu) + { +- arch_spinlock_t *lock; ++ lg_lock_ptr *lock; + + lock_release(&lg->lock_dep_map, 1, _RET_IP_); + lock = per_cpu_ptr(lg->lock, cpu); +- arch_spin_unlock(lock); +- preempt_enable(); ++ lg_do_unlock(lock); ++ preempt_enable_nort(); + } + EXPORT_SYMBOL(lg_local_unlock_cpu); + +@@ -64,12 +82,12 @@ + { + int i; + +- preempt_disable(); ++ preempt_disable_nort(); + lock_acquire_exclusive(&lg->lock_dep_map, 0, 0, NULL, _RET_IP_); + for_each_possible_cpu(i) { +- arch_spinlock_t *lock; ++ lg_lock_ptr *lock; + lock = per_cpu_ptr(lg->lock, i); +- arch_spin_lock(lock); ++ lg_do_lock(lock); + } + } + EXPORT_SYMBOL(lg_global_lock); +@@ -80,10 +98,35 @@ + + lock_release(&lg->lock_dep_map, 1, _RET_IP_); + for_each_possible_cpu(i) { +- arch_spinlock_t *lock; ++ lg_lock_ptr *lock; + lock = per_cpu_ptr(lg->lock, i); +- arch_spin_unlock(lock); ++ lg_do_unlock(lock); + } +- preempt_enable(); ++ preempt_enable_nort(); + } + EXPORT_SYMBOL(lg_global_unlock); ++ ++#ifdef CONFIG_PREEMPT_RT_FULL ++/* ++ * HACK: If you use this, you get to keep the pieces. ++ * Used in queue_stop_cpus_work() when stop machinery ++ * is called from inactive CPU, so we can't schedule. ++ */ ++# define lg_do_trylock_relax(l) \ ++ do { \ ++ while (!__rt_spin_trylock(l)) \ ++ cpu_relax(); \ ++ } while (0) ++ ++void lg_global_trylock_relax(struct lglock *lg) ++{ ++ int i; ++ ++ lock_acquire_exclusive(&lg->lock_dep_map, 0, 0, NULL, _RET_IP_); ++ for_each_possible_cpu(i) { ++ lg_lock_ptr *lock; ++ lock = per_cpu_ptr(lg->lock, i); ++ lg_do_trylock_relax(lock); ++ } ++} ++#endif +diff -Nur linux-3.18.9.orig/kernel/locking/lockdep.c linux-3.18.9/kernel/locking/lockdep.c +--- linux-3.18.9.orig/kernel/locking/lockdep.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/locking/lockdep.c 2015-03-15 16:03:03.836094874 -0500 +@@ -3542,6 +3542,7 @@ + } + } + ++#ifndef CONFIG_PREEMPT_RT_FULL + /* + * We dont accurately track softirq state in e.g. + * hardirq contexts (such as on 4KSTACKS), so only +@@ -3556,6 +3557,7 @@ + DEBUG_LOCKS_WARN_ON(!current->softirqs_enabled); + } + } ++#endif + + if (!debug_locks) + print_irqtrace_events(current); +diff -Nur linux-3.18.9.orig/kernel/locking/Makefile linux-3.18.9/kernel/locking/Makefile +--- linux-3.18.9.orig/kernel/locking/Makefile 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/locking/Makefile 2015-03-15 16:03:03.836094874 -0500 +@@ -1,5 +1,5 @@ + +-obj-y += mutex.o semaphore.o rwsem.o mcs_spinlock.o ++obj-y += semaphore.o mcs_spinlock.o + + ifdef CONFIG_FUNCTION_TRACER + CFLAGS_REMOVE_lockdep.o = -pg +@@ -8,7 +8,11 @@ + CFLAGS_REMOVE_rtmutex-debug.o = -pg + endif + ++ifneq ($(CONFIG_PREEMPT_RT_FULL),y) ++obj-y += mutex.o + obj-$(CONFIG_DEBUG_MUTEXES) += mutex-debug.o ++obj-y += rwsem.o ++endif + obj-$(CONFIG_LOCKDEP) += lockdep.o + ifeq ($(CONFIG_PROC_FS),y) + obj-$(CONFIG_LOCKDEP) += lockdep_proc.o +@@ -21,8 +25,11 @@ + obj-$(CONFIG_RT_MUTEX_TESTER) += rtmutex-tester.o + obj-$(CONFIG_DEBUG_SPINLOCK) += spinlock.o + obj-$(CONFIG_DEBUG_SPINLOCK) += spinlock_debug.o ++ifneq ($(CONFIG_PREEMPT_RT_FULL),y) + obj-$(CONFIG_RWSEM_GENERIC_SPINLOCK) += rwsem-spinlock.o + obj-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += rwsem-xadd.o ++endif + obj-$(CONFIG_PERCPU_RWSEM) += percpu-rwsem.o ++obj-$(CONFIG_PREEMPT_RT_FULL) += rt.o + obj-$(CONFIG_QUEUE_RWLOCK) += qrwlock.o + obj-$(CONFIG_LOCK_TORTURE_TEST) += locktorture.o +diff -Nur linux-3.18.9.orig/kernel/locking/percpu-rwsem.c linux-3.18.9/kernel/locking/percpu-rwsem.c +--- linux-3.18.9.orig/kernel/locking/percpu-rwsem.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/locking/percpu-rwsem.c 2015-03-15 16:03:03.836094874 -0500 +@@ -84,8 +84,12 @@ + + down_read(&brw->rw_sem); + atomic_inc(&brw->slow_read_ctr); ++#ifdef CONFIG_PREEMPT_RT_FULL ++ up_read(&brw->rw_sem); ++#else + /* avoid up_read()->rwsem_release() */ + __up_read(&brw->rw_sem); ++#endif + } + + void percpu_up_read(struct percpu_rw_semaphore *brw) +diff -Nur linux-3.18.9.orig/kernel/locking/rt.c linux-3.18.9/kernel/locking/rt.c +--- linux-3.18.9.orig/kernel/locking/rt.c 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/kernel/locking/rt.c 2015-03-15 16:03:03.836094874 -0500 +@@ -0,0 +1,437 @@ ++/* ++ * kernel/rt.c ++ * ++ * Real-Time Preemption Support ++ * ++ * started by Ingo Molnar: ++ * ++ * Copyright (C) 2004-2006 Red Hat, Inc., Ingo Molnar <mingo@redhat.com> ++ * Copyright (C) 2006, Timesys Corp., Thomas Gleixner <tglx@timesys.com> ++ * ++ * historic credit for proving that Linux spinlocks can be implemented via ++ * RT-aware mutexes goes to many people: The Pmutex project (Dirk Grambow ++ * and others) who prototyped it on 2.4 and did lots of comparative ++ * research and analysis; TimeSys, for proving that you can implement a ++ * fully preemptible kernel via the use of IRQ threading and mutexes; ++ * Bill Huey for persuasively arguing on lkml that the mutex model is the ++ * right one; and to MontaVista, who ported pmutexes to 2.6. ++ * ++ * This code is a from-scratch implementation and is not based on pmutexes, ++ * but the idea of converting spinlocks to mutexes is used here too. ++ * ++ * lock debugging, locking tree, deadlock detection: ++ * ++ * Copyright (C) 2004, LynuxWorks, Inc., Igor Manyilov, Bill Huey ++ * Released under the General Public License (GPL). ++ * ++ * Includes portions of the generic R/W semaphore implementation from: ++ * ++ * Copyright (c) 2001 David Howells (dhowells@redhat.com). ++ * - Derived partially from idea by Andrea Arcangeli <andrea@suse.de> ++ * - Derived also from comments by Linus ++ * ++ * Pending ownership of locks and ownership stealing: ++ * ++ * Copyright (C) 2005, Kihon Technologies Inc., Steven Rostedt ++ * ++ * (also by Steven Rostedt) ++ * - Converted single pi_lock to individual task locks. ++ * ++ * By Esben Nielsen: ++ * Doing priority inheritance with help of the scheduler. ++ * ++ * Copyright (C) 2006, Timesys Corp., Thomas Gleixner <tglx@timesys.com> ++ * - major rework based on Esben Nielsens initial patch ++ * - replaced thread_info references by task_struct refs ++ * - removed task->pending_owner dependency ++ * - BKL drop/reacquire for semaphore style locks to avoid deadlocks ++ * in the scheduler return path as discussed with Steven Rostedt ++ * ++ * Copyright (C) 2006, Kihon Technologies Inc. ++ * Steven Rostedt <rostedt@goodmis.org> ++ * - debugged and patched Thomas Gleixner's rework. ++ * - added back the cmpxchg to the rework. ++ * - turned atomic require back on for SMP. ++ */ ++ ++#include <linux/spinlock.h> ++#include <linux/rtmutex.h> ++#include <linux/sched.h> ++#include <linux/delay.h> ++#include <linux/module.h> ++#include <linux/kallsyms.h> ++#include <linux/syscalls.h> ++#include <linux/interrupt.h> ++#include <linux/plist.h> ++#include <linux/fs.h> ++#include <linux/futex.h> ++#include <linux/hrtimer.h> ++ ++#include "rtmutex_common.h" ++ ++/* ++ * struct mutex functions ++ */ ++void __mutex_do_init(struct mutex *mutex, const char *name, ++ struct lock_class_key *key) ++{ ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++ /* ++ * Make sure we are not reinitializing a held lock: ++ */ ++ debug_check_no_locks_freed((void *)mutex, sizeof(*mutex)); ++ lockdep_init_map(&mutex->dep_map, name, key, 0); ++#endif ++ mutex->lock.save_state = 0; ++} ++EXPORT_SYMBOL(__mutex_do_init); ++ ++void __lockfunc _mutex_lock(struct mutex *lock) ++{ ++ mutex_acquire(&lock->dep_map, 0, 0, _RET_IP_); ++ rt_mutex_lock(&lock->lock); ++} ++EXPORT_SYMBOL(_mutex_lock); ++ ++int __lockfunc _mutex_lock_interruptible(struct mutex *lock) ++{ ++ int ret; ++ ++ mutex_acquire(&lock->dep_map, 0, 0, _RET_IP_); ++ ret = rt_mutex_lock_interruptible(&lock->lock); ++ if (ret) ++ mutex_release(&lock->dep_map, 1, _RET_IP_); ++ return ret; ++} ++EXPORT_SYMBOL(_mutex_lock_interruptible); ++ ++int __lockfunc _mutex_lock_killable(struct mutex *lock) ++{ ++ int ret; ++ ++ mutex_acquire(&lock->dep_map, 0, 0, _RET_IP_); ++ ret = rt_mutex_lock_killable(&lock->lock); ++ if (ret) ++ mutex_release(&lock->dep_map, 1, _RET_IP_); ++ return ret; ++} ++EXPORT_SYMBOL(_mutex_lock_killable); ++ ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++void __lockfunc _mutex_lock_nested(struct mutex *lock, int subclass) ++{ ++ mutex_acquire_nest(&lock->dep_map, subclass, 0, NULL, _RET_IP_); ++ rt_mutex_lock(&lock->lock); ++} ++EXPORT_SYMBOL(_mutex_lock_nested); ++ ++void __lockfunc _mutex_lock_nest_lock(struct mutex *lock, struct lockdep_map *nest) ++{ ++ mutex_acquire_nest(&lock->dep_map, 0, 0, nest, _RET_IP_); ++ rt_mutex_lock(&lock->lock); ++} ++EXPORT_SYMBOL(_mutex_lock_nest_lock); ++ ++int __lockfunc _mutex_lock_interruptible_nested(struct mutex *lock, int subclass) ++{ ++ int ret; ++ ++ mutex_acquire_nest(&lock->dep_map, subclass, 0, NULL, _RET_IP_); ++ ret = rt_mutex_lock_interruptible(&lock->lock); ++ if (ret) ++ mutex_release(&lock->dep_map, 1, _RET_IP_); ++ return ret; ++} ++EXPORT_SYMBOL(_mutex_lock_interruptible_nested); ++ ++int __lockfunc _mutex_lock_killable_nested(struct mutex *lock, int subclass) ++{ ++ int ret; ++ ++ mutex_acquire(&lock->dep_map, subclass, 0, _RET_IP_); ++ ret = rt_mutex_lock_killable(&lock->lock); ++ if (ret) ++ mutex_release(&lock->dep_map, 1, _RET_IP_); ++ return ret; ++} ++EXPORT_SYMBOL(_mutex_lock_killable_nested); ++#endif ++ ++int __lockfunc _mutex_trylock(struct mutex *lock) ++{ ++ int ret = rt_mutex_trylock(&lock->lock); ++ ++ if (ret) ++ mutex_acquire(&lock->dep_map, 0, 1, _RET_IP_); ++ ++ return ret; ++} ++EXPORT_SYMBOL(_mutex_trylock); ++ ++void __lockfunc _mutex_unlock(struct mutex *lock) ++{ ++ mutex_release(&lock->dep_map, 1, _RET_IP_); ++ rt_mutex_unlock(&lock->lock); ++} ++EXPORT_SYMBOL(_mutex_unlock); ++ ++/* ++ * rwlock_t functions ++ */ ++int __lockfunc rt_write_trylock(rwlock_t *rwlock) ++{ ++ int ret; ++ ++ migrate_disable(); ++ ret = rt_mutex_trylock(&rwlock->lock); ++ if (ret) ++ rwlock_acquire(&rwlock->dep_map, 0, 1, _RET_IP_); ++ else ++ migrate_enable(); ++ ++ return ret; ++} ++EXPORT_SYMBOL(rt_write_trylock); ++ ++int __lockfunc rt_write_trylock_irqsave(rwlock_t *rwlock, unsigned long *flags) ++{ ++ int ret; ++ ++ *flags = 0; ++ ret = rt_write_trylock(rwlock); ++ return ret; ++} ++EXPORT_SYMBOL(rt_write_trylock_irqsave); ++ ++int __lockfunc rt_read_trylock(rwlock_t *rwlock) ++{ ++ struct rt_mutex *lock = &rwlock->lock; ++ int ret = 1; ++ ++ /* ++ * recursive read locks succeed when current owns the lock, ++ * but not when read_depth == 0 which means that the lock is ++ * write locked. ++ */ ++ if (rt_mutex_owner(lock) != current) { ++ migrate_disable(); ++ ret = rt_mutex_trylock(lock); ++ if (ret) ++ rwlock_acquire(&rwlock->dep_map, 0, 1, _RET_IP_); ++ else ++ migrate_enable(); ++ ++ } else if (!rwlock->read_depth) { ++ ret = 0; ++ } ++ ++ if (ret) ++ rwlock->read_depth++; ++ ++ return ret; ++} ++EXPORT_SYMBOL(rt_read_trylock); ++ ++void __lockfunc rt_write_lock(rwlock_t *rwlock) ++{ ++ rwlock_acquire(&rwlock->dep_map, 0, 0, _RET_IP_); ++ migrate_disable(); ++ __rt_spin_lock(&rwlock->lock); ++} ++EXPORT_SYMBOL(rt_write_lock); ++ ++void __lockfunc rt_read_lock(rwlock_t *rwlock) ++{ ++ struct rt_mutex *lock = &rwlock->lock; ++ ++ ++ /* ++ * recursive read locks succeed when current owns the lock ++ */ ++ if (rt_mutex_owner(lock) != current) { ++ migrate_disable(); ++ rwlock_acquire(&rwlock->dep_map, 0, 0, _RET_IP_); ++ __rt_spin_lock(lock); ++ } ++ rwlock->read_depth++; ++} ++ ++EXPORT_SYMBOL(rt_read_lock); ++ ++void __lockfunc rt_write_unlock(rwlock_t *rwlock) ++{ ++ /* NOTE: we always pass in '1' for nested, for simplicity */ ++ rwlock_release(&rwlock->dep_map, 1, _RET_IP_); ++ __rt_spin_unlock(&rwlock->lock); ++ migrate_enable(); ++} ++EXPORT_SYMBOL(rt_write_unlock); ++ ++void __lockfunc rt_read_unlock(rwlock_t *rwlock) ++{ ++ /* Release the lock only when read_depth is down to 0 */ ++ if (--rwlock->read_depth == 0) { ++ rwlock_release(&rwlock->dep_map, 1, _RET_IP_); ++ __rt_spin_unlock(&rwlock->lock); ++ migrate_enable(); ++ } ++} ++EXPORT_SYMBOL(rt_read_unlock); ++ ++unsigned long __lockfunc rt_write_lock_irqsave(rwlock_t *rwlock) ++{ ++ rt_write_lock(rwlock); ++ ++ return 0; ++} ++EXPORT_SYMBOL(rt_write_lock_irqsave); ++ ++unsigned long __lockfunc rt_read_lock_irqsave(rwlock_t *rwlock) ++{ ++ rt_read_lock(rwlock); ++ ++ return 0; ++} ++EXPORT_SYMBOL(rt_read_lock_irqsave); ++ ++void __rt_rwlock_init(rwlock_t *rwlock, char *name, struct lock_class_key *key) ++{ ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++ /* ++ * Make sure we are not reinitializing a held lock: ++ */ ++ debug_check_no_locks_freed((void *)rwlock, sizeof(*rwlock)); ++ lockdep_init_map(&rwlock->dep_map, name, key, 0); ++#endif ++ rwlock->lock.save_state = 1; ++ rwlock->read_depth = 0; ++} ++EXPORT_SYMBOL(__rt_rwlock_init); ++ ++/* ++ * rw_semaphores ++ */ ++ ++void rt_up_write(struct rw_semaphore *rwsem) ++{ ++ rwsem_release(&rwsem->dep_map, 1, _RET_IP_); ++ rt_mutex_unlock(&rwsem->lock); ++} ++EXPORT_SYMBOL(rt_up_write); ++ ++void rt_up_read(struct rw_semaphore *rwsem) ++{ ++ rwsem_release(&rwsem->dep_map, 1, _RET_IP_); ++ rt_mutex_unlock(&rwsem->lock); ++} ++EXPORT_SYMBOL(rt_up_read); ++ ++/* ++ * downgrade a write lock into a read lock ++ * - just wake up any readers at the front of the queue ++ */ ++void rt_downgrade_write(struct rw_semaphore *rwsem) ++{ ++ BUG_ON(rt_mutex_owner(&rwsem->lock) != current); ++} ++EXPORT_SYMBOL(rt_downgrade_write); ++ ++int rt_down_write_trylock(struct rw_semaphore *rwsem) ++{ ++ int ret = rt_mutex_trylock(&rwsem->lock); ++ ++ if (ret) ++ rwsem_acquire(&rwsem->dep_map, 0, 1, _RET_IP_); ++ return ret; ++} ++EXPORT_SYMBOL(rt_down_write_trylock); ++ ++void rt_down_write(struct rw_semaphore *rwsem) ++{ ++ rwsem_acquire(&rwsem->dep_map, 0, 0, _RET_IP_); ++ rt_mutex_lock(&rwsem->lock); ++} ++EXPORT_SYMBOL(rt_down_write); ++ ++void rt_down_write_nested(struct rw_semaphore *rwsem, int subclass) ++{ ++ rwsem_acquire(&rwsem->dep_map, subclass, 0, _RET_IP_); ++ rt_mutex_lock(&rwsem->lock); ++} ++EXPORT_SYMBOL(rt_down_write_nested); ++ ++void rt_down_write_nested_lock(struct rw_semaphore *rwsem, ++ struct lockdep_map *nest) ++{ ++ rwsem_acquire_nest(&rwsem->dep_map, 0, 0, nest, _RET_IP_); ++ rt_mutex_lock(&rwsem->lock); ++} ++EXPORT_SYMBOL(rt_down_write_nested_lock); ++ ++int rt_down_read_trylock(struct rw_semaphore *rwsem) ++{ ++ int ret; ++ ++ ret = rt_mutex_trylock(&rwsem->lock); ++ if (ret) ++ rwsem_acquire(&rwsem->dep_map, 0, 1, _RET_IP_); ++ ++ return ret; ++} ++EXPORT_SYMBOL(rt_down_read_trylock); ++ ++static void __rt_down_read(struct rw_semaphore *rwsem, int subclass) ++{ ++ rwsem_acquire(&rwsem->dep_map, subclass, 0, _RET_IP_); ++ rt_mutex_lock(&rwsem->lock); ++} ++ ++void rt_down_read(struct rw_semaphore *rwsem) ++{ ++ __rt_down_read(rwsem, 0); ++} ++EXPORT_SYMBOL(rt_down_read); ++ ++void rt_down_read_nested(struct rw_semaphore *rwsem, int subclass) ++{ ++ __rt_down_read(rwsem, subclass); ++} ++EXPORT_SYMBOL(rt_down_read_nested); ++ ++void __rt_rwsem_init(struct rw_semaphore *rwsem, const char *name, ++ struct lock_class_key *key) ++{ ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++ /* ++ * Make sure we are not reinitializing a held lock: ++ */ ++ debug_check_no_locks_freed((void *)rwsem, sizeof(*rwsem)); ++ lockdep_init_map(&rwsem->dep_map, name, key, 0); ++#endif ++ rwsem->lock.save_state = 0; ++} ++EXPORT_SYMBOL(__rt_rwsem_init); ++ ++/** ++ * atomic_dec_and_mutex_lock - return holding mutex if we dec to 0 ++ * @cnt: the atomic which we are to dec ++ * @lock: the mutex to return holding if we dec to 0 ++ * ++ * return true and hold lock if we dec to 0, return false otherwise ++ */ ++int atomic_dec_and_mutex_lock(atomic_t *cnt, struct mutex *lock) ++{ ++ /* dec if we can't possibly hit 0 */ ++ if (atomic_add_unless(cnt, -1, 1)) ++ return 0; ++ /* we might hit 0, so take the lock */ ++ mutex_lock(lock); ++ if (!atomic_dec_and_test(cnt)) { ++ /* when we actually did the dec, we didn't hit 0 */ ++ mutex_unlock(lock); ++ return 0; ++ } ++ /* we hit 0, and we hold the lock */ ++ return 1; ++} ++EXPORT_SYMBOL(atomic_dec_and_mutex_lock); +diff -Nur linux-3.18.9.orig/kernel/locking/rtmutex.c linux-3.18.9/kernel/locking/rtmutex.c +--- linux-3.18.9.orig/kernel/locking/rtmutex.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/locking/rtmutex.c 2015-03-15 16:03:03.836094874 -0500 +@@ -7,6 +7,11 @@ + * Copyright (C) 2005-2006 Timesys Corp., Thomas Gleixner <tglx@timesys.com> + * Copyright (C) 2005 Kihon Technologies Inc., Steven Rostedt + * Copyright (C) 2006 Esben Nielsen ++ * Adaptive Spinlocks: ++ * Copyright (C) 2008 Novell, Inc., Gregory Haskins, Sven Dietrich, ++ * and Peter Morreale, ++ * Adaptive Spinlocks simplification: ++ * Copyright (C) 2008 Red Hat, Inc., Steven Rostedt <srostedt@redhat.com> + * + * See Documentation/locking/rt-mutex-design.txt for details. + */ +@@ -16,6 +21,7 @@ + #include <linux/sched/rt.h> + #include <linux/sched/deadline.h> + #include <linux/timer.h> ++#include <linux/ww_mutex.h> + + #include "rtmutex_common.h" + +@@ -69,6 +75,12 @@ + clear_rt_mutex_waiters(lock); + } + ++static int rt_mutex_real_waiter(struct rt_mutex_waiter *waiter) ++{ ++ return waiter && waiter != PI_WAKEUP_INPROGRESS && ++ waiter != PI_REQUEUE_INPROGRESS; ++} ++ + /* + * We can speed up the acquire/release, if the architecture + * supports cmpxchg and if there's no debugging state to be set up +@@ -333,6 +345,14 @@ + return debug_rt_mutex_detect_deadlock(waiter, chwalk); + } + ++static void rt_mutex_wake_waiter(struct rt_mutex_waiter *waiter) ++{ ++ if (waiter->savestate) ++ wake_up_lock_sleeper(waiter->task); ++ else ++ wake_up_process(waiter->task); ++} ++ + /* + * Max number of times we'll walk the boosting chain: + */ +@@ -340,7 +360,8 @@ + + static inline struct rt_mutex *task_blocked_on_lock(struct task_struct *p) + { +- return p->pi_blocked_on ? p->pi_blocked_on->lock : NULL; ++ return rt_mutex_real_waiter(p->pi_blocked_on) ? ++ p->pi_blocked_on->lock : NULL; + } + + /* +@@ -477,7 +498,7 @@ + * reached or the state of the chain has changed while we + * dropped the locks. + */ +- if (!waiter) ++ if (!rt_mutex_real_waiter(waiter)) + goto out_unlock_pi; + + /* +@@ -639,13 +660,16 @@ + * follow here. This is the end of the chain we are walking. + */ + if (!rt_mutex_owner(lock)) { ++ struct rt_mutex_waiter *lock_top_waiter; ++ + /* + * If the requeue [7] above changed the top waiter, + * then we need to wake the new top waiter up to try + * to get the lock. + */ +- if (prerequeue_top_waiter != rt_mutex_top_waiter(lock)) +- wake_up_process(rt_mutex_top_waiter(lock)->task); ++ lock_top_waiter = rt_mutex_top_waiter(lock); ++ if (prerequeue_top_waiter != lock_top_waiter) ++ rt_mutex_wake_waiter(lock_top_waiter); + raw_spin_unlock(&lock->wait_lock); + return 0; + } +@@ -738,6 +762,25 @@ + return ret; + } + ++ ++#define STEAL_NORMAL 0 ++#define STEAL_LATERAL 1 ++ ++/* ++ * Note that RT tasks are excluded from lateral-steals to prevent the ++ * introduction of an unbounded latency ++ */ ++static inline int lock_is_stealable(struct task_struct *task, ++ struct task_struct *pendowner, int mode) ++{ ++ if (mode == STEAL_NORMAL || rt_task(task)) { ++ if (task->prio >= pendowner->prio) ++ return 0; ++ } else if (task->prio > pendowner->prio) ++ return 0; ++ return 1; ++} ++ + /* + * Try to take an rt-mutex + * +@@ -748,8 +791,9 @@ + * @waiter: The waiter that is queued to the lock's wait list if the + * callsite called task_blocked_on_lock(), otherwise NULL + */ +-static int try_to_take_rt_mutex(struct rt_mutex *lock, struct task_struct *task, +- struct rt_mutex_waiter *waiter) ++static int __try_to_take_rt_mutex(struct rt_mutex *lock, ++ struct task_struct *task, ++ struct rt_mutex_waiter *waiter, int mode) + { + unsigned long flags; + +@@ -788,8 +832,10 @@ + * If waiter is not the highest priority waiter of + * @lock, give up. + */ +- if (waiter != rt_mutex_top_waiter(lock)) ++ if (waiter != rt_mutex_top_waiter(lock)) { ++ /* XXX lock_is_stealable() ? */ + return 0; ++ } + + /* + * We can acquire the lock. Remove the waiter from the +@@ -807,14 +853,10 @@ + * not need to be dequeued. + */ + if (rt_mutex_has_waiters(lock)) { +- /* +- * If @task->prio is greater than or equal to +- * the top waiter priority (kernel view), +- * @task lost. +- */ +- if (task->prio >= rt_mutex_top_waiter(lock)->prio) +- return 0; ++ struct task_struct *pown = rt_mutex_top_waiter(lock)->task; + ++ if (task != pown && !lock_is_stealable(task, pown, mode)) ++ return 0; + /* + * The current top waiter stays enqueued. We + * don't have to change anything in the lock +@@ -863,6 +905,369 @@ + return 1; + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++/* ++ * preemptible spin_lock functions: ++ */ ++static inline void rt_spin_lock_fastlock(struct rt_mutex *lock, ++ void (*slowfn)(struct rt_mutex *lock)) ++{ ++ might_sleep(); ++ ++ if (likely(rt_mutex_cmpxchg(lock, NULL, current))) ++ rt_mutex_deadlock_account_lock(lock, current); ++ else ++ slowfn(lock); ++} ++ ++static inline void rt_spin_lock_fastunlock(struct rt_mutex *lock, ++ void (*slowfn)(struct rt_mutex *lock)) ++{ ++ if (likely(rt_mutex_cmpxchg(lock, current, NULL))) ++ rt_mutex_deadlock_account_unlock(current); ++ else ++ slowfn(lock); ++} ++#ifdef CONFIG_SMP ++/* ++ * Note that owner is a speculative pointer and dereferencing relies ++ * on rcu_read_lock() and the check against the lock owner. ++ */ ++static int adaptive_wait(struct rt_mutex *lock, ++ struct task_struct *owner) ++{ ++ int res = 0; ++ ++ rcu_read_lock(); ++ for (;;) { ++ if (owner != rt_mutex_owner(lock)) ++ break; ++ /* ++ * Ensure that owner->on_cpu is dereferenced _after_ ++ * checking the above to be valid. ++ */ ++ barrier(); ++ if (!owner->on_cpu) { ++ res = 1; ++ break; ++ } ++ cpu_relax(); ++ } ++ rcu_read_unlock(); ++ return res; ++} ++#else ++static int adaptive_wait(struct rt_mutex *lock, ++ struct task_struct *orig_owner) ++{ ++ return 1; ++} ++#endif ++ ++# define pi_lock(lock) raw_spin_lock_irq(lock) ++# define pi_unlock(lock) raw_spin_unlock_irq(lock) ++ ++static int task_blocks_on_rt_mutex(struct rt_mutex *lock, ++ struct rt_mutex_waiter *waiter, ++ struct task_struct *task, ++ enum rtmutex_chainwalk chwalk); ++/* ++ * Slow path lock function spin_lock style: this variant is very ++ * careful not to miss any non-lock wakeups. ++ * ++ * We store the current state under p->pi_lock in p->saved_state and ++ * the try_to_wake_up() code handles this accordingly. ++ */ ++static void noinline __sched rt_spin_lock_slowlock(struct rt_mutex *lock) ++{ ++ struct task_struct *lock_owner, *self = current; ++ struct rt_mutex_waiter waiter, *top_waiter; ++ int ret; ++ ++ rt_mutex_init_waiter(&waiter, true); ++ ++ raw_spin_lock(&lock->wait_lock); ++ ++ if (__try_to_take_rt_mutex(lock, self, NULL, STEAL_LATERAL)) { ++ raw_spin_unlock(&lock->wait_lock); ++ return; ++ } ++ ++ BUG_ON(rt_mutex_owner(lock) == self); ++ ++ /* ++ * We save whatever state the task is in and we'll restore it ++ * after acquiring the lock taking real wakeups into account ++ * as well. We are serialized via pi_lock against wakeups. See ++ * try_to_wake_up(). ++ */ ++ pi_lock(&self->pi_lock); ++ self->saved_state = self->state; ++ __set_current_state(TASK_UNINTERRUPTIBLE); ++ pi_unlock(&self->pi_lock); ++ ++ ret = task_blocks_on_rt_mutex(lock, &waiter, self, 0); ++ BUG_ON(ret); ++ ++ for (;;) { ++ /* Try to acquire the lock again. */ ++ if (__try_to_take_rt_mutex(lock, self, &waiter, STEAL_LATERAL)) ++ break; ++ ++ top_waiter = rt_mutex_top_waiter(lock); ++ lock_owner = rt_mutex_owner(lock); ++ ++ raw_spin_unlock(&lock->wait_lock); ++ ++ debug_rt_mutex_print_deadlock(&waiter); ++ ++ if (top_waiter != &waiter || adaptive_wait(lock, lock_owner)) ++ schedule_rt_mutex(lock); ++ ++ raw_spin_lock(&lock->wait_lock); ++ ++ pi_lock(&self->pi_lock); ++ __set_current_state(TASK_UNINTERRUPTIBLE); ++ pi_unlock(&self->pi_lock); ++ } ++ ++ /* ++ * Restore the task state to current->saved_state. We set it ++ * to the original state above and the try_to_wake_up() code ++ * has possibly updated it when a real (non-rtmutex) wakeup ++ * happened while we were blocked. Clear saved_state so ++ * try_to_wakeup() does not get confused. ++ */ ++ pi_lock(&self->pi_lock); ++ __set_current_state(self->saved_state); ++ self->saved_state = TASK_RUNNING; ++ pi_unlock(&self->pi_lock); ++ ++ /* ++ * try_to_take_rt_mutex() sets the waiter bit ++ * unconditionally. We might have to fix that up: ++ */ ++ fixup_rt_mutex_waiters(lock); ++ ++ BUG_ON(rt_mutex_has_waiters(lock) && &waiter == rt_mutex_top_waiter(lock)); ++ BUG_ON(!RB_EMPTY_NODE(&waiter.tree_entry)); ++ ++ raw_spin_unlock(&lock->wait_lock); ++ ++ debug_rt_mutex_free_waiter(&waiter); ++} ++ ++static void wakeup_next_waiter(struct rt_mutex *lock); ++/* ++ * Slow path to release a rt_mutex spin_lock style ++ */ ++static void __sched __rt_spin_lock_slowunlock(struct rt_mutex *lock) ++{ ++ debug_rt_mutex_unlock(lock); ++ ++ rt_mutex_deadlock_account_unlock(current); ++ ++ if (!rt_mutex_has_waiters(lock)) { ++ lock->owner = NULL; ++ raw_spin_unlock(&lock->wait_lock); ++ return; ++ } ++ ++ wakeup_next_waiter(lock); ++ ++ raw_spin_unlock(&lock->wait_lock); ++ ++ /* Undo pi boosting.when necessary */ ++ rt_mutex_adjust_prio(current); ++} ++ ++static void noinline __sched rt_spin_lock_slowunlock(struct rt_mutex *lock) ++{ ++ raw_spin_lock(&lock->wait_lock); ++ __rt_spin_lock_slowunlock(lock); ++} ++ ++static void noinline __sched rt_spin_lock_slowunlock_hirq(struct rt_mutex *lock) ++{ ++ int ret; ++ ++ do { ++ ret = raw_spin_trylock(&lock->wait_lock); ++ } while (!ret); ++ ++ __rt_spin_lock_slowunlock(lock); ++} ++ ++void __lockfunc rt_spin_lock(spinlock_t *lock) ++{ ++ rt_spin_lock_fastlock(&lock->lock, rt_spin_lock_slowlock); ++ spin_acquire(&lock->dep_map, 0, 0, _RET_IP_); ++} ++EXPORT_SYMBOL(rt_spin_lock); ++ ++void __lockfunc __rt_spin_lock(struct rt_mutex *lock) ++{ ++ rt_spin_lock_fastlock(lock, rt_spin_lock_slowlock); ++} ++EXPORT_SYMBOL(__rt_spin_lock); ++ ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++void __lockfunc rt_spin_lock_nested(spinlock_t *lock, int subclass) ++{ ++ rt_spin_lock_fastlock(&lock->lock, rt_spin_lock_slowlock); ++ spin_acquire(&lock->dep_map, subclass, 0, _RET_IP_); ++} ++EXPORT_SYMBOL(rt_spin_lock_nested); ++#endif ++ ++void __lockfunc rt_spin_unlock(spinlock_t *lock) ++{ ++ /* NOTE: we always pass in '1' for nested, for simplicity */ ++ spin_release(&lock->dep_map, 1, _RET_IP_); ++ rt_spin_lock_fastunlock(&lock->lock, rt_spin_lock_slowunlock); ++} ++EXPORT_SYMBOL(rt_spin_unlock); ++ ++void __lockfunc rt_spin_unlock_after_trylock_in_irq(spinlock_t *lock) ++{ ++ /* NOTE: we always pass in '1' for nested, for simplicity */ ++ spin_release(&lock->dep_map, 1, _RET_IP_); ++ rt_spin_lock_fastunlock(&lock->lock, rt_spin_lock_slowunlock_hirq); ++} ++ ++void __lockfunc __rt_spin_unlock(struct rt_mutex *lock) ++{ ++ rt_spin_lock_fastunlock(lock, rt_spin_lock_slowunlock); ++} ++EXPORT_SYMBOL(__rt_spin_unlock); ++ ++/* ++ * Wait for the lock to get unlocked: instead of polling for an unlock ++ * (like raw spinlocks do), we lock and unlock, to force the kernel to ++ * schedule if there's contention: ++ */ ++void __lockfunc rt_spin_unlock_wait(spinlock_t *lock) ++{ ++ spin_lock(lock); ++ spin_unlock(lock); ++} ++EXPORT_SYMBOL(rt_spin_unlock_wait); ++ ++int __lockfunc __rt_spin_trylock(struct rt_mutex *lock) ++{ ++ return rt_mutex_trylock(lock); ++} ++ ++int __lockfunc rt_spin_trylock(spinlock_t *lock) ++{ ++ int ret = rt_mutex_trylock(&lock->lock); ++ ++ if (ret) ++ spin_acquire(&lock->dep_map, 0, 1, _RET_IP_); ++ return ret; ++} ++EXPORT_SYMBOL(rt_spin_trylock); ++ ++int __lockfunc rt_spin_trylock_bh(spinlock_t *lock) ++{ ++ int ret; ++ ++ local_bh_disable(); ++ ret = rt_mutex_trylock(&lock->lock); ++ if (ret) { ++ migrate_disable(); ++ spin_acquire(&lock->dep_map, 0, 1, _RET_IP_); ++ } else ++ local_bh_enable(); ++ return ret; ++} ++EXPORT_SYMBOL(rt_spin_trylock_bh); ++ ++int __lockfunc rt_spin_trylock_irqsave(spinlock_t *lock, unsigned long *flags) ++{ ++ int ret; ++ ++ *flags = 0; ++ ret = rt_mutex_trylock(&lock->lock); ++ if (ret) { ++ migrate_disable(); ++ spin_acquire(&lock->dep_map, 0, 1, _RET_IP_); ++ } ++ return ret; ++} ++EXPORT_SYMBOL(rt_spin_trylock_irqsave); ++ ++int atomic_dec_and_spin_lock(atomic_t *atomic, spinlock_t *lock) ++{ ++ /* Subtract 1 from counter unless that drops it to 0 (ie. it was 1) */ ++ if (atomic_add_unless(atomic, -1, 1)) ++ return 0; ++ migrate_disable(); ++ rt_spin_lock(lock); ++ if (atomic_dec_and_test(atomic)) ++ return 1; ++ rt_spin_unlock(lock); ++ migrate_enable(); ++ return 0; ++} ++EXPORT_SYMBOL(atomic_dec_and_spin_lock); ++ ++ void ++__rt_spin_lock_init(spinlock_t *lock, char *name, struct lock_class_key *key) ++{ ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++ /* ++ * Make sure we are not reinitializing a held lock: ++ */ ++ debug_check_no_locks_freed((void *)lock, sizeof(*lock)); ++ lockdep_init_map(&lock->dep_map, name, key, 0); ++#endif ++} ++EXPORT_SYMBOL(__rt_spin_lock_init); ++ ++#endif /* PREEMPT_RT_FULL */ ++ ++#ifdef CONFIG_PREEMPT_RT_FULL ++ static inline int __sched ++__mutex_lock_check_stamp(struct rt_mutex *lock, struct ww_acquire_ctx *ctx) ++{ ++ struct ww_mutex *ww = container_of(lock, struct ww_mutex, base.lock); ++ struct ww_acquire_ctx *hold_ctx = ACCESS_ONCE(ww->ctx); ++ ++ if (!hold_ctx) ++ return 0; ++ ++ if (unlikely(ctx == hold_ctx)) ++ return -EALREADY; ++ ++ if (ctx->stamp - hold_ctx->stamp <= LONG_MAX && ++ (ctx->stamp != hold_ctx->stamp || ctx > hold_ctx)) { ++#ifdef CONFIG_DEBUG_MUTEXES ++ DEBUG_LOCKS_WARN_ON(ctx->contending_lock); ++ ctx->contending_lock = ww; ++#endif ++ return -EDEADLK; ++ } ++ ++ return 0; ++} ++#else ++ static inline int __sched ++__mutex_lock_check_stamp(struct rt_mutex *lock, struct ww_acquire_ctx *ctx) ++{ ++ BUG(); ++ return 0; ++} ++ ++#endif ++ ++static inline int ++try_to_take_rt_mutex(struct rt_mutex *lock, struct task_struct *task, ++ struct rt_mutex_waiter *waiter) ++{ ++ return __try_to_take_rt_mutex(lock, task, waiter, STEAL_NORMAL); ++} ++ + /* + * Task blocks on lock. + * +@@ -894,6 +1299,23 @@ + return -EDEADLK; + + raw_spin_lock_irqsave(&task->pi_lock, flags); ++ ++ /* ++ * In the case of futex requeue PI, this will be a proxy ++ * lock. The task will wake unaware that it is enqueueed on ++ * this lock. Avoid blocking on two locks and corrupting ++ * pi_blocked_on via the PI_WAKEUP_INPROGRESS ++ * flag. futex_wait_requeue_pi() sets this when it wakes up ++ * before requeue (due to a signal or timeout). Do not enqueue ++ * the task if PI_WAKEUP_INPROGRESS is set. ++ */ ++ if (task != current && task->pi_blocked_on == PI_WAKEUP_INPROGRESS) { ++ raw_spin_unlock_irqrestore(&task->pi_lock, flags); ++ return -EAGAIN; ++ } ++ ++ BUG_ON(rt_mutex_real_waiter(task->pi_blocked_on)); ++ + __rt_mutex_adjust_prio(task); + waiter->task = task; + waiter->lock = lock; +@@ -917,7 +1339,7 @@ + rt_mutex_enqueue_pi(owner, waiter); + + __rt_mutex_adjust_prio(owner); +- if (owner->pi_blocked_on) ++ if (rt_mutex_real_waiter(owner->pi_blocked_on)) + chain_walk = 1; + } else if (rt_mutex_cond_detect_deadlock(waiter, chwalk)) { + chain_walk = 1; +@@ -994,7 +1416,7 @@ + * long as we hold lock->wait_lock. The waiter task needs to + * acquire it in order to dequeue the waiter. + */ +- wake_up_process(waiter->task); ++ rt_mutex_wake_waiter(waiter); + } + + /* +@@ -1008,7 +1430,7 @@ + { + bool is_top_waiter = (waiter == rt_mutex_top_waiter(lock)); + struct task_struct *owner = rt_mutex_owner(lock); +- struct rt_mutex *next_lock; ++ struct rt_mutex *next_lock = NULL; + unsigned long flags; + + raw_spin_lock_irqsave(¤t->pi_lock, flags); +@@ -1033,7 +1455,8 @@ + __rt_mutex_adjust_prio(owner); + + /* Store the lock on which owner is blocked or NULL */ +- next_lock = task_blocked_on_lock(owner); ++ if (rt_mutex_real_waiter(owner->pi_blocked_on)) ++ next_lock = task_blocked_on_lock(owner); + + raw_spin_unlock_irqrestore(&owner->pi_lock, flags); + +@@ -1069,17 +1492,17 @@ + raw_spin_lock_irqsave(&task->pi_lock, flags); + + waiter = task->pi_blocked_on; +- if (!waiter || (waiter->prio == task->prio && ++ if (!rt_mutex_real_waiter(waiter) || (waiter->prio == task->prio && + !dl_prio(task->prio))) { + raw_spin_unlock_irqrestore(&task->pi_lock, flags); + return; + } + next_lock = waiter->lock; +- raw_spin_unlock_irqrestore(&task->pi_lock, flags); + + /* gets dropped in rt_mutex_adjust_prio_chain()! */ + get_task_struct(task); + ++ raw_spin_unlock_irqrestore(&task->pi_lock, flags); + rt_mutex_adjust_prio_chain(task, RT_MUTEX_MIN_CHAINWALK, NULL, + next_lock, NULL, task); + } +@@ -1097,7 +1520,8 @@ + static int __sched + __rt_mutex_slowlock(struct rt_mutex *lock, int state, + struct hrtimer_sleeper *timeout, +- struct rt_mutex_waiter *waiter) ++ struct rt_mutex_waiter *waiter, ++ struct ww_acquire_ctx *ww_ctx) + { + int ret = 0; + +@@ -1120,6 +1544,12 @@ + break; + } + ++ if (ww_ctx && ww_ctx->acquired > 0) { ++ ret = __mutex_lock_check_stamp(lock, ww_ctx); ++ if (ret) ++ break; ++ } ++ + raw_spin_unlock(&lock->wait_lock); + + debug_rt_mutex_print_deadlock(waiter); +@@ -1153,25 +1583,102 @@ + } + } + ++static __always_inline void ww_mutex_lock_acquired(struct ww_mutex *ww, ++ struct ww_acquire_ctx *ww_ctx) ++{ ++#ifdef CONFIG_DEBUG_MUTEXES ++ /* ++ * If this WARN_ON triggers, you used ww_mutex_lock to acquire, ++ * but released with a normal mutex_unlock in this call. ++ * ++ * This should never happen, always use ww_mutex_unlock. ++ */ ++ DEBUG_LOCKS_WARN_ON(ww->ctx); ++ ++ /* ++ * Not quite done after calling ww_acquire_done() ? ++ */ ++ DEBUG_LOCKS_WARN_ON(ww_ctx->done_acquire); ++ ++ if (ww_ctx->contending_lock) { ++ /* ++ * After -EDEADLK you tried to ++ * acquire a different ww_mutex? Bad! ++ */ ++ DEBUG_LOCKS_WARN_ON(ww_ctx->contending_lock != ww); ++ ++ /* ++ * You called ww_mutex_lock after receiving -EDEADLK, ++ * but 'forgot' to unlock everything else first? ++ */ ++ DEBUG_LOCKS_WARN_ON(ww_ctx->acquired > 0); ++ ww_ctx->contending_lock = NULL; ++ } ++ ++ /* ++ * Naughty, using a different class will lead to undefined behavior! ++ */ ++ DEBUG_LOCKS_WARN_ON(ww_ctx->ww_class != ww->ww_class); ++#endif ++ ww_ctx->acquired++; ++} ++ ++#ifdef CONFIG_PREEMPT_RT_FULL ++static void ww_mutex_account_lock(struct rt_mutex *lock, ++ struct ww_acquire_ctx *ww_ctx) ++{ ++ struct ww_mutex *ww = container_of(lock, struct ww_mutex, base.lock); ++ struct rt_mutex_waiter *waiter, *n; ++ ++ /* ++ * This branch gets optimized out for the common case, ++ * and is only important for ww_mutex_lock. ++ */ ++ ww_mutex_lock_acquired(ww, ww_ctx); ++ ww->ctx = ww_ctx; ++ ++ /* ++ * Give any possible sleeping processes the chance to wake up, ++ * so they can recheck if they have to back off. ++ */ ++ rbtree_postorder_for_each_entry_safe(waiter, n, &lock->waiters, ++ tree_entry) { ++ /* XXX debug rt mutex waiter wakeup */ ++ ++ BUG_ON(waiter->lock != lock); ++ rt_mutex_wake_waiter(waiter); ++ } ++} ++ ++#else ++ ++static void ww_mutex_account_lock(struct rt_mutex *lock, ++ struct ww_acquire_ctx *ww_ctx) ++{ ++ BUG(); ++} ++#endif ++ + /* + * Slow path lock function: + */ + static int __sched + rt_mutex_slowlock(struct rt_mutex *lock, int state, + struct hrtimer_sleeper *timeout, +- enum rtmutex_chainwalk chwalk) ++ enum rtmutex_chainwalk chwalk, ++ struct ww_acquire_ctx *ww_ctx) + { + struct rt_mutex_waiter waiter; + int ret = 0; + +- debug_rt_mutex_init_waiter(&waiter); +- RB_CLEAR_NODE(&waiter.pi_tree_entry); +- RB_CLEAR_NODE(&waiter.tree_entry); ++ rt_mutex_init_waiter(&waiter, false); + + raw_spin_lock(&lock->wait_lock); + + /* Try to acquire the lock again: */ + if (try_to_take_rt_mutex(lock, current, NULL)) { ++ if (ww_ctx) ++ ww_mutex_account_lock(lock, ww_ctx); + raw_spin_unlock(&lock->wait_lock); + return 0; + } +@@ -1188,13 +1695,17 @@ + ret = task_blocks_on_rt_mutex(lock, &waiter, current, chwalk); + + if (likely(!ret)) +- ret = __rt_mutex_slowlock(lock, state, timeout, &waiter); ++ ret = __rt_mutex_slowlock(lock, state, timeout, &waiter, ++ ww_ctx); + + set_current_state(TASK_RUNNING); + + if (unlikely(ret)) { +- remove_waiter(lock, &waiter); ++ if (rt_mutex_has_waiters(lock)) ++ remove_waiter(lock, &waiter); + rt_mutex_handle_deadlock(ret, chwalk, &waiter); ++ } else if (ww_ctx) { ++ ww_mutex_account_lock(lock, ww_ctx); + } + + /* +@@ -1233,7 +1744,8 @@ + * The mutex has currently no owner. Lock the wait lock and + * try to acquire the lock. + */ +- raw_spin_lock(&lock->wait_lock); ++ if (!raw_spin_trylock(&lock->wait_lock)) ++ return 0; + + ret = try_to_take_rt_mutex(lock, current, NULL); + +@@ -1319,31 +1831,36 @@ + */ + static inline int + rt_mutex_fastlock(struct rt_mutex *lock, int state, ++ struct ww_acquire_ctx *ww_ctx, + int (*slowfn)(struct rt_mutex *lock, int state, + struct hrtimer_sleeper *timeout, +- enum rtmutex_chainwalk chwalk)) ++ enum rtmutex_chainwalk chwalk, ++ struct ww_acquire_ctx *ww_ctx)) + { + if (likely(rt_mutex_cmpxchg(lock, NULL, current))) { + rt_mutex_deadlock_account_lock(lock, current); + return 0; + } else +- return slowfn(lock, state, NULL, RT_MUTEX_MIN_CHAINWALK); ++ return slowfn(lock, state, NULL, RT_MUTEX_MIN_CHAINWALK, ++ ww_ctx); + } + + static inline int + rt_mutex_timed_fastlock(struct rt_mutex *lock, int state, + struct hrtimer_sleeper *timeout, + enum rtmutex_chainwalk chwalk, ++ struct ww_acquire_ctx *ww_ctx, + int (*slowfn)(struct rt_mutex *lock, int state, + struct hrtimer_sleeper *timeout, +- enum rtmutex_chainwalk chwalk)) ++ enum rtmutex_chainwalk chwalk, ++ struct ww_acquire_ctx *ww_ctx)) + { + if (chwalk == RT_MUTEX_MIN_CHAINWALK && + likely(rt_mutex_cmpxchg(lock, NULL, current))) { + rt_mutex_deadlock_account_lock(lock, current); + return 0; + } else +- return slowfn(lock, state, timeout, chwalk); ++ return slowfn(lock, state, timeout, chwalk, ww_ctx); + } + + static inline int +@@ -1376,7 +1893,7 @@ + { + might_sleep(); + +- rt_mutex_fastlock(lock, TASK_UNINTERRUPTIBLE, rt_mutex_slowlock); ++ rt_mutex_fastlock(lock, TASK_UNINTERRUPTIBLE, NULL, rt_mutex_slowlock); + } + EXPORT_SYMBOL_GPL(rt_mutex_lock); + +@@ -1393,7 +1910,7 @@ + { + might_sleep(); + +- return rt_mutex_fastlock(lock, TASK_INTERRUPTIBLE, rt_mutex_slowlock); ++ return rt_mutex_fastlock(lock, TASK_INTERRUPTIBLE, NULL, rt_mutex_slowlock); + } + EXPORT_SYMBOL_GPL(rt_mutex_lock_interruptible); + +@@ -1406,11 +1923,30 @@ + might_sleep(); + + return rt_mutex_timed_fastlock(lock, TASK_INTERRUPTIBLE, timeout, +- RT_MUTEX_FULL_CHAINWALK, ++ RT_MUTEX_FULL_CHAINWALK, NULL, + rt_mutex_slowlock); + } + + /** ++ * rt_mutex_lock_killable - lock a rt_mutex killable ++ * ++ * @lock: the rt_mutex to be locked ++ * @detect_deadlock: deadlock detection on/off ++ * ++ * Returns: ++ * 0 on success ++ * -EINTR when interrupted by a signal ++ * -EDEADLK when the lock would deadlock (when deadlock detection is on) ++ */ ++int __sched rt_mutex_lock_killable(struct rt_mutex *lock) ++{ ++ might_sleep(); ++ ++ return rt_mutex_fastlock(lock, TASK_KILLABLE, NULL, rt_mutex_slowlock); ++} ++EXPORT_SYMBOL_GPL(rt_mutex_lock_killable); ++ ++/** + * rt_mutex_timed_lock - lock a rt_mutex interruptible + * the timeout structure is provided + * by the caller +@@ -1430,6 +1966,7 @@ + + return rt_mutex_timed_fastlock(lock, TASK_INTERRUPTIBLE, timeout, + RT_MUTEX_MIN_CHAINWALK, ++ NULL, + rt_mutex_slowlock); + } + EXPORT_SYMBOL_GPL(rt_mutex_timed_lock); +@@ -1488,13 +2025,12 @@ + void __rt_mutex_init(struct rt_mutex *lock, const char *name) + { + lock->owner = NULL; +- raw_spin_lock_init(&lock->wait_lock); + lock->waiters = RB_ROOT; + lock->waiters_leftmost = NULL; + + debug_rt_mutex_init(lock, name); + } +-EXPORT_SYMBOL_GPL(__rt_mutex_init); ++EXPORT_SYMBOL(__rt_mutex_init); + + /** + * rt_mutex_init_proxy_locked - initialize and lock a rt_mutex on behalf of a +@@ -1509,7 +2045,7 @@ + void rt_mutex_init_proxy_locked(struct rt_mutex *lock, + struct task_struct *proxy_owner) + { +- __rt_mutex_init(lock, NULL); ++ rt_mutex_init(lock); + debug_rt_mutex_proxy_lock(lock, proxy_owner); + rt_mutex_set_owner(lock, proxy_owner); + rt_mutex_deadlock_account_lock(lock, proxy_owner); +@@ -1557,6 +2093,35 @@ + return 1; + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++ /* ++ * In PREEMPT_RT there's an added race. ++ * If the task, that we are about to requeue, times out, ++ * it can set the PI_WAKEUP_INPROGRESS. This tells the requeue ++ * to skip this task. But right after the task sets ++ * its pi_blocked_on to PI_WAKEUP_INPROGRESS it can then ++ * block on the spin_lock(&hb->lock), which in RT is an rtmutex. ++ * This will replace the PI_WAKEUP_INPROGRESS with the actual ++ * lock that it blocks on. We *must not* place this task ++ * on this proxy lock in that case. ++ * ++ * To prevent this race, we first take the task's pi_lock ++ * and check if it has updated its pi_blocked_on. If it has, ++ * we assume that it woke up and we return -EAGAIN. ++ * Otherwise, we set the task's pi_blocked_on to ++ * PI_REQUEUE_INPROGRESS, so that if the task is waking up ++ * it will know that we are in the process of requeuing it. ++ */ ++ raw_spin_lock_irq(&task->pi_lock); ++ if (task->pi_blocked_on) { ++ raw_spin_unlock_irq(&task->pi_lock); ++ raw_spin_unlock(&lock->wait_lock); ++ return -EAGAIN; ++ } ++ task->pi_blocked_on = PI_REQUEUE_INPROGRESS; ++ raw_spin_unlock_irq(&task->pi_lock); ++#endif ++ + /* We enforce deadlock detection for futexes */ + ret = task_blocks_on_rt_mutex(lock, waiter, task, + RT_MUTEX_FULL_CHAINWALK); +@@ -1626,7 +2191,7 @@ + + set_current_state(TASK_INTERRUPTIBLE); + +- ret = __rt_mutex_slowlock(lock, TASK_INTERRUPTIBLE, to, waiter); ++ ret = __rt_mutex_slowlock(lock, TASK_INTERRUPTIBLE, to, waiter, NULL); + + set_current_state(TASK_RUNNING); + +@@ -1643,3 +2208,89 @@ + + return ret; + } ++ ++static inline int ++ww_mutex_deadlock_injection(struct ww_mutex *lock, struct ww_acquire_ctx *ctx) ++{ ++#ifdef CONFIG_DEBUG_WW_MUTEX_SLOWPATH ++ unsigned tmp; ++ ++ if (ctx->deadlock_inject_countdown-- == 0) { ++ tmp = ctx->deadlock_inject_interval; ++ if (tmp > UINT_MAX/4) ++ tmp = UINT_MAX; ++ else ++ tmp = tmp*2 + tmp + tmp/2; ++ ++ ctx->deadlock_inject_interval = tmp; ++ ctx->deadlock_inject_countdown = tmp; ++ ctx->contending_lock = lock; ++ ++ ww_mutex_unlock(lock); ++ ++ return -EDEADLK; ++ } ++#endif ++ ++ return 0; ++} ++ ++#ifdef CONFIG_PREEMPT_RT_FULL ++int __sched ++__ww_mutex_lock_interruptible(struct ww_mutex *lock, struct ww_acquire_ctx *ww_ctx) ++{ ++ int ret; ++ ++ might_sleep(); ++ ++ mutex_acquire_nest(&lock->base.dep_map, 0, 0, &ww_ctx->dep_map, _RET_IP_); ++ ret = rt_mutex_slowlock(&lock->base.lock, TASK_INTERRUPTIBLE, NULL, ++ RT_MUTEX_FULL_CHAINWALK, ww_ctx); ++ if (ret) ++ mutex_release(&lock->base.dep_map, 1, _RET_IP_); ++ else if (!ret && ww_ctx->acquired > 1) ++ return ww_mutex_deadlock_injection(lock, ww_ctx); ++ ++ return ret; ++} ++EXPORT_SYMBOL_GPL(__ww_mutex_lock_interruptible); ++ ++int __sched ++__ww_mutex_lock(struct ww_mutex *lock, struct ww_acquire_ctx *ww_ctx) ++{ ++ int ret; ++ ++ might_sleep(); ++ ++ mutex_acquire_nest(&lock->base.dep_map, 0, 0, &ww_ctx->dep_map, _RET_IP_); ++ ret = rt_mutex_slowlock(&lock->base.lock, TASK_UNINTERRUPTIBLE, NULL, ++ RT_MUTEX_FULL_CHAINWALK, ww_ctx); ++ if (ret) ++ mutex_release(&lock->base.dep_map, 1, _RET_IP_); ++ else if (!ret && ww_ctx->acquired > 1) ++ return ww_mutex_deadlock_injection(lock, ww_ctx); ++ ++ return ret; ++} ++EXPORT_SYMBOL_GPL(__ww_mutex_lock); ++ ++void __sched ww_mutex_unlock(struct ww_mutex *lock) ++{ ++ /* ++ * The unlocking fastpath is the 0->1 transition from 'locked' ++ * into 'unlocked' state: ++ */ ++ if (lock->ctx) { ++#ifdef CONFIG_DEBUG_MUTEXES ++ DEBUG_LOCKS_WARN_ON(!lock->ctx->acquired); ++#endif ++ if (lock->ctx->acquired > 0) ++ lock->ctx->acquired--; ++ lock->ctx = NULL; ++ } ++ ++ mutex_release(&lock->base.dep_map, 1, _RET_IP_); ++ rt_mutex_unlock(&lock->base.lock); ++} ++EXPORT_SYMBOL(ww_mutex_unlock); ++#endif +diff -Nur linux-3.18.9.orig/kernel/locking/rtmutex_common.h linux-3.18.9/kernel/locking/rtmutex_common.h +--- linux-3.18.9.orig/kernel/locking/rtmutex_common.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/locking/rtmutex_common.h 2015-03-15 16:03:03.836094874 -0500 +@@ -49,6 +49,7 @@ + struct rb_node pi_tree_entry; + struct task_struct *task; + struct rt_mutex *lock; ++ bool savestate; + #ifdef CONFIG_DEBUG_RT_MUTEXES + unsigned long ip; + struct pid *deadlock_task_pid; +@@ -119,6 +120,9 @@ + /* + * PI-futex support (proxy locking functions, etc.): + */ ++#define PI_WAKEUP_INPROGRESS ((struct rt_mutex_waiter *) 1) ++#define PI_REQUEUE_INPROGRESS ((struct rt_mutex_waiter *) 2) ++ + extern struct task_struct *rt_mutex_next_owner(struct rt_mutex *lock); + extern void rt_mutex_init_proxy_locked(struct rt_mutex *lock, + struct task_struct *proxy_owner); +@@ -138,4 +142,14 @@ + # include "rtmutex.h" + #endif + ++static inline void ++rt_mutex_init_waiter(struct rt_mutex_waiter *waiter, bool savestate) ++{ ++ debug_rt_mutex_init_waiter(waiter); ++ waiter->task = NULL; ++ waiter->savestate = savestate; ++ RB_CLEAR_NODE(&waiter->pi_tree_entry); ++ RB_CLEAR_NODE(&waiter->tree_entry); ++} ++ + #endif +diff -Nur linux-3.18.9.orig/kernel/locking/spinlock.c linux-3.18.9/kernel/locking/spinlock.c +--- linux-3.18.9.orig/kernel/locking/spinlock.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/locking/spinlock.c 2015-03-15 16:03:03.840094875 -0500 +@@ -124,8 +124,11 @@ + * __[spin|read|write]_lock_bh() + */ + BUILD_LOCK_OPS(spin, raw_spinlock); ++ ++#ifndef CONFIG_PREEMPT_RT_FULL + BUILD_LOCK_OPS(read, rwlock); + BUILD_LOCK_OPS(write, rwlock); ++#endif + + #endif + +@@ -209,6 +212,8 @@ + EXPORT_SYMBOL(_raw_spin_unlock_bh); + #endif + ++#ifndef CONFIG_PREEMPT_RT_FULL ++ + #ifndef CONFIG_INLINE_READ_TRYLOCK + int __lockfunc _raw_read_trylock(rwlock_t *lock) + { +@@ -353,6 +358,8 @@ + EXPORT_SYMBOL(_raw_write_unlock_bh); + #endif + ++#endif /* !PREEMPT_RT_FULL */ ++ + #ifdef CONFIG_DEBUG_LOCK_ALLOC + + void __lockfunc _raw_spin_lock_nested(raw_spinlock_t *lock, int subclass) +diff -Nur linux-3.18.9.orig/kernel/locking/spinlock_debug.c linux-3.18.9/kernel/locking/spinlock_debug.c +--- linux-3.18.9.orig/kernel/locking/spinlock_debug.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/locking/spinlock_debug.c 2015-03-15 16:03:03.840094875 -0500 +@@ -31,6 +31,7 @@ + + EXPORT_SYMBOL(__raw_spin_lock_init); + ++#ifndef CONFIG_PREEMPT_RT_FULL + void __rwlock_init(rwlock_t *lock, const char *name, + struct lock_class_key *key) + { +@@ -48,6 +49,7 @@ + } + + EXPORT_SYMBOL(__rwlock_init); ++#endif + + static void spin_dump(raw_spinlock_t *lock, const char *msg) + { +@@ -159,6 +161,7 @@ + arch_spin_unlock(&lock->raw_lock); + } + ++#ifndef CONFIG_PREEMPT_RT_FULL + static void rwlock_bug(rwlock_t *lock, const char *msg) + { + if (!debug_locks_off()) +@@ -300,3 +303,5 @@ + debug_write_unlock(lock); + arch_write_unlock(&lock->raw_lock); + } ++ ++#endif +diff -Nur linux-3.18.9.orig/kernel/panic.c linux-3.18.9/kernel/panic.c +--- linux-3.18.9.orig/kernel/panic.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/panic.c 2015-03-15 16:03:03.840094875 -0500 +@@ -384,9 +384,11 @@ + + static int init_oops_id(void) + { ++#ifndef CONFIG_PREEMPT_RT_FULL + if (!oops_id) + get_random_bytes(&oops_id, sizeof(oops_id)); + else ++#endif + oops_id++; + + return 0; +diff -Nur linux-3.18.9.orig/kernel/power/hibernate.c linux-3.18.9/kernel/power/hibernate.c +--- linux-3.18.9.orig/kernel/power/hibernate.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/power/hibernate.c 2015-03-15 16:03:03.840094875 -0500 +@@ -287,6 +287,8 @@ + + local_irq_disable(); + ++ system_state = SYSTEM_SUSPEND; ++ + error = syscore_suspend(); + if (error) { + printk(KERN_ERR "PM: Some system devices failed to power down, " +@@ -316,6 +318,7 @@ + syscore_resume(); + + Enable_irqs: ++ system_state = SYSTEM_RUNNING; + local_irq_enable(); + + Enable_cpus: +@@ -439,6 +442,7 @@ + goto Enable_cpus; + + local_irq_disable(); ++ system_state = SYSTEM_SUSPEND; + + error = syscore_suspend(); + if (error) +@@ -472,6 +476,7 @@ + syscore_resume(); + + Enable_irqs: ++ system_state = SYSTEM_RUNNING; + local_irq_enable(); + + Enable_cpus: +@@ -557,6 +562,7 @@ + goto Platform_finish; + + local_irq_disable(); ++ system_state = SYSTEM_SUSPEND; + syscore_suspend(); + if (pm_wakeup_pending()) { + error = -EAGAIN; +@@ -569,6 +575,7 @@ + + Power_up: + syscore_resume(); ++ system_state = SYSTEM_RUNNING; + local_irq_enable(); + enable_nonboot_cpus(); + +diff -Nur linux-3.18.9.orig/kernel/power/suspend.c linux-3.18.9/kernel/power/suspend.c +--- linux-3.18.9.orig/kernel/power/suspend.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/power/suspend.c 2015-03-15 16:03:03.840094875 -0500 +@@ -318,6 +318,8 @@ + arch_suspend_disable_irqs(); + BUG_ON(!irqs_disabled()); + ++ system_state = SYSTEM_SUSPEND; ++ + error = syscore_suspend(); + if (!error) { + *wakeup = pm_wakeup_pending(); +@@ -332,6 +334,8 @@ + syscore_resume(); + } + ++ system_state = SYSTEM_RUNNING; ++ + arch_suspend_enable_irqs(); + BUG_ON(irqs_disabled()); + +diff -Nur linux-3.18.9.orig/kernel/printk/printk.c linux-3.18.9/kernel/printk/printk.c +--- linux-3.18.9.orig/kernel/printk/printk.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/printk/printk.c 2015-03-15 16:03:03.840094875 -0500 +@@ -1165,6 +1165,7 @@ + { + char *text; + int len = 0; ++ int attempts = 0; + + text = kmalloc(LOG_LINE_MAX + PREFIX_MAX, GFP_KERNEL); + if (!text) +@@ -1176,7 +1177,14 @@ + u64 seq; + u32 idx; + enum log_flags prev; +- ++ int num_msg; ++try_again: ++ attempts++; ++ if (attempts > 10) { ++ len = -EBUSY; ++ goto out; ++ } ++ num_msg = 0; + if (clear_seq < log_first_seq) { + /* messages are gone, move to first available one */ + clear_seq = log_first_seq; +@@ -1197,6 +1205,14 @@ + prev = msg->flags; + idx = log_next(idx); + seq++; ++ num_msg++; ++ if (num_msg > 5) { ++ num_msg = 0; ++ raw_spin_unlock_irq(&logbuf_lock); ++ raw_spin_lock_irq(&logbuf_lock); ++ if (clear_seq < log_first_seq) ++ goto try_again; ++ } + } + + /* move first record forward until length fits into the buffer */ +@@ -1210,6 +1226,14 @@ + prev = msg->flags; + idx = log_next(idx); + seq++; ++ num_msg++; ++ if (num_msg > 5) { ++ num_msg = 0; ++ raw_spin_unlock_irq(&logbuf_lock); ++ raw_spin_lock_irq(&logbuf_lock); ++ if (clear_seq < log_first_seq) ++ goto try_again; ++ } + } + + /* last message fitting into this dump */ +@@ -1250,6 +1274,7 @@ + clear_seq = log_next_seq; + clear_idx = log_next_idx; + } ++out: + raw_spin_unlock_irq(&logbuf_lock); + + kfree(text); +@@ -1407,6 +1432,7 @@ + if (!console_drivers) + return; + ++ migrate_disable(); + for_each_console(con) { + if (exclusive_console && con != exclusive_console) + continue; +@@ -1419,6 +1445,7 @@ + continue; + con->write(con, text, len); + } ++ migrate_enable(); + } + + /* +@@ -1479,6 +1506,15 @@ + static int console_trylock_for_printk(void) + { + unsigned int cpu = smp_processor_id(); ++#ifdef CONFIG_PREEMPT_RT_FULL ++ int lock = !early_boot_irqs_disabled && (preempt_count() == 0) && ++ !irqs_disabled(); ++#else ++ int lock = 1; ++#endif ++ ++ if (!lock) ++ return 0; + + if (!console_trylock()) + return 0; +@@ -1613,6 +1649,62 @@ + return textlen; + } + ++#ifdef CONFIG_EARLY_PRINTK ++struct console *early_console; ++ ++void early_vprintk(const char *fmt, va_list ap) ++{ ++ if (early_console) { ++ char buf[512]; ++ int n = vscnprintf(buf, sizeof(buf), fmt, ap); ++ ++ early_console->write(early_console, buf, n); ++ } ++} ++ ++asmlinkage void early_printk(const char *fmt, ...) ++{ ++ va_list ap; ++ ++ va_start(ap, fmt); ++ early_vprintk(fmt, ap); ++ va_end(ap); ++} ++ ++/* ++ * This is independent of any log levels - a global ++ * kill switch that turns off all of printk. ++ * ++ * Used by the NMI watchdog if early-printk is enabled. ++ */ ++static bool __read_mostly printk_killswitch; ++ ++static int __init force_early_printk_setup(char *str) ++{ ++ printk_killswitch = true; ++ return 0; ++} ++early_param("force_early_printk", force_early_printk_setup); ++ ++void printk_kill(void) ++{ ++ printk_killswitch = true; ++} ++ ++static int forced_early_printk(const char *fmt, va_list ap) ++{ ++ if (!printk_killswitch) ++ return 0; ++ early_vprintk(fmt, ap); ++ return 1; ++} ++#else ++static inline int forced_early_printk(const char *fmt, va_list ap) ++{ ++ return 0; ++} ++#endif ++ + asmlinkage int vprintk_emit(int facility, int level, + const char *dict, size_t dictlen, + const char *fmt, va_list args) +@@ -1629,6 +1721,13 @@ + /* cpu currently holding logbuf_lock in this function */ + static volatile unsigned int logbuf_cpu = UINT_MAX; + ++ /* ++ * Fall back to early_printk if a debugging subsystem has ++ * killed printk output ++ */ ++ if (unlikely(forced_early_printk(fmt, args))) ++ return 1; ++ + if (level == SCHED_MESSAGE_LOGLEVEL) { + level = -1; + in_sched = true; +@@ -1769,8 +1868,7 @@ + * console_sem which would prevent anyone from printing to + * console + */ +- preempt_disable(); +- ++ migrate_disable(); + /* + * Try to acquire and then immediately release the console + * semaphore. The release will print out buffers and wake up +@@ -1778,7 +1876,7 @@ + */ + if (console_trylock_for_printk()) + console_unlock(); +- preempt_enable(); ++ migrate_enable(); + lockdep_on(); + } + +@@ -1878,29 +1976,6 @@ + + #endif /* CONFIG_PRINTK */ + +-#ifdef CONFIG_EARLY_PRINTK +-struct console *early_console; +- +-void early_vprintk(const char *fmt, va_list ap) +-{ +- if (early_console) { +- char buf[512]; +- int n = vscnprintf(buf, sizeof(buf), fmt, ap); +- +- early_console->write(early_console, buf, n); +- } +-} +- +-asmlinkage __visible void early_printk(const char *fmt, ...) +-{ +- va_list ap; +- +- va_start(ap, fmt); +- early_vprintk(fmt, ap); +- va_end(ap); +-} +-#endif +- + static int __add_preferred_console(char *name, int idx, char *options, + char *brl_options) + { +@@ -2140,11 +2215,16 @@ + goto out; + + len = cont_print_text(text, size); ++#ifndef CONFIG_PREEMPT_RT_FULL + raw_spin_unlock(&logbuf_lock); + stop_critical_timings(); + call_console_drivers(cont.level, text, len); + start_critical_timings(); + local_irq_restore(flags); ++#else ++ raw_spin_unlock_irqrestore(&logbuf_lock, flags); ++ call_console_drivers(cont.level, text, len); ++#endif + return; + out: + raw_spin_unlock_irqrestore(&logbuf_lock, flags); +@@ -2232,12 +2312,17 @@ + console_idx = log_next(console_idx); + console_seq++; + console_prev = msg->flags; ++#ifdef CONFIG_PREEMPT_RT_FULL ++ raw_spin_unlock_irqrestore(&logbuf_lock, flags); ++ call_console_drivers(level, text, len); ++#else + raw_spin_unlock(&logbuf_lock); + + stop_critical_timings(); /* don't trace print latency */ + call_console_drivers(level, text, len); + start_critical_timings(); + local_irq_restore(flags); ++#endif + } + console_locked = 0; + +diff -Nur linux-3.18.9.orig/kernel/ptrace.c linux-3.18.9/kernel/ptrace.c +--- linux-3.18.9.orig/kernel/ptrace.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/ptrace.c 2015-03-15 16:03:03.840094875 -0500 +@@ -129,7 +129,12 @@ + + spin_lock_irq(&task->sighand->siglock); + if (task_is_traced(task) && !__fatal_signal_pending(task)) { +- task->state = __TASK_TRACED; ++ raw_spin_lock_irq(&task->pi_lock); ++ if (task->state & __TASK_TRACED) ++ task->state = __TASK_TRACED; ++ else ++ task->saved_state = __TASK_TRACED; ++ raw_spin_unlock_irq(&task->pi_lock); + ret = true; + } + spin_unlock_irq(&task->sighand->siglock); +diff -Nur linux-3.18.9.orig/kernel/rcu/tiny.c linux-3.18.9/kernel/rcu/tiny.c +--- linux-3.18.9.orig/kernel/rcu/tiny.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/rcu/tiny.c 2015-03-15 16:03:03.840094875 -0500 +@@ -370,6 +370,7 @@ + } + EXPORT_SYMBOL_GPL(call_rcu_sched); + ++#ifndef CONFIG_PREEMPT_RT_FULL + /* + * Post an RCU bottom-half callback to be invoked after any subsequent + * quiescent state. +@@ -379,6 +380,7 @@ + __call_rcu(head, func, &rcu_bh_ctrlblk); + } + EXPORT_SYMBOL_GPL(call_rcu_bh); ++#endif + + void rcu_init(void) + { +diff -Nur linux-3.18.9.orig/kernel/rcu/tree.c linux-3.18.9/kernel/rcu/tree.c +--- linux-3.18.9.orig/kernel/rcu/tree.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/rcu/tree.c 2015-03-15 16:03:03.840094875 -0500 +@@ -56,6 +56,11 @@ + #include <linux/random.h> + #include <linux/ftrace_event.h> + #include <linux/suspend.h> ++#include <linux/delay.h> ++#include <linux/gfp.h> ++#include <linux/oom.h> ++#include <linux/smpboot.h> ++#include "../time/tick-internal.h" + + #include "tree.h" + #include "rcu.h" +@@ -152,8 +157,6 @@ + */ + static int rcu_scheduler_fully_active __read_mostly; + +-#ifdef CONFIG_RCU_BOOST +- + /* + * Control variables for per-CPU and per-rcu_node kthreads. These + * handle all flavors of RCU. +@@ -163,8 +166,6 @@ + DEFINE_PER_CPU(unsigned int, rcu_cpu_kthread_loops); + DEFINE_PER_CPU(char, rcu_cpu_has_work); + +-#endif /* #ifdef CONFIG_RCU_BOOST */ +- + static void rcu_boost_kthread_setaffinity(struct rcu_node *rnp, int outgoingcpu); + static void invoke_rcu_core(void); + static void invoke_rcu_callbacks(struct rcu_state *rsp, struct rcu_data *rdp); +@@ -207,6 +208,19 @@ + } + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++static void rcu_preempt_qs(void); ++ ++void rcu_bh_qs(void) ++{ ++ unsigned long flags; ++ ++ /* Callers to this function, rcu_preempt_qs(), must disable irqs. */ ++ local_irq_save(flags); ++ rcu_preempt_qs(); ++ local_irq_restore(flags); ++} ++#else + void rcu_bh_qs(void) + { + if (!__this_cpu_read(rcu_bh_data.passed_quiesce)) { +@@ -216,6 +230,7 @@ + __this_cpu_write(rcu_bh_data.passed_quiesce, 1); + } + } ++#endif + + static DEFINE_PER_CPU(int, rcu_sched_qs_mask); + +@@ -336,6 +351,7 @@ + } + EXPORT_SYMBOL_GPL(rcu_batches_completed_sched); + ++#ifndef CONFIG_PREEMPT_RT_FULL + /* + * Return the number of RCU BH batches processed thus far for debug & stats. + */ +@@ -362,6 +378,7 @@ + force_quiescent_state(&rcu_bh_state); + } + EXPORT_SYMBOL_GPL(rcu_bh_force_quiescent_state); ++#endif + + /* + * Show the state of the grace-period kthreads. +@@ -1411,7 +1428,7 @@ + !ACCESS_ONCE(rsp->gp_flags) || + !rsp->gp_kthread) + return; +- wake_up(&rsp->gp_wq); ++ swait_wake(&rsp->gp_wq); + } + + /* +@@ -1793,7 +1810,7 @@ + ACCESS_ONCE(rsp->gpnum), + TPS("reqwait")); + rsp->gp_state = RCU_GP_WAIT_GPS; +- wait_event_interruptible(rsp->gp_wq, ++ swait_event_interruptible(rsp->gp_wq, + ACCESS_ONCE(rsp->gp_flags) & + RCU_GP_FLAG_INIT); + /* Locking provides needed memory barrier. */ +@@ -1821,7 +1838,7 @@ + ACCESS_ONCE(rsp->gpnum), + TPS("fqswait")); + rsp->gp_state = RCU_GP_WAIT_FQS; +- ret = wait_event_interruptible_timeout(rsp->gp_wq, ++ ret = swait_event_interruptible_timeout(rsp->gp_wq, + ((gf = ACCESS_ONCE(rsp->gp_flags)) & + RCU_GP_FLAG_FQS) || + (!ACCESS_ONCE(rnp->qsmask) && +@@ -2565,16 +2582,14 @@ + /* + * Do RCU core processing for the current CPU. + */ +-static void rcu_process_callbacks(struct softirq_action *unused) ++static void rcu_process_callbacks(void) + { + struct rcu_state *rsp; + + if (cpu_is_offline(smp_processor_id())) + return; +- trace_rcu_utilization(TPS("Start RCU core")); + for_each_rcu_flavor(rsp) + __rcu_process_callbacks(rsp); +- trace_rcu_utilization(TPS("End RCU core")); + } + + /* +@@ -2588,18 +2603,105 @@ + { + if (unlikely(!ACCESS_ONCE(rcu_scheduler_fully_active))) + return; +- if (likely(!rsp->boost)) { +- rcu_do_batch(rsp, rdp); ++ rcu_do_batch(rsp, rdp); ++} ++ ++static void rcu_wake_cond(struct task_struct *t, int status) ++{ ++ /* ++ * If the thread is yielding, only wake it when this ++ * is invoked from idle ++ */ ++ if (t && (status != RCU_KTHREAD_YIELDING || is_idle_task(current))) ++ wake_up_process(t); ++} ++ ++/* ++ * Wake up this CPU's rcuc kthread to do RCU core processing. ++ */ ++static void invoke_rcu_core(void) ++{ ++ unsigned long flags; ++ struct task_struct *t; ++ ++ if (!cpu_online(smp_processor_id())) + return; ++ local_irq_save(flags); ++ __this_cpu_write(rcu_cpu_has_work, 1); ++ t = __this_cpu_read(rcu_cpu_kthread_task); ++ if (t != NULL && current != t) ++ rcu_wake_cond(t, __this_cpu_read(rcu_cpu_kthread_status)); ++ local_irq_restore(flags); ++} ++ ++static void rcu_cpu_kthread_park(unsigned int cpu) ++{ ++ per_cpu(rcu_cpu_kthread_status, cpu) = RCU_KTHREAD_OFFCPU; ++} ++ ++static int rcu_cpu_kthread_should_run(unsigned int cpu) ++{ ++ return __this_cpu_read(rcu_cpu_has_work); ++} ++ ++/* ++ * Per-CPU kernel thread that invokes RCU callbacks. This replaces the ++ * RCU softirq used in flavors and configurations of RCU that do not ++ * support RCU priority boosting. ++ */ ++static void rcu_cpu_kthread(unsigned int cpu) ++{ ++ unsigned int *statusp = &__get_cpu_var(rcu_cpu_kthread_status); ++ char work, *workp = &__get_cpu_var(rcu_cpu_has_work); ++ int spincnt; ++ ++ for (spincnt = 0; spincnt < 10; spincnt++) { ++ trace_rcu_utilization(TPS("Start CPU kthread@rcu_wait")); ++ local_bh_disable(); ++ *statusp = RCU_KTHREAD_RUNNING; ++ this_cpu_inc(rcu_cpu_kthread_loops); ++ local_irq_disable(); ++ work = *workp; ++ *workp = 0; ++ local_irq_enable(); ++ if (work) ++ rcu_process_callbacks(); ++ local_bh_enable(); ++ if (*workp == 0) { ++ trace_rcu_utilization(TPS("End CPU kthread@rcu_wait")); ++ *statusp = RCU_KTHREAD_WAITING; ++ return; ++ } + } +- invoke_rcu_callbacks_kthread(); ++ *statusp = RCU_KTHREAD_YIELDING; ++ trace_rcu_utilization(TPS("Start CPU kthread@rcu_yield")); ++ schedule_timeout_interruptible(2); ++ trace_rcu_utilization(TPS("End CPU kthread@rcu_yield")); ++ *statusp = RCU_KTHREAD_WAITING; + } + +-static void invoke_rcu_core(void) ++static struct smp_hotplug_thread rcu_cpu_thread_spec = { ++ .store = &rcu_cpu_kthread_task, ++ .thread_should_run = rcu_cpu_kthread_should_run, ++ .thread_fn = rcu_cpu_kthread, ++ .thread_comm = "rcuc/%u", ++ .setup = rcu_cpu_kthread_setup, ++ .park = rcu_cpu_kthread_park, ++}; ++ ++/* ++ * Spawn per-CPU RCU core processing kthreads. ++ */ ++static int __init rcu_spawn_core_kthreads(void) + { +- if (cpu_online(smp_processor_id())) +- raise_softirq(RCU_SOFTIRQ); ++ int cpu; ++ ++ for_each_possible_cpu(cpu) ++ per_cpu(rcu_cpu_has_work, cpu) = 0; ++ BUG_ON(smpboot_register_percpu_thread(&rcu_cpu_thread_spec)); ++ return 0; + } ++early_initcall(rcu_spawn_core_kthreads); + + /* + * Handle any core-RCU processing required by a call_rcu() invocation. +@@ -2734,6 +2836,7 @@ + } + EXPORT_SYMBOL_GPL(call_rcu_sched); + ++#ifndef CONFIG_PREEMPT_RT_FULL + /* + * Queue an RCU callback for invocation after a quicker grace period. + */ +@@ -2742,6 +2845,7 @@ + __call_rcu(head, func, &rcu_bh_state, -1, 0); + } + EXPORT_SYMBOL_GPL(call_rcu_bh); ++#endif + + /* + * Queue an RCU callback for lazy invocation after a grace period. +@@ -2833,6 +2937,7 @@ + } + EXPORT_SYMBOL_GPL(synchronize_sched); + ++#ifndef CONFIG_PREEMPT_RT_FULL + /** + * synchronize_rcu_bh - wait until an rcu_bh grace period has elapsed. + * +@@ -2859,6 +2964,7 @@ + wait_rcu_gp(call_rcu_bh); + } + EXPORT_SYMBOL_GPL(synchronize_rcu_bh); ++#endif + + /** + * get_state_synchronize_rcu - Snapshot current RCU state +@@ -3341,6 +3447,7 @@ + mutex_unlock(&rsp->barrier_mutex); + } + ++#ifndef CONFIG_PREEMPT_RT_FULL + /** + * rcu_barrier_bh - Wait until all in-flight call_rcu_bh() callbacks complete. + */ +@@ -3349,6 +3456,7 @@ + _rcu_barrier(&rcu_bh_state); + } + EXPORT_SYMBOL_GPL(rcu_barrier_bh); ++#endif + + /** + * rcu_barrier_sched - Wait for in-flight call_rcu_sched() callbacks. +@@ -3658,7 +3766,7 @@ + } + + rsp->rda = rda; +- init_waitqueue_head(&rsp->gp_wq); ++ init_swait_head(&rsp->gp_wq); + rnp = rsp->level[rcu_num_lvls - 1]; + for_each_possible_cpu(i) { + while (i > rnp->grphi) +@@ -3755,7 +3863,6 @@ + rcu_init_one(&rcu_bh_state, &rcu_bh_data); + rcu_init_one(&rcu_sched_state, &rcu_sched_data); + __rcu_init_preempt(); +- open_softirq(RCU_SOFTIRQ, rcu_process_callbacks); + + /* + * We don't need protection against CPU-hotplug here because +diff -Nur linux-3.18.9.orig/kernel/rcu/tree.h linux-3.18.9/kernel/rcu/tree.h +--- linux-3.18.9.orig/kernel/rcu/tree.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/rcu/tree.h 2015-03-15 16:03:03.840094875 -0500 +@@ -28,6 +28,7 @@ + #include <linux/cpumask.h> + #include <linux/seqlock.h> + #include <linux/irq_work.h> ++#include <linux/wait-simple.h> + + /* + * Define shape of hierarchy based on NR_CPUS, CONFIG_RCU_FANOUT, and +@@ -208,7 +209,7 @@ + /* This can happen due to race conditions. */ + #endif /* #ifdef CONFIG_RCU_BOOST */ + #ifdef CONFIG_RCU_NOCB_CPU +- wait_queue_head_t nocb_gp_wq[2]; ++ struct swait_head nocb_gp_wq[2]; + /* Place for rcu_nocb_kthread() to wait GP. */ + #endif /* #ifdef CONFIG_RCU_NOCB_CPU */ + int need_future_gp[2]; +@@ -348,7 +349,7 @@ + atomic_long_t nocb_follower_count_lazy; /* (approximate). */ + int nocb_p_count; /* # CBs being invoked by kthread */ + int nocb_p_count_lazy; /* (approximate). */ +- wait_queue_head_t nocb_wq; /* For nocb kthreads to sleep on. */ ++ struct swait_head nocb_wq; /* For nocb kthreads to sleep on. */ + struct task_struct *nocb_kthread; + int nocb_defer_wakeup; /* Defer wakeup of nocb_kthread. */ + +@@ -439,7 +440,7 @@ + unsigned long gpnum; /* Current gp number. */ + unsigned long completed; /* # of last completed gp. */ + struct task_struct *gp_kthread; /* Task for grace periods. */ +- wait_queue_head_t gp_wq; /* Where GP task waits. */ ++ struct swait_head gp_wq; /* Where GP task waits. */ + short gp_flags; /* Commands for GP task. */ + short gp_state; /* GP kthread sleep state. */ + +@@ -570,10 +571,9 @@ + static void __init __rcu_init_preempt(void); + static void rcu_initiate_boost(struct rcu_node *rnp, unsigned long flags); + static void rcu_preempt_boost_start_gp(struct rcu_node *rnp); +-static void invoke_rcu_callbacks_kthread(void); + static bool rcu_is_callbacks_kthread(void); ++static void rcu_cpu_kthread_setup(unsigned int cpu); + #ifdef CONFIG_RCU_BOOST +-static void rcu_preempt_do_callbacks(void); + static int rcu_spawn_one_boost_kthread(struct rcu_state *rsp, + struct rcu_node *rnp); + #endif /* #ifdef CONFIG_RCU_BOOST */ +diff -Nur linux-3.18.9.orig/kernel/rcu/tree_plugin.h linux-3.18.9/kernel/rcu/tree_plugin.h +--- linux-3.18.9.orig/kernel/rcu/tree_plugin.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/rcu/tree_plugin.h 2015-03-15 16:03:03.844094875 -0500 +@@ -24,12 +24,6 @@ + * Paul E. McKenney <paulmck@linux.vnet.ibm.com> + */ + +-#include <linux/delay.h> +-#include <linux/gfp.h> +-#include <linux/oom.h> +-#include <linux/smpboot.h> +-#include "../time/tick-internal.h" +- + #define RCU_KTHREAD_PRIO 1 + + #ifdef CONFIG_RCU_BOOST +@@ -335,7 +329,7 @@ + } + + /* Hardware IRQ handlers cannot block, complain if they get here. */ +- if (WARN_ON_ONCE(in_irq() || in_serving_softirq())) { ++ if (WARN_ON_ONCE(preempt_count() & (HARDIRQ_MASK | SOFTIRQ_OFFSET))) { + local_irq_restore(flags); + return; + } +@@ -635,15 +629,6 @@ + t->rcu_read_unlock_special.b.need_qs = true; + } + +-#ifdef CONFIG_RCU_BOOST +- +-static void rcu_preempt_do_callbacks(void) +-{ +- rcu_do_batch(&rcu_preempt_state, this_cpu_ptr(&rcu_preempt_data)); +-} +- +-#endif /* #ifdef CONFIG_RCU_BOOST */ +- + /* + * Queue a preemptible-RCU callback for invocation after a grace period. + */ +@@ -1072,6 +1057,19 @@ + + #endif /* #else #ifdef CONFIG_TREE_PREEMPT_RCU */ + ++/* ++ * If boosting, set rcuc kthreads to realtime priority. ++ */ ++static void rcu_cpu_kthread_setup(unsigned int cpu) ++{ ++#ifdef CONFIG_RCU_BOOST ++ struct sched_param sp; ++ ++ sp.sched_priority = RCU_KTHREAD_PRIO; ++ sched_setscheduler_nocheck(current, SCHED_FIFO, &sp); ++#endif /* #ifdef CONFIG_RCU_BOOST */ ++} ++ + #ifdef CONFIG_RCU_BOOST + + #include "../locking/rtmutex_common.h" +@@ -1103,16 +1101,6 @@ + + #endif /* #else #ifdef CONFIG_RCU_TRACE */ + +-static void rcu_wake_cond(struct task_struct *t, int status) +-{ +- /* +- * If the thread is yielding, only wake it when this +- * is invoked from idle +- */ +- if (status != RCU_KTHREAD_YIELDING || is_idle_task(current)) +- wake_up_process(t); +-} +- + /* + * Carry out RCU priority boosting on the task indicated by ->exp_tasks + * or ->boost_tasks, advancing the pointer to the next task in the +@@ -1261,23 +1249,6 @@ + } + + /* +- * Wake up the per-CPU kthread to invoke RCU callbacks. +- */ +-static void invoke_rcu_callbacks_kthread(void) +-{ +- unsigned long flags; +- +- local_irq_save(flags); +- __this_cpu_write(rcu_cpu_has_work, 1); +- if (__this_cpu_read(rcu_cpu_kthread_task) != NULL && +- current != __this_cpu_read(rcu_cpu_kthread_task)) { +- rcu_wake_cond(__this_cpu_read(rcu_cpu_kthread_task), +- __this_cpu_read(rcu_cpu_kthread_status)); +- } +- local_irq_restore(flags); +-} +- +-/* + * Is the current CPU running the RCU-callbacks kthread? + * Caller must have preemption disabled. + */ +@@ -1332,67 +1303,6 @@ + return 0; + } + +-static void rcu_kthread_do_work(void) +-{ +- rcu_do_batch(&rcu_sched_state, this_cpu_ptr(&rcu_sched_data)); +- rcu_do_batch(&rcu_bh_state, this_cpu_ptr(&rcu_bh_data)); +- rcu_preempt_do_callbacks(); +-} +- +-static void rcu_cpu_kthread_setup(unsigned int cpu) +-{ +- struct sched_param sp; +- +- sp.sched_priority = RCU_KTHREAD_PRIO; +- sched_setscheduler_nocheck(current, SCHED_FIFO, &sp); +-} +- +-static void rcu_cpu_kthread_park(unsigned int cpu) +-{ +- per_cpu(rcu_cpu_kthread_status, cpu) = RCU_KTHREAD_OFFCPU; +-} +- +-static int rcu_cpu_kthread_should_run(unsigned int cpu) +-{ +- return __this_cpu_read(rcu_cpu_has_work); +-} +- +-/* +- * Per-CPU kernel thread that invokes RCU callbacks. This replaces the +- * RCU softirq used in flavors and configurations of RCU that do not +- * support RCU priority boosting. +- */ +-static void rcu_cpu_kthread(unsigned int cpu) +-{ +- unsigned int *statusp = this_cpu_ptr(&rcu_cpu_kthread_status); +- char work, *workp = this_cpu_ptr(&rcu_cpu_has_work); +- int spincnt; +- +- for (spincnt = 0; spincnt < 10; spincnt++) { +- trace_rcu_utilization(TPS("Start CPU kthread@rcu_wait")); +- local_bh_disable(); +- *statusp = RCU_KTHREAD_RUNNING; +- this_cpu_inc(rcu_cpu_kthread_loops); +- local_irq_disable(); +- work = *workp; +- *workp = 0; +- local_irq_enable(); +- if (work) +- rcu_kthread_do_work(); +- local_bh_enable(); +- if (*workp == 0) { +- trace_rcu_utilization(TPS("End CPU kthread@rcu_wait")); +- *statusp = RCU_KTHREAD_WAITING; +- return; +- } +- } +- *statusp = RCU_KTHREAD_YIELDING; +- trace_rcu_utilization(TPS("Start CPU kthread@rcu_yield")); +- schedule_timeout_interruptible(2); +- trace_rcu_utilization(TPS("End CPU kthread@rcu_yield")); +- *statusp = RCU_KTHREAD_WAITING; +-} +- + /* + * Set the per-rcu_node kthread's affinity to cover all CPUs that are + * served by the rcu_node in question. The CPU hotplug lock is still +@@ -1426,26 +1336,13 @@ + free_cpumask_var(cm); + } + +-static struct smp_hotplug_thread rcu_cpu_thread_spec = { +- .store = &rcu_cpu_kthread_task, +- .thread_should_run = rcu_cpu_kthread_should_run, +- .thread_fn = rcu_cpu_kthread, +- .thread_comm = "rcuc/%u", +- .setup = rcu_cpu_kthread_setup, +- .park = rcu_cpu_kthread_park, +-}; +- + /* + * Spawn boost kthreads -- called as soon as the scheduler is running. + */ + static void __init rcu_spawn_boost_kthreads(void) + { + struct rcu_node *rnp; +- int cpu; + +- for_each_possible_cpu(cpu) +- per_cpu(rcu_cpu_has_work, cpu) = 0; +- BUG_ON(smpboot_register_percpu_thread(&rcu_cpu_thread_spec)); + rnp = rcu_get_root(rcu_state_p); + (void)rcu_spawn_one_boost_kthread(rcu_state_p, rnp); + if (NUM_RCU_NODES > 1) { +@@ -1472,11 +1369,6 @@ + raw_spin_unlock_irqrestore(&rnp->lock, flags); + } + +-static void invoke_rcu_callbacks_kthread(void) +-{ +- WARN_ON_ONCE(1); +-} +- + static bool rcu_is_callbacks_kthread(void) + { + return false; +@@ -1500,7 +1392,7 @@ + + #endif /* #else #ifdef CONFIG_RCU_BOOST */ + +-#if !defined(CONFIG_RCU_FAST_NO_HZ) ++#if !defined(CONFIG_RCU_FAST_NO_HZ) || defined(CONFIG_PREEMPT_RT_FULL) + + /* + * Check to see if any future RCU-related work will need to be done +@@ -1518,7 +1410,9 @@ + return rcu_cpu_has_callbacks(cpu, NULL); + } + #endif /* #ifndef CONFIG_RCU_NOCB_CPU_ALL */ ++#endif /* !defined(CONFIG_RCU_FAST_NO_HZ) || defined(CONFIG_PREEMPT_RT_FULL) */ + ++#if !defined(CONFIG_RCU_FAST_NO_HZ) + /* + * Because we do not have RCU_FAST_NO_HZ, don't bother cleaning up + * after it. +@@ -1615,6 +1509,8 @@ + return cbs_ready; + } + ++#ifndef CONFIG_PREEMPT_RT_FULL ++ + /* + * Allow the CPU to enter dyntick-idle mode unless it has callbacks ready + * to invoke. If the CPU has callbacks, try to advance them. Tell the +@@ -1655,7 +1551,7 @@ + return 0; + } + #endif /* #ifndef CONFIG_RCU_NOCB_CPU_ALL */ +- ++#endif /* #ifndef CONFIG_PREEMPT_RT_FULL */ + /* + * Prepare a CPU for idle from an RCU perspective. The first major task + * is to sense whether nohz mode has been enabled or disabled via sysfs. +@@ -2001,7 +1897,7 @@ + */ + static void rcu_nocb_gp_cleanup(struct rcu_state *rsp, struct rcu_node *rnp) + { +- wake_up_all(&rnp->nocb_gp_wq[rnp->completed & 0x1]); ++ swait_wake_all(&rnp->nocb_gp_wq[rnp->completed & 0x1]); + } + + /* +@@ -2019,8 +1915,8 @@ + + static void rcu_init_one_nocb(struct rcu_node *rnp) + { +- init_waitqueue_head(&rnp->nocb_gp_wq[0]); +- init_waitqueue_head(&rnp->nocb_gp_wq[1]); ++ init_swait_head(&rnp->nocb_gp_wq[0]); ++ init_swait_head(&rnp->nocb_gp_wq[1]); + } + + #ifndef CONFIG_RCU_NOCB_CPU_ALL +@@ -2045,7 +1941,7 @@ + if (ACCESS_ONCE(rdp_leader->nocb_leader_sleep) || force) { + /* Prior smp_mb__after_atomic() orders against prior enqueue. */ + ACCESS_ONCE(rdp_leader->nocb_leader_sleep) = false; +- wake_up(&rdp_leader->nocb_wq); ++ swait_wake(&rdp_leader->nocb_wq); + } + } + +@@ -2238,7 +2134,7 @@ + */ + trace_rcu_future_gp(rnp, rdp, c, TPS("StartWait")); + for (;;) { +- wait_event_interruptible( ++ swait_event_interruptible( + rnp->nocb_gp_wq[c & 0x1], + (d = ULONG_CMP_GE(ACCESS_ONCE(rnp->completed), c))); + if (likely(d)) +@@ -2266,7 +2162,7 @@ + /* Wait for callbacks to appear. */ + if (!rcu_nocb_poll) { + trace_rcu_nocb_wake(my_rdp->rsp->name, my_rdp->cpu, "Sleep"); +- wait_event_interruptible(my_rdp->nocb_wq, ++ swait_event_interruptible(my_rdp->nocb_wq, + !ACCESS_ONCE(my_rdp->nocb_leader_sleep)); + /* Memory barrier handled by smp_mb() calls below and repoll. */ + } else if (firsttime) { +@@ -2347,7 +2243,7 @@ + * List was empty, wake up the follower. + * Memory barriers supplied by atomic_long_add(). + */ +- wake_up(&rdp->nocb_wq); ++ swait_wake(&rdp->nocb_wq); + } + } + +@@ -2368,7 +2264,7 @@ + if (!rcu_nocb_poll) { + trace_rcu_nocb_wake(rdp->rsp->name, rdp->cpu, + "FollowerSleep"); +- wait_event_interruptible(rdp->nocb_wq, ++ swait_event_interruptible(rdp->nocb_wq, + ACCESS_ONCE(rdp->nocb_follower_head)); + } else if (firsttime) { + /* Don't drown trace log with "Poll"! */ +@@ -2539,7 +2435,7 @@ + static void __init rcu_boot_init_nocb_percpu_data(struct rcu_data *rdp) + { + rdp->nocb_tail = &rdp->nocb_head; +- init_waitqueue_head(&rdp->nocb_wq); ++ init_swait_head(&rdp->nocb_wq); + rdp->nocb_follower_tail = &rdp->nocb_follower_head; + } + +diff -Nur linux-3.18.9.orig/kernel/rcu/update.c linux-3.18.9/kernel/rcu/update.c +--- linux-3.18.9.orig/kernel/rcu/update.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/rcu/update.c 2015-03-15 16:03:03.844094875 -0500 +@@ -170,6 +170,7 @@ + } + EXPORT_SYMBOL_GPL(rcu_read_lock_held); + ++#ifndef CONFIG_PREEMPT_RT_FULL + /** + * rcu_read_lock_bh_held() - might we be in RCU-bh read-side critical section? + * +@@ -196,6 +197,7 @@ + return in_softirq() || irqs_disabled(); + } + EXPORT_SYMBOL_GPL(rcu_read_lock_bh_held); ++#endif + + #endif /* #ifdef CONFIG_DEBUG_LOCK_ALLOC */ + +diff -Nur linux-3.18.9.orig/kernel/relay.c linux-3.18.9/kernel/relay.c +--- linux-3.18.9.orig/kernel/relay.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/relay.c 2015-03-15 16:03:03.844094875 -0500 +@@ -339,6 +339,10 @@ + { + struct rchan_buf *buf = (struct rchan_buf *)data; + wake_up_interruptible(&buf->read_wait); ++ /* ++ * Stupid polling for now: ++ */ ++ mod_timer(&buf->timer, jiffies + 1); + } + + /** +@@ -356,6 +360,7 @@ + init_waitqueue_head(&buf->read_wait); + kref_init(&buf->kref); + setup_timer(&buf->timer, wakeup_readers, (unsigned long)buf); ++ mod_timer(&buf->timer, jiffies + 1); + } else + del_timer_sync(&buf->timer); + +@@ -739,15 +744,6 @@ + else + buf->early_bytes += buf->chan->subbuf_size - + buf->padding[old_subbuf]; +- smp_mb(); +- if (waitqueue_active(&buf->read_wait)) +- /* +- * Calling wake_up_interruptible() from here +- * will deadlock if we happen to be logging +- * from the scheduler (trying to re-grab +- * rq->lock), so defer it. +- */ +- mod_timer(&buf->timer, jiffies + 1); + } + + old = buf->data; +diff -Nur linux-3.18.9.orig/kernel/res_counter.c linux-3.18.9/kernel/res_counter.c +--- linux-3.18.9.orig/kernel/res_counter.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/res_counter.c 2015-03-15 16:03:03.844094875 -0500 +@@ -59,7 +59,7 @@ + + r = ret = 0; + *limit_fail_at = NULL; +- local_irq_save(flags); ++ local_irq_save_nort(flags); + for (c = counter; c != NULL; c = c->parent) { + spin_lock(&c->lock); + r = res_counter_charge_locked(c, val, force); +@@ -79,7 +79,7 @@ + spin_unlock(&u->lock); + } + } +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + + return ret; + } +@@ -104,7 +104,7 @@ + struct res_counter *c; + u64 ret = 0; + +- local_irq_save(flags); ++ local_irq_save_nort(flags); + for (c = counter; c != top; c = c->parent) { + u64 r; + spin_lock(&c->lock); +@@ -113,7 +113,7 @@ + ret = r; + spin_unlock(&c->lock); + } +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + return ret; + } + +diff -Nur linux-3.18.9.orig/kernel/sched/completion.c linux-3.18.9/kernel/sched/completion.c +--- linux-3.18.9.orig/kernel/sched/completion.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/sched/completion.c 2015-03-15 16:03:03.844094875 -0500 +@@ -30,10 +30,10 @@ + { + unsigned long flags; + +- spin_lock_irqsave(&x->wait.lock, flags); ++ raw_spin_lock_irqsave(&x->wait.lock, flags); + x->done++; +- __wake_up_locked(&x->wait, TASK_NORMAL, 1); +- spin_unlock_irqrestore(&x->wait.lock, flags); ++ __swait_wake_locked(&x->wait, TASK_NORMAL, 1); ++ raw_spin_unlock_irqrestore(&x->wait.lock, flags); + } + EXPORT_SYMBOL(complete); + +@@ -50,10 +50,10 @@ + { + unsigned long flags; + +- spin_lock_irqsave(&x->wait.lock, flags); ++ raw_spin_lock_irqsave(&x->wait.lock, flags); + x->done += UINT_MAX/2; +- __wake_up_locked(&x->wait, TASK_NORMAL, 0); +- spin_unlock_irqrestore(&x->wait.lock, flags); ++ __swait_wake_locked(&x->wait, TASK_NORMAL, 0); ++ raw_spin_unlock_irqrestore(&x->wait.lock, flags); + } + EXPORT_SYMBOL(complete_all); + +@@ -62,20 +62,20 @@ + long (*action)(long), long timeout, int state) + { + if (!x->done) { +- DECLARE_WAITQUEUE(wait, current); ++ DEFINE_SWAITER(wait); + +- __add_wait_queue_tail_exclusive(&x->wait, &wait); ++ swait_prepare_locked(&x->wait, &wait); + do { + if (signal_pending_state(state, current)) { + timeout = -ERESTARTSYS; + break; + } + __set_current_state(state); +- spin_unlock_irq(&x->wait.lock); ++ raw_spin_unlock_irq(&x->wait.lock); + timeout = action(timeout); +- spin_lock_irq(&x->wait.lock); ++ raw_spin_lock_irq(&x->wait.lock); + } while (!x->done && timeout); +- __remove_wait_queue(&x->wait, &wait); ++ swait_finish_locked(&x->wait, &wait); + if (!x->done) + return timeout; + } +@@ -89,9 +89,9 @@ + { + might_sleep(); + +- spin_lock_irq(&x->wait.lock); ++ raw_spin_lock_irq(&x->wait.lock); + timeout = do_wait_for_common(x, action, timeout, state); +- spin_unlock_irq(&x->wait.lock); ++ raw_spin_unlock_irq(&x->wait.lock); + return timeout; + } + +@@ -267,12 +267,12 @@ + unsigned long flags; + int ret = 1; + +- spin_lock_irqsave(&x->wait.lock, flags); ++ raw_spin_lock_irqsave(&x->wait.lock, flags); + if (!x->done) + ret = 0; + else + x->done--; +- spin_unlock_irqrestore(&x->wait.lock, flags); ++ raw_spin_unlock_irqrestore(&x->wait.lock, flags); + return ret; + } + EXPORT_SYMBOL(try_wait_for_completion); +@@ -290,10 +290,10 @@ + unsigned long flags; + int ret = 1; + +- spin_lock_irqsave(&x->wait.lock, flags); ++ raw_spin_lock_irqsave(&x->wait.lock, flags); + if (!x->done) + ret = 0; +- spin_unlock_irqrestore(&x->wait.lock, flags); ++ raw_spin_unlock_irqrestore(&x->wait.lock, flags); + return ret; + } + EXPORT_SYMBOL(completion_done); +diff -Nur linux-3.18.9.orig/kernel/sched/core.c linux-3.18.9/kernel/sched/core.c +--- linux-3.18.9.orig/kernel/sched/core.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/sched/core.c 2015-03-15 16:03:03.844094875 -0500 +@@ -280,7 +280,11 @@ + * Number of tasks to iterate in a single balance run. + * Limited because this is done with IRQs disabled. + */ ++#ifndef CONFIG_PREEMPT_RT_FULL + const_debug unsigned int sysctl_sched_nr_migrate = 32; ++#else ++const_debug unsigned int sysctl_sched_nr_migrate = 8; ++#endif + + /* + * period over which we average the RT time consumption, measured +@@ -511,6 +515,7 @@ + + hrtimer_init(&rq->hrtick_timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + rq->hrtick_timer.function = hrtick; ++ rq->hrtick_timer.irqsafe = 1; + } + #else /* CONFIG_SCHED_HRTICK */ + static inline void hrtick_clear(struct rq *rq) +@@ -622,6 +627,38 @@ + trace_sched_wake_idle_without_ipi(cpu); + } + ++#ifdef CONFIG_PREEMPT_LAZY ++void resched_curr_lazy(struct rq *rq) ++{ ++ struct task_struct *curr = rq->curr; ++ int cpu; ++ ++ if (!sched_feat(PREEMPT_LAZY)) { ++ resched_curr(rq); ++ return; ++ } ++ ++ lockdep_assert_held(&rq->lock); ++ ++ if (test_tsk_need_resched(curr)) ++ return; ++ ++ if (test_tsk_need_resched_lazy(curr)) ++ return; ++ ++ set_tsk_need_resched_lazy(curr); ++ ++ cpu = cpu_of(rq); ++ if (cpu == smp_processor_id()) ++ return; ++ ++ /* NEED_RESCHED_LAZY must be visible before we test polling */ ++ smp_mb(); ++ if (!tsk_is_polling(curr)) ++ smp_send_reschedule(cpu); ++} ++#endif ++ + void resched_cpu(int cpu) + { + struct rq *rq = cpu_rq(cpu); +@@ -645,12 +682,14 @@ + */ + int get_nohz_timer_target(int pinned) + { +- int cpu = smp_processor_id(); ++ int cpu; + int i; + struct sched_domain *sd; + ++ preempt_disable_rt(); ++ cpu = smp_processor_id(); + if (pinned || !get_sysctl_timer_migration() || !idle_cpu(cpu)) +- return cpu; ++ goto preempt_en_rt; + + rcu_read_lock(); + for_each_domain(cpu, sd) { +@@ -663,6 +702,8 @@ + } + unlock: + rcu_read_unlock(); ++preempt_en_rt: ++ preempt_enable_rt(); + return cpu; + } + /* +@@ -1193,6 +1234,18 @@ + + static int migration_cpu_stop(void *data); + ++static bool check_task_state(struct task_struct *p, long match_state) ++{ ++ bool match = false; ++ ++ raw_spin_lock_irq(&p->pi_lock); ++ if (p->state == match_state || p->saved_state == match_state) ++ match = true; ++ raw_spin_unlock_irq(&p->pi_lock); ++ ++ return match; ++} ++ + /* + * wait_task_inactive - wait for a thread to unschedule. + * +@@ -1237,7 +1290,7 @@ + * is actually now running somewhere else! + */ + while (task_running(rq, p)) { +- if (match_state && unlikely(p->state != match_state)) ++ if (match_state && !check_task_state(p, match_state)) + return 0; + cpu_relax(); + } +@@ -1252,7 +1305,8 @@ + running = task_running(rq, p); + queued = task_on_rq_queued(p); + ncsw = 0; +- if (!match_state || p->state == match_state) ++ if (!match_state || p->state == match_state || ++ p->saved_state == match_state) + ncsw = p->nvcsw | LONG_MIN; /* sets MSB */ + task_rq_unlock(rq, p, &flags); + +@@ -1477,10 +1531,6 @@ + { + activate_task(rq, p, en_flags); + p->on_rq = TASK_ON_RQ_QUEUED; +- +- /* if a worker is waking up, notify workqueue */ +- if (p->flags & PF_WQ_WORKER) +- wq_worker_waking_up(p, cpu_of(rq)); + } + + /* +@@ -1694,8 +1744,27 @@ + */ + smp_mb__before_spinlock(); + raw_spin_lock_irqsave(&p->pi_lock, flags); +- if (!(p->state & state)) ++ if (!(p->state & state)) { ++ /* ++ * The task might be running due to a spinlock sleeper ++ * wakeup. Check the saved state and set it to running ++ * if the wakeup condition is true. ++ */ ++ if (!(wake_flags & WF_LOCK_SLEEPER)) { ++ if (p->saved_state & state) { ++ p->saved_state = TASK_RUNNING; ++ success = 1; ++ } ++ } + goto out; ++ } ++ ++ /* ++ * If this is a regular wakeup, then we can unconditionally ++ * clear the saved state of a "lock sleeper". ++ */ ++ if (!(wake_flags & WF_LOCK_SLEEPER)) ++ p->saved_state = TASK_RUNNING; + + success = 1; /* we're going to change ->state */ + cpu = task_cpu(p); +@@ -1738,42 +1807,6 @@ + } + + /** +- * try_to_wake_up_local - try to wake up a local task with rq lock held +- * @p: the thread to be awakened +- * +- * Put @p on the run-queue if it's not already there. The caller must +- * ensure that this_rq() is locked, @p is bound to this_rq() and not +- * the current task. +- */ +-static void try_to_wake_up_local(struct task_struct *p) +-{ +- struct rq *rq = task_rq(p); +- +- if (WARN_ON_ONCE(rq != this_rq()) || +- WARN_ON_ONCE(p == current)) +- return; +- +- lockdep_assert_held(&rq->lock); +- +- if (!raw_spin_trylock(&p->pi_lock)) { +- raw_spin_unlock(&rq->lock); +- raw_spin_lock(&p->pi_lock); +- raw_spin_lock(&rq->lock); +- } +- +- if (!(p->state & TASK_NORMAL)) +- goto out; +- +- if (!task_on_rq_queued(p)) +- ttwu_activate(rq, p, ENQUEUE_WAKEUP); +- +- ttwu_do_wakeup(rq, p, 0); +- ttwu_stat(p, smp_processor_id(), 0); +-out: +- raw_spin_unlock(&p->pi_lock); +-} +- +-/** + * wake_up_process - Wake up a specific process + * @p: The process to be woken up. + * +@@ -1787,11 +1820,23 @@ + */ + int wake_up_process(struct task_struct *p) + { +- WARN_ON(task_is_stopped_or_traced(p)); ++ WARN_ON(__task_is_stopped_or_traced(p)); + return try_to_wake_up(p, TASK_NORMAL, 0); + } + EXPORT_SYMBOL(wake_up_process); + ++/** ++ * wake_up_lock_sleeper - Wake up a specific process blocked on a "sleeping lock" ++ * @p: The process to be woken up. ++ * ++ * Same as wake_up_process() above, but wake_flags=WF_LOCK_SLEEPER to indicate ++ * the nature of the wakeup. ++ */ ++int wake_up_lock_sleeper(struct task_struct *p) ++{ ++ return try_to_wake_up(p, TASK_ALL, WF_LOCK_SLEEPER); ++} ++ + int wake_up_state(struct task_struct *p, unsigned int state) + { + return try_to_wake_up(p, state, 0); +@@ -1982,6 +2027,9 @@ + p->on_cpu = 0; + #endif + init_task_preempt_count(p); ++#ifdef CONFIG_HAVE_PREEMPT_LAZY ++ task_thread_info(p)->preempt_lazy_count = 0; ++#endif + #ifdef CONFIG_SMP + plist_node_init(&p->pushable_tasks, MAX_PRIO); + RB_CLEAR_NODE(&p->pushable_dl_tasks); +@@ -2265,8 +2313,12 @@ + finish_arch_post_lock_switch(); + + fire_sched_in_preempt_notifiers(current); ++ /* ++ * We use mmdrop_delayed() here so we don't have to do the ++ * full __mmdrop() when we are the last user. ++ */ + if (mm) +- mmdrop(mm); ++ mmdrop_delayed(mm); + if (unlikely(prev_state == TASK_DEAD)) { + if (prev->sched_class->task_dead) + prev->sched_class->task_dead(prev); +@@ -2691,6 +2743,133 @@ + schedstat_inc(this_rq(), sched_count); + } + ++#if defined(CONFIG_PREEMPT_RT_FULL) && defined(CONFIG_SMP) ++#define MIGRATE_DISABLE_SET_AFFIN (1<<30) /* Can't make a negative */ ++#define migrate_disabled_updated(p) ((p)->migrate_disable & MIGRATE_DISABLE_SET_AFFIN) ++#define migrate_disable_count(p) ((p)->migrate_disable & ~MIGRATE_DISABLE_SET_AFFIN) ++ ++static inline void update_migrate_disable(struct task_struct *p) ++{ ++ const struct cpumask *mask; ++ ++ if (likely(!p->migrate_disable)) ++ return; ++ ++ /* Did we already update affinity? */ ++ if (unlikely(migrate_disabled_updated(p))) ++ return; ++ ++ /* ++ * Since this is always current we can get away with only locking ++ * rq->lock, the ->cpus_allowed value can normally only be changed ++ * while holding both p->pi_lock and rq->lock, but seeing that this ++ * is current, we cannot actually be waking up, so all code that ++ * relies on serialization against p->pi_lock is out of scope. ++ * ++ * Having rq->lock serializes us against things like ++ * set_cpus_allowed_ptr() that can still happen concurrently. ++ */ ++ mask = tsk_cpus_allowed(p); ++ ++ if (p->sched_class->set_cpus_allowed) ++ p->sched_class->set_cpus_allowed(p, mask); ++ /* mask==cpumask_of(task_cpu(p)) which has a cpumask_weight==1 */ ++ p->nr_cpus_allowed = 1; ++ ++ /* Let migrate_enable know to fix things back up */ ++ p->migrate_disable |= MIGRATE_DISABLE_SET_AFFIN; ++} ++ ++void migrate_disable(void) ++{ ++ struct task_struct *p = current; ++ ++ if (in_atomic()) { ++#ifdef CONFIG_SCHED_DEBUG ++ p->migrate_disable_atomic++; ++#endif ++ return; ++ } ++ ++#ifdef CONFIG_SCHED_DEBUG ++ if (unlikely(p->migrate_disable_atomic)) { ++ tracing_off(); ++ WARN_ON_ONCE(1); ++ } ++#endif ++ ++ if (p->migrate_disable) { ++ p->migrate_disable++; ++ return; ++ } ++ ++ preempt_disable(); ++ preempt_lazy_disable(); ++ pin_current_cpu(); ++ p->migrate_disable = 1; ++ preempt_enable(); ++} ++EXPORT_SYMBOL(migrate_disable); ++ ++void migrate_enable(void) ++{ ++ struct task_struct *p = current; ++ const struct cpumask *mask; ++ unsigned long flags; ++ struct rq *rq; ++ ++ if (in_atomic()) { ++#ifdef CONFIG_SCHED_DEBUG ++ p->migrate_disable_atomic--; ++#endif ++ return; ++ } ++ ++#ifdef CONFIG_SCHED_DEBUG ++ if (unlikely(p->migrate_disable_atomic)) { ++ tracing_off(); ++ WARN_ON_ONCE(1); ++ } ++#endif ++ WARN_ON_ONCE(p->migrate_disable <= 0); ++ ++ if (migrate_disable_count(p) > 1) { ++ p->migrate_disable--; ++ return; ++ } ++ ++ preempt_disable(); ++ if (unlikely(migrate_disabled_updated(p))) { ++ /* ++ * Undo whatever update_migrate_disable() did, also see there ++ * about locking. ++ */ ++ rq = this_rq(); ++ raw_spin_lock_irqsave(&rq->lock, flags); ++ ++ /* ++ * Clearing migrate_disable causes tsk_cpus_allowed to ++ * show the tasks original cpu affinity. ++ */ ++ p->migrate_disable = 0; ++ mask = tsk_cpus_allowed(p); ++ if (p->sched_class->set_cpus_allowed) ++ p->sched_class->set_cpus_allowed(p, mask); ++ p->nr_cpus_allowed = cpumask_weight(mask); ++ raw_spin_unlock_irqrestore(&rq->lock, flags); ++ } else ++ p->migrate_disable = 0; ++ ++ unpin_current_cpu(); ++ preempt_enable(); ++ preempt_lazy_enable(); ++} ++EXPORT_SYMBOL(migrate_enable); ++#else ++static inline void update_migrate_disable(struct task_struct *p) { } ++#define migrate_disabled_updated(p) 0 ++#endif ++ + /* + * Pick up the highest-prio task: + */ +@@ -2794,6 +2973,8 @@ + smp_mb__before_spinlock(); + raw_spin_lock_irq(&rq->lock); + ++ update_migrate_disable(prev); ++ + switch_count = &prev->nivcsw; + if (prev->state && !(preempt_count() & PREEMPT_ACTIVE)) { + if (unlikely(signal_pending_state(prev->state, prev))) { +@@ -2801,19 +2982,6 @@ + } else { + deactivate_task(rq, prev, DEQUEUE_SLEEP); + prev->on_rq = 0; +- +- /* +- * If a worker went to sleep, notify and ask workqueue +- * whether it wants to wake up a task to maintain +- * concurrency. +- */ +- if (prev->flags & PF_WQ_WORKER) { +- struct task_struct *to_wakeup; +- +- to_wakeup = wq_worker_sleeping(prev, cpu); +- if (to_wakeup) +- try_to_wake_up_local(to_wakeup); +- } + } + switch_count = &prev->nvcsw; + } +@@ -2823,6 +2991,7 @@ + + next = pick_next_task(rq, prev); + clear_tsk_need_resched(prev); ++ clear_tsk_need_resched_lazy(prev); + clear_preempt_need_resched(); + rq->skip_clock_update = 0; + +@@ -2852,9 +3021,20 @@ + + static inline void sched_submit_work(struct task_struct *tsk) + { +- if (!tsk->state || tsk_is_pi_blocked(tsk)) ++ if (!tsk->state) + return; + /* ++ * If a worker went to sleep, notify and ask workqueue whether ++ * it wants to wake up a task to maintain concurrency. ++ */ ++ if (tsk->flags & PF_WQ_WORKER) ++ wq_worker_sleeping(tsk); ++ ++ ++ if (tsk_is_pi_blocked(tsk)) ++ return; ++ ++ /* + * If we are going to sleep and we have plugged IO queued, + * make sure to submit it to avoid deadlocks. + */ +@@ -2862,12 +3042,19 @@ + blk_schedule_flush_plug(tsk); + } + ++static inline void sched_update_worker(struct task_struct *tsk) ++{ ++ if (tsk->flags & PF_WQ_WORKER) ++ wq_worker_running(tsk); ++} ++ + asmlinkage __visible void __sched schedule(void) + { + struct task_struct *tsk = current; + + sched_submit_work(tsk); + __schedule(); ++ sched_update_worker(tsk); + } + EXPORT_SYMBOL(schedule); + +@@ -2917,9 +3104,26 @@ + if (likely(!preemptible())) + return; + ++#ifdef CONFIG_PREEMPT_LAZY ++ /* ++ * Check for lazy preemption ++ */ ++ if (current_thread_info()->preempt_lazy_count && ++ !test_thread_flag(TIF_NEED_RESCHED)) ++ return; ++#endif + do { + __preempt_count_add(PREEMPT_ACTIVE); ++ /* ++ * The add/subtract must not be traced by the function ++ * tracer. But we still want to account for the ++ * preempt off latency tracer. Since the _notrace versions ++ * of add/subtract skip the accounting for latency tracer ++ * we must force it manually. ++ */ ++ start_critical_timings(); + __schedule(); ++ stop_critical_timings(); + __preempt_count_sub(PREEMPT_ACTIVE); + + /* +@@ -4229,9 +4433,16 @@ + + static void __cond_resched(void) + { +- __preempt_count_add(PREEMPT_ACTIVE); +- __schedule(); +- __preempt_count_sub(PREEMPT_ACTIVE); ++ do { ++ __preempt_count_add(PREEMPT_ACTIVE); ++ __schedule(); ++ __preempt_count_sub(PREEMPT_ACTIVE); ++ /* ++ * Check again in case we missed a preemption ++ * opportunity between schedule and now. ++ */ ++ barrier(); ++ } while (need_resched()); + } + + int __sched _cond_resched(void) +@@ -4272,6 +4483,7 @@ + } + EXPORT_SYMBOL(__cond_resched_lock); + ++#ifndef CONFIG_PREEMPT_RT_FULL + int __sched __cond_resched_softirq(void) + { + BUG_ON(!in_softirq()); +@@ -4285,6 +4497,7 @@ + return 0; + } + EXPORT_SYMBOL(__cond_resched_softirq); ++#endif + + /** + * yield - yield the current processor to other threads. +@@ -4646,7 +4859,9 @@ + + /* Set the preempt count _outside_ the spinlocks! */ + init_idle_preempt_count(idle, cpu); +- ++#ifdef CONFIG_HAVE_PREEMPT_LAZY ++ task_thread_info(idle)->preempt_lazy_count = 0; ++#endif + /* + * The idle tasks have their own, simple scheduling class: + */ +@@ -4688,11 +4903,91 @@ + + void do_set_cpus_allowed(struct task_struct *p, const struct cpumask *new_mask) + { +- if (p->sched_class && p->sched_class->set_cpus_allowed) +- p->sched_class->set_cpus_allowed(p, new_mask); ++ if (!migrate_disabled_updated(p)) { ++ if (p->sched_class && p->sched_class->set_cpus_allowed) ++ p->sched_class->set_cpus_allowed(p, new_mask); ++ p->nr_cpus_allowed = cpumask_weight(new_mask); ++ } + + cpumask_copy(&p->cpus_allowed, new_mask); +- p->nr_cpus_allowed = cpumask_weight(new_mask); ++} ++ ++static DEFINE_PER_CPU(struct cpumask, sched_cpumasks); ++static DEFINE_MUTEX(sched_down_mutex); ++static cpumask_t sched_down_cpumask; ++ ++void tell_sched_cpu_down_begin(int cpu) ++{ ++ mutex_lock(&sched_down_mutex); ++ cpumask_set_cpu(cpu, &sched_down_cpumask); ++ mutex_unlock(&sched_down_mutex); ++} ++ ++void tell_sched_cpu_down_done(int cpu) ++{ ++ mutex_lock(&sched_down_mutex); ++ cpumask_clear_cpu(cpu, &sched_down_cpumask); ++ mutex_unlock(&sched_down_mutex); ++} ++ ++/** ++ * migrate_me - try to move the current task off this cpu ++ * ++ * Used by the pin_current_cpu() code to try to get tasks ++ * to move off the current CPU as it is going down. ++ * It will only move the task if the task isn't pinned to ++ * the CPU (with migrate_disable, affinity or NO_SETAFFINITY) ++ * and the task has to be in a RUNNING state. Otherwise the ++ * movement of the task will wake it up (change its state ++ * to running) when the task did not expect it. ++ * ++ * Returns 1 if it succeeded in moving the current task ++ * 0 otherwise. ++ */ ++int migrate_me(void) ++{ ++ struct task_struct *p = current; ++ struct migration_arg arg; ++ struct cpumask *cpumask; ++ struct cpumask *mask; ++ unsigned long flags; ++ unsigned int dest_cpu; ++ struct rq *rq; ++ ++ /* ++ * We can not migrate tasks bounded to a CPU or tasks not ++ * running. The movement of the task will wake it up. ++ */ ++ if (p->flags & PF_NO_SETAFFINITY || p->state) ++ return 0; ++ ++ mutex_lock(&sched_down_mutex); ++ rq = task_rq_lock(p, &flags); ++ ++ cpumask = &__get_cpu_var(sched_cpumasks); ++ mask = &p->cpus_allowed; ++ ++ cpumask_andnot(cpumask, mask, &sched_down_cpumask); ++ ++ if (!cpumask_weight(cpumask)) { ++ /* It's only on this CPU? */ ++ task_rq_unlock(rq, p, &flags); ++ mutex_unlock(&sched_down_mutex); ++ return 0; ++ } ++ ++ dest_cpu = cpumask_any_and(cpu_active_mask, cpumask); ++ ++ arg.task = p; ++ arg.dest_cpu = dest_cpu; ++ ++ task_rq_unlock(rq, p, &flags); ++ ++ stop_one_cpu(cpu_of(rq), migration_cpu_stop, &arg); ++ tlb_migrate_finish(p->mm); ++ mutex_unlock(&sched_down_mutex); ++ ++ return 1; + } + + /* +@@ -4738,7 +5033,7 @@ + do_set_cpus_allowed(p, new_mask); + + /* Can the task run on the task's current CPU? If so, we're done */ +- if (cpumask_test_cpu(task_cpu(p), new_mask)) ++ if (cpumask_test_cpu(task_cpu(p), new_mask) || __migrate_disabled(p)) + goto out; + + dest_cpu = cpumask_any_and(cpu_active_mask, new_mask); +@@ -4878,6 +5173,8 @@ + + #ifdef CONFIG_HOTPLUG_CPU + ++static DEFINE_PER_CPU(struct mm_struct *, idle_last_mm); ++ + /* + * Ensures that the idle task is using init_mm right before its cpu goes + * offline. +@@ -4892,7 +5189,11 @@ + switch_mm(mm, &init_mm, current); + finish_arch_post_lock_switch(); + } +- mmdrop(mm); ++ /* ++ * Defer the cleanup to an alive cpu. On RT we can neither ++ * call mmdrop() nor mmdrop_delayed() from here. ++ */ ++ per_cpu(idle_last_mm, smp_processor_id()) = mm; + } + + /* +@@ -5235,6 +5536,10 @@ + + case CPU_DEAD: + calc_load_migrate(rq); ++ if (per_cpu(idle_last_mm, cpu)) { ++ mmdrop(per_cpu(idle_last_mm, cpu)); ++ per_cpu(idle_last_mm, cpu) = NULL; ++ } + break; + #endif + } +@@ -7176,7 +7481,8 @@ + #ifdef CONFIG_DEBUG_ATOMIC_SLEEP + static inline int preempt_count_equals(int preempt_offset) + { +- int nested = (preempt_count() & ~PREEMPT_ACTIVE) + rcu_preempt_depth(); ++ int nested = (preempt_count() & ~PREEMPT_ACTIVE) + ++ sched_rcu_preempt_depth(); + + return (nested == preempt_offset); + } +diff -Nur linux-3.18.9.orig/kernel/sched/cputime.c linux-3.18.9/kernel/sched/cputime.c +--- linux-3.18.9.orig/kernel/sched/cputime.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/sched/cputime.c 2015-03-15 16:03:03.848094875 -0500 +@@ -675,37 +675,45 @@ + + void vtime_account_system(struct task_struct *tsk) + { +- write_seqlock(&tsk->vtime_seqlock); ++ raw_spin_lock(&tsk->vtime_lock); ++ write_seqcount_begin(&tsk->vtime_seq); + __vtime_account_system(tsk); +- write_sequnlock(&tsk->vtime_seqlock); ++ write_seqcount_end(&tsk->vtime_seq); ++ raw_spin_unlock(&tsk->vtime_lock); + } + + void vtime_gen_account_irq_exit(struct task_struct *tsk) + { +- write_seqlock(&tsk->vtime_seqlock); ++ raw_spin_lock(&tsk->vtime_lock); ++ write_seqcount_begin(&tsk->vtime_seq); + __vtime_account_system(tsk); + if (context_tracking_in_user()) + tsk->vtime_snap_whence = VTIME_USER; +- write_sequnlock(&tsk->vtime_seqlock); ++ write_seqcount_end(&tsk->vtime_seq); ++ raw_spin_unlock(&tsk->vtime_lock); + } + + void vtime_account_user(struct task_struct *tsk) + { + cputime_t delta_cpu; + +- write_seqlock(&tsk->vtime_seqlock); ++ raw_spin_lock(&tsk->vtime_lock); ++ write_seqcount_begin(&tsk->vtime_seq); + delta_cpu = get_vtime_delta(tsk); + tsk->vtime_snap_whence = VTIME_SYS; + account_user_time(tsk, delta_cpu, cputime_to_scaled(delta_cpu)); +- write_sequnlock(&tsk->vtime_seqlock); ++ write_seqcount_end(&tsk->vtime_seq); ++ raw_spin_unlock(&tsk->vtime_lock); + } + + void vtime_user_enter(struct task_struct *tsk) + { +- write_seqlock(&tsk->vtime_seqlock); ++ raw_spin_lock(&tsk->vtime_lock); ++ write_seqcount_begin(&tsk->vtime_seq); + __vtime_account_system(tsk); + tsk->vtime_snap_whence = VTIME_USER; +- write_sequnlock(&tsk->vtime_seqlock); ++ write_seqcount_end(&tsk->vtime_seq); ++ raw_spin_unlock(&tsk->vtime_lock); + } + + void vtime_guest_enter(struct task_struct *tsk) +@@ -717,19 +725,23 @@ + * synchronization against the reader (task_gtime()) + * that can thus safely catch up with a tickless delta. + */ +- write_seqlock(&tsk->vtime_seqlock); ++ raw_spin_lock(&tsk->vtime_lock); ++ write_seqcount_begin(&tsk->vtime_seq); + __vtime_account_system(tsk); + current->flags |= PF_VCPU; +- write_sequnlock(&tsk->vtime_seqlock); ++ write_seqcount_end(&tsk->vtime_seq); ++ raw_spin_unlock(&tsk->vtime_lock); + } + EXPORT_SYMBOL_GPL(vtime_guest_enter); + + void vtime_guest_exit(struct task_struct *tsk) + { +- write_seqlock(&tsk->vtime_seqlock); ++ raw_spin_lock(&tsk->vtime_lock); ++ write_seqcount_begin(&tsk->vtime_seq); + __vtime_account_system(tsk); + current->flags &= ~PF_VCPU; +- write_sequnlock(&tsk->vtime_seqlock); ++ write_seqcount_end(&tsk->vtime_seq); ++ raw_spin_unlock(&tsk->vtime_lock); + } + EXPORT_SYMBOL_GPL(vtime_guest_exit); + +@@ -742,24 +754,30 @@ + + void arch_vtime_task_switch(struct task_struct *prev) + { +- write_seqlock(&prev->vtime_seqlock); ++ raw_spin_lock(&prev->vtime_lock); ++ write_seqcount_begin(&prev->vtime_seq); + prev->vtime_snap_whence = VTIME_SLEEPING; +- write_sequnlock(&prev->vtime_seqlock); ++ write_seqcount_end(&prev->vtime_seq); ++ raw_spin_unlock(&prev->vtime_lock); + +- write_seqlock(¤t->vtime_seqlock); ++ raw_spin_lock(¤t->vtime_lock); ++ write_seqcount_begin(¤t->vtime_seq); + current->vtime_snap_whence = VTIME_SYS; + current->vtime_snap = sched_clock_cpu(smp_processor_id()); +- write_sequnlock(¤t->vtime_seqlock); ++ write_seqcount_end(¤t->vtime_seq); ++ raw_spin_unlock(¤t->vtime_lock); + } + + void vtime_init_idle(struct task_struct *t, int cpu) + { + unsigned long flags; + +- write_seqlock_irqsave(&t->vtime_seqlock, flags); ++ raw_spin_lock_irqsave(&t->vtime_lock, flags); ++ write_seqcount_begin(&t->vtime_seq); + t->vtime_snap_whence = VTIME_SYS; + t->vtime_snap = sched_clock_cpu(cpu); +- write_sequnlock_irqrestore(&t->vtime_seqlock, flags); ++ write_seqcount_end(&t->vtime_seq); ++ raw_spin_unlock_irqrestore(&t->vtime_lock, flags); + } + + cputime_t task_gtime(struct task_struct *t) +@@ -768,13 +786,13 @@ + cputime_t gtime; + + do { +- seq = read_seqbegin(&t->vtime_seqlock); ++ seq = read_seqcount_begin(&t->vtime_seq); + + gtime = t->gtime; + if (t->flags & PF_VCPU) + gtime += vtime_delta(t); + +- } while (read_seqretry(&t->vtime_seqlock, seq)); ++ } while (read_seqcount_retry(&t->vtime_seq, seq)); + + return gtime; + } +@@ -797,7 +815,7 @@ + *udelta = 0; + *sdelta = 0; + +- seq = read_seqbegin(&t->vtime_seqlock); ++ seq = read_seqcount_begin(&t->vtime_seq); + + if (u_dst) + *u_dst = *u_src; +@@ -821,7 +839,7 @@ + if (t->vtime_snap_whence == VTIME_SYS) + *sdelta = delta; + } +- } while (read_seqretry(&t->vtime_seqlock, seq)); ++ } while (read_seqcount_retry(&t->vtime_seq, seq)); + } + + +diff -Nur linux-3.18.9.orig/kernel/sched/deadline.c linux-3.18.9/kernel/sched/deadline.c +--- linux-3.18.9.orig/kernel/sched/deadline.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/sched/deadline.c 2015-03-15 16:03:03.848094875 -0500 +@@ -570,6 +570,7 @@ + + hrtimer_init(timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + timer->function = dl_task_timer; ++ timer->irqsafe = 1; + } + + static +diff -Nur linux-3.18.9.orig/kernel/sched/debug.c linux-3.18.9/kernel/sched/debug.c +--- linux-3.18.9.orig/kernel/sched/debug.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/sched/debug.c 2015-03-15 16:03:03.848094875 -0500 +@@ -256,6 +256,9 @@ + P(rt_throttled); + PN(rt_time); + PN(rt_runtime); ++#ifdef CONFIG_SMP ++ P(rt_nr_migratory); ++#endif + + #undef PN + #undef P +@@ -634,6 +637,10 @@ + #endif + P(policy); + P(prio); ++#ifdef CONFIG_PREEMPT_RT_FULL ++ P(migrate_disable); ++#endif ++ P(nr_cpus_allowed); + #undef PN + #undef __PN + #undef P +diff -Nur linux-3.18.9.orig/kernel/sched/fair.c linux-3.18.9/kernel/sched/fair.c +--- linux-3.18.9.orig/kernel/sched/fair.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/sched/fair.c 2015-03-15 16:03:03.848094875 -0500 +@@ -2951,7 +2951,7 @@ + ideal_runtime = sched_slice(cfs_rq, curr); + delta_exec = curr->sum_exec_runtime - curr->prev_sum_exec_runtime; + if (delta_exec > ideal_runtime) { +- resched_curr(rq_of(cfs_rq)); ++ resched_curr_lazy(rq_of(cfs_rq)); + /* + * The current task ran long enough, ensure it doesn't get + * re-elected due to buddy favours. +@@ -2975,7 +2975,7 @@ + return; + + if (delta > ideal_runtime) +- resched_curr(rq_of(cfs_rq)); ++ resched_curr_lazy(rq_of(cfs_rq)); + } + + static void +@@ -3115,7 +3115,7 @@ + * validating it and just reschedule. + */ + if (queued) { +- resched_curr(rq_of(cfs_rq)); ++ resched_curr_lazy(rq_of(cfs_rq)); + return; + } + /* +@@ -3306,7 +3306,7 @@ + * hierarchy can be throttled + */ + if (!assign_cfs_rq_runtime(cfs_rq) && likely(cfs_rq->curr)) +- resched_curr(rq_of(cfs_rq)); ++ resched_curr_lazy(rq_of(cfs_rq)); + } + + static __always_inline +@@ -3925,7 +3925,7 @@ + + if (delta < 0) { + if (rq->curr == p) +- resched_curr(rq); ++ resched_curr_lazy(rq); + return; + } + hrtick_start(rq, delta); +@@ -4792,7 +4792,7 @@ + return; + + preempt: +- resched_curr(rq); ++ resched_curr_lazy(rq); + /* + * Only set the backward buddy when the current task is still + * on the rq. This can happen when a wakeup gets interleaved +@@ -7576,7 +7576,7 @@ + * 'current' within the tree based on its new key value. + */ + swap(curr->vruntime, se->vruntime); +- resched_curr(rq); ++ resched_curr_lazy(rq); + } + + se->vruntime -= cfs_rq->min_vruntime; +@@ -7601,7 +7601,7 @@ + */ + if (rq->curr == p) { + if (p->prio > oldprio) +- resched_curr(rq); ++ resched_curr_lazy(rq); + } else + check_preempt_curr(rq, p, 0); + } +diff -Nur linux-3.18.9.orig/kernel/sched/features.h linux-3.18.9/kernel/sched/features.h +--- linux-3.18.9.orig/kernel/sched/features.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/sched/features.h 2015-03-15 16:03:03.848094875 -0500 +@@ -50,12 +50,18 @@ + */ + SCHED_FEAT(NONTASK_CAPACITY, true) + ++#ifdef CONFIG_PREEMPT_RT_FULL ++SCHED_FEAT(TTWU_QUEUE, false) ++# ifdef CONFIG_PREEMPT_LAZY ++SCHED_FEAT(PREEMPT_LAZY, true) ++# endif ++#else + /* + * Queue remote wakeups on the target CPU and process them + * using the scheduler IPI. Reduces rq->lock contention/bounces. + */ + SCHED_FEAT(TTWU_QUEUE, true) +- ++#endif + SCHED_FEAT(FORCE_SD_OVERLAP, false) + SCHED_FEAT(RT_RUNTIME_SHARE, true) + SCHED_FEAT(LB_MIN, false) +diff -Nur linux-3.18.9.orig/kernel/sched/Makefile linux-3.18.9/kernel/sched/Makefile +--- linux-3.18.9.orig/kernel/sched/Makefile 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/sched/Makefile 2015-03-15 16:03:03.848094875 -0500 +@@ -13,7 +13,7 @@ + + obj-y += core.o proc.o clock.o cputime.o + obj-y += idle_task.o fair.o rt.o deadline.o stop_task.o +-obj-y += wait.o completion.o idle.o ++obj-y += wait.o wait-simple.o work-simple.o completion.o idle.o + obj-$(CONFIG_SMP) += cpupri.o cpudeadline.o + obj-$(CONFIG_SCHED_AUTOGROUP) += auto_group.o + obj-$(CONFIG_SCHEDSTATS) += stats.o +diff -Nur linux-3.18.9.orig/kernel/sched/rt.c linux-3.18.9/kernel/sched/rt.c +--- linux-3.18.9.orig/kernel/sched/rt.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/sched/rt.c 2015-03-15 16:03:03.848094875 -0500 +@@ -43,6 +43,7 @@ + + hrtimer_init(&rt_b->rt_period_timer, + CLOCK_MONOTONIC, HRTIMER_MODE_REL); ++ rt_b->rt_period_timer.irqsafe = 1; + rt_b->rt_period_timer.function = sched_rt_period_timer; + } + +diff -Nur linux-3.18.9.orig/kernel/sched/sched.h linux-3.18.9/kernel/sched/sched.h +--- linux-3.18.9.orig/kernel/sched/sched.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/sched/sched.h 2015-03-15 16:03:03.848094875 -0500 +@@ -1018,6 +1018,7 @@ + #define WF_SYNC 0x01 /* waker goes to sleep after wakeup */ + #define WF_FORK 0x02 /* child wakeup after fork */ + #define WF_MIGRATED 0x4 /* internal use, task got migrated */ ++#define WF_LOCK_SLEEPER 0x08 /* wakeup spinlock "sleeper" */ + + /* + * To aid in avoiding the subversion of "niceness" due to uneven distribution +@@ -1210,6 +1211,15 @@ + extern void resched_curr(struct rq *rq); + extern void resched_cpu(int cpu); + ++#ifdef CONFIG_PREEMPT_LAZY ++extern void resched_curr_lazy(struct rq *rq); ++#else ++static inline void resched_curr_lazy(struct rq *rq) ++{ ++ resched_curr(rq); ++} ++#endif ++ + extern struct rt_bandwidth def_rt_bandwidth; + extern void init_rt_bandwidth(struct rt_bandwidth *rt_b, u64 period, u64 runtime); + +diff -Nur linux-3.18.9.orig/kernel/sched/wait-simple.c linux-3.18.9/kernel/sched/wait-simple.c +--- linux-3.18.9.orig/kernel/sched/wait-simple.c 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/kernel/sched/wait-simple.c 2015-03-15 16:03:03.848094875 -0500 +@@ -0,0 +1,115 @@ ++/* ++ * Simple waitqueues without fancy flags and callbacks ++ * ++ * (C) 2011 Thomas Gleixner <tglx@linutronix.de> ++ * ++ * Based on kernel/wait.c ++ * ++ * For licencing details see kernel-base/COPYING ++ */ ++#include <linux/init.h> ++#include <linux/export.h> ++#include <linux/sched.h> ++#include <linux/wait-simple.h> ++ ++/* Adds w to head->list. Must be called with head->lock locked. */ ++static inline void __swait_enqueue(struct swait_head *head, struct swaiter *w) ++{ ++ list_add(&w->node, &head->list); ++ /* We can't let the condition leak before the setting of head */ ++ smp_mb(); ++} ++ ++/* Removes w from head->list. Must be called with head->lock locked. */ ++static inline void __swait_dequeue(struct swaiter *w) ++{ ++ list_del_init(&w->node); ++} ++ ++void __init_swait_head(struct swait_head *head, struct lock_class_key *key) ++{ ++ raw_spin_lock_init(&head->lock); ++ lockdep_set_class(&head->lock, key); ++ INIT_LIST_HEAD(&head->list); ++} ++EXPORT_SYMBOL(__init_swait_head); ++ ++void swait_prepare_locked(struct swait_head *head, struct swaiter *w) ++{ ++ w->task = current; ++ if (list_empty(&w->node)) ++ __swait_enqueue(head, w); ++} ++ ++void swait_prepare(struct swait_head *head, struct swaiter *w, int state) ++{ ++ unsigned long flags; ++ ++ raw_spin_lock_irqsave(&head->lock, flags); ++ swait_prepare_locked(head, w); ++ __set_current_state(state); ++ raw_spin_unlock_irqrestore(&head->lock, flags); ++} ++EXPORT_SYMBOL(swait_prepare); ++ ++void swait_finish_locked(struct swait_head *head, struct swaiter *w) ++{ ++ __set_current_state(TASK_RUNNING); ++ if (w->task) ++ __swait_dequeue(w); ++} ++ ++void swait_finish(struct swait_head *head, struct swaiter *w) ++{ ++ unsigned long flags; ++ ++ __set_current_state(TASK_RUNNING); ++ if (w->task) { ++ raw_spin_lock_irqsave(&head->lock, flags); ++ __swait_dequeue(w); ++ raw_spin_unlock_irqrestore(&head->lock, flags); ++ } ++} ++EXPORT_SYMBOL(swait_finish); ++ ++unsigned int ++__swait_wake_locked(struct swait_head *head, unsigned int state, unsigned int num) ++{ ++ struct swaiter *curr, *next; ++ int woken = 0; ++ ++ list_for_each_entry_safe(curr, next, &head->list, node) { ++ if (wake_up_state(curr->task, state)) { ++ __swait_dequeue(curr); ++ /* ++ * The waiting task can free the waiter as ++ * soon as curr->task = NULL is written, ++ * without taking any locks. A memory barrier ++ * is required here to prevent the following ++ * store to curr->task from getting ahead of ++ * the dequeue operation. ++ */ ++ smp_wmb(); ++ curr->task = NULL; ++ if (++woken == num) ++ break; ++ } ++ } ++ return woken; ++} ++ ++unsigned int ++__swait_wake(struct swait_head *head, unsigned int state, unsigned int num) ++{ ++ unsigned long flags; ++ int woken; ++ ++ if (!swaitqueue_active(head)) ++ return 0; ++ ++ raw_spin_lock_irqsave(&head->lock, flags); ++ woken = __swait_wake_locked(head, state, num); ++ raw_spin_unlock_irqrestore(&head->lock, flags); ++ return woken; ++} ++EXPORT_SYMBOL(__swait_wake); +diff -Nur linux-3.18.9.orig/kernel/sched/work-simple.c linux-3.18.9/kernel/sched/work-simple.c +--- linux-3.18.9.orig/kernel/sched/work-simple.c 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/kernel/sched/work-simple.c 2015-03-15 16:03:03.852094875 -0500 +@@ -0,0 +1,176 @@ ++/* ++ * Copyright (C) 2014 BMW Car IT GmbH, Daniel Wagner daniel.wagner@bmw-carit.de ++ * ++ * Provides a framework for enqueuing callbacks from irq context ++ * PREEMPT_RT_FULL safe. The callbacks are executed in kthread context. ++ */ ++ ++#include <linux/wait-simple.h> ++#include <linux/work-simple.h> ++#include <linux/kthread.h> ++#include <linux/slab.h> ++#include <linux/spinlock.h> ++ ++#define SWORK_EVENT_PENDING (1 << 0) ++ ++static DEFINE_MUTEX(worker_mutex); ++static struct sworker *glob_worker; ++ ++struct sworker { ++ struct list_head events; ++ struct swait_head wq; ++ ++ raw_spinlock_t lock; ++ ++ struct task_struct *task; ++ int refs; ++}; ++ ++static bool swork_readable(struct sworker *worker) ++{ ++ bool r; ++ ++ if (kthread_should_stop()) ++ return true; ++ ++ raw_spin_lock(&worker->lock); ++ r = !list_empty(&worker->events); ++ raw_spin_unlock(&worker->lock); ++ ++ return r; ++} ++ ++static int swork_kthread(void *arg) ++{ ++ struct sworker *worker = arg; ++ ++ pr_info("swork_kthread enter\n"); ++ ++ for (;;) { ++ swait_event_interruptible(worker->wq, ++ swork_readable(worker)); ++ if (kthread_should_stop()) ++ break; ++ ++ raw_spin_lock(&worker->lock); ++ while (!list_empty(&worker->events)) { ++ struct swork_event *sev; ++ ++ sev = list_first_entry(&worker->events, ++ struct swork_event, item); ++ list_del(&sev->item); ++ raw_spin_unlock(&worker->lock); ++ ++ WARN_ON_ONCE(!test_and_clear_bit(SWORK_EVENT_PENDING, ++ &sev->flags)); ++ sev->func(sev); ++ raw_spin_lock(&worker->lock); ++ } ++ raw_spin_unlock(&worker->lock); ++ } ++ ++ pr_info("swork_kthread exit\n"); ++ return 0; ++} ++ ++static struct sworker *swork_create(void) ++{ ++ struct sworker *worker; ++ ++ worker = kzalloc(sizeof(*worker), GFP_KERNEL); ++ if (!worker) ++ return ERR_PTR(-ENOMEM); ++ ++ INIT_LIST_HEAD(&worker->events); ++ raw_spin_lock_init(&worker->lock); ++ init_swait_head(&worker->wq); ++ ++ worker->task = kthread_run(swork_kthread, worker, "kswork"); ++ if (IS_ERR(worker->task)) { ++ kfree(worker); ++ return ERR_PTR(-ENOMEM); ++ } ++ ++ return worker; ++} ++ ++static void swork_destroy(struct sworker *worker) ++{ ++ kthread_stop(worker->task); ++ ++ WARN_ON(!list_empty(&worker->events)); ++ kfree(worker); ++} ++ ++/** ++ * swork_queue - queue swork ++ * ++ * Returns %false if @work was already on a queue, %true otherwise. ++ * ++ * The work is queued and processed on a random CPU ++ */ ++bool swork_queue(struct swork_event *sev) ++{ ++ if (test_and_set_bit(SWORK_EVENT_PENDING, &sev->flags)) ++ return false; ++ ++ WARN_ON(irqs_disabled()); ++ ++ raw_spin_lock(&glob_worker->lock); ++ list_add_tail(&sev->item, &glob_worker->events); ++ raw_spin_unlock(&glob_worker->lock); ++ ++ swait_wake(&glob_worker->wq); ++ return true; ++} ++EXPORT_SYMBOL_GPL(swork_queue); ++ ++/** ++ * swork_get - get an instance of the sworker ++ * ++ * Returns an negative error code if the initialization if the worker did not ++ * work, %0 otherwise. ++ * ++ */ ++int swork_get(void) ++{ ++ struct sworker *worker; ++ ++ mutex_lock(&worker_mutex); ++ if (!glob_worker) { ++ worker = swork_create(); ++ if (IS_ERR(worker)) { ++ mutex_unlock(&worker_mutex); ++ return -ENOMEM; ++ } ++ ++ glob_worker = worker; ++ } ++ ++ glob_worker->refs++; ++ mutex_unlock(&worker_mutex); ++ ++ return 0; ++} ++EXPORT_SYMBOL_GPL(swork_get); ++ ++/** ++ * swork_put - puts an instance of the sworker ++ * ++ * Will destroy the sworker thread. This function must not be called until all ++ * queued events have been completed. ++ */ ++void swork_put(void) ++{ ++ mutex_lock(&worker_mutex); ++ ++ glob_worker->refs--; ++ if (glob_worker->refs > 0) ++ goto out; ++ ++ swork_destroy(glob_worker); ++ glob_worker = NULL; ++out: ++ mutex_unlock(&worker_mutex); ++} ++EXPORT_SYMBOL_GPL(swork_put); +diff -Nur linux-3.18.9.orig/kernel/signal.c linux-3.18.9/kernel/signal.c +--- linux-3.18.9.orig/kernel/signal.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/signal.c 2015-03-15 16:03:03.852094875 -0500 +@@ -14,6 +14,7 @@ + #include <linux/export.h> + #include <linux/init.h> + #include <linux/sched.h> ++#include <linux/sched/rt.h> + #include <linux/fs.h> + #include <linux/tty.h> + #include <linux/binfmts.h> +@@ -352,13 +353,45 @@ + return false; + } + ++#ifdef __HAVE_ARCH_CMPXCHG ++static inline struct sigqueue *get_task_cache(struct task_struct *t) ++{ ++ struct sigqueue *q = t->sigqueue_cache; ++ ++ if (cmpxchg(&t->sigqueue_cache, q, NULL) != q) ++ return NULL; ++ return q; ++} ++ ++static inline int put_task_cache(struct task_struct *t, struct sigqueue *q) ++{ ++ if (cmpxchg(&t->sigqueue_cache, NULL, q) == NULL) ++ return 0; ++ return 1; ++} ++ ++#else ++ ++static inline struct sigqueue *get_task_cache(struct task_struct *t) ++{ ++ return NULL; ++} ++ ++static inline int put_task_cache(struct task_struct *t, struct sigqueue *q) ++{ ++ return 1; ++} ++ ++#endif ++ + /* + * allocate a new signal queue record + * - this may be called without locks if and only if t == current, otherwise an + * appropriate lock must be held to stop the target task from exiting + */ + static struct sigqueue * +-__sigqueue_alloc(int sig, struct task_struct *t, gfp_t flags, int override_rlimit) ++__sigqueue_do_alloc(int sig, struct task_struct *t, gfp_t flags, ++ int override_rlimit, int fromslab) + { + struct sigqueue *q = NULL; + struct user_struct *user; +@@ -375,7 +408,10 @@ + if (override_rlimit || + atomic_read(&user->sigpending) <= + task_rlimit(t, RLIMIT_SIGPENDING)) { +- q = kmem_cache_alloc(sigqueue_cachep, flags); ++ if (!fromslab) ++ q = get_task_cache(t); ++ if (!q) ++ q = kmem_cache_alloc(sigqueue_cachep, flags); + } else { + print_dropped_signal(sig); + } +@@ -392,6 +428,13 @@ + return q; + } + ++static struct sigqueue * ++__sigqueue_alloc(int sig, struct task_struct *t, gfp_t flags, ++ int override_rlimit) ++{ ++ return __sigqueue_do_alloc(sig, t, flags, override_rlimit, 0); ++} ++ + static void __sigqueue_free(struct sigqueue *q) + { + if (q->flags & SIGQUEUE_PREALLOC) +@@ -401,6 +444,21 @@ + kmem_cache_free(sigqueue_cachep, q); + } + ++static void sigqueue_free_current(struct sigqueue *q) ++{ ++ struct user_struct *up; ++ ++ if (q->flags & SIGQUEUE_PREALLOC) ++ return; ++ ++ up = q->user; ++ if (rt_prio(current->normal_prio) && !put_task_cache(current, q)) { ++ atomic_dec(&up->sigpending); ++ free_uid(up); ++ } else ++ __sigqueue_free(q); ++} ++ + void flush_sigqueue(struct sigpending *queue) + { + struct sigqueue *q; +@@ -414,6 +472,21 @@ + } + + /* ++ * Called from __exit_signal. Flush tsk->pending and ++ * tsk->sigqueue_cache ++ */ ++void flush_task_sigqueue(struct task_struct *tsk) ++{ ++ struct sigqueue *q; ++ ++ flush_sigqueue(&tsk->pending); ++ ++ q = get_task_cache(tsk); ++ if (q) ++ kmem_cache_free(sigqueue_cachep, q); ++} ++ ++/* + * Flush all pending signals for a task. + */ + void __flush_signals(struct task_struct *t) +@@ -565,7 +638,7 @@ + still_pending: + list_del_init(&first->list); + copy_siginfo(info, &first->info); +- __sigqueue_free(first); ++ sigqueue_free_current(first); + } else { + /* + * Ok, it wasn't in the queue. This must be +@@ -611,6 +684,8 @@ + { + int signr; + ++ WARN_ON_ONCE(tsk != current); ++ + /* We only dequeue private signals from ourselves, we don't let + * signalfd steal them + */ +@@ -1207,8 +1282,8 @@ + * We don't want to have recursive SIGSEGV's etc, for example, + * that is why we also clear SIGNAL_UNKILLABLE. + */ +-int +-force_sig_info(int sig, struct siginfo *info, struct task_struct *t) ++static int ++do_force_sig_info(int sig, struct siginfo *info, struct task_struct *t) + { + unsigned long int flags; + int ret, blocked, ignored; +@@ -1233,6 +1308,39 @@ + return ret; + } + ++int force_sig_info(int sig, struct siginfo *info, struct task_struct *t) ++{ ++/* ++ * On some archs, PREEMPT_RT has to delay sending a signal from a trap ++ * since it can not enable preemption, and the signal code's spin_locks ++ * turn into mutexes. Instead, it must set TIF_NOTIFY_RESUME which will ++ * send the signal on exit of the trap. ++ */ ++#ifdef ARCH_RT_DELAYS_SIGNAL_SEND ++ if (in_atomic()) { ++ if (WARN_ON_ONCE(t != current)) ++ return 0; ++ if (WARN_ON_ONCE(t->forced_info.si_signo)) ++ return 0; ++ ++ if (is_si_special(info)) { ++ WARN_ON_ONCE(info != SEND_SIG_PRIV); ++ t->forced_info.si_signo = sig; ++ t->forced_info.si_errno = 0; ++ t->forced_info.si_code = SI_KERNEL; ++ t->forced_info.si_pid = 0; ++ t->forced_info.si_uid = 0; ++ } else { ++ t->forced_info = *info; ++ } ++ ++ set_tsk_thread_flag(t, TIF_NOTIFY_RESUME); ++ return 0; ++ } ++#endif ++ return do_force_sig_info(sig, info, t); ++} ++ + /* + * Nuke all other threads in the group. + */ +@@ -1267,12 +1375,12 @@ + * Disable interrupts early to avoid deadlocks. + * See rcu_read_unlock() comment header for details. + */ +- local_irq_save(*flags); ++ local_irq_save_nort(*flags); + rcu_read_lock(); + sighand = rcu_dereference(tsk->sighand); + if (unlikely(sighand == NULL)) { + rcu_read_unlock(); +- local_irq_restore(*flags); ++ local_irq_restore_nort(*flags); + break; + } + +@@ -1283,7 +1391,7 @@ + } + spin_unlock(&sighand->siglock); + rcu_read_unlock(); +- local_irq_restore(*flags); ++ local_irq_restore_nort(*flags); + } + + return sighand; +@@ -1528,7 +1636,8 @@ + */ + struct sigqueue *sigqueue_alloc(void) + { +- struct sigqueue *q = __sigqueue_alloc(-1, current, GFP_KERNEL, 0); ++ /* Preallocated sigqueue objects always from the slabcache ! */ ++ struct sigqueue *q = __sigqueue_do_alloc(-1, current, GFP_KERNEL, 0, 1); + + if (q) + q->flags |= SIGQUEUE_PREALLOC; +@@ -1889,15 +1998,7 @@ + if (gstop_done && ptrace_reparented(current)) + do_notify_parent_cldstop(current, false, why); + +- /* +- * Don't want to allow preemption here, because +- * sys_ptrace() needs this task to be inactive. +- * +- * XXX: implement read_unlock_no_resched(). +- */ +- preempt_disable(); + read_unlock(&tasklist_lock); +- preempt_enable_no_resched(); + freezable_schedule(); + } else { + /* +diff -Nur linux-3.18.9.orig/kernel/softirq.c linux-3.18.9/kernel/softirq.c +--- linux-3.18.9.orig/kernel/softirq.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/softirq.c 2015-03-15 16:03:03.852094875 -0500 +@@ -21,10 +21,12 @@ + #include <linux/freezer.h> + #include <linux/kthread.h> + #include <linux/rcupdate.h> ++#include <linux/delay.h> + #include <linux/ftrace.h> + #include <linux/smp.h> + #include <linux/smpboot.h> + #include <linux/tick.h> ++#include <linux/locallock.h> + #include <linux/irq.h> + + #define CREATE_TRACE_POINTS +@@ -62,6 +64,98 @@ + "TASKLET", "SCHED", "HRTIMER", "RCU" + }; + ++#ifdef CONFIG_NO_HZ_COMMON ++# ifdef CONFIG_PREEMPT_RT_FULL ++ ++struct softirq_runner { ++ struct task_struct *runner[NR_SOFTIRQS]; ++}; ++ ++static DEFINE_PER_CPU(struct softirq_runner, softirq_runners); ++ ++static inline void softirq_set_runner(unsigned int sirq) ++{ ++ struct softirq_runner *sr = &__get_cpu_var(softirq_runners); ++ ++ sr->runner[sirq] = current; ++} ++ ++static inline void softirq_clr_runner(unsigned int sirq) ++{ ++ struct softirq_runner *sr = &__get_cpu_var(softirq_runners); ++ ++ sr->runner[sirq] = NULL; ++} ++ ++/* ++ * On preempt-rt a softirq running context might be blocked on a ++ * lock. There might be no other runnable task on this CPU because the ++ * lock owner runs on some other CPU. So we have to go into idle with ++ * the pending bit set. Therefor we need to check this otherwise we ++ * warn about false positives which confuses users and defeats the ++ * whole purpose of this test. ++ * ++ * This code is called with interrupts disabled. ++ */ ++void softirq_check_pending_idle(void) ++{ ++ static int rate_limit; ++ struct softirq_runner *sr = &__get_cpu_var(softirq_runners); ++ u32 warnpending; ++ int i; ++ ++ if (rate_limit >= 10) ++ return; ++ ++ warnpending = local_softirq_pending() & SOFTIRQ_STOP_IDLE_MASK; ++ for (i = 0; i < NR_SOFTIRQS; i++) { ++ struct task_struct *tsk = sr->runner[i]; ++ ++ /* ++ * The wakeup code in rtmutex.c wakes up the task ++ * _before_ it sets pi_blocked_on to NULL under ++ * tsk->pi_lock. So we need to check for both: state ++ * and pi_blocked_on. ++ */ ++ if (tsk) { ++ raw_spin_lock(&tsk->pi_lock); ++ if (tsk->pi_blocked_on || tsk->state == TASK_RUNNING) { ++ /* Clear all bits pending in that task */ ++ warnpending &= ~(tsk->softirqs_raised); ++ warnpending &= ~(1 << i); ++ } ++ raw_spin_unlock(&tsk->pi_lock); ++ } ++ } ++ ++ if (warnpending) { ++ printk(KERN_ERR "NOHZ: local_softirq_pending %02x\n", ++ warnpending); ++ rate_limit++; ++ } ++} ++# else ++/* ++ * On !PREEMPT_RT we just printk rate limited: ++ */ ++void softirq_check_pending_idle(void) ++{ ++ static int rate_limit; ++ ++ if (rate_limit < 10 && ++ (local_softirq_pending() & SOFTIRQ_STOP_IDLE_MASK)) { ++ printk(KERN_ERR "NOHZ: local_softirq_pending %02x\n", ++ local_softirq_pending()); ++ rate_limit++; ++ } ++} ++# endif ++ ++#else /* !CONFIG_NO_HZ_COMMON */ ++static inline void softirq_set_runner(unsigned int sirq) { } ++static inline void softirq_clr_runner(unsigned int sirq) { } ++#endif ++ + /* + * we cannot loop indefinitely here to avoid userspace starvation, + * but we also don't want to introduce a worst case 1/HZ latency +@@ -77,6 +171,70 @@ + wake_up_process(tsk); + } + ++static void handle_softirq(unsigned int vec_nr) ++{ ++ struct softirq_action *h = softirq_vec + vec_nr; ++ int prev_count; ++ ++ prev_count = preempt_count(); ++ ++ kstat_incr_softirqs_this_cpu(vec_nr); ++ ++ trace_softirq_entry(vec_nr); ++ h->action(h); ++ trace_softirq_exit(vec_nr); ++ if (unlikely(prev_count != preempt_count())) { ++ pr_err("huh, entered softirq %u %s %p with preempt_count %08x, exited with %08x?\n", ++ vec_nr, softirq_to_name[vec_nr], h->action, ++ prev_count, preempt_count()); ++ preempt_count_set(prev_count); ++ } ++} ++ ++#ifndef CONFIG_PREEMPT_RT_FULL ++static inline int ksoftirqd_softirq_pending(void) ++{ ++ return local_softirq_pending(); ++} ++ ++static void handle_pending_softirqs(u32 pending, int need_rcu_bh_qs) ++{ ++ struct softirq_action *h = softirq_vec; ++ int softirq_bit; ++ ++ local_irq_enable(); ++ ++ h = softirq_vec; ++ ++ while ((softirq_bit = ffs(pending))) { ++ unsigned int vec_nr; ++ ++ h += softirq_bit - 1; ++ vec_nr = h - softirq_vec; ++ handle_softirq(vec_nr); ++ ++ h++; ++ pending >>= softirq_bit; ++ } ++ ++ if (need_rcu_bh_qs) ++ rcu_bh_qs(); ++ local_irq_disable(); ++} ++ ++static void run_ksoftirqd(unsigned int cpu) ++{ ++ local_irq_disable(); ++ if (ksoftirqd_softirq_pending()) { ++ __do_softirq(); ++ rcu_note_context_switch(cpu); ++ local_irq_enable(); ++ cond_resched(); ++ return; ++ } ++ local_irq_enable(); ++} ++ + /* + * preempt_count and SOFTIRQ_OFFSET usage: + * - preempt_count is changed by SOFTIRQ_OFFSET on entering or leaving +@@ -228,10 +386,8 @@ + unsigned long end = jiffies + MAX_SOFTIRQ_TIME; + unsigned long old_flags = current->flags; + int max_restart = MAX_SOFTIRQ_RESTART; +- struct softirq_action *h; + bool in_hardirq; + __u32 pending; +- int softirq_bit; + + /* + * Mask out PF_MEMALLOC s current task context is borrowed for the +@@ -250,36 +406,7 @@ + /* Reset the pending bitmask before enabling irqs */ + set_softirq_pending(0); + +- local_irq_enable(); +- +- h = softirq_vec; +- +- while ((softirq_bit = ffs(pending))) { +- unsigned int vec_nr; +- int prev_count; +- +- h += softirq_bit - 1; +- +- vec_nr = h - softirq_vec; +- prev_count = preempt_count(); +- +- kstat_incr_softirqs_this_cpu(vec_nr); +- +- trace_softirq_entry(vec_nr); +- h->action(h); +- trace_softirq_exit(vec_nr); +- if (unlikely(prev_count != preempt_count())) { +- pr_err("huh, entered softirq %u %s %p with preempt_count %08x, exited with %08x?\n", +- vec_nr, softirq_to_name[vec_nr], h->action, +- prev_count, preempt_count()); +- preempt_count_set(prev_count); +- } +- h++; +- pending >>= softirq_bit; +- } +- +- rcu_bh_qs(); +- local_irq_disable(); ++ handle_pending_softirqs(pending, 1); + + pending = local_softirq_pending(); + if (pending) { +@@ -316,6 +443,285 @@ + } + + /* ++ * This function must run with irqs disabled! ++ */ ++void raise_softirq_irqoff(unsigned int nr) ++{ ++ __raise_softirq_irqoff(nr); ++ ++ /* ++ * If we're in an interrupt or softirq, we're done ++ * (this also catches softirq-disabled code). We will ++ * actually run the softirq once we return from ++ * the irq or softirq. ++ * ++ * Otherwise we wake up ksoftirqd to make sure we ++ * schedule the softirq soon. ++ */ ++ if (!in_interrupt()) ++ wakeup_softirqd(); ++} ++ ++void __raise_softirq_irqoff(unsigned int nr) ++{ ++ trace_softirq_raise(nr); ++ or_softirq_pending(1UL << nr); ++} ++ ++static inline void local_bh_disable_nort(void) { local_bh_disable(); } ++static inline void _local_bh_enable_nort(void) { _local_bh_enable(); } ++static void ksoftirqd_set_sched_params(unsigned int cpu) { } ++static void ksoftirqd_clr_sched_params(unsigned int cpu, bool online) { } ++ ++#else /* !PREEMPT_RT_FULL */ ++ ++/* ++ * On RT we serialize softirq execution with a cpu local lock per softirq ++ */ ++static DEFINE_PER_CPU(struct local_irq_lock [NR_SOFTIRQS], local_softirq_locks); ++ ++void __init softirq_early_init(void) ++{ ++ int i; ++ ++ for (i = 0; i < NR_SOFTIRQS; i++) ++ local_irq_lock_init(local_softirq_locks[i]); ++} ++ ++static void lock_softirq(int which) ++{ ++ local_lock(local_softirq_locks[which]); ++} ++ ++static void unlock_softirq(int which) ++{ ++ local_unlock(local_softirq_locks[which]); ++} ++ ++static void do_single_softirq(int which, int need_rcu_bh_qs) ++{ ++ unsigned long old_flags = current->flags; ++ ++ current->flags &= ~PF_MEMALLOC; ++ vtime_account_irq_enter(current); ++ current->flags |= PF_IN_SOFTIRQ; ++ lockdep_softirq_enter(); ++ local_irq_enable(); ++ handle_softirq(which); ++ local_irq_disable(); ++ lockdep_softirq_exit(); ++ current->flags &= ~PF_IN_SOFTIRQ; ++ vtime_account_irq_enter(current); ++ tsk_restore_flags(current, old_flags, PF_MEMALLOC); ++} ++ ++/* ++ * Called with interrupts disabled. Process softirqs which were raised ++ * in current context (or on behalf of ksoftirqd). ++ */ ++static void do_current_softirqs(int need_rcu_bh_qs) ++{ ++ while (current->softirqs_raised) { ++ int i = __ffs(current->softirqs_raised); ++ unsigned int pending, mask = (1U << i); ++ ++ current->softirqs_raised &= ~mask; ++ local_irq_enable(); ++ ++ /* ++ * If the lock is contended, we boost the owner to ++ * process the softirq or leave the critical section ++ * now. ++ */ ++ lock_softirq(i); ++ local_irq_disable(); ++ softirq_set_runner(i); ++ /* ++ * Check with the local_softirq_pending() bits, ++ * whether we need to process this still or if someone ++ * else took care of it. ++ */ ++ pending = local_softirq_pending(); ++ if (pending & mask) { ++ set_softirq_pending(pending & ~mask); ++ do_single_softirq(i, need_rcu_bh_qs); ++ } ++ softirq_clr_runner(i); ++ unlock_softirq(i); ++ WARN_ON(current->softirq_nestcnt != 1); ++ } ++} ++ ++static void __local_bh_disable(void) ++{ ++ if (++current->softirq_nestcnt == 1) ++ migrate_disable(); ++} ++ ++void local_bh_disable(void) ++{ ++ __local_bh_disable(); ++} ++EXPORT_SYMBOL(local_bh_disable); ++ ++void __local_bh_disable_ip(unsigned long ip, unsigned int cnt) ++{ ++ __local_bh_disable(); ++ if (cnt & PREEMPT_CHECK_OFFSET) ++ preempt_disable(); ++} ++ ++static void __local_bh_enable(void) ++{ ++ if (WARN_ON(current->softirq_nestcnt == 0)) ++ return; ++ ++ local_irq_disable(); ++ if (current->softirq_nestcnt == 1 && current->softirqs_raised) ++ do_current_softirqs(1); ++ local_irq_enable(); ++ ++ if (--current->softirq_nestcnt == 0) ++ migrate_enable(); ++} ++ ++void local_bh_enable(void) ++{ ++ __local_bh_enable(); ++} ++EXPORT_SYMBOL(local_bh_enable); ++ ++extern void __local_bh_enable_ip(unsigned long ip, unsigned int cnt) ++{ ++ __local_bh_enable(); ++ if (cnt & PREEMPT_CHECK_OFFSET) ++ preempt_enable(); ++} ++ ++void local_bh_enable_ip(unsigned long ip) ++{ ++ local_bh_enable(); ++} ++EXPORT_SYMBOL(local_bh_enable_ip); ++ ++void _local_bh_enable(void) ++{ ++ if (WARN_ON(current->softirq_nestcnt == 0)) ++ return; ++ if (--current->softirq_nestcnt == 0) ++ migrate_enable(); ++} ++EXPORT_SYMBOL(_local_bh_enable); ++ ++int in_serving_softirq(void) ++{ ++ return current->flags & PF_IN_SOFTIRQ; ++} ++EXPORT_SYMBOL(in_serving_softirq); ++ ++/* Called with preemption disabled */ ++static void run_ksoftirqd(unsigned int cpu) ++{ ++ local_irq_disable(); ++ current->softirq_nestcnt++; ++ ++ do_current_softirqs(1); ++ current->softirq_nestcnt--; ++ rcu_note_context_switch(cpu); ++ local_irq_enable(); ++} ++ ++/* ++ * Called from netif_rx_ni(). Preemption enabled, but migration ++ * disabled. So the cpu can't go away under us. ++ */ ++void thread_do_softirq(void) ++{ ++ if (!in_serving_softirq() && current->softirqs_raised) { ++ current->softirq_nestcnt++; ++ do_current_softirqs(0); ++ current->softirq_nestcnt--; ++ } ++} ++ ++static void do_raise_softirq_irqoff(unsigned int nr) ++{ ++ trace_softirq_raise(nr); ++ or_softirq_pending(1UL << nr); ++ ++ /* ++ * If we are not in a hard interrupt and inside a bh disabled ++ * region, we simply raise the flag on current. local_bh_enable() ++ * will make sure that the softirq is executed. Otherwise we ++ * delegate it to ksoftirqd. ++ */ ++ if (!in_irq() && current->softirq_nestcnt) ++ current->softirqs_raised |= (1U << nr); ++ else if (__this_cpu_read(ksoftirqd)) ++ __this_cpu_read(ksoftirqd)->softirqs_raised |= (1U << nr); ++} ++ ++void __raise_softirq_irqoff(unsigned int nr) ++{ ++ do_raise_softirq_irqoff(nr); ++ if (!in_irq() && !current->softirq_nestcnt) ++ wakeup_softirqd(); ++} ++ ++/* ++ * This function must run with irqs disabled! ++ */ ++void raise_softirq_irqoff(unsigned int nr) ++{ ++ do_raise_softirq_irqoff(nr); ++ ++ /* ++ * If we're in an hard interrupt we let irq return code deal ++ * with the wakeup of ksoftirqd. ++ */ ++ if (in_irq()) ++ return; ++ /* ++ * If we are in thread context but outside of a bh disabled ++ * region, we need to wake ksoftirqd as well. ++ * ++ * CHECKME: Some of the places which do that could be wrapped ++ * into local_bh_disable/enable pairs. Though it's unclear ++ * whether this is worth the effort. To find those places just ++ * raise a WARN() if the condition is met. ++ */ ++ if (!current->softirq_nestcnt) ++ wakeup_softirqd(); ++} ++ ++static inline int ksoftirqd_softirq_pending(void) ++{ ++ return current->softirqs_raised; ++} ++ ++static inline void local_bh_disable_nort(void) { } ++static inline void _local_bh_enable_nort(void) { } ++ ++static inline void ksoftirqd_set_sched_params(unsigned int cpu) ++{ ++ struct sched_param param = { .sched_priority = 1 }; ++ ++ sched_setscheduler(current, SCHED_FIFO, ¶m); ++ /* Take over all pending softirqs when starting */ ++ local_irq_disable(); ++ current->softirqs_raised = local_softirq_pending(); ++ local_irq_enable(); ++} ++ ++static inline void ksoftirqd_clr_sched_params(unsigned int cpu, bool online) ++{ ++ struct sched_param param = { .sched_priority = 0 }; ++ ++ sched_setscheduler(current, SCHED_NORMAL, ¶m); ++} ++ ++#endif /* PREEMPT_RT_FULL */ ++/* + * Enter an interrupt context. + */ + void irq_enter(void) +@@ -326,9 +732,9 @@ + * Prevent raise_softirq from needlessly waking up ksoftirqd + * here, as softirq will be serviced on return from interrupt. + */ +- local_bh_disable(); ++ local_bh_disable_nort(); + tick_irq_enter(); +- _local_bh_enable(); ++ _local_bh_enable_nort(); + } + + __irq_enter(); +@@ -336,6 +742,7 @@ + + static inline void invoke_softirq(void) + { ++#ifndef CONFIG_PREEMPT_RT_FULL + if (!force_irqthreads) { + #ifdef CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK + /* +@@ -355,6 +762,15 @@ + } else { + wakeup_softirqd(); + } ++#else /* PREEMPT_RT_FULL */ ++ unsigned long flags; ++ ++ local_irq_save(flags); ++ if (__this_cpu_read(ksoftirqd) && ++ __this_cpu_read(ksoftirqd)->softirqs_raised) ++ wakeup_softirqd(); ++ local_irq_restore(flags); ++#endif + } + + static inline void tick_irq_exit(void) +@@ -391,26 +807,6 @@ + trace_hardirq_exit(); /* must be last! */ + } + +-/* +- * This function must run with irqs disabled! +- */ +-inline void raise_softirq_irqoff(unsigned int nr) +-{ +- __raise_softirq_irqoff(nr); +- +- /* +- * If we're in an interrupt or softirq, we're done +- * (this also catches softirq-disabled code). We will +- * actually run the softirq once we return from +- * the irq or softirq. +- * +- * Otherwise we wake up ksoftirqd to make sure we +- * schedule the softirq soon. +- */ +- if (!in_interrupt()) +- wakeup_softirqd(); +-} +- + void raise_softirq(unsigned int nr) + { + unsigned long flags; +@@ -420,12 +816,6 @@ + local_irq_restore(flags); + } + +-void __raise_softirq_irqoff(unsigned int nr) +-{ +- trace_softirq_raise(nr); +- or_softirq_pending(1UL << nr); +-} +- + void open_softirq(int nr, void (*action)(struct softirq_action *)) + { + softirq_vec[nr].action = action; +@@ -442,15 +832,45 @@ + static DEFINE_PER_CPU(struct tasklet_head, tasklet_vec); + static DEFINE_PER_CPU(struct tasklet_head, tasklet_hi_vec); + ++static void inline ++__tasklet_common_schedule(struct tasklet_struct *t, struct tasklet_head *head, unsigned int nr) ++{ ++ if (tasklet_trylock(t)) { ++again: ++ /* We may have been preempted before tasklet_trylock ++ * and __tasklet_action may have already run. ++ * So double check the sched bit while the takslet ++ * is locked before adding it to the list. ++ */ ++ if (test_bit(TASKLET_STATE_SCHED, &t->state)) { ++ t->next = NULL; ++ *head->tail = t; ++ head->tail = &(t->next); ++ raise_softirq_irqoff(nr); ++ tasklet_unlock(t); ++ } else { ++ /* This is subtle. If we hit the corner case above ++ * It is possible that we get preempted right here, ++ * and another task has successfully called ++ * tasklet_schedule(), then this function, and ++ * failed on the trylock. Thus we must be sure ++ * before releasing the tasklet lock, that the ++ * SCHED_BIT is clear. Otherwise the tasklet ++ * may get its SCHED_BIT set, but not added to the ++ * list ++ */ ++ if (!tasklet_tryunlock(t)) ++ goto again; ++ } ++ } ++} ++ + void __tasklet_schedule(struct tasklet_struct *t) + { + unsigned long flags; + + local_irq_save(flags); +- t->next = NULL; +- *__this_cpu_read(tasklet_vec.tail) = t; +- __this_cpu_write(tasklet_vec.tail, &(t->next)); +- raise_softirq_irqoff(TASKLET_SOFTIRQ); ++ __tasklet_common_schedule(t, &__get_cpu_var(tasklet_vec), TASKLET_SOFTIRQ); + local_irq_restore(flags); + } + EXPORT_SYMBOL(__tasklet_schedule); +@@ -460,10 +880,7 @@ + unsigned long flags; + + local_irq_save(flags); +- t->next = NULL; +- *__this_cpu_read(tasklet_hi_vec.tail) = t; +- __this_cpu_write(tasklet_hi_vec.tail, &(t->next)); +- raise_softirq_irqoff(HI_SOFTIRQ); ++ __tasklet_common_schedule(t, &__get_cpu_var(tasklet_hi_vec), HI_SOFTIRQ); + local_irq_restore(flags); + } + EXPORT_SYMBOL(__tasklet_hi_schedule); +@@ -472,48 +889,116 @@ + { + BUG_ON(!irqs_disabled()); + +- t->next = __this_cpu_read(tasklet_hi_vec.head); +- __this_cpu_write(tasklet_hi_vec.head, t); +- __raise_softirq_irqoff(HI_SOFTIRQ); ++ __tasklet_hi_schedule(t); + } + EXPORT_SYMBOL(__tasklet_hi_schedule_first); + +-static void tasklet_action(struct softirq_action *a) ++void tasklet_enable(struct tasklet_struct *t) + { +- struct tasklet_struct *list; ++ if (!atomic_dec_and_test(&t->count)) ++ return; ++ if (test_and_clear_bit(TASKLET_STATE_PENDING, &t->state)) ++ tasklet_schedule(t); ++} ++EXPORT_SYMBOL(tasklet_enable); + +- local_irq_disable(); +- list = __this_cpu_read(tasklet_vec.head); +- __this_cpu_write(tasklet_vec.head, NULL); +- __this_cpu_write(tasklet_vec.tail, this_cpu_ptr(&tasklet_vec.head)); +- local_irq_enable(); ++void tasklet_hi_enable(struct tasklet_struct *t) ++{ ++ if (!atomic_dec_and_test(&t->count)) ++ return; ++ if (test_and_clear_bit(TASKLET_STATE_PENDING, &t->state)) ++ tasklet_hi_schedule(t); ++} ++EXPORT_SYMBOL(tasklet_hi_enable); ++ ++static void __tasklet_action(struct softirq_action *a, ++ struct tasklet_struct *list) ++{ ++ int loops = 1000000; + + while (list) { + struct tasklet_struct *t = list; + + list = list->next; + +- if (tasklet_trylock(t)) { +- if (!atomic_read(&t->count)) { +- if (!test_and_clear_bit(TASKLET_STATE_SCHED, +- &t->state)) +- BUG(); +- t->func(t->data); +- tasklet_unlock(t); +- continue; +- } +- tasklet_unlock(t); ++ /* ++ * Should always succeed - after a tasklist got on the ++ * list (after getting the SCHED bit set from 0 to 1), ++ * nothing but the tasklet softirq it got queued to can ++ * lock it: ++ */ ++ if (!tasklet_trylock(t)) { ++ WARN_ON(1); ++ continue; + } + +- local_irq_disable(); + t->next = NULL; +- *__this_cpu_read(tasklet_vec.tail) = t; +- __this_cpu_write(tasklet_vec.tail, &(t->next)); +- __raise_softirq_irqoff(TASKLET_SOFTIRQ); +- local_irq_enable(); ++ ++ /* ++ * If we cannot handle the tasklet because it's disabled, ++ * mark it as pending. tasklet_enable() will later ++ * re-schedule the tasklet. ++ */ ++ if (unlikely(atomic_read(&t->count))) { ++out_disabled: ++ /* implicit unlock: */ ++ wmb(); ++ t->state = TASKLET_STATEF_PENDING; ++ continue; ++ } ++ ++ /* ++ * After this point on the tasklet might be rescheduled ++ * on another CPU, but it can only be added to another ++ * CPU's tasklet list if we unlock the tasklet (which we ++ * dont do yet). ++ */ ++ if (!test_and_clear_bit(TASKLET_STATE_SCHED, &t->state)) ++ WARN_ON(1); ++ ++again: ++ t->func(t->data); ++ ++ /* ++ * Try to unlock the tasklet. We must use cmpxchg, because ++ * another CPU might have scheduled or disabled the tasklet. ++ * We only allow the STATE_RUN -> 0 transition here. ++ */ ++ while (!tasklet_tryunlock(t)) { ++ /* ++ * If it got disabled meanwhile, bail out: ++ */ ++ if (atomic_read(&t->count)) ++ goto out_disabled; ++ /* ++ * If it got scheduled meanwhile, re-execute ++ * the tasklet function: ++ */ ++ if (test_and_clear_bit(TASKLET_STATE_SCHED, &t->state)) ++ goto again; ++ if (!--loops) { ++ printk("hm, tasklet state: %08lx\n", t->state); ++ WARN_ON(1); ++ tasklet_unlock(t); ++ break; ++ } ++ } + } + } + ++static void tasklet_action(struct softirq_action *a) ++{ ++ struct tasklet_struct *list; ++ ++ local_irq_disable(); ++ list = __get_cpu_var(tasklet_vec).head; ++ __get_cpu_var(tasklet_vec).head = NULL; ++ __get_cpu_var(tasklet_vec).tail = &__get_cpu_var(tasklet_vec).head; ++ local_irq_enable(); ++ ++ __tasklet_action(a, list); ++} ++ + static void tasklet_hi_action(struct softirq_action *a) + { + struct tasklet_struct *list; +@@ -524,30 +1009,7 @@ + __this_cpu_write(tasklet_hi_vec.tail, this_cpu_ptr(&tasklet_hi_vec.head)); + local_irq_enable(); + +- while (list) { +- struct tasklet_struct *t = list; +- +- list = list->next; +- +- if (tasklet_trylock(t)) { +- if (!atomic_read(&t->count)) { +- if (!test_and_clear_bit(TASKLET_STATE_SCHED, +- &t->state)) +- BUG(); +- t->func(t->data); +- tasklet_unlock(t); +- continue; +- } +- tasklet_unlock(t); +- } +- +- local_irq_disable(); +- t->next = NULL; +- *__this_cpu_read(tasklet_hi_vec.tail) = t; +- __this_cpu_write(tasklet_hi_vec.tail, &(t->next)); +- __raise_softirq_irqoff(HI_SOFTIRQ); +- local_irq_enable(); +- } ++ __tasklet_action(a, list); + } + + void tasklet_init(struct tasklet_struct *t, +@@ -568,7 +1030,7 @@ + + while (test_and_set_bit(TASKLET_STATE_SCHED, &t->state)) { + do { +- yield(); ++ msleep(1); + } while (test_bit(TASKLET_STATE_SCHED, &t->state)); + } + tasklet_unlock_wait(t); +@@ -642,26 +1104,26 @@ + open_softirq(HI_SOFTIRQ, tasklet_hi_action); + } + +-static int ksoftirqd_should_run(unsigned int cpu) +-{ +- return local_softirq_pending(); +-} +- +-static void run_ksoftirqd(unsigned int cpu) ++#if defined(CONFIG_SMP) || defined(CONFIG_PREEMPT_RT_FULL) ++void tasklet_unlock_wait(struct tasklet_struct *t) + { +- local_irq_disable(); +- if (local_softirq_pending()) { ++ while (test_bit(TASKLET_STATE_RUN, &(t)->state)) { + /* +- * We can safely run softirq on inline stack, as we are not deep +- * in the task stack here. ++ * Hack for now to avoid this busy-loop: + */ +- __do_softirq(); +- rcu_note_context_switch(cpu); +- local_irq_enable(); +- cond_resched(); +- return; ++#ifdef CONFIG_PREEMPT_RT_FULL ++ msleep(1); ++#else ++ barrier(); ++#endif + } +- local_irq_enable(); ++} ++EXPORT_SYMBOL(tasklet_unlock_wait); ++#endif ++ ++static int ksoftirqd_should_run(unsigned int cpu) ++{ ++ return ksoftirqd_softirq_pending(); + } + + #ifdef CONFIG_HOTPLUG_CPU +@@ -743,6 +1205,8 @@ + + static struct smp_hotplug_thread softirq_threads = { + .store = &ksoftirqd, ++ .setup = ksoftirqd_set_sched_params, ++ .cleanup = ksoftirqd_clr_sched_params, + .thread_should_run = ksoftirqd_should_run, + .thread_fn = run_ksoftirqd, + .thread_comm = "ksoftirqd/%u", +diff -Nur linux-3.18.9.orig/kernel/stop_machine.c linux-3.18.9/kernel/stop_machine.c +--- linux-3.18.9.orig/kernel/stop_machine.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/stop_machine.c 2015-03-15 16:03:03.852094875 -0500 +@@ -30,12 +30,12 @@ + atomic_t nr_todo; /* nr left to execute */ + bool executed; /* actually executed? */ + int ret; /* collected return value */ +- struct completion completion; /* fired if nr_todo reaches 0 */ ++ struct task_struct *waiter; /* woken when nr_todo reaches 0 */ + }; + + /* the actual stopper, one per every possible cpu, enabled on online cpus */ + struct cpu_stopper { +- spinlock_t lock; ++ raw_spinlock_t lock; + bool enabled; /* is this stopper enabled? */ + struct list_head works; /* list of pending works */ + }; +@@ -56,7 +56,7 @@ + { + memset(done, 0, sizeof(*done)); + atomic_set(&done->nr_todo, nr_todo); +- init_completion(&done->completion); ++ done->waiter = current; + } + + /* signal completion unless @done is NULL */ +@@ -65,8 +65,10 @@ + if (done) { + if (executed) + done->executed = true; +- if (atomic_dec_and_test(&done->nr_todo)) +- complete(&done->completion); ++ if (atomic_dec_and_test(&done->nr_todo)) { ++ wake_up_process(done->waiter); ++ done->waiter = NULL; ++ } + } + } + +@@ -78,7 +80,7 @@ + + unsigned long flags; + +- spin_lock_irqsave(&stopper->lock, flags); ++ raw_spin_lock_irqsave(&stopper->lock, flags); + + if (stopper->enabled) { + list_add_tail(&work->list, &stopper->works); +@@ -86,7 +88,23 @@ + } else + cpu_stop_signal_done(work->done, false); + +- spin_unlock_irqrestore(&stopper->lock, flags); ++ raw_spin_unlock_irqrestore(&stopper->lock, flags); ++} ++ ++static void wait_for_stop_done(struct cpu_stop_done *done) ++{ ++ set_current_state(TASK_UNINTERRUPTIBLE); ++ while (atomic_read(&done->nr_todo)) { ++ schedule(); ++ set_current_state(TASK_UNINTERRUPTIBLE); ++ } ++ /* ++ * We need to wait until cpu_stop_signal_done() has cleared ++ * done->waiter. ++ */ ++ while (done->waiter) ++ cpu_relax(); ++ set_current_state(TASK_RUNNING); + } + + /** +@@ -120,7 +138,7 @@ + + cpu_stop_init_done(&done, 1); + cpu_stop_queue_work(cpu, &work); +- wait_for_completion(&done.completion); ++ wait_for_stop_done(&done); + return done.executed ? done.ret : -ENOENT; + } + +@@ -248,7 +266,7 @@ + struct irq_cpu_stop_queue_work_info call_args; + struct multi_stop_data msdata; + +- preempt_disable(); ++ preempt_disable_nort(); + msdata = (struct multi_stop_data){ + .fn = fn, + .data = arg, +@@ -281,7 +299,7 @@ + * This relies on the stopper workqueues to be FIFO. + */ + if (!cpu_active(cpu1) || !cpu_active(cpu2)) { +- preempt_enable(); ++ preempt_enable_nort(); + return -ENOENT; + } + +@@ -295,9 +313,9 @@ + &irq_cpu_stop_queue_work, + &call_args, 1); + lg_local_unlock(&stop_cpus_lock); +- preempt_enable(); ++ preempt_enable_nort(); + +- wait_for_completion(&done.completion); ++ wait_for_stop_done(&done); + + return done.executed ? done.ret : -ENOENT; + } +@@ -329,7 +347,7 @@ + + static void queue_stop_cpus_work(const struct cpumask *cpumask, + cpu_stop_fn_t fn, void *arg, +- struct cpu_stop_done *done) ++ struct cpu_stop_done *done, bool inactive) + { + struct cpu_stop_work *work; + unsigned int cpu; +@@ -343,11 +361,13 @@ + } + + /* +- * Disable preemption while queueing to avoid getting +- * preempted by a stopper which might wait for other stoppers +- * to enter @fn which can lead to deadlock. ++ * Make sure that all work is queued on all cpus before ++ * any of the cpus can execute it. + */ +- lg_global_lock(&stop_cpus_lock); ++ if (!inactive) ++ lg_global_lock(&stop_cpus_lock); ++ else ++ lg_global_trylock_relax(&stop_cpus_lock); + for_each_cpu(cpu, cpumask) + cpu_stop_queue_work(cpu, &per_cpu(stop_cpus_work, cpu)); + lg_global_unlock(&stop_cpus_lock); +@@ -359,8 +379,8 @@ + struct cpu_stop_done done; + + cpu_stop_init_done(&done, cpumask_weight(cpumask)); +- queue_stop_cpus_work(cpumask, fn, arg, &done); +- wait_for_completion(&done.completion); ++ queue_stop_cpus_work(cpumask, fn, arg, &done, false); ++ wait_for_stop_done(&done); + return done.executed ? done.ret : -ENOENT; + } + +@@ -439,9 +459,9 @@ + unsigned long flags; + int run; + +- spin_lock_irqsave(&stopper->lock, flags); ++ raw_spin_lock_irqsave(&stopper->lock, flags); + run = !list_empty(&stopper->works); +- spin_unlock_irqrestore(&stopper->lock, flags); ++ raw_spin_unlock_irqrestore(&stopper->lock, flags); + return run; + } + +@@ -453,13 +473,13 @@ + + repeat: + work = NULL; +- spin_lock_irq(&stopper->lock); ++ raw_spin_lock_irq(&stopper->lock); + if (!list_empty(&stopper->works)) { + work = list_first_entry(&stopper->works, + struct cpu_stop_work, list); + list_del_init(&work->list); + } +- spin_unlock_irq(&stopper->lock); ++ raw_spin_unlock_irq(&stopper->lock); + + if (work) { + cpu_stop_fn_t fn = work->fn; +@@ -467,6 +487,16 @@ + struct cpu_stop_done *done = work->done; + char ksym_buf[KSYM_NAME_LEN] __maybe_unused; + ++ /* ++ * Wait until the stopper finished scheduling on all ++ * cpus ++ */ ++ lg_global_lock(&stop_cpus_lock); ++ /* ++ * Let other cpu threads continue as well ++ */ ++ lg_global_unlock(&stop_cpus_lock); ++ + /* cpu stop callbacks are not allowed to sleep */ + preempt_disable(); + +@@ -481,7 +511,13 @@ + kallsyms_lookup((unsigned long)fn, NULL, NULL, NULL, + ksym_buf), arg); + ++ /* ++ * Make sure that the wakeup and setting done->waiter ++ * to NULL is atomic. ++ */ ++ local_irq_disable(); + cpu_stop_signal_done(done, true); ++ local_irq_enable(); + goto repeat; + } + } +@@ -500,20 +536,20 @@ + unsigned long flags; + + /* drain remaining works */ +- spin_lock_irqsave(&stopper->lock, flags); ++ raw_spin_lock_irqsave(&stopper->lock, flags); + list_for_each_entry(work, &stopper->works, list) + cpu_stop_signal_done(work->done, false); + stopper->enabled = false; +- spin_unlock_irqrestore(&stopper->lock, flags); ++ raw_spin_unlock_irqrestore(&stopper->lock, flags); + } + + static void cpu_stop_unpark(unsigned int cpu) + { + struct cpu_stopper *stopper = &per_cpu(cpu_stopper, cpu); + +- spin_lock_irq(&stopper->lock); ++ raw_spin_lock_irq(&stopper->lock); + stopper->enabled = true; +- spin_unlock_irq(&stopper->lock); ++ raw_spin_unlock_irq(&stopper->lock); + } + + static struct smp_hotplug_thread cpu_stop_threads = { +@@ -535,10 +571,12 @@ + for_each_possible_cpu(cpu) { + struct cpu_stopper *stopper = &per_cpu(cpu_stopper, cpu); + +- spin_lock_init(&stopper->lock); ++ raw_spin_lock_init(&stopper->lock); + INIT_LIST_HEAD(&stopper->works); + } + ++ lg_lock_init(&stop_cpus_lock, "stop_cpus_lock"); ++ + BUG_ON(smpboot_register_percpu_thread(&cpu_stop_threads)); + stop_machine_initialized = true; + return 0; +@@ -634,11 +672,11 @@ + set_state(&msdata, MULTI_STOP_PREPARE); + cpu_stop_init_done(&done, num_active_cpus()); + queue_stop_cpus_work(cpu_active_mask, multi_cpu_stop, &msdata, +- &done); ++ &done, true); + ret = multi_cpu_stop(&msdata); + + /* Busy wait for completion. */ +- while (!completion_done(&done.completion)) ++ while (atomic_read(&done.nr_todo)) + cpu_relax(); + + mutex_unlock(&stop_cpus_mutex); +diff -Nur linux-3.18.9.orig/kernel/time/hrtimer.c linux-3.18.9/kernel/time/hrtimer.c +--- linux-3.18.9.orig/kernel/time/hrtimer.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/time/hrtimer.c 2015-03-15 16:03:03.852094875 -0500 +@@ -48,11 +48,13 @@ + #include <linux/sched/rt.h> + #include <linux/sched/deadline.h> + #include <linux/timer.h> ++#include <linux/kthread.h> + #include <linux/freezer.h> + + #include <asm/uaccess.h> + + #include <trace/events/timer.h> ++#include <trace/events/hist.h> + + #include "timekeeping.h" + +@@ -568,8 +570,7 @@ + * When the callback is running, we do not reprogram the clock event + * device. The timer callback is either running on a different CPU or + * the callback is executed in the hrtimer_interrupt context. The +- * reprogramming is handled either by the softirq, which called the +- * callback or at the end of the hrtimer_interrupt. ++ * reprogramming is handled at the end of the hrtimer_interrupt. + */ + if (hrtimer_callback_running(timer)) + return 0; +@@ -604,6 +605,9 @@ + return res; + } + ++static void __run_hrtimer(struct hrtimer *timer, ktime_t *now); ++static int hrtimer_rt_defer(struct hrtimer *timer); ++ + /* + * Initialize the high resolution related parts of cpu_base + */ +@@ -613,6 +617,21 @@ + base->hres_active = 0; + } + ++static inline int hrtimer_enqueue_reprogram(struct hrtimer *timer, ++ struct hrtimer_clock_base *base, ++ int wakeup) ++{ ++ if (!hrtimer_reprogram(timer, base)) ++ return 0; ++ if (!wakeup) ++ return -ETIME; ++#ifdef CONFIG_PREEMPT_RT_BASE ++ if (!hrtimer_rt_defer(timer)) ++ return -ETIME; ++#endif ++ return 1; ++} ++ + static inline ktime_t hrtimer_update_base(struct hrtimer_cpu_base *base) + { + ktime_t *offs_real = &base->clock_base[HRTIMER_BASE_REALTIME].offset; +@@ -678,6 +697,44 @@ + + static DECLARE_WORK(hrtimer_work, clock_was_set_work); + ++#ifdef CONFIG_PREEMPT_RT_FULL ++/* ++ * RT can not call schedule_work from real interrupt context. ++ * Need to make a thread to do the real work. ++ */ ++static struct task_struct *clock_set_delay_thread; ++static bool do_clock_set_delay; ++ ++static int run_clock_set_delay(void *ignore) ++{ ++ while (!kthread_should_stop()) { ++ set_current_state(TASK_INTERRUPTIBLE); ++ if (do_clock_set_delay) { ++ do_clock_set_delay = false; ++ schedule_work(&hrtimer_work); ++ } ++ schedule(); ++ } ++ __set_current_state(TASK_RUNNING); ++ return 0; ++} ++ ++void clock_was_set_delayed(void) ++{ ++ do_clock_set_delay = true; ++ /* Make visible before waking up process */ ++ smp_wmb(); ++ wake_up_process(clock_set_delay_thread); ++} ++ ++static __init int create_clock_set_delay_thread(void) ++{ ++ clock_set_delay_thread = kthread_run(run_clock_set_delay, NULL, "kclksetdelayd"); ++ BUG_ON(!clock_set_delay_thread); ++ return 0; ++} ++early_initcall(create_clock_set_delay_thread); ++#else /* PREEMPT_RT_FULL */ + /* + * Called from timekeeping and resume code to reprogramm the hrtimer + * interrupt device on all cpus. +@@ -686,6 +743,7 @@ + { + schedule_work(&hrtimer_work); + } ++#endif + + #else + +@@ -694,6 +752,13 @@ + static inline int hrtimer_switch_to_hres(void) { return 0; } + static inline void + hrtimer_force_reprogram(struct hrtimer_cpu_base *base, int skip_equal) { } ++static inline int hrtimer_enqueue_reprogram(struct hrtimer *timer, ++ struct hrtimer_clock_base *base, ++ int wakeup) ++{ ++ return 0; ++} ++ + static inline int hrtimer_reprogram(struct hrtimer *timer, + struct hrtimer_clock_base *base) + { +@@ -701,7 +766,6 @@ + } + static inline void hrtimer_init_hres(struct hrtimer_cpu_base *base) { } + static inline void retrigger_next_event(void *arg) { } +- + #endif /* CONFIG_HIGH_RES_TIMERS */ + + /* +@@ -819,6 +883,32 @@ + } + EXPORT_SYMBOL_GPL(hrtimer_forward); + ++#ifdef CONFIG_PREEMPT_RT_BASE ++# define wake_up_timer_waiters(b) wake_up(&(b)->wait) ++ ++/** ++ * hrtimer_wait_for_timer - Wait for a running timer ++ * ++ * @timer: timer to wait for ++ * ++ * The function waits in case the timers callback function is ++ * currently executed on the waitqueue of the timer base. The ++ * waitqueue is woken up after the timer callback function has ++ * finished execution. ++ */ ++void hrtimer_wait_for_timer(const struct hrtimer *timer) ++{ ++ struct hrtimer_clock_base *base = timer->base; ++ ++ if (base && base->cpu_base && !timer->irqsafe) ++ wait_event(base->cpu_base->wait, ++ !(timer->state & HRTIMER_STATE_CALLBACK)); ++} ++ ++#else ++# define wake_up_timer_waiters(b) do { } while (0) ++#endif ++ + /* + * enqueue_hrtimer - internal function to (re)start a timer + * +@@ -862,6 +952,11 @@ + if (!(timer->state & HRTIMER_STATE_ENQUEUED)) + goto out; + ++ if (unlikely(!list_empty(&timer->cb_entry))) { ++ list_del_init(&timer->cb_entry); ++ goto out; ++ } ++ + next_timer = timerqueue_getnext(&base->active); + timerqueue_del(&base->active, &timer->node); + if (&timer->node == next_timer) { +@@ -949,7 +1044,16 @@ + new_base = switch_hrtimer_base(timer, base, mode & HRTIMER_MODE_PINNED); + + timer_stats_hrtimer_set_start_info(timer); ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++ { ++ ktime_t now = new_base->get_time(); + ++ if (ktime_to_ns(tim) < ktime_to_ns(now)) ++ timer->praecox = now; ++ else ++ timer->praecox = ktime_set(0, 0); ++ } ++#endif + leftmost = enqueue_hrtimer(timer, new_base); + + if (!leftmost) { +@@ -963,15 +1067,26 @@ + * on dynticks target. + */ + wake_up_nohz_cpu(new_base->cpu_base->cpu); +- } else if (new_base->cpu_base == this_cpu_ptr(&hrtimer_bases) && +- hrtimer_reprogram(timer, new_base)) { ++ } else if (new_base->cpu_base == this_cpu_ptr(&hrtimer_bases)) { ++ ++ ret = hrtimer_enqueue_reprogram(timer, new_base, wakeup); ++ if (ret < 0) { ++ /* ++ * In case we failed to reprogram the timer (mostly ++ * because out current timer is already elapsed), ++ * remove it again and report a failure. This avoids ++ * stale base->first entries. ++ */ ++ debug_deactivate(timer); ++ __remove_hrtimer(timer, new_base, ++ timer->state & HRTIMER_STATE_CALLBACK, 0); ++ } else if (ret > 0) { + /* + * Only allow reprogramming if the new base is on this CPU. + * (it might still be on another CPU if the timer was pending) + * + * XXX send_remote_softirq() ? + */ +- if (wakeup) { + /* + * We need to drop cpu_base->lock to avoid a + * lock ordering issue vs. rq->lock. +@@ -979,9 +1094,7 @@ + raw_spin_unlock(&new_base->cpu_base->lock); + raise_softirq_irqoff(HRTIMER_SOFTIRQ); + local_irq_restore(flags); +- return ret; +- } else { +- __raise_softirq_irqoff(HRTIMER_SOFTIRQ); ++ return 0; + } + } + +@@ -1072,7 +1185,7 @@ + + if (ret >= 0) + return ret; +- cpu_relax(); ++ hrtimer_wait_for_timer(timer); + } + } + EXPORT_SYMBOL_GPL(hrtimer_cancel); +@@ -1151,6 +1264,7 @@ + + base = hrtimer_clockid_to_base(clock_id); + timer->base = &cpu_base->clock_base[base]; ++ INIT_LIST_HEAD(&timer->cb_entry); + timerqueue_init(&timer->node); + + #ifdef CONFIG_TIMER_STATS +@@ -1234,6 +1348,126 @@ + timer->state &= ~HRTIMER_STATE_CALLBACK; + } + ++static enum hrtimer_restart hrtimer_wakeup(struct hrtimer *timer); ++ ++#ifdef CONFIG_PREEMPT_RT_BASE ++static void hrtimer_rt_reprogram(int restart, struct hrtimer *timer, ++ struct hrtimer_clock_base *base) ++{ ++ /* ++ * Note, we clear the callback flag before we requeue the ++ * timer otherwise we trigger the callback_running() check ++ * in hrtimer_reprogram(). ++ */ ++ timer->state &= ~HRTIMER_STATE_CALLBACK; ++ ++ if (restart != HRTIMER_NORESTART) { ++ BUG_ON(hrtimer_active(timer)); ++ /* ++ * Enqueue the timer, if it's the leftmost timer then ++ * we need to reprogram it. ++ */ ++ if (!enqueue_hrtimer(timer, base)) ++ return; ++ ++#ifndef CONFIG_HIGH_RES_TIMERS ++ } ++#else ++ if (base->cpu_base->hres_active && ++ hrtimer_reprogram(timer, base)) ++ goto requeue; ++ ++ } else if (hrtimer_active(timer)) { ++ /* ++ * If the timer was rearmed on another CPU, reprogram ++ * the event device. ++ */ ++ if (&timer->node == base->active.next && ++ base->cpu_base->hres_active && ++ hrtimer_reprogram(timer, base)) ++ goto requeue; ++ } ++ return; ++ ++requeue: ++ /* ++ * Timer is expired. Thus move it from tree to pending list ++ * again. ++ */ ++ __remove_hrtimer(timer, base, timer->state, 0); ++ list_add_tail(&timer->cb_entry, &base->expired); ++#endif ++} ++ ++/* ++ * The changes in mainline which removed the callback modes from ++ * hrtimer are not yet working with -rt. The non wakeup_process() ++ * based callbacks which involve sleeping locks need to be treated ++ * seperately. ++ */ ++static void hrtimer_rt_run_pending(void) ++{ ++ enum hrtimer_restart (*fn)(struct hrtimer *); ++ struct hrtimer_cpu_base *cpu_base; ++ struct hrtimer_clock_base *base; ++ struct hrtimer *timer; ++ int index, restart; ++ ++ local_irq_disable(); ++ cpu_base = &per_cpu(hrtimer_bases, smp_processor_id()); ++ ++ raw_spin_lock(&cpu_base->lock); ++ ++ for (index = 0; index < HRTIMER_MAX_CLOCK_BASES; index++) { ++ base = &cpu_base->clock_base[index]; ++ ++ while (!list_empty(&base->expired)) { ++ timer = list_first_entry(&base->expired, ++ struct hrtimer, cb_entry); ++ ++ /* ++ * Same as the above __run_hrtimer function ++ * just we run with interrupts enabled. ++ */ ++ debug_hrtimer_deactivate(timer); ++ __remove_hrtimer(timer, base, HRTIMER_STATE_CALLBACK, 0); ++ timer_stats_account_hrtimer(timer); ++ fn = timer->function; ++ ++ raw_spin_unlock_irq(&cpu_base->lock); ++ restart = fn(timer); ++ raw_spin_lock_irq(&cpu_base->lock); ++ ++ hrtimer_rt_reprogram(restart, timer, base); ++ } ++ } ++ ++ raw_spin_unlock_irq(&cpu_base->lock); ++ ++ wake_up_timer_waiters(cpu_base); ++} ++ ++static int hrtimer_rt_defer(struct hrtimer *timer) ++{ ++ if (timer->irqsafe) ++ return 0; ++ ++ __remove_hrtimer(timer, timer->base, timer->state, 0); ++ list_add_tail(&timer->cb_entry, &timer->base->expired); ++ return 1; ++} ++ ++#else ++ ++static inline void hrtimer_rt_run_pending(void) ++{ ++ hrtimer_peek_ahead_timers(); ++} ++ ++static inline int hrtimer_rt_defer(struct hrtimer *timer) { return 0; } ++ ++#endif ++ + #ifdef CONFIG_HIGH_RES_TIMERS + + /* +@@ -1244,7 +1478,7 @@ + { + struct hrtimer_cpu_base *cpu_base = this_cpu_ptr(&hrtimer_bases); + ktime_t expires_next, now, entry_time, delta; +- int i, retries = 0; ++ int i, retries = 0, raise = 0; + + BUG_ON(!cpu_base->hres_active); + cpu_base->nr_events++; +@@ -1279,6 +1513,15 @@ + + timer = container_of(node, struct hrtimer, node); + ++ trace_hrtimer_interrupt(raw_smp_processor_id(), ++ ktime_to_ns(ktime_sub(ktime_to_ns(timer->praecox) ? ++ timer->praecox : hrtimer_get_expires(timer), ++ basenow)), ++ current, ++ timer->function == hrtimer_wakeup ? ++ container_of(timer, struct hrtimer_sleeper, ++ timer)->task : NULL); ++ + /* + * The immediate goal for using the softexpires is + * minimizing wakeups, not running timers at the +@@ -1304,7 +1547,10 @@ + break; + } + +- __run_hrtimer(timer, &basenow); ++ if (!hrtimer_rt_defer(timer)) ++ __run_hrtimer(timer, &basenow); ++ else ++ raise = 1; + } + } + +@@ -1319,7 +1565,7 @@ + if (expires_next.tv64 == KTIME_MAX || + !tick_program_event(expires_next, 0)) { + cpu_base->hang_detected = 0; +- return; ++ goto out; + } + + /* +@@ -1363,6 +1609,9 @@ + tick_program_event(expires_next, 1); + printk_once(KERN_WARNING "hrtimer: interrupt took %llu ns\n", + ktime_to_ns(delta)); ++out: ++ if (raise) ++ raise_softirq_irqoff(HRTIMER_SOFTIRQ); + } + + /* +@@ -1398,18 +1647,18 @@ + __hrtimer_peek_ahead_timers(); + local_irq_restore(flags); + } +- +-static void run_hrtimer_softirq(struct softirq_action *h) +-{ +- hrtimer_peek_ahead_timers(); +-} +- + #else /* CONFIG_HIGH_RES_TIMERS */ + + static inline void __hrtimer_peek_ahead_timers(void) { } + + #endif /* !CONFIG_HIGH_RES_TIMERS */ + ++ ++static void run_hrtimer_softirq(struct softirq_action *h) ++{ ++ hrtimer_rt_run_pending(); ++} ++ + /* + * Called from timer softirq every jiffy, expire hrtimers: + * +@@ -1442,7 +1691,7 @@ + struct timerqueue_node *node; + struct hrtimer_cpu_base *cpu_base = this_cpu_ptr(&hrtimer_bases); + struct hrtimer_clock_base *base; +- int index, gettime = 1; ++ int index, gettime = 1, raise = 0; + + if (hrtimer_hres_active()) + return; +@@ -1467,10 +1716,16 @@ + hrtimer_get_expires_tv64(timer)) + break; + +- __run_hrtimer(timer, &base->softirq_time); ++ if (!hrtimer_rt_defer(timer)) ++ __run_hrtimer(timer, &base->softirq_time); ++ else ++ raise = 1; + } + raw_spin_unlock(&cpu_base->lock); + } ++ ++ if (raise) ++ raise_softirq_irqoff(HRTIMER_SOFTIRQ); + } + + /* +@@ -1492,16 +1747,18 @@ + void hrtimer_init_sleeper(struct hrtimer_sleeper *sl, struct task_struct *task) + { + sl->timer.function = hrtimer_wakeup; ++ sl->timer.irqsafe = 1; + sl->task = task; + } + EXPORT_SYMBOL_GPL(hrtimer_init_sleeper); + +-static int __sched do_nanosleep(struct hrtimer_sleeper *t, enum hrtimer_mode mode) ++static int __sched do_nanosleep(struct hrtimer_sleeper *t, enum hrtimer_mode mode, ++ unsigned long state) + { + hrtimer_init_sleeper(t, current); + + do { +- set_current_state(TASK_INTERRUPTIBLE); ++ set_current_state(state); + hrtimer_start_expires(&t->timer, mode); + if (!hrtimer_active(&t->timer)) + t->task = NULL; +@@ -1545,7 +1802,8 @@ + HRTIMER_MODE_ABS); + hrtimer_set_expires_tv64(&t.timer, restart->nanosleep.expires); + +- if (do_nanosleep(&t, HRTIMER_MODE_ABS)) ++ /* cpu_chill() does not care about restart state. */ ++ if (do_nanosleep(&t, HRTIMER_MODE_ABS, TASK_INTERRUPTIBLE)) + goto out; + + rmtp = restart->nanosleep.rmtp; +@@ -1562,8 +1820,10 @@ + return ret; + } + +-long hrtimer_nanosleep(struct timespec *rqtp, struct timespec __user *rmtp, +- const enum hrtimer_mode mode, const clockid_t clockid) ++static long ++__hrtimer_nanosleep(struct timespec *rqtp, struct timespec __user *rmtp, ++ const enum hrtimer_mode mode, const clockid_t clockid, ++ unsigned long state) + { + struct restart_block *restart; + struct hrtimer_sleeper t; +@@ -1576,7 +1836,7 @@ + + hrtimer_init_on_stack(&t.timer, clockid, mode); + hrtimer_set_expires_range_ns(&t.timer, timespec_to_ktime(*rqtp), slack); +- if (do_nanosleep(&t, mode)) ++ if (do_nanosleep(&t, mode, state)) + goto out; + + /* Absolute timers do not update the rmtp value and restart: */ +@@ -1603,6 +1863,12 @@ + return ret; + } + ++long hrtimer_nanosleep(struct timespec *rqtp, struct timespec __user *rmtp, ++ const enum hrtimer_mode mode, const clockid_t clockid) ++{ ++ return __hrtimer_nanosleep(rqtp, rmtp, mode, clockid, TASK_INTERRUPTIBLE); ++} ++ + SYSCALL_DEFINE2(nanosleep, struct timespec __user *, rqtp, + struct timespec __user *, rmtp) + { +@@ -1617,6 +1883,26 @@ + return hrtimer_nanosleep(&tu, rmtp, HRTIMER_MODE_REL, CLOCK_MONOTONIC); + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++/* ++ * Sleep for 1 ms in hope whoever holds what we want will let it go. ++ */ ++void cpu_chill(void) ++{ ++ struct timespec tu = { ++ .tv_nsec = NSEC_PER_MSEC, ++ }; ++ unsigned int freeze_flag = current->flags & PF_NOFREEZE; ++ ++ current->flags |= PF_NOFREEZE; ++ __hrtimer_nanosleep(&tu, NULL, HRTIMER_MODE_REL, CLOCK_MONOTONIC, ++ TASK_UNINTERRUPTIBLE); ++ if (!freeze_flag) ++ current->flags &= ~PF_NOFREEZE; ++} ++EXPORT_SYMBOL(cpu_chill); ++#endif ++ + /* + * Functions related to boot-time initialization: + */ +@@ -1628,10 +1914,14 @@ + for (i = 0; i < HRTIMER_MAX_CLOCK_BASES; i++) { + cpu_base->clock_base[i].cpu_base = cpu_base; + timerqueue_init_head(&cpu_base->clock_base[i].active); ++ INIT_LIST_HEAD(&cpu_base->clock_base[i].expired); + } + + cpu_base->cpu = cpu; + hrtimer_init_hres(cpu_base); ++#ifdef CONFIG_PREEMPT_RT_BASE ++ init_waitqueue_head(&cpu_base->wait); ++#endif + } + + #ifdef CONFIG_HOTPLUG_CPU +@@ -1744,9 +2034,7 @@ + hrtimer_cpu_notify(&hrtimers_nb, (unsigned long)CPU_UP_PREPARE, + (void *)(long)smp_processor_id()); + register_cpu_notifier(&hrtimers_nb); +-#ifdef CONFIG_HIGH_RES_TIMERS + open_softirq(HRTIMER_SOFTIRQ, run_hrtimer_softirq); +-#endif + } + + /** +diff -Nur linux-3.18.9.orig/kernel/time/itimer.c linux-3.18.9/kernel/time/itimer.c +--- linux-3.18.9.orig/kernel/time/itimer.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/time/itimer.c 2015-03-15 16:03:03.852094875 -0500 +@@ -213,6 +213,7 @@ + /* We are sharing ->siglock with it_real_fn() */ + if (hrtimer_try_to_cancel(timer) < 0) { + spin_unlock_irq(&tsk->sighand->siglock); ++ hrtimer_wait_for_timer(&tsk->signal->real_timer); + goto again; + } + expires = timeval_to_ktime(value->it_value); +diff -Nur linux-3.18.9.orig/kernel/time/jiffies.c linux-3.18.9/kernel/time/jiffies.c +--- linux-3.18.9.orig/kernel/time/jiffies.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/time/jiffies.c 2015-03-15 16:03:03.852094875 -0500 +@@ -73,7 +73,8 @@ + .shift = JIFFIES_SHIFT, + }; + +-__cacheline_aligned_in_smp DEFINE_SEQLOCK(jiffies_lock); ++__cacheline_aligned_in_smp DEFINE_RAW_SPINLOCK(jiffies_lock); ++__cacheline_aligned_in_smp seqcount_t jiffies_seq; + + #if (BITS_PER_LONG < 64) + u64 get_jiffies_64(void) +@@ -82,9 +83,9 @@ + u64 ret; + + do { +- seq = read_seqbegin(&jiffies_lock); ++ seq = read_seqcount_begin(&jiffies_seq); + ret = jiffies_64; +- } while (read_seqretry(&jiffies_lock, seq)); ++ } while (read_seqcount_retry(&jiffies_seq, seq)); + return ret; + } + EXPORT_SYMBOL(get_jiffies_64); +diff -Nur linux-3.18.9.orig/kernel/time/ntp.c linux-3.18.9/kernel/time/ntp.c +--- linux-3.18.9.orig/kernel/time/ntp.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/time/ntp.c 2015-03-15 16:03:03.852094875 -0500 +@@ -10,6 +10,7 @@ + #include <linux/workqueue.h> + #include <linux/hrtimer.h> + #include <linux/jiffies.h> ++#include <linux/kthread.h> + #include <linux/math64.h> + #include <linux/timex.h> + #include <linux/time.h> +@@ -519,10 +520,52 @@ + &sync_cmos_work, timespec_to_jiffies(&next)); + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++/* ++ * RT can not call schedule_delayed_work from real interrupt context. ++ * Need to make a thread to do the real work. ++ */ ++static struct task_struct *cmos_delay_thread; ++static bool do_cmos_delay; ++ ++static int run_cmos_delay(void *ignore) ++{ ++ while (!kthread_should_stop()) { ++ set_current_state(TASK_INTERRUPTIBLE); ++ if (do_cmos_delay) { ++ do_cmos_delay = false; ++ queue_delayed_work(system_power_efficient_wq, ++ &sync_cmos_work, 0); ++ } ++ schedule(); ++ } ++ __set_current_state(TASK_RUNNING); ++ return 0; ++} ++ ++void ntp_notify_cmos_timer(void) ++{ ++ do_cmos_delay = true; ++ /* Make visible before waking up process */ ++ smp_wmb(); ++ wake_up_process(cmos_delay_thread); ++} ++ ++static __init int create_cmos_delay_thread(void) ++{ ++ cmos_delay_thread = kthread_run(run_cmos_delay, NULL, "kcmosdelayd"); ++ BUG_ON(!cmos_delay_thread); ++ return 0; ++} ++early_initcall(create_cmos_delay_thread); ++ ++#else ++ + void ntp_notify_cmos_timer(void) + { + queue_delayed_work(system_power_efficient_wq, &sync_cmos_work, 0); + } ++#endif /* CONFIG_PREEMPT_RT_FULL */ + + #else + void ntp_notify_cmos_timer(void) { } +diff -Nur linux-3.18.9.orig/kernel/time/posix-cpu-timers.c linux-3.18.9/kernel/time/posix-cpu-timers.c +--- linux-3.18.9.orig/kernel/time/posix-cpu-timers.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/time/posix-cpu-timers.c 2015-03-15 16:03:03.856094875 -0500 +@@ -3,6 +3,7 @@ + */ + + #include <linux/sched.h> ++#include <linux/sched/rt.h> + #include <linux/posix-timers.h> + #include <linux/errno.h> + #include <linux/math64.h> +@@ -626,7 +627,7 @@ + /* + * Disarm any old timer after extracting its expiry time. + */ +- WARN_ON_ONCE(!irqs_disabled()); ++ WARN_ON_ONCE_NONRT(!irqs_disabled()); + + ret = 0; + old_incr = timer->it.cpu.incr; +@@ -1047,7 +1048,7 @@ + /* + * Now re-arm for the new expiry time. + */ +- WARN_ON_ONCE(!irqs_disabled()); ++ WARN_ON_ONCE_NONRT(!irqs_disabled()); + arm_timer(timer); + unlock_task_sighand(p, &flags); + +@@ -1113,10 +1114,11 @@ + sig = tsk->signal; + if (sig->cputimer.running) { + struct task_cputime group_sample; ++ unsigned long flags; + +- raw_spin_lock(&sig->cputimer.lock); ++ raw_spin_lock_irqsave(&sig->cputimer.lock, flags); + group_sample = sig->cputimer.cputime; +- raw_spin_unlock(&sig->cputimer.lock); ++ raw_spin_unlock_irqrestore(&sig->cputimer.lock, flags); + + if (task_cputime_expired(&group_sample, &sig->cputime_expires)) + return 1; +@@ -1130,13 +1132,13 @@ + * already updated our counts. We need to check if any timers fire now. + * Interrupts are disabled. + */ +-void run_posix_cpu_timers(struct task_struct *tsk) ++static void __run_posix_cpu_timers(struct task_struct *tsk) + { + LIST_HEAD(firing); + struct k_itimer *timer, *next; + unsigned long flags; + +- WARN_ON_ONCE(!irqs_disabled()); ++ WARN_ON_ONCE_NONRT(!irqs_disabled()); + + /* + * The fast path checks that there are no expired thread or thread +@@ -1194,6 +1196,190 @@ + } + } + ++#ifdef CONFIG_PREEMPT_RT_BASE ++#include <linux/kthread.h> ++#include <linux/cpu.h> ++DEFINE_PER_CPU(struct task_struct *, posix_timer_task); ++DEFINE_PER_CPU(struct task_struct *, posix_timer_tasklist); ++ ++static int posix_cpu_timers_thread(void *data) ++{ ++ int cpu = (long)data; ++ ++ BUG_ON(per_cpu(posix_timer_task,cpu) != current); ++ ++ while (!kthread_should_stop()) { ++ struct task_struct *tsk = NULL; ++ struct task_struct *next = NULL; ++ ++ if (cpu_is_offline(cpu)) ++ goto wait_to_die; ++ ++ /* grab task list */ ++ raw_local_irq_disable(); ++ tsk = per_cpu(posix_timer_tasklist, cpu); ++ per_cpu(posix_timer_tasklist, cpu) = NULL; ++ raw_local_irq_enable(); ++ ++ /* its possible the list is empty, just return */ ++ if (!tsk) { ++ set_current_state(TASK_INTERRUPTIBLE); ++ schedule(); ++ __set_current_state(TASK_RUNNING); ++ continue; ++ } ++ ++ /* Process task list */ ++ while (1) { ++ /* save next */ ++ next = tsk->posix_timer_list; ++ ++ /* run the task timers, clear its ptr and ++ * unreference it ++ */ ++ __run_posix_cpu_timers(tsk); ++ tsk->posix_timer_list = NULL; ++ put_task_struct(tsk); ++ ++ /* check if this is the last on the list */ ++ if (next == tsk) ++ break; ++ tsk = next; ++ } ++ } ++ return 0; ++ ++wait_to_die: ++ /* Wait for kthread_stop */ ++ set_current_state(TASK_INTERRUPTIBLE); ++ while (!kthread_should_stop()) { ++ schedule(); ++ set_current_state(TASK_INTERRUPTIBLE); ++ } ++ __set_current_state(TASK_RUNNING); ++ return 0; ++} ++ ++static inline int __fastpath_timer_check(struct task_struct *tsk) ++{ ++ /* tsk == current, ensure it is safe to use ->signal/sighand */ ++ if (unlikely(tsk->exit_state)) ++ return 0; ++ ++ if (!task_cputime_zero(&tsk->cputime_expires)) ++ return 1; ++ ++ if (!task_cputime_zero(&tsk->signal->cputime_expires)) ++ return 1; ++ ++ return 0; ++} ++ ++void run_posix_cpu_timers(struct task_struct *tsk) ++{ ++ unsigned long cpu = smp_processor_id(); ++ struct task_struct *tasklist; ++ ++ BUG_ON(!irqs_disabled()); ++ if(!per_cpu(posix_timer_task, cpu)) ++ return; ++ /* get per-cpu references */ ++ tasklist = per_cpu(posix_timer_tasklist, cpu); ++ ++ /* check to see if we're already queued */ ++ if (!tsk->posix_timer_list && __fastpath_timer_check(tsk)) { ++ get_task_struct(tsk); ++ if (tasklist) { ++ tsk->posix_timer_list = tasklist; ++ } else { ++ /* ++ * The list is terminated by a self-pointing ++ * task_struct ++ */ ++ tsk->posix_timer_list = tsk; ++ } ++ per_cpu(posix_timer_tasklist, cpu) = tsk; ++ ++ wake_up_process(per_cpu(posix_timer_task, cpu)); ++ } ++} ++ ++/* ++ * posix_cpu_thread_call - callback that gets triggered when a CPU is added. ++ * Here we can start up the necessary migration thread for the new CPU. ++ */ ++static int posix_cpu_thread_call(struct notifier_block *nfb, ++ unsigned long action, void *hcpu) ++{ ++ int cpu = (long)hcpu; ++ struct task_struct *p; ++ struct sched_param param; ++ ++ switch (action) { ++ case CPU_UP_PREPARE: ++ p = kthread_create(posix_cpu_timers_thread, hcpu, ++ "posixcputmr/%d",cpu); ++ if (IS_ERR(p)) ++ return NOTIFY_BAD; ++ p->flags |= PF_NOFREEZE; ++ kthread_bind(p, cpu); ++ /* Must be high prio to avoid getting starved */ ++ param.sched_priority = MAX_RT_PRIO-1; ++ sched_setscheduler(p, SCHED_FIFO, ¶m); ++ per_cpu(posix_timer_task,cpu) = p; ++ break; ++ case CPU_ONLINE: ++ /* Strictly unneccessary, as first user will wake it. */ ++ wake_up_process(per_cpu(posix_timer_task,cpu)); ++ break; ++#ifdef CONFIG_HOTPLUG_CPU ++ case CPU_UP_CANCELED: ++ /* Unbind it from offline cpu so it can run. Fall thru. */ ++ kthread_bind(per_cpu(posix_timer_task, cpu), ++ cpumask_any(cpu_online_mask)); ++ kthread_stop(per_cpu(posix_timer_task,cpu)); ++ per_cpu(posix_timer_task,cpu) = NULL; ++ break; ++ case CPU_DEAD: ++ kthread_stop(per_cpu(posix_timer_task,cpu)); ++ per_cpu(posix_timer_task,cpu) = NULL; ++ break; ++#endif ++ } ++ return NOTIFY_OK; ++} ++ ++/* Register at highest priority so that task migration (migrate_all_tasks) ++ * happens before everything else. ++ */ ++static struct notifier_block posix_cpu_thread_notifier = { ++ .notifier_call = posix_cpu_thread_call, ++ .priority = 10 ++}; ++ ++static int __init posix_cpu_thread_init(void) ++{ ++ void *hcpu = (void *)(long)smp_processor_id(); ++ /* Start one for boot CPU. */ ++ unsigned long cpu; ++ ++ /* init the per-cpu posix_timer_tasklets */ ++ for_each_possible_cpu(cpu) ++ per_cpu(posix_timer_tasklist, cpu) = NULL; ++ ++ posix_cpu_thread_call(&posix_cpu_thread_notifier, CPU_UP_PREPARE, hcpu); ++ posix_cpu_thread_call(&posix_cpu_thread_notifier, CPU_ONLINE, hcpu); ++ register_cpu_notifier(&posix_cpu_thread_notifier); ++ return 0; ++} ++early_initcall(posix_cpu_thread_init); ++#else /* CONFIG_PREEMPT_RT_BASE */ ++void run_posix_cpu_timers(struct task_struct *tsk) ++{ ++ __run_posix_cpu_timers(tsk); ++} ++#endif /* CONFIG_PREEMPT_RT_BASE */ ++ + /* + * Set one of the process-wide special case CPU timers or RLIMIT_CPU. + * The tsk->sighand->siglock must be held by the caller. +diff -Nur linux-3.18.9.orig/kernel/time/posix-timers.c linux-3.18.9/kernel/time/posix-timers.c +--- linux-3.18.9.orig/kernel/time/posix-timers.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/time/posix-timers.c 2015-03-15 16:03:03.856094875 -0500 +@@ -499,6 +499,7 @@ + static struct pid *good_sigevent(sigevent_t * event) + { + struct task_struct *rtn = current->group_leader; ++ int sig = event->sigev_signo; + + if ((event->sigev_notify & SIGEV_THREAD_ID ) && + (!(rtn = find_task_by_vpid(event->sigev_notify_thread_id)) || +@@ -507,7 +508,8 @@ + return NULL; + + if (((event->sigev_notify & ~SIGEV_THREAD_ID) != SIGEV_NONE) && +- ((event->sigev_signo <= 0) || (event->sigev_signo > SIGRTMAX))) ++ (sig <= 0 || sig > SIGRTMAX || sig_kernel_only(sig) || ++ sig_kernel_coredump(sig))) + return NULL; + + return task_pid(rtn); +@@ -819,6 +821,20 @@ + return overrun; + } + ++/* ++ * Protected by RCU! ++ */ ++static void timer_wait_for_callback(struct k_clock *kc, struct k_itimer *timr) ++{ ++#ifdef CONFIG_PREEMPT_RT_FULL ++ if (kc->timer_set == common_timer_set) ++ hrtimer_wait_for_timer(&timr->it.real.timer); ++ else ++ /* FIXME: Whacky hack for posix-cpu-timers */ ++ schedule_timeout(1); ++#endif ++} ++ + /* Set a POSIX.1b interval timer. */ + /* timr->it_lock is taken. */ + static int +@@ -896,6 +912,7 @@ + if (!timr) + return -EINVAL; + ++ rcu_read_lock(); + kc = clockid_to_kclock(timr->it_clock); + if (WARN_ON_ONCE(!kc || !kc->timer_set)) + error = -EINVAL; +@@ -904,9 +921,12 @@ + + unlock_timer(timr, flag); + if (error == TIMER_RETRY) { ++ timer_wait_for_callback(kc, timr); + rtn = NULL; // We already got the old time... ++ rcu_read_unlock(); + goto retry; + } ++ rcu_read_unlock(); + + if (old_setting && !error && + copy_to_user(old_setting, &old_spec, sizeof (old_spec))) +@@ -944,10 +964,15 @@ + if (!timer) + return -EINVAL; + ++ rcu_read_lock(); + if (timer_delete_hook(timer) == TIMER_RETRY) { + unlock_timer(timer, flags); ++ timer_wait_for_callback(clockid_to_kclock(timer->it_clock), ++ timer); ++ rcu_read_unlock(); + goto retry_delete; + } ++ rcu_read_unlock(); + + spin_lock(¤t->sighand->siglock); + list_del(&timer->list); +@@ -973,8 +998,18 @@ + retry_delete: + spin_lock_irqsave(&timer->it_lock, flags); + ++ /* On RT we can race with a deletion */ ++ if (!timer->it_signal) { ++ unlock_timer(timer, flags); ++ return; ++ } ++ + if (timer_delete_hook(timer) == TIMER_RETRY) { ++ rcu_read_lock(); + unlock_timer(timer, flags); ++ timer_wait_for_callback(clockid_to_kclock(timer->it_clock), ++ timer); ++ rcu_read_unlock(); + goto retry_delete; + } + list_del(&timer->list); +diff -Nur linux-3.18.9.orig/kernel/time/tick-common.c linux-3.18.9/kernel/time/tick-common.c +--- linux-3.18.9.orig/kernel/time/tick-common.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/time/tick-common.c 2015-03-15 16:03:03.856094875 -0500 +@@ -78,13 +78,15 @@ + static void tick_periodic(int cpu) + { + if (tick_do_timer_cpu == cpu) { +- write_seqlock(&jiffies_lock); ++ raw_spin_lock(&jiffies_lock); ++ write_seqcount_begin(&jiffies_seq); + + /* Keep track of the next tick event */ + tick_next_period = ktime_add(tick_next_period, tick_period); + + do_timer(1); +- write_sequnlock(&jiffies_lock); ++ write_seqcount_end(&jiffies_seq); ++ raw_spin_unlock(&jiffies_lock); + update_wall_time(); + } + +@@ -146,9 +148,9 @@ + ktime_t next; + + do { +- seq = read_seqbegin(&jiffies_lock); ++ seq = read_seqcount_begin(&jiffies_seq); + next = tick_next_period; +- } while (read_seqretry(&jiffies_lock, seq)); ++ } while (read_seqcount_retry(&jiffies_seq, seq)); + + clockevents_set_mode(dev, CLOCK_EVT_MODE_ONESHOT); + +diff -Nur linux-3.18.9.orig/kernel/time/tick-internal.h linux-3.18.9/kernel/time/tick-internal.h +--- linux-3.18.9.orig/kernel/time/tick-internal.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/time/tick-internal.h 2015-03-15 16:03:03.856094875 -0500 +@@ -6,7 +6,8 @@ + + #include "timekeeping.h" + +-extern seqlock_t jiffies_lock; ++extern raw_spinlock_t jiffies_lock; ++extern seqcount_t jiffies_seq; + + #define CS_NAME_LEN 32 + +diff -Nur linux-3.18.9.orig/kernel/time/tick-sched.c linux-3.18.9/kernel/time/tick-sched.c +--- linux-3.18.9.orig/kernel/time/tick-sched.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/time/tick-sched.c 2015-03-15 16:03:03.856094875 -0500 +@@ -62,7 +62,8 @@ + return; + + /* Reevalute with jiffies_lock held */ +- write_seqlock(&jiffies_lock); ++ raw_spin_lock(&jiffies_lock); ++ write_seqcount_begin(&jiffies_seq); + + delta = ktime_sub(now, last_jiffies_update); + if (delta.tv64 >= tick_period.tv64) { +@@ -85,10 +86,12 @@ + /* Keep the tick_next_period variable up to date */ + tick_next_period = ktime_add(last_jiffies_update, tick_period); + } else { +- write_sequnlock(&jiffies_lock); ++ write_seqcount_end(&jiffies_seq); ++ raw_spin_unlock(&jiffies_lock); + return; + } +- write_sequnlock(&jiffies_lock); ++ write_seqcount_end(&jiffies_seq); ++ raw_spin_unlock(&jiffies_lock); + update_wall_time(); + } + +@@ -99,12 +102,14 @@ + { + ktime_t period; + +- write_seqlock(&jiffies_lock); ++ raw_spin_lock(&jiffies_lock); ++ write_seqcount_begin(&jiffies_seq); + /* Did we start the jiffies update yet ? */ + if (last_jiffies_update.tv64 == 0) + last_jiffies_update = tick_next_period; + period = last_jiffies_update; +- write_sequnlock(&jiffies_lock); ++ write_seqcount_end(&jiffies_seq); ++ raw_spin_unlock(&jiffies_lock); + return period; + } + +@@ -222,6 +227,7 @@ + + static DEFINE_PER_CPU(struct irq_work, nohz_full_kick_work) = { + .func = nohz_full_kick_work_func, ++ .flags = IRQ_WORK_HARD_IRQ, + }; + + /* +@@ -580,10 +586,10 @@ + + /* Read jiffies and the time when jiffies were updated last */ + do { +- seq = read_seqbegin(&jiffies_lock); ++ seq = read_seqcount_begin(&jiffies_seq); + last_update = last_jiffies_update; + last_jiffies = jiffies; +- } while (read_seqretry(&jiffies_lock, seq)); ++ } while (read_seqcount_retry(&jiffies_seq, seq)); + + if (rcu_needs_cpu(cpu, &rcu_delta_jiffies) || + arch_needs_cpu() || irq_work_needs_cpu()) { +@@ -761,14 +767,7 @@ + return false; + + if (unlikely(local_softirq_pending() && cpu_online(cpu))) { +- static int ratelimit; +- +- if (ratelimit < 10 && +- (local_softirq_pending() & SOFTIRQ_STOP_IDLE_MASK)) { +- pr_warn("NOHZ: local_softirq_pending %02x\n", +- (unsigned int) local_softirq_pending()); +- ratelimit++; +- } ++ softirq_check_pending_idle(); + return false; + } + +@@ -1156,6 +1155,7 @@ + * Emulate tick processing via per-CPU hrtimers: + */ + hrtimer_init(&ts->sched_timer, CLOCK_MONOTONIC, HRTIMER_MODE_ABS); ++ ts->sched_timer.irqsafe = 1; + ts->sched_timer.function = tick_sched_timer; + + /* Get the next period (per cpu) */ +diff -Nur linux-3.18.9.orig/kernel/time/timekeeping.c linux-3.18.9/kernel/time/timekeeping.c +--- linux-3.18.9.orig/kernel/time/timekeeping.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/time/timekeeping.c 2015-03-15 16:03:03.856094875 -0500 +@@ -1814,8 +1814,10 @@ + */ + void xtime_update(unsigned long ticks) + { +- write_seqlock(&jiffies_lock); ++ raw_spin_lock(&jiffies_lock); ++ write_seqcount_begin(&jiffies_seq); + do_timer(ticks); +- write_sequnlock(&jiffies_lock); ++ write_seqcount_end(&jiffies_seq); ++ raw_spin_unlock(&jiffies_lock); + update_wall_time(); + } +diff -Nur linux-3.18.9.orig/kernel/time/timer.c linux-3.18.9/kernel/time/timer.c +--- linux-3.18.9.orig/kernel/time/timer.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/time/timer.c 2015-03-15 16:03:03.856094875 -0500 +@@ -78,6 +78,9 @@ + struct tvec_base { + spinlock_t lock; + struct timer_list *running_timer; ++#ifdef CONFIG_PREEMPT_RT_FULL ++ wait_queue_head_t wait_for_running_timer; ++#endif + unsigned long timer_jiffies; + unsigned long next_timer; + unsigned long active_timers; +@@ -758,6 +761,36 @@ + } + } + ++#ifndef CONFIG_PREEMPT_RT_FULL ++static inline struct tvec_base *switch_timer_base(struct timer_list *timer, ++ struct tvec_base *old, ++ struct tvec_base *new) ++{ ++ /* See the comment in lock_timer_base() */ ++ timer_set_base(timer, NULL); ++ spin_unlock(&old->lock); ++ spin_lock(&new->lock); ++ timer_set_base(timer, new); ++ return new; ++} ++#else ++static inline struct tvec_base *switch_timer_base(struct timer_list *timer, ++ struct tvec_base *old, ++ struct tvec_base *new) ++{ ++ /* ++ * We cannot do the above because we might be preempted and ++ * then the preempter would see NULL and loop forever. ++ */ ++ if (spin_trylock(&new->lock)) { ++ timer_set_base(timer, new); ++ spin_unlock(&old->lock); ++ return new; ++ } ++ return old; ++} ++#endif ++ + static inline int + __mod_timer(struct timer_list *timer, unsigned long expires, + bool pending_only, int pinned) +@@ -788,14 +821,8 @@ + * handler yet has not finished. This also guarantees that + * the timer is serialized wrt itself. + */ +- if (likely(base->running_timer != timer)) { +- /* See the comment in lock_timer_base() */ +- timer_set_base(timer, NULL); +- spin_unlock(&base->lock); +- base = new_base; +- spin_lock(&base->lock); +- timer_set_base(timer, base); +- } ++ if (likely(base->running_timer != timer)) ++ base = switch_timer_base(timer, base, new_base); + } + + timer->expires = expires; +@@ -969,6 +996,29 @@ + } + EXPORT_SYMBOL_GPL(add_timer_on); + ++#ifdef CONFIG_PREEMPT_RT_FULL ++/* ++ * Wait for a running timer ++ */ ++static void wait_for_running_timer(struct timer_list *timer) ++{ ++ struct tvec_base *base = timer->base; ++ ++ if (base->running_timer == timer) ++ wait_event(base->wait_for_running_timer, ++ base->running_timer != timer); ++} ++ ++# define wakeup_timer_waiters(b) wake_up(&(b)->wait_for_running_timer) ++#else ++static inline void wait_for_running_timer(struct timer_list *timer) ++{ ++ cpu_relax(); ++} ++ ++# define wakeup_timer_waiters(b) do { } while (0) ++#endif ++ + /** + * del_timer - deactive a timer. + * @timer: the timer to be deactivated +@@ -1026,7 +1076,7 @@ + } + EXPORT_SYMBOL(try_to_del_timer_sync); + +-#ifdef CONFIG_SMP ++#if defined(CONFIG_SMP) || defined(CONFIG_PREEMPT_RT_FULL) + /** + * del_timer_sync - deactivate a timer and wait for the handler to finish. + * @timer: the timer to be deactivated +@@ -1086,7 +1136,7 @@ + int ret = try_to_del_timer_sync(timer); + if (ret >= 0) + return ret; +- cpu_relax(); ++ wait_for_running_timer(timer); + } + } + EXPORT_SYMBOL(del_timer_sync); +@@ -1207,15 +1257,17 @@ + if (irqsafe) { + spin_unlock(&base->lock); + call_timer_fn(timer, fn, data); ++ base->running_timer = NULL; + spin_lock(&base->lock); + } else { + spin_unlock_irq(&base->lock); + call_timer_fn(timer, fn, data); ++ base->running_timer = NULL; + spin_lock_irq(&base->lock); + } + } + } +- base->running_timer = NULL; ++ wakeup_timer_waiters(base); + spin_unlock_irq(&base->lock); + } + +@@ -1355,17 +1407,31 @@ + if (cpu_is_offline(smp_processor_id())) + return expires; + ++#ifdef CONFIG_PREEMPT_RT_FULL ++ /* ++ * On PREEMPT_RT we cannot sleep here. If the trylock does not ++ * succeed then we return the worst-case 'expires in 1 tick' ++ * value. We use the rt functions here directly to avoid a ++ * migrate_disable() call. ++ */ ++ if (!spin_do_trylock(&base->lock)) ++ return now + 1; ++#else + spin_lock(&base->lock); ++#endif + if (base->active_timers) { + if (time_before_eq(base->next_timer, base->timer_jiffies)) + base->next_timer = __next_timer_interrupt(base); + expires = base->next_timer; + } ++#ifdef CONFIG_PREEMPT_RT_FULL ++ rt_spin_unlock_after_trylock_in_irq(&base->lock); ++#else + spin_unlock(&base->lock); ++#endif + + if (time_before_eq(expires, now)) + return now; +- + return cmp_next_hrtimer_event(now, expires); + } + #endif +@@ -1381,13 +1447,13 @@ + + /* Note: this timer irq context must be accounted for as well. */ + account_process_tick(p, user_tick); ++ scheduler_tick(); + run_local_timers(); + rcu_check_callbacks(cpu, user_tick); + #ifdef CONFIG_IRQ_WORK + if (in_irq()) + irq_work_tick(); + #endif +- scheduler_tick(); + run_posix_cpu_timers(p); + } + +@@ -1400,6 +1466,10 @@ + + hrtimer_run_pending(); + ++#if defined(CONFIG_IRQ_WORK) && defined(CONFIG_PREEMPT_RT_FULL) ++ irq_work_tick(); ++#endif ++ + if (time_after_eq(jiffies, base->timer_jiffies)) + __run_timers(base); + } +@@ -1574,6 +1644,9 @@ + base = per_cpu(tvec_bases, cpu); + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++ init_waitqueue_head(&base->wait_for_running_timer); ++#endif + + for (j = 0; j < TVN_SIZE; j++) { + INIT_LIST_HEAD(base->tv5.vec + j); +@@ -1613,7 +1686,7 @@ + + BUG_ON(cpu_online(cpu)); + old_base = per_cpu(tvec_bases, cpu); +- new_base = get_cpu_var(tvec_bases); ++ new_base = get_local_var(tvec_bases); + /* + * The caller is globally serialized and nobody else + * takes two locks at once, deadlock is not possible. +@@ -1634,7 +1707,7 @@ + + spin_unlock(&old_base->lock); + spin_unlock_irq(&new_base->lock); +- put_cpu_var(tvec_bases); ++ put_local_var(tvec_bases); + } + #endif /* CONFIG_HOTPLUG_CPU */ + +diff -Nur linux-3.18.9.orig/kernel/trace/Kconfig linux-3.18.9/kernel/trace/Kconfig +--- linux-3.18.9.orig/kernel/trace/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/trace/Kconfig 2015-03-15 16:03:03.856094875 -0500 +@@ -187,6 +187,24 @@ + enabled. This option and the preempt-off timing option can be + used together or separately.) + ++config INTERRUPT_OFF_HIST ++ bool "Interrupts-off Latency Histogram" ++ depends on IRQSOFF_TRACER ++ help ++ This option generates continuously updated histograms (one per cpu) ++ of the duration of time periods with interrupts disabled. The ++ histograms are disabled by default. To enable them, write a non-zero ++ number to ++ ++ /sys/kernel/debug/tracing/latency_hist/enable/preemptirqsoff ++ ++ If PREEMPT_OFF_HIST is also selected, additional histograms (one ++ per cpu) are generated that accumulate the duration of time periods ++ when both interrupts and preemption are disabled. The histogram data ++ will be located in the debug file system at ++ ++ /sys/kernel/debug/tracing/latency_hist/irqsoff ++ + config PREEMPT_TRACER + bool "Preemption-off Latency Tracer" + default n +@@ -211,6 +229,24 @@ + enabled. This option and the irqs-off timing option can be + used together or separately.) + ++config PREEMPT_OFF_HIST ++ bool "Preemption-off Latency Histogram" ++ depends on PREEMPT_TRACER ++ help ++ This option generates continuously updated histograms (one per cpu) ++ of the duration of time periods with preemption disabled. The ++ histograms are disabled by default. To enable them, write a non-zero ++ number to ++ ++ /sys/kernel/debug/tracing/latency_hist/enable/preemptirqsoff ++ ++ If INTERRUPT_OFF_HIST is also selected, additional histograms (one ++ per cpu) are generated that accumulate the duration of time periods ++ when both interrupts and preemption are disabled. The histogram data ++ will be located in the debug file system at ++ ++ /sys/kernel/debug/tracing/latency_hist/preemptoff ++ + config SCHED_TRACER + bool "Scheduling Latency Tracer" + select GENERIC_TRACER +@@ -221,6 +257,74 @@ + This tracer tracks the latency of the highest priority task + to be scheduled in, starting from the point it has woken up. + ++config WAKEUP_LATENCY_HIST ++ bool "Scheduling Latency Histogram" ++ depends on SCHED_TRACER ++ help ++ This option generates continuously updated histograms (one per cpu) ++ of the scheduling latency of the highest priority task. ++ The histograms are disabled by default. To enable them, write a ++ non-zero number to ++ ++ /sys/kernel/debug/tracing/latency_hist/enable/wakeup ++ ++ Two different algorithms are used, one to determine the latency of ++ processes that exclusively use the highest priority of the system and ++ another one to determine the latency of processes that share the ++ highest system priority with other processes. The former is used to ++ improve hardware and system software, the latter to optimize the ++ priority design of a given system. The histogram data will be ++ located in the debug file system at ++ ++ /sys/kernel/debug/tracing/latency_hist/wakeup ++ ++ and ++ ++ /sys/kernel/debug/tracing/latency_hist/wakeup/sharedprio ++ ++ If both Scheduling Latency Histogram and Missed Timer Offsets ++ Histogram are selected, additional histogram data will be collected ++ that contain, in addition to the wakeup latency, the timer latency, in ++ case the wakeup was triggered by an expired timer. These histograms ++ are available in the ++ ++ /sys/kernel/debug/tracing/latency_hist/timerandwakeup ++ ++ directory. They reflect the apparent interrupt and scheduling latency ++ and are best suitable to determine the worst-case latency of a given ++ system. To enable these histograms, write a non-zero number to ++ ++ /sys/kernel/debug/tracing/latency_hist/enable/timerandwakeup ++ ++config MISSED_TIMER_OFFSETS_HIST ++ depends on HIGH_RES_TIMERS ++ select GENERIC_TRACER ++ bool "Missed Timer Offsets Histogram" ++ help ++ Generate a histogram of missed timer offsets in microseconds. The ++ histograms are disabled by default. To enable them, write a non-zero ++ number to ++ ++ /sys/kernel/debug/tracing/latency_hist/enable/missed_timer_offsets ++ ++ The histogram data will be located in the debug file system at ++ ++ /sys/kernel/debug/tracing/latency_hist/missed_timer_offsets ++ ++ If both Scheduling Latency Histogram and Missed Timer Offsets ++ Histogram are selected, additional histogram data will be collected ++ that contain, in addition to the wakeup latency, the timer latency, in ++ case the wakeup was triggered by an expired timer. These histograms ++ are available in the ++ ++ /sys/kernel/debug/tracing/latency_hist/timerandwakeup ++ ++ directory. They reflect the apparent interrupt and scheduling latency ++ and are best suitable to determine the worst-case latency of a given ++ system. To enable these histograms, write a non-zero number to ++ ++ /sys/kernel/debug/tracing/latency_hist/enable/timerandwakeup ++ + config ENABLE_DEFAULT_TRACERS + bool "Trace process context switches and events" + depends on !GENERIC_TRACER +diff -Nur linux-3.18.9.orig/kernel/trace/latency_hist.c linux-3.18.9/kernel/trace/latency_hist.c +--- linux-3.18.9.orig/kernel/trace/latency_hist.c 1969-12-31 18:00:00.000000000 -0600 ++++ linux-3.18.9/kernel/trace/latency_hist.c 2015-03-15 16:03:03.860094875 -0500 +@@ -0,0 +1,1178 @@ ++/* ++ * kernel/trace/latency_hist.c ++ * ++ * Add support for histograms of preemption-off latency and ++ * interrupt-off latency and wakeup latency, it depends on ++ * Real-Time Preemption Support. ++ * ++ * Copyright (C) 2005 MontaVista Software, Inc. ++ * Yi Yang <yyang@ch.mvista.com> ++ * ++ * Converted to work with the new latency tracer. ++ * Copyright (C) 2008 Red Hat, Inc. ++ * Steven Rostedt <srostedt@redhat.com> ++ * ++ */ ++#include <linux/module.h> ++#include <linux/debugfs.h> ++#include <linux/seq_file.h> ++#include <linux/percpu.h> ++#include <linux/kallsyms.h> ++#include <linux/uaccess.h> ++#include <linux/sched.h> ++#include <linux/sched/rt.h> ++#include <linux/slab.h> ++#include <linux/atomic.h> ++#include <asm/div64.h> ++ ++#include "trace.h" ++#include <trace/events/sched.h> ++ ++#define NSECS_PER_USECS 1000L ++ ++#define CREATE_TRACE_POINTS ++#include <trace/events/hist.h> ++ ++enum { ++ IRQSOFF_LATENCY = 0, ++ PREEMPTOFF_LATENCY, ++ PREEMPTIRQSOFF_LATENCY, ++ WAKEUP_LATENCY, ++ WAKEUP_LATENCY_SHAREDPRIO, ++ MISSED_TIMER_OFFSETS, ++ TIMERANDWAKEUP_LATENCY, ++ MAX_LATENCY_TYPE, ++}; ++ ++#define MAX_ENTRY_NUM 10240 ++ ++struct hist_data { ++ atomic_t hist_mode; /* 0 log, 1 don't log */ ++ long offset; /* set it to MAX_ENTRY_NUM/2 for a bipolar scale */ ++ long min_lat; ++ long max_lat; ++ unsigned long long below_hist_bound_samples; ++ unsigned long long above_hist_bound_samples; ++ long long accumulate_lat; ++ unsigned long long total_samples; ++ unsigned long long hist_array[MAX_ENTRY_NUM]; ++}; ++ ++struct enable_data { ++ int latency_type; ++ int enabled; ++}; ++ ++static char *latency_hist_dir_root = "latency_hist"; ++ ++#ifdef CONFIG_INTERRUPT_OFF_HIST ++static DEFINE_PER_CPU(struct hist_data, irqsoff_hist); ++static char *irqsoff_hist_dir = "irqsoff"; ++static DEFINE_PER_CPU(cycles_t, hist_irqsoff_start); ++static DEFINE_PER_CPU(int, hist_irqsoff_counting); ++#endif ++ ++#ifdef CONFIG_PREEMPT_OFF_HIST ++static DEFINE_PER_CPU(struct hist_data, preemptoff_hist); ++static char *preemptoff_hist_dir = "preemptoff"; ++static DEFINE_PER_CPU(cycles_t, hist_preemptoff_start); ++static DEFINE_PER_CPU(int, hist_preemptoff_counting); ++#endif ++ ++#if defined(CONFIG_PREEMPT_OFF_HIST) && defined(CONFIG_INTERRUPT_OFF_HIST) ++static DEFINE_PER_CPU(struct hist_data, preemptirqsoff_hist); ++static char *preemptirqsoff_hist_dir = "preemptirqsoff"; ++static DEFINE_PER_CPU(cycles_t, hist_preemptirqsoff_start); ++static DEFINE_PER_CPU(int, hist_preemptirqsoff_counting); ++#endif ++ ++#if defined(CONFIG_PREEMPT_OFF_HIST) || defined(CONFIG_INTERRUPT_OFF_HIST) ++static notrace void probe_preemptirqsoff_hist(void *v, int reason, int start); ++static struct enable_data preemptirqsoff_enabled_data = { ++ .latency_type = PREEMPTIRQSOFF_LATENCY, ++ .enabled = 0, ++}; ++#endif ++ ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++struct maxlatproc_data { ++ char comm[FIELD_SIZEOF(struct task_struct, comm)]; ++ char current_comm[FIELD_SIZEOF(struct task_struct, comm)]; ++ int pid; ++ int current_pid; ++ int prio; ++ int current_prio; ++ long latency; ++ long timeroffset; ++ cycle_t timestamp; ++}; ++#endif ++ ++#ifdef CONFIG_WAKEUP_LATENCY_HIST ++static DEFINE_PER_CPU(struct hist_data, wakeup_latency_hist); ++static DEFINE_PER_CPU(struct hist_data, wakeup_latency_hist_sharedprio); ++static char *wakeup_latency_hist_dir = "wakeup"; ++static char *wakeup_latency_hist_dir_sharedprio = "sharedprio"; ++static notrace void probe_wakeup_latency_hist_start(void *v, ++ struct task_struct *p, int success); ++static notrace void probe_wakeup_latency_hist_stop(void *v, ++ struct task_struct *prev, struct task_struct *next); ++static notrace void probe_sched_migrate_task(void *, ++ struct task_struct *task, int cpu); ++static struct enable_data wakeup_latency_enabled_data = { ++ .latency_type = WAKEUP_LATENCY, ++ .enabled = 0, ++}; ++static DEFINE_PER_CPU(struct maxlatproc_data, wakeup_maxlatproc); ++static DEFINE_PER_CPU(struct maxlatproc_data, wakeup_maxlatproc_sharedprio); ++static DEFINE_PER_CPU(struct task_struct *, wakeup_task); ++static DEFINE_PER_CPU(int, wakeup_sharedprio); ++static unsigned long wakeup_pid; ++#endif ++ ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++static DEFINE_PER_CPU(struct hist_data, missed_timer_offsets); ++static char *missed_timer_offsets_dir = "missed_timer_offsets"; ++static notrace void probe_hrtimer_interrupt(void *v, int cpu, ++ long long offset, struct task_struct *curr, struct task_struct *task); ++static struct enable_data missed_timer_offsets_enabled_data = { ++ .latency_type = MISSED_TIMER_OFFSETS, ++ .enabled = 0, ++}; ++static DEFINE_PER_CPU(struct maxlatproc_data, missed_timer_offsets_maxlatproc); ++static unsigned long missed_timer_offsets_pid; ++#endif ++ ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) && \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++static DEFINE_PER_CPU(struct hist_data, timerandwakeup_latency_hist); ++static char *timerandwakeup_latency_hist_dir = "timerandwakeup"; ++static struct enable_data timerandwakeup_enabled_data = { ++ .latency_type = TIMERANDWAKEUP_LATENCY, ++ .enabled = 0, ++}; ++static DEFINE_PER_CPU(struct maxlatproc_data, timerandwakeup_maxlatproc); ++#endif ++ ++void notrace latency_hist(int latency_type, int cpu, long latency, ++ long timeroffset, cycle_t stop, ++ struct task_struct *p) ++{ ++ struct hist_data *my_hist; ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++ struct maxlatproc_data *mp = NULL; ++#endif ++ ++ if (!cpu_possible(cpu) || latency_type < 0 || ++ latency_type >= MAX_LATENCY_TYPE) ++ return; ++ ++ switch (latency_type) { ++#ifdef CONFIG_INTERRUPT_OFF_HIST ++ case IRQSOFF_LATENCY: ++ my_hist = &per_cpu(irqsoff_hist, cpu); ++ break; ++#endif ++#ifdef CONFIG_PREEMPT_OFF_HIST ++ case PREEMPTOFF_LATENCY: ++ my_hist = &per_cpu(preemptoff_hist, cpu); ++ break; ++#endif ++#if defined(CONFIG_PREEMPT_OFF_HIST) && defined(CONFIG_INTERRUPT_OFF_HIST) ++ case PREEMPTIRQSOFF_LATENCY: ++ my_hist = &per_cpu(preemptirqsoff_hist, cpu); ++ break; ++#endif ++#ifdef CONFIG_WAKEUP_LATENCY_HIST ++ case WAKEUP_LATENCY: ++ my_hist = &per_cpu(wakeup_latency_hist, cpu); ++ mp = &per_cpu(wakeup_maxlatproc, cpu); ++ break; ++ case WAKEUP_LATENCY_SHAREDPRIO: ++ my_hist = &per_cpu(wakeup_latency_hist_sharedprio, cpu); ++ mp = &per_cpu(wakeup_maxlatproc_sharedprio, cpu); ++ break; ++#endif ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++ case MISSED_TIMER_OFFSETS: ++ my_hist = &per_cpu(missed_timer_offsets, cpu); ++ mp = &per_cpu(missed_timer_offsets_maxlatproc, cpu); ++ break; ++#endif ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) && \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++ case TIMERANDWAKEUP_LATENCY: ++ my_hist = &per_cpu(timerandwakeup_latency_hist, cpu); ++ mp = &per_cpu(timerandwakeup_maxlatproc, cpu); ++ break; ++#endif ++ ++ default: ++ return; ++ } ++ ++ latency += my_hist->offset; ++ ++ if (atomic_read(&my_hist->hist_mode) == 0) ++ return; ++ ++ if (latency < 0 || latency >= MAX_ENTRY_NUM) { ++ if (latency < 0) ++ my_hist->below_hist_bound_samples++; ++ else ++ my_hist->above_hist_bound_samples++; ++ } else ++ my_hist->hist_array[latency]++; ++ ++ if (unlikely(latency > my_hist->max_lat || ++ my_hist->min_lat == LONG_MAX)) { ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++ if (latency_type == WAKEUP_LATENCY || ++ latency_type == WAKEUP_LATENCY_SHAREDPRIO || ++ latency_type == MISSED_TIMER_OFFSETS || ++ latency_type == TIMERANDWAKEUP_LATENCY) { ++ strncpy(mp->comm, p->comm, sizeof(mp->comm)); ++ strncpy(mp->current_comm, current->comm, ++ sizeof(mp->current_comm)); ++ mp->pid = task_pid_nr(p); ++ mp->current_pid = task_pid_nr(current); ++ mp->prio = p->prio; ++ mp->current_prio = current->prio; ++ mp->latency = latency; ++ mp->timeroffset = timeroffset; ++ mp->timestamp = stop; ++ } ++#endif ++ my_hist->max_lat = latency; ++ } ++ if (unlikely(latency < my_hist->min_lat)) ++ my_hist->min_lat = latency; ++ my_hist->total_samples++; ++ my_hist->accumulate_lat += latency; ++} ++ ++static void *l_start(struct seq_file *m, loff_t *pos) ++{ ++ loff_t *index_ptr = NULL; ++ loff_t index = *pos; ++ struct hist_data *my_hist = m->private; ++ ++ if (index == 0) { ++ char minstr[32], avgstr[32], maxstr[32]; ++ ++ atomic_dec(&my_hist->hist_mode); ++ ++ if (likely(my_hist->total_samples)) { ++ long avg = (long) div64_s64(my_hist->accumulate_lat, ++ my_hist->total_samples); ++ snprintf(minstr, sizeof(minstr), "%ld", ++ my_hist->min_lat - my_hist->offset); ++ snprintf(avgstr, sizeof(avgstr), "%ld", ++ avg - my_hist->offset); ++ snprintf(maxstr, sizeof(maxstr), "%ld", ++ my_hist->max_lat - my_hist->offset); ++ } else { ++ strcpy(minstr, "<undef>"); ++ strcpy(avgstr, minstr); ++ strcpy(maxstr, minstr); ++ } ++ ++ seq_printf(m, "#Minimum latency: %s microseconds\n" ++ "#Average latency: %s microseconds\n" ++ "#Maximum latency: %s microseconds\n" ++ "#Total samples: %llu\n" ++ "#There are %llu samples lower than %ld" ++ " microseconds.\n" ++ "#There are %llu samples greater or equal" ++ " than %ld microseconds.\n" ++ "#usecs\t%16s\n", ++ minstr, avgstr, maxstr, ++ my_hist->total_samples, ++ my_hist->below_hist_bound_samples, ++ -my_hist->offset, ++ my_hist->above_hist_bound_samples, ++ MAX_ENTRY_NUM - my_hist->offset, ++ "samples"); ++ } ++ if (index < MAX_ENTRY_NUM) { ++ index_ptr = kmalloc(sizeof(loff_t), GFP_KERNEL); ++ if (index_ptr) ++ *index_ptr = index; ++ } ++ ++ return index_ptr; ++} ++ ++static void *l_next(struct seq_file *m, void *p, loff_t *pos) ++{ ++ loff_t *index_ptr = p; ++ struct hist_data *my_hist = m->private; ++ ++ if (++*pos >= MAX_ENTRY_NUM) { ++ atomic_inc(&my_hist->hist_mode); ++ return NULL; ++ } ++ *index_ptr = *pos; ++ return index_ptr; ++} ++ ++static void l_stop(struct seq_file *m, void *p) ++{ ++ kfree(p); ++} ++ ++static int l_show(struct seq_file *m, void *p) ++{ ++ int index = *(loff_t *) p; ++ struct hist_data *my_hist = m->private; ++ ++ seq_printf(m, "%6ld\t%16llu\n", index - my_hist->offset, ++ my_hist->hist_array[index]); ++ return 0; ++} ++ ++static const struct seq_operations latency_hist_seq_op = { ++ .start = l_start, ++ .next = l_next, ++ .stop = l_stop, ++ .show = l_show ++}; ++ ++static int latency_hist_open(struct inode *inode, struct file *file) ++{ ++ int ret; ++ ++ ret = seq_open(file, &latency_hist_seq_op); ++ if (!ret) { ++ struct seq_file *seq = file->private_data; ++ seq->private = inode->i_private; ++ } ++ return ret; ++} ++ ++static const struct file_operations latency_hist_fops = { ++ .open = latency_hist_open, ++ .read = seq_read, ++ .llseek = seq_lseek, ++ .release = seq_release, ++}; ++ ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++static void clear_maxlatprocdata(struct maxlatproc_data *mp) ++{ ++ mp->comm[0] = mp->current_comm[0] = '\0'; ++ mp->prio = mp->current_prio = mp->pid = mp->current_pid = ++ mp->latency = mp->timeroffset = -1; ++ mp->timestamp = 0; ++} ++#endif ++ ++static void hist_reset(struct hist_data *hist) ++{ ++ atomic_dec(&hist->hist_mode); ++ ++ memset(hist->hist_array, 0, sizeof(hist->hist_array)); ++ hist->below_hist_bound_samples = 0ULL; ++ hist->above_hist_bound_samples = 0ULL; ++ hist->min_lat = LONG_MAX; ++ hist->max_lat = LONG_MIN; ++ hist->total_samples = 0ULL; ++ hist->accumulate_lat = 0LL; ++ ++ atomic_inc(&hist->hist_mode); ++} ++ ++static ssize_t ++latency_hist_reset(struct file *file, const char __user *a, ++ size_t size, loff_t *off) ++{ ++ int cpu; ++ struct hist_data *hist = NULL; ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++ struct maxlatproc_data *mp = NULL; ++#endif ++ off_t latency_type = (off_t) file->private_data; ++ ++ for_each_online_cpu(cpu) { ++ ++ switch (latency_type) { ++#ifdef CONFIG_PREEMPT_OFF_HIST ++ case PREEMPTOFF_LATENCY: ++ hist = &per_cpu(preemptoff_hist, cpu); ++ break; ++#endif ++#ifdef CONFIG_INTERRUPT_OFF_HIST ++ case IRQSOFF_LATENCY: ++ hist = &per_cpu(irqsoff_hist, cpu); ++ break; ++#endif ++#if defined(CONFIG_INTERRUPT_OFF_HIST) && defined(CONFIG_PREEMPT_OFF_HIST) ++ case PREEMPTIRQSOFF_LATENCY: ++ hist = &per_cpu(preemptirqsoff_hist, cpu); ++ break; ++#endif ++#ifdef CONFIG_WAKEUP_LATENCY_HIST ++ case WAKEUP_LATENCY: ++ hist = &per_cpu(wakeup_latency_hist, cpu); ++ mp = &per_cpu(wakeup_maxlatproc, cpu); ++ break; ++ case WAKEUP_LATENCY_SHAREDPRIO: ++ hist = &per_cpu(wakeup_latency_hist_sharedprio, cpu); ++ mp = &per_cpu(wakeup_maxlatproc_sharedprio, cpu); ++ break; ++#endif ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++ case MISSED_TIMER_OFFSETS: ++ hist = &per_cpu(missed_timer_offsets, cpu); ++ mp = &per_cpu(missed_timer_offsets_maxlatproc, cpu); ++ break; ++#endif ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) && \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++ case TIMERANDWAKEUP_LATENCY: ++ hist = &per_cpu(timerandwakeup_latency_hist, cpu); ++ mp = &per_cpu(timerandwakeup_maxlatproc, cpu); ++ break; ++#endif ++ } ++ ++ hist_reset(hist); ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++ if (latency_type == WAKEUP_LATENCY || ++ latency_type == WAKEUP_LATENCY_SHAREDPRIO || ++ latency_type == MISSED_TIMER_OFFSETS || ++ latency_type == TIMERANDWAKEUP_LATENCY) ++ clear_maxlatprocdata(mp); ++#endif ++ } ++ ++ return size; ++} ++ ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++static ssize_t ++show_pid(struct file *file, char __user *ubuf, size_t cnt, loff_t *ppos) ++{ ++ char buf[64]; ++ int r; ++ unsigned long *this_pid = file->private_data; ++ ++ r = snprintf(buf, sizeof(buf), "%lu\n", *this_pid); ++ return simple_read_from_buffer(ubuf, cnt, ppos, buf, r); ++} ++ ++static ssize_t do_pid(struct file *file, const char __user *ubuf, ++ size_t cnt, loff_t *ppos) ++{ ++ char buf[64]; ++ unsigned long pid; ++ unsigned long *this_pid = file->private_data; ++ ++ if (cnt >= sizeof(buf)) ++ return -EINVAL; ++ ++ if (copy_from_user(&buf, ubuf, cnt)) ++ return -EFAULT; ++ ++ buf[cnt] = '\0'; ++ ++ if (kstrtoul(buf, 10, &pid)) ++ return -EINVAL; ++ ++ *this_pid = pid; ++ ++ return cnt; ++} ++#endif ++ ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++static ssize_t ++show_maxlatproc(struct file *file, char __user *ubuf, size_t cnt, loff_t *ppos) ++{ ++ int r; ++ struct maxlatproc_data *mp = file->private_data; ++ int strmaxlen = (TASK_COMM_LEN * 2) + (8 * 8); ++ unsigned long long t; ++ unsigned long usecs, secs; ++ char *buf; ++ ++ if (mp->pid == -1 || mp->current_pid == -1) { ++ buf = "(none)\n"; ++ return simple_read_from_buffer(ubuf, cnt, ppos, buf, ++ strlen(buf)); ++ } ++ ++ buf = kmalloc(strmaxlen, GFP_KERNEL); ++ if (buf == NULL) ++ return -ENOMEM; ++ ++ t = ns2usecs(mp->timestamp); ++ usecs = do_div(t, USEC_PER_SEC); ++ secs = (unsigned long) t; ++ r = snprintf(buf, strmaxlen, ++ "%d %d %ld (%ld) %s <- %d %d %s %lu.%06lu\n", mp->pid, ++ MAX_RT_PRIO-1 - mp->prio, mp->latency, mp->timeroffset, mp->comm, ++ mp->current_pid, MAX_RT_PRIO-1 - mp->current_prio, mp->current_comm, ++ secs, usecs); ++ r = simple_read_from_buffer(ubuf, cnt, ppos, buf, r); ++ kfree(buf); ++ return r; ++} ++#endif ++ ++static ssize_t ++show_enable(struct file *file, char __user *ubuf, size_t cnt, loff_t *ppos) ++{ ++ char buf[64]; ++ struct enable_data *ed = file->private_data; ++ int r; ++ ++ r = snprintf(buf, sizeof(buf), "%d\n", ed->enabled); ++ return simple_read_from_buffer(ubuf, cnt, ppos, buf, r); ++} ++ ++static ssize_t ++do_enable(struct file *file, const char __user *ubuf, size_t cnt, loff_t *ppos) ++{ ++ char buf[64]; ++ long enable; ++ struct enable_data *ed = file->private_data; ++ ++ if (cnt >= sizeof(buf)) ++ return -EINVAL; ++ ++ if (copy_from_user(&buf, ubuf, cnt)) ++ return -EFAULT; ++ ++ buf[cnt] = 0; ++ ++ if (kstrtoul(buf, 10, &enable)) ++ return -EINVAL; ++ ++ if ((enable && ed->enabled) || (!enable && !ed->enabled)) ++ return cnt; ++ ++ if (enable) { ++ int ret; ++ ++ switch (ed->latency_type) { ++#if defined(CONFIG_INTERRUPT_OFF_HIST) || defined(CONFIG_PREEMPT_OFF_HIST) ++ case PREEMPTIRQSOFF_LATENCY: ++ ret = register_trace_preemptirqsoff_hist( ++ probe_preemptirqsoff_hist, NULL); ++ if (ret) { ++ pr_info("wakeup trace: Couldn't assign " ++ "probe_preemptirqsoff_hist " ++ "to trace_preemptirqsoff_hist\n"); ++ return ret; ++ } ++ break; ++#endif ++#ifdef CONFIG_WAKEUP_LATENCY_HIST ++ case WAKEUP_LATENCY: ++ ret = register_trace_sched_wakeup( ++ probe_wakeup_latency_hist_start, NULL); ++ if (ret) { ++ pr_info("wakeup trace: Couldn't assign " ++ "probe_wakeup_latency_hist_start " ++ "to trace_sched_wakeup\n"); ++ return ret; ++ } ++ ret = register_trace_sched_wakeup_new( ++ probe_wakeup_latency_hist_start, NULL); ++ if (ret) { ++ pr_info("wakeup trace: Couldn't assign " ++ "probe_wakeup_latency_hist_start " ++ "to trace_sched_wakeup_new\n"); ++ unregister_trace_sched_wakeup( ++ probe_wakeup_latency_hist_start, NULL); ++ return ret; ++ } ++ ret = register_trace_sched_switch( ++ probe_wakeup_latency_hist_stop, NULL); ++ if (ret) { ++ pr_info("wakeup trace: Couldn't assign " ++ "probe_wakeup_latency_hist_stop " ++ "to trace_sched_switch\n"); ++ unregister_trace_sched_wakeup( ++ probe_wakeup_latency_hist_start, NULL); ++ unregister_trace_sched_wakeup_new( ++ probe_wakeup_latency_hist_start, NULL); ++ return ret; ++ } ++ ret = register_trace_sched_migrate_task( ++ probe_sched_migrate_task, NULL); ++ if (ret) { ++ pr_info("wakeup trace: Couldn't assign " ++ "probe_sched_migrate_task " ++ "to trace_sched_migrate_task\n"); ++ unregister_trace_sched_wakeup( ++ probe_wakeup_latency_hist_start, NULL); ++ unregister_trace_sched_wakeup_new( ++ probe_wakeup_latency_hist_start, NULL); ++ unregister_trace_sched_switch( ++ probe_wakeup_latency_hist_stop, NULL); ++ return ret; ++ } ++ break; ++#endif ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++ case MISSED_TIMER_OFFSETS: ++ ret = register_trace_hrtimer_interrupt( ++ probe_hrtimer_interrupt, NULL); ++ if (ret) { ++ pr_info("wakeup trace: Couldn't assign " ++ "probe_hrtimer_interrupt " ++ "to trace_hrtimer_interrupt\n"); ++ return ret; ++ } ++ break; ++#endif ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) && \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++ case TIMERANDWAKEUP_LATENCY: ++ if (!wakeup_latency_enabled_data.enabled || ++ !missed_timer_offsets_enabled_data.enabled) ++ return -EINVAL; ++ break; ++#endif ++ default: ++ break; ++ } ++ } else { ++ switch (ed->latency_type) { ++#if defined(CONFIG_INTERRUPT_OFF_HIST) || defined(CONFIG_PREEMPT_OFF_HIST) ++ case PREEMPTIRQSOFF_LATENCY: ++ { ++ int cpu; ++ ++ unregister_trace_preemptirqsoff_hist( ++ probe_preemptirqsoff_hist, NULL); ++ for_each_online_cpu(cpu) { ++#ifdef CONFIG_INTERRUPT_OFF_HIST ++ per_cpu(hist_irqsoff_counting, ++ cpu) = 0; ++#endif ++#ifdef CONFIG_PREEMPT_OFF_HIST ++ per_cpu(hist_preemptoff_counting, ++ cpu) = 0; ++#endif ++#if defined(CONFIG_INTERRUPT_OFF_HIST) && defined(CONFIG_PREEMPT_OFF_HIST) ++ per_cpu(hist_preemptirqsoff_counting, ++ cpu) = 0; ++#endif ++ } ++ } ++ break; ++#endif ++#ifdef CONFIG_WAKEUP_LATENCY_HIST ++ case WAKEUP_LATENCY: ++ { ++ int cpu; ++ ++ unregister_trace_sched_wakeup( ++ probe_wakeup_latency_hist_start, NULL); ++ unregister_trace_sched_wakeup_new( ++ probe_wakeup_latency_hist_start, NULL); ++ unregister_trace_sched_switch( ++ probe_wakeup_latency_hist_stop, NULL); ++ unregister_trace_sched_migrate_task( ++ probe_sched_migrate_task, NULL); ++ ++ for_each_online_cpu(cpu) { ++ per_cpu(wakeup_task, cpu) = NULL; ++ per_cpu(wakeup_sharedprio, cpu) = 0; ++ } ++ } ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++ timerandwakeup_enabled_data.enabled = 0; ++#endif ++ break; ++#endif ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++ case MISSED_TIMER_OFFSETS: ++ unregister_trace_hrtimer_interrupt( ++ probe_hrtimer_interrupt, NULL); ++#ifdef CONFIG_WAKEUP_LATENCY_HIST ++ timerandwakeup_enabled_data.enabled = 0; ++#endif ++ break; ++#endif ++ default: ++ break; ++ } ++ } ++ ed->enabled = enable; ++ return cnt; ++} ++ ++static const struct file_operations latency_hist_reset_fops = { ++ .open = tracing_open_generic, ++ .write = latency_hist_reset, ++}; ++ ++static const struct file_operations enable_fops = { ++ .open = tracing_open_generic, ++ .read = show_enable, ++ .write = do_enable, ++}; ++ ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++static const struct file_operations pid_fops = { ++ .open = tracing_open_generic, ++ .read = show_pid, ++ .write = do_pid, ++}; ++ ++static const struct file_operations maxlatproc_fops = { ++ .open = tracing_open_generic, ++ .read = show_maxlatproc, ++}; ++#endif ++ ++#if defined(CONFIG_INTERRUPT_OFF_HIST) || defined(CONFIG_PREEMPT_OFF_HIST) ++static notrace void probe_preemptirqsoff_hist(void *v, int reason, ++ int starthist) ++{ ++ int cpu = raw_smp_processor_id(); ++ int time_set = 0; ++ ++ if (starthist) { ++ cycle_t uninitialized_var(start); ++ ++ if (!preempt_count() && !irqs_disabled()) ++ return; ++ ++#ifdef CONFIG_INTERRUPT_OFF_HIST ++ if ((reason == IRQS_OFF || reason == TRACE_START) && ++ !per_cpu(hist_irqsoff_counting, cpu)) { ++ per_cpu(hist_irqsoff_counting, cpu) = 1; ++ start = ftrace_now(cpu); ++ time_set++; ++ per_cpu(hist_irqsoff_start, cpu) = start; ++ } ++#endif ++ ++#ifdef CONFIG_PREEMPT_OFF_HIST ++ if ((reason == PREEMPT_OFF || reason == TRACE_START) && ++ !per_cpu(hist_preemptoff_counting, cpu)) { ++ per_cpu(hist_preemptoff_counting, cpu) = 1; ++ if (!(time_set++)) ++ start = ftrace_now(cpu); ++ per_cpu(hist_preemptoff_start, cpu) = start; ++ } ++#endif ++ ++#if defined(CONFIG_INTERRUPT_OFF_HIST) && defined(CONFIG_PREEMPT_OFF_HIST) ++ if (per_cpu(hist_irqsoff_counting, cpu) && ++ per_cpu(hist_preemptoff_counting, cpu) && ++ !per_cpu(hist_preemptirqsoff_counting, cpu)) { ++ per_cpu(hist_preemptirqsoff_counting, cpu) = 1; ++ if (!time_set) ++ start = ftrace_now(cpu); ++ per_cpu(hist_preemptirqsoff_start, cpu) = start; ++ } ++#endif ++ } else { ++ cycle_t uninitialized_var(stop); ++ ++#ifdef CONFIG_INTERRUPT_OFF_HIST ++ if ((reason == IRQS_ON || reason == TRACE_STOP) && ++ per_cpu(hist_irqsoff_counting, cpu)) { ++ cycle_t start = per_cpu(hist_irqsoff_start, cpu); ++ ++ stop = ftrace_now(cpu); ++ time_set++; ++ if (start) { ++ long latency = ((long) (stop - start)) / ++ NSECS_PER_USECS; ++ ++ latency_hist(IRQSOFF_LATENCY, cpu, latency, 0, ++ stop, NULL); ++ } ++ per_cpu(hist_irqsoff_counting, cpu) = 0; ++ } ++#endif ++ ++#ifdef CONFIG_PREEMPT_OFF_HIST ++ if ((reason == PREEMPT_ON || reason == TRACE_STOP) && ++ per_cpu(hist_preemptoff_counting, cpu)) { ++ cycle_t start = per_cpu(hist_preemptoff_start, cpu); ++ ++ if (!(time_set++)) ++ stop = ftrace_now(cpu); ++ if (start) { ++ long latency = ((long) (stop - start)) / ++ NSECS_PER_USECS; ++ ++ latency_hist(PREEMPTOFF_LATENCY, cpu, latency, ++ 0, stop, NULL); ++ } ++ per_cpu(hist_preemptoff_counting, cpu) = 0; ++ } ++#endif ++ ++#if defined(CONFIG_INTERRUPT_OFF_HIST) && defined(CONFIG_PREEMPT_OFF_HIST) ++ if ((!per_cpu(hist_irqsoff_counting, cpu) || ++ !per_cpu(hist_preemptoff_counting, cpu)) && ++ per_cpu(hist_preemptirqsoff_counting, cpu)) { ++ cycle_t start = per_cpu(hist_preemptirqsoff_start, cpu); ++ ++ if (!time_set) ++ stop = ftrace_now(cpu); ++ if (start) { ++ long latency = ((long) (stop - start)) / ++ NSECS_PER_USECS; ++ ++ latency_hist(PREEMPTIRQSOFF_LATENCY, cpu, ++ latency, 0, stop, NULL); ++ } ++ per_cpu(hist_preemptirqsoff_counting, cpu) = 0; ++ } ++#endif ++ } ++} ++#endif ++ ++#ifdef CONFIG_WAKEUP_LATENCY_HIST ++static DEFINE_RAW_SPINLOCK(wakeup_lock); ++static notrace void probe_sched_migrate_task(void *v, struct task_struct *task, ++ int cpu) ++{ ++ int old_cpu = task_cpu(task); ++ ++ if (cpu != old_cpu) { ++ unsigned long flags; ++ struct task_struct *cpu_wakeup_task; ++ ++ raw_spin_lock_irqsave(&wakeup_lock, flags); ++ ++ cpu_wakeup_task = per_cpu(wakeup_task, old_cpu); ++ if (task == cpu_wakeup_task) { ++ put_task_struct(cpu_wakeup_task); ++ per_cpu(wakeup_task, old_cpu) = NULL; ++ cpu_wakeup_task = per_cpu(wakeup_task, cpu) = task; ++ get_task_struct(cpu_wakeup_task); ++ } ++ ++ raw_spin_unlock_irqrestore(&wakeup_lock, flags); ++ } ++} ++ ++static notrace void probe_wakeup_latency_hist_start(void *v, ++ struct task_struct *p, int success) ++{ ++ unsigned long flags; ++ struct task_struct *curr = current; ++ int cpu = task_cpu(p); ++ struct task_struct *cpu_wakeup_task; ++ ++ raw_spin_lock_irqsave(&wakeup_lock, flags); ++ ++ cpu_wakeup_task = per_cpu(wakeup_task, cpu); ++ ++ if (wakeup_pid) { ++ if ((cpu_wakeup_task && p->prio == cpu_wakeup_task->prio) || ++ p->prio == curr->prio) ++ per_cpu(wakeup_sharedprio, cpu) = 1; ++ if (likely(wakeup_pid != task_pid_nr(p))) ++ goto out; ++ } else { ++ if (likely(!rt_task(p)) || ++ (cpu_wakeup_task && p->prio > cpu_wakeup_task->prio) || ++ p->prio > curr->prio) ++ goto out; ++ if ((cpu_wakeup_task && p->prio == cpu_wakeup_task->prio) || ++ p->prio == curr->prio) ++ per_cpu(wakeup_sharedprio, cpu) = 1; ++ } ++ ++ if (cpu_wakeup_task) ++ put_task_struct(cpu_wakeup_task); ++ cpu_wakeup_task = per_cpu(wakeup_task, cpu) = p; ++ get_task_struct(cpu_wakeup_task); ++ cpu_wakeup_task->preempt_timestamp_hist = ++ ftrace_now(raw_smp_processor_id()); ++out: ++ raw_spin_unlock_irqrestore(&wakeup_lock, flags); ++} ++ ++static notrace void probe_wakeup_latency_hist_stop(void *v, ++ struct task_struct *prev, struct task_struct *next) ++{ ++ unsigned long flags; ++ int cpu = task_cpu(next); ++ long latency; ++ cycle_t stop; ++ struct task_struct *cpu_wakeup_task; ++ ++ raw_spin_lock_irqsave(&wakeup_lock, flags); ++ ++ cpu_wakeup_task = per_cpu(wakeup_task, cpu); ++ ++ if (cpu_wakeup_task == NULL) ++ goto out; ++ ++ /* Already running? */ ++ if (unlikely(current == cpu_wakeup_task)) ++ goto out_reset; ++ ++ if (next != cpu_wakeup_task) { ++ if (next->prio < cpu_wakeup_task->prio) ++ goto out_reset; ++ ++ if (next->prio == cpu_wakeup_task->prio) ++ per_cpu(wakeup_sharedprio, cpu) = 1; ++ ++ goto out; ++ } ++ ++ if (current->prio == cpu_wakeup_task->prio) ++ per_cpu(wakeup_sharedprio, cpu) = 1; ++ ++ /* ++ * The task we are waiting for is about to be switched to. ++ * Calculate latency and store it in histogram. ++ */ ++ stop = ftrace_now(raw_smp_processor_id()); ++ ++ latency = ((long) (stop - next->preempt_timestamp_hist)) / ++ NSECS_PER_USECS; ++ ++ if (per_cpu(wakeup_sharedprio, cpu)) { ++ latency_hist(WAKEUP_LATENCY_SHAREDPRIO, cpu, latency, 0, stop, ++ next); ++ per_cpu(wakeup_sharedprio, cpu) = 0; ++ } else { ++ latency_hist(WAKEUP_LATENCY, cpu, latency, 0, stop, next); ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++ if (timerandwakeup_enabled_data.enabled) { ++ latency_hist(TIMERANDWAKEUP_LATENCY, cpu, ++ next->timer_offset + latency, next->timer_offset, ++ stop, next); ++ } ++#endif ++ } ++ ++out_reset: ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++ next->timer_offset = 0; ++#endif ++ put_task_struct(cpu_wakeup_task); ++ per_cpu(wakeup_task, cpu) = NULL; ++out: ++ raw_spin_unlock_irqrestore(&wakeup_lock, flags); ++} ++#endif ++ ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++static notrace void probe_hrtimer_interrupt(void *v, int cpu, ++ long long latency_ns, struct task_struct *curr, ++ struct task_struct *task) ++{ ++ if (latency_ns <= 0 && task != NULL && rt_task(task) && ++ (task->prio < curr->prio || ++ (task->prio == curr->prio && ++ !cpumask_test_cpu(cpu, &task->cpus_allowed)))) { ++ long latency; ++ cycle_t now; ++ ++ if (missed_timer_offsets_pid) { ++ if (likely(missed_timer_offsets_pid != ++ task_pid_nr(task))) ++ return; ++ } ++ ++ now = ftrace_now(cpu); ++ latency = (long) div_s64(-latency_ns, NSECS_PER_USECS); ++ latency_hist(MISSED_TIMER_OFFSETS, cpu, latency, latency, now, ++ task); ++#ifdef CONFIG_WAKEUP_LATENCY_HIST ++ task->timer_offset = latency; ++#endif ++ } ++} ++#endif ++ ++static __init int latency_hist_init(void) ++{ ++ struct dentry *latency_hist_root = NULL; ++ struct dentry *dentry; ++#ifdef CONFIG_WAKEUP_LATENCY_HIST ++ struct dentry *dentry_sharedprio; ++#endif ++ struct dentry *entry; ++ struct dentry *enable_root; ++ int i = 0; ++ struct hist_data *my_hist; ++ char name[64]; ++ char *cpufmt = "CPU%d"; ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++ char *cpufmt_maxlatproc = "max_latency-CPU%d"; ++ struct maxlatproc_data *mp = NULL; ++#endif ++ ++ dentry = tracing_init_dentry(); ++ latency_hist_root = debugfs_create_dir(latency_hist_dir_root, dentry); ++ enable_root = debugfs_create_dir("enable", latency_hist_root); ++ ++#ifdef CONFIG_INTERRUPT_OFF_HIST ++ dentry = debugfs_create_dir(irqsoff_hist_dir, latency_hist_root); ++ for_each_possible_cpu(i) { ++ sprintf(name, cpufmt, i); ++ entry = debugfs_create_file(name, 0444, dentry, ++ &per_cpu(irqsoff_hist, i), &latency_hist_fops); ++ my_hist = &per_cpu(irqsoff_hist, i); ++ atomic_set(&my_hist->hist_mode, 1); ++ my_hist->min_lat = LONG_MAX; ++ } ++ entry = debugfs_create_file("reset", 0644, dentry, ++ (void *)IRQSOFF_LATENCY, &latency_hist_reset_fops); ++#endif ++ ++#ifdef CONFIG_PREEMPT_OFF_HIST ++ dentry = debugfs_create_dir(preemptoff_hist_dir, ++ latency_hist_root); ++ for_each_possible_cpu(i) { ++ sprintf(name, cpufmt, i); ++ entry = debugfs_create_file(name, 0444, dentry, ++ &per_cpu(preemptoff_hist, i), &latency_hist_fops); ++ my_hist = &per_cpu(preemptoff_hist, i); ++ atomic_set(&my_hist->hist_mode, 1); ++ my_hist->min_lat = LONG_MAX; ++ } ++ entry = debugfs_create_file("reset", 0644, dentry, ++ (void *)PREEMPTOFF_LATENCY, &latency_hist_reset_fops); ++#endif ++ ++#if defined(CONFIG_INTERRUPT_OFF_HIST) && defined(CONFIG_PREEMPT_OFF_HIST) ++ dentry = debugfs_create_dir(preemptirqsoff_hist_dir, ++ latency_hist_root); ++ for_each_possible_cpu(i) { ++ sprintf(name, cpufmt, i); ++ entry = debugfs_create_file(name, 0444, dentry, ++ &per_cpu(preemptirqsoff_hist, i), &latency_hist_fops); ++ my_hist = &per_cpu(preemptirqsoff_hist, i); ++ atomic_set(&my_hist->hist_mode, 1); ++ my_hist->min_lat = LONG_MAX; ++ } ++ entry = debugfs_create_file("reset", 0644, dentry, ++ (void *)PREEMPTIRQSOFF_LATENCY, &latency_hist_reset_fops); ++#endif ++ ++#if defined(CONFIG_INTERRUPT_OFF_HIST) || defined(CONFIG_PREEMPT_OFF_HIST) ++ entry = debugfs_create_file("preemptirqsoff", 0644, ++ enable_root, (void *)&preemptirqsoff_enabled_data, ++ &enable_fops); ++#endif ++ ++#ifdef CONFIG_WAKEUP_LATENCY_HIST ++ dentry = debugfs_create_dir(wakeup_latency_hist_dir, ++ latency_hist_root); ++ dentry_sharedprio = debugfs_create_dir( ++ wakeup_latency_hist_dir_sharedprio, dentry); ++ for_each_possible_cpu(i) { ++ sprintf(name, cpufmt, i); ++ ++ entry = debugfs_create_file(name, 0444, dentry, ++ &per_cpu(wakeup_latency_hist, i), ++ &latency_hist_fops); ++ my_hist = &per_cpu(wakeup_latency_hist, i); ++ atomic_set(&my_hist->hist_mode, 1); ++ my_hist->min_lat = LONG_MAX; ++ ++ entry = debugfs_create_file(name, 0444, dentry_sharedprio, ++ &per_cpu(wakeup_latency_hist_sharedprio, i), ++ &latency_hist_fops); ++ my_hist = &per_cpu(wakeup_latency_hist_sharedprio, i); ++ atomic_set(&my_hist->hist_mode, 1); ++ my_hist->min_lat = LONG_MAX; ++ ++ sprintf(name, cpufmt_maxlatproc, i); ++ ++ mp = &per_cpu(wakeup_maxlatproc, i); ++ entry = debugfs_create_file(name, 0444, dentry, mp, ++ &maxlatproc_fops); ++ clear_maxlatprocdata(mp); ++ ++ mp = &per_cpu(wakeup_maxlatproc_sharedprio, i); ++ entry = debugfs_create_file(name, 0444, dentry_sharedprio, mp, ++ &maxlatproc_fops); ++ clear_maxlatprocdata(mp); ++ } ++ entry = debugfs_create_file("pid", 0644, dentry, ++ (void *)&wakeup_pid, &pid_fops); ++ entry = debugfs_create_file("reset", 0644, dentry, ++ (void *)WAKEUP_LATENCY, &latency_hist_reset_fops); ++ entry = debugfs_create_file("reset", 0644, dentry_sharedprio, ++ (void *)WAKEUP_LATENCY_SHAREDPRIO, &latency_hist_reset_fops); ++ entry = debugfs_create_file("wakeup", 0644, ++ enable_root, (void *)&wakeup_latency_enabled_data, ++ &enable_fops); ++#endif ++ ++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST ++ dentry = debugfs_create_dir(missed_timer_offsets_dir, ++ latency_hist_root); ++ for_each_possible_cpu(i) { ++ sprintf(name, cpufmt, i); ++ entry = debugfs_create_file(name, 0444, dentry, ++ &per_cpu(missed_timer_offsets, i), &latency_hist_fops); ++ my_hist = &per_cpu(missed_timer_offsets, i); ++ atomic_set(&my_hist->hist_mode, 1); ++ my_hist->min_lat = LONG_MAX; ++ ++ sprintf(name, cpufmt_maxlatproc, i); ++ mp = &per_cpu(missed_timer_offsets_maxlatproc, i); ++ entry = debugfs_create_file(name, 0444, dentry, mp, ++ &maxlatproc_fops); ++ clear_maxlatprocdata(mp); ++ } ++ entry = debugfs_create_file("pid", 0644, dentry, ++ (void *)&missed_timer_offsets_pid, &pid_fops); ++ entry = debugfs_create_file("reset", 0644, dentry, ++ (void *)MISSED_TIMER_OFFSETS, &latency_hist_reset_fops); ++ entry = debugfs_create_file("missed_timer_offsets", 0644, ++ enable_root, (void *)&missed_timer_offsets_enabled_data, ++ &enable_fops); ++#endif ++ ++#if defined(CONFIG_WAKEUP_LATENCY_HIST) && \ ++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST) ++ dentry = debugfs_create_dir(timerandwakeup_latency_hist_dir, ++ latency_hist_root); ++ for_each_possible_cpu(i) { ++ sprintf(name, cpufmt, i); ++ entry = debugfs_create_file(name, 0444, dentry, ++ &per_cpu(timerandwakeup_latency_hist, i), ++ &latency_hist_fops); ++ my_hist = &per_cpu(timerandwakeup_latency_hist, i); ++ atomic_set(&my_hist->hist_mode, 1); ++ my_hist->min_lat = LONG_MAX; ++ ++ sprintf(name, cpufmt_maxlatproc, i); ++ mp = &per_cpu(timerandwakeup_maxlatproc, i); ++ entry = debugfs_create_file(name, 0444, dentry, mp, ++ &maxlatproc_fops); ++ clear_maxlatprocdata(mp); ++ } ++ entry = debugfs_create_file("reset", 0644, dentry, ++ (void *)TIMERANDWAKEUP_LATENCY, &latency_hist_reset_fops); ++ entry = debugfs_create_file("timerandwakeup", 0644, ++ enable_root, (void *)&timerandwakeup_enabled_data, ++ &enable_fops); ++#endif ++ return 0; ++} ++ ++device_initcall(latency_hist_init); +diff -Nur linux-3.18.9.orig/kernel/trace/Makefile linux-3.18.9/kernel/trace/Makefile +--- linux-3.18.9.orig/kernel/trace/Makefile 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/trace/Makefile 2015-03-15 16:03:03.860094875 -0500 +@@ -36,6 +36,10 @@ + obj-$(CONFIG_IRQSOFF_TRACER) += trace_irqsoff.o + obj-$(CONFIG_PREEMPT_TRACER) += trace_irqsoff.o + obj-$(CONFIG_SCHED_TRACER) += trace_sched_wakeup.o ++obj-$(CONFIG_INTERRUPT_OFF_HIST) += latency_hist.o ++obj-$(CONFIG_PREEMPT_OFF_HIST) += latency_hist.o ++obj-$(CONFIG_WAKEUP_LATENCY_HIST) += latency_hist.o ++obj-$(CONFIG_MISSED_TIMER_OFFSETS_HIST) += latency_hist.o + obj-$(CONFIG_NOP_TRACER) += trace_nop.o + obj-$(CONFIG_STACK_TRACER) += trace_stack.o + obj-$(CONFIG_MMIOTRACE) += trace_mmiotrace.o +diff -Nur linux-3.18.9.orig/kernel/trace/trace.c linux-3.18.9/kernel/trace/trace.c +--- linux-3.18.9.orig/kernel/trace/trace.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/trace/trace.c 2015-03-15 16:03:03.860094875 -0500 +@@ -1579,6 +1579,7 @@ + struct task_struct *tsk = current; + + entry->preempt_count = pc & 0xff; ++ entry->preempt_lazy_count = preempt_lazy_count(); + entry->pid = (tsk) ? tsk->pid : 0; + entry->flags = + #ifdef CONFIG_TRACE_IRQFLAGS_SUPPORT +@@ -1588,8 +1589,11 @@ + #endif + ((pc & HARDIRQ_MASK) ? TRACE_FLAG_HARDIRQ : 0) | + ((pc & SOFTIRQ_MASK) ? TRACE_FLAG_SOFTIRQ : 0) | +- (tif_need_resched() ? TRACE_FLAG_NEED_RESCHED : 0) | ++ (tif_need_resched_now() ? TRACE_FLAG_NEED_RESCHED : 0) | ++ (need_resched_lazy() ? TRACE_FLAG_NEED_RESCHED_LAZY : 0) | + (test_preempt_need_resched() ? TRACE_FLAG_PREEMPT_RESCHED : 0); ++ ++ entry->migrate_disable = (tsk) ? __migrate_disabled(tsk) & 0xFF : 0; + } + EXPORT_SYMBOL_GPL(tracing_generic_entry_update); + +@@ -2509,14 +2513,17 @@ + + static void print_lat_help_header(struct seq_file *m) + { +- seq_puts(m, "# _------=> CPU# \n"); +- seq_puts(m, "# / _-----=> irqs-off \n"); +- seq_puts(m, "# | / _----=> need-resched \n"); +- seq_puts(m, "# || / _---=> hardirq/softirq \n"); +- seq_puts(m, "# ||| / _--=> preempt-depth \n"); +- seq_puts(m, "# |||| / delay \n"); +- seq_puts(m, "# cmd pid ||||| time | caller \n"); +- seq_puts(m, "# \\ / ||||| \\ | / \n"); ++ seq_puts(m, "# _--------=> CPU# \n"); ++ seq_puts(m, "# / _-------=> irqs-off \n"); ++ seq_puts(m, "# | / _------=> need-resched \n"); ++ seq_puts(m, "# || / _-----=> need-resched_lazy \n"); ++ seq_puts(m, "# ||| / _----=> hardirq/softirq \n"); ++ seq_puts(m, "# |||| / _---=> preempt-depth \n"); ++ seq_puts(m, "# ||||| / _--=> preempt-lazy-depth\n"); ++ seq_puts(m, "# |||||| / _-=> migrate-disable \n"); ++ seq_puts(m, "# ||||||| / delay \n"); ++ seq_puts(m, "# cmd pid |||||||| time | caller \n"); ++ seq_puts(m, "# \\ / |||||||| \\ | / \n"); + } + + static void print_event_info(struct trace_buffer *buf, struct seq_file *m) +@@ -2540,13 +2547,16 @@ + static void print_func_help_header_irq(struct trace_buffer *buf, struct seq_file *m) + { + print_event_info(buf, m); +- seq_puts(m, "# _-----=> irqs-off\n"); +- seq_puts(m, "# / _----=> need-resched\n"); +- seq_puts(m, "# | / _---=> hardirq/softirq\n"); +- seq_puts(m, "# || / _--=> preempt-depth\n"); +- seq_puts(m, "# ||| / delay\n"); +- seq_puts(m, "# TASK-PID CPU# |||| TIMESTAMP FUNCTION\n"); +- seq_puts(m, "# | | | |||| | |\n"); ++ seq_puts(m, "# _-------=> irqs-off \n"); ++ seq_puts(m, "# / _------=> need-resched \n"); ++ seq_puts(m, "# |/ _-----=> need-resched_lazy \n"); ++ seq_puts(m, "# ||/ _----=> hardirq/softirq \n"); ++ seq_puts(m, "# |||/ _---=> preempt-depth \n"); ++ seq_puts(m, "# ||||/ _--=> preempt-lazy-depth\n"); ++ seq_puts(m, "# ||||| / _-=> migrate-disable \n"); ++ seq_puts(m, "# |||||| / delay\n"); ++ seq_puts(m, "# TASK-PID CPU# |||||| TIMESTAMP FUNCTION\n"); ++ seq_puts(m, "# | | | |||||| | |\n"); + } + + void +diff -Nur linux-3.18.9.orig/kernel/trace/trace_events.c linux-3.18.9/kernel/trace/trace_events.c +--- linux-3.18.9.orig/kernel/trace/trace_events.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/trace/trace_events.c 2015-03-15 16:03:03.860094875 -0500 +@@ -162,6 +162,8 @@ + __common_field(unsigned char, flags); + __common_field(unsigned char, preempt_count); + __common_field(int, pid); ++ __common_field(unsigned short, migrate_disable); ++ __common_field(unsigned short, padding); + + return ret; + } +diff -Nur linux-3.18.9.orig/kernel/trace/trace.h linux-3.18.9/kernel/trace/trace.h +--- linux-3.18.9.orig/kernel/trace/trace.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/trace/trace.h 2015-03-15 16:03:03.860094875 -0500 +@@ -119,6 +119,7 @@ + * NEED_RESCHED - reschedule is requested + * HARDIRQ - inside an interrupt handler + * SOFTIRQ - inside a softirq handler ++ * NEED_RESCHED_LAZY - lazy reschedule is requested + */ + enum trace_flag_type { + TRACE_FLAG_IRQS_OFF = 0x01, +@@ -127,6 +128,7 @@ + TRACE_FLAG_HARDIRQ = 0x08, + TRACE_FLAG_SOFTIRQ = 0x10, + TRACE_FLAG_PREEMPT_RESCHED = 0x20, ++ TRACE_FLAG_NEED_RESCHED_LAZY = 0x40, + }; + + #define TRACE_BUF_SIZE 1024 +diff -Nur linux-3.18.9.orig/kernel/trace/trace_irqsoff.c linux-3.18.9/kernel/trace/trace_irqsoff.c +--- linux-3.18.9.orig/kernel/trace/trace_irqsoff.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/trace/trace_irqsoff.c 2015-03-15 16:03:03.860094875 -0500 +@@ -17,6 +17,7 @@ + #include <linux/fs.h> + + #include "trace.h" ++#include <trace/events/hist.h> + + static struct trace_array *irqsoff_trace __read_mostly; + static int tracer_enabled __read_mostly; +@@ -435,11 +436,13 @@ + { + if (preempt_trace() || irq_trace()) + start_critical_timing(CALLER_ADDR0, CALLER_ADDR1); ++ trace_preemptirqsoff_hist(TRACE_START, 1); + } + EXPORT_SYMBOL_GPL(start_critical_timings); + + void stop_critical_timings(void) + { ++ trace_preemptirqsoff_hist(TRACE_STOP, 0); + if (preempt_trace() || irq_trace()) + stop_critical_timing(CALLER_ADDR0, CALLER_ADDR1); + } +@@ -449,6 +452,7 @@ + #ifdef CONFIG_PROVE_LOCKING + void time_hardirqs_on(unsigned long a0, unsigned long a1) + { ++ trace_preemptirqsoff_hist(IRQS_ON, 0); + if (!preempt_trace() && irq_trace()) + stop_critical_timing(a0, a1); + } +@@ -457,6 +461,7 @@ + { + if (!preempt_trace() && irq_trace()) + start_critical_timing(a0, a1); ++ trace_preemptirqsoff_hist(IRQS_OFF, 1); + } + + #else /* !CONFIG_PROVE_LOCKING */ +@@ -482,6 +487,7 @@ + */ + void trace_hardirqs_on(void) + { ++ trace_preemptirqsoff_hist(IRQS_ON, 0); + if (!preempt_trace() && irq_trace()) + stop_critical_timing(CALLER_ADDR0, CALLER_ADDR1); + } +@@ -491,11 +497,13 @@ + { + if (!preempt_trace() && irq_trace()) + start_critical_timing(CALLER_ADDR0, CALLER_ADDR1); ++ trace_preemptirqsoff_hist(IRQS_OFF, 1); + } + EXPORT_SYMBOL(trace_hardirqs_off); + + __visible void trace_hardirqs_on_caller(unsigned long caller_addr) + { ++ trace_preemptirqsoff_hist(IRQS_ON, 0); + if (!preempt_trace() && irq_trace()) + stop_critical_timing(CALLER_ADDR0, caller_addr); + } +@@ -505,6 +513,7 @@ + { + if (!preempt_trace() && irq_trace()) + start_critical_timing(CALLER_ADDR0, caller_addr); ++ trace_preemptirqsoff_hist(IRQS_OFF, 1); + } + EXPORT_SYMBOL(trace_hardirqs_off_caller); + +@@ -514,12 +523,14 @@ + #ifdef CONFIG_PREEMPT_TRACER + void trace_preempt_on(unsigned long a0, unsigned long a1) + { ++ trace_preemptirqsoff_hist(PREEMPT_ON, 0); + if (preempt_trace() && !irq_trace()) + stop_critical_timing(a0, a1); + } + + void trace_preempt_off(unsigned long a0, unsigned long a1) + { ++ trace_preemptirqsoff_hist(PREEMPT_ON, 1); + if (preempt_trace() && !irq_trace()) + start_critical_timing(a0, a1); + } +diff -Nur linux-3.18.9.orig/kernel/trace/trace_output.c linux-3.18.9/kernel/trace/trace_output.c +--- linux-3.18.9.orig/kernel/trace/trace_output.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/trace/trace_output.c 2015-03-15 16:03:03.860094875 -0500 +@@ -410,6 +410,7 @@ + { + char hardsoft_irq; + char need_resched; ++ char need_resched_lazy; + char irqs_off; + int hardirq; + int softirq; +@@ -438,6 +439,8 @@ + need_resched = '.'; + break; + } ++ need_resched_lazy = ++ (entry->flags & TRACE_FLAG_NEED_RESCHED_LAZY) ? 'L' : '.'; + + hardsoft_irq = + (hardirq && softirq) ? 'H' : +@@ -445,8 +448,9 @@ + softirq ? 's' : + '.'; + +- if (!trace_seq_printf(s, "%c%c%c", +- irqs_off, need_resched, hardsoft_irq)) ++ if (!trace_seq_printf(s, "%c%c%c%c", ++ irqs_off, need_resched, need_resched_lazy, ++ hardsoft_irq)) + return 0; + + if (entry->preempt_count) +@@ -454,6 +458,16 @@ + else + ret = trace_seq_putc(s, '.'); + ++ if (entry->preempt_lazy_count) ++ ret = trace_seq_printf(s, "%x", entry->preempt_lazy_count); ++ else ++ ret = trace_seq_putc(s, '.'); ++ ++ if (entry->migrate_disable) ++ ret = trace_seq_printf(s, "%x", entry->migrate_disable); ++ else ++ ret = trace_seq_putc(s, '.'); ++ + return ret; + } + +diff -Nur linux-3.18.9.orig/kernel/user.c linux-3.18.9/kernel/user.c +--- linux-3.18.9.orig/kernel/user.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/user.c 2015-03-15 16:03:03.860094875 -0500 +@@ -158,11 +158,11 @@ + if (!up) + return; + +- local_irq_save(flags); ++ local_irq_save_nort(flags); + if (atomic_dec_and_lock(&up->__count, &uidhash_lock)) + free_user(up, flags); + else +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + } + + struct user_struct *alloc_uid(kuid_t uid) +diff -Nur linux-3.18.9.orig/kernel/watchdog.c linux-3.18.9/kernel/watchdog.c +--- linux-3.18.9.orig/kernel/watchdog.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/watchdog.c 2015-03-15 16:03:03.864094875 -0500 +@@ -248,6 +248,8 @@ + + #ifdef CONFIG_HARDLOCKUP_DETECTOR + ++static DEFINE_RAW_SPINLOCK(watchdog_output_lock); ++ + static struct perf_event_attr wd_hw_attr = { + .type = PERF_TYPE_HARDWARE, + .config = PERF_COUNT_HW_CPU_CYCLES, +@@ -281,13 +283,21 @@ + /* only print hardlockups once */ + if (__this_cpu_read(hard_watchdog_warn) == true) + return; ++ /* ++ * If early-printk is enabled then make sure we do not ++ * lock up in printk() and kill console logging: ++ */ ++ printk_kill(); + +- if (hardlockup_panic) ++ if (hardlockup_panic) { + panic("Watchdog detected hard LOCKUP on cpu %d", + this_cpu); +- else ++ } else { ++ raw_spin_lock(&watchdog_output_lock); + WARN(1, "Watchdog detected hard LOCKUP on cpu %d", + this_cpu); ++ raw_spin_unlock(&watchdog_output_lock); ++ } + + __this_cpu_write(hard_watchdog_warn, true); + return; +@@ -430,6 +440,7 @@ + /* kick off the timer for the hardlockup detector */ + hrtimer_init(hrtimer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hrtimer->function = watchdog_timer_fn; ++ hrtimer->irqsafe = 1; + + /* Enable the perf event */ + watchdog_nmi_enable(cpu); +diff -Nur linux-3.18.9.orig/kernel/workqueue.c linux-3.18.9/kernel/workqueue.c +--- linux-3.18.9.orig/kernel/workqueue.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/workqueue.c 2015-03-15 16:03:03.864094875 -0500 +@@ -48,6 +48,8 @@ + #include <linux/nodemask.h> + #include <linux/moduleparam.h> + #include <linux/uaccess.h> ++#include <linux/locallock.h> ++#include <linux/delay.h> + + #include "workqueue_internal.h" + +@@ -121,15 +123,20 @@ + * cpu or grabbing pool->lock is enough for read access. If + * POOL_DISASSOCIATED is set, it's identical to L. + * ++ * On RT we need the extra protection via rt_lock_idle_list() for ++ * the list manipulations against read access from ++ * wq_worker_sleeping(). All other places are nicely serialized via ++ * pool->lock. ++ * + * A: pool->attach_mutex protected. + * + * PL: wq_pool_mutex protected. + * +- * PR: wq_pool_mutex protected for writes. Sched-RCU protected for reads. ++ * PR: wq_pool_mutex protected for writes. RCU protected for reads. + * + * WQ: wq->mutex protected. + * +- * WR: wq->mutex protected for writes. Sched-RCU protected for reads. ++ * WR: wq->mutex protected for writes. RCU protected for reads. + * + * MD: wq_mayday_lock protected. + */ +@@ -177,7 +184,7 @@ + atomic_t nr_running ____cacheline_aligned_in_smp; + + /* +- * Destruction of pool is sched-RCU protected to allow dereferences ++ * Destruction of pool is RCU protected to allow dereferences + * from get_work_pool(). + */ + struct rcu_head rcu; +@@ -206,7 +213,7 @@ + /* + * Release of unbound pwq is punted to system_wq. See put_pwq() + * and pwq_unbound_release_workfn() for details. pool_workqueue +- * itself is also sched-RCU protected so that the first pwq can be ++ * itself is also RCU protected so that the first pwq can be + * determined without grabbing wq->mutex. + */ + struct work_struct unbound_release_work; +@@ -321,6 +328,8 @@ + struct workqueue_struct *system_freezable_power_efficient_wq __read_mostly; + EXPORT_SYMBOL_GPL(system_freezable_power_efficient_wq); + ++static DEFINE_LOCAL_IRQ_LOCK(pendingb_lock); ++ + static int worker_thread(void *__worker); + static void copy_workqueue_attrs(struct workqueue_attrs *to, + const struct workqueue_attrs *from); +@@ -329,14 +338,14 @@ + #include <trace/events/workqueue.h> + + #define assert_rcu_or_pool_mutex() \ +- rcu_lockdep_assert(rcu_read_lock_sched_held() || \ ++ rcu_lockdep_assert(rcu_read_lock_held() || \ + lockdep_is_held(&wq_pool_mutex), \ +- "sched RCU or wq_pool_mutex should be held") ++ "RCU or wq_pool_mutex should be held") + + #define assert_rcu_or_wq_mutex(wq) \ +- rcu_lockdep_assert(rcu_read_lock_sched_held() || \ ++ rcu_lockdep_assert(rcu_read_lock_held() || \ + lockdep_is_held(&wq->mutex), \ +- "sched RCU or wq->mutex should be held") ++ "RCU or wq->mutex should be held") + + #define for_each_cpu_worker_pool(pool, cpu) \ + for ((pool) = &per_cpu(cpu_worker_pools, cpu)[0]; \ +@@ -348,7 +357,7 @@ + * @pool: iteration cursor + * @pi: integer used for iteration + * +- * This must be called either with wq_pool_mutex held or sched RCU read ++ * This must be called either with wq_pool_mutex held or RCU read + * locked. If the pool needs to be used beyond the locking in effect, the + * caller is responsible for guaranteeing that the pool stays online. + * +@@ -380,7 +389,7 @@ + * @pwq: iteration cursor + * @wq: the target workqueue + * +- * This must be called either with wq->mutex held or sched RCU read locked. ++ * This must be called either with wq->mutex held or RCU read locked. + * If the pwq needs to be used beyond the locking in effect, the caller is + * responsible for guaranteeing that the pwq stays online. + * +@@ -392,6 +401,31 @@ + if (({ assert_rcu_or_wq_mutex(wq); false; })) { } \ + else + ++#ifdef CONFIG_PREEMPT_RT_BASE ++static inline void rt_lock_idle_list(struct worker_pool *pool) ++{ ++ preempt_disable(); ++} ++static inline void rt_unlock_idle_list(struct worker_pool *pool) ++{ ++ preempt_enable(); ++} ++static inline void sched_lock_idle_list(struct worker_pool *pool) { } ++static inline void sched_unlock_idle_list(struct worker_pool *pool) { } ++#else ++static inline void rt_lock_idle_list(struct worker_pool *pool) { } ++static inline void rt_unlock_idle_list(struct worker_pool *pool) { } ++static inline void sched_lock_idle_list(struct worker_pool *pool) ++{ ++ spin_lock_irq(&pool->lock); ++} ++static inline void sched_unlock_idle_list(struct worker_pool *pool) ++{ ++ spin_unlock_irq(&pool->lock); ++} ++#endif ++ ++ + #ifdef CONFIG_DEBUG_OBJECTS_WORK + + static struct debug_obj_descr work_debug_descr; +@@ -542,7 +576,7 @@ + * @wq: the target workqueue + * @node: the node ID + * +- * This must be called either with pwq_lock held or sched RCU read locked. ++ * This must be called either with pwq_lock held or RCU read locked. + * If the pwq needs to be used beyond the locking in effect, the caller is + * responsible for guaranteeing that the pwq stays online. + * +@@ -646,8 +680,8 @@ + * @work: the work item of interest + * + * Pools are created and destroyed under wq_pool_mutex, and allows read +- * access under sched-RCU read lock. As such, this function should be +- * called under wq_pool_mutex or with preemption disabled. ++ * access under RCU read lock. As such, this function should be ++ * called under wq_pool_mutex or inside of a rcu_read_lock() region. + * + * All fields of the returned pool are accessible as long as the above + * mentioned locking is in effect. If the returned pool needs to be used +@@ -784,51 +818,44 @@ + */ + static void wake_up_worker(struct worker_pool *pool) + { +- struct worker *worker = first_idle_worker(pool); ++ struct worker *worker; ++ ++ rt_lock_idle_list(pool); ++ ++ worker = first_idle_worker(pool); + + if (likely(worker)) + wake_up_process(worker->task); ++ ++ rt_unlock_idle_list(pool); + } + + /** +- * wq_worker_waking_up - a worker is waking up +- * @task: task waking up +- * @cpu: CPU @task is waking up to +- * +- * This function is called during try_to_wake_up() when a worker is +- * being awoken. ++ * wq_worker_running - a worker is running again ++ * @task: task returning from sleep + * +- * CONTEXT: +- * spin_lock_irq(rq->lock) ++ * This function is called when a worker returns from schedule() + */ +-void wq_worker_waking_up(struct task_struct *task, int cpu) ++void wq_worker_running(struct task_struct *task) + { + struct worker *worker = kthread_data(task); + +- if (!(worker->flags & WORKER_NOT_RUNNING)) { +- WARN_ON_ONCE(worker->pool->cpu != cpu); ++ if (!worker->sleeping) ++ return; ++ if (!(worker->flags & WORKER_NOT_RUNNING)) + atomic_inc(&worker->pool->nr_running); +- } ++ worker->sleeping = 0; + } + + /** + * wq_worker_sleeping - a worker is going to sleep + * @task: task going to sleep +- * @cpu: CPU in question, must be the current CPU number +- * +- * This function is called during schedule() when a busy worker is +- * going to sleep. Worker on the same cpu can be woken up by +- * returning pointer to its task. +- * +- * CONTEXT: +- * spin_lock_irq(rq->lock) +- * +- * Return: +- * Worker task on @cpu to wake up, %NULL if none. ++ * This function is called from schedule() when a busy worker is ++ * going to sleep. + */ +-struct task_struct *wq_worker_sleeping(struct task_struct *task, int cpu) ++void wq_worker_sleeping(struct task_struct *task) + { +- struct worker *worker = kthread_data(task), *to_wakeup = NULL; ++ struct worker *worker = kthread_data(task); + struct worker_pool *pool; + + /* +@@ -837,29 +864,26 @@ + * checking NOT_RUNNING. + */ + if (worker->flags & WORKER_NOT_RUNNING) +- return NULL; ++ return; + + pool = worker->pool; + +- /* this can only happen on the local cpu */ +- if (WARN_ON_ONCE(cpu != raw_smp_processor_id() || pool->cpu != cpu)) +- return NULL; ++ if (WARN_ON_ONCE(worker->sleeping)) ++ return; ++ ++ worker->sleeping = 1; + + /* + * The counterpart of the following dec_and_test, implied mb, + * worklist not empty test sequence is in insert_work(). + * Please read comment there. +- * +- * NOT_RUNNING is clear. This means that we're bound to and +- * running on the local cpu w/ rq lock held and preemption +- * disabled, which in turn means that none else could be +- * manipulating idle_list, so dereferencing idle_list without pool +- * lock is safe. + */ + if (atomic_dec_and_test(&pool->nr_running) && +- !list_empty(&pool->worklist)) +- to_wakeup = first_idle_worker(pool); +- return to_wakeup ? to_wakeup->task : NULL; ++ !list_empty(&pool->worklist)) { ++ sched_lock_idle_list(pool); ++ wake_up_worker(pool); ++ sched_unlock_idle_list(pool); ++ } + } + + /** +@@ -1053,12 +1077,12 @@ + { + if (pwq) { + /* +- * As both pwqs and pools are sched-RCU protected, the ++ * As both pwqs and pools are RCU protected, the + * following lock operations are safe. + */ +- spin_lock_irq(&pwq->pool->lock); ++ local_spin_lock_irq(pendingb_lock, &pwq->pool->lock); + put_pwq(pwq); +- spin_unlock_irq(&pwq->pool->lock); ++ local_spin_unlock_irq(pendingb_lock, &pwq->pool->lock); + } + } + +@@ -1160,7 +1184,7 @@ + struct worker_pool *pool; + struct pool_workqueue *pwq; + +- local_irq_save(*flags); ++ local_lock_irqsave(pendingb_lock, *flags); + + /* try to steal the timer if it exists */ + if (is_dwork) { +@@ -1179,6 +1203,7 @@ + if (!test_and_set_bit(WORK_STRUCT_PENDING_BIT, work_data_bits(work))) + return 0; + ++ rcu_read_lock(); + /* + * The queueing is in progress, or it is already queued. Try to + * steal it from ->worklist without clearing WORK_STRUCT_PENDING. +@@ -1217,14 +1242,16 @@ + set_work_pool_and_keep_pending(work, pool->id); + + spin_unlock(&pool->lock); ++ rcu_read_unlock(); + return 1; + } + spin_unlock(&pool->lock); + fail: +- local_irq_restore(*flags); ++ rcu_read_unlock(); ++ local_unlock_irqrestore(pendingb_lock, *flags); + if (work_is_canceling(work)) + return -ENOENT; +- cpu_relax(); ++ cpu_chill(); + return -EAGAIN; + } + +@@ -1293,7 +1320,7 @@ + * queued or lose PENDING. Grabbing PENDING and queueing should + * happen with IRQ disabled. + */ +- WARN_ON_ONCE(!irqs_disabled()); ++ WARN_ON_ONCE_NONRT(!irqs_disabled()); + + debug_work_activate(work); + +@@ -1301,6 +1328,8 @@ + if (unlikely(wq->flags & __WQ_DRAINING) && + WARN_ON_ONCE(!is_chained_work(wq))) + return; ++ ++ rcu_read_lock(); + retry: + if (req_cpu == WORK_CPU_UNBOUND) + cpu = raw_smp_processor_id(); +@@ -1357,10 +1386,8 @@ + /* pwq determined, queue */ + trace_workqueue_queue_work(req_cpu, pwq, work); + +- if (WARN_ON(!list_empty(&work->entry))) { +- spin_unlock(&pwq->pool->lock); +- return; +- } ++ if (WARN_ON(!list_empty(&work->entry))) ++ goto out; + + pwq->nr_in_flight[pwq->work_color]++; + work_flags = work_color_to_flags(pwq->work_color); +@@ -1376,7 +1403,9 @@ + + insert_work(pwq, work, worklist, work_flags); + ++out: + spin_unlock(&pwq->pool->lock); ++ rcu_read_unlock(); + } + + /** +@@ -1396,14 +1425,14 @@ + bool ret = false; + unsigned long flags; + +- local_irq_save(flags); ++ local_lock_irqsave(pendingb_lock,flags); + + if (!test_and_set_bit(WORK_STRUCT_PENDING_BIT, work_data_bits(work))) { + __queue_work(cpu, wq, work); + ret = true; + } + +- local_irq_restore(flags); ++ local_unlock_irqrestore(pendingb_lock, flags); + return ret; + } + EXPORT_SYMBOL(queue_work_on); +@@ -1470,14 +1499,14 @@ + unsigned long flags; + + /* read the comment in __queue_work() */ +- local_irq_save(flags); ++ local_lock_irqsave(pendingb_lock, flags); + + if (!test_and_set_bit(WORK_STRUCT_PENDING_BIT, work_data_bits(work))) { + __queue_delayed_work(cpu, wq, dwork, delay); + ret = true; + } + +- local_irq_restore(flags); ++ local_unlock_irqrestore(pendingb_lock, flags); + return ret; + } + EXPORT_SYMBOL(queue_delayed_work_on); +@@ -1512,7 +1541,7 @@ + + if (likely(ret >= 0)) { + __queue_delayed_work(cpu, wq, dwork, delay); +- local_irq_restore(flags); ++ local_unlock_irqrestore(pendingb_lock, flags); + } + + /* -ENOENT from try_to_grab_pending() becomes %true */ +@@ -1545,7 +1574,9 @@ + worker->last_active = jiffies; + + /* idle_list is LIFO */ ++ rt_lock_idle_list(pool); + list_add(&worker->entry, &pool->idle_list); ++ rt_unlock_idle_list(pool); + + if (too_many_workers(pool) && !timer_pending(&pool->idle_timer)) + mod_timer(&pool->idle_timer, jiffies + IDLE_WORKER_TIMEOUT); +@@ -1578,7 +1609,9 @@ + return; + worker_clr_flags(worker, WORKER_IDLE); + pool->nr_idle--; ++ rt_lock_idle_list(pool); + list_del_init(&worker->entry); ++ rt_unlock_idle_list(pool); + } + + static struct worker *alloc_worker(int node) +@@ -1746,7 +1779,9 @@ + pool->nr_workers--; + pool->nr_idle--; + ++ rt_lock_idle_list(pool); + list_del_init(&worker->entry); ++ rt_unlock_idle_list(pool); + worker->flags |= WORKER_DIE; + wake_up_process(worker->task); + } +@@ -2641,14 +2676,14 @@ + + might_sleep(); + +- local_irq_disable(); ++ rcu_read_lock(); + pool = get_work_pool(work); + if (!pool) { +- local_irq_enable(); ++ rcu_read_unlock(); + return false; + } + +- spin_lock(&pool->lock); ++ spin_lock_irq(&pool->lock); + /* see the comment in try_to_grab_pending() with the same code */ + pwq = get_work_pwq(work); + if (pwq) { +@@ -2675,10 +2710,11 @@ + else + lock_map_acquire_read(&pwq->wq->lockdep_map); + lock_map_release(&pwq->wq->lockdep_map); +- ++ rcu_read_unlock(); + return true; + already_gone: + spin_unlock_irq(&pool->lock); ++ rcu_read_unlock(); + return false; + } + +@@ -2727,7 +2763,7 @@ + + /* tell other tasks trying to grab @work to back off */ + mark_work_canceling(work); +- local_irq_restore(flags); ++ local_unlock_irqrestore(pendingb_lock, flags); + + flush_work(work); + clear_work_data(work); +@@ -2772,10 +2808,10 @@ + */ + bool flush_delayed_work(struct delayed_work *dwork) + { +- local_irq_disable(); ++ local_lock_irq(pendingb_lock); + if (del_timer_sync(&dwork->timer)) + __queue_work(dwork->cpu, dwork->wq, &dwork->work); +- local_irq_enable(); ++ local_unlock_irq(pendingb_lock); + return flush_work(&dwork->work); + } + EXPORT_SYMBOL(flush_delayed_work); +@@ -2810,7 +2846,7 @@ + + set_work_pool_and_clear_pending(&dwork->work, + get_work_pool_id(&dwork->work)); +- local_irq_restore(flags); ++ local_unlock_irqrestore(pendingb_lock, flags); + return ret; + } + EXPORT_SYMBOL(cancel_delayed_work); +@@ -2996,7 +3032,8 @@ + const char *delim = ""; + int node, written = 0; + +- rcu_read_lock_sched(); ++ get_online_cpus(); ++ rcu_read_lock(); + for_each_node(node) { + written += scnprintf(buf + written, PAGE_SIZE - written, + "%s%d:%d", delim, node, +@@ -3004,7 +3041,8 @@ + delim = " "; + } + written += scnprintf(buf + written, PAGE_SIZE - written, "\n"); +- rcu_read_unlock_sched(); ++ rcu_read_unlock(); ++ put_online_cpus(); + + return written; + } +@@ -3372,7 +3410,7 @@ + * put_unbound_pool - put a worker_pool + * @pool: worker_pool to put + * +- * Put @pool. If its refcnt reaches zero, it gets destroyed in sched-RCU ++ * Put @pool. If its refcnt reaches zero, it gets destroyed in RCU + * safe manner. get_unbound_pool() calls this function on its failure path + * and this function should be able to release pools which went through, + * successfully or not, init_worker_pool(). +@@ -3426,8 +3464,8 @@ + del_timer_sync(&pool->idle_timer); + del_timer_sync(&pool->mayday_timer); + +- /* sched-RCU protected to allow dereferences from get_work_pool() */ +- call_rcu_sched(&pool->rcu, rcu_free_pool); ++ /* RCU protected to allow dereferences from get_work_pool() */ ++ call_rcu(&pool->rcu, rcu_free_pool); + } + + /** +@@ -3532,7 +3570,7 @@ + put_unbound_pool(pool); + mutex_unlock(&wq_pool_mutex); + +- call_rcu_sched(&pwq->rcu, rcu_free_pwq); ++ call_rcu(&pwq->rcu, rcu_free_pwq); + + /* + * If we're the last pwq going away, @wq is already dead and no one +@@ -4244,7 +4282,8 @@ + struct pool_workqueue *pwq; + bool ret; + +- rcu_read_lock_sched(); ++ rcu_read_lock(); ++ preempt_disable(); + + if (cpu == WORK_CPU_UNBOUND) + cpu = smp_processor_id(); +@@ -4255,7 +4294,8 @@ + pwq = unbound_pwq_by_node(wq, cpu_to_node(cpu)); + + ret = !list_empty(&pwq->delayed_works); +- rcu_read_unlock_sched(); ++ preempt_enable(); ++ rcu_read_unlock(); + + return ret; + } +@@ -4281,16 +4321,15 @@ + if (work_pending(work)) + ret |= WORK_BUSY_PENDING; + +- local_irq_save(flags); ++ rcu_read_lock(); + pool = get_work_pool(work); + if (pool) { +- spin_lock(&pool->lock); ++ spin_lock_irqsave(&pool->lock, flags); + if (find_worker_executing_work(pool, work)) + ret |= WORK_BUSY_RUNNING; +- spin_unlock(&pool->lock); ++ spin_unlock_irqrestore(&pool->lock, flags); + } +- local_irq_restore(flags); +- ++ rcu_read_unlock(); + return ret; + } + EXPORT_SYMBOL_GPL(work_busy); +@@ -4719,16 +4758,16 @@ + * nr_active is monotonically decreasing. It's safe + * to peek without lock. + */ +- rcu_read_lock_sched(); ++ rcu_read_lock(); + for_each_pwq(pwq, wq) { + WARN_ON_ONCE(pwq->nr_active < 0); + if (pwq->nr_active) { + busy = true; +- rcu_read_unlock_sched(); ++ rcu_read_unlock(); + goto out_unlock; + } + } +- rcu_read_unlock_sched(); ++ rcu_read_unlock(); + } + out_unlock: + mutex_unlock(&wq_pool_mutex); +diff -Nur linux-3.18.9.orig/kernel/workqueue_internal.h linux-3.18.9/kernel/workqueue_internal.h +--- linux-3.18.9.orig/kernel/workqueue_internal.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/kernel/workqueue_internal.h 2015-03-15 16:03:03.864094875 -0500 +@@ -43,6 +43,7 @@ + unsigned long last_active; /* L: last active timestamp */ + unsigned int flags; /* X: flags */ + int id; /* I: worker id */ ++ int sleeping; /* None */ + + /* + * Opaque string set with work_set_desc(). Printed out with task +@@ -68,7 +69,7 @@ + * Scheduler hooks for concurrency managed workqueue. Only to be used from + * sched/core.c and workqueue.c. + */ +-void wq_worker_waking_up(struct task_struct *task, int cpu); +-struct task_struct *wq_worker_sleeping(struct task_struct *task, int cpu); ++void wq_worker_running(struct task_struct *task); ++void wq_worker_sleeping(struct task_struct *task); + + #endif /* _KERNEL_WORKQUEUE_INTERNAL_H */ +diff -Nur linux-3.18.9.orig/lib/debugobjects.c linux-3.18.9/lib/debugobjects.c +--- linux-3.18.9.orig/lib/debugobjects.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/lib/debugobjects.c 2015-03-15 16:03:03.864094875 -0500 +@@ -309,7 +309,10 @@ + struct debug_obj *obj; + unsigned long flags; + +- fill_pool(); ++#ifdef CONFIG_PREEMPT_RT_FULL ++ if (preempt_count() == 0 && !irqs_disabled()) ++#endif ++ fill_pool(); + + db = get_bucket((unsigned long) addr); + +diff -Nur linux-3.18.9.orig/lib/idr.c linux-3.18.9/lib/idr.c +--- linux-3.18.9.orig/lib/idr.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/lib/idr.c 2015-03-15 16:03:03.868094875 -0500 +@@ -31,6 +31,7 @@ + #include <linux/spinlock.h> + #include <linux/percpu.h> + #include <linux/hardirq.h> ++#include <linux/locallock.h> + + #define MAX_IDR_SHIFT (sizeof(int) * 8 - 1) + #define MAX_IDR_BIT (1U << MAX_IDR_SHIFT) +@@ -367,6 +368,35 @@ + idr_mark_full(pa, id); + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++static DEFINE_LOCAL_IRQ_LOCK(idr_lock); ++ ++static inline void idr_preload_lock(void) ++{ ++ local_lock(idr_lock); ++} ++ ++static inline void idr_preload_unlock(void) ++{ ++ local_unlock(idr_lock); ++} ++ ++void idr_preload_end(void) ++{ ++ idr_preload_unlock(); ++} ++EXPORT_SYMBOL(idr_preload_end); ++#else ++static inline void idr_preload_lock(void) ++{ ++ preempt_disable(); ++} ++ ++static inline void idr_preload_unlock(void) ++{ ++ preempt_enable(); ++} ++#endif + + /** + * idr_preload - preload for idr_alloc() +@@ -402,7 +432,7 @@ + WARN_ON_ONCE(in_interrupt()); + might_sleep_if(gfp_mask & __GFP_WAIT); + +- preempt_disable(); ++ idr_preload_lock(); + + /* + * idr_alloc() is likely to succeed w/o full idr_layer buffer and +@@ -414,9 +444,9 @@ + while (__this_cpu_read(idr_preload_cnt) < MAX_IDR_FREE) { + struct idr_layer *new; + +- preempt_enable(); ++ idr_preload_unlock(); + new = kmem_cache_zalloc(idr_layer_cache, gfp_mask); +- preempt_disable(); ++ idr_preload_lock(); + if (!new) + break; + +diff -Nur linux-3.18.9.orig/lib/Kconfig linux-3.18.9/lib/Kconfig +--- linux-3.18.9.orig/lib/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/lib/Kconfig 2015-03-15 16:03:03.868094875 -0500 +@@ -383,6 +383,7 @@ + + config CPUMASK_OFFSTACK + bool "Force CPU masks off stack" if DEBUG_PER_CPU_MAPS ++ depends on !PREEMPT_RT_FULL + help + Use dynamic allocation for cpumask_var_t, instead of putting + them on the stack. This is a bit more expensive, but avoids +diff -Nur linux-3.18.9.orig/lib/Kconfig.debug linux-3.18.9/lib/Kconfig.debug +--- linux-3.18.9.orig/lib/Kconfig.debug 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/lib/Kconfig.debug 2015-03-15 16:03:03.868094875 -0500 +@@ -639,7 +639,7 @@ + + config DEBUG_SHIRQ + bool "Debug shared IRQ handlers" +- depends on DEBUG_KERNEL ++ depends on DEBUG_KERNEL && !PREEMPT_RT_BASE + help + Enable this to generate a spurious interrupt as soon as a shared + interrupt handler is registered, and just before one is deregistered. +diff -Nur linux-3.18.9.orig/lib/locking-selftest.c linux-3.18.9/lib/locking-selftest.c +--- linux-3.18.9.orig/lib/locking-selftest.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/lib/locking-selftest.c 2015-03-15 16:03:03.868094875 -0500 +@@ -1858,6 +1858,7 @@ + + printk(" --------------------------------------------------------------------------\n"); + ++#ifndef CONFIG_PREEMPT_RT_FULL + /* + * irq-context testcases: + */ +@@ -1870,6 +1871,28 @@ + + DO_TESTCASE_6x2("irq read-recursion", irq_read_recursion); + // DO_TESTCASE_6x2B("irq read-recursion #2", irq_read_recursion2); ++#else ++ /* On -rt, we only do hardirq context test for raw spinlock */ ++ DO_TESTCASE_1B("hard-irqs-on + irq-safe-A", irqsafe1_hard_spin, 12); ++ DO_TESTCASE_1B("hard-irqs-on + irq-safe-A", irqsafe1_hard_spin, 21); ++ ++ DO_TESTCASE_1B("hard-safe-A + irqs-on", irqsafe2B_hard_spin, 12); ++ DO_TESTCASE_1B("hard-safe-A + irqs-on", irqsafe2B_hard_spin, 21); ++ ++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #1", irqsafe3_hard_spin, 123); ++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #1", irqsafe3_hard_spin, 132); ++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #1", irqsafe3_hard_spin, 213); ++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #1", irqsafe3_hard_spin, 231); ++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #1", irqsafe3_hard_spin, 312); ++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #1", irqsafe3_hard_spin, 321); ++ ++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #2", irqsafe4_hard_spin, 123); ++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #2", irqsafe4_hard_spin, 132); ++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #2", irqsafe4_hard_spin, 213); ++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #2", irqsafe4_hard_spin, 231); ++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #2", irqsafe4_hard_spin, 312); ++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #2", irqsafe4_hard_spin, 321); ++#endif + + ww_tests(); + +diff -Nur linux-3.18.9.orig/lib/percpu_ida.c linux-3.18.9/lib/percpu_ida.c +--- linux-3.18.9.orig/lib/percpu_ida.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/lib/percpu_ida.c 2015-03-15 16:03:03.868094875 -0500 +@@ -29,6 +29,9 @@ + #include <linux/string.h> + #include <linux/spinlock.h> + #include <linux/percpu_ida.h> ++#include <linux/locallock.h> ++ ++static DEFINE_LOCAL_IRQ_LOCK(irq_off_lock); + + struct percpu_ida_cpu { + /* +@@ -151,13 +154,13 @@ + unsigned long flags; + int tag; + +- local_irq_save(flags); ++ local_lock_irqsave(irq_off_lock, flags); + tags = this_cpu_ptr(pool->tag_cpu); + + /* Fastpath */ + tag = alloc_local_tag(tags); + if (likely(tag >= 0)) { +- local_irq_restore(flags); ++ local_unlock_irqrestore(irq_off_lock, flags); + return tag; + } + +@@ -176,6 +179,7 @@ + + if (!tags->nr_free) + alloc_global_tags(pool, tags); ++ + if (!tags->nr_free) + steal_tags(pool, tags); + +@@ -187,7 +191,7 @@ + } + + spin_unlock(&pool->lock); +- local_irq_restore(flags); ++ local_unlock_irqrestore(irq_off_lock, flags); + + if (tag >= 0 || state == TASK_RUNNING) + break; +@@ -199,7 +203,7 @@ + + schedule(); + +- local_irq_save(flags); ++ local_lock_irqsave(irq_off_lock, flags); + tags = this_cpu_ptr(pool->tag_cpu); + } + if (state != TASK_RUNNING) +@@ -224,7 +228,7 @@ + + BUG_ON(tag >= pool->nr_tags); + +- local_irq_save(flags); ++ local_lock_irqsave(irq_off_lock, flags); + tags = this_cpu_ptr(pool->tag_cpu); + + spin_lock(&tags->lock); +@@ -256,7 +260,7 @@ + spin_unlock(&pool->lock); + } + +- local_irq_restore(flags); ++ local_unlock_irqrestore(irq_off_lock, flags); + } + EXPORT_SYMBOL_GPL(percpu_ida_free); + +@@ -348,7 +352,7 @@ + struct percpu_ida_cpu *remote; + unsigned cpu, i, err = 0; + +- local_irq_save(flags); ++ local_lock_irqsave(irq_off_lock, flags); + for_each_possible_cpu(cpu) { + remote = per_cpu_ptr(pool->tag_cpu, cpu); + spin_lock(&remote->lock); +@@ -370,7 +374,7 @@ + } + spin_unlock(&pool->lock); + out: +- local_irq_restore(flags); ++ local_unlock_irqrestore(irq_off_lock, flags); + return err; + } + EXPORT_SYMBOL_GPL(percpu_ida_for_each_free); +diff -Nur linux-3.18.9.orig/lib/radix-tree.c linux-3.18.9/lib/radix-tree.c +--- linux-3.18.9.orig/lib/radix-tree.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/lib/radix-tree.c 2015-03-15 16:03:03.868094875 -0500 +@@ -195,12 +195,13 @@ + * succeed in getting a node here (and never reach + * kmem_cache_alloc) + */ +- rtp = this_cpu_ptr(&radix_tree_preloads); ++ rtp = &get_cpu_var(radix_tree_preloads); + if (rtp->nr) { + ret = rtp->nodes[rtp->nr - 1]; + rtp->nodes[rtp->nr - 1] = NULL; + rtp->nr--; + } ++ put_cpu_var(radix_tree_preloads); + /* + * Update the allocation stack trace as this is more useful + * for debugging. +@@ -240,6 +241,7 @@ + call_rcu(&node->rcu_head, radix_tree_node_rcu_free); + } + ++#ifndef CONFIG_PREEMPT_RT_FULL + /* + * Load up this CPU's radix_tree_node buffer with sufficient objects to + * ensure that the addition of a single element in the tree cannot fail. On +@@ -305,6 +307,7 @@ + return 0; + } + EXPORT_SYMBOL(radix_tree_maybe_preload); ++#endif + + /* + * Return the maximum key which can be store into a +diff -Nur linux-3.18.9.orig/lib/scatterlist.c linux-3.18.9/lib/scatterlist.c +--- linux-3.18.9.orig/lib/scatterlist.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/lib/scatterlist.c 2015-03-15 16:03:03.868094875 -0500 +@@ -592,7 +592,7 @@ + flush_kernel_dcache_page(miter->page); + + if (miter->__flags & SG_MITER_ATOMIC) { +- WARN_ON_ONCE(preemptible()); ++ WARN_ON_ONCE(!pagefault_disabled()); + kunmap_atomic(miter->addr); + } else + kunmap(miter->page); +@@ -637,7 +637,7 @@ + if (!sg_miter_skip(&miter, skip)) + return false; + +- local_irq_save(flags); ++ local_irq_save_nort(flags); + + while (sg_miter_next(&miter) && offset < buflen) { + unsigned int len; +@@ -654,7 +654,7 @@ + + sg_miter_stop(&miter); + +- local_irq_restore(flags); ++ local_irq_restore_nort(flags); + return offset; + } + +diff -Nur linux-3.18.9.orig/lib/smp_processor_id.c linux-3.18.9/lib/smp_processor_id.c +--- linux-3.18.9.orig/lib/smp_processor_id.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/lib/smp_processor_id.c 2015-03-15 16:03:03.868094875 -0500 +@@ -39,8 +39,9 @@ + if (!printk_ratelimit()) + goto out_enable; + +- printk(KERN_ERR "BUG: using %s%s() in preemptible [%08x] code: %s/%d\n", +- what1, what2, preempt_count() - 1, current->comm, current->pid); ++ printk(KERN_ERR "BUG: using %s%s() in preemptible [%08x %08x] code: %s/%d\n", ++ what1, what2, preempt_count() - 1, __migrate_disabled(current), ++ current->comm, current->pid); + + print_symbol("caller is %s\n", (long)__builtin_return_address(0)); + dump_stack(); +diff -Nur linux-3.18.9.orig/mm/filemap.c linux-3.18.9/mm/filemap.c +--- linux-3.18.9.orig/mm/filemap.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/filemap.c 2015-03-15 16:03:03.868094875 -0500 +@@ -168,7 +168,9 @@ + if (!workingset_node_pages(node) && + list_empty(&node->private_list)) { + node->private_data = mapping; +- list_lru_add(&workingset_shadow_nodes, &node->private_list); ++ local_lock(workingset_shadow_lock); ++ list_lru_add(&__workingset_shadow_nodes, &node->private_list); ++ local_unlock(workingset_shadow_lock); + } + } + +@@ -535,9 +537,12 @@ + * node->private_list is protected by + * mapping->tree_lock. + */ +- if (!list_empty(&node->private_list)) +- list_lru_del(&workingset_shadow_nodes, ++ if (!list_empty(&node->private_list)) { ++ local_lock(workingset_shadow_lock); ++ list_lru_del(&__workingset_shadow_nodes, + &node->private_list); ++ local_unlock(workingset_shadow_lock); ++ } + } + return 0; + } +diff -Nur linux-3.18.9.orig/mm/highmem.c linux-3.18.9/mm/highmem.c +--- linux-3.18.9.orig/mm/highmem.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/highmem.c 2015-03-15 16:03:03.868094875 -0500 +@@ -29,10 +29,11 @@ + #include <linux/kgdb.h> + #include <asm/tlbflush.h> + +- ++#ifndef CONFIG_PREEMPT_RT_FULL + #if defined(CONFIG_HIGHMEM) || defined(CONFIG_X86_32) + DEFINE_PER_CPU(int, __kmap_atomic_idx); + #endif ++#endif + + /* + * Virtual_count is not a pure "count". +@@ -107,8 +108,9 @@ + unsigned long totalhigh_pages __read_mostly; + EXPORT_SYMBOL(totalhigh_pages); + +- ++#ifndef CONFIG_PREEMPT_RT_FULL + EXPORT_PER_CPU_SYMBOL(__kmap_atomic_idx); ++#endif + + unsigned int nr_free_highpages (void) + { +diff -Nur linux-3.18.9.orig/mm/Kconfig linux-3.18.9/mm/Kconfig +--- linux-3.18.9.orig/mm/Kconfig 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/Kconfig 2015-03-15 16:03:03.872094875 -0500 +@@ -408,7 +408,7 @@ + + config TRANSPARENT_HUGEPAGE + bool "Transparent Hugepage Support" +- depends on HAVE_ARCH_TRANSPARENT_HUGEPAGE ++ depends on HAVE_ARCH_TRANSPARENT_HUGEPAGE && !PREEMPT_RT_FULL + select COMPACTION + help + Transparent Hugepages allows the kernel to use huge pages and +diff -Nur linux-3.18.9.orig/mm/memcontrol.c linux-3.18.9/mm/memcontrol.c +--- linux-3.18.9.orig/mm/memcontrol.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/memcontrol.c 2015-03-15 16:03:03.872094875 -0500 +@@ -60,6 +60,8 @@ + #include <net/sock.h> + #include <net/ip.h> + #include <net/tcp_memcontrol.h> ++#include <linux/locallock.h> ++ + #include "slab.h" + + #include <asm/uaccess.h> +@@ -87,6 +89,7 @@ + #define do_swap_account 0 + #endif + ++static DEFINE_LOCAL_IRQ_LOCK(event_lock); + + static const char * const mem_cgroup_stat_names[] = { + "cache", +@@ -2376,14 +2379,17 @@ + */ + static void refill_stock(struct mem_cgroup *memcg, unsigned int nr_pages) + { +- struct memcg_stock_pcp *stock = &get_cpu_var(memcg_stock); ++ struct memcg_stock_pcp *stock; ++ int cpu = get_cpu_light(); ++ ++ stock = &per_cpu(memcg_stock, cpu); + + if (stock->cached != memcg) { /* reset if necessary */ + drain_stock(stock); + stock->cached = memcg; + } + stock->nr_pages += nr_pages; +- put_cpu_var(memcg_stock); ++ put_cpu_light(); + } + + /* +@@ -2397,7 +2403,7 @@ + + /* Notify other cpus that system-wide "drain" is running */ + get_online_cpus(); +- curcpu = get_cpu(); ++ curcpu = get_cpu_light(); + for_each_online_cpu(cpu) { + struct memcg_stock_pcp *stock = &per_cpu(memcg_stock, cpu); + struct mem_cgroup *memcg; +@@ -2414,7 +2420,7 @@ + schedule_work_on(cpu, &stock->work); + } + } +- put_cpu(); ++ put_cpu_light(); + + if (!sync) + goto out; +@@ -3419,12 +3425,12 @@ + move_unlock_mem_cgroup(from, &flags); + ret = 0; + +- local_irq_disable(); ++ local_lock_irq(event_lock); + mem_cgroup_charge_statistics(to, page, nr_pages); + memcg_check_events(to, page); + mem_cgroup_charge_statistics(from, page, -nr_pages); + memcg_check_events(from, page); +- local_irq_enable(); ++ local_unlock_irq(event_lock); + out_unlock: + unlock_page(page); + out: +@@ -6406,10 +6412,10 @@ + VM_BUG_ON_PAGE(!PageTransHuge(page), page); + } + +- local_irq_disable(); ++ local_lock_irq(event_lock); + mem_cgroup_charge_statistics(memcg, page, nr_pages); + memcg_check_events(memcg, page); +- local_irq_enable(); ++ local_unlock_irq(event_lock); + + if (do_swap_account && PageSwapCache(page)) { + swp_entry_t entry = { .val = page_private(page) }; +@@ -6468,14 +6474,14 @@ + memcg_oom_recover(memcg); + } + +- local_irq_save(flags); ++ local_lock_irqsave(event_lock, flags); + __this_cpu_sub(memcg->stat->count[MEM_CGROUP_STAT_RSS], nr_anon); + __this_cpu_sub(memcg->stat->count[MEM_CGROUP_STAT_CACHE], nr_file); + __this_cpu_sub(memcg->stat->count[MEM_CGROUP_STAT_RSS_HUGE], nr_huge); + __this_cpu_add(memcg->stat->events[MEM_CGROUP_EVENTS_PGPGOUT], pgpgout); + __this_cpu_add(memcg->stat->nr_page_events, nr_anon + nr_file); + memcg_check_events(memcg, dummy_page); +- local_irq_restore(flags); ++ local_unlock_irqrestore(event_lock, flags); + } + + static void uncharge_list(struct list_head *page_list) +diff -Nur linux-3.18.9.orig/mm/memory.c linux-3.18.9/mm/memory.c +--- linux-3.18.9.orig/mm/memory.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/memory.c 2015-03-15 16:03:03.872094875 -0500 +@@ -3258,6 +3258,32 @@ + return 0; + } + ++#ifdef CONFIG_PREEMPT_RT_FULL ++void pagefault_disable(void) ++{ ++ migrate_disable(); ++ current->pagefault_disabled++; ++ /* ++ * make sure to have issued the store before a pagefault ++ * can hit. ++ */ ++ barrier(); ++} ++EXPORT_SYMBOL(pagefault_disable); ++ ++void pagefault_enable(void) ++{ ++ /* ++ * make sure to issue those last loads/stores before enabling ++ * the pagefault handler again. ++ */ ++ barrier(); ++ current->pagefault_disabled--; ++ migrate_enable(); ++} ++EXPORT_SYMBOL(pagefault_enable); ++#endif ++ + /* + * By the time we get here, we already hold the mm semaphore + * +diff -Nur linux-3.18.9.orig/mm/mmu_context.c linux-3.18.9/mm/mmu_context.c +--- linux-3.18.9.orig/mm/mmu_context.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/mmu_context.c 2015-03-15 16:03:03.872094875 -0500 +@@ -23,6 +23,7 @@ + struct task_struct *tsk = current; + + task_lock(tsk); ++ preempt_disable_rt(); + active_mm = tsk->active_mm; + if (active_mm != mm) { + atomic_inc(&mm->mm_count); +@@ -30,6 +31,7 @@ + } + tsk->mm = mm; + switch_mm(active_mm, mm, tsk); ++ preempt_enable_rt(); + task_unlock(tsk); + #ifdef finish_arch_post_lock_switch + finish_arch_post_lock_switch(); +diff -Nur linux-3.18.9.orig/mm/page_alloc.c linux-3.18.9/mm/page_alloc.c +--- linux-3.18.9.orig/mm/page_alloc.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/page_alloc.c 2015-03-15 16:03:03.872094875 -0500 +@@ -59,6 +59,7 @@ + #include <linux/page-debug-flags.h> + #include <linux/hugetlb.h> + #include <linux/sched/rt.h> ++#include <linux/locallock.h> + + #include <asm/sections.h> + #include <asm/tlbflush.h> +@@ -230,6 +231,18 @@ + EXPORT_SYMBOL(nr_online_nodes); + #endif + ++static DEFINE_LOCAL_IRQ_LOCK(pa_lock); ++ ++#ifdef CONFIG_PREEMPT_RT_BASE ++# define cpu_lock_irqsave(cpu, flags) \ ++ local_lock_irqsave_on(pa_lock, flags, cpu) ++# define cpu_unlock_irqrestore(cpu, flags) \ ++ local_unlock_irqrestore_on(pa_lock, flags, cpu) ++#else ++# define cpu_lock_irqsave(cpu, flags) local_irq_save(flags) ++# define cpu_unlock_irqrestore(cpu, flags) local_irq_restore(flags) ++#endif ++ + int page_group_by_mobility_disabled __read_mostly; + + void set_pageblock_migratetype(struct page *page, int migratetype) +@@ -654,7 +667,7 @@ + } + + /* +- * Frees a number of pages from the PCP lists ++ * Frees a number of pages which have been collected from the pcp lists. + * Assumes all pages on list are in same zone, and of same order. + * count is the number of pages to free. + * +@@ -665,18 +678,51 @@ + * pinned" detection logic. + */ + static void free_pcppages_bulk(struct zone *zone, int count, +- struct per_cpu_pages *pcp) ++ struct list_head *list) + { +- int migratetype = 0; +- int batch_free = 0; + int to_free = count; + unsigned long nr_scanned; ++ unsigned long flags; ++ ++ spin_lock_irqsave(&zone->lock, flags); + +- spin_lock(&zone->lock); + nr_scanned = zone_page_state(zone, NR_PAGES_SCANNED); + if (nr_scanned) + __mod_zone_page_state(zone, NR_PAGES_SCANNED, -nr_scanned); + ++ while (!list_empty(list)) { ++ struct page *page = list_first_entry(list, struct page, lru); ++ int mt; /* migratetype of the to-be-freed page */ ++ ++ /* must delete as __free_one_page list manipulates */ ++ list_del(&page->lru); ++ ++ mt = get_freepage_migratetype(page); ++ if (unlikely(has_isolate_pageblock(zone))) ++ mt = get_pageblock_migratetype(page); ++ ++ /* MIGRATE_MOVABLE list may include MIGRATE_RESERVEs */ ++ __free_one_page(page, page_to_pfn(page), zone, 0, mt); ++ trace_mm_page_pcpu_drain(page, 0, mt); ++ to_free--; ++ } ++ WARN_ON(to_free != 0); ++ spin_unlock_irqrestore(&zone->lock, flags); ++} ++ ++/* ++ * Moves a number of pages from the PCP lists to free list which ++ * is freed outside of the locked region. ++ * ++ * Assumes all pages on list are in same zone, and of same order. ++ * count is the number of pages to free. ++ */ ++static void isolate_pcp_pages(int to_free, struct per_cpu_pages *src, ++ struct list_head *dst) ++{ ++ int migratetype = 0; ++ int batch_free = 0; ++ + while (to_free) { + struct page *page; + struct list_head *list; +@@ -692,7 +738,7 @@ + batch_free++; + if (++migratetype == MIGRATE_PCPTYPES) + migratetype = 0; +- list = &pcp->lists[migratetype]; ++ list = &src->lists[migratetype]; + } while (list_empty(list)); + + /* This is the only non-empty list. Free them all. */ +@@ -700,21 +746,11 @@ + batch_free = to_free; + + do { +- int mt; /* migratetype of the to-be-freed page */ +- +- page = list_entry(list->prev, struct page, lru); +- /* must delete as __free_one_page list manipulates */ ++ page = list_last_entry(list, struct page, lru); + list_del(&page->lru); +- mt = get_freepage_migratetype(page); +- if (unlikely(has_isolate_pageblock(zone))) +- mt = get_pageblock_migratetype(page); +- +- /* MIGRATE_MOVABLE list may include MIGRATE_RESERVEs */ +- __free_one_page(page, page_to_pfn(page), zone, 0, mt); +- trace_mm_page_pcpu_drain(page, 0, mt); ++ list_add(&page->lru, dst); + } while (--to_free && --batch_free && !list_empty(list)); + } +- spin_unlock(&zone->lock); + } + + static void free_one_page(struct zone *zone, +@@ -723,7 +759,9 @@ + int migratetype) + { + unsigned long nr_scanned; +- spin_lock(&zone->lock); ++ unsigned long flags; ++ ++ spin_lock_irqsave(&zone->lock, flags); + nr_scanned = zone_page_state(zone, NR_PAGES_SCANNED); + if (nr_scanned) + __mod_zone_page_state(zone, NR_PAGES_SCANNED, -nr_scanned); +@@ -733,7 +771,7 @@ + migratetype = get_pfnblock_migratetype(page, pfn); + } + __free_one_page(page, pfn, zone, order, migratetype); +- spin_unlock(&zone->lock); ++ spin_unlock_irqrestore(&zone->lock, flags); + } + + static bool free_pages_prepare(struct page *page, unsigned int order) +@@ -773,11 +811,11 @@ + return; + + migratetype = get_pfnblock_migratetype(page, pfn); +- local_irq_save(flags); ++ local_lock_irqsave(pa_lock, flags); + __count_vm_events(PGFREE, 1 << order); + set_freepage_migratetype(page, migratetype); + free_one_page(page_zone(page), page, pfn, order, migratetype); +- local_irq_restore(flags); ++ local_unlock_irqrestore(pa_lock, flags); + } + + void __init __free_pages_bootmem(struct page *page, unsigned int order) +@@ -1253,16 +1291,18 @@ + void drain_zone_pages(struct zone *zone, struct per_cpu_pages *pcp) + { + unsigned long flags; ++ LIST_HEAD(dst); + int to_drain, batch; + +- local_irq_save(flags); ++ local_lock_irqsave(pa_lock, flags); + batch = ACCESS_ONCE(pcp->batch); + to_drain = min(pcp->count, batch); + if (to_drain > 0) { +- free_pcppages_bulk(zone, to_drain, pcp); ++ isolate_pcp_pages(to_drain, pcp, &dst); + pcp->count -= to_drain; + } +- local_irq_restore(flags); ++ local_unlock_irqrestore(pa_lock, flags); ++ free_pcppages_bulk(zone, to_drain, &dst); + } + #endif + +@@ -1281,16 +1321,21 @@ + for_each_populated_zone(zone) { + struct per_cpu_pageset *pset; + struct per_cpu_pages *pcp; ++ LIST_HEAD(dst); ++ int count; + +- local_irq_save(flags); ++ cpu_lock_irqsave(cpu, flags); + pset = per_cpu_ptr(zone->pageset, cpu); + + pcp = &pset->pcp; +- if (pcp->count) { +- free_pcppages_bulk(zone, pcp->count, pcp); ++ count = pcp->count; ++ if (count) { ++ isolate_pcp_pages(count, pcp, &dst); + pcp->count = 0; + } +- local_irq_restore(flags); ++ cpu_unlock_irqrestore(cpu, flags); ++ if (count) ++ free_pcppages_bulk(zone, count, &dst); + } + } + +@@ -1343,7 +1388,12 @@ + else + cpumask_clear_cpu(cpu, &cpus_with_pcps); + } ++#ifndef CONFIG_PREEMPT_RT_BASE + on_each_cpu_mask(&cpus_with_pcps, drain_local_pages, NULL, 1); ++#else ++ for_each_cpu(cpu, &cpus_with_pcps) ++ drain_pages(cpu); ++#endif + } + + #ifdef CONFIG_HIBERNATION +@@ -1399,7 +1449,7 @@ + + migratetype = get_pfnblock_migratetype(page, pfn); + set_freepage_migratetype(page, migratetype); +- local_irq_save(flags); ++ local_lock_irqsave(pa_lock, flags); + __count_vm_event(PGFREE); + + /* +@@ -1425,12 +1475,17 @@ + pcp->count++; + if (pcp->count >= pcp->high) { + unsigned long batch = ACCESS_ONCE(pcp->batch); +- free_pcppages_bulk(zone, batch, pcp); ++ LIST_HEAD(dst); ++ ++ isolate_pcp_pages(batch, pcp, &dst); + pcp->count -= batch; ++ local_unlock_irqrestore(pa_lock, flags); ++ free_pcppages_bulk(zone, batch, &dst); ++ return; + } + + out: +- local_irq_restore(flags); ++ local_unlock_irqrestore(pa_lock, flags); + } + + /* +@@ -1560,7 +1615,7 @@ + struct per_cpu_pages *pcp; + struct list_head *list; + +- local_irq_save(flags); ++ local_lock_irqsave(pa_lock, flags); + pcp = &this_cpu_ptr(zone->pageset)->pcp; + list = &pcp->lists[migratetype]; + if (list_empty(list)) { +@@ -1592,13 +1647,15 @@ + */ + WARN_ON_ONCE(order > 1); + } +- spin_lock_irqsave(&zone->lock, flags); ++ local_spin_lock_irqsave(pa_lock, &zone->lock, flags); + page = __rmqueue(zone, order, migratetype); +- spin_unlock(&zone->lock); +- if (!page) ++ if (!page) { ++ spin_unlock(&zone->lock); + goto failed; ++ } + __mod_zone_freepage_state(zone, -(1 << order), + get_freepage_migratetype(page)); ++ spin_unlock(&zone->lock); + } + + __mod_zone_page_state(zone, NR_ALLOC_BATCH, -(1 << order)); +@@ -1608,7 +1665,7 @@ + + __count_zone_vm_events(PGALLOC, zone, 1 << order); + zone_statistics(preferred_zone, zone, gfp_flags); +- local_irq_restore(flags); ++ local_unlock_irqrestore(pa_lock, flags); + + VM_BUG_ON_PAGE(bad_range(zone, page), page); + if (prep_new_page(page, order, gfp_flags)) +@@ -1616,7 +1673,7 @@ + return page; + + failed: +- local_irq_restore(flags); ++ local_unlock_irqrestore(pa_lock, flags); + return NULL; + } + +@@ -2327,8 +2384,8 @@ + count_vm_event(COMPACTSTALL); + + /* Page migration frees to the PCP lists but we want merging */ +- drain_pages(get_cpu()); +- put_cpu(); ++ drain_pages(get_cpu_light()); ++ put_cpu_light(); + + page = get_page_from_freelist(gfp_mask, nodemask, + order, zonelist, high_zoneidx, +@@ -5567,6 +5624,7 @@ + void __init page_alloc_init(void) + { + hotcpu_notifier(page_alloc_cpu_notify, 0); ++ local_irq_lock_init(pa_lock); + } + + /* +@@ -6461,7 +6519,7 @@ + struct per_cpu_pageset *pset; + + /* avoid races with drain_pages() */ +- local_irq_save(flags); ++ local_lock_irqsave(pa_lock, flags); + if (zone->pageset != &boot_pageset) { + for_each_online_cpu(cpu) { + pset = per_cpu_ptr(zone->pageset, cpu); +@@ -6470,7 +6528,7 @@ + free_percpu(zone->pageset); + zone->pageset = &boot_pageset; + } +- local_irq_restore(flags); ++ local_unlock_irqrestore(pa_lock, flags); + } + + #ifdef CONFIG_MEMORY_HOTREMOVE +diff -Nur linux-3.18.9.orig/mm/slab.h linux-3.18.9/mm/slab.h +--- linux-3.18.9.orig/mm/slab.h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/slab.h 2015-03-15 16:03:03.872094875 -0500 +@@ -315,7 +315,11 @@ + * The slab lists for all objects. + */ + struct kmem_cache_node { ++#ifdef CONFIG_SLUB ++ raw_spinlock_t list_lock; ++#else + spinlock_t list_lock; ++#endif + + #ifdef CONFIG_SLAB + struct list_head slabs_partial; /* partial list first, better asm code */ +diff -Nur linux-3.18.9.orig/mm/slub.c linux-3.18.9/mm/slub.c +--- linux-3.18.9.orig/mm/slub.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/slub.c 2015-03-15 16:03:03.876094875 -0500 +@@ -1044,7 +1044,7 @@ + { + struct kmem_cache_node *n = get_node(s, page_to_nid(page)); + +- spin_lock_irqsave(&n->list_lock, *flags); ++ raw_spin_lock_irqsave(&n->list_lock, *flags); + slab_lock(page); + + if (!check_slab(s, page)) +@@ -1091,7 +1091,7 @@ + + fail: + slab_unlock(page); +- spin_unlock_irqrestore(&n->list_lock, *flags); ++ raw_spin_unlock_irqrestore(&n->list_lock, *flags); + slab_fix(s, "Object at 0x%p not freed", object); + return NULL; + } +@@ -1219,6 +1219,12 @@ + + #endif /* CONFIG_SLUB_DEBUG */ + ++struct slub_free_list { ++ raw_spinlock_t lock; ++ struct list_head list; ++}; ++static DEFINE_PER_CPU(struct slub_free_list, slub_free_list); ++ + /* + * Hooks for other subsystems that check memory allocations. In a typical + * production configuration these hooks all should produce no code at all. +@@ -1303,10 +1309,15 @@ + struct page *page; + struct kmem_cache_order_objects oo = s->oo; + gfp_t alloc_gfp; ++ bool enableirqs; + + flags &= gfp_allowed_mask; + +- if (flags & __GFP_WAIT) ++ enableirqs = (flags & __GFP_WAIT) != 0; ++#ifdef CONFIG_PREEMPT_RT_FULL ++ enableirqs |= system_state == SYSTEM_RUNNING; ++#endif ++ if (enableirqs) + local_irq_enable(); + + flags |= s->allocflags; +@@ -1347,7 +1358,7 @@ + kmemcheck_mark_unallocated_pages(page, pages); + } + +- if (flags & __GFP_WAIT) ++ if (enableirqs) + local_irq_disable(); + if (!page) + return NULL; +@@ -1365,8 +1376,10 @@ + void *object) + { + setup_object_debug(s, page, object); ++#ifndef CONFIG_PREEMPT_RT_FULL + if (unlikely(s->ctor)) + s->ctor(object); ++#endif + } + + static struct page *new_slab(struct kmem_cache *s, gfp_t flags, int node) +@@ -1442,6 +1455,16 @@ + memcg_uncharge_slab(s, order); + } + ++static void free_delayed(struct list_head *h) ++{ ++ while(!list_empty(h)) { ++ struct page *page = list_first_entry(h, struct page, lru); ++ ++ list_del(&page->lru); ++ __free_slab(page->slab_cache, page); ++ } ++} ++ + #define need_reserve_slab_rcu \ + (sizeof(((struct page *)NULL)->lru) < sizeof(struct rcu_head)) + +@@ -1476,6 +1499,12 @@ + } + + call_rcu(head, rcu_free_slab); ++ } else if (irqs_disabled()) { ++ struct slub_free_list *f = &__get_cpu_var(slub_free_list); ++ ++ raw_spin_lock(&f->lock); ++ list_add(&page->lru, &f->list); ++ raw_spin_unlock(&f->lock); + } else + __free_slab(s, page); + } +@@ -1589,7 +1618,7 @@ + if (!n || !n->nr_partial) + return NULL; + +- spin_lock(&n->list_lock); ++ raw_spin_lock(&n->list_lock); + list_for_each_entry_safe(page, page2, &n->partial, lru) { + void *t; + +@@ -1614,7 +1643,7 @@ + break; + + } +- spin_unlock(&n->list_lock); ++ raw_spin_unlock(&n->list_lock); + return object; + } + +@@ -1860,7 +1889,7 @@ + * that acquire_slab() will see a slab page that + * is frozen + */ +- spin_lock(&n->list_lock); ++ raw_spin_lock(&n->list_lock); + } + } else { + m = M_FULL; +@@ -1871,7 +1900,7 @@ + * slabs from diagnostic functions will not see + * any frozen slabs. + */ +- spin_lock(&n->list_lock); ++ raw_spin_lock(&n->list_lock); + } + } + +@@ -1906,7 +1935,7 @@ + goto redo; + + if (lock) +- spin_unlock(&n->list_lock); ++ raw_spin_unlock(&n->list_lock); + + if (m == M_FREE) { + stat(s, DEACTIVATE_EMPTY); +@@ -1938,10 +1967,10 @@ + n2 = get_node(s, page_to_nid(page)); + if (n != n2) { + if (n) +- spin_unlock(&n->list_lock); ++ raw_spin_unlock(&n->list_lock); + + n = n2; +- spin_lock(&n->list_lock); ++ raw_spin_lock(&n->list_lock); + } + + do { +@@ -1970,7 +1999,7 @@ + } + + if (n) +- spin_unlock(&n->list_lock); ++ raw_spin_unlock(&n->list_lock); + + while (discard_page) { + page = discard_page; +@@ -2008,14 +2037,21 @@ + pobjects = oldpage->pobjects; + pages = oldpage->pages; + if (drain && pobjects > s->cpu_partial) { ++ struct slub_free_list *f; + unsigned long flags; ++ LIST_HEAD(tofree); + /* + * partial array is full. Move the existing + * set to the per node partial list. + */ + local_irq_save(flags); + unfreeze_partials(s, this_cpu_ptr(s->cpu_slab)); ++ f = &__get_cpu_var(slub_free_list); ++ raw_spin_lock(&f->lock); ++ list_splice_init(&f->list, &tofree); ++ raw_spin_unlock(&f->lock); + local_irq_restore(flags); ++ free_delayed(&tofree); + oldpage = NULL; + pobjects = 0; + pages = 0; +@@ -2079,7 +2115,22 @@ + + static void flush_all(struct kmem_cache *s) + { ++ LIST_HEAD(tofree); ++ int cpu; ++ + on_each_cpu_cond(has_cpu_slab, flush_cpu_slab, s, 1, GFP_ATOMIC); ++ for_each_online_cpu(cpu) { ++ struct slub_free_list *f; ++ ++ if (!has_cpu_slab(cpu, s)) ++ continue; ++ ++ f = &per_cpu(slub_free_list, cpu); ++ raw_spin_lock_irq(&f->lock); ++ list_splice_init(&f->list, &tofree); ++ raw_spin_unlock_irq(&f->lock); ++ free_delayed(&tofree); ++ } + } + + /* +@@ -2115,10 +2166,10 @@ + unsigned long x = 0; + struct page *page; + +- spin_lock_irqsave(&n->list_lock, flags); ++ raw_spin_lock_irqsave(&n->list_lock, flags); + list_for_each_entry(page, &n->partial, lru) + x += get_count(page); +- spin_unlock_irqrestore(&n->list_lock, flags); ++ raw_spin_unlock_irqrestore(&n->list_lock, flags); + return x; + } + #endif /* CONFIG_SLUB_DEBUG || CONFIG_SYSFS */ +@@ -2255,9 +2306,11 @@ + static void *__slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node, + unsigned long addr, struct kmem_cache_cpu *c) + { ++ struct slub_free_list *f; + void *freelist; + struct page *page; + unsigned long flags; ++ LIST_HEAD(tofree); + + local_irq_save(flags); + #ifdef CONFIG_PREEMPT +@@ -2325,7 +2378,13 @@ + VM_BUG_ON(!c->page->frozen); + c->freelist = get_freepointer(s, freelist); + c->tid = next_tid(c->tid); ++out: ++ f = &__get_cpu_var(slub_free_list); ++ raw_spin_lock(&f->lock); ++ list_splice_init(&f->list, &tofree); ++ raw_spin_unlock(&f->lock); + local_irq_restore(flags); ++ free_delayed(&tofree); + return freelist; + + new_slab: +@@ -2342,8 +2401,7 @@ + + if (unlikely(!freelist)) { + slab_out_of_memory(s, gfpflags, node); +- local_irq_restore(flags); +- return NULL; ++ goto out; + } + + page = c->page; +@@ -2358,8 +2416,7 @@ + deactivate_slab(s, page, get_freepointer(s, freelist)); + c->page = NULL; + c->freelist = NULL; +- local_irq_restore(flags); +- return freelist; ++ goto out; + } + + /* +@@ -2444,6 +2501,10 @@ + + if (unlikely(gfpflags & __GFP_ZERO) && object) + memset(object, 0, s->object_size); ++#ifdef CONFIG_PREEMPT_RT_FULL ++ if (unlikely(s->ctor) && object) ++ s->ctor(object); ++#endif + + slab_post_alloc_hook(s, gfpflags, object); + +@@ -2531,7 +2592,7 @@ + + do { + if (unlikely(n)) { +- spin_unlock_irqrestore(&n->list_lock, flags); ++ raw_spin_unlock_irqrestore(&n->list_lock, flags); + n = NULL; + } + prior = page->freelist; +@@ -2563,7 +2624,7 @@ + * Otherwise the list_lock will synchronize with + * other processors updating the list of slabs. + */ +- spin_lock_irqsave(&n->list_lock, flags); ++ raw_spin_lock_irqsave(&n->list_lock, flags); + + } + } +@@ -2605,7 +2666,7 @@ + add_partial(n, page, DEACTIVATE_TO_TAIL); + stat(s, FREE_ADD_PARTIAL); + } +- spin_unlock_irqrestore(&n->list_lock, flags); ++ raw_spin_unlock_irqrestore(&n->list_lock, flags); + return; + + slab_empty: +@@ -2620,7 +2681,7 @@ + remove_full(s, n, page); + } + +- spin_unlock_irqrestore(&n->list_lock, flags); ++ raw_spin_unlock_irqrestore(&n->list_lock, flags); + stat(s, FREE_SLAB); + discard_slab(s, page); + } +@@ -2816,7 +2877,7 @@ + init_kmem_cache_node(struct kmem_cache_node *n) + { + n->nr_partial = 0; +- spin_lock_init(&n->list_lock); ++ raw_spin_lock_init(&n->list_lock); + INIT_LIST_HEAD(&n->partial); + #ifdef CONFIG_SLUB_DEBUG + atomic_long_set(&n->nr_slabs, 0); +@@ -3373,7 +3434,7 @@ + for (i = 0; i < objects; i++) + INIT_LIST_HEAD(slabs_by_inuse + i); + +- spin_lock_irqsave(&n->list_lock, flags); ++ raw_spin_lock_irqsave(&n->list_lock, flags); + + /* + * Build lists indexed by the items in use in each slab. +@@ -3394,7 +3455,7 @@ + for (i = objects - 1; i > 0; i--) + list_splice(slabs_by_inuse + i, n->partial.prev); + +- spin_unlock_irqrestore(&n->list_lock, flags); ++ raw_spin_unlock_irqrestore(&n->list_lock, flags); + + /* Release empty slabs */ + list_for_each_entry_safe(page, t, slabs_by_inuse, lru) +@@ -3567,6 +3628,12 @@ + { + static __initdata struct kmem_cache boot_kmem_cache, + boot_kmem_cache_node; ++ int cpu; ++ ++ for_each_possible_cpu(cpu) { ++ raw_spin_lock_init(&per_cpu(slub_free_list, cpu).lock); ++ INIT_LIST_HEAD(&per_cpu(slub_free_list, cpu).list); ++ } + + if (debug_guardpage_minorder()) + slub_max_order = 0; +@@ -3815,7 +3882,7 @@ + struct page *page; + unsigned long flags; + +- spin_lock_irqsave(&n->list_lock, flags); ++ raw_spin_lock_irqsave(&n->list_lock, flags); + + list_for_each_entry(page, &n->partial, lru) { + validate_slab_slab(s, page, map); +@@ -3837,7 +3904,7 @@ + s->name, count, atomic_long_read(&n->nr_slabs)); + + out: +- spin_unlock_irqrestore(&n->list_lock, flags); ++ raw_spin_unlock_irqrestore(&n->list_lock, flags); + return count; + } + +@@ -4025,12 +4092,12 @@ + if (!atomic_long_read(&n->nr_slabs)) + continue; + +- spin_lock_irqsave(&n->list_lock, flags); ++ raw_spin_lock_irqsave(&n->list_lock, flags); + list_for_each_entry(page, &n->partial, lru) + process_slab(&t, s, page, alloc, map); + list_for_each_entry(page, &n->full, lru) + process_slab(&t, s, page, alloc, map); +- spin_unlock_irqrestore(&n->list_lock, flags); ++ raw_spin_unlock_irqrestore(&n->list_lock, flags); + } + + for (i = 0; i < t.count; i++) { +diff -Nur linux-3.18.9.orig/mm/swap.c linux-3.18.9/mm/swap.c +--- linux-3.18.9.orig/mm/swap.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/swap.c 2015-03-15 16:03:03.876094875 -0500 +@@ -31,6 +31,7 @@ + #include <linux/memcontrol.h> + #include <linux/gfp.h> + #include <linux/uio.h> ++#include <linux/locallock.h> + + #include "internal.h" + +@@ -44,6 +45,9 @@ + static DEFINE_PER_CPU(struct pagevec, lru_rotate_pvecs); + static DEFINE_PER_CPU(struct pagevec, lru_deactivate_pvecs); + ++static DEFINE_LOCAL_IRQ_LOCK(rotate_lock); ++static DEFINE_LOCAL_IRQ_LOCK(swapvec_lock); ++ + /* + * This path almost never happens for VM activity - pages are normally + * freed via pagevecs. But it gets used by networking. +@@ -473,11 +477,11 @@ + unsigned long flags; + + page_cache_get(page); +- local_irq_save(flags); ++ local_lock_irqsave(rotate_lock, flags); + pvec = this_cpu_ptr(&lru_rotate_pvecs); + if (!pagevec_add(pvec, page)) + pagevec_move_tail(pvec); +- local_irq_restore(flags); ++ local_unlock_irqrestore(rotate_lock, flags); + } + } + +@@ -528,12 +532,13 @@ + void activate_page(struct page *page) + { + if (PageLRU(page) && !PageActive(page) && !PageUnevictable(page)) { +- struct pagevec *pvec = &get_cpu_var(activate_page_pvecs); ++ struct pagevec *pvec = &get_locked_var(swapvec_lock, ++ activate_page_pvecs); + + page_cache_get(page); + if (!pagevec_add(pvec, page)) + pagevec_lru_move_fn(pvec, __activate_page, NULL); +- put_cpu_var(activate_page_pvecs); ++ put_locked_var(swapvec_lock, activate_page_pvecs); + } + } + +@@ -559,7 +564,7 @@ + + static void __lru_cache_activate_page(struct page *page) + { +- struct pagevec *pvec = &get_cpu_var(lru_add_pvec); ++ struct pagevec *pvec = &get_locked_var(swapvec_lock, lru_add_pvec); + int i; + + /* +@@ -581,7 +586,7 @@ + } + } + +- put_cpu_var(lru_add_pvec); ++ put_locked_var(swapvec_lock, lru_add_pvec); + } + + /* +@@ -620,13 +625,13 @@ + + static void __lru_cache_add(struct page *page) + { +- struct pagevec *pvec = &get_cpu_var(lru_add_pvec); ++ struct pagevec *pvec = &get_locked_var(swapvec_lock, lru_add_pvec); + + page_cache_get(page); + if (!pagevec_space(pvec)) + __pagevec_lru_add(pvec); + pagevec_add(pvec, page); +- put_cpu_var(lru_add_pvec); ++ put_locked_var(swapvec_lock, lru_add_pvec); + } + + /** +@@ -806,9 +811,9 @@ + unsigned long flags; + + /* No harm done if a racing interrupt already did this */ +- local_irq_save(flags); ++ local_lock_irqsave(rotate_lock, flags); + pagevec_move_tail(pvec); +- local_irq_restore(flags); ++ local_unlock_irqrestore(rotate_lock, flags); + } + + pvec = &per_cpu(lru_deactivate_pvecs, cpu); +@@ -836,18 +841,19 @@ + return; + + if (likely(get_page_unless_zero(page))) { +- struct pagevec *pvec = &get_cpu_var(lru_deactivate_pvecs); ++ struct pagevec *pvec = &get_locked_var(swapvec_lock, ++ lru_deactivate_pvecs); + + if (!pagevec_add(pvec, page)) + pagevec_lru_move_fn(pvec, lru_deactivate_fn, NULL); +- put_cpu_var(lru_deactivate_pvecs); ++ put_locked_var(swapvec_lock, lru_deactivate_pvecs); + } + } + + void lru_add_drain(void) + { +- lru_add_drain_cpu(get_cpu()); +- put_cpu(); ++ lru_add_drain_cpu(local_lock_cpu(swapvec_lock)); ++ local_unlock_cpu(swapvec_lock); + } + + static void lru_add_drain_per_cpu(struct work_struct *dummy) +diff -Nur linux-3.18.9.orig/mm/truncate.c linux-3.18.9/mm/truncate.c +--- linux-3.18.9.orig/mm/truncate.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/truncate.c 2015-03-15 16:03:03.876094875 -0500 +@@ -56,8 +56,11 @@ + * protected by mapping->tree_lock. + */ + if (!workingset_node_shadows(node) && +- !list_empty(&node->private_list)) +- list_lru_del(&workingset_shadow_nodes, &node->private_list); ++ !list_empty(&node->private_list)) { ++ local_lock(workingset_shadow_lock); ++ list_lru_del(&__workingset_shadow_nodes, &node->private_list); ++ local_unlock(workingset_shadow_lock); ++ } + __radix_tree_delete_node(&mapping->page_tree, node); + unlock: + spin_unlock_irq(&mapping->tree_lock); +diff -Nur linux-3.18.9.orig/mm/vmalloc.c linux-3.18.9/mm/vmalloc.c +--- linux-3.18.9.orig/mm/vmalloc.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/vmalloc.c 2015-03-15 16:03:03.876094875 -0500 +@@ -798,7 +798,7 @@ + struct vmap_block *vb; + struct vmap_area *va; + unsigned long vb_idx; +- int node, err; ++ int node, err, cpu; + + node = numa_node_id(); + +@@ -836,11 +836,12 @@ + BUG_ON(err); + radix_tree_preload_end(); + +- vbq = &get_cpu_var(vmap_block_queue); ++ cpu = get_cpu_light(); ++ vbq = &__get_cpu_var(vmap_block_queue); + spin_lock(&vbq->lock); + list_add_rcu(&vb->free_list, &vbq->free); + spin_unlock(&vbq->lock); +- put_cpu_var(vmap_block_queue); ++ put_cpu_light(); + + return vb; + } +@@ -908,6 +909,7 @@ + struct vmap_block *vb; + unsigned long addr = 0; + unsigned int order; ++ int cpu = 0; + + BUG_ON(size & ~PAGE_MASK); + BUG_ON(size > PAGE_SIZE*VMAP_MAX_ALLOC); +@@ -923,7 +925,8 @@ + + again: + rcu_read_lock(); +- vbq = &get_cpu_var(vmap_block_queue); ++ cpu = get_cpu_light(); ++ vbq = &__get_cpu_var(vmap_block_queue); + list_for_each_entry_rcu(vb, &vbq->free, free_list) { + int i; + +@@ -947,7 +950,7 @@ + spin_unlock(&vb->lock); + } + +- put_cpu_var(vmap_block_queue); ++ put_cpu_light(); + rcu_read_unlock(); + + if (!addr) { +diff -Nur linux-3.18.9.orig/mm/vmstat.c linux-3.18.9/mm/vmstat.c +--- linux-3.18.9.orig/mm/vmstat.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/vmstat.c 2015-03-15 16:03:03.876094875 -0500 +@@ -221,6 +221,7 @@ + long x; + long t; + ++ preempt_disable_rt(); + x = delta + __this_cpu_read(*p); + + t = __this_cpu_read(pcp->stat_threshold); +@@ -230,6 +231,7 @@ + x = 0; + } + __this_cpu_write(*p, x); ++ preempt_enable_rt(); + } + EXPORT_SYMBOL(__mod_zone_page_state); + +@@ -262,6 +264,7 @@ + s8 __percpu *p = pcp->vm_stat_diff + item; + s8 v, t; + ++ preempt_disable_rt(); + v = __this_cpu_inc_return(*p); + t = __this_cpu_read(pcp->stat_threshold); + if (unlikely(v > t)) { +@@ -270,6 +273,7 @@ + zone_page_state_add(v + overstep, zone, item); + __this_cpu_write(*p, -overstep); + } ++ preempt_enable_rt(); + } + + void __inc_zone_page_state(struct page *page, enum zone_stat_item item) +@@ -284,6 +288,7 @@ + s8 __percpu *p = pcp->vm_stat_diff + item; + s8 v, t; + ++ preempt_disable_rt(); + v = __this_cpu_dec_return(*p); + t = __this_cpu_read(pcp->stat_threshold); + if (unlikely(v < - t)) { +@@ -292,6 +297,7 @@ + zone_page_state_add(v - overstep, zone, item); + __this_cpu_write(*p, overstep); + } ++ preempt_enable_rt(); + } + + void __dec_zone_page_state(struct page *page, enum zone_stat_item item) +diff -Nur linux-3.18.9.orig/mm/workingset.c linux-3.18.9/mm/workingset.c +--- linux-3.18.9.orig/mm/workingset.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/mm/workingset.c 2015-03-15 16:03:03.876094875 -0500 +@@ -264,7 +264,8 @@ + * point where they would still be useful. + */ + +-struct list_lru workingset_shadow_nodes; ++struct list_lru __workingset_shadow_nodes; ++DEFINE_LOCAL_IRQ_LOCK(workingset_shadow_lock); + + static unsigned long count_shadow_nodes(struct shrinker *shrinker, + struct shrink_control *sc) +@@ -274,9 +275,9 @@ + unsigned long pages; + + /* list_lru lock nests inside IRQ-safe mapping->tree_lock */ +- local_irq_disable(); +- shadow_nodes = list_lru_count_node(&workingset_shadow_nodes, sc->nid); +- local_irq_enable(); ++ local_lock_irq(workingset_shadow_lock); ++ shadow_nodes = list_lru_count_node(&__workingset_shadow_nodes, sc->nid); ++ local_unlock_irq(workingset_shadow_lock); + + pages = node_present_pages(sc->nid); + /* +@@ -362,9 +363,9 @@ + spin_unlock(&mapping->tree_lock); + ret = LRU_REMOVED_RETRY; + out: +- local_irq_enable(); ++ local_unlock_irq(workingset_shadow_lock); + cond_resched(); +- local_irq_disable(); ++ local_lock_irq(workingset_shadow_lock); + spin_lock(lru_lock); + return ret; + } +@@ -375,10 +376,10 @@ + unsigned long ret; + + /* list_lru lock nests inside IRQ-safe mapping->tree_lock */ +- local_irq_disable(); +- ret = list_lru_walk_node(&workingset_shadow_nodes, sc->nid, ++ local_lock_irq(workingset_shadow_lock); ++ ret = list_lru_walk_node(&__workingset_shadow_nodes, sc->nid, + shadow_lru_isolate, NULL, &sc->nr_to_scan); +- local_irq_enable(); ++ local_unlock_irq(workingset_shadow_lock); + return ret; + } + +@@ -399,7 +400,7 @@ + { + int ret; + +- ret = list_lru_init_key(&workingset_shadow_nodes, &shadow_nodes_key); ++ ret = list_lru_init_key(&__workingset_shadow_nodes, &shadow_nodes_key); + if (ret) + goto err; + ret = register_shrinker(&workingset_shadow_shrinker); +@@ -407,7 +408,7 @@ + goto err_list_lru; + return 0; + err_list_lru: +- list_lru_destroy(&workingset_shadow_nodes); ++ list_lru_destroy(&__workingset_shadow_nodes); + err: + return ret; + } +diff -Nur linux-3.18.9.orig/net/core/dev.c linux-3.18.9/net/core/dev.c +--- linux-3.18.9.orig/net/core/dev.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/net/core/dev.c 2015-03-15 16:03:03.880094875 -0500 +@@ -182,6 +182,7 @@ + static DEFINE_HASHTABLE(napi_hash, 8); + + static seqcount_t devnet_rename_seq; ++static DEFINE_MUTEX(devnet_rename_mutex); + + static inline void dev_base_seq_inc(struct net *net) + { +@@ -203,14 +204,14 @@ + static inline void rps_lock(struct softnet_data *sd) + { + #ifdef CONFIG_RPS +- spin_lock(&sd->input_pkt_queue.lock); ++ raw_spin_lock(&sd->input_pkt_queue.raw_lock); + #endif + } + + static inline void rps_unlock(struct softnet_data *sd) + { + #ifdef CONFIG_RPS +- spin_unlock(&sd->input_pkt_queue.lock); ++ raw_spin_unlock(&sd->input_pkt_queue.raw_lock); + #endif + } + +@@ -832,7 +833,8 @@ + strcpy(name, dev->name); + rcu_read_unlock(); + if (read_seqcount_retry(&devnet_rename_seq, seq)) { +- cond_resched(); ++ mutex_lock(&devnet_rename_mutex); ++ mutex_unlock(&devnet_rename_mutex); + goto retry; + } + +@@ -1101,20 +1103,17 @@ + if (dev->flags & IFF_UP) + return -EBUSY; + +- write_seqcount_begin(&devnet_rename_seq); ++ mutex_lock(&devnet_rename_mutex); ++ __raw_write_seqcount_begin(&devnet_rename_seq); + +- if (strncmp(newname, dev->name, IFNAMSIZ) == 0) { +- write_seqcount_end(&devnet_rename_seq); +- return 0; +- } ++ if (strncmp(newname, dev->name, IFNAMSIZ) == 0) ++ goto outunlock; + + memcpy(oldname, dev->name, IFNAMSIZ); + + err = dev_get_valid_name(net, dev, newname); +- if (err < 0) { +- write_seqcount_end(&devnet_rename_seq); +- return err; +- } ++ if (err < 0) ++ goto outunlock; + + if (oldname[0] && !strchr(oldname, '%')) + netdev_info(dev, "renamed from %s\n", oldname); +@@ -1127,11 +1126,12 @@ + if (ret) { + memcpy(dev->name, oldname, IFNAMSIZ); + dev->name_assign_type = old_assign_type; +- write_seqcount_end(&devnet_rename_seq); +- return ret; ++ err = ret; ++ goto outunlock; + } + +- write_seqcount_end(&devnet_rename_seq); ++ __raw_write_seqcount_end(&devnet_rename_seq); ++ mutex_unlock(&devnet_rename_mutex); + + netdev_adjacent_rename_links(dev, oldname); + +@@ -1152,7 +1152,8 @@ + /* err >= 0 after dev_alloc_name() or stores the first errno */ + if (err >= 0) { + err = ret; +- write_seqcount_begin(&devnet_rename_seq); ++ mutex_lock(&devnet_rename_mutex); ++ __raw_write_seqcount_begin(&devnet_rename_seq); + memcpy(dev->name, oldname, IFNAMSIZ); + memcpy(oldname, newname, IFNAMSIZ); + dev->name_assign_type = old_assign_type; +@@ -1165,6 +1166,11 @@ + } + + return err; ++ ++outunlock: ++ __raw_write_seqcount_end(&devnet_rename_seq); ++ mutex_unlock(&devnet_rename_mutex); ++ return err; + } + + /** +@@ -2160,6 +2166,7 @@ + sd->output_queue_tailp = &q->next_sched; + raise_softirq_irqoff(NET_TX_SOFTIRQ); + local_irq_restore(flags); ++ preempt_check_resched_rt(); + } + + void __netif_schedule(struct Qdisc *q) +@@ -2241,6 +2248,7 @@ + __this_cpu_write(softnet_data.completion_queue, skb); + raise_softirq_irqoff(NET_TX_SOFTIRQ); + local_irq_restore(flags); ++ preempt_check_resched_rt(); + } + EXPORT_SYMBOL(__dev_kfree_skb_irq); + +@@ -3336,6 +3344,7 @@ + rps_unlock(sd); + + local_irq_restore(flags); ++ preempt_check_resched_rt(); + + atomic_long_inc(&skb->dev->rx_dropped); + kfree_skb(skb); +@@ -3354,7 +3363,7 @@ + struct rps_dev_flow voidflow, *rflow = &voidflow; + int cpu; + +- preempt_disable(); ++ migrate_disable(); + rcu_read_lock(); + + cpu = get_rps_cpu(skb->dev, skb, &rflow); +@@ -3364,13 +3373,13 @@ + ret = enqueue_to_backlog(skb, cpu, &rflow->last_qtail); + + rcu_read_unlock(); +- preempt_enable(); ++ migrate_enable(); + } else + #endif + { + unsigned int qtail; +- ret = enqueue_to_backlog(skb, get_cpu(), &qtail); +- put_cpu(); ++ ret = enqueue_to_backlog(skb, get_cpu_light(), &qtail); ++ put_cpu_light(); + } + return ret; + } +@@ -3404,16 +3413,44 @@ + + trace_netif_rx_ni_entry(skb); + +- preempt_disable(); ++ local_bh_disable(); + err = netif_rx_internal(skb); +- if (local_softirq_pending()) +- do_softirq(); +- preempt_enable(); ++ local_bh_enable(); + + return err; + } + EXPORT_SYMBOL(netif_rx_ni); + ++#ifdef CONFIG_PREEMPT_RT_FULL ++/* ++ * RT runs ksoftirqd as a real time thread and the root_lock is a ++ * "sleeping spinlock". If the trylock fails then we can go into an ++ * infinite loop when ksoftirqd preempted the task which actually ++ * holds the lock, because we requeue q and raise NET_TX softirq ++ * causing ksoftirqd to loop forever. ++ * ++ * It's safe to use spin_lock on RT here as softirqs run in thread ++ * context and cannot deadlock against the thread which is holding ++ * root_lock. ++ * ++ * On !RT the trylock might fail, but there we bail out from the ++ * softirq loop after 10 attempts which we can't do on RT. And the ++ * task holding root_lock cannot be preempted, so the only downside of ++ * that trylock is that we need 10 loops to decide that we should have ++ * given up in the first one :) ++ */ ++static inline int take_root_lock(spinlock_t *lock) ++{ ++ spin_lock(lock); ++ return 1; ++} ++#else ++static inline int take_root_lock(spinlock_t *lock) ++{ ++ return spin_trylock(lock); ++} ++#endif ++ + static void net_tx_action(struct softirq_action *h) + { + struct softnet_data *sd = this_cpu_ptr(&softnet_data); +@@ -3455,7 +3492,7 @@ + head = head->next_sched; + + root_lock = qdisc_lock(q); +- if (spin_trylock(root_lock)) { ++ if (take_root_lock(root_lock)) { + smp_mb__before_atomic(); + clear_bit(__QDISC_STATE_SCHED, + &q->state); +@@ -3848,7 +3885,7 @@ + skb_queue_walk_safe(&sd->input_pkt_queue, skb, tmp) { + if (skb->dev == dev) { + __skb_unlink(skb, &sd->input_pkt_queue); +- kfree_skb(skb); ++ __skb_queue_tail(&sd->tofree_queue, skb); + input_queue_head_incr(sd); + } + } +@@ -3857,10 +3894,13 @@ + skb_queue_walk_safe(&sd->process_queue, skb, tmp) { + if (skb->dev == dev) { + __skb_unlink(skb, &sd->process_queue); +- kfree_skb(skb); ++ __skb_queue_tail(&sd->tofree_queue, skb); + input_queue_head_incr(sd); + } + } ++ ++ if (!skb_queue_empty(&sd->tofree_queue)) ++ raise_softirq_irqoff(NET_RX_SOFTIRQ); + } + + static int napi_gro_complete(struct sk_buff *skb) +@@ -4323,6 +4363,7 @@ + } else + #endif + local_irq_enable(); ++ preempt_check_resched_rt(); + } + + static int process_backlog(struct napi_struct *napi, int quota) +@@ -4394,6 +4435,7 @@ + local_irq_save(flags); + ____napi_schedule(this_cpu_ptr(&softnet_data), n); + local_irq_restore(flags); ++ preempt_check_resched_rt(); + } + EXPORT_SYMBOL(__napi_schedule); + +@@ -4516,10 +4558,17 @@ + struct softnet_data *sd = this_cpu_ptr(&softnet_data); + unsigned long time_limit = jiffies + 2; + int budget = netdev_budget; ++ struct sk_buff *skb; + void *have; + + local_irq_disable(); + ++ while ((skb = __skb_dequeue(&sd->tofree_queue))) { ++ local_irq_enable(); ++ kfree_skb(skb); ++ local_irq_disable(); ++ } ++ + while (!list_empty(&sd->poll_list)) { + struct napi_struct *n; + int work, weight; +@@ -7008,6 +7057,7 @@ + + raise_softirq_irqoff(NET_TX_SOFTIRQ); + local_irq_enable(); ++ preempt_check_resched_rt(); + + /* Process offline CPU's input_pkt_queue */ + while ((skb = __skb_dequeue(&oldsd->process_queue))) { +@@ -7018,6 +7068,9 @@ + netif_rx_internal(skb); + input_queue_head_incr(oldsd); + } ++ while ((skb = __skb_dequeue(&oldsd->tofree_queue))) { ++ kfree_skb(skb); ++ } + + return NOTIFY_OK; + } +@@ -7319,8 +7372,9 @@ + for_each_possible_cpu(i) { + struct softnet_data *sd = &per_cpu(softnet_data, i); + +- skb_queue_head_init(&sd->input_pkt_queue); +- skb_queue_head_init(&sd->process_queue); ++ skb_queue_head_init_raw(&sd->input_pkt_queue); ++ skb_queue_head_init_raw(&sd->process_queue); ++ skb_queue_head_init_raw(&sd->tofree_queue); + INIT_LIST_HEAD(&sd->poll_list); + sd->output_queue_tailp = &sd->output_queue; + #ifdef CONFIG_RPS +diff -Nur linux-3.18.9.orig/net/core/skbuff.c linux-3.18.9/net/core/skbuff.c +--- linux-3.18.9.orig/net/core/skbuff.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/net/core/skbuff.c 2015-03-15 16:03:03.880094875 -0500 +@@ -63,6 +63,7 @@ + #include <linux/errqueue.h> + #include <linux/prefetch.h> + #include <linux/if_vlan.h> ++#include <linux/locallock.h> + + #include <net/protocol.h> + #include <net/dst.h> +@@ -336,6 +337,7 @@ + unsigned int pagecnt_bias; + }; + static DEFINE_PER_CPU(struct netdev_alloc_cache, netdev_alloc_cache); ++static DEFINE_LOCAL_IRQ_LOCK(netdev_alloc_lock); + + static void *__netdev_alloc_frag(unsigned int fragsz, gfp_t gfp_mask) + { +@@ -344,7 +346,7 @@ + int order; + unsigned long flags; + +- local_irq_save(flags); ++ local_lock_irqsave(netdev_alloc_lock, flags); + nc = this_cpu_ptr(&netdev_alloc_cache); + if (unlikely(!nc->frag.page)) { + refill: +@@ -389,7 +391,7 @@ + nc->frag.offset += fragsz; + nc->pagecnt_bias--; + end: +- local_irq_restore(flags); ++ local_unlock_irqrestore(netdev_alloc_lock, flags); + return data; + } + +diff -Nur linux-3.18.9.orig/net/core/sock.c linux-3.18.9/net/core/sock.c +--- linux-3.18.9.orig/net/core/sock.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/net/core/sock.c 2015-03-15 16:03:03.880094875 -0500 +@@ -2326,12 +2326,11 @@ + if (sk->sk_lock.owned) + __lock_sock(sk); + sk->sk_lock.owned = 1; +- spin_unlock(&sk->sk_lock.slock); ++ spin_unlock_bh(&sk->sk_lock.slock); + /* + * The sk_lock has mutex_lock() semantics here: + */ + mutex_acquire(&sk->sk_lock.dep_map, subclass, 0, _RET_IP_); +- local_bh_enable(); + } + EXPORT_SYMBOL(lock_sock_nested); + +diff -Nur linux-3.18.9.orig/net/ipv4/icmp.c linux-3.18.9/net/ipv4/icmp.c +--- linux-3.18.9.orig/net/ipv4/icmp.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/net/ipv4/icmp.c 2015-03-15 16:03:03.880094875 -0500 +@@ -69,6 +69,7 @@ + #include <linux/jiffies.h> + #include <linux/kernel.h> + #include <linux/fcntl.h> ++#include <linux/sysrq.h> + #include <linux/socket.h> + #include <linux/in.h> + #include <linux/inet.h> +@@ -864,6 +865,30 @@ + } + + /* ++ * 32bit and 64bit have different timestamp length, so we check for ++ * the cookie at offset 20 and verify it is repeated at offset 50 ++ */ ++#define CO_POS0 20 ++#define CO_POS1 50 ++#define CO_SIZE sizeof(int) ++#define ICMP_SYSRQ_SIZE 57 ++ ++/* ++ * We got a ICMP_SYSRQ_SIZE sized ping request. Check for the cookie ++ * pattern and if it matches send the next byte as a trigger to sysrq. ++ */ ++static void icmp_check_sysrq(struct net *net, struct sk_buff *skb) ++{ ++ int cookie = htonl(net->ipv4.sysctl_icmp_echo_sysrq); ++ char *p = skb->data; ++ ++ if (!memcmp(&cookie, p + CO_POS0, CO_SIZE) && ++ !memcmp(&cookie, p + CO_POS1, CO_SIZE) && ++ p[CO_POS0 + CO_SIZE] == p[CO_POS1 + CO_SIZE]) ++ handle_sysrq(p[CO_POS0 + CO_SIZE]); ++} ++ ++/* + * Handle ICMP_ECHO ("ping") requests. + * + * RFC 1122: 3.2.2.6 MUST have an echo server that answers ICMP echo +@@ -890,6 +915,11 @@ + icmp_param.data_len = skb->len; + icmp_param.head_len = sizeof(struct icmphdr); + icmp_reply(&icmp_param, skb); ++ ++ if (skb->len == ICMP_SYSRQ_SIZE && ++ net->ipv4.sysctl_icmp_echo_sysrq) { ++ icmp_check_sysrq(net, skb); ++ } + } + } + +diff -Nur linux-3.18.9.orig/net/ipv4/ip_output.c linux-3.18.9/net/ipv4/ip_output.c +--- linux-3.18.9.orig/net/ipv4/ip_output.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/net/ipv4/ip_output.c 2015-03-15 16:03:03.880094875 -0500 +@@ -79,6 +79,7 @@ + #include <linux/mroute.h> + #include <linux/netlink.h> + #include <linux/tcp.h> ++#include <linux/locallock.h> + + int sysctl_ip_default_ttl __read_mostly = IPDEFTTL; + EXPORT_SYMBOL(sysctl_ip_default_ttl); +@@ -1507,6 +1508,7 @@ + * Generic function to send a packet as reply to another packet. + * Used to send some TCP resets/acks so far. + */ ++ + void ip_send_unicast_reply(struct sock *sk, struct sk_buff *skb, + const struct ip_options *sopt, + __be32 daddr, __be32 saddr, +diff -Nur linux-3.18.9.orig/net/ipv4/sysctl_net_ipv4.c linux-3.18.9/net/ipv4/sysctl_net_ipv4.c +--- linux-3.18.9.orig/net/ipv4/sysctl_net_ipv4.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/net/ipv4/sysctl_net_ipv4.c 2015-03-15 16:03:03.880094875 -0500 +@@ -779,6 +779,13 @@ + .proc_handler = proc_dointvec + }, + { ++ .procname = "icmp_echo_sysrq", ++ .data = &init_net.ipv4.sysctl_icmp_echo_sysrq, ++ .maxlen = sizeof(int), ++ .mode = 0644, ++ .proc_handler = proc_dointvec ++ }, ++ { + .procname = "icmp_ignore_bogus_error_responses", + .data = &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses, + .maxlen = sizeof(int), +diff -Nur linux-3.18.9.orig/net/mac80211/rx.c linux-3.18.9/net/mac80211/rx.c +--- linux-3.18.9.orig/net/mac80211/rx.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/net/mac80211/rx.c 2015-03-15 16:03:03.884094875 -0500 +@@ -3356,7 +3356,7 @@ + struct ieee80211_supported_band *sband; + struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb); + +- WARN_ON_ONCE(softirq_count() == 0); ++ WARN_ON_ONCE_NONRT(softirq_count() == 0); + + if (WARN_ON(status->band >= IEEE80211_NUM_BANDS)) + goto drop; +diff -Nur linux-3.18.9.orig/net/netfilter/core.c linux-3.18.9/net/netfilter/core.c +--- linux-3.18.9.orig/net/netfilter/core.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/net/netfilter/core.c 2015-03-15 16:03:03.884094875 -0500 +@@ -21,11 +21,17 @@ + #include <linux/proc_fs.h> + #include <linux/mutex.h> + #include <linux/slab.h> ++#include <linux/locallock.h> + #include <net/net_namespace.h> + #include <net/sock.h> + + #include "nf_internals.h" + ++#ifdef CONFIG_PREEMPT_RT_BASE ++DEFINE_LOCAL_IRQ_LOCK(xt_write_lock); ++EXPORT_PER_CPU_SYMBOL(xt_write_lock); ++#endif ++ + static DEFINE_MUTEX(afinfo_mutex); + + const struct nf_afinfo __rcu *nf_afinfo[NFPROTO_NUMPROTO] __read_mostly; +diff -Nur linux-3.18.9.orig/net/packet/af_packet.c linux-3.18.9/net/packet/af_packet.c +--- linux-3.18.9.orig/net/packet/af_packet.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/net/packet/af_packet.c 2015-03-15 16:03:03.884094875 -0500 +@@ -63,6 +63,7 @@ + #include <linux/if_packet.h> + #include <linux/wireless.h> + #include <linux/kernel.h> ++#include <linux/delay.h> + #include <linux/kmod.h> + #include <linux/slab.h> + #include <linux/vmalloc.h> +@@ -692,7 +693,7 @@ + if (BLOCK_NUM_PKTS(pbd)) { + while (atomic_read(&pkc->blk_fill_in_prog)) { + /* Waiting for skb_copy_bits to finish... */ +- cpu_relax(); ++ cpu_chill(); + } + } + +@@ -943,7 +944,7 @@ + if (!(status & TP_STATUS_BLK_TMO)) { + while (atomic_read(&pkc->blk_fill_in_prog)) { + /* Waiting for skb_copy_bits to finish... */ +- cpu_relax(); ++ cpu_chill(); + } + } + prb_close_block(pkc, pbd, po, status); +diff -Nur linux-3.18.9.orig/net/rds/ib_rdma.c linux-3.18.9/net/rds/ib_rdma.c +--- linux-3.18.9.orig/net/rds/ib_rdma.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/net/rds/ib_rdma.c 2015-03-15 16:03:03.884094875 -0500 +@@ -34,6 +34,7 @@ + #include <linux/slab.h> + #include <linux/rculist.h> + #include <linux/llist.h> ++#include <linux/delay.h> + + #include "rds.h" + #include "ib.h" +@@ -286,7 +287,7 @@ + for_each_online_cpu(cpu) { + flag = &per_cpu(clean_list_grace, cpu); + while (test_bit(CLEAN_LIST_BUSY_BIT, flag)) +- cpu_relax(); ++ cpu_chill(); + } + } + +diff -Nur linux-3.18.9.orig/net/sched/sch_generic.c linux-3.18.9/net/sched/sch_generic.c +--- linux-3.18.9.orig/net/sched/sch_generic.c 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/net/sched/sch_generic.c 2015-03-15 16:03:03.884094875 -0500 +@@ -894,7 +894,7 @@ + /* Wait for outstanding qdisc_run calls. */ + list_for_each_entry(dev, head, close_list) + while (some_qdisc_is_busy(dev)) +- yield(); ++ msleep(1); + } + + void dev_deactivate(struct net_device *dev) +diff -Nur linux-3.18.9.orig/scripts/mkcompile_h linux-3.18.9/scripts/mkcompile_h +--- linux-3.18.9.orig/scripts/mkcompile_h 2015-03-06 16:53:42.000000000 -0600 ++++ linux-3.18.9/scripts/mkcompile_h 2015-03-15 16:03:03.884094875 -0500 +@@ -4,7 +4,8 @@ + ARCH=$2 + SMP=$3 + PREEMPT=$4 +-CC=$5 ++RT=$5 ++CC=$6 + + vecho() { [ "${quiet}" = "silent_" ] || echo "$@" ; } + +@@ -57,6 +58,7 @@ + CONFIG_FLAGS="" + if [ -n "$SMP" ] ; then CONFIG_FLAGS="SMP"; fi + if [ -n "$PREEMPT" ] ; then CONFIG_FLAGS="$CONFIG_FLAGS PREEMPT"; fi ++if [ -n "$RT" ] ; then CONFIG_FLAGS="$CONFIG_FLAGS RT"; fi + UTS_VERSION="$UTS_VERSION $CONFIG_FLAGS $TIMESTAMP" + + # Truncate to maximum length |