summaryrefslogtreecommitdiff
path: root/target/linux/patches/3.18.9/realtime.patch
diff options
context:
space:
mode:
Diffstat (limited to 'target/linux/patches/3.18.9/realtime.patch')
-rw-r--r--target/linux/patches/3.18.9/realtime.patch38720
1 files changed, 38720 insertions, 0 deletions
diff --git a/target/linux/patches/3.18.9/realtime.patch b/target/linux/patches/3.18.9/realtime.patch
new file mode 100644
index 000000000..3d8984076
--- /dev/null
+++ b/target/linux/patches/3.18.9/realtime.patch
@@ -0,0 +1,38720 @@
+diff -Nur linux-3.18.9.orig/arch/alpha/mm/fault.c linux-3.18.9/arch/alpha/mm/fault.c
+--- linux-3.18.9.orig/arch/alpha/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/alpha/mm/fault.c 2015-03-15 16:03:03.672094877 -0500
+@@ -107,7 +107,7 @@
+
+ /* If we're in an interrupt context, or have no user context,
+ we must not take the fault. */
+- if (!mm || in_atomic())
++ if (!mm || pagefault_disabled())
+ goto no_context;
+
+ #ifdef CONFIG_ALPHA_LARGE_VMALLOC
+diff -Nur linux-3.18.9.orig/arch/arm/include/asm/cmpxchg.h linux-3.18.9/arch/arm/include/asm/cmpxchg.h
+--- linux-3.18.9.orig/arch/arm/include/asm/cmpxchg.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/include/asm/cmpxchg.h 2015-03-15 16:03:03.672094877 -0500
+@@ -129,6 +129,8 @@
+
+ #else /* min ARCH >= ARMv6 */
+
++#define __HAVE_ARCH_CMPXCHG 1
++
+ extern void __bad_cmpxchg(volatile void *ptr, int size);
+
+ /*
+diff -Nur linux-3.18.9.orig/arch/arm/include/asm/futex.h linux-3.18.9/arch/arm/include/asm/futex.h
+--- linux-3.18.9.orig/arch/arm/include/asm/futex.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/include/asm/futex.h 2015-03-15 16:03:03.672094877 -0500
+@@ -93,6 +93,8 @@
+ if (!access_ok(VERIFY_WRITE, uaddr, sizeof(u32)))
+ return -EFAULT;
+
++ preempt_disable_rt();
++
+ __asm__ __volatile__("@futex_atomic_cmpxchg_inatomic\n"
+ "1: " TUSER(ldr) " %1, [%4]\n"
+ " teq %1, %2\n"
+@@ -104,6 +106,8 @@
+ : "cc", "memory");
+
+ *uval = val;
++
++ preempt_enable_rt();
+ return ret;
+ }
+
+diff -Nur linux-3.18.9.orig/arch/arm/include/asm/switch_to.h linux-3.18.9/arch/arm/include/asm/switch_to.h
+--- linux-3.18.9.orig/arch/arm/include/asm/switch_to.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/include/asm/switch_to.h 2015-03-15 16:03:03.672094877 -0500
+@@ -3,6 +3,13 @@
+
+ #include <linux/thread_info.h>
+
++#if defined CONFIG_PREEMPT_RT_FULL && defined CONFIG_HIGHMEM
++void switch_kmaps(struct task_struct *prev_p, struct task_struct *next_p);
++#else
++static inline void
++switch_kmaps(struct task_struct *prev_p, struct task_struct *next_p) { }
++#endif
++
+ /*
+ * For v7 SMP cores running a preemptible kernel we may be pre-empted
+ * during a TLB maintenance operation, so execute an inner-shareable dsb
+@@ -22,6 +29,7 @@
+
+ #define switch_to(prev,next,last) \
+ do { \
++ switch_kmaps(prev, next); \
+ last = __switch_to(prev,task_thread_info(prev), task_thread_info(next)); \
+ } while (0)
+
+diff -Nur linux-3.18.9.orig/arch/arm/include/asm/thread_info.h linux-3.18.9/arch/arm/include/asm/thread_info.h
+--- linux-3.18.9.orig/arch/arm/include/asm/thread_info.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/include/asm/thread_info.h 2015-03-15 16:03:03.672094877 -0500
+@@ -51,6 +51,7 @@
+ struct thread_info {
+ unsigned long flags; /* low level flags */
+ int preempt_count; /* 0 => preemptable, <0 => bug */
++ int preempt_lazy_count; /* 0 => preemptable, <0 => bug */
+ mm_segment_t addr_limit; /* address limit */
+ struct task_struct *task; /* main task structure */
+ struct exec_domain *exec_domain; /* execution domain */
+@@ -149,6 +150,7 @@
+ #define TIF_SIGPENDING 0
+ #define TIF_NEED_RESCHED 1
+ #define TIF_NOTIFY_RESUME 2 /* callback before returning to user */
++#define TIF_NEED_RESCHED_LAZY 3
+ #define TIF_UPROBE 7
+ #define TIF_SYSCALL_TRACE 8
+ #define TIF_SYSCALL_AUDIT 9
+@@ -162,6 +164,7 @@
+ #define _TIF_SIGPENDING (1 << TIF_SIGPENDING)
+ #define _TIF_NEED_RESCHED (1 << TIF_NEED_RESCHED)
+ #define _TIF_NOTIFY_RESUME (1 << TIF_NOTIFY_RESUME)
++#define _TIF_NEED_RESCHED_LAZY (1 << TIF_NEED_RESCHED_LAZY)
+ #define _TIF_UPROBE (1 << TIF_UPROBE)
+ #define _TIF_SYSCALL_TRACE (1 << TIF_SYSCALL_TRACE)
+ #define _TIF_SYSCALL_AUDIT (1 << TIF_SYSCALL_AUDIT)
+diff -Nur linux-3.18.9.orig/arch/arm/Kconfig linux-3.18.9/arch/arm/Kconfig
+--- linux-3.18.9.orig/arch/arm/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/Kconfig 2015-03-15 16:03:03.672094877 -0500
+@@ -62,6 +62,7 @@
+ select HAVE_PERF_EVENTS
+ select HAVE_PERF_REGS
+ select HAVE_PERF_USER_STACK_DUMP
++ select HAVE_PREEMPT_LAZY
+ select HAVE_RCU_TABLE_FREE if (SMP && ARM_LPAE)
+ select HAVE_REGS_AND_STACK_ACCESS_API
+ select HAVE_SYSCALL_TRACEPOINTS
+diff -Nur linux-3.18.9.orig/arch/arm/kernel/asm-offsets.c linux-3.18.9/arch/arm/kernel/asm-offsets.c
+--- linux-3.18.9.orig/arch/arm/kernel/asm-offsets.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/kernel/asm-offsets.c 2015-03-15 16:03:03.672094877 -0500
+@@ -64,6 +64,7 @@
+ BLANK();
+ DEFINE(TI_FLAGS, offsetof(struct thread_info, flags));
+ DEFINE(TI_PREEMPT, offsetof(struct thread_info, preempt_count));
++ DEFINE(TI_PREEMPT_LAZY, offsetof(struct thread_info, preempt_lazy_count));
+ DEFINE(TI_ADDR_LIMIT, offsetof(struct thread_info, addr_limit));
+ DEFINE(TI_TASK, offsetof(struct thread_info, task));
+ DEFINE(TI_EXEC_DOMAIN, offsetof(struct thread_info, exec_domain));
+diff -Nur linux-3.18.9.orig/arch/arm/kernel/entry-armv.S linux-3.18.9/arch/arm/kernel/entry-armv.S
+--- linux-3.18.9.orig/arch/arm/kernel/entry-armv.S 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/kernel/entry-armv.S 2015-03-15 16:03:03.672094877 -0500
+@@ -207,11 +207,18 @@
+ #ifdef CONFIG_PREEMPT
+ get_thread_info tsk
+ ldr r8, [tsk, #TI_PREEMPT] @ get preempt count
+- ldr r0, [tsk, #TI_FLAGS] @ get flags
+ teq r8, #0 @ if preempt count != 0
++ bne 1f @ return from exeption
++ ldr r0, [tsk, #TI_FLAGS] @ get flags
++ tst r0, #_TIF_NEED_RESCHED @ if NEED_RESCHED is set
++ blne svc_preempt @ preempt!
++
++ ldr r8, [tsk, #TI_PREEMPT_LAZY] @ get preempt lazy count
++ teq r8, #0 @ if preempt lazy count != 0
+ movne r0, #0 @ force flags to 0
+- tst r0, #_TIF_NEED_RESCHED
++ tst r0, #_TIF_NEED_RESCHED_LAZY
+ blne svc_preempt
++1:
+ #endif
+
+ svc_exit r5, irq = 1 @ return from exception
+@@ -226,6 +233,8 @@
+ 1: bl preempt_schedule_irq @ irq en/disable is done inside
+ ldr r0, [tsk, #TI_FLAGS] @ get new tasks TI_FLAGS
+ tst r0, #_TIF_NEED_RESCHED
++ bne 1b
++ tst r0, #_TIF_NEED_RESCHED_LAZY
+ reteq r8 @ go again
+ b 1b
+ #endif
+diff -Nur linux-3.18.9.orig/arch/arm/kernel/process.c linux-3.18.9/arch/arm/kernel/process.c
+--- linux-3.18.9.orig/arch/arm/kernel/process.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/kernel/process.c 2015-03-15 16:03:03.672094877 -0500
+@@ -431,6 +431,30 @@
+ }
+
+ #ifdef CONFIG_MMU
++/*
++ * CONFIG_SPLIT_PTLOCK_CPUS results in a page->ptl lock. If the lock is not
++ * initialized by pgtable_page_ctor() then a coredump of the vector page will
++ * fail.
++ */
++static int __init vectors_user_mapping_init_page(void)
++{
++ struct page *page;
++ unsigned long addr = 0xffff0000;
++ pgd_t *pgd;
++ pud_t *pud;
++ pmd_t *pmd;
++
++ pgd = pgd_offset_k(addr);
++ pud = pud_offset(pgd, addr);
++ pmd = pmd_offset(pud, addr);
++ page = pmd_page(*(pmd));
++
++ pgtable_page_ctor(page);
++
++ return 0;
++}
++late_initcall(vectors_user_mapping_init_page);
++
+ #ifdef CONFIG_KUSER_HELPERS
+ /*
+ * The vectors page is always readable from user space for the
+diff -Nur linux-3.18.9.orig/arch/arm/kernel/signal.c linux-3.18.9/arch/arm/kernel/signal.c
+--- linux-3.18.9.orig/arch/arm/kernel/signal.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/kernel/signal.c 2015-03-15 16:03:03.672094877 -0500
+@@ -574,7 +574,8 @@
+ do_work_pending(struct pt_regs *regs, unsigned int thread_flags, int syscall)
+ {
+ do {
+- if (likely(thread_flags & _TIF_NEED_RESCHED)) {
++ if (likely(thread_flags & (_TIF_NEED_RESCHED |
++ _TIF_NEED_RESCHED_LAZY))) {
+ schedule();
+ } else {
+ if (unlikely(!user_mode(regs)))
+diff -Nur linux-3.18.9.orig/arch/arm/kernel/smp.c linux-3.18.9/arch/arm/kernel/smp.c
+--- linux-3.18.9.orig/arch/arm/kernel/smp.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/kernel/smp.c 2015-03-15 16:03:03.672094877 -0500
+@@ -506,12 +506,14 @@
+ }
+
+ #ifdef CONFIG_IRQ_WORK
++#ifndef CONFIG_PREEMPT_RT_FULL
+ void arch_irq_work_raise(void)
+ {
+ if (arch_irq_work_has_interrupt())
+ smp_cross_call(cpumask_of(smp_processor_id()), IPI_IRQ_WORK);
+ }
+ #endif
++#endif
+
+ #ifdef CONFIG_GENERIC_CLOCKEVENTS_BROADCAST
+ void tick_broadcast(const struct cpumask *mask)
+diff -Nur linux-3.18.9.orig/arch/arm/kernel/unwind.c linux-3.18.9/arch/arm/kernel/unwind.c
+--- linux-3.18.9.orig/arch/arm/kernel/unwind.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/kernel/unwind.c 2015-03-15 16:03:03.672094877 -0500
+@@ -93,7 +93,7 @@
+ static const struct unwind_idx *__origin_unwind_idx;
+ extern const struct unwind_idx __stop_unwind_idx[];
+
+-static DEFINE_SPINLOCK(unwind_lock);
++static DEFINE_RAW_SPINLOCK(unwind_lock);
+ static LIST_HEAD(unwind_tables);
+
+ /* Convert a prel31 symbol to an absolute address */
+@@ -201,7 +201,7 @@
+ /* module unwind tables */
+ struct unwind_table *table;
+
+- spin_lock_irqsave(&unwind_lock, flags);
++ raw_spin_lock_irqsave(&unwind_lock, flags);
+ list_for_each_entry(table, &unwind_tables, list) {
+ if (addr >= table->begin_addr &&
+ addr < table->end_addr) {
+@@ -213,7 +213,7 @@
+ break;
+ }
+ }
+- spin_unlock_irqrestore(&unwind_lock, flags);
++ raw_spin_unlock_irqrestore(&unwind_lock, flags);
+ }
+
+ pr_debug("%s: idx = %p\n", __func__, idx);
+@@ -530,9 +530,9 @@
+ tab->begin_addr = text_addr;
+ tab->end_addr = text_addr + text_size;
+
+- spin_lock_irqsave(&unwind_lock, flags);
++ raw_spin_lock_irqsave(&unwind_lock, flags);
+ list_add_tail(&tab->list, &unwind_tables);
+- spin_unlock_irqrestore(&unwind_lock, flags);
++ raw_spin_unlock_irqrestore(&unwind_lock, flags);
+
+ return tab;
+ }
+@@ -544,9 +544,9 @@
+ if (!tab)
+ return;
+
+- spin_lock_irqsave(&unwind_lock, flags);
++ raw_spin_lock_irqsave(&unwind_lock, flags);
+ list_del(&tab->list);
+- spin_unlock_irqrestore(&unwind_lock, flags);
++ raw_spin_unlock_irqrestore(&unwind_lock, flags);
+
+ kfree(tab);
+ }
+diff -Nur linux-3.18.9.orig/arch/arm/mach-at91/at91rm9200_time.c linux-3.18.9/arch/arm/mach-at91/at91rm9200_time.c
+--- linux-3.18.9.orig/arch/arm/mach-at91/at91rm9200_time.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/mach-at91/at91rm9200_time.c 2015-03-15 16:03:03.672094877 -0500
+@@ -135,6 +135,7 @@
+ break;
+ case CLOCK_EVT_MODE_SHUTDOWN:
+ case CLOCK_EVT_MODE_UNUSED:
++ remove_irq(NR_IRQS_LEGACY + AT91_ID_SYS, &at91rm9200_timer_irq);
+ case CLOCK_EVT_MODE_RESUME:
+ irqmask = 0;
+ break;
+diff -Nur linux-3.18.9.orig/arch/arm/mach-exynos/platsmp.c linux-3.18.9/arch/arm/mach-exynos/platsmp.c
+--- linux-3.18.9.orig/arch/arm/mach-exynos/platsmp.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/mach-exynos/platsmp.c 2015-03-15 16:03:03.672094877 -0500
+@@ -137,7 +137,7 @@
+ return (void __iomem *)(S5P_VA_SCU);
+ }
+
+-static DEFINE_SPINLOCK(boot_lock);
++static DEFINE_RAW_SPINLOCK(boot_lock);
+
+ static void exynos_secondary_init(unsigned int cpu)
+ {
+@@ -150,8 +150,8 @@
+ /*
+ * Synchronise with the boot thread.
+ */
+- spin_lock(&boot_lock);
+- spin_unlock(&boot_lock);
++ raw_spin_lock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+ }
+
+ static int exynos_boot_secondary(unsigned int cpu, struct task_struct *idle)
+@@ -165,7 +165,7 @@
+ * Set synchronisation state between this boot processor
+ * and the secondary one
+ */
+- spin_lock(&boot_lock);
++ raw_spin_lock(&boot_lock);
+
+ /*
+ * The secondary processor is waiting to be released from
+@@ -192,7 +192,7 @@
+
+ if (timeout == 0) {
+ printk(KERN_ERR "cpu1 power enable failed");
+- spin_unlock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+ return -ETIMEDOUT;
+ }
+ }
+@@ -242,7 +242,7 @@
+ * calibrations, then wait for it to finish
+ */
+ fail:
+- spin_unlock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+
+ return pen_release != -1 ? ret : 0;
+ }
+diff -Nur linux-3.18.9.orig/arch/arm/mach-hisi/platmcpm.c linux-3.18.9/arch/arm/mach-hisi/platmcpm.c
+--- linux-3.18.9.orig/arch/arm/mach-hisi/platmcpm.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/mach-hisi/platmcpm.c 2015-03-15 16:03:03.672094877 -0500
+@@ -57,7 +57,7 @@
+
+ static void __iomem *sysctrl, *fabric;
+ static int hip04_cpu_table[HIP04_MAX_CLUSTERS][HIP04_MAX_CPUS_PER_CLUSTER];
+-static DEFINE_SPINLOCK(boot_lock);
++static DEFINE_RAW_SPINLOCK(boot_lock);
+ static u32 fabric_phys_addr;
+ /*
+ * [0]: bootwrapper physical address
+@@ -104,7 +104,7 @@
+ if (cluster >= HIP04_MAX_CLUSTERS || cpu >= HIP04_MAX_CPUS_PER_CLUSTER)
+ return -EINVAL;
+
+- spin_lock_irq(&boot_lock);
++ raw_spin_lock_irq(&boot_lock);
+
+ if (hip04_cpu_table[cluster][cpu])
+ goto out;
+@@ -133,7 +133,7 @@
+ udelay(20);
+ out:
+ hip04_cpu_table[cluster][cpu]++;
+- spin_unlock_irq(&boot_lock);
++ raw_spin_unlock_irq(&boot_lock);
+
+ return 0;
+ }
+@@ -149,7 +149,7 @@
+
+ __mcpm_cpu_going_down(cpu, cluster);
+
+- spin_lock(&boot_lock);
++ raw_spin_lock(&boot_lock);
+ BUG_ON(__mcpm_cluster_state(cluster) != CLUSTER_UP);
+ hip04_cpu_table[cluster][cpu]--;
+ if (hip04_cpu_table[cluster][cpu] == 1) {
+@@ -162,7 +162,7 @@
+
+ last_man = hip04_cluster_is_down(cluster);
+ if (last_man && __mcpm_outbound_enter_critical(cpu, cluster)) {
+- spin_unlock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+ /* Since it's Cortex A15, disable L2 prefetching. */
+ asm volatile(
+ "mcr p15, 1, %0, c15, c0, 3 \n\t"
+@@ -173,7 +173,7 @@
+ hip04_set_snoop_filter(cluster, 0);
+ __mcpm_outbound_leave_critical(cluster, CLUSTER_DOWN);
+ } else {
+- spin_unlock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+ v7_exit_coherency_flush(louis);
+ }
+
+@@ -192,7 +192,7 @@
+ cpu >= HIP04_MAX_CPUS_PER_CLUSTER);
+
+ count = TIMEOUT_MSEC / POLL_MSEC;
+- spin_lock_irq(&boot_lock);
++ raw_spin_lock_irq(&boot_lock);
+ for (tries = 0; tries < count; tries++) {
+ if (hip04_cpu_table[cluster][cpu]) {
+ ret = -EBUSY;
+@@ -202,10 +202,10 @@
+ data = readl_relaxed(sysctrl + SC_CPU_RESET_STATUS(cluster));
+ if (data & CORE_WFI_STATUS(cpu))
+ break;
+- spin_unlock_irq(&boot_lock);
++ raw_spin_unlock_irq(&boot_lock);
+ /* Wait for clean L2 when the whole cluster is down. */
+ msleep(POLL_MSEC);
+- spin_lock_irq(&boot_lock);
++ raw_spin_lock_irq(&boot_lock);
+ }
+ if (tries >= count)
+ goto err;
+@@ -220,10 +220,10 @@
+ }
+ if (tries >= count)
+ goto err;
+- spin_unlock_irq(&boot_lock);
++ raw_spin_unlock_irq(&boot_lock);
+ return 0;
+ err:
+- spin_unlock_irq(&boot_lock);
++ raw_spin_unlock_irq(&boot_lock);
+ return ret;
+ }
+
+@@ -235,10 +235,10 @@
+ cpu = MPIDR_AFFINITY_LEVEL(mpidr, 0);
+ cluster = MPIDR_AFFINITY_LEVEL(mpidr, 1);
+
+- spin_lock(&boot_lock);
++ raw_spin_lock(&boot_lock);
+ if (!hip04_cpu_table[cluster][cpu])
+ hip04_cpu_table[cluster][cpu] = 1;
+- spin_unlock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+ }
+
+ static void __naked hip04_mcpm_power_up_setup(unsigned int affinity_level)
+diff -Nur linux-3.18.9.orig/arch/arm/mach-omap2/omap-smp.c linux-3.18.9/arch/arm/mach-omap2/omap-smp.c
+--- linux-3.18.9.orig/arch/arm/mach-omap2/omap-smp.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/mach-omap2/omap-smp.c 2015-03-15 16:03:03.672094877 -0500
+@@ -43,7 +43,7 @@
+ /* SCU base address */
+ static void __iomem *scu_base;
+
+-static DEFINE_SPINLOCK(boot_lock);
++static DEFINE_RAW_SPINLOCK(boot_lock);
+
+ void __iomem *omap4_get_scu_base(void)
+ {
+@@ -74,8 +74,8 @@
+ /*
+ * Synchronise with the boot thread.
+ */
+- spin_lock(&boot_lock);
+- spin_unlock(&boot_lock);
++ raw_spin_lock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+ }
+
+ static int omap4_boot_secondary(unsigned int cpu, struct task_struct *idle)
+@@ -89,7 +89,7 @@
+ * Set synchronisation state between this boot processor
+ * and the secondary one
+ */
+- spin_lock(&boot_lock);
++ raw_spin_lock(&boot_lock);
+
+ /*
+ * Update the AuxCoreBoot0 with boot state for secondary core.
+@@ -166,7 +166,7 @@
+ * Now the secondary core is starting up let it run its
+ * calibrations, then wait for it to finish
+ */
+- spin_unlock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+
+ return 0;
+ }
+diff -Nur linux-3.18.9.orig/arch/arm/mach-prima2/platsmp.c linux-3.18.9/arch/arm/mach-prima2/platsmp.c
+--- linux-3.18.9.orig/arch/arm/mach-prima2/platsmp.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/mach-prima2/platsmp.c 2015-03-15 16:03:03.676094877 -0500
+@@ -23,7 +23,7 @@
+ static void __iomem *scu_base;
+ static void __iomem *rsc_base;
+
+-static DEFINE_SPINLOCK(boot_lock);
++static DEFINE_RAW_SPINLOCK(boot_lock);
+
+ static struct map_desc scu_io_desc __initdata = {
+ .length = SZ_4K,
+@@ -56,8 +56,8 @@
+ /*
+ * Synchronise with the boot thread.
+ */
+- spin_lock(&boot_lock);
+- spin_unlock(&boot_lock);
++ raw_spin_lock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+ }
+
+ static struct of_device_id rsc_ids[] = {
+@@ -95,7 +95,7 @@
+ /* make sure write buffer is drained */
+ mb();
+
+- spin_lock(&boot_lock);
++ raw_spin_lock(&boot_lock);
+
+ /*
+ * The secondary processor is waiting to be released from
+@@ -127,7 +127,7 @@
+ * now the secondary core is starting up let it run its
+ * calibrations, then wait for it to finish
+ */
+- spin_unlock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+
+ return pen_release != -1 ? -ENOSYS : 0;
+ }
+diff -Nur linux-3.18.9.orig/arch/arm/mach-qcom/platsmp.c linux-3.18.9/arch/arm/mach-qcom/platsmp.c
+--- linux-3.18.9.orig/arch/arm/mach-qcom/platsmp.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/mach-qcom/platsmp.c 2015-03-15 16:03:03.676094877 -0500
+@@ -46,7 +46,7 @@
+
+ extern void secondary_startup(void);
+
+-static DEFINE_SPINLOCK(boot_lock);
++static DEFINE_RAW_SPINLOCK(boot_lock);
+
+ #ifdef CONFIG_HOTPLUG_CPU
+ static void __ref qcom_cpu_die(unsigned int cpu)
+@@ -60,8 +60,8 @@
+ /*
+ * Synchronise with the boot thread.
+ */
+- spin_lock(&boot_lock);
+- spin_unlock(&boot_lock);
++ raw_spin_lock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+ }
+
+ static int scss_release_secondary(unsigned int cpu)
+@@ -284,7 +284,7 @@
+ * set synchronisation state between this boot processor
+ * and the secondary one
+ */
+- spin_lock(&boot_lock);
++ raw_spin_lock(&boot_lock);
+
+ /*
+ * Send the secondary CPU a soft interrupt, thereby causing
+@@ -297,7 +297,7 @@
+ * now the secondary core is starting up let it run its
+ * calibrations, then wait for it to finish
+ */
+- spin_unlock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+
+ return ret;
+ }
+diff -Nur linux-3.18.9.orig/arch/arm/mach-spear/platsmp.c linux-3.18.9/arch/arm/mach-spear/platsmp.c
+--- linux-3.18.9.orig/arch/arm/mach-spear/platsmp.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/mach-spear/platsmp.c 2015-03-15 16:03:03.676094877 -0500
+@@ -32,7 +32,7 @@
+ sync_cache_w(&pen_release);
+ }
+
+-static DEFINE_SPINLOCK(boot_lock);
++static DEFINE_RAW_SPINLOCK(boot_lock);
+
+ static void __iomem *scu_base = IOMEM(VA_SCU_BASE);
+
+@@ -47,8 +47,8 @@
+ /*
+ * Synchronise with the boot thread.
+ */
+- spin_lock(&boot_lock);
+- spin_unlock(&boot_lock);
++ raw_spin_lock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+ }
+
+ static int spear13xx_boot_secondary(unsigned int cpu, struct task_struct *idle)
+@@ -59,7 +59,7 @@
+ * set synchronisation state between this boot processor
+ * and the secondary one
+ */
+- spin_lock(&boot_lock);
++ raw_spin_lock(&boot_lock);
+
+ /*
+ * The secondary processor is waiting to be released from
+@@ -84,7 +84,7 @@
+ * now the secondary core is starting up let it run its
+ * calibrations, then wait for it to finish
+ */
+- spin_unlock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+
+ return pen_release != -1 ? -ENOSYS : 0;
+ }
+diff -Nur linux-3.18.9.orig/arch/arm/mach-sti/platsmp.c linux-3.18.9/arch/arm/mach-sti/platsmp.c
+--- linux-3.18.9.orig/arch/arm/mach-sti/platsmp.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/mach-sti/platsmp.c 2015-03-15 16:03:03.676094877 -0500
+@@ -34,7 +34,7 @@
+ sync_cache_w(&pen_release);
+ }
+
+-static DEFINE_SPINLOCK(boot_lock);
++static DEFINE_RAW_SPINLOCK(boot_lock);
+
+ static void sti_secondary_init(unsigned int cpu)
+ {
+@@ -49,8 +49,8 @@
+ /*
+ * Synchronise with the boot thread.
+ */
+- spin_lock(&boot_lock);
+- spin_unlock(&boot_lock);
++ raw_spin_lock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+ }
+
+ static int sti_boot_secondary(unsigned int cpu, struct task_struct *idle)
+@@ -61,7 +61,7 @@
+ * set synchronisation state between this boot processor
+ * and the secondary one
+ */
+- spin_lock(&boot_lock);
++ raw_spin_lock(&boot_lock);
+
+ /*
+ * The secondary processor is waiting to be released from
+@@ -92,7 +92,7 @@
+ * now the secondary core is starting up let it run its
+ * calibrations, then wait for it to finish
+ */
+- spin_unlock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+
+ return pen_release != -1 ? -ENOSYS : 0;
+ }
+diff -Nur linux-3.18.9.orig/arch/arm/mach-ux500/platsmp.c linux-3.18.9/arch/arm/mach-ux500/platsmp.c
+--- linux-3.18.9.orig/arch/arm/mach-ux500/platsmp.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/mach-ux500/platsmp.c 2015-03-15 16:03:03.676094877 -0500
+@@ -51,7 +51,7 @@
+ return NULL;
+ }
+
+-static DEFINE_SPINLOCK(boot_lock);
++static DEFINE_RAW_SPINLOCK(boot_lock);
+
+ static void ux500_secondary_init(unsigned int cpu)
+ {
+@@ -64,8 +64,8 @@
+ /*
+ * Synchronise with the boot thread.
+ */
+- spin_lock(&boot_lock);
+- spin_unlock(&boot_lock);
++ raw_spin_lock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+ }
+
+ static int ux500_boot_secondary(unsigned int cpu, struct task_struct *idle)
+@@ -76,7 +76,7 @@
+ * set synchronisation state between this boot processor
+ * and the secondary one
+ */
+- spin_lock(&boot_lock);
++ raw_spin_lock(&boot_lock);
+
+ /*
+ * The secondary processor is waiting to be released from
+@@ -97,7 +97,7 @@
+ * now the secondary core is starting up let it run its
+ * calibrations, then wait for it to finish
+ */
+- spin_unlock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+
+ return pen_release != -1 ? -ENOSYS : 0;
+ }
+diff -Nur linux-3.18.9.orig/arch/arm/mm/fault.c linux-3.18.9/arch/arm/mm/fault.c
+--- linux-3.18.9.orig/arch/arm/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/mm/fault.c 2015-03-15 16:03:03.676094877 -0500
+@@ -277,7 +277,7 @@
+ * If we're in an interrupt or have no user
+ * context, we must not take the fault..
+ */
+- if (in_atomic() || !mm)
++ if (!mm || pagefault_disabled())
+ goto no_context;
+
+ if (user_mode(regs))
+@@ -431,6 +431,9 @@
+ if (addr < TASK_SIZE)
+ return do_page_fault(addr, fsr, regs);
+
++ if (interrupts_enabled(regs))
++ local_irq_enable();
++
+ if (user_mode(regs))
+ goto bad_area;
+
+@@ -498,6 +501,9 @@
+ static int
+ do_sect_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
+ {
++ if (interrupts_enabled(regs))
++ local_irq_enable();
++
+ do_bad_area(addr, fsr, regs);
+ return 0;
+ }
+diff -Nur linux-3.18.9.orig/arch/arm/mm/highmem.c linux-3.18.9/arch/arm/mm/highmem.c
+--- linux-3.18.9.orig/arch/arm/mm/highmem.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/mm/highmem.c 2015-03-15 16:03:03.676094877 -0500
+@@ -53,6 +53,7 @@
+
+ void *kmap_atomic(struct page *page)
+ {
++ pte_t pte = mk_pte(page, kmap_prot);
+ unsigned int idx;
+ unsigned long vaddr;
+ void *kmap;
+@@ -91,7 +92,10 @@
+ * in place, so the contained TLB flush ensures the TLB is updated
+ * with the new mapping.
+ */
+- set_fixmap_pte(idx, mk_pte(page, kmap_prot));
++#ifdef CONFIG_PREEMPT_RT_FULL
++ current->kmap_pte[type] = pte;
++#endif
++ set_fixmap_pte(idx, pte);
+
+ return (void *)vaddr;
+ }
+@@ -108,12 +112,15 @@
+
+ if (cache_is_vivt())
+ __cpuc_flush_dcache_area((void *)vaddr, PAGE_SIZE);
++#ifdef CONFIG_PREEMPT_RT_FULL
++ current->kmap_pte[type] = __pte(0);
++#endif
+ #ifdef CONFIG_DEBUG_HIGHMEM
+ BUG_ON(vaddr != __fix_to_virt(idx));
+- set_fixmap_pte(idx, __pte(0));
+ #else
+ (void) idx; /* to kill a warning */
+ #endif
++ set_fixmap_pte(idx, __pte(0));
+ kmap_atomic_idx_pop();
+ } else if (vaddr >= PKMAP_ADDR(0) && vaddr < PKMAP_ADDR(LAST_PKMAP)) {
+ /* this address was obtained through kmap_high_get() */
+@@ -125,6 +132,7 @@
+
+ void *kmap_atomic_pfn(unsigned long pfn)
+ {
++ pte_t pte = pfn_pte(pfn, kmap_prot);
+ unsigned long vaddr;
+ int idx, type;
+ struct page *page = pfn_to_page(pfn);
+@@ -139,7 +147,10 @@
+ #ifdef CONFIG_DEBUG_HIGHMEM
+ BUG_ON(!pte_none(*(fixmap_page_table + idx)));
+ #endif
+- set_fixmap_pte(idx, pfn_pte(pfn, kmap_prot));
++#ifdef CONFIG_PREEMPT_RT_FULL
++ current->kmap_pte[type] = pte;
++#endif
++ set_fixmap_pte(idx, pte);
+
+ return (void *)vaddr;
+ }
+@@ -153,3 +164,28 @@
+
+ return pte_page(get_fixmap_pte(vaddr));
+ }
++
++#if defined CONFIG_PREEMPT_RT_FULL
++void switch_kmaps(struct task_struct *prev_p, struct task_struct *next_p)
++{
++ int i;
++
++ /*
++ * Clear @prev's kmap_atomic mappings
++ */
++ for (i = 0; i < prev_p->kmap_idx; i++) {
++ int idx = i + KM_TYPE_NR * smp_processor_id();
++
++ set_fixmap_pte(idx, __pte(0));
++ }
++ /*
++ * Restore @next_p's kmap_atomic mappings
++ */
++ for (i = 0; i < next_p->kmap_idx; i++) {
++ int idx = i + KM_TYPE_NR * smp_processor_id();
++
++ if (!pte_none(next_p->kmap_pte[i]))
++ set_fixmap_pte(idx, next_p->kmap_pte[i]);
++ }
++}
++#endif
+diff -Nur linux-3.18.9.orig/arch/arm/plat-versatile/platsmp.c linux-3.18.9/arch/arm/plat-versatile/platsmp.c
+--- linux-3.18.9.orig/arch/arm/plat-versatile/platsmp.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm/plat-versatile/platsmp.c 2015-03-15 16:03:03.676094877 -0500
+@@ -30,7 +30,7 @@
+ sync_cache_w(&pen_release);
+ }
+
+-static DEFINE_SPINLOCK(boot_lock);
++static DEFINE_RAW_SPINLOCK(boot_lock);
+
+ void versatile_secondary_init(unsigned int cpu)
+ {
+@@ -43,8 +43,8 @@
+ /*
+ * Synchronise with the boot thread.
+ */
+- spin_lock(&boot_lock);
+- spin_unlock(&boot_lock);
++ raw_spin_lock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+ }
+
+ int versatile_boot_secondary(unsigned int cpu, struct task_struct *idle)
+@@ -55,7 +55,7 @@
+ * Set synchronisation state between this boot processor
+ * and the secondary one
+ */
+- spin_lock(&boot_lock);
++ raw_spin_lock(&boot_lock);
+
+ /*
+ * This is really belt and braces; we hold unintended secondary
+@@ -85,7 +85,7 @@
+ * now the secondary core is starting up let it run its
+ * calibrations, then wait for it to finish
+ */
+- spin_unlock(&boot_lock);
++ raw_spin_unlock(&boot_lock);
+
+ return pen_release != -1 ? -ENOSYS : 0;
+ }
+diff -Nur linux-3.18.9.orig/arch/arm64/kernel/smp.c linux-3.18.9/arch/arm64/kernel/smp.c
+--- linux-3.18.9.orig/arch/arm64/kernel/smp.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/arm64/kernel/smp.c 2015-03-15 16:03:03.676094877 -0500
+@@ -529,12 +529,14 @@
+ }
+
+ #ifdef CONFIG_IRQ_WORK
++#ifndef CONFIG_PREEMPT_RT_FULL
+ void arch_irq_work_raise(void)
+ {
+ if (__smp_cross_call)
+ smp_cross_call(cpumask_of(smp_processor_id()), IPI_IRQ_WORK);
+ }
+ #endif
++#endif
+
+ static DEFINE_RAW_SPINLOCK(stop_lock);
+
+diff -Nur linux-3.18.9.orig/arch/avr32/mm/fault.c linux-3.18.9/arch/avr32/mm/fault.c
+--- linux-3.18.9.orig/arch/avr32/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/avr32/mm/fault.c 2015-03-15 16:03:03.676094877 -0500
+@@ -81,7 +81,7 @@
+ * If we're in an interrupt or have no user context, we must
+ * not take the fault...
+ */
+- if (in_atomic() || !mm || regs->sr & SYSREG_BIT(GM))
++ if (!mm || regs->sr & SYSREG_BIT(GM) || pagefault_disabled())
+ goto no_context;
+
+ local_irq_enable();
+diff -Nur linux-3.18.9.orig/arch/cris/mm/fault.c linux-3.18.9/arch/cris/mm/fault.c
+--- linux-3.18.9.orig/arch/cris/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/cris/mm/fault.c 2015-03-15 16:03:03.676094877 -0500
+@@ -113,7 +113,7 @@
+ * user context, we must not take the fault.
+ */
+
+- if (in_atomic() || !mm)
++ if (!mm || pagefault_disabled())
+ goto no_context;
+
+ if (user_mode(regs))
+diff -Nur linux-3.18.9.orig/arch/frv/mm/fault.c linux-3.18.9/arch/frv/mm/fault.c
+--- linux-3.18.9.orig/arch/frv/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/frv/mm/fault.c 2015-03-15 16:03:03.676094877 -0500
+@@ -78,7 +78,7 @@
+ * If we're in an interrupt or have no user
+ * context, we must not take the fault..
+ */
+- if (in_atomic() || !mm)
++ if (!mm || pagefault_disabled())
+ goto no_context;
+
+ if (user_mode(__frame))
+diff -Nur linux-3.18.9.orig/arch/ia64/mm/fault.c linux-3.18.9/arch/ia64/mm/fault.c
+--- linux-3.18.9.orig/arch/ia64/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/ia64/mm/fault.c 2015-03-15 16:03:03.676094877 -0500
+@@ -96,7 +96,7 @@
+ /*
+ * If we're in an interrupt or have no user context, we must not take the fault..
+ */
+- if (in_atomic() || !mm)
++ if (!mm || pagefault_disabled())
+ goto no_context;
+
+ #ifdef CONFIG_VIRTUAL_MEM_MAP
+diff -Nur linux-3.18.9.orig/arch/Kconfig linux-3.18.9/arch/Kconfig
+--- linux-3.18.9.orig/arch/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/Kconfig 2015-03-15 16:03:03.676094877 -0500
+@@ -6,6 +6,7 @@
+ tristate "OProfile system profiling"
+ depends on PROFILING
+ depends on HAVE_OPROFILE
++ depends on !PREEMPT_RT_FULL
+ select RING_BUFFER
+ select RING_BUFFER_ALLOW_SWAP
+ help
+diff -Nur linux-3.18.9.orig/arch/m32r/mm/fault.c linux-3.18.9/arch/m32r/mm/fault.c
+--- linux-3.18.9.orig/arch/m32r/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/m32r/mm/fault.c 2015-03-15 16:03:03.676094877 -0500
+@@ -114,7 +114,7 @@
+ * If we're in an interrupt or have no user context or are running in an
+ * atomic region then we must not take the fault..
+ */
+- if (in_atomic() || !mm)
++ if (!mm || pagefault_disabled())
+ goto bad_area_nosemaphore;
+
+ if (error_code & ACE_USERMODE)
+diff -Nur linux-3.18.9.orig/arch/m68k/mm/fault.c linux-3.18.9/arch/m68k/mm/fault.c
+--- linux-3.18.9.orig/arch/m68k/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/m68k/mm/fault.c 2015-03-15 16:03:03.676094877 -0500
+@@ -81,7 +81,7 @@
+ * If we're in an interrupt or have no user
+ * context, we must not take the fault..
+ */
+- if (in_atomic() || !mm)
++ if (!mm || pagefault_disabled())
+ goto no_context;
+
+ if (user_mode(regs))
+diff -Nur linux-3.18.9.orig/arch/microblaze/mm/fault.c linux-3.18.9/arch/microblaze/mm/fault.c
+--- linux-3.18.9.orig/arch/microblaze/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/microblaze/mm/fault.c 2015-03-15 16:03:03.676094877 -0500
+@@ -107,7 +107,7 @@
+ if ((error_code & 0x13) == 0x13 || (error_code & 0x11) == 0x11)
+ is_write = 0;
+
+- if (unlikely(in_atomic() || !mm)) {
++ if (unlikely(!mm || pagefault_disabled())) {
+ if (kernel_mode(regs))
+ goto bad_area_nosemaphore;
+
+diff -Nur linux-3.18.9.orig/arch/mips/Kconfig linux-3.18.9/arch/mips/Kconfig
+--- linux-3.18.9.orig/arch/mips/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/mips/Kconfig 2015-03-15 16:03:03.676094877 -0500
+@@ -2196,7 +2196,7 @@
+ #
+ config HIGHMEM
+ bool "High Memory Support"
+- depends on 32BIT && CPU_SUPPORTS_HIGHMEM && SYS_SUPPORTS_HIGHMEM && !CPU_MIPS32_3_5_EVA
++ depends on 32BIT && CPU_SUPPORTS_HIGHMEM && SYS_SUPPORTS_HIGHMEM && !CPU_MIPS32_3_5_EVA && !PREEMPT_RT_FULL
+
+ config CPU_SUPPORTS_HIGHMEM
+ bool
+diff -Nur linux-3.18.9.orig/arch/mips/kernel/signal.c linux-3.18.9/arch/mips/kernel/signal.c
+--- linux-3.18.9.orig/arch/mips/kernel/signal.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/mips/kernel/signal.c 2015-03-15 16:03:03.676094877 -0500
+@@ -613,6 +613,7 @@
+ __u32 thread_info_flags)
+ {
+ local_irq_enable();
++ preempt_check_resched();
+
+ user_exit();
+
+diff -Nur linux-3.18.9.orig/arch/mips/mm/fault.c linux-3.18.9/arch/mips/mm/fault.c
+--- linux-3.18.9.orig/arch/mips/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/mips/mm/fault.c 2015-03-15 16:03:03.676094877 -0500
+@@ -89,7 +89,7 @@
+ * If we're in an interrupt or have no user
+ * context, we must not take the fault..
+ */
+- if (in_atomic() || !mm)
++ if (!mm || pagefault_disabled())
+ goto bad_area_nosemaphore;
+
+ if (user_mode(regs))
+diff -Nur linux-3.18.9.orig/arch/mips/mm/init.c linux-3.18.9/arch/mips/mm/init.c
+--- linux-3.18.9.orig/arch/mips/mm/init.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/mips/mm/init.c 2015-03-15 16:03:03.676094877 -0500
+@@ -90,7 +90,7 @@
+
+ BUG_ON(Page_dcache_dirty(page));
+
+- pagefault_disable();
++ raw_pagefault_disable();
+ idx = (addr >> PAGE_SHIFT) & (FIX_N_COLOURS - 1);
+ idx += in_interrupt() ? FIX_N_COLOURS : 0;
+ vaddr = __fix_to_virt(FIX_CMAP_END - idx);
+@@ -146,7 +146,7 @@
+ tlbw_use_hazard();
+ write_c0_entryhi(old_ctx);
+ local_irq_restore(flags);
+- pagefault_enable();
++ raw_pagefault_enable();
+ }
+
+ void copy_user_highpage(struct page *to, struct page *from,
+diff -Nur linux-3.18.9.orig/arch/mn10300/mm/fault.c linux-3.18.9/arch/mn10300/mm/fault.c
+--- linux-3.18.9.orig/arch/mn10300/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/mn10300/mm/fault.c 2015-03-15 16:03:03.676094877 -0500
+@@ -168,7 +168,7 @@
+ * If we're in an interrupt or have no user
+ * context, we must not take the fault..
+ */
+- if (in_atomic() || !mm)
++ if (!mm || pagefault_disabled())
+ goto no_context;
+
+ if ((fault_code & MMUFCR_xFC_ACCESS) == MMUFCR_xFC_ACCESS_USR)
+diff -Nur linux-3.18.9.orig/arch/parisc/mm/fault.c linux-3.18.9/arch/parisc/mm/fault.c
+--- linux-3.18.9.orig/arch/parisc/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/parisc/mm/fault.c 2015-03-15 16:03:03.676094877 -0500
+@@ -207,7 +207,7 @@
+ int fault;
+ unsigned int flags;
+
+- if (in_atomic())
++ if (pagefault_disabled())
+ goto no_context;
+
+ tsk = current;
+diff -Nur linux-3.18.9.orig/arch/powerpc/include/asm/thread_info.h linux-3.18.9/arch/powerpc/include/asm/thread_info.h
+--- linux-3.18.9.orig/arch/powerpc/include/asm/thread_info.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/powerpc/include/asm/thread_info.h 2015-03-15 16:03:03.676094877 -0500
+@@ -43,6 +43,8 @@
+ int cpu; /* cpu we're on */
+ int preempt_count; /* 0 => preemptable,
+ <0 => BUG */
++ int preempt_lazy_count; /* 0 => preemptable,
++ <0 => BUG */
+ struct restart_block restart_block;
+ unsigned long local_flags; /* private flags for thread */
+
+@@ -88,8 +90,7 @@
+ #define TIF_SYSCALL_TRACE 0 /* syscall trace active */
+ #define TIF_SIGPENDING 1 /* signal pending */
+ #define TIF_NEED_RESCHED 2 /* rescheduling necessary */
+-#define TIF_POLLING_NRFLAG 3 /* true if poll_idle() is polling
+- TIF_NEED_RESCHED */
++#define TIF_NEED_RESCHED_LAZY 3 /* lazy rescheduling necessary */
+ #define TIF_32BIT 4 /* 32 bit binary */
+ #define TIF_RESTORE_TM 5 /* need to restore TM FP/VEC/VSX */
+ #define TIF_SYSCALL_AUDIT 7 /* syscall auditing active */
+@@ -107,6 +108,8 @@
+ #if defined(CONFIG_PPC64)
+ #define TIF_ELF2ABI 18 /* function descriptors must die! */
+ #endif
++#define TIF_POLLING_NRFLAG 19 /* true if poll_idle() is polling
++ TIF_NEED_RESCHED */
+
+ /* as above, but as bit values */
+ #define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE)
+@@ -125,14 +128,16 @@
+ #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT)
+ #define _TIF_EMULATE_STACK_STORE (1<<TIF_EMULATE_STACK_STORE)
+ #define _TIF_NOHZ (1<<TIF_NOHZ)
++#define _TIF_NEED_RESCHED_LAZY (1<<TIF_NEED_RESCHED_LAZY)
+ #define _TIF_SYSCALL_T_OR_A (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | \
+ _TIF_SECCOMP | _TIF_SYSCALL_TRACEPOINT | \
+ _TIF_NOHZ)
+
+ #define _TIF_USER_WORK_MASK (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \
+ _TIF_NOTIFY_RESUME | _TIF_UPROBE | \
+- _TIF_RESTORE_TM)
++ _TIF_RESTORE_TM | _TIF_NEED_RESCHED_LAZY)
+ #define _TIF_PERSYSCALL_MASK (_TIF_RESTOREALL|_TIF_NOERROR)
++#define _TIF_NEED_RESCHED_MASK (_TIF_NEED_RESCHED | _TIF_NEED_RESCHED_LAZY)
+
+ /* Bits in local_flags */
+ /* Don't move TLF_NAPPING without adjusting the code in entry_32.S */
+diff -Nur linux-3.18.9.orig/arch/powerpc/Kconfig linux-3.18.9/arch/powerpc/Kconfig
+--- linux-3.18.9.orig/arch/powerpc/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/powerpc/Kconfig 2015-03-15 16:03:03.680094877 -0500
+@@ -60,10 +60,11 @@
+
+ config RWSEM_GENERIC_SPINLOCK
+ bool
++ default y if PREEMPT_RT_FULL
+
+ config RWSEM_XCHGADD_ALGORITHM
+ bool
+- default y
++ default y if !PREEMPT_RT_FULL
+
+ config GENERIC_LOCKBREAK
+ bool
+@@ -136,6 +137,7 @@
+ select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST
+ select GENERIC_STRNCPY_FROM_USER
+ select GENERIC_STRNLEN_USER
++ select HAVE_PREEMPT_LAZY
+ select HAVE_MOD_ARCH_SPECIFIC
+ select MODULES_USE_ELF_RELA
+ select CLONE_BACKWARDS
+@@ -303,7 +305,7 @@
+
+ config HIGHMEM
+ bool "High memory support"
+- depends on PPC32
++ depends on PPC32 && !PREEMPT_RT_FULL
+
+ source kernel/Kconfig.hz
+ source kernel/Kconfig.preempt
+diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/asm-offsets.c linux-3.18.9/arch/powerpc/kernel/asm-offsets.c
+--- linux-3.18.9.orig/arch/powerpc/kernel/asm-offsets.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/powerpc/kernel/asm-offsets.c 2015-03-15 16:03:03.680094877 -0500
+@@ -159,6 +159,7 @@
+ DEFINE(TI_FLAGS, offsetof(struct thread_info, flags));
+ DEFINE(TI_LOCAL_FLAGS, offsetof(struct thread_info, local_flags));
+ DEFINE(TI_PREEMPT, offsetof(struct thread_info, preempt_count));
++ DEFINE(TI_PREEMPT_LAZY, offsetof(struct thread_info, preempt_lazy_count));
+ DEFINE(TI_TASK, offsetof(struct thread_info, task));
+ DEFINE(TI_CPU, offsetof(struct thread_info, cpu));
+
+diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/entry_32.S linux-3.18.9/arch/powerpc/kernel/entry_32.S
+--- linux-3.18.9.orig/arch/powerpc/kernel/entry_32.S 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/powerpc/kernel/entry_32.S 2015-03-15 16:03:03.680094877 -0500
+@@ -890,7 +890,14 @@
+ cmpwi 0,r0,0 /* if non-zero, just restore regs and return */
+ bne restore
+ andi. r8,r8,_TIF_NEED_RESCHED
++ bne+ 1f
++ lwz r0,TI_PREEMPT_LAZY(r9)
++ cmpwi 0,r0,0 /* if non-zero, just restore regs and return */
++ bne restore
++ lwz r0,TI_FLAGS(r9)
++ andi. r0,r0,_TIF_NEED_RESCHED_LAZY
+ beq+ restore
++1:
+ lwz r3,_MSR(r1)
+ andi. r0,r3,MSR_EE /* interrupts off? */
+ beq restore /* don't schedule if so */
+@@ -901,11 +908,11 @@
+ */
+ bl trace_hardirqs_off
+ #endif
+-1: bl preempt_schedule_irq
++2: bl preempt_schedule_irq
+ CURRENT_THREAD_INFO(r9, r1)
+ lwz r3,TI_FLAGS(r9)
+- andi. r0,r3,_TIF_NEED_RESCHED
+- bne- 1b
++ andi. r0,r3,_TIF_NEED_RESCHED_MASK
++ bne- 2b
+ #ifdef CONFIG_TRACE_IRQFLAGS
+ /* And now, to properly rebalance the above, we tell lockdep they
+ * are being turned back on, which will happen when we return
+@@ -1226,7 +1233,7 @@
+ #endif /* !(CONFIG_4xx || CONFIG_BOOKE) */
+
+ do_work: /* r10 contains MSR_KERNEL here */
+- andi. r0,r9,_TIF_NEED_RESCHED
++ andi. r0,r9,_TIF_NEED_RESCHED_MASK
+ beq do_user_signal
+
+ do_resched: /* r10 contains MSR_KERNEL here */
+@@ -1247,7 +1254,7 @@
+ MTMSRD(r10) /* disable interrupts */
+ CURRENT_THREAD_INFO(r9, r1)
+ lwz r9,TI_FLAGS(r9)
+- andi. r0,r9,_TIF_NEED_RESCHED
++ andi. r0,r9,_TIF_NEED_RESCHED_MASK
+ bne- do_resched
+ andi. r0,r9,_TIF_USER_WORK_MASK
+ beq restore_user
+diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/entry_64.S linux-3.18.9/arch/powerpc/kernel/entry_64.S
+--- linux-3.18.9.orig/arch/powerpc/kernel/entry_64.S 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/powerpc/kernel/entry_64.S 2015-03-15 16:03:03.680094877 -0500
+@@ -644,7 +644,7 @@
+ #else
+ beq restore
+ #endif
+-1: andi. r0,r4,_TIF_NEED_RESCHED
++1: andi. r0,r4,_TIF_NEED_RESCHED_MASK
+ beq 2f
+ bl restore_interrupts
+ SCHEDULE_USER
+@@ -706,10 +706,18 @@
+
+ #ifdef CONFIG_PREEMPT
+ /* Check if we need to preempt */
++ lwz r8,TI_PREEMPT(r9)
++ cmpwi 0,r8,0 /* if non-zero, just restore regs and return */
++ bne restore
+ andi. r0,r4,_TIF_NEED_RESCHED
++ bne+ check_count
++
++ andi. r0,r4,_TIF_NEED_RESCHED_LAZY
+ beq+ restore
++ lwz r8,TI_PREEMPT_LAZY(r9)
++
+ /* Check that preempt_count() == 0 and interrupts are enabled */
+- lwz r8,TI_PREEMPT(r9)
++check_count:
+ cmpwi cr1,r8,0
+ ld r0,SOFTE(r1)
+ cmpdi r0,0
+@@ -726,7 +734,7 @@
+ /* Re-test flags and eventually loop */
+ CURRENT_THREAD_INFO(r9, r1)
+ ld r4,TI_FLAGS(r9)
+- andi. r0,r4,_TIF_NEED_RESCHED
++ andi. r0,r4,_TIF_NEED_RESCHED_MASK
+ bne 1b
+
+ /*
+diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/irq.c linux-3.18.9/arch/powerpc/kernel/irq.c
+--- linux-3.18.9.orig/arch/powerpc/kernel/irq.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/powerpc/kernel/irq.c 2015-03-15 16:03:03.680094877 -0500
+@@ -615,6 +615,7 @@
+ }
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ void do_softirq_own_stack(void)
+ {
+ struct thread_info *curtp, *irqtp;
+@@ -632,6 +633,7 @@
+ if (irqtp->flags)
+ set_bits(irqtp->flags, &curtp->flags);
+ }
++#endif
+
+ irq_hw_number_t virq_to_hw(unsigned int virq)
+ {
+diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/misc_32.S linux-3.18.9/arch/powerpc/kernel/misc_32.S
+--- linux-3.18.9.orig/arch/powerpc/kernel/misc_32.S 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/powerpc/kernel/misc_32.S 2015-03-15 16:03:03.680094877 -0500
+@@ -40,6 +40,7 @@
+ * We store the saved ksp_limit in the unused part
+ * of the STACK_FRAME_OVERHEAD
+ */
++#ifndef CONFIG_PREEMPT_RT_FULL
+ _GLOBAL(call_do_softirq)
+ mflr r0
+ stw r0,4(r1)
+@@ -56,6 +57,7 @@
+ stw r10,THREAD+KSP_LIMIT(r2)
+ mtlr r0
+ blr
++#endif
+
+ /*
+ * void call_do_irq(struct pt_regs *regs, struct thread_info *irqtp);
+diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/misc_64.S linux-3.18.9/arch/powerpc/kernel/misc_64.S
+--- linux-3.18.9.orig/arch/powerpc/kernel/misc_64.S 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/powerpc/kernel/misc_64.S 2015-03-15 16:03:03.680094877 -0500
+@@ -29,6 +29,7 @@
+
+ .text
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ _GLOBAL(call_do_softirq)
+ mflr r0
+ std r0,16(r1)
+@@ -39,6 +40,7 @@
+ ld r0,16(r1)
+ mtlr r0
+ blr
++#endif
+
+ _GLOBAL(call_do_irq)
+ mflr r0
+diff -Nur linux-3.18.9.orig/arch/powerpc/kernel/time.c linux-3.18.9/arch/powerpc/kernel/time.c
+--- linux-3.18.9.orig/arch/powerpc/kernel/time.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/powerpc/kernel/time.c 2015-03-15 16:03:03.680094877 -0500
+@@ -424,7 +424,7 @@
+ EXPORT_SYMBOL(profile_pc);
+ #endif
+
+-#ifdef CONFIG_IRQ_WORK
++#if defined(CONFIG_IRQ_WORK) && !defined(CONFIG_PREEMPT_RT_FULL)
+
+ /*
+ * 64-bit uses a byte in the PACA, 32-bit uses a per-cpu variable...
+diff -Nur linux-3.18.9.orig/arch/powerpc/mm/fault.c linux-3.18.9/arch/powerpc/mm/fault.c
+--- linux-3.18.9.orig/arch/powerpc/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/powerpc/mm/fault.c 2015-03-15 16:03:03.680094877 -0500
+@@ -273,7 +273,7 @@
+ if (!arch_irq_disabled_regs(regs))
+ local_irq_enable();
+
+- if (in_atomic() || mm == NULL) {
++ if (in_atomic() || mm == NULL || pagefault_disabled()) {
+ if (!user_mode(regs)) {
+ rc = SIGSEGV;
+ goto bail;
+diff -Nur linux-3.18.9.orig/arch/s390/mm/fault.c linux-3.18.9/arch/s390/mm/fault.c
+--- linux-3.18.9.orig/arch/s390/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/s390/mm/fault.c 2015-03-15 16:03:03.680094877 -0500
+@@ -435,7 +435,8 @@
+ * user context.
+ */
+ fault = VM_FAULT_BADCONTEXT;
+- if (unlikely(!user_space_fault(regs) || in_atomic() || !mm))
++ if (unlikely(!user_space_fault(regs) || !mm ||
++ tsk->pagefault_disabled))
+ goto out;
+
+ address = trans_exc_code & __FAIL_ADDR_MASK;
+diff -Nur linux-3.18.9.orig/arch/score/mm/fault.c linux-3.18.9/arch/score/mm/fault.c
+--- linux-3.18.9.orig/arch/score/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/score/mm/fault.c 2015-03-15 16:03:03.680094877 -0500
+@@ -73,7 +73,7 @@
+ * If we're in an interrupt or have no user
+ * context, we must not take the fault..
+ */
+- if (in_atomic() || !mm)
++ if (!mm || pagefault_disabled())
+ goto bad_area_nosemaphore;
+
+ if (user_mode(regs))
+diff -Nur linux-3.18.9.orig/arch/sh/kernel/irq.c linux-3.18.9/arch/sh/kernel/irq.c
+--- linux-3.18.9.orig/arch/sh/kernel/irq.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/sh/kernel/irq.c 2015-03-15 16:03:03.680094877 -0500
+@@ -149,6 +149,7 @@
+ hardirq_ctx[cpu] = NULL;
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ void do_softirq_own_stack(void)
+ {
+ struct thread_info *curctx;
+@@ -176,6 +177,7 @@
+ "r5", "r6", "r7", "r8", "r9", "r15", "t", "pr"
+ );
+ }
++#endif
+ #else
+ static inline void handle_one_irq(unsigned int irq)
+ {
+diff -Nur linux-3.18.9.orig/arch/sh/mm/fault.c linux-3.18.9/arch/sh/mm/fault.c
+--- linux-3.18.9.orig/arch/sh/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/sh/mm/fault.c 2015-03-15 16:03:03.680094877 -0500
+@@ -440,7 +440,7 @@
+ * If we're in an interrupt, have no user context or are running
+ * in an atomic region then we must not take the fault:
+ */
+- if (unlikely(in_atomic() || !mm)) {
++ if (unlikely(!mm || pagefault_disabled())) {
+ bad_area_nosemaphore(regs, error_code, address);
+ return;
+ }
+diff -Nur linux-3.18.9.orig/arch/sparc/Kconfig linux-3.18.9/arch/sparc/Kconfig
+--- linux-3.18.9.orig/arch/sparc/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/sparc/Kconfig 2015-03-15 16:03:03.680094877 -0500
+@@ -182,12 +182,10 @@
+ source kernel/Kconfig.hz
+
+ config RWSEM_GENERIC_SPINLOCK
+- bool
+- default y if SPARC32
++ def_bool PREEMPT_RT_FULL
+
+ config RWSEM_XCHGADD_ALGORITHM
+- bool
+- default y if SPARC64
++ def_bool !RWSEM_GENERIC_SPINLOCK && !PREEMPT_RT_FULL
+
+ config GENERIC_HWEIGHT
+ bool
+@@ -528,6 +526,10 @@
+
+ source "fs/Kconfig.binfmt"
+
++config EARLY_PRINTK
++ bool
++ default y
++
+ config COMPAT
+ bool
+ depends on SPARC64
+diff -Nur linux-3.18.9.orig/arch/sparc/kernel/irq_64.c linux-3.18.9/arch/sparc/kernel/irq_64.c
+--- linux-3.18.9.orig/arch/sparc/kernel/irq_64.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/sparc/kernel/irq_64.c 2015-03-15 16:03:03.680094877 -0500
+@@ -849,6 +849,7 @@
+ set_irq_regs(old_regs);
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ void do_softirq_own_stack(void)
+ {
+ void *orig_sp, *sp = softirq_stack[smp_processor_id()];
+@@ -863,6 +864,7 @@
+ __asm__ __volatile__("mov %0, %%sp"
+ : : "r" (orig_sp));
+ }
++#endif
+
+ #ifdef CONFIG_HOTPLUG_CPU
+ void fixup_irqs(void)
+diff -Nur linux-3.18.9.orig/arch/sparc/kernel/pcr.c linux-3.18.9/arch/sparc/kernel/pcr.c
+--- linux-3.18.9.orig/arch/sparc/kernel/pcr.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/sparc/kernel/pcr.c 2015-03-15 16:03:03.684094876 -0500
+@@ -43,10 +43,12 @@
+ set_irq_regs(old_regs);
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ void arch_irq_work_raise(void)
+ {
+ set_softint(1 << PIL_DEFERRED_PCR_WORK);
+ }
++#endif
+
+ const struct pcr_ops *pcr_ops;
+ EXPORT_SYMBOL_GPL(pcr_ops);
+diff -Nur linux-3.18.9.orig/arch/sparc/kernel/setup_32.c linux-3.18.9/arch/sparc/kernel/setup_32.c
+--- linux-3.18.9.orig/arch/sparc/kernel/setup_32.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/sparc/kernel/setup_32.c 2015-03-15 16:03:03.684094876 -0500
+@@ -309,6 +309,7 @@
+
+ boot_flags_init(*cmdline_p);
+
++ early_console = &prom_early_console;
+ register_console(&prom_early_console);
+
+ printk("ARCH: ");
+diff -Nur linux-3.18.9.orig/arch/sparc/kernel/setup_64.c linux-3.18.9/arch/sparc/kernel/setup_64.c
+--- linux-3.18.9.orig/arch/sparc/kernel/setup_64.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/sparc/kernel/setup_64.c 2015-03-15 16:03:03.684094876 -0500
+@@ -563,6 +563,12 @@
+ pause_patch();
+ }
+
++static inline void register_prom_console(void)
++{
++ early_console = &prom_early_console;
++ register_console(&prom_early_console);
++}
++
+ void __init setup_arch(char **cmdline_p)
+ {
+ /* Initialize PROM console and command line. */
+@@ -574,7 +580,7 @@
+ #ifdef CONFIG_EARLYFB
+ if (btext_find_display())
+ #endif
+- register_console(&prom_early_console);
++ register_prom_console();
+
+ if (tlb_type == hypervisor)
+ printk("ARCH: SUN4V\n");
+diff -Nur linux-3.18.9.orig/arch/sparc/mm/fault_32.c linux-3.18.9/arch/sparc/mm/fault_32.c
+--- linux-3.18.9.orig/arch/sparc/mm/fault_32.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/sparc/mm/fault_32.c 2015-03-15 16:03:03.684094876 -0500
+@@ -196,7 +196,7 @@
+ * If we're in an interrupt or have no user
+ * context, we must not take the fault..
+ */
+- if (in_atomic() || !mm)
++ if (!mm || pagefault_disabled())
+ goto no_context;
+
+ perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address);
+diff -Nur linux-3.18.9.orig/arch/sparc/mm/fault_64.c linux-3.18.9/arch/sparc/mm/fault_64.c
+--- linux-3.18.9.orig/arch/sparc/mm/fault_64.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/sparc/mm/fault_64.c 2015-03-15 16:03:03.684094876 -0500
+@@ -330,7 +330,7 @@
+ * If we're in an interrupt or have no user
+ * context, we must not take the fault..
+ */
+- if (in_atomic() || !mm)
++ if (!mm || pagefault_disabled())
+ goto intr_or_no_mm;
+
+ perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address);
+diff -Nur linux-3.18.9.orig/arch/tile/mm/fault.c linux-3.18.9/arch/tile/mm/fault.c
+--- linux-3.18.9.orig/arch/tile/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/tile/mm/fault.c 2015-03-15 16:03:03.684094876 -0500
+@@ -357,7 +357,7 @@
+ * If we're in an interrupt, have no user context or are running in an
+ * atomic region then we must not take the fault.
+ */
+- if (in_atomic() || !mm) {
++ if (!mm || pagefault_disabled()) {
+ vma = NULL; /* happy compiler */
+ goto bad_area_nosemaphore;
+ }
+diff -Nur linux-3.18.9.orig/arch/um/kernel/trap.c linux-3.18.9/arch/um/kernel/trap.c
+--- linux-3.18.9.orig/arch/um/kernel/trap.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/um/kernel/trap.c 2015-03-15 16:03:03.684094876 -0500
+@@ -38,7 +38,7 @@
+ * If the fault was during atomic operation, don't take the fault, just
+ * fail.
+ */
+- if (in_atomic())
++ if (pagefault_disabled())
+ goto out_nosemaphore;
+
+ if (is_user)
+diff -Nur linux-3.18.9.orig/arch/x86/crypto/aesni-intel_glue.c linux-3.18.9/arch/x86/crypto/aesni-intel_glue.c
+--- linux-3.18.9.orig/arch/x86/crypto/aesni-intel_glue.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/crypto/aesni-intel_glue.c 2015-03-15 16:03:03.684094876 -0500
+@@ -381,14 +381,14 @@
+ err = blkcipher_walk_virt(desc, &walk);
+ desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
+
+- kernel_fpu_begin();
+ while ((nbytes = walk.nbytes)) {
++ kernel_fpu_begin();
+ aesni_ecb_enc(ctx, walk.dst.virt.addr, walk.src.virt.addr,
+- nbytes & AES_BLOCK_MASK);
++ nbytes & AES_BLOCK_MASK);
++ kernel_fpu_end();
+ nbytes &= AES_BLOCK_SIZE - 1;
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ }
+- kernel_fpu_end();
+
+ return err;
+ }
+@@ -405,14 +405,14 @@
+ err = blkcipher_walk_virt(desc, &walk);
+ desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
+
+- kernel_fpu_begin();
+ while ((nbytes = walk.nbytes)) {
++ kernel_fpu_begin();
+ aesni_ecb_dec(ctx, walk.dst.virt.addr, walk.src.virt.addr,
+ nbytes & AES_BLOCK_MASK);
++ kernel_fpu_end();
+ nbytes &= AES_BLOCK_SIZE - 1;
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ }
+- kernel_fpu_end();
+
+ return err;
+ }
+@@ -429,14 +429,14 @@
+ err = blkcipher_walk_virt(desc, &walk);
+ desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
+
+- kernel_fpu_begin();
+ while ((nbytes = walk.nbytes)) {
++ kernel_fpu_begin();
+ aesni_cbc_enc(ctx, walk.dst.virt.addr, walk.src.virt.addr,
+ nbytes & AES_BLOCK_MASK, walk.iv);
++ kernel_fpu_end();
+ nbytes &= AES_BLOCK_SIZE - 1;
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ }
+- kernel_fpu_end();
+
+ return err;
+ }
+@@ -453,14 +453,14 @@
+ err = blkcipher_walk_virt(desc, &walk);
+ desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
+
+- kernel_fpu_begin();
+ while ((nbytes = walk.nbytes)) {
++ kernel_fpu_begin();
+ aesni_cbc_dec(ctx, walk.dst.virt.addr, walk.src.virt.addr,
+ nbytes & AES_BLOCK_MASK, walk.iv);
++ kernel_fpu_end();
+ nbytes &= AES_BLOCK_SIZE - 1;
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ }
+- kernel_fpu_end();
+
+ return err;
+ }
+@@ -512,18 +512,20 @@
+ err = blkcipher_walk_virt_block(desc, &walk, AES_BLOCK_SIZE);
+ desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
+
+- kernel_fpu_begin();
+ while ((nbytes = walk.nbytes) >= AES_BLOCK_SIZE) {
++ kernel_fpu_begin();
+ aesni_ctr_enc_tfm(ctx, walk.dst.virt.addr, walk.src.virt.addr,
+ nbytes & AES_BLOCK_MASK, walk.iv);
++ kernel_fpu_end();
+ nbytes &= AES_BLOCK_SIZE - 1;
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ }
+ if (walk.nbytes) {
++ kernel_fpu_begin();
+ ctr_crypt_final(ctx, &walk);
++ kernel_fpu_end();
+ err = blkcipher_walk_done(desc, &walk, 0);
+ }
+- kernel_fpu_end();
+
+ return err;
+ }
+diff -Nur linux-3.18.9.orig/arch/x86/crypto/cast5_avx_glue.c linux-3.18.9/arch/x86/crypto/cast5_avx_glue.c
+--- linux-3.18.9.orig/arch/x86/crypto/cast5_avx_glue.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/crypto/cast5_avx_glue.c 2015-03-15 16:03:03.684094876 -0500
+@@ -60,7 +60,7 @@
+ static int ecb_crypt(struct blkcipher_desc *desc, struct blkcipher_walk *walk,
+ bool enc)
+ {
+- bool fpu_enabled = false;
++ bool fpu_enabled;
+ struct cast5_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
+ const unsigned int bsize = CAST5_BLOCK_SIZE;
+ unsigned int nbytes;
+@@ -76,7 +76,7 @@
+ u8 *wsrc = walk->src.virt.addr;
+ u8 *wdst = walk->dst.virt.addr;
+
+- fpu_enabled = cast5_fpu_begin(fpu_enabled, nbytes);
++ fpu_enabled = cast5_fpu_begin(false, nbytes);
+
+ /* Process multi-block batch */
+ if (nbytes >= bsize * CAST5_PARALLEL_BLOCKS) {
+@@ -104,10 +104,9 @@
+ } while (nbytes >= bsize);
+
+ done:
++ cast5_fpu_end(fpu_enabled);
+ err = blkcipher_walk_done(desc, walk, nbytes);
+ }
+-
+- cast5_fpu_end(fpu_enabled);
+ return err;
+ }
+
+@@ -228,7 +227,7 @@
+ static int cbc_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes)
+ {
+- bool fpu_enabled = false;
++ bool fpu_enabled;
+ struct blkcipher_walk walk;
+ int err;
+
+@@ -237,12 +236,11 @@
+ desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
+
+ while ((nbytes = walk.nbytes)) {
+- fpu_enabled = cast5_fpu_begin(fpu_enabled, nbytes);
++ fpu_enabled = cast5_fpu_begin(false, nbytes);
+ nbytes = __cbc_decrypt(desc, &walk);
++ cast5_fpu_end(fpu_enabled);
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ }
+-
+- cast5_fpu_end(fpu_enabled);
+ return err;
+ }
+
+@@ -312,7 +310,7 @@
+ static int ctr_crypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes)
+ {
+- bool fpu_enabled = false;
++ bool fpu_enabled;
+ struct blkcipher_walk walk;
+ int err;
+
+@@ -321,13 +319,12 @@
+ desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
+
+ while ((nbytes = walk.nbytes) >= CAST5_BLOCK_SIZE) {
+- fpu_enabled = cast5_fpu_begin(fpu_enabled, nbytes);
++ fpu_enabled = cast5_fpu_begin(false, nbytes);
+ nbytes = __ctr_crypt(desc, &walk);
++ cast5_fpu_end(fpu_enabled);
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ }
+
+- cast5_fpu_end(fpu_enabled);
+-
+ if (walk.nbytes) {
+ ctr_crypt_final(desc, &walk);
+ err = blkcipher_walk_done(desc, &walk, 0);
+diff -Nur linux-3.18.9.orig/arch/x86/crypto/glue_helper.c linux-3.18.9/arch/x86/crypto/glue_helper.c
+--- linux-3.18.9.orig/arch/x86/crypto/glue_helper.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/crypto/glue_helper.c 2015-03-15 16:03:03.684094876 -0500
+@@ -39,7 +39,7 @@
+ void *ctx = crypto_blkcipher_ctx(desc->tfm);
+ const unsigned int bsize = 128 / 8;
+ unsigned int nbytes, i, func_bytes;
+- bool fpu_enabled = false;
++ bool fpu_enabled;
+ int err;
+
+ err = blkcipher_walk_virt(desc, walk);
+@@ -49,7 +49,7 @@
+ u8 *wdst = walk->dst.virt.addr;
+
+ fpu_enabled = glue_fpu_begin(bsize, gctx->fpu_blocks_limit,
+- desc, fpu_enabled, nbytes);
++ desc, false, nbytes);
+
+ for (i = 0; i < gctx->num_funcs; i++) {
+ func_bytes = bsize * gctx->funcs[i].num_blocks;
+@@ -71,10 +71,10 @@
+ }
+
+ done:
++ glue_fpu_end(fpu_enabled);
+ err = blkcipher_walk_done(desc, walk, nbytes);
+ }
+
+- glue_fpu_end(fpu_enabled);
+ return err;
+ }
+
+@@ -194,7 +194,7 @@
+ struct scatterlist *src, unsigned int nbytes)
+ {
+ const unsigned int bsize = 128 / 8;
+- bool fpu_enabled = false;
++ bool fpu_enabled;
+ struct blkcipher_walk walk;
+ int err;
+
+@@ -203,12 +203,12 @@
+
+ while ((nbytes = walk.nbytes)) {
+ fpu_enabled = glue_fpu_begin(bsize, gctx->fpu_blocks_limit,
+- desc, fpu_enabled, nbytes);
++ desc, false, nbytes);
+ nbytes = __glue_cbc_decrypt_128bit(gctx, desc, &walk);
++ glue_fpu_end(fpu_enabled);
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ }
+
+- glue_fpu_end(fpu_enabled);
+ return err;
+ }
+ EXPORT_SYMBOL_GPL(glue_cbc_decrypt_128bit);
+@@ -278,7 +278,7 @@
+ struct scatterlist *src, unsigned int nbytes)
+ {
+ const unsigned int bsize = 128 / 8;
+- bool fpu_enabled = false;
++ bool fpu_enabled;
+ struct blkcipher_walk walk;
+ int err;
+
+@@ -287,13 +287,12 @@
+
+ while ((nbytes = walk.nbytes) >= bsize) {
+ fpu_enabled = glue_fpu_begin(bsize, gctx->fpu_blocks_limit,
+- desc, fpu_enabled, nbytes);
++ desc, false, nbytes);
+ nbytes = __glue_ctr_crypt_128bit(gctx, desc, &walk);
++ glue_fpu_end(fpu_enabled);
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ }
+
+- glue_fpu_end(fpu_enabled);
+-
+ if (walk.nbytes) {
+ glue_ctr_crypt_final_128bit(
+ gctx->funcs[gctx->num_funcs - 1].fn_u.ctr, desc, &walk);
+@@ -348,7 +347,7 @@
+ void *tweak_ctx, void *crypt_ctx)
+ {
+ const unsigned int bsize = 128 / 8;
+- bool fpu_enabled = false;
++ bool fpu_enabled;
+ struct blkcipher_walk walk;
+ int err;
+
+@@ -361,21 +360,21 @@
+
+ /* set minimum length to bsize, for tweak_fn */
+ fpu_enabled = glue_fpu_begin(bsize, gctx->fpu_blocks_limit,
+- desc, fpu_enabled,
++ desc, false,
+ nbytes < bsize ? bsize : nbytes);
+-
+ /* calculate first value of T */
+ tweak_fn(tweak_ctx, walk.iv, walk.iv);
++ glue_fpu_end(fpu_enabled);
+
+ while (nbytes) {
++ fpu_enabled = glue_fpu_begin(bsize, gctx->fpu_blocks_limit,
++ desc, false, nbytes);
+ nbytes = __glue_xts_crypt_128bit(gctx, crypt_ctx, desc, &walk);
+
++ glue_fpu_end(fpu_enabled);
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ nbytes = walk.nbytes;
+ }
+-
+- glue_fpu_end(fpu_enabled);
+-
+ return err;
+ }
+ EXPORT_SYMBOL_GPL(glue_xts_crypt_128bit);
+diff -Nur linux-3.18.9.orig/arch/x86/include/asm/preempt.h linux-3.18.9/arch/x86/include/asm/preempt.h
+--- linux-3.18.9.orig/arch/x86/include/asm/preempt.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/include/asm/preempt.h 2015-03-15 16:03:03.684094876 -0500
+@@ -85,17 +85,33 @@
+ * a decrement which hits zero means we have no preempt_count and should
+ * reschedule.
+ */
+-static __always_inline bool __preempt_count_dec_and_test(void)
++static __always_inline bool ____preempt_count_dec_and_test(void)
+ {
+ GEN_UNARY_RMWcc("decl", __preempt_count, __percpu_arg(0), "e");
+ }
+
++static __always_inline bool __preempt_count_dec_and_test(void)
++{
++ if (____preempt_count_dec_and_test())
++ return true;
++#ifdef CONFIG_PREEMPT_LAZY
++ return test_thread_flag(TIF_NEED_RESCHED_LAZY);
++#else
++ return false;
++#endif
++}
++
+ /*
+ * Returns true when we need to resched and can (barring IRQ state).
+ */
+ static __always_inline bool should_resched(void)
+ {
++#ifdef CONFIG_PREEMPT_LAZY
++ return unlikely(!raw_cpu_read_4(__preempt_count) || \
++ test_thread_flag(TIF_NEED_RESCHED_LAZY));
++#else
+ return unlikely(!raw_cpu_read_4(__preempt_count));
++#endif
+ }
+
+ #ifdef CONFIG_PREEMPT
+diff -Nur linux-3.18.9.orig/arch/x86/include/asm/signal.h linux-3.18.9/arch/x86/include/asm/signal.h
+--- linux-3.18.9.orig/arch/x86/include/asm/signal.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/include/asm/signal.h 2015-03-15 16:03:03.684094876 -0500
+@@ -23,6 +23,19 @@
+ unsigned long sig[_NSIG_WORDS];
+ } sigset_t;
+
++/*
++ * Because some traps use the IST stack, we must keep preemption
++ * disabled while calling do_trap(), but do_trap() may call
++ * force_sig_info() which will grab the signal spin_locks for the
++ * task, which in PREEMPT_RT_FULL are mutexes. By defining
++ * ARCH_RT_DELAYS_SIGNAL_SEND the force_sig_info() will set
++ * TIF_NOTIFY_RESUME and set up the signal to be sent on exit of the
++ * trap.
++ */
++#if defined(CONFIG_PREEMPT_RT_FULL) && defined(CONFIG_X86_64)
++#define ARCH_RT_DELAYS_SIGNAL_SEND
++#endif
++
+ #ifndef CONFIG_COMPAT
+ typedef sigset_t compat_sigset_t;
+ #endif
+diff -Nur linux-3.18.9.orig/arch/x86/include/asm/stackprotector.h linux-3.18.9/arch/x86/include/asm/stackprotector.h
+--- linux-3.18.9.orig/arch/x86/include/asm/stackprotector.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/include/asm/stackprotector.h 2015-03-15 16:03:03.684094876 -0500
+@@ -57,7 +57,7 @@
+ */
+ static __always_inline void boot_init_stack_canary(void)
+ {
+- u64 canary;
++ u64 uninitialized_var(canary);
+ u64 tsc;
+
+ #ifdef CONFIG_X86_64
+@@ -68,8 +68,16 @@
+ * of randomness. The TSC only matters for very early init,
+ * there it already has some randomness on most systems. Later
+ * on during the bootup the random pool has true entropy too.
++ *
++ * For preempt-rt we need to weaken the randomness a bit, as
++ * we can't call into the random generator from atomic context
++ * due to locking constraints. We just leave canary
++ * uninitialized and use the TSC based randomness on top of
++ * it.
+ */
++#ifndef CONFIG_PREEMPT_RT_FULL
+ get_random_bytes(&canary, sizeof(canary));
++#endif
+ tsc = __native_read_tsc();
+ canary += tsc + (tsc << 32UL);
+
+diff -Nur linux-3.18.9.orig/arch/x86/include/asm/thread_info.h linux-3.18.9/arch/x86/include/asm/thread_info.h
+--- linux-3.18.9.orig/arch/x86/include/asm/thread_info.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/include/asm/thread_info.h 2015-03-15 16:03:03.684094876 -0500
+@@ -30,6 +30,8 @@
+ __u32 status; /* thread synchronous flags */
+ __u32 cpu; /* current CPU */
+ int saved_preempt_count;
++ int preempt_lazy_count; /* 0 => lazy preemptable
++ <0 => BUG */
+ mm_segment_t addr_limit;
+ struct restart_block restart_block;
+ void __user *sysenter_return;
+@@ -75,6 +77,7 @@
+ #define TIF_SYSCALL_EMU 6 /* syscall emulation active */
+ #define TIF_SYSCALL_AUDIT 7 /* syscall auditing active */
+ #define TIF_SECCOMP 8 /* secure computing */
++#define TIF_NEED_RESCHED_LAZY 9 /* lazy rescheduling necessary */
+ #define TIF_MCE_NOTIFY 10 /* notify userspace of an MCE */
+ #define TIF_USER_RETURN_NOTIFY 11 /* notify kernel of userspace return */
+ #define TIF_UPROBE 12 /* breakpointed or singlestepping */
+@@ -100,6 +103,7 @@
+ #define _TIF_SYSCALL_EMU (1 << TIF_SYSCALL_EMU)
+ #define _TIF_SYSCALL_AUDIT (1 << TIF_SYSCALL_AUDIT)
+ #define _TIF_SECCOMP (1 << TIF_SECCOMP)
++#define _TIF_NEED_RESCHED_LAZY (1 << TIF_NEED_RESCHED_LAZY)
+ #define _TIF_MCE_NOTIFY (1 << TIF_MCE_NOTIFY)
+ #define _TIF_USER_RETURN_NOTIFY (1 << TIF_USER_RETURN_NOTIFY)
+ #define _TIF_UPROBE (1 << TIF_UPROBE)
+@@ -150,6 +154,8 @@
+ #define _TIF_WORK_CTXSW_PREV (_TIF_WORK_CTXSW|_TIF_USER_RETURN_NOTIFY)
+ #define _TIF_WORK_CTXSW_NEXT (_TIF_WORK_CTXSW)
+
++#define _TIF_NEED_RESCHED_MASK (_TIF_NEED_RESCHED | _TIF_NEED_RESCHED_LAZY)
++
+ #define STACK_WARN (THREAD_SIZE/8)
+ #define KERNEL_STACK_OFFSET (5*(BITS_PER_LONG/8))
+
+diff -Nur linux-3.18.9.orig/arch/x86/include/asm/uv/uv_bau.h linux-3.18.9/arch/x86/include/asm/uv/uv_bau.h
+--- linux-3.18.9.orig/arch/x86/include/asm/uv/uv_bau.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/include/asm/uv/uv_bau.h 2015-03-15 16:03:03.684094876 -0500
+@@ -615,9 +615,9 @@
+ cycles_t send_message;
+ cycles_t period_end;
+ cycles_t period_time;
+- spinlock_t uvhub_lock;
+- spinlock_t queue_lock;
+- spinlock_t disable_lock;
++ raw_spinlock_t uvhub_lock;
++ raw_spinlock_t queue_lock;
++ raw_spinlock_t disable_lock;
+ /* tunables */
+ int max_concurr;
+ int max_concurr_const;
+@@ -776,15 +776,15 @@
+ * to be lowered below the current 'v'. atomic_add_unless can only stop
+ * on equal.
+ */
+-static inline int atomic_inc_unless_ge(spinlock_t *lock, atomic_t *v, int u)
++static inline int atomic_inc_unless_ge(raw_spinlock_t *lock, atomic_t *v, int u)
+ {
+- spin_lock(lock);
++ raw_spin_lock(lock);
+ if (atomic_read(v) >= u) {
+- spin_unlock(lock);
++ raw_spin_unlock(lock);
+ return 0;
+ }
+ atomic_inc(v);
+- spin_unlock(lock);
++ raw_spin_unlock(lock);
+ return 1;
+ }
+
+diff -Nur linux-3.18.9.orig/arch/x86/include/asm/uv/uv_hub.h linux-3.18.9/arch/x86/include/asm/uv/uv_hub.h
+--- linux-3.18.9.orig/arch/x86/include/asm/uv/uv_hub.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/include/asm/uv/uv_hub.h 2015-03-15 16:03:03.684094876 -0500
+@@ -492,7 +492,7 @@
+ unsigned short nr_online_cpus;
+ unsigned short pnode;
+ short memory_nid;
+- spinlock_t nmi_lock; /* obsolete, see uv_hub_nmi */
++ raw_spinlock_t nmi_lock; /* obsolete, see uv_hub_nmi */
+ unsigned long nmi_count; /* obsolete, see uv_hub_nmi */
+ };
+ extern struct uv_blade_info *uv_blade_info;
+diff -Nur linux-3.18.9.orig/arch/x86/Kconfig linux-3.18.9/arch/x86/Kconfig
+--- linux-3.18.9.orig/arch/x86/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/Kconfig 2015-03-15 16:03:03.684094876 -0500
+@@ -21,6 +21,7 @@
+ ### Arch settings
+ config X86
+ def_bool y
++ select HAVE_PREEMPT_LAZY if X86_32
+ select ARCH_MIGHT_HAVE_ACPI_PDC if ACPI
+ select ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS
+ select ARCH_HAS_FAST_MULTIPLIER
+@@ -197,8 +198,11 @@
+ def_bool y
+ depends on ISA_DMA_API
+
++config RWSEM_GENERIC_SPINLOCK
++ def_bool PREEMPT_RT_FULL
++
+ config RWSEM_XCHGADD_ALGORITHM
+- def_bool y
++ def_bool !RWSEM_GENERIC_SPINLOCK && !PREEMPT_RT_FULL
+
+ config GENERIC_CALIBRATE_DELAY
+ def_bool y
+@@ -811,7 +815,7 @@
+ config MAXSMP
+ bool "Enable Maximum number of SMP Processors and NUMA Nodes"
+ depends on X86_64 && SMP && DEBUG_KERNEL
+- select CPUMASK_OFFSTACK
++ select CPUMASK_OFFSTACK if !PREEMPT_RT_FULL
+ ---help---
+ Enable maximum number of CPUS and NUMA Nodes for this architecture.
+ If unsure, say N.
+diff -Nur linux-3.18.9.orig/arch/x86/kernel/apic/io_apic.c linux-3.18.9/arch/x86/kernel/apic/io_apic.c
+--- linux-3.18.9.orig/arch/x86/kernel/apic/io_apic.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/kernel/apic/io_apic.c 2015-03-15 16:03:03.688094875 -0500
+@@ -2494,7 +2494,8 @@
+ static inline bool ioapic_irqd_mask(struct irq_data *data, struct irq_cfg *cfg)
+ {
+ /* If we are moving the irq we need to mask it */
+- if (unlikely(irqd_is_setaffinity_pending(data))) {
++ if (unlikely(irqd_is_setaffinity_pending(data) &&
++ !irqd_irq_inprogress(data))) {
+ mask_ioapic(cfg);
+ return true;
+ }
+diff -Nur linux-3.18.9.orig/arch/x86/kernel/apic/x2apic_uv_x.c linux-3.18.9/arch/x86/kernel/apic/x2apic_uv_x.c
+--- linux-3.18.9.orig/arch/x86/kernel/apic/x2apic_uv_x.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/kernel/apic/x2apic_uv_x.c 2015-03-15 16:03:03.688094875 -0500
+@@ -918,7 +918,7 @@
+ uv_blade_info[blade].pnode = pnode;
+ uv_blade_info[blade].nr_possible_cpus = 0;
+ uv_blade_info[blade].nr_online_cpus = 0;
+- spin_lock_init(&uv_blade_info[blade].nmi_lock);
++ raw_spin_lock_init(&uv_blade_info[blade].nmi_lock);
+ min_pnode = min(pnode, min_pnode);
+ max_pnode = max(pnode, max_pnode);
+ blade++;
+diff -Nur linux-3.18.9.orig/arch/x86/kernel/asm-offsets.c linux-3.18.9/arch/x86/kernel/asm-offsets.c
+--- linux-3.18.9.orig/arch/x86/kernel/asm-offsets.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/kernel/asm-offsets.c 2015-03-15 16:03:03.688094875 -0500
+@@ -32,6 +32,7 @@
+ OFFSET(TI_flags, thread_info, flags);
+ OFFSET(TI_status, thread_info, status);
+ OFFSET(TI_addr_limit, thread_info, addr_limit);
++ OFFSET(TI_preempt_lazy_count, thread_info, preempt_lazy_count);
+
+ BLANK();
+ OFFSET(crypto_tfm_ctx_offset, crypto_tfm, __crt_ctx);
+@@ -71,4 +72,5 @@
+
+ BLANK();
+ DEFINE(PTREGS_SIZE, sizeof(struct pt_regs));
++ DEFINE(_PREEMPT_ENABLED, PREEMPT_ENABLED);
+ }
+diff -Nur linux-3.18.9.orig/arch/x86/kernel/cpu/mcheck/mce.c linux-3.18.9/arch/x86/kernel/cpu/mcheck/mce.c
+--- linux-3.18.9.orig/arch/x86/kernel/cpu/mcheck/mce.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/kernel/cpu/mcheck/mce.c 2015-03-15 16:03:03.688094875 -0500
+@@ -18,6 +18,7 @@
+ #include <linux/rcupdate.h>
+ #include <linux/kobject.h>
+ #include <linux/uaccess.h>
++#include <linux/kthread.h>
+ #include <linux/kdebug.h>
+ #include <linux/kernel.h>
+ #include <linux/percpu.h>
+@@ -41,6 +42,7 @@
+ #include <linux/debugfs.h>
+ #include <linux/irq_work.h>
+ #include <linux/export.h>
++#include <linux/jiffies.h>
+
+ #include <asm/processor.h>
+ #include <asm/mce.h>
+@@ -1266,7 +1268,7 @@
+ static unsigned long check_interval = 5 * 60; /* 5 minutes */
+
+ static DEFINE_PER_CPU(unsigned long, mce_next_interval); /* in jiffies */
+-static DEFINE_PER_CPU(struct timer_list, mce_timer);
++static DEFINE_PER_CPU(struct hrtimer, mce_timer);
+
+ static unsigned long mce_adjust_timer_default(unsigned long interval)
+ {
+@@ -1283,14 +1285,11 @@
+ return test_and_clear_bit(0, v);
+ }
+
+-static void mce_timer_fn(unsigned long data)
++static enum hrtimer_restart mce_timer_fn(struct hrtimer *timer)
+ {
+- struct timer_list *t = this_cpu_ptr(&mce_timer);
+ unsigned long iv;
+ int notify;
+
+- WARN_ON(smp_processor_id() != data);
+-
+ if (mce_available(this_cpu_ptr(&cpu_info))) {
+ machine_check_poll(MCP_TIMESTAMP,
+ this_cpu_ptr(&mce_poll_banks));
+@@ -1313,9 +1312,11 @@
+ __this_cpu_write(mce_next_interval, iv);
+ /* Might have become 0 after CMCI storm subsided */
+ if (iv) {
+- t->expires = jiffies + iv;
+- add_timer_on(t, smp_processor_id());
++ hrtimer_forward_now(timer, ns_to_ktime(
++ jiffies_to_usecs(iv) * 1000ULL));
++ return HRTIMER_RESTART;
+ }
++ return HRTIMER_NORESTART;
+ }
+
+ /*
+@@ -1323,28 +1324,37 @@
+ */
+ void mce_timer_kick(unsigned long interval)
+ {
+- struct timer_list *t = this_cpu_ptr(&mce_timer);
+- unsigned long when = jiffies + interval;
++ struct hrtimer *t = this_cpu_ptr(&mce_timer);
+ unsigned long iv = __this_cpu_read(mce_next_interval);
+
+- if (timer_pending(t)) {
+- if (time_before(when, t->expires))
+- mod_timer_pinned(t, when);
++ if (hrtimer_active(t)) {
++ s64 exp;
++ s64 intv_us;
++
++ intv_us = jiffies_to_usecs(interval);
++ exp = ktime_to_us(hrtimer_expires_remaining(t));
++ if (intv_us < exp) {
++ hrtimer_cancel(t);
++ hrtimer_start_range_ns(t,
++ ns_to_ktime(intv_us * 1000),
++ 0, HRTIMER_MODE_REL_PINNED);
++ }
+ } else {
+- t->expires = round_jiffies(when);
+- add_timer_on(t, smp_processor_id());
++ hrtimer_start_range_ns(t,
++ ns_to_ktime(jiffies_to_usecs(interval) * 1000ULL),
++ 0, HRTIMER_MODE_REL_PINNED);
+ }
+ if (interval < iv)
+ __this_cpu_write(mce_next_interval, interval);
+ }
+
+-/* Must not be called in IRQ context where del_timer_sync() can deadlock */
++/* Must not be called in IRQ context where hrtimer_cancel() can deadlock */
+ static void mce_timer_delete_all(void)
+ {
+ int cpu;
+
+ for_each_online_cpu(cpu)
+- del_timer_sync(&per_cpu(mce_timer, cpu));
++ hrtimer_cancel(&per_cpu(mce_timer, cpu));
+ }
+
+ static void mce_do_trigger(struct work_struct *work)
+@@ -1354,6 +1364,68 @@
+
+ static DECLARE_WORK(mce_trigger_work, mce_do_trigger);
+
++static void __mce_notify_work(void)
++{
++ /* Not more than two messages every minute */
++ static DEFINE_RATELIMIT_STATE(ratelimit, 60*HZ, 2);
++
++ /* wake processes polling /dev/mcelog */
++ wake_up_interruptible(&mce_chrdev_wait);
++
++ /*
++ * There is no risk of missing notifications because
++ * work_pending is always cleared before the function is
++ * executed.
++ */
++ if (mce_helper[0] && !work_pending(&mce_trigger_work))
++ schedule_work(&mce_trigger_work);
++
++ if (__ratelimit(&ratelimit))
++ pr_info(HW_ERR "Machine check events logged\n");
++}
++
++#ifdef CONFIG_PREEMPT_RT_FULL
++struct task_struct *mce_notify_helper;
++
++static int mce_notify_helper_thread(void *unused)
++{
++ while (1) {
++ set_current_state(TASK_INTERRUPTIBLE);
++ schedule();
++ if (kthread_should_stop())
++ break;
++ __mce_notify_work();
++ }
++ return 0;
++}
++
++static int mce_notify_work_init(void)
++{
++ mce_notify_helper = kthread_run(mce_notify_helper_thread, NULL,
++ "mce-notify");
++ if (!mce_notify_helper)
++ return -ENOMEM;
++
++ return 0;
++}
++
++static void mce_notify_work(void)
++{
++ if (WARN_ON_ONCE(!mce_notify_helper)) {
++ pr_info(HW_ERR "Machine check event before MCE init; ignored\n");
++ return;
++ }
++
++ wake_up_process(mce_notify_helper);
++}
++#else
++static void mce_notify_work(void)
++{
++ __mce_notify_work();
++}
++static inline int mce_notify_work_init(void) { return 0; }
++#endif
++
+ /*
+ * Notify the user(s) about new machine check events.
+ * Can be called from interrupt context, but not from machine check/NMI
+@@ -1361,19 +1433,8 @@
+ */
+ int mce_notify_irq(void)
+ {
+- /* Not more than two messages every minute */
+- static DEFINE_RATELIMIT_STATE(ratelimit, 60*HZ, 2);
+-
+ if (test_and_clear_bit(0, &mce_need_notify)) {
+- /* wake processes polling /dev/mcelog */
+- wake_up_interruptible(&mce_chrdev_wait);
+-
+- if (mce_helper[0])
+- schedule_work(&mce_trigger_work);
+-
+- if (__ratelimit(&ratelimit))
+- pr_info(HW_ERR "Machine check events logged\n");
+-
++ mce_notify_work();
+ return 1;
+ }
+ return 0;
+@@ -1644,7 +1705,7 @@
+ }
+ }
+
+-static void mce_start_timer(unsigned int cpu, struct timer_list *t)
++static void mce_start_timer(unsigned int cpu, struct hrtimer *t)
+ {
+ unsigned long iv = check_interval * HZ;
+
+@@ -1653,16 +1714,17 @@
+
+ per_cpu(mce_next_interval, cpu) = iv;
+
+- t->expires = round_jiffies(jiffies + iv);
+- add_timer_on(t, cpu);
++ hrtimer_start_range_ns(t, ns_to_ktime(jiffies_to_usecs(iv) * 1000ULL),
++ 0, HRTIMER_MODE_REL_PINNED);
+ }
+
+ static void __mcheck_cpu_init_timer(void)
+ {
+- struct timer_list *t = this_cpu_ptr(&mce_timer);
++ struct hrtimer *t = this_cpu_ptr(&mce_timer);
+ unsigned int cpu = smp_processor_id();
+
+- setup_timer(t, mce_timer_fn, cpu);
++ hrtimer_init(t, CLOCK_MONOTONIC, HRTIMER_MODE_REL);
++ t->function = mce_timer_fn;
+ mce_start_timer(cpu, t);
+ }
+
+@@ -2339,6 +2401,8 @@
+ if (!mce_available(raw_cpu_ptr(&cpu_info)))
+ return;
+
++ hrtimer_cancel(this_cpu_ptr(&mce_timer));
++
+ if (!(action & CPU_TASKS_FROZEN))
+ cmci_clear();
+ for (i = 0; i < mca_cfg.banks; i++) {
+@@ -2365,6 +2429,7 @@
+ if (b->init)
+ wrmsrl(MSR_IA32_MCx_CTL(i), b->ctl);
+ }
++ __mcheck_cpu_init_timer();
+ }
+
+ /* Get notified when a cpu comes on/off. Be hotplug friendly. */
+@@ -2372,7 +2437,6 @@
+ mce_cpu_callback(struct notifier_block *nfb, unsigned long action, void *hcpu)
+ {
+ unsigned int cpu = (unsigned long)hcpu;
+- struct timer_list *t = &per_cpu(mce_timer, cpu);
+
+ switch (action & ~CPU_TASKS_FROZEN) {
+ case CPU_ONLINE:
+@@ -2392,11 +2456,9 @@
+ break;
+ case CPU_DOWN_PREPARE:
+ smp_call_function_single(cpu, mce_disable_cpu, &action, 1);
+- del_timer_sync(t);
+ break;
+ case CPU_DOWN_FAILED:
+ smp_call_function_single(cpu, mce_reenable_cpu, &action, 1);
+- mce_start_timer(cpu, t);
+ break;
+ }
+
+@@ -2471,8 +2533,15 @@
+ if (err)
+ goto err_register;
+
++ err = mce_notify_work_init();
++ if (err)
++ goto err_notify;
++
+ return 0;
+
++err_notify:
++ misc_deregister(&mce_chrdev_device);
++
+ err_register:
+ unregister_syscore_ops(&mce_syscore_ops);
+
+diff -Nur linux-3.18.9.orig/arch/x86/kernel/entry_32.S linux-3.18.9/arch/x86/kernel/entry_32.S
+--- linux-3.18.9.orig/arch/x86/kernel/entry_32.S 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/kernel/entry_32.S 2015-03-15 16:03:03.688094875 -0500
+@@ -359,8 +359,24 @@
+ ENTRY(resume_kernel)
+ DISABLE_INTERRUPTS(CLBR_ANY)
+ need_resched:
++ # preempt count == 0 + NEED_RS set?
+ cmpl $0,PER_CPU_VAR(__preempt_count)
++#ifndef CONFIG_PREEMPT_LAZY
+ jnz restore_all
++#else
++ jz test_int_off
++
++ # atleast preempt count == 0 ?
++ cmpl $_PREEMPT_ENABLED,PER_CPU_VAR(__preempt_count)
++ jne restore_all
++
++ cmpl $0,TI_preempt_lazy_count(%ebp) # non-zero preempt_lazy_count ?
++ jnz restore_all
++
++ testl $_TIF_NEED_RESCHED_LAZY, TI_flags(%ebp)
++ jz restore_all
++test_int_off:
++#endif
+ testl $X86_EFLAGS_IF,PT_EFLAGS(%esp) # interrupts off (exception path) ?
+ jz restore_all
+ call preempt_schedule_irq
+@@ -591,7 +607,7 @@
+ ALIGN
+ RING0_PTREGS_FRAME # can't unwind into user space anyway
+ work_pending:
+- testb $_TIF_NEED_RESCHED, %cl
++ testl $_TIF_NEED_RESCHED_MASK, %ecx
+ jz work_notifysig
+ work_resched:
+ call schedule
+@@ -604,7 +620,7 @@
+ andl $_TIF_WORK_MASK, %ecx # is there any work to be done other
+ # than syscall tracing?
+ jz restore_all
+- testb $_TIF_NEED_RESCHED, %cl
++ testl $_TIF_NEED_RESCHED_MASK, %ecx
+ jnz work_resched
+
+ work_notifysig: # deal with pending signals and
+diff -Nur linux-3.18.9.orig/arch/x86/kernel/entry_64.S linux-3.18.9/arch/x86/kernel/entry_64.S
+--- linux-3.18.9.orig/arch/x86/kernel/entry_64.S 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/kernel/entry_64.S 2015-03-15 16:03:03.688094875 -0500
+@@ -451,8 +451,8 @@
+ /* Handle reschedules */
+ /* edx: work, edi: workmask */
+ sysret_careful:
+- bt $TIF_NEED_RESCHED,%edx
+- jnc sysret_signal
++ testl $_TIF_NEED_RESCHED_MASK,%edx
++ jz sysret_signal
+ TRACE_IRQS_ON
+ ENABLE_INTERRUPTS(CLBR_NONE)
+ pushq_cfi %rdi
+@@ -551,8 +551,8 @@
+ /* First do a reschedule test. */
+ /* edx: work, edi: workmask */
+ int_careful:
+- bt $TIF_NEED_RESCHED,%edx
+- jnc int_very_careful
++ testl $_TIF_NEED_RESCHED_MASK,%edx
++ jz int_very_careful
+ TRACE_IRQS_ON
+ ENABLE_INTERRUPTS(CLBR_NONE)
+ pushq_cfi %rdi
+@@ -867,8 +867,8 @@
+ /* edi: workmask, edx: work */
+ retint_careful:
+ CFI_RESTORE_STATE
+- bt $TIF_NEED_RESCHED,%edx
+- jnc retint_signal
++ testl $_TIF_NEED_RESCHED_MASK,%edx
++ jz retint_signal
+ TRACE_IRQS_ON
+ ENABLE_INTERRUPTS(CLBR_NONE)
+ pushq_cfi %rdi
+@@ -900,7 +900,22 @@
+ /* rcx: threadinfo. interrupts off. */
+ ENTRY(retint_kernel)
+ cmpl $0,PER_CPU_VAR(__preempt_count)
++#ifndef CONFIG_PREEMPT_LAZY
+ jnz retint_restore_args
++#else
++ jz check_int_off
++
++ # atleast preempt count == 0 ?
++ cmpl $_PREEMPT_ENABLED,PER_CPU_VAR(__preempt_count)
++ jnz retint_restore_args
++
++ cmpl $0, TI_preempt_lazy_count(%rcx)
++ jnz retint_restore_args
++
++ bt $TIF_NEED_RESCHED_LAZY,TI_flags(%rcx)
++ jnc retint_restore_args
++check_int_off:
++#endif
+ bt $9,EFLAGS-ARGOFFSET(%rsp) /* interrupts off? */
+ jnc retint_restore_args
+ call preempt_schedule_irq
+@@ -1116,6 +1131,7 @@
+ jmp 2b
+ .previous
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ /* Call softirq on interrupt stack. Interrupts are off. */
+ ENTRY(do_softirq_own_stack)
+ CFI_STARTPROC
+@@ -1135,6 +1151,7 @@
+ ret
+ CFI_ENDPROC
+ END(do_softirq_own_stack)
++#endif
+
+ #ifdef CONFIG_XEN
+ idtentry xen_hypervisor_callback xen_do_hypervisor_callback has_error_code=0
+@@ -1299,7 +1316,7 @@
+ movq %rsp,%rdi /* &pt_regs */
+ call sync_regs
+ movq %rax,%rsp /* switch stack for scheduling */
+- testl $_TIF_NEED_RESCHED,%ebx
++ testl $_TIF_NEED_RESCHED_MASK,%ebx
+ jnz paranoid_schedule
+ movl %ebx,%edx /* arg3: thread flags */
+ TRACE_IRQS_ON
+diff -Nur linux-3.18.9.orig/arch/x86/kernel/irq_32.c linux-3.18.9/arch/x86/kernel/irq_32.c
+--- linux-3.18.9.orig/arch/x86/kernel/irq_32.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/kernel/irq_32.c 2015-03-15 16:03:03.688094875 -0500
+@@ -142,6 +142,7 @@
+ cpu, per_cpu(hardirq_stack, cpu), per_cpu(softirq_stack, cpu));
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ void do_softirq_own_stack(void)
+ {
+ struct thread_info *curstk;
+@@ -160,6 +161,7 @@
+
+ call_on_stack(__do_softirq, isp);
+ }
++#endif
+
+ bool handle_irq(unsigned irq, struct pt_regs *regs)
+ {
+diff -Nur linux-3.18.9.orig/arch/x86/kernel/irq_work.c linux-3.18.9/arch/x86/kernel/irq_work.c
+--- linux-3.18.9.orig/arch/x86/kernel/irq_work.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/kernel/irq_work.c 2015-03-15 16:03:03.688094875 -0500
+@@ -38,6 +38,7 @@
+ exiting_irq();
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ void arch_irq_work_raise(void)
+ {
+ #ifdef CONFIG_X86_LOCAL_APIC
+@@ -48,3 +49,4 @@
+ apic_wait_icr_idle();
+ #endif
+ }
++#endif
+diff -Nur linux-3.18.9.orig/arch/x86/kernel/process_32.c linux-3.18.9/arch/x86/kernel/process_32.c
+--- linux-3.18.9.orig/arch/x86/kernel/process_32.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/kernel/process_32.c 2015-03-15 16:03:03.688094875 -0500
+@@ -35,6 +35,7 @@
+ #include <linux/uaccess.h>
+ #include <linux/io.h>
+ #include <linux/kdebug.h>
++#include <linux/highmem.h>
+
+ #include <asm/pgtable.h>
+ #include <asm/ldt.h>
+@@ -214,6 +215,35 @@
+ }
+ EXPORT_SYMBOL_GPL(start_thread);
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++static void switch_kmaps(struct task_struct *prev_p, struct task_struct *next_p)
++{
++ int i;
++
++ /*
++ * Clear @prev's kmap_atomic mappings
++ */
++ for (i = 0; i < prev_p->kmap_idx; i++) {
++ int idx = i + KM_TYPE_NR * smp_processor_id();
++ pte_t *ptep = kmap_pte - idx;
++
++ kpte_clear_flush(ptep, __fix_to_virt(FIX_KMAP_BEGIN + idx));
++ }
++ /*
++ * Restore @next_p's kmap_atomic mappings
++ */
++ for (i = 0; i < next_p->kmap_idx; i++) {
++ int idx = i + KM_TYPE_NR * smp_processor_id();
++
++ if (!pte_none(next_p->kmap_pte[i]))
++ set_pte(kmap_pte - idx, next_p->kmap_pte[i]);
++ }
++}
++#else
++static inline void
++switch_kmaps(struct task_struct *prev_p, struct task_struct *next_p) { }
++#endif
++
+
+ /*
+ * switch_to(x,y) should switch tasks from x to y.
+@@ -301,6 +331,8 @@
+ task_thread_info(next_p)->flags & _TIF_WORK_CTXSW_NEXT))
+ __switch_to_xtra(prev_p, next_p, tss);
+
++ switch_kmaps(prev_p, next_p);
++
+ /*
+ * Leave lazy mode, flushing any hypercalls made here.
+ * This must be done before restoring TLS segments so
+diff -Nur linux-3.18.9.orig/arch/x86/kernel/signal.c linux-3.18.9/arch/x86/kernel/signal.c
+--- linux-3.18.9.orig/arch/x86/kernel/signal.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/kernel/signal.c 2015-03-15 16:03:03.688094875 -0500
+@@ -746,6 +746,14 @@
+ mce_notify_process();
+ #endif /* CONFIG_X86_64 && CONFIG_X86_MCE */
+
++#ifdef ARCH_RT_DELAYS_SIGNAL_SEND
++ if (unlikely(current->forced_info.si_signo)) {
++ struct task_struct *t = current;
++ force_sig_info(t->forced_info.si_signo, &t->forced_info, t);
++ t->forced_info.si_signo = 0;
++ }
++#endif
++
+ if (thread_info_flags & _TIF_UPROBE)
+ uprobe_notify_resume(regs);
+
+diff -Nur linux-3.18.9.orig/arch/x86/kernel/traps.c linux-3.18.9/arch/x86/kernel/traps.c
+--- linux-3.18.9.orig/arch/x86/kernel/traps.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/kernel/traps.c 2015-03-15 16:03:03.688094875 -0500
+@@ -87,9 +87,21 @@
+ local_irq_enable();
+ }
+
+-static inline void preempt_conditional_sti(struct pt_regs *regs)
++static inline void conditional_sti_ist(struct pt_regs *regs)
+ {
++#ifdef CONFIG_X86_64
++ /*
++ * X86_64 uses a per CPU stack on the IST for certain traps
++ * like int3. The task can not be preempted when using one
++ * of these stacks, thus preemption must be disabled, otherwise
++ * the stack can be corrupted if the task is scheduled out,
++ * and another task comes in and uses this stack.
++ *
++ * On x86_32 the task keeps its own stack and it is OK if the
++ * task schedules out.
++ */
+ preempt_count_inc();
++#endif
+ if (regs->flags & X86_EFLAGS_IF)
+ local_irq_enable();
+ }
+@@ -100,11 +112,13 @@
+ local_irq_disable();
+ }
+
+-static inline void preempt_conditional_cli(struct pt_regs *regs)
++static inline void conditional_cli_ist(struct pt_regs *regs)
+ {
+ if (regs->flags & X86_EFLAGS_IF)
+ local_irq_disable();
++#ifdef CONFIG_X86_64
+ preempt_count_dec();
++#endif
+ }
+
+ static nokprobe_inline int
+@@ -372,9 +386,9 @@
+ * as we may switch to the interrupt stack.
+ */
+ debug_stack_usage_inc();
+- preempt_conditional_sti(regs);
++ conditional_sti_ist(regs);
+ do_trap(X86_TRAP_BP, SIGTRAP, "int3", regs, error_code, NULL);
+- preempt_conditional_cli(regs);
++ conditional_cli_ist(regs);
+ debug_stack_usage_dec();
+ exit:
+ exception_exit(prev_state);
+@@ -517,12 +531,12 @@
+ debug_stack_usage_inc();
+
+ /* It's safe to allow irq's after DR6 has been saved */
+- preempt_conditional_sti(regs);
++ conditional_sti_ist(regs);
+
+ if (regs->flags & X86_VM_MASK) {
+ handle_vm86_trap((struct kernel_vm86_regs *) regs, error_code,
+ X86_TRAP_DB);
+- preempt_conditional_cli(regs);
++ conditional_cli_ist(regs);
+ debug_stack_usage_dec();
+ goto exit;
+ }
+@@ -542,7 +556,7 @@
+ si_code = get_si_code(tsk->thread.debugreg6);
+ if (tsk->thread.debugreg6 & (DR_STEP | DR_TRAP_BITS) || user_icebp)
+ send_sigtrap(tsk, regs, error_code, si_code);
+- preempt_conditional_cli(regs);
++ conditional_cli_ist(regs);
+ debug_stack_usage_dec();
+
+ exit:
+diff -Nur linux-3.18.9.orig/arch/x86/kvm/x86.c linux-3.18.9/arch/x86/kvm/x86.c
+--- linux-3.18.9.orig/arch/x86/kvm/x86.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/kvm/x86.c 2015-03-15 16:03:03.696094875 -0500
+@@ -5773,6 +5773,13 @@
+ goto out;
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++ if (!boot_cpu_has(X86_FEATURE_CONSTANT_TSC)) {
++ printk(KERN_ERR "RT requires X86_FEATURE_CONSTANT_TSC\n");
++ return -EOPNOTSUPP;
++ }
++#endif
++
+ r = kvm_mmu_module_init();
+ if (r)
+ goto out_free_percpu;
+diff -Nur linux-3.18.9.orig/arch/x86/kvm/x86.c.orig linux-3.18.9/arch/x86/kvm/x86.c.orig
+--- linux-3.18.9.orig/arch/x86/kvm/x86.c.orig 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/arch/x86/kvm/x86.c.orig 2015-03-06 16:53:42.000000000 -0600
+@@ -0,0 +1,7824 @@
++/*
++ * Kernel-based Virtual Machine driver for Linux
++ *
++ * derived from drivers/kvm/kvm_main.c
++ *
++ * Copyright (C) 2006 Qumranet, Inc.
++ * Copyright (C) 2008 Qumranet, Inc.
++ * Copyright IBM Corporation, 2008
++ * Copyright 2010 Red Hat, Inc. and/or its affiliates.
++ *
++ * Authors:
++ * Avi Kivity <avi@qumranet.com>
++ * Yaniv Kamay <yaniv@qumranet.com>
++ * Amit Shah <amit.shah@qumranet.com>
++ * Ben-Ami Yassour <benami@il.ibm.com>
++ *
++ * This work is licensed under the terms of the GNU GPL, version 2. See
++ * the COPYING file in the top-level directory.
++ *
++ */
++
++#include <linux/kvm_host.h>
++#include "irq.h"
++#include "mmu.h"
++#include "i8254.h"
++#include "tss.h"
++#include "kvm_cache_regs.h"
++#include "x86.h"
++#include "cpuid.h"
++
++#include <linux/clocksource.h>
++#include <linux/interrupt.h>
++#include <linux/kvm.h>
++#include <linux/fs.h>
++#include <linux/vmalloc.h>
++#include <linux/module.h>
++#include <linux/mman.h>
++#include <linux/highmem.h>
++#include <linux/iommu.h>
++#include <linux/intel-iommu.h>
++#include <linux/cpufreq.h>
++#include <linux/user-return-notifier.h>
++#include <linux/srcu.h>
++#include <linux/slab.h>
++#include <linux/perf_event.h>
++#include <linux/uaccess.h>
++#include <linux/hash.h>
++#include <linux/pci.h>
++#include <linux/timekeeper_internal.h>
++#include <linux/pvclock_gtod.h>
++#include <trace/events/kvm.h>
++
++#define CREATE_TRACE_POINTS
++#include "trace.h"
++
++#include <asm/debugreg.h>
++#include <asm/msr.h>
++#include <asm/desc.h>
++#include <asm/mtrr.h>
++#include <asm/mce.h>
++#include <asm/i387.h>
++#include <asm/fpu-internal.h> /* Ugh! */
++#include <asm/xcr.h>
++#include <asm/pvclock.h>
++#include <asm/div64.h>
++
++#define MAX_IO_MSRS 256
++#define KVM_MAX_MCE_BANKS 32
++#define KVM_MCE_CAP_SUPPORTED (MCG_CTL_P | MCG_SER_P)
++
++#define emul_to_vcpu(ctxt) \
++ container_of(ctxt, struct kvm_vcpu, arch.emulate_ctxt)
++
++/* EFER defaults:
++ * - enable syscall per default because its emulated by KVM
++ * - enable LME and LMA per default on 64 bit KVM
++ */
++#ifdef CONFIG_X86_64
++static
++u64 __read_mostly efer_reserved_bits = ~((u64)(EFER_SCE | EFER_LME | EFER_LMA));
++#else
++static u64 __read_mostly efer_reserved_bits = ~((u64)EFER_SCE);
++#endif
++
++#define VM_STAT(x) offsetof(struct kvm, stat.x), KVM_STAT_VM
++#define VCPU_STAT(x) offsetof(struct kvm_vcpu, stat.x), KVM_STAT_VCPU
++
++static void update_cr8_intercept(struct kvm_vcpu *vcpu);
++static void process_nmi(struct kvm_vcpu *vcpu);
++static void __kvm_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags);
++
++struct kvm_x86_ops *kvm_x86_ops;
++EXPORT_SYMBOL_GPL(kvm_x86_ops);
++
++static bool ignore_msrs = 0;
++module_param(ignore_msrs, bool, S_IRUGO | S_IWUSR);
++
++unsigned int min_timer_period_us = 500;
++module_param(min_timer_period_us, uint, S_IRUGO | S_IWUSR);
++
++bool kvm_has_tsc_control;
++EXPORT_SYMBOL_GPL(kvm_has_tsc_control);
++u32 kvm_max_guest_tsc_khz;
++EXPORT_SYMBOL_GPL(kvm_max_guest_tsc_khz);
++
++/* tsc tolerance in parts per million - default to 1/2 of the NTP threshold */
++static u32 tsc_tolerance_ppm = 250;
++module_param(tsc_tolerance_ppm, uint, S_IRUGO | S_IWUSR);
++
++static bool backwards_tsc_observed = false;
++
++#define KVM_NR_SHARED_MSRS 16
++
++struct kvm_shared_msrs_global {
++ int nr;
++ u32 msrs[KVM_NR_SHARED_MSRS];
++};
++
++struct kvm_shared_msrs {
++ struct user_return_notifier urn;
++ bool registered;
++ struct kvm_shared_msr_values {
++ u64 host;
++ u64 curr;
++ } values[KVM_NR_SHARED_MSRS];
++};
++
++static struct kvm_shared_msrs_global __read_mostly shared_msrs_global;
++static struct kvm_shared_msrs __percpu *shared_msrs;
++
++struct kvm_stats_debugfs_item debugfs_entries[] = {
++ { "pf_fixed", VCPU_STAT(pf_fixed) },
++ { "pf_guest", VCPU_STAT(pf_guest) },
++ { "tlb_flush", VCPU_STAT(tlb_flush) },
++ { "invlpg", VCPU_STAT(invlpg) },
++ { "exits", VCPU_STAT(exits) },
++ { "io_exits", VCPU_STAT(io_exits) },
++ { "mmio_exits", VCPU_STAT(mmio_exits) },
++ { "signal_exits", VCPU_STAT(signal_exits) },
++ { "irq_window", VCPU_STAT(irq_window_exits) },
++ { "nmi_window", VCPU_STAT(nmi_window_exits) },
++ { "halt_exits", VCPU_STAT(halt_exits) },
++ { "halt_wakeup", VCPU_STAT(halt_wakeup) },
++ { "hypercalls", VCPU_STAT(hypercalls) },
++ { "request_irq", VCPU_STAT(request_irq_exits) },
++ { "irq_exits", VCPU_STAT(irq_exits) },
++ { "host_state_reload", VCPU_STAT(host_state_reload) },
++ { "efer_reload", VCPU_STAT(efer_reload) },
++ { "fpu_reload", VCPU_STAT(fpu_reload) },
++ { "insn_emulation", VCPU_STAT(insn_emulation) },
++ { "insn_emulation_fail", VCPU_STAT(insn_emulation_fail) },
++ { "irq_injections", VCPU_STAT(irq_injections) },
++ { "nmi_injections", VCPU_STAT(nmi_injections) },
++ { "mmu_shadow_zapped", VM_STAT(mmu_shadow_zapped) },
++ { "mmu_pte_write", VM_STAT(mmu_pte_write) },
++ { "mmu_pte_updated", VM_STAT(mmu_pte_updated) },
++ { "mmu_pde_zapped", VM_STAT(mmu_pde_zapped) },
++ { "mmu_flooded", VM_STAT(mmu_flooded) },
++ { "mmu_recycled", VM_STAT(mmu_recycled) },
++ { "mmu_cache_miss", VM_STAT(mmu_cache_miss) },
++ { "mmu_unsync", VM_STAT(mmu_unsync) },
++ { "remote_tlb_flush", VM_STAT(remote_tlb_flush) },
++ { "largepages", VM_STAT(lpages) },
++ { NULL }
++};
++
++u64 __read_mostly host_xcr0;
++
++static int emulator_fix_hypercall(struct x86_emulate_ctxt *ctxt);
++
++static inline void kvm_async_pf_hash_reset(struct kvm_vcpu *vcpu)
++{
++ int i;
++ for (i = 0; i < roundup_pow_of_two(ASYNC_PF_PER_VCPU); i++)
++ vcpu->arch.apf.gfns[i] = ~0;
++}
++
++static void kvm_on_user_return(struct user_return_notifier *urn)
++{
++ unsigned slot;
++ struct kvm_shared_msrs *locals
++ = container_of(urn, struct kvm_shared_msrs, urn);
++ struct kvm_shared_msr_values *values;
++
++ for (slot = 0; slot < shared_msrs_global.nr; ++slot) {
++ values = &locals->values[slot];
++ if (values->host != values->curr) {
++ wrmsrl(shared_msrs_global.msrs[slot], values->host);
++ values->curr = values->host;
++ }
++ }
++ locals->registered = false;
++ user_return_notifier_unregister(urn);
++}
++
++static void shared_msr_update(unsigned slot, u32 msr)
++{
++ u64 value;
++ unsigned int cpu = smp_processor_id();
++ struct kvm_shared_msrs *smsr = per_cpu_ptr(shared_msrs, cpu);
++
++ /* only read, and nobody should modify it at this time,
++ * so don't need lock */
++ if (slot >= shared_msrs_global.nr) {
++ printk(KERN_ERR "kvm: invalid MSR slot!");
++ return;
++ }
++ rdmsrl_safe(msr, &value);
++ smsr->values[slot].host = value;
++ smsr->values[slot].curr = value;
++}
++
++void kvm_define_shared_msr(unsigned slot, u32 msr)
++{
++ BUG_ON(slot >= KVM_NR_SHARED_MSRS);
++ if (slot >= shared_msrs_global.nr)
++ shared_msrs_global.nr = slot + 1;
++ shared_msrs_global.msrs[slot] = msr;
++ /* we need ensured the shared_msr_global have been updated */
++ smp_wmb();
++}
++EXPORT_SYMBOL_GPL(kvm_define_shared_msr);
++
++static void kvm_shared_msr_cpu_online(void)
++{
++ unsigned i;
++
++ for (i = 0; i < shared_msrs_global.nr; ++i)
++ shared_msr_update(i, shared_msrs_global.msrs[i]);
++}
++
++int kvm_set_shared_msr(unsigned slot, u64 value, u64 mask)
++{
++ unsigned int cpu = smp_processor_id();
++ struct kvm_shared_msrs *smsr = per_cpu_ptr(shared_msrs, cpu);
++ int err;
++
++ if (((value ^ smsr->values[slot].curr) & mask) == 0)
++ return 0;
++ smsr->values[slot].curr = value;
++ err = wrmsrl_safe(shared_msrs_global.msrs[slot], value);
++ if (err)
++ return 1;
++
++ if (!smsr->registered) {
++ smsr->urn.on_user_return = kvm_on_user_return;
++ user_return_notifier_register(&smsr->urn);
++ smsr->registered = true;
++ }
++ return 0;
++}
++EXPORT_SYMBOL_GPL(kvm_set_shared_msr);
++
++static void drop_user_return_notifiers(void)
++{
++ unsigned int cpu = smp_processor_id();
++ struct kvm_shared_msrs *smsr = per_cpu_ptr(shared_msrs, cpu);
++
++ if (smsr->registered)
++ kvm_on_user_return(&smsr->urn);
++}
++
++u64 kvm_get_apic_base(struct kvm_vcpu *vcpu)
++{
++ return vcpu->arch.apic_base;
++}
++EXPORT_SYMBOL_GPL(kvm_get_apic_base);
++
++int kvm_set_apic_base(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
++{
++ u64 old_state = vcpu->arch.apic_base &
++ (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE);
++ u64 new_state = msr_info->data &
++ (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE);
++ u64 reserved_bits = ((~0ULL) << cpuid_maxphyaddr(vcpu)) |
++ 0x2ff | (guest_cpuid_has_x2apic(vcpu) ? 0 : X2APIC_ENABLE);
++
++ if (!msr_info->host_initiated &&
++ ((msr_info->data & reserved_bits) != 0 ||
++ new_state == X2APIC_ENABLE ||
++ (new_state == MSR_IA32_APICBASE_ENABLE &&
++ old_state == (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE)) ||
++ (new_state == (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE) &&
++ old_state == 0)))
++ return 1;
++
++ kvm_lapic_set_base(vcpu, msr_info->data);
++ return 0;
++}
++EXPORT_SYMBOL_GPL(kvm_set_apic_base);
++
++asmlinkage __visible void kvm_spurious_fault(void)
++{
++ /* Fault while not rebooting. We want the trace. */
++ BUG();
++}
++EXPORT_SYMBOL_GPL(kvm_spurious_fault);
++
++#define EXCPT_BENIGN 0
++#define EXCPT_CONTRIBUTORY 1
++#define EXCPT_PF 2
++
++static int exception_class(int vector)
++{
++ switch (vector) {
++ case PF_VECTOR:
++ return EXCPT_PF;
++ case DE_VECTOR:
++ case TS_VECTOR:
++ case NP_VECTOR:
++ case SS_VECTOR:
++ case GP_VECTOR:
++ return EXCPT_CONTRIBUTORY;
++ default:
++ break;
++ }
++ return EXCPT_BENIGN;
++}
++
++#define EXCPT_FAULT 0
++#define EXCPT_TRAP 1
++#define EXCPT_ABORT 2
++#define EXCPT_INTERRUPT 3
++
++static int exception_type(int vector)
++{
++ unsigned int mask;
++
++ if (WARN_ON(vector > 31 || vector == NMI_VECTOR))
++ return EXCPT_INTERRUPT;
++
++ mask = 1 << vector;
++
++ /* #DB is trap, as instruction watchpoints are handled elsewhere */
++ if (mask & ((1 << DB_VECTOR) | (1 << BP_VECTOR) | (1 << OF_VECTOR)))
++ return EXCPT_TRAP;
++
++ if (mask & ((1 << DF_VECTOR) | (1 << MC_VECTOR)))
++ return EXCPT_ABORT;
++
++ /* Reserved exceptions will result in fault */
++ return EXCPT_FAULT;
++}
++
++static void kvm_multiple_exception(struct kvm_vcpu *vcpu,
++ unsigned nr, bool has_error, u32 error_code,
++ bool reinject)
++{
++ u32 prev_nr;
++ int class1, class2;
++
++ kvm_make_request(KVM_REQ_EVENT, vcpu);
++
++ if (!vcpu->arch.exception.pending) {
++ queue:
++ vcpu->arch.exception.pending = true;
++ vcpu->arch.exception.has_error_code = has_error;
++ vcpu->arch.exception.nr = nr;
++ vcpu->arch.exception.error_code = error_code;
++ vcpu->arch.exception.reinject = reinject;
++ return;
++ }
++
++ /* to check exception */
++ prev_nr = vcpu->arch.exception.nr;
++ if (prev_nr == DF_VECTOR) {
++ /* triple fault -> shutdown */
++ kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu);
++ return;
++ }
++ class1 = exception_class(prev_nr);
++ class2 = exception_class(nr);
++ if ((class1 == EXCPT_CONTRIBUTORY && class2 == EXCPT_CONTRIBUTORY)
++ || (class1 == EXCPT_PF && class2 != EXCPT_BENIGN)) {
++ /* generate double fault per SDM Table 5-5 */
++ vcpu->arch.exception.pending = true;
++ vcpu->arch.exception.has_error_code = true;
++ vcpu->arch.exception.nr = DF_VECTOR;
++ vcpu->arch.exception.error_code = 0;
++ } else
++ /* replace previous exception with a new one in a hope
++ that instruction re-execution will regenerate lost
++ exception */
++ goto queue;
++}
++
++void kvm_queue_exception(struct kvm_vcpu *vcpu, unsigned nr)
++{
++ kvm_multiple_exception(vcpu, nr, false, 0, false);
++}
++EXPORT_SYMBOL_GPL(kvm_queue_exception);
++
++void kvm_requeue_exception(struct kvm_vcpu *vcpu, unsigned nr)
++{
++ kvm_multiple_exception(vcpu, nr, false, 0, true);
++}
++EXPORT_SYMBOL_GPL(kvm_requeue_exception);
++
++void kvm_complete_insn_gp(struct kvm_vcpu *vcpu, int err)
++{
++ if (err)
++ kvm_inject_gp(vcpu, 0);
++ else
++ kvm_x86_ops->skip_emulated_instruction(vcpu);
++}
++EXPORT_SYMBOL_GPL(kvm_complete_insn_gp);
++
++void kvm_inject_page_fault(struct kvm_vcpu *vcpu, struct x86_exception *fault)
++{
++ ++vcpu->stat.pf_guest;
++ vcpu->arch.cr2 = fault->address;
++ kvm_queue_exception_e(vcpu, PF_VECTOR, fault->error_code);
++}
++EXPORT_SYMBOL_GPL(kvm_inject_page_fault);
++
++static bool kvm_propagate_fault(struct kvm_vcpu *vcpu, struct x86_exception *fault)
++{
++ if (mmu_is_nested(vcpu) && !fault->nested_page_fault)
++ vcpu->arch.nested_mmu.inject_page_fault(vcpu, fault);
++ else
++ vcpu->arch.mmu.inject_page_fault(vcpu, fault);
++
++ return fault->nested_page_fault;
++}
++
++void kvm_inject_nmi(struct kvm_vcpu *vcpu)
++{
++ atomic_inc(&vcpu->arch.nmi_queued);
++ kvm_make_request(KVM_REQ_NMI, vcpu);
++}
++EXPORT_SYMBOL_GPL(kvm_inject_nmi);
++
++void kvm_queue_exception_e(struct kvm_vcpu *vcpu, unsigned nr, u32 error_code)
++{
++ kvm_multiple_exception(vcpu, nr, true, error_code, false);
++}
++EXPORT_SYMBOL_GPL(kvm_queue_exception_e);
++
++void kvm_requeue_exception_e(struct kvm_vcpu *vcpu, unsigned nr, u32 error_code)
++{
++ kvm_multiple_exception(vcpu, nr, true, error_code, true);
++}
++EXPORT_SYMBOL_GPL(kvm_requeue_exception_e);
++
++/*
++ * Checks if cpl <= required_cpl; if true, return true. Otherwise queue
++ * a #GP and return false.
++ */
++bool kvm_require_cpl(struct kvm_vcpu *vcpu, int required_cpl)
++{
++ if (kvm_x86_ops->get_cpl(vcpu) <= required_cpl)
++ return true;
++ kvm_queue_exception_e(vcpu, GP_VECTOR, 0);
++ return false;
++}
++EXPORT_SYMBOL_GPL(kvm_require_cpl);
++
++/*
++ * This function will be used to read from the physical memory of the currently
++ * running guest. The difference to kvm_read_guest_page is that this function
++ * can read from guest physical or from the guest's guest physical memory.
++ */
++int kvm_read_guest_page_mmu(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu,
++ gfn_t ngfn, void *data, int offset, int len,
++ u32 access)
++{
++ struct x86_exception exception;
++ gfn_t real_gfn;
++ gpa_t ngpa;
++
++ ngpa = gfn_to_gpa(ngfn);
++ real_gfn = mmu->translate_gpa(vcpu, ngpa, access, &exception);
++ if (real_gfn == UNMAPPED_GVA)
++ return -EFAULT;
++
++ real_gfn = gpa_to_gfn(real_gfn);
++
++ return kvm_read_guest_page(vcpu->kvm, real_gfn, data, offset, len);
++}
++EXPORT_SYMBOL_GPL(kvm_read_guest_page_mmu);
++
++int kvm_read_nested_guest_page(struct kvm_vcpu *vcpu, gfn_t gfn,
++ void *data, int offset, int len, u32 access)
++{
++ return kvm_read_guest_page_mmu(vcpu, vcpu->arch.walk_mmu, gfn,
++ data, offset, len, access);
++}
++
++/*
++ * Load the pae pdptrs. Return true is they are all valid.
++ */
++int load_pdptrs(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu, unsigned long cr3)
++{
++ gfn_t pdpt_gfn = cr3 >> PAGE_SHIFT;
++ unsigned offset = ((cr3 & (PAGE_SIZE-1)) >> 5) << 2;
++ int i;
++ int ret;
++ u64 pdpte[ARRAY_SIZE(mmu->pdptrs)];
++
++ ret = kvm_read_guest_page_mmu(vcpu, mmu, pdpt_gfn, pdpte,
++ offset * sizeof(u64), sizeof(pdpte),
++ PFERR_USER_MASK|PFERR_WRITE_MASK);
++ if (ret < 0) {
++ ret = 0;
++ goto out;
++ }
++ for (i = 0; i < ARRAY_SIZE(pdpte); ++i) {
++ if (is_present_gpte(pdpte[i]) &&
++ (pdpte[i] & vcpu->arch.mmu.rsvd_bits_mask[0][2])) {
++ ret = 0;
++ goto out;
++ }
++ }
++ ret = 1;
++
++ memcpy(mmu->pdptrs, pdpte, sizeof(mmu->pdptrs));
++ __set_bit(VCPU_EXREG_PDPTR,
++ (unsigned long *)&vcpu->arch.regs_avail);
++ __set_bit(VCPU_EXREG_PDPTR,
++ (unsigned long *)&vcpu->arch.regs_dirty);
++out:
++
++ return ret;
++}
++EXPORT_SYMBOL_GPL(load_pdptrs);
++
++static bool pdptrs_changed(struct kvm_vcpu *vcpu)
++{
++ u64 pdpte[ARRAY_SIZE(vcpu->arch.walk_mmu->pdptrs)];
++ bool changed = true;
++ int offset;
++ gfn_t gfn;
++ int r;
++
++ if (is_long_mode(vcpu) || !is_pae(vcpu))
++ return false;
++
++ if (!test_bit(VCPU_EXREG_PDPTR,
++ (unsigned long *)&vcpu->arch.regs_avail))
++ return true;
++
++ gfn = (kvm_read_cr3(vcpu) & ~31u) >> PAGE_SHIFT;
++ offset = (kvm_read_cr3(vcpu) & ~31u) & (PAGE_SIZE - 1);
++ r = kvm_read_nested_guest_page(vcpu, gfn, pdpte, offset, sizeof(pdpte),
++ PFERR_USER_MASK | PFERR_WRITE_MASK);
++ if (r < 0)
++ goto out;
++ changed = memcmp(pdpte, vcpu->arch.walk_mmu->pdptrs, sizeof(pdpte)) != 0;
++out:
++
++ return changed;
++}
++
++int kvm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0)
++{
++ unsigned long old_cr0 = kvm_read_cr0(vcpu);
++ unsigned long update_bits = X86_CR0_PG | X86_CR0_WP |
++ X86_CR0_CD | X86_CR0_NW;
++
++ cr0 |= X86_CR0_ET;
++
++#ifdef CONFIG_X86_64
++ if (cr0 & 0xffffffff00000000UL)
++ return 1;
++#endif
++
++ cr0 &= ~CR0_RESERVED_BITS;
++
++ if ((cr0 & X86_CR0_NW) && !(cr0 & X86_CR0_CD))
++ return 1;
++
++ if ((cr0 & X86_CR0_PG) && !(cr0 & X86_CR0_PE))
++ return 1;
++
++ if (!is_paging(vcpu) && (cr0 & X86_CR0_PG)) {
++#ifdef CONFIG_X86_64
++ if ((vcpu->arch.efer & EFER_LME)) {
++ int cs_db, cs_l;
++
++ if (!is_pae(vcpu))
++ return 1;
++ kvm_x86_ops->get_cs_db_l_bits(vcpu, &cs_db, &cs_l);
++ if (cs_l)
++ return 1;
++ } else
++#endif
++ if (is_pae(vcpu) && !load_pdptrs(vcpu, vcpu->arch.walk_mmu,
++ kvm_read_cr3(vcpu)))
++ return 1;
++ }
++
++ if (!(cr0 & X86_CR0_PG) && kvm_read_cr4_bits(vcpu, X86_CR4_PCIDE))
++ return 1;
++
++ kvm_x86_ops->set_cr0(vcpu, cr0);
++
++ if ((cr0 ^ old_cr0) & X86_CR0_PG) {
++ kvm_clear_async_pf_completion_queue(vcpu);
++ kvm_async_pf_hash_reset(vcpu);
++ }
++
++ if ((cr0 ^ old_cr0) & update_bits)
++ kvm_mmu_reset_context(vcpu);
++ return 0;
++}
++EXPORT_SYMBOL_GPL(kvm_set_cr0);
++
++void kvm_lmsw(struct kvm_vcpu *vcpu, unsigned long msw)
++{
++ (void)kvm_set_cr0(vcpu, kvm_read_cr0_bits(vcpu, ~0x0eul) | (msw & 0x0f));
++}
++EXPORT_SYMBOL_GPL(kvm_lmsw);
++
++static void kvm_load_guest_xcr0(struct kvm_vcpu *vcpu)
++{
++ if (kvm_read_cr4_bits(vcpu, X86_CR4_OSXSAVE) &&
++ !vcpu->guest_xcr0_loaded) {
++ /* kvm_set_xcr() also depends on this */
++ xsetbv(XCR_XFEATURE_ENABLED_MASK, vcpu->arch.xcr0);
++ vcpu->guest_xcr0_loaded = 1;
++ }
++}
++
++static void kvm_put_guest_xcr0(struct kvm_vcpu *vcpu)
++{
++ if (vcpu->guest_xcr0_loaded) {
++ if (vcpu->arch.xcr0 != host_xcr0)
++ xsetbv(XCR_XFEATURE_ENABLED_MASK, host_xcr0);
++ vcpu->guest_xcr0_loaded = 0;
++ }
++}
++
++int __kvm_set_xcr(struct kvm_vcpu *vcpu, u32 index, u64 xcr)
++{
++ u64 xcr0 = xcr;
++ u64 old_xcr0 = vcpu->arch.xcr0;
++ u64 valid_bits;
++
++ /* Only support XCR_XFEATURE_ENABLED_MASK(xcr0) now */
++ if (index != XCR_XFEATURE_ENABLED_MASK)
++ return 1;
++ if (!(xcr0 & XSTATE_FP))
++ return 1;
++ if ((xcr0 & XSTATE_YMM) && !(xcr0 & XSTATE_SSE))
++ return 1;
++
++ /*
++ * Do not allow the guest to set bits that we do not support
++ * saving. However, xcr0 bit 0 is always set, even if the
++ * emulated CPU does not support XSAVE (see fx_init).
++ */
++ valid_bits = vcpu->arch.guest_supported_xcr0 | XSTATE_FP;
++ if (xcr0 & ~valid_bits)
++ return 1;
++
++ if ((!(xcr0 & XSTATE_BNDREGS)) != (!(xcr0 & XSTATE_BNDCSR)))
++ return 1;
++
++ kvm_put_guest_xcr0(vcpu);
++ vcpu->arch.xcr0 = xcr0;
++
++ if ((xcr0 ^ old_xcr0) & XSTATE_EXTEND_MASK)
++ kvm_update_cpuid(vcpu);
++ return 0;
++}
++
++int kvm_set_xcr(struct kvm_vcpu *vcpu, u32 index, u64 xcr)
++{
++ if (kvm_x86_ops->get_cpl(vcpu) != 0 ||
++ __kvm_set_xcr(vcpu, index, xcr)) {
++ kvm_inject_gp(vcpu, 0);
++ return 1;
++ }
++ return 0;
++}
++EXPORT_SYMBOL_GPL(kvm_set_xcr);
++
++int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
++{
++ unsigned long old_cr4 = kvm_read_cr4(vcpu);
++ unsigned long pdptr_bits = X86_CR4_PGE | X86_CR4_PSE |
++ X86_CR4_PAE | X86_CR4_SMEP;
++ if (cr4 & CR4_RESERVED_BITS)
++ return 1;
++
++ if (!guest_cpuid_has_xsave(vcpu) && (cr4 & X86_CR4_OSXSAVE))
++ return 1;
++
++ if (!guest_cpuid_has_smep(vcpu) && (cr4 & X86_CR4_SMEP))
++ return 1;
++
++ if (!guest_cpuid_has_smap(vcpu) && (cr4 & X86_CR4_SMAP))
++ return 1;
++
++ if (!guest_cpuid_has_fsgsbase(vcpu) && (cr4 & X86_CR4_FSGSBASE))
++ return 1;
++
++ if (is_long_mode(vcpu)) {
++ if (!(cr4 & X86_CR4_PAE))
++ return 1;
++ } else if (is_paging(vcpu) && (cr4 & X86_CR4_PAE)
++ && ((cr4 ^ old_cr4) & pdptr_bits)
++ && !load_pdptrs(vcpu, vcpu->arch.walk_mmu,
++ kvm_read_cr3(vcpu)))
++ return 1;
++
++ if ((cr4 & X86_CR4_PCIDE) && !(old_cr4 & X86_CR4_PCIDE)) {
++ if (!guest_cpuid_has_pcid(vcpu))
++ return 1;
++
++ /* PCID can not be enabled when cr3[11:0]!=000H or EFER.LMA=0 */
++ if ((kvm_read_cr3(vcpu) & X86_CR3_PCID_MASK) || !is_long_mode(vcpu))
++ return 1;
++ }
++
++ if (kvm_x86_ops->set_cr4(vcpu, cr4))
++ return 1;
++
++ if (((cr4 ^ old_cr4) & pdptr_bits) ||
++ (!(cr4 & X86_CR4_PCIDE) && (old_cr4 & X86_CR4_PCIDE)))
++ kvm_mmu_reset_context(vcpu);
++
++ if ((cr4 ^ old_cr4) & X86_CR4_SMAP)
++ update_permission_bitmask(vcpu, vcpu->arch.walk_mmu, false);
++
++ if ((cr4 ^ old_cr4) & X86_CR4_OSXSAVE)
++ kvm_update_cpuid(vcpu);
++
++ return 0;
++}
++EXPORT_SYMBOL_GPL(kvm_set_cr4);
++
++int kvm_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3)
++{
++ if (cr3 == kvm_read_cr3(vcpu) && !pdptrs_changed(vcpu)) {
++ kvm_mmu_sync_roots(vcpu);
++ kvm_make_request(KVM_REQ_TLB_FLUSH, vcpu);
++ return 0;
++ }
++
++ if (is_long_mode(vcpu)) {
++ if (cr3 & CR3_L_MODE_RESERVED_BITS)
++ return 1;
++ } else if (is_pae(vcpu) && is_paging(vcpu) &&
++ !load_pdptrs(vcpu, vcpu->arch.walk_mmu, cr3))
++ return 1;
++
++ vcpu->arch.cr3 = cr3;
++ __set_bit(VCPU_EXREG_CR3, (ulong *)&vcpu->arch.regs_avail);
++ kvm_mmu_new_cr3(vcpu);
++ return 0;
++}
++EXPORT_SYMBOL_GPL(kvm_set_cr3);
++
++int kvm_set_cr8(struct kvm_vcpu *vcpu, unsigned long cr8)
++{
++ if (cr8 & CR8_RESERVED_BITS)
++ return 1;
++ if (irqchip_in_kernel(vcpu->kvm))
++ kvm_lapic_set_tpr(vcpu, cr8);
++ else
++ vcpu->arch.cr8 = cr8;
++ return 0;
++}
++EXPORT_SYMBOL_GPL(kvm_set_cr8);
++
++unsigned long kvm_get_cr8(struct kvm_vcpu *vcpu)
++{
++ if (irqchip_in_kernel(vcpu->kvm))
++ return kvm_lapic_get_cr8(vcpu);
++ else
++ return vcpu->arch.cr8;
++}
++EXPORT_SYMBOL_GPL(kvm_get_cr8);
++
++static void kvm_update_dr6(struct kvm_vcpu *vcpu)
++{
++ if (!(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP))
++ kvm_x86_ops->set_dr6(vcpu, vcpu->arch.dr6);
++}
++
++static void kvm_update_dr7(struct kvm_vcpu *vcpu)
++{
++ unsigned long dr7;
++
++ if (vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP)
++ dr7 = vcpu->arch.guest_debug_dr7;
++ else
++ dr7 = vcpu->arch.dr7;
++ kvm_x86_ops->set_dr7(vcpu, dr7);
++ vcpu->arch.switch_db_regs &= ~KVM_DEBUGREG_BP_ENABLED;
++ if (dr7 & DR7_BP_EN_MASK)
++ vcpu->arch.switch_db_regs |= KVM_DEBUGREG_BP_ENABLED;
++}
++
++static u64 kvm_dr6_fixed(struct kvm_vcpu *vcpu)
++{
++ u64 fixed = DR6_FIXED_1;
++
++ if (!guest_cpuid_has_rtm(vcpu))
++ fixed |= DR6_RTM;
++ return fixed;
++}
++
++static int __kvm_set_dr(struct kvm_vcpu *vcpu, int dr, unsigned long val)
++{
++ switch (dr) {
++ case 0 ... 3:
++ vcpu->arch.db[dr] = val;
++ if (!(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP))
++ vcpu->arch.eff_db[dr] = val;
++ break;
++ case 4:
++ if (kvm_read_cr4_bits(vcpu, X86_CR4_DE))
++ return 1; /* #UD */
++ /* fall through */
++ case 6:
++ if (val & 0xffffffff00000000ULL)
++ return -1; /* #GP */
++ vcpu->arch.dr6 = (val & DR6_VOLATILE) | kvm_dr6_fixed(vcpu);
++ kvm_update_dr6(vcpu);
++ break;
++ case 5:
++ if (kvm_read_cr4_bits(vcpu, X86_CR4_DE))
++ return 1; /* #UD */
++ /* fall through */
++ default: /* 7 */
++ if (val & 0xffffffff00000000ULL)
++ return -1; /* #GP */
++ vcpu->arch.dr7 = (val & DR7_VOLATILE) | DR7_FIXED_1;
++ kvm_update_dr7(vcpu);
++ break;
++ }
++
++ return 0;
++}
++
++int kvm_set_dr(struct kvm_vcpu *vcpu, int dr, unsigned long val)
++{
++ int res;
++
++ res = __kvm_set_dr(vcpu, dr, val);
++ if (res > 0)
++ kvm_queue_exception(vcpu, UD_VECTOR);
++ else if (res < 0)
++ kvm_inject_gp(vcpu, 0);
++
++ return res;
++}
++EXPORT_SYMBOL_GPL(kvm_set_dr);
++
++static int _kvm_get_dr(struct kvm_vcpu *vcpu, int dr, unsigned long *val)
++{
++ switch (dr) {
++ case 0 ... 3:
++ *val = vcpu->arch.db[dr];
++ break;
++ case 4:
++ if (kvm_read_cr4_bits(vcpu, X86_CR4_DE))
++ return 1;
++ /* fall through */
++ case 6:
++ if (vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP)
++ *val = vcpu->arch.dr6;
++ else
++ *val = kvm_x86_ops->get_dr6(vcpu);
++ break;
++ case 5:
++ if (kvm_read_cr4_bits(vcpu, X86_CR4_DE))
++ return 1;
++ /* fall through */
++ default: /* 7 */
++ *val = vcpu->arch.dr7;
++ break;
++ }
++
++ return 0;
++}
++
++int kvm_get_dr(struct kvm_vcpu *vcpu, int dr, unsigned long *val)
++{
++ if (_kvm_get_dr(vcpu, dr, val)) {
++ kvm_queue_exception(vcpu, UD_VECTOR);
++ return 1;
++ }
++ return 0;
++}
++EXPORT_SYMBOL_GPL(kvm_get_dr);
++
++bool kvm_rdpmc(struct kvm_vcpu *vcpu)
++{
++ u32 ecx = kvm_register_read(vcpu, VCPU_REGS_RCX);
++ u64 data;
++ int err;
++
++ err = kvm_pmu_read_pmc(vcpu, ecx, &data);
++ if (err)
++ return err;
++ kvm_register_write(vcpu, VCPU_REGS_RAX, (u32)data);
++ kvm_register_write(vcpu, VCPU_REGS_RDX, data >> 32);
++ return err;
++}
++EXPORT_SYMBOL_GPL(kvm_rdpmc);
++
++/*
++ * List of msr numbers which we expose to userspace through KVM_GET_MSRS
++ * and KVM_SET_MSRS, and KVM_GET_MSR_INDEX_LIST.
++ *
++ * This list is modified at module load time to reflect the
++ * capabilities of the host cpu. This capabilities test skips MSRs that are
++ * kvm-specific. Those are put in the beginning of the list.
++ */
++
++#define KVM_SAVE_MSRS_BEGIN 12
++static u32 msrs_to_save[] = {
++ MSR_KVM_SYSTEM_TIME, MSR_KVM_WALL_CLOCK,
++ MSR_KVM_SYSTEM_TIME_NEW, MSR_KVM_WALL_CLOCK_NEW,
++ HV_X64_MSR_GUEST_OS_ID, HV_X64_MSR_HYPERCALL,
++ HV_X64_MSR_TIME_REF_COUNT, HV_X64_MSR_REFERENCE_TSC,
++ HV_X64_MSR_APIC_ASSIST_PAGE, MSR_KVM_ASYNC_PF_EN, MSR_KVM_STEAL_TIME,
++ MSR_KVM_PV_EOI_EN,
++ MSR_IA32_SYSENTER_CS, MSR_IA32_SYSENTER_ESP, MSR_IA32_SYSENTER_EIP,
++ MSR_STAR,
++#ifdef CONFIG_X86_64
++ MSR_CSTAR, MSR_KERNEL_GS_BASE, MSR_SYSCALL_MASK, MSR_LSTAR,
++#endif
++ MSR_IA32_TSC, MSR_IA32_CR_PAT, MSR_VM_HSAVE_PA,
++ MSR_IA32_FEATURE_CONTROL, MSR_IA32_BNDCFGS
++};
++
++static unsigned num_msrs_to_save;
++
++static const u32 emulated_msrs[] = {
++ MSR_IA32_TSC_ADJUST,
++ MSR_IA32_TSCDEADLINE,
++ MSR_IA32_MISC_ENABLE,
++ MSR_IA32_MCG_STATUS,
++ MSR_IA32_MCG_CTL,
++};
++
++bool kvm_valid_efer(struct kvm_vcpu *vcpu, u64 efer)
++{
++ if (efer & efer_reserved_bits)
++ return false;
++
++ if (efer & EFER_FFXSR) {
++ struct kvm_cpuid_entry2 *feat;
++
++ feat = kvm_find_cpuid_entry(vcpu, 0x80000001, 0);
++ if (!feat || !(feat->edx & bit(X86_FEATURE_FXSR_OPT)))
++ return false;
++ }
++
++ if (efer & EFER_SVME) {
++ struct kvm_cpuid_entry2 *feat;
++
++ feat = kvm_find_cpuid_entry(vcpu, 0x80000001, 0);
++ if (!feat || !(feat->ecx & bit(X86_FEATURE_SVM)))
++ return false;
++ }
++
++ return true;
++}
++EXPORT_SYMBOL_GPL(kvm_valid_efer);
++
++static int set_efer(struct kvm_vcpu *vcpu, u64 efer)
++{
++ u64 old_efer = vcpu->arch.efer;
++
++ if (!kvm_valid_efer(vcpu, efer))
++ return 1;
++
++ if (is_paging(vcpu)
++ && (vcpu->arch.efer & EFER_LME) != (efer & EFER_LME))
++ return 1;
++
++ efer &= ~EFER_LMA;
++ efer |= vcpu->arch.efer & EFER_LMA;
++
++ kvm_x86_ops->set_efer(vcpu, efer);
++
++ /* Update reserved bits */
++ if ((efer ^ old_efer) & EFER_NX)
++ kvm_mmu_reset_context(vcpu);
++
++ return 0;
++}
++
++void kvm_enable_efer_bits(u64 mask)
++{
++ efer_reserved_bits &= ~mask;
++}
++EXPORT_SYMBOL_GPL(kvm_enable_efer_bits);
++
++/*
++ * Writes msr value into into the appropriate "register".
++ * Returns 0 on success, non-0 otherwise.
++ * Assumes vcpu_load() was already called.
++ */
++int kvm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr)
++{
++ switch (msr->index) {
++ case MSR_FS_BASE:
++ case MSR_GS_BASE:
++ case MSR_KERNEL_GS_BASE:
++ case MSR_CSTAR:
++ case MSR_LSTAR:
++ if (is_noncanonical_address(msr->data))
++ return 1;
++ break;
++ case MSR_IA32_SYSENTER_EIP:
++ case MSR_IA32_SYSENTER_ESP:
++ /*
++ * IA32_SYSENTER_ESP and IA32_SYSENTER_EIP cause #GP if
++ * non-canonical address is written on Intel but not on
++ * AMD (which ignores the top 32-bits, because it does
++ * not implement 64-bit SYSENTER).
++ *
++ * 64-bit code should hence be able to write a non-canonical
++ * value on AMD. Making the address canonical ensures that
++ * vmentry does not fail on Intel after writing a non-canonical
++ * value, and that something deterministic happens if the guest
++ * invokes 64-bit SYSENTER.
++ */
++ msr->data = get_canonical(msr->data);
++ }
++ return kvm_x86_ops->set_msr(vcpu, msr);
++}
++EXPORT_SYMBOL_GPL(kvm_set_msr);
++
++/*
++ * Adapt set_msr() to msr_io()'s calling convention
++ */
++static int do_set_msr(struct kvm_vcpu *vcpu, unsigned index, u64 *data)
++{
++ struct msr_data msr;
++
++ msr.data = *data;
++ msr.index = index;
++ msr.host_initiated = true;
++ return kvm_set_msr(vcpu, &msr);
++}
++
++#ifdef CONFIG_X86_64
++struct pvclock_gtod_data {
++ seqcount_t seq;
++
++ struct { /* extract of a clocksource struct */
++ int vclock_mode;
++ cycle_t cycle_last;
++ cycle_t mask;
++ u32 mult;
++ u32 shift;
++ } clock;
++
++ u64 boot_ns;
++ u64 nsec_base;
++};
++
++static struct pvclock_gtod_data pvclock_gtod_data;
++
++static void update_pvclock_gtod(struct timekeeper *tk)
++{
++ struct pvclock_gtod_data *vdata = &pvclock_gtod_data;
++ u64 boot_ns;
++
++ boot_ns = ktime_to_ns(ktime_add(tk->tkr.base_mono, tk->offs_boot));
++
++ write_seqcount_begin(&vdata->seq);
++
++ /* copy pvclock gtod data */
++ vdata->clock.vclock_mode = tk->tkr.clock->archdata.vclock_mode;
++ vdata->clock.cycle_last = tk->tkr.cycle_last;
++ vdata->clock.mask = tk->tkr.mask;
++ vdata->clock.mult = tk->tkr.mult;
++ vdata->clock.shift = tk->tkr.shift;
++
++ vdata->boot_ns = boot_ns;
++ vdata->nsec_base = tk->tkr.xtime_nsec;
++
++ write_seqcount_end(&vdata->seq);
++}
++#endif
++
++
++static void kvm_write_wall_clock(struct kvm *kvm, gpa_t wall_clock)
++{
++ int version;
++ int r;
++ struct pvclock_wall_clock wc;
++ struct timespec boot;
++
++ if (!wall_clock)
++ return;
++
++ r = kvm_read_guest(kvm, wall_clock, &version, sizeof(version));
++ if (r)
++ return;
++
++ if (version & 1)
++ ++version; /* first time write, random junk */
++
++ ++version;
++
++ kvm_write_guest(kvm, wall_clock, &version, sizeof(version));
++
++ /*
++ * The guest calculates current wall clock time by adding
++ * system time (updated by kvm_guest_time_update below) to the
++ * wall clock specified here. guest system time equals host
++ * system time for us, thus we must fill in host boot time here.
++ */
++ getboottime(&boot);
++
++ if (kvm->arch.kvmclock_offset) {
++ struct timespec ts = ns_to_timespec(kvm->arch.kvmclock_offset);
++ boot = timespec_sub(boot, ts);
++ }
++ wc.sec = boot.tv_sec;
++ wc.nsec = boot.tv_nsec;
++ wc.version = version;
++
++ kvm_write_guest(kvm, wall_clock, &wc, sizeof(wc));
++
++ version++;
++ kvm_write_guest(kvm, wall_clock, &version, sizeof(version));
++}
++
++static uint32_t div_frac(uint32_t dividend, uint32_t divisor)
++{
++ uint32_t quotient, remainder;
++
++ /* Don't try to replace with do_div(), this one calculates
++ * "(dividend << 32) / divisor" */
++ __asm__ ( "divl %4"
++ : "=a" (quotient), "=d" (remainder)
++ : "0" (0), "1" (dividend), "r" (divisor) );
++ return quotient;
++}
++
++static void kvm_get_time_scale(uint32_t scaled_khz, uint32_t base_khz,
++ s8 *pshift, u32 *pmultiplier)
++{
++ uint64_t scaled64;
++ int32_t shift = 0;
++ uint64_t tps64;
++ uint32_t tps32;
++
++ tps64 = base_khz * 1000LL;
++ scaled64 = scaled_khz * 1000LL;
++ while (tps64 > scaled64*2 || tps64 & 0xffffffff00000000ULL) {
++ tps64 >>= 1;
++ shift--;
++ }
++
++ tps32 = (uint32_t)tps64;
++ while (tps32 <= scaled64 || scaled64 & 0xffffffff00000000ULL) {
++ if (scaled64 & 0xffffffff00000000ULL || tps32 & 0x80000000)
++ scaled64 >>= 1;
++ else
++ tps32 <<= 1;
++ shift++;
++ }
++
++ *pshift = shift;
++ *pmultiplier = div_frac(scaled64, tps32);
++
++ pr_debug("%s: base_khz %u => %u, shift %d, mul %u\n",
++ __func__, base_khz, scaled_khz, shift, *pmultiplier);
++}
++
++static inline u64 get_kernel_ns(void)
++{
++ return ktime_get_boot_ns();
++}
++
++#ifdef CONFIG_X86_64
++static atomic_t kvm_guest_has_master_clock = ATOMIC_INIT(0);
++#endif
++
++static DEFINE_PER_CPU(unsigned long, cpu_tsc_khz);
++unsigned long max_tsc_khz;
++
++static inline u64 nsec_to_cycles(struct kvm_vcpu *vcpu, u64 nsec)
++{
++ return pvclock_scale_delta(nsec, vcpu->arch.virtual_tsc_mult,
++ vcpu->arch.virtual_tsc_shift);
++}
++
++static u32 adjust_tsc_khz(u32 khz, s32 ppm)
++{
++ u64 v = (u64)khz * (1000000 + ppm);
++ do_div(v, 1000000);
++ return v;
++}
++
++static void kvm_set_tsc_khz(struct kvm_vcpu *vcpu, u32 this_tsc_khz)
++{
++ u32 thresh_lo, thresh_hi;
++ int use_scaling = 0;
++
++ /* tsc_khz can be zero if TSC calibration fails */
++ if (this_tsc_khz == 0)
++ return;
++
++ /* Compute a scale to convert nanoseconds in TSC cycles */
++ kvm_get_time_scale(this_tsc_khz, NSEC_PER_SEC / 1000,
++ &vcpu->arch.virtual_tsc_shift,
++ &vcpu->arch.virtual_tsc_mult);
++ vcpu->arch.virtual_tsc_khz = this_tsc_khz;
++
++ /*
++ * Compute the variation in TSC rate which is acceptable
++ * within the range of tolerance and decide if the
++ * rate being applied is within that bounds of the hardware
++ * rate. If so, no scaling or compensation need be done.
++ */
++ thresh_lo = adjust_tsc_khz(tsc_khz, -tsc_tolerance_ppm);
++ thresh_hi = adjust_tsc_khz(tsc_khz, tsc_tolerance_ppm);
++ if (this_tsc_khz < thresh_lo || this_tsc_khz > thresh_hi) {
++ pr_debug("kvm: requested TSC rate %u falls outside tolerance [%u,%u]\n", this_tsc_khz, thresh_lo, thresh_hi);
++ use_scaling = 1;
++ }
++ kvm_x86_ops->set_tsc_khz(vcpu, this_tsc_khz, use_scaling);
++}
++
++static u64 compute_guest_tsc(struct kvm_vcpu *vcpu, s64 kernel_ns)
++{
++ u64 tsc = pvclock_scale_delta(kernel_ns-vcpu->arch.this_tsc_nsec,
++ vcpu->arch.virtual_tsc_mult,
++ vcpu->arch.virtual_tsc_shift);
++ tsc += vcpu->arch.this_tsc_write;
++ return tsc;
++}
++
++void kvm_track_tsc_matching(struct kvm_vcpu *vcpu)
++{
++#ifdef CONFIG_X86_64
++ bool vcpus_matched;
++ struct kvm_arch *ka = &vcpu->kvm->arch;
++ struct pvclock_gtod_data *gtod = &pvclock_gtod_data;
++
++ vcpus_matched = (ka->nr_vcpus_matched_tsc + 1 ==
++ atomic_read(&vcpu->kvm->online_vcpus));
++
++ /*
++ * Once the masterclock is enabled, always perform request in
++ * order to update it.
++ *
++ * In order to enable masterclock, the host clocksource must be TSC
++ * and the vcpus need to have matched TSCs. When that happens,
++ * perform request to enable masterclock.
++ */
++ if (ka->use_master_clock ||
++ (gtod->clock.vclock_mode == VCLOCK_TSC && vcpus_matched))
++ kvm_make_request(KVM_REQ_MASTERCLOCK_UPDATE, vcpu);
++
++ trace_kvm_track_tsc(vcpu->vcpu_id, ka->nr_vcpus_matched_tsc,
++ atomic_read(&vcpu->kvm->online_vcpus),
++ ka->use_master_clock, gtod->clock.vclock_mode);
++#endif
++}
++
++static void update_ia32_tsc_adjust_msr(struct kvm_vcpu *vcpu, s64 offset)
++{
++ u64 curr_offset = kvm_x86_ops->read_tsc_offset(vcpu);
++ vcpu->arch.ia32_tsc_adjust_msr += offset - curr_offset;
++}
++
++void kvm_write_tsc(struct kvm_vcpu *vcpu, struct msr_data *msr)
++{
++ struct kvm *kvm = vcpu->kvm;
++ u64 offset, ns, elapsed;
++ unsigned long flags;
++ s64 usdiff;
++ bool matched;
++ bool already_matched;
++ u64 data = msr->data;
++
++ raw_spin_lock_irqsave(&kvm->arch.tsc_write_lock, flags);
++ offset = kvm_x86_ops->compute_tsc_offset(vcpu, data);
++ ns = get_kernel_ns();
++ elapsed = ns - kvm->arch.last_tsc_nsec;
++
++ if (vcpu->arch.virtual_tsc_khz) {
++ int faulted = 0;
++
++ /* n.b - signed multiplication and division required */
++ usdiff = data - kvm->arch.last_tsc_write;
++#ifdef CONFIG_X86_64
++ usdiff = (usdiff * 1000) / vcpu->arch.virtual_tsc_khz;
++#else
++ /* do_div() only does unsigned */
++ asm("1: idivl %[divisor]\n"
++ "2: xor %%edx, %%edx\n"
++ " movl $0, %[faulted]\n"
++ "3:\n"
++ ".section .fixup,\"ax\"\n"
++ "4: movl $1, %[faulted]\n"
++ " jmp 3b\n"
++ ".previous\n"
++
++ _ASM_EXTABLE(1b, 4b)
++
++ : "=A"(usdiff), [faulted] "=r" (faulted)
++ : "A"(usdiff * 1000), [divisor] "rm"(vcpu->arch.virtual_tsc_khz));
++
++#endif
++ do_div(elapsed, 1000);
++ usdiff -= elapsed;
++ if (usdiff < 0)
++ usdiff = -usdiff;
++
++ /* idivl overflow => difference is larger than USEC_PER_SEC */
++ if (faulted)
++ usdiff = USEC_PER_SEC;
++ } else
++ usdiff = USEC_PER_SEC; /* disable TSC match window below */
++
++ /*
++ * Special case: TSC write with a small delta (1 second) of virtual
++ * cycle time against real time is interpreted as an attempt to
++ * synchronize the CPU.
++ *
++ * For a reliable TSC, we can match TSC offsets, and for an unstable
++ * TSC, we add elapsed time in this computation. We could let the
++ * compensation code attempt to catch up if we fall behind, but
++ * it's better to try to match offsets from the beginning.
++ */
++ if (usdiff < USEC_PER_SEC &&
++ vcpu->arch.virtual_tsc_khz == kvm->arch.last_tsc_khz) {
++ if (!check_tsc_unstable()) {
++ offset = kvm->arch.cur_tsc_offset;
++ pr_debug("kvm: matched tsc offset for %llu\n", data);
++ } else {
++ u64 delta = nsec_to_cycles(vcpu, elapsed);
++ data += delta;
++ offset = kvm_x86_ops->compute_tsc_offset(vcpu, data);
++ pr_debug("kvm: adjusted tsc offset by %llu\n", delta);
++ }
++ matched = true;
++ already_matched = (vcpu->arch.this_tsc_generation == kvm->arch.cur_tsc_generation);
++ } else {
++ /*
++ * We split periods of matched TSC writes into generations.
++ * For each generation, we track the original measured
++ * nanosecond time, offset, and write, so if TSCs are in
++ * sync, we can match exact offset, and if not, we can match
++ * exact software computation in compute_guest_tsc()
++ *
++ * These values are tracked in kvm->arch.cur_xxx variables.
++ */
++ kvm->arch.cur_tsc_generation++;
++ kvm->arch.cur_tsc_nsec = ns;
++ kvm->arch.cur_tsc_write = data;
++ kvm->arch.cur_tsc_offset = offset;
++ matched = false;
++ pr_debug("kvm: new tsc generation %llu, clock %llu\n",
++ kvm->arch.cur_tsc_generation, data);
++ }
++
++ /*
++ * We also track th most recent recorded KHZ, write and time to
++ * allow the matching interval to be extended at each write.
++ */
++ kvm->arch.last_tsc_nsec = ns;
++ kvm->arch.last_tsc_write = data;
++ kvm->arch.last_tsc_khz = vcpu->arch.virtual_tsc_khz;
++
++ vcpu->arch.last_guest_tsc = data;
++
++ /* Keep track of which generation this VCPU has synchronized to */
++ vcpu->arch.this_tsc_generation = kvm->arch.cur_tsc_generation;
++ vcpu->arch.this_tsc_nsec = kvm->arch.cur_tsc_nsec;
++ vcpu->arch.this_tsc_write = kvm->arch.cur_tsc_write;
++
++ if (guest_cpuid_has_tsc_adjust(vcpu) && !msr->host_initiated)
++ update_ia32_tsc_adjust_msr(vcpu, offset);
++ kvm_x86_ops->write_tsc_offset(vcpu, offset);
++ raw_spin_unlock_irqrestore(&kvm->arch.tsc_write_lock, flags);
++
++ spin_lock(&kvm->arch.pvclock_gtod_sync_lock);
++ if (!matched) {
++ kvm->arch.nr_vcpus_matched_tsc = 0;
++ } else if (!already_matched) {
++ kvm->arch.nr_vcpus_matched_tsc++;
++ }
++
++ kvm_track_tsc_matching(vcpu);
++ spin_unlock(&kvm->arch.pvclock_gtod_sync_lock);
++}
++
++EXPORT_SYMBOL_GPL(kvm_write_tsc);
++
++#ifdef CONFIG_X86_64
++
++static cycle_t read_tsc(void)
++{
++ cycle_t ret;
++ u64 last;
++
++ /*
++ * Empirically, a fence (of type that depends on the CPU)
++ * before rdtsc is enough to ensure that rdtsc is ordered
++ * with respect to loads. The various CPU manuals are unclear
++ * as to whether rdtsc can be reordered with later loads,
++ * but no one has ever seen it happen.
++ */
++ rdtsc_barrier();
++ ret = (cycle_t)vget_cycles();
++
++ last = pvclock_gtod_data.clock.cycle_last;
++
++ if (likely(ret >= last))
++ return ret;
++
++ /*
++ * GCC likes to generate cmov here, but this branch is extremely
++ * predictable (it's just a funciton of time and the likely is
++ * very likely) and there's a data dependence, so force GCC
++ * to generate a branch instead. I don't barrier() because
++ * we don't actually need a barrier, and if this function
++ * ever gets inlined it will generate worse code.
++ */
++ asm volatile ("");
++ return last;
++}
++
++static inline u64 vgettsc(cycle_t *cycle_now)
++{
++ long v;
++ struct pvclock_gtod_data *gtod = &pvclock_gtod_data;
++
++ *cycle_now = read_tsc();
++
++ v = (*cycle_now - gtod->clock.cycle_last) & gtod->clock.mask;
++ return v * gtod->clock.mult;
++}
++
++static int do_monotonic_boot(s64 *t, cycle_t *cycle_now)
++{
++ struct pvclock_gtod_data *gtod = &pvclock_gtod_data;
++ unsigned long seq;
++ int mode;
++ u64 ns;
++
++ do {
++ seq = read_seqcount_begin(&gtod->seq);
++ mode = gtod->clock.vclock_mode;
++ ns = gtod->nsec_base;
++ ns += vgettsc(cycle_now);
++ ns >>= gtod->clock.shift;
++ ns += gtod->boot_ns;
++ } while (unlikely(read_seqcount_retry(&gtod->seq, seq)));
++ *t = ns;
++
++ return mode;
++}
++
++/* returns true if host is using tsc clocksource */
++static bool kvm_get_time_and_clockread(s64 *kernel_ns, cycle_t *cycle_now)
++{
++ /* checked again under seqlock below */
++ if (pvclock_gtod_data.clock.vclock_mode != VCLOCK_TSC)
++ return false;
++
++ return do_monotonic_boot(kernel_ns, cycle_now) == VCLOCK_TSC;
++}
++#endif
++
++/*
++ *
++ * Assuming a stable TSC across physical CPUS, and a stable TSC
++ * across virtual CPUs, the following condition is possible.
++ * Each numbered line represents an event visible to both
++ * CPUs at the next numbered event.
++ *
++ * "timespecX" represents host monotonic time. "tscX" represents
++ * RDTSC value.
++ *
++ * VCPU0 on CPU0 | VCPU1 on CPU1
++ *
++ * 1. read timespec0,tsc0
++ * 2. | timespec1 = timespec0 + N
++ * | tsc1 = tsc0 + M
++ * 3. transition to guest | transition to guest
++ * 4. ret0 = timespec0 + (rdtsc - tsc0) |
++ * 5. | ret1 = timespec1 + (rdtsc - tsc1)
++ * | ret1 = timespec0 + N + (rdtsc - (tsc0 + M))
++ *
++ * Since ret0 update is visible to VCPU1 at time 5, to obey monotonicity:
++ *
++ * - ret0 < ret1
++ * - timespec0 + (rdtsc - tsc0) < timespec0 + N + (rdtsc - (tsc0 + M))
++ * ...
++ * - 0 < N - M => M < N
++ *
++ * That is, when timespec0 != timespec1, M < N. Unfortunately that is not
++ * always the case (the difference between two distinct xtime instances
++ * might be smaller then the difference between corresponding TSC reads,
++ * when updating guest vcpus pvclock areas).
++ *
++ * To avoid that problem, do not allow visibility of distinct
++ * system_timestamp/tsc_timestamp values simultaneously: use a master
++ * copy of host monotonic time values. Update that master copy
++ * in lockstep.
++ *
++ * Rely on synchronization of host TSCs and guest TSCs for monotonicity.
++ *
++ */
++
++static void pvclock_update_vm_gtod_copy(struct kvm *kvm)
++{
++#ifdef CONFIG_X86_64
++ struct kvm_arch *ka = &kvm->arch;
++ int vclock_mode;
++ bool host_tsc_clocksource, vcpus_matched;
++
++ vcpus_matched = (ka->nr_vcpus_matched_tsc + 1 ==
++ atomic_read(&kvm->online_vcpus));
++
++ /*
++ * If the host uses TSC clock, then passthrough TSC as stable
++ * to the guest.
++ */
++ host_tsc_clocksource = kvm_get_time_and_clockread(
++ &ka->master_kernel_ns,
++ &ka->master_cycle_now);
++
++ ka->use_master_clock = host_tsc_clocksource && vcpus_matched
++ && !backwards_tsc_observed;
++
++ if (ka->use_master_clock)
++ atomic_set(&kvm_guest_has_master_clock, 1);
++
++ vclock_mode = pvclock_gtod_data.clock.vclock_mode;
++ trace_kvm_update_master_clock(ka->use_master_clock, vclock_mode,
++ vcpus_matched);
++#endif
++}
++
++static void kvm_gen_update_masterclock(struct kvm *kvm)
++{
++#ifdef CONFIG_X86_64
++ int i;
++ struct kvm_vcpu *vcpu;
++ struct kvm_arch *ka = &kvm->arch;
++
++ spin_lock(&ka->pvclock_gtod_sync_lock);
++ kvm_make_mclock_inprogress_request(kvm);
++ /* no guest entries from this point */
++ pvclock_update_vm_gtod_copy(kvm);
++
++ kvm_for_each_vcpu(i, vcpu, kvm)
++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu);
++
++ /* guest entries allowed */
++ kvm_for_each_vcpu(i, vcpu, kvm)
++ clear_bit(KVM_REQ_MCLOCK_INPROGRESS, &vcpu->requests);
++
++ spin_unlock(&ka->pvclock_gtod_sync_lock);
++#endif
++}
++
++static int kvm_guest_time_update(struct kvm_vcpu *v)
++{
++ unsigned long flags, this_tsc_khz;
++ struct kvm_vcpu_arch *vcpu = &v->arch;
++ struct kvm_arch *ka = &v->kvm->arch;
++ s64 kernel_ns;
++ u64 tsc_timestamp, host_tsc;
++ struct pvclock_vcpu_time_info guest_hv_clock;
++ u8 pvclock_flags;
++ bool use_master_clock;
++
++ kernel_ns = 0;
++ host_tsc = 0;
++
++ /*
++ * If the host uses TSC clock, then passthrough TSC as stable
++ * to the guest.
++ */
++ spin_lock(&ka->pvclock_gtod_sync_lock);
++ use_master_clock = ka->use_master_clock;
++ if (use_master_clock) {
++ host_tsc = ka->master_cycle_now;
++ kernel_ns = ka->master_kernel_ns;
++ }
++ spin_unlock(&ka->pvclock_gtod_sync_lock);
++
++ /* Keep irq disabled to prevent changes to the clock */
++ local_irq_save(flags);
++ this_tsc_khz = __this_cpu_read(cpu_tsc_khz);
++ if (unlikely(this_tsc_khz == 0)) {
++ local_irq_restore(flags);
++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, v);
++ return 1;
++ }
++ if (!use_master_clock) {
++ host_tsc = native_read_tsc();
++ kernel_ns = get_kernel_ns();
++ }
++
++ tsc_timestamp = kvm_x86_ops->read_l1_tsc(v, host_tsc);
++
++ /*
++ * We may have to catch up the TSC to match elapsed wall clock
++ * time for two reasons, even if kvmclock is used.
++ * 1) CPU could have been running below the maximum TSC rate
++ * 2) Broken TSC compensation resets the base at each VCPU
++ * entry to avoid unknown leaps of TSC even when running
++ * again on the same CPU. This may cause apparent elapsed
++ * time to disappear, and the guest to stand still or run
++ * very slowly.
++ */
++ if (vcpu->tsc_catchup) {
++ u64 tsc = compute_guest_tsc(v, kernel_ns);
++ if (tsc > tsc_timestamp) {
++ adjust_tsc_offset_guest(v, tsc - tsc_timestamp);
++ tsc_timestamp = tsc;
++ }
++ }
++
++ local_irq_restore(flags);
++
++ if (!vcpu->pv_time_enabled)
++ return 0;
++
++ if (unlikely(vcpu->hw_tsc_khz != this_tsc_khz)) {
++ kvm_get_time_scale(NSEC_PER_SEC / 1000, this_tsc_khz,
++ &vcpu->hv_clock.tsc_shift,
++ &vcpu->hv_clock.tsc_to_system_mul);
++ vcpu->hw_tsc_khz = this_tsc_khz;
++ }
++
++ /* With all the info we got, fill in the values */
++ vcpu->hv_clock.tsc_timestamp = tsc_timestamp;
++ vcpu->hv_clock.system_time = kernel_ns + v->kvm->arch.kvmclock_offset;
++ vcpu->last_guest_tsc = tsc_timestamp;
++
++ /*
++ * The interface expects us to write an even number signaling that the
++ * update is finished. Since the guest won't see the intermediate
++ * state, we just increase by 2 at the end.
++ */
++ vcpu->hv_clock.version += 2;
++
++ if (unlikely(kvm_read_guest_cached(v->kvm, &vcpu->pv_time,
++ &guest_hv_clock, sizeof(guest_hv_clock))))
++ return 0;
++
++ /* retain PVCLOCK_GUEST_STOPPED if set in guest copy */
++ pvclock_flags = (guest_hv_clock.flags & PVCLOCK_GUEST_STOPPED);
++
++ if (vcpu->pvclock_set_guest_stopped_request) {
++ pvclock_flags |= PVCLOCK_GUEST_STOPPED;
++ vcpu->pvclock_set_guest_stopped_request = false;
++ }
++
++ /* If the host uses TSC clocksource, then it is stable */
++ if (use_master_clock)
++ pvclock_flags |= PVCLOCK_TSC_STABLE_BIT;
++
++ vcpu->hv_clock.flags = pvclock_flags;
++
++ kvm_write_guest_cached(v->kvm, &vcpu->pv_time,
++ &vcpu->hv_clock,
++ sizeof(vcpu->hv_clock));
++ return 0;
++}
++
++/*
++ * kvmclock updates which are isolated to a given vcpu, such as
++ * vcpu->cpu migration, should not allow system_timestamp from
++ * the rest of the vcpus to remain static. Otherwise ntp frequency
++ * correction applies to one vcpu's system_timestamp but not
++ * the others.
++ *
++ * So in those cases, request a kvmclock update for all vcpus.
++ * We need to rate-limit these requests though, as they can
++ * considerably slow guests that have a large number of vcpus.
++ * The time for a remote vcpu to update its kvmclock is bound
++ * by the delay we use to rate-limit the updates.
++ */
++
++#define KVMCLOCK_UPDATE_DELAY msecs_to_jiffies(100)
++
++static void kvmclock_update_fn(struct work_struct *work)
++{
++ int i;
++ struct delayed_work *dwork = to_delayed_work(work);
++ struct kvm_arch *ka = container_of(dwork, struct kvm_arch,
++ kvmclock_update_work);
++ struct kvm *kvm = container_of(ka, struct kvm, arch);
++ struct kvm_vcpu *vcpu;
++
++ kvm_for_each_vcpu(i, vcpu, kvm) {
++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu);
++ kvm_vcpu_kick(vcpu);
++ }
++}
++
++static void kvm_gen_kvmclock_update(struct kvm_vcpu *v)
++{
++ struct kvm *kvm = v->kvm;
++
++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, v);
++ schedule_delayed_work(&kvm->arch.kvmclock_update_work,
++ KVMCLOCK_UPDATE_DELAY);
++}
++
++#define KVMCLOCK_SYNC_PERIOD (300 * HZ)
++
++static void kvmclock_sync_fn(struct work_struct *work)
++{
++ struct delayed_work *dwork = to_delayed_work(work);
++ struct kvm_arch *ka = container_of(dwork, struct kvm_arch,
++ kvmclock_sync_work);
++ struct kvm *kvm = container_of(ka, struct kvm, arch);
++
++ schedule_delayed_work(&kvm->arch.kvmclock_update_work, 0);
++ schedule_delayed_work(&kvm->arch.kvmclock_sync_work,
++ KVMCLOCK_SYNC_PERIOD);
++}
++
++static bool msr_mtrr_valid(unsigned msr)
++{
++ switch (msr) {
++ case 0x200 ... 0x200 + 2 * KVM_NR_VAR_MTRR - 1:
++ case MSR_MTRRfix64K_00000:
++ case MSR_MTRRfix16K_80000:
++ case MSR_MTRRfix16K_A0000:
++ case MSR_MTRRfix4K_C0000:
++ case MSR_MTRRfix4K_C8000:
++ case MSR_MTRRfix4K_D0000:
++ case MSR_MTRRfix4K_D8000:
++ case MSR_MTRRfix4K_E0000:
++ case MSR_MTRRfix4K_E8000:
++ case MSR_MTRRfix4K_F0000:
++ case MSR_MTRRfix4K_F8000:
++ case MSR_MTRRdefType:
++ case MSR_IA32_CR_PAT:
++ return true;
++ case 0x2f8:
++ return true;
++ }
++ return false;
++}
++
++static bool valid_pat_type(unsigned t)
++{
++ return t < 8 && (1 << t) & 0xf3; /* 0, 1, 4, 5, 6, 7 */
++}
++
++static bool valid_mtrr_type(unsigned t)
++{
++ return t < 8 && (1 << t) & 0x73; /* 0, 1, 4, 5, 6 */
++}
++
++bool kvm_mtrr_valid(struct kvm_vcpu *vcpu, u32 msr, u64 data)
++{
++ int i;
++ u64 mask;
++
++ if (!msr_mtrr_valid(msr))
++ return false;
++
++ if (msr == MSR_IA32_CR_PAT) {
++ for (i = 0; i < 8; i++)
++ if (!valid_pat_type((data >> (i * 8)) & 0xff))
++ return false;
++ return true;
++ } else if (msr == MSR_MTRRdefType) {
++ if (data & ~0xcff)
++ return false;
++ return valid_mtrr_type(data & 0xff);
++ } else if (msr >= MSR_MTRRfix64K_00000 && msr <= MSR_MTRRfix4K_F8000) {
++ for (i = 0; i < 8 ; i++)
++ if (!valid_mtrr_type((data >> (i * 8)) & 0xff))
++ return false;
++ return true;
++ }
++
++ /* variable MTRRs */
++ WARN_ON(!(msr >= 0x200 && msr < 0x200 + 2 * KVM_NR_VAR_MTRR));
++
++ mask = (~0ULL) << cpuid_maxphyaddr(vcpu);
++ if ((msr & 1) == 0) {
++ /* MTRR base */
++ if (!valid_mtrr_type(data & 0xff))
++ return false;
++ mask |= 0xf00;
++ } else
++ /* MTRR mask */
++ mask |= 0x7ff;
++ if (data & mask) {
++ kvm_inject_gp(vcpu, 0);
++ return false;
++ }
++
++ return true;
++}
++EXPORT_SYMBOL_GPL(kvm_mtrr_valid);
++
++static int set_msr_mtrr(struct kvm_vcpu *vcpu, u32 msr, u64 data)
++{
++ u64 *p = (u64 *)&vcpu->arch.mtrr_state.fixed_ranges;
++
++ if (!kvm_mtrr_valid(vcpu, msr, data))
++ return 1;
++
++ if (msr == MSR_MTRRdefType) {
++ vcpu->arch.mtrr_state.def_type = data;
++ vcpu->arch.mtrr_state.enabled = (data & 0xc00) >> 10;
++ } else if (msr == MSR_MTRRfix64K_00000)
++ p[0] = data;
++ else if (msr == MSR_MTRRfix16K_80000 || msr == MSR_MTRRfix16K_A0000)
++ p[1 + msr - MSR_MTRRfix16K_80000] = data;
++ else if (msr >= MSR_MTRRfix4K_C0000 && msr <= MSR_MTRRfix4K_F8000)
++ p[3 + msr - MSR_MTRRfix4K_C0000] = data;
++ else if (msr == MSR_IA32_CR_PAT)
++ vcpu->arch.pat = data;
++ else { /* Variable MTRRs */
++ int idx, is_mtrr_mask;
++ u64 *pt;
++
++ idx = (msr - 0x200) / 2;
++ is_mtrr_mask = msr - 0x200 - 2 * idx;
++ if (!is_mtrr_mask)
++ pt =
++ (u64 *)&vcpu->arch.mtrr_state.var_ranges[idx].base_lo;
++ else
++ pt =
++ (u64 *)&vcpu->arch.mtrr_state.var_ranges[idx].mask_lo;
++ *pt = data;
++ }
++
++ kvm_mmu_reset_context(vcpu);
++ return 0;
++}
++
++static int set_msr_mce(struct kvm_vcpu *vcpu, u32 msr, u64 data)
++{
++ u64 mcg_cap = vcpu->arch.mcg_cap;
++ unsigned bank_num = mcg_cap & 0xff;
++
++ switch (msr) {
++ case MSR_IA32_MCG_STATUS:
++ vcpu->arch.mcg_status = data;
++ break;
++ case MSR_IA32_MCG_CTL:
++ if (!(mcg_cap & MCG_CTL_P))
++ return 1;
++ if (data != 0 && data != ~(u64)0)
++ return -1;
++ vcpu->arch.mcg_ctl = data;
++ break;
++ default:
++ if (msr >= MSR_IA32_MC0_CTL &&
++ msr < MSR_IA32_MCx_CTL(bank_num)) {
++ u32 offset = msr - MSR_IA32_MC0_CTL;
++ /* only 0 or all 1s can be written to IA32_MCi_CTL
++ * some Linux kernels though clear bit 10 in bank 4 to
++ * workaround a BIOS/GART TBL issue on AMD K8s, ignore
++ * this to avoid an uncatched #GP in the guest
++ */
++ if ((offset & 0x3) == 0 &&
++ data != 0 && (data | (1 << 10)) != ~(u64)0)
++ return -1;
++ vcpu->arch.mce_banks[offset] = data;
++ break;
++ }
++ return 1;
++ }
++ return 0;
++}
++
++static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data)
++{
++ struct kvm *kvm = vcpu->kvm;
++ int lm = is_long_mode(vcpu);
++ u8 *blob_addr = lm ? (u8 *)(long)kvm->arch.xen_hvm_config.blob_addr_64
++ : (u8 *)(long)kvm->arch.xen_hvm_config.blob_addr_32;
++ u8 blob_size = lm ? kvm->arch.xen_hvm_config.blob_size_64
++ : kvm->arch.xen_hvm_config.blob_size_32;
++ u32 page_num = data & ~PAGE_MASK;
++ u64 page_addr = data & PAGE_MASK;
++ u8 *page;
++ int r;
++
++ r = -E2BIG;
++ if (page_num >= blob_size)
++ goto out;
++ r = -ENOMEM;
++ page = memdup_user(blob_addr + (page_num * PAGE_SIZE), PAGE_SIZE);
++ if (IS_ERR(page)) {
++ r = PTR_ERR(page);
++ goto out;
++ }
++ if (kvm_write_guest(kvm, page_addr, page, PAGE_SIZE))
++ goto out_free;
++ r = 0;
++out_free:
++ kfree(page);
++out:
++ return r;
++}
++
++static bool kvm_hv_hypercall_enabled(struct kvm *kvm)
++{
++ return kvm->arch.hv_hypercall & HV_X64_MSR_HYPERCALL_ENABLE;
++}
++
++static bool kvm_hv_msr_partition_wide(u32 msr)
++{
++ bool r = false;
++ switch (msr) {
++ case HV_X64_MSR_GUEST_OS_ID:
++ case HV_X64_MSR_HYPERCALL:
++ case HV_X64_MSR_REFERENCE_TSC:
++ case HV_X64_MSR_TIME_REF_COUNT:
++ r = true;
++ break;
++ }
++
++ return r;
++}
++
++static int set_msr_hyperv_pw(struct kvm_vcpu *vcpu, u32 msr, u64 data)
++{
++ struct kvm *kvm = vcpu->kvm;
++
++ switch (msr) {
++ case HV_X64_MSR_GUEST_OS_ID:
++ kvm->arch.hv_guest_os_id = data;
++ /* setting guest os id to zero disables hypercall page */
++ if (!kvm->arch.hv_guest_os_id)
++ kvm->arch.hv_hypercall &= ~HV_X64_MSR_HYPERCALL_ENABLE;
++ break;
++ case HV_X64_MSR_HYPERCALL: {
++ u64 gfn;
++ unsigned long addr;
++ u8 instructions[4];
++
++ /* if guest os id is not set hypercall should remain disabled */
++ if (!kvm->arch.hv_guest_os_id)
++ break;
++ if (!(data & HV_X64_MSR_HYPERCALL_ENABLE)) {
++ kvm->arch.hv_hypercall = data;
++ break;
++ }
++ gfn = data >> HV_X64_MSR_HYPERCALL_PAGE_ADDRESS_SHIFT;
++ addr = gfn_to_hva(kvm, gfn);
++ if (kvm_is_error_hva(addr))
++ return 1;
++ kvm_x86_ops->patch_hypercall(vcpu, instructions);
++ ((unsigned char *)instructions)[3] = 0xc3; /* ret */
++ if (__copy_to_user((void __user *)addr, instructions, 4))
++ return 1;
++ kvm->arch.hv_hypercall = data;
++ mark_page_dirty(kvm, gfn);
++ break;
++ }
++ case HV_X64_MSR_REFERENCE_TSC: {
++ u64 gfn;
++ HV_REFERENCE_TSC_PAGE tsc_ref;
++ memset(&tsc_ref, 0, sizeof(tsc_ref));
++ kvm->arch.hv_tsc_page = data;
++ if (!(data & HV_X64_MSR_TSC_REFERENCE_ENABLE))
++ break;
++ gfn = data >> HV_X64_MSR_TSC_REFERENCE_ADDRESS_SHIFT;
++ if (kvm_write_guest(kvm, gfn << HV_X64_MSR_TSC_REFERENCE_ADDRESS_SHIFT,
++ &tsc_ref, sizeof(tsc_ref)))
++ return 1;
++ mark_page_dirty(kvm, gfn);
++ break;
++ }
++ default:
++ vcpu_unimpl(vcpu, "HYPER-V unimplemented wrmsr: 0x%x "
++ "data 0x%llx\n", msr, data);
++ return 1;
++ }
++ return 0;
++}
++
++static int set_msr_hyperv(struct kvm_vcpu *vcpu, u32 msr, u64 data)
++{
++ switch (msr) {
++ case HV_X64_MSR_APIC_ASSIST_PAGE: {
++ u64 gfn;
++ unsigned long addr;
++
++ if (!(data & HV_X64_MSR_APIC_ASSIST_PAGE_ENABLE)) {
++ vcpu->arch.hv_vapic = data;
++ if (kvm_lapic_enable_pv_eoi(vcpu, 0))
++ return 1;
++ break;
++ }
++ gfn = data >> HV_X64_MSR_APIC_ASSIST_PAGE_ADDRESS_SHIFT;
++ addr = gfn_to_hva(vcpu->kvm, gfn);
++ if (kvm_is_error_hva(addr))
++ return 1;
++ if (__clear_user((void __user *)addr, PAGE_SIZE))
++ return 1;
++ vcpu->arch.hv_vapic = data;
++ mark_page_dirty(vcpu->kvm, gfn);
++ if (kvm_lapic_enable_pv_eoi(vcpu, gfn_to_gpa(gfn) | KVM_MSR_ENABLED))
++ return 1;
++ break;
++ }
++ case HV_X64_MSR_EOI:
++ return kvm_hv_vapic_msr_write(vcpu, APIC_EOI, data);
++ case HV_X64_MSR_ICR:
++ return kvm_hv_vapic_msr_write(vcpu, APIC_ICR, data);
++ case HV_X64_MSR_TPR:
++ return kvm_hv_vapic_msr_write(vcpu, APIC_TASKPRI, data);
++ default:
++ vcpu_unimpl(vcpu, "HYPER-V unimplemented wrmsr: 0x%x "
++ "data 0x%llx\n", msr, data);
++ return 1;
++ }
++
++ return 0;
++}
++
++static int kvm_pv_enable_async_pf(struct kvm_vcpu *vcpu, u64 data)
++{
++ gpa_t gpa = data & ~0x3f;
++
++ /* Bits 2:5 are reserved, Should be zero */
++ if (data & 0x3c)
++ return 1;
++
++ vcpu->arch.apf.msr_val = data;
++
++ if (!(data & KVM_ASYNC_PF_ENABLED)) {
++ kvm_clear_async_pf_completion_queue(vcpu);
++ kvm_async_pf_hash_reset(vcpu);
++ return 0;
++ }
++
++ if (kvm_gfn_to_hva_cache_init(vcpu->kvm, &vcpu->arch.apf.data, gpa,
++ sizeof(u32)))
++ return 1;
++
++ vcpu->arch.apf.send_user_only = !(data & KVM_ASYNC_PF_SEND_ALWAYS);
++ kvm_async_pf_wakeup_all(vcpu);
++ return 0;
++}
++
++static void kvmclock_reset(struct kvm_vcpu *vcpu)
++{
++ vcpu->arch.pv_time_enabled = false;
++}
++
++static void accumulate_steal_time(struct kvm_vcpu *vcpu)
++{
++ u64 delta;
++
++ if (!(vcpu->arch.st.msr_val & KVM_MSR_ENABLED))
++ return;
++
++ delta = current->sched_info.run_delay - vcpu->arch.st.last_steal;
++ vcpu->arch.st.last_steal = current->sched_info.run_delay;
++ vcpu->arch.st.accum_steal = delta;
++}
++
++static void record_steal_time(struct kvm_vcpu *vcpu)
++{
++ if (!(vcpu->arch.st.msr_val & KVM_MSR_ENABLED))
++ return;
++
++ if (unlikely(kvm_read_guest_cached(vcpu->kvm, &vcpu->arch.st.stime,
++ &vcpu->arch.st.steal, sizeof(struct kvm_steal_time))))
++ return;
++
++ vcpu->arch.st.steal.steal += vcpu->arch.st.accum_steal;
++ vcpu->arch.st.steal.version += 2;
++ vcpu->arch.st.accum_steal = 0;
++
++ kvm_write_guest_cached(vcpu->kvm, &vcpu->arch.st.stime,
++ &vcpu->arch.st.steal, sizeof(struct kvm_steal_time));
++}
++
++int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
++{
++ bool pr = false;
++ u32 msr = msr_info->index;
++ u64 data = msr_info->data;
++
++ switch (msr) {
++ case MSR_AMD64_NB_CFG:
++ case MSR_IA32_UCODE_REV:
++ case MSR_IA32_UCODE_WRITE:
++ case MSR_VM_HSAVE_PA:
++ case MSR_AMD64_PATCH_LOADER:
++ case MSR_AMD64_BU_CFG2:
++ break;
++
++ case MSR_EFER:
++ return set_efer(vcpu, data);
++ case MSR_K7_HWCR:
++ data &= ~(u64)0x40; /* ignore flush filter disable */
++ data &= ~(u64)0x100; /* ignore ignne emulation enable */
++ data &= ~(u64)0x8; /* ignore TLB cache disable */
++ data &= ~(u64)0x40000; /* ignore Mc status write enable */
++ if (data != 0) {
++ vcpu_unimpl(vcpu, "unimplemented HWCR wrmsr: 0x%llx\n",
++ data);
++ return 1;
++ }
++ break;
++ case MSR_FAM10H_MMIO_CONF_BASE:
++ if (data != 0) {
++ vcpu_unimpl(vcpu, "unimplemented MMIO_CONF_BASE wrmsr: "
++ "0x%llx\n", data);
++ return 1;
++ }
++ break;
++ case MSR_IA32_DEBUGCTLMSR:
++ if (!data) {
++ /* We support the non-activated case already */
++ break;
++ } else if (data & ~(DEBUGCTLMSR_LBR | DEBUGCTLMSR_BTF)) {
++ /* Values other than LBR and BTF are vendor-specific,
++ thus reserved and should throw a #GP */
++ return 1;
++ }
++ vcpu_unimpl(vcpu, "%s: MSR_IA32_DEBUGCTLMSR 0x%llx, nop\n",
++ __func__, data);
++ break;
++ case 0x200 ... 0x2ff:
++ return set_msr_mtrr(vcpu, msr, data);
++ case MSR_IA32_APICBASE:
++ return kvm_set_apic_base(vcpu, msr_info);
++ case APIC_BASE_MSR ... APIC_BASE_MSR + 0x3ff:
++ return kvm_x2apic_msr_write(vcpu, msr, data);
++ case MSR_IA32_TSCDEADLINE:
++ kvm_set_lapic_tscdeadline_msr(vcpu, data);
++ break;
++ case MSR_IA32_TSC_ADJUST:
++ if (guest_cpuid_has_tsc_adjust(vcpu)) {
++ if (!msr_info->host_initiated) {
++ u64 adj = data - vcpu->arch.ia32_tsc_adjust_msr;
++ kvm_x86_ops->adjust_tsc_offset(vcpu, adj, true);
++ }
++ vcpu->arch.ia32_tsc_adjust_msr = data;
++ }
++ break;
++ case MSR_IA32_MISC_ENABLE:
++ vcpu->arch.ia32_misc_enable_msr = data;
++ break;
++ case MSR_KVM_WALL_CLOCK_NEW:
++ case MSR_KVM_WALL_CLOCK:
++ vcpu->kvm->arch.wall_clock = data;
++ kvm_write_wall_clock(vcpu->kvm, data);
++ break;
++ case MSR_KVM_SYSTEM_TIME_NEW:
++ case MSR_KVM_SYSTEM_TIME: {
++ u64 gpa_offset;
++ kvmclock_reset(vcpu);
++
++ vcpu->arch.time = data;
++ kvm_make_request(KVM_REQ_GLOBAL_CLOCK_UPDATE, vcpu);
++
++ /* we verify if the enable bit is set... */
++ if (!(data & 1))
++ break;
++
++ gpa_offset = data & ~(PAGE_MASK | 1);
++
++ if (kvm_gfn_to_hva_cache_init(vcpu->kvm,
++ &vcpu->arch.pv_time, data & ~1ULL,
++ sizeof(struct pvclock_vcpu_time_info)))
++ vcpu->arch.pv_time_enabled = false;
++ else
++ vcpu->arch.pv_time_enabled = true;
++
++ break;
++ }
++ case MSR_KVM_ASYNC_PF_EN:
++ if (kvm_pv_enable_async_pf(vcpu, data))
++ return 1;
++ break;
++ case MSR_KVM_STEAL_TIME:
++
++ if (unlikely(!sched_info_on()))
++ return 1;
++
++ if (data & KVM_STEAL_RESERVED_MASK)
++ return 1;
++
++ if (kvm_gfn_to_hva_cache_init(vcpu->kvm, &vcpu->arch.st.stime,
++ data & KVM_STEAL_VALID_BITS,
++ sizeof(struct kvm_steal_time)))
++ return 1;
++
++ vcpu->arch.st.msr_val = data;
++
++ if (!(data & KVM_MSR_ENABLED))
++ break;
++
++ vcpu->arch.st.last_steal = current->sched_info.run_delay;
++
++ preempt_disable();
++ accumulate_steal_time(vcpu);
++ preempt_enable();
++
++ kvm_make_request(KVM_REQ_STEAL_UPDATE, vcpu);
++
++ break;
++ case MSR_KVM_PV_EOI_EN:
++ if (kvm_lapic_enable_pv_eoi(vcpu, data))
++ return 1;
++ break;
++
++ case MSR_IA32_MCG_CTL:
++ case MSR_IA32_MCG_STATUS:
++ case MSR_IA32_MC0_CTL ... MSR_IA32_MCx_CTL(KVM_MAX_MCE_BANKS) - 1:
++ return set_msr_mce(vcpu, msr, data);
++
++ /* Performance counters are not protected by a CPUID bit,
++ * so we should check all of them in the generic path for the sake of
++ * cross vendor migration.
++ * Writing a zero into the event select MSRs disables them,
++ * which we perfectly emulate ;-). Any other value should be at least
++ * reported, some guests depend on them.
++ */
++ case MSR_K7_EVNTSEL0:
++ case MSR_K7_EVNTSEL1:
++ case MSR_K7_EVNTSEL2:
++ case MSR_K7_EVNTSEL3:
++ if (data != 0)
++ vcpu_unimpl(vcpu, "unimplemented perfctr wrmsr: "
++ "0x%x data 0x%llx\n", msr, data);
++ break;
++ /* at least RHEL 4 unconditionally writes to the perfctr registers,
++ * so we ignore writes to make it happy.
++ */
++ case MSR_K7_PERFCTR0:
++ case MSR_K7_PERFCTR1:
++ case MSR_K7_PERFCTR2:
++ case MSR_K7_PERFCTR3:
++ vcpu_unimpl(vcpu, "unimplemented perfctr wrmsr: "
++ "0x%x data 0x%llx\n", msr, data);
++ break;
++ case MSR_P6_PERFCTR0:
++ case MSR_P6_PERFCTR1:
++ pr = true;
++ case MSR_P6_EVNTSEL0:
++ case MSR_P6_EVNTSEL1:
++ if (kvm_pmu_msr(vcpu, msr))
++ return kvm_pmu_set_msr(vcpu, msr_info);
++
++ if (pr || data != 0)
++ vcpu_unimpl(vcpu, "disabled perfctr wrmsr: "
++ "0x%x data 0x%llx\n", msr, data);
++ break;
++ case MSR_K7_CLK_CTL:
++ /*
++ * Ignore all writes to this no longer documented MSR.
++ * Writes are only relevant for old K7 processors,
++ * all pre-dating SVM, but a recommended workaround from
++ * AMD for these chips. It is possible to specify the
++ * affected processor models on the command line, hence
++ * the need to ignore the workaround.
++ */
++ break;
++ case HV_X64_MSR_GUEST_OS_ID ... HV_X64_MSR_SINT15:
++ if (kvm_hv_msr_partition_wide(msr)) {
++ int r;
++ mutex_lock(&vcpu->kvm->lock);
++ r = set_msr_hyperv_pw(vcpu, msr, data);
++ mutex_unlock(&vcpu->kvm->lock);
++ return r;
++ } else
++ return set_msr_hyperv(vcpu, msr, data);
++ break;
++ case MSR_IA32_BBL_CR_CTL3:
++ /* Drop writes to this legacy MSR -- see rdmsr
++ * counterpart for further detail.
++ */
++ vcpu_unimpl(vcpu, "ignored wrmsr: 0x%x data %llx\n", msr, data);
++ break;
++ case MSR_AMD64_OSVW_ID_LENGTH:
++ if (!guest_cpuid_has_osvw(vcpu))
++ return 1;
++ vcpu->arch.osvw.length = data;
++ break;
++ case MSR_AMD64_OSVW_STATUS:
++ if (!guest_cpuid_has_osvw(vcpu))
++ return 1;
++ vcpu->arch.osvw.status = data;
++ break;
++ default:
++ if (msr && (msr == vcpu->kvm->arch.xen_hvm_config.msr))
++ return xen_hvm_config(vcpu, data);
++ if (kvm_pmu_msr(vcpu, msr))
++ return kvm_pmu_set_msr(vcpu, msr_info);
++ if (!ignore_msrs) {
++ vcpu_unimpl(vcpu, "unhandled wrmsr: 0x%x data %llx\n",
++ msr, data);
++ return 1;
++ } else {
++ vcpu_unimpl(vcpu, "ignored wrmsr: 0x%x data %llx\n",
++ msr, data);
++ break;
++ }
++ }
++ return 0;
++}
++EXPORT_SYMBOL_GPL(kvm_set_msr_common);
++
++
++/*
++ * Reads an msr value (of 'msr_index') into 'pdata'.
++ * Returns 0 on success, non-0 otherwise.
++ * Assumes vcpu_load() was already called.
++ */
++int kvm_get_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata)
++{
++ return kvm_x86_ops->get_msr(vcpu, msr_index, pdata);
++}
++
++static int get_msr_mtrr(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata)
++{
++ u64 *p = (u64 *)&vcpu->arch.mtrr_state.fixed_ranges;
++
++ if (!msr_mtrr_valid(msr))
++ return 1;
++
++ if (msr == MSR_MTRRdefType)
++ *pdata = vcpu->arch.mtrr_state.def_type +
++ (vcpu->arch.mtrr_state.enabled << 10);
++ else if (msr == MSR_MTRRfix64K_00000)
++ *pdata = p[0];
++ else if (msr == MSR_MTRRfix16K_80000 || msr == MSR_MTRRfix16K_A0000)
++ *pdata = p[1 + msr - MSR_MTRRfix16K_80000];
++ else if (msr >= MSR_MTRRfix4K_C0000 && msr <= MSR_MTRRfix4K_F8000)
++ *pdata = p[3 + msr - MSR_MTRRfix4K_C0000];
++ else if (msr == MSR_IA32_CR_PAT)
++ *pdata = vcpu->arch.pat;
++ else { /* Variable MTRRs */
++ int idx, is_mtrr_mask;
++ u64 *pt;
++
++ idx = (msr - 0x200) / 2;
++ is_mtrr_mask = msr - 0x200 - 2 * idx;
++ if (!is_mtrr_mask)
++ pt =
++ (u64 *)&vcpu->arch.mtrr_state.var_ranges[idx].base_lo;
++ else
++ pt =
++ (u64 *)&vcpu->arch.mtrr_state.var_ranges[idx].mask_lo;
++ *pdata = *pt;
++ }
++
++ return 0;
++}
++
++static int get_msr_mce(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata)
++{
++ u64 data;
++ u64 mcg_cap = vcpu->arch.mcg_cap;
++ unsigned bank_num = mcg_cap & 0xff;
++
++ switch (msr) {
++ case MSR_IA32_P5_MC_ADDR:
++ case MSR_IA32_P5_MC_TYPE:
++ data = 0;
++ break;
++ case MSR_IA32_MCG_CAP:
++ data = vcpu->arch.mcg_cap;
++ break;
++ case MSR_IA32_MCG_CTL:
++ if (!(mcg_cap & MCG_CTL_P))
++ return 1;
++ data = vcpu->arch.mcg_ctl;
++ break;
++ case MSR_IA32_MCG_STATUS:
++ data = vcpu->arch.mcg_status;
++ break;
++ default:
++ if (msr >= MSR_IA32_MC0_CTL &&
++ msr < MSR_IA32_MCx_CTL(bank_num)) {
++ u32 offset = msr - MSR_IA32_MC0_CTL;
++ data = vcpu->arch.mce_banks[offset];
++ break;
++ }
++ return 1;
++ }
++ *pdata = data;
++ return 0;
++}
++
++static int get_msr_hyperv_pw(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata)
++{
++ u64 data = 0;
++ struct kvm *kvm = vcpu->kvm;
++
++ switch (msr) {
++ case HV_X64_MSR_GUEST_OS_ID:
++ data = kvm->arch.hv_guest_os_id;
++ break;
++ case HV_X64_MSR_HYPERCALL:
++ data = kvm->arch.hv_hypercall;
++ break;
++ case HV_X64_MSR_TIME_REF_COUNT: {
++ data =
++ div_u64(get_kernel_ns() + kvm->arch.kvmclock_offset, 100);
++ break;
++ }
++ case HV_X64_MSR_REFERENCE_TSC:
++ data = kvm->arch.hv_tsc_page;
++ break;
++ default:
++ vcpu_unimpl(vcpu, "Hyper-V unhandled rdmsr: 0x%x\n", msr);
++ return 1;
++ }
++
++ *pdata = data;
++ return 0;
++}
++
++static int get_msr_hyperv(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata)
++{
++ u64 data = 0;
++
++ switch (msr) {
++ case HV_X64_MSR_VP_INDEX: {
++ int r;
++ struct kvm_vcpu *v;
++ kvm_for_each_vcpu(r, v, vcpu->kvm) {
++ if (v == vcpu) {
++ data = r;
++ break;
++ }
++ }
++ break;
++ }
++ case HV_X64_MSR_EOI:
++ return kvm_hv_vapic_msr_read(vcpu, APIC_EOI, pdata);
++ case HV_X64_MSR_ICR:
++ return kvm_hv_vapic_msr_read(vcpu, APIC_ICR, pdata);
++ case HV_X64_MSR_TPR:
++ return kvm_hv_vapic_msr_read(vcpu, APIC_TASKPRI, pdata);
++ case HV_X64_MSR_APIC_ASSIST_PAGE:
++ data = vcpu->arch.hv_vapic;
++ break;
++ default:
++ vcpu_unimpl(vcpu, "Hyper-V unhandled rdmsr: 0x%x\n", msr);
++ return 1;
++ }
++ *pdata = data;
++ return 0;
++}
++
++int kvm_get_msr_common(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata)
++{
++ u64 data;
++
++ switch (msr) {
++ case MSR_IA32_PLATFORM_ID:
++ case MSR_IA32_EBL_CR_POWERON:
++ case MSR_IA32_DEBUGCTLMSR:
++ case MSR_IA32_LASTBRANCHFROMIP:
++ case MSR_IA32_LASTBRANCHTOIP:
++ case MSR_IA32_LASTINTFROMIP:
++ case MSR_IA32_LASTINTTOIP:
++ case MSR_K8_SYSCFG:
++ case MSR_K7_HWCR:
++ case MSR_VM_HSAVE_PA:
++ case MSR_K7_EVNTSEL0:
++ case MSR_K7_EVNTSEL1:
++ case MSR_K7_EVNTSEL2:
++ case MSR_K7_EVNTSEL3:
++ case MSR_K7_PERFCTR0:
++ case MSR_K7_PERFCTR1:
++ case MSR_K7_PERFCTR2:
++ case MSR_K7_PERFCTR3:
++ case MSR_K8_INT_PENDING_MSG:
++ case MSR_AMD64_NB_CFG:
++ case MSR_FAM10H_MMIO_CONF_BASE:
++ case MSR_AMD64_BU_CFG2:
++ data = 0;
++ break;
++ case MSR_P6_PERFCTR0:
++ case MSR_P6_PERFCTR1:
++ case MSR_P6_EVNTSEL0:
++ case MSR_P6_EVNTSEL1:
++ if (kvm_pmu_msr(vcpu, msr))
++ return kvm_pmu_get_msr(vcpu, msr, pdata);
++ data = 0;
++ break;
++ case MSR_IA32_UCODE_REV:
++ data = 0x100000000ULL;
++ break;
++ case MSR_MTRRcap:
++ data = 0x500 | KVM_NR_VAR_MTRR;
++ break;
++ case 0x200 ... 0x2ff:
++ return get_msr_mtrr(vcpu, msr, pdata);
++ case 0xcd: /* fsb frequency */
++ data = 3;
++ break;
++ /*
++ * MSR_EBC_FREQUENCY_ID
++ * Conservative value valid for even the basic CPU models.
++ * Models 0,1: 000 in bits 23:21 indicating a bus speed of
++ * 100MHz, model 2 000 in bits 18:16 indicating 100MHz,
++ * and 266MHz for model 3, or 4. Set Core Clock
++ * Frequency to System Bus Frequency Ratio to 1 (bits
++ * 31:24) even though these are only valid for CPU
++ * models > 2, however guests may end up dividing or
++ * multiplying by zero otherwise.
++ */
++ case MSR_EBC_FREQUENCY_ID:
++ data = 1 << 24;
++ break;
++ case MSR_IA32_APICBASE:
++ data = kvm_get_apic_base(vcpu);
++ break;
++ case APIC_BASE_MSR ... APIC_BASE_MSR + 0x3ff:
++ return kvm_x2apic_msr_read(vcpu, msr, pdata);
++ break;
++ case MSR_IA32_TSCDEADLINE:
++ data = kvm_get_lapic_tscdeadline_msr(vcpu);
++ break;
++ case MSR_IA32_TSC_ADJUST:
++ data = (u64)vcpu->arch.ia32_tsc_adjust_msr;
++ break;
++ case MSR_IA32_MISC_ENABLE:
++ data = vcpu->arch.ia32_misc_enable_msr;
++ break;
++ case MSR_IA32_PERF_STATUS:
++ /* TSC increment by tick */
++ data = 1000ULL;
++ /* CPU multiplier */
++ data |= (((uint64_t)4ULL) << 40);
++ break;
++ case MSR_EFER:
++ data = vcpu->arch.efer;
++ break;
++ case MSR_KVM_WALL_CLOCK:
++ case MSR_KVM_WALL_CLOCK_NEW:
++ data = vcpu->kvm->arch.wall_clock;
++ break;
++ case MSR_KVM_SYSTEM_TIME:
++ case MSR_KVM_SYSTEM_TIME_NEW:
++ data = vcpu->arch.time;
++ break;
++ case MSR_KVM_ASYNC_PF_EN:
++ data = vcpu->arch.apf.msr_val;
++ break;
++ case MSR_KVM_STEAL_TIME:
++ data = vcpu->arch.st.msr_val;
++ break;
++ case MSR_KVM_PV_EOI_EN:
++ data = vcpu->arch.pv_eoi.msr_val;
++ break;
++ case MSR_IA32_P5_MC_ADDR:
++ case MSR_IA32_P5_MC_TYPE:
++ case MSR_IA32_MCG_CAP:
++ case MSR_IA32_MCG_CTL:
++ case MSR_IA32_MCG_STATUS:
++ case MSR_IA32_MC0_CTL ... MSR_IA32_MCx_CTL(KVM_MAX_MCE_BANKS) - 1:
++ return get_msr_mce(vcpu, msr, pdata);
++ case MSR_K7_CLK_CTL:
++ /*
++ * Provide expected ramp-up count for K7. All other
++ * are set to zero, indicating minimum divisors for
++ * every field.
++ *
++ * This prevents guest kernels on AMD host with CPU
++ * type 6, model 8 and higher from exploding due to
++ * the rdmsr failing.
++ */
++ data = 0x20000000;
++ break;
++ case HV_X64_MSR_GUEST_OS_ID ... HV_X64_MSR_SINT15:
++ if (kvm_hv_msr_partition_wide(msr)) {
++ int r;
++ mutex_lock(&vcpu->kvm->lock);
++ r = get_msr_hyperv_pw(vcpu, msr, pdata);
++ mutex_unlock(&vcpu->kvm->lock);
++ return r;
++ } else
++ return get_msr_hyperv(vcpu, msr, pdata);
++ break;
++ case MSR_IA32_BBL_CR_CTL3:
++ /* This legacy MSR exists but isn't fully documented in current
++ * silicon. It is however accessed by winxp in very narrow
++ * scenarios where it sets bit #19, itself documented as
++ * a "reserved" bit. Best effort attempt to source coherent
++ * read data here should the balance of the register be
++ * interpreted by the guest:
++ *
++ * L2 cache control register 3: 64GB range, 256KB size,
++ * enabled, latency 0x1, configured
++ */
++ data = 0xbe702111;
++ break;
++ case MSR_AMD64_OSVW_ID_LENGTH:
++ if (!guest_cpuid_has_osvw(vcpu))
++ return 1;
++ data = vcpu->arch.osvw.length;
++ break;
++ case MSR_AMD64_OSVW_STATUS:
++ if (!guest_cpuid_has_osvw(vcpu))
++ return 1;
++ data = vcpu->arch.osvw.status;
++ break;
++ default:
++ if (kvm_pmu_msr(vcpu, msr))
++ return kvm_pmu_get_msr(vcpu, msr, pdata);
++ if (!ignore_msrs) {
++ vcpu_unimpl(vcpu, "unhandled rdmsr: 0x%x\n", msr);
++ return 1;
++ } else {
++ vcpu_unimpl(vcpu, "ignored rdmsr: 0x%x\n", msr);
++ data = 0;
++ }
++ break;
++ }
++ *pdata = data;
++ return 0;
++}
++EXPORT_SYMBOL_GPL(kvm_get_msr_common);
++
++/*
++ * Read or write a bunch of msrs. All parameters are kernel addresses.
++ *
++ * @return number of msrs set successfully.
++ */
++static int __msr_io(struct kvm_vcpu *vcpu, struct kvm_msrs *msrs,
++ struct kvm_msr_entry *entries,
++ int (*do_msr)(struct kvm_vcpu *vcpu,
++ unsigned index, u64 *data))
++{
++ int i, idx;
++
++ idx = srcu_read_lock(&vcpu->kvm->srcu);
++ for (i = 0; i < msrs->nmsrs; ++i)
++ if (do_msr(vcpu, entries[i].index, &entries[i].data))
++ break;
++ srcu_read_unlock(&vcpu->kvm->srcu, idx);
++
++ return i;
++}
++
++/*
++ * Read or write a bunch of msrs. Parameters are user addresses.
++ *
++ * @return number of msrs set successfully.
++ */
++static int msr_io(struct kvm_vcpu *vcpu, struct kvm_msrs __user *user_msrs,
++ int (*do_msr)(struct kvm_vcpu *vcpu,
++ unsigned index, u64 *data),
++ int writeback)
++{
++ struct kvm_msrs msrs;
++ struct kvm_msr_entry *entries;
++ int r, n;
++ unsigned size;
++
++ r = -EFAULT;
++ if (copy_from_user(&msrs, user_msrs, sizeof msrs))
++ goto out;
++
++ r = -E2BIG;
++ if (msrs.nmsrs >= MAX_IO_MSRS)
++ goto out;
++
++ size = sizeof(struct kvm_msr_entry) * msrs.nmsrs;
++ entries = memdup_user(user_msrs->entries, size);
++ if (IS_ERR(entries)) {
++ r = PTR_ERR(entries);
++ goto out;
++ }
++
++ r = n = __msr_io(vcpu, &msrs, entries, do_msr);
++ if (r < 0)
++ goto out_free;
++
++ r = -EFAULT;
++ if (writeback && copy_to_user(user_msrs->entries, entries, size))
++ goto out_free;
++
++ r = n;
++
++out_free:
++ kfree(entries);
++out:
++ return r;
++}
++
++int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
++{
++ int r;
++
++ switch (ext) {
++ case KVM_CAP_IRQCHIP:
++ case KVM_CAP_HLT:
++ case KVM_CAP_MMU_SHADOW_CACHE_CONTROL:
++ case KVM_CAP_SET_TSS_ADDR:
++ case KVM_CAP_EXT_CPUID:
++ case KVM_CAP_EXT_EMUL_CPUID:
++ case KVM_CAP_CLOCKSOURCE:
++ case KVM_CAP_PIT:
++ case KVM_CAP_NOP_IO_DELAY:
++ case KVM_CAP_MP_STATE:
++ case KVM_CAP_SYNC_MMU:
++ case KVM_CAP_USER_NMI:
++ case KVM_CAP_REINJECT_CONTROL:
++ case KVM_CAP_IRQ_INJECT_STATUS:
++ case KVM_CAP_IRQFD:
++ case KVM_CAP_IOEVENTFD:
++ case KVM_CAP_IOEVENTFD_NO_LENGTH:
++ case KVM_CAP_PIT2:
++ case KVM_CAP_PIT_STATE2:
++ case KVM_CAP_SET_IDENTITY_MAP_ADDR:
++ case KVM_CAP_XEN_HVM:
++ case KVM_CAP_ADJUST_CLOCK:
++ case KVM_CAP_VCPU_EVENTS:
++ case KVM_CAP_HYPERV:
++ case KVM_CAP_HYPERV_VAPIC:
++ case KVM_CAP_HYPERV_SPIN:
++ case KVM_CAP_PCI_SEGMENT:
++ case KVM_CAP_DEBUGREGS:
++ case KVM_CAP_X86_ROBUST_SINGLESTEP:
++ case KVM_CAP_XSAVE:
++ case KVM_CAP_ASYNC_PF:
++ case KVM_CAP_GET_TSC_KHZ:
++ case KVM_CAP_KVMCLOCK_CTRL:
++ case KVM_CAP_READONLY_MEM:
++ case KVM_CAP_HYPERV_TIME:
++ case KVM_CAP_IOAPIC_POLARITY_IGNORED:
++#ifdef CONFIG_KVM_DEVICE_ASSIGNMENT
++ case KVM_CAP_ASSIGN_DEV_IRQ:
++ case KVM_CAP_PCI_2_3:
++#endif
++ r = 1;
++ break;
++ case KVM_CAP_COALESCED_MMIO:
++ r = KVM_COALESCED_MMIO_PAGE_OFFSET;
++ break;
++ case KVM_CAP_VAPIC:
++ r = !kvm_x86_ops->cpu_has_accelerated_tpr();
++ break;
++ case KVM_CAP_NR_VCPUS:
++ r = KVM_SOFT_MAX_VCPUS;
++ break;
++ case KVM_CAP_MAX_VCPUS:
++ r = KVM_MAX_VCPUS;
++ break;
++ case KVM_CAP_NR_MEMSLOTS:
++ r = KVM_USER_MEM_SLOTS;
++ break;
++ case KVM_CAP_PV_MMU: /* obsolete */
++ r = 0;
++ break;
++#ifdef CONFIG_KVM_DEVICE_ASSIGNMENT
++ case KVM_CAP_IOMMU:
++ r = iommu_present(&pci_bus_type);
++ break;
++#endif
++ case KVM_CAP_MCE:
++ r = KVM_MAX_MCE_BANKS;
++ break;
++ case KVM_CAP_XCRS:
++ r = cpu_has_xsave;
++ break;
++ case KVM_CAP_TSC_CONTROL:
++ r = kvm_has_tsc_control;
++ break;
++ case KVM_CAP_TSC_DEADLINE_TIMER:
++ r = boot_cpu_has(X86_FEATURE_TSC_DEADLINE_TIMER);
++ break;
++ default:
++ r = 0;
++ break;
++ }
++ return r;
++
++}
++
++long kvm_arch_dev_ioctl(struct file *filp,
++ unsigned int ioctl, unsigned long arg)
++{
++ void __user *argp = (void __user *)arg;
++ long r;
++
++ switch (ioctl) {
++ case KVM_GET_MSR_INDEX_LIST: {
++ struct kvm_msr_list __user *user_msr_list = argp;
++ struct kvm_msr_list msr_list;
++ unsigned n;
++
++ r = -EFAULT;
++ if (copy_from_user(&msr_list, user_msr_list, sizeof msr_list))
++ goto out;
++ n = msr_list.nmsrs;
++ msr_list.nmsrs = num_msrs_to_save + ARRAY_SIZE(emulated_msrs);
++ if (copy_to_user(user_msr_list, &msr_list, sizeof msr_list))
++ goto out;
++ r = -E2BIG;
++ if (n < msr_list.nmsrs)
++ goto out;
++ r = -EFAULT;
++ if (copy_to_user(user_msr_list->indices, &msrs_to_save,
++ num_msrs_to_save * sizeof(u32)))
++ goto out;
++ if (copy_to_user(user_msr_list->indices + num_msrs_to_save,
++ &emulated_msrs,
++ ARRAY_SIZE(emulated_msrs) * sizeof(u32)))
++ goto out;
++ r = 0;
++ break;
++ }
++ case KVM_GET_SUPPORTED_CPUID:
++ case KVM_GET_EMULATED_CPUID: {
++ struct kvm_cpuid2 __user *cpuid_arg = argp;
++ struct kvm_cpuid2 cpuid;
++
++ r = -EFAULT;
++ if (copy_from_user(&cpuid, cpuid_arg, sizeof cpuid))
++ goto out;
++
++ r = kvm_dev_ioctl_get_cpuid(&cpuid, cpuid_arg->entries,
++ ioctl);
++ if (r)
++ goto out;
++
++ r = -EFAULT;
++ if (copy_to_user(cpuid_arg, &cpuid, sizeof cpuid))
++ goto out;
++ r = 0;
++ break;
++ }
++ case KVM_X86_GET_MCE_CAP_SUPPORTED: {
++ u64 mce_cap;
++
++ mce_cap = KVM_MCE_CAP_SUPPORTED;
++ r = -EFAULT;
++ if (copy_to_user(argp, &mce_cap, sizeof mce_cap))
++ goto out;
++ r = 0;
++ break;
++ }
++ default:
++ r = -EINVAL;
++ }
++out:
++ return r;
++}
++
++static void wbinvd_ipi(void *garbage)
++{
++ wbinvd();
++}
++
++static bool need_emulate_wbinvd(struct kvm_vcpu *vcpu)
++{
++ return kvm_arch_has_noncoherent_dma(vcpu->kvm);
++}
++
++void kvm_arch_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
++{
++ /* Address WBINVD may be executed by guest */
++ if (need_emulate_wbinvd(vcpu)) {
++ if (kvm_x86_ops->has_wbinvd_exit())
++ cpumask_set_cpu(cpu, vcpu->arch.wbinvd_dirty_mask);
++ else if (vcpu->cpu != -1 && vcpu->cpu != cpu)
++ smp_call_function_single(vcpu->cpu,
++ wbinvd_ipi, NULL, 1);
++ }
++
++ kvm_x86_ops->vcpu_load(vcpu, cpu);
++
++ /* Apply any externally detected TSC adjustments (due to suspend) */
++ if (unlikely(vcpu->arch.tsc_offset_adjustment)) {
++ adjust_tsc_offset_host(vcpu, vcpu->arch.tsc_offset_adjustment);
++ vcpu->arch.tsc_offset_adjustment = 0;
++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu);
++ }
++
++ if (unlikely(vcpu->cpu != cpu) || check_tsc_unstable()) {
++ s64 tsc_delta = !vcpu->arch.last_host_tsc ? 0 :
++ native_read_tsc() - vcpu->arch.last_host_tsc;
++ if (tsc_delta < 0)
++ mark_tsc_unstable("KVM discovered backwards TSC");
++ if (check_tsc_unstable()) {
++ u64 offset = kvm_x86_ops->compute_tsc_offset(vcpu,
++ vcpu->arch.last_guest_tsc);
++ kvm_x86_ops->write_tsc_offset(vcpu, offset);
++ vcpu->arch.tsc_catchup = 1;
++ }
++ /*
++ * On a host with synchronized TSC, there is no need to update
++ * kvmclock on vcpu->cpu migration
++ */
++ if (!vcpu->kvm->arch.use_master_clock || vcpu->cpu == -1)
++ kvm_make_request(KVM_REQ_GLOBAL_CLOCK_UPDATE, vcpu);
++ if (vcpu->cpu != cpu)
++ kvm_migrate_timers(vcpu);
++ vcpu->cpu = cpu;
++ }
++
++ accumulate_steal_time(vcpu);
++ kvm_make_request(KVM_REQ_STEAL_UPDATE, vcpu);
++}
++
++void kvm_arch_vcpu_put(struct kvm_vcpu *vcpu)
++{
++ kvm_x86_ops->vcpu_put(vcpu);
++ kvm_put_guest_fpu(vcpu);
++ vcpu->arch.last_host_tsc = native_read_tsc();
++}
++
++static int kvm_vcpu_ioctl_get_lapic(struct kvm_vcpu *vcpu,
++ struct kvm_lapic_state *s)
++{
++ kvm_x86_ops->sync_pir_to_irr(vcpu);
++ memcpy(s->regs, vcpu->arch.apic->regs, sizeof *s);
++
++ return 0;
++}
++
++static int kvm_vcpu_ioctl_set_lapic(struct kvm_vcpu *vcpu,
++ struct kvm_lapic_state *s)
++{
++ kvm_apic_post_state_restore(vcpu, s);
++ update_cr8_intercept(vcpu);
++
++ return 0;
++}
++
++static int kvm_vcpu_ioctl_interrupt(struct kvm_vcpu *vcpu,
++ struct kvm_interrupt *irq)
++{
++ if (irq->irq >= KVM_NR_INTERRUPTS)
++ return -EINVAL;
++ if (irqchip_in_kernel(vcpu->kvm))
++ return -ENXIO;
++
++ kvm_queue_interrupt(vcpu, irq->irq, false);
++ kvm_make_request(KVM_REQ_EVENT, vcpu);
++
++ return 0;
++}
++
++static int kvm_vcpu_ioctl_nmi(struct kvm_vcpu *vcpu)
++{
++ kvm_inject_nmi(vcpu);
++
++ return 0;
++}
++
++static int vcpu_ioctl_tpr_access_reporting(struct kvm_vcpu *vcpu,
++ struct kvm_tpr_access_ctl *tac)
++{
++ if (tac->flags)
++ return -EINVAL;
++ vcpu->arch.tpr_access_reporting = !!tac->enabled;
++ return 0;
++}
++
++static int kvm_vcpu_ioctl_x86_setup_mce(struct kvm_vcpu *vcpu,
++ u64 mcg_cap)
++{
++ int r;
++ unsigned bank_num = mcg_cap & 0xff, bank;
++
++ r = -EINVAL;
++ if (!bank_num || bank_num >= KVM_MAX_MCE_BANKS)
++ goto out;
++ if (mcg_cap & ~(KVM_MCE_CAP_SUPPORTED | 0xff | 0xff0000))
++ goto out;
++ r = 0;
++ vcpu->arch.mcg_cap = mcg_cap;
++ /* Init IA32_MCG_CTL to all 1s */
++ if (mcg_cap & MCG_CTL_P)
++ vcpu->arch.mcg_ctl = ~(u64)0;
++ /* Init IA32_MCi_CTL to all 1s */
++ for (bank = 0; bank < bank_num; bank++)
++ vcpu->arch.mce_banks[bank*4] = ~(u64)0;
++out:
++ return r;
++}
++
++static int kvm_vcpu_ioctl_x86_set_mce(struct kvm_vcpu *vcpu,
++ struct kvm_x86_mce *mce)
++{
++ u64 mcg_cap = vcpu->arch.mcg_cap;
++ unsigned bank_num = mcg_cap & 0xff;
++ u64 *banks = vcpu->arch.mce_banks;
++
++ if (mce->bank >= bank_num || !(mce->status & MCI_STATUS_VAL))
++ return -EINVAL;
++ /*
++ * if IA32_MCG_CTL is not all 1s, the uncorrected error
++ * reporting is disabled
++ */
++ if ((mce->status & MCI_STATUS_UC) && (mcg_cap & MCG_CTL_P) &&
++ vcpu->arch.mcg_ctl != ~(u64)0)
++ return 0;
++ banks += 4 * mce->bank;
++ /*
++ * if IA32_MCi_CTL is not all 1s, the uncorrected error
++ * reporting is disabled for the bank
++ */
++ if ((mce->status & MCI_STATUS_UC) && banks[0] != ~(u64)0)
++ return 0;
++ if (mce->status & MCI_STATUS_UC) {
++ if ((vcpu->arch.mcg_status & MCG_STATUS_MCIP) ||
++ !kvm_read_cr4_bits(vcpu, X86_CR4_MCE)) {
++ kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu);
++ return 0;
++ }
++ if (banks[1] & MCI_STATUS_VAL)
++ mce->status |= MCI_STATUS_OVER;
++ banks[2] = mce->addr;
++ banks[3] = mce->misc;
++ vcpu->arch.mcg_status = mce->mcg_status;
++ banks[1] = mce->status;
++ kvm_queue_exception(vcpu, MC_VECTOR);
++ } else if (!(banks[1] & MCI_STATUS_VAL)
++ || !(banks[1] & MCI_STATUS_UC)) {
++ if (banks[1] & MCI_STATUS_VAL)
++ mce->status |= MCI_STATUS_OVER;
++ banks[2] = mce->addr;
++ banks[3] = mce->misc;
++ banks[1] = mce->status;
++ } else
++ banks[1] |= MCI_STATUS_OVER;
++ return 0;
++}
++
++static void kvm_vcpu_ioctl_x86_get_vcpu_events(struct kvm_vcpu *vcpu,
++ struct kvm_vcpu_events *events)
++{
++ process_nmi(vcpu);
++ events->exception.injected =
++ vcpu->arch.exception.pending &&
++ !kvm_exception_is_soft(vcpu->arch.exception.nr);
++ events->exception.nr = vcpu->arch.exception.nr;
++ events->exception.has_error_code = vcpu->arch.exception.has_error_code;
++ events->exception.pad = 0;
++ events->exception.error_code = vcpu->arch.exception.error_code;
++
++ events->interrupt.injected =
++ vcpu->arch.interrupt.pending && !vcpu->arch.interrupt.soft;
++ events->interrupt.nr = vcpu->arch.interrupt.nr;
++ events->interrupt.soft = 0;
++ events->interrupt.shadow = kvm_x86_ops->get_interrupt_shadow(vcpu);
++
++ events->nmi.injected = vcpu->arch.nmi_injected;
++ events->nmi.pending = vcpu->arch.nmi_pending != 0;
++ events->nmi.masked = kvm_x86_ops->get_nmi_mask(vcpu);
++ events->nmi.pad = 0;
++
++ events->sipi_vector = 0; /* never valid when reporting to user space */
++
++ events->flags = (KVM_VCPUEVENT_VALID_NMI_PENDING
++ | KVM_VCPUEVENT_VALID_SHADOW);
++ memset(&events->reserved, 0, sizeof(events->reserved));
++}
++
++static int kvm_vcpu_ioctl_x86_set_vcpu_events(struct kvm_vcpu *vcpu,
++ struct kvm_vcpu_events *events)
++{
++ if (events->flags & ~(KVM_VCPUEVENT_VALID_NMI_PENDING
++ | KVM_VCPUEVENT_VALID_SIPI_VECTOR
++ | KVM_VCPUEVENT_VALID_SHADOW))
++ return -EINVAL;
++
++ process_nmi(vcpu);
++ vcpu->arch.exception.pending = events->exception.injected;
++ vcpu->arch.exception.nr = events->exception.nr;
++ vcpu->arch.exception.has_error_code = events->exception.has_error_code;
++ vcpu->arch.exception.error_code = events->exception.error_code;
++
++ vcpu->arch.interrupt.pending = events->interrupt.injected;
++ vcpu->arch.interrupt.nr = events->interrupt.nr;
++ vcpu->arch.interrupt.soft = events->interrupt.soft;
++ if (events->flags & KVM_VCPUEVENT_VALID_SHADOW)
++ kvm_x86_ops->set_interrupt_shadow(vcpu,
++ events->interrupt.shadow);
++
++ vcpu->arch.nmi_injected = events->nmi.injected;
++ if (events->flags & KVM_VCPUEVENT_VALID_NMI_PENDING)
++ vcpu->arch.nmi_pending = events->nmi.pending;
++ kvm_x86_ops->set_nmi_mask(vcpu, events->nmi.masked);
++
++ if (events->flags & KVM_VCPUEVENT_VALID_SIPI_VECTOR &&
++ kvm_vcpu_has_lapic(vcpu))
++ vcpu->arch.apic->sipi_vector = events->sipi_vector;
++
++ kvm_make_request(KVM_REQ_EVENT, vcpu);
++
++ return 0;
++}
++
++static void kvm_vcpu_ioctl_x86_get_debugregs(struct kvm_vcpu *vcpu,
++ struct kvm_debugregs *dbgregs)
++{
++ unsigned long val;
++
++ memcpy(dbgregs->db, vcpu->arch.db, sizeof(vcpu->arch.db));
++ _kvm_get_dr(vcpu, 6, &val);
++ dbgregs->dr6 = val;
++ dbgregs->dr7 = vcpu->arch.dr7;
++ dbgregs->flags = 0;
++ memset(&dbgregs->reserved, 0, sizeof(dbgregs->reserved));
++}
++
++static int kvm_vcpu_ioctl_x86_set_debugregs(struct kvm_vcpu *vcpu,
++ struct kvm_debugregs *dbgregs)
++{
++ if (dbgregs->flags)
++ return -EINVAL;
++
++ memcpy(vcpu->arch.db, dbgregs->db, sizeof(vcpu->arch.db));
++ vcpu->arch.dr6 = dbgregs->dr6;
++ kvm_update_dr6(vcpu);
++ vcpu->arch.dr7 = dbgregs->dr7;
++ kvm_update_dr7(vcpu);
++
++ return 0;
++}
++
++#define XSTATE_COMPACTION_ENABLED (1ULL << 63)
++
++static void fill_xsave(u8 *dest, struct kvm_vcpu *vcpu)
++{
++ struct xsave_struct *xsave = &vcpu->arch.guest_fpu.state->xsave;
++ u64 xstate_bv = xsave->xsave_hdr.xstate_bv;
++ u64 valid;
++
++ /*
++ * Copy legacy XSAVE area, to avoid complications with CPUID
++ * leaves 0 and 1 in the loop below.
++ */
++ memcpy(dest, xsave, XSAVE_HDR_OFFSET);
++
++ /* Set XSTATE_BV */
++ *(u64 *)(dest + XSAVE_HDR_OFFSET) = xstate_bv;
++
++ /*
++ * Copy each region from the possibly compacted offset to the
++ * non-compacted offset.
++ */
++ valid = xstate_bv & ~XSTATE_FPSSE;
++ while (valid) {
++ u64 feature = valid & -valid;
++ int index = fls64(feature) - 1;
++ void *src = get_xsave_addr(xsave, feature);
++
++ if (src) {
++ u32 size, offset, ecx, edx;
++ cpuid_count(XSTATE_CPUID, index,
++ &size, &offset, &ecx, &edx);
++ memcpy(dest + offset, src, size);
++ }
++
++ valid -= feature;
++ }
++}
++
++static void load_xsave(struct kvm_vcpu *vcpu, u8 *src)
++{
++ struct xsave_struct *xsave = &vcpu->arch.guest_fpu.state->xsave;
++ u64 xstate_bv = *(u64 *)(src + XSAVE_HDR_OFFSET);
++ u64 valid;
++
++ /*
++ * Copy legacy XSAVE area, to avoid complications with CPUID
++ * leaves 0 and 1 in the loop below.
++ */
++ memcpy(xsave, src, XSAVE_HDR_OFFSET);
++
++ /* Set XSTATE_BV and possibly XCOMP_BV. */
++ xsave->xsave_hdr.xstate_bv = xstate_bv;
++ if (cpu_has_xsaves)
++ xsave->xsave_hdr.xcomp_bv = host_xcr0 | XSTATE_COMPACTION_ENABLED;
++
++ /*
++ * Copy each region from the non-compacted offset to the
++ * possibly compacted offset.
++ */
++ valid = xstate_bv & ~XSTATE_FPSSE;
++ while (valid) {
++ u64 feature = valid & -valid;
++ int index = fls64(feature) - 1;
++ void *dest = get_xsave_addr(xsave, feature);
++
++ if (dest) {
++ u32 size, offset, ecx, edx;
++ cpuid_count(XSTATE_CPUID, index,
++ &size, &offset, &ecx, &edx);
++ memcpy(dest, src + offset, size);
++ } else
++ WARN_ON_ONCE(1);
++
++ valid -= feature;
++ }
++}
++
++static void kvm_vcpu_ioctl_x86_get_xsave(struct kvm_vcpu *vcpu,
++ struct kvm_xsave *guest_xsave)
++{
++ if (cpu_has_xsave) {
++ memset(guest_xsave, 0, sizeof(struct kvm_xsave));
++ fill_xsave((u8 *) guest_xsave->region, vcpu);
++ } else {
++ memcpy(guest_xsave->region,
++ &vcpu->arch.guest_fpu.state->fxsave,
++ sizeof(struct i387_fxsave_struct));
++ *(u64 *)&guest_xsave->region[XSAVE_HDR_OFFSET / sizeof(u32)] =
++ XSTATE_FPSSE;
++ }
++}
++
++static int kvm_vcpu_ioctl_x86_set_xsave(struct kvm_vcpu *vcpu,
++ struct kvm_xsave *guest_xsave)
++{
++ u64 xstate_bv =
++ *(u64 *)&guest_xsave->region[XSAVE_HDR_OFFSET / sizeof(u32)];
++
++ if (cpu_has_xsave) {
++ /*
++ * Here we allow setting states that are not present in
++ * CPUID leaf 0xD, index 0, EDX:EAX. This is for compatibility
++ * with old userspace.
++ */
++ if (xstate_bv & ~kvm_supported_xcr0())
++ return -EINVAL;
++ load_xsave(vcpu, (u8 *)guest_xsave->region);
++ } else {
++ if (xstate_bv & ~XSTATE_FPSSE)
++ return -EINVAL;
++ memcpy(&vcpu->arch.guest_fpu.state->fxsave,
++ guest_xsave->region, sizeof(struct i387_fxsave_struct));
++ }
++ return 0;
++}
++
++static void kvm_vcpu_ioctl_x86_get_xcrs(struct kvm_vcpu *vcpu,
++ struct kvm_xcrs *guest_xcrs)
++{
++ if (!cpu_has_xsave) {
++ guest_xcrs->nr_xcrs = 0;
++ return;
++ }
++
++ guest_xcrs->nr_xcrs = 1;
++ guest_xcrs->flags = 0;
++ guest_xcrs->xcrs[0].xcr = XCR_XFEATURE_ENABLED_MASK;
++ guest_xcrs->xcrs[0].value = vcpu->arch.xcr0;
++}
++
++static int kvm_vcpu_ioctl_x86_set_xcrs(struct kvm_vcpu *vcpu,
++ struct kvm_xcrs *guest_xcrs)
++{
++ int i, r = 0;
++
++ if (!cpu_has_xsave)
++ return -EINVAL;
++
++ if (guest_xcrs->nr_xcrs > KVM_MAX_XCRS || guest_xcrs->flags)
++ return -EINVAL;
++
++ for (i = 0; i < guest_xcrs->nr_xcrs; i++)
++ /* Only support XCR0 currently */
++ if (guest_xcrs->xcrs[i].xcr == XCR_XFEATURE_ENABLED_MASK) {
++ r = __kvm_set_xcr(vcpu, XCR_XFEATURE_ENABLED_MASK,
++ guest_xcrs->xcrs[i].value);
++ break;
++ }
++ if (r)
++ r = -EINVAL;
++ return r;
++}
++
++/*
++ * kvm_set_guest_paused() indicates to the guest kernel that it has been
++ * stopped by the hypervisor. This function will be called from the host only.
++ * EINVAL is returned when the host attempts to set the flag for a guest that
++ * does not support pv clocks.
++ */
++static int kvm_set_guest_paused(struct kvm_vcpu *vcpu)
++{
++ if (!vcpu->arch.pv_time_enabled)
++ return -EINVAL;
++ vcpu->arch.pvclock_set_guest_stopped_request = true;
++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu);
++ return 0;
++}
++
++long kvm_arch_vcpu_ioctl(struct file *filp,
++ unsigned int ioctl, unsigned long arg)
++{
++ struct kvm_vcpu *vcpu = filp->private_data;
++ void __user *argp = (void __user *)arg;
++ int r;
++ union {
++ struct kvm_lapic_state *lapic;
++ struct kvm_xsave *xsave;
++ struct kvm_xcrs *xcrs;
++ void *buffer;
++ } u;
++
++ u.buffer = NULL;
++ switch (ioctl) {
++ case KVM_GET_LAPIC: {
++ r = -EINVAL;
++ if (!vcpu->arch.apic)
++ goto out;
++ u.lapic = kzalloc(sizeof(struct kvm_lapic_state), GFP_KERNEL);
++
++ r = -ENOMEM;
++ if (!u.lapic)
++ goto out;
++ r = kvm_vcpu_ioctl_get_lapic(vcpu, u.lapic);
++ if (r)
++ goto out;
++ r = -EFAULT;
++ if (copy_to_user(argp, u.lapic, sizeof(struct kvm_lapic_state)))
++ goto out;
++ r = 0;
++ break;
++ }
++ case KVM_SET_LAPIC: {
++ r = -EINVAL;
++ if (!vcpu->arch.apic)
++ goto out;
++ u.lapic = memdup_user(argp, sizeof(*u.lapic));
++ if (IS_ERR(u.lapic))
++ return PTR_ERR(u.lapic);
++
++ r = kvm_vcpu_ioctl_set_lapic(vcpu, u.lapic);
++ break;
++ }
++ case KVM_INTERRUPT: {
++ struct kvm_interrupt irq;
++
++ r = -EFAULT;
++ if (copy_from_user(&irq, argp, sizeof irq))
++ goto out;
++ r = kvm_vcpu_ioctl_interrupt(vcpu, &irq);
++ break;
++ }
++ case KVM_NMI: {
++ r = kvm_vcpu_ioctl_nmi(vcpu);
++ break;
++ }
++ case KVM_SET_CPUID: {
++ struct kvm_cpuid __user *cpuid_arg = argp;
++ struct kvm_cpuid cpuid;
++
++ r = -EFAULT;
++ if (copy_from_user(&cpuid, cpuid_arg, sizeof cpuid))
++ goto out;
++ r = kvm_vcpu_ioctl_set_cpuid(vcpu, &cpuid, cpuid_arg->entries);
++ break;
++ }
++ case KVM_SET_CPUID2: {
++ struct kvm_cpuid2 __user *cpuid_arg = argp;
++ struct kvm_cpuid2 cpuid;
++
++ r = -EFAULT;
++ if (copy_from_user(&cpuid, cpuid_arg, sizeof cpuid))
++ goto out;
++ r = kvm_vcpu_ioctl_set_cpuid2(vcpu, &cpuid,
++ cpuid_arg->entries);
++ break;
++ }
++ case KVM_GET_CPUID2: {
++ struct kvm_cpuid2 __user *cpuid_arg = argp;
++ struct kvm_cpuid2 cpuid;
++
++ r = -EFAULT;
++ if (copy_from_user(&cpuid, cpuid_arg, sizeof cpuid))
++ goto out;
++ r = kvm_vcpu_ioctl_get_cpuid2(vcpu, &cpuid,
++ cpuid_arg->entries);
++ if (r)
++ goto out;
++ r = -EFAULT;
++ if (copy_to_user(cpuid_arg, &cpuid, sizeof cpuid))
++ goto out;
++ r = 0;
++ break;
++ }
++ case KVM_GET_MSRS:
++ r = msr_io(vcpu, argp, kvm_get_msr, 1);
++ break;
++ case KVM_SET_MSRS:
++ r = msr_io(vcpu, argp, do_set_msr, 0);
++ break;
++ case KVM_TPR_ACCESS_REPORTING: {
++ struct kvm_tpr_access_ctl tac;
++
++ r = -EFAULT;
++ if (copy_from_user(&tac, argp, sizeof tac))
++ goto out;
++ r = vcpu_ioctl_tpr_access_reporting(vcpu, &tac);
++ if (r)
++ goto out;
++ r = -EFAULT;
++ if (copy_to_user(argp, &tac, sizeof tac))
++ goto out;
++ r = 0;
++ break;
++ };
++ case KVM_SET_VAPIC_ADDR: {
++ struct kvm_vapic_addr va;
++
++ r = -EINVAL;
++ if (!irqchip_in_kernel(vcpu->kvm))
++ goto out;
++ r = -EFAULT;
++ if (copy_from_user(&va, argp, sizeof va))
++ goto out;
++ r = kvm_lapic_set_vapic_addr(vcpu, va.vapic_addr);
++ break;
++ }
++ case KVM_X86_SETUP_MCE: {
++ u64 mcg_cap;
++
++ r = -EFAULT;
++ if (copy_from_user(&mcg_cap, argp, sizeof mcg_cap))
++ goto out;
++ r = kvm_vcpu_ioctl_x86_setup_mce(vcpu, mcg_cap);
++ break;
++ }
++ case KVM_X86_SET_MCE: {
++ struct kvm_x86_mce mce;
++
++ r = -EFAULT;
++ if (copy_from_user(&mce, argp, sizeof mce))
++ goto out;
++ r = kvm_vcpu_ioctl_x86_set_mce(vcpu, &mce);
++ break;
++ }
++ case KVM_GET_VCPU_EVENTS: {
++ struct kvm_vcpu_events events;
++
++ kvm_vcpu_ioctl_x86_get_vcpu_events(vcpu, &events);
++
++ r = -EFAULT;
++ if (copy_to_user(argp, &events, sizeof(struct kvm_vcpu_events)))
++ break;
++ r = 0;
++ break;
++ }
++ case KVM_SET_VCPU_EVENTS: {
++ struct kvm_vcpu_events events;
++
++ r = -EFAULT;
++ if (copy_from_user(&events, argp, sizeof(struct kvm_vcpu_events)))
++ break;
++
++ r = kvm_vcpu_ioctl_x86_set_vcpu_events(vcpu, &events);
++ break;
++ }
++ case KVM_GET_DEBUGREGS: {
++ struct kvm_debugregs dbgregs;
++
++ kvm_vcpu_ioctl_x86_get_debugregs(vcpu, &dbgregs);
++
++ r = -EFAULT;
++ if (copy_to_user(argp, &dbgregs,
++ sizeof(struct kvm_debugregs)))
++ break;
++ r = 0;
++ break;
++ }
++ case KVM_SET_DEBUGREGS: {
++ struct kvm_debugregs dbgregs;
++
++ r = -EFAULT;
++ if (copy_from_user(&dbgregs, argp,
++ sizeof(struct kvm_debugregs)))
++ break;
++
++ r = kvm_vcpu_ioctl_x86_set_debugregs(vcpu, &dbgregs);
++ break;
++ }
++ case KVM_GET_XSAVE: {
++ u.xsave = kzalloc(sizeof(struct kvm_xsave), GFP_KERNEL);
++ r = -ENOMEM;
++ if (!u.xsave)
++ break;
++
++ kvm_vcpu_ioctl_x86_get_xsave(vcpu, u.xsave);
++
++ r = -EFAULT;
++ if (copy_to_user(argp, u.xsave, sizeof(struct kvm_xsave)))
++ break;
++ r = 0;
++ break;
++ }
++ case KVM_SET_XSAVE: {
++ u.xsave = memdup_user(argp, sizeof(*u.xsave));
++ if (IS_ERR(u.xsave))
++ return PTR_ERR(u.xsave);
++
++ r = kvm_vcpu_ioctl_x86_set_xsave(vcpu, u.xsave);
++ break;
++ }
++ case KVM_GET_XCRS: {
++ u.xcrs = kzalloc(sizeof(struct kvm_xcrs), GFP_KERNEL);
++ r = -ENOMEM;
++ if (!u.xcrs)
++ break;
++
++ kvm_vcpu_ioctl_x86_get_xcrs(vcpu, u.xcrs);
++
++ r = -EFAULT;
++ if (copy_to_user(argp, u.xcrs,
++ sizeof(struct kvm_xcrs)))
++ break;
++ r = 0;
++ break;
++ }
++ case KVM_SET_XCRS: {
++ u.xcrs = memdup_user(argp, sizeof(*u.xcrs));
++ if (IS_ERR(u.xcrs))
++ return PTR_ERR(u.xcrs);
++
++ r = kvm_vcpu_ioctl_x86_set_xcrs(vcpu, u.xcrs);
++ break;
++ }
++ case KVM_SET_TSC_KHZ: {
++ u32 user_tsc_khz;
++
++ r = -EINVAL;
++ user_tsc_khz = (u32)arg;
++
++ if (user_tsc_khz >= kvm_max_guest_tsc_khz)
++ goto out;
++
++ if (user_tsc_khz == 0)
++ user_tsc_khz = tsc_khz;
++
++ kvm_set_tsc_khz(vcpu, user_tsc_khz);
++
++ r = 0;
++ goto out;
++ }
++ case KVM_GET_TSC_KHZ: {
++ r = vcpu->arch.virtual_tsc_khz;
++ goto out;
++ }
++ case KVM_KVMCLOCK_CTRL: {
++ r = kvm_set_guest_paused(vcpu);
++ goto out;
++ }
++ default:
++ r = -EINVAL;
++ }
++out:
++ kfree(u.buffer);
++ return r;
++}
++
++int kvm_arch_vcpu_fault(struct kvm_vcpu *vcpu, struct vm_fault *vmf)
++{
++ return VM_FAULT_SIGBUS;
++}
++
++static int kvm_vm_ioctl_set_tss_addr(struct kvm *kvm, unsigned long addr)
++{
++ int ret;
++
++ if (addr > (unsigned int)(-3 * PAGE_SIZE))
++ return -EINVAL;
++ ret = kvm_x86_ops->set_tss_addr(kvm, addr);
++ return ret;
++}
++
++static int kvm_vm_ioctl_set_identity_map_addr(struct kvm *kvm,
++ u64 ident_addr)
++{
++ kvm->arch.ept_identity_map_addr = ident_addr;
++ return 0;
++}
++
++static int kvm_vm_ioctl_set_nr_mmu_pages(struct kvm *kvm,
++ u32 kvm_nr_mmu_pages)
++{
++ if (kvm_nr_mmu_pages < KVM_MIN_ALLOC_MMU_PAGES)
++ return -EINVAL;
++
++ mutex_lock(&kvm->slots_lock);
++
++ kvm_mmu_change_mmu_pages(kvm, kvm_nr_mmu_pages);
++ kvm->arch.n_requested_mmu_pages = kvm_nr_mmu_pages;
++
++ mutex_unlock(&kvm->slots_lock);
++ return 0;
++}
++
++static int kvm_vm_ioctl_get_nr_mmu_pages(struct kvm *kvm)
++{
++ return kvm->arch.n_max_mmu_pages;
++}
++
++static int kvm_vm_ioctl_get_irqchip(struct kvm *kvm, struct kvm_irqchip *chip)
++{
++ int r;
++
++ r = 0;
++ switch (chip->chip_id) {
++ case KVM_IRQCHIP_PIC_MASTER:
++ memcpy(&chip->chip.pic,
++ &pic_irqchip(kvm)->pics[0],
++ sizeof(struct kvm_pic_state));
++ break;
++ case KVM_IRQCHIP_PIC_SLAVE:
++ memcpy(&chip->chip.pic,
++ &pic_irqchip(kvm)->pics[1],
++ sizeof(struct kvm_pic_state));
++ break;
++ case KVM_IRQCHIP_IOAPIC:
++ r = kvm_get_ioapic(kvm, &chip->chip.ioapic);
++ break;
++ default:
++ r = -EINVAL;
++ break;
++ }
++ return r;
++}
++
++static int kvm_vm_ioctl_set_irqchip(struct kvm *kvm, struct kvm_irqchip *chip)
++{
++ int r;
++
++ r = 0;
++ switch (chip->chip_id) {
++ case KVM_IRQCHIP_PIC_MASTER:
++ spin_lock(&pic_irqchip(kvm)->lock);
++ memcpy(&pic_irqchip(kvm)->pics[0],
++ &chip->chip.pic,
++ sizeof(struct kvm_pic_state));
++ spin_unlock(&pic_irqchip(kvm)->lock);
++ break;
++ case KVM_IRQCHIP_PIC_SLAVE:
++ spin_lock(&pic_irqchip(kvm)->lock);
++ memcpy(&pic_irqchip(kvm)->pics[1],
++ &chip->chip.pic,
++ sizeof(struct kvm_pic_state));
++ spin_unlock(&pic_irqchip(kvm)->lock);
++ break;
++ case KVM_IRQCHIP_IOAPIC:
++ r = kvm_set_ioapic(kvm, &chip->chip.ioapic);
++ break;
++ default:
++ r = -EINVAL;
++ break;
++ }
++ kvm_pic_update_irq(pic_irqchip(kvm));
++ return r;
++}
++
++static int kvm_vm_ioctl_get_pit(struct kvm *kvm, struct kvm_pit_state *ps)
++{
++ int r = 0;
++
++ mutex_lock(&kvm->arch.vpit->pit_state.lock);
++ memcpy(ps, &kvm->arch.vpit->pit_state, sizeof(struct kvm_pit_state));
++ mutex_unlock(&kvm->arch.vpit->pit_state.lock);
++ return r;
++}
++
++static int kvm_vm_ioctl_set_pit(struct kvm *kvm, struct kvm_pit_state *ps)
++{
++ int r = 0;
++
++ mutex_lock(&kvm->arch.vpit->pit_state.lock);
++ memcpy(&kvm->arch.vpit->pit_state, ps, sizeof(struct kvm_pit_state));
++ kvm_pit_load_count(kvm, 0, ps->channels[0].count, 0);
++ mutex_unlock(&kvm->arch.vpit->pit_state.lock);
++ return r;
++}
++
++static int kvm_vm_ioctl_get_pit2(struct kvm *kvm, struct kvm_pit_state2 *ps)
++{
++ int r = 0;
++
++ mutex_lock(&kvm->arch.vpit->pit_state.lock);
++ memcpy(ps->channels, &kvm->arch.vpit->pit_state.channels,
++ sizeof(ps->channels));
++ ps->flags = kvm->arch.vpit->pit_state.flags;
++ mutex_unlock(&kvm->arch.vpit->pit_state.lock);
++ memset(&ps->reserved, 0, sizeof(ps->reserved));
++ return r;
++}
++
++static int kvm_vm_ioctl_set_pit2(struct kvm *kvm, struct kvm_pit_state2 *ps)
++{
++ int r = 0, start = 0;
++ u32 prev_legacy, cur_legacy;
++ mutex_lock(&kvm->arch.vpit->pit_state.lock);
++ prev_legacy = kvm->arch.vpit->pit_state.flags & KVM_PIT_FLAGS_HPET_LEGACY;
++ cur_legacy = ps->flags & KVM_PIT_FLAGS_HPET_LEGACY;
++ if (!prev_legacy && cur_legacy)
++ start = 1;
++ memcpy(&kvm->arch.vpit->pit_state.channels, &ps->channels,
++ sizeof(kvm->arch.vpit->pit_state.channels));
++ kvm->arch.vpit->pit_state.flags = ps->flags;
++ kvm_pit_load_count(kvm, 0, kvm->arch.vpit->pit_state.channels[0].count, start);
++ mutex_unlock(&kvm->arch.vpit->pit_state.lock);
++ return r;
++}
++
++static int kvm_vm_ioctl_reinject(struct kvm *kvm,
++ struct kvm_reinject_control *control)
++{
++ if (!kvm->arch.vpit)
++ return -ENXIO;
++ mutex_lock(&kvm->arch.vpit->pit_state.lock);
++ kvm->arch.vpit->pit_state.reinject = control->pit_reinject;
++ mutex_unlock(&kvm->arch.vpit->pit_state.lock);
++ return 0;
++}
++
++/**
++ * kvm_vm_ioctl_get_dirty_log - get and clear the log of dirty pages in a slot
++ * @kvm: kvm instance
++ * @log: slot id and address to which we copy the log
++ *
++ * We need to keep it in mind that VCPU threads can write to the bitmap
++ * concurrently. So, to avoid losing data, we keep the following order for
++ * each bit:
++ *
++ * 1. Take a snapshot of the bit and clear it if needed.
++ * 2. Write protect the corresponding page.
++ * 3. Flush TLB's if needed.
++ * 4. Copy the snapshot to the userspace.
++ *
++ * Between 2 and 3, the guest may write to the page using the remaining TLB
++ * entry. This is not a problem because the page will be reported dirty at
++ * step 4 using the snapshot taken before and step 3 ensures that successive
++ * writes will be logged for the next call.
++ */
++int kvm_vm_ioctl_get_dirty_log(struct kvm *kvm, struct kvm_dirty_log *log)
++{
++ int r;
++ struct kvm_memory_slot *memslot;
++ unsigned long n, i;
++ unsigned long *dirty_bitmap;
++ unsigned long *dirty_bitmap_buffer;
++ bool is_dirty = false;
++
++ mutex_lock(&kvm->slots_lock);
++
++ r = -EINVAL;
++ if (log->slot >= KVM_USER_MEM_SLOTS)
++ goto out;
++
++ memslot = id_to_memslot(kvm->memslots, log->slot);
++
++ dirty_bitmap = memslot->dirty_bitmap;
++ r = -ENOENT;
++ if (!dirty_bitmap)
++ goto out;
++
++ n = kvm_dirty_bitmap_bytes(memslot);
++
++ dirty_bitmap_buffer = dirty_bitmap + n / sizeof(long);
++ memset(dirty_bitmap_buffer, 0, n);
++
++ spin_lock(&kvm->mmu_lock);
++
++ for (i = 0; i < n / sizeof(long); i++) {
++ unsigned long mask;
++ gfn_t offset;
++
++ if (!dirty_bitmap[i])
++ continue;
++
++ is_dirty = true;
++
++ mask = xchg(&dirty_bitmap[i], 0);
++ dirty_bitmap_buffer[i] = mask;
++
++ offset = i * BITS_PER_LONG;
++ kvm_mmu_write_protect_pt_masked(kvm, memslot, offset, mask);
++ }
++
++ spin_unlock(&kvm->mmu_lock);
++
++ /* See the comments in kvm_mmu_slot_remove_write_access(). */
++ lockdep_assert_held(&kvm->slots_lock);
++
++ /*
++ * All the TLBs can be flushed out of mmu lock, see the comments in
++ * kvm_mmu_slot_remove_write_access().
++ */
++ if (is_dirty)
++ kvm_flush_remote_tlbs(kvm);
++
++ r = -EFAULT;
++ if (copy_to_user(log->dirty_bitmap, dirty_bitmap_buffer, n))
++ goto out;
++
++ r = 0;
++out:
++ mutex_unlock(&kvm->slots_lock);
++ return r;
++}
++
++int kvm_vm_ioctl_irq_line(struct kvm *kvm, struct kvm_irq_level *irq_event,
++ bool line_status)
++{
++ if (!irqchip_in_kernel(kvm))
++ return -ENXIO;
++
++ irq_event->status = kvm_set_irq(kvm, KVM_USERSPACE_IRQ_SOURCE_ID,
++ irq_event->irq, irq_event->level,
++ line_status);
++ return 0;
++}
++
++long kvm_arch_vm_ioctl(struct file *filp,
++ unsigned int ioctl, unsigned long arg)
++{
++ struct kvm *kvm = filp->private_data;
++ void __user *argp = (void __user *)arg;
++ int r = -ENOTTY;
++ /*
++ * This union makes it completely explicit to gcc-3.x
++ * that these two variables' stack usage should be
++ * combined, not added together.
++ */
++ union {
++ struct kvm_pit_state ps;
++ struct kvm_pit_state2 ps2;
++ struct kvm_pit_config pit_config;
++ } u;
++
++ switch (ioctl) {
++ case KVM_SET_TSS_ADDR:
++ r = kvm_vm_ioctl_set_tss_addr(kvm, arg);
++ break;
++ case KVM_SET_IDENTITY_MAP_ADDR: {
++ u64 ident_addr;
++
++ r = -EFAULT;
++ if (copy_from_user(&ident_addr, argp, sizeof ident_addr))
++ goto out;
++ r = kvm_vm_ioctl_set_identity_map_addr(kvm, ident_addr);
++ break;
++ }
++ case KVM_SET_NR_MMU_PAGES:
++ r = kvm_vm_ioctl_set_nr_mmu_pages(kvm, arg);
++ break;
++ case KVM_GET_NR_MMU_PAGES:
++ r = kvm_vm_ioctl_get_nr_mmu_pages(kvm);
++ break;
++ case KVM_CREATE_IRQCHIP: {
++ struct kvm_pic *vpic;
++
++ mutex_lock(&kvm->lock);
++ r = -EEXIST;
++ if (kvm->arch.vpic)
++ goto create_irqchip_unlock;
++ r = -EINVAL;
++ if (atomic_read(&kvm->online_vcpus))
++ goto create_irqchip_unlock;
++ r = -ENOMEM;
++ vpic = kvm_create_pic(kvm);
++ if (vpic) {
++ r = kvm_ioapic_init(kvm);
++ if (r) {
++ mutex_lock(&kvm->slots_lock);
++ kvm_io_bus_unregister_dev(kvm, KVM_PIO_BUS,
++ &vpic->dev_master);
++ kvm_io_bus_unregister_dev(kvm, KVM_PIO_BUS,
++ &vpic->dev_slave);
++ kvm_io_bus_unregister_dev(kvm, KVM_PIO_BUS,
++ &vpic->dev_eclr);
++ mutex_unlock(&kvm->slots_lock);
++ kfree(vpic);
++ goto create_irqchip_unlock;
++ }
++ } else
++ goto create_irqchip_unlock;
++ smp_wmb();
++ kvm->arch.vpic = vpic;
++ smp_wmb();
++ r = kvm_setup_default_irq_routing(kvm);
++ if (r) {
++ mutex_lock(&kvm->slots_lock);
++ mutex_lock(&kvm->irq_lock);
++ kvm_ioapic_destroy(kvm);
++ kvm_destroy_pic(kvm);
++ mutex_unlock(&kvm->irq_lock);
++ mutex_unlock(&kvm->slots_lock);
++ }
++ create_irqchip_unlock:
++ mutex_unlock(&kvm->lock);
++ break;
++ }
++ case KVM_CREATE_PIT:
++ u.pit_config.flags = KVM_PIT_SPEAKER_DUMMY;
++ goto create_pit;
++ case KVM_CREATE_PIT2:
++ r = -EFAULT;
++ if (copy_from_user(&u.pit_config, argp,
++ sizeof(struct kvm_pit_config)))
++ goto out;
++ create_pit:
++ mutex_lock(&kvm->slots_lock);
++ r = -EEXIST;
++ if (kvm->arch.vpit)
++ goto create_pit_unlock;
++ r = -ENOMEM;
++ kvm->arch.vpit = kvm_create_pit(kvm, u.pit_config.flags);
++ if (kvm->arch.vpit)
++ r = 0;
++ create_pit_unlock:
++ mutex_unlock(&kvm->slots_lock);
++ break;
++ case KVM_GET_IRQCHIP: {
++ /* 0: PIC master, 1: PIC slave, 2: IOAPIC */
++ struct kvm_irqchip *chip;
++
++ chip = memdup_user(argp, sizeof(*chip));
++ if (IS_ERR(chip)) {
++ r = PTR_ERR(chip);
++ goto out;
++ }
++
++ r = -ENXIO;
++ if (!irqchip_in_kernel(kvm))
++ goto get_irqchip_out;
++ r = kvm_vm_ioctl_get_irqchip(kvm, chip);
++ if (r)
++ goto get_irqchip_out;
++ r = -EFAULT;
++ if (copy_to_user(argp, chip, sizeof *chip))
++ goto get_irqchip_out;
++ r = 0;
++ get_irqchip_out:
++ kfree(chip);
++ break;
++ }
++ case KVM_SET_IRQCHIP: {
++ /* 0: PIC master, 1: PIC slave, 2: IOAPIC */
++ struct kvm_irqchip *chip;
++
++ chip = memdup_user(argp, sizeof(*chip));
++ if (IS_ERR(chip)) {
++ r = PTR_ERR(chip);
++ goto out;
++ }
++
++ r = -ENXIO;
++ if (!irqchip_in_kernel(kvm))
++ goto set_irqchip_out;
++ r = kvm_vm_ioctl_set_irqchip(kvm, chip);
++ if (r)
++ goto set_irqchip_out;
++ r = 0;
++ set_irqchip_out:
++ kfree(chip);
++ break;
++ }
++ case KVM_GET_PIT: {
++ r = -EFAULT;
++ if (copy_from_user(&u.ps, argp, sizeof(struct kvm_pit_state)))
++ goto out;
++ r = -ENXIO;
++ if (!kvm->arch.vpit)
++ goto out;
++ r = kvm_vm_ioctl_get_pit(kvm, &u.ps);
++ if (r)
++ goto out;
++ r = -EFAULT;
++ if (copy_to_user(argp, &u.ps, sizeof(struct kvm_pit_state)))
++ goto out;
++ r = 0;
++ break;
++ }
++ case KVM_SET_PIT: {
++ r = -EFAULT;
++ if (copy_from_user(&u.ps, argp, sizeof u.ps))
++ goto out;
++ r = -ENXIO;
++ if (!kvm->arch.vpit)
++ goto out;
++ r = kvm_vm_ioctl_set_pit(kvm, &u.ps);
++ break;
++ }
++ case KVM_GET_PIT2: {
++ r = -ENXIO;
++ if (!kvm->arch.vpit)
++ goto out;
++ r = kvm_vm_ioctl_get_pit2(kvm, &u.ps2);
++ if (r)
++ goto out;
++ r = -EFAULT;
++ if (copy_to_user(argp, &u.ps2, sizeof(u.ps2)))
++ goto out;
++ r = 0;
++ break;
++ }
++ case KVM_SET_PIT2: {
++ r = -EFAULT;
++ if (copy_from_user(&u.ps2, argp, sizeof(u.ps2)))
++ goto out;
++ r = -ENXIO;
++ if (!kvm->arch.vpit)
++ goto out;
++ r = kvm_vm_ioctl_set_pit2(kvm, &u.ps2);
++ break;
++ }
++ case KVM_REINJECT_CONTROL: {
++ struct kvm_reinject_control control;
++ r = -EFAULT;
++ if (copy_from_user(&control, argp, sizeof(control)))
++ goto out;
++ r = kvm_vm_ioctl_reinject(kvm, &control);
++ break;
++ }
++ case KVM_XEN_HVM_CONFIG: {
++ r = -EFAULT;
++ if (copy_from_user(&kvm->arch.xen_hvm_config, argp,
++ sizeof(struct kvm_xen_hvm_config)))
++ goto out;
++ r = -EINVAL;
++ if (kvm->arch.xen_hvm_config.flags)
++ goto out;
++ r = 0;
++ break;
++ }
++ case KVM_SET_CLOCK: {
++ struct kvm_clock_data user_ns;
++ u64 now_ns;
++ s64 delta;
++
++ r = -EFAULT;
++ if (copy_from_user(&user_ns, argp, sizeof(user_ns)))
++ goto out;
++
++ r = -EINVAL;
++ if (user_ns.flags)
++ goto out;
++
++ r = 0;
++ local_irq_disable();
++ now_ns = get_kernel_ns();
++ delta = user_ns.clock - now_ns;
++ local_irq_enable();
++ kvm->arch.kvmclock_offset = delta;
++ kvm_gen_update_masterclock(kvm);
++ break;
++ }
++ case KVM_GET_CLOCK: {
++ struct kvm_clock_data user_ns;
++ u64 now_ns;
++
++ local_irq_disable();
++ now_ns = get_kernel_ns();
++ user_ns.clock = kvm->arch.kvmclock_offset + now_ns;
++ local_irq_enable();
++ user_ns.flags = 0;
++ memset(&user_ns.pad, 0, sizeof(user_ns.pad));
++
++ r = -EFAULT;
++ if (copy_to_user(argp, &user_ns, sizeof(user_ns)))
++ goto out;
++ r = 0;
++ break;
++ }
++
++ default:
++ ;
++ }
++out:
++ return r;
++}
++
++static void kvm_init_msr_list(void)
++{
++ u32 dummy[2];
++ unsigned i, j;
++
++ /* skip the first msrs in the list. KVM-specific */
++ for (i = j = KVM_SAVE_MSRS_BEGIN; i < ARRAY_SIZE(msrs_to_save); i++) {
++ if (rdmsr_safe(msrs_to_save[i], &dummy[0], &dummy[1]) < 0)
++ continue;
++
++ /*
++ * Even MSRs that are valid in the host may not be exposed
++ * to the guests in some cases. We could work around this
++ * in VMX with the generic MSR save/load machinery, but it
++ * is not really worthwhile since it will really only
++ * happen with nested virtualization.
++ */
++ switch (msrs_to_save[i]) {
++ case MSR_IA32_BNDCFGS:
++ if (!kvm_x86_ops->mpx_supported())
++ continue;
++ break;
++ default:
++ break;
++ }
++
++ if (j < i)
++ msrs_to_save[j] = msrs_to_save[i];
++ j++;
++ }
++ num_msrs_to_save = j;
++}
++
++static int vcpu_mmio_write(struct kvm_vcpu *vcpu, gpa_t addr, int len,
++ const void *v)
++{
++ int handled = 0;
++ int n;
++
++ do {
++ n = min(len, 8);
++ if (!(vcpu->arch.apic &&
++ !kvm_iodevice_write(&vcpu->arch.apic->dev, addr, n, v))
++ && kvm_io_bus_write(vcpu->kvm, KVM_MMIO_BUS, addr, n, v))
++ break;
++ handled += n;
++ addr += n;
++ len -= n;
++ v += n;
++ } while (len);
++
++ return handled;
++}
++
++static int vcpu_mmio_read(struct kvm_vcpu *vcpu, gpa_t addr, int len, void *v)
++{
++ int handled = 0;
++ int n;
++
++ do {
++ n = min(len, 8);
++ if (!(vcpu->arch.apic &&
++ !kvm_iodevice_read(&vcpu->arch.apic->dev, addr, n, v))
++ && kvm_io_bus_read(vcpu->kvm, KVM_MMIO_BUS, addr, n, v))
++ break;
++ trace_kvm_mmio(KVM_TRACE_MMIO_READ, n, addr, *(u64 *)v);
++ handled += n;
++ addr += n;
++ len -= n;
++ v += n;
++ } while (len);
++
++ return handled;
++}
++
++static void kvm_set_segment(struct kvm_vcpu *vcpu,
++ struct kvm_segment *var, int seg)
++{
++ kvm_x86_ops->set_segment(vcpu, var, seg);
++}
++
++void kvm_get_segment(struct kvm_vcpu *vcpu,
++ struct kvm_segment *var, int seg)
++{
++ kvm_x86_ops->get_segment(vcpu, var, seg);
++}
++
++gpa_t translate_nested_gpa(struct kvm_vcpu *vcpu, gpa_t gpa, u32 access,
++ struct x86_exception *exception)
++{
++ gpa_t t_gpa;
++
++ BUG_ON(!mmu_is_nested(vcpu));
++
++ /* NPT walks are always user-walks */
++ access |= PFERR_USER_MASK;
++ t_gpa = vcpu->arch.mmu.gva_to_gpa(vcpu, gpa, access, exception);
++
++ return t_gpa;
++}
++
++gpa_t kvm_mmu_gva_to_gpa_read(struct kvm_vcpu *vcpu, gva_t gva,
++ struct x86_exception *exception)
++{
++ u32 access = (kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0;
++ return vcpu->arch.walk_mmu->gva_to_gpa(vcpu, gva, access, exception);
++}
++
++ gpa_t kvm_mmu_gva_to_gpa_fetch(struct kvm_vcpu *vcpu, gva_t gva,
++ struct x86_exception *exception)
++{
++ u32 access = (kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0;
++ access |= PFERR_FETCH_MASK;
++ return vcpu->arch.walk_mmu->gva_to_gpa(vcpu, gva, access, exception);
++}
++
++gpa_t kvm_mmu_gva_to_gpa_write(struct kvm_vcpu *vcpu, gva_t gva,
++ struct x86_exception *exception)
++{
++ u32 access = (kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0;
++ access |= PFERR_WRITE_MASK;
++ return vcpu->arch.walk_mmu->gva_to_gpa(vcpu, gva, access, exception);
++}
++
++/* uses this to access any guest's mapped memory without checking CPL */
++gpa_t kvm_mmu_gva_to_gpa_system(struct kvm_vcpu *vcpu, gva_t gva,
++ struct x86_exception *exception)
++{
++ return vcpu->arch.walk_mmu->gva_to_gpa(vcpu, gva, 0, exception);
++}
++
++static int kvm_read_guest_virt_helper(gva_t addr, void *val, unsigned int bytes,
++ struct kvm_vcpu *vcpu, u32 access,
++ struct x86_exception *exception)
++{
++ void *data = val;
++ int r = X86EMUL_CONTINUE;
++
++ while (bytes) {
++ gpa_t gpa = vcpu->arch.walk_mmu->gva_to_gpa(vcpu, addr, access,
++ exception);
++ unsigned offset = addr & (PAGE_SIZE-1);
++ unsigned toread = min(bytes, (unsigned)PAGE_SIZE - offset);
++ int ret;
++
++ if (gpa == UNMAPPED_GVA)
++ return X86EMUL_PROPAGATE_FAULT;
++ ret = kvm_read_guest_page(vcpu->kvm, gpa >> PAGE_SHIFT, data,
++ offset, toread);
++ if (ret < 0) {
++ r = X86EMUL_IO_NEEDED;
++ goto out;
++ }
++
++ bytes -= toread;
++ data += toread;
++ addr += toread;
++ }
++out:
++ return r;
++}
++
++/* used for instruction fetching */
++static int kvm_fetch_guest_virt(struct x86_emulate_ctxt *ctxt,
++ gva_t addr, void *val, unsigned int bytes,
++ struct x86_exception *exception)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++ u32 access = (kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0;
++ unsigned offset;
++ int ret;
++
++ /* Inline kvm_read_guest_virt_helper for speed. */
++ gpa_t gpa = vcpu->arch.walk_mmu->gva_to_gpa(vcpu, addr, access|PFERR_FETCH_MASK,
++ exception);
++ if (unlikely(gpa == UNMAPPED_GVA))
++ return X86EMUL_PROPAGATE_FAULT;
++
++ offset = addr & (PAGE_SIZE-1);
++ if (WARN_ON(offset + bytes > PAGE_SIZE))
++ bytes = (unsigned)PAGE_SIZE - offset;
++ ret = kvm_read_guest_page(vcpu->kvm, gpa >> PAGE_SHIFT, val,
++ offset, bytes);
++ if (unlikely(ret < 0))
++ return X86EMUL_IO_NEEDED;
++
++ return X86EMUL_CONTINUE;
++}
++
++int kvm_read_guest_virt(struct x86_emulate_ctxt *ctxt,
++ gva_t addr, void *val, unsigned int bytes,
++ struct x86_exception *exception)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++ u32 access = (kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0;
++
++ return kvm_read_guest_virt_helper(addr, val, bytes, vcpu, access,
++ exception);
++}
++EXPORT_SYMBOL_GPL(kvm_read_guest_virt);
++
++static int kvm_read_guest_virt_system(struct x86_emulate_ctxt *ctxt,
++ gva_t addr, void *val, unsigned int bytes,
++ struct x86_exception *exception)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++ return kvm_read_guest_virt_helper(addr, val, bytes, vcpu, 0, exception);
++}
++
++int kvm_write_guest_virt_system(struct x86_emulate_ctxt *ctxt,
++ gva_t addr, void *val,
++ unsigned int bytes,
++ struct x86_exception *exception)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++ void *data = val;
++ int r = X86EMUL_CONTINUE;
++
++ while (bytes) {
++ gpa_t gpa = vcpu->arch.walk_mmu->gva_to_gpa(vcpu, addr,
++ PFERR_WRITE_MASK,
++ exception);
++ unsigned offset = addr & (PAGE_SIZE-1);
++ unsigned towrite = min(bytes, (unsigned)PAGE_SIZE - offset);
++ int ret;
++
++ if (gpa == UNMAPPED_GVA)
++ return X86EMUL_PROPAGATE_FAULT;
++ ret = kvm_write_guest(vcpu->kvm, gpa, data, towrite);
++ if (ret < 0) {
++ r = X86EMUL_IO_NEEDED;
++ goto out;
++ }
++
++ bytes -= towrite;
++ data += towrite;
++ addr += towrite;
++ }
++out:
++ return r;
++}
++EXPORT_SYMBOL_GPL(kvm_write_guest_virt_system);
++
++static int vcpu_mmio_gva_to_gpa(struct kvm_vcpu *vcpu, unsigned long gva,
++ gpa_t *gpa, struct x86_exception *exception,
++ bool write)
++{
++ u32 access = ((kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0)
++ | (write ? PFERR_WRITE_MASK : 0);
++
++ if (vcpu_match_mmio_gva(vcpu, gva)
++ && !permission_fault(vcpu, vcpu->arch.walk_mmu,
++ vcpu->arch.access, access)) {
++ *gpa = vcpu->arch.mmio_gfn << PAGE_SHIFT |
++ (gva & (PAGE_SIZE - 1));
++ trace_vcpu_match_mmio(gva, *gpa, write, false);
++ return 1;
++ }
++
++ *gpa = vcpu->arch.walk_mmu->gva_to_gpa(vcpu, gva, access, exception);
++
++ if (*gpa == UNMAPPED_GVA)
++ return -1;
++
++ /* For APIC access vmexit */
++ if ((*gpa & PAGE_MASK) == APIC_DEFAULT_PHYS_BASE)
++ return 1;
++
++ if (vcpu_match_mmio_gpa(vcpu, *gpa)) {
++ trace_vcpu_match_mmio(gva, *gpa, write, true);
++ return 1;
++ }
++
++ return 0;
++}
++
++int emulator_write_phys(struct kvm_vcpu *vcpu, gpa_t gpa,
++ const void *val, int bytes)
++{
++ int ret;
++
++ ret = kvm_write_guest(vcpu->kvm, gpa, val, bytes);
++ if (ret < 0)
++ return 0;
++ kvm_mmu_pte_write(vcpu, gpa, val, bytes);
++ return 1;
++}
++
++struct read_write_emulator_ops {
++ int (*read_write_prepare)(struct kvm_vcpu *vcpu, void *val,
++ int bytes);
++ int (*read_write_emulate)(struct kvm_vcpu *vcpu, gpa_t gpa,
++ void *val, int bytes);
++ int (*read_write_mmio)(struct kvm_vcpu *vcpu, gpa_t gpa,
++ int bytes, void *val);
++ int (*read_write_exit_mmio)(struct kvm_vcpu *vcpu, gpa_t gpa,
++ void *val, int bytes);
++ bool write;
++};
++
++static int read_prepare(struct kvm_vcpu *vcpu, void *val, int bytes)
++{
++ if (vcpu->mmio_read_completed) {
++ trace_kvm_mmio(KVM_TRACE_MMIO_READ, bytes,
++ vcpu->mmio_fragments[0].gpa, *(u64 *)val);
++ vcpu->mmio_read_completed = 0;
++ return 1;
++ }
++
++ return 0;
++}
++
++static int read_emulate(struct kvm_vcpu *vcpu, gpa_t gpa,
++ void *val, int bytes)
++{
++ return !kvm_read_guest(vcpu->kvm, gpa, val, bytes);
++}
++
++static int write_emulate(struct kvm_vcpu *vcpu, gpa_t gpa,
++ void *val, int bytes)
++{
++ return emulator_write_phys(vcpu, gpa, val, bytes);
++}
++
++static int write_mmio(struct kvm_vcpu *vcpu, gpa_t gpa, int bytes, void *val)
++{
++ trace_kvm_mmio(KVM_TRACE_MMIO_WRITE, bytes, gpa, *(u64 *)val);
++ return vcpu_mmio_write(vcpu, gpa, bytes, val);
++}
++
++static int read_exit_mmio(struct kvm_vcpu *vcpu, gpa_t gpa,
++ void *val, int bytes)
++{
++ trace_kvm_mmio(KVM_TRACE_MMIO_READ_UNSATISFIED, bytes, gpa, 0);
++ return X86EMUL_IO_NEEDED;
++}
++
++static int write_exit_mmio(struct kvm_vcpu *vcpu, gpa_t gpa,
++ void *val, int bytes)
++{
++ struct kvm_mmio_fragment *frag = &vcpu->mmio_fragments[0];
++
++ memcpy(vcpu->run->mmio.data, frag->data, min(8u, frag->len));
++ return X86EMUL_CONTINUE;
++}
++
++static const struct read_write_emulator_ops read_emultor = {
++ .read_write_prepare = read_prepare,
++ .read_write_emulate = read_emulate,
++ .read_write_mmio = vcpu_mmio_read,
++ .read_write_exit_mmio = read_exit_mmio,
++};
++
++static const struct read_write_emulator_ops write_emultor = {
++ .read_write_emulate = write_emulate,
++ .read_write_mmio = write_mmio,
++ .read_write_exit_mmio = write_exit_mmio,
++ .write = true,
++};
++
++static int emulator_read_write_onepage(unsigned long addr, void *val,
++ unsigned int bytes,
++ struct x86_exception *exception,
++ struct kvm_vcpu *vcpu,
++ const struct read_write_emulator_ops *ops)
++{
++ gpa_t gpa;
++ int handled, ret;
++ bool write = ops->write;
++ struct kvm_mmio_fragment *frag;
++
++ ret = vcpu_mmio_gva_to_gpa(vcpu, addr, &gpa, exception, write);
++
++ if (ret < 0)
++ return X86EMUL_PROPAGATE_FAULT;
++
++ /* For APIC access vmexit */
++ if (ret)
++ goto mmio;
++
++ if (ops->read_write_emulate(vcpu, gpa, val, bytes))
++ return X86EMUL_CONTINUE;
++
++mmio:
++ /*
++ * Is this MMIO handled locally?
++ */
++ handled = ops->read_write_mmio(vcpu, gpa, bytes, val);
++ if (handled == bytes)
++ return X86EMUL_CONTINUE;
++
++ gpa += handled;
++ bytes -= handled;
++ val += handled;
++
++ WARN_ON(vcpu->mmio_nr_fragments >= KVM_MAX_MMIO_FRAGMENTS);
++ frag = &vcpu->mmio_fragments[vcpu->mmio_nr_fragments++];
++ frag->gpa = gpa;
++ frag->data = val;
++ frag->len = bytes;
++ return X86EMUL_CONTINUE;
++}
++
++int emulator_read_write(struct x86_emulate_ctxt *ctxt, unsigned long addr,
++ void *val, unsigned int bytes,
++ struct x86_exception *exception,
++ const struct read_write_emulator_ops *ops)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++ gpa_t gpa;
++ int rc;
++
++ if (ops->read_write_prepare &&
++ ops->read_write_prepare(vcpu, val, bytes))
++ return X86EMUL_CONTINUE;
++
++ vcpu->mmio_nr_fragments = 0;
++
++ /* Crossing a page boundary? */
++ if (((addr + bytes - 1) ^ addr) & PAGE_MASK) {
++ int now;
++
++ now = -addr & ~PAGE_MASK;
++ rc = emulator_read_write_onepage(addr, val, now, exception,
++ vcpu, ops);
++
++ if (rc != X86EMUL_CONTINUE)
++ return rc;
++ addr += now;
++ val += now;
++ bytes -= now;
++ }
++
++ rc = emulator_read_write_onepage(addr, val, bytes, exception,
++ vcpu, ops);
++ if (rc != X86EMUL_CONTINUE)
++ return rc;
++
++ if (!vcpu->mmio_nr_fragments)
++ return rc;
++
++ gpa = vcpu->mmio_fragments[0].gpa;
++
++ vcpu->mmio_needed = 1;
++ vcpu->mmio_cur_fragment = 0;
++
++ vcpu->run->mmio.len = min(8u, vcpu->mmio_fragments[0].len);
++ vcpu->run->mmio.is_write = vcpu->mmio_is_write = ops->write;
++ vcpu->run->exit_reason = KVM_EXIT_MMIO;
++ vcpu->run->mmio.phys_addr = gpa;
++
++ return ops->read_write_exit_mmio(vcpu, gpa, val, bytes);
++}
++
++static int emulator_read_emulated(struct x86_emulate_ctxt *ctxt,
++ unsigned long addr,
++ void *val,
++ unsigned int bytes,
++ struct x86_exception *exception)
++{
++ return emulator_read_write(ctxt, addr, val, bytes,
++ exception, &read_emultor);
++}
++
++int emulator_write_emulated(struct x86_emulate_ctxt *ctxt,
++ unsigned long addr,
++ const void *val,
++ unsigned int bytes,
++ struct x86_exception *exception)
++{
++ return emulator_read_write(ctxt, addr, (void *)val, bytes,
++ exception, &write_emultor);
++}
++
++#define CMPXCHG_TYPE(t, ptr, old, new) \
++ (cmpxchg((t *)(ptr), *(t *)(old), *(t *)(new)) == *(t *)(old))
++
++#ifdef CONFIG_X86_64
++# define CMPXCHG64(ptr, old, new) CMPXCHG_TYPE(u64, ptr, old, new)
++#else
++# define CMPXCHG64(ptr, old, new) \
++ (cmpxchg64((u64 *)(ptr), *(u64 *)(old), *(u64 *)(new)) == *(u64 *)(old))
++#endif
++
++static int emulator_cmpxchg_emulated(struct x86_emulate_ctxt *ctxt,
++ unsigned long addr,
++ const void *old,
++ const void *new,
++ unsigned int bytes,
++ struct x86_exception *exception)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++ gpa_t gpa;
++ struct page *page;
++ char *kaddr;
++ bool exchanged;
++
++ /* guests cmpxchg8b have to be emulated atomically */
++ if (bytes > 8 || (bytes & (bytes - 1)))
++ goto emul_write;
++
++ gpa = kvm_mmu_gva_to_gpa_write(vcpu, addr, NULL);
++
++ if (gpa == UNMAPPED_GVA ||
++ (gpa & PAGE_MASK) == APIC_DEFAULT_PHYS_BASE)
++ goto emul_write;
++
++ if (((gpa + bytes - 1) & PAGE_MASK) != (gpa & PAGE_MASK))
++ goto emul_write;
++
++ page = gfn_to_page(vcpu->kvm, gpa >> PAGE_SHIFT);
++ if (is_error_page(page))
++ goto emul_write;
++
++ kaddr = kmap_atomic(page);
++ kaddr += offset_in_page(gpa);
++ switch (bytes) {
++ case 1:
++ exchanged = CMPXCHG_TYPE(u8, kaddr, old, new);
++ break;
++ case 2:
++ exchanged = CMPXCHG_TYPE(u16, kaddr, old, new);
++ break;
++ case 4:
++ exchanged = CMPXCHG_TYPE(u32, kaddr, old, new);
++ break;
++ case 8:
++ exchanged = CMPXCHG64(kaddr, old, new);
++ break;
++ default:
++ BUG();
++ }
++ kunmap_atomic(kaddr);
++ kvm_release_page_dirty(page);
++
++ if (!exchanged)
++ return X86EMUL_CMPXCHG_FAILED;
++
++ mark_page_dirty(vcpu->kvm, gpa >> PAGE_SHIFT);
++ kvm_mmu_pte_write(vcpu, gpa, new, bytes);
++
++ return X86EMUL_CONTINUE;
++
++emul_write:
++ printk_once(KERN_WARNING "kvm: emulating exchange as write\n");
++
++ return emulator_write_emulated(ctxt, addr, new, bytes, exception);
++}
++
++static int kernel_pio(struct kvm_vcpu *vcpu, void *pd)
++{
++ /* TODO: String I/O for in kernel device */
++ int r;
++
++ if (vcpu->arch.pio.in)
++ r = kvm_io_bus_read(vcpu->kvm, KVM_PIO_BUS, vcpu->arch.pio.port,
++ vcpu->arch.pio.size, pd);
++ else
++ r = kvm_io_bus_write(vcpu->kvm, KVM_PIO_BUS,
++ vcpu->arch.pio.port, vcpu->arch.pio.size,
++ pd);
++ return r;
++}
++
++static int emulator_pio_in_out(struct kvm_vcpu *vcpu, int size,
++ unsigned short port, void *val,
++ unsigned int count, bool in)
++{
++ vcpu->arch.pio.port = port;
++ vcpu->arch.pio.in = in;
++ vcpu->arch.pio.count = count;
++ vcpu->arch.pio.size = size;
++
++ if (!kernel_pio(vcpu, vcpu->arch.pio_data)) {
++ vcpu->arch.pio.count = 0;
++ return 1;
++ }
++
++ vcpu->run->exit_reason = KVM_EXIT_IO;
++ vcpu->run->io.direction = in ? KVM_EXIT_IO_IN : KVM_EXIT_IO_OUT;
++ vcpu->run->io.size = size;
++ vcpu->run->io.data_offset = KVM_PIO_PAGE_OFFSET * PAGE_SIZE;
++ vcpu->run->io.count = count;
++ vcpu->run->io.port = port;
++
++ return 0;
++}
++
++static int emulator_pio_in_emulated(struct x86_emulate_ctxt *ctxt,
++ int size, unsigned short port, void *val,
++ unsigned int count)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++ int ret;
++
++ if (vcpu->arch.pio.count)
++ goto data_avail;
++
++ ret = emulator_pio_in_out(vcpu, size, port, val, count, true);
++ if (ret) {
++data_avail:
++ memcpy(val, vcpu->arch.pio_data, size * count);
++ trace_kvm_pio(KVM_PIO_IN, port, size, count, vcpu->arch.pio_data);
++ vcpu->arch.pio.count = 0;
++ return 1;
++ }
++
++ return 0;
++}
++
++static int emulator_pio_out_emulated(struct x86_emulate_ctxt *ctxt,
++ int size, unsigned short port,
++ const void *val, unsigned int count)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++
++ memcpy(vcpu->arch.pio_data, val, size * count);
++ trace_kvm_pio(KVM_PIO_OUT, port, size, count, vcpu->arch.pio_data);
++ return emulator_pio_in_out(vcpu, size, port, (void *)val, count, false);
++}
++
++static unsigned long get_segment_base(struct kvm_vcpu *vcpu, int seg)
++{
++ return kvm_x86_ops->get_segment_base(vcpu, seg);
++}
++
++static void emulator_invlpg(struct x86_emulate_ctxt *ctxt, ulong address)
++{
++ kvm_mmu_invlpg(emul_to_vcpu(ctxt), address);
++}
++
++int kvm_emulate_wbinvd(struct kvm_vcpu *vcpu)
++{
++ if (!need_emulate_wbinvd(vcpu))
++ return X86EMUL_CONTINUE;
++
++ if (kvm_x86_ops->has_wbinvd_exit()) {
++ int cpu = get_cpu();
++
++ cpumask_set_cpu(cpu, vcpu->arch.wbinvd_dirty_mask);
++ smp_call_function_many(vcpu->arch.wbinvd_dirty_mask,
++ wbinvd_ipi, NULL, 1);
++ put_cpu();
++ cpumask_clear(vcpu->arch.wbinvd_dirty_mask);
++ } else
++ wbinvd();
++ return X86EMUL_CONTINUE;
++}
++EXPORT_SYMBOL_GPL(kvm_emulate_wbinvd);
++
++static void emulator_wbinvd(struct x86_emulate_ctxt *ctxt)
++{
++ kvm_emulate_wbinvd(emul_to_vcpu(ctxt));
++}
++
++int emulator_get_dr(struct x86_emulate_ctxt *ctxt, int dr, unsigned long *dest)
++{
++ return _kvm_get_dr(emul_to_vcpu(ctxt), dr, dest);
++}
++
++int emulator_set_dr(struct x86_emulate_ctxt *ctxt, int dr, unsigned long value)
++{
++
++ return __kvm_set_dr(emul_to_vcpu(ctxt), dr, value);
++}
++
++static u64 mk_cr_64(u64 curr_cr, u32 new_val)
++{
++ return (curr_cr & ~((1ULL << 32) - 1)) | new_val;
++}
++
++static unsigned long emulator_get_cr(struct x86_emulate_ctxt *ctxt, int cr)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++ unsigned long value;
++
++ switch (cr) {
++ case 0:
++ value = kvm_read_cr0(vcpu);
++ break;
++ case 2:
++ value = vcpu->arch.cr2;
++ break;
++ case 3:
++ value = kvm_read_cr3(vcpu);
++ break;
++ case 4:
++ value = kvm_read_cr4(vcpu);
++ break;
++ case 8:
++ value = kvm_get_cr8(vcpu);
++ break;
++ default:
++ kvm_err("%s: unexpected cr %u\n", __func__, cr);
++ return 0;
++ }
++
++ return value;
++}
++
++static int emulator_set_cr(struct x86_emulate_ctxt *ctxt, int cr, ulong val)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++ int res = 0;
++
++ switch (cr) {
++ case 0:
++ res = kvm_set_cr0(vcpu, mk_cr_64(kvm_read_cr0(vcpu), val));
++ break;
++ case 2:
++ vcpu->arch.cr2 = val;
++ break;
++ case 3:
++ res = kvm_set_cr3(vcpu, val);
++ break;
++ case 4:
++ res = kvm_set_cr4(vcpu, mk_cr_64(kvm_read_cr4(vcpu), val));
++ break;
++ case 8:
++ res = kvm_set_cr8(vcpu, val);
++ break;
++ default:
++ kvm_err("%s: unexpected cr %u\n", __func__, cr);
++ res = -1;
++ }
++
++ return res;
++}
++
++static int emulator_get_cpl(struct x86_emulate_ctxt *ctxt)
++{
++ return kvm_x86_ops->get_cpl(emul_to_vcpu(ctxt));
++}
++
++static void emulator_get_gdt(struct x86_emulate_ctxt *ctxt, struct desc_ptr *dt)
++{
++ kvm_x86_ops->get_gdt(emul_to_vcpu(ctxt), dt);
++}
++
++static void emulator_get_idt(struct x86_emulate_ctxt *ctxt, struct desc_ptr *dt)
++{
++ kvm_x86_ops->get_idt(emul_to_vcpu(ctxt), dt);
++}
++
++static void emulator_set_gdt(struct x86_emulate_ctxt *ctxt, struct desc_ptr *dt)
++{
++ kvm_x86_ops->set_gdt(emul_to_vcpu(ctxt), dt);
++}
++
++static void emulator_set_idt(struct x86_emulate_ctxt *ctxt, struct desc_ptr *dt)
++{
++ kvm_x86_ops->set_idt(emul_to_vcpu(ctxt), dt);
++}
++
++static unsigned long emulator_get_cached_segment_base(
++ struct x86_emulate_ctxt *ctxt, int seg)
++{
++ return get_segment_base(emul_to_vcpu(ctxt), seg);
++}
++
++static bool emulator_get_segment(struct x86_emulate_ctxt *ctxt, u16 *selector,
++ struct desc_struct *desc, u32 *base3,
++ int seg)
++{
++ struct kvm_segment var;
++
++ kvm_get_segment(emul_to_vcpu(ctxt), &var, seg);
++ *selector = var.selector;
++
++ if (var.unusable) {
++ memset(desc, 0, sizeof(*desc));
++ return false;
++ }
++
++ if (var.g)
++ var.limit >>= 12;
++ set_desc_limit(desc, var.limit);
++ set_desc_base(desc, (unsigned long)var.base);
++#ifdef CONFIG_X86_64
++ if (base3)
++ *base3 = var.base >> 32;
++#endif
++ desc->type = var.type;
++ desc->s = var.s;
++ desc->dpl = var.dpl;
++ desc->p = var.present;
++ desc->avl = var.avl;
++ desc->l = var.l;
++ desc->d = var.db;
++ desc->g = var.g;
++
++ return true;
++}
++
++static void emulator_set_segment(struct x86_emulate_ctxt *ctxt, u16 selector,
++ struct desc_struct *desc, u32 base3,
++ int seg)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++ struct kvm_segment var;
++
++ var.selector = selector;
++ var.base = get_desc_base(desc);
++#ifdef CONFIG_X86_64
++ var.base |= ((u64)base3) << 32;
++#endif
++ var.limit = get_desc_limit(desc);
++ if (desc->g)
++ var.limit = (var.limit << 12) | 0xfff;
++ var.type = desc->type;
++ var.dpl = desc->dpl;
++ var.db = desc->d;
++ var.s = desc->s;
++ var.l = desc->l;
++ var.g = desc->g;
++ var.avl = desc->avl;
++ var.present = desc->p;
++ var.unusable = !var.present;
++ var.padding = 0;
++
++ kvm_set_segment(vcpu, &var, seg);
++ return;
++}
++
++static int emulator_get_msr(struct x86_emulate_ctxt *ctxt,
++ u32 msr_index, u64 *pdata)
++{
++ return kvm_get_msr(emul_to_vcpu(ctxt), msr_index, pdata);
++}
++
++static int emulator_set_msr(struct x86_emulate_ctxt *ctxt,
++ u32 msr_index, u64 data)
++{
++ struct msr_data msr;
++
++ msr.data = data;
++ msr.index = msr_index;
++ msr.host_initiated = false;
++ return kvm_set_msr(emul_to_vcpu(ctxt), &msr);
++}
++
++static int emulator_check_pmc(struct x86_emulate_ctxt *ctxt,
++ u32 pmc)
++{
++ return kvm_pmu_check_pmc(emul_to_vcpu(ctxt), pmc);
++}
++
++static int emulator_read_pmc(struct x86_emulate_ctxt *ctxt,
++ u32 pmc, u64 *pdata)
++{
++ return kvm_pmu_read_pmc(emul_to_vcpu(ctxt), pmc, pdata);
++}
++
++static void emulator_halt(struct x86_emulate_ctxt *ctxt)
++{
++ emul_to_vcpu(ctxt)->arch.halt_request = 1;
++}
++
++static void emulator_get_fpu(struct x86_emulate_ctxt *ctxt)
++{
++ preempt_disable();
++ kvm_load_guest_fpu(emul_to_vcpu(ctxt));
++ /*
++ * CR0.TS may reference the host fpu state, not the guest fpu state,
++ * so it may be clear at this point.
++ */
++ clts();
++}
++
++static void emulator_put_fpu(struct x86_emulate_ctxt *ctxt)
++{
++ preempt_enable();
++}
++
++static int emulator_intercept(struct x86_emulate_ctxt *ctxt,
++ struct x86_instruction_info *info,
++ enum x86_intercept_stage stage)
++{
++ return kvm_x86_ops->check_intercept(emul_to_vcpu(ctxt), info, stage);
++}
++
++static void emulator_get_cpuid(struct x86_emulate_ctxt *ctxt,
++ u32 *eax, u32 *ebx, u32 *ecx, u32 *edx)
++{
++ kvm_cpuid(emul_to_vcpu(ctxt), eax, ebx, ecx, edx);
++}
++
++static ulong emulator_read_gpr(struct x86_emulate_ctxt *ctxt, unsigned reg)
++{
++ return kvm_register_read(emul_to_vcpu(ctxt), reg);
++}
++
++static void emulator_write_gpr(struct x86_emulate_ctxt *ctxt, unsigned reg, ulong val)
++{
++ kvm_register_write(emul_to_vcpu(ctxt), reg, val);
++}
++
++static const struct x86_emulate_ops emulate_ops = {
++ .read_gpr = emulator_read_gpr,
++ .write_gpr = emulator_write_gpr,
++ .read_std = kvm_read_guest_virt_system,
++ .write_std = kvm_write_guest_virt_system,
++ .fetch = kvm_fetch_guest_virt,
++ .read_emulated = emulator_read_emulated,
++ .write_emulated = emulator_write_emulated,
++ .cmpxchg_emulated = emulator_cmpxchg_emulated,
++ .invlpg = emulator_invlpg,
++ .pio_in_emulated = emulator_pio_in_emulated,
++ .pio_out_emulated = emulator_pio_out_emulated,
++ .get_segment = emulator_get_segment,
++ .set_segment = emulator_set_segment,
++ .get_cached_segment_base = emulator_get_cached_segment_base,
++ .get_gdt = emulator_get_gdt,
++ .get_idt = emulator_get_idt,
++ .set_gdt = emulator_set_gdt,
++ .set_idt = emulator_set_idt,
++ .get_cr = emulator_get_cr,
++ .set_cr = emulator_set_cr,
++ .cpl = emulator_get_cpl,
++ .get_dr = emulator_get_dr,
++ .set_dr = emulator_set_dr,
++ .set_msr = emulator_set_msr,
++ .get_msr = emulator_get_msr,
++ .check_pmc = emulator_check_pmc,
++ .read_pmc = emulator_read_pmc,
++ .halt = emulator_halt,
++ .wbinvd = emulator_wbinvd,
++ .fix_hypercall = emulator_fix_hypercall,
++ .get_fpu = emulator_get_fpu,
++ .put_fpu = emulator_put_fpu,
++ .intercept = emulator_intercept,
++ .get_cpuid = emulator_get_cpuid,
++};
++
++static void toggle_interruptibility(struct kvm_vcpu *vcpu, u32 mask)
++{
++ u32 int_shadow = kvm_x86_ops->get_interrupt_shadow(vcpu);
++ /*
++ * an sti; sti; sequence only disable interrupts for the first
++ * instruction. So, if the last instruction, be it emulated or
++ * not, left the system with the INT_STI flag enabled, it
++ * means that the last instruction is an sti. We should not
++ * leave the flag on in this case. The same goes for mov ss
++ */
++ if (int_shadow & mask)
++ mask = 0;
++ if (unlikely(int_shadow || mask)) {
++ kvm_x86_ops->set_interrupt_shadow(vcpu, mask);
++ if (!mask)
++ kvm_make_request(KVM_REQ_EVENT, vcpu);
++ }
++}
++
++static bool inject_emulated_exception(struct kvm_vcpu *vcpu)
++{
++ struct x86_emulate_ctxt *ctxt = &vcpu->arch.emulate_ctxt;
++ if (ctxt->exception.vector == PF_VECTOR)
++ return kvm_propagate_fault(vcpu, &ctxt->exception);
++
++ if (ctxt->exception.error_code_valid)
++ kvm_queue_exception_e(vcpu, ctxt->exception.vector,
++ ctxt->exception.error_code);
++ else
++ kvm_queue_exception(vcpu, ctxt->exception.vector);
++ return false;
++}
++
++static void init_emulate_ctxt(struct kvm_vcpu *vcpu)
++{
++ struct x86_emulate_ctxt *ctxt = &vcpu->arch.emulate_ctxt;
++ int cs_db, cs_l;
++
++ kvm_x86_ops->get_cs_db_l_bits(vcpu, &cs_db, &cs_l);
++
++ ctxt->eflags = kvm_get_rflags(vcpu);
++ ctxt->eip = kvm_rip_read(vcpu);
++ ctxt->mode = (!is_protmode(vcpu)) ? X86EMUL_MODE_REAL :
++ (ctxt->eflags & X86_EFLAGS_VM) ? X86EMUL_MODE_VM86 :
++ (cs_l && is_long_mode(vcpu)) ? X86EMUL_MODE_PROT64 :
++ cs_db ? X86EMUL_MODE_PROT32 :
++ X86EMUL_MODE_PROT16;
++ ctxt->guest_mode = is_guest_mode(vcpu);
++
++ init_decode_cache(ctxt);
++ vcpu->arch.emulate_regs_need_sync_from_vcpu = false;
++}
++
++int kvm_inject_realmode_interrupt(struct kvm_vcpu *vcpu, int irq, int inc_eip)
++{
++ struct x86_emulate_ctxt *ctxt = &vcpu->arch.emulate_ctxt;
++ int ret;
++
++ init_emulate_ctxt(vcpu);
++
++ ctxt->op_bytes = 2;
++ ctxt->ad_bytes = 2;
++ ctxt->_eip = ctxt->eip + inc_eip;
++ ret = emulate_int_real(ctxt, irq);
++
++ if (ret != X86EMUL_CONTINUE)
++ return EMULATE_FAIL;
++
++ ctxt->eip = ctxt->_eip;
++ kvm_rip_write(vcpu, ctxt->eip);
++ kvm_set_rflags(vcpu, ctxt->eflags);
++
++ if (irq == NMI_VECTOR)
++ vcpu->arch.nmi_pending = 0;
++ else
++ vcpu->arch.interrupt.pending = false;
++
++ return EMULATE_DONE;
++}
++EXPORT_SYMBOL_GPL(kvm_inject_realmode_interrupt);
++
++static int handle_emulation_failure(struct kvm_vcpu *vcpu)
++{
++ int r = EMULATE_DONE;
++
++ ++vcpu->stat.insn_emulation_fail;
++ trace_kvm_emulate_insn_failed(vcpu);
++ if (!is_guest_mode(vcpu) && kvm_x86_ops->get_cpl(vcpu) == 0) {
++ vcpu->run->exit_reason = KVM_EXIT_INTERNAL_ERROR;
++ vcpu->run->internal.suberror = KVM_INTERNAL_ERROR_EMULATION;
++ vcpu->run->internal.ndata = 0;
++ r = EMULATE_FAIL;
++ }
++ kvm_queue_exception(vcpu, UD_VECTOR);
++
++ return r;
++}
++
++static bool reexecute_instruction(struct kvm_vcpu *vcpu, gva_t cr2,
++ bool write_fault_to_shadow_pgtable,
++ int emulation_type)
++{
++ gpa_t gpa = cr2;
++ pfn_t pfn;
++
++ if (emulation_type & EMULTYPE_NO_REEXECUTE)
++ return false;
++
++ if (!vcpu->arch.mmu.direct_map) {
++ /*
++ * Write permission should be allowed since only
++ * write access need to be emulated.
++ */
++ gpa = kvm_mmu_gva_to_gpa_write(vcpu, cr2, NULL);
++
++ /*
++ * If the mapping is invalid in guest, let cpu retry
++ * it to generate fault.
++ */
++ if (gpa == UNMAPPED_GVA)
++ return true;
++ }
++
++ /*
++ * Do not retry the unhandleable instruction if it faults on the
++ * readonly host memory, otherwise it will goto a infinite loop:
++ * retry instruction -> write #PF -> emulation fail -> retry
++ * instruction -> ...
++ */
++ pfn = gfn_to_pfn(vcpu->kvm, gpa_to_gfn(gpa));
++
++ /*
++ * If the instruction failed on the error pfn, it can not be fixed,
++ * report the error to userspace.
++ */
++ if (is_error_noslot_pfn(pfn))
++ return false;
++
++ kvm_release_pfn_clean(pfn);
++
++ /* The instructions are well-emulated on direct mmu. */
++ if (vcpu->arch.mmu.direct_map) {
++ unsigned int indirect_shadow_pages;
++
++ spin_lock(&vcpu->kvm->mmu_lock);
++ indirect_shadow_pages = vcpu->kvm->arch.indirect_shadow_pages;
++ spin_unlock(&vcpu->kvm->mmu_lock);
++
++ if (indirect_shadow_pages)
++ kvm_mmu_unprotect_page(vcpu->kvm, gpa_to_gfn(gpa));
++
++ return true;
++ }
++
++ /*
++ * if emulation was due to access to shadowed page table
++ * and it failed try to unshadow page and re-enter the
++ * guest to let CPU execute the instruction.
++ */
++ kvm_mmu_unprotect_page(vcpu->kvm, gpa_to_gfn(gpa));
++
++ /*
++ * If the access faults on its page table, it can not
++ * be fixed by unprotecting shadow page and it should
++ * be reported to userspace.
++ */
++ return !write_fault_to_shadow_pgtable;
++}
++
++static bool retry_instruction(struct x86_emulate_ctxt *ctxt,
++ unsigned long cr2, int emulation_type)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++ unsigned long last_retry_eip, last_retry_addr, gpa = cr2;
++
++ last_retry_eip = vcpu->arch.last_retry_eip;
++ last_retry_addr = vcpu->arch.last_retry_addr;
++
++ /*
++ * If the emulation is caused by #PF and it is non-page_table
++ * writing instruction, it means the VM-EXIT is caused by shadow
++ * page protected, we can zap the shadow page and retry this
++ * instruction directly.
++ *
++ * Note: if the guest uses a non-page-table modifying instruction
++ * on the PDE that points to the instruction, then we will unmap
++ * the instruction and go to an infinite loop. So, we cache the
++ * last retried eip and the last fault address, if we meet the eip
++ * and the address again, we can break out of the potential infinite
++ * loop.
++ */
++ vcpu->arch.last_retry_eip = vcpu->arch.last_retry_addr = 0;
++
++ if (!(emulation_type & EMULTYPE_RETRY))
++ return false;
++
++ if (x86_page_table_writing_insn(ctxt))
++ return false;
++
++ if (ctxt->eip == last_retry_eip && last_retry_addr == cr2)
++ return false;
++
++ vcpu->arch.last_retry_eip = ctxt->eip;
++ vcpu->arch.last_retry_addr = cr2;
++
++ if (!vcpu->arch.mmu.direct_map)
++ gpa = kvm_mmu_gva_to_gpa_write(vcpu, cr2, NULL);
++
++ kvm_mmu_unprotect_page(vcpu->kvm, gpa_to_gfn(gpa));
++
++ return true;
++}
++
++static int complete_emulated_mmio(struct kvm_vcpu *vcpu);
++static int complete_emulated_pio(struct kvm_vcpu *vcpu);
++
++static int kvm_vcpu_check_hw_bp(unsigned long addr, u32 type, u32 dr7,
++ unsigned long *db)
++{
++ u32 dr6 = 0;
++ int i;
++ u32 enable, rwlen;
++
++ enable = dr7;
++ rwlen = dr7 >> 16;
++ for (i = 0; i < 4; i++, enable >>= 2, rwlen >>= 4)
++ if ((enable & 3) && (rwlen & 15) == type && db[i] == addr)
++ dr6 |= (1 << i);
++ return dr6;
++}
++
++static void kvm_vcpu_check_singlestep(struct kvm_vcpu *vcpu, unsigned long rflags, int *r)
++{
++ struct kvm_run *kvm_run = vcpu->run;
++
++ /*
++ * rflags is the old, "raw" value of the flags. The new value has
++ * not been saved yet.
++ *
++ * This is correct even for TF set by the guest, because "the
++ * processor will not generate this exception after the instruction
++ * that sets the TF flag".
++ */
++ if (unlikely(rflags & X86_EFLAGS_TF)) {
++ if (vcpu->guest_debug & KVM_GUESTDBG_SINGLESTEP) {
++ kvm_run->debug.arch.dr6 = DR6_BS | DR6_FIXED_1 |
++ DR6_RTM;
++ kvm_run->debug.arch.pc = vcpu->arch.singlestep_rip;
++ kvm_run->debug.arch.exception = DB_VECTOR;
++ kvm_run->exit_reason = KVM_EXIT_DEBUG;
++ *r = EMULATE_USER_EXIT;
++ } else {
++ vcpu->arch.emulate_ctxt.eflags &= ~X86_EFLAGS_TF;
++ /*
++ * "Certain debug exceptions may clear bit 0-3. The
++ * remaining contents of the DR6 register are never
++ * cleared by the processor".
++ */
++ vcpu->arch.dr6 &= ~15;
++ vcpu->arch.dr6 |= DR6_BS | DR6_RTM;
++ kvm_queue_exception(vcpu, DB_VECTOR);
++ }
++ }
++}
++
++static bool kvm_vcpu_check_breakpoint(struct kvm_vcpu *vcpu, int *r)
++{
++ struct kvm_run *kvm_run = vcpu->run;
++ unsigned long eip = vcpu->arch.emulate_ctxt.eip;
++ u32 dr6 = 0;
++
++ if (unlikely(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP) &&
++ (vcpu->arch.guest_debug_dr7 & DR7_BP_EN_MASK)) {
++ dr6 = kvm_vcpu_check_hw_bp(eip, 0,
++ vcpu->arch.guest_debug_dr7,
++ vcpu->arch.eff_db);
++
++ if (dr6 != 0) {
++ kvm_run->debug.arch.dr6 = dr6 | DR6_FIXED_1 | DR6_RTM;
++ kvm_run->debug.arch.pc = kvm_rip_read(vcpu) +
++ get_segment_base(vcpu, VCPU_SREG_CS);
++
++ kvm_run->debug.arch.exception = DB_VECTOR;
++ kvm_run->exit_reason = KVM_EXIT_DEBUG;
++ *r = EMULATE_USER_EXIT;
++ return true;
++ }
++ }
++
++ if (unlikely(vcpu->arch.dr7 & DR7_BP_EN_MASK) &&
++ !(kvm_get_rflags(vcpu) & X86_EFLAGS_RF)) {
++ dr6 = kvm_vcpu_check_hw_bp(eip, 0,
++ vcpu->arch.dr7,
++ vcpu->arch.db);
++
++ if (dr6 != 0) {
++ vcpu->arch.dr6 &= ~15;
++ vcpu->arch.dr6 |= dr6 | DR6_RTM;
++ kvm_queue_exception(vcpu, DB_VECTOR);
++ *r = EMULATE_DONE;
++ return true;
++ }
++ }
++
++ return false;
++}
++
++int x86_emulate_instruction(struct kvm_vcpu *vcpu,
++ unsigned long cr2,
++ int emulation_type,
++ void *insn,
++ int insn_len)
++{
++ int r;
++ struct x86_emulate_ctxt *ctxt = &vcpu->arch.emulate_ctxt;
++ bool writeback = true;
++ bool write_fault_to_spt = vcpu->arch.write_fault_to_shadow_pgtable;
++
++ /*
++ * Clear write_fault_to_shadow_pgtable here to ensure it is
++ * never reused.
++ */
++ vcpu->arch.write_fault_to_shadow_pgtable = false;
++ kvm_clear_exception_queue(vcpu);
++
++ if (!(emulation_type & EMULTYPE_NO_DECODE)) {
++ init_emulate_ctxt(vcpu);
++
++ /*
++ * We will reenter on the same instruction since
++ * we do not set complete_userspace_io. This does not
++ * handle watchpoints yet, those would be handled in
++ * the emulate_ops.
++ */
++ if (kvm_vcpu_check_breakpoint(vcpu, &r))
++ return r;
++
++ ctxt->interruptibility = 0;
++ ctxt->have_exception = false;
++ ctxt->exception.vector = -1;
++ ctxt->perm_ok = false;
++
++ ctxt->ud = emulation_type & EMULTYPE_TRAP_UD;
++
++ r = x86_decode_insn(ctxt, insn, insn_len);
++
++ trace_kvm_emulate_insn_start(vcpu);
++ ++vcpu->stat.insn_emulation;
++ if (r != EMULATION_OK) {
++ if (emulation_type & EMULTYPE_TRAP_UD)
++ return EMULATE_FAIL;
++ if (reexecute_instruction(vcpu, cr2, write_fault_to_spt,
++ emulation_type))
++ return EMULATE_DONE;
++ if (emulation_type & EMULTYPE_SKIP)
++ return EMULATE_FAIL;
++ return handle_emulation_failure(vcpu);
++ }
++ }
++
++ if (emulation_type & EMULTYPE_SKIP) {
++ kvm_rip_write(vcpu, ctxt->_eip);
++ if (ctxt->eflags & X86_EFLAGS_RF)
++ kvm_set_rflags(vcpu, ctxt->eflags & ~X86_EFLAGS_RF);
++ return EMULATE_DONE;
++ }
++
++ if (retry_instruction(ctxt, cr2, emulation_type))
++ return EMULATE_DONE;
++
++ /* this is needed for vmware backdoor interface to work since it
++ changes registers values during IO operation */
++ if (vcpu->arch.emulate_regs_need_sync_from_vcpu) {
++ vcpu->arch.emulate_regs_need_sync_from_vcpu = false;
++ emulator_invalidate_register_cache(ctxt);
++ }
++
++restart:
++ r = x86_emulate_insn(ctxt);
++
++ if (r == EMULATION_INTERCEPTED)
++ return EMULATE_DONE;
++
++ if (r == EMULATION_FAILED) {
++ if (reexecute_instruction(vcpu, cr2, write_fault_to_spt,
++ emulation_type))
++ return EMULATE_DONE;
++
++ return handle_emulation_failure(vcpu);
++ }
++
++ if (ctxt->have_exception) {
++ r = EMULATE_DONE;
++ if (inject_emulated_exception(vcpu))
++ return r;
++ } else if (vcpu->arch.pio.count) {
++ if (!vcpu->arch.pio.in) {
++ /* FIXME: return into emulator if single-stepping. */
++ vcpu->arch.pio.count = 0;
++ } else {
++ writeback = false;
++ vcpu->arch.complete_userspace_io = complete_emulated_pio;
++ }
++ r = EMULATE_USER_EXIT;
++ } else if (vcpu->mmio_needed) {
++ if (!vcpu->mmio_is_write)
++ writeback = false;
++ r = EMULATE_USER_EXIT;
++ vcpu->arch.complete_userspace_io = complete_emulated_mmio;
++ } else if (r == EMULATION_RESTART)
++ goto restart;
++ else
++ r = EMULATE_DONE;
++
++ if (writeback) {
++ unsigned long rflags = kvm_x86_ops->get_rflags(vcpu);
++ toggle_interruptibility(vcpu, ctxt->interruptibility);
++ vcpu->arch.emulate_regs_need_sync_to_vcpu = false;
++ kvm_rip_write(vcpu, ctxt->eip);
++ if (r == EMULATE_DONE)
++ kvm_vcpu_check_singlestep(vcpu, rflags, &r);
++ __kvm_set_rflags(vcpu, ctxt->eflags);
++
++ /*
++ * For STI, interrupts are shadowed; so KVM_REQ_EVENT will
++ * do nothing, and it will be requested again as soon as
++ * the shadow expires. But we still need to check here,
++ * because POPF has no interrupt shadow.
++ */
++ if (unlikely((ctxt->eflags & ~rflags) & X86_EFLAGS_IF))
++ kvm_make_request(KVM_REQ_EVENT, vcpu);
++ } else
++ vcpu->arch.emulate_regs_need_sync_to_vcpu = true;
++
++ return r;
++}
++EXPORT_SYMBOL_GPL(x86_emulate_instruction);
++
++int kvm_fast_pio_out(struct kvm_vcpu *vcpu, int size, unsigned short port)
++{
++ unsigned long val = kvm_register_read(vcpu, VCPU_REGS_RAX);
++ int ret = emulator_pio_out_emulated(&vcpu->arch.emulate_ctxt,
++ size, port, &val, 1);
++ /* do not return to emulator after return from userspace */
++ vcpu->arch.pio.count = 0;
++ return ret;
++}
++EXPORT_SYMBOL_GPL(kvm_fast_pio_out);
++
++static void tsc_bad(void *info)
++{
++ __this_cpu_write(cpu_tsc_khz, 0);
++}
++
++static void tsc_khz_changed(void *data)
++{
++ struct cpufreq_freqs *freq = data;
++ unsigned long khz = 0;
++
++ if (data)
++ khz = freq->new;
++ else if (!boot_cpu_has(X86_FEATURE_CONSTANT_TSC))
++ khz = cpufreq_quick_get(raw_smp_processor_id());
++ if (!khz)
++ khz = tsc_khz;
++ __this_cpu_write(cpu_tsc_khz, khz);
++}
++
++static int kvmclock_cpufreq_notifier(struct notifier_block *nb, unsigned long val,
++ void *data)
++{
++ struct cpufreq_freqs *freq = data;
++ struct kvm *kvm;
++ struct kvm_vcpu *vcpu;
++ int i, send_ipi = 0;
++
++ /*
++ * We allow guests to temporarily run on slowing clocks,
++ * provided we notify them after, or to run on accelerating
++ * clocks, provided we notify them before. Thus time never
++ * goes backwards.
++ *
++ * However, we have a problem. We can't atomically update
++ * the frequency of a given CPU from this function; it is
++ * merely a notifier, which can be called from any CPU.
++ * Changing the TSC frequency at arbitrary points in time
++ * requires a recomputation of local variables related to
++ * the TSC for each VCPU. We must flag these local variables
++ * to be updated and be sure the update takes place with the
++ * new frequency before any guests proceed.
++ *
++ * Unfortunately, the combination of hotplug CPU and frequency
++ * change creates an intractable locking scenario; the order
++ * of when these callouts happen is undefined with respect to
++ * CPU hotplug, and they can race with each other. As such,
++ * merely setting per_cpu(cpu_tsc_khz) = X during a hotadd is
++ * undefined; you can actually have a CPU frequency change take
++ * place in between the computation of X and the setting of the
++ * variable. To protect against this problem, all updates of
++ * the per_cpu tsc_khz variable are done in an interrupt
++ * protected IPI, and all callers wishing to update the value
++ * must wait for a synchronous IPI to complete (which is trivial
++ * if the caller is on the CPU already). This establishes the
++ * necessary total order on variable updates.
++ *
++ * Note that because a guest time update may take place
++ * anytime after the setting of the VCPU's request bit, the
++ * correct TSC value must be set before the request. However,
++ * to ensure the update actually makes it to any guest which
++ * starts running in hardware virtualization between the set
++ * and the acquisition of the spinlock, we must also ping the
++ * CPU after setting the request bit.
++ *
++ */
++
++ if (val == CPUFREQ_PRECHANGE && freq->old > freq->new)
++ return 0;
++ if (val == CPUFREQ_POSTCHANGE && freq->old < freq->new)
++ return 0;
++
++ smp_call_function_single(freq->cpu, tsc_khz_changed, freq, 1);
++
++ spin_lock(&kvm_lock);
++ list_for_each_entry(kvm, &vm_list, vm_list) {
++ kvm_for_each_vcpu(i, vcpu, kvm) {
++ if (vcpu->cpu != freq->cpu)
++ continue;
++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu);
++ if (vcpu->cpu != smp_processor_id())
++ send_ipi = 1;
++ }
++ }
++ spin_unlock(&kvm_lock);
++
++ if (freq->old < freq->new && send_ipi) {
++ /*
++ * We upscale the frequency. Must make the guest
++ * doesn't see old kvmclock values while running with
++ * the new frequency, otherwise we risk the guest sees
++ * time go backwards.
++ *
++ * In case we update the frequency for another cpu
++ * (which might be in guest context) send an interrupt
++ * to kick the cpu out of guest context. Next time
++ * guest context is entered kvmclock will be updated,
++ * so the guest will not see stale values.
++ */
++ smp_call_function_single(freq->cpu, tsc_khz_changed, freq, 1);
++ }
++ return 0;
++}
++
++static struct notifier_block kvmclock_cpufreq_notifier_block = {
++ .notifier_call = kvmclock_cpufreq_notifier
++};
++
++static int kvmclock_cpu_notifier(struct notifier_block *nfb,
++ unsigned long action, void *hcpu)
++{
++ unsigned int cpu = (unsigned long)hcpu;
++
++ switch (action) {
++ case CPU_ONLINE:
++ case CPU_DOWN_FAILED:
++ smp_call_function_single(cpu, tsc_khz_changed, NULL, 1);
++ break;
++ case CPU_DOWN_PREPARE:
++ smp_call_function_single(cpu, tsc_bad, NULL, 1);
++ break;
++ }
++ return NOTIFY_OK;
++}
++
++static struct notifier_block kvmclock_cpu_notifier_block = {
++ .notifier_call = kvmclock_cpu_notifier,
++ .priority = -INT_MAX
++};
++
++static void kvm_timer_init(void)
++{
++ int cpu;
++
++ max_tsc_khz = tsc_khz;
++
++ cpu_notifier_register_begin();
++ if (!boot_cpu_has(X86_FEATURE_CONSTANT_TSC)) {
++#ifdef CONFIG_CPU_FREQ
++ struct cpufreq_policy policy;
++ memset(&policy, 0, sizeof(policy));
++ cpu = get_cpu();
++ cpufreq_get_policy(&policy, cpu);
++ if (policy.cpuinfo.max_freq)
++ max_tsc_khz = policy.cpuinfo.max_freq;
++ put_cpu();
++#endif
++ cpufreq_register_notifier(&kvmclock_cpufreq_notifier_block,
++ CPUFREQ_TRANSITION_NOTIFIER);
++ }
++ pr_debug("kvm: max_tsc_khz = %ld\n", max_tsc_khz);
++ for_each_online_cpu(cpu)
++ smp_call_function_single(cpu, tsc_khz_changed, NULL, 1);
++
++ __register_hotcpu_notifier(&kvmclock_cpu_notifier_block);
++ cpu_notifier_register_done();
++
++}
++
++static DEFINE_PER_CPU(struct kvm_vcpu *, current_vcpu);
++
++int kvm_is_in_guest(void)
++{
++ return __this_cpu_read(current_vcpu) != NULL;
++}
++
++static int kvm_is_user_mode(void)
++{
++ int user_mode = 3;
++
++ if (__this_cpu_read(current_vcpu))
++ user_mode = kvm_x86_ops->get_cpl(__this_cpu_read(current_vcpu));
++
++ return user_mode != 0;
++}
++
++static unsigned long kvm_get_guest_ip(void)
++{
++ unsigned long ip = 0;
++
++ if (__this_cpu_read(current_vcpu))
++ ip = kvm_rip_read(__this_cpu_read(current_vcpu));
++
++ return ip;
++}
++
++static struct perf_guest_info_callbacks kvm_guest_cbs = {
++ .is_in_guest = kvm_is_in_guest,
++ .is_user_mode = kvm_is_user_mode,
++ .get_guest_ip = kvm_get_guest_ip,
++};
++
++void kvm_before_handle_nmi(struct kvm_vcpu *vcpu)
++{
++ __this_cpu_write(current_vcpu, vcpu);
++}
++EXPORT_SYMBOL_GPL(kvm_before_handle_nmi);
++
++void kvm_after_handle_nmi(struct kvm_vcpu *vcpu)
++{
++ __this_cpu_write(current_vcpu, NULL);
++}
++EXPORT_SYMBOL_GPL(kvm_after_handle_nmi);
++
++static void kvm_set_mmio_spte_mask(void)
++{
++ u64 mask;
++ int maxphyaddr = boot_cpu_data.x86_phys_bits;
++
++ /*
++ * Set the reserved bits and the present bit of an paging-structure
++ * entry to generate page fault with PFER.RSV = 1.
++ */
++ /* Mask the reserved physical address bits. */
++ mask = rsvd_bits(maxphyaddr, 51);
++
++ /* Bit 62 is always reserved for 32bit host. */
++ mask |= 0x3ull << 62;
++
++ /* Set the present bit. */
++ mask |= 1ull;
++
++#ifdef CONFIG_X86_64
++ /*
++ * If reserved bit is not supported, clear the present bit to disable
++ * mmio page fault.
++ */
++ if (maxphyaddr == 52)
++ mask &= ~1ull;
++#endif
++
++ kvm_mmu_set_mmio_spte_mask(mask);
++}
++
++#ifdef CONFIG_X86_64
++static void pvclock_gtod_update_fn(struct work_struct *work)
++{
++ struct kvm *kvm;
++
++ struct kvm_vcpu *vcpu;
++ int i;
++
++ spin_lock(&kvm_lock);
++ list_for_each_entry(kvm, &vm_list, vm_list)
++ kvm_for_each_vcpu(i, vcpu, kvm)
++ kvm_make_request(KVM_REQ_MASTERCLOCK_UPDATE, vcpu);
++ atomic_set(&kvm_guest_has_master_clock, 0);
++ spin_unlock(&kvm_lock);
++}
++
++static DECLARE_WORK(pvclock_gtod_work, pvclock_gtod_update_fn);
++
++/*
++ * Notification about pvclock gtod data update.
++ */
++static int pvclock_gtod_notify(struct notifier_block *nb, unsigned long unused,
++ void *priv)
++{
++ struct pvclock_gtod_data *gtod = &pvclock_gtod_data;
++ struct timekeeper *tk = priv;
++
++ update_pvclock_gtod(tk);
++
++ /* disable master clock if host does not trust, or does not
++ * use, TSC clocksource
++ */
++ if (gtod->clock.vclock_mode != VCLOCK_TSC &&
++ atomic_read(&kvm_guest_has_master_clock) != 0)
++ queue_work(system_long_wq, &pvclock_gtod_work);
++
++ return 0;
++}
++
++static struct notifier_block pvclock_gtod_notifier = {
++ .notifier_call = pvclock_gtod_notify,
++};
++#endif
++
++int kvm_arch_init(void *opaque)
++{
++ int r;
++ struct kvm_x86_ops *ops = opaque;
++
++ if (kvm_x86_ops) {
++ printk(KERN_ERR "kvm: already loaded the other module\n");
++ r = -EEXIST;
++ goto out;
++ }
++
++ if (!ops->cpu_has_kvm_support()) {
++ printk(KERN_ERR "kvm: no hardware support\n");
++ r = -EOPNOTSUPP;
++ goto out;
++ }
++ if (ops->disabled_by_bios()) {
++ printk(KERN_ERR "kvm: disabled by bios\n");
++ r = -EOPNOTSUPP;
++ goto out;
++ }
++
++ r = -ENOMEM;
++ shared_msrs = alloc_percpu(struct kvm_shared_msrs);
++ if (!shared_msrs) {
++ printk(KERN_ERR "kvm: failed to allocate percpu kvm_shared_msrs\n");
++ goto out;
++ }
++
++ r = kvm_mmu_module_init();
++ if (r)
++ goto out_free_percpu;
++
++ kvm_set_mmio_spte_mask();
++
++ kvm_x86_ops = ops;
++ kvm_init_msr_list();
++
++ kvm_mmu_set_mask_ptes(PT_USER_MASK, PT_ACCESSED_MASK,
++ PT_DIRTY_MASK, PT64_NX_MASK, 0);
++
++ kvm_timer_init();
++
++ perf_register_guest_info_callbacks(&kvm_guest_cbs);
++
++ if (cpu_has_xsave)
++ host_xcr0 = xgetbv(XCR_XFEATURE_ENABLED_MASK);
++
++ kvm_lapic_init();
++#ifdef CONFIG_X86_64
++ pvclock_gtod_register_notifier(&pvclock_gtod_notifier);
++#endif
++
++ return 0;
++
++out_free_percpu:
++ free_percpu(shared_msrs);
++out:
++ return r;
++}
++
++void kvm_arch_exit(void)
++{
++ perf_unregister_guest_info_callbacks(&kvm_guest_cbs);
++
++ if (!boot_cpu_has(X86_FEATURE_CONSTANT_TSC))
++ cpufreq_unregister_notifier(&kvmclock_cpufreq_notifier_block,
++ CPUFREQ_TRANSITION_NOTIFIER);
++ unregister_hotcpu_notifier(&kvmclock_cpu_notifier_block);
++#ifdef CONFIG_X86_64
++ pvclock_gtod_unregister_notifier(&pvclock_gtod_notifier);
++#endif
++ kvm_x86_ops = NULL;
++ kvm_mmu_module_exit();
++ free_percpu(shared_msrs);
++}
++
++int kvm_emulate_halt(struct kvm_vcpu *vcpu)
++{
++ ++vcpu->stat.halt_exits;
++ if (irqchip_in_kernel(vcpu->kvm)) {
++ vcpu->arch.mp_state = KVM_MP_STATE_HALTED;
++ return 1;
++ } else {
++ vcpu->run->exit_reason = KVM_EXIT_HLT;
++ return 0;
++ }
++}
++EXPORT_SYMBOL_GPL(kvm_emulate_halt);
++
++int kvm_hv_hypercall(struct kvm_vcpu *vcpu)
++{
++ u64 param, ingpa, outgpa, ret;
++ uint16_t code, rep_idx, rep_cnt, res = HV_STATUS_SUCCESS, rep_done = 0;
++ bool fast, longmode;
++
++ /*
++ * hypercall generates UD from non zero cpl and real mode
++ * per HYPER-V spec
++ */
++ if (kvm_x86_ops->get_cpl(vcpu) != 0 || !is_protmode(vcpu)) {
++ kvm_queue_exception(vcpu, UD_VECTOR);
++ return 0;
++ }
++
++ longmode = is_64_bit_mode(vcpu);
++
++ if (!longmode) {
++ param = ((u64)kvm_register_read(vcpu, VCPU_REGS_RDX) << 32) |
++ (kvm_register_read(vcpu, VCPU_REGS_RAX) & 0xffffffff);
++ ingpa = ((u64)kvm_register_read(vcpu, VCPU_REGS_RBX) << 32) |
++ (kvm_register_read(vcpu, VCPU_REGS_RCX) & 0xffffffff);
++ outgpa = ((u64)kvm_register_read(vcpu, VCPU_REGS_RDI) << 32) |
++ (kvm_register_read(vcpu, VCPU_REGS_RSI) & 0xffffffff);
++ }
++#ifdef CONFIG_X86_64
++ else {
++ param = kvm_register_read(vcpu, VCPU_REGS_RCX);
++ ingpa = kvm_register_read(vcpu, VCPU_REGS_RDX);
++ outgpa = kvm_register_read(vcpu, VCPU_REGS_R8);
++ }
++#endif
++
++ code = param & 0xffff;
++ fast = (param >> 16) & 0x1;
++ rep_cnt = (param >> 32) & 0xfff;
++ rep_idx = (param >> 48) & 0xfff;
++
++ trace_kvm_hv_hypercall(code, fast, rep_cnt, rep_idx, ingpa, outgpa);
++
++ switch (code) {
++ case HV_X64_HV_NOTIFY_LONG_SPIN_WAIT:
++ kvm_vcpu_on_spin(vcpu);
++ break;
++ default:
++ res = HV_STATUS_INVALID_HYPERCALL_CODE;
++ break;
++ }
++
++ ret = res | (((u64)rep_done & 0xfff) << 32);
++ if (longmode) {
++ kvm_register_write(vcpu, VCPU_REGS_RAX, ret);
++ } else {
++ kvm_register_write(vcpu, VCPU_REGS_RDX, ret >> 32);
++ kvm_register_write(vcpu, VCPU_REGS_RAX, ret & 0xffffffff);
++ }
++
++ return 1;
++}
++
++/*
++ * kvm_pv_kick_cpu_op: Kick a vcpu.
++ *
++ * @apicid - apicid of vcpu to be kicked.
++ */
++static void kvm_pv_kick_cpu_op(struct kvm *kvm, unsigned long flags, int apicid)
++{
++ struct kvm_lapic_irq lapic_irq;
++
++ lapic_irq.shorthand = 0;
++ lapic_irq.dest_mode = 0;
++ lapic_irq.dest_id = apicid;
++
++ lapic_irq.delivery_mode = APIC_DM_REMRD;
++ kvm_irq_delivery_to_apic(kvm, 0, &lapic_irq, NULL);
++}
++
++int kvm_emulate_hypercall(struct kvm_vcpu *vcpu)
++{
++ unsigned long nr, a0, a1, a2, a3, ret;
++ int op_64_bit, r = 1;
++
++ if (kvm_hv_hypercall_enabled(vcpu->kvm))
++ return kvm_hv_hypercall(vcpu);
++
++ nr = kvm_register_read(vcpu, VCPU_REGS_RAX);
++ a0 = kvm_register_read(vcpu, VCPU_REGS_RBX);
++ a1 = kvm_register_read(vcpu, VCPU_REGS_RCX);
++ a2 = kvm_register_read(vcpu, VCPU_REGS_RDX);
++ a3 = kvm_register_read(vcpu, VCPU_REGS_RSI);
++
++ trace_kvm_hypercall(nr, a0, a1, a2, a3);
++
++ op_64_bit = is_64_bit_mode(vcpu);
++ if (!op_64_bit) {
++ nr &= 0xFFFFFFFF;
++ a0 &= 0xFFFFFFFF;
++ a1 &= 0xFFFFFFFF;
++ a2 &= 0xFFFFFFFF;
++ a3 &= 0xFFFFFFFF;
++ }
++
++ if (kvm_x86_ops->get_cpl(vcpu) != 0) {
++ ret = -KVM_EPERM;
++ goto out;
++ }
++
++ switch (nr) {
++ case KVM_HC_VAPIC_POLL_IRQ:
++ ret = 0;
++ break;
++ case KVM_HC_KICK_CPU:
++ kvm_pv_kick_cpu_op(vcpu->kvm, a0, a1);
++ ret = 0;
++ break;
++ default:
++ ret = -KVM_ENOSYS;
++ break;
++ }
++out:
++ if (!op_64_bit)
++ ret = (u32)ret;
++ kvm_register_write(vcpu, VCPU_REGS_RAX, ret);
++ ++vcpu->stat.hypercalls;
++ return r;
++}
++EXPORT_SYMBOL_GPL(kvm_emulate_hypercall);
++
++static int emulator_fix_hypercall(struct x86_emulate_ctxt *ctxt)
++{
++ struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
++ char instruction[3];
++ unsigned long rip = kvm_rip_read(vcpu);
++
++ kvm_x86_ops->patch_hypercall(vcpu, instruction);
++
++ return emulator_write_emulated(ctxt, rip, instruction, 3, NULL);
++}
++
++/*
++ * Check if userspace requested an interrupt window, and that the
++ * interrupt window is open.
++ *
++ * No need to exit to userspace if we already have an interrupt queued.
++ */
++static int dm_request_for_irq_injection(struct kvm_vcpu *vcpu)
++{
++ return (!irqchip_in_kernel(vcpu->kvm) && !kvm_cpu_has_interrupt(vcpu) &&
++ vcpu->run->request_interrupt_window &&
++ kvm_arch_interrupt_allowed(vcpu));
++}
++
++static void post_kvm_run_save(struct kvm_vcpu *vcpu)
++{
++ struct kvm_run *kvm_run = vcpu->run;
++
++ kvm_run->if_flag = (kvm_get_rflags(vcpu) & X86_EFLAGS_IF) != 0;
++ kvm_run->cr8 = kvm_get_cr8(vcpu);
++ kvm_run->apic_base = kvm_get_apic_base(vcpu);
++ if (irqchip_in_kernel(vcpu->kvm))
++ kvm_run->ready_for_interrupt_injection = 1;
++ else
++ kvm_run->ready_for_interrupt_injection =
++ kvm_arch_interrupt_allowed(vcpu) &&
++ !kvm_cpu_has_interrupt(vcpu) &&
++ !kvm_event_needs_reinjection(vcpu);
++}
++
++static void update_cr8_intercept(struct kvm_vcpu *vcpu)
++{
++ int max_irr, tpr;
++
++ if (!kvm_x86_ops->update_cr8_intercept)
++ return;
++
++ if (!vcpu->arch.apic)
++ return;
++
++ if (!vcpu->arch.apic->vapic_addr)
++ max_irr = kvm_lapic_find_highest_irr(vcpu);
++ else
++ max_irr = -1;
++
++ if (max_irr != -1)
++ max_irr >>= 4;
++
++ tpr = kvm_lapic_get_cr8(vcpu);
++
++ kvm_x86_ops->update_cr8_intercept(vcpu, tpr, max_irr);
++}
++
++static int inject_pending_event(struct kvm_vcpu *vcpu, bool req_int_win)
++{
++ int r;
++
++ /* try to reinject previous events if any */
++ if (vcpu->arch.exception.pending) {
++ trace_kvm_inj_exception(vcpu->arch.exception.nr,
++ vcpu->arch.exception.has_error_code,
++ vcpu->arch.exception.error_code);
++
++ if (exception_type(vcpu->arch.exception.nr) == EXCPT_FAULT)
++ __kvm_set_rflags(vcpu, kvm_get_rflags(vcpu) |
++ X86_EFLAGS_RF);
++
++ kvm_x86_ops->queue_exception(vcpu, vcpu->arch.exception.nr,
++ vcpu->arch.exception.has_error_code,
++ vcpu->arch.exception.error_code,
++ vcpu->arch.exception.reinject);
++ return 0;
++ }
++
++ if (vcpu->arch.nmi_injected) {
++ kvm_x86_ops->set_nmi(vcpu);
++ return 0;
++ }
++
++ if (vcpu->arch.interrupt.pending) {
++ kvm_x86_ops->set_irq(vcpu);
++ return 0;
++ }
++
++ if (is_guest_mode(vcpu) && kvm_x86_ops->check_nested_events) {
++ r = kvm_x86_ops->check_nested_events(vcpu, req_int_win);
++ if (r != 0)
++ return r;
++ }
++
++ /* try to inject new event if pending */
++ if (vcpu->arch.nmi_pending) {
++ if (kvm_x86_ops->nmi_allowed(vcpu)) {
++ --vcpu->arch.nmi_pending;
++ vcpu->arch.nmi_injected = true;
++ kvm_x86_ops->set_nmi(vcpu);
++ }
++ } else if (kvm_cpu_has_injectable_intr(vcpu)) {
++ /*
++ * Because interrupts can be injected asynchronously, we are
++ * calling check_nested_events again here to avoid a race condition.
++ * See https://lkml.org/lkml/2014/7/2/60 for discussion about this
++ * proposal and current concerns. Perhaps we should be setting
++ * KVM_REQ_EVENT only on certain events and not unconditionally?
++ */
++ if (is_guest_mode(vcpu) && kvm_x86_ops->check_nested_events) {
++ r = kvm_x86_ops->check_nested_events(vcpu, req_int_win);
++ if (r != 0)
++ return r;
++ }
++ if (kvm_x86_ops->interrupt_allowed(vcpu)) {
++ kvm_queue_interrupt(vcpu, kvm_cpu_get_interrupt(vcpu),
++ false);
++ kvm_x86_ops->set_irq(vcpu);
++ }
++ }
++ return 0;
++}
++
++static void process_nmi(struct kvm_vcpu *vcpu)
++{
++ unsigned limit = 2;
++
++ /*
++ * x86 is limited to one NMI running, and one NMI pending after it.
++ * If an NMI is already in progress, limit further NMIs to just one.
++ * Otherwise, allow two (and we'll inject the first one immediately).
++ */
++ if (kvm_x86_ops->get_nmi_mask(vcpu) || vcpu->arch.nmi_injected)
++ limit = 1;
++
++ vcpu->arch.nmi_pending += atomic_xchg(&vcpu->arch.nmi_queued, 0);
++ vcpu->arch.nmi_pending = min(vcpu->arch.nmi_pending, limit);
++ kvm_make_request(KVM_REQ_EVENT, vcpu);
++}
++
++static void vcpu_scan_ioapic(struct kvm_vcpu *vcpu)
++{
++ u64 eoi_exit_bitmap[4];
++ u32 tmr[8];
++
++ if (!kvm_apic_hw_enabled(vcpu->arch.apic))
++ return;
++
++ memset(eoi_exit_bitmap, 0, 32);
++ memset(tmr, 0, 32);
++
++ kvm_ioapic_scan_entry(vcpu, eoi_exit_bitmap, tmr);
++ kvm_x86_ops->load_eoi_exitmap(vcpu, eoi_exit_bitmap);
++ kvm_apic_update_tmr(vcpu, tmr);
++}
++
++static void kvm_vcpu_flush_tlb(struct kvm_vcpu *vcpu)
++{
++ ++vcpu->stat.tlb_flush;
++ kvm_x86_ops->tlb_flush(vcpu);
++}
++
++void kvm_vcpu_reload_apic_access_page(struct kvm_vcpu *vcpu)
++{
++ struct page *page = NULL;
++
++ if (!irqchip_in_kernel(vcpu->kvm))
++ return;
++
++ if (!kvm_x86_ops->set_apic_access_page_addr)
++ return;
++
++ page = gfn_to_page(vcpu->kvm, APIC_DEFAULT_PHYS_BASE >> PAGE_SHIFT);
++ kvm_x86_ops->set_apic_access_page_addr(vcpu, page_to_phys(page));
++
++ /*
++ * Do not pin apic access page in memory, the MMU notifier
++ * will call us again if it is migrated or swapped out.
++ */
++ put_page(page);
++}
++EXPORT_SYMBOL_GPL(kvm_vcpu_reload_apic_access_page);
++
++void kvm_arch_mmu_notifier_invalidate_page(struct kvm *kvm,
++ unsigned long address)
++{
++ /*
++ * The physical address of apic access page is stored in the VMCS.
++ * Update it when it becomes invalid.
++ */
++ if (address == gfn_to_hva(kvm, APIC_DEFAULT_PHYS_BASE >> PAGE_SHIFT))
++ kvm_make_all_cpus_request(kvm, KVM_REQ_APIC_PAGE_RELOAD);
++}
++
++/*
++ * Returns 1 to let __vcpu_run() continue the guest execution loop without
++ * exiting to the userspace. Otherwise, the value will be returned to the
++ * userspace.
++ */
++static int vcpu_enter_guest(struct kvm_vcpu *vcpu)
++{
++ int r;
++ bool req_int_win = !irqchip_in_kernel(vcpu->kvm) &&
++ vcpu->run->request_interrupt_window;
++ bool req_immediate_exit = false;
++
++ if (vcpu->requests) {
++ if (kvm_check_request(KVM_REQ_MMU_RELOAD, vcpu))
++ kvm_mmu_unload(vcpu);
++ if (kvm_check_request(KVM_REQ_MIGRATE_TIMER, vcpu))
++ __kvm_migrate_timers(vcpu);
++ if (kvm_check_request(KVM_REQ_MASTERCLOCK_UPDATE, vcpu))
++ kvm_gen_update_masterclock(vcpu->kvm);
++ if (kvm_check_request(KVM_REQ_GLOBAL_CLOCK_UPDATE, vcpu))
++ kvm_gen_kvmclock_update(vcpu);
++ if (kvm_check_request(KVM_REQ_CLOCK_UPDATE, vcpu)) {
++ r = kvm_guest_time_update(vcpu);
++ if (unlikely(r))
++ goto out;
++ }
++ if (kvm_check_request(KVM_REQ_MMU_SYNC, vcpu))
++ kvm_mmu_sync_roots(vcpu);
++ if (kvm_check_request(KVM_REQ_TLB_FLUSH, vcpu))
++ kvm_vcpu_flush_tlb(vcpu);
++ if (kvm_check_request(KVM_REQ_REPORT_TPR_ACCESS, vcpu)) {
++ vcpu->run->exit_reason = KVM_EXIT_TPR_ACCESS;
++ r = 0;
++ goto out;
++ }
++ if (kvm_check_request(KVM_REQ_TRIPLE_FAULT, vcpu)) {
++ vcpu->run->exit_reason = KVM_EXIT_SHUTDOWN;
++ r = 0;
++ goto out;
++ }
++ if (kvm_check_request(KVM_REQ_DEACTIVATE_FPU, vcpu)) {
++ vcpu->fpu_active = 0;
++ kvm_x86_ops->fpu_deactivate(vcpu);
++ }
++ if (kvm_check_request(KVM_REQ_APF_HALT, vcpu)) {
++ /* Page is swapped out. Do synthetic halt */
++ vcpu->arch.apf.halted = true;
++ r = 1;
++ goto out;
++ }
++ if (kvm_check_request(KVM_REQ_STEAL_UPDATE, vcpu))
++ record_steal_time(vcpu);
++ if (kvm_check_request(KVM_REQ_NMI, vcpu))
++ process_nmi(vcpu);
++ if (kvm_check_request(KVM_REQ_PMU, vcpu))
++ kvm_handle_pmu_event(vcpu);
++ if (kvm_check_request(KVM_REQ_PMI, vcpu))
++ kvm_deliver_pmi(vcpu);
++ if (kvm_check_request(KVM_REQ_SCAN_IOAPIC, vcpu))
++ vcpu_scan_ioapic(vcpu);
++ if (kvm_check_request(KVM_REQ_APIC_PAGE_RELOAD, vcpu))
++ kvm_vcpu_reload_apic_access_page(vcpu);
++ }
++
++ if (kvm_check_request(KVM_REQ_EVENT, vcpu) || req_int_win) {
++ kvm_apic_accept_events(vcpu);
++ if (vcpu->arch.mp_state == KVM_MP_STATE_INIT_RECEIVED) {
++ r = 1;
++ goto out;
++ }
++
++ if (inject_pending_event(vcpu, req_int_win) != 0)
++ req_immediate_exit = true;
++ /* enable NMI/IRQ window open exits if needed */
++ else if (vcpu->arch.nmi_pending)
++ kvm_x86_ops->enable_nmi_window(vcpu);
++ else if (kvm_cpu_has_injectable_intr(vcpu) || req_int_win)
++ kvm_x86_ops->enable_irq_window(vcpu);
++
++ if (kvm_lapic_enabled(vcpu)) {
++ /*
++ * Update architecture specific hints for APIC
++ * virtual interrupt delivery.
++ */
++ if (kvm_x86_ops->hwapic_irr_update)
++ kvm_x86_ops->hwapic_irr_update(vcpu,
++ kvm_lapic_find_highest_irr(vcpu));
++ update_cr8_intercept(vcpu);
++ kvm_lapic_sync_to_vapic(vcpu);
++ }
++ }
++
++ r = kvm_mmu_reload(vcpu);
++ if (unlikely(r)) {
++ goto cancel_injection;
++ }
++
++ preempt_disable();
++
++ kvm_x86_ops->prepare_guest_switch(vcpu);
++ if (vcpu->fpu_active)
++ kvm_load_guest_fpu(vcpu);
++ kvm_load_guest_xcr0(vcpu);
++
++ vcpu->mode = IN_GUEST_MODE;
++
++ srcu_read_unlock(&vcpu->kvm->srcu, vcpu->srcu_idx);
++
++ /* We should set ->mode before check ->requests,
++ * see the comment in make_all_cpus_request.
++ */
++ smp_mb__after_srcu_read_unlock();
++
++ local_irq_disable();
++
++ if (vcpu->mode == EXITING_GUEST_MODE || vcpu->requests
++ || need_resched() || signal_pending(current)) {
++ vcpu->mode = OUTSIDE_GUEST_MODE;
++ smp_wmb();
++ local_irq_enable();
++ preempt_enable();
++ vcpu->srcu_idx = srcu_read_lock(&vcpu->kvm->srcu);
++ r = 1;
++ goto cancel_injection;
++ }
++
++ if (req_immediate_exit)
++ smp_send_reschedule(vcpu->cpu);
++
++ kvm_guest_enter();
++
++ if (unlikely(vcpu->arch.switch_db_regs)) {
++ set_debugreg(0, 7);
++ set_debugreg(vcpu->arch.eff_db[0], 0);
++ set_debugreg(vcpu->arch.eff_db[1], 1);
++ set_debugreg(vcpu->arch.eff_db[2], 2);
++ set_debugreg(vcpu->arch.eff_db[3], 3);
++ set_debugreg(vcpu->arch.dr6, 6);
++ }
++
++ trace_kvm_entry(vcpu->vcpu_id);
++ kvm_x86_ops->run(vcpu);
++
++ /*
++ * Do this here before restoring debug registers on the host. And
++ * since we do this before handling the vmexit, a DR access vmexit
++ * can (a) read the correct value of the debug registers, (b) set
++ * KVM_DEBUGREG_WONT_EXIT again.
++ */
++ if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT)) {
++ int i;
++
++ WARN_ON(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP);
++ kvm_x86_ops->sync_dirty_debug_regs(vcpu);
++ for (i = 0; i < KVM_NR_DB_REGS; i++)
++ vcpu->arch.eff_db[i] = vcpu->arch.db[i];
++ }
++
++ /*
++ * If the guest has used debug registers, at least dr7
++ * will be disabled while returning to the host.
++ * If we don't have active breakpoints in the host, we don't
++ * care about the messed up debug address registers. But if
++ * we have some of them active, restore the old state.
++ */
++ if (hw_breakpoint_active())
++ hw_breakpoint_restore();
++
++ vcpu->arch.last_guest_tsc = kvm_x86_ops->read_l1_tsc(vcpu,
++ native_read_tsc());
++
++ vcpu->mode = OUTSIDE_GUEST_MODE;
++ smp_wmb();
++
++ /* Interrupt is enabled by handle_external_intr() */
++ kvm_x86_ops->handle_external_intr(vcpu);
++
++ ++vcpu->stat.exits;
++
++ /*
++ * We must have an instruction between local_irq_enable() and
++ * kvm_guest_exit(), so the timer interrupt isn't delayed by
++ * the interrupt shadow. The stat.exits increment will do nicely.
++ * But we need to prevent reordering, hence this barrier():
++ */
++ barrier();
++
++ kvm_guest_exit();
++
++ preempt_enable();
++
++ vcpu->srcu_idx = srcu_read_lock(&vcpu->kvm->srcu);
++
++ /*
++ * Profile KVM exit RIPs:
++ */
++ if (unlikely(prof_on == KVM_PROFILING)) {
++ unsigned long rip = kvm_rip_read(vcpu);
++ profile_hit(KVM_PROFILING, (void *)rip);
++ }
++
++ if (unlikely(vcpu->arch.tsc_always_catchup))
++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu);
++
++ if (vcpu->arch.apic_attention)
++ kvm_lapic_sync_from_vapic(vcpu);
++
++ r = kvm_x86_ops->handle_exit(vcpu);
++ return r;
++
++cancel_injection:
++ kvm_x86_ops->cancel_injection(vcpu);
++ if (unlikely(vcpu->arch.apic_attention))
++ kvm_lapic_sync_from_vapic(vcpu);
++out:
++ return r;
++}
++
++
++static int __vcpu_run(struct kvm_vcpu *vcpu)
++{
++ int r;
++ struct kvm *kvm = vcpu->kvm;
++
++ vcpu->srcu_idx = srcu_read_lock(&kvm->srcu);
++
++ r = 1;
++ while (r > 0) {
++ if (vcpu->arch.mp_state == KVM_MP_STATE_RUNNABLE &&
++ !vcpu->arch.apf.halted)
++ r = vcpu_enter_guest(vcpu);
++ else {
++ srcu_read_unlock(&kvm->srcu, vcpu->srcu_idx);
++ kvm_vcpu_block(vcpu);
++ vcpu->srcu_idx = srcu_read_lock(&kvm->srcu);
++ if (kvm_check_request(KVM_REQ_UNHALT, vcpu)) {
++ kvm_apic_accept_events(vcpu);
++ switch(vcpu->arch.mp_state) {
++ case KVM_MP_STATE_HALTED:
++ vcpu->arch.pv.pv_unhalted = false;
++ vcpu->arch.mp_state =
++ KVM_MP_STATE_RUNNABLE;
++ case KVM_MP_STATE_RUNNABLE:
++ vcpu->arch.apf.halted = false;
++ break;
++ case KVM_MP_STATE_INIT_RECEIVED:
++ break;
++ default:
++ r = -EINTR;
++ break;
++ }
++ }
++ }
++
++ if (r <= 0)
++ break;
++
++ clear_bit(KVM_REQ_PENDING_TIMER, &vcpu->requests);
++ if (kvm_cpu_has_pending_timer(vcpu))
++ kvm_inject_pending_timer_irqs(vcpu);
++
++ if (dm_request_for_irq_injection(vcpu)) {
++ r = -EINTR;
++ vcpu->run->exit_reason = KVM_EXIT_INTR;
++ ++vcpu->stat.request_irq_exits;
++ }
++
++ kvm_check_async_pf_completion(vcpu);
++
++ if (signal_pending(current)) {
++ r = -EINTR;
++ vcpu->run->exit_reason = KVM_EXIT_INTR;
++ ++vcpu->stat.signal_exits;
++ }
++ if (need_resched()) {
++ srcu_read_unlock(&kvm->srcu, vcpu->srcu_idx);
++ cond_resched();
++ vcpu->srcu_idx = srcu_read_lock(&kvm->srcu);
++ }
++ }
++
++ srcu_read_unlock(&kvm->srcu, vcpu->srcu_idx);
++
++ return r;
++}
++
++static inline int complete_emulated_io(struct kvm_vcpu *vcpu)
++{
++ int r;
++ vcpu->srcu_idx = srcu_read_lock(&vcpu->kvm->srcu);
++ r = emulate_instruction(vcpu, EMULTYPE_NO_DECODE);
++ srcu_read_unlock(&vcpu->kvm->srcu, vcpu->srcu_idx);
++ if (r != EMULATE_DONE)
++ return 0;
++ return 1;
++}
++
++static int complete_emulated_pio(struct kvm_vcpu *vcpu)
++{
++ BUG_ON(!vcpu->arch.pio.count);
++
++ return complete_emulated_io(vcpu);
++}
++
++/*
++ * Implements the following, as a state machine:
++ *
++ * read:
++ * for each fragment
++ * for each mmio piece in the fragment
++ * write gpa, len
++ * exit
++ * copy data
++ * execute insn
++ *
++ * write:
++ * for each fragment
++ * for each mmio piece in the fragment
++ * write gpa, len
++ * copy data
++ * exit
++ */
++static int complete_emulated_mmio(struct kvm_vcpu *vcpu)
++{
++ struct kvm_run *run = vcpu->run;
++ struct kvm_mmio_fragment *frag;
++ unsigned len;
++
++ BUG_ON(!vcpu->mmio_needed);
++
++ /* Complete previous fragment */
++ frag = &vcpu->mmio_fragments[vcpu->mmio_cur_fragment];
++ len = min(8u, frag->len);
++ if (!vcpu->mmio_is_write)
++ memcpy(frag->data, run->mmio.data, len);
++
++ if (frag->len <= 8) {
++ /* Switch to the next fragment. */
++ frag++;
++ vcpu->mmio_cur_fragment++;
++ } else {
++ /* Go forward to the next mmio piece. */
++ frag->data += len;
++ frag->gpa += len;
++ frag->len -= len;
++ }
++
++ if (vcpu->mmio_cur_fragment >= vcpu->mmio_nr_fragments) {
++ vcpu->mmio_needed = 0;
++
++ /* FIXME: return into emulator if single-stepping. */
++ if (vcpu->mmio_is_write)
++ return 1;
++ vcpu->mmio_read_completed = 1;
++ return complete_emulated_io(vcpu);
++ }
++
++ run->exit_reason = KVM_EXIT_MMIO;
++ run->mmio.phys_addr = frag->gpa;
++ if (vcpu->mmio_is_write)
++ memcpy(run->mmio.data, frag->data, min(8u, frag->len));
++ run->mmio.len = min(8u, frag->len);
++ run->mmio.is_write = vcpu->mmio_is_write;
++ vcpu->arch.complete_userspace_io = complete_emulated_mmio;
++ return 0;
++}
++
++
++int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
++{
++ int r;
++ sigset_t sigsaved;
++
++ if (!tsk_used_math(current) && init_fpu(current))
++ return -ENOMEM;
++
++ if (vcpu->sigset_active)
++ sigprocmask(SIG_SETMASK, &vcpu->sigset, &sigsaved);
++
++ if (unlikely(vcpu->arch.mp_state == KVM_MP_STATE_UNINITIALIZED)) {
++ kvm_vcpu_block(vcpu);
++ kvm_apic_accept_events(vcpu);
++ clear_bit(KVM_REQ_UNHALT, &vcpu->requests);
++ r = -EAGAIN;
++ goto out;
++ }
++
++ /* re-sync apic's tpr */
++ if (!irqchip_in_kernel(vcpu->kvm)) {
++ if (kvm_set_cr8(vcpu, kvm_run->cr8) != 0) {
++ r = -EINVAL;
++ goto out;
++ }
++ }
++
++ if (unlikely(vcpu->arch.complete_userspace_io)) {
++ int (*cui)(struct kvm_vcpu *) = vcpu->arch.complete_userspace_io;
++ vcpu->arch.complete_userspace_io = NULL;
++ r = cui(vcpu);
++ if (r <= 0)
++ goto out;
++ } else
++ WARN_ON(vcpu->arch.pio.count || vcpu->mmio_needed);
++
++ r = __vcpu_run(vcpu);
++
++out:
++ post_kvm_run_save(vcpu);
++ if (vcpu->sigset_active)
++ sigprocmask(SIG_SETMASK, &sigsaved, NULL);
++
++ return r;
++}
++
++int kvm_arch_vcpu_ioctl_get_regs(struct kvm_vcpu *vcpu, struct kvm_regs *regs)
++{
++ if (vcpu->arch.emulate_regs_need_sync_to_vcpu) {
++ /*
++ * We are here if userspace calls get_regs() in the middle of
++ * instruction emulation. Registers state needs to be copied
++ * back from emulation context to vcpu. Userspace shouldn't do
++ * that usually, but some bad designed PV devices (vmware
++ * backdoor interface) need this to work
++ */
++ emulator_writeback_register_cache(&vcpu->arch.emulate_ctxt);
++ vcpu->arch.emulate_regs_need_sync_to_vcpu = false;
++ }
++ regs->rax = kvm_register_read(vcpu, VCPU_REGS_RAX);
++ regs->rbx = kvm_register_read(vcpu, VCPU_REGS_RBX);
++ regs->rcx = kvm_register_read(vcpu, VCPU_REGS_RCX);
++ regs->rdx = kvm_register_read(vcpu, VCPU_REGS_RDX);
++ regs->rsi = kvm_register_read(vcpu, VCPU_REGS_RSI);
++ regs->rdi = kvm_register_read(vcpu, VCPU_REGS_RDI);
++ regs->rsp = kvm_register_read(vcpu, VCPU_REGS_RSP);
++ regs->rbp = kvm_register_read(vcpu, VCPU_REGS_RBP);
++#ifdef CONFIG_X86_64
++ regs->r8 = kvm_register_read(vcpu, VCPU_REGS_R8);
++ regs->r9 = kvm_register_read(vcpu, VCPU_REGS_R9);
++ regs->r10 = kvm_register_read(vcpu, VCPU_REGS_R10);
++ regs->r11 = kvm_register_read(vcpu, VCPU_REGS_R11);
++ regs->r12 = kvm_register_read(vcpu, VCPU_REGS_R12);
++ regs->r13 = kvm_register_read(vcpu, VCPU_REGS_R13);
++ regs->r14 = kvm_register_read(vcpu, VCPU_REGS_R14);
++ regs->r15 = kvm_register_read(vcpu, VCPU_REGS_R15);
++#endif
++
++ regs->rip = kvm_rip_read(vcpu);
++ regs->rflags = kvm_get_rflags(vcpu);
++
++ return 0;
++}
++
++int kvm_arch_vcpu_ioctl_set_regs(struct kvm_vcpu *vcpu, struct kvm_regs *regs)
++{
++ vcpu->arch.emulate_regs_need_sync_from_vcpu = true;
++ vcpu->arch.emulate_regs_need_sync_to_vcpu = false;
++
++ kvm_register_write(vcpu, VCPU_REGS_RAX, regs->rax);
++ kvm_register_write(vcpu, VCPU_REGS_RBX, regs->rbx);
++ kvm_register_write(vcpu, VCPU_REGS_RCX, regs->rcx);
++ kvm_register_write(vcpu, VCPU_REGS_RDX, regs->rdx);
++ kvm_register_write(vcpu, VCPU_REGS_RSI, regs->rsi);
++ kvm_register_write(vcpu, VCPU_REGS_RDI, regs->rdi);
++ kvm_register_write(vcpu, VCPU_REGS_RSP, regs->rsp);
++ kvm_register_write(vcpu, VCPU_REGS_RBP, regs->rbp);
++#ifdef CONFIG_X86_64
++ kvm_register_write(vcpu, VCPU_REGS_R8, regs->r8);
++ kvm_register_write(vcpu, VCPU_REGS_R9, regs->r9);
++ kvm_register_write(vcpu, VCPU_REGS_R10, regs->r10);
++ kvm_register_write(vcpu, VCPU_REGS_R11, regs->r11);
++ kvm_register_write(vcpu, VCPU_REGS_R12, regs->r12);
++ kvm_register_write(vcpu, VCPU_REGS_R13, regs->r13);
++ kvm_register_write(vcpu, VCPU_REGS_R14, regs->r14);
++ kvm_register_write(vcpu, VCPU_REGS_R15, regs->r15);
++#endif
++
++ kvm_rip_write(vcpu, regs->rip);
++ kvm_set_rflags(vcpu, regs->rflags);
++
++ vcpu->arch.exception.pending = false;
++
++ kvm_make_request(KVM_REQ_EVENT, vcpu);
++
++ return 0;
++}
++
++void kvm_get_cs_db_l_bits(struct kvm_vcpu *vcpu, int *db, int *l)
++{
++ struct kvm_segment cs;
++
++ kvm_get_segment(vcpu, &cs, VCPU_SREG_CS);
++ *db = cs.db;
++ *l = cs.l;
++}
++EXPORT_SYMBOL_GPL(kvm_get_cs_db_l_bits);
++
++int kvm_arch_vcpu_ioctl_get_sregs(struct kvm_vcpu *vcpu,
++ struct kvm_sregs *sregs)
++{
++ struct desc_ptr dt;
++
++ kvm_get_segment(vcpu, &sregs->cs, VCPU_SREG_CS);
++ kvm_get_segment(vcpu, &sregs->ds, VCPU_SREG_DS);
++ kvm_get_segment(vcpu, &sregs->es, VCPU_SREG_ES);
++ kvm_get_segment(vcpu, &sregs->fs, VCPU_SREG_FS);
++ kvm_get_segment(vcpu, &sregs->gs, VCPU_SREG_GS);
++ kvm_get_segment(vcpu, &sregs->ss, VCPU_SREG_SS);
++
++ kvm_get_segment(vcpu, &sregs->tr, VCPU_SREG_TR);
++ kvm_get_segment(vcpu, &sregs->ldt, VCPU_SREG_LDTR);
++
++ kvm_x86_ops->get_idt(vcpu, &dt);
++ sregs->idt.limit = dt.size;
++ sregs->idt.base = dt.address;
++ kvm_x86_ops->get_gdt(vcpu, &dt);
++ sregs->gdt.limit = dt.size;
++ sregs->gdt.base = dt.address;
++
++ sregs->cr0 = kvm_read_cr0(vcpu);
++ sregs->cr2 = vcpu->arch.cr2;
++ sregs->cr3 = kvm_read_cr3(vcpu);
++ sregs->cr4 = kvm_read_cr4(vcpu);
++ sregs->cr8 = kvm_get_cr8(vcpu);
++ sregs->efer = vcpu->arch.efer;
++ sregs->apic_base = kvm_get_apic_base(vcpu);
++
++ memset(sregs->interrupt_bitmap, 0, sizeof sregs->interrupt_bitmap);
++
++ if (vcpu->arch.interrupt.pending && !vcpu->arch.interrupt.soft)
++ set_bit(vcpu->arch.interrupt.nr,
++ (unsigned long *)sregs->interrupt_bitmap);
++
++ return 0;
++}
++
++int kvm_arch_vcpu_ioctl_get_mpstate(struct kvm_vcpu *vcpu,
++ struct kvm_mp_state *mp_state)
++{
++ kvm_apic_accept_events(vcpu);
++ if (vcpu->arch.mp_state == KVM_MP_STATE_HALTED &&
++ vcpu->arch.pv.pv_unhalted)
++ mp_state->mp_state = KVM_MP_STATE_RUNNABLE;
++ else
++ mp_state->mp_state = vcpu->arch.mp_state;
++
++ return 0;
++}
++
++int kvm_arch_vcpu_ioctl_set_mpstate(struct kvm_vcpu *vcpu,
++ struct kvm_mp_state *mp_state)
++{
++ if (!kvm_vcpu_has_lapic(vcpu) &&
++ mp_state->mp_state != KVM_MP_STATE_RUNNABLE)
++ return -EINVAL;
++
++ if (mp_state->mp_state == KVM_MP_STATE_SIPI_RECEIVED) {
++ vcpu->arch.mp_state = KVM_MP_STATE_INIT_RECEIVED;
++ set_bit(KVM_APIC_SIPI, &vcpu->arch.apic->pending_events);
++ } else
++ vcpu->arch.mp_state = mp_state->mp_state;
++ kvm_make_request(KVM_REQ_EVENT, vcpu);
++ return 0;
++}
++
++int kvm_task_switch(struct kvm_vcpu *vcpu, u16 tss_selector, int idt_index,
++ int reason, bool has_error_code, u32 error_code)
++{
++ struct x86_emulate_ctxt *ctxt = &vcpu->arch.emulate_ctxt;
++ int ret;
++
++ init_emulate_ctxt(vcpu);
++
++ ret = emulator_task_switch(ctxt, tss_selector, idt_index, reason,
++ has_error_code, error_code);
++
++ if (ret)
++ return EMULATE_FAIL;
++
++ kvm_rip_write(vcpu, ctxt->eip);
++ kvm_set_rflags(vcpu, ctxt->eflags);
++ kvm_make_request(KVM_REQ_EVENT, vcpu);
++ return EMULATE_DONE;
++}
++EXPORT_SYMBOL_GPL(kvm_task_switch);
++
++int kvm_arch_vcpu_ioctl_set_sregs(struct kvm_vcpu *vcpu,
++ struct kvm_sregs *sregs)
++{
++ struct msr_data apic_base_msr;
++ int mmu_reset_needed = 0;
++ int pending_vec, max_bits, idx;
++ struct desc_ptr dt;
++
++ if (!guest_cpuid_has_xsave(vcpu) && (sregs->cr4 & X86_CR4_OSXSAVE))
++ return -EINVAL;
++
++ dt.size = sregs->idt.limit;
++ dt.address = sregs->idt.base;
++ kvm_x86_ops->set_idt(vcpu, &dt);
++ dt.size = sregs->gdt.limit;
++ dt.address = sregs->gdt.base;
++ kvm_x86_ops->set_gdt(vcpu, &dt);
++
++ vcpu->arch.cr2 = sregs->cr2;
++ mmu_reset_needed |= kvm_read_cr3(vcpu) != sregs->cr3;
++ vcpu->arch.cr3 = sregs->cr3;
++ __set_bit(VCPU_EXREG_CR3, (ulong *)&vcpu->arch.regs_avail);
++
++ kvm_set_cr8(vcpu, sregs->cr8);
++
++ mmu_reset_needed |= vcpu->arch.efer != sregs->efer;
++ kvm_x86_ops->set_efer(vcpu, sregs->efer);
++ apic_base_msr.data = sregs->apic_base;
++ apic_base_msr.host_initiated = true;
++ kvm_set_apic_base(vcpu, &apic_base_msr);
++
++ mmu_reset_needed |= kvm_read_cr0(vcpu) != sregs->cr0;
++ kvm_x86_ops->set_cr0(vcpu, sregs->cr0);
++ vcpu->arch.cr0 = sregs->cr0;
++
++ mmu_reset_needed |= kvm_read_cr4(vcpu) != sregs->cr4;
++ kvm_x86_ops->set_cr4(vcpu, sregs->cr4);
++ if (sregs->cr4 & X86_CR4_OSXSAVE)
++ kvm_update_cpuid(vcpu);
++
++ idx = srcu_read_lock(&vcpu->kvm->srcu);
++ if (!is_long_mode(vcpu) && is_pae(vcpu)) {
++ load_pdptrs(vcpu, vcpu->arch.walk_mmu, kvm_read_cr3(vcpu));
++ mmu_reset_needed = 1;
++ }
++ srcu_read_unlock(&vcpu->kvm->srcu, idx);
++
++ if (mmu_reset_needed)
++ kvm_mmu_reset_context(vcpu);
++
++ max_bits = KVM_NR_INTERRUPTS;
++ pending_vec = find_first_bit(
++ (const unsigned long *)sregs->interrupt_bitmap, max_bits);
++ if (pending_vec < max_bits) {
++ kvm_queue_interrupt(vcpu, pending_vec, false);
++ pr_debug("Set back pending irq %d\n", pending_vec);
++ }
++
++ kvm_set_segment(vcpu, &sregs->cs, VCPU_SREG_CS);
++ kvm_set_segment(vcpu, &sregs->ds, VCPU_SREG_DS);
++ kvm_set_segment(vcpu, &sregs->es, VCPU_SREG_ES);
++ kvm_set_segment(vcpu, &sregs->fs, VCPU_SREG_FS);
++ kvm_set_segment(vcpu, &sregs->gs, VCPU_SREG_GS);
++ kvm_set_segment(vcpu, &sregs->ss, VCPU_SREG_SS);
++
++ kvm_set_segment(vcpu, &sregs->tr, VCPU_SREG_TR);
++ kvm_set_segment(vcpu, &sregs->ldt, VCPU_SREG_LDTR);
++
++ update_cr8_intercept(vcpu);
++
++ /* Older userspace won't unhalt the vcpu on reset. */
++ if (kvm_vcpu_is_bsp(vcpu) && kvm_rip_read(vcpu) == 0xfff0 &&
++ sregs->cs.selector == 0xf000 && sregs->cs.base == 0xffff0000 &&
++ !is_protmode(vcpu))
++ vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE;
++
++ kvm_make_request(KVM_REQ_EVENT, vcpu);
++
++ return 0;
++}
++
++int kvm_arch_vcpu_ioctl_set_guest_debug(struct kvm_vcpu *vcpu,
++ struct kvm_guest_debug *dbg)
++{
++ unsigned long rflags;
++ int i, r;
++
++ if (dbg->control & (KVM_GUESTDBG_INJECT_DB | KVM_GUESTDBG_INJECT_BP)) {
++ r = -EBUSY;
++ if (vcpu->arch.exception.pending)
++ goto out;
++ if (dbg->control & KVM_GUESTDBG_INJECT_DB)
++ kvm_queue_exception(vcpu, DB_VECTOR);
++ else
++ kvm_queue_exception(vcpu, BP_VECTOR);
++ }
++
++ /*
++ * Read rflags as long as potentially injected trace flags are still
++ * filtered out.
++ */
++ rflags = kvm_get_rflags(vcpu);
++
++ vcpu->guest_debug = dbg->control;
++ if (!(vcpu->guest_debug & KVM_GUESTDBG_ENABLE))
++ vcpu->guest_debug = 0;
++
++ if (vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP) {
++ for (i = 0; i < KVM_NR_DB_REGS; ++i)
++ vcpu->arch.eff_db[i] = dbg->arch.debugreg[i];
++ vcpu->arch.guest_debug_dr7 = dbg->arch.debugreg[7];
++ } else {
++ for (i = 0; i < KVM_NR_DB_REGS; i++)
++ vcpu->arch.eff_db[i] = vcpu->arch.db[i];
++ }
++ kvm_update_dr7(vcpu);
++
++ if (vcpu->guest_debug & KVM_GUESTDBG_SINGLESTEP)
++ vcpu->arch.singlestep_rip = kvm_rip_read(vcpu) +
++ get_segment_base(vcpu, VCPU_SREG_CS);
++
++ /*
++ * Trigger an rflags update that will inject or remove the trace
++ * flags.
++ */
++ kvm_set_rflags(vcpu, rflags);
++
++ kvm_x86_ops->update_db_bp_intercept(vcpu);
++
++ r = 0;
++
++out:
++
++ return r;
++}
++
++/*
++ * Translate a guest virtual address to a guest physical address.
++ */
++int kvm_arch_vcpu_ioctl_translate(struct kvm_vcpu *vcpu,
++ struct kvm_translation *tr)
++{
++ unsigned long vaddr = tr->linear_address;
++ gpa_t gpa;
++ int idx;
++
++ idx = srcu_read_lock(&vcpu->kvm->srcu);
++ gpa = kvm_mmu_gva_to_gpa_system(vcpu, vaddr, NULL);
++ srcu_read_unlock(&vcpu->kvm->srcu, idx);
++ tr->physical_address = gpa;
++ tr->valid = gpa != UNMAPPED_GVA;
++ tr->writeable = 1;
++ tr->usermode = 0;
++
++ return 0;
++}
++
++int kvm_arch_vcpu_ioctl_get_fpu(struct kvm_vcpu *vcpu, struct kvm_fpu *fpu)
++{
++ struct i387_fxsave_struct *fxsave =
++ &vcpu->arch.guest_fpu.state->fxsave;
++
++ memcpy(fpu->fpr, fxsave->st_space, 128);
++ fpu->fcw = fxsave->cwd;
++ fpu->fsw = fxsave->swd;
++ fpu->ftwx = fxsave->twd;
++ fpu->last_opcode = fxsave->fop;
++ fpu->last_ip = fxsave->rip;
++ fpu->last_dp = fxsave->rdp;
++ memcpy(fpu->xmm, fxsave->xmm_space, sizeof fxsave->xmm_space);
++
++ return 0;
++}
++
++int kvm_arch_vcpu_ioctl_set_fpu(struct kvm_vcpu *vcpu, struct kvm_fpu *fpu)
++{
++ struct i387_fxsave_struct *fxsave =
++ &vcpu->arch.guest_fpu.state->fxsave;
++
++ memcpy(fxsave->st_space, fpu->fpr, 128);
++ fxsave->cwd = fpu->fcw;
++ fxsave->swd = fpu->fsw;
++ fxsave->twd = fpu->ftwx;
++ fxsave->fop = fpu->last_opcode;
++ fxsave->rip = fpu->last_ip;
++ fxsave->rdp = fpu->last_dp;
++ memcpy(fxsave->xmm_space, fpu->xmm, sizeof fxsave->xmm_space);
++
++ return 0;
++}
++
++int fx_init(struct kvm_vcpu *vcpu)
++{
++ int err;
++
++ err = fpu_alloc(&vcpu->arch.guest_fpu);
++ if (err)
++ return err;
++
++ fpu_finit(&vcpu->arch.guest_fpu);
++ if (cpu_has_xsaves)
++ vcpu->arch.guest_fpu.state->xsave.xsave_hdr.xcomp_bv =
++ host_xcr0 | XSTATE_COMPACTION_ENABLED;
++
++ /*
++ * Ensure guest xcr0 is valid for loading
++ */
++ vcpu->arch.xcr0 = XSTATE_FP;
++
++ vcpu->arch.cr0 |= X86_CR0_ET;
++
++ return 0;
++}
++EXPORT_SYMBOL_GPL(fx_init);
++
++static void fx_free(struct kvm_vcpu *vcpu)
++{
++ fpu_free(&vcpu->arch.guest_fpu);
++}
++
++void kvm_load_guest_fpu(struct kvm_vcpu *vcpu)
++{
++ if (vcpu->guest_fpu_loaded)
++ return;
++
++ /*
++ * Restore all possible states in the guest,
++ * and assume host would use all available bits.
++ * Guest xcr0 would be loaded later.
++ */
++ kvm_put_guest_xcr0(vcpu);
++ vcpu->guest_fpu_loaded = 1;
++ __kernel_fpu_begin();
++ fpu_restore_checking(&vcpu->arch.guest_fpu);
++ trace_kvm_fpu(1);
++}
++
++void kvm_put_guest_fpu(struct kvm_vcpu *vcpu)
++{
++ kvm_put_guest_xcr0(vcpu);
++
++ if (!vcpu->guest_fpu_loaded)
++ return;
++
++ vcpu->guest_fpu_loaded = 0;
++ fpu_save_init(&vcpu->arch.guest_fpu);
++ __kernel_fpu_end();
++ ++vcpu->stat.fpu_reload;
++ kvm_make_request(KVM_REQ_DEACTIVATE_FPU, vcpu);
++ trace_kvm_fpu(0);
++}
++
++void kvm_arch_vcpu_free(struct kvm_vcpu *vcpu)
++{
++ kvmclock_reset(vcpu);
++
++ free_cpumask_var(vcpu->arch.wbinvd_dirty_mask);
++ fx_free(vcpu);
++ kvm_x86_ops->vcpu_free(vcpu);
++}
++
++struct kvm_vcpu *kvm_arch_vcpu_create(struct kvm *kvm,
++ unsigned int id)
++{
++ if (check_tsc_unstable() && atomic_read(&kvm->online_vcpus) != 0)
++ printk_once(KERN_WARNING
++ "kvm: SMP vm created on host with unstable TSC; "
++ "guest TSC will not be reliable\n");
++ return kvm_x86_ops->vcpu_create(kvm, id);
++}
++
++int kvm_arch_vcpu_setup(struct kvm_vcpu *vcpu)
++{
++ int r;
++
++ vcpu->arch.mtrr_state.have_fixed = 1;
++ r = vcpu_load(vcpu);
++ if (r)
++ return r;
++ kvm_vcpu_reset(vcpu);
++ kvm_mmu_setup(vcpu);
++ vcpu_put(vcpu);
++
++ return r;
++}
++
++int kvm_arch_vcpu_postcreate(struct kvm_vcpu *vcpu)
++{
++ int r;
++ struct msr_data msr;
++ struct kvm *kvm = vcpu->kvm;
++
++ r = vcpu_load(vcpu);
++ if (r)
++ return r;
++ msr.data = 0x0;
++ msr.index = MSR_IA32_TSC;
++ msr.host_initiated = true;
++ kvm_write_tsc(vcpu, &msr);
++ vcpu_put(vcpu);
++
++ schedule_delayed_work(&kvm->arch.kvmclock_sync_work,
++ KVMCLOCK_SYNC_PERIOD);
++
++ return r;
++}
++
++void kvm_arch_vcpu_destroy(struct kvm_vcpu *vcpu)
++{
++ int r;
++ vcpu->arch.apf.msr_val = 0;
++
++ r = vcpu_load(vcpu);
++ BUG_ON(r);
++ kvm_mmu_unload(vcpu);
++ vcpu_put(vcpu);
++
++ fx_free(vcpu);
++ kvm_x86_ops->vcpu_free(vcpu);
++}
++
++void kvm_vcpu_reset(struct kvm_vcpu *vcpu)
++{
++ atomic_set(&vcpu->arch.nmi_queued, 0);
++ vcpu->arch.nmi_pending = 0;
++ vcpu->arch.nmi_injected = false;
++ kvm_clear_interrupt_queue(vcpu);
++ kvm_clear_exception_queue(vcpu);
++
++ memset(vcpu->arch.db, 0, sizeof(vcpu->arch.db));
++ vcpu->arch.dr6 = DR6_INIT;
++ kvm_update_dr6(vcpu);
++ vcpu->arch.dr7 = DR7_FIXED_1;
++ kvm_update_dr7(vcpu);
++
++ kvm_make_request(KVM_REQ_EVENT, vcpu);
++ vcpu->arch.apf.msr_val = 0;
++ vcpu->arch.st.msr_val = 0;
++
++ kvmclock_reset(vcpu);
++
++ kvm_clear_async_pf_completion_queue(vcpu);
++ kvm_async_pf_hash_reset(vcpu);
++ vcpu->arch.apf.halted = false;
++
++ kvm_pmu_reset(vcpu);
++
++ memset(vcpu->arch.regs, 0, sizeof(vcpu->arch.regs));
++ vcpu->arch.regs_avail = ~0;
++ vcpu->arch.regs_dirty = ~0;
++
++ kvm_x86_ops->vcpu_reset(vcpu);
++}
++
++void kvm_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, unsigned int vector)
++{
++ struct kvm_segment cs;
++
++ kvm_get_segment(vcpu, &cs, VCPU_SREG_CS);
++ cs.selector = vector << 8;
++ cs.base = vector << 12;
++ kvm_set_segment(vcpu, &cs, VCPU_SREG_CS);
++ kvm_rip_write(vcpu, 0);
++}
++
++int kvm_arch_hardware_enable(void)
++{
++ struct kvm *kvm;
++ struct kvm_vcpu *vcpu;
++ int i;
++ int ret;
++ u64 local_tsc;
++ u64 max_tsc = 0;
++ bool stable, backwards_tsc = false;
++
++ kvm_shared_msr_cpu_online();
++ ret = kvm_x86_ops->hardware_enable();
++ if (ret != 0)
++ return ret;
++
++ local_tsc = native_read_tsc();
++ stable = !check_tsc_unstable();
++ list_for_each_entry(kvm, &vm_list, vm_list) {
++ kvm_for_each_vcpu(i, vcpu, kvm) {
++ if (!stable && vcpu->cpu == smp_processor_id())
++ kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu);
++ if (stable && vcpu->arch.last_host_tsc > local_tsc) {
++ backwards_tsc = true;
++ if (vcpu->arch.last_host_tsc > max_tsc)
++ max_tsc = vcpu->arch.last_host_tsc;
++ }
++ }
++ }
++
++ /*
++ * Sometimes, even reliable TSCs go backwards. This happens on
++ * platforms that reset TSC during suspend or hibernate actions, but
++ * maintain synchronization. We must compensate. Fortunately, we can
++ * detect that condition here, which happens early in CPU bringup,
++ * before any KVM threads can be running. Unfortunately, we can't
++ * bring the TSCs fully up to date with real time, as we aren't yet far
++ * enough into CPU bringup that we know how much real time has actually
++ * elapsed; our helper function, get_kernel_ns() will be using boot
++ * variables that haven't been updated yet.
++ *
++ * So we simply find the maximum observed TSC above, then record the
++ * adjustment to TSC in each VCPU. When the VCPU later gets loaded,
++ * the adjustment will be applied. Note that we accumulate
++ * adjustments, in case multiple suspend cycles happen before some VCPU
++ * gets a chance to run again. In the event that no KVM threads get a
++ * chance to run, we will miss the entire elapsed period, as we'll have
++ * reset last_host_tsc, so VCPUs will not have the TSC adjusted and may
++ * loose cycle time. This isn't too big a deal, since the loss will be
++ * uniform across all VCPUs (not to mention the scenario is extremely
++ * unlikely). It is possible that a second hibernate recovery happens
++ * much faster than a first, causing the observed TSC here to be
++ * smaller; this would require additional padding adjustment, which is
++ * why we set last_host_tsc to the local tsc observed here.
++ *
++ * N.B. - this code below runs only on platforms with reliable TSC,
++ * as that is the only way backwards_tsc is set above. Also note
++ * that this runs for ALL vcpus, which is not a bug; all VCPUs should
++ * have the same delta_cyc adjustment applied if backwards_tsc
++ * is detected. Note further, this adjustment is only done once,
++ * as we reset last_host_tsc on all VCPUs to stop this from being
++ * called multiple times (one for each physical CPU bringup).
++ *
++ * Platforms with unreliable TSCs don't have to deal with this, they
++ * will be compensated by the logic in vcpu_load, which sets the TSC to
++ * catchup mode. This will catchup all VCPUs to real time, but cannot
++ * guarantee that they stay in perfect synchronization.
++ */
++ if (backwards_tsc) {
++ u64 delta_cyc = max_tsc - local_tsc;
++ backwards_tsc_observed = true;
++ list_for_each_entry(kvm, &vm_list, vm_list) {
++ kvm_for_each_vcpu(i, vcpu, kvm) {
++ vcpu->arch.tsc_offset_adjustment += delta_cyc;
++ vcpu->arch.last_host_tsc = local_tsc;
++ kvm_make_request(KVM_REQ_MASTERCLOCK_UPDATE, vcpu);
++ }
++
++ /*
++ * We have to disable TSC offset matching.. if you were
++ * booting a VM while issuing an S4 host suspend....
++ * you may have some problem. Solving this issue is
++ * left as an exercise to the reader.
++ */
++ kvm->arch.last_tsc_nsec = 0;
++ kvm->arch.last_tsc_write = 0;
++ }
++
++ }
++ return 0;
++}
++
++void kvm_arch_hardware_disable(void)
++{
++ kvm_x86_ops->hardware_disable();
++ drop_user_return_notifiers();
++}
++
++int kvm_arch_hardware_setup(void)
++{
++ return kvm_x86_ops->hardware_setup();
++}
++
++void kvm_arch_hardware_unsetup(void)
++{
++ kvm_x86_ops->hardware_unsetup();
++}
++
++void kvm_arch_check_processor_compat(void *rtn)
++{
++ kvm_x86_ops->check_processor_compatibility(rtn);
++}
++
++bool kvm_vcpu_compatible(struct kvm_vcpu *vcpu)
++{
++ return irqchip_in_kernel(vcpu->kvm) == (vcpu->arch.apic != NULL);
++}
++
++struct static_key kvm_no_apic_vcpu __read_mostly;
++
++int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu)
++{
++ struct page *page;
++ struct kvm *kvm;
++ int r;
++
++ BUG_ON(vcpu->kvm == NULL);
++ kvm = vcpu->kvm;
++
++ vcpu->arch.pv.pv_unhalted = false;
++ vcpu->arch.emulate_ctxt.ops = &emulate_ops;
++ if (!irqchip_in_kernel(kvm) || kvm_vcpu_is_bsp(vcpu))
++ vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE;
++ else
++ vcpu->arch.mp_state = KVM_MP_STATE_UNINITIALIZED;
++
++ page = alloc_page(GFP_KERNEL | __GFP_ZERO);
++ if (!page) {
++ r = -ENOMEM;
++ goto fail;
++ }
++ vcpu->arch.pio_data = page_address(page);
++
++ kvm_set_tsc_khz(vcpu, max_tsc_khz);
++
++ r = kvm_mmu_create(vcpu);
++ if (r < 0)
++ goto fail_free_pio_data;
++
++ if (irqchip_in_kernel(kvm)) {
++ r = kvm_create_lapic(vcpu);
++ if (r < 0)
++ goto fail_mmu_destroy;
++ } else
++ static_key_slow_inc(&kvm_no_apic_vcpu);
++
++ vcpu->arch.mce_banks = kzalloc(KVM_MAX_MCE_BANKS * sizeof(u64) * 4,
++ GFP_KERNEL);
++ if (!vcpu->arch.mce_banks) {
++ r = -ENOMEM;
++ goto fail_free_lapic;
++ }
++ vcpu->arch.mcg_cap = KVM_MAX_MCE_BANKS;
++
++ if (!zalloc_cpumask_var(&vcpu->arch.wbinvd_dirty_mask, GFP_KERNEL)) {
++ r = -ENOMEM;
++ goto fail_free_mce_banks;
++ }
++
++ r = fx_init(vcpu);
++ if (r)
++ goto fail_free_wbinvd_dirty_mask;
++
++ vcpu->arch.ia32_tsc_adjust_msr = 0x0;
++ vcpu->arch.pv_time_enabled = false;
++
++ vcpu->arch.guest_supported_xcr0 = 0;
++ vcpu->arch.guest_xstate_size = XSAVE_HDR_SIZE + XSAVE_HDR_OFFSET;
++
++ kvm_async_pf_hash_reset(vcpu);
++ kvm_pmu_init(vcpu);
++
++ return 0;
++fail_free_wbinvd_dirty_mask:
++ free_cpumask_var(vcpu->arch.wbinvd_dirty_mask);
++fail_free_mce_banks:
++ kfree(vcpu->arch.mce_banks);
++fail_free_lapic:
++ kvm_free_lapic(vcpu);
++fail_mmu_destroy:
++ kvm_mmu_destroy(vcpu);
++fail_free_pio_data:
++ free_page((unsigned long)vcpu->arch.pio_data);
++fail:
++ return r;
++}
++
++void kvm_arch_vcpu_uninit(struct kvm_vcpu *vcpu)
++{
++ int idx;
++
++ kvm_pmu_destroy(vcpu);
++ kfree(vcpu->arch.mce_banks);
++ kvm_free_lapic(vcpu);
++ idx = srcu_read_lock(&vcpu->kvm->srcu);
++ kvm_mmu_destroy(vcpu);
++ srcu_read_unlock(&vcpu->kvm->srcu, idx);
++ free_page((unsigned long)vcpu->arch.pio_data);
++ if (!irqchip_in_kernel(vcpu->kvm))
++ static_key_slow_dec(&kvm_no_apic_vcpu);
++}
++
++void kvm_arch_sched_in(struct kvm_vcpu *vcpu, int cpu)
++{
++ kvm_x86_ops->sched_in(vcpu, cpu);
++}
++
++int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
++{
++ if (type)
++ return -EINVAL;
++
++ INIT_LIST_HEAD(&kvm->arch.active_mmu_pages);
++ INIT_LIST_HEAD(&kvm->arch.zapped_obsolete_pages);
++ INIT_LIST_HEAD(&kvm->arch.assigned_dev_head);
++ atomic_set(&kvm->arch.noncoherent_dma_count, 0);
++
++ /* Reserve bit 0 of irq_sources_bitmap for userspace irq source */
++ set_bit(KVM_USERSPACE_IRQ_SOURCE_ID, &kvm->arch.irq_sources_bitmap);
++ /* Reserve bit 1 of irq_sources_bitmap for irqfd-resampler */
++ set_bit(KVM_IRQFD_RESAMPLE_IRQ_SOURCE_ID,
++ &kvm->arch.irq_sources_bitmap);
++
++ raw_spin_lock_init(&kvm->arch.tsc_write_lock);
++ mutex_init(&kvm->arch.apic_map_lock);
++ spin_lock_init(&kvm->arch.pvclock_gtod_sync_lock);
++
++ pvclock_update_vm_gtod_copy(kvm);
++
++ INIT_DELAYED_WORK(&kvm->arch.kvmclock_update_work, kvmclock_update_fn);
++ INIT_DELAYED_WORK(&kvm->arch.kvmclock_sync_work, kvmclock_sync_fn);
++
++ return 0;
++}
++
++static void kvm_unload_vcpu_mmu(struct kvm_vcpu *vcpu)
++{
++ int r;
++ r = vcpu_load(vcpu);
++ BUG_ON(r);
++ kvm_mmu_unload(vcpu);
++ vcpu_put(vcpu);
++}
++
++static void kvm_free_vcpus(struct kvm *kvm)
++{
++ unsigned int i;
++ struct kvm_vcpu *vcpu;
++
++ /*
++ * Unpin any mmu pages first.
++ */
++ kvm_for_each_vcpu(i, vcpu, kvm) {
++ kvm_clear_async_pf_completion_queue(vcpu);
++ kvm_unload_vcpu_mmu(vcpu);
++ }
++ kvm_for_each_vcpu(i, vcpu, kvm)
++ kvm_arch_vcpu_free(vcpu);
++
++ mutex_lock(&kvm->lock);
++ for (i = 0; i < atomic_read(&kvm->online_vcpus); i++)
++ kvm->vcpus[i] = NULL;
++
++ atomic_set(&kvm->online_vcpus, 0);
++ mutex_unlock(&kvm->lock);
++}
++
++void kvm_arch_sync_events(struct kvm *kvm)
++{
++ cancel_delayed_work_sync(&kvm->arch.kvmclock_sync_work);
++ cancel_delayed_work_sync(&kvm->arch.kvmclock_update_work);
++ kvm_free_all_assigned_devices(kvm);
++ kvm_free_pit(kvm);
++}
++
++void kvm_arch_destroy_vm(struct kvm *kvm)
++{
++ if (current->mm == kvm->mm) {
++ /*
++ * Free memory regions allocated on behalf of userspace,
++ * unless the the memory map has changed due to process exit
++ * or fd copying.
++ */
++ struct kvm_userspace_memory_region mem;
++ memset(&mem, 0, sizeof(mem));
++ mem.slot = APIC_ACCESS_PAGE_PRIVATE_MEMSLOT;
++ kvm_set_memory_region(kvm, &mem);
++
++ mem.slot = IDENTITY_PAGETABLE_PRIVATE_MEMSLOT;
++ kvm_set_memory_region(kvm, &mem);
++
++ mem.slot = TSS_PRIVATE_MEMSLOT;
++ kvm_set_memory_region(kvm, &mem);
++ }
++ kvm_iommu_unmap_guest(kvm);
++ kfree(kvm->arch.vpic);
++ kfree(kvm->arch.vioapic);
++ kvm_free_vcpus(kvm);
++ kfree(rcu_dereference_check(kvm->arch.apic_map, 1));
++}
++
++void kvm_arch_free_memslot(struct kvm *kvm, struct kvm_memory_slot *free,
++ struct kvm_memory_slot *dont)
++{
++ int i;
++
++ for (i = 0; i < KVM_NR_PAGE_SIZES; ++i) {
++ if (!dont || free->arch.rmap[i] != dont->arch.rmap[i]) {
++ kvm_kvfree(free->arch.rmap[i]);
++ free->arch.rmap[i] = NULL;
++ }
++ if (i == 0)
++ continue;
++
++ if (!dont || free->arch.lpage_info[i - 1] !=
++ dont->arch.lpage_info[i - 1]) {
++ kvm_kvfree(free->arch.lpage_info[i - 1]);
++ free->arch.lpage_info[i - 1] = NULL;
++ }
++ }
++}
++
++int kvm_arch_create_memslot(struct kvm *kvm, struct kvm_memory_slot *slot,
++ unsigned long npages)
++{
++ int i;
++
++ for (i = 0; i < KVM_NR_PAGE_SIZES; ++i) {
++ unsigned long ugfn;
++ int lpages;
++ int level = i + 1;
++
++ lpages = gfn_to_index(slot->base_gfn + npages - 1,
++ slot->base_gfn, level) + 1;
++
++ slot->arch.rmap[i] =
++ kvm_kvzalloc(lpages * sizeof(*slot->arch.rmap[i]));
++ if (!slot->arch.rmap[i])
++ goto out_free;
++ if (i == 0)
++ continue;
++
++ slot->arch.lpage_info[i - 1] = kvm_kvzalloc(lpages *
++ sizeof(*slot->arch.lpage_info[i - 1]));
++ if (!slot->arch.lpage_info[i - 1])
++ goto out_free;
++
++ if (slot->base_gfn & (KVM_PAGES_PER_HPAGE(level) - 1))
++ slot->arch.lpage_info[i - 1][0].write_count = 1;
++ if ((slot->base_gfn + npages) & (KVM_PAGES_PER_HPAGE(level) - 1))
++ slot->arch.lpage_info[i - 1][lpages - 1].write_count = 1;
++ ugfn = slot->userspace_addr >> PAGE_SHIFT;
++ /*
++ * If the gfn and userspace address are not aligned wrt each
++ * other, or if explicitly asked to, disable large page
++ * support for this slot
++ */
++ if ((slot->base_gfn ^ ugfn) & (KVM_PAGES_PER_HPAGE(level) - 1) ||
++ !kvm_largepages_enabled()) {
++ unsigned long j;
++
++ for (j = 0; j < lpages; ++j)
++ slot->arch.lpage_info[i - 1][j].write_count = 1;
++ }
++ }
++
++ return 0;
++
++out_free:
++ for (i = 0; i < KVM_NR_PAGE_SIZES; ++i) {
++ kvm_kvfree(slot->arch.rmap[i]);
++ slot->arch.rmap[i] = NULL;
++ if (i == 0)
++ continue;
++
++ kvm_kvfree(slot->arch.lpage_info[i - 1]);
++ slot->arch.lpage_info[i - 1] = NULL;
++ }
++ return -ENOMEM;
++}
++
++void kvm_arch_memslots_updated(struct kvm *kvm)
++{
++ /*
++ * memslots->generation has been incremented.
++ * mmio generation may have reached its maximum value.
++ */
++ kvm_mmu_invalidate_mmio_sptes(kvm);
++}
++
++int kvm_arch_prepare_memory_region(struct kvm *kvm,
++ struct kvm_memory_slot *memslot,
++ struct kvm_userspace_memory_region *mem,
++ enum kvm_mr_change change)
++{
++ /*
++ * Only private memory slots need to be mapped here since
++ * KVM_SET_MEMORY_REGION ioctl is no longer supported.
++ */
++ if ((memslot->id >= KVM_USER_MEM_SLOTS) && (change == KVM_MR_CREATE)) {
++ unsigned long userspace_addr;
++
++ /*
++ * MAP_SHARED to prevent internal slot pages from being moved
++ * by fork()/COW.
++ */
++ userspace_addr = vm_mmap(NULL, 0, memslot->npages * PAGE_SIZE,
++ PROT_READ | PROT_WRITE,
++ MAP_SHARED | MAP_ANONYMOUS, 0);
++
++ if (IS_ERR((void *)userspace_addr))
++ return PTR_ERR((void *)userspace_addr);
++
++ memslot->userspace_addr = userspace_addr;
++ }
++
++ return 0;
++}
++
++void kvm_arch_commit_memory_region(struct kvm *kvm,
++ struct kvm_userspace_memory_region *mem,
++ const struct kvm_memory_slot *old,
++ enum kvm_mr_change change)
++{
++
++ int nr_mmu_pages = 0;
++
++ if ((mem->slot >= KVM_USER_MEM_SLOTS) && (change == KVM_MR_DELETE)) {
++ int ret;
++
++ ret = vm_munmap(old->userspace_addr,
++ old->npages * PAGE_SIZE);
++ if (ret < 0)
++ printk(KERN_WARNING
++ "kvm_vm_ioctl_set_memory_region: "
++ "failed to munmap memory\n");
++ }
++
++ if (!kvm->arch.n_requested_mmu_pages)
++ nr_mmu_pages = kvm_mmu_calculate_mmu_pages(kvm);
++
++ if (nr_mmu_pages)
++ kvm_mmu_change_mmu_pages(kvm, nr_mmu_pages);
++ /*
++ * Write protect all pages for dirty logging.
++ *
++ * All the sptes including the large sptes which point to this
++ * slot are set to readonly. We can not create any new large
++ * spte on this slot until the end of the logging.
++ *
++ * See the comments in fast_page_fault().
++ */
++ if ((change != KVM_MR_DELETE) && (mem->flags & KVM_MEM_LOG_DIRTY_PAGES))
++ kvm_mmu_slot_remove_write_access(kvm, mem->slot);
++}
++
++void kvm_arch_flush_shadow_all(struct kvm *kvm)
++{
++ kvm_mmu_invalidate_zap_all_pages(kvm);
++}
++
++void kvm_arch_flush_shadow_memslot(struct kvm *kvm,
++ struct kvm_memory_slot *slot)
++{
++ kvm_mmu_invalidate_zap_all_pages(kvm);
++}
++
++int kvm_arch_vcpu_runnable(struct kvm_vcpu *vcpu)
++{
++ if (is_guest_mode(vcpu) && kvm_x86_ops->check_nested_events)
++ kvm_x86_ops->check_nested_events(vcpu, false);
++
++ return (vcpu->arch.mp_state == KVM_MP_STATE_RUNNABLE &&
++ !vcpu->arch.apf.halted)
++ || !list_empty_careful(&vcpu->async_pf.done)
++ || kvm_apic_has_events(vcpu)
++ || vcpu->arch.pv.pv_unhalted
++ || atomic_read(&vcpu->arch.nmi_queued) ||
++ (kvm_arch_interrupt_allowed(vcpu) &&
++ kvm_cpu_has_interrupt(vcpu));
++}
++
++int kvm_arch_vcpu_should_kick(struct kvm_vcpu *vcpu)
++{
++ return kvm_vcpu_exiting_guest_mode(vcpu) == IN_GUEST_MODE;
++}
++
++int kvm_arch_interrupt_allowed(struct kvm_vcpu *vcpu)
++{
++ return kvm_x86_ops->interrupt_allowed(vcpu);
++}
++
++bool kvm_is_linear_rip(struct kvm_vcpu *vcpu, unsigned long linear_rip)
++{
++ unsigned long current_rip = kvm_rip_read(vcpu) +
++ get_segment_base(vcpu, VCPU_SREG_CS);
++
++ return current_rip == linear_rip;
++}
++EXPORT_SYMBOL_GPL(kvm_is_linear_rip);
++
++unsigned long kvm_get_rflags(struct kvm_vcpu *vcpu)
++{
++ unsigned long rflags;
++
++ rflags = kvm_x86_ops->get_rflags(vcpu);
++ if (vcpu->guest_debug & KVM_GUESTDBG_SINGLESTEP)
++ rflags &= ~X86_EFLAGS_TF;
++ return rflags;
++}
++EXPORT_SYMBOL_GPL(kvm_get_rflags);
++
++static void __kvm_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags)
++{
++ if (vcpu->guest_debug & KVM_GUESTDBG_SINGLESTEP &&
++ kvm_is_linear_rip(vcpu, vcpu->arch.singlestep_rip))
++ rflags |= X86_EFLAGS_TF;
++ kvm_x86_ops->set_rflags(vcpu, rflags);
++}
++
++void kvm_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags)
++{
++ __kvm_set_rflags(vcpu, rflags);
++ kvm_make_request(KVM_REQ_EVENT, vcpu);
++}
++EXPORT_SYMBOL_GPL(kvm_set_rflags);
++
++void kvm_arch_async_page_ready(struct kvm_vcpu *vcpu, struct kvm_async_pf *work)
++{
++ int r;
++
++ if ((vcpu->arch.mmu.direct_map != work->arch.direct_map) ||
++ work->wakeup_all)
++ return;
++
++ r = kvm_mmu_reload(vcpu);
++ if (unlikely(r))
++ return;
++
++ if (!vcpu->arch.mmu.direct_map &&
++ work->arch.cr3 != vcpu->arch.mmu.get_cr3(vcpu))
++ return;
++
++ vcpu->arch.mmu.page_fault(vcpu, work->gva, 0, true);
++}
++
++static inline u32 kvm_async_pf_hash_fn(gfn_t gfn)
++{
++ return hash_32(gfn & 0xffffffff, order_base_2(ASYNC_PF_PER_VCPU));
++}
++
++static inline u32 kvm_async_pf_next_probe(u32 key)
++{
++ return (key + 1) & (roundup_pow_of_two(ASYNC_PF_PER_VCPU) - 1);
++}
++
++static void kvm_add_async_pf_gfn(struct kvm_vcpu *vcpu, gfn_t gfn)
++{
++ u32 key = kvm_async_pf_hash_fn(gfn);
++
++ while (vcpu->arch.apf.gfns[key] != ~0)
++ key = kvm_async_pf_next_probe(key);
++
++ vcpu->arch.apf.gfns[key] = gfn;
++}
++
++static u32 kvm_async_pf_gfn_slot(struct kvm_vcpu *vcpu, gfn_t gfn)
++{
++ int i;
++ u32 key = kvm_async_pf_hash_fn(gfn);
++
++ for (i = 0; i < roundup_pow_of_two(ASYNC_PF_PER_VCPU) &&
++ (vcpu->arch.apf.gfns[key] != gfn &&
++ vcpu->arch.apf.gfns[key] != ~0); i++)
++ key = kvm_async_pf_next_probe(key);
++
++ return key;
++}
++
++bool kvm_find_async_pf_gfn(struct kvm_vcpu *vcpu, gfn_t gfn)
++{
++ return vcpu->arch.apf.gfns[kvm_async_pf_gfn_slot(vcpu, gfn)] == gfn;
++}
++
++static void kvm_del_async_pf_gfn(struct kvm_vcpu *vcpu, gfn_t gfn)
++{
++ u32 i, j, k;
++
++ i = j = kvm_async_pf_gfn_slot(vcpu, gfn);
++ while (true) {
++ vcpu->arch.apf.gfns[i] = ~0;
++ do {
++ j = kvm_async_pf_next_probe(j);
++ if (vcpu->arch.apf.gfns[j] == ~0)
++ return;
++ k = kvm_async_pf_hash_fn(vcpu->arch.apf.gfns[j]);
++ /*
++ * k lies cyclically in ]i,j]
++ * | i.k.j |
++ * |....j i.k.| or |.k..j i...|
++ */
++ } while ((i <= j) ? (i < k && k <= j) : (i < k || k <= j));
++ vcpu->arch.apf.gfns[i] = vcpu->arch.apf.gfns[j];
++ i = j;
++ }
++}
++
++static int apf_put_user(struct kvm_vcpu *vcpu, u32 val)
++{
++
++ return kvm_write_guest_cached(vcpu->kvm, &vcpu->arch.apf.data, &val,
++ sizeof(val));
++}
++
++void kvm_arch_async_page_not_present(struct kvm_vcpu *vcpu,
++ struct kvm_async_pf *work)
++{
++ struct x86_exception fault;
++
++ trace_kvm_async_pf_not_present(work->arch.token, work->gva);
++ kvm_add_async_pf_gfn(vcpu, work->arch.gfn);
++
++ if (!(vcpu->arch.apf.msr_val & KVM_ASYNC_PF_ENABLED) ||
++ (vcpu->arch.apf.send_user_only &&
++ kvm_x86_ops->get_cpl(vcpu) == 0))
++ kvm_make_request(KVM_REQ_APF_HALT, vcpu);
++ else if (!apf_put_user(vcpu, KVM_PV_REASON_PAGE_NOT_PRESENT)) {
++ fault.vector = PF_VECTOR;
++ fault.error_code_valid = true;
++ fault.error_code = 0;
++ fault.nested_page_fault = false;
++ fault.address = work->arch.token;
++ kvm_inject_page_fault(vcpu, &fault);
++ }
++}
++
++void kvm_arch_async_page_present(struct kvm_vcpu *vcpu,
++ struct kvm_async_pf *work)
++{
++ struct x86_exception fault;
++
++ trace_kvm_async_pf_ready(work->arch.token, work->gva);
++ if (work->wakeup_all)
++ work->arch.token = ~0; /* broadcast wakeup */
++ else
++ kvm_del_async_pf_gfn(vcpu, work->arch.gfn);
++
++ if ((vcpu->arch.apf.msr_val & KVM_ASYNC_PF_ENABLED) &&
++ !apf_put_user(vcpu, KVM_PV_REASON_PAGE_READY)) {
++ fault.vector = PF_VECTOR;
++ fault.error_code_valid = true;
++ fault.error_code = 0;
++ fault.nested_page_fault = false;
++ fault.address = work->arch.token;
++ kvm_inject_page_fault(vcpu, &fault);
++ }
++ vcpu->arch.apf.halted = false;
++ vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE;
++}
++
++bool kvm_arch_can_inject_async_page_present(struct kvm_vcpu *vcpu)
++{
++ if (!(vcpu->arch.apf.msr_val & KVM_ASYNC_PF_ENABLED))
++ return true;
++ else
++ return !kvm_event_needs_reinjection(vcpu) &&
++ kvm_x86_ops->interrupt_allowed(vcpu);
++}
++
++void kvm_arch_register_noncoherent_dma(struct kvm *kvm)
++{
++ atomic_inc(&kvm->arch.noncoherent_dma_count);
++}
++EXPORT_SYMBOL_GPL(kvm_arch_register_noncoherent_dma);
++
++void kvm_arch_unregister_noncoherent_dma(struct kvm *kvm)
++{
++ atomic_dec(&kvm->arch.noncoherent_dma_count);
++}
++EXPORT_SYMBOL_GPL(kvm_arch_unregister_noncoherent_dma);
++
++bool kvm_arch_has_noncoherent_dma(struct kvm *kvm)
++{
++ return atomic_read(&kvm->arch.noncoherent_dma_count);
++}
++EXPORT_SYMBOL_GPL(kvm_arch_has_noncoherent_dma);
++
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_exit);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_inj_virq);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_page_fault);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_msr);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_cr);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_nested_vmrun);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_nested_vmexit);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_nested_vmexit_inject);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_nested_intr_vmexit);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_invlpga);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_skinit);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_nested_intercepts);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_write_tsc_offset);
++EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_ple_window);
+diff -Nur linux-3.18.9.orig/arch/x86/mm/fault.c linux-3.18.9/arch/x86/mm/fault.c
+--- linux-3.18.9.orig/arch/x86/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/mm/fault.c 2015-03-15 16:03:03.696094875 -0500
+@@ -1128,7 +1128,7 @@
+ * If we're in an interrupt, have no user context or are running
+ * in an atomic region then we must not take the fault:
+ */
+- if (unlikely(in_atomic() || !mm)) {
++ if (unlikely(!mm || pagefault_disabled())) {
+ bad_area_nosemaphore(regs, error_code, address);
+ return;
+ }
+diff -Nur linux-3.18.9.orig/arch/x86/mm/highmem_32.c linux-3.18.9/arch/x86/mm/highmem_32.c
+--- linux-3.18.9.orig/arch/x86/mm/highmem_32.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/mm/highmem_32.c 2015-03-15 16:03:03.696094875 -0500
+@@ -32,6 +32,7 @@
+ */
+ void *kmap_atomic_prot(struct page *page, pgprot_t prot)
+ {
++ pte_t pte = mk_pte(page, prot);
+ unsigned long vaddr;
+ int idx, type;
+
+@@ -45,7 +46,10 @@
+ idx = type + KM_TYPE_NR*smp_processor_id();
+ vaddr = __fix_to_virt(FIX_KMAP_BEGIN + idx);
+ BUG_ON(!pte_none(*(kmap_pte-idx)));
+- set_pte(kmap_pte-idx, mk_pte(page, prot));
++#ifdef CONFIG_PREEMPT_RT_FULL
++ current->kmap_pte[type] = pte;
++#endif
++ set_pte(kmap_pte-idx, pte);
+ arch_flush_lazy_mmu_mode();
+
+ return (void *)vaddr;
+@@ -88,6 +92,9 @@
+ * is a bad idea also, in case the page changes cacheability
+ * attributes or becomes a protected page in a hypervisor.
+ */
++#ifdef CONFIG_PREEMPT_RT_FULL
++ current->kmap_pte[type] = __pte(0);
++#endif
+ kpte_clear_flush(kmap_pte-idx, vaddr);
+ kmap_atomic_idx_pop();
+ arch_flush_lazy_mmu_mode();
+diff -Nur linux-3.18.9.orig/arch/x86/mm/iomap_32.c linux-3.18.9/arch/x86/mm/iomap_32.c
+--- linux-3.18.9.orig/arch/x86/mm/iomap_32.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/mm/iomap_32.c 2015-03-15 16:03:03.696094875 -0500
+@@ -56,6 +56,7 @@
+
+ void *kmap_atomic_prot_pfn(unsigned long pfn, pgprot_t prot)
+ {
++ pte_t pte = pfn_pte(pfn, prot);
+ unsigned long vaddr;
+ int idx, type;
+
+@@ -64,7 +65,12 @@
+ type = kmap_atomic_idx_push();
+ idx = type + KM_TYPE_NR * smp_processor_id();
+ vaddr = __fix_to_virt(FIX_KMAP_BEGIN + idx);
+- set_pte(kmap_pte - idx, pfn_pte(pfn, prot));
++ WARN_ON(!pte_none(*(kmap_pte - idx)));
++
++#ifdef CONFIG_PREEMPT_RT_FULL
++ current->kmap_pte[type] = pte;
++#endif
++ set_pte(kmap_pte - idx, pte);
+ arch_flush_lazy_mmu_mode();
+
+ return (void *)vaddr;
+@@ -110,6 +116,9 @@
+ * is a bad idea also, in case the page changes cacheability
+ * attributes or becomes a protected page in a hypervisor.
+ */
++#ifdef CONFIG_PREEMPT_RT_FULL
++ current->kmap_pte[type] = __pte(0);
++#endif
+ kpte_clear_flush(kmap_pte-idx, vaddr);
+ kmap_atomic_idx_pop();
+ }
+diff -Nur linux-3.18.9.orig/arch/x86/platform/uv/tlb_uv.c linux-3.18.9/arch/x86/platform/uv/tlb_uv.c
+--- linux-3.18.9.orig/arch/x86/platform/uv/tlb_uv.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/platform/uv/tlb_uv.c 2015-03-15 16:03:03.696094875 -0500
+@@ -714,9 +714,9 @@
+
+ quiesce_local_uvhub(hmaster);
+
+- spin_lock(&hmaster->queue_lock);
++ raw_spin_lock(&hmaster->queue_lock);
+ reset_with_ipi(&bau_desc->distribution, bcp);
+- spin_unlock(&hmaster->queue_lock);
++ raw_spin_unlock(&hmaster->queue_lock);
+
+ end_uvhub_quiesce(hmaster);
+
+@@ -736,9 +736,9 @@
+
+ quiesce_local_uvhub(hmaster);
+
+- spin_lock(&hmaster->queue_lock);
++ raw_spin_lock(&hmaster->queue_lock);
+ reset_with_ipi(&bau_desc->distribution, bcp);
+- spin_unlock(&hmaster->queue_lock);
++ raw_spin_unlock(&hmaster->queue_lock);
+
+ end_uvhub_quiesce(hmaster);
+
+@@ -759,7 +759,7 @@
+ cycles_t tm1;
+
+ hmaster = bcp->uvhub_master;
+- spin_lock(&hmaster->disable_lock);
++ raw_spin_lock(&hmaster->disable_lock);
+ if (!bcp->baudisabled) {
+ stat->s_bau_disabled++;
+ tm1 = get_cycles();
+@@ -772,7 +772,7 @@
+ }
+ }
+ }
+- spin_unlock(&hmaster->disable_lock);
++ raw_spin_unlock(&hmaster->disable_lock);
+ }
+
+ static void count_max_concurr(int stat, struct bau_control *bcp,
+@@ -835,7 +835,7 @@
+ */
+ static void uv1_throttle(struct bau_control *hmaster, struct ptc_stats *stat)
+ {
+- spinlock_t *lock = &hmaster->uvhub_lock;
++ raw_spinlock_t *lock = &hmaster->uvhub_lock;
+ atomic_t *v;
+
+ v = &hmaster->active_descriptor_count;
+@@ -968,7 +968,7 @@
+ struct bau_control *hmaster;
+
+ hmaster = bcp->uvhub_master;
+- spin_lock(&hmaster->disable_lock);
++ raw_spin_lock(&hmaster->disable_lock);
+ if (bcp->baudisabled && (get_cycles() >= bcp->set_bau_on_time)) {
+ stat->s_bau_reenabled++;
+ for_each_present_cpu(tcpu) {
+@@ -980,10 +980,10 @@
+ tbcp->period_giveups = 0;
+ }
+ }
+- spin_unlock(&hmaster->disable_lock);
++ raw_spin_unlock(&hmaster->disable_lock);
+ return 0;
+ }
+- spin_unlock(&hmaster->disable_lock);
++ raw_spin_unlock(&hmaster->disable_lock);
+ return -1;
+ }
+
+@@ -1899,9 +1899,9 @@
+ bcp->cong_reps = congested_reps;
+ bcp->disabled_period = sec_2_cycles(disabled_period);
+ bcp->giveup_limit = giveup_limit;
+- spin_lock_init(&bcp->queue_lock);
+- spin_lock_init(&bcp->uvhub_lock);
+- spin_lock_init(&bcp->disable_lock);
++ raw_spin_lock_init(&bcp->queue_lock);
++ raw_spin_lock_init(&bcp->uvhub_lock);
++ raw_spin_lock_init(&bcp->disable_lock);
+ }
+ }
+
+diff -Nur linux-3.18.9.orig/arch/x86/platform/uv/uv_time.c linux-3.18.9/arch/x86/platform/uv/uv_time.c
+--- linux-3.18.9.orig/arch/x86/platform/uv/uv_time.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/x86/platform/uv/uv_time.c 2015-03-15 16:03:03.696094875 -0500
+@@ -58,7 +58,7 @@
+
+ /* There is one of these allocated per node */
+ struct uv_rtc_timer_head {
+- spinlock_t lock;
++ raw_spinlock_t lock;
+ /* next cpu waiting for timer, local node relative: */
+ int next_cpu;
+ /* number of cpus on this node: */
+@@ -178,7 +178,7 @@
+ uv_rtc_deallocate_timers();
+ return -ENOMEM;
+ }
+- spin_lock_init(&head->lock);
++ raw_spin_lock_init(&head->lock);
+ head->ncpus = uv_blade_nr_possible_cpus(bid);
+ head->next_cpu = -1;
+ blade_info[bid] = head;
+@@ -232,7 +232,7 @@
+ unsigned long flags;
+ int next_cpu;
+
+- spin_lock_irqsave(&head->lock, flags);
++ raw_spin_lock_irqsave(&head->lock, flags);
+
+ next_cpu = head->next_cpu;
+ *t = expires;
+@@ -244,12 +244,12 @@
+ if (uv_setup_intr(cpu, expires)) {
+ *t = ULLONG_MAX;
+ uv_rtc_find_next_timer(head, pnode);
+- spin_unlock_irqrestore(&head->lock, flags);
++ raw_spin_unlock_irqrestore(&head->lock, flags);
+ return -ETIME;
+ }
+ }
+
+- spin_unlock_irqrestore(&head->lock, flags);
++ raw_spin_unlock_irqrestore(&head->lock, flags);
+ return 0;
+ }
+
+@@ -268,7 +268,7 @@
+ unsigned long flags;
+ int rc = 0;
+
+- spin_lock_irqsave(&head->lock, flags);
++ raw_spin_lock_irqsave(&head->lock, flags);
+
+ if ((head->next_cpu == bcpu && uv_read_rtc(NULL) >= *t) || force)
+ rc = 1;
+@@ -280,7 +280,7 @@
+ uv_rtc_find_next_timer(head, pnode);
+ }
+
+- spin_unlock_irqrestore(&head->lock, flags);
++ raw_spin_unlock_irqrestore(&head->lock, flags);
+
+ return rc;
+ }
+@@ -300,13 +300,18 @@
+ static cycle_t uv_read_rtc(struct clocksource *cs)
+ {
+ unsigned long offset;
++ cycle_t cycles;
+
++ preempt_disable();
+ if (uv_get_min_hub_revision_id() == 1)
+ offset = 0;
+ else
+ offset = (uv_blade_processor_id() * L1_CACHE_BYTES) % PAGE_SIZE;
+
+- return (cycle_t)uv_read_local_mmr(UVH_RTC | offset);
++ cycles = (cycle_t)uv_read_local_mmr(UVH_RTC | offset);
++ preempt_enable();
++
++ return cycles;
+ }
+
+ /*
+diff -Nur linux-3.18.9.orig/arch/xtensa/mm/fault.c linux-3.18.9/arch/xtensa/mm/fault.c
+--- linux-3.18.9.orig/arch/xtensa/mm/fault.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/arch/xtensa/mm/fault.c 2015-03-15 16:03:03.696094875 -0500
+@@ -57,7 +57,7 @@
+ /* If we're in an interrupt or have no user
+ * context, we must not take the fault..
+ */
+- if (in_atomic() || !mm) {
++ if (!mm || pagefault_disabled()) {
+ bad_page_fault(regs, address, SIGSEGV);
+ return;
+ }
+diff -Nur linux-3.18.9.orig/block/blk-core.c linux-3.18.9/block/blk-core.c
+--- linux-3.18.9.orig/block/blk-core.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/block/blk-core.c 2015-03-15 16:03:03.696094875 -0500
+@@ -100,6 +100,9 @@
+
+ INIT_LIST_HEAD(&rq->queuelist);
+ INIT_LIST_HEAD(&rq->timeout_list);
++#if CONFIG_PREEMPT_RT_FULL
++ INIT_WORK(&rq->work, __blk_mq_complete_request_remote_work);
++#endif
+ rq->cpu = -1;
+ rq->q = q;
+ rq->__sector = (sector_t) -1;
+@@ -194,7 +197,7 @@
+ **/
+ void blk_start_queue(struct request_queue *q)
+ {
+- WARN_ON(!irqs_disabled());
++ WARN_ON_NONRT(!irqs_disabled());
+
+ queue_flag_clear(QUEUE_FLAG_STOPPED, q);
+ __blk_run_queue(q);
+@@ -627,7 +630,7 @@
+ q->bypass_depth = 1;
+ __set_bit(QUEUE_FLAG_BYPASS, &q->queue_flags);
+
+- init_waitqueue_head(&q->mq_freeze_wq);
++ init_swait_head(&q->mq_freeze_wq);
+
+ if (blkcg_init_queue(q))
+ goto fail_bdi;
+@@ -3037,7 +3040,7 @@
+ blk_run_queue_async(q);
+ else
+ __blk_run_queue(q);
+- spin_unlock(q->queue_lock);
++ spin_unlock_irq(q->queue_lock);
+ }
+
+ static void flush_plug_callbacks(struct blk_plug *plug, bool from_schedule)
+@@ -3085,7 +3088,6 @@
+ void blk_flush_plug_list(struct blk_plug *plug, bool from_schedule)
+ {
+ struct request_queue *q;
+- unsigned long flags;
+ struct request *rq;
+ LIST_HEAD(list);
+ unsigned int depth;
+@@ -3105,11 +3107,6 @@
+ q = NULL;
+ depth = 0;
+
+- /*
+- * Save and disable interrupts here, to avoid doing it for every
+- * queue lock we have to take.
+- */
+- local_irq_save(flags);
+ while (!list_empty(&list)) {
+ rq = list_entry_rq(list.next);
+ list_del_init(&rq->queuelist);
+@@ -3122,7 +3119,7 @@
+ queue_unplugged(q, depth, from_schedule);
+ q = rq->q;
+ depth = 0;
+- spin_lock(q->queue_lock);
++ spin_lock_irq(q->queue_lock);
+ }
+
+ /*
+@@ -3149,8 +3146,6 @@
+ */
+ if (q)
+ queue_unplugged(q, depth, from_schedule);
+-
+- local_irq_restore(flags);
+ }
+
+ void blk_finish_plug(struct blk_plug *plug)
+diff -Nur linux-3.18.9.orig/block/blk-ioc.c linux-3.18.9/block/blk-ioc.c
+--- linux-3.18.9.orig/block/blk-ioc.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/block/blk-ioc.c 2015-03-15 16:03:03.696094875 -0500
+@@ -7,6 +7,7 @@
+ #include <linux/bio.h>
+ #include <linux/blkdev.h>
+ #include <linux/slab.h>
++#include <linux/delay.h>
+
+ #include "blk.h"
+
+@@ -109,7 +110,7 @@
+ spin_unlock(q->queue_lock);
+ } else {
+ spin_unlock_irqrestore(&ioc->lock, flags);
+- cpu_relax();
++ cpu_chill();
+ spin_lock_irqsave_nested(&ioc->lock, flags, 1);
+ }
+ }
+@@ -187,7 +188,7 @@
+ spin_unlock(icq->q->queue_lock);
+ } else {
+ spin_unlock_irqrestore(&ioc->lock, flags);
+- cpu_relax();
++ cpu_chill();
+ goto retry;
+ }
+ }
+diff -Nur linux-3.18.9.orig/block/blk-iopoll.c linux-3.18.9/block/blk-iopoll.c
+--- linux-3.18.9.orig/block/blk-iopoll.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/block/blk-iopoll.c 2015-03-15 16:03:03.696094875 -0500
+@@ -35,6 +35,7 @@
+ list_add_tail(&iop->list, this_cpu_ptr(&blk_cpu_iopoll));
+ __raise_softirq_irqoff(BLOCK_IOPOLL_SOFTIRQ);
+ local_irq_restore(flags);
++ preempt_check_resched_rt();
+ }
+ EXPORT_SYMBOL(blk_iopoll_sched);
+
+@@ -132,6 +133,7 @@
+ __raise_softirq_irqoff(BLOCK_IOPOLL_SOFTIRQ);
+
+ local_irq_enable();
++ preempt_check_resched_rt();
+ }
+
+ /**
+@@ -201,6 +203,7 @@
+ this_cpu_ptr(&blk_cpu_iopoll));
+ __raise_softirq_irqoff(BLOCK_IOPOLL_SOFTIRQ);
+ local_irq_enable();
++ preempt_check_resched_rt();
+ }
+
+ return NOTIFY_OK;
+diff -Nur linux-3.18.9.orig/block/blk-mq.c linux-3.18.9/block/blk-mq.c
+--- linux-3.18.9.orig/block/blk-mq.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/block/blk-mq.c 2015-03-15 16:03:03.696094875 -0500
+@@ -85,7 +85,7 @@
+ if (percpu_ref_tryget_live(&q->mq_usage_counter))
+ return 0;
+
+- ret = wait_event_interruptible(q->mq_freeze_wq,
++ ret = swait_event_interruptible(q->mq_freeze_wq,
+ !q->mq_freeze_depth || blk_queue_dying(q));
+ if (blk_queue_dying(q))
+ return -ENODEV;
+@@ -104,7 +104,7 @@
+ struct request_queue *q =
+ container_of(ref, struct request_queue, mq_usage_counter);
+
+- wake_up_all(&q->mq_freeze_wq);
++ swait_wake_all(&q->mq_freeze_wq);
+ }
+
+ static void blk_mq_freeze_queue_start(struct request_queue *q)
+@@ -123,7 +123,7 @@
+
+ static void blk_mq_freeze_queue_wait(struct request_queue *q)
+ {
+- wait_event(q->mq_freeze_wq, percpu_ref_is_zero(&q->mq_usage_counter));
++ swait_event(q->mq_freeze_wq, percpu_ref_is_zero(&q->mq_usage_counter));
+ }
+
+ /*
+@@ -146,7 +146,7 @@
+ spin_unlock_irq(q->queue_lock);
+ if (wake) {
+ percpu_ref_reinit(&q->mq_usage_counter);
+- wake_up_all(&q->mq_freeze_wq);
++ swait_wake_all(&q->mq_freeze_wq);
+ }
+ }
+
+@@ -194,6 +194,9 @@
+ rq->resid_len = 0;
+ rq->sense = NULL;
+
++#if CONFIG_PREEMPT_RT_FULL
++ INIT_WORK(&rq->work, __blk_mq_complete_request_remote_work);
++#endif
+ INIT_LIST_HEAD(&rq->timeout_list);
+ rq->timeout = 0;
+
+@@ -313,6 +316,17 @@
+ }
+ EXPORT_SYMBOL(blk_mq_end_request);
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++
++void __blk_mq_complete_request_remote_work(struct work_struct *work)
++{
++ struct request *rq = container_of(work, struct request, work);
++
++ rq->q->softirq_done_fn(rq);
++}
++
++#else
++
+ static void __blk_mq_complete_request_remote(void *data)
+ {
+ struct request *rq = data;
+@@ -320,6 +334,8 @@
+ rq->q->softirq_done_fn(rq);
+ }
+
++#endif
++
+ static void blk_mq_ipi_complete_request(struct request *rq)
+ {
+ struct blk_mq_ctx *ctx = rq->mq_ctx;
+@@ -331,19 +347,23 @@
+ return;
+ }
+
+- cpu = get_cpu();
++ cpu = get_cpu_light();
+ if (!test_bit(QUEUE_FLAG_SAME_FORCE, &rq->q->queue_flags))
+ shared = cpus_share_cache(cpu, ctx->cpu);
+
+ if (cpu != ctx->cpu && !shared && cpu_online(ctx->cpu)) {
++#if CONFIG_PREEMPT_RT_FULL
++ schedule_work_on(ctx->cpu, &rq->work);
++#else
+ rq->csd.func = __blk_mq_complete_request_remote;
+ rq->csd.info = rq;
+ rq->csd.flags = 0;
+ smp_call_function_single_async(ctx->cpu, &rq->csd);
++#endif
+ } else {
+ rq->q->softirq_done_fn(rq);
+ }
+- put_cpu();
++ put_cpu_light();
+ }
+
+ void __blk_mq_complete_request(struct request *rq)
+@@ -814,9 +834,9 @@
+ test_bit(BLK_MQ_S_STOPPED, &hctx->state))
+ continue;
+
+- preempt_disable();
++ migrate_disable();
+ blk_mq_run_hw_queue(hctx, async);
+- preempt_enable();
++ migrate_enable();
+ }
+ }
+ EXPORT_SYMBOL(blk_mq_run_queues);
+@@ -843,9 +863,9 @@
+ {
+ clear_bit(BLK_MQ_S_STOPPED, &hctx->state);
+
+- preempt_disable();
++ migrate_disable();
+ blk_mq_run_hw_queue(hctx, false);
+- preempt_enable();
++ migrate_enable();
+ }
+ EXPORT_SYMBOL(blk_mq_start_hw_queue);
+
+@@ -870,9 +890,9 @@
+ continue;
+
+ clear_bit(BLK_MQ_S_STOPPED, &hctx->state);
+- preempt_disable();
++ migrate_disable();
+ blk_mq_run_hw_queue(hctx, async);
+- preempt_enable();
++ migrate_enable();
+ }
+ }
+ EXPORT_SYMBOL(blk_mq_start_stopped_hw_queues);
+@@ -1494,7 +1514,7 @@
+ {
+ struct blk_mq_hw_ctx *hctx = data;
+
+- if (action == CPU_DEAD || action == CPU_DEAD_FROZEN)
++ if (action == CPU_POST_DEAD)
+ return blk_mq_hctx_cpu_offline(hctx, cpu);
+ else if (action == CPU_ONLINE || action == CPU_ONLINE_FROZEN)
+ return blk_mq_hctx_cpu_online(hctx, cpu);
+diff -Nur linux-3.18.9.orig/block/blk-mq-cpu.c linux-3.18.9/block/blk-mq-cpu.c
+--- linux-3.18.9.orig/block/blk-mq-cpu.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/block/blk-mq-cpu.c 2015-03-15 16:03:03.696094875 -0500
+@@ -16,7 +16,7 @@
+ #include "blk-mq.h"
+
+ static LIST_HEAD(blk_mq_cpu_notify_list);
+-static DEFINE_RAW_SPINLOCK(blk_mq_cpu_notify_lock);
++static DEFINE_SPINLOCK(blk_mq_cpu_notify_lock);
+
+ static int blk_mq_main_cpu_notify(struct notifier_block *self,
+ unsigned long action, void *hcpu)
+@@ -25,7 +25,10 @@
+ struct blk_mq_cpu_notifier *notify;
+ int ret = NOTIFY_OK;
+
+- raw_spin_lock(&blk_mq_cpu_notify_lock);
++ if (action != CPU_POST_DEAD)
++ return NOTIFY_OK;
++
++ spin_lock(&blk_mq_cpu_notify_lock);
+
+ list_for_each_entry(notify, &blk_mq_cpu_notify_list, list) {
+ ret = notify->notify(notify->data, action, cpu);
+@@ -33,7 +36,7 @@
+ break;
+ }
+
+- raw_spin_unlock(&blk_mq_cpu_notify_lock);
++ spin_unlock(&blk_mq_cpu_notify_lock);
+ return ret;
+ }
+
+@@ -41,16 +44,16 @@
+ {
+ BUG_ON(!notifier->notify);
+
+- raw_spin_lock(&blk_mq_cpu_notify_lock);
++ spin_lock(&blk_mq_cpu_notify_lock);
+ list_add_tail(&notifier->list, &blk_mq_cpu_notify_list);
+- raw_spin_unlock(&blk_mq_cpu_notify_lock);
++ spin_unlock(&blk_mq_cpu_notify_lock);
+ }
+
+ void blk_mq_unregister_cpu_notifier(struct blk_mq_cpu_notifier *notifier)
+ {
+- raw_spin_lock(&blk_mq_cpu_notify_lock);
++ spin_lock(&blk_mq_cpu_notify_lock);
+ list_del(&notifier->list);
+- raw_spin_unlock(&blk_mq_cpu_notify_lock);
++ spin_unlock(&blk_mq_cpu_notify_lock);
+ }
+
+ void blk_mq_init_cpu_notifier(struct blk_mq_cpu_notifier *notifier,
+diff -Nur linux-3.18.9.orig/block/blk-mq.h linux-3.18.9/block/blk-mq.h
+--- linux-3.18.9.orig/block/blk-mq.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/block/blk-mq.h 2015-03-15 16:03:03.700094875 -0500
+@@ -73,7 +73,10 @@
+ static inline struct blk_mq_ctx *__blk_mq_get_ctx(struct request_queue *q,
+ unsigned int cpu)
+ {
+- return per_cpu_ptr(q->queue_ctx, cpu);
++ struct blk_mq_ctx *ctx;
++
++ ctx = per_cpu_ptr(q->queue_ctx, cpu);
++ return ctx;
+ }
+
+ /*
+@@ -84,12 +87,12 @@
+ */
+ static inline struct blk_mq_ctx *blk_mq_get_ctx(struct request_queue *q)
+ {
+- return __blk_mq_get_ctx(q, get_cpu());
++ return __blk_mq_get_ctx(q, get_cpu_light());
+ }
+
+ static inline void blk_mq_put_ctx(struct blk_mq_ctx *ctx)
+ {
+- put_cpu();
++ put_cpu_light();
+ }
+
+ struct blk_mq_alloc_data {
+diff -Nur linux-3.18.9.orig/block/blk-softirq.c linux-3.18.9/block/blk-softirq.c
+--- linux-3.18.9.orig/block/blk-softirq.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/block/blk-softirq.c 2015-03-15 16:03:03.700094875 -0500
+@@ -51,6 +51,7 @@
+ raise_softirq_irqoff(BLOCK_SOFTIRQ);
+
+ local_irq_restore(flags);
++ preempt_check_resched_rt();
+ }
+
+ /*
+@@ -93,6 +94,7 @@
+ this_cpu_ptr(&blk_cpu_done));
+ raise_softirq_irqoff(BLOCK_SOFTIRQ);
+ local_irq_enable();
++ preempt_check_resched_rt();
+ }
+
+ return NOTIFY_OK;
+@@ -150,6 +152,7 @@
+ goto do_local;
+
+ local_irq_restore(flags);
++ preempt_check_resched_rt();
+ }
+
+ /**
+diff -Nur linux-3.18.9.orig/block/bounce.c linux-3.18.9/block/bounce.c
+--- linux-3.18.9.orig/block/bounce.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/block/bounce.c 2015-03-15 16:03:03.700094875 -0500
+@@ -54,11 +54,11 @@
+ unsigned long flags;
+ unsigned char *vto;
+
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ vto = kmap_atomic(to->bv_page);
+ memcpy(vto + to->bv_offset, vfrom, to->bv_len);
+ kunmap_atomic(vto);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ }
+
+ #else /* CONFIG_HIGHMEM */
+diff -Nur linux-3.18.9.orig/crypto/algapi.c linux-3.18.9/crypto/algapi.c
+--- linux-3.18.9.orig/crypto/algapi.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/crypto/algapi.c 2015-03-15 16:03:03.700094875 -0500
+@@ -698,13 +698,13 @@
+
+ int crypto_register_notifier(struct notifier_block *nb)
+ {
+- return blocking_notifier_chain_register(&crypto_chain, nb);
++ return srcu_notifier_chain_register(&crypto_chain, nb);
+ }
+ EXPORT_SYMBOL_GPL(crypto_register_notifier);
+
+ int crypto_unregister_notifier(struct notifier_block *nb)
+ {
+- return blocking_notifier_chain_unregister(&crypto_chain, nb);
++ return srcu_notifier_chain_unregister(&crypto_chain, nb);
+ }
+ EXPORT_SYMBOL_GPL(crypto_unregister_notifier);
+
+diff -Nur linux-3.18.9.orig/crypto/api.c linux-3.18.9/crypto/api.c
+--- linux-3.18.9.orig/crypto/api.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/crypto/api.c 2015-03-15 16:03:03.700094875 -0500
+@@ -31,7 +31,7 @@
+ DECLARE_RWSEM(crypto_alg_sem);
+ EXPORT_SYMBOL_GPL(crypto_alg_sem);
+
+-BLOCKING_NOTIFIER_HEAD(crypto_chain);
++SRCU_NOTIFIER_HEAD(crypto_chain);
+ EXPORT_SYMBOL_GPL(crypto_chain);
+
+ static struct crypto_alg *crypto_larval_wait(struct crypto_alg *alg);
+@@ -236,10 +236,10 @@
+ {
+ int ok;
+
+- ok = blocking_notifier_call_chain(&crypto_chain, val, v);
++ ok = srcu_notifier_call_chain(&crypto_chain, val, v);
+ if (ok == NOTIFY_DONE) {
+ request_module("cryptomgr");
+- ok = blocking_notifier_call_chain(&crypto_chain, val, v);
++ ok = srcu_notifier_call_chain(&crypto_chain, val, v);
+ }
+
+ return ok;
+diff -Nur linux-3.18.9.orig/crypto/internal.h linux-3.18.9/crypto/internal.h
+--- linux-3.18.9.orig/crypto/internal.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/crypto/internal.h 2015-03-15 16:03:03.700094875 -0500
+@@ -48,7 +48,7 @@
+
+ extern struct list_head crypto_alg_list;
+ extern struct rw_semaphore crypto_alg_sem;
+-extern struct blocking_notifier_head crypto_chain;
++extern struct srcu_notifier_head crypto_chain;
+
+ #ifdef CONFIG_PROC_FS
+ void __init crypto_init_proc(void);
+@@ -142,7 +142,7 @@
+
+ static inline void crypto_notify(unsigned long val, void *v)
+ {
+- blocking_notifier_call_chain(&crypto_chain, val, v);
++ srcu_notifier_call_chain(&crypto_chain, val, v);
+ }
+
+ #endif /* _CRYPTO_INTERNAL_H */
+diff -Nur linux-3.18.9.orig/Documentation/hwlat_detector.txt linux-3.18.9/Documentation/hwlat_detector.txt
+--- linux-3.18.9.orig/Documentation/hwlat_detector.txt 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/Documentation/hwlat_detector.txt 2015-03-15 16:03:03.704094875 -0500
+@@ -0,0 +1,64 @@
++Introduction:
++-------------
++
++The module hwlat_detector is a special purpose kernel module that is used to
++detect large system latencies induced by the behavior of certain underlying
++hardware or firmware, independent of Linux itself. The code was developed
++originally to detect SMIs (System Management Interrupts) on x86 systems,
++however there is nothing x86 specific about this patchset. It was
++originally written for use by the "RT" patch since the Real Time
++kernel is highly latency sensitive.
++
++SMIs are usually not serviced by the Linux kernel, which typically does not
++even know that they are occuring. SMIs are instead are set up by BIOS code
++and are serviced by BIOS code, usually for "critical" events such as
++management of thermal sensors and fans. Sometimes though, SMIs are used for
++other tasks and those tasks can spend an inordinate amount of time in the
++handler (sometimes measured in milliseconds). Obviously this is a problem if
++you are trying to keep event service latencies down in the microsecond range.
++
++The hardware latency detector works by hogging all of the cpus for configurable
++amounts of time (by calling stop_machine()), polling the CPU Time Stamp Counter
++for some period, then looking for gaps in the TSC data. Any gap indicates a
++time when the polling was interrupted and since the machine is stopped and
++interrupts turned off the only thing that could do that would be an SMI.
++
++Note that the SMI detector should *NEVER* be used in a production environment.
++It is intended to be run manually to determine if the hardware platform has a
++problem with long system firmware service routines.
++
++Usage:
++------
++
++Loading the module hwlat_detector passing the parameter "enabled=1" (or by
++setting the "enable" entry in "hwlat_detector" debugfs toggled on) is the only
++step required to start the hwlat_detector. It is possible to redefine the
++threshold in microseconds (us) above which latency spikes will be taken
++into account (parameter "threshold=").
++
++Example:
++
++ # modprobe hwlat_detector enabled=1 threshold=100
++
++After the module is loaded, it creates a directory named "hwlat_detector" under
++the debugfs mountpoint, "/debug/hwlat_detector" for this text. It is necessary
++to have debugfs mounted, which might be on /sys/debug on your system.
++
++The /debug/hwlat_detector interface contains the following files:
++
++count - number of latency spikes observed since last reset
++enable - a global enable/disable toggle (0/1), resets count
++max - maximum hardware latency actually observed (usecs)
++sample - a pipe from which to read current raw sample data
++ in the format <timestamp> <latency observed usecs>
++ (can be opened O_NONBLOCK for a single sample)
++threshold - minimum latency value to be considered (usecs)
++width - time period to sample with CPUs held (usecs)
++ must be less than the total window size (enforced)
++window - total period of sampling, width being inside (usecs)
++
++By default we will set width to 500,000 and window to 1,000,000, meaning that
++we will sample every 1,000,000 usecs (1s) for 500,000 usecs (0.5s). If we
++observe any latencies that exceed the threshold (initially 100 usecs),
++then we write to a global sample ring buffer of 8K samples, which is
++consumed by reading from the "sample" (pipe) debugfs file interface.
+diff -Nur linux-3.18.9.orig/Documentation/sysrq.txt linux-3.18.9/Documentation/sysrq.txt
+--- linux-3.18.9.orig/Documentation/sysrq.txt 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/Documentation/sysrq.txt 2015-03-15 16:03:03.704094875 -0500
+@@ -59,10 +59,17 @@
+ On other - If you know of the key combos for other architectures, please
+ let me know so I can add them to this section.
+
+-On all - write a character to /proc/sysrq-trigger. e.g.:
+-
++On all - write a character to /proc/sysrq-trigger, e.g.:
+ echo t > /proc/sysrq-trigger
+
++On all - Enable network SysRq by writing a cookie to icmp_echo_sysrq, e.g.
++ echo 0x01020304 >/proc/sys/net/ipv4/icmp_echo_sysrq
++ Send an ICMP echo request with this pattern plus the particular
++ SysRq command key. Example:
++ # ping -c1 -s57 -p0102030468
++ will trigger the SysRq-H (help) command.
++
++
+ * What are the 'command' keys?
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ 'b' - Will immediately reboot the system without syncing or unmounting
+diff -Nur linux-3.18.9.orig/Documentation/trace/histograms.txt linux-3.18.9/Documentation/trace/histograms.txt
+--- linux-3.18.9.orig/Documentation/trace/histograms.txt 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/Documentation/trace/histograms.txt 2015-03-15 16:03:03.704094875 -0500
+@@ -0,0 +1,186 @@
++ Using the Linux Kernel Latency Histograms
++
++
++This document gives a short explanation how to enable, configure and use
++latency histograms. Latency histograms are primarily relevant in the
++context of real-time enabled kernels (CONFIG_PREEMPT/CONFIG_PREEMPT_RT)
++and are used in the quality management of the Linux real-time
++capabilities.
++
++
++* Purpose of latency histograms
++
++A latency histogram continuously accumulates the frequencies of latency
++data. There are two types of histograms
++- potential sources of latencies
++- effective latencies
++
++
++* Potential sources of latencies
++
++Potential sources of latencies are code segments where interrupts,
++preemption or both are disabled (aka critical sections). To create
++histograms of potential sources of latency, the kernel stores the time
++stamp at the start of a critical section, determines the time elapsed
++when the end of the section is reached, and increments the frequency
++counter of that latency value - irrespective of whether any concurrently
++running process is affected by latency or not.
++- Configuration items (in the Kernel hacking/Tracers submenu)
++ CONFIG_INTERRUPT_OFF_LATENCY
++ CONFIG_PREEMPT_OFF_LATENCY
++
++
++* Effective latencies
++
++Effective latencies are actually occuring during wakeup of a process. To
++determine effective latencies, the kernel stores the time stamp when a
++process is scheduled to be woken up, and determines the duration of the
++wakeup time shortly before control is passed over to this process. Note
++that the apparent latency in user space may be somewhat longer, since the
++process may be interrupted after control is passed over to it but before
++the execution in user space takes place. Simply measuring the interval
++between enqueuing and wakeup may also not appropriate in cases when a
++process is scheduled as a result of a timer expiration. The timer may have
++missed its deadline, e.g. due to disabled interrupts, but this latency
++would not be registered. Therefore, the offsets of missed timers are
++recorded in a separate histogram. If both wakeup latency and missed timer
++offsets are configured and enabled, a third histogram may be enabled that
++records the overall latency as a sum of the timer latency, if any, and the
++wakeup latency. This histogram is called "timerandwakeup".
++- Configuration items (in the Kernel hacking/Tracers submenu)
++ CONFIG_WAKEUP_LATENCY
++ CONFIG_MISSED_TIMER_OFSETS
++
++
++* Usage
++
++The interface to the administration of the latency histograms is located
++in the debugfs file system. To mount it, either enter
++
++mount -t sysfs nodev /sys
++mount -t debugfs nodev /sys/kernel/debug
++
++from shell command line level, or add
++
++nodev /sys sysfs defaults 0 0
++nodev /sys/kernel/debug debugfs defaults 0 0
++
++to the file /etc/fstab. All latency histogram related files are then
++available in the directory /sys/kernel/debug/tracing/latency_hist. A
++particular histogram type is enabled by writing non-zero to the related
++variable in the /sys/kernel/debug/tracing/latency_hist/enable directory.
++Select "preemptirqsoff" for the histograms of potential sources of
++latencies and "wakeup" for histograms of effective latencies etc. The
++histogram data - one per CPU - are available in the files
++
++/sys/kernel/debug/tracing/latency_hist/preemptoff/CPUx
++/sys/kernel/debug/tracing/latency_hist/irqsoff/CPUx
++/sys/kernel/debug/tracing/latency_hist/preemptirqsoff/CPUx
++/sys/kernel/debug/tracing/latency_hist/wakeup/CPUx
++/sys/kernel/debug/tracing/latency_hist/wakeup/sharedprio/CPUx
++/sys/kernel/debug/tracing/latency_hist/missed_timer_offsets/CPUx
++/sys/kernel/debug/tracing/latency_hist/timerandwakeup/CPUx
++
++The histograms are reset by writing non-zero to the file "reset" in a
++particular latency directory. To reset all latency data, use
++
++#!/bin/sh
++
++TRACINGDIR=/sys/kernel/debug/tracing
++HISTDIR=$TRACINGDIR/latency_hist
++
++if test -d $HISTDIR
++then
++ cd $HISTDIR
++ for i in `find . | grep /reset$`
++ do
++ echo 1 >$i
++ done
++fi
++
++
++* Data format
++
++Latency data are stored with a resolution of one microsecond. The
++maximum latency is 10,240 microseconds. The data are only valid, if the
++overflow register is empty. Every output line contains the latency in
++microseconds in the first row and the number of samples in the second
++row. To display only lines with a positive latency count, use, for
++example,
++
++grep -v " 0$" /sys/kernel/debug/tracing/latency_hist/preemptoff/CPU0
++
++#Minimum latency: 0 microseconds.
++#Average latency: 0 microseconds.
++#Maximum latency: 25 microseconds.
++#Total samples: 3104770694
++#There are 0 samples greater or equal than 10240 microseconds
++#usecs samples
++ 0 2984486876
++ 1 49843506
++ 2 58219047
++ 3 5348126
++ 4 2187960
++ 5 3388262
++ 6 959289
++ 7 208294
++ 8 40420
++ 9 4485
++ 10 14918
++ 11 18340
++ 12 25052
++ 13 19455
++ 14 5602
++ 15 969
++ 16 47
++ 17 18
++ 18 14
++ 19 1
++ 20 3
++ 21 2
++ 22 5
++ 23 2
++ 25 1
++
++
++* Wakeup latency of a selected process
++
++To only collect wakeup latency data of a particular process, write the
++PID of the requested process to
++
++/sys/kernel/debug/tracing/latency_hist/wakeup/pid
++
++PIDs are not considered, if this variable is set to 0.
++
++
++* Details of the process with the highest wakeup latency so far
++
++Selected data of the process that suffered from the highest wakeup
++latency that occurred in a particular CPU are available in the file
++
++/sys/kernel/debug/tracing/latency_hist/wakeup/max_latency-CPUx.
++
++In addition, other relevant system data at the time when the
++latency occurred are given.
++
++The format of the data is (all in one line):
++<PID> <Priority> <Latency> (<Timeroffset>) <Command> \
++<- <PID> <Priority> <Command> <Timestamp>
++
++The value of <Timeroffset> is only relevant in the combined timer
++and wakeup latency recording. In the wakeup recording, it is
++always 0, in the missed_timer_offsets recording, it is the same
++as <Latency>.
++
++When retrospectively searching for the origin of a latency and
++tracing was not enabled, it may be helpful to know the name and
++some basic data of the task that (finally) was switching to the
++late real-tlme task. In addition to the victim's data, also the
++data of the possible culprit are therefore displayed after the
++"<-" symbol.
++
++Finally, the timestamp of the time when the latency occurred
++in <seconds>.<microseconds> after the most recent system boot
++is provided.
++
++These data are also reset when the wakeup histogram is reset.
+diff -Nur linux-3.18.9.orig/drivers/acpi/acpica/acglobal.h linux-3.18.9/drivers/acpi/acpica/acglobal.h
+--- linux-3.18.9.orig/drivers/acpi/acpica/acglobal.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/acpi/acpica/acglobal.h 2015-03-15 16:03:03.704094875 -0500
+@@ -112,7 +112,7 @@
+ * interrupt level
+ */
+ ACPI_GLOBAL(acpi_spinlock, acpi_gbl_gpe_lock); /* For GPE data structs and registers */
+-ACPI_GLOBAL(acpi_spinlock, acpi_gbl_hardware_lock); /* For ACPI H/W except GPE registers */
++ACPI_GLOBAL(acpi_raw_spinlock, acpi_gbl_hardware_lock); /* For ACPI H/W except GPE registers */
+ ACPI_GLOBAL(acpi_spinlock, acpi_gbl_reference_count_lock);
+
+ /* Mutex for _OSI support */
+diff -Nur linux-3.18.9.orig/drivers/acpi/acpica/hwregs.c linux-3.18.9/drivers/acpi/acpica/hwregs.c
+--- linux-3.18.9.orig/drivers/acpi/acpica/hwregs.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/acpi/acpica/hwregs.c 2015-03-15 16:03:03.704094875 -0500
+@@ -269,14 +269,14 @@
+ ACPI_BITMASK_ALL_FIXED_STATUS,
+ ACPI_FORMAT_UINT64(acpi_gbl_xpm1a_status.address)));
+
+- lock_flags = acpi_os_acquire_lock(acpi_gbl_hardware_lock);
++ raw_spin_lock_irqsave(acpi_gbl_hardware_lock, lock_flags);
+
+ /* Clear the fixed events in PM1 A/B */
+
+ status = acpi_hw_register_write(ACPI_REGISTER_PM1_STATUS,
+ ACPI_BITMASK_ALL_FIXED_STATUS);
+
+- acpi_os_release_lock(acpi_gbl_hardware_lock, lock_flags);
++ raw_spin_unlock_irqrestore(acpi_gbl_hardware_lock, lock_flags);
+
+ if (ACPI_FAILURE(status)) {
+ goto exit;
+diff -Nur linux-3.18.9.orig/drivers/acpi/acpica/hwxface.c linux-3.18.9/drivers/acpi/acpica/hwxface.c
+--- linux-3.18.9.orig/drivers/acpi/acpica/hwxface.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/acpi/acpica/hwxface.c 2015-03-15 16:03:03.704094875 -0500
+@@ -374,7 +374,7 @@
+ return_ACPI_STATUS(AE_BAD_PARAMETER);
+ }
+
+- lock_flags = acpi_os_acquire_lock(acpi_gbl_hardware_lock);
++ raw_spin_lock_irqsave(acpi_gbl_hardware_lock, lock_flags);
+
+ /*
+ * At this point, we know that the parent register is one of the
+@@ -435,7 +435,7 @@
+
+ unlock_and_exit:
+
+- acpi_os_release_lock(acpi_gbl_hardware_lock, lock_flags);
++ raw_spin_unlock_irqrestore(acpi_gbl_hardware_lock, lock_flags);
+ return_ACPI_STATUS(status);
+ }
+
+diff -Nur linux-3.18.9.orig/drivers/acpi/acpica/utmutex.c linux-3.18.9/drivers/acpi/acpica/utmutex.c
+--- linux-3.18.9.orig/drivers/acpi/acpica/utmutex.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/acpi/acpica/utmutex.c 2015-03-15 16:03:03.704094875 -0500
+@@ -88,7 +88,7 @@
+ return_ACPI_STATUS (status);
+ }
+
+- status = acpi_os_create_lock (&acpi_gbl_hardware_lock);
++ status = acpi_os_create_raw_lock (&acpi_gbl_hardware_lock);
+ if (ACPI_FAILURE (status)) {
+ return_ACPI_STATUS (status);
+ }
+@@ -141,7 +141,7 @@
+ /* Delete the spinlocks */
+
+ acpi_os_delete_lock(acpi_gbl_gpe_lock);
+- acpi_os_delete_lock(acpi_gbl_hardware_lock);
++ acpi_os_delete_raw_lock(acpi_gbl_hardware_lock);
+ acpi_os_delete_lock(acpi_gbl_reference_count_lock);
+
+ /* Delete the reader/writer lock */
+diff -Nur linux-3.18.9.orig/drivers/ata/libata-sff.c linux-3.18.9/drivers/ata/libata-sff.c
+--- linux-3.18.9.orig/drivers/ata/libata-sff.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/ata/libata-sff.c 2015-03-15 16:03:03.704094875 -0500
+@@ -678,9 +678,9 @@
+ unsigned long flags;
+ unsigned int consumed;
+
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ consumed = ata_sff_data_xfer32(dev, buf, buflen, rw);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+
+ return consumed;
+ }
+@@ -719,7 +719,7 @@
+ unsigned long flags;
+
+ /* FIXME: use a bounce buffer */
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ buf = kmap_atomic(page);
+
+ /* do the actual data transfer */
+@@ -727,7 +727,7 @@
+ do_write);
+
+ kunmap_atomic(buf);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ } else {
+ buf = page_address(page);
+ ap->ops->sff_data_xfer(qc->dev, buf + offset, qc->sect_size,
+@@ -864,7 +864,7 @@
+ unsigned long flags;
+
+ /* FIXME: use bounce buffer */
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ buf = kmap_atomic(page);
+
+ /* do the actual data transfer */
+@@ -872,7 +872,7 @@
+ count, rw);
+
+ kunmap_atomic(buf);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ } else {
+ buf = page_address(page);
+ consumed = ap->ops->sff_data_xfer(dev, buf + offset,
+diff -Nur linux-3.18.9.orig/drivers/char/random.c linux-3.18.9/drivers/char/random.c
+--- linux-3.18.9.orig/drivers/char/random.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/char/random.c 2015-03-15 16:03:03.708094875 -0500
+@@ -776,8 +776,6 @@
+ } sample;
+ long delta, delta2, delta3;
+
+- preempt_disable();
+-
+ sample.jiffies = jiffies;
+ sample.cycles = random_get_entropy();
+ sample.num = num;
+@@ -818,7 +816,6 @@
+ */
+ credit_entropy_bits(r, min_t(int, fls(delta>>1), 11));
+ }
+- preempt_enable();
+ }
+
+ void add_input_randomness(unsigned int type, unsigned int code,
+@@ -871,28 +868,27 @@
+ return *(ptr + f->reg_idx++);
+ }
+
+-void add_interrupt_randomness(int irq, int irq_flags)
++void add_interrupt_randomness(int irq, int irq_flags, __u64 ip)
+ {
+ struct entropy_store *r;
+ struct fast_pool *fast_pool = this_cpu_ptr(&irq_randomness);
+- struct pt_regs *regs = get_irq_regs();
+ unsigned long now = jiffies;
+ cycles_t cycles = random_get_entropy();
+ __u32 c_high, j_high;
+- __u64 ip;
+ unsigned long seed;
+ int credit = 0;
+
+ if (cycles == 0)
+- cycles = get_reg(fast_pool, regs);
++ cycles = get_reg(fast_pool, NULL);
+ c_high = (sizeof(cycles) > 4) ? cycles >> 32 : 0;
+ j_high = (sizeof(now) > 4) ? now >> 32 : 0;
+ fast_pool->pool[0] ^= cycles ^ j_high ^ irq;
+ fast_pool->pool[1] ^= now ^ c_high;
+- ip = regs ? instruction_pointer(regs) : _RET_IP_;
++ if (!ip)
++ ip = _RET_IP_;
+ fast_pool->pool[2] ^= ip;
+ fast_pool->pool[3] ^= (sizeof(ip) > 4) ? ip >> 32 :
+- get_reg(fast_pool, regs);
++ get_reg(fast_pool, NULL);
+
+ fast_mix(fast_pool);
+ add_interrupt_bench(cycles);
+diff -Nur linux-3.18.9.orig/drivers/clocksource/tcb_clksrc.c linux-3.18.9/drivers/clocksource/tcb_clksrc.c
+--- linux-3.18.9.orig/drivers/clocksource/tcb_clksrc.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/clocksource/tcb_clksrc.c 2015-03-15 16:03:03.708094875 -0500
+@@ -23,8 +23,7 @@
+ * this 32 bit free-running counter. the second channel is not used.
+ *
+ * - The third channel may be used to provide a 16-bit clockevent
+- * source, used in either periodic or oneshot mode. This runs
+- * at 32 KiHZ, and can handle delays of up to two seconds.
++ * source, used in either periodic or oneshot mode.
+ *
+ * A boot clocksource and clockevent source are also currently needed,
+ * unless the relevant platforms (ARM/AT91, AVR32/AT32) are changed so
+@@ -74,6 +73,7 @@
+ struct tc_clkevt_device {
+ struct clock_event_device clkevt;
+ struct clk *clk;
++ u32 freq;
+ void __iomem *regs;
+ };
+
+@@ -82,13 +82,6 @@
+ return container_of(clkevt, struct tc_clkevt_device, clkevt);
+ }
+
+-/* For now, we always use the 32K clock ... this optimizes for NO_HZ,
+- * because using one of the divided clocks would usually mean the
+- * tick rate can never be less than several dozen Hz (vs 0.5 Hz).
+- *
+- * A divided clock could be good for high resolution timers, since
+- * 30.5 usec resolution can seem "low".
+- */
+ static u32 timer_clock;
+
+ static void tc_mode(enum clock_event_mode m, struct clock_event_device *d)
+@@ -111,11 +104,12 @@
+ case CLOCK_EVT_MODE_PERIODIC:
+ clk_enable(tcd->clk);
+
+- /* slow clock, count up to RC, then irq and restart */
++ /* count up to RC, then irq and restart */
+ __raw_writel(timer_clock
+ | ATMEL_TC_WAVE | ATMEL_TC_WAVESEL_UP_AUTO,
+ regs + ATMEL_TC_REG(2, CMR));
+- __raw_writel((32768 + HZ/2) / HZ, tcaddr + ATMEL_TC_REG(2, RC));
++ __raw_writel((tcd->freq + HZ / 2) / HZ,
++ tcaddr + ATMEL_TC_REG(2, RC));
+
+ /* Enable clock and interrupts on RC compare */
+ __raw_writel(ATMEL_TC_CPCS, regs + ATMEL_TC_REG(2, IER));
+@@ -128,7 +122,7 @@
+ case CLOCK_EVT_MODE_ONESHOT:
+ clk_enable(tcd->clk);
+
+- /* slow clock, count up to RC, then irq and stop */
++ /* count up to RC, then irq and stop */
+ __raw_writel(timer_clock | ATMEL_TC_CPCSTOP
+ | ATMEL_TC_WAVE | ATMEL_TC_WAVESEL_UP_AUTO,
+ regs + ATMEL_TC_REG(2, CMR));
+@@ -157,8 +151,12 @@
+ .name = "tc_clkevt",
+ .features = CLOCK_EVT_FEAT_PERIODIC
+ | CLOCK_EVT_FEAT_ONESHOT,
++#ifdef CONFIG_ATMEL_TCB_CLKSRC_USE_SLOW_CLOCK
+ /* Should be lower than at91rm9200's system timer */
+ .rating = 125,
++#else
++ .rating = 200,
++#endif
+ .set_next_event = tc_next_event,
+ .set_mode = tc_mode,
+ },
+@@ -178,8 +176,9 @@
+ return IRQ_NONE;
+ }
+
+-static int __init setup_clkevents(struct atmel_tc *tc, int clk32k_divisor_idx)
++static int __init setup_clkevents(struct atmel_tc *tc, int divisor_idx)
+ {
++ unsigned divisor = atmel_tc_divisors[divisor_idx];
+ int ret;
+ struct clk *t2_clk = tc->clk[2];
+ int irq = tc->irq[2];
+@@ -193,7 +192,11 @@
+ clkevt.regs = tc->regs;
+ clkevt.clk = t2_clk;
+
+- timer_clock = clk32k_divisor_idx;
++ timer_clock = divisor_idx;
++ if (!divisor)
++ clkevt.freq = 32768;
++ else
++ clkevt.freq = clk_get_rate(t2_clk) / divisor;
+
+ clkevt.clkevt.cpumask = cpumask_of(0);
+
+@@ -203,7 +206,7 @@
+ return ret;
+ }
+
+- clockevents_config_and_register(&clkevt.clkevt, 32768, 1, 0xffff);
++ clockevents_config_and_register(&clkevt.clkevt, clkevt.freq, 1, 0xffff);
+
+ return ret;
+ }
+@@ -340,7 +343,11 @@
+ goto err_disable_t1;
+
+ /* channel 2: periodic and oneshot timer support */
++#ifdef CONFIG_ATMEL_TCB_CLKSRC_USE_SLOW_CLOCK
+ ret = setup_clkevents(tc, clk32k_divisor_idx);
++#else
++ ret = setup_clkevents(tc, best_divisor_idx);
++#endif
+ if (ret)
+ goto err_unregister_clksrc;
+
+diff -Nur linux-3.18.9.orig/drivers/clocksource/timer-atmel-pit.c linux-3.18.9/drivers/clocksource/timer-atmel-pit.c
+--- linux-3.18.9.orig/drivers/clocksource/timer-atmel-pit.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/clocksource/timer-atmel-pit.c 2015-03-15 16:03:03.708094875 -0500
+@@ -90,6 +90,7 @@
+ return elapsed;
+ }
+
++static struct irqaction at91sam926x_pit_irq;
+ /*
+ * Clockevent device: interrupts every 1/HZ (== pit_cycles * MCK/16)
+ */
+@@ -100,6 +101,8 @@
+
+ switch (mode) {
+ case CLOCK_EVT_MODE_PERIODIC:
++ /* Set up irq handler */
++ setup_irq(at91sam926x_pit_irq.irq, &at91sam926x_pit_irq);
+ /* update clocksource counter */
+ data->cnt += data->cycle * PIT_PICNT(pit_read(data->base, AT91_PIT_PIVR));
+ pit_write(data->base, AT91_PIT_MR,
+@@ -113,6 +116,7 @@
+ /* disable irq, leaving the clocksource active */
+ pit_write(data->base, AT91_PIT_MR,
+ (data->cycle - 1) | AT91_PIT_PITEN);
++ remove_irq(at91sam926x_pit_irq.irq, &at91sam926x_pit_irq);
+ break;
+ case CLOCK_EVT_MODE_RESUME:
+ break;
+diff -Nur linux-3.18.9.orig/drivers/gpio/gpio-omap.c linux-3.18.9/drivers/gpio/gpio-omap.c
+--- linux-3.18.9.orig/drivers/gpio/gpio-omap.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/gpio/gpio-omap.c 2015-03-15 16:03:03.708094875 -0500
+@@ -57,7 +57,7 @@
+ u32 saved_datain;
+ u32 level_mask;
+ u32 toggle_mask;
+- spinlock_t lock;
++ raw_spinlock_t lock;
+ struct gpio_chip chip;
+ struct clk *dbck;
+ u32 mod_usage;
+@@ -503,19 +503,19 @@
+ (type & (IRQ_TYPE_LEVEL_LOW|IRQ_TYPE_LEVEL_HIGH)))
+ return -EINVAL;
+
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ offset = GPIO_INDEX(bank, gpio);
+ retval = omap_set_gpio_triggering(bank, offset, type);
+ if (!LINE_USED(bank->mod_usage, offset)) {
+ omap_enable_gpio_module(bank, offset);
+ omap_set_gpio_direction(bank, offset, 1);
+ } else if (!omap_gpio_is_input(bank, BIT(offset))) {
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+ return -EINVAL;
+ }
+
+ bank->irq_usage |= BIT(GPIO_INDEX(bank, gpio));
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+
+ if (type & (IRQ_TYPE_LEVEL_LOW | IRQ_TYPE_LEVEL_HIGH))
+ __irq_set_handler_locked(d->irq, handle_level_irq);
+@@ -633,14 +633,14 @@
+ return -EINVAL;
+ }
+
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ if (enable)
+ bank->context.wake_en |= gpio_bit;
+ else
+ bank->context.wake_en &= ~gpio_bit;
+
+ writel_relaxed(bank->context.wake_en, bank->base + bank->regs->wkup_en);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+
+ return 0;
+ }
+@@ -675,7 +675,7 @@
+ if (!BANK_USED(bank))
+ pm_runtime_get_sync(bank->dev);
+
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ /* Set trigger to none. You need to enable the desired trigger with
+ * request_irq() or set_irq_type(). Only do this if the IRQ line has
+ * not already been requested.
+@@ -685,7 +685,7 @@
+ omap_enable_gpio_module(bank, offset);
+ }
+ bank->mod_usage |= BIT(offset);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+
+ return 0;
+ }
+@@ -695,11 +695,11 @@
+ struct gpio_bank *bank = container_of(chip, struct gpio_bank, chip);
+ unsigned long flags;
+
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ bank->mod_usage &= ~(BIT(offset));
+ omap_disable_gpio_module(bank, offset);
+ omap_reset_gpio(bank, bank->chip.base + offset);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+
+ /*
+ * If this is the last gpio to be freed in the bank,
+@@ -799,12 +799,12 @@
+ unsigned long flags;
+ unsigned offset = GPIO_INDEX(bank, gpio);
+
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ gpio_unlock_as_irq(&bank->chip, offset);
+ bank->irq_usage &= ~(BIT(offset));
+ omap_disable_gpio_module(bank, offset);
+ omap_reset_gpio(bank, gpio);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+
+ /*
+ * If this is the last IRQ to be freed in the bank,
+@@ -828,10 +828,10 @@
+ unsigned int gpio = omap_irq_to_gpio(bank, d->hwirq);
+ unsigned long flags;
+
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ omap_set_gpio_irqenable(bank, gpio, 0);
+ omap_set_gpio_triggering(bank, GPIO_INDEX(bank, gpio), IRQ_TYPE_NONE);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+ }
+
+ static void omap_gpio_unmask_irq(struct irq_data *d)
+@@ -842,7 +842,7 @@
+ u32 trigger = irqd_get_trigger_type(d);
+ unsigned long flags;
+
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ if (trigger)
+ omap_set_gpio_triggering(bank, GPIO_INDEX(bank, gpio), trigger);
+
+@@ -854,7 +854,7 @@
+ }
+
+ omap_set_gpio_irqenable(bank, gpio, 1);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+ }
+
+ /*---------------------------------------------------------------------*/
+@@ -867,9 +867,9 @@
+ OMAP_MPUIO_GPIO_MASKIT / bank->stride;
+ unsigned long flags;
+
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ writel_relaxed(0xffff & ~bank->context.wake_en, mask_reg);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+
+ return 0;
+ }
+@@ -882,9 +882,9 @@
+ OMAP_MPUIO_GPIO_MASKIT / bank->stride;
+ unsigned long flags;
+
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ writel_relaxed(bank->context.wake_en, mask_reg);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+
+ return 0;
+ }
+@@ -930,9 +930,9 @@
+
+ bank = container_of(chip, struct gpio_bank, chip);
+ reg = bank->base + bank->regs->direction;
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ dir = !!(readl_relaxed(reg) & BIT(offset));
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+ return dir;
+ }
+
+@@ -942,9 +942,9 @@
+ unsigned long flags;
+
+ bank = container_of(chip, struct gpio_bank, chip);
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ omap_set_gpio_direction(bank, offset, 1);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+ return 0;
+ }
+
+@@ -968,10 +968,10 @@
+ unsigned long flags;
+
+ bank = container_of(chip, struct gpio_bank, chip);
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ bank->set_dataout(bank, offset, value);
+ omap_set_gpio_direction(bank, offset, 0);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+ return 0;
+ }
+
+@@ -983,9 +983,9 @@
+
+ bank = container_of(chip, struct gpio_bank, chip);
+
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ omap2_set_gpio_debounce(bank, offset, debounce);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+
+ return 0;
+ }
+@@ -996,9 +996,9 @@
+ unsigned long flags;
+
+ bank = container_of(chip, struct gpio_bank, chip);
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+ bank->set_dataout(bank, offset, value);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+ }
+
+ /*---------------------------------------------------------------------*/
+@@ -1223,7 +1223,7 @@
+ else
+ bank->set_dataout = omap_set_gpio_dataout_mask;
+
+- spin_lock_init(&bank->lock);
++ raw_spin_lock_init(&bank->lock);
+
+ /* Static mapping, never released */
+ res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
+@@ -1270,7 +1270,7 @@
+ unsigned long flags;
+ u32 wake_low, wake_hi;
+
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+
+ /*
+ * Only edges can generate a wakeup event to the PRCM.
+@@ -1323,7 +1323,7 @@
+ bank->get_context_loss_count(bank->dev);
+
+ omap_gpio_dbck_disable(bank);
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+
+ return 0;
+ }
+@@ -1338,7 +1338,7 @@
+ unsigned long flags;
+ int c;
+
+- spin_lock_irqsave(&bank->lock, flags);
++ raw_spin_lock_irqsave(&bank->lock, flags);
+
+ /*
+ * On the first resume during the probe, the context has not
+@@ -1374,14 +1374,14 @@
+ if (c != bank->context_loss_count) {
+ omap_gpio_restore_context(bank);
+ } else {
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+ return 0;
+ }
+ }
+ }
+
+ if (!bank->workaround_enabled) {
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+ return 0;
+ }
+
+@@ -1436,7 +1436,7 @@
+ }
+
+ bank->workaround_enabled = false;
+- spin_unlock_irqrestore(&bank->lock, flags);
++ raw_spin_unlock_irqrestore(&bank->lock, flags);
+
+ return 0;
+ }
+diff -Nur linux-3.18.9.orig/drivers/gpu/drm/i915/i915_gem.c linux-3.18.9/drivers/gpu/drm/i915/i915_gem.c
+--- linux-3.18.9.orig/drivers/gpu/drm/i915/i915_gem.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/gpu/drm/i915/i915_gem.c 2015-03-15 16:03:03.712094875 -0500
+@@ -5144,7 +5144,7 @@
+ if (!mutex_is_locked(mutex))
+ return false;
+
+-#if defined(CONFIG_SMP) && !defined(CONFIG_DEBUG_MUTEXES)
++#if defined(CONFIG_SMP) && !defined(CONFIG_DEBUG_MUTEXES) && !defined(CONFIG_PREEMPT_RT_BASE)
+ return mutex->owner == task;
+ #else
+ /* Since UP may be pre-empted, we cannot assume that we own the lock */
+diff -Nur linux-3.18.9.orig/drivers/gpu/drm/i915/i915_gem_execbuffer.c linux-3.18.9/drivers/gpu/drm/i915/i915_gem_execbuffer.c
+--- linux-3.18.9.orig/drivers/gpu/drm/i915/i915_gem_execbuffer.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/gpu/drm/i915/i915_gem_execbuffer.c 2015-03-15 16:03:03.712094875 -0500
+@@ -1170,7 +1170,9 @@
+ return ret;
+ }
+
++#ifndef CONFIG_PREEMPT_RT_BASE
+ trace_i915_gem_ring_dispatch(ring, intel_ring_get_seqno(ring), flags);
++#endif
+
+ i915_gem_execbuffer_move_to_active(vmas, ring);
+ i915_gem_execbuffer_retire_commands(dev, file, ring, batch_obj);
+diff -Nur linux-3.18.9.orig/drivers/i2c/busses/i2c-omap.c linux-3.18.9/drivers/i2c/busses/i2c-omap.c
+--- linux-3.18.9.orig/drivers/i2c/busses/i2c-omap.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/i2c/busses/i2c-omap.c 2015-03-15 16:03:03.712094875 -0500
+@@ -875,15 +875,12 @@
+ u16 mask;
+ u16 stat;
+
+- spin_lock(&dev->lock);
+- mask = omap_i2c_read_reg(dev, OMAP_I2C_IE_REG);
+ stat = omap_i2c_read_reg(dev, OMAP_I2C_STAT_REG);
++ mask = omap_i2c_read_reg(dev, OMAP_I2C_IE_REG);
+
+ if (stat & mask)
+ ret = IRQ_WAKE_THREAD;
+
+- spin_unlock(&dev->lock);
+-
+ return ret;
+ }
+
+diff -Nur linux-3.18.9.orig/drivers/ide/alim15x3.c linux-3.18.9/drivers/ide/alim15x3.c
+--- linux-3.18.9.orig/drivers/ide/alim15x3.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/ide/alim15x3.c 2015-03-15 16:03:03.712094875 -0500
+@@ -234,7 +234,7 @@
+
+ isa_dev = pci_get_device(PCI_VENDOR_ID_AL, PCI_DEVICE_ID_AL_M1533, NULL);
+
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+
+ if (m5229_revision < 0xC2) {
+ /*
+@@ -325,7 +325,7 @@
+ }
+ pci_dev_put(north);
+ pci_dev_put(isa_dev);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ return 0;
+ }
+
+diff -Nur linux-3.18.9.orig/drivers/ide/hpt366.c linux-3.18.9/drivers/ide/hpt366.c
+--- linux-3.18.9.orig/drivers/ide/hpt366.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/ide/hpt366.c 2015-03-15 16:03:03.716094875 -0500
+@@ -1241,7 +1241,7 @@
+
+ dma_old = inb(base + 2);
+
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+
+ dma_new = dma_old;
+ pci_read_config_byte(dev, hwif->channel ? 0x4b : 0x43, &masterdma);
+@@ -1252,7 +1252,7 @@
+ if (dma_new != dma_old)
+ outb(dma_new, base + 2);
+
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+
+ printk(KERN_INFO " %s: BM-DMA at 0x%04lx-0x%04lx\n",
+ hwif->name, base, base + 7);
+diff -Nur linux-3.18.9.orig/drivers/ide/ide-io.c linux-3.18.9/drivers/ide/ide-io.c
+--- linux-3.18.9.orig/drivers/ide/ide-io.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/ide/ide-io.c 2015-03-15 16:03:03.716094875 -0500
+@@ -659,7 +659,7 @@
+ /* disable_irq_nosync ?? */
+ disable_irq(hwif->irq);
+ /* local CPU only, as if we were handling an interrupt */
+- local_irq_disable();
++ local_irq_disable_nort();
+ if (hwif->polling) {
+ startstop = handler(drive);
+ } else if (drive_is_ready(drive)) {
+diff -Nur linux-3.18.9.orig/drivers/ide/ide-iops.c linux-3.18.9/drivers/ide/ide-iops.c
+--- linux-3.18.9.orig/drivers/ide/ide-iops.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/ide/ide-iops.c 2015-03-15 16:03:03.716094875 -0500
+@@ -129,12 +129,12 @@
+ if ((stat & ATA_BUSY) == 0)
+ break;
+
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ *rstat = stat;
+ return -EBUSY;
+ }
+ }
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ }
+ /*
+ * Allow status to settle, then read it again.
+diff -Nur linux-3.18.9.orig/drivers/ide/ide-io-std.c linux-3.18.9/drivers/ide/ide-io-std.c
+--- linux-3.18.9.orig/drivers/ide/ide-io-std.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/ide/ide-io-std.c 2015-03-15 16:03:03.716094875 -0500
+@@ -175,7 +175,7 @@
+ unsigned long uninitialized_var(flags);
+
+ if ((io_32bit & 2) && !mmio) {
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ ata_vlb_sync(io_ports->nsect_addr);
+ }
+
+@@ -186,7 +186,7 @@
+ insl(data_addr, buf, words);
+
+ if ((io_32bit & 2) && !mmio)
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+
+ if (((len + 1) & 3) < 2)
+ return;
+@@ -219,7 +219,7 @@
+ unsigned long uninitialized_var(flags);
+
+ if ((io_32bit & 2) && !mmio) {
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ ata_vlb_sync(io_ports->nsect_addr);
+ }
+
+@@ -230,7 +230,7 @@
+ outsl(data_addr, buf, words);
+
+ if ((io_32bit & 2) && !mmio)
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+
+ if (((len + 1) & 3) < 2)
+ return;
+diff -Nur linux-3.18.9.orig/drivers/ide/ide-probe.c linux-3.18.9/drivers/ide/ide-probe.c
+--- linux-3.18.9.orig/drivers/ide/ide-probe.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/ide/ide-probe.c 2015-03-15 16:03:03.716094875 -0500
+@@ -196,10 +196,10 @@
+ int bswap = 1;
+
+ /* local CPU only; some systems need this */
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ /* read 512 bytes of id info */
+ hwif->tp_ops->input_data(drive, NULL, id, SECTOR_SIZE);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+
+ drive->dev_flags |= IDE_DFLAG_ID_READ;
+ #ifdef DEBUG
+diff -Nur linux-3.18.9.orig/drivers/ide/ide-taskfile.c linux-3.18.9/drivers/ide/ide-taskfile.c
+--- linux-3.18.9.orig/drivers/ide/ide-taskfile.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/ide/ide-taskfile.c 2015-03-15 16:03:03.716094875 -0500
+@@ -250,7 +250,7 @@
+
+ page_is_high = PageHighMem(page);
+ if (page_is_high)
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+
+ buf = kmap_atomic(page) + offset;
+
+@@ -271,7 +271,7 @@
+ kunmap_atomic(buf);
+
+ if (page_is_high)
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+
+ len -= nr_bytes;
+ }
+@@ -414,7 +414,7 @@
+ }
+
+ if ((drive->dev_flags & IDE_DFLAG_UNMASK) == 0)
+- local_irq_disable();
++ local_irq_disable_nort();
+
+ ide_set_handler(drive, &task_pio_intr, WAIT_WORSTCASE);
+
+diff -Nur linux-3.18.9.orig/drivers/infiniband/ulp/ipoib/ipoib_multicast.c linux-3.18.9/drivers/infiniband/ulp/ipoib/ipoib_multicast.c
+--- linux-3.18.9.orig/drivers/infiniband/ulp/ipoib/ipoib_multicast.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/infiniband/ulp/ipoib/ipoib_multicast.c 2015-03-15 16:03:03.716094875 -0500
+@@ -796,7 +796,7 @@
+
+ ipoib_mcast_stop_thread(dev, 0);
+
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ netif_addr_lock(dev);
+ spin_lock(&priv->lock);
+
+@@ -878,7 +878,7 @@
+
+ spin_unlock(&priv->lock);
+ netif_addr_unlock(dev);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+
+ /* We have to cancel outside of the spinlock */
+ list_for_each_entry_safe(mcast, tmcast, &remove_list, list) {
+diff -Nur linux-3.18.9.orig/drivers/input/gameport/gameport.c linux-3.18.9/drivers/input/gameport/gameport.c
+--- linux-3.18.9.orig/drivers/input/gameport/gameport.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/input/gameport/gameport.c 2015-03-15 16:03:03.716094875 -0500
+@@ -124,12 +124,12 @@
+ tx = 1 << 30;
+
+ for(i = 0; i < 50; i++) {
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ GET_TIME(t1);
+ for (t = 0; t < 50; t++) gameport_read(gameport);
+ GET_TIME(t2);
+ GET_TIME(t3);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ udelay(i * 10);
+ if ((t = DELTA(t2,t1) - DELTA(t3,t2)) < tx) tx = t;
+ }
+@@ -148,11 +148,11 @@
+ tx = 1 << 30;
+
+ for(i = 0; i < 50; i++) {
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ rdtscl(t1);
+ for (t = 0; t < 50; t++) gameport_read(gameport);
+ rdtscl(t2);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ udelay(i * 10);
+ if (t2 - t1 < tx) tx = t2 - t1;
+ }
+diff -Nur linux-3.18.9.orig/drivers/leds/trigger/Kconfig linux-3.18.9/drivers/leds/trigger/Kconfig
+--- linux-3.18.9.orig/drivers/leds/trigger/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/leds/trigger/Kconfig 2015-03-15 16:03:03.716094875 -0500
+@@ -61,7 +61,7 @@
+
+ config LEDS_TRIGGER_CPU
+ bool "LED CPU Trigger"
+- depends on LEDS_TRIGGERS
++ depends on LEDS_TRIGGERS && !PREEMPT_RT_BASE
+ help
+ This allows LEDs to be controlled by active CPUs. This shows
+ the active CPUs across an array of LEDs so you can see which
+diff -Nur linux-3.18.9.orig/drivers/md/bcache/Kconfig linux-3.18.9/drivers/md/bcache/Kconfig
+--- linux-3.18.9.orig/drivers/md/bcache/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/md/bcache/Kconfig 2015-03-15 16:03:03.720094875 -0500
+@@ -1,6 +1,7 @@
+
+ config BCACHE
+ tristate "Block device as cache"
++ depends on !PREEMPT_RT_FULL
+ ---help---
+ Allows a block device to be used as cache for other devices; uses
+ a btree for indexing and the layout is optimized for SSDs.
+diff -Nur linux-3.18.9.orig/drivers/md/dm.c linux-3.18.9/drivers/md/dm.c
+--- linux-3.18.9.orig/drivers/md/dm.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/md/dm.c 2015-03-15 16:03:03.720094875 -0500
+@@ -1898,14 +1898,14 @@
+ if (map_request(ti, clone, md))
+ goto requeued;
+
+- BUG_ON(!irqs_disabled());
++ BUG_ON_NONRT(!irqs_disabled());
+ spin_lock(q->queue_lock);
+ }
+
+ goto out;
+
+ requeued:
+- BUG_ON(!irqs_disabled());
++ BUG_ON_NONRT(!irqs_disabled());
+ spin_lock(q->queue_lock);
+
+ delay_and_out:
+diff -Nur linux-3.18.9.orig/drivers/md/raid5.c linux-3.18.9/drivers/md/raid5.c
+--- linux-3.18.9.orig/drivers/md/raid5.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/md/raid5.c 2015-03-15 16:03:03.724094875 -0500
+@@ -1649,8 +1649,9 @@
+ struct raid5_percpu *percpu;
+ unsigned long cpu;
+
+- cpu = get_cpu();
++ cpu = get_cpu_light();
+ percpu = per_cpu_ptr(conf->percpu, cpu);
++ spin_lock(&percpu->lock);
+ if (test_bit(STRIPE_OP_BIOFILL, &ops_request)) {
+ ops_run_biofill(sh);
+ overlap_clear++;
+@@ -1702,7 +1703,8 @@
+ if (test_and_clear_bit(R5_Overlap, &dev->flags))
+ wake_up(&sh->raid_conf->wait_for_overlap);
+ }
+- put_cpu();
++ spin_unlock(&percpu->lock);
++ put_cpu_light();
+ }
+
+ static int grow_one_stripe(struct r5conf *conf, int hash)
+@@ -5708,6 +5710,7 @@
+ __func__, cpu);
+ break;
+ }
++ spin_lock_init(&per_cpu_ptr(conf->percpu, cpu)->lock);
+ }
+ put_online_cpus();
+
+diff -Nur linux-3.18.9.orig/drivers/md/raid5.c.orig linux-3.18.9/drivers/md/raid5.c.orig
+--- linux-3.18.9.orig/drivers/md/raid5.c.orig 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/drivers/md/raid5.c.orig 2015-03-06 16:53:42.000000000 -0600
+@@ -0,0 +1,7144 @@
++/*
++ * raid5.c : Multiple Devices driver for Linux
++ * Copyright (C) 1996, 1997 Ingo Molnar, Miguel de Icaza, Gadi Oxman
++ * Copyright (C) 1999, 2000 Ingo Molnar
++ * Copyright (C) 2002, 2003 H. Peter Anvin
++ *
++ * RAID-4/5/6 management functions.
++ * Thanks to Penguin Computing for making the RAID-6 development possible
++ * by donating a test server!
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License as published by
++ * the Free Software Foundation; either version 2, or (at your option)
++ * any later version.
++ *
++ * You should have received a copy of the GNU General Public License
++ * (for example /usr/src/linux/COPYING); if not, write to the Free
++ * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++ */
++
++/*
++ * BITMAP UNPLUGGING:
++ *
++ * The sequencing for updating the bitmap reliably is a little
++ * subtle (and I got it wrong the first time) so it deserves some
++ * explanation.
++ *
++ * We group bitmap updates into batches. Each batch has a number.
++ * We may write out several batches at once, but that isn't very important.
++ * conf->seq_write is the number of the last batch successfully written.
++ * conf->seq_flush is the number of the last batch that was closed to
++ * new additions.
++ * When we discover that we will need to write to any block in a stripe
++ * (in add_stripe_bio) we update the in-memory bitmap and record in sh->bm_seq
++ * the number of the batch it will be in. This is seq_flush+1.
++ * When we are ready to do a write, if that batch hasn't been written yet,
++ * we plug the array and queue the stripe for later.
++ * When an unplug happens, we increment bm_flush, thus closing the current
++ * batch.
++ * When we notice that bm_flush > bm_write, we write out all pending updates
++ * to the bitmap, and advance bm_write to where bm_flush was.
++ * This may occasionally write a bit out twice, but is sure never to
++ * miss any bits.
++ */
++
++#include <linux/blkdev.h>
++#include <linux/kthread.h>
++#include <linux/raid/pq.h>
++#include <linux/async_tx.h>
++#include <linux/module.h>
++#include <linux/async.h>
++#include <linux/seq_file.h>
++#include <linux/cpu.h>
++#include <linux/slab.h>
++#include <linux/ratelimit.h>
++#include <linux/nodemask.h>
++#include <trace/events/block.h>
++
++#include "md.h"
++#include "raid5.h"
++#include "raid0.h"
++#include "bitmap.h"
++
++#define cpu_to_group(cpu) cpu_to_node(cpu)
++#define ANY_GROUP NUMA_NO_NODE
++
++static bool devices_handle_discard_safely = false;
++module_param(devices_handle_discard_safely, bool, 0644);
++MODULE_PARM_DESC(devices_handle_discard_safely,
++ "Set to Y if all devices in each array reliably return zeroes on reads from discarded regions");
++static struct workqueue_struct *raid5_wq;
++/*
++ * Stripe cache
++ */
++
++#define NR_STRIPES 256
++#define STRIPE_SIZE PAGE_SIZE
++#define STRIPE_SHIFT (PAGE_SHIFT - 9)
++#define STRIPE_SECTORS (STRIPE_SIZE>>9)
++#define IO_THRESHOLD 1
++#define BYPASS_THRESHOLD 1
++#define NR_HASH (PAGE_SIZE / sizeof(struct hlist_head))
++#define HASH_MASK (NR_HASH - 1)
++#define MAX_STRIPE_BATCH 8
++
++static inline struct hlist_head *stripe_hash(struct r5conf *conf, sector_t sect)
++{
++ int hash = (sect >> STRIPE_SHIFT) & HASH_MASK;
++ return &conf->stripe_hashtbl[hash];
++}
++
++static inline int stripe_hash_locks_hash(sector_t sect)
++{
++ return (sect >> STRIPE_SHIFT) & STRIPE_HASH_LOCKS_MASK;
++}
++
++static inline void lock_device_hash_lock(struct r5conf *conf, int hash)
++{
++ spin_lock_irq(conf->hash_locks + hash);
++ spin_lock(&conf->device_lock);
++}
++
++static inline void unlock_device_hash_lock(struct r5conf *conf, int hash)
++{
++ spin_unlock(&conf->device_lock);
++ spin_unlock_irq(conf->hash_locks + hash);
++}
++
++static inline void lock_all_device_hash_locks_irq(struct r5conf *conf)
++{
++ int i;
++ local_irq_disable();
++ spin_lock(conf->hash_locks);
++ for (i = 1; i < NR_STRIPE_HASH_LOCKS; i++)
++ spin_lock_nest_lock(conf->hash_locks + i, conf->hash_locks);
++ spin_lock(&conf->device_lock);
++}
++
++static inline void unlock_all_device_hash_locks_irq(struct r5conf *conf)
++{
++ int i;
++ spin_unlock(&conf->device_lock);
++ for (i = NR_STRIPE_HASH_LOCKS; i; i--)
++ spin_unlock(conf->hash_locks + i - 1);
++ local_irq_enable();
++}
++
++/* bio's attached to a stripe+device for I/O are linked together in bi_sector
++ * order without overlap. There may be several bio's per stripe+device, and
++ * a bio could span several devices.
++ * When walking this list for a particular stripe+device, we must never proceed
++ * beyond a bio that extends past this device, as the next bio might no longer
++ * be valid.
++ * This function is used to determine the 'next' bio in the list, given the sector
++ * of the current stripe+device
++ */
++static inline struct bio *r5_next_bio(struct bio *bio, sector_t sector)
++{
++ int sectors = bio_sectors(bio);
++ if (bio->bi_iter.bi_sector + sectors < sector + STRIPE_SECTORS)
++ return bio->bi_next;
++ else
++ return NULL;
++}
++
++/*
++ * We maintain a biased count of active stripes in the bottom 16 bits of
++ * bi_phys_segments, and a count of processed stripes in the upper 16 bits
++ */
++static inline int raid5_bi_processed_stripes(struct bio *bio)
++{
++ atomic_t *segments = (atomic_t *)&bio->bi_phys_segments;
++ return (atomic_read(segments) >> 16) & 0xffff;
++}
++
++static inline int raid5_dec_bi_active_stripes(struct bio *bio)
++{
++ atomic_t *segments = (atomic_t *)&bio->bi_phys_segments;
++ return atomic_sub_return(1, segments) & 0xffff;
++}
++
++static inline void raid5_inc_bi_active_stripes(struct bio *bio)
++{
++ atomic_t *segments = (atomic_t *)&bio->bi_phys_segments;
++ atomic_inc(segments);
++}
++
++static inline void raid5_set_bi_processed_stripes(struct bio *bio,
++ unsigned int cnt)
++{
++ atomic_t *segments = (atomic_t *)&bio->bi_phys_segments;
++ int old, new;
++
++ do {
++ old = atomic_read(segments);
++ new = (old & 0xffff) | (cnt << 16);
++ } while (atomic_cmpxchg(segments, old, new) != old);
++}
++
++static inline void raid5_set_bi_stripes(struct bio *bio, unsigned int cnt)
++{
++ atomic_t *segments = (atomic_t *)&bio->bi_phys_segments;
++ atomic_set(segments, cnt);
++}
++
++/* Find first data disk in a raid6 stripe */
++static inline int raid6_d0(struct stripe_head *sh)
++{
++ if (sh->ddf_layout)
++ /* ddf always start from first device */
++ return 0;
++ /* md starts just after Q block */
++ if (sh->qd_idx == sh->disks - 1)
++ return 0;
++ else
++ return sh->qd_idx + 1;
++}
++static inline int raid6_next_disk(int disk, int raid_disks)
++{
++ disk++;
++ return (disk < raid_disks) ? disk : 0;
++}
++
++/* When walking through the disks in a raid5, starting at raid6_d0,
++ * We need to map each disk to a 'slot', where the data disks are slot
++ * 0 .. raid_disks-3, the parity disk is raid_disks-2 and the Q disk
++ * is raid_disks-1. This help does that mapping.
++ */
++static int raid6_idx_to_slot(int idx, struct stripe_head *sh,
++ int *count, int syndrome_disks)
++{
++ int slot = *count;
++
++ if (sh->ddf_layout)
++ (*count)++;
++ if (idx == sh->pd_idx)
++ return syndrome_disks;
++ if (idx == sh->qd_idx)
++ return syndrome_disks + 1;
++ if (!sh->ddf_layout)
++ (*count)++;
++ return slot;
++}
++
++static void return_io(struct bio *return_bi)
++{
++ struct bio *bi = return_bi;
++ while (bi) {
++
++ return_bi = bi->bi_next;
++ bi->bi_next = NULL;
++ bi->bi_iter.bi_size = 0;
++ trace_block_bio_complete(bdev_get_queue(bi->bi_bdev),
++ bi, 0);
++ bio_endio(bi, 0);
++ bi = return_bi;
++ }
++}
++
++static void print_raid5_conf (struct r5conf *conf);
++
++static int stripe_operations_active(struct stripe_head *sh)
++{
++ return sh->check_state || sh->reconstruct_state ||
++ test_bit(STRIPE_BIOFILL_RUN, &sh->state) ||
++ test_bit(STRIPE_COMPUTE_RUN, &sh->state);
++}
++
++static void raid5_wakeup_stripe_thread(struct stripe_head *sh)
++{
++ struct r5conf *conf = sh->raid_conf;
++ struct r5worker_group *group;
++ int thread_cnt;
++ int i, cpu = sh->cpu;
++
++ if (!cpu_online(cpu)) {
++ cpu = cpumask_any(cpu_online_mask);
++ sh->cpu = cpu;
++ }
++
++ if (list_empty(&sh->lru)) {
++ struct r5worker_group *group;
++ group = conf->worker_groups + cpu_to_group(cpu);
++ list_add_tail(&sh->lru, &group->handle_list);
++ group->stripes_cnt++;
++ sh->group = group;
++ }
++
++ if (conf->worker_cnt_per_group == 0) {
++ md_wakeup_thread(conf->mddev->thread);
++ return;
++ }
++
++ group = conf->worker_groups + cpu_to_group(sh->cpu);
++
++ group->workers[0].working = true;
++ /* at least one worker should run to avoid race */
++ queue_work_on(sh->cpu, raid5_wq, &group->workers[0].work);
++
++ thread_cnt = group->stripes_cnt / MAX_STRIPE_BATCH - 1;
++ /* wakeup more workers */
++ for (i = 1; i < conf->worker_cnt_per_group && thread_cnt > 0; i++) {
++ if (group->workers[i].working == false) {
++ group->workers[i].working = true;
++ queue_work_on(sh->cpu, raid5_wq,
++ &group->workers[i].work);
++ thread_cnt--;
++ }
++ }
++}
++
++static void do_release_stripe(struct r5conf *conf, struct stripe_head *sh,
++ struct list_head *temp_inactive_list)
++{
++ BUG_ON(!list_empty(&sh->lru));
++ BUG_ON(atomic_read(&conf->active_stripes)==0);
++ if (test_bit(STRIPE_HANDLE, &sh->state)) {
++ if (test_bit(STRIPE_DELAYED, &sh->state) &&
++ !test_bit(STRIPE_PREREAD_ACTIVE, &sh->state)) {
++ list_add_tail(&sh->lru, &conf->delayed_list);
++ if (atomic_read(&conf->preread_active_stripes)
++ < IO_THRESHOLD)
++ md_wakeup_thread(conf->mddev->thread);
++ } else if (test_bit(STRIPE_BIT_DELAY, &sh->state) &&
++ sh->bm_seq - conf->seq_write > 0)
++ list_add_tail(&sh->lru, &conf->bitmap_list);
++ else {
++ clear_bit(STRIPE_DELAYED, &sh->state);
++ clear_bit(STRIPE_BIT_DELAY, &sh->state);
++ if (conf->worker_cnt_per_group == 0) {
++ list_add_tail(&sh->lru, &conf->handle_list);
++ } else {
++ raid5_wakeup_stripe_thread(sh);
++ return;
++ }
++ }
++ md_wakeup_thread(conf->mddev->thread);
++ } else {
++ BUG_ON(stripe_operations_active(sh));
++ if (test_and_clear_bit(STRIPE_PREREAD_ACTIVE, &sh->state))
++ if (atomic_dec_return(&conf->preread_active_stripes)
++ < IO_THRESHOLD)
++ md_wakeup_thread(conf->mddev->thread);
++ atomic_dec(&conf->active_stripes);
++ if (!test_bit(STRIPE_EXPANDING, &sh->state))
++ list_add_tail(&sh->lru, temp_inactive_list);
++ }
++}
++
++static void __release_stripe(struct r5conf *conf, struct stripe_head *sh,
++ struct list_head *temp_inactive_list)
++{
++ if (atomic_dec_and_test(&sh->count))
++ do_release_stripe(conf, sh, temp_inactive_list);
++}
++
++/*
++ * @hash could be NR_STRIPE_HASH_LOCKS, then we have a list of inactive_list
++ *
++ * Be careful: Only one task can add/delete stripes from temp_inactive_list at
++ * given time. Adding stripes only takes device lock, while deleting stripes
++ * only takes hash lock.
++ */
++static void release_inactive_stripe_list(struct r5conf *conf,
++ struct list_head *temp_inactive_list,
++ int hash)
++{
++ int size;
++ bool do_wakeup = false;
++ unsigned long flags;
++
++ if (hash == NR_STRIPE_HASH_LOCKS) {
++ size = NR_STRIPE_HASH_LOCKS;
++ hash = NR_STRIPE_HASH_LOCKS - 1;
++ } else
++ size = 1;
++ while (size) {
++ struct list_head *list = &temp_inactive_list[size - 1];
++
++ /*
++ * We don't hold any lock here yet, get_active_stripe() might
++ * remove stripes from the list
++ */
++ if (!list_empty_careful(list)) {
++ spin_lock_irqsave(conf->hash_locks + hash, flags);
++ if (list_empty(conf->inactive_list + hash) &&
++ !list_empty(list))
++ atomic_dec(&conf->empty_inactive_list_nr);
++ list_splice_tail_init(list, conf->inactive_list + hash);
++ do_wakeup = true;
++ spin_unlock_irqrestore(conf->hash_locks + hash, flags);
++ }
++ size--;
++ hash--;
++ }
++
++ if (do_wakeup) {
++ wake_up(&conf->wait_for_stripe);
++ if (conf->retry_read_aligned)
++ md_wakeup_thread(conf->mddev->thread);
++ }
++}
++
++/* should hold conf->device_lock already */
++static int release_stripe_list(struct r5conf *conf,
++ struct list_head *temp_inactive_list)
++{
++ struct stripe_head *sh;
++ int count = 0;
++ struct llist_node *head;
++
++ head = llist_del_all(&conf->released_stripes);
++ head = llist_reverse_order(head);
++ while (head) {
++ int hash;
++
++ sh = llist_entry(head, struct stripe_head, release_list);
++ head = llist_next(head);
++ /* sh could be readded after STRIPE_ON_RELEASE_LIST is cleard */
++ smp_mb();
++ clear_bit(STRIPE_ON_RELEASE_LIST, &sh->state);
++ /*
++ * Don't worry the bit is set here, because if the bit is set
++ * again, the count is always > 1. This is true for
++ * STRIPE_ON_UNPLUG_LIST bit too.
++ */
++ hash = sh->hash_lock_index;
++ __release_stripe(conf, sh, &temp_inactive_list[hash]);
++ count++;
++ }
++
++ return count;
++}
++
++static void release_stripe(struct stripe_head *sh)
++{
++ struct r5conf *conf = sh->raid_conf;
++ unsigned long flags;
++ struct list_head list;
++ int hash;
++ bool wakeup;
++
++ /* Avoid release_list until the last reference.
++ */
++ if (atomic_add_unless(&sh->count, -1, 1))
++ return;
++
++ if (unlikely(!conf->mddev->thread) ||
++ test_and_set_bit(STRIPE_ON_RELEASE_LIST, &sh->state))
++ goto slow_path;
++ wakeup = llist_add(&sh->release_list, &conf->released_stripes);
++ if (wakeup)
++ md_wakeup_thread(conf->mddev->thread);
++ return;
++slow_path:
++ local_irq_save(flags);
++ /* we are ok here if STRIPE_ON_RELEASE_LIST is set or not */
++ if (atomic_dec_and_lock(&sh->count, &conf->device_lock)) {
++ INIT_LIST_HEAD(&list);
++ hash = sh->hash_lock_index;
++ do_release_stripe(conf, sh, &list);
++ spin_unlock(&conf->device_lock);
++ release_inactive_stripe_list(conf, &list, hash);
++ }
++ local_irq_restore(flags);
++}
++
++static inline void remove_hash(struct stripe_head *sh)
++{
++ pr_debug("remove_hash(), stripe %llu\n",
++ (unsigned long long)sh->sector);
++
++ hlist_del_init(&sh->hash);
++}
++
++static inline void insert_hash(struct r5conf *conf, struct stripe_head *sh)
++{
++ struct hlist_head *hp = stripe_hash(conf, sh->sector);
++
++ pr_debug("insert_hash(), stripe %llu\n",
++ (unsigned long long)sh->sector);
++
++ hlist_add_head(&sh->hash, hp);
++}
++
++/* find an idle stripe, make sure it is unhashed, and return it. */
++static struct stripe_head *get_free_stripe(struct r5conf *conf, int hash)
++{
++ struct stripe_head *sh = NULL;
++ struct list_head *first;
++
++ if (list_empty(conf->inactive_list + hash))
++ goto out;
++ first = (conf->inactive_list + hash)->next;
++ sh = list_entry(first, struct stripe_head, lru);
++ list_del_init(first);
++ remove_hash(sh);
++ atomic_inc(&conf->active_stripes);
++ BUG_ON(hash != sh->hash_lock_index);
++ if (list_empty(conf->inactive_list + hash))
++ atomic_inc(&conf->empty_inactive_list_nr);
++out:
++ return sh;
++}
++
++static void shrink_buffers(struct stripe_head *sh)
++{
++ struct page *p;
++ int i;
++ int num = sh->raid_conf->pool_size;
++
++ for (i = 0; i < num ; i++) {
++ WARN_ON(sh->dev[i].page != sh->dev[i].orig_page);
++ p = sh->dev[i].page;
++ if (!p)
++ continue;
++ sh->dev[i].page = NULL;
++ put_page(p);
++ }
++}
++
++static int grow_buffers(struct stripe_head *sh)
++{
++ int i;
++ int num = sh->raid_conf->pool_size;
++
++ for (i = 0; i < num; i++) {
++ struct page *page;
++
++ if (!(page = alloc_page(GFP_KERNEL))) {
++ return 1;
++ }
++ sh->dev[i].page = page;
++ sh->dev[i].orig_page = page;
++ }
++ return 0;
++}
++
++static void raid5_build_block(struct stripe_head *sh, int i, int previous);
++static void stripe_set_idx(sector_t stripe, struct r5conf *conf, int previous,
++ struct stripe_head *sh);
++
++static void init_stripe(struct stripe_head *sh, sector_t sector, int previous)
++{
++ struct r5conf *conf = sh->raid_conf;
++ int i, seq;
++
++ BUG_ON(atomic_read(&sh->count) != 0);
++ BUG_ON(test_bit(STRIPE_HANDLE, &sh->state));
++ BUG_ON(stripe_operations_active(sh));
++
++ pr_debug("init_stripe called, stripe %llu\n",
++ (unsigned long long)sector);
++retry:
++ seq = read_seqcount_begin(&conf->gen_lock);
++ sh->generation = conf->generation - previous;
++ sh->disks = previous ? conf->previous_raid_disks : conf->raid_disks;
++ sh->sector = sector;
++ stripe_set_idx(sector, conf, previous, sh);
++ sh->state = 0;
++
++ for (i = sh->disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++
++ if (dev->toread || dev->read || dev->towrite || dev->written ||
++ test_bit(R5_LOCKED, &dev->flags)) {
++ printk(KERN_ERR "sector=%llx i=%d %p %p %p %p %d\n",
++ (unsigned long long)sh->sector, i, dev->toread,
++ dev->read, dev->towrite, dev->written,
++ test_bit(R5_LOCKED, &dev->flags));
++ WARN_ON(1);
++ }
++ dev->flags = 0;
++ raid5_build_block(sh, i, previous);
++ }
++ if (read_seqcount_retry(&conf->gen_lock, seq))
++ goto retry;
++ insert_hash(conf, sh);
++ sh->cpu = smp_processor_id();
++}
++
++static struct stripe_head *__find_stripe(struct r5conf *conf, sector_t sector,
++ short generation)
++{
++ struct stripe_head *sh;
++
++ pr_debug("__find_stripe, sector %llu\n", (unsigned long long)sector);
++ hlist_for_each_entry(sh, stripe_hash(conf, sector), hash)
++ if (sh->sector == sector && sh->generation == generation)
++ return sh;
++ pr_debug("__stripe %llu not in cache\n", (unsigned long long)sector);
++ return NULL;
++}
++
++/*
++ * Need to check if array has failed when deciding whether to:
++ * - start an array
++ * - remove non-faulty devices
++ * - add a spare
++ * - allow a reshape
++ * This determination is simple when no reshape is happening.
++ * However if there is a reshape, we need to carefully check
++ * both the before and after sections.
++ * This is because some failed devices may only affect one
++ * of the two sections, and some non-in_sync devices may
++ * be insync in the section most affected by failed devices.
++ */
++static int calc_degraded(struct r5conf *conf)
++{
++ int degraded, degraded2;
++ int i;
++
++ rcu_read_lock();
++ degraded = 0;
++ for (i = 0; i < conf->previous_raid_disks; i++) {
++ struct md_rdev *rdev = rcu_dereference(conf->disks[i].rdev);
++ if (rdev && test_bit(Faulty, &rdev->flags))
++ rdev = rcu_dereference(conf->disks[i].replacement);
++ if (!rdev || test_bit(Faulty, &rdev->flags))
++ degraded++;
++ else if (test_bit(In_sync, &rdev->flags))
++ ;
++ else
++ /* not in-sync or faulty.
++ * If the reshape increases the number of devices,
++ * this is being recovered by the reshape, so
++ * this 'previous' section is not in_sync.
++ * If the number of devices is being reduced however,
++ * the device can only be part of the array if
++ * we are reverting a reshape, so this section will
++ * be in-sync.
++ */
++ if (conf->raid_disks >= conf->previous_raid_disks)
++ degraded++;
++ }
++ rcu_read_unlock();
++ if (conf->raid_disks == conf->previous_raid_disks)
++ return degraded;
++ rcu_read_lock();
++ degraded2 = 0;
++ for (i = 0; i < conf->raid_disks; i++) {
++ struct md_rdev *rdev = rcu_dereference(conf->disks[i].rdev);
++ if (rdev && test_bit(Faulty, &rdev->flags))
++ rdev = rcu_dereference(conf->disks[i].replacement);
++ if (!rdev || test_bit(Faulty, &rdev->flags))
++ degraded2++;
++ else if (test_bit(In_sync, &rdev->flags))
++ ;
++ else
++ /* not in-sync or faulty.
++ * If reshape increases the number of devices, this
++ * section has already been recovered, else it
++ * almost certainly hasn't.
++ */
++ if (conf->raid_disks <= conf->previous_raid_disks)
++ degraded2++;
++ }
++ rcu_read_unlock();
++ if (degraded2 > degraded)
++ return degraded2;
++ return degraded;
++}
++
++static int has_failed(struct r5conf *conf)
++{
++ int degraded;
++
++ if (conf->mddev->reshape_position == MaxSector)
++ return conf->mddev->degraded > conf->max_degraded;
++
++ degraded = calc_degraded(conf);
++ if (degraded > conf->max_degraded)
++ return 1;
++ return 0;
++}
++
++static struct stripe_head *
++get_active_stripe(struct r5conf *conf, sector_t sector,
++ int previous, int noblock, int noquiesce)
++{
++ struct stripe_head *sh;
++ int hash = stripe_hash_locks_hash(sector);
++
++ pr_debug("get_stripe, sector %llu\n", (unsigned long long)sector);
++
++ spin_lock_irq(conf->hash_locks + hash);
++
++ do {
++ wait_event_lock_irq(conf->wait_for_stripe,
++ conf->quiesce == 0 || noquiesce,
++ *(conf->hash_locks + hash));
++ sh = __find_stripe(conf, sector, conf->generation - previous);
++ if (!sh) {
++ if (!conf->inactive_blocked)
++ sh = get_free_stripe(conf, hash);
++ if (noblock && sh == NULL)
++ break;
++ if (!sh) {
++ conf->inactive_blocked = 1;
++ wait_event_lock_irq(
++ conf->wait_for_stripe,
++ !list_empty(conf->inactive_list + hash) &&
++ (atomic_read(&conf->active_stripes)
++ < (conf->max_nr_stripes * 3 / 4)
++ || !conf->inactive_blocked),
++ *(conf->hash_locks + hash));
++ conf->inactive_blocked = 0;
++ } else {
++ init_stripe(sh, sector, previous);
++ atomic_inc(&sh->count);
++ }
++ } else if (!atomic_inc_not_zero(&sh->count)) {
++ spin_lock(&conf->device_lock);
++ if (!atomic_read(&sh->count)) {
++ if (!test_bit(STRIPE_HANDLE, &sh->state))
++ atomic_inc(&conf->active_stripes);
++ BUG_ON(list_empty(&sh->lru) &&
++ !test_bit(STRIPE_EXPANDING, &sh->state));
++ list_del_init(&sh->lru);
++ if (sh->group) {
++ sh->group->stripes_cnt--;
++ sh->group = NULL;
++ }
++ }
++ atomic_inc(&sh->count);
++ spin_unlock(&conf->device_lock);
++ }
++ } while (sh == NULL);
++
++ spin_unlock_irq(conf->hash_locks + hash);
++ return sh;
++}
++
++/* Determine if 'data_offset' or 'new_data_offset' should be used
++ * in this stripe_head.
++ */
++static int use_new_offset(struct r5conf *conf, struct stripe_head *sh)
++{
++ sector_t progress = conf->reshape_progress;
++ /* Need a memory barrier to make sure we see the value
++ * of conf->generation, or ->data_offset that was set before
++ * reshape_progress was updated.
++ */
++ smp_rmb();
++ if (progress == MaxSector)
++ return 0;
++ if (sh->generation == conf->generation - 1)
++ return 0;
++ /* We are in a reshape, and this is a new-generation stripe,
++ * so use new_data_offset.
++ */
++ return 1;
++}
++
++static void
++raid5_end_read_request(struct bio *bi, int error);
++static void
++raid5_end_write_request(struct bio *bi, int error);
++
++static void ops_run_io(struct stripe_head *sh, struct stripe_head_state *s)
++{
++ struct r5conf *conf = sh->raid_conf;
++ int i, disks = sh->disks;
++
++ might_sleep();
++
++ for (i = disks; i--; ) {
++ int rw;
++ int replace_only = 0;
++ struct bio *bi, *rbi;
++ struct md_rdev *rdev, *rrdev = NULL;
++ if (test_and_clear_bit(R5_Wantwrite, &sh->dev[i].flags)) {
++ if (test_and_clear_bit(R5_WantFUA, &sh->dev[i].flags))
++ rw = WRITE_FUA;
++ else
++ rw = WRITE;
++ if (test_bit(R5_Discard, &sh->dev[i].flags))
++ rw |= REQ_DISCARD;
++ } else if (test_and_clear_bit(R5_Wantread, &sh->dev[i].flags))
++ rw = READ;
++ else if (test_and_clear_bit(R5_WantReplace,
++ &sh->dev[i].flags)) {
++ rw = WRITE;
++ replace_only = 1;
++ } else
++ continue;
++ if (test_and_clear_bit(R5_SyncIO, &sh->dev[i].flags))
++ rw |= REQ_SYNC;
++
++ bi = &sh->dev[i].req;
++ rbi = &sh->dev[i].rreq; /* For writing to replacement */
++
++ rcu_read_lock();
++ rrdev = rcu_dereference(conf->disks[i].replacement);
++ smp_mb(); /* Ensure that if rrdev is NULL, rdev won't be */
++ rdev = rcu_dereference(conf->disks[i].rdev);
++ if (!rdev) {
++ rdev = rrdev;
++ rrdev = NULL;
++ }
++ if (rw & WRITE) {
++ if (replace_only)
++ rdev = NULL;
++ if (rdev == rrdev)
++ /* We raced and saw duplicates */
++ rrdev = NULL;
++ } else {
++ if (test_bit(R5_ReadRepl, &sh->dev[i].flags) && rrdev)
++ rdev = rrdev;
++ rrdev = NULL;
++ }
++
++ if (rdev && test_bit(Faulty, &rdev->flags))
++ rdev = NULL;
++ if (rdev)
++ atomic_inc(&rdev->nr_pending);
++ if (rrdev && test_bit(Faulty, &rrdev->flags))
++ rrdev = NULL;
++ if (rrdev)
++ atomic_inc(&rrdev->nr_pending);
++ rcu_read_unlock();
++
++ /* We have already checked bad blocks for reads. Now
++ * need to check for writes. We never accept write errors
++ * on the replacement, so we don't to check rrdev.
++ */
++ while ((rw & WRITE) && rdev &&
++ test_bit(WriteErrorSeen, &rdev->flags)) {
++ sector_t first_bad;
++ int bad_sectors;
++ int bad = is_badblock(rdev, sh->sector, STRIPE_SECTORS,
++ &first_bad, &bad_sectors);
++ if (!bad)
++ break;
++
++ if (bad < 0) {
++ set_bit(BlockedBadBlocks, &rdev->flags);
++ if (!conf->mddev->external &&
++ conf->mddev->flags) {
++ /* It is very unlikely, but we might
++ * still need to write out the
++ * bad block log - better give it
++ * a chance*/
++ md_check_recovery(conf->mddev);
++ }
++ /*
++ * Because md_wait_for_blocked_rdev
++ * will dec nr_pending, we must
++ * increment it first.
++ */
++ atomic_inc(&rdev->nr_pending);
++ md_wait_for_blocked_rdev(rdev, conf->mddev);
++ } else {
++ /* Acknowledged bad block - skip the write */
++ rdev_dec_pending(rdev, conf->mddev);
++ rdev = NULL;
++ }
++ }
++
++ if (rdev) {
++ if (s->syncing || s->expanding || s->expanded
++ || s->replacing)
++ md_sync_acct(rdev->bdev, STRIPE_SECTORS);
++
++ set_bit(STRIPE_IO_STARTED, &sh->state);
++
++ bio_reset(bi);
++ bi->bi_bdev = rdev->bdev;
++ bi->bi_rw = rw;
++ bi->bi_end_io = (rw & WRITE)
++ ? raid5_end_write_request
++ : raid5_end_read_request;
++ bi->bi_private = sh;
++
++ pr_debug("%s: for %llu schedule op %ld on disc %d\n",
++ __func__, (unsigned long long)sh->sector,
++ bi->bi_rw, i);
++ atomic_inc(&sh->count);
++ if (use_new_offset(conf, sh))
++ bi->bi_iter.bi_sector = (sh->sector
++ + rdev->new_data_offset);
++ else
++ bi->bi_iter.bi_sector = (sh->sector
++ + rdev->data_offset);
++ if (test_bit(R5_ReadNoMerge, &sh->dev[i].flags))
++ bi->bi_rw |= REQ_NOMERGE;
++
++ if (test_bit(R5_SkipCopy, &sh->dev[i].flags))
++ WARN_ON(test_bit(R5_UPTODATE, &sh->dev[i].flags));
++ sh->dev[i].vec.bv_page = sh->dev[i].page;
++ bi->bi_vcnt = 1;
++ bi->bi_io_vec[0].bv_len = STRIPE_SIZE;
++ bi->bi_io_vec[0].bv_offset = 0;
++ bi->bi_iter.bi_size = STRIPE_SIZE;
++ /*
++ * If this is discard request, set bi_vcnt 0. We don't
++ * want to confuse SCSI because SCSI will replace payload
++ */
++ if (rw & REQ_DISCARD)
++ bi->bi_vcnt = 0;
++ if (rrdev)
++ set_bit(R5_DOUBLE_LOCKED, &sh->dev[i].flags);
++
++ if (conf->mddev->gendisk)
++ trace_block_bio_remap(bdev_get_queue(bi->bi_bdev),
++ bi, disk_devt(conf->mddev->gendisk),
++ sh->dev[i].sector);
++ generic_make_request(bi);
++ }
++ if (rrdev) {
++ if (s->syncing || s->expanding || s->expanded
++ || s->replacing)
++ md_sync_acct(rrdev->bdev, STRIPE_SECTORS);
++
++ set_bit(STRIPE_IO_STARTED, &sh->state);
++
++ bio_reset(rbi);
++ rbi->bi_bdev = rrdev->bdev;
++ rbi->bi_rw = rw;
++ BUG_ON(!(rw & WRITE));
++ rbi->bi_end_io = raid5_end_write_request;
++ rbi->bi_private = sh;
++
++ pr_debug("%s: for %llu schedule op %ld on "
++ "replacement disc %d\n",
++ __func__, (unsigned long long)sh->sector,
++ rbi->bi_rw, i);
++ atomic_inc(&sh->count);
++ if (use_new_offset(conf, sh))
++ rbi->bi_iter.bi_sector = (sh->sector
++ + rrdev->new_data_offset);
++ else
++ rbi->bi_iter.bi_sector = (sh->sector
++ + rrdev->data_offset);
++ if (test_bit(R5_SkipCopy, &sh->dev[i].flags))
++ WARN_ON(test_bit(R5_UPTODATE, &sh->dev[i].flags));
++ sh->dev[i].rvec.bv_page = sh->dev[i].page;
++ rbi->bi_vcnt = 1;
++ rbi->bi_io_vec[0].bv_len = STRIPE_SIZE;
++ rbi->bi_io_vec[0].bv_offset = 0;
++ rbi->bi_iter.bi_size = STRIPE_SIZE;
++ /*
++ * If this is discard request, set bi_vcnt 0. We don't
++ * want to confuse SCSI because SCSI will replace payload
++ */
++ if (rw & REQ_DISCARD)
++ rbi->bi_vcnt = 0;
++ if (conf->mddev->gendisk)
++ trace_block_bio_remap(bdev_get_queue(rbi->bi_bdev),
++ rbi, disk_devt(conf->mddev->gendisk),
++ sh->dev[i].sector);
++ generic_make_request(rbi);
++ }
++ if (!rdev && !rrdev) {
++ if (rw & WRITE)
++ set_bit(STRIPE_DEGRADED, &sh->state);
++ pr_debug("skip op %ld on disc %d for sector %llu\n",
++ bi->bi_rw, i, (unsigned long long)sh->sector);
++ clear_bit(R5_LOCKED, &sh->dev[i].flags);
++ set_bit(STRIPE_HANDLE, &sh->state);
++ }
++ }
++}
++
++static struct dma_async_tx_descriptor *
++async_copy_data(int frombio, struct bio *bio, struct page **page,
++ sector_t sector, struct dma_async_tx_descriptor *tx,
++ struct stripe_head *sh)
++{
++ struct bio_vec bvl;
++ struct bvec_iter iter;
++ struct page *bio_page;
++ int page_offset;
++ struct async_submit_ctl submit;
++ enum async_tx_flags flags = 0;
++
++ if (bio->bi_iter.bi_sector >= sector)
++ page_offset = (signed)(bio->bi_iter.bi_sector - sector) * 512;
++ else
++ page_offset = (signed)(sector - bio->bi_iter.bi_sector) * -512;
++
++ if (frombio)
++ flags |= ASYNC_TX_FENCE;
++ init_async_submit(&submit, flags, tx, NULL, NULL, NULL);
++
++ bio_for_each_segment(bvl, bio, iter) {
++ int len = bvl.bv_len;
++ int clen;
++ int b_offset = 0;
++
++ if (page_offset < 0) {
++ b_offset = -page_offset;
++ page_offset += b_offset;
++ len -= b_offset;
++ }
++
++ if (len > 0 && page_offset + len > STRIPE_SIZE)
++ clen = STRIPE_SIZE - page_offset;
++ else
++ clen = len;
++
++ if (clen > 0) {
++ b_offset += bvl.bv_offset;
++ bio_page = bvl.bv_page;
++ if (frombio) {
++ if (sh->raid_conf->skip_copy &&
++ b_offset == 0 && page_offset == 0 &&
++ clen == STRIPE_SIZE)
++ *page = bio_page;
++ else
++ tx = async_memcpy(*page, bio_page, page_offset,
++ b_offset, clen, &submit);
++ } else
++ tx = async_memcpy(bio_page, *page, b_offset,
++ page_offset, clen, &submit);
++ }
++ /* chain the operations */
++ submit.depend_tx = tx;
++
++ if (clen < len) /* hit end of page */
++ break;
++ page_offset += len;
++ }
++
++ return tx;
++}
++
++static void ops_complete_biofill(void *stripe_head_ref)
++{
++ struct stripe_head *sh = stripe_head_ref;
++ struct bio *return_bi = NULL;
++ int i;
++
++ pr_debug("%s: stripe %llu\n", __func__,
++ (unsigned long long)sh->sector);
++
++ /* clear completed biofills */
++ for (i = sh->disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++
++ /* acknowledge completion of a biofill operation */
++ /* and check if we need to reply to a read request,
++ * new R5_Wantfill requests are held off until
++ * !STRIPE_BIOFILL_RUN
++ */
++ if (test_and_clear_bit(R5_Wantfill, &dev->flags)) {
++ struct bio *rbi, *rbi2;
++
++ BUG_ON(!dev->read);
++ rbi = dev->read;
++ dev->read = NULL;
++ while (rbi && rbi->bi_iter.bi_sector <
++ dev->sector + STRIPE_SECTORS) {
++ rbi2 = r5_next_bio(rbi, dev->sector);
++ if (!raid5_dec_bi_active_stripes(rbi)) {
++ rbi->bi_next = return_bi;
++ return_bi = rbi;
++ }
++ rbi = rbi2;
++ }
++ }
++ }
++ clear_bit(STRIPE_BIOFILL_RUN, &sh->state);
++
++ return_io(return_bi);
++
++ set_bit(STRIPE_HANDLE, &sh->state);
++ release_stripe(sh);
++}
++
++static void ops_run_biofill(struct stripe_head *sh)
++{
++ struct dma_async_tx_descriptor *tx = NULL;
++ struct async_submit_ctl submit;
++ int i;
++
++ pr_debug("%s: stripe %llu\n", __func__,
++ (unsigned long long)sh->sector);
++
++ for (i = sh->disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++ if (test_bit(R5_Wantfill, &dev->flags)) {
++ struct bio *rbi;
++ spin_lock_irq(&sh->stripe_lock);
++ dev->read = rbi = dev->toread;
++ dev->toread = NULL;
++ spin_unlock_irq(&sh->stripe_lock);
++ while (rbi && rbi->bi_iter.bi_sector <
++ dev->sector + STRIPE_SECTORS) {
++ tx = async_copy_data(0, rbi, &dev->page,
++ dev->sector, tx, sh);
++ rbi = r5_next_bio(rbi, dev->sector);
++ }
++ }
++ }
++
++ atomic_inc(&sh->count);
++ init_async_submit(&submit, ASYNC_TX_ACK, tx, ops_complete_biofill, sh, NULL);
++ async_trigger_callback(&submit);
++}
++
++static void mark_target_uptodate(struct stripe_head *sh, int target)
++{
++ struct r5dev *tgt;
++
++ if (target < 0)
++ return;
++
++ tgt = &sh->dev[target];
++ set_bit(R5_UPTODATE, &tgt->flags);
++ BUG_ON(!test_bit(R5_Wantcompute, &tgt->flags));
++ clear_bit(R5_Wantcompute, &tgt->flags);
++}
++
++static void ops_complete_compute(void *stripe_head_ref)
++{
++ struct stripe_head *sh = stripe_head_ref;
++
++ pr_debug("%s: stripe %llu\n", __func__,
++ (unsigned long long)sh->sector);
++
++ /* mark the computed target(s) as uptodate */
++ mark_target_uptodate(sh, sh->ops.target);
++ mark_target_uptodate(sh, sh->ops.target2);
++
++ clear_bit(STRIPE_COMPUTE_RUN, &sh->state);
++ if (sh->check_state == check_state_compute_run)
++ sh->check_state = check_state_compute_result;
++ set_bit(STRIPE_HANDLE, &sh->state);
++ release_stripe(sh);
++}
++
++/* return a pointer to the address conversion region of the scribble buffer */
++static addr_conv_t *to_addr_conv(struct stripe_head *sh,
++ struct raid5_percpu *percpu)
++{
++ return percpu->scribble + sizeof(struct page *) * (sh->disks + 2);
++}
++
++static struct dma_async_tx_descriptor *
++ops_run_compute5(struct stripe_head *sh, struct raid5_percpu *percpu)
++{
++ int disks = sh->disks;
++ struct page **xor_srcs = percpu->scribble;
++ int target = sh->ops.target;
++ struct r5dev *tgt = &sh->dev[target];
++ struct page *xor_dest = tgt->page;
++ int count = 0;
++ struct dma_async_tx_descriptor *tx;
++ struct async_submit_ctl submit;
++ int i;
++
++ pr_debug("%s: stripe %llu block: %d\n",
++ __func__, (unsigned long long)sh->sector, target);
++ BUG_ON(!test_bit(R5_Wantcompute, &tgt->flags));
++
++ for (i = disks; i--; )
++ if (i != target)
++ xor_srcs[count++] = sh->dev[i].page;
++
++ atomic_inc(&sh->count);
++
++ init_async_submit(&submit, ASYNC_TX_FENCE|ASYNC_TX_XOR_ZERO_DST, NULL,
++ ops_complete_compute, sh, to_addr_conv(sh, percpu));
++ if (unlikely(count == 1))
++ tx = async_memcpy(xor_dest, xor_srcs[0], 0, 0, STRIPE_SIZE, &submit);
++ else
++ tx = async_xor(xor_dest, xor_srcs, 0, count, STRIPE_SIZE, &submit);
++
++ return tx;
++}
++
++/* set_syndrome_sources - populate source buffers for gen_syndrome
++ * @srcs - (struct page *) array of size sh->disks
++ * @sh - stripe_head to parse
++ *
++ * Populates srcs in proper layout order for the stripe and returns the
++ * 'count' of sources to be used in a call to async_gen_syndrome. The P
++ * destination buffer is recorded in srcs[count] and the Q destination
++ * is recorded in srcs[count+1]].
++ */
++static int set_syndrome_sources(struct page **srcs, struct stripe_head *sh)
++{
++ int disks = sh->disks;
++ int syndrome_disks = sh->ddf_layout ? disks : (disks - 2);
++ int d0_idx = raid6_d0(sh);
++ int count;
++ int i;
++
++ for (i = 0; i < disks; i++)
++ srcs[i] = NULL;
++
++ count = 0;
++ i = d0_idx;
++ do {
++ int slot = raid6_idx_to_slot(i, sh, &count, syndrome_disks);
++
++ srcs[slot] = sh->dev[i].page;
++ i = raid6_next_disk(i, disks);
++ } while (i != d0_idx);
++
++ return syndrome_disks;
++}
++
++static struct dma_async_tx_descriptor *
++ops_run_compute6_1(struct stripe_head *sh, struct raid5_percpu *percpu)
++{
++ int disks = sh->disks;
++ struct page **blocks = percpu->scribble;
++ int target;
++ int qd_idx = sh->qd_idx;
++ struct dma_async_tx_descriptor *tx;
++ struct async_submit_ctl submit;
++ struct r5dev *tgt;
++ struct page *dest;
++ int i;
++ int count;
++
++ if (sh->ops.target < 0)
++ target = sh->ops.target2;
++ else if (sh->ops.target2 < 0)
++ target = sh->ops.target;
++ else
++ /* we should only have one valid target */
++ BUG();
++ BUG_ON(target < 0);
++ pr_debug("%s: stripe %llu block: %d\n",
++ __func__, (unsigned long long)sh->sector, target);
++
++ tgt = &sh->dev[target];
++ BUG_ON(!test_bit(R5_Wantcompute, &tgt->flags));
++ dest = tgt->page;
++
++ atomic_inc(&sh->count);
++
++ if (target == qd_idx) {
++ count = set_syndrome_sources(blocks, sh);
++ blocks[count] = NULL; /* regenerating p is not necessary */
++ BUG_ON(blocks[count+1] != dest); /* q should already be set */
++ init_async_submit(&submit, ASYNC_TX_FENCE, NULL,
++ ops_complete_compute, sh,
++ to_addr_conv(sh, percpu));
++ tx = async_gen_syndrome(blocks, 0, count+2, STRIPE_SIZE, &submit);
++ } else {
++ /* Compute any data- or p-drive using XOR */
++ count = 0;
++ for (i = disks; i-- ; ) {
++ if (i == target || i == qd_idx)
++ continue;
++ blocks[count++] = sh->dev[i].page;
++ }
++
++ init_async_submit(&submit, ASYNC_TX_FENCE|ASYNC_TX_XOR_ZERO_DST,
++ NULL, ops_complete_compute, sh,
++ to_addr_conv(sh, percpu));
++ tx = async_xor(dest, blocks, 0, count, STRIPE_SIZE, &submit);
++ }
++
++ return tx;
++}
++
++static struct dma_async_tx_descriptor *
++ops_run_compute6_2(struct stripe_head *sh, struct raid5_percpu *percpu)
++{
++ int i, count, disks = sh->disks;
++ int syndrome_disks = sh->ddf_layout ? disks : disks-2;
++ int d0_idx = raid6_d0(sh);
++ int faila = -1, failb = -1;
++ int target = sh->ops.target;
++ int target2 = sh->ops.target2;
++ struct r5dev *tgt = &sh->dev[target];
++ struct r5dev *tgt2 = &sh->dev[target2];
++ struct dma_async_tx_descriptor *tx;
++ struct page **blocks = percpu->scribble;
++ struct async_submit_ctl submit;
++
++ pr_debug("%s: stripe %llu block1: %d block2: %d\n",
++ __func__, (unsigned long long)sh->sector, target, target2);
++ BUG_ON(target < 0 || target2 < 0);
++ BUG_ON(!test_bit(R5_Wantcompute, &tgt->flags));
++ BUG_ON(!test_bit(R5_Wantcompute, &tgt2->flags));
++
++ /* we need to open-code set_syndrome_sources to handle the
++ * slot number conversion for 'faila' and 'failb'
++ */
++ for (i = 0; i < disks ; i++)
++ blocks[i] = NULL;
++ count = 0;
++ i = d0_idx;
++ do {
++ int slot = raid6_idx_to_slot(i, sh, &count, syndrome_disks);
++
++ blocks[slot] = sh->dev[i].page;
++
++ if (i == target)
++ faila = slot;
++ if (i == target2)
++ failb = slot;
++ i = raid6_next_disk(i, disks);
++ } while (i != d0_idx);
++
++ BUG_ON(faila == failb);
++ if (failb < faila)
++ swap(faila, failb);
++ pr_debug("%s: stripe: %llu faila: %d failb: %d\n",
++ __func__, (unsigned long long)sh->sector, faila, failb);
++
++ atomic_inc(&sh->count);
++
++ if (failb == syndrome_disks+1) {
++ /* Q disk is one of the missing disks */
++ if (faila == syndrome_disks) {
++ /* Missing P+Q, just recompute */
++ init_async_submit(&submit, ASYNC_TX_FENCE, NULL,
++ ops_complete_compute, sh,
++ to_addr_conv(sh, percpu));
++ return async_gen_syndrome(blocks, 0, syndrome_disks+2,
++ STRIPE_SIZE, &submit);
++ } else {
++ struct page *dest;
++ int data_target;
++ int qd_idx = sh->qd_idx;
++
++ /* Missing D+Q: recompute D from P, then recompute Q */
++ if (target == qd_idx)
++ data_target = target2;
++ else
++ data_target = target;
++
++ count = 0;
++ for (i = disks; i-- ; ) {
++ if (i == data_target || i == qd_idx)
++ continue;
++ blocks[count++] = sh->dev[i].page;
++ }
++ dest = sh->dev[data_target].page;
++ init_async_submit(&submit,
++ ASYNC_TX_FENCE|ASYNC_TX_XOR_ZERO_DST,
++ NULL, NULL, NULL,
++ to_addr_conv(sh, percpu));
++ tx = async_xor(dest, blocks, 0, count, STRIPE_SIZE,
++ &submit);
++
++ count = set_syndrome_sources(blocks, sh);
++ init_async_submit(&submit, ASYNC_TX_FENCE, tx,
++ ops_complete_compute, sh,
++ to_addr_conv(sh, percpu));
++ return async_gen_syndrome(blocks, 0, count+2,
++ STRIPE_SIZE, &submit);
++ }
++ } else {
++ init_async_submit(&submit, ASYNC_TX_FENCE, NULL,
++ ops_complete_compute, sh,
++ to_addr_conv(sh, percpu));
++ if (failb == syndrome_disks) {
++ /* We're missing D+P. */
++ return async_raid6_datap_recov(syndrome_disks+2,
++ STRIPE_SIZE, faila,
++ blocks, &submit);
++ } else {
++ /* We're missing D+D. */
++ return async_raid6_2data_recov(syndrome_disks+2,
++ STRIPE_SIZE, faila, failb,
++ blocks, &submit);
++ }
++ }
++}
++
++static void ops_complete_prexor(void *stripe_head_ref)
++{
++ struct stripe_head *sh = stripe_head_ref;
++
++ pr_debug("%s: stripe %llu\n", __func__,
++ (unsigned long long)sh->sector);
++}
++
++static struct dma_async_tx_descriptor *
++ops_run_prexor(struct stripe_head *sh, struct raid5_percpu *percpu,
++ struct dma_async_tx_descriptor *tx)
++{
++ int disks = sh->disks;
++ struct page **xor_srcs = percpu->scribble;
++ int count = 0, pd_idx = sh->pd_idx, i;
++ struct async_submit_ctl submit;
++
++ /* existing parity data subtracted */
++ struct page *xor_dest = xor_srcs[count++] = sh->dev[pd_idx].page;
++
++ pr_debug("%s: stripe %llu\n", __func__,
++ (unsigned long long)sh->sector);
++
++ for (i = disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++ /* Only process blocks that are known to be uptodate */
++ if (test_bit(R5_Wantdrain, &dev->flags))
++ xor_srcs[count++] = dev->page;
++ }
++
++ init_async_submit(&submit, ASYNC_TX_FENCE|ASYNC_TX_XOR_DROP_DST, tx,
++ ops_complete_prexor, sh, to_addr_conv(sh, percpu));
++ tx = async_xor(xor_dest, xor_srcs, 0, count, STRIPE_SIZE, &submit);
++
++ return tx;
++}
++
++static struct dma_async_tx_descriptor *
++ops_run_biodrain(struct stripe_head *sh, struct dma_async_tx_descriptor *tx)
++{
++ int disks = sh->disks;
++ int i;
++
++ pr_debug("%s: stripe %llu\n", __func__,
++ (unsigned long long)sh->sector);
++
++ for (i = disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++ struct bio *chosen;
++
++ if (test_and_clear_bit(R5_Wantdrain, &dev->flags)) {
++ struct bio *wbi;
++
++ spin_lock_irq(&sh->stripe_lock);
++ chosen = dev->towrite;
++ dev->towrite = NULL;
++ BUG_ON(dev->written);
++ wbi = dev->written = chosen;
++ spin_unlock_irq(&sh->stripe_lock);
++ WARN_ON(dev->page != dev->orig_page);
++
++ while (wbi && wbi->bi_iter.bi_sector <
++ dev->sector + STRIPE_SECTORS) {
++ if (wbi->bi_rw & REQ_FUA)
++ set_bit(R5_WantFUA, &dev->flags);
++ if (wbi->bi_rw & REQ_SYNC)
++ set_bit(R5_SyncIO, &dev->flags);
++ if (wbi->bi_rw & REQ_DISCARD)
++ set_bit(R5_Discard, &dev->flags);
++ else {
++ tx = async_copy_data(1, wbi, &dev->page,
++ dev->sector, tx, sh);
++ if (dev->page != dev->orig_page) {
++ set_bit(R5_SkipCopy, &dev->flags);
++ clear_bit(R5_UPTODATE, &dev->flags);
++ clear_bit(R5_OVERWRITE, &dev->flags);
++ }
++ }
++ wbi = r5_next_bio(wbi, dev->sector);
++ }
++ }
++ }
++
++ return tx;
++}
++
++static void ops_complete_reconstruct(void *stripe_head_ref)
++{
++ struct stripe_head *sh = stripe_head_ref;
++ int disks = sh->disks;
++ int pd_idx = sh->pd_idx;
++ int qd_idx = sh->qd_idx;
++ int i;
++ bool fua = false, sync = false, discard = false;
++
++ pr_debug("%s: stripe %llu\n", __func__,
++ (unsigned long long)sh->sector);
++
++ for (i = disks; i--; ) {
++ fua |= test_bit(R5_WantFUA, &sh->dev[i].flags);
++ sync |= test_bit(R5_SyncIO, &sh->dev[i].flags);
++ discard |= test_bit(R5_Discard, &sh->dev[i].flags);
++ }
++
++ for (i = disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++
++ if (dev->written || i == pd_idx || i == qd_idx) {
++ if (!discard && !test_bit(R5_SkipCopy, &dev->flags))
++ set_bit(R5_UPTODATE, &dev->flags);
++ if (fua)
++ set_bit(R5_WantFUA, &dev->flags);
++ if (sync)
++ set_bit(R5_SyncIO, &dev->flags);
++ }
++ }
++
++ if (sh->reconstruct_state == reconstruct_state_drain_run)
++ sh->reconstruct_state = reconstruct_state_drain_result;
++ else if (sh->reconstruct_state == reconstruct_state_prexor_drain_run)
++ sh->reconstruct_state = reconstruct_state_prexor_drain_result;
++ else {
++ BUG_ON(sh->reconstruct_state != reconstruct_state_run);
++ sh->reconstruct_state = reconstruct_state_result;
++ }
++
++ set_bit(STRIPE_HANDLE, &sh->state);
++ release_stripe(sh);
++}
++
++static void
++ops_run_reconstruct5(struct stripe_head *sh, struct raid5_percpu *percpu,
++ struct dma_async_tx_descriptor *tx)
++{
++ int disks = sh->disks;
++ struct page **xor_srcs = percpu->scribble;
++ struct async_submit_ctl submit;
++ int count = 0, pd_idx = sh->pd_idx, i;
++ struct page *xor_dest;
++ int prexor = 0;
++ unsigned long flags;
++
++ pr_debug("%s: stripe %llu\n", __func__,
++ (unsigned long long)sh->sector);
++
++ for (i = 0; i < sh->disks; i++) {
++ if (pd_idx == i)
++ continue;
++ if (!test_bit(R5_Discard, &sh->dev[i].flags))
++ break;
++ }
++ if (i >= sh->disks) {
++ atomic_inc(&sh->count);
++ set_bit(R5_Discard, &sh->dev[pd_idx].flags);
++ ops_complete_reconstruct(sh);
++ return;
++ }
++ /* check if prexor is active which means only process blocks
++ * that are part of a read-modify-write (written)
++ */
++ if (sh->reconstruct_state == reconstruct_state_prexor_drain_run) {
++ prexor = 1;
++ xor_dest = xor_srcs[count++] = sh->dev[pd_idx].page;
++ for (i = disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++ if (dev->written)
++ xor_srcs[count++] = dev->page;
++ }
++ } else {
++ xor_dest = sh->dev[pd_idx].page;
++ for (i = disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++ if (i != pd_idx)
++ xor_srcs[count++] = dev->page;
++ }
++ }
++
++ /* 1/ if we prexor'd then the dest is reused as a source
++ * 2/ if we did not prexor then we are redoing the parity
++ * set ASYNC_TX_XOR_DROP_DST and ASYNC_TX_XOR_ZERO_DST
++ * for the synchronous xor case
++ */
++ flags = ASYNC_TX_ACK |
++ (prexor ? ASYNC_TX_XOR_DROP_DST : ASYNC_TX_XOR_ZERO_DST);
++
++ atomic_inc(&sh->count);
++
++ init_async_submit(&submit, flags, tx, ops_complete_reconstruct, sh,
++ to_addr_conv(sh, percpu));
++ if (unlikely(count == 1))
++ tx = async_memcpy(xor_dest, xor_srcs[0], 0, 0, STRIPE_SIZE, &submit);
++ else
++ tx = async_xor(xor_dest, xor_srcs, 0, count, STRIPE_SIZE, &submit);
++}
++
++static void
++ops_run_reconstruct6(struct stripe_head *sh, struct raid5_percpu *percpu,
++ struct dma_async_tx_descriptor *tx)
++{
++ struct async_submit_ctl submit;
++ struct page **blocks = percpu->scribble;
++ int count, i;
++
++ pr_debug("%s: stripe %llu\n", __func__, (unsigned long long)sh->sector);
++
++ for (i = 0; i < sh->disks; i++) {
++ if (sh->pd_idx == i || sh->qd_idx == i)
++ continue;
++ if (!test_bit(R5_Discard, &sh->dev[i].flags))
++ break;
++ }
++ if (i >= sh->disks) {
++ atomic_inc(&sh->count);
++ set_bit(R5_Discard, &sh->dev[sh->pd_idx].flags);
++ set_bit(R5_Discard, &sh->dev[sh->qd_idx].flags);
++ ops_complete_reconstruct(sh);
++ return;
++ }
++
++ count = set_syndrome_sources(blocks, sh);
++
++ atomic_inc(&sh->count);
++
++ init_async_submit(&submit, ASYNC_TX_ACK, tx, ops_complete_reconstruct,
++ sh, to_addr_conv(sh, percpu));
++ async_gen_syndrome(blocks, 0, count+2, STRIPE_SIZE, &submit);
++}
++
++static void ops_complete_check(void *stripe_head_ref)
++{
++ struct stripe_head *sh = stripe_head_ref;
++
++ pr_debug("%s: stripe %llu\n", __func__,
++ (unsigned long long)sh->sector);
++
++ sh->check_state = check_state_check_result;
++ set_bit(STRIPE_HANDLE, &sh->state);
++ release_stripe(sh);
++}
++
++static void ops_run_check_p(struct stripe_head *sh, struct raid5_percpu *percpu)
++{
++ int disks = sh->disks;
++ int pd_idx = sh->pd_idx;
++ int qd_idx = sh->qd_idx;
++ struct page *xor_dest;
++ struct page **xor_srcs = percpu->scribble;
++ struct dma_async_tx_descriptor *tx;
++ struct async_submit_ctl submit;
++ int count;
++ int i;
++
++ pr_debug("%s: stripe %llu\n", __func__,
++ (unsigned long long)sh->sector);
++
++ count = 0;
++ xor_dest = sh->dev[pd_idx].page;
++ xor_srcs[count++] = xor_dest;
++ for (i = disks; i--; ) {
++ if (i == pd_idx || i == qd_idx)
++ continue;
++ xor_srcs[count++] = sh->dev[i].page;
++ }
++
++ init_async_submit(&submit, 0, NULL, NULL, NULL,
++ to_addr_conv(sh, percpu));
++ tx = async_xor_val(xor_dest, xor_srcs, 0, count, STRIPE_SIZE,
++ &sh->ops.zero_sum_result, &submit);
++
++ atomic_inc(&sh->count);
++ init_async_submit(&submit, ASYNC_TX_ACK, tx, ops_complete_check, sh, NULL);
++ tx = async_trigger_callback(&submit);
++}
++
++static void ops_run_check_pq(struct stripe_head *sh, struct raid5_percpu *percpu, int checkp)
++{
++ struct page **srcs = percpu->scribble;
++ struct async_submit_ctl submit;
++ int count;
++
++ pr_debug("%s: stripe %llu checkp: %d\n", __func__,
++ (unsigned long long)sh->sector, checkp);
++
++ count = set_syndrome_sources(srcs, sh);
++ if (!checkp)
++ srcs[count] = NULL;
++
++ atomic_inc(&sh->count);
++ init_async_submit(&submit, ASYNC_TX_ACK, NULL, ops_complete_check,
++ sh, to_addr_conv(sh, percpu));
++ async_syndrome_val(srcs, 0, count+2, STRIPE_SIZE,
++ &sh->ops.zero_sum_result, percpu->spare_page, &submit);
++}
++
++static void raid_run_ops(struct stripe_head *sh, unsigned long ops_request)
++{
++ int overlap_clear = 0, i, disks = sh->disks;
++ struct dma_async_tx_descriptor *tx = NULL;
++ struct r5conf *conf = sh->raid_conf;
++ int level = conf->level;
++ struct raid5_percpu *percpu;
++ unsigned long cpu;
++
++ cpu = get_cpu();
++ percpu = per_cpu_ptr(conf->percpu, cpu);
++ if (test_bit(STRIPE_OP_BIOFILL, &ops_request)) {
++ ops_run_biofill(sh);
++ overlap_clear++;
++ }
++
++ if (test_bit(STRIPE_OP_COMPUTE_BLK, &ops_request)) {
++ if (level < 6)
++ tx = ops_run_compute5(sh, percpu);
++ else {
++ if (sh->ops.target2 < 0 || sh->ops.target < 0)
++ tx = ops_run_compute6_1(sh, percpu);
++ else
++ tx = ops_run_compute6_2(sh, percpu);
++ }
++ /* terminate the chain if reconstruct is not set to be run */
++ if (tx && !test_bit(STRIPE_OP_RECONSTRUCT, &ops_request))
++ async_tx_ack(tx);
++ }
++
++ if (test_bit(STRIPE_OP_PREXOR, &ops_request))
++ tx = ops_run_prexor(sh, percpu, tx);
++
++ if (test_bit(STRIPE_OP_BIODRAIN, &ops_request)) {
++ tx = ops_run_biodrain(sh, tx);
++ overlap_clear++;
++ }
++
++ if (test_bit(STRIPE_OP_RECONSTRUCT, &ops_request)) {
++ if (level < 6)
++ ops_run_reconstruct5(sh, percpu, tx);
++ else
++ ops_run_reconstruct6(sh, percpu, tx);
++ }
++
++ if (test_bit(STRIPE_OP_CHECK, &ops_request)) {
++ if (sh->check_state == check_state_run)
++ ops_run_check_p(sh, percpu);
++ else if (sh->check_state == check_state_run_q)
++ ops_run_check_pq(sh, percpu, 0);
++ else if (sh->check_state == check_state_run_pq)
++ ops_run_check_pq(sh, percpu, 1);
++ else
++ BUG();
++ }
++
++ if (overlap_clear)
++ for (i = disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++ if (test_and_clear_bit(R5_Overlap, &dev->flags))
++ wake_up(&sh->raid_conf->wait_for_overlap);
++ }
++ put_cpu();
++}
++
++static int grow_one_stripe(struct r5conf *conf, int hash)
++{
++ struct stripe_head *sh;
++ sh = kmem_cache_zalloc(conf->slab_cache, GFP_KERNEL);
++ if (!sh)
++ return 0;
++
++ sh->raid_conf = conf;
++
++ spin_lock_init(&sh->stripe_lock);
++
++ if (grow_buffers(sh)) {
++ shrink_buffers(sh);
++ kmem_cache_free(conf->slab_cache, sh);
++ return 0;
++ }
++ sh->hash_lock_index = hash;
++ /* we just created an active stripe so... */
++ atomic_set(&sh->count, 1);
++ atomic_inc(&conf->active_stripes);
++ INIT_LIST_HEAD(&sh->lru);
++ release_stripe(sh);
++ return 1;
++}
++
++static int grow_stripes(struct r5conf *conf, int num)
++{
++ struct kmem_cache *sc;
++ int devs = max(conf->raid_disks, conf->previous_raid_disks);
++ int hash;
++
++ if (conf->mddev->gendisk)
++ sprintf(conf->cache_name[0],
++ "raid%d-%s", conf->level, mdname(conf->mddev));
++ else
++ sprintf(conf->cache_name[0],
++ "raid%d-%p", conf->level, conf->mddev);
++ sprintf(conf->cache_name[1], "%s-alt", conf->cache_name[0]);
++
++ conf->active_name = 0;
++ sc = kmem_cache_create(conf->cache_name[conf->active_name],
++ sizeof(struct stripe_head)+(devs-1)*sizeof(struct r5dev),
++ 0, 0, NULL);
++ if (!sc)
++ return 1;
++ conf->slab_cache = sc;
++ conf->pool_size = devs;
++ hash = conf->max_nr_stripes % NR_STRIPE_HASH_LOCKS;
++ while (num--) {
++ if (!grow_one_stripe(conf, hash))
++ return 1;
++ conf->max_nr_stripes++;
++ hash = (hash + 1) % NR_STRIPE_HASH_LOCKS;
++ }
++ return 0;
++}
++
++/**
++ * scribble_len - return the required size of the scribble region
++ * @num - total number of disks in the array
++ *
++ * The size must be enough to contain:
++ * 1/ a struct page pointer for each device in the array +2
++ * 2/ room to convert each entry in (1) to its corresponding dma
++ * (dma_map_page()) or page (page_address()) address.
++ *
++ * Note: the +2 is for the destination buffers of the ddf/raid6 case where we
++ * calculate over all devices (not just the data blocks), using zeros in place
++ * of the P and Q blocks.
++ */
++static size_t scribble_len(int num)
++{
++ size_t len;
++
++ len = sizeof(struct page *) * (num+2) + sizeof(addr_conv_t) * (num+2);
++
++ return len;
++}
++
++static int resize_stripes(struct r5conf *conf, int newsize)
++{
++ /* Make all the stripes able to hold 'newsize' devices.
++ * New slots in each stripe get 'page' set to a new page.
++ *
++ * This happens in stages:
++ * 1/ create a new kmem_cache and allocate the required number of
++ * stripe_heads.
++ * 2/ gather all the old stripe_heads and transfer the pages across
++ * to the new stripe_heads. This will have the side effect of
++ * freezing the array as once all stripe_heads have been collected,
++ * no IO will be possible. Old stripe heads are freed once their
++ * pages have been transferred over, and the old kmem_cache is
++ * freed when all stripes are done.
++ * 3/ reallocate conf->disks to be suitable bigger. If this fails,
++ * we simple return a failre status - no need to clean anything up.
++ * 4/ allocate new pages for the new slots in the new stripe_heads.
++ * If this fails, we don't bother trying the shrink the
++ * stripe_heads down again, we just leave them as they are.
++ * As each stripe_head is processed the new one is released into
++ * active service.
++ *
++ * Once step2 is started, we cannot afford to wait for a write,
++ * so we use GFP_NOIO allocations.
++ */
++ struct stripe_head *osh, *nsh;
++ LIST_HEAD(newstripes);
++ struct disk_info *ndisks;
++ unsigned long cpu;
++ int err;
++ struct kmem_cache *sc;
++ int i;
++ int hash, cnt;
++
++ if (newsize <= conf->pool_size)
++ return 0; /* never bother to shrink */
++
++ err = md_allow_write(conf->mddev);
++ if (err)
++ return err;
++
++ /* Step 1 */
++ sc = kmem_cache_create(conf->cache_name[1-conf->active_name],
++ sizeof(struct stripe_head)+(newsize-1)*sizeof(struct r5dev),
++ 0, 0, NULL);
++ if (!sc)
++ return -ENOMEM;
++
++ for (i = conf->max_nr_stripes; i; i--) {
++ nsh = kmem_cache_zalloc(sc, GFP_KERNEL);
++ if (!nsh)
++ break;
++
++ nsh->raid_conf = conf;
++ spin_lock_init(&nsh->stripe_lock);
++
++ list_add(&nsh->lru, &newstripes);
++ }
++ if (i) {
++ /* didn't get enough, give up */
++ while (!list_empty(&newstripes)) {
++ nsh = list_entry(newstripes.next, struct stripe_head, lru);
++ list_del(&nsh->lru);
++ kmem_cache_free(sc, nsh);
++ }
++ kmem_cache_destroy(sc);
++ return -ENOMEM;
++ }
++ /* Step 2 - Must use GFP_NOIO now.
++ * OK, we have enough stripes, start collecting inactive
++ * stripes and copying them over
++ */
++ hash = 0;
++ cnt = 0;
++ list_for_each_entry(nsh, &newstripes, lru) {
++ lock_device_hash_lock(conf, hash);
++ wait_event_cmd(conf->wait_for_stripe,
++ !list_empty(conf->inactive_list + hash),
++ unlock_device_hash_lock(conf, hash),
++ lock_device_hash_lock(conf, hash));
++ osh = get_free_stripe(conf, hash);
++ unlock_device_hash_lock(conf, hash);
++ atomic_set(&nsh->count, 1);
++ for(i=0; i<conf->pool_size; i++) {
++ nsh->dev[i].page = osh->dev[i].page;
++ nsh->dev[i].orig_page = osh->dev[i].page;
++ }
++ for( ; i<newsize; i++)
++ nsh->dev[i].page = NULL;
++ nsh->hash_lock_index = hash;
++ kmem_cache_free(conf->slab_cache, osh);
++ cnt++;
++ if (cnt >= conf->max_nr_stripes / NR_STRIPE_HASH_LOCKS +
++ !!((conf->max_nr_stripes % NR_STRIPE_HASH_LOCKS) > hash)) {
++ hash++;
++ cnt = 0;
++ }
++ }
++ kmem_cache_destroy(conf->slab_cache);
++
++ /* Step 3.
++ * At this point, we are holding all the stripes so the array
++ * is completely stalled, so now is a good time to resize
++ * conf->disks and the scribble region
++ */
++ ndisks = kzalloc(newsize * sizeof(struct disk_info), GFP_NOIO);
++ if (ndisks) {
++ for (i=0; i<conf->raid_disks; i++)
++ ndisks[i] = conf->disks[i];
++ kfree(conf->disks);
++ conf->disks = ndisks;
++ } else
++ err = -ENOMEM;
++
++ get_online_cpus();
++ conf->scribble_len = scribble_len(newsize);
++ for_each_present_cpu(cpu) {
++ struct raid5_percpu *percpu;
++ void *scribble;
++
++ percpu = per_cpu_ptr(conf->percpu, cpu);
++ scribble = kmalloc(conf->scribble_len, GFP_NOIO);
++
++ if (scribble) {
++ kfree(percpu->scribble);
++ percpu->scribble = scribble;
++ } else {
++ err = -ENOMEM;
++ break;
++ }
++ }
++ put_online_cpus();
++
++ /* Step 4, return new stripes to service */
++ while(!list_empty(&newstripes)) {
++ nsh = list_entry(newstripes.next, struct stripe_head, lru);
++ list_del_init(&nsh->lru);
++
++ for (i=conf->raid_disks; i < newsize; i++)
++ if (nsh->dev[i].page == NULL) {
++ struct page *p = alloc_page(GFP_NOIO);
++ nsh->dev[i].page = p;
++ nsh->dev[i].orig_page = p;
++ if (!p)
++ err = -ENOMEM;
++ }
++ release_stripe(nsh);
++ }
++ /* critical section pass, GFP_NOIO no longer needed */
++
++ conf->slab_cache = sc;
++ conf->active_name = 1-conf->active_name;
++ conf->pool_size = newsize;
++ return err;
++}
++
++static int drop_one_stripe(struct r5conf *conf, int hash)
++{
++ struct stripe_head *sh;
++
++ spin_lock_irq(conf->hash_locks + hash);
++ sh = get_free_stripe(conf, hash);
++ spin_unlock_irq(conf->hash_locks + hash);
++ if (!sh)
++ return 0;
++ BUG_ON(atomic_read(&sh->count));
++ shrink_buffers(sh);
++ kmem_cache_free(conf->slab_cache, sh);
++ atomic_dec(&conf->active_stripes);
++ return 1;
++}
++
++static void shrink_stripes(struct r5conf *conf)
++{
++ int hash;
++ for (hash = 0; hash < NR_STRIPE_HASH_LOCKS; hash++)
++ while (drop_one_stripe(conf, hash))
++ ;
++
++ if (conf->slab_cache)
++ kmem_cache_destroy(conf->slab_cache);
++ conf->slab_cache = NULL;
++}
++
++static void raid5_end_read_request(struct bio * bi, int error)
++{
++ struct stripe_head *sh = bi->bi_private;
++ struct r5conf *conf = sh->raid_conf;
++ int disks = sh->disks, i;
++ int uptodate = test_bit(BIO_UPTODATE, &bi->bi_flags);
++ char b[BDEVNAME_SIZE];
++ struct md_rdev *rdev = NULL;
++ sector_t s;
++
++ for (i=0 ; i<disks; i++)
++ if (bi == &sh->dev[i].req)
++ break;
++
++ pr_debug("end_read_request %llu/%d, count: %d, uptodate %d.\n",
++ (unsigned long long)sh->sector, i, atomic_read(&sh->count),
++ uptodate);
++ if (i == disks) {
++ BUG();
++ return;
++ }
++ if (test_bit(R5_ReadRepl, &sh->dev[i].flags))
++ /* If replacement finished while this request was outstanding,
++ * 'replacement' might be NULL already.
++ * In that case it moved down to 'rdev'.
++ * rdev is not removed until all requests are finished.
++ */
++ rdev = conf->disks[i].replacement;
++ if (!rdev)
++ rdev = conf->disks[i].rdev;
++
++ if (use_new_offset(conf, sh))
++ s = sh->sector + rdev->new_data_offset;
++ else
++ s = sh->sector + rdev->data_offset;
++ if (uptodate) {
++ set_bit(R5_UPTODATE, &sh->dev[i].flags);
++ if (test_bit(R5_ReadError, &sh->dev[i].flags)) {
++ /* Note that this cannot happen on a
++ * replacement device. We just fail those on
++ * any error
++ */
++ printk_ratelimited(
++ KERN_INFO
++ "md/raid:%s: read error corrected"
++ " (%lu sectors at %llu on %s)\n",
++ mdname(conf->mddev), STRIPE_SECTORS,
++ (unsigned long long)s,
++ bdevname(rdev->bdev, b));
++ atomic_add(STRIPE_SECTORS, &rdev->corrected_errors);
++ clear_bit(R5_ReadError, &sh->dev[i].flags);
++ clear_bit(R5_ReWrite, &sh->dev[i].flags);
++ } else if (test_bit(R5_ReadNoMerge, &sh->dev[i].flags))
++ clear_bit(R5_ReadNoMerge, &sh->dev[i].flags);
++
++ if (atomic_read(&rdev->read_errors))
++ atomic_set(&rdev->read_errors, 0);
++ } else {
++ const char *bdn = bdevname(rdev->bdev, b);
++ int retry = 0;
++ int set_bad = 0;
++
++ clear_bit(R5_UPTODATE, &sh->dev[i].flags);
++ atomic_inc(&rdev->read_errors);
++ if (test_bit(R5_ReadRepl, &sh->dev[i].flags))
++ printk_ratelimited(
++ KERN_WARNING
++ "md/raid:%s: read error on replacement device "
++ "(sector %llu on %s).\n",
++ mdname(conf->mddev),
++ (unsigned long long)s,
++ bdn);
++ else if (conf->mddev->degraded >= conf->max_degraded) {
++ set_bad = 1;
++ printk_ratelimited(
++ KERN_WARNING
++ "md/raid:%s: read error not correctable "
++ "(sector %llu on %s).\n",
++ mdname(conf->mddev),
++ (unsigned long long)s,
++ bdn);
++ } else if (test_bit(R5_ReWrite, &sh->dev[i].flags)) {
++ /* Oh, no!!! */
++ set_bad = 1;
++ printk_ratelimited(
++ KERN_WARNING
++ "md/raid:%s: read error NOT corrected!! "
++ "(sector %llu on %s).\n",
++ mdname(conf->mddev),
++ (unsigned long long)s,
++ bdn);
++ } else if (atomic_read(&rdev->read_errors)
++ > conf->max_nr_stripes)
++ printk(KERN_WARNING
++ "md/raid:%s: Too many read errors, failing device %s.\n",
++ mdname(conf->mddev), bdn);
++ else
++ retry = 1;
++ if (set_bad && test_bit(In_sync, &rdev->flags)
++ && !test_bit(R5_ReadNoMerge, &sh->dev[i].flags))
++ retry = 1;
++ if (retry)
++ if (test_bit(R5_ReadNoMerge, &sh->dev[i].flags)) {
++ set_bit(R5_ReadError, &sh->dev[i].flags);
++ clear_bit(R5_ReadNoMerge, &sh->dev[i].flags);
++ } else
++ set_bit(R5_ReadNoMerge, &sh->dev[i].flags);
++ else {
++ clear_bit(R5_ReadError, &sh->dev[i].flags);
++ clear_bit(R5_ReWrite, &sh->dev[i].flags);
++ if (!(set_bad
++ && test_bit(In_sync, &rdev->flags)
++ && rdev_set_badblocks(
++ rdev, sh->sector, STRIPE_SECTORS, 0)))
++ md_error(conf->mddev, rdev);
++ }
++ }
++ rdev_dec_pending(rdev, conf->mddev);
++ clear_bit(R5_LOCKED, &sh->dev[i].flags);
++ set_bit(STRIPE_HANDLE, &sh->state);
++ release_stripe(sh);
++}
++
++static void raid5_end_write_request(struct bio *bi, int error)
++{
++ struct stripe_head *sh = bi->bi_private;
++ struct r5conf *conf = sh->raid_conf;
++ int disks = sh->disks, i;
++ struct md_rdev *uninitialized_var(rdev);
++ int uptodate = test_bit(BIO_UPTODATE, &bi->bi_flags);
++ sector_t first_bad;
++ int bad_sectors;
++ int replacement = 0;
++
++ for (i = 0 ; i < disks; i++) {
++ if (bi == &sh->dev[i].req) {
++ rdev = conf->disks[i].rdev;
++ break;
++ }
++ if (bi == &sh->dev[i].rreq) {
++ rdev = conf->disks[i].replacement;
++ if (rdev)
++ replacement = 1;
++ else
++ /* rdev was removed and 'replacement'
++ * replaced it. rdev is not removed
++ * until all requests are finished.
++ */
++ rdev = conf->disks[i].rdev;
++ break;
++ }
++ }
++ pr_debug("end_write_request %llu/%d, count %d, uptodate: %d.\n",
++ (unsigned long long)sh->sector, i, atomic_read(&sh->count),
++ uptodate);
++ if (i == disks) {
++ BUG();
++ return;
++ }
++
++ if (replacement) {
++ if (!uptodate)
++ md_error(conf->mddev, rdev);
++ else if (is_badblock(rdev, sh->sector,
++ STRIPE_SECTORS,
++ &first_bad, &bad_sectors))
++ set_bit(R5_MadeGoodRepl, &sh->dev[i].flags);
++ } else {
++ if (!uptodate) {
++ set_bit(STRIPE_DEGRADED, &sh->state);
++ set_bit(WriteErrorSeen, &rdev->flags);
++ set_bit(R5_WriteError, &sh->dev[i].flags);
++ if (!test_and_set_bit(WantReplacement, &rdev->flags))
++ set_bit(MD_RECOVERY_NEEDED,
++ &rdev->mddev->recovery);
++ } else if (is_badblock(rdev, sh->sector,
++ STRIPE_SECTORS,
++ &first_bad, &bad_sectors)) {
++ set_bit(R5_MadeGood, &sh->dev[i].flags);
++ if (test_bit(R5_ReadError, &sh->dev[i].flags))
++ /* That was a successful write so make
++ * sure it looks like we already did
++ * a re-write.
++ */
++ set_bit(R5_ReWrite, &sh->dev[i].flags);
++ }
++ }
++ rdev_dec_pending(rdev, conf->mddev);
++
++ if (!test_and_clear_bit(R5_DOUBLE_LOCKED, &sh->dev[i].flags))
++ clear_bit(R5_LOCKED, &sh->dev[i].flags);
++ set_bit(STRIPE_HANDLE, &sh->state);
++ release_stripe(sh);
++}
++
++static sector_t compute_blocknr(struct stripe_head *sh, int i, int previous);
++
++static void raid5_build_block(struct stripe_head *sh, int i, int previous)
++{
++ struct r5dev *dev = &sh->dev[i];
++
++ bio_init(&dev->req);
++ dev->req.bi_io_vec = &dev->vec;
++ dev->req.bi_max_vecs = 1;
++ dev->req.bi_private = sh;
++
++ bio_init(&dev->rreq);
++ dev->rreq.bi_io_vec = &dev->rvec;
++ dev->rreq.bi_max_vecs = 1;
++ dev->rreq.bi_private = sh;
++
++ dev->flags = 0;
++ dev->sector = compute_blocknr(sh, i, previous);
++}
++
++static void error(struct mddev *mddev, struct md_rdev *rdev)
++{
++ char b[BDEVNAME_SIZE];
++ struct r5conf *conf = mddev->private;
++ unsigned long flags;
++ pr_debug("raid456: error called\n");
++
++ spin_lock_irqsave(&conf->device_lock, flags);
++ clear_bit(In_sync, &rdev->flags);
++ mddev->degraded = calc_degraded(conf);
++ spin_unlock_irqrestore(&conf->device_lock, flags);
++ set_bit(MD_RECOVERY_INTR, &mddev->recovery);
++
++ set_bit(Blocked, &rdev->flags);
++ set_bit(Faulty, &rdev->flags);
++ set_bit(MD_CHANGE_DEVS, &mddev->flags);
++ printk(KERN_ALERT
++ "md/raid:%s: Disk failure on %s, disabling device.\n"
++ "md/raid:%s: Operation continuing on %d devices.\n",
++ mdname(mddev),
++ bdevname(rdev->bdev, b),
++ mdname(mddev),
++ conf->raid_disks - mddev->degraded);
++}
++
++/*
++ * Input: a 'big' sector number,
++ * Output: index of the data and parity disk, and the sector # in them.
++ */
++static sector_t raid5_compute_sector(struct r5conf *conf, sector_t r_sector,
++ int previous, int *dd_idx,
++ struct stripe_head *sh)
++{
++ sector_t stripe, stripe2;
++ sector_t chunk_number;
++ unsigned int chunk_offset;
++ int pd_idx, qd_idx;
++ int ddf_layout = 0;
++ sector_t new_sector;
++ int algorithm = previous ? conf->prev_algo
++ : conf->algorithm;
++ int sectors_per_chunk = previous ? conf->prev_chunk_sectors
++ : conf->chunk_sectors;
++ int raid_disks = previous ? conf->previous_raid_disks
++ : conf->raid_disks;
++ int data_disks = raid_disks - conf->max_degraded;
++
++ /* First compute the information on this sector */
++
++ /*
++ * Compute the chunk number and the sector offset inside the chunk
++ */
++ chunk_offset = sector_div(r_sector, sectors_per_chunk);
++ chunk_number = r_sector;
++
++ /*
++ * Compute the stripe number
++ */
++ stripe = chunk_number;
++ *dd_idx = sector_div(stripe, data_disks);
++ stripe2 = stripe;
++ /*
++ * Select the parity disk based on the user selected algorithm.
++ */
++ pd_idx = qd_idx = -1;
++ switch(conf->level) {
++ case 4:
++ pd_idx = data_disks;
++ break;
++ case 5:
++ switch (algorithm) {
++ case ALGORITHM_LEFT_ASYMMETRIC:
++ pd_idx = data_disks - sector_div(stripe2, raid_disks);
++ if (*dd_idx >= pd_idx)
++ (*dd_idx)++;
++ break;
++ case ALGORITHM_RIGHT_ASYMMETRIC:
++ pd_idx = sector_div(stripe2, raid_disks);
++ if (*dd_idx >= pd_idx)
++ (*dd_idx)++;
++ break;
++ case ALGORITHM_LEFT_SYMMETRIC:
++ pd_idx = data_disks - sector_div(stripe2, raid_disks);
++ *dd_idx = (pd_idx + 1 + *dd_idx) % raid_disks;
++ break;
++ case ALGORITHM_RIGHT_SYMMETRIC:
++ pd_idx = sector_div(stripe2, raid_disks);
++ *dd_idx = (pd_idx + 1 + *dd_idx) % raid_disks;
++ break;
++ case ALGORITHM_PARITY_0:
++ pd_idx = 0;
++ (*dd_idx)++;
++ break;
++ case ALGORITHM_PARITY_N:
++ pd_idx = data_disks;
++ break;
++ default:
++ BUG();
++ }
++ break;
++ case 6:
++
++ switch (algorithm) {
++ case ALGORITHM_LEFT_ASYMMETRIC:
++ pd_idx = raid_disks - 1 - sector_div(stripe2, raid_disks);
++ qd_idx = pd_idx + 1;
++ if (pd_idx == raid_disks-1) {
++ (*dd_idx)++; /* Q D D D P */
++ qd_idx = 0;
++ } else if (*dd_idx >= pd_idx)
++ (*dd_idx) += 2; /* D D P Q D */
++ break;
++ case ALGORITHM_RIGHT_ASYMMETRIC:
++ pd_idx = sector_div(stripe2, raid_disks);
++ qd_idx = pd_idx + 1;
++ if (pd_idx == raid_disks-1) {
++ (*dd_idx)++; /* Q D D D P */
++ qd_idx = 0;
++ } else if (*dd_idx >= pd_idx)
++ (*dd_idx) += 2; /* D D P Q D */
++ break;
++ case ALGORITHM_LEFT_SYMMETRIC:
++ pd_idx = raid_disks - 1 - sector_div(stripe2, raid_disks);
++ qd_idx = (pd_idx + 1) % raid_disks;
++ *dd_idx = (pd_idx + 2 + *dd_idx) % raid_disks;
++ break;
++ case ALGORITHM_RIGHT_SYMMETRIC:
++ pd_idx = sector_div(stripe2, raid_disks);
++ qd_idx = (pd_idx + 1) % raid_disks;
++ *dd_idx = (pd_idx + 2 + *dd_idx) % raid_disks;
++ break;
++
++ case ALGORITHM_PARITY_0:
++ pd_idx = 0;
++ qd_idx = 1;
++ (*dd_idx) += 2;
++ break;
++ case ALGORITHM_PARITY_N:
++ pd_idx = data_disks;
++ qd_idx = data_disks + 1;
++ break;
++
++ case ALGORITHM_ROTATING_ZERO_RESTART:
++ /* Exactly the same as RIGHT_ASYMMETRIC, but or
++ * of blocks for computing Q is different.
++ */
++ pd_idx = sector_div(stripe2, raid_disks);
++ qd_idx = pd_idx + 1;
++ if (pd_idx == raid_disks-1) {
++ (*dd_idx)++; /* Q D D D P */
++ qd_idx = 0;
++ } else if (*dd_idx >= pd_idx)
++ (*dd_idx) += 2; /* D D P Q D */
++ ddf_layout = 1;
++ break;
++
++ case ALGORITHM_ROTATING_N_RESTART:
++ /* Same a left_asymmetric, by first stripe is
++ * D D D P Q rather than
++ * Q D D D P
++ */
++ stripe2 += 1;
++ pd_idx = raid_disks - 1 - sector_div(stripe2, raid_disks);
++ qd_idx = pd_idx + 1;
++ if (pd_idx == raid_disks-1) {
++ (*dd_idx)++; /* Q D D D P */
++ qd_idx = 0;
++ } else if (*dd_idx >= pd_idx)
++ (*dd_idx) += 2; /* D D P Q D */
++ ddf_layout = 1;
++ break;
++
++ case ALGORITHM_ROTATING_N_CONTINUE:
++ /* Same as left_symmetric but Q is before P */
++ pd_idx = raid_disks - 1 - sector_div(stripe2, raid_disks);
++ qd_idx = (pd_idx + raid_disks - 1) % raid_disks;
++ *dd_idx = (pd_idx + 1 + *dd_idx) % raid_disks;
++ ddf_layout = 1;
++ break;
++
++ case ALGORITHM_LEFT_ASYMMETRIC_6:
++ /* RAID5 left_asymmetric, with Q on last device */
++ pd_idx = data_disks - sector_div(stripe2, raid_disks-1);
++ if (*dd_idx >= pd_idx)
++ (*dd_idx)++;
++ qd_idx = raid_disks - 1;
++ break;
++
++ case ALGORITHM_RIGHT_ASYMMETRIC_6:
++ pd_idx = sector_div(stripe2, raid_disks-1);
++ if (*dd_idx >= pd_idx)
++ (*dd_idx)++;
++ qd_idx = raid_disks - 1;
++ break;
++
++ case ALGORITHM_LEFT_SYMMETRIC_6:
++ pd_idx = data_disks - sector_div(stripe2, raid_disks-1);
++ *dd_idx = (pd_idx + 1 + *dd_idx) % (raid_disks-1);
++ qd_idx = raid_disks - 1;
++ break;
++
++ case ALGORITHM_RIGHT_SYMMETRIC_6:
++ pd_idx = sector_div(stripe2, raid_disks-1);
++ *dd_idx = (pd_idx + 1 + *dd_idx) % (raid_disks-1);
++ qd_idx = raid_disks - 1;
++ break;
++
++ case ALGORITHM_PARITY_0_6:
++ pd_idx = 0;
++ (*dd_idx)++;
++ qd_idx = raid_disks - 1;
++ break;
++
++ default:
++ BUG();
++ }
++ break;
++ }
++
++ if (sh) {
++ sh->pd_idx = pd_idx;
++ sh->qd_idx = qd_idx;
++ sh->ddf_layout = ddf_layout;
++ }
++ /*
++ * Finally, compute the new sector number
++ */
++ new_sector = (sector_t)stripe * sectors_per_chunk + chunk_offset;
++ return new_sector;
++}
++
++static sector_t compute_blocknr(struct stripe_head *sh, int i, int previous)
++{
++ struct r5conf *conf = sh->raid_conf;
++ int raid_disks = sh->disks;
++ int data_disks = raid_disks - conf->max_degraded;
++ sector_t new_sector = sh->sector, check;
++ int sectors_per_chunk = previous ? conf->prev_chunk_sectors
++ : conf->chunk_sectors;
++ int algorithm = previous ? conf->prev_algo
++ : conf->algorithm;
++ sector_t stripe;
++ int chunk_offset;
++ sector_t chunk_number;
++ int dummy1, dd_idx = i;
++ sector_t r_sector;
++ struct stripe_head sh2;
++
++ chunk_offset = sector_div(new_sector, sectors_per_chunk);
++ stripe = new_sector;
++
++ if (i == sh->pd_idx)
++ return 0;
++ switch(conf->level) {
++ case 4: break;
++ case 5:
++ switch (algorithm) {
++ case ALGORITHM_LEFT_ASYMMETRIC:
++ case ALGORITHM_RIGHT_ASYMMETRIC:
++ if (i > sh->pd_idx)
++ i--;
++ break;
++ case ALGORITHM_LEFT_SYMMETRIC:
++ case ALGORITHM_RIGHT_SYMMETRIC:
++ if (i < sh->pd_idx)
++ i += raid_disks;
++ i -= (sh->pd_idx + 1);
++ break;
++ case ALGORITHM_PARITY_0:
++ i -= 1;
++ break;
++ case ALGORITHM_PARITY_N:
++ break;
++ default:
++ BUG();
++ }
++ break;
++ case 6:
++ if (i == sh->qd_idx)
++ return 0; /* It is the Q disk */
++ switch (algorithm) {
++ case ALGORITHM_LEFT_ASYMMETRIC:
++ case ALGORITHM_RIGHT_ASYMMETRIC:
++ case ALGORITHM_ROTATING_ZERO_RESTART:
++ case ALGORITHM_ROTATING_N_RESTART:
++ if (sh->pd_idx == raid_disks-1)
++ i--; /* Q D D D P */
++ else if (i > sh->pd_idx)
++ i -= 2; /* D D P Q D */
++ break;
++ case ALGORITHM_LEFT_SYMMETRIC:
++ case ALGORITHM_RIGHT_SYMMETRIC:
++ if (sh->pd_idx == raid_disks-1)
++ i--; /* Q D D D P */
++ else {
++ /* D D P Q D */
++ if (i < sh->pd_idx)
++ i += raid_disks;
++ i -= (sh->pd_idx + 2);
++ }
++ break;
++ case ALGORITHM_PARITY_0:
++ i -= 2;
++ break;
++ case ALGORITHM_PARITY_N:
++ break;
++ case ALGORITHM_ROTATING_N_CONTINUE:
++ /* Like left_symmetric, but P is before Q */
++ if (sh->pd_idx == 0)
++ i--; /* P D D D Q */
++ else {
++ /* D D Q P D */
++ if (i < sh->pd_idx)
++ i += raid_disks;
++ i -= (sh->pd_idx + 1);
++ }
++ break;
++ case ALGORITHM_LEFT_ASYMMETRIC_6:
++ case ALGORITHM_RIGHT_ASYMMETRIC_6:
++ if (i > sh->pd_idx)
++ i--;
++ break;
++ case ALGORITHM_LEFT_SYMMETRIC_6:
++ case ALGORITHM_RIGHT_SYMMETRIC_6:
++ if (i < sh->pd_idx)
++ i += data_disks + 1;
++ i -= (sh->pd_idx + 1);
++ break;
++ case ALGORITHM_PARITY_0_6:
++ i -= 1;
++ break;
++ default:
++ BUG();
++ }
++ break;
++ }
++
++ chunk_number = stripe * data_disks + i;
++ r_sector = chunk_number * sectors_per_chunk + chunk_offset;
++
++ check = raid5_compute_sector(conf, r_sector,
++ previous, &dummy1, &sh2);
++ if (check != sh->sector || dummy1 != dd_idx || sh2.pd_idx != sh->pd_idx
++ || sh2.qd_idx != sh->qd_idx) {
++ printk(KERN_ERR "md/raid:%s: compute_blocknr: map not correct\n",
++ mdname(conf->mddev));
++ return 0;
++ }
++ return r_sector;
++}
++
++static void
++schedule_reconstruction(struct stripe_head *sh, struct stripe_head_state *s,
++ int rcw, int expand)
++{
++ int i, pd_idx = sh->pd_idx, disks = sh->disks;
++ struct r5conf *conf = sh->raid_conf;
++ int level = conf->level;
++
++ if (rcw) {
++
++ for (i = disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++
++ if (dev->towrite) {
++ set_bit(R5_LOCKED, &dev->flags);
++ set_bit(R5_Wantdrain, &dev->flags);
++ if (!expand)
++ clear_bit(R5_UPTODATE, &dev->flags);
++ s->locked++;
++ }
++ }
++ /* if we are not expanding this is a proper write request, and
++ * there will be bios with new data to be drained into the
++ * stripe cache
++ */
++ if (!expand) {
++ if (!s->locked)
++ /* False alarm, nothing to do */
++ return;
++ sh->reconstruct_state = reconstruct_state_drain_run;
++ set_bit(STRIPE_OP_BIODRAIN, &s->ops_request);
++ } else
++ sh->reconstruct_state = reconstruct_state_run;
++
++ set_bit(STRIPE_OP_RECONSTRUCT, &s->ops_request);
++
++ if (s->locked + conf->max_degraded == disks)
++ if (!test_and_set_bit(STRIPE_FULL_WRITE, &sh->state))
++ atomic_inc(&conf->pending_full_writes);
++ } else {
++ BUG_ON(level == 6);
++ BUG_ON(!(test_bit(R5_UPTODATE, &sh->dev[pd_idx].flags) ||
++ test_bit(R5_Wantcompute, &sh->dev[pd_idx].flags)));
++
++ for (i = disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++ if (i == pd_idx)
++ continue;
++
++ if (dev->towrite &&
++ (test_bit(R5_UPTODATE, &dev->flags) ||
++ test_bit(R5_Wantcompute, &dev->flags))) {
++ set_bit(R5_Wantdrain, &dev->flags);
++ set_bit(R5_LOCKED, &dev->flags);
++ clear_bit(R5_UPTODATE, &dev->flags);
++ s->locked++;
++ }
++ }
++ if (!s->locked)
++ /* False alarm - nothing to do */
++ return;
++ sh->reconstruct_state = reconstruct_state_prexor_drain_run;
++ set_bit(STRIPE_OP_PREXOR, &s->ops_request);
++ set_bit(STRIPE_OP_BIODRAIN, &s->ops_request);
++ set_bit(STRIPE_OP_RECONSTRUCT, &s->ops_request);
++ }
++
++ /* keep the parity disk(s) locked while asynchronous operations
++ * are in flight
++ */
++ set_bit(R5_LOCKED, &sh->dev[pd_idx].flags);
++ clear_bit(R5_UPTODATE, &sh->dev[pd_idx].flags);
++ s->locked++;
++
++ if (level == 6) {
++ int qd_idx = sh->qd_idx;
++ struct r5dev *dev = &sh->dev[qd_idx];
++
++ set_bit(R5_LOCKED, &dev->flags);
++ clear_bit(R5_UPTODATE, &dev->flags);
++ s->locked++;
++ }
++
++ pr_debug("%s: stripe %llu locked: %d ops_request: %lx\n",
++ __func__, (unsigned long long)sh->sector,
++ s->locked, s->ops_request);
++}
++
++/*
++ * Each stripe/dev can have one or more bion attached.
++ * toread/towrite point to the first in a chain.
++ * The bi_next chain must be in order.
++ */
++static int add_stripe_bio(struct stripe_head *sh, struct bio *bi, int dd_idx, int forwrite)
++{
++ struct bio **bip;
++ struct r5conf *conf = sh->raid_conf;
++ int firstwrite=0;
++
++ pr_debug("adding bi b#%llu to stripe s#%llu\n",
++ (unsigned long long)bi->bi_iter.bi_sector,
++ (unsigned long long)sh->sector);
++
++ /*
++ * If several bio share a stripe. The bio bi_phys_segments acts as a
++ * reference count to avoid race. The reference count should already be
++ * increased before this function is called (for example, in
++ * make_request()), so other bio sharing this stripe will not free the
++ * stripe. If a stripe is owned by one stripe, the stripe lock will
++ * protect it.
++ */
++ spin_lock_irq(&sh->stripe_lock);
++ if (forwrite) {
++ bip = &sh->dev[dd_idx].towrite;
++ if (*bip == NULL)
++ firstwrite = 1;
++ } else
++ bip = &sh->dev[dd_idx].toread;
++ while (*bip && (*bip)->bi_iter.bi_sector < bi->bi_iter.bi_sector) {
++ if (bio_end_sector(*bip) > bi->bi_iter.bi_sector)
++ goto overlap;
++ bip = & (*bip)->bi_next;
++ }
++ if (*bip && (*bip)->bi_iter.bi_sector < bio_end_sector(bi))
++ goto overlap;
++
++ BUG_ON(*bip && bi->bi_next && (*bip) != bi->bi_next);
++ if (*bip)
++ bi->bi_next = *bip;
++ *bip = bi;
++ raid5_inc_bi_active_stripes(bi);
++
++ if (forwrite) {
++ /* check if page is covered */
++ sector_t sector = sh->dev[dd_idx].sector;
++ for (bi=sh->dev[dd_idx].towrite;
++ sector < sh->dev[dd_idx].sector + STRIPE_SECTORS &&
++ bi && bi->bi_iter.bi_sector <= sector;
++ bi = r5_next_bio(bi, sh->dev[dd_idx].sector)) {
++ if (bio_end_sector(bi) >= sector)
++ sector = bio_end_sector(bi);
++ }
++ if (sector >= sh->dev[dd_idx].sector + STRIPE_SECTORS)
++ set_bit(R5_OVERWRITE, &sh->dev[dd_idx].flags);
++ }
++
++ pr_debug("added bi b#%llu to stripe s#%llu, disk %d.\n",
++ (unsigned long long)(*bip)->bi_iter.bi_sector,
++ (unsigned long long)sh->sector, dd_idx);
++ spin_unlock_irq(&sh->stripe_lock);
++
++ if (conf->mddev->bitmap && firstwrite) {
++ bitmap_startwrite(conf->mddev->bitmap, sh->sector,
++ STRIPE_SECTORS, 0);
++ sh->bm_seq = conf->seq_flush+1;
++ set_bit(STRIPE_BIT_DELAY, &sh->state);
++ }
++ return 1;
++
++ overlap:
++ set_bit(R5_Overlap, &sh->dev[dd_idx].flags);
++ spin_unlock_irq(&sh->stripe_lock);
++ return 0;
++}
++
++static void end_reshape(struct r5conf *conf);
++
++static void stripe_set_idx(sector_t stripe, struct r5conf *conf, int previous,
++ struct stripe_head *sh)
++{
++ int sectors_per_chunk =
++ previous ? conf->prev_chunk_sectors : conf->chunk_sectors;
++ int dd_idx;
++ int chunk_offset = sector_div(stripe, sectors_per_chunk);
++ int disks = previous ? conf->previous_raid_disks : conf->raid_disks;
++
++ raid5_compute_sector(conf,
++ stripe * (disks - conf->max_degraded)
++ *sectors_per_chunk + chunk_offset,
++ previous,
++ &dd_idx, sh);
++}
++
++static void
++handle_failed_stripe(struct r5conf *conf, struct stripe_head *sh,
++ struct stripe_head_state *s, int disks,
++ struct bio **return_bi)
++{
++ int i;
++ for (i = disks; i--; ) {
++ struct bio *bi;
++ int bitmap_end = 0;
++
++ if (test_bit(R5_ReadError, &sh->dev[i].flags)) {
++ struct md_rdev *rdev;
++ rcu_read_lock();
++ rdev = rcu_dereference(conf->disks[i].rdev);
++ if (rdev && test_bit(In_sync, &rdev->flags))
++ atomic_inc(&rdev->nr_pending);
++ else
++ rdev = NULL;
++ rcu_read_unlock();
++ if (rdev) {
++ if (!rdev_set_badblocks(
++ rdev,
++ sh->sector,
++ STRIPE_SECTORS, 0))
++ md_error(conf->mddev, rdev);
++ rdev_dec_pending(rdev, conf->mddev);
++ }
++ }
++ spin_lock_irq(&sh->stripe_lock);
++ /* fail all writes first */
++ bi = sh->dev[i].towrite;
++ sh->dev[i].towrite = NULL;
++ spin_unlock_irq(&sh->stripe_lock);
++ if (bi)
++ bitmap_end = 1;
++
++ if (test_and_clear_bit(R5_Overlap, &sh->dev[i].flags))
++ wake_up(&conf->wait_for_overlap);
++
++ while (bi && bi->bi_iter.bi_sector <
++ sh->dev[i].sector + STRIPE_SECTORS) {
++ struct bio *nextbi = r5_next_bio(bi, sh->dev[i].sector);
++ clear_bit(BIO_UPTODATE, &bi->bi_flags);
++ if (!raid5_dec_bi_active_stripes(bi)) {
++ md_write_end(conf->mddev);
++ bi->bi_next = *return_bi;
++ *return_bi = bi;
++ }
++ bi = nextbi;
++ }
++ if (bitmap_end)
++ bitmap_endwrite(conf->mddev->bitmap, sh->sector,
++ STRIPE_SECTORS, 0, 0);
++ bitmap_end = 0;
++ /* and fail all 'written' */
++ bi = sh->dev[i].written;
++ sh->dev[i].written = NULL;
++ if (test_and_clear_bit(R5_SkipCopy, &sh->dev[i].flags)) {
++ WARN_ON(test_bit(R5_UPTODATE, &sh->dev[i].flags));
++ sh->dev[i].page = sh->dev[i].orig_page;
++ }
++
++ if (bi) bitmap_end = 1;
++ while (bi && bi->bi_iter.bi_sector <
++ sh->dev[i].sector + STRIPE_SECTORS) {
++ struct bio *bi2 = r5_next_bio(bi, sh->dev[i].sector);
++ clear_bit(BIO_UPTODATE, &bi->bi_flags);
++ if (!raid5_dec_bi_active_stripes(bi)) {
++ md_write_end(conf->mddev);
++ bi->bi_next = *return_bi;
++ *return_bi = bi;
++ }
++ bi = bi2;
++ }
++
++ /* fail any reads if this device is non-operational and
++ * the data has not reached the cache yet.
++ */
++ if (!test_bit(R5_Wantfill, &sh->dev[i].flags) &&
++ (!test_bit(R5_Insync, &sh->dev[i].flags) ||
++ test_bit(R5_ReadError, &sh->dev[i].flags))) {
++ spin_lock_irq(&sh->stripe_lock);
++ bi = sh->dev[i].toread;
++ sh->dev[i].toread = NULL;
++ spin_unlock_irq(&sh->stripe_lock);
++ if (test_and_clear_bit(R5_Overlap, &sh->dev[i].flags))
++ wake_up(&conf->wait_for_overlap);
++ while (bi && bi->bi_iter.bi_sector <
++ sh->dev[i].sector + STRIPE_SECTORS) {
++ struct bio *nextbi =
++ r5_next_bio(bi, sh->dev[i].sector);
++ clear_bit(BIO_UPTODATE, &bi->bi_flags);
++ if (!raid5_dec_bi_active_stripes(bi)) {
++ bi->bi_next = *return_bi;
++ *return_bi = bi;
++ }
++ bi = nextbi;
++ }
++ }
++ if (bitmap_end)
++ bitmap_endwrite(conf->mddev->bitmap, sh->sector,
++ STRIPE_SECTORS, 0, 0);
++ /* If we were in the middle of a write the parity block might
++ * still be locked - so just clear all R5_LOCKED flags
++ */
++ clear_bit(R5_LOCKED, &sh->dev[i].flags);
++ }
++
++ if (test_and_clear_bit(STRIPE_FULL_WRITE, &sh->state))
++ if (atomic_dec_and_test(&conf->pending_full_writes))
++ md_wakeup_thread(conf->mddev->thread);
++}
++
++static void
++handle_failed_sync(struct r5conf *conf, struct stripe_head *sh,
++ struct stripe_head_state *s)
++{
++ int abort = 0;
++ int i;
++
++ clear_bit(STRIPE_SYNCING, &sh->state);
++ if (test_and_clear_bit(R5_Overlap, &sh->dev[sh->pd_idx].flags))
++ wake_up(&conf->wait_for_overlap);
++ s->syncing = 0;
++ s->replacing = 0;
++ /* There is nothing more to do for sync/check/repair.
++ * Don't even need to abort as that is handled elsewhere
++ * if needed, and not always wanted e.g. if there is a known
++ * bad block here.
++ * For recover/replace we need to record a bad block on all
++ * non-sync devices, or abort the recovery
++ */
++ if (test_bit(MD_RECOVERY_RECOVER, &conf->mddev->recovery)) {
++ /* During recovery devices cannot be removed, so
++ * locking and refcounting of rdevs is not needed
++ */
++ for (i = 0; i < conf->raid_disks; i++) {
++ struct md_rdev *rdev = conf->disks[i].rdev;
++ if (rdev
++ && !test_bit(Faulty, &rdev->flags)
++ && !test_bit(In_sync, &rdev->flags)
++ && !rdev_set_badblocks(rdev, sh->sector,
++ STRIPE_SECTORS, 0))
++ abort = 1;
++ rdev = conf->disks[i].replacement;
++ if (rdev
++ && !test_bit(Faulty, &rdev->flags)
++ && !test_bit(In_sync, &rdev->flags)
++ && !rdev_set_badblocks(rdev, sh->sector,
++ STRIPE_SECTORS, 0))
++ abort = 1;
++ }
++ if (abort)
++ conf->recovery_disabled =
++ conf->mddev->recovery_disabled;
++ }
++ md_done_sync(conf->mddev, STRIPE_SECTORS, !abort);
++}
++
++static int want_replace(struct stripe_head *sh, int disk_idx)
++{
++ struct md_rdev *rdev;
++ int rv = 0;
++ /* Doing recovery so rcu locking not required */
++ rdev = sh->raid_conf->disks[disk_idx].replacement;
++ if (rdev
++ && !test_bit(Faulty, &rdev->flags)
++ && !test_bit(In_sync, &rdev->flags)
++ && (rdev->recovery_offset <= sh->sector
++ || rdev->mddev->recovery_cp <= sh->sector))
++ rv = 1;
++
++ return rv;
++}
++
++/* fetch_block - checks the given member device to see if its data needs
++ * to be read or computed to satisfy a request.
++ *
++ * Returns 1 when no more member devices need to be checked, otherwise returns
++ * 0 to tell the loop in handle_stripe_fill to continue
++ */
++static int fetch_block(struct stripe_head *sh, struct stripe_head_state *s,
++ int disk_idx, int disks)
++{
++ struct r5dev *dev = &sh->dev[disk_idx];
++ struct r5dev *fdev[2] = { &sh->dev[s->failed_num[0]],
++ &sh->dev[s->failed_num[1]] };
++
++ /* is the data in this block needed, and can we get it? */
++ if (!test_bit(R5_LOCKED, &dev->flags) &&
++ !test_bit(R5_UPTODATE, &dev->flags) &&
++ (dev->toread ||
++ (dev->towrite && !test_bit(R5_OVERWRITE, &dev->flags)) ||
++ s->syncing || s->expanding ||
++ (s->replacing && want_replace(sh, disk_idx)) ||
++ (s->failed >= 1 && fdev[0]->toread) ||
++ (s->failed >= 2 && fdev[1]->toread) ||
++ (sh->raid_conf->level <= 5 && s->failed && fdev[0]->towrite &&
++ (!test_bit(R5_Insync, &dev->flags) || test_bit(STRIPE_PREREAD_ACTIVE, &sh->state)) &&
++ !test_bit(R5_OVERWRITE, &fdev[0]->flags)) ||
++ ((sh->raid_conf->level == 6 ||
++ sh->sector >= sh->raid_conf->mddev->recovery_cp)
++ && s->failed && s->to_write &&
++ (s->to_write - s->non_overwrite <
++ sh->raid_conf->raid_disks - sh->raid_conf->max_degraded) &&
++ (!test_bit(R5_Insync, &dev->flags) || test_bit(STRIPE_PREREAD_ACTIVE, &sh->state))))) {
++ /* we would like to get this block, possibly by computing it,
++ * otherwise read it if the backing disk is insync
++ */
++ BUG_ON(test_bit(R5_Wantcompute, &dev->flags));
++ BUG_ON(test_bit(R5_Wantread, &dev->flags));
++ if ((s->uptodate == disks - 1) &&
++ (s->failed && (disk_idx == s->failed_num[0] ||
++ disk_idx == s->failed_num[1]))) {
++ /* have disk failed, and we're requested to fetch it;
++ * do compute it
++ */
++ pr_debug("Computing stripe %llu block %d\n",
++ (unsigned long long)sh->sector, disk_idx);
++ set_bit(STRIPE_COMPUTE_RUN, &sh->state);
++ set_bit(STRIPE_OP_COMPUTE_BLK, &s->ops_request);
++ set_bit(R5_Wantcompute, &dev->flags);
++ sh->ops.target = disk_idx;
++ sh->ops.target2 = -1; /* no 2nd target */
++ s->req_compute = 1;
++ /* Careful: from this point on 'uptodate' is in the eye
++ * of raid_run_ops which services 'compute' operations
++ * before writes. R5_Wantcompute flags a block that will
++ * be R5_UPTODATE by the time it is needed for a
++ * subsequent operation.
++ */
++ s->uptodate++;
++ return 1;
++ } else if (s->uptodate == disks-2 && s->failed >= 2) {
++ /* Computing 2-failure is *very* expensive; only
++ * do it if failed >= 2
++ */
++ int other;
++ for (other = disks; other--; ) {
++ if (other == disk_idx)
++ continue;
++ if (!test_bit(R5_UPTODATE,
++ &sh->dev[other].flags))
++ break;
++ }
++ BUG_ON(other < 0);
++ pr_debug("Computing stripe %llu blocks %d,%d\n",
++ (unsigned long long)sh->sector,
++ disk_idx, other);
++ set_bit(STRIPE_COMPUTE_RUN, &sh->state);
++ set_bit(STRIPE_OP_COMPUTE_BLK, &s->ops_request);
++ set_bit(R5_Wantcompute, &sh->dev[disk_idx].flags);
++ set_bit(R5_Wantcompute, &sh->dev[other].flags);
++ sh->ops.target = disk_idx;
++ sh->ops.target2 = other;
++ s->uptodate += 2;
++ s->req_compute = 1;
++ return 1;
++ } else if (test_bit(R5_Insync, &dev->flags)) {
++ set_bit(R5_LOCKED, &dev->flags);
++ set_bit(R5_Wantread, &dev->flags);
++ s->locked++;
++ pr_debug("Reading block %d (sync=%d)\n",
++ disk_idx, s->syncing);
++ }
++ }
++
++ return 0;
++}
++
++/**
++ * handle_stripe_fill - read or compute data to satisfy pending requests.
++ */
++static void handle_stripe_fill(struct stripe_head *sh,
++ struct stripe_head_state *s,
++ int disks)
++{
++ int i;
++
++ /* look for blocks to read/compute, skip this if a compute
++ * is already in flight, or if the stripe contents are in the
++ * midst of changing due to a write
++ */
++ if (!test_bit(STRIPE_COMPUTE_RUN, &sh->state) && !sh->check_state &&
++ !sh->reconstruct_state)
++ for (i = disks; i--; )
++ if (fetch_block(sh, s, i, disks))
++ break;
++ set_bit(STRIPE_HANDLE, &sh->state);
++}
++
++/* handle_stripe_clean_event
++ * any written block on an uptodate or failed drive can be returned.
++ * Note that if we 'wrote' to a failed drive, it will be UPTODATE, but
++ * never LOCKED, so we don't need to test 'failed' directly.
++ */
++static void handle_stripe_clean_event(struct r5conf *conf,
++ struct stripe_head *sh, int disks, struct bio **return_bi)
++{
++ int i;
++ struct r5dev *dev;
++ int discard_pending = 0;
++
++ for (i = disks; i--; )
++ if (sh->dev[i].written) {
++ dev = &sh->dev[i];
++ if (!test_bit(R5_LOCKED, &dev->flags) &&
++ (test_bit(R5_UPTODATE, &dev->flags) ||
++ test_bit(R5_Discard, &dev->flags) ||
++ test_bit(R5_SkipCopy, &dev->flags))) {
++ /* We can return any write requests */
++ struct bio *wbi, *wbi2;
++ pr_debug("Return write for disc %d\n", i);
++ if (test_and_clear_bit(R5_Discard, &dev->flags))
++ clear_bit(R5_UPTODATE, &dev->flags);
++ if (test_and_clear_bit(R5_SkipCopy, &dev->flags)) {
++ WARN_ON(test_bit(R5_UPTODATE, &dev->flags));
++ dev->page = dev->orig_page;
++ }
++ wbi = dev->written;
++ dev->written = NULL;
++ while (wbi && wbi->bi_iter.bi_sector <
++ dev->sector + STRIPE_SECTORS) {
++ wbi2 = r5_next_bio(wbi, dev->sector);
++ if (!raid5_dec_bi_active_stripes(wbi)) {
++ md_write_end(conf->mddev);
++ wbi->bi_next = *return_bi;
++ *return_bi = wbi;
++ }
++ wbi = wbi2;
++ }
++ bitmap_endwrite(conf->mddev->bitmap, sh->sector,
++ STRIPE_SECTORS,
++ !test_bit(STRIPE_DEGRADED, &sh->state),
++ 0);
++ } else if (test_bit(R5_Discard, &dev->flags))
++ discard_pending = 1;
++ WARN_ON(test_bit(R5_SkipCopy, &dev->flags));
++ WARN_ON(dev->page != dev->orig_page);
++ }
++ if (!discard_pending &&
++ test_bit(R5_Discard, &sh->dev[sh->pd_idx].flags)) {
++ clear_bit(R5_Discard, &sh->dev[sh->pd_idx].flags);
++ clear_bit(R5_UPTODATE, &sh->dev[sh->pd_idx].flags);
++ if (sh->qd_idx >= 0) {
++ clear_bit(R5_Discard, &sh->dev[sh->qd_idx].flags);
++ clear_bit(R5_UPTODATE, &sh->dev[sh->qd_idx].flags);
++ }
++ /* now that discard is done we can proceed with any sync */
++ clear_bit(STRIPE_DISCARD, &sh->state);
++ /*
++ * SCSI discard will change some bio fields and the stripe has
++ * no updated data, so remove it from hash list and the stripe
++ * will be reinitialized
++ */
++ spin_lock_irq(&conf->device_lock);
++ remove_hash(sh);
++ spin_unlock_irq(&conf->device_lock);
++ if (test_bit(STRIPE_SYNC_REQUESTED, &sh->state))
++ set_bit(STRIPE_HANDLE, &sh->state);
++
++ }
++
++ if (test_and_clear_bit(STRIPE_FULL_WRITE, &sh->state))
++ if (atomic_dec_and_test(&conf->pending_full_writes))
++ md_wakeup_thread(conf->mddev->thread);
++}
++
++static void handle_stripe_dirtying(struct r5conf *conf,
++ struct stripe_head *sh,
++ struct stripe_head_state *s,
++ int disks)
++{
++ int rmw = 0, rcw = 0, i;
++ sector_t recovery_cp = conf->mddev->recovery_cp;
++
++ /* RAID6 requires 'rcw' in current implementation.
++ * Otherwise, check whether resync is now happening or should start.
++ * If yes, then the array is dirty (after unclean shutdown or
++ * initial creation), so parity in some stripes might be inconsistent.
++ * In this case, we need to always do reconstruct-write, to ensure
++ * that in case of drive failure or read-error correction, we
++ * generate correct data from the parity.
++ */
++ if (conf->max_degraded == 2 ||
++ (recovery_cp < MaxSector && sh->sector >= recovery_cp &&
++ s->failed == 0)) {
++ /* Calculate the real rcw later - for now make it
++ * look like rcw is cheaper
++ */
++ rcw = 1; rmw = 2;
++ pr_debug("force RCW max_degraded=%u, recovery_cp=%llu sh->sector=%llu\n",
++ conf->max_degraded, (unsigned long long)recovery_cp,
++ (unsigned long long)sh->sector);
++ } else for (i = disks; i--; ) {
++ /* would I have to read this buffer for read_modify_write */
++ struct r5dev *dev = &sh->dev[i];
++ if ((dev->towrite || i == sh->pd_idx) &&
++ !test_bit(R5_LOCKED, &dev->flags) &&
++ !(test_bit(R5_UPTODATE, &dev->flags) ||
++ test_bit(R5_Wantcompute, &dev->flags))) {
++ if (test_bit(R5_Insync, &dev->flags))
++ rmw++;
++ else
++ rmw += 2*disks; /* cannot read it */
++ }
++ /* Would I have to read this buffer for reconstruct_write */
++ if (!test_bit(R5_OVERWRITE, &dev->flags) && i != sh->pd_idx &&
++ !test_bit(R5_LOCKED, &dev->flags) &&
++ !(test_bit(R5_UPTODATE, &dev->flags) ||
++ test_bit(R5_Wantcompute, &dev->flags))) {
++ if (test_bit(R5_Insync, &dev->flags))
++ rcw++;
++ else
++ rcw += 2*disks;
++ }
++ }
++ pr_debug("for sector %llu, rmw=%d rcw=%d\n",
++ (unsigned long long)sh->sector, rmw, rcw);
++ set_bit(STRIPE_HANDLE, &sh->state);
++ if (rmw < rcw && rmw > 0) {
++ /* prefer read-modify-write, but need to get some data */
++ if (conf->mddev->queue)
++ blk_add_trace_msg(conf->mddev->queue,
++ "raid5 rmw %llu %d",
++ (unsigned long long)sh->sector, rmw);
++ for (i = disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++ if ((dev->towrite || i == sh->pd_idx) &&
++ !test_bit(R5_LOCKED, &dev->flags) &&
++ !(test_bit(R5_UPTODATE, &dev->flags) ||
++ test_bit(R5_Wantcompute, &dev->flags)) &&
++ test_bit(R5_Insync, &dev->flags)) {
++ if (test_bit(STRIPE_PREREAD_ACTIVE,
++ &sh->state)) {
++ pr_debug("Read_old block %d for r-m-w\n",
++ i);
++ set_bit(R5_LOCKED, &dev->flags);
++ set_bit(R5_Wantread, &dev->flags);
++ s->locked++;
++ } else {
++ set_bit(STRIPE_DELAYED, &sh->state);
++ set_bit(STRIPE_HANDLE, &sh->state);
++ }
++ }
++ }
++ }
++ if (rcw <= rmw && rcw > 0) {
++ /* want reconstruct write, but need to get some data */
++ int qread =0;
++ rcw = 0;
++ for (i = disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++ if (!test_bit(R5_OVERWRITE, &dev->flags) &&
++ i != sh->pd_idx && i != sh->qd_idx &&
++ !test_bit(R5_LOCKED, &dev->flags) &&
++ !(test_bit(R5_UPTODATE, &dev->flags) ||
++ test_bit(R5_Wantcompute, &dev->flags))) {
++ rcw++;
++ if (test_bit(R5_Insync, &dev->flags) &&
++ test_bit(STRIPE_PREREAD_ACTIVE,
++ &sh->state)) {
++ pr_debug("Read_old block "
++ "%d for Reconstruct\n", i);
++ set_bit(R5_LOCKED, &dev->flags);
++ set_bit(R5_Wantread, &dev->flags);
++ s->locked++;
++ qread++;
++ } else {
++ set_bit(STRIPE_DELAYED, &sh->state);
++ set_bit(STRIPE_HANDLE, &sh->state);
++ }
++ }
++ }
++ if (rcw && conf->mddev->queue)
++ blk_add_trace_msg(conf->mddev->queue, "raid5 rcw %llu %d %d %d",
++ (unsigned long long)sh->sector,
++ rcw, qread, test_bit(STRIPE_DELAYED, &sh->state));
++ }
++
++ if (rcw > disks && rmw > disks &&
++ !test_bit(STRIPE_PREREAD_ACTIVE, &sh->state))
++ set_bit(STRIPE_DELAYED, &sh->state);
++
++ /* now if nothing is locked, and if we have enough data,
++ * we can start a write request
++ */
++ /* since handle_stripe can be called at any time we need to handle the
++ * case where a compute block operation has been submitted and then a
++ * subsequent call wants to start a write request. raid_run_ops only
++ * handles the case where compute block and reconstruct are requested
++ * simultaneously. If this is not the case then new writes need to be
++ * held off until the compute completes.
++ */
++ if ((s->req_compute || !test_bit(STRIPE_COMPUTE_RUN, &sh->state)) &&
++ (s->locked == 0 && (rcw == 0 || rmw == 0) &&
++ !test_bit(STRIPE_BIT_DELAY, &sh->state)))
++ schedule_reconstruction(sh, s, rcw == 0, 0);
++}
++
++static void handle_parity_checks5(struct r5conf *conf, struct stripe_head *sh,
++ struct stripe_head_state *s, int disks)
++{
++ struct r5dev *dev = NULL;
++
++ set_bit(STRIPE_HANDLE, &sh->state);
++
++ switch (sh->check_state) {
++ case check_state_idle:
++ /* start a new check operation if there are no failures */
++ if (s->failed == 0) {
++ BUG_ON(s->uptodate != disks);
++ sh->check_state = check_state_run;
++ set_bit(STRIPE_OP_CHECK, &s->ops_request);
++ clear_bit(R5_UPTODATE, &sh->dev[sh->pd_idx].flags);
++ s->uptodate--;
++ break;
++ }
++ dev = &sh->dev[s->failed_num[0]];
++ /* fall through */
++ case check_state_compute_result:
++ sh->check_state = check_state_idle;
++ if (!dev)
++ dev = &sh->dev[sh->pd_idx];
++
++ /* check that a write has not made the stripe insync */
++ if (test_bit(STRIPE_INSYNC, &sh->state))
++ break;
++
++ /* either failed parity check, or recovery is happening */
++ BUG_ON(!test_bit(R5_UPTODATE, &dev->flags));
++ BUG_ON(s->uptodate != disks);
++
++ set_bit(R5_LOCKED, &dev->flags);
++ s->locked++;
++ set_bit(R5_Wantwrite, &dev->flags);
++
++ clear_bit(STRIPE_DEGRADED, &sh->state);
++ set_bit(STRIPE_INSYNC, &sh->state);
++ break;
++ case check_state_run:
++ break; /* we will be called again upon completion */
++ case check_state_check_result:
++ sh->check_state = check_state_idle;
++
++ /* if a failure occurred during the check operation, leave
++ * STRIPE_INSYNC not set and let the stripe be handled again
++ */
++ if (s->failed)
++ break;
++
++ /* handle a successful check operation, if parity is correct
++ * we are done. Otherwise update the mismatch count and repair
++ * parity if !MD_RECOVERY_CHECK
++ */
++ if ((sh->ops.zero_sum_result & SUM_CHECK_P_RESULT) == 0)
++ /* parity is correct (on disc,
++ * not in buffer any more)
++ */
++ set_bit(STRIPE_INSYNC, &sh->state);
++ else {
++ atomic64_add(STRIPE_SECTORS, &conf->mddev->resync_mismatches);
++ if (test_bit(MD_RECOVERY_CHECK, &conf->mddev->recovery))
++ /* don't try to repair!! */
++ set_bit(STRIPE_INSYNC, &sh->state);
++ else {
++ sh->check_state = check_state_compute_run;
++ set_bit(STRIPE_COMPUTE_RUN, &sh->state);
++ set_bit(STRIPE_OP_COMPUTE_BLK, &s->ops_request);
++ set_bit(R5_Wantcompute,
++ &sh->dev[sh->pd_idx].flags);
++ sh->ops.target = sh->pd_idx;
++ sh->ops.target2 = -1;
++ s->uptodate++;
++ }
++ }
++ break;
++ case check_state_compute_run:
++ break;
++ default:
++ printk(KERN_ERR "%s: unknown check_state: %d sector: %llu\n",
++ __func__, sh->check_state,
++ (unsigned long long) sh->sector);
++ BUG();
++ }
++}
++
++static void handle_parity_checks6(struct r5conf *conf, struct stripe_head *sh,
++ struct stripe_head_state *s,
++ int disks)
++{
++ int pd_idx = sh->pd_idx;
++ int qd_idx = sh->qd_idx;
++ struct r5dev *dev;
++
++ set_bit(STRIPE_HANDLE, &sh->state);
++
++ BUG_ON(s->failed > 2);
++
++ /* Want to check and possibly repair P and Q.
++ * However there could be one 'failed' device, in which
++ * case we can only check one of them, possibly using the
++ * other to generate missing data
++ */
++
++ switch (sh->check_state) {
++ case check_state_idle:
++ /* start a new check operation if there are < 2 failures */
++ if (s->failed == s->q_failed) {
++ /* The only possible failed device holds Q, so it
++ * makes sense to check P (If anything else were failed,
++ * we would have used P to recreate it).
++ */
++ sh->check_state = check_state_run;
++ }
++ if (!s->q_failed && s->failed < 2) {
++ /* Q is not failed, and we didn't use it to generate
++ * anything, so it makes sense to check it
++ */
++ if (sh->check_state == check_state_run)
++ sh->check_state = check_state_run_pq;
++ else
++ sh->check_state = check_state_run_q;
++ }
++
++ /* discard potentially stale zero_sum_result */
++ sh->ops.zero_sum_result = 0;
++
++ if (sh->check_state == check_state_run) {
++ /* async_xor_zero_sum destroys the contents of P */
++ clear_bit(R5_UPTODATE, &sh->dev[pd_idx].flags);
++ s->uptodate--;
++ }
++ if (sh->check_state >= check_state_run &&
++ sh->check_state <= check_state_run_pq) {
++ /* async_syndrome_zero_sum preserves P and Q, so
++ * no need to mark them !uptodate here
++ */
++ set_bit(STRIPE_OP_CHECK, &s->ops_request);
++ break;
++ }
++
++ /* we have 2-disk failure */
++ BUG_ON(s->failed != 2);
++ /* fall through */
++ case check_state_compute_result:
++ sh->check_state = check_state_idle;
++
++ /* check that a write has not made the stripe insync */
++ if (test_bit(STRIPE_INSYNC, &sh->state))
++ break;
++
++ /* now write out any block on a failed drive,
++ * or P or Q if they were recomputed
++ */
++ BUG_ON(s->uptodate < disks - 1); /* We don't need Q to recover */
++ if (s->failed == 2) {
++ dev = &sh->dev[s->failed_num[1]];
++ s->locked++;
++ set_bit(R5_LOCKED, &dev->flags);
++ set_bit(R5_Wantwrite, &dev->flags);
++ }
++ if (s->failed >= 1) {
++ dev = &sh->dev[s->failed_num[0]];
++ s->locked++;
++ set_bit(R5_LOCKED, &dev->flags);
++ set_bit(R5_Wantwrite, &dev->flags);
++ }
++ if (sh->ops.zero_sum_result & SUM_CHECK_P_RESULT) {
++ dev = &sh->dev[pd_idx];
++ s->locked++;
++ set_bit(R5_LOCKED, &dev->flags);
++ set_bit(R5_Wantwrite, &dev->flags);
++ }
++ if (sh->ops.zero_sum_result & SUM_CHECK_Q_RESULT) {
++ dev = &sh->dev[qd_idx];
++ s->locked++;
++ set_bit(R5_LOCKED, &dev->flags);
++ set_bit(R5_Wantwrite, &dev->flags);
++ }
++ clear_bit(STRIPE_DEGRADED, &sh->state);
++
++ set_bit(STRIPE_INSYNC, &sh->state);
++ break;
++ case check_state_run:
++ case check_state_run_q:
++ case check_state_run_pq:
++ break; /* we will be called again upon completion */
++ case check_state_check_result:
++ sh->check_state = check_state_idle;
++
++ /* handle a successful check operation, if parity is correct
++ * we are done. Otherwise update the mismatch count and repair
++ * parity if !MD_RECOVERY_CHECK
++ */
++ if (sh->ops.zero_sum_result == 0) {
++ /* both parities are correct */
++ if (!s->failed)
++ set_bit(STRIPE_INSYNC, &sh->state);
++ else {
++ /* in contrast to the raid5 case we can validate
++ * parity, but still have a failure to write
++ * back
++ */
++ sh->check_state = check_state_compute_result;
++ /* Returning at this point means that we may go
++ * off and bring p and/or q uptodate again so
++ * we make sure to check zero_sum_result again
++ * to verify if p or q need writeback
++ */
++ }
++ } else {
++ atomic64_add(STRIPE_SECTORS, &conf->mddev->resync_mismatches);
++ if (test_bit(MD_RECOVERY_CHECK, &conf->mddev->recovery))
++ /* don't try to repair!! */
++ set_bit(STRIPE_INSYNC, &sh->state);
++ else {
++ int *target = &sh->ops.target;
++
++ sh->ops.target = -1;
++ sh->ops.target2 = -1;
++ sh->check_state = check_state_compute_run;
++ set_bit(STRIPE_COMPUTE_RUN, &sh->state);
++ set_bit(STRIPE_OP_COMPUTE_BLK, &s->ops_request);
++ if (sh->ops.zero_sum_result & SUM_CHECK_P_RESULT) {
++ set_bit(R5_Wantcompute,
++ &sh->dev[pd_idx].flags);
++ *target = pd_idx;
++ target = &sh->ops.target2;
++ s->uptodate++;
++ }
++ if (sh->ops.zero_sum_result & SUM_CHECK_Q_RESULT) {
++ set_bit(R5_Wantcompute,
++ &sh->dev[qd_idx].flags);
++ *target = qd_idx;
++ s->uptodate++;
++ }
++ }
++ }
++ break;
++ case check_state_compute_run:
++ break;
++ default:
++ printk(KERN_ERR "%s: unknown check_state: %d sector: %llu\n",
++ __func__, sh->check_state,
++ (unsigned long long) sh->sector);
++ BUG();
++ }
++}
++
++static void handle_stripe_expansion(struct r5conf *conf, struct stripe_head *sh)
++{
++ int i;
++
++ /* We have read all the blocks in this stripe and now we need to
++ * copy some of them into a target stripe for expand.
++ */
++ struct dma_async_tx_descriptor *tx = NULL;
++ clear_bit(STRIPE_EXPAND_SOURCE, &sh->state);
++ for (i = 0; i < sh->disks; i++)
++ if (i != sh->pd_idx && i != sh->qd_idx) {
++ int dd_idx, j;
++ struct stripe_head *sh2;
++ struct async_submit_ctl submit;
++
++ sector_t bn = compute_blocknr(sh, i, 1);
++ sector_t s = raid5_compute_sector(conf, bn, 0,
++ &dd_idx, NULL);
++ sh2 = get_active_stripe(conf, s, 0, 1, 1);
++ if (sh2 == NULL)
++ /* so far only the early blocks of this stripe
++ * have been requested. When later blocks
++ * get requested, we will try again
++ */
++ continue;
++ if (!test_bit(STRIPE_EXPANDING, &sh2->state) ||
++ test_bit(R5_Expanded, &sh2->dev[dd_idx].flags)) {
++ /* must have already done this block */
++ release_stripe(sh2);
++ continue;
++ }
++
++ /* place all the copies on one channel */
++ init_async_submit(&submit, 0, tx, NULL, NULL, NULL);
++ tx = async_memcpy(sh2->dev[dd_idx].page,
++ sh->dev[i].page, 0, 0, STRIPE_SIZE,
++ &submit);
++
++ set_bit(R5_Expanded, &sh2->dev[dd_idx].flags);
++ set_bit(R5_UPTODATE, &sh2->dev[dd_idx].flags);
++ for (j = 0; j < conf->raid_disks; j++)
++ if (j != sh2->pd_idx &&
++ j != sh2->qd_idx &&
++ !test_bit(R5_Expanded, &sh2->dev[j].flags))
++ break;
++ if (j == conf->raid_disks) {
++ set_bit(STRIPE_EXPAND_READY, &sh2->state);
++ set_bit(STRIPE_HANDLE, &sh2->state);
++ }
++ release_stripe(sh2);
++
++ }
++ /* done submitting copies, wait for them to complete */
++ async_tx_quiesce(&tx);
++}
++
++/*
++ * handle_stripe - do things to a stripe.
++ *
++ * We lock the stripe by setting STRIPE_ACTIVE and then examine the
++ * state of various bits to see what needs to be done.
++ * Possible results:
++ * return some read requests which now have data
++ * return some write requests which are safely on storage
++ * schedule a read on some buffers
++ * schedule a write of some buffers
++ * return confirmation of parity correctness
++ *
++ */
++
++static void analyse_stripe(struct stripe_head *sh, struct stripe_head_state *s)
++{
++ struct r5conf *conf = sh->raid_conf;
++ int disks = sh->disks;
++ struct r5dev *dev;
++ int i;
++ int do_recovery = 0;
++
++ memset(s, 0, sizeof(*s));
++
++ s->expanding = test_bit(STRIPE_EXPAND_SOURCE, &sh->state);
++ s->expanded = test_bit(STRIPE_EXPAND_READY, &sh->state);
++ s->failed_num[0] = -1;
++ s->failed_num[1] = -1;
++
++ /* Now to look around and see what can be done */
++ rcu_read_lock();
++ for (i=disks; i--; ) {
++ struct md_rdev *rdev;
++ sector_t first_bad;
++ int bad_sectors;
++ int is_bad = 0;
++
++ dev = &sh->dev[i];
++
++ pr_debug("check %d: state 0x%lx read %p write %p written %p\n",
++ i, dev->flags,
++ dev->toread, dev->towrite, dev->written);
++ /* maybe we can reply to a read
++ *
++ * new wantfill requests are only permitted while
++ * ops_complete_biofill is guaranteed to be inactive
++ */
++ if (test_bit(R5_UPTODATE, &dev->flags) && dev->toread &&
++ !test_bit(STRIPE_BIOFILL_RUN, &sh->state))
++ set_bit(R5_Wantfill, &dev->flags);
++
++ /* now count some things */
++ if (test_bit(R5_LOCKED, &dev->flags))
++ s->locked++;
++ if (test_bit(R5_UPTODATE, &dev->flags))
++ s->uptodate++;
++ if (test_bit(R5_Wantcompute, &dev->flags)) {
++ s->compute++;
++ BUG_ON(s->compute > 2);
++ }
++
++ if (test_bit(R5_Wantfill, &dev->flags))
++ s->to_fill++;
++ else if (dev->toread)
++ s->to_read++;
++ if (dev->towrite) {
++ s->to_write++;
++ if (!test_bit(R5_OVERWRITE, &dev->flags))
++ s->non_overwrite++;
++ }
++ if (dev->written)
++ s->written++;
++ /* Prefer to use the replacement for reads, but only
++ * if it is recovered enough and has no bad blocks.
++ */
++ rdev = rcu_dereference(conf->disks[i].replacement);
++ if (rdev && !test_bit(Faulty, &rdev->flags) &&
++ rdev->recovery_offset >= sh->sector + STRIPE_SECTORS &&
++ !is_badblock(rdev, sh->sector, STRIPE_SECTORS,
++ &first_bad, &bad_sectors))
++ set_bit(R5_ReadRepl, &dev->flags);
++ else {
++ if (rdev)
++ set_bit(R5_NeedReplace, &dev->flags);
++ rdev = rcu_dereference(conf->disks[i].rdev);
++ clear_bit(R5_ReadRepl, &dev->flags);
++ }
++ if (rdev && test_bit(Faulty, &rdev->flags))
++ rdev = NULL;
++ if (rdev) {
++ is_bad = is_badblock(rdev, sh->sector, STRIPE_SECTORS,
++ &first_bad, &bad_sectors);
++ if (s->blocked_rdev == NULL
++ && (test_bit(Blocked, &rdev->flags)
++ || is_bad < 0)) {
++ if (is_bad < 0)
++ set_bit(BlockedBadBlocks,
++ &rdev->flags);
++ s->blocked_rdev = rdev;
++ atomic_inc(&rdev->nr_pending);
++ }
++ }
++ clear_bit(R5_Insync, &dev->flags);
++ if (!rdev)
++ /* Not in-sync */;
++ else if (is_bad) {
++ /* also not in-sync */
++ if (!test_bit(WriteErrorSeen, &rdev->flags) &&
++ test_bit(R5_UPTODATE, &dev->flags)) {
++ /* treat as in-sync, but with a read error
++ * which we can now try to correct
++ */
++ set_bit(R5_Insync, &dev->flags);
++ set_bit(R5_ReadError, &dev->flags);
++ }
++ } else if (test_bit(In_sync, &rdev->flags))
++ set_bit(R5_Insync, &dev->flags);
++ else if (sh->sector + STRIPE_SECTORS <= rdev->recovery_offset)
++ /* in sync if before recovery_offset */
++ set_bit(R5_Insync, &dev->flags);
++ else if (test_bit(R5_UPTODATE, &dev->flags) &&
++ test_bit(R5_Expanded, &dev->flags))
++ /* If we've reshaped into here, we assume it is Insync.
++ * We will shortly update recovery_offset to make
++ * it official.
++ */
++ set_bit(R5_Insync, &dev->flags);
++
++ if (test_bit(R5_WriteError, &dev->flags)) {
++ /* This flag does not apply to '.replacement'
++ * only to .rdev, so make sure to check that*/
++ struct md_rdev *rdev2 = rcu_dereference(
++ conf->disks[i].rdev);
++ if (rdev2 == rdev)
++ clear_bit(R5_Insync, &dev->flags);
++ if (rdev2 && !test_bit(Faulty, &rdev2->flags)) {
++ s->handle_bad_blocks = 1;
++ atomic_inc(&rdev2->nr_pending);
++ } else
++ clear_bit(R5_WriteError, &dev->flags);
++ }
++ if (test_bit(R5_MadeGood, &dev->flags)) {
++ /* This flag does not apply to '.replacement'
++ * only to .rdev, so make sure to check that*/
++ struct md_rdev *rdev2 = rcu_dereference(
++ conf->disks[i].rdev);
++ if (rdev2 && !test_bit(Faulty, &rdev2->flags)) {
++ s->handle_bad_blocks = 1;
++ atomic_inc(&rdev2->nr_pending);
++ } else
++ clear_bit(R5_MadeGood, &dev->flags);
++ }
++ if (test_bit(R5_MadeGoodRepl, &dev->flags)) {
++ struct md_rdev *rdev2 = rcu_dereference(
++ conf->disks[i].replacement);
++ if (rdev2 && !test_bit(Faulty, &rdev2->flags)) {
++ s->handle_bad_blocks = 1;
++ atomic_inc(&rdev2->nr_pending);
++ } else
++ clear_bit(R5_MadeGoodRepl, &dev->flags);
++ }
++ if (!test_bit(R5_Insync, &dev->flags)) {
++ /* The ReadError flag will just be confusing now */
++ clear_bit(R5_ReadError, &dev->flags);
++ clear_bit(R5_ReWrite, &dev->flags);
++ }
++ if (test_bit(R5_ReadError, &dev->flags))
++ clear_bit(R5_Insync, &dev->flags);
++ if (!test_bit(R5_Insync, &dev->flags)) {
++ if (s->failed < 2)
++ s->failed_num[s->failed] = i;
++ s->failed++;
++ if (rdev && !test_bit(Faulty, &rdev->flags))
++ do_recovery = 1;
++ }
++ }
++ if (test_bit(STRIPE_SYNCING, &sh->state)) {
++ /* If there is a failed device being replaced,
++ * we must be recovering.
++ * else if we are after recovery_cp, we must be syncing
++ * else if MD_RECOVERY_REQUESTED is set, we also are syncing.
++ * else we can only be replacing
++ * sync and recovery both need to read all devices, and so
++ * use the same flag.
++ */
++ if (do_recovery ||
++ sh->sector >= conf->mddev->recovery_cp ||
++ test_bit(MD_RECOVERY_REQUESTED, &(conf->mddev->recovery)))
++ s->syncing = 1;
++ else
++ s->replacing = 1;
++ }
++ rcu_read_unlock();
++}
++
++static void handle_stripe(struct stripe_head *sh)
++{
++ struct stripe_head_state s;
++ struct r5conf *conf = sh->raid_conf;
++ int i;
++ int prexor;
++ int disks = sh->disks;
++ struct r5dev *pdev, *qdev;
++
++ clear_bit(STRIPE_HANDLE, &sh->state);
++ if (test_and_set_bit_lock(STRIPE_ACTIVE, &sh->state)) {
++ /* already being handled, ensure it gets handled
++ * again when current action finishes */
++ set_bit(STRIPE_HANDLE, &sh->state);
++ return;
++ }
++
++ if (test_bit(STRIPE_SYNC_REQUESTED, &sh->state)) {
++ spin_lock(&sh->stripe_lock);
++ /* Cannot process 'sync' concurrently with 'discard' */
++ if (!test_bit(STRIPE_DISCARD, &sh->state) &&
++ test_and_clear_bit(STRIPE_SYNC_REQUESTED, &sh->state)) {
++ set_bit(STRIPE_SYNCING, &sh->state);
++ clear_bit(STRIPE_INSYNC, &sh->state);
++ clear_bit(STRIPE_REPLACED, &sh->state);
++ }
++ spin_unlock(&sh->stripe_lock);
++ }
++ clear_bit(STRIPE_DELAYED, &sh->state);
++
++ pr_debug("handling stripe %llu, state=%#lx cnt=%d, "
++ "pd_idx=%d, qd_idx=%d\n, check:%d, reconstruct:%d\n",
++ (unsigned long long)sh->sector, sh->state,
++ atomic_read(&sh->count), sh->pd_idx, sh->qd_idx,
++ sh->check_state, sh->reconstruct_state);
++
++ analyse_stripe(sh, &s);
++
++ if (s.handle_bad_blocks) {
++ set_bit(STRIPE_HANDLE, &sh->state);
++ goto finish;
++ }
++
++ if (unlikely(s.blocked_rdev)) {
++ if (s.syncing || s.expanding || s.expanded ||
++ s.replacing || s.to_write || s.written) {
++ set_bit(STRIPE_HANDLE, &sh->state);
++ goto finish;
++ }
++ /* There is nothing for the blocked_rdev to block */
++ rdev_dec_pending(s.blocked_rdev, conf->mddev);
++ s.blocked_rdev = NULL;
++ }
++
++ if (s.to_fill && !test_bit(STRIPE_BIOFILL_RUN, &sh->state)) {
++ set_bit(STRIPE_OP_BIOFILL, &s.ops_request);
++ set_bit(STRIPE_BIOFILL_RUN, &sh->state);
++ }
++
++ pr_debug("locked=%d uptodate=%d to_read=%d"
++ " to_write=%d failed=%d failed_num=%d,%d\n",
++ s.locked, s.uptodate, s.to_read, s.to_write, s.failed,
++ s.failed_num[0], s.failed_num[1]);
++ /* check if the array has lost more than max_degraded devices and,
++ * if so, some requests might need to be failed.
++ */
++ if (s.failed > conf->max_degraded) {
++ sh->check_state = 0;
++ sh->reconstruct_state = 0;
++ if (s.to_read+s.to_write+s.written)
++ handle_failed_stripe(conf, sh, &s, disks, &s.return_bi);
++ if (s.syncing + s.replacing)
++ handle_failed_sync(conf, sh, &s);
++ }
++
++ /* Now we check to see if any write operations have recently
++ * completed
++ */
++ prexor = 0;
++ if (sh->reconstruct_state == reconstruct_state_prexor_drain_result)
++ prexor = 1;
++ if (sh->reconstruct_state == reconstruct_state_drain_result ||
++ sh->reconstruct_state == reconstruct_state_prexor_drain_result) {
++ sh->reconstruct_state = reconstruct_state_idle;
++
++ /* All the 'written' buffers and the parity block are ready to
++ * be written back to disk
++ */
++ BUG_ON(!test_bit(R5_UPTODATE, &sh->dev[sh->pd_idx].flags) &&
++ !test_bit(R5_Discard, &sh->dev[sh->pd_idx].flags));
++ BUG_ON(sh->qd_idx >= 0 &&
++ !test_bit(R5_UPTODATE, &sh->dev[sh->qd_idx].flags) &&
++ !test_bit(R5_Discard, &sh->dev[sh->qd_idx].flags));
++ for (i = disks; i--; ) {
++ struct r5dev *dev = &sh->dev[i];
++ if (test_bit(R5_LOCKED, &dev->flags) &&
++ (i == sh->pd_idx || i == sh->qd_idx ||
++ dev->written)) {
++ pr_debug("Writing block %d\n", i);
++ set_bit(R5_Wantwrite, &dev->flags);
++ if (prexor)
++ continue;
++ if (s.failed > 1)
++ continue;
++ if (!test_bit(R5_Insync, &dev->flags) ||
++ ((i == sh->pd_idx || i == sh->qd_idx) &&
++ s.failed == 0))
++ set_bit(STRIPE_INSYNC, &sh->state);
++ }
++ }
++ if (test_and_clear_bit(STRIPE_PREREAD_ACTIVE, &sh->state))
++ s.dec_preread_active = 1;
++ }
++
++ /*
++ * might be able to return some write requests if the parity blocks
++ * are safe, or on a failed drive
++ */
++ pdev = &sh->dev[sh->pd_idx];
++ s.p_failed = (s.failed >= 1 && s.failed_num[0] == sh->pd_idx)
++ || (s.failed >= 2 && s.failed_num[1] == sh->pd_idx);
++ qdev = &sh->dev[sh->qd_idx];
++ s.q_failed = (s.failed >= 1 && s.failed_num[0] == sh->qd_idx)
++ || (s.failed >= 2 && s.failed_num[1] == sh->qd_idx)
++ || conf->level < 6;
++
++ if (s.written &&
++ (s.p_failed || ((test_bit(R5_Insync, &pdev->flags)
++ && !test_bit(R5_LOCKED, &pdev->flags)
++ && (test_bit(R5_UPTODATE, &pdev->flags) ||
++ test_bit(R5_Discard, &pdev->flags))))) &&
++ (s.q_failed || ((test_bit(R5_Insync, &qdev->flags)
++ && !test_bit(R5_LOCKED, &qdev->flags)
++ && (test_bit(R5_UPTODATE, &qdev->flags) ||
++ test_bit(R5_Discard, &qdev->flags))))))
++ handle_stripe_clean_event(conf, sh, disks, &s.return_bi);
++
++ /* Now we might consider reading some blocks, either to check/generate
++ * parity, or to satisfy requests
++ * or to load a block that is being partially written.
++ */
++ if (s.to_read || s.non_overwrite
++ || (conf->level == 6 && s.to_write && s.failed)
++ || (s.syncing && (s.uptodate + s.compute < disks))
++ || s.replacing
++ || s.expanding)
++ handle_stripe_fill(sh, &s, disks);
++
++ /* Now to consider new write requests and what else, if anything
++ * should be read. We do not handle new writes when:
++ * 1/ A 'write' operation (copy+xor) is already in flight.
++ * 2/ A 'check' operation is in flight, as it may clobber the parity
++ * block.
++ */
++ if (s.to_write && !sh->reconstruct_state && !sh->check_state)
++ handle_stripe_dirtying(conf, sh, &s, disks);
++
++ /* maybe we need to check and possibly fix the parity for this stripe
++ * Any reads will already have been scheduled, so we just see if enough
++ * data is available. The parity check is held off while parity
++ * dependent operations are in flight.
++ */
++ if (sh->check_state ||
++ (s.syncing && s.locked == 0 &&
++ !test_bit(STRIPE_COMPUTE_RUN, &sh->state) &&
++ !test_bit(STRIPE_INSYNC, &sh->state))) {
++ if (conf->level == 6)
++ handle_parity_checks6(conf, sh, &s, disks);
++ else
++ handle_parity_checks5(conf, sh, &s, disks);
++ }
++
++ if ((s.replacing || s.syncing) && s.locked == 0
++ && !test_bit(STRIPE_COMPUTE_RUN, &sh->state)
++ && !test_bit(STRIPE_REPLACED, &sh->state)) {
++ /* Write out to replacement devices where possible */
++ for (i = 0; i < conf->raid_disks; i++)
++ if (test_bit(R5_NeedReplace, &sh->dev[i].flags)) {
++ WARN_ON(!test_bit(R5_UPTODATE, &sh->dev[i].flags));
++ set_bit(R5_WantReplace, &sh->dev[i].flags);
++ set_bit(R5_LOCKED, &sh->dev[i].flags);
++ s.locked++;
++ }
++ if (s.replacing)
++ set_bit(STRIPE_INSYNC, &sh->state);
++ set_bit(STRIPE_REPLACED, &sh->state);
++ }
++ if ((s.syncing || s.replacing) && s.locked == 0 &&
++ !test_bit(STRIPE_COMPUTE_RUN, &sh->state) &&
++ test_bit(STRIPE_INSYNC, &sh->state)) {
++ md_done_sync(conf->mddev, STRIPE_SECTORS, 1);
++ clear_bit(STRIPE_SYNCING, &sh->state);
++ if (test_and_clear_bit(R5_Overlap, &sh->dev[sh->pd_idx].flags))
++ wake_up(&conf->wait_for_overlap);
++ }
++
++ /* If the failed drives are just a ReadError, then we might need
++ * to progress the repair/check process
++ */
++ if (s.failed <= conf->max_degraded && !conf->mddev->ro)
++ for (i = 0; i < s.failed; i++) {
++ struct r5dev *dev = &sh->dev[s.failed_num[i]];
++ if (test_bit(R5_ReadError, &dev->flags)
++ && !test_bit(R5_LOCKED, &dev->flags)
++ && test_bit(R5_UPTODATE, &dev->flags)
++ ) {
++ if (!test_bit(R5_ReWrite, &dev->flags)) {
++ set_bit(R5_Wantwrite, &dev->flags);
++ set_bit(R5_ReWrite, &dev->flags);
++ set_bit(R5_LOCKED, &dev->flags);
++ s.locked++;
++ } else {
++ /* let's read it back */
++ set_bit(R5_Wantread, &dev->flags);
++ set_bit(R5_LOCKED, &dev->flags);
++ s.locked++;
++ }
++ }
++ }
++
++ /* Finish reconstruct operations initiated by the expansion process */
++ if (sh->reconstruct_state == reconstruct_state_result) {
++ struct stripe_head *sh_src
++ = get_active_stripe(conf, sh->sector, 1, 1, 1);
++ if (sh_src && test_bit(STRIPE_EXPAND_SOURCE, &sh_src->state)) {
++ /* sh cannot be written until sh_src has been read.
++ * so arrange for sh to be delayed a little
++ */
++ set_bit(STRIPE_DELAYED, &sh->state);
++ set_bit(STRIPE_HANDLE, &sh->state);
++ if (!test_and_set_bit(STRIPE_PREREAD_ACTIVE,
++ &sh_src->state))
++ atomic_inc(&conf->preread_active_stripes);
++ release_stripe(sh_src);
++ goto finish;
++ }
++ if (sh_src)
++ release_stripe(sh_src);
++
++ sh->reconstruct_state = reconstruct_state_idle;
++ clear_bit(STRIPE_EXPANDING, &sh->state);
++ for (i = conf->raid_disks; i--; ) {
++ set_bit(R5_Wantwrite, &sh->dev[i].flags);
++ set_bit(R5_LOCKED, &sh->dev[i].flags);
++ s.locked++;
++ }
++ }
++
++ if (s.expanded && test_bit(STRIPE_EXPANDING, &sh->state) &&
++ !sh->reconstruct_state) {
++ /* Need to write out all blocks after computing parity */
++ sh->disks = conf->raid_disks;
++ stripe_set_idx(sh->sector, conf, 0, sh);
++ schedule_reconstruction(sh, &s, 1, 1);
++ } else if (s.expanded && !sh->reconstruct_state && s.locked == 0) {
++ clear_bit(STRIPE_EXPAND_READY, &sh->state);
++ atomic_dec(&conf->reshape_stripes);
++ wake_up(&conf->wait_for_overlap);
++ md_done_sync(conf->mddev, STRIPE_SECTORS, 1);
++ }
++
++ if (s.expanding && s.locked == 0 &&
++ !test_bit(STRIPE_COMPUTE_RUN, &sh->state))
++ handle_stripe_expansion(conf, sh);
++
++finish:
++ /* wait for this device to become unblocked */
++ if (unlikely(s.blocked_rdev)) {
++ if (conf->mddev->external)
++ md_wait_for_blocked_rdev(s.blocked_rdev,
++ conf->mddev);
++ else
++ /* Internal metadata will immediately
++ * be written by raid5d, so we don't
++ * need to wait here.
++ */
++ rdev_dec_pending(s.blocked_rdev,
++ conf->mddev);
++ }
++
++ if (s.handle_bad_blocks)
++ for (i = disks; i--; ) {
++ struct md_rdev *rdev;
++ struct r5dev *dev = &sh->dev[i];
++ if (test_and_clear_bit(R5_WriteError, &dev->flags)) {
++ /* We own a safe reference to the rdev */
++ rdev = conf->disks[i].rdev;
++ if (!rdev_set_badblocks(rdev, sh->sector,
++ STRIPE_SECTORS, 0))
++ md_error(conf->mddev, rdev);
++ rdev_dec_pending(rdev, conf->mddev);
++ }
++ if (test_and_clear_bit(R5_MadeGood, &dev->flags)) {
++ rdev = conf->disks[i].rdev;
++ rdev_clear_badblocks(rdev, sh->sector,
++ STRIPE_SECTORS, 0);
++ rdev_dec_pending(rdev, conf->mddev);
++ }
++ if (test_and_clear_bit(R5_MadeGoodRepl, &dev->flags)) {
++ rdev = conf->disks[i].replacement;
++ if (!rdev)
++ /* rdev have been moved down */
++ rdev = conf->disks[i].rdev;
++ rdev_clear_badblocks(rdev, sh->sector,
++ STRIPE_SECTORS, 0);
++ rdev_dec_pending(rdev, conf->mddev);
++ }
++ }
++
++ if (s.ops_request)
++ raid_run_ops(sh, s.ops_request);
++
++ ops_run_io(sh, &s);
++
++ if (s.dec_preread_active) {
++ /* We delay this until after ops_run_io so that if make_request
++ * is waiting on a flush, it won't continue until the writes
++ * have actually been submitted.
++ */
++ atomic_dec(&conf->preread_active_stripes);
++ if (atomic_read(&conf->preread_active_stripes) <
++ IO_THRESHOLD)
++ md_wakeup_thread(conf->mddev->thread);
++ }
++
++ return_io(s.return_bi);
++
++ clear_bit_unlock(STRIPE_ACTIVE, &sh->state);
++}
++
++static void raid5_activate_delayed(struct r5conf *conf)
++{
++ if (atomic_read(&conf->preread_active_stripes) < IO_THRESHOLD) {
++ while (!list_empty(&conf->delayed_list)) {
++ struct list_head *l = conf->delayed_list.next;
++ struct stripe_head *sh;
++ sh = list_entry(l, struct stripe_head, lru);
++ list_del_init(l);
++ clear_bit(STRIPE_DELAYED, &sh->state);
++ if (!test_and_set_bit(STRIPE_PREREAD_ACTIVE, &sh->state))
++ atomic_inc(&conf->preread_active_stripes);
++ list_add_tail(&sh->lru, &conf->hold_list);
++ raid5_wakeup_stripe_thread(sh);
++ }
++ }
++}
++
++static void activate_bit_delay(struct r5conf *conf,
++ struct list_head *temp_inactive_list)
++{
++ /* device_lock is held */
++ struct list_head head;
++ list_add(&head, &conf->bitmap_list);
++ list_del_init(&conf->bitmap_list);
++ while (!list_empty(&head)) {
++ struct stripe_head *sh = list_entry(head.next, struct stripe_head, lru);
++ int hash;
++ list_del_init(&sh->lru);
++ atomic_inc(&sh->count);
++ hash = sh->hash_lock_index;
++ __release_stripe(conf, sh, &temp_inactive_list[hash]);
++ }
++}
++
++int md_raid5_congested(struct mddev *mddev, int bits)
++{
++ struct r5conf *conf = mddev->private;
++
++ /* No difference between reads and writes. Just check
++ * how busy the stripe_cache is
++ */
++
++ if (conf->inactive_blocked)
++ return 1;
++ if (conf->quiesce)
++ return 1;
++ if (atomic_read(&conf->empty_inactive_list_nr))
++ return 1;
++
++ return 0;
++}
++EXPORT_SYMBOL_GPL(md_raid5_congested);
++
++static int raid5_congested(void *data, int bits)
++{
++ struct mddev *mddev = data;
++
++ return mddev_congested(mddev, bits) ||
++ md_raid5_congested(mddev, bits);
++}
++
++/* We want read requests to align with chunks where possible,
++ * but write requests don't need to.
++ */
++static int raid5_mergeable_bvec(struct request_queue *q,
++ struct bvec_merge_data *bvm,
++ struct bio_vec *biovec)
++{
++ struct mddev *mddev = q->queuedata;
++ sector_t sector = bvm->bi_sector + get_start_sect(bvm->bi_bdev);
++ int max;
++ unsigned int chunk_sectors = mddev->chunk_sectors;
++ unsigned int bio_sectors = bvm->bi_size >> 9;
++
++ if ((bvm->bi_rw & 1) == WRITE)
++ return biovec->bv_len; /* always allow writes to be mergeable */
++
++ if (mddev->new_chunk_sectors < mddev->chunk_sectors)
++ chunk_sectors = mddev->new_chunk_sectors;
++ max = (chunk_sectors - ((sector & (chunk_sectors - 1)) + bio_sectors)) << 9;
++ if (max < 0) max = 0;
++ if (max <= biovec->bv_len && bio_sectors == 0)
++ return biovec->bv_len;
++ else
++ return max;
++}
++
++static int in_chunk_boundary(struct mddev *mddev, struct bio *bio)
++{
++ sector_t sector = bio->bi_iter.bi_sector + get_start_sect(bio->bi_bdev);
++ unsigned int chunk_sectors = mddev->chunk_sectors;
++ unsigned int bio_sectors = bio_sectors(bio);
++
++ if (mddev->new_chunk_sectors < mddev->chunk_sectors)
++ chunk_sectors = mddev->new_chunk_sectors;
++ return chunk_sectors >=
++ ((sector & (chunk_sectors - 1)) + bio_sectors);
++}
++
++/*
++ * add bio to the retry LIFO ( in O(1) ... we are in interrupt )
++ * later sampled by raid5d.
++ */
++static void add_bio_to_retry(struct bio *bi,struct r5conf *conf)
++{
++ unsigned long flags;
++
++ spin_lock_irqsave(&conf->device_lock, flags);
++
++ bi->bi_next = conf->retry_read_aligned_list;
++ conf->retry_read_aligned_list = bi;
++
++ spin_unlock_irqrestore(&conf->device_lock, flags);
++ md_wakeup_thread(conf->mddev->thread);
++}
++
++static struct bio *remove_bio_from_retry(struct r5conf *conf)
++{
++ struct bio *bi;
++
++ bi = conf->retry_read_aligned;
++ if (bi) {
++ conf->retry_read_aligned = NULL;
++ return bi;
++ }
++ bi = conf->retry_read_aligned_list;
++ if(bi) {
++ conf->retry_read_aligned_list = bi->bi_next;
++ bi->bi_next = NULL;
++ /*
++ * this sets the active strip count to 1 and the processed
++ * strip count to zero (upper 8 bits)
++ */
++ raid5_set_bi_stripes(bi, 1); /* biased count of active stripes */
++ }
++
++ return bi;
++}
++
++/*
++ * The "raid5_align_endio" should check if the read succeeded and if it
++ * did, call bio_endio on the original bio (having bio_put the new bio
++ * first).
++ * If the read failed..
++ */
++static void raid5_align_endio(struct bio *bi, int error)
++{
++ struct bio* raid_bi = bi->bi_private;
++ struct mddev *mddev;
++ struct r5conf *conf;
++ int uptodate = test_bit(BIO_UPTODATE, &bi->bi_flags);
++ struct md_rdev *rdev;
++
++ bio_put(bi);
++
++ rdev = (void*)raid_bi->bi_next;
++ raid_bi->bi_next = NULL;
++ mddev = rdev->mddev;
++ conf = mddev->private;
++
++ rdev_dec_pending(rdev, conf->mddev);
++
++ if (!error && uptodate) {
++ trace_block_bio_complete(bdev_get_queue(raid_bi->bi_bdev),
++ raid_bi, 0);
++ bio_endio(raid_bi, 0);
++ if (atomic_dec_and_test(&conf->active_aligned_reads))
++ wake_up(&conf->wait_for_stripe);
++ return;
++ }
++
++ pr_debug("raid5_align_endio : io error...handing IO for a retry\n");
++
++ add_bio_to_retry(raid_bi, conf);
++}
++
++static int bio_fits_rdev(struct bio *bi)
++{
++ struct request_queue *q = bdev_get_queue(bi->bi_bdev);
++
++ if (bio_sectors(bi) > queue_max_sectors(q))
++ return 0;
++ blk_recount_segments(q, bi);
++ if (bi->bi_phys_segments > queue_max_segments(q))
++ return 0;
++
++ if (q->merge_bvec_fn)
++ /* it's too hard to apply the merge_bvec_fn at this stage,
++ * just just give up
++ */
++ return 0;
++
++ return 1;
++}
++
++static int chunk_aligned_read(struct mddev *mddev, struct bio * raid_bio)
++{
++ struct r5conf *conf = mddev->private;
++ int dd_idx;
++ struct bio* align_bi;
++ struct md_rdev *rdev;
++ sector_t end_sector;
++
++ if (!in_chunk_boundary(mddev, raid_bio)) {
++ pr_debug("chunk_aligned_read : non aligned\n");
++ return 0;
++ }
++ /*
++ * use bio_clone_mddev to make a copy of the bio
++ */
++ align_bi = bio_clone_mddev(raid_bio, GFP_NOIO, mddev);
++ if (!align_bi)
++ return 0;
++ /*
++ * set bi_end_io to a new function, and set bi_private to the
++ * original bio.
++ */
++ align_bi->bi_end_io = raid5_align_endio;
++ align_bi->bi_private = raid_bio;
++ /*
++ * compute position
++ */
++ align_bi->bi_iter.bi_sector =
++ raid5_compute_sector(conf, raid_bio->bi_iter.bi_sector,
++ 0, &dd_idx, NULL);
++
++ end_sector = bio_end_sector(align_bi);
++ rcu_read_lock();
++ rdev = rcu_dereference(conf->disks[dd_idx].replacement);
++ if (!rdev || test_bit(Faulty, &rdev->flags) ||
++ rdev->recovery_offset < end_sector) {
++ rdev = rcu_dereference(conf->disks[dd_idx].rdev);
++ if (rdev &&
++ (test_bit(Faulty, &rdev->flags) ||
++ !(test_bit(In_sync, &rdev->flags) ||
++ rdev->recovery_offset >= end_sector)))
++ rdev = NULL;
++ }
++ if (rdev) {
++ sector_t first_bad;
++ int bad_sectors;
++
++ atomic_inc(&rdev->nr_pending);
++ rcu_read_unlock();
++ raid_bio->bi_next = (void*)rdev;
++ align_bi->bi_bdev = rdev->bdev;
++ __clear_bit(BIO_SEG_VALID, &align_bi->bi_flags);
++
++ if (!bio_fits_rdev(align_bi) ||
++ is_badblock(rdev, align_bi->bi_iter.bi_sector,
++ bio_sectors(align_bi),
++ &first_bad, &bad_sectors)) {
++ /* too big in some way, or has a known bad block */
++ bio_put(align_bi);
++ rdev_dec_pending(rdev, mddev);
++ return 0;
++ }
++
++ /* No reshape active, so we can trust rdev->data_offset */
++ align_bi->bi_iter.bi_sector += rdev->data_offset;
++
++ spin_lock_irq(&conf->device_lock);
++ wait_event_lock_irq(conf->wait_for_stripe,
++ conf->quiesce == 0,
++ conf->device_lock);
++ atomic_inc(&conf->active_aligned_reads);
++ spin_unlock_irq(&conf->device_lock);
++
++ if (mddev->gendisk)
++ trace_block_bio_remap(bdev_get_queue(align_bi->bi_bdev),
++ align_bi, disk_devt(mddev->gendisk),
++ raid_bio->bi_iter.bi_sector);
++ generic_make_request(align_bi);
++ return 1;
++ } else {
++ rcu_read_unlock();
++ bio_put(align_bi);
++ return 0;
++ }
++}
++
++/* __get_priority_stripe - get the next stripe to process
++ *
++ * Full stripe writes are allowed to pass preread active stripes up until
++ * the bypass_threshold is exceeded. In general the bypass_count
++ * increments when the handle_list is handled before the hold_list; however, it
++ * will not be incremented when STRIPE_IO_STARTED is sampled set signifying a
++ * stripe with in flight i/o. The bypass_count will be reset when the
++ * head of the hold_list has changed, i.e. the head was promoted to the
++ * handle_list.
++ */
++static struct stripe_head *__get_priority_stripe(struct r5conf *conf, int group)
++{
++ struct stripe_head *sh = NULL, *tmp;
++ struct list_head *handle_list = NULL;
++ struct r5worker_group *wg = NULL;
++
++ if (conf->worker_cnt_per_group == 0) {
++ handle_list = &conf->handle_list;
++ } else if (group != ANY_GROUP) {
++ handle_list = &conf->worker_groups[group].handle_list;
++ wg = &conf->worker_groups[group];
++ } else {
++ int i;
++ for (i = 0; i < conf->group_cnt; i++) {
++ handle_list = &conf->worker_groups[i].handle_list;
++ wg = &conf->worker_groups[i];
++ if (!list_empty(handle_list))
++ break;
++ }
++ }
++
++ pr_debug("%s: handle: %s hold: %s full_writes: %d bypass_count: %d\n",
++ __func__,
++ list_empty(handle_list) ? "empty" : "busy",
++ list_empty(&conf->hold_list) ? "empty" : "busy",
++ atomic_read(&conf->pending_full_writes), conf->bypass_count);
++
++ if (!list_empty(handle_list)) {
++ sh = list_entry(handle_list->next, typeof(*sh), lru);
++
++ if (list_empty(&conf->hold_list))
++ conf->bypass_count = 0;
++ else if (!test_bit(STRIPE_IO_STARTED, &sh->state)) {
++ if (conf->hold_list.next == conf->last_hold)
++ conf->bypass_count++;
++ else {
++ conf->last_hold = conf->hold_list.next;
++ conf->bypass_count -= conf->bypass_threshold;
++ if (conf->bypass_count < 0)
++ conf->bypass_count = 0;
++ }
++ }
++ } else if (!list_empty(&conf->hold_list) &&
++ ((conf->bypass_threshold &&
++ conf->bypass_count > conf->bypass_threshold) ||
++ atomic_read(&conf->pending_full_writes) == 0)) {
++
++ list_for_each_entry(tmp, &conf->hold_list, lru) {
++ if (conf->worker_cnt_per_group == 0 ||
++ group == ANY_GROUP ||
++ !cpu_online(tmp->cpu) ||
++ cpu_to_group(tmp->cpu) == group) {
++ sh = tmp;
++ break;
++ }
++ }
++
++ if (sh) {
++ conf->bypass_count -= conf->bypass_threshold;
++ if (conf->bypass_count < 0)
++ conf->bypass_count = 0;
++ }
++ wg = NULL;
++ }
++
++ if (!sh)
++ return NULL;
++
++ if (wg) {
++ wg->stripes_cnt--;
++ sh->group = NULL;
++ }
++ list_del_init(&sh->lru);
++ BUG_ON(atomic_inc_return(&sh->count) != 1);
++ return sh;
++}
++
++struct raid5_plug_cb {
++ struct blk_plug_cb cb;
++ struct list_head list;
++ struct list_head temp_inactive_list[NR_STRIPE_HASH_LOCKS];
++};
++
++static void raid5_unplug(struct blk_plug_cb *blk_cb, bool from_schedule)
++{
++ struct raid5_plug_cb *cb = container_of(
++ blk_cb, struct raid5_plug_cb, cb);
++ struct stripe_head *sh;
++ struct mddev *mddev = cb->cb.data;
++ struct r5conf *conf = mddev->private;
++ int cnt = 0;
++ int hash;
++
++ if (cb->list.next && !list_empty(&cb->list)) {
++ spin_lock_irq(&conf->device_lock);
++ while (!list_empty(&cb->list)) {
++ sh = list_first_entry(&cb->list, struct stripe_head, lru);
++ list_del_init(&sh->lru);
++ /*
++ * avoid race release_stripe_plug() sees
++ * STRIPE_ON_UNPLUG_LIST clear but the stripe
++ * is still in our list
++ */
++ smp_mb__before_atomic();
++ clear_bit(STRIPE_ON_UNPLUG_LIST, &sh->state);
++ /*
++ * STRIPE_ON_RELEASE_LIST could be set here. In that
++ * case, the count is always > 1 here
++ */
++ hash = sh->hash_lock_index;
++ __release_stripe(conf, sh, &cb->temp_inactive_list[hash]);
++ cnt++;
++ }
++ spin_unlock_irq(&conf->device_lock);
++ }
++ release_inactive_stripe_list(conf, cb->temp_inactive_list,
++ NR_STRIPE_HASH_LOCKS);
++ if (mddev->queue)
++ trace_block_unplug(mddev->queue, cnt, !from_schedule);
++ kfree(cb);
++}
++
++static void release_stripe_plug(struct mddev *mddev,
++ struct stripe_head *sh)
++{
++ struct blk_plug_cb *blk_cb = blk_check_plugged(
++ raid5_unplug, mddev,
++ sizeof(struct raid5_plug_cb));
++ struct raid5_plug_cb *cb;
++
++ if (!blk_cb) {
++ release_stripe(sh);
++ return;
++ }
++
++ cb = container_of(blk_cb, struct raid5_plug_cb, cb);
++
++ if (cb->list.next == NULL) {
++ int i;
++ INIT_LIST_HEAD(&cb->list);
++ for (i = 0; i < NR_STRIPE_HASH_LOCKS; i++)
++ INIT_LIST_HEAD(cb->temp_inactive_list + i);
++ }
++
++ if (!test_and_set_bit(STRIPE_ON_UNPLUG_LIST, &sh->state))
++ list_add_tail(&sh->lru, &cb->list);
++ else
++ release_stripe(sh);
++}
++
++static void make_discard_request(struct mddev *mddev, struct bio *bi)
++{
++ struct r5conf *conf = mddev->private;
++ sector_t logical_sector, last_sector;
++ struct stripe_head *sh;
++ int remaining;
++ int stripe_sectors;
++
++ if (mddev->reshape_position != MaxSector)
++ /* Skip discard while reshape is happening */
++ return;
++
++ logical_sector = bi->bi_iter.bi_sector & ~((sector_t)STRIPE_SECTORS-1);
++ last_sector = bi->bi_iter.bi_sector + (bi->bi_iter.bi_size>>9);
++
++ bi->bi_next = NULL;
++ bi->bi_phys_segments = 1; /* over-loaded to count active stripes */
++
++ stripe_sectors = conf->chunk_sectors *
++ (conf->raid_disks - conf->max_degraded);
++ logical_sector = DIV_ROUND_UP_SECTOR_T(logical_sector,
++ stripe_sectors);
++ sector_div(last_sector, stripe_sectors);
++
++ logical_sector *= conf->chunk_sectors;
++ last_sector *= conf->chunk_sectors;
++
++ for (; logical_sector < last_sector;
++ logical_sector += STRIPE_SECTORS) {
++ DEFINE_WAIT(w);
++ int d;
++ again:
++ sh = get_active_stripe(conf, logical_sector, 0, 0, 0);
++ prepare_to_wait(&conf->wait_for_overlap, &w,
++ TASK_UNINTERRUPTIBLE);
++ set_bit(R5_Overlap, &sh->dev[sh->pd_idx].flags);
++ if (test_bit(STRIPE_SYNCING, &sh->state)) {
++ release_stripe(sh);
++ schedule();
++ goto again;
++ }
++ clear_bit(R5_Overlap, &sh->dev[sh->pd_idx].flags);
++ spin_lock_irq(&sh->stripe_lock);
++ for (d = 0; d < conf->raid_disks; d++) {
++ if (d == sh->pd_idx || d == sh->qd_idx)
++ continue;
++ if (sh->dev[d].towrite || sh->dev[d].toread) {
++ set_bit(R5_Overlap, &sh->dev[d].flags);
++ spin_unlock_irq(&sh->stripe_lock);
++ release_stripe(sh);
++ schedule();
++ goto again;
++ }
++ }
++ set_bit(STRIPE_DISCARD, &sh->state);
++ finish_wait(&conf->wait_for_overlap, &w);
++ for (d = 0; d < conf->raid_disks; d++) {
++ if (d == sh->pd_idx || d == sh->qd_idx)
++ continue;
++ sh->dev[d].towrite = bi;
++ set_bit(R5_OVERWRITE, &sh->dev[d].flags);
++ raid5_inc_bi_active_stripes(bi);
++ }
++ spin_unlock_irq(&sh->stripe_lock);
++ if (conf->mddev->bitmap) {
++ for (d = 0;
++ d < conf->raid_disks - conf->max_degraded;
++ d++)
++ bitmap_startwrite(mddev->bitmap,
++ sh->sector,
++ STRIPE_SECTORS,
++ 0);
++ sh->bm_seq = conf->seq_flush + 1;
++ set_bit(STRIPE_BIT_DELAY, &sh->state);
++ }
++
++ set_bit(STRIPE_HANDLE, &sh->state);
++ clear_bit(STRIPE_DELAYED, &sh->state);
++ if (!test_and_set_bit(STRIPE_PREREAD_ACTIVE, &sh->state))
++ atomic_inc(&conf->preread_active_stripes);
++ release_stripe_plug(mddev, sh);
++ }
++
++ remaining = raid5_dec_bi_active_stripes(bi);
++ if (remaining == 0) {
++ md_write_end(mddev);
++ bio_endio(bi, 0);
++ }
++}
++
++static void make_request(struct mddev *mddev, struct bio * bi)
++{
++ struct r5conf *conf = mddev->private;
++ int dd_idx;
++ sector_t new_sector;
++ sector_t logical_sector, last_sector;
++ struct stripe_head *sh;
++ const int rw = bio_data_dir(bi);
++ int remaining;
++ DEFINE_WAIT(w);
++ bool do_prepare;
++
++ if (unlikely(bi->bi_rw & REQ_FLUSH)) {
++ md_flush_request(mddev, bi);
++ return;
++ }
++
++ md_write_start(mddev, bi);
++
++ if (rw == READ &&
++ mddev->reshape_position == MaxSector &&
++ chunk_aligned_read(mddev,bi))
++ return;
++
++ if (unlikely(bi->bi_rw & REQ_DISCARD)) {
++ make_discard_request(mddev, bi);
++ return;
++ }
++
++ logical_sector = bi->bi_iter.bi_sector & ~((sector_t)STRIPE_SECTORS-1);
++ last_sector = bio_end_sector(bi);
++ bi->bi_next = NULL;
++ bi->bi_phys_segments = 1; /* over-loaded to count active stripes */
++
++ prepare_to_wait(&conf->wait_for_overlap, &w, TASK_UNINTERRUPTIBLE);
++ for (;logical_sector < last_sector; logical_sector += STRIPE_SECTORS) {
++ int previous;
++ int seq;
++
++ do_prepare = false;
++ retry:
++ seq = read_seqcount_begin(&conf->gen_lock);
++ previous = 0;
++ if (do_prepare)
++ prepare_to_wait(&conf->wait_for_overlap, &w,
++ TASK_UNINTERRUPTIBLE);
++ if (unlikely(conf->reshape_progress != MaxSector)) {
++ /* spinlock is needed as reshape_progress may be
++ * 64bit on a 32bit platform, and so it might be
++ * possible to see a half-updated value
++ * Of course reshape_progress could change after
++ * the lock is dropped, so once we get a reference
++ * to the stripe that we think it is, we will have
++ * to check again.
++ */
++ spin_lock_irq(&conf->device_lock);
++ if (mddev->reshape_backwards
++ ? logical_sector < conf->reshape_progress
++ : logical_sector >= conf->reshape_progress) {
++ previous = 1;
++ } else {
++ if (mddev->reshape_backwards
++ ? logical_sector < conf->reshape_safe
++ : logical_sector >= conf->reshape_safe) {
++ spin_unlock_irq(&conf->device_lock);
++ schedule();
++ do_prepare = true;
++ goto retry;
++ }
++ }
++ spin_unlock_irq(&conf->device_lock);
++ }
++
++ new_sector = raid5_compute_sector(conf, logical_sector,
++ previous,
++ &dd_idx, NULL);
++ pr_debug("raid456: make_request, sector %llu logical %llu\n",
++ (unsigned long long)new_sector,
++ (unsigned long long)logical_sector);
++
++ sh = get_active_stripe(conf, new_sector, previous,
++ (bi->bi_rw&RWA_MASK), 0);
++ if (sh) {
++ if (unlikely(previous)) {
++ /* expansion might have moved on while waiting for a
++ * stripe, so we must do the range check again.
++ * Expansion could still move past after this
++ * test, but as we are holding a reference to
++ * 'sh', we know that if that happens,
++ * STRIPE_EXPANDING will get set and the expansion
++ * won't proceed until we finish with the stripe.
++ */
++ int must_retry = 0;
++ spin_lock_irq(&conf->device_lock);
++ if (mddev->reshape_backwards
++ ? logical_sector >= conf->reshape_progress
++ : logical_sector < conf->reshape_progress)
++ /* mismatch, need to try again */
++ must_retry = 1;
++ spin_unlock_irq(&conf->device_lock);
++ if (must_retry) {
++ release_stripe(sh);
++ schedule();
++ do_prepare = true;
++ goto retry;
++ }
++ }
++ if (read_seqcount_retry(&conf->gen_lock, seq)) {
++ /* Might have got the wrong stripe_head
++ * by accident
++ */
++ release_stripe(sh);
++ goto retry;
++ }
++
++ if (rw == WRITE &&
++ logical_sector >= mddev->suspend_lo &&
++ logical_sector < mddev->suspend_hi) {
++ release_stripe(sh);
++ /* As the suspend_* range is controlled by
++ * userspace, we want an interruptible
++ * wait.
++ */
++ flush_signals(current);
++ prepare_to_wait(&conf->wait_for_overlap,
++ &w, TASK_INTERRUPTIBLE);
++ if (logical_sector >= mddev->suspend_lo &&
++ logical_sector < mddev->suspend_hi) {
++ schedule();
++ do_prepare = true;
++ }
++ goto retry;
++ }
++
++ if (test_bit(STRIPE_EXPANDING, &sh->state) ||
++ !add_stripe_bio(sh, bi, dd_idx, rw)) {
++ /* Stripe is busy expanding or
++ * add failed due to overlap. Flush everything
++ * and wait a while
++ */
++ md_wakeup_thread(mddev->thread);
++ release_stripe(sh);
++ schedule();
++ do_prepare = true;
++ goto retry;
++ }
++ set_bit(STRIPE_HANDLE, &sh->state);
++ clear_bit(STRIPE_DELAYED, &sh->state);
++ if ((bi->bi_rw & REQ_SYNC) &&
++ !test_and_set_bit(STRIPE_PREREAD_ACTIVE, &sh->state))
++ atomic_inc(&conf->preread_active_stripes);
++ release_stripe_plug(mddev, sh);
++ } else {
++ /* cannot get stripe for read-ahead, just give-up */
++ clear_bit(BIO_UPTODATE, &bi->bi_flags);
++ break;
++ }
++ }
++ finish_wait(&conf->wait_for_overlap, &w);
++
++ remaining = raid5_dec_bi_active_stripes(bi);
++ if (remaining == 0) {
++
++ if ( rw == WRITE )
++ md_write_end(mddev);
++
++ trace_block_bio_complete(bdev_get_queue(bi->bi_bdev),
++ bi, 0);
++ bio_endio(bi, 0);
++ }
++}
++
++static sector_t raid5_size(struct mddev *mddev, sector_t sectors, int raid_disks);
++
++static sector_t reshape_request(struct mddev *mddev, sector_t sector_nr, int *skipped)
++{
++ /* reshaping is quite different to recovery/resync so it is
++ * handled quite separately ... here.
++ *
++ * On each call to sync_request, we gather one chunk worth of
++ * destination stripes and flag them as expanding.
++ * Then we find all the source stripes and request reads.
++ * As the reads complete, handle_stripe will copy the data
++ * into the destination stripe and release that stripe.
++ */
++ struct r5conf *conf = mddev->private;
++ struct stripe_head *sh;
++ sector_t first_sector, last_sector;
++ int raid_disks = conf->previous_raid_disks;
++ int data_disks = raid_disks - conf->max_degraded;
++ int new_data_disks = conf->raid_disks - conf->max_degraded;
++ int i;
++ int dd_idx;
++ sector_t writepos, readpos, safepos;
++ sector_t stripe_addr;
++ int reshape_sectors;
++ struct list_head stripes;
++
++ if (sector_nr == 0) {
++ /* If restarting in the middle, skip the initial sectors */
++ if (mddev->reshape_backwards &&
++ conf->reshape_progress < raid5_size(mddev, 0, 0)) {
++ sector_nr = raid5_size(mddev, 0, 0)
++ - conf->reshape_progress;
++ } else if (!mddev->reshape_backwards &&
++ conf->reshape_progress > 0)
++ sector_nr = conf->reshape_progress;
++ sector_div(sector_nr, new_data_disks);
++ if (sector_nr) {
++ mddev->curr_resync_completed = sector_nr;
++ sysfs_notify(&mddev->kobj, NULL, "sync_completed");
++ *skipped = 1;
++ return sector_nr;
++ }
++ }
++
++ /* We need to process a full chunk at a time.
++ * If old and new chunk sizes differ, we need to process the
++ * largest of these
++ */
++ if (mddev->new_chunk_sectors > mddev->chunk_sectors)
++ reshape_sectors = mddev->new_chunk_sectors;
++ else
++ reshape_sectors = mddev->chunk_sectors;
++
++ /* We update the metadata at least every 10 seconds, or when
++ * the data about to be copied would over-write the source of
++ * the data at the front of the range. i.e. one new_stripe
++ * along from reshape_progress new_maps to after where
++ * reshape_safe old_maps to
++ */
++ writepos = conf->reshape_progress;
++ sector_div(writepos, new_data_disks);
++ readpos = conf->reshape_progress;
++ sector_div(readpos, data_disks);
++ safepos = conf->reshape_safe;
++ sector_div(safepos, data_disks);
++ if (mddev->reshape_backwards) {
++ writepos -= min_t(sector_t, reshape_sectors, writepos);
++ readpos += reshape_sectors;
++ safepos += reshape_sectors;
++ } else {
++ writepos += reshape_sectors;
++ readpos -= min_t(sector_t, reshape_sectors, readpos);
++ safepos -= min_t(sector_t, reshape_sectors, safepos);
++ }
++
++ /* Having calculated the 'writepos' possibly use it
++ * to set 'stripe_addr' which is where we will write to.
++ */
++ if (mddev->reshape_backwards) {
++ BUG_ON(conf->reshape_progress == 0);
++ stripe_addr = writepos;
++ BUG_ON((mddev->dev_sectors &
++ ~((sector_t)reshape_sectors - 1))
++ - reshape_sectors - stripe_addr
++ != sector_nr);
++ } else {
++ BUG_ON(writepos != sector_nr + reshape_sectors);
++ stripe_addr = sector_nr;
++ }
++
++ /* 'writepos' is the most advanced device address we might write.
++ * 'readpos' is the least advanced device address we might read.
++ * 'safepos' is the least address recorded in the metadata as having
++ * been reshaped.
++ * If there is a min_offset_diff, these are adjusted either by
++ * increasing the safepos/readpos if diff is negative, or
++ * increasing writepos if diff is positive.
++ * If 'readpos' is then behind 'writepos', there is no way that we can
++ * ensure safety in the face of a crash - that must be done by userspace
++ * making a backup of the data. So in that case there is no particular
++ * rush to update metadata.
++ * Otherwise if 'safepos' is behind 'writepos', then we really need to
++ * update the metadata to advance 'safepos' to match 'readpos' so that
++ * we can be safe in the event of a crash.
++ * So we insist on updating metadata if safepos is behind writepos and
++ * readpos is beyond writepos.
++ * In any case, update the metadata every 10 seconds.
++ * Maybe that number should be configurable, but I'm not sure it is
++ * worth it.... maybe it could be a multiple of safemode_delay???
++ */
++ if (conf->min_offset_diff < 0) {
++ safepos += -conf->min_offset_diff;
++ readpos += -conf->min_offset_diff;
++ } else
++ writepos += conf->min_offset_diff;
++
++ if ((mddev->reshape_backwards
++ ? (safepos > writepos && readpos < writepos)
++ : (safepos < writepos && readpos > writepos)) ||
++ time_after(jiffies, conf->reshape_checkpoint + 10*HZ)) {
++ /* Cannot proceed until we've updated the superblock... */
++ wait_event(conf->wait_for_overlap,
++ atomic_read(&conf->reshape_stripes)==0
++ || test_bit(MD_RECOVERY_INTR, &mddev->recovery));
++ if (atomic_read(&conf->reshape_stripes) != 0)
++ return 0;
++ mddev->reshape_position = conf->reshape_progress;
++ mddev->curr_resync_completed = sector_nr;
++ conf->reshape_checkpoint = jiffies;
++ set_bit(MD_CHANGE_DEVS, &mddev->flags);
++ md_wakeup_thread(mddev->thread);
++ wait_event(mddev->sb_wait, mddev->flags == 0 ||
++ test_bit(MD_RECOVERY_INTR, &mddev->recovery));
++ if (test_bit(MD_RECOVERY_INTR, &mddev->recovery))
++ return 0;
++ spin_lock_irq(&conf->device_lock);
++ conf->reshape_safe = mddev->reshape_position;
++ spin_unlock_irq(&conf->device_lock);
++ wake_up(&conf->wait_for_overlap);
++ sysfs_notify(&mddev->kobj, NULL, "sync_completed");
++ }
++
++ INIT_LIST_HEAD(&stripes);
++ for (i = 0; i < reshape_sectors; i += STRIPE_SECTORS) {
++ int j;
++ int skipped_disk = 0;
++ sh = get_active_stripe(conf, stripe_addr+i, 0, 0, 1);
++ set_bit(STRIPE_EXPANDING, &sh->state);
++ atomic_inc(&conf->reshape_stripes);
++ /* If any of this stripe is beyond the end of the old
++ * array, then we need to zero those blocks
++ */
++ for (j=sh->disks; j--;) {
++ sector_t s;
++ if (j == sh->pd_idx)
++ continue;
++ if (conf->level == 6 &&
++ j == sh->qd_idx)
++ continue;
++ s = compute_blocknr(sh, j, 0);
++ if (s < raid5_size(mddev, 0, 0)) {
++ skipped_disk = 1;
++ continue;
++ }
++ memset(page_address(sh->dev[j].page), 0, STRIPE_SIZE);
++ set_bit(R5_Expanded, &sh->dev[j].flags);
++ set_bit(R5_UPTODATE, &sh->dev[j].flags);
++ }
++ if (!skipped_disk) {
++ set_bit(STRIPE_EXPAND_READY, &sh->state);
++ set_bit(STRIPE_HANDLE, &sh->state);
++ }
++ list_add(&sh->lru, &stripes);
++ }
++ spin_lock_irq(&conf->device_lock);
++ if (mddev->reshape_backwards)
++ conf->reshape_progress -= reshape_sectors * new_data_disks;
++ else
++ conf->reshape_progress += reshape_sectors * new_data_disks;
++ spin_unlock_irq(&conf->device_lock);
++ /* Ok, those stripe are ready. We can start scheduling
++ * reads on the source stripes.
++ * The source stripes are determined by mapping the first and last
++ * block on the destination stripes.
++ */
++ first_sector =
++ raid5_compute_sector(conf, stripe_addr*(new_data_disks),
++ 1, &dd_idx, NULL);
++ last_sector =
++ raid5_compute_sector(conf, ((stripe_addr+reshape_sectors)
++ * new_data_disks - 1),
++ 1, &dd_idx, NULL);
++ if (last_sector >= mddev->dev_sectors)
++ last_sector = mddev->dev_sectors - 1;
++ while (first_sector <= last_sector) {
++ sh = get_active_stripe(conf, first_sector, 1, 0, 1);
++ set_bit(STRIPE_EXPAND_SOURCE, &sh->state);
++ set_bit(STRIPE_HANDLE, &sh->state);
++ release_stripe(sh);
++ first_sector += STRIPE_SECTORS;
++ }
++ /* Now that the sources are clearly marked, we can release
++ * the destination stripes
++ */
++ while (!list_empty(&stripes)) {
++ sh = list_entry(stripes.next, struct stripe_head, lru);
++ list_del_init(&sh->lru);
++ release_stripe(sh);
++ }
++ /* If this takes us to the resync_max point where we have to pause,
++ * then we need to write out the superblock.
++ */
++ sector_nr += reshape_sectors;
++ if ((sector_nr - mddev->curr_resync_completed) * 2
++ >= mddev->resync_max - mddev->curr_resync_completed) {
++ /* Cannot proceed until we've updated the superblock... */
++ wait_event(conf->wait_for_overlap,
++ atomic_read(&conf->reshape_stripes) == 0
++ || test_bit(MD_RECOVERY_INTR, &mddev->recovery));
++ if (atomic_read(&conf->reshape_stripes) != 0)
++ goto ret;
++ mddev->reshape_position = conf->reshape_progress;
++ mddev->curr_resync_completed = sector_nr;
++ conf->reshape_checkpoint = jiffies;
++ set_bit(MD_CHANGE_DEVS, &mddev->flags);
++ md_wakeup_thread(mddev->thread);
++ wait_event(mddev->sb_wait,
++ !test_bit(MD_CHANGE_DEVS, &mddev->flags)
++ || test_bit(MD_RECOVERY_INTR, &mddev->recovery));
++ if (test_bit(MD_RECOVERY_INTR, &mddev->recovery))
++ goto ret;
++ spin_lock_irq(&conf->device_lock);
++ conf->reshape_safe = mddev->reshape_position;
++ spin_unlock_irq(&conf->device_lock);
++ wake_up(&conf->wait_for_overlap);
++ sysfs_notify(&mddev->kobj, NULL, "sync_completed");
++ }
++ret:
++ return reshape_sectors;
++}
++
++/* FIXME go_faster isn't used */
++static inline sector_t sync_request(struct mddev *mddev, sector_t sector_nr, int *skipped, int go_faster)
++{
++ struct r5conf *conf = mddev->private;
++ struct stripe_head *sh;
++ sector_t max_sector = mddev->dev_sectors;
++ sector_t sync_blocks;
++ int still_degraded = 0;
++ int i;
++
++ if (sector_nr >= max_sector) {
++ /* just being told to finish up .. nothing much to do */
++
++ if (test_bit(MD_RECOVERY_RESHAPE, &mddev->recovery)) {
++ end_reshape(conf);
++ return 0;
++ }
++
++ if (mddev->curr_resync < max_sector) /* aborted */
++ bitmap_end_sync(mddev->bitmap, mddev->curr_resync,
++ &sync_blocks, 1);
++ else /* completed sync */
++ conf->fullsync = 0;
++ bitmap_close_sync(mddev->bitmap);
++
++ return 0;
++ }
++
++ /* Allow raid5_quiesce to complete */
++ wait_event(conf->wait_for_overlap, conf->quiesce != 2);
++
++ if (test_bit(MD_RECOVERY_RESHAPE, &mddev->recovery))
++ return reshape_request(mddev, sector_nr, skipped);
++
++ /* No need to check resync_max as we never do more than one
++ * stripe, and as resync_max will always be on a chunk boundary,
++ * if the check in md_do_sync didn't fire, there is no chance
++ * of overstepping resync_max here
++ */
++
++ /* if there is too many failed drives and we are trying
++ * to resync, then assert that we are finished, because there is
++ * nothing we can do.
++ */
++ if (mddev->degraded >= conf->max_degraded &&
++ test_bit(MD_RECOVERY_SYNC, &mddev->recovery)) {
++ sector_t rv = mddev->dev_sectors - sector_nr;
++ *skipped = 1;
++ return rv;
++ }
++ if (!test_bit(MD_RECOVERY_REQUESTED, &mddev->recovery) &&
++ !conf->fullsync &&
++ !bitmap_start_sync(mddev->bitmap, sector_nr, &sync_blocks, 1) &&
++ sync_blocks >= STRIPE_SECTORS) {
++ /* we can skip this block, and probably more */
++ sync_blocks /= STRIPE_SECTORS;
++ *skipped = 1;
++ return sync_blocks * STRIPE_SECTORS; /* keep things rounded to whole stripes */
++ }
++
++ bitmap_cond_end_sync(mddev->bitmap, sector_nr);
++
++ sh = get_active_stripe(conf, sector_nr, 0, 1, 0);
++ if (sh == NULL) {
++ sh = get_active_stripe(conf, sector_nr, 0, 0, 0);
++ /* make sure we don't swamp the stripe cache if someone else
++ * is trying to get access
++ */
++ schedule_timeout_uninterruptible(1);
++ }
++ /* Need to check if array will still be degraded after recovery/resync
++ * We don't need to check the 'failed' flag as when that gets set,
++ * recovery aborts.
++ */
++ for (i = 0; i < conf->raid_disks; i++)
++ if (conf->disks[i].rdev == NULL)
++ still_degraded = 1;
++
++ bitmap_start_sync(mddev->bitmap, sector_nr, &sync_blocks, still_degraded);
++
++ set_bit(STRIPE_SYNC_REQUESTED, &sh->state);
++ set_bit(STRIPE_HANDLE, &sh->state);
++
++ release_stripe(sh);
++
++ return STRIPE_SECTORS;
++}
++
++static int retry_aligned_read(struct r5conf *conf, struct bio *raid_bio)
++{
++ /* We may not be able to submit a whole bio at once as there
++ * may not be enough stripe_heads available.
++ * We cannot pre-allocate enough stripe_heads as we may need
++ * more than exist in the cache (if we allow ever large chunks).
++ * So we do one stripe head at a time and record in
++ * ->bi_hw_segments how many have been done.
++ *
++ * We *know* that this entire raid_bio is in one chunk, so
++ * it will be only one 'dd_idx' and only need one call to raid5_compute_sector.
++ */
++ struct stripe_head *sh;
++ int dd_idx;
++ sector_t sector, logical_sector, last_sector;
++ int scnt = 0;
++ int remaining;
++ int handled = 0;
++
++ logical_sector = raid_bio->bi_iter.bi_sector &
++ ~((sector_t)STRIPE_SECTORS-1);
++ sector = raid5_compute_sector(conf, logical_sector,
++ 0, &dd_idx, NULL);
++ last_sector = bio_end_sector(raid_bio);
++
++ for (; logical_sector < last_sector;
++ logical_sector += STRIPE_SECTORS,
++ sector += STRIPE_SECTORS,
++ scnt++) {
++
++ if (scnt < raid5_bi_processed_stripes(raid_bio))
++ /* already done this stripe */
++ continue;
++
++ sh = get_active_stripe(conf, sector, 0, 1, 1);
++
++ if (!sh) {
++ /* failed to get a stripe - must wait */
++ raid5_set_bi_processed_stripes(raid_bio, scnt);
++ conf->retry_read_aligned = raid_bio;
++ return handled;
++ }
++
++ if (!add_stripe_bio(sh, raid_bio, dd_idx, 0)) {
++ release_stripe(sh);
++ raid5_set_bi_processed_stripes(raid_bio, scnt);
++ conf->retry_read_aligned = raid_bio;
++ return handled;
++ }
++
++ set_bit(R5_ReadNoMerge, &sh->dev[dd_idx].flags);
++ handle_stripe(sh);
++ release_stripe(sh);
++ handled++;
++ }
++ remaining = raid5_dec_bi_active_stripes(raid_bio);
++ if (remaining == 0) {
++ trace_block_bio_complete(bdev_get_queue(raid_bio->bi_bdev),
++ raid_bio, 0);
++ bio_endio(raid_bio, 0);
++ }
++ if (atomic_dec_and_test(&conf->active_aligned_reads))
++ wake_up(&conf->wait_for_stripe);
++ return handled;
++}
++
++static int handle_active_stripes(struct r5conf *conf, int group,
++ struct r5worker *worker,
++ struct list_head *temp_inactive_list)
++{
++ struct stripe_head *batch[MAX_STRIPE_BATCH], *sh;
++ int i, batch_size = 0, hash;
++ bool release_inactive = false;
++
++ while (batch_size < MAX_STRIPE_BATCH &&
++ (sh = __get_priority_stripe(conf, group)) != NULL)
++ batch[batch_size++] = sh;
++
++ if (batch_size == 0) {
++ for (i = 0; i < NR_STRIPE_HASH_LOCKS; i++)
++ if (!list_empty(temp_inactive_list + i))
++ break;
++ if (i == NR_STRIPE_HASH_LOCKS)
++ return batch_size;
++ release_inactive = true;
++ }
++ spin_unlock_irq(&conf->device_lock);
++
++ release_inactive_stripe_list(conf, temp_inactive_list,
++ NR_STRIPE_HASH_LOCKS);
++
++ if (release_inactive) {
++ spin_lock_irq(&conf->device_lock);
++ return 0;
++ }
++
++ for (i = 0; i < batch_size; i++)
++ handle_stripe(batch[i]);
++
++ cond_resched();
++
++ spin_lock_irq(&conf->device_lock);
++ for (i = 0; i < batch_size; i++) {
++ hash = batch[i]->hash_lock_index;
++ __release_stripe(conf, batch[i], &temp_inactive_list[hash]);
++ }
++ return batch_size;
++}
++
++static void raid5_do_work(struct work_struct *work)
++{
++ struct r5worker *worker = container_of(work, struct r5worker, work);
++ struct r5worker_group *group = worker->group;
++ struct r5conf *conf = group->conf;
++ int group_id = group - conf->worker_groups;
++ int handled;
++ struct blk_plug plug;
++
++ pr_debug("+++ raid5worker active\n");
++
++ blk_start_plug(&plug);
++ handled = 0;
++ spin_lock_irq(&conf->device_lock);
++ while (1) {
++ int batch_size, released;
++
++ released = release_stripe_list(conf, worker->temp_inactive_list);
++
++ batch_size = handle_active_stripes(conf, group_id, worker,
++ worker->temp_inactive_list);
++ worker->working = false;
++ if (!batch_size && !released)
++ break;
++ handled += batch_size;
++ }
++ pr_debug("%d stripes handled\n", handled);
++
++ spin_unlock_irq(&conf->device_lock);
++ blk_finish_plug(&plug);
++
++ pr_debug("--- raid5worker inactive\n");
++}
++
++/*
++ * This is our raid5 kernel thread.
++ *
++ * We scan the hash table for stripes which can be handled now.
++ * During the scan, completed stripes are saved for us by the interrupt
++ * handler, so that they will not have to wait for our next wakeup.
++ */
++static void raid5d(struct md_thread *thread)
++{
++ struct mddev *mddev = thread->mddev;
++ struct r5conf *conf = mddev->private;
++ int handled;
++ struct blk_plug plug;
++
++ pr_debug("+++ raid5d active\n");
++
++ md_check_recovery(mddev);
++
++ blk_start_plug(&plug);
++ handled = 0;
++ spin_lock_irq(&conf->device_lock);
++ while (1) {
++ struct bio *bio;
++ int batch_size, released;
++
++ released = release_stripe_list(conf, conf->temp_inactive_list);
++
++ if (
++ !list_empty(&conf->bitmap_list)) {
++ /* Now is a good time to flush some bitmap updates */
++ conf->seq_flush++;
++ spin_unlock_irq(&conf->device_lock);
++ bitmap_unplug(mddev->bitmap);
++ spin_lock_irq(&conf->device_lock);
++ conf->seq_write = conf->seq_flush;
++ activate_bit_delay(conf, conf->temp_inactive_list);
++ }
++ raid5_activate_delayed(conf);
++
++ while ((bio = remove_bio_from_retry(conf))) {
++ int ok;
++ spin_unlock_irq(&conf->device_lock);
++ ok = retry_aligned_read(conf, bio);
++ spin_lock_irq(&conf->device_lock);
++ if (!ok)
++ break;
++ handled++;
++ }
++
++ batch_size = handle_active_stripes(conf, ANY_GROUP, NULL,
++ conf->temp_inactive_list);
++ if (!batch_size && !released)
++ break;
++ handled += batch_size;
++
++ if (mddev->flags & ~(1<<MD_CHANGE_PENDING)) {
++ spin_unlock_irq(&conf->device_lock);
++ md_check_recovery(mddev);
++ spin_lock_irq(&conf->device_lock);
++ }
++ }
++ pr_debug("%d stripes handled\n", handled);
++
++ spin_unlock_irq(&conf->device_lock);
++
++ async_tx_issue_pending_all();
++ blk_finish_plug(&plug);
++
++ pr_debug("--- raid5d inactive\n");
++}
++
++static ssize_t
++raid5_show_stripe_cache_size(struct mddev *mddev, char *page)
++{
++ struct r5conf *conf = mddev->private;
++ if (conf)
++ return sprintf(page, "%d\n", conf->max_nr_stripes);
++ else
++ return 0;
++}
++
++int
++raid5_set_cache_size(struct mddev *mddev, int size)
++{
++ struct r5conf *conf = mddev->private;
++ int err;
++ int hash;
++
++ if (size <= 16 || size > 32768)
++ return -EINVAL;
++ hash = (conf->max_nr_stripes - 1) % NR_STRIPE_HASH_LOCKS;
++ while (size < conf->max_nr_stripes) {
++ if (drop_one_stripe(conf, hash))
++ conf->max_nr_stripes--;
++ else
++ break;
++ hash--;
++ if (hash < 0)
++ hash = NR_STRIPE_HASH_LOCKS - 1;
++ }
++ err = md_allow_write(mddev);
++ if (err)
++ return err;
++ hash = conf->max_nr_stripes % NR_STRIPE_HASH_LOCKS;
++ while (size > conf->max_nr_stripes) {
++ if (grow_one_stripe(conf, hash))
++ conf->max_nr_stripes++;
++ else break;
++ hash = (hash + 1) % NR_STRIPE_HASH_LOCKS;
++ }
++ return 0;
++}
++EXPORT_SYMBOL(raid5_set_cache_size);
++
++static ssize_t
++raid5_store_stripe_cache_size(struct mddev *mddev, const char *page, size_t len)
++{
++ struct r5conf *conf = mddev->private;
++ unsigned long new;
++ int err;
++
++ if (len >= PAGE_SIZE)
++ return -EINVAL;
++ if (!conf)
++ return -ENODEV;
++
++ if (kstrtoul(page, 10, &new))
++ return -EINVAL;
++ err = raid5_set_cache_size(mddev, new);
++ if (err)
++ return err;
++ return len;
++}
++
++static struct md_sysfs_entry
++raid5_stripecache_size = __ATTR(stripe_cache_size, S_IRUGO | S_IWUSR,
++ raid5_show_stripe_cache_size,
++ raid5_store_stripe_cache_size);
++
++static ssize_t
++raid5_show_preread_threshold(struct mddev *mddev, char *page)
++{
++ struct r5conf *conf = mddev->private;
++ if (conf)
++ return sprintf(page, "%d\n", conf->bypass_threshold);
++ else
++ return 0;
++}
++
++static ssize_t
++raid5_store_preread_threshold(struct mddev *mddev, const char *page, size_t len)
++{
++ struct r5conf *conf = mddev->private;
++ unsigned long new;
++ if (len >= PAGE_SIZE)
++ return -EINVAL;
++ if (!conf)
++ return -ENODEV;
++
++ if (kstrtoul(page, 10, &new))
++ return -EINVAL;
++ if (new > conf->max_nr_stripes)
++ return -EINVAL;
++ conf->bypass_threshold = new;
++ return len;
++}
++
++static struct md_sysfs_entry
++raid5_preread_bypass_threshold = __ATTR(preread_bypass_threshold,
++ S_IRUGO | S_IWUSR,
++ raid5_show_preread_threshold,
++ raid5_store_preread_threshold);
++
++static ssize_t
++raid5_show_skip_copy(struct mddev *mddev, char *page)
++{
++ struct r5conf *conf = mddev->private;
++ if (conf)
++ return sprintf(page, "%d\n", conf->skip_copy);
++ else
++ return 0;
++}
++
++static ssize_t
++raid5_store_skip_copy(struct mddev *mddev, const char *page, size_t len)
++{
++ struct r5conf *conf = mddev->private;
++ unsigned long new;
++ if (len >= PAGE_SIZE)
++ return -EINVAL;
++ if (!conf)
++ return -ENODEV;
++
++ if (kstrtoul(page, 10, &new))
++ return -EINVAL;
++ new = !!new;
++ if (new == conf->skip_copy)
++ return len;
++
++ mddev_suspend(mddev);
++ conf->skip_copy = new;
++ if (new)
++ mddev->queue->backing_dev_info.capabilities |=
++ BDI_CAP_STABLE_WRITES;
++ else
++ mddev->queue->backing_dev_info.capabilities &=
++ ~BDI_CAP_STABLE_WRITES;
++ mddev_resume(mddev);
++ return len;
++}
++
++static struct md_sysfs_entry
++raid5_skip_copy = __ATTR(skip_copy, S_IRUGO | S_IWUSR,
++ raid5_show_skip_copy,
++ raid5_store_skip_copy);
++
++static ssize_t
++stripe_cache_active_show(struct mddev *mddev, char *page)
++{
++ struct r5conf *conf = mddev->private;
++ if (conf)
++ return sprintf(page, "%d\n", atomic_read(&conf->active_stripes));
++ else
++ return 0;
++}
++
++static struct md_sysfs_entry
++raid5_stripecache_active = __ATTR_RO(stripe_cache_active);
++
++static ssize_t
++raid5_show_group_thread_cnt(struct mddev *mddev, char *page)
++{
++ struct r5conf *conf = mddev->private;
++ if (conf)
++ return sprintf(page, "%d\n", conf->worker_cnt_per_group);
++ else
++ return 0;
++}
++
++static int alloc_thread_groups(struct r5conf *conf, int cnt,
++ int *group_cnt,
++ int *worker_cnt_per_group,
++ struct r5worker_group **worker_groups);
++static ssize_t
++raid5_store_group_thread_cnt(struct mddev *mddev, const char *page, size_t len)
++{
++ struct r5conf *conf = mddev->private;
++ unsigned long new;
++ int err;
++ struct r5worker_group *new_groups, *old_groups;
++ int group_cnt, worker_cnt_per_group;
++
++ if (len >= PAGE_SIZE)
++ return -EINVAL;
++ if (!conf)
++ return -ENODEV;
++
++ if (kstrtoul(page, 10, &new))
++ return -EINVAL;
++
++ if (new == conf->worker_cnt_per_group)
++ return len;
++
++ mddev_suspend(mddev);
++
++ old_groups = conf->worker_groups;
++ if (old_groups)
++ flush_workqueue(raid5_wq);
++
++ err = alloc_thread_groups(conf, new,
++ &group_cnt, &worker_cnt_per_group,
++ &new_groups);
++ if (!err) {
++ spin_lock_irq(&conf->device_lock);
++ conf->group_cnt = group_cnt;
++ conf->worker_cnt_per_group = worker_cnt_per_group;
++ conf->worker_groups = new_groups;
++ spin_unlock_irq(&conf->device_lock);
++
++ if (old_groups)
++ kfree(old_groups[0].workers);
++ kfree(old_groups);
++ }
++
++ mddev_resume(mddev);
++
++ if (err)
++ return err;
++ return len;
++}
++
++static struct md_sysfs_entry
++raid5_group_thread_cnt = __ATTR(group_thread_cnt, S_IRUGO | S_IWUSR,
++ raid5_show_group_thread_cnt,
++ raid5_store_group_thread_cnt);
++
++static struct attribute *raid5_attrs[] = {
++ &raid5_stripecache_size.attr,
++ &raid5_stripecache_active.attr,
++ &raid5_preread_bypass_threshold.attr,
++ &raid5_group_thread_cnt.attr,
++ &raid5_skip_copy.attr,
++ NULL,
++};
++static struct attribute_group raid5_attrs_group = {
++ .name = NULL,
++ .attrs = raid5_attrs,
++};
++
++static int alloc_thread_groups(struct r5conf *conf, int cnt,
++ int *group_cnt,
++ int *worker_cnt_per_group,
++ struct r5worker_group **worker_groups)
++{
++ int i, j, k;
++ ssize_t size;
++ struct r5worker *workers;
++
++ *worker_cnt_per_group = cnt;
++ if (cnt == 0) {
++ *group_cnt = 0;
++ *worker_groups = NULL;
++ return 0;
++ }
++ *group_cnt = num_possible_nodes();
++ size = sizeof(struct r5worker) * cnt;
++ workers = kzalloc(size * *group_cnt, GFP_NOIO);
++ *worker_groups = kzalloc(sizeof(struct r5worker_group) *
++ *group_cnt, GFP_NOIO);
++ if (!*worker_groups || !workers) {
++ kfree(workers);
++ kfree(*worker_groups);
++ return -ENOMEM;
++ }
++
++ for (i = 0; i < *group_cnt; i++) {
++ struct r5worker_group *group;
++
++ group = &(*worker_groups)[i];
++ INIT_LIST_HEAD(&group->handle_list);
++ group->conf = conf;
++ group->workers = workers + i * cnt;
++
++ for (j = 0; j < cnt; j++) {
++ struct r5worker *worker = group->workers + j;
++ worker->group = group;
++ INIT_WORK(&worker->work, raid5_do_work);
++
++ for (k = 0; k < NR_STRIPE_HASH_LOCKS; k++)
++ INIT_LIST_HEAD(worker->temp_inactive_list + k);
++ }
++ }
++
++ return 0;
++}
++
++static void free_thread_groups(struct r5conf *conf)
++{
++ if (conf->worker_groups)
++ kfree(conf->worker_groups[0].workers);
++ kfree(conf->worker_groups);
++ conf->worker_groups = NULL;
++}
++
++static sector_t
++raid5_size(struct mddev *mddev, sector_t sectors, int raid_disks)
++{
++ struct r5conf *conf = mddev->private;
++
++ if (!sectors)
++ sectors = mddev->dev_sectors;
++ if (!raid_disks)
++ /* size is defined by the smallest of previous and new size */
++ raid_disks = min(conf->raid_disks, conf->previous_raid_disks);
++
++ sectors &= ~((sector_t)mddev->chunk_sectors - 1);
++ sectors &= ~((sector_t)mddev->new_chunk_sectors - 1);
++ return sectors * (raid_disks - conf->max_degraded);
++}
++
++static void free_scratch_buffer(struct r5conf *conf, struct raid5_percpu *percpu)
++{
++ safe_put_page(percpu->spare_page);
++ kfree(percpu->scribble);
++ percpu->spare_page = NULL;
++ percpu->scribble = NULL;
++}
++
++static int alloc_scratch_buffer(struct r5conf *conf, struct raid5_percpu *percpu)
++{
++ if (conf->level == 6 && !percpu->spare_page)
++ percpu->spare_page = alloc_page(GFP_KERNEL);
++ if (!percpu->scribble)
++ percpu->scribble = kmalloc(conf->scribble_len, GFP_KERNEL);
++
++ if (!percpu->scribble || (conf->level == 6 && !percpu->spare_page)) {
++ free_scratch_buffer(conf, percpu);
++ return -ENOMEM;
++ }
++
++ return 0;
++}
++
++static void raid5_free_percpu(struct r5conf *conf)
++{
++ unsigned long cpu;
++
++ if (!conf->percpu)
++ return;
++
++#ifdef CONFIG_HOTPLUG_CPU
++ unregister_cpu_notifier(&conf->cpu_notify);
++#endif
++
++ get_online_cpus();
++ for_each_possible_cpu(cpu)
++ free_scratch_buffer(conf, per_cpu_ptr(conf->percpu, cpu));
++ put_online_cpus();
++
++ free_percpu(conf->percpu);
++}
++
++static void free_conf(struct r5conf *conf)
++{
++ free_thread_groups(conf);
++ shrink_stripes(conf);
++ raid5_free_percpu(conf);
++ kfree(conf->disks);
++ kfree(conf->stripe_hashtbl);
++ kfree(conf);
++}
++
++#ifdef CONFIG_HOTPLUG_CPU
++static int raid456_cpu_notify(struct notifier_block *nfb, unsigned long action,
++ void *hcpu)
++{
++ struct r5conf *conf = container_of(nfb, struct r5conf, cpu_notify);
++ long cpu = (long)hcpu;
++ struct raid5_percpu *percpu = per_cpu_ptr(conf->percpu, cpu);
++
++ switch (action) {
++ case CPU_UP_PREPARE:
++ case CPU_UP_PREPARE_FROZEN:
++ if (alloc_scratch_buffer(conf, percpu)) {
++ pr_err("%s: failed memory allocation for cpu%ld\n",
++ __func__, cpu);
++ return notifier_from_errno(-ENOMEM);
++ }
++ break;
++ case CPU_DEAD:
++ case CPU_DEAD_FROZEN:
++ free_scratch_buffer(conf, per_cpu_ptr(conf->percpu, cpu));
++ break;
++ default:
++ break;
++ }
++ return NOTIFY_OK;
++}
++#endif
++
++static int raid5_alloc_percpu(struct r5conf *conf)
++{
++ unsigned long cpu;
++ int err = 0;
++
++ conf->percpu = alloc_percpu(struct raid5_percpu);
++ if (!conf->percpu)
++ return -ENOMEM;
++
++#ifdef CONFIG_HOTPLUG_CPU
++ conf->cpu_notify.notifier_call = raid456_cpu_notify;
++ conf->cpu_notify.priority = 0;
++ err = register_cpu_notifier(&conf->cpu_notify);
++ if (err)
++ return err;
++#endif
++
++ get_online_cpus();
++ for_each_present_cpu(cpu) {
++ err = alloc_scratch_buffer(conf, per_cpu_ptr(conf->percpu, cpu));
++ if (err) {
++ pr_err("%s: failed memory allocation for cpu%ld\n",
++ __func__, cpu);
++ break;
++ }
++ }
++ put_online_cpus();
++
++ return err;
++}
++
++static struct r5conf *setup_conf(struct mddev *mddev)
++{
++ struct r5conf *conf;
++ int raid_disk, memory, max_disks;
++ struct md_rdev *rdev;
++ struct disk_info *disk;
++ char pers_name[6];
++ int i;
++ int group_cnt, worker_cnt_per_group;
++ struct r5worker_group *new_group;
++
++ if (mddev->new_level != 5
++ && mddev->new_level != 4
++ && mddev->new_level != 6) {
++ printk(KERN_ERR "md/raid:%s: raid level not set to 4/5/6 (%d)\n",
++ mdname(mddev), mddev->new_level);
++ return ERR_PTR(-EIO);
++ }
++ if ((mddev->new_level == 5
++ && !algorithm_valid_raid5(mddev->new_layout)) ||
++ (mddev->new_level == 6
++ && !algorithm_valid_raid6(mddev->new_layout))) {
++ printk(KERN_ERR "md/raid:%s: layout %d not supported\n",
++ mdname(mddev), mddev->new_layout);
++ return ERR_PTR(-EIO);
++ }
++ if (mddev->new_level == 6 && mddev->raid_disks < 4) {
++ printk(KERN_ERR "md/raid:%s: not enough configured devices (%d, minimum 4)\n",
++ mdname(mddev), mddev->raid_disks);
++ return ERR_PTR(-EINVAL);
++ }
++
++ if (!mddev->new_chunk_sectors ||
++ (mddev->new_chunk_sectors << 9) % PAGE_SIZE ||
++ !is_power_of_2(mddev->new_chunk_sectors)) {
++ printk(KERN_ERR "md/raid:%s: invalid chunk size %d\n",
++ mdname(mddev), mddev->new_chunk_sectors << 9);
++ return ERR_PTR(-EINVAL);
++ }
++
++ conf = kzalloc(sizeof(struct r5conf), GFP_KERNEL);
++ if (conf == NULL)
++ goto abort;
++ /* Don't enable multi-threading by default*/
++ if (!alloc_thread_groups(conf, 0, &group_cnt, &worker_cnt_per_group,
++ &new_group)) {
++ conf->group_cnt = group_cnt;
++ conf->worker_cnt_per_group = worker_cnt_per_group;
++ conf->worker_groups = new_group;
++ } else
++ goto abort;
++ spin_lock_init(&conf->device_lock);
++ seqcount_init(&conf->gen_lock);
++ init_waitqueue_head(&conf->wait_for_stripe);
++ init_waitqueue_head(&conf->wait_for_overlap);
++ INIT_LIST_HEAD(&conf->handle_list);
++ INIT_LIST_HEAD(&conf->hold_list);
++ INIT_LIST_HEAD(&conf->delayed_list);
++ INIT_LIST_HEAD(&conf->bitmap_list);
++ init_llist_head(&conf->released_stripes);
++ atomic_set(&conf->active_stripes, 0);
++ atomic_set(&conf->preread_active_stripes, 0);
++ atomic_set(&conf->active_aligned_reads, 0);
++ conf->bypass_threshold = BYPASS_THRESHOLD;
++ conf->recovery_disabled = mddev->recovery_disabled - 1;
++
++ conf->raid_disks = mddev->raid_disks;
++ if (mddev->reshape_position == MaxSector)
++ conf->previous_raid_disks = mddev->raid_disks;
++ else
++ conf->previous_raid_disks = mddev->raid_disks - mddev->delta_disks;
++ max_disks = max(conf->raid_disks, conf->previous_raid_disks);
++ conf->scribble_len = scribble_len(max_disks);
++
++ conf->disks = kzalloc(max_disks * sizeof(struct disk_info),
++ GFP_KERNEL);
++ if (!conf->disks)
++ goto abort;
++
++ conf->mddev = mddev;
++
++ if ((conf->stripe_hashtbl = kzalloc(PAGE_SIZE, GFP_KERNEL)) == NULL)
++ goto abort;
++
++ /* We init hash_locks[0] separately to that it can be used
++ * as the reference lock in the spin_lock_nest_lock() call
++ * in lock_all_device_hash_locks_irq in order to convince
++ * lockdep that we know what we are doing.
++ */
++ spin_lock_init(conf->hash_locks);
++ for (i = 1; i < NR_STRIPE_HASH_LOCKS; i++)
++ spin_lock_init(conf->hash_locks + i);
++
++ for (i = 0; i < NR_STRIPE_HASH_LOCKS; i++)
++ INIT_LIST_HEAD(conf->inactive_list + i);
++
++ for (i = 0; i < NR_STRIPE_HASH_LOCKS; i++)
++ INIT_LIST_HEAD(conf->temp_inactive_list + i);
++
++ conf->level = mddev->new_level;
++ if (raid5_alloc_percpu(conf) != 0)
++ goto abort;
++
++ pr_debug("raid456: run(%s) called.\n", mdname(mddev));
++
++ rdev_for_each(rdev, mddev) {
++ raid_disk = rdev->raid_disk;
++ if (raid_disk >= max_disks
++ || raid_disk < 0)
++ continue;
++ disk = conf->disks + raid_disk;
++
++ if (test_bit(Replacement, &rdev->flags)) {
++ if (disk->replacement)
++ goto abort;
++ disk->replacement = rdev;
++ } else {
++ if (disk->rdev)
++ goto abort;
++ disk->rdev = rdev;
++ }
++
++ if (test_bit(In_sync, &rdev->flags)) {
++ char b[BDEVNAME_SIZE];
++ printk(KERN_INFO "md/raid:%s: device %s operational as raid"
++ " disk %d\n",
++ mdname(mddev), bdevname(rdev->bdev, b), raid_disk);
++ } else if (rdev->saved_raid_disk != raid_disk)
++ /* Cannot rely on bitmap to complete recovery */
++ conf->fullsync = 1;
++ }
++
++ conf->chunk_sectors = mddev->new_chunk_sectors;
++ conf->level = mddev->new_level;
++ if (conf->level == 6)
++ conf->max_degraded = 2;
++ else
++ conf->max_degraded = 1;
++ conf->algorithm = mddev->new_layout;
++ conf->reshape_progress = mddev->reshape_position;
++ if (conf->reshape_progress != MaxSector) {
++ conf->prev_chunk_sectors = mddev->chunk_sectors;
++ conf->prev_algo = mddev->layout;
++ }
++
++ memory = conf->max_nr_stripes * (sizeof(struct stripe_head) +
++ max_disks * ((sizeof(struct bio) + PAGE_SIZE))) / 1024;
++ atomic_set(&conf->empty_inactive_list_nr, NR_STRIPE_HASH_LOCKS);
++ if (grow_stripes(conf, NR_STRIPES)) {
++ printk(KERN_ERR
++ "md/raid:%s: couldn't allocate %dkB for buffers\n",
++ mdname(mddev), memory);
++ goto abort;
++ } else
++ printk(KERN_INFO "md/raid:%s: allocated %dkB\n",
++ mdname(mddev), memory);
++
++ sprintf(pers_name, "raid%d", mddev->new_level);
++ conf->thread = md_register_thread(raid5d, mddev, pers_name);
++ if (!conf->thread) {
++ printk(KERN_ERR
++ "md/raid:%s: couldn't allocate thread.\n",
++ mdname(mddev));
++ goto abort;
++ }
++
++ return conf;
++
++ abort:
++ if (conf) {
++ free_conf(conf);
++ return ERR_PTR(-EIO);
++ } else
++ return ERR_PTR(-ENOMEM);
++}
++
++static int only_parity(int raid_disk, int algo, int raid_disks, int max_degraded)
++{
++ switch (algo) {
++ case ALGORITHM_PARITY_0:
++ if (raid_disk < max_degraded)
++ return 1;
++ break;
++ case ALGORITHM_PARITY_N:
++ if (raid_disk >= raid_disks - max_degraded)
++ return 1;
++ break;
++ case ALGORITHM_PARITY_0_6:
++ if (raid_disk == 0 ||
++ raid_disk == raid_disks - 1)
++ return 1;
++ break;
++ case ALGORITHM_LEFT_ASYMMETRIC_6:
++ case ALGORITHM_RIGHT_ASYMMETRIC_6:
++ case ALGORITHM_LEFT_SYMMETRIC_6:
++ case ALGORITHM_RIGHT_SYMMETRIC_6:
++ if (raid_disk == raid_disks - 1)
++ return 1;
++ }
++ return 0;
++}
++
++static int run(struct mddev *mddev)
++{
++ struct r5conf *conf;
++ int working_disks = 0;
++ int dirty_parity_disks = 0;
++ struct md_rdev *rdev;
++ sector_t reshape_offset = 0;
++ int i;
++ long long min_offset_diff = 0;
++ int first = 1;
++
++ if (mddev->recovery_cp != MaxSector)
++ printk(KERN_NOTICE "md/raid:%s: not clean"
++ " -- starting background reconstruction\n",
++ mdname(mddev));
++
++ rdev_for_each(rdev, mddev) {
++ long long diff;
++ if (rdev->raid_disk < 0)
++ continue;
++ diff = (rdev->new_data_offset - rdev->data_offset);
++ if (first) {
++ min_offset_diff = diff;
++ first = 0;
++ } else if (mddev->reshape_backwards &&
++ diff < min_offset_diff)
++ min_offset_diff = diff;
++ else if (!mddev->reshape_backwards &&
++ diff > min_offset_diff)
++ min_offset_diff = diff;
++ }
++
++ if (mddev->reshape_position != MaxSector) {
++ /* Check that we can continue the reshape.
++ * Difficulties arise if the stripe we would write to
++ * next is at or after the stripe we would read from next.
++ * For a reshape that changes the number of devices, this
++ * is only possible for a very short time, and mdadm makes
++ * sure that time appears to have past before assembling
++ * the array. So we fail if that time hasn't passed.
++ * For a reshape that keeps the number of devices the same
++ * mdadm must be monitoring the reshape can keeping the
++ * critical areas read-only and backed up. It will start
++ * the array in read-only mode, so we check for that.
++ */
++ sector_t here_new, here_old;
++ int old_disks;
++ int max_degraded = (mddev->level == 6 ? 2 : 1);
++
++ if (mddev->new_level != mddev->level) {
++ printk(KERN_ERR "md/raid:%s: unsupported reshape "
++ "required - aborting.\n",
++ mdname(mddev));
++ return -EINVAL;
++ }
++ old_disks = mddev->raid_disks - mddev->delta_disks;
++ /* reshape_position must be on a new-stripe boundary, and one
++ * further up in new geometry must map after here in old
++ * geometry.
++ */
++ here_new = mddev->reshape_position;
++ if (sector_div(here_new, mddev->new_chunk_sectors *
++ (mddev->raid_disks - max_degraded))) {
++ printk(KERN_ERR "md/raid:%s: reshape_position not "
++ "on a stripe boundary\n", mdname(mddev));
++ return -EINVAL;
++ }
++ reshape_offset = here_new * mddev->new_chunk_sectors;
++ /* here_new is the stripe we will write to */
++ here_old = mddev->reshape_position;
++ sector_div(here_old, mddev->chunk_sectors *
++ (old_disks-max_degraded));
++ /* here_old is the first stripe that we might need to read
++ * from */
++ if (mddev->delta_disks == 0) {
++ if ((here_new * mddev->new_chunk_sectors !=
++ here_old * mddev->chunk_sectors)) {
++ printk(KERN_ERR "md/raid:%s: reshape position is"
++ " confused - aborting\n", mdname(mddev));
++ return -EINVAL;
++ }
++ /* We cannot be sure it is safe to start an in-place
++ * reshape. It is only safe if user-space is monitoring
++ * and taking constant backups.
++ * mdadm always starts a situation like this in
++ * readonly mode so it can take control before
++ * allowing any writes. So just check for that.
++ */
++ if (abs(min_offset_diff) >= mddev->chunk_sectors &&
++ abs(min_offset_diff) >= mddev->new_chunk_sectors)
++ /* not really in-place - so OK */;
++ else if (mddev->ro == 0) {
++ printk(KERN_ERR "md/raid:%s: in-place reshape "
++ "must be started in read-only mode "
++ "- aborting\n",
++ mdname(mddev));
++ return -EINVAL;
++ }
++ } else if (mddev->reshape_backwards
++ ? (here_new * mddev->new_chunk_sectors + min_offset_diff <=
++ here_old * mddev->chunk_sectors)
++ : (here_new * mddev->new_chunk_sectors >=
++ here_old * mddev->chunk_sectors + (-min_offset_diff))) {
++ /* Reading from the same stripe as writing to - bad */
++ printk(KERN_ERR "md/raid:%s: reshape_position too early for "
++ "auto-recovery - aborting.\n",
++ mdname(mddev));
++ return -EINVAL;
++ }
++ printk(KERN_INFO "md/raid:%s: reshape will continue\n",
++ mdname(mddev));
++ /* OK, we should be able to continue; */
++ } else {
++ BUG_ON(mddev->level != mddev->new_level);
++ BUG_ON(mddev->layout != mddev->new_layout);
++ BUG_ON(mddev->chunk_sectors != mddev->new_chunk_sectors);
++ BUG_ON(mddev->delta_disks != 0);
++ }
++
++ if (mddev->private == NULL)
++ conf = setup_conf(mddev);
++ else
++ conf = mddev->private;
++
++ if (IS_ERR(conf))
++ return PTR_ERR(conf);
++
++ conf->min_offset_diff = min_offset_diff;
++ mddev->thread = conf->thread;
++ conf->thread = NULL;
++ mddev->private = conf;
++
++ for (i = 0; i < conf->raid_disks && conf->previous_raid_disks;
++ i++) {
++ rdev = conf->disks[i].rdev;
++ if (!rdev && conf->disks[i].replacement) {
++ /* The replacement is all we have yet */
++ rdev = conf->disks[i].replacement;
++ conf->disks[i].replacement = NULL;
++ clear_bit(Replacement, &rdev->flags);
++ conf->disks[i].rdev = rdev;
++ }
++ if (!rdev)
++ continue;
++ if (conf->disks[i].replacement &&
++ conf->reshape_progress != MaxSector) {
++ /* replacements and reshape simply do not mix. */
++ printk(KERN_ERR "md: cannot handle concurrent "
++ "replacement and reshape.\n");
++ goto abort;
++ }
++ if (test_bit(In_sync, &rdev->flags)) {
++ working_disks++;
++ continue;
++ }
++ /* This disc is not fully in-sync. However if it
++ * just stored parity (beyond the recovery_offset),
++ * when we don't need to be concerned about the
++ * array being dirty.
++ * When reshape goes 'backwards', we never have
++ * partially completed devices, so we only need
++ * to worry about reshape going forwards.
++ */
++ /* Hack because v0.91 doesn't store recovery_offset properly. */
++ if (mddev->major_version == 0 &&
++ mddev->minor_version > 90)
++ rdev->recovery_offset = reshape_offset;
++
++ if (rdev->recovery_offset < reshape_offset) {
++ /* We need to check old and new layout */
++ if (!only_parity(rdev->raid_disk,
++ conf->algorithm,
++ conf->raid_disks,
++ conf->max_degraded))
++ continue;
++ }
++ if (!only_parity(rdev->raid_disk,
++ conf->prev_algo,
++ conf->previous_raid_disks,
++ conf->max_degraded))
++ continue;
++ dirty_parity_disks++;
++ }
++
++ /*
++ * 0 for a fully functional array, 1 or 2 for a degraded array.
++ */
++ mddev->degraded = calc_degraded(conf);
++
++ if (has_failed(conf)) {
++ printk(KERN_ERR "md/raid:%s: not enough operational devices"
++ " (%d/%d failed)\n",
++ mdname(mddev), mddev->degraded, conf->raid_disks);
++ goto abort;
++ }
++
++ /* device size must be a multiple of chunk size */
++ mddev->dev_sectors &= ~(mddev->chunk_sectors - 1);
++ mddev->resync_max_sectors = mddev->dev_sectors;
++
++ if (mddev->degraded > dirty_parity_disks &&
++ mddev->recovery_cp != MaxSector) {
++ if (mddev->ok_start_degraded)
++ printk(KERN_WARNING
++ "md/raid:%s: starting dirty degraded array"
++ " - data corruption possible.\n",
++ mdname(mddev));
++ else {
++ printk(KERN_ERR
++ "md/raid:%s: cannot start dirty degraded array.\n",
++ mdname(mddev));
++ goto abort;
++ }
++ }
++
++ if (mddev->degraded == 0)
++ printk(KERN_INFO "md/raid:%s: raid level %d active with %d out of %d"
++ " devices, algorithm %d\n", mdname(mddev), conf->level,
++ mddev->raid_disks-mddev->degraded, mddev->raid_disks,
++ mddev->new_layout);
++ else
++ printk(KERN_ALERT "md/raid:%s: raid level %d active with %d"
++ " out of %d devices, algorithm %d\n",
++ mdname(mddev), conf->level,
++ mddev->raid_disks - mddev->degraded,
++ mddev->raid_disks, mddev->new_layout);
++
++ print_raid5_conf(conf);
++
++ if (conf->reshape_progress != MaxSector) {
++ conf->reshape_safe = conf->reshape_progress;
++ atomic_set(&conf->reshape_stripes, 0);
++ clear_bit(MD_RECOVERY_SYNC, &mddev->recovery);
++ clear_bit(MD_RECOVERY_CHECK, &mddev->recovery);
++ set_bit(MD_RECOVERY_RESHAPE, &mddev->recovery);
++ set_bit(MD_RECOVERY_RUNNING, &mddev->recovery);
++ mddev->sync_thread = md_register_thread(md_do_sync, mddev,
++ "reshape");
++ }
++
++ /* Ok, everything is just fine now */
++ if (mddev->to_remove == &raid5_attrs_group)
++ mddev->to_remove = NULL;
++ else if (mddev->kobj.sd &&
++ sysfs_create_group(&mddev->kobj, &raid5_attrs_group))
++ printk(KERN_WARNING
++ "raid5: failed to create sysfs attributes for %s\n",
++ mdname(mddev));
++ md_set_array_sectors(mddev, raid5_size(mddev, 0, 0));
++
++ if (mddev->queue) {
++ int chunk_size;
++ bool discard_supported = true;
++ /* read-ahead size must cover two whole stripes, which
++ * is 2 * (datadisks) * chunksize where 'n' is the
++ * number of raid devices
++ */
++ int data_disks = conf->previous_raid_disks - conf->max_degraded;
++ int stripe = data_disks *
++ ((mddev->chunk_sectors << 9) / PAGE_SIZE);
++ if (mddev->queue->backing_dev_info.ra_pages < 2 * stripe)
++ mddev->queue->backing_dev_info.ra_pages = 2 * stripe;
++
++ blk_queue_merge_bvec(mddev->queue, raid5_mergeable_bvec);
++
++ mddev->queue->backing_dev_info.congested_data = mddev;
++ mddev->queue->backing_dev_info.congested_fn = raid5_congested;
++
++ chunk_size = mddev->chunk_sectors << 9;
++ blk_queue_io_min(mddev->queue, chunk_size);
++ blk_queue_io_opt(mddev->queue, chunk_size *
++ (conf->raid_disks - conf->max_degraded));
++ mddev->queue->limits.raid_partial_stripes_expensive = 1;
++ /*
++ * We can only discard a whole stripe. It doesn't make sense to
++ * discard data disk but write parity disk
++ */
++ stripe = stripe * PAGE_SIZE;
++ /* Round up to power of 2, as discard handling
++ * currently assumes that */
++ while ((stripe-1) & stripe)
++ stripe = (stripe | (stripe-1)) + 1;
++ mddev->queue->limits.discard_alignment = stripe;
++ mddev->queue->limits.discard_granularity = stripe;
++ /*
++ * unaligned part of discard request will be ignored, so can't
++ * guarantee discard_zeroes_data
++ */
++ mddev->queue->limits.discard_zeroes_data = 0;
++
++ blk_queue_max_write_same_sectors(mddev->queue, 0);
++
++ rdev_for_each(rdev, mddev) {
++ disk_stack_limits(mddev->gendisk, rdev->bdev,
++ rdev->data_offset << 9);
++ disk_stack_limits(mddev->gendisk, rdev->bdev,
++ rdev->new_data_offset << 9);
++ /*
++ * discard_zeroes_data is required, otherwise data
++ * could be lost. Consider a scenario: discard a stripe
++ * (the stripe could be inconsistent if
++ * discard_zeroes_data is 0); write one disk of the
++ * stripe (the stripe could be inconsistent again
++ * depending on which disks are used to calculate
++ * parity); the disk is broken; The stripe data of this
++ * disk is lost.
++ */
++ if (!blk_queue_discard(bdev_get_queue(rdev->bdev)) ||
++ !bdev_get_queue(rdev->bdev)->
++ limits.discard_zeroes_data)
++ discard_supported = false;
++ /* Unfortunately, discard_zeroes_data is not currently
++ * a guarantee - just a hint. So we only allow DISCARD
++ * if the sysadmin has confirmed that only safe devices
++ * are in use by setting a module parameter.
++ */
++ if (!devices_handle_discard_safely) {
++ if (discard_supported) {
++ pr_info("md/raid456: discard support disabled due to uncertainty.\n");
++ pr_info("Set raid456.devices_handle_discard_safely=Y to override.\n");
++ }
++ discard_supported = false;
++ }
++ }
++
++ if (discard_supported &&
++ mddev->queue->limits.max_discard_sectors >= stripe &&
++ mddev->queue->limits.discard_granularity >= stripe)
++ queue_flag_set_unlocked(QUEUE_FLAG_DISCARD,
++ mddev->queue);
++ else
++ queue_flag_clear_unlocked(QUEUE_FLAG_DISCARD,
++ mddev->queue);
++ }
++
++ return 0;
++abort:
++ md_unregister_thread(&mddev->thread);
++ print_raid5_conf(conf);
++ free_conf(conf);
++ mddev->private = NULL;
++ printk(KERN_ALERT "md/raid:%s: failed to run raid set.\n", mdname(mddev));
++ return -EIO;
++}
++
++static int stop(struct mddev *mddev)
++{
++ struct r5conf *conf = mddev->private;
++
++ md_unregister_thread(&mddev->thread);
++ if (mddev->queue)
++ mddev->queue->backing_dev_info.congested_fn = NULL;
++ free_conf(conf);
++ mddev->private = NULL;
++ mddev->to_remove = &raid5_attrs_group;
++ return 0;
++}
++
++static void status(struct seq_file *seq, struct mddev *mddev)
++{
++ struct r5conf *conf = mddev->private;
++ int i;
++
++ seq_printf(seq, " level %d, %dk chunk, algorithm %d", mddev->level,
++ mddev->chunk_sectors / 2, mddev->layout);
++ seq_printf (seq, " [%d/%d] [", conf->raid_disks, conf->raid_disks - mddev->degraded);
++ for (i = 0; i < conf->raid_disks; i++)
++ seq_printf (seq, "%s",
++ conf->disks[i].rdev &&
++ test_bit(In_sync, &conf->disks[i].rdev->flags) ? "U" : "_");
++ seq_printf (seq, "]");
++}
++
++static void print_raid5_conf (struct r5conf *conf)
++{
++ int i;
++ struct disk_info *tmp;
++
++ printk(KERN_DEBUG "RAID conf printout:\n");
++ if (!conf) {
++ printk("(conf==NULL)\n");
++ return;
++ }
++ printk(KERN_DEBUG " --- level:%d rd:%d wd:%d\n", conf->level,
++ conf->raid_disks,
++ conf->raid_disks - conf->mddev->degraded);
++
++ for (i = 0; i < conf->raid_disks; i++) {
++ char b[BDEVNAME_SIZE];
++ tmp = conf->disks + i;
++ if (tmp->rdev)
++ printk(KERN_DEBUG " disk %d, o:%d, dev:%s\n",
++ i, !test_bit(Faulty, &tmp->rdev->flags),
++ bdevname(tmp->rdev->bdev, b));
++ }
++}
++
++static int raid5_spare_active(struct mddev *mddev)
++{
++ int i;
++ struct r5conf *conf = mddev->private;
++ struct disk_info *tmp;
++ int count = 0;
++ unsigned long flags;
++
++ for (i = 0; i < conf->raid_disks; i++) {
++ tmp = conf->disks + i;
++ if (tmp->replacement
++ && tmp->replacement->recovery_offset == MaxSector
++ && !test_bit(Faulty, &tmp->replacement->flags)
++ && !test_and_set_bit(In_sync, &tmp->replacement->flags)) {
++ /* Replacement has just become active. */
++ if (!tmp->rdev
++ || !test_and_clear_bit(In_sync, &tmp->rdev->flags))
++ count++;
++ if (tmp->rdev) {
++ /* Replaced device not technically faulty,
++ * but we need to be sure it gets removed
++ * and never re-added.
++ */
++ set_bit(Faulty, &tmp->rdev->flags);
++ sysfs_notify_dirent_safe(
++ tmp->rdev->sysfs_state);
++ }
++ sysfs_notify_dirent_safe(tmp->replacement->sysfs_state);
++ } else if (tmp->rdev
++ && tmp->rdev->recovery_offset == MaxSector
++ && !test_bit(Faulty, &tmp->rdev->flags)
++ && !test_and_set_bit(In_sync, &tmp->rdev->flags)) {
++ count++;
++ sysfs_notify_dirent_safe(tmp->rdev->sysfs_state);
++ }
++ }
++ spin_lock_irqsave(&conf->device_lock, flags);
++ mddev->degraded = calc_degraded(conf);
++ spin_unlock_irqrestore(&conf->device_lock, flags);
++ print_raid5_conf(conf);
++ return count;
++}
++
++static int raid5_remove_disk(struct mddev *mddev, struct md_rdev *rdev)
++{
++ struct r5conf *conf = mddev->private;
++ int err = 0;
++ int number = rdev->raid_disk;
++ struct md_rdev **rdevp;
++ struct disk_info *p = conf->disks + number;
++
++ print_raid5_conf(conf);
++ if (rdev == p->rdev)
++ rdevp = &p->rdev;
++ else if (rdev == p->replacement)
++ rdevp = &p->replacement;
++ else
++ return 0;
++
++ if (number >= conf->raid_disks &&
++ conf->reshape_progress == MaxSector)
++ clear_bit(In_sync, &rdev->flags);
++
++ if (test_bit(In_sync, &rdev->flags) ||
++ atomic_read(&rdev->nr_pending)) {
++ err = -EBUSY;
++ goto abort;
++ }
++ /* Only remove non-faulty devices if recovery
++ * isn't possible.
++ */
++ if (!test_bit(Faulty, &rdev->flags) &&
++ mddev->recovery_disabled != conf->recovery_disabled &&
++ !has_failed(conf) &&
++ (!p->replacement || p->replacement == rdev) &&
++ number < conf->raid_disks) {
++ err = -EBUSY;
++ goto abort;
++ }
++ *rdevp = NULL;
++ synchronize_rcu();
++ if (atomic_read(&rdev->nr_pending)) {
++ /* lost the race, try later */
++ err = -EBUSY;
++ *rdevp = rdev;
++ } else if (p->replacement) {
++ /* We must have just cleared 'rdev' */
++ p->rdev = p->replacement;
++ clear_bit(Replacement, &p->replacement->flags);
++ smp_mb(); /* Make sure other CPUs may see both as identical
++ * but will never see neither - if they are careful
++ */
++ p->replacement = NULL;
++ clear_bit(WantReplacement, &rdev->flags);
++ } else
++ /* We might have just removed the Replacement as faulty-
++ * clear the bit just in case
++ */
++ clear_bit(WantReplacement, &rdev->flags);
++abort:
++
++ print_raid5_conf(conf);
++ return err;
++}
++
++static int raid5_add_disk(struct mddev *mddev, struct md_rdev *rdev)
++{
++ struct r5conf *conf = mddev->private;
++ int err = -EEXIST;
++ int disk;
++ struct disk_info *p;
++ int first = 0;
++ int last = conf->raid_disks - 1;
++
++ if (mddev->recovery_disabled == conf->recovery_disabled)
++ return -EBUSY;
++
++ if (rdev->saved_raid_disk < 0 && has_failed(conf))
++ /* no point adding a device */
++ return -EINVAL;
++
++ if (rdev->raid_disk >= 0)
++ first = last = rdev->raid_disk;
++
++ /*
++ * find the disk ... but prefer rdev->saved_raid_disk
++ * if possible.
++ */
++ if (rdev->saved_raid_disk >= 0 &&
++ rdev->saved_raid_disk >= first &&
++ conf->disks[rdev->saved_raid_disk].rdev == NULL)
++ first = rdev->saved_raid_disk;
++
++ for (disk = first; disk <= last; disk++) {
++ p = conf->disks + disk;
++ if (p->rdev == NULL) {
++ clear_bit(In_sync, &rdev->flags);
++ rdev->raid_disk = disk;
++ err = 0;
++ if (rdev->saved_raid_disk != disk)
++ conf->fullsync = 1;
++ rcu_assign_pointer(p->rdev, rdev);
++ goto out;
++ }
++ }
++ for (disk = first; disk <= last; disk++) {
++ p = conf->disks + disk;
++ if (test_bit(WantReplacement, &p->rdev->flags) &&
++ p->replacement == NULL) {
++ clear_bit(In_sync, &rdev->flags);
++ set_bit(Replacement, &rdev->flags);
++ rdev->raid_disk = disk;
++ err = 0;
++ conf->fullsync = 1;
++ rcu_assign_pointer(p->replacement, rdev);
++ break;
++ }
++ }
++out:
++ print_raid5_conf(conf);
++ return err;
++}
++
++static int raid5_resize(struct mddev *mddev, sector_t sectors)
++{
++ /* no resync is happening, and there is enough space
++ * on all devices, so we can resize.
++ * We need to make sure resync covers any new space.
++ * If the array is shrinking we should possibly wait until
++ * any io in the removed space completes, but it hardly seems
++ * worth it.
++ */
++ sector_t newsize;
++ sectors &= ~((sector_t)mddev->chunk_sectors - 1);
++ newsize = raid5_size(mddev, sectors, mddev->raid_disks);
++ if (mddev->external_size &&
++ mddev->array_sectors > newsize)
++ return -EINVAL;
++ if (mddev->bitmap) {
++ int ret = bitmap_resize(mddev->bitmap, sectors, 0, 0);
++ if (ret)
++ return ret;
++ }
++ md_set_array_sectors(mddev, newsize);
++ set_capacity(mddev->gendisk, mddev->array_sectors);
++ revalidate_disk(mddev->gendisk);
++ if (sectors > mddev->dev_sectors &&
++ mddev->recovery_cp > mddev->dev_sectors) {
++ mddev->recovery_cp = mddev->dev_sectors;
++ set_bit(MD_RECOVERY_NEEDED, &mddev->recovery);
++ }
++ mddev->dev_sectors = sectors;
++ mddev->resync_max_sectors = sectors;
++ return 0;
++}
++
++static int check_stripe_cache(struct mddev *mddev)
++{
++ /* Can only proceed if there are plenty of stripe_heads.
++ * We need a minimum of one full stripe,, and for sensible progress
++ * it is best to have about 4 times that.
++ * If we require 4 times, then the default 256 4K stripe_heads will
++ * allow for chunk sizes up to 256K, which is probably OK.
++ * If the chunk size is greater, user-space should request more
++ * stripe_heads first.
++ */
++ struct r5conf *conf = mddev->private;
++ if (((mddev->chunk_sectors << 9) / STRIPE_SIZE) * 4
++ > conf->max_nr_stripes ||
++ ((mddev->new_chunk_sectors << 9) / STRIPE_SIZE) * 4
++ > conf->max_nr_stripes) {
++ printk(KERN_WARNING "md/raid:%s: reshape: not enough stripes. Needed %lu\n",
++ mdname(mddev),
++ ((max(mddev->chunk_sectors, mddev->new_chunk_sectors) << 9)
++ / STRIPE_SIZE)*4);
++ return 0;
++ }
++ return 1;
++}
++
++static int check_reshape(struct mddev *mddev)
++{
++ struct r5conf *conf = mddev->private;
++
++ if (mddev->delta_disks == 0 &&
++ mddev->new_layout == mddev->layout &&
++ mddev->new_chunk_sectors == mddev->chunk_sectors)
++ return 0; /* nothing to do */
++ if (has_failed(conf))
++ return -EINVAL;
++ if (mddev->delta_disks < 0 && mddev->reshape_position == MaxSector) {
++ /* We might be able to shrink, but the devices must
++ * be made bigger first.
++ * For raid6, 4 is the minimum size.
++ * Otherwise 2 is the minimum
++ */
++ int min = 2;
++ if (mddev->level == 6)
++ min = 4;
++ if (mddev->raid_disks + mddev->delta_disks < min)
++ return -EINVAL;
++ }
++
++ if (!check_stripe_cache(mddev))
++ return -ENOSPC;
++
++ return resize_stripes(conf, (conf->previous_raid_disks
++ + mddev->delta_disks));
++}
++
++static int raid5_start_reshape(struct mddev *mddev)
++{
++ struct r5conf *conf = mddev->private;
++ struct md_rdev *rdev;
++ int spares = 0;
++ unsigned long flags;
++
++ if (test_bit(MD_RECOVERY_RUNNING, &mddev->recovery))
++ return -EBUSY;
++
++ if (!check_stripe_cache(mddev))
++ return -ENOSPC;
++
++ if (has_failed(conf))
++ return -EINVAL;
++
++ rdev_for_each(rdev, mddev) {
++ if (!test_bit(In_sync, &rdev->flags)
++ && !test_bit(Faulty, &rdev->flags))
++ spares++;
++ }
++
++ if (spares - mddev->degraded < mddev->delta_disks - conf->max_degraded)
++ /* Not enough devices even to make a degraded array
++ * of that size
++ */
++ return -EINVAL;
++
++ /* Refuse to reduce size of the array. Any reductions in
++ * array size must be through explicit setting of array_size
++ * attribute.
++ */
++ if (raid5_size(mddev, 0, conf->raid_disks + mddev->delta_disks)
++ < mddev->array_sectors) {
++ printk(KERN_ERR "md/raid:%s: array size must be reduced "
++ "before number of disks\n", mdname(mddev));
++ return -EINVAL;
++ }
++
++ atomic_set(&conf->reshape_stripes, 0);
++ spin_lock_irq(&conf->device_lock);
++ write_seqcount_begin(&conf->gen_lock);
++ conf->previous_raid_disks = conf->raid_disks;
++ conf->raid_disks += mddev->delta_disks;
++ conf->prev_chunk_sectors = conf->chunk_sectors;
++ conf->chunk_sectors = mddev->new_chunk_sectors;
++ conf->prev_algo = conf->algorithm;
++ conf->algorithm = mddev->new_layout;
++ conf->generation++;
++ /* Code that selects data_offset needs to see the generation update
++ * if reshape_progress has been set - so a memory barrier needed.
++ */
++ smp_mb();
++ if (mddev->reshape_backwards)
++ conf->reshape_progress = raid5_size(mddev, 0, 0);
++ else
++ conf->reshape_progress = 0;
++ conf->reshape_safe = conf->reshape_progress;
++ write_seqcount_end(&conf->gen_lock);
++ spin_unlock_irq(&conf->device_lock);
++
++ /* Now make sure any requests that proceeded on the assumption
++ * the reshape wasn't running - like Discard or Read - have
++ * completed.
++ */
++ mddev_suspend(mddev);
++ mddev_resume(mddev);
++
++ /* Add some new drives, as many as will fit.
++ * We know there are enough to make the newly sized array work.
++ * Don't add devices if we are reducing the number of
++ * devices in the array. This is because it is not possible
++ * to correctly record the "partially reconstructed" state of
++ * such devices during the reshape and confusion could result.
++ */
++ if (mddev->delta_disks >= 0) {
++ rdev_for_each(rdev, mddev)
++ if (rdev->raid_disk < 0 &&
++ !test_bit(Faulty, &rdev->flags)) {
++ if (raid5_add_disk(mddev, rdev) == 0) {
++ if (rdev->raid_disk
++ >= conf->previous_raid_disks)
++ set_bit(In_sync, &rdev->flags);
++ else
++ rdev->recovery_offset = 0;
++
++ if (sysfs_link_rdev(mddev, rdev))
++ /* Failure here is OK */;
++ }
++ } else if (rdev->raid_disk >= conf->previous_raid_disks
++ && !test_bit(Faulty, &rdev->flags)) {
++ /* This is a spare that was manually added */
++ set_bit(In_sync, &rdev->flags);
++ }
++
++ /* When a reshape changes the number of devices,
++ * ->degraded is measured against the larger of the
++ * pre and post number of devices.
++ */
++ spin_lock_irqsave(&conf->device_lock, flags);
++ mddev->degraded = calc_degraded(conf);
++ spin_unlock_irqrestore(&conf->device_lock, flags);
++ }
++ mddev->raid_disks = conf->raid_disks;
++ mddev->reshape_position = conf->reshape_progress;
++ set_bit(MD_CHANGE_DEVS, &mddev->flags);
++
++ clear_bit(MD_RECOVERY_SYNC, &mddev->recovery);
++ clear_bit(MD_RECOVERY_CHECK, &mddev->recovery);
++ set_bit(MD_RECOVERY_RESHAPE, &mddev->recovery);
++ set_bit(MD_RECOVERY_RUNNING, &mddev->recovery);
++ mddev->sync_thread = md_register_thread(md_do_sync, mddev,
++ "reshape");
++ if (!mddev->sync_thread) {
++ mddev->recovery = 0;
++ spin_lock_irq(&conf->device_lock);
++ write_seqcount_begin(&conf->gen_lock);
++ mddev->raid_disks = conf->raid_disks = conf->previous_raid_disks;
++ mddev->new_chunk_sectors =
++ conf->chunk_sectors = conf->prev_chunk_sectors;
++ mddev->new_layout = conf->algorithm = conf->prev_algo;
++ rdev_for_each(rdev, mddev)
++ rdev->new_data_offset = rdev->data_offset;
++ smp_wmb();
++ conf->generation --;
++ conf->reshape_progress = MaxSector;
++ mddev->reshape_position = MaxSector;
++ write_seqcount_end(&conf->gen_lock);
++ spin_unlock_irq(&conf->device_lock);
++ return -EAGAIN;
++ }
++ conf->reshape_checkpoint = jiffies;
++ md_wakeup_thread(mddev->sync_thread);
++ md_new_event(mddev);
++ return 0;
++}
++
++/* This is called from the reshape thread and should make any
++ * changes needed in 'conf'
++ */
++static void end_reshape(struct r5conf *conf)
++{
++
++ if (!test_bit(MD_RECOVERY_INTR, &conf->mddev->recovery)) {
++ struct md_rdev *rdev;
++
++ spin_lock_irq(&conf->device_lock);
++ conf->previous_raid_disks = conf->raid_disks;
++ rdev_for_each(rdev, conf->mddev)
++ rdev->data_offset = rdev->new_data_offset;
++ smp_wmb();
++ conf->reshape_progress = MaxSector;
++ spin_unlock_irq(&conf->device_lock);
++ wake_up(&conf->wait_for_overlap);
++
++ /* read-ahead size must cover two whole stripes, which is
++ * 2 * (datadisks) * chunksize where 'n' is the number of raid devices
++ */
++ if (conf->mddev->queue) {
++ int data_disks = conf->raid_disks - conf->max_degraded;
++ int stripe = data_disks * ((conf->chunk_sectors << 9)
++ / PAGE_SIZE);
++ if (conf->mddev->queue->backing_dev_info.ra_pages < 2 * stripe)
++ conf->mddev->queue->backing_dev_info.ra_pages = 2 * stripe;
++ }
++ }
++}
++
++/* This is called from the raid5d thread with mddev_lock held.
++ * It makes config changes to the device.
++ */
++static void raid5_finish_reshape(struct mddev *mddev)
++{
++ struct r5conf *conf = mddev->private;
++
++ if (!test_bit(MD_RECOVERY_INTR, &mddev->recovery)) {
++
++ if (mddev->delta_disks > 0) {
++ md_set_array_sectors(mddev, raid5_size(mddev, 0, 0));
++ set_capacity(mddev->gendisk, mddev->array_sectors);
++ revalidate_disk(mddev->gendisk);
++ } else {
++ int d;
++ spin_lock_irq(&conf->device_lock);
++ mddev->degraded = calc_degraded(conf);
++ spin_unlock_irq(&conf->device_lock);
++ for (d = conf->raid_disks ;
++ d < conf->raid_disks - mddev->delta_disks;
++ d++) {
++ struct md_rdev *rdev = conf->disks[d].rdev;
++ if (rdev)
++ clear_bit(In_sync, &rdev->flags);
++ rdev = conf->disks[d].replacement;
++ if (rdev)
++ clear_bit(In_sync, &rdev->flags);
++ }
++ }
++ mddev->layout = conf->algorithm;
++ mddev->chunk_sectors = conf->chunk_sectors;
++ mddev->reshape_position = MaxSector;
++ mddev->delta_disks = 0;
++ mddev->reshape_backwards = 0;
++ }
++}
++
++static void raid5_quiesce(struct mddev *mddev, int state)
++{
++ struct r5conf *conf = mddev->private;
++
++ switch(state) {
++ case 2: /* resume for a suspend */
++ wake_up(&conf->wait_for_overlap);
++ break;
++
++ case 1: /* stop all writes */
++ lock_all_device_hash_locks_irq(conf);
++ /* '2' tells resync/reshape to pause so that all
++ * active stripes can drain
++ */
++ conf->quiesce = 2;
++ wait_event_cmd(conf->wait_for_stripe,
++ atomic_read(&conf->active_stripes) == 0 &&
++ atomic_read(&conf->active_aligned_reads) == 0,
++ unlock_all_device_hash_locks_irq(conf),
++ lock_all_device_hash_locks_irq(conf));
++ conf->quiesce = 1;
++ unlock_all_device_hash_locks_irq(conf);
++ /* allow reshape to continue */
++ wake_up(&conf->wait_for_overlap);
++ break;
++
++ case 0: /* re-enable writes */
++ lock_all_device_hash_locks_irq(conf);
++ conf->quiesce = 0;
++ wake_up(&conf->wait_for_stripe);
++ wake_up(&conf->wait_for_overlap);
++ unlock_all_device_hash_locks_irq(conf);
++ break;
++ }
++}
++
++static void *raid45_takeover_raid0(struct mddev *mddev, int level)
++{
++ struct r0conf *raid0_conf = mddev->private;
++ sector_t sectors;
++
++ /* for raid0 takeover only one zone is supported */
++ if (raid0_conf->nr_strip_zones > 1) {
++ printk(KERN_ERR "md/raid:%s: cannot takeover raid0 with more than one zone.\n",
++ mdname(mddev));
++ return ERR_PTR(-EINVAL);
++ }
++
++ sectors = raid0_conf->strip_zone[0].zone_end;
++ sector_div(sectors, raid0_conf->strip_zone[0].nb_dev);
++ mddev->dev_sectors = sectors;
++ mddev->new_level = level;
++ mddev->new_layout = ALGORITHM_PARITY_N;
++ mddev->new_chunk_sectors = mddev->chunk_sectors;
++ mddev->raid_disks += 1;
++ mddev->delta_disks = 1;
++ /* make sure it will be not marked as dirty */
++ mddev->recovery_cp = MaxSector;
++
++ return setup_conf(mddev);
++}
++
++static void *raid5_takeover_raid1(struct mddev *mddev)
++{
++ int chunksect;
++
++ if (mddev->raid_disks != 2 ||
++ mddev->degraded > 1)
++ return ERR_PTR(-EINVAL);
++
++ /* Should check if there are write-behind devices? */
++
++ chunksect = 64*2; /* 64K by default */
++
++ /* The array must be an exact multiple of chunksize */
++ while (chunksect && (mddev->array_sectors & (chunksect-1)))
++ chunksect >>= 1;
++
++ if ((chunksect<<9) < STRIPE_SIZE)
++ /* array size does not allow a suitable chunk size */
++ return ERR_PTR(-EINVAL);
++
++ mddev->new_level = 5;
++ mddev->new_layout = ALGORITHM_LEFT_SYMMETRIC;
++ mddev->new_chunk_sectors = chunksect;
++
++ return setup_conf(mddev);
++}
++
++static void *raid5_takeover_raid6(struct mddev *mddev)
++{
++ int new_layout;
++
++ switch (mddev->layout) {
++ case ALGORITHM_LEFT_ASYMMETRIC_6:
++ new_layout = ALGORITHM_LEFT_ASYMMETRIC;
++ break;
++ case ALGORITHM_RIGHT_ASYMMETRIC_6:
++ new_layout = ALGORITHM_RIGHT_ASYMMETRIC;
++ break;
++ case ALGORITHM_LEFT_SYMMETRIC_6:
++ new_layout = ALGORITHM_LEFT_SYMMETRIC;
++ break;
++ case ALGORITHM_RIGHT_SYMMETRIC_6:
++ new_layout = ALGORITHM_RIGHT_SYMMETRIC;
++ break;
++ case ALGORITHM_PARITY_0_6:
++ new_layout = ALGORITHM_PARITY_0;
++ break;
++ case ALGORITHM_PARITY_N:
++ new_layout = ALGORITHM_PARITY_N;
++ break;
++ default:
++ return ERR_PTR(-EINVAL);
++ }
++ mddev->new_level = 5;
++ mddev->new_layout = new_layout;
++ mddev->delta_disks = -1;
++ mddev->raid_disks -= 1;
++ return setup_conf(mddev);
++}
++
++static int raid5_check_reshape(struct mddev *mddev)
++{
++ /* For a 2-drive array, the layout and chunk size can be changed
++ * immediately as not restriping is needed.
++ * For larger arrays we record the new value - after validation
++ * to be used by a reshape pass.
++ */
++ struct r5conf *conf = mddev->private;
++ int new_chunk = mddev->new_chunk_sectors;
++
++ if (mddev->new_layout >= 0 && !algorithm_valid_raid5(mddev->new_layout))
++ return -EINVAL;
++ if (new_chunk > 0) {
++ if (!is_power_of_2(new_chunk))
++ return -EINVAL;
++ if (new_chunk < (PAGE_SIZE>>9))
++ return -EINVAL;
++ if (mddev->array_sectors & (new_chunk-1))
++ /* not factor of array size */
++ return -EINVAL;
++ }
++
++ /* They look valid */
++
++ if (mddev->raid_disks == 2) {
++ /* can make the change immediately */
++ if (mddev->new_layout >= 0) {
++ conf->algorithm = mddev->new_layout;
++ mddev->layout = mddev->new_layout;
++ }
++ if (new_chunk > 0) {
++ conf->chunk_sectors = new_chunk ;
++ mddev->chunk_sectors = new_chunk;
++ }
++ set_bit(MD_CHANGE_DEVS, &mddev->flags);
++ md_wakeup_thread(mddev->thread);
++ }
++ return check_reshape(mddev);
++}
++
++static int raid6_check_reshape(struct mddev *mddev)
++{
++ int new_chunk = mddev->new_chunk_sectors;
++
++ if (mddev->new_layout >= 0 && !algorithm_valid_raid6(mddev->new_layout))
++ return -EINVAL;
++ if (new_chunk > 0) {
++ if (!is_power_of_2(new_chunk))
++ return -EINVAL;
++ if (new_chunk < (PAGE_SIZE >> 9))
++ return -EINVAL;
++ if (mddev->array_sectors & (new_chunk-1))
++ /* not factor of array size */
++ return -EINVAL;
++ }
++
++ /* They look valid */
++ return check_reshape(mddev);
++}
++
++static void *raid5_takeover(struct mddev *mddev)
++{
++ /* raid5 can take over:
++ * raid0 - if there is only one strip zone - make it a raid4 layout
++ * raid1 - if there are two drives. We need to know the chunk size
++ * raid4 - trivial - just use a raid4 layout.
++ * raid6 - Providing it is a *_6 layout
++ */
++ if (mddev->level == 0)
++ return raid45_takeover_raid0(mddev, 5);
++ if (mddev->level == 1)
++ return raid5_takeover_raid1(mddev);
++ if (mddev->level == 4) {
++ mddev->new_layout = ALGORITHM_PARITY_N;
++ mddev->new_level = 5;
++ return setup_conf(mddev);
++ }
++ if (mddev->level == 6)
++ return raid5_takeover_raid6(mddev);
++
++ return ERR_PTR(-EINVAL);
++}
++
++static void *raid4_takeover(struct mddev *mddev)
++{
++ /* raid4 can take over:
++ * raid0 - if there is only one strip zone
++ * raid5 - if layout is right
++ */
++ if (mddev->level == 0)
++ return raid45_takeover_raid0(mddev, 4);
++ if (mddev->level == 5 &&
++ mddev->layout == ALGORITHM_PARITY_N) {
++ mddev->new_layout = 0;
++ mddev->new_level = 4;
++ return setup_conf(mddev);
++ }
++ return ERR_PTR(-EINVAL);
++}
++
++static struct md_personality raid5_personality;
++
++static void *raid6_takeover(struct mddev *mddev)
++{
++ /* Currently can only take over a raid5. We map the
++ * personality to an equivalent raid6 personality
++ * with the Q block at the end.
++ */
++ int new_layout;
++
++ if (mddev->pers != &raid5_personality)
++ return ERR_PTR(-EINVAL);
++ if (mddev->degraded > 1)
++ return ERR_PTR(-EINVAL);
++ if (mddev->raid_disks > 253)
++ return ERR_PTR(-EINVAL);
++ if (mddev->raid_disks < 3)
++ return ERR_PTR(-EINVAL);
++
++ switch (mddev->layout) {
++ case ALGORITHM_LEFT_ASYMMETRIC:
++ new_layout = ALGORITHM_LEFT_ASYMMETRIC_6;
++ break;
++ case ALGORITHM_RIGHT_ASYMMETRIC:
++ new_layout = ALGORITHM_RIGHT_ASYMMETRIC_6;
++ break;
++ case ALGORITHM_LEFT_SYMMETRIC:
++ new_layout = ALGORITHM_LEFT_SYMMETRIC_6;
++ break;
++ case ALGORITHM_RIGHT_SYMMETRIC:
++ new_layout = ALGORITHM_RIGHT_SYMMETRIC_6;
++ break;
++ case ALGORITHM_PARITY_0:
++ new_layout = ALGORITHM_PARITY_0_6;
++ break;
++ case ALGORITHM_PARITY_N:
++ new_layout = ALGORITHM_PARITY_N;
++ break;
++ default:
++ return ERR_PTR(-EINVAL);
++ }
++ mddev->new_level = 6;
++ mddev->new_layout = new_layout;
++ mddev->delta_disks = 1;
++ mddev->raid_disks += 1;
++ return setup_conf(mddev);
++}
++
++static struct md_personality raid6_personality =
++{
++ .name = "raid6",
++ .level = 6,
++ .owner = THIS_MODULE,
++ .make_request = make_request,
++ .run = run,
++ .stop = stop,
++ .status = status,
++ .error_handler = error,
++ .hot_add_disk = raid5_add_disk,
++ .hot_remove_disk= raid5_remove_disk,
++ .spare_active = raid5_spare_active,
++ .sync_request = sync_request,
++ .resize = raid5_resize,
++ .size = raid5_size,
++ .check_reshape = raid6_check_reshape,
++ .start_reshape = raid5_start_reshape,
++ .finish_reshape = raid5_finish_reshape,
++ .quiesce = raid5_quiesce,
++ .takeover = raid6_takeover,
++};
++static struct md_personality raid5_personality =
++{
++ .name = "raid5",
++ .level = 5,
++ .owner = THIS_MODULE,
++ .make_request = make_request,
++ .run = run,
++ .stop = stop,
++ .status = status,
++ .error_handler = error,
++ .hot_add_disk = raid5_add_disk,
++ .hot_remove_disk= raid5_remove_disk,
++ .spare_active = raid5_spare_active,
++ .sync_request = sync_request,
++ .resize = raid5_resize,
++ .size = raid5_size,
++ .check_reshape = raid5_check_reshape,
++ .start_reshape = raid5_start_reshape,
++ .finish_reshape = raid5_finish_reshape,
++ .quiesce = raid5_quiesce,
++ .takeover = raid5_takeover,
++};
++
++static struct md_personality raid4_personality =
++{
++ .name = "raid4",
++ .level = 4,
++ .owner = THIS_MODULE,
++ .make_request = make_request,
++ .run = run,
++ .stop = stop,
++ .status = status,
++ .error_handler = error,
++ .hot_add_disk = raid5_add_disk,
++ .hot_remove_disk= raid5_remove_disk,
++ .spare_active = raid5_spare_active,
++ .sync_request = sync_request,
++ .resize = raid5_resize,
++ .size = raid5_size,
++ .check_reshape = raid5_check_reshape,
++ .start_reshape = raid5_start_reshape,
++ .finish_reshape = raid5_finish_reshape,
++ .quiesce = raid5_quiesce,
++ .takeover = raid4_takeover,
++};
++
++static int __init raid5_init(void)
++{
++ raid5_wq = alloc_workqueue("raid5wq",
++ WQ_UNBOUND|WQ_MEM_RECLAIM|WQ_CPU_INTENSIVE|WQ_SYSFS, 0);
++ if (!raid5_wq)
++ return -ENOMEM;
++ register_md_personality(&raid6_personality);
++ register_md_personality(&raid5_personality);
++ register_md_personality(&raid4_personality);
++ return 0;
++}
++
++static void raid5_exit(void)
++{
++ unregister_md_personality(&raid6_personality);
++ unregister_md_personality(&raid5_personality);
++ unregister_md_personality(&raid4_personality);
++ destroy_workqueue(raid5_wq);
++}
++
++module_init(raid5_init);
++module_exit(raid5_exit);
++MODULE_LICENSE("GPL");
++MODULE_DESCRIPTION("RAID4/5/6 (striping with parity) personality for MD");
++MODULE_ALIAS("md-personality-4"); /* RAID5 */
++MODULE_ALIAS("md-raid5");
++MODULE_ALIAS("md-raid4");
++MODULE_ALIAS("md-level-5");
++MODULE_ALIAS("md-level-4");
++MODULE_ALIAS("md-personality-8"); /* RAID6 */
++MODULE_ALIAS("md-raid6");
++MODULE_ALIAS("md-level-6");
++
++/* This used to be two separate modules, they were: */
++MODULE_ALIAS("raid5");
++MODULE_ALIAS("raid6");
+diff -Nur linux-3.18.9.orig/drivers/md/raid5.h linux-3.18.9/drivers/md/raid5.h
+--- linux-3.18.9.orig/drivers/md/raid5.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/md/raid5.h 2015-03-15 16:03:03.724094875 -0500
+@@ -457,6 +457,7 @@
+ int recovery_disabled;
+ /* per cpu variables */
+ struct raid5_percpu {
++ spinlock_t lock; /* Protection for -RT */
+ struct page *spare_page; /* Used when checking P/Q in raid6 */
+ void *scribble; /* space for constructing buffer
+ * lists and performing address
+diff -Nur linux-3.18.9.orig/drivers/misc/hwlat_detector.c linux-3.18.9/drivers/misc/hwlat_detector.c
+--- linux-3.18.9.orig/drivers/misc/hwlat_detector.c 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/drivers/misc/hwlat_detector.c 2015-03-15 16:03:03.724094875 -0500
+@@ -0,0 +1,1240 @@
++/*
++ * hwlat_detector.c - A simple Hardware Latency detector.
++ *
++ * Use this module to detect large system latencies induced by the behavior of
++ * certain underlying system hardware or firmware, independent of Linux itself.
++ * The code was developed originally to detect the presence of SMIs on Intel
++ * and AMD systems, although there is no dependency upon x86 herein.
++ *
++ * The classical example usage of this module is in detecting the presence of
++ * SMIs or System Management Interrupts on Intel and AMD systems. An SMI is a
++ * somewhat special form of hardware interrupt spawned from earlier CPU debug
++ * modes in which the (BIOS/EFI/etc.) firmware arranges for the South Bridge
++ * LPC (or other device) to generate a special interrupt under certain
++ * circumstances, for example, upon expiration of a special SMI timer device,
++ * due to certain external thermal readings, on certain I/O address accesses,
++ * and other situations. An SMI hits a special CPU pin, triggers a special
++ * SMI mode (complete with special memory map), and the OS is unaware.
++ *
++ * Although certain hardware-inducing latencies are necessary (for example,
++ * a modern system often requires an SMI handler for correct thermal control
++ * and remote management) they can wreak havoc upon any OS-level performance
++ * guarantees toward low-latency, especially when the OS is not even made
++ * aware of the presence of these interrupts. For this reason, we need a
++ * somewhat brute force mechanism to detect these interrupts. In this case,
++ * we do it by hogging all of the CPU(s) for configurable timer intervals,
++ * sampling the built-in CPU timer, looking for discontiguous readings.
++ *
++ * WARNING: This implementation necessarily introduces latencies. Therefore,
++ * you should NEVER use this module in a production environment
++ * requiring any kind of low-latency performance guarantee(s).
++ *
++ * Copyright (C) 2008-2009 Jon Masters, Red Hat, Inc. <jcm@redhat.com>
++ *
++ * Includes useful feedback from Clark Williams <clark@redhat.com>
++ *
++ * This file is licensed under the terms of the GNU General Public
++ * License version 2. This program is licensed "as is" without any
++ * warranty of any kind, whether express or implied.
++ */
++
++#include <linux/module.h>
++#include <linux/init.h>
++#include <linux/ring_buffer.h>
++#include <linux/time.h>
++#include <linux/hrtimer.h>
++#include <linux/kthread.h>
++#include <linux/debugfs.h>
++#include <linux/seq_file.h>
++#include <linux/uaccess.h>
++#include <linux/version.h>
++#include <linux/delay.h>
++#include <linux/slab.h>
++#include <linux/trace_clock.h>
++
++#define BUF_SIZE_DEFAULT 262144UL /* 8K*(sizeof(entry)) */
++#define BUF_FLAGS (RB_FL_OVERWRITE) /* no block on full */
++#define U64STR_SIZE 22 /* 20 digits max */
++
++#define VERSION "1.0.0"
++#define BANNER "hwlat_detector: "
++#define DRVNAME "hwlat_detector"
++#define DEFAULT_SAMPLE_WINDOW 1000000 /* 1s */
++#define DEFAULT_SAMPLE_WIDTH 500000 /* 0.5s */
++#define DEFAULT_LAT_THRESHOLD 10 /* 10us */
++
++/* Module metadata */
++
++MODULE_LICENSE("GPL");
++MODULE_AUTHOR("Jon Masters <jcm@redhat.com>");
++MODULE_DESCRIPTION("A simple hardware latency detector");
++MODULE_VERSION(VERSION);
++
++/* Module parameters */
++
++static int debug;
++static int enabled;
++static int threshold;
++
++module_param(debug, int, 0); /* enable debug */
++module_param(enabled, int, 0); /* enable detector */
++module_param(threshold, int, 0); /* latency threshold */
++
++/* Buffering and sampling */
++
++static struct ring_buffer *ring_buffer; /* sample buffer */
++static DEFINE_MUTEX(ring_buffer_mutex); /* lock changes */
++static unsigned long buf_size = BUF_SIZE_DEFAULT;
++static struct task_struct *kthread; /* sampling thread */
++
++/* DebugFS filesystem entries */
++
++static struct dentry *debug_dir; /* debugfs directory */
++static struct dentry *debug_max; /* maximum TSC delta */
++static struct dentry *debug_count; /* total detect count */
++static struct dentry *debug_sample_width; /* sample width us */
++static struct dentry *debug_sample_window; /* sample window us */
++static struct dentry *debug_sample; /* raw samples us */
++static struct dentry *debug_threshold; /* threshold us */
++static struct dentry *debug_enable; /* enable/disable */
++
++/* Individual samples and global state */
++
++struct sample; /* latency sample */
++struct data; /* Global state */
++
++/* Sampling functions */
++static int __buffer_add_sample(struct sample *sample);
++static struct sample *buffer_get_sample(struct sample *sample);
++
++/* Threading and state */
++static int kthread_fn(void *unused);
++static int start_kthread(void);
++static int stop_kthread(void);
++static void __reset_stats(void);
++static int init_stats(void);
++
++/* Debugfs interface */
++static ssize_t simple_data_read(struct file *filp, char __user *ubuf,
++ size_t cnt, loff_t *ppos, const u64 *entry);
++static ssize_t simple_data_write(struct file *filp, const char __user *ubuf,
++ size_t cnt, loff_t *ppos, u64 *entry);
++static int debug_sample_fopen(struct inode *inode, struct file *filp);
++static ssize_t debug_sample_fread(struct file *filp, char __user *ubuf,
++ size_t cnt, loff_t *ppos);
++static int debug_sample_release(struct inode *inode, struct file *filp);
++static int debug_enable_fopen(struct inode *inode, struct file *filp);
++static ssize_t debug_enable_fread(struct file *filp, char __user *ubuf,
++ size_t cnt, loff_t *ppos);
++static ssize_t debug_enable_fwrite(struct file *file,
++ const char __user *user_buffer,
++ size_t user_size, loff_t *offset);
++
++/* Initialization functions */
++static int init_debugfs(void);
++static void free_debugfs(void);
++static int detector_init(void);
++static void detector_exit(void);
++
++/* Individual latency samples are stored here when detected and packed into
++ * the ring_buffer circular buffer, where they are overwritten when
++ * more than buf_size/sizeof(sample) samples are received. */
++struct sample {
++ u64 seqnum; /* unique sequence */
++ u64 duration; /* ktime delta */
++ u64 outer_duration; /* ktime delta (outer loop) */
++ struct timespec timestamp; /* wall time */
++ unsigned long lost;
++};
++
++/* keep the global state somewhere. */
++static struct data {
++
++ struct mutex lock; /* protect changes */
++
++ u64 count; /* total since reset */
++ u64 max_sample; /* max hardware latency */
++ u64 threshold; /* sample threshold level */
++
++ u64 sample_window; /* total sampling window (on+off) */
++ u64 sample_width; /* active sampling portion of window */
++
++ atomic_t sample_open; /* whether the sample file is open */
++
++ wait_queue_head_t wq; /* waitqeue for new sample values */
++
++} data;
++
++/**
++ * __buffer_add_sample - add a new latency sample recording to the ring buffer
++ * @sample: The new latency sample value
++ *
++ * This receives a new latency sample and records it in a global ring buffer.
++ * No additional locking is used in this case.
++ */
++static int __buffer_add_sample(struct sample *sample)
++{
++ return ring_buffer_write(ring_buffer,
++ sizeof(struct sample), sample);
++}
++
++/**
++ * buffer_get_sample - remove a hardware latency sample from the ring buffer
++ * @sample: Pre-allocated storage for the sample
++ *
++ * This retrieves a hardware latency sample from the global circular buffer
++ */
++static struct sample *buffer_get_sample(struct sample *sample)
++{
++ struct ring_buffer_event *e = NULL;
++ struct sample *s = NULL;
++ unsigned int cpu = 0;
++
++ if (!sample)
++ return NULL;
++
++ mutex_lock(&ring_buffer_mutex);
++ for_each_online_cpu(cpu) {
++ e = ring_buffer_consume(ring_buffer, cpu, NULL, &sample->lost);
++ if (e)
++ break;
++ }
++
++ if (e) {
++ s = ring_buffer_event_data(e);
++ memcpy(sample, s, sizeof(struct sample));
++ } else
++ sample = NULL;
++ mutex_unlock(&ring_buffer_mutex);
++
++ return sample;
++}
++
++#ifndef CONFIG_TRACING
++#define time_type ktime_t
++#define time_get() ktime_get()
++#define time_to_us(x) ktime_to_us(x)
++#define time_sub(a, b) ktime_sub(a, b)
++#define init_time(a, b) (a).tv64 = b
++#define time_u64(a) ((a).tv64)
++#else
++#define time_type u64
++#define time_get() trace_clock_local()
++#define time_to_us(x) div_u64(x, 1000)
++#define time_sub(a, b) ((a) - (b))
++#define init_time(a, b) (a = b)
++#define time_u64(a) a
++#endif
++/**
++ * get_sample - sample the CPU TSC and look for likely hardware latencies
++ *
++ * Used to repeatedly capture the CPU TSC (or similar), looking for potential
++ * hardware-induced latency. Called with interrupts disabled and with
++ * data.lock held.
++ */
++static int get_sample(void)
++{
++ time_type start, t1, t2, last_t2;
++ s64 diff, total = 0;
++ u64 sample = 0;
++ u64 outer_sample = 0;
++ int ret = -1;
++
++ init_time(last_t2, 0);
++ start = time_get(); /* start timestamp */
++
++ do {
++
++ t1 = time_get(); /* we'll look for a discontinuity */
++ t2 = time_get();
++
++ if (time_u64(last_t2)) {
++ /* Check the delta from outer loop (t2 to next t1) */
++ diff = time_to_us(time_sub(t1, last_t2));
++ /* This shouldn't happen */
++ if (diff < 0) {
++ pr_err(BANNER "time running backwards\n");
++ goto out;
++ }
++ if (diff > outer_sample)
++ outer_sample = diff;
++ }
++ last_t2 = t2;
++
++ total = time_to_us(time_sub(t2, start)); /* sample width */
++
++ /* This checks the inner loop (t1 to t2) */
++ diff = time_to_us(time_sub(t2, t1)); /* current diff */
++
++ /* This shouldn't happen */
++ if (diff < 0) {
++ pr_err(BANNER "time running backwards\n");
++ goto out;
++ }
++
++ if (diff > sample)
++ sample = diff; /* only want highest value */
++
++ } while (total <= data.sample_width);
++
++ ret = 0;
++
++ /* If we exceed the threshold value, we have found a hardware latency */
++ if (sample > data.threshold || outer_sample > data.threshold) {
++ struct sample s;
++
++ ret = 1;
++
++ data.count++;
++ s.seqnum = data.count;
++ s.duration = sample;
++ s.outer_duration = outer_sample;
++ s.timestamp = CURRENT_TIME;
++ __buffer_add_sample(&s);
++
++ /* Keep a running maximum ever recorded hardware latency */
++ if (sample > data.max_sample)
++ data.max_sample = sample;
++ }
++
++out:
++ return ret;
++}
++
++/*
++ * kthread_fn - The CPU time sampling/hardware latency detection kernel thread
++ * @unused: A required part of the kthread API.
++ *
++ * Used to periodically sample the CPU TSC via a call to get_sample. We
++ * disable interrupts, which does (intentionally) introduce latency since we
++ * need to ensure nothing else might be running (and thus pre-empting).
++ * Obviously this should never be used in production environments.
++ *
++ * Currently this runs on which ever CPU it was scheduled on, but most
++ * real-worald hardware latency situations occur across several CPUs,
++ * but we might later generalize this if we find there are any actualy
++ * systems with alternate SMI delivery or other hardware latencies.
++ */
++static int kthread_fn(void *unused)
++{
++ int ret;
++ u64 interval;
++
++ while (!kthread_should_stop()) {
++
++ mutex_lock(&data.lock);
++
++ local_irq_disable();
++ ret = get_sample();
++ local_irq_enable();
++
++ if (ret > 0)
++ wake_up(&data.wq); /* wake up reader(s) */
++
++ interval = data.sample_window - data.sample_width;
++ do_div(interval, USEC_PER_MSEC); /* modifies interval value */
++
++ mutex_unlock(&data.lock);
++
++ if (msleep_interruptible(interval))
++ break;
++ }
++
++ return 0;
++}
++
++/**
++ * start_kthread - Kick off the hardware latency sampling/detector kthread
++ *
++ * This starts a kernel thread that will sit and sample the CPU timestamp
++ * counter (TSC or similar) and look for potential hardware latencies.
++ */
++static int start_kthread(void)
++{
++ kthread = kthread_run(kthread_fn, NULL,
++ DRVNAME);
++ if (IS_ERR(kthread)) {
++ pr_err(BANNER "could not start sampling thread\n");
++ enabled = 0;
++ return -ENOMEM;
++ }
++
++ return 0;
++}
++
++/**
++ * stop_kthread - Inform the hardware latency samping/detector kthread to stop
++ *
++ * This kicks the running hardware latency sampling/detector kernel thread and
++ * tells it to stop sampling now. Use this on unload and at system shutdown.
++ */
++static int stop_kthread(void)
++{
++ int ret;
++
++ ret = kthread_stop(kthread);
++
++ return ret;
++}
++
++/**
++ * __reset_stats - Reset statistics for the hardware latency detector
++ *
++ * We use data to store various statistics and global state. We call this
++ * function in order to reset those when "enable" is toggled on or off, and
++ * also at initialization. Should be called with data.lock held.
++ */
++static void __reset_stats(void)
++{
++ data.count = 0;
++ data.max_sample = 0;
++ ring_buffer_reset(ring_buffer); /* flush out old sample entries */
++}
++
++/**
++ * init_stats - Setup global state statistics for the hardware latency detector
++ *
++ * We use data to store various statistics and global state. We also use
++ * a global ring buffer (ring_buffer) to keep raw samples of detected hardware
++ * induced system latencies. This function initializes these structures and
++ * allocates the global ring buffer also.
++ */
++static int init_stats(void)
++{
++ int ret = -ENOMEM;
++
++ mutex_init(&data.lock);
++ init_waitqueue_head(&data.wq);
++ atomic_set(&data.sample_open, 0);
++
++ ring_buffer = ring_buffer_alloc(buf_size, BUF_FLAGS);
++
++ if (WARN(!ring_buffer, KERN_ERR BANNER
++ "failed to allocate ring buffer!\n"))
++ goto out;
++
++ __reset_stats();
++ data.threshold = threshold ?: DEFAULT_LAT_THRESHOLD; /* threshold us */
++ data.sample_window = DEFAULT_SAMPLE_WINDOW; /* window us */
++ data.sample_width = DEFAULT_SAMPLE_WIDTH; /* width us */
++
++ ret = 0;
++
++out:
++ return ret;
++
++}
++
++/*
++ * simple_data_read - Wrapper read function for global state debugfs entries
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The userspace provided buffer to read value into
++ * @cnt: The maximum number of bytes to read
++ * @ppos: The current "file" position
++ * @entry: The entry to read from
++ *
++ * This function provides a generic read implementation for the global state
++ * "data" structure debugfs filesystem entries. It would be nice to use
++ * simple_attr_read directly, but we need to make sure that the data.lock
++ * is held during the actual read.
++ */
++static ssize_t simple_data_read(struct file *filp, char __user *ubuf,
++ size_t cnt, loff_t *ppos, const u64 *entry)
++{
++ char buf[U64STR_SIZE];
++ u64 val = 0;
++ int len = 0;
++
++ memset(buf, 0, sizeof(buf));
++
++ if (!entry)
++ return -EFAULT;
++
++ mutex_lock(&data.lock);
++ val = *entry;
++ mutex_unlock(&data.lock);
++
++ len = snprintf(buf, sizeof(buf), "%llu\n", (unsigned long long)val);
++
++ return simple_read_from_buffer(ubuf, cnt, ppos, buf, len);
++
++}
++
++/*
++ * simple_data_write - Wrapper write function for global state debugfs entries
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The userspace provided buffer to write value from
++ * @cnt: The maximum number of bytes to write
++ * @ppos: The current "file" position
++ * @entry: The entry to write to
++ *
++ * This function provides a generic write implementation for the global state
++ * "data" structure debugfs filesystem entries. It would be nice to use
++ * simple_attr_write directly, but we need to make sure that the data.lock
++ * is held during the actual write.
++ */
++static ssize_t simple_data_write(struct file *filp, const char __user *ubuf,
++ size_t cnt, loff_t *ppos, u64 *entry)
++{
++ char buf[U64STR_SIZE];
++ int csize = min(cnt, sizeof(buf));
++ u64 val = 0;
++ int err = 0;
++
++ memset(buf, '\0', sizeof(buf));
++ if (copy_from_user(buf, ubuf, csize))
++ return -EFAULT;
++
++ buf[U64STR_SIZE-1] = '\0'; /* just in case */
++ err = kstrtoull(buf, 10, &val);
++ if (err)
++ return -EINVAL;
++
++ mutex_lock(&data.lock);
++ *entry = val;
++ mutex_unlock(&data.lock);
++
++ return csize;
++}
++
++/**
++ * debug_count_fopen - Open function for "count" debugfs entry
++ * @inode: The in-kernel inode representation of the debugfs "file"
++ * @filp: The active open file structure for the debugfs "file"
++ *
++ * This function provides an open implementation for the "count" debugfs
++ * interface to the hardware latency detector.
++ */
++static int debug_count_fopen(struct inode *inode, struct file *filp)
++{
++ return 0;
++}
++
++/**
++ * debug_count_fread - Read function for "count" debugfs entry
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The userspace provided buffer to read value into
++ * @cnt: The maximum number of bytes to read
++ * @ppos: The current "file" position
++ *
++ * This function provides a read implementation for the "count" debugfs
++ * interface to the hardware latency detector. Can be used to read the
++ * number of latency readings exceeding the configured threshold since
++ * the detector was last reset (e.g. by writing a zero into "count").
++ */
++static ssize_t debug_count_fread(struct file *filp, char __user *ubuf,
++ size_t cnt, loff_t *ppos)
++{
++ return simple_data_read(filp, ubuf, cnt, ppos, &data.count);
++}
++
++/**
++ * debug_count_fwrite - Write function for "count" debugfs entry
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The user buffer that contains the value to write
++ * @cnt: The maximum number of bytes to write to "file"
++ * @ppos: The current position in the debugfs "file"
++ *
++ * This function provides a write implementation for the "count" debugfs
++ * interface to the hardware latency detector. Can be used to write a
++ * desired value, especially to zero the total count.
++ */
++static ssize_t debug_count_fwrite(struct file *filp,
++ const char __user *ubuf,
++ size_t cnt,
++ loff_t *ppos)
++{
++ return simple_data_write(filp, ubuf, cnt, ppos, &data.count);
++}
++
++/**
++ * debug_enable_fopen - Dummy open function for "enable" debugfs interface
++ * @inode: The in-kernel inode representation of the debugfs "file"
++ * @filp: The active open file structure for the debugfs "file"
++ *
++ * This function provides an open implementation for the "enable" debugfs
++ * interface to the hardware latency detector.
++ */
++static int debug_enable_fopen(struct inode *inode, struct file *filp)
++{
++ return 0;
++}
++
++/**
++ * debug_enable_fread - Read function for "enable" debugfs interface
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The userspace provided buffer to read value into
++ * @cnt: The maximum number of bytes to read
++ * @ppos: The current "file" position
++ *
++ * This function provides a read implementation for the "enable" debugfs
++ * interface to the hardware latency detector. Can be used to determine
++ * whether the detector is currently enabled ("0\n" or "1\n" returned).
++ */
++static ssize_t debug_enable_fread(struct file *filp, char __user *ubuf,
++ size_t cnt, loff_t *ppos)
++{
++ char buf[4];
++
++ if ((cnt < sizeof(buf)) || (*ppos))
++ return 0;
++
++ buf[0] = enabled ? '1' : '0';
++ buf[1] = '\n';
++ buf[2] = '\0';
++ if (copy_to_user(ubuf, buf, strlen(buf)))
++ return -EFAULT;
++ return *ppos = strlen(buf);
++}
++
++/**
++ * debug_enable_fwrite - Write function for "enable" debugfs interface
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The user buffer that contains the value to write
++ * @cnt: The maximum number of bytes to write to "file"
++ * @ppos: The current position in the debugfs "file"
++ *
++ * This function provides a write implementation for the "enable" debugfs
++ * interface to the hardware latency detector. Can be used to enable or
++ * disable the detector, which will have the side-effect of possibly
++ * also resetting the global stats and kicking off the measuring
++ * kthread (on an enable) or the converse (upon a disable).
++ */
++static ssize_t debug_enable_fwrite(struct file *filp,
++ const char __user *ubuf,
++ size_t cnt,
++ loff_t *ppos)
++{
++ char buf[4];
++ int csize = min(cnt, sizeof(buf));
++ long val = 0;
++ int err = 0;
++
++ memset(buf, '\0', sizeof(buf));
++ if (copy_from_user(buf, ubuf, csize))
++ return -EFAULT;
++
++ buf[sizeof(buf)-1] = '\0'; /* just in case */
++ err = kstrtoul(buf, 10, &val);
++ if (0 != err)
++ return -EINVAL;
++
++ if (val) {
++ if (enabled)
++ goto unlock;
++ enabled = 1;
++ __reset_stats();
++ if (start_kthread())
++ return -EFAULT;
++ } else {
++ if (!enabled)
++ goto unlock;
++ enabled = 0;
++ err = stop_kthread();
++ if (err) {
++ pr_err(BANNER "cannot stop kthread\n");
++ return -EFAULT;
++ }
++ wake_up(&data.wq); /* reader(s) should return */
++ }
++unlock:
++ return csize;
++}
++
++/**
++ * debug_max_fopen - Open function for "max" debugfs entry
++ * @inode: The in-kernel inode representation of the debugfs "file"
++ * @filp: The active open file structure for the debugfs "file"
++ *
++ * This function provides an open implementation for the "max" debugfs
++ * interface to the hardware latency detector.
++ */
++static int debug_max_fopen(struct inode *inode, struct file *filp)
++{
++ return 0;
++}
++
++/**
++ * debug_max_fread - Read function for "max" debugfs entry
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The userspace provided buffer to read value into
++ * @cnt: The maximum number of bytes to read
++ * @ppos: The current "file" position
++ *
++ * This function provides a read implementation for the "max" debugfs
++ * interface to the hardware latency detector. Can be used to determine
++ * the maximum latency value observed since it was last reset.
++ */
++static ssize_t debug_max_fread(struct file *filp, char __user *ubuf,
++ size_t cnt, loff_t *ppos)
++{
++ return simple_data_read(filp, ubuf, cnt, ppos, &data.max_sample);
++}
++
++/**
++ * debug_max_fwrite - Write function for "max" debugfs entry
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The user buffer that contains the value to write
++ * @cnt: The maximum number of bytes to write to "file"
++ * @ppos: The current position in the debugfs "file"
++ *
++ * This function provides a write implementation for the "max" debugfs
++ * interface to the hardware latency detector. Can be used to reset the
++ * maximum or set it to some other desired value - if, then, subsequent
++ * measurements exceed this value, the maximum will be updated.
++ */
++static ssize_t debug_max_fwrite(struct file *filp,
++ const char __user *ubuf,
++ size_t cnt,
++ loff_t *ppos)
++{
++ return simple_data_write(filp, ubuf, cnt, ppos, &data.max_sample);
++}
++
++
++/**
++ * debug_sample_fopen - An open function for "sample" debugfs interface
++ * @inode: The in-kernel inode representation of this debugfs "file"
++ * @filp: The active open file structure for the debugfs "file"
++ *
++ * This function handles opening the "sample" file within the hardware
++ * latency detector debugfs directory interface. This file is used to read
++ * raw samples from the global ring_buffer and allows the user to see a
++ * running latency history. Can be opened blocking or non-blocking,
++ * affecting whether it behaves as a buffer read pipe, or does not.
++ * Implements simple locking to prevent multiple simultaneous use.
++ */
++static int debug_sample_fopen(struct inode *inode, struct file *filp)
++{
++ if (!atomic_add_unless(&data.sample_open, 1, 1))
++ return -EBUSY;
++ else
++ return 0;
++}
++
++/**
++ * debug_sample_fread - A read function for "sample" debugfs interface
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The user buffer that will contain the samples read
++ * @cnt: The maximum bytes to read from the debugfs "file"
++ * @ppos: The current position in the debugfs "file"
++ *
++ * This function handles reading from the "sample" file within the hardware
++ * latency detector debugfs directory interface. This file is used to read
++ * raw samples from the global ring_buffer and allows the user to see a
++ * running latency history. By default this will block pending a new
++ * value written into the sample buffer, unless there are already a
++ * number of value(s) waiting in the buffer, or the sample file was
++ * previously opened in a non-blocking mode of operation.
++ */
++static ssize_t debug_sample_fread(struct file *filp, char __user *ubuf,
++ size_t cnt, loff_t *ppos)
++{
++ int len = 0;
++ char buf[64];
++ struct sample *sample = NULL;
++
++ if (!enabled)
++ return 0;
++
++ sample = kzalloc(sizeof(struct sample), GFP_KERNEL);
++ if (!sample)
++ return -ENOMEM;
++
++ while (!buffer_get_sample(sample)) {
++
++ DEFINE_WAIT(wait);
++
++ if (filp->f_flags & O_NONBLOCK) {
++ len = -EAGAIN;
++ goto out;
++ }
++
++ prepare_to_wait(&data.wq, &wait, TASK_INTERRUPTIBLE);
++ schedule();
++ finish_wait(&data.wq, &wait);
++
++ if (signal_pending(current)) {
++ len = -EINTR;
++ goto out;
++ }
++
++ if (!enabled) { /* enable was toggled */
++ len = 0;
++ goto out;
++ }
++ }
++
++ len = snprintf(buf, sizeof(buf), "%010lu.%010lu\t%llu\t%llu\n",
++ sample->timestamp.tv_sec,
++ sample->timestamp.tv_nsec,
++ sample->duration,
++ sample->outer_duration);
++
++
++ /* handling partial reads is more trouble than it's worth */
++ if (len > cnt)
++ goto out;
++
++ if (copy_to_user(ubuf, buf, len))
++ len = -EFAULT;
++
++out:
++ kfree(sample);
++ return len;
++}
++
++/**
++ * debug_sample_release - Release function for "sample" debugfs interface
++ * @inode: The in-kernel inode represenation of the debugfs "file"
++ * @filp: The active open file structure for the debugfs "file"
++ *
++ * This function completes the close of the debugfs interface "sample" file.
++ * Frees the sample_open "lock" so that other users may open the interface.
++ */
++static int debug_sample_release(struct inode *inode, struct file *filp)
++{
++ atomic_dec(&data.sample_open);
++
++ return 0;
++}
++
++/**
++ * debug_threshold_fopen - Open function for "threshold" debugfs entry
++ * @inode: The in-kernel inode representation of the debugfs "file"
++ * @filp: The active open file structure for the debugfs "file"
++ *
++ * This function provides an open implementation for the "threshold" debugfs
++ * interface to the hardware latency detector.
++ */
++static int debug_threshold_fopen(struct inode *inode, struct file *filp)
++{
++ return 0;
++}
++
++/**
++ * debug_threshold_fread - Read function for "threshold" debugfs entry
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The userspace provided buffer to read value into
++ * @cnt: The maximum number of bytes to read
++ * @ppos: The current "file" position
++ *
++ * This function provides a read implementation for the "threshold" debugfs
++ * interface to the hardware latency detector. It can be used to determine
++ * the current threshold level at which a latency will be recorded in the
++ * global ring buffer, typically on the order of 10us.
++ */
++static ssize_t debug_threshold_fread(struct file *filp, char __user *ubuf,
++ size_t cnt, loff_t *ppos)
++{
++ return simple_data_read(filp, ubuf, cnt, ppos, &data.threshold);
++}
++
++/**
++ * debug_threshold_fwrite - Write function for "threshold" debugfs entry
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The user buffer that contains the value to write
++ * @cnt: The maximum number of bytes to write to "file"
++ * @ppos: The current position in the debugfs "file"
++ *
++ * This function provides a write implementation for the "threshold" debugfs
++ * interface to the hardware latency detector. It can be used to configure
++ * the threshold level at which any subsequently detected latencies will
++ * be recorded into the global ring buffer.
++ */
++static ssize_t debug_threshold_fwrite(struct file *filp,
++ const char __user *ubuf,
++ size_t cnt,
++ loff_t *ppos)
++{
++ int ret;
++
++ ret = simple_data_write(filp, ubuf, cnt, ppos, &data.threshold);
++
++ if (enabled)
++ wake_up_process(kthread);
++
++ return ret;
++}
++
++/**
++ * debug_width_fopen - Open function for "width" debugfs entry
++ * @inode: The in-kernel inode representation of the debugfs "file"
++ * @filp: The active open file structure for the debugfs "file"
++ *
++ * This function provides an open implementation for the "width" debugfs
++ * interface to the hardware latency detector.
++ */
++static int debug_width_fopen(struct inode *inode, struct file *filp)
++{
++ return 0;
++}
++
++/**
++ * debug_width_fread - Read function for "width" debugfs entry
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The userspace provided buffer to read value into
++ * @cnt: The maximum number of bytes to read
++ * @ppos: The current "file" position
++ *
++ * This function provides a read implementation for the "width" debugfs
++ * interface to the hardware latency detector. It can be used to determine
++ * for how many us of the total window us we will actively sample for any
++ * hardware-induced latecy periods. Obviously, it is not possible to
++ * sample constantly and have the system respond to a sample reader, or,
++ * worse, without having the system appear to have gone out to lunch.
++ */
++static ssize_t debug_width_fread(struct file *filp, char __user *ubuf,
++ size_t cnt, loff_t *ppos)
++{
++ return simple_data_read(filp, ubuf, cnt, ppos, &data.sample_width);
++}
++
++/**
++ * debug_width_fwrite - Write function for "width" debugfs entry
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The user buffer that contains the value to write
++ * @cnt: The maximum number of bytes to write to "file"
++ * @ppos: The current position in the debugfs "file"
++ *
++ * This function provides a write implementation for the "width" debugfs
++ * interface to the hardware latency detector. It can be used to configure
++ * for how many us of the total window us we will actively sample for any
++ * hardware-induced latency periods. Obviously, it is not possible to
++ * sample constantly and have the system respond to a sample reader, or,
++ * worse, without having the system appear to have gone out to lunch. It
++ * is enforced that width is less that the total window size.
++ */
++static ssize_t debug_width_fwrite(struct file *filp,
++ const char __user *ubuf,
++ size_t cnt,
++ loff_t *ppos)
++{
++ char buf[U64STR_SIZE];
++ int csize = min(cnt, sizeof(buf));
++ u64 val = 0;
++ int err = 0;
++
++ memset(buf, '\0', sizeof(buf));
++ if (copy_from_user(buf, ubuf, csize))
++ return -EFAULT;
++
++ buf[U64STR_SIZE-1] = '\0'; /* just in case */
++ err = kstrtoull(buf, 10, &val);
++ if (0 != err)
++ return -EINVAL;
++
++ mutex_lock(&data.lock);
++ if (val < data.sample_window)
++ data.sample_width = val;
++ else {
++ mutex_unlock(&data.lock);
++ return -EINVAL;
++ }
++ mutex_unlock(&data.lock);
++
++ if (enabled)
++ wake_up_process(kthread);
++
++ return csize;
++}
++
++/**
++ * debug_window_fopen - Open function for "window" debugfs entry
++ * @inode: The in-kernel inode representation of the debugfs "file"
++ * @filp: The active open file structure for the debugfs "file"
++ *
++ * This function provides an open implementation for the "window" debugfs
++ * interface to the hardware latency detector. The window is the total time
++ * in us that will be considered one sample period. Conceptually, windows
++ * occur back-to-back and contain a sample width period during which
++ * actual sampling occurs.
++ */
++static int debug_window_fopen(struct inode *inode, struct file *filp)
++{
++ return 0;
++}
++
++/**
++ * debug_window_fread - Read function for "window" debugfs entry
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The userspace provided buffer to read value into
++ * @cnt: The maximum number of bytes to read
++ * @ppos: The current "file" position
++ *
++ * This function provides a read implementation for the "window" debugfs
++ * interface to the hardware latency detector. The window is the total time
++ * in us that will be considered one sample period. Conceptually, windows
++ * occur back-to-back and contain a sample width period during which
++ * actual sampling occurs. Can be used to read the total window size.
++ */
++static ssize_t debug_window_fread(struct file *filp, char __user *ubuf,
++ size_t cnt, loff_t *ppos)
++{
++ return simple_data_read(filp, ubuf, cnt, ppos, &data.sample_window);
++}
++
++/**
++ * debug_window_fwrite - Write function for "window" debugfs entry
++ * @filp: The active open file structure for the debugfs "file"
++ * @ubuf: The user buffer that contains the value to write
++ * @cnt: The maximum number of bytes to write to "file"
++ * @ppos: The current position in the debugfs "file"
++ *
++ * This function provides a write implementation for the "window" debufds
++ * interface to the hardware latency detetector. The window is the total time
++ * in us that will be considered one sample period. Conceptually, windows
++ * occur back-to-back and contain a sample width period during which
++ * actual sampling occurs. Can be used to write a new total window size. It
++ * is enfoced that any value written must be greater than the sample width
++ * size, or an error results.
++ */
++static ssize_t debug_window_fwrite(struct file *filp,
++ const char __user *ubuf,
++ size_t cnt,
++ loff_t *ppos)
++{
++ char buf[U64STR_SIZE];
++ int csize = min(cnt, sizeof(buf));
++ u64 val = 0;
++ int err = 0;
++
++ memset(buf, '\0', sizeof(buf));
++ if (copy_from_user(buf, ubuf, csize))
++ return -EFAULT;
++
++ buf[U64STR_SIZE-1] = '\0'; /* just in case */
++ err = kstrtoull(buf, 10, &val);
++ if (0 != err)
++ return -EINVAL;
++
++ mutex_lock(&data.lock);
++ if (data.sample_width < val)
++ data.sample_window = val;
++ else {
++ mutex_unlock(&data.lock);
++ return -EINVAL;
++ }
++ mutex_unlock(&data.lock);
++
++ return csize;
++}
++
++/*
++ * Function pointers for the "count" debugfs file operations
++ */
++static const struct file_operations count_fops = {
++ .open = debug_count_fopen,
++ .read = debug_count_fread,
++ .write = debug_count_fwrite,
++ .owner = THIS_MODULE,
++};
++
++/*
++ * Function pointers for the "enable" debugfs file operations
++ */
++static const struct file_operations enable_fops = {
++ .open = debug_enable_fopen,
++ .read = debug_enable_fread,
++ .write = debug_enable_fwrite,
++ .owner = THIS_MODULE,
++};
++
++/*
++ * Function pointers for the "max" debugfs file operations
++ */
++static const struct file_operations max_fops = {
++ .open = debug_max_fopen,
++ .read = debug_max_fread,
++ .write = debug_max_fwrite,
++ .owner = THIS_MODULE,
++};
++
++/*
++ * Function pointers for the "sample" debugfs file operations
++ */
++static const struct file_operations sample_fops = {
++ .open = debug_sample_fopen,
++ .read = debug_sample_fread,
++ .release = debug_sample_release,
++ .owner = THIS_MODULE,
++};
++
++/*
++ * Function pointers for the "threshold" debugfs file operations
++ */
++static const struct file_operations threshold_fops = {
++ .open = debug_threshold_fopen,
++ .read = debug_threshold_fread,
++ .write = debug_threshold_fwrite,
++ .owner = THIS_MODULE,
++};
++
++/*
++ * Function pointers for the "width" debugfs file operations
++ */
++static const struct file_operations width_fops = {
++ .open = debug_width_fopen,
++ .read = debug_width_fread,
++ .write = debug_width_fwrite,
++ .owner = THIS_MODULE,
++};
++
++/*
++ * Function pointers for the "window" debugfs file operations
++ */
++static const struct file_operations window_fops = {
++ .open = debug_window_fopen,
++ .read = debug_window_fread,
++ .write = debug_window_fwrite,
++ .owner = THIS_MODULE,
++};
++
++/**
++ * init_debugfs - A function to initialize the debugfs interface files
++ *
++ * This function creates entries in debugfs for "hwlat_detector", including
++ * files to read values from the detector, current samples, and the
++ * maximum sample that has been captured since the hardware latency
++ * dectector was started.
++ */
++static int init_debugfs(void)
++{
++ int ret = -ENOMEM;
++
++ debug_dir = debugfs_create_dir(DRVNAME, NULL);
++ if (!debug_dir)
++ goto err_debug_dir;
++
++ debug_sample = debugfs_create_file("sample", 0444,
++ debug_dir, NULL,
++ &sample_fops);
++ if (!debug_sample)
++ goto err_sample;
++
++ debug_count = debugfs_create_file("count", 0444,
++ debug_dir, NULL,
++ &count_fops);
++ if (!debug_count)
++ goto err_count;
++
++ debug_max = debugfs_create_file("max", 0444,
++ debug_dir, NULL,
++ &max_fops);
++ if (!debug_max)
++ goto err_max;
++
++ debug_sample_window = debugfs_create_file("window", 0644,
++ debug_dir, NULL,
++ &window_fops);
++ if (!debug_sample_window)
++ goto err_window;
++
++ debug_sample_width = debugfs_create_file("width", 0644,
++ debug_dir, NULL,
++ &width_fops);
++ if (!debug_sample_width)
++ goto err_width;
++
++ debug_threshold = debugfs_create_file("threshold", 0644,
++ debug_dir, NULL,
++ &threshold_fops);
++ if (!debug_threshold)
++ goto err_threshold;
++
++ debug_enable = debugfs_create_file("enable", 0644,
++ debug_dir, &enabled,
++ &enable_fops);
++ if (!debug_enable)
++ goto err_enable;
++
++ else {
++ ret = 0;
++ goto out;
++ }
++
++err_enable:
++ debugfs_remove(debug_threshold);
++err_threshold:
++ debugfs_remove(debug_sample_width);
++err_width:
++ debugfs_remove(debug_sample_window);
++err_window:
++ debugfs_remove(debug_max);
++err_max:
++ debugfs_remove(debug_count);
++err_count:
++ debugfs_remove(debug_sample);
++err_sample:
++ debugfs_remove(debug_dir);
++err_debug_dir:
++out:
++ return ret;
++}
++
++/**
++ * free_debugfs - A function to cleanup the debugfs file interface
++ */
++static void free_debugfs(void)
++{
++ /* could also use a debugfs_remove_recursive */
++ debugfs_remove(debug_enable);
++ debugfs_remove(debug_threshold);
++ debugfs_remove(debug_sample_width);
++ debugfs_remove(debug_sample_window);
++ debugfs_remove(debug_max);
++ debugfs_remove(debug_count);
++ debugfs_remove(debug_sample);
++ debugfs_remove(debug_dir);
++}
++
++/**
++ * detector_init - Standard module initialization code
++ */
++static int detector_init(void)
++{
++ int ret = -ENOMEM;
++
++ pr_info(BANNER "version %s\n", VERSION);
++
++ ret = init_stats();
++ if (0 != ret)
++ goto out;
++
++ ret = init_debugfs();
++ if (0 != ret)
++ goto err_stats;
++
++ if (enabled)
++ ret = start_kthread();
++
++ goto out;
++
++err_stats:
++ ring_buffer_free(ring_buffer);
++out:
++ return ret;
++
++}
++
++/**
++ * detector_exit - Standard module cleanup code
++ */
++static void detector_exit(void)
++{
++ int err;
++
++ if (enabled) {
++ enabled = 0;
++ err = stop_kthread();
++ if (err)
++ pr_err(BANNER "cannot stop kthread\n");
++ }
++
++ free_debugfs();
++ ring_buffer_free(ring_buffer); /* free up the ring buffer */
++
++}
++
++module_init(detector_init);
++module_exit(detector_exit);
+diff -Nur linux-3.18.9.orig/drivers/misc/Kconfig linux-3.18.9/drivers/misc/Kconfig
+--- linux-3.18.9.orig/drivers/misc/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/misc/Kconfig 2015-03-15 16:03:03.724094875 -0500
+@@ -54,6 +54,7 @@
+ config ATMEL_TCLIB
+ bool "Atmel AT32/AT91 Timer/Counter Library"
+ depends on (AVR32 || ARCH_AT91)
++ default y if PREEMPT_RT_FULL
+ help
+ Select this if you want a library to allocate the Timer/Counter
+ blocks found on many Atmel processors. This facilitates using
+@@ -69,8 +70,7 @@
+ are combined to make a single 32-bit timer.
+
+ When GENERIC_CLOCKEVENTS is defined, the third timer channel
+- may be used as a clock event device supporting oneshot mode
+- (delays of up to two seconds) based on the 32 KiHz clock.
++ may be used as a clock event device supporting oneshot mode.
+
+ config ATMEL_TCB_CLKSRC_BLOCK
+ int
+@@ -84,6 +84,15 @@
+ TC can be used for other purposes, such as PWM generation and
+ interval timing.
+
++config ATMEL_TCB_CLKSRC_USE_SLOW_CLOCK
++ bool "TC Block use 32 KiHz clock"
++ depends on ATMEL_TCB_CLKSRC
++ default y if !PREEMPT_RT_FULL
++ help
++ Select this to use 32 KiHz base clock rate as TC block clock
++ source for clock events.
++
++
+ config DUMMY_IRQ
+ tristate "Dummy IRQ handler"
+ default n
+@@ -113,6 +122,35 @@
+ for information on the specific driver level and support statement
+ for your IBM server.
+
++config HWLAT_DETECTOR
++ tristate "Testing module to detect hardware-induced latencies"
++ depends on DEBUG_FS
++ depends on RING_BUFFER
++ default m
++ ---help---
++ A simple hardware latency detector. Use this module to detect
++ large latencies introduced by the behavior of the underlying
++ system firmware external to Linux. We do this using periodic
++ use of stop_machine to grab all available CPUs and measure
++ for unexplainable gaps in the CPU timestamp counter(s). By
++ default, the module is not enabled until the "enable" file
++ within the "hwlat_detector" debugfs directory is toggled.
++
++ This module is often used to detect SMI (System Management
++ Interrupts) on x86 systems, though is not x86 specific. To
++ this end, we default to using a sample window of 1 second,
++ during which we will sample for 0.5 seconds. If an SMI or
++ similar event occurs during that time, it is recorded
++ into an 8K samples global ring buffer until retreived.
++
++ WARNING: This software should never be enabled (it can be built
++ but should not be turned on after it is loaded) in a production
++ environment where high latencies are a concern since the
++ sampling mechanism actually introduces latencies for
++ regular tasks while the CPU(s) are being held.
++
++ If unsure, say N
++
+ config PHANTOM
+ tristate "Sensable PHANToM (PCI)"
+ depends on PCI
+diff -Nur linux-3.18.9.orig/drivers/misc/Makefile linux-3.18.9/drivers/misc/Makefile
+--- linux-3.18.9.orig/drivers/misc/Makefile 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/misc/Makefile 2015-03-15 16:03:03.724094875 -0500
+@@ -38,6 +38,7 @@
+ obj-$(CONFIG_HMC6352) += hmc6352.o
+ obj-y += eeprom/
+ obj-y += cb710/
++obj-$(CONFIG_HWLAT_DETECTOR) += hwlat_detector.o
+ obj-$(CONFIG_SPEAR13XX_PCIE_GADGET) += spear13xx_pcie_gadget.o
+ obj-$(CONFIG_VMWARE_BALLOON) += vmw_balloon.o
+ obj-$(CONFIG_ARM_CHARLCD) += arm-charlcd.o
+diff -Nur linux-3.18.9.orig/drivers/mmc/host/mmci.c linux-3.18.9/drivers/mmc/host/mmci.c
+--- linux-3.18.9.orig/drivers/mmc/host/mmci.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/mmc/host/mmci.c 2015-03-15 16:03:03.732094876 -0500
+@@ -1153,15 +1153,12 @@
+ struct sg_mapping_iter *sg_miter = &host->sg_miter;
+ struct variant_data *variant = host->variant;
+ void __iomem *base = host->base;
+- unsigned long flags;
+ u32 status;
+
+ status = readl(base + MMCISTATUS);
+
+ dev_dbg(mmc_dev(host->mmc), "irq1 (pio) %08x\n", status);
+
+- local_irq_save(flags);
+-
+ do {
+ unsigned int remain, len;
+ char *buffer;
+@@ -1201,8 +1198,6 @@
+
+ sg_miter_stop(sg_miter);
+
+- local_irq_restore(flags);
+-
+ /*
+ * If we have less than the fifo 'half-full' threshold to transfer,
+ * trigger a PIO interrupt as soon as any data is available.
+diff -Nur linux-3.18.9.orig/drivers/net/ethernet/3com/3c59x.c linux-3.18.9/drivers/net/ethernet/3com/3c59x.c
+--- linux-3.18.9.orig/drivers/net/ethernet/3com/3c59x.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/net/ethernet/3com/3c59x.c 2015-03-15 16:03:03.732094876 -0500
+@@ -842,9 +842,9 @@
+ {
+ struct vortex_private *vp = netdev_priv(dev);
+ unsigned long flags;
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ (vp->full_bus_master_rx ? boomerang_interrupt:vortex_interrupt)(dev->irq,dev);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ }
+ #endif
+
+@@ -1916,12 +1916,12 @@
+ * Block interrupts because vortex_interrupt does a bare spin_lock()
+ */
+ unsigned long flags;
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ if (vp->full_bus_master_tx)
+ boomerang_interrupt(dev->irq, dev);
+ else
+ vortex_interrupt(dev->irq, dev);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ }
+ }
+
+diff -Nur linux-3.18.9.orig/drivers/net/ethernet/atheros/atl1c/atl1c_main.c linux-3.18.9/drivers/net/ethernet/atheros/atl1c/atl1c_main.c
+--- linux-3.18.9.orig/drivers/net/ethernet/atheros/atl1c/atl1c_main.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/net/ethernet/atheros/atl1c/atl1c_main.c 2015-03-15 16:03:03.732094876 -0500
+@@ -2213,11 +2213,7 @@
+ }
+
+ tpd_req = atl1c_cal_tpd_req(skb);
+- if (!spin_trylock_irqsave(&adapter->tx_lock, flags)) {
+- if (netif_msg_pktdata(adapter))
+- dev_info(&adapter->pdev->dev, "tx locked\n");
+- return NETDEV_TX_LOCKED;
+- }
++ spin_lock_irqsave(&adapter->tx_lock, flags);
+
+ if (atl1c_tpd_avail(adapter, type) < tpd_req) {
+ /* no enough descriptor, just stop queue */
+diff -Nur linux-3.18.9.orig/drivers/net/ethernet/atheros/atl1e/atl1e_main.c linux-3.18.9/drivers/net/ethernet/atheros/atl1e/atl1e_main.c
+--- linux-3.18.9.orig/drivers/net/ethernet/atheros/atl1e/atl1e_main.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/net/ethernet/atheros/atl1e/atl1e_main.c 2015-03-15 16:03:03.732094876 -0500
+@@ -1880,8 +1880,7 @@
+ return NETDEV_TX_OK;
+ }
+ tpd_req = atl1e_cal_tdp_req(skb);
+- if (!spin_trylock_irqsave(&adapter->tx_lock, flags))
+- return NETDEV_TX_LOCKED;
++ spin_lock_irqsave(&adapter->tx_lock, flags);
+
+ if (atl1e_tpd_avail(adapter) < tpd_req) {
+ /* no enough descriptor, just stop queue */
+diff -Nur linux-3.18.9.orig/drivers/net/ethernet/chelsio/cxgb/sge.c linux-3.18.9/drivers/net/ethernet/chelsio/cxgb/sge.c
+--- linux-3.18.9.orig/drivers/net/ethernet/chelsio/cxgb/sge.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/net/ethernet/chelsio/cxgb/sge.c 2015-03-15 16:03:03.732094876 -0500
+@@ -1663,8 +1663,7 @@
+ struct cmdQ *q = &sge->cmdQ[qid];
+ unsigned int credits, pidx, genbit, count, use_sched_skb = 0;
+
+- if (!spin_trylock(&q->lock))
+- return NETDEV_TX_LOCKED;
++ spin_lock(&q->lock);
+
+ reclaim_completed_tx(sge, q);
+
+diff -Nur linux-3.18.9.orig/drivers/net/ethernet/freescale/gianfar.c linux-3.18.9/drivers/net/ethernet/freescale/gianfar.c
+--- linux-3.18.9.orig/drivers/net/ethernet/freescale/gianfar.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/net/ethernet/freescale/gianfar.c 2015-03-15 16:03:03.732094876 -0500
+@@ -1483,7 +1483,7 @@
+
+ if (netif_running(ndev)) {
+
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ lock_tx_qs(priv);
+
+ gfar_halt_nodisable(priv);
+@@ -1499,7 +1499,7 @@
+ gfar_write(&regs->maccfg1, tempval);
+
+ unlock_tx_qs(priv);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+
+ disable_napi(priv);
+
+@@ -1541,7 +1541,7 @@
+ /* Disable Magic Packet mode, in case something
+ * else woke us up.
+ */
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ lock_tx_qs(priv);
+
+ tempval = gfar_read(&regs->maccfg2);
+@@ -1551,7 +1551,7 @@
+ gfar_start(priv);
+
+ unlock_tx_qs(priv);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+
+ netif_device_attach(ndev);
+
+@@ -3307,14 +3307,14 @@
+ dev->stats.tx_dropped++;
+ atomic64_inc(&priv->extra_stats.tx_underrun);
+
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ lock_tx_qs(priv);
+
+ /* Reactivate the Tx Queues */
+ gfar_write(&regs->tstat, gfargrp->tstat);
+
+ unlock_tx_qs(priv);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ }
+ netif_dbg(priv, tx_err, dev, "Transmit Error\n");
+ }
+diff -Nur linux-3.18.9.orig/drivers/net/ethernet/neterion/s2io.c linux-3.18.9/drivers/net/ethernet/neterion/s2io.c
+--- linux-3.18.9.orig/drivers/net/ethernet/neterion/s2io.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/net/ethernet/neterion/s2io.c 2015-03-15 16:03:03.736094876 -0500
+@@ -4084,12 +4084,7 @@
+ [skb->priority & (MAX_TX_FIFOS - 1)];
+ fifo = &mac_control->fifos[queue];
+
+- if (do_spin_lock)
+- spin_lock_irqsave(&fifo->tx_lock, flags);
+- else {
+- if (unlikely(!spin_trylock_irqsave(&fifo->tx_lock, flags)))
+- return NETDEV_TX_LOCKED;
+- }
++ spin_lock_irqsave(&fifo->tx_lock, flags);
+
+ if (sp->config.multiq) {
+ if (__netif_subqueue_stopped(dev, fifo->fifo_no)) {
+diff -Nur linux-3.18.9.orig/drivers/net/ethernet/oki-semi/pch_gbe/pch_gbe_main.c linux-3.18.9/drivers/net/ethernet/oki-semi/pch_gbe/pch_gbe_main.c
+--- linux-3.18.9.orig/drivers/net/ethernet/oki-semi/pch_gbe/pch_gbe_main.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/net/ethernet/oki-semi/pch_gbe/pch_gbe_main.c 2015-03-15 16:03:03.736094876 -0500
+@@ -2137,10 +2137,8 @@
+ struct pch_gbe_tx_ring *tx_ring = adapter->tx_ring;
+ unsigned long flags;
+
+- if (!spin_trylock_irqsave(&tx_ring->tx_lock, flags)) {
+- /* Collision - tell upper layer to requeue */
+- return NETDEV_TX_LOCKED;
+- }
++ spin_lock_irqsave(&tx_ring->tx_lock, flags);
++
+ if (unlikely(!PCH_GBE_DESC_UNUSED(tx_ring))) {
+ netif_stop_queue(netdev);
+ spin_unlock_irqrestore(&tx_ring->tx_lock, flags);
+diff -Nur linux-3.18.9.orig/drivers/net/ethernet/realtek/8139too.c linux-3.18.9/drivers/net/ethernet/realtek/8139too.c
+--- linux-3.18.9.orig/drivers/net/ethernet/realtek/8139too.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/net/ethernet/realtek/8139too.c 2015-03-15 16:03:03.736094876 -0500
+@@ -2215,7 +2215,7 @@
+ struct rtl8139_private *tp = netdev_priv(dev);
+ const int irq = tp->pci_dev->irq;
+
+- disable_irq(irq);
++ disable_irq_nosync(irq);
+ rtl8139_interrupt(irq, dev);
+ enable_irq(irq);
+ }
+diff -Nur linux-3.18.9.orig/drivers/net/ethernet/tehuti/tehuti.c linux-3.18.9/drivers/net/ethernet/tehuti/tehuti.c
+--- linux-3.18.9.orig/drivers/net/ethernet/tehuti/tehuti.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/net/ethernet/tehuti/tehuti.c 2015-03-15 16:03:03.744094876 -0500
+@@ -1629,13 +1629,8 @@
+ unsigned long flags;
+
+ ENTER;
+- local_irq_save(flags);
+- if (!spin_trylock(&priv->tx_lock)) {
+- local_irq_restore(flags);
+- DBG("%s[%s]: TX locked, returning NETDEV_TX_LOCKED\n",
+- BDX_DRV_NAME, ndev->name);
+- return NETDEV_TX_LOCKED;
+- }
++
++ spin_lock_irqsave(&priv->tx_lock, flags);
+
+ /* build tx descriptor */
+ BDX_ASSERT(f->m.wptr >= f->m.memsz); /* started with valid wptr */
+diff -Nur linux-3.18.9.orig/drivers/net/rionet.c linux-3.18.9/drivers/net/rionet.c
+--- linux-3.18.9.orig/drivers/net/rionet.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/net/rionet.c 2015-03-15 16:03:03.744094876 -0500
+@@ -174,11 +174,7 @@
+ unsigned long flags;
+ int add_num = 1;
+
+- local_irq_save(flags);
+- if (!spin_trylock(&rnet->tx_lock)) {
+- local_irq_restore(flags);
+- return NETDEV_TX_LOCKED;
+- }
++ spin_lock_irqsave(&rnet->tx_lock, flags);
+
+ if (is_multicast_ether_addr(eth->h_dest))
+ add_num = nets[rnet->mport->id].nact;
+diff -Nur linux-3.18.9.orig/drivers/net/wireless/orinoco/orinoco_usb.c linux-3.18.9/drivers/net/wireless/orinoco/orinoco_usb.c
+--- linux-3.18.9.orig/drivers/net/wireless/orinoco/orinoco_usb.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/net/wireless/orinoco/orinoco_usb.c 2015-03-15 16:03:03.744094876 -0500
+@@ -699,7 +699,7 @@
+ while (!ctx->done.done && msecs--)
+ udelay(1000);
+ } else {
+- wait_event_interruptible(ctx->done.wait,
++ swait_event_interruptible(ctx->done.wait,
+ ctx->done.done);
+ }
+ break;
+diff -Nur linux-3.18.9.orig/drivers/pci/access.c linux-3.18.9/drivers/pci/access.c
+--- linux-3.18.9.orig/drivers/pci/access.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/pci/access.c 2015-03-15 16:03:03.744094876 -0500
+@@ -434,7 +434,7 @@
+ WARN_ON(!dev->block_cfg_access);
+
+ dev->block_cfg_access = 0;
+- wake_up_all(&pci_cfg_wait);
++ wake_up_all_locked(&pci_cfg_wait);
+ raw_spin_unlock_irqrestore(&pci_lock, flags);
+ }
+ EXPORT_SYMBOL_GPL(pci_cfg_access_unlock);
+diff -Nur linux-3.18.9.orig/drivers/scsi/fcoe/fcoe.c linux-3.18.9/drivers/scsi/fcoe/fcoe.c
+--- linux-3.18.9.orig/drivers/scsi/fcoe/fcoe.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/scsi/fcoe/fcoe.c 2015-03-15 16:03:03.744094876 -0500
+@@ -1286,7 +1286,7 @@
+ struct sk_buff *skb;
+ #ifdef CONFIG_SMP
+ struct fcoe_percpu_s *p0;
+- unsigned targ_cpu = get_cpu();
++ unsigned targ_cpu = get_cpu_light();
+ #endif /* CONFIG_SMP */
+
+ FCOE_DBG("Destroying receive thread for CPU %d\n", cpu);
+@@ -1342,7 +1342,7 @@
+ kfree_skb(skb);
+ spin_unlock_bh(&p->fcoe_rx_list.lock);
+ }
+- put_cpu();
++ put_cpu_light();
+ #else
+ /*
+ * This a non-SMP scenario where the singular Rx thread is
+@@ -1566,11 +1566,11 @@
+ static int fcoe_alloc_paged_crc_eof(struct sk_buff *skb, int tlen)
+ {
+ struct fcoe_percpu_s *fps;
+- int rc;
++ int rc, cpu = get_cpu_light();
+
+- fps = &get_cpu_var(fcoe_percpu);
++ fps = &per_cpu(fcoe_percpu, cpu);
+ rc = fcoe_get_paged_crc_eof(skb, tlen, fps);
+- put_cpu_var(fcoe_percpu);
++ put_cpu_light();
+
+ return rc;
+ }
+@@ -1768,11 +1768,11 @@
+ return 0;
+ }
+
+- stats = per_cpu_ptr(lport->stats, get_cpu());
++ stats = per_cpu_ptr(lport->stats, get_cpu_light());
+ stats->InvalidCRCCount++;
+ if (stats->InvalidCRCCount < 5)
+ printk(KERN_WARNING "fcoe: dropping frame with CRC error\n");
+- put_cpu();
++ put_cpu_light();
+ return -EINVAL;
+ }
+
+@@ -1848,13 +1848,13 @@
+ goto drop;
+
+ if (!fcoe_filter_frames(lport, fp)) {
+- put_cpu();
++ put_cpu_light();
+ fc_exch_recv(lport, fp);
+ return;
+ }
+ drop:
+ stats->ErrorFrames++;
+- put_cpu();
++ put_cpu_light();
+ kfree_skb(skb);
+ }
+
+diff -Nur linux-3.18.9.orig/drivers/scsi/fcoe/fcoe_ctlr.c linux-3.18.9/drivers/scsi/fcoe/fcoe_ctlr.c
+--- linux-3.18.9.orig/drivers/scsi/fcoe/fcoe_ctlr.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/scsi/fcoe/fcoe_ctlr.c 2015-03-15 16:03:03.744094876 -0500
+@@ -831,7 +831,7 @@
+
+ INIT_LIST_HEAD(&del_list);
+
+- stats = per_cpu_ptr(fip->lp->stats, get_cpu());
++ stats = per_cpu_ptr(fip->lp->stats, get_cpu_light());
+
+ list_for_each_entry_safe(fcf, next, &fip->fcfs, list) {
+ deadline = fcf->time + fcf->fka_period + fcf->fka_period / 2;
+@@ -867,7 +867,7 @@
+ sel_time = fcf->time;
+ }
+ }
+- put_cpu();
++ put_cpu_light();
+
+ list_for_each_entry_safe(fcf, next, &del_list, list) {
+ /* Removes fcf from current list */
+diff -Nur linux-3.18.9.orig/drivers/scsi/libfc/fc_exch.c linux-3.18.9/drivers/scsi/libfc/fc_exch.c
+--- linux-3.18.9.orig/drivers/scsi/libfc/fc_exch.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/scsi/libfc/fc_exch.c 2015-03-15 16:03:03.744094876 -0500
+@@ -816,10 +816,10 @@
+ }
+ memset(ep, 0, sizeof(*ep));
+
+- cpu = get_cpu();
++ cpu = get_cpu_light();
+ pool = per_cpu_ptr(mp->pool, cpu);
+ spin_lock_bh(&pool->lock);
+- put_cpu();
++ put_cpu_light();
+
+ /* peek cache of free slot */
+ if (pool->left != FC_XID_UNKNOWN) {
+diff -Nur linux-3.18.9.orig/drivers/scsi/libsas/sas_ata.c linux-3.18.9/drivers/scsi/libsas/sas_ata.c
+--- linux-3.18.9.orig/drivers/scsi/libsas/sas_ata.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/scsi/libsas/sas_ata.c 2015-03-15 16:03:03.744094876 -0500
+@@ -191,7 +191,7 @@
+ /* TODO: audit callers to ensure they are ready for qc_issue to
+ * unconditionally re-enable interrupts
+ */
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ spin_unlock(ap->lock);
+
+ /* If the device fell off, no sense in issuing commands */
+@@ -261,7 +261,7 @@
+
+ out:
+ spin_lock(ap->lock);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ return ret;
+ }
+
+diff -Nur linux-3.18.9.orig/drivers/scsi/qla2xxx/qla_inline.h linux-3.18.9/drivers/scsi/qla2xxx/qla_inline.h
+--- linux-3.18.9.orig/drivers/scsi/qla2xxx/qla_inline.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/scsi/qla2xxx/qla_inline.h 2015-03-15 16:03:03.744094876 -0500
+@@ -59,12 +59,12 @@
+ {
+ unsigned long flags;
+ struct qla_hw_data *ha = rsp->hw;
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ if (IS_P3P_TYPE(ha))
+ qla82xx_poll(0, rsp);
+ else
+ ha->isp_ops->intr_handler(0, rsp);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ }
+
+ static inline uint8_t *
+diff -Nur linux-3.18.9.orig/drivers/tty/serial/8250/8250_core.c linux-3.18.9/drivers/tty/serial/8250/8250_core.c
+--- linux-3.18.9.orig/drivers/tty/serial/8250/8250_core.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/tty/serial/8250/8250_core.c 2015-03-15 16:03:03.784094876 -0500
+@@ -37,6 +37,7 @@
+ #include <linux/nmi.h>
+ #include <linux/mutex.h>
+ #include <linux/slab.h>
++#include <linux/kdb.h>
+ #include <linux/uaccess.h>
+ #include <linux/pm_runtime.h>
+ #ifdef CONFIG_SPARC
+@@ -81,7 +82,16 @@
+ #define DEBUG_INTR(fmt...) do { } while (0)
+ #endif
+
+-#define PASS_LIMIT 512
++/*
++ * On -rt we can have a more delays, and legitimately
++ * so - so don't drop work spuriously and spam the
++ * syslog:
++ */
++#ifdef CONFIG_PREEMPT_RT_FULL
++# define PASS_LIMIT 1000000
++#else
++# define PASS_LIMIT 512
++#endif
+
+ #define BOTH_EMPTY (UART_LSR_TEMT | UART_LSR_THRE)
+
+@@ -3198,7 +3208,7 @@
+
+ serial8250_rpm_get(up);
+
+- if (port->sysrq || oops_in_progress)
++ if (port->sysrq || oops_in_progress || in_kdb_printk())
+ locked = spin_trylock_irqsave(&port->lock, flags);
+ else
+ spin_lock_irqsave(&port->lock, flags);
+diff -Nur linux-3.18.9.orig/drivers/tty/serial/amba-pl011.c linux-3.18.9/drivers/tty/serial/amba-pl011.c
+--- linux-3.18.9.orig/drivers/tty/serial/amba-pl011.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/tty/serial/amba-pl011.c 2015-03-15 16:03:03.784094876 -0500
+@@ -1935,13 +1935,19 @@
+
+ clk_enable(uap->clk);
+
+- local_irq_save(flags);
++ /*
++ * local_irq_save(flags);
++ *
++ * This local_irq_save() is nonsense. If we come in via sysrq
++ * handling then interrupts are already disabled. Aside of
++ * that the port.sysrq check is racy on SMP regardless.
++ */
+ if (uap->port.sysrq)
+ locked = 0;
+ else if (oops_in_progress)
+- locked = spin_trylock(&uap->port.lock);
++ locked = spin_trylock_irqsave(&uap->port.lock, flags);
+ else
+- spin_lock(&uap->port.lock);
++ spin_lock_irqsave(&uap->port.lock, flags);
+
+ /*
+ * First save the CR then disable the interrupts
+@@ -1963,8 +1969,7 @@
+ writew(old_cr, uap->port.membase + UART011_CR);
+
+ if (locked)
+- spin_unlock(&uap->port.lock);
+- local_irq_restore(flags);
++ spin_unlock_irqrestore(&uap->port.lock, flags);
+
+ clk_disable(uap->clk);
+ }
+diff -Nur linux-3.18.9.orig/drivers/tty/serial/omap-serial.c linux-3.18.9/drivers/tty/serial/omap-serial.c
+--- linux-3.18.9.orig/drivers/tty/serial/omap-serial.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/tty/serial/omap-serial.c 2015-03-15 16:03:03.784094876 -0500
+@@ -1270,13 +1270,10 @@
+
+ pm_runtime_get_sync(up->dev);
+
+- local_irq_save(flags);
+- if (up->port.sysrq)
+- locked = 0;
+- else if (oops_in_progress)
+- locked = spin_trylock(&up->port.lock);
++ if (up->port.sysrq || oops_in_progress)
++ locked = spin_trylock_irqsave(&up->port.lock, flags);
+ else
+- spin_lock(&up->port.lock);
++ spin_lock_irqsave(&up->port.lock, flags);
+
+ /*
+ * First save the IER then disable the interrupts
+@@ -1305,8 +1302,7 @@
+ pm_runtime_mark_last_busy(up->dev);
+ pm_runtime_put_autosuspend(up->dev);
+ if (locked)
+- spin_unlock(&up->port.lock);
+- local_irq_restore(flags);
++ spin_unlock_irqrestore(&up->port.lock, flags);
+ }
+
+ static int __init
+diff -Nur linux-3.18.9.orig/drivers/usb/core/hcd.c linux-3.18.9/drivers/usb/core/hcd.c
+--- linux-3.18.9.orig/drivers/usb/core/hcd.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/usb/core/hcd.c 2015-03-15 16:03:03.784094876 -0500
+@@ -1681,9 +1681,9 @@
+ * and no one may trigger the above deadlock situation when
+ * running complete() in tasklet.
+ */
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ urb->complete(urb);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+
+ usb_anchor_resume_wakeups(anchor);
+ atomic_dec(&urb->use_count);
+diff -Nur linux-3.18.9.orig/drivers/usb/gadget/function/f_fs.c linux-3.18.9/drivers/usb/gadget/function/f_fs.c
+--- linux-3.18.9.orig/drivers/usb/gadget/function/f_fs.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/usb/gadget/function/f_fs.c 2015-03-15 16:03:03.784094876 -0500
+@@ -1428,7 +1428,7 @@
+ pr_info("%s(): freeing\n", __func__);
+ ffs_data_clear(ffs);
+ BUG_ON(waitqueue_active(&ffs->ev.waitq) ||
+- waitqueue_active(&ffs->ep0req_completion.wait));
++ swaitqueue_active(&ffs->ep0req_completion.wait));
+ kfree(ffs->dev_name);
+ kfree(ffs);
+ }
+diff -Nur linux-3.18.9.orig/drivers/usb/gadget/legacy/inode.c linux-3.18.9/drivers/usb/gadget/legacy/inode.c
+--- linux-3.18.9.orig/drivers/usb/gadget/legacy/inode.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/drivers/usb/gadget/legacy/inode.c 2015-03-15 16:03:03.784094876 -0500
+@@ -339,7 +339,7 @@
+ spin_unlock_irq (&epdata->dev->lock);
+
+ if (likely (value == 0)) {
+- value = wait_event_interruptible (done.wait, done.done);
++ value = swait_event_interruptible (done.wait, done.done);
+ if (value != 0) {
+ spin_lock_irq (&epdata->dev->lock);
+ if (likely (epdata->ep != NULL)) {
+@@ -348,7 +348,7 @@
+ usb_ep_dequeue (epdata->ep, epdata->req);
+ spin_unlock_irq (&epdata->dev->lock);
+
+- wait_event (done.wait, done.done);
++ swait_event (done.wait, done.done);
+ if (epdata->status == -ECONNRESET)
+ epdata->status = -EINTR;
+ } else {
+diff -Nur linux-3.18.9.orig/fs/aio.c linux-3.18.9/fs/aio.c
+--- linux-3.18.9.orig/fs/aio.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/fs/aio.c 2015-03-15 16:03:03.788094876 -0500
+@@ -40,6 +40,7 @@
+ #include <linux/ramfs.h>
+ #include <linux/percpu-refcount.h>
+ #include <linux/mount.h>
++#include <linux/work-simple.h>
+
+ #include <asm/kmap_types.h>
+ #include <asm/uaccess.h>
+@@ -110,7 +111,7 @@
+ struct page **ring_pages;
+ long nr_pages;
+
+- struct work_struct free_work;
++ struct swork_event free_work;
+
+ /*
+ * signals when all in-flight requests are done
+@@ -226,6 +227,7 @@
+ .mount = aio_mount,
+ .kill_sb = kill_anon_super,
+ };
++ BUG_ON(swork_get());
+ aio_mnt = kern_mount(&aio_fs);
+ if (IS_ERR(aio_mnt))
+ panic("Failed to create aio fs mount.");
+@@ -505,9 +507,9 @@
+ return cancel(kiocb);
+ }
+
+-static void free_ioctx(struct work_struct *work)
++static void free_ioctx(struct swork_event *sev)
+ {
+- struct kioctx *ctx = container_of(work, struct kioctx, free_work);
++ struct kioctx *ctx = container_of(sev, struct kioctx, free_work);
+
+ pr_debug("freeing %p\n", ctx);
+
+@@ -526,8 +528,8 @@
+ if (ctx->requests_done)
+ complete(ctx->requests_done);
+
+- INIT_WORK(&ctx->free_work, free_ioctx);
+- schedule_work(&ctx->free_work);
++ INIT_SWORK(&ctx->free_work, free_ioctx);
++ swork_queue(&ctx->free_work);
+ }
+
+ /*
+@@ -535,9 +537,9 @@
+ * and ctx->users has dropped to 0, so we know no more kiocbs can be submitted -
+ * now it's safe to cancel any that need to be.
+ */
+-static void free_ioctx_users(struct percpu_ref *ref)
++static void free_ioctx_users_work(struct swork_event *sev)
+ {
+- struct kioctx *ctx = container_of(ref, struct kioctx, users);
++ struct kioctx *ctx = container_of(sev, struct kioctx, free_work);
+ struct kiocb *req;
+
+ spin_lock_irq(&ctx->ctx_lock);
+@@ -556,6 +558,14 @@
+ percpu_ref_put(&ctx->reqs);
+ }
+
++static void free_ioctx_users(struct percpu_ref *ref)
++{
++ struct kioctx *ctx = container_of(ref, struct kioctx, users);
++
++ INIT_SWORK(&ctx->free_work, free_ioctx_users_work);
++ swork_queue(&ctx->free_work);
++}
++
+ static int ioctx_add_table(struct kioctx *ctx, struct mm_struct *mm)
+ {
+ unsigned i, new_nr;
+diff -Nur linux-3.18.9.orig/fs/autofs4/autofs_i.h linux-3.18.9/fs/autofs4/autofs_i.h
+--- linux-3.18.9.orig/fs/autofs4/autofs_i.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/fs/autofs4/autofs_i.h 2015-03-15 16:03:03.788094876 -0500
+@@ -34,6 +34,7 @@
+ #include <linux/sched.h>
+ #include <linux/mount.h>
+ #include <linux/namei.h>
++#include <linux/delay.h>
+ #include <asm/current.h>
+ #include <asm/uaccess.h>
+
+diff -Nur linux-3.18.9.orig/fs/autofs4/expire.c linux-3.18.9/fs/autofs4/expire.c
+--- linux-3.18.9.orig/fs/autofs4/expire.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/fs/autofs4/expire.c 2015-03-15 16:03:03.788094876 -0500
+@@ -151,7 +151,7 @@
+ parent = p->d_parent;
+ if (!spin_trylock(&parent->d_lock)) {
+ spin_unlock(&p->d_lock);
+- cpu_relax();
++ cpu_chill();
+ goto relock;
+ }
+ spin_unlock(&p->d_lock);
+diff -Nur linux-3.18.9.orig/fs/buffer.c linux-3.18.9/fs/buffer.c
+--- linux-3.18.9.orig/fs/buffer.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/fs/buffer.c 2015-03-15 16:03:03.788094876 -0500
+@@ -301,8 +301,7 @@
+ * decide that the page is now completely done.
+ */
+ first = page_buffers(page);
+- local_irq_save(flags);
+- bit_spin_lock(BH_Uptodate_Lock, &first->b_state);
++ flags = bh_uptodate_lock_irqsave(first);
+ clear_buffer_async_read(bh);
+ unlock_buffer(bh);
+ tmp = bh;
+@@ -315,8 +314,7 @@
+ }
+ tmp = tmp->b_this_page;
+ } while (tmp != bh);
+- bit_spin_unlock(BH_Uptodate_Lock, &first->b_state);
+- local_irq_restore(flags);
++ bh_uptodate_unlock_irqrestore(first, flags);
+
+ /*
+ * If none of the buffers had errors and they are all
+@@ -328,9 +326,7 @@
+ return;
+
+ still_busy:
+- bit_spin_unlock(BH_Uptodate_Lock, &first->b_state);
+- local_irq_restore(flags);
+- return;
++ bh_uptodate_unlock_irqrestore(first, flags);
+ }
+
+ /*
+@@ -358,8 +354,7 @@
+ }
+
+ first = page_buffers(page);
+- local_irq_save(flags);
+- bit_spin_lock(BH_Uptodate_Lock, &first->b_state);
++ flags = bh_uptodate_lock_irqsave(first);
+
+ clear_buffer_async_write(bh);
+ unlock_buffer(bh);
+@@ -371,15 +366,12 @@
+ }
+ tmp = tmp->b_this_page;
+ }
+- bit_spin_unlock(BH_Uptodate_Lock, &first->b_state);
+- local_irq_restore(flags);
++ bh_uptodate_unlock_irqrestore(first, flags);
+ end_page_writeback(page);
+ return;
+
+ still_busy:
+- bit_spin_unlock(BH_Uptodate_Lock, &first->b_state);
+- local_irq_restore(flags);
+- return;
++ bh_uptodate_unlock_irqrestore(first, flags);
+ }
+ EXPORT_SYMBOL(end_buffer_async_write);
+
+@@ -3325,6 +3317,7 @@
+ struct buffer_head *ret = kmem_cache_zalloc(bh_cachep, gfp_flags);
+ if (ret) {
+ INIT_LIST_HEAD(&ret->b_assoc_buffers);
++ buffer_head_init_locks(ret);
+ preempt_disable();
+ __this_cpu_inc(bh_accounting.nr);
+ recalc_bh_state();
+diff -Nur linux-3.18.9.orig/fs/dcache.c linux-3.18.9/fs/dcache.c
+--- linux-3.18.9.orig/fs/dcache.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/fs/dcache.c 2015-03-15 16:03:03.788094876 -0500
+@@ -19,6 +19,7 @@
+ #include <linux/mm.h>
+ #include <linux/fs.h>
+ #include <linux/fsnotify.h>
++#include <linux/delay.h>
+ #include <linux/slab.h>
+ #include <linux/init.h>
+ #include <linux/hash.h>
+@@ -552,7 +553,7 @@
+
+ failed:
+ spin_unlock(&dentry->d_lock);
+- cpu_relax();
++ cpu_chill();
+ return dentry; /* try again with same dentry */
+ }
+
+@@ -2285,7 +2286,7 @@
+ if (dentry->d_lockref.count == 1) {
+ if (!spin_trylock(&inode->i_lock)) {
+ spin_unlock(&dentry->d_lock);
+- cpu_relax();
++ cpu_chill();
+ goto again;
+ }
+ dentry->d_flags &= ~DCACHE_CANT_MOUNT;
+diff -Nur linux-3.18.9.orig/fs/eventpoll.c linux-3.18.9/fs/eventpoll.c
+--- linux-3.18.9.orig/fs/eventpoll.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/fs/eventpoll.c 2015-03-15 16:03:03.788094876 -0500
+@@ -505,12 +505,12 @@
+ */
+ static void ep_poll_safewake(wait_queue_head_t *wq)
+ {
+- int this_cpu = get_cpu();
++ int this_cpu = get_cpu_light();
+
+ ep_call_nested(&poll_safewake_ncalls, EP_MAX_NESTS,
+ ep_poll_wakeup_proc, NULL, wq, (void *) (long) this_cpu);
+
+- put_cpu();
++ put_cpu_light();
+ }
+
+ static void ep_remove_wait_queue(struct eppoll_entry *pwq)
+diff -Nur linux-3.18.9.orig/fs/exec.c linux-3.18.9/fs/exec.c
+--- linux-3.18.9.orig/fs/exec.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/fs/exec.c 2015-03-15 16:03:03.788094876 -0500
+@@ -841,12 +841,14 @@
+ }
+ }
+ task_lock(tsk);
++ preempt_disable_rt();
+ active_mm = tsk->active_mm;
+ tsk->mm = mm;
+ tsk->active_mm = mm;
+ activate_mm(active_mm, mm);
+ tsk->mm->vmacache_seqnum = 0;
+ vmacache_flush(tsk);
++ preempt_enable_rt();
+ task_unlock(tsk);
+ if (old_mm) {
+ up_read(&old_mm->mmap_sem);
+diff -Nur linux-3.18.9.orig/fs/jbd/checkpoint.c linux-3.18.9/fs/jbd/checkpoint.c
+--- linux-3.18.9.orig/fs/jbd/checkpoint.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/fs/jbd/checkpoint.c 2015-03-15 16:03:03.788094876 -0500
+@@ -129,6 +129,8 @@
+ if (journal->j_flags & JFS_ABORT)
+ return;
+ spin_unlock(&journal->j_state_lock);
++ if (current->plug)
++ io_schedule();
+ mutex_lock(&journal->j_checkpoint_mutex);
+
+ /*
+diff -Nur linux-3.18.9.orig/fs/jbd2/checkpoint.c linux-3.18.9/fs/jbd2/checkpoint.c
+--- linux-3.18.9.orig/fs/jbd2/checkpoint.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/fs/jbd2/checkpoint.c 2015-03-15 16:03:03.788094876 -0500
+@@ -116,6 +116,8 @@
+ nblocks = jbd2_space_needed(journal);
+ while (jbd2_log_space_left(journal) < nblocks) {
+ write_unlock(&journal->j_state_lock);
++ if (current->plug)
++ io_schedule();
+ mutex_lock(&journal->j_checkpoint_mutex);
+
+ /*
+diff -Nur linux-3.18.9.orig/fs/namespace.c linux-3.18.9/fs/namespace.c
+--- linux-3.18.9.orig/fs/namespace.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/fs/namespace.c 2015-03-15 16:03:03.788094876 -0500
+@@ -14,6 +14,7 @@
+ #include <linux/mnt_namespace.h>
+ #include <linux/user_namespace.h>
+ #include <linux/namei.h>
++#include <linux/delay.h>
+ #include <linux/security.h>
+ #include <linux/idr.h>
+ #include <linux/init.h> /* init_rootfs */
+@@ -344,8 +345,11 @@
+ * incremented count after it has set MNT_WRITE_HOLD.
+ */
+ smp_mb();
+- while (ACCESS_ONCE(mnt->mnt.mnt_flags) & MNT_WRITE_HOLD)
+- cpu_relax();
++ while (ACCESS_ONCE(mnt->mnt.mnt_flags) & MNT_WRITE_HOLD) {
++ preempt_enable();
++ cpu_chill();
++ preempt_disable();
++ }
+ /*
+ * After the slowpath clears MNT_WRITE_HOLD, mnt_is_readonly will
+ * be set to match its requirements. So we must not load that until
+diff -Nur linux-3.18.9.orig/fs/ntfs/aops.c linux-3.18.9/fs/ntfs/aops.c
+--- linux-3.18.9.orig/fs/ntfs/aops.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/fs/ntfs/aops.c 2015-03-15 16:03:03.788094876 -0500
+@@ -107,8 +107,7 @@
+ "0x%llx.", (unsigned long long)bh->b_blocknr);
+ }
+ first = page_buffers(page);
+- local_irq_save(flags);
+- bit_spin_lock(BH_Uptodate_Lock, &first->b_state);
++ flags = bh_uptodate_lock_irqsave(first);
+ clear_buffer_async_read(bh);
+ unlock_buffer(bh);
+ tmp = bh;
+@@ -123,8 +122,7 @@
+ }
+ tmp = tmp->b_this_page;
+ } while (tmp != bh);
+- bit_spin_unlock(BH_Uptodate_Lock, &first->b_state);
+- local_irq_restore(flags);
++ bh_uptodate_unlock_irqrestore(first, flags);
+ /*
+ * If none of the buffers had errors then we can set the page uptodate,
+ * but we first have to perform the post read mst fixups, if the
+@@ -145,13 +143,13 @@
+ recs = PAGE_CACHE_SIZE / rec_size;
+ /* Should have been verified before we got here... */
+ BUG_ON(!recs);
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ kaddr = kmap_atomic(page);
+ for (i = 0; i < recs; i++)
+ post_read_mst_fixup((NTFS_RECORD*)(kaddr +
+ i * rec_size), rec_size);
+ kunmap_atomic(kaddr);
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ flush_dcache_page(page);
+ if (likely(page_uptodate && !PageError(page)))
+ SetPageUptodate(page);
+@@ -159,9 +157,7 @@
+ unlock_page(page);
+ return;
+ still_busy:
+- bit_spin_unlock(BH_Uptodate_Lock, &first->b_state);
+- local_irq_restore(flags);
+- return;
++ bh_uptodate_unlock_irqrestore(first, flags);
+ }
+
+ /**
+diff -Nur linux-3.18.9.orig/fs/timerfd.c linux-3.18.9/fs/timerfd.c
+--- linux-3.18.9.orig/fs/timerfd.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/fs/timerfd.c 2015-03-15 16:03:03.788094876 -0500
+@@ -449,7 +449,10 @@
+ break;
+ }
+ spin_unlock_irq(&ctx->wqh.lock);
+- cpu_relax();
++ if (isalarm(ctx))
++ hrtimer_wait_for_timer(&ctx->t.alarm.timer);
++ else
++ hrtimer_wait_for_timer(&ctx->t.tmr);
+ }
+
+ /*
+diff -Nur linux-3.18.9.orig/include/acpi/platform/aclinux.h linux-3.18.9/include/acpi/platform/aclinux.h
+--- linux-3.18.9.orig/include/acpi/platform/aclinux.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/acpi/platform/aclinux.h 2015-03-15 16:03:03.788094876 -0500
+@@ -123,6 +123,7 @@
+
+ #define acpi_cache_t struct kmem_cache
+ #define acpi_spinlock spinlock_t *
++#define acpi_raw_spinlock raw_spinlock_t *
+ #define acpi_cpu_flags unsigned long
+
+ /* Use native linux version of acpi_os_allocate_zeroed */
+@@ -141,6 +142,20 @@
+ #define ACPI_USE_ALTERNATE_PROTOTYPE_acpi_os_get_thread_id
+ #define ACPI_USE_ALTERNATE_PROTOTYPE_acpi_os_create_lock
+
++#define acpi_os_create_raw_lock(__handle) \
++({ \
++ raw_spinlock_t *lock = ACPI_ALLOCATE(sizeof(*lock)); \
++ \
++ if (lock) { \
++ *(__handle) = lock; \
++ raw_spin_lock_init(*(__handle)); \
++ } \
++ lock ? AE_OK : AE_NO_MEMORY; \
++ })
++
++#define acpi_os_delete_raw_lock(__handle) kfree(__handle)
++
++
+ /*
+ * OSL interfaces used by debugger/disassembler
+ */
+diff -Nur linux-3.18.9.orig/include/asm-generic/bug.h linux-3.18.9/include/asm-generic/bug.h
+--- linux-3.18.9.orig/include/asm-generic/bug.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/asm-generic/bug.h 2015-03-15 16:03:03.792094875 -0500
+@@ -206,6 +206,20 @@
+ # define WARN_ON_SMP(x) ({0;})
+ #endif
+
++#ifdef CONFIG_PREEMPT_RT_BASE
++# define BUG_ON_RT(c) BUG_ON(c)
++# define BUG_ON_NONRT(c) do { } while (0)
++# define WARN_ON_RT(condition) WARN_ON(condition)
++# define WARN_ON_NONRT(condition) do { } while (0)
++# define WARN_ON_ONCE_NONRT(condition) do { } while (0)
++#else
++# define BUG_ON_RT(c) do { } while (0)
++# define BUG_ON_NONRT(c) BUG_ON(c)
++# define WARN_ON_RT(condition) do { } while (0)
++# define WARN_ON_NONRT(condition) WARN_ON(condition)
++# define WARN_ON_ONCE_NONRT(condition) WARN_ON_ONCE(condition)
++#endif
++
+ #endif /* __ASSEMBLY__ */
+
+ #endif
+diff -Nur linux-3.18.9.orig/include/linux/blkdev.h linux-3.18.9/include/linux/blkdev.h
+--- linux-3.18.9.orig/include/linux/blkdev.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/blkdev.h 2015-03-15 16:03:03.792094875 -0500
+@@ -101,6 +101,7 @@
+ struct list_head queuelist;
+ union {
+ struct call_single_data csd;
++ struct work_struct work;
+ unsigned long fifo_time;
+ };
+
+@@ -478,7 +479,7 @@
+ struct throtl_data *td;
+ #endif
+ struct rcu_head rcu_head;
+- wait_queue_head_t mq_freeze_wq;
++ struct swait_head mq_freeze_wq;
+ struct percpu_ref mq_usage_counter;
+ struct list_head all_q_node;
+
+diff -Nur linux-3.18.9.orig/include/linux/blk-mq.h linux-3.18.9/include/linux/blk-mq.h
+--- linux-3.18.9.orig/include/linux/blk-mq.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/blk-mq.h 2015-03-15 16:03:03.792094875 -0500
+@@ -169,6 +169,7 @@
+
+ struct blk_mq_hw_ctx *blk_mq_map_queue(struct request_queue *, const int ctx_index);
+ struct blk_mq_hw_ctx *blk_mq_alloc_single_hw_queue(struct blk_mq_tag_set *, unsigned int, int);
++void __blk_mq_complete_request_remote_work(struct work_struct *work);
+
+ void blk_mq_start_request(struct request *rq);
+ void blk_mq_end_request(struct request *rq, int error);
+diff -Nur linux-3.18.9.orig/include/linux/bottom_half.h linux-3.18.9/include/linux/bottom_half.h
+--- linux-3.18.9.orig/include/linux/bottom_half.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/bottom_half.h 2015-03-15 16:03:03.792094875 -0500
+@@ -4,6 +4,17 @@
+ #include <linux/preempt.h>
+ #include <linux/preempt_mask.h>
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++
++extern void local_bh_disable(void);
++extern void _local_bh_enable(void);
++extern void local_bh_enable(void);
++extern void local_bh_enable_ip(unsigned long ip);
++extern void __local_bh_disable_ip(unsigned long ip, unsigned int cnt);
++extern void __local_bh_enable_ip(unsigned long ip, unsigned int cnt);
++
++#else
++
+ #ifdef CONFIG_TRACE_IRQFLAGS
+ extern void __local_bh_disable_ip(unsigned long ip, unsigned int cnt);
+ #else
+@@ -31,5 +42,6 @@
+ {
+ __local_bh_enable_ip(_THIS_IP_, SOFTIRQ_DISABLE_OFFSET);
+ }
++#endif
+
+ #endif /* _LINUX_BH_H */
+diff -Nur linux-3.18.9.orig/include/linux/buffer_head.h linux-3.18.9/include/linux/buffer_head.h
+--- linux-3.18.9.orig/include/linux/buffer_head.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/buffer_head.h 2015-03-15 16:03:03.792094875 -0500
+@@ -75,8 +75,52 @@
+ struct address_space *b_assoc_map; /* mapping this buffer is
+ associated with */
+ atomic_t b_count; /* users using this buffer_head */
++#ifdef CONFIG_PREEMPT_RT_BASE
++ spinlock_t b_uptodate_lock;
++#if defined(CONFIG_JBD) || defined(CONFIG_JBD_MODULE) || \
++ defined(CONFIG_JBD2) || defined(CONFIG_JBD2_MODULE)
++ spinlock_t b_state_lock;
++ spinlock_t b_journal_head_lock;
++#endif
++#endif
+ };
+
++static inline unsigned long bh_uptodate_lock_irqsave(struct buffer_head *bh)
++{
++ unsigned long flags;
++
++#ifndef CONFIG_PREEMPT_RT_BASE
++ local_irq_save(flags);
++ bit_spin_lock(BH_Uptodate_Lock, &bh->b_state);
++#else
++ spin_lock_irqsave(&bh->b_uptodate_lock, flags);
++#endif
++ return flags;
++}
++
++static inline void
++bh_uptodate_unlock_irqrestore(struct buffer_head *bh, unsigned long flags)
++{
++#ifndef CONFIG_PREEMPT_RT_BASE
++ bit_spin_unlock(BH_Uptodate_Lock, &bh->b_state);
++ local_irq_restore(flags);
++#else
++ spin_unlock_irqrestore(&bh->b_uptodate_lock, flags);
++#endif
++}
++
++static inline void buffer_head_init_locks(struct buffer_head *bh)
++{
++#ifdef CONFIG_PREEMPT_RT_BASE
++ spin_lock_init(&bh->b_uptodate_lock);
++#if defined(CONFIG_JBD) || defined(CONFIG_JBD_MODULE) || \
++ defined(CONFIG_JBD2) || defined(CONFIG_JBD2_MODULE)
++ spin_lock_init(&bh->b_state_lock);
++ spin_lock_init(&bh->b_journal_head_lock);
++#endif
++#endif
++}
++
+ /*
+ * macro tricks to expand the set_buffer_foo(), clear_buffer_foo()
+ * and buffer_foo() functions.
+diff -Nur linux-3.18.9.orig/include/linux/cgroup.h linux-3.18.9/include/linux/cgroup.h
+--- linux-3.18.9.orig/include/linux/cgroup.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/cgroup.h 2015-03-15 16:03:03.792094875 -0500
+@@ -22,6 +22,7 @@
+ #include <linux/seq_file.h>
+ #include <linux/kernfs.h>
+ #include <linux/wait.h>
++#include <linux/work-simple.h>
+
+ #ifdef CONFIG_CGROUPS
+
+@@ -91,6 +92,7 @@
+ /* percpu_ref killing and RCU release */
+ struct rcu_head rcu_head;
+ struct work_struct destroy_work;
++ struct swork_event destroy_swork;
+ };
+
+ /* bits in struct cgroup_subsys_state flags field */
+diff -Nur linux-3.18.9.orig/include/linux/completion.h linux-3.18.9/include/linux/completion.h
+--- linux-3.18.9.orig/include/linux/completion.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/completion.h 2015-03-15 16:03:03.792094875 -0500
+@@ -7,8 +7,7 @@
+ * Atomic wait-for-completion handler data structures.
+ * See kernel/sched/completion.c for details.
+ */
+-
+-#include <linux/wait.h>
++#include <linux/wait-simple.h>
+
+ /*
+ * struct completion - structure used to maintain state for a "completion"
+@@ -24,11 +23,11 @@
+ */
+ struct completion {
+ unsigned int done;
+- wait_queue_head_t wait;
++ struct swait_head wait;
+ };
+
+ #define COMPLETION_INITIALIZER(work) \
+- { 0, __WAIT_QUEUE_HEAD_INITIALIZER((work).wait) }
++ { 0, SWAIT_HEAD_INITIALIZER((work).wait) }
+
+ #define COMPLETION_INITIALIZER_ONSTACK(work) \
+ ({ init_completion(&work); work; })
+@@ -73,7 +72,7 @@
+ static inline void init_completion(struct completion *x)
+ {
+ x->done = 0;
+- init_waitqueue_head(&x->wait);
++ init_swait_head(&x->wait);
+ }
+
+ /**
+diff -Nur linux-3.18.9.orig/include/linux/cpu.h linux-3.18.9/include/linux/cpu.h
+--- linux-3.18.9.orig/include/linux/cpu.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/cpu.h 2015-03-15 16:03:03.792094875 -0500
+@@ -217,6 +217,8 @@
+ extern void put_online_cpus(void);
+ extern void cpu_hotplug_disable(void);
+ extern void cpu_hotplug_enable(void);
++extern void pin_current_cpu(void);
++extern void unpin_current_cpu(void);
+ #define hotcpu_notifier(fn, pri) cpu_notifier(fn, pri)
+ #define __hotcpu_notifier(fn, pri) __cpu_notifier(fn, pri)
+ #define register_hotcpu_notifier(nb) register_cpu_notifier(nb)
+@@ -235,6 +237,8 @@
+ #define put_online_cpus() do { } while (0)
+ #define cpu_hotplug_disable() do { } while (0)
+ #define cpu_hotplug_enable() do { } while (0)
++static inline void pin_current_cpu(void) { }
++static inline void unpin_current_cpu(void) { }
+ #define hotcpu_notifier(fn, pri) do { (void)(fn); } while (0)
+ #define __hotcpu_notifier(fn, pri) do { (void)(fn); } while (0)
+ /* These aren't inline functions due to a GCC bug. */
+diff -Nur linux-3.18.9.orig/include/linux/delay.h linux-3.18.9/include/linux/delay.h
+--- linux-3.18.9.orig/include/linux/delay.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/delay.h 2015-03-15 16:03:03.792094875 -0500
+@@ -52,4 +52,10 @@
+ msleep(seconds * 1000);
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++extern void cpu_chill(void);
++#else
++# define cpu_chill() cpu_relax()
++#endif
++
+ #endif /* defined(_LINUX_DELAY_H) */
+diff -Nur linux-3.18.9.orig/include/linux/ftrace_event.h linux-3.18.9/include/linux/ftrace_event.h
+--- linux-3.18.9.orig/include/linux/ftrace_event.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/ftrace_event.h 2015-03-15 16:03:03.804094874 -0500
+@@ -61,6 +61,9 @@
+ unsigned char flags;
+ unsigned char preempt_count;
+ int pid;
++ unsigned short migrate_disable;
++ unsigned short padding;
++ unsigned char preempt_lazy_count;
+ };
+
+ #define FTRACE_MAX_EVENT \
+diff -Nur linux-3.18.9.orig/include/linux/highmem.h linux-3.18.9/include/linux/highmem.h
+--- linux-3.18.9.orig/include/linux/highmem.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/highmem.h 2015-03-15 16:03:03.804094874 -0500
+@@ -7,6 +7,7 @@
+ #include <linux/mm.h>
+ #include <linux/uaccess.h>
+ #include <linux/hardirq.h>
++#include <linux/sched.h>
+
+ #include <asm/cacheflush.h>
+
+@@ -85,32 +86,51 @@
+
+ #if defined(CONFIG_HIGHMEM) || defined(CONFIG_X86_32)
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ DECLARE_PER_CPU(int, __kmap_atomic_idx);
++#endif
+
+ static inline int kmap_atomic_idx_push(void)
+ {
++#ifndef CONFIG_PREEMPT_RT_FULL
+ int idx = __this_cpu_inc_return(__kmap_atomic_idx) - 1;
+
+-#ifdef CONFIG_DEBUG_HIGHMEM
++# ifdef CONFIG_DEBUG_HIGHMEM
+ WARN_ON_ONCE(in_irq() && !irqs_disabled());
+ BUG_ON(idx >= KM_TYPE_NR);
+-#endif
++# endif
+ return idx;
++#else
++ current->kmap_idx++;
++ BUG_ON(current->kmap_idx > KM_TYPE_NR);
++ return current->kmap_idx - 1;
++#endif
+ }
+
+ static inline int kmap_atomic_idx(void)
+ {
++#ifndef CONFIG_PREEMPT_RT_FULL
+ return __this_cpu_read(__kmap_atomic_idx) - 1;
++#else
++ return current->kmap_idx - 1;
++#endif
+ }
+
+ static inline void kmap_atomic_idx_pop(void)
+ {
+-#ifdef CONFIG_DEBUG_HIGHMEM
++#ifndef CONFIG_PREEMPT_RT_FULL
++# ifdef CONFIG_DEBUG_HIGHMEM
+ int idx = __this_cpu_dec_return(__kmap_atomic_idx);
+
+ BUG_ON(idx < 0);
+-#else
++# else
+ __this_cpu_dec(__kmap_atomic_idx);
++# endif
++#else
++ current->kmap_idx--;
++# ifdef CONFIG_DEBUG_HIGHMEM
++ BUG_ON(current->kmap_idx < 0);
++# endif
+ #endif
+ }
+
+diff -Nur linux-3.18.9.orig/include/linux/hrtimer.h linux-3.18.9/include/linux/hrtimer.h
+--- linux-3.18.9.orig/include/linux/hrtimer.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/hrtimer.h 2015-03-15 16:03:03.804094874 -0500
+@@ -111,6 +111,11 @@
+ enum hrtimer_restart (*function)(struct hrtimer *);
+ struct hrtimer_clock_base *base;
+ unsigned long state;
++ struct list_head cb_entry;
++ int irqsafe;
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++ ktime_t praecox;
++#endif
+ #ifdef CONFIG_TIMER_STATS
+ int start_pid;
+ void *start_site;
+@@ -147,6 +152,7 @@
+ int index;
+ clockid_t clockid;
+ struct timerqueue_head active;
++ struct list_head expired;
+ ktime_t resolution;
+ ktime_t (*get_time)(void);
+ ktime_t softirq_time;
+@@ -192,6 +198,9 @@
+ unsigned long nr_hangs;
+ ktime_t max_hang_time;
+ #endif
++#ifdef CONFIG_PREEMPT_RT_BASE
++ wait_queue_head_t wait;
++#endif
+ struct hrtimer_clock_base clock_base[HRTIMER_MAX_CLOCK_BASES];
+ };
+
+@@ -379,6 +388,13 @@
+ return hrtimer_start_expires(timer, HRTIMER_MODE_ABS);
+ }
+
++/* Softirq preemption could deadlock timer removal */
++#ifdef CONFIG_PREEMPT_RT_BASE
++ extern void hrtimer_wait_for_timer(const struct hrtimer *timer);
++#else
++# define hrtimer_wait_for_timer(timer) do { cpu_relax(); } while (0)
++#endif
++
+ /* Query timers: */
+ extern ktime_t hrtimer_get_remaining(const struct hrtimer *timer);
+ extern int hrtimer_get_res(const clockid_t which_clock, struct timespec *tp);
+diff -Nur linux-3.18.9.orig/include/linux/idr.h linux-3.18.9/include/linux/idr.h
+--- linux-3.18.9.orig/include/linux/idr.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/idr.h 2015-03-15 16:03:03.804094874 -0500
+@@ -95,10 +95,14 @@
+ * Each idr_preload() should be matched with an invocation of this
+ * function. See idr_preload() for details.
+ */
++#ifdef CONFIG_PREEMPT_RT_FULL
++void idr_preload_end(void);
++#else
+ static inline void idr_preload_end(void)
+ {
+ preempt_enable();
+ }
++#endif
+
+ /**
+ * idr_find - return pointer for given id
+diff -Nur linux-3.18.9.orig/include/linux/init_task.h linux-3.18.9/include/linux/init_task.h
+--- linux-3.18.9.orig/include/linux/init_task.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/init_task.h 2015-03-15 16:03:03.804094874 -0500
+@@ -147,9 +147,16 @@
+ # define INIT_PERF_EVENTS(tsk)
+ #endif
+
++#ifdef CONFIG_PREEMPT_RT_BASE
++# define INIT_TIMER_LIST .posix_timer_list = NULL,
++#else
++# define INIT_TIMER_LIST
++#endif
++
+ #ifdef CONFIG_VIRT_CPU_ACCOUNTING_GEN
+ # define INIT_VTIME(tsk) \
+- .vtime_seqlock = __SEQLOCK_UNLOCKED(tsk.vtime_seqlock), \
++ .vtime_lock = __RAW_SPIN_LOCK_UNLOCKED(tsk.vtime_lock), \
++ .vtime_seq = SEQCNT_ZERO(tsk.vtime_seq), \
+ .vtime_snap = 0, \
+ .vtime_snap_whence = VTIME_SYS,
+ #else
+@@ -219,6 +226,7 @@
+ .cpu_timers = INIT_CPU_TIMERS(tsk.cpu_timers), \
+ .pi_lock = __RAW_SPIN_LOCK_UNLOCKED(tsk.pi_lock), \
+ .timer_slack_ns = 50000, /* 50 usec default slack */ \
++ INIT_TIMER_LIST \
+ .pids = { \
+ [PIDTYPE_PID] = INIT_PID_LINK(PIDTYPE_PID), \
+ [PIDTYPE_PGID] = INIT_PID_LINK(PIDTYPE_PGID), \
+diff -Nur linux-3.18.9.orig/include/linux/interrupt.h linux-3.18.9/include/linux/interrupt.h
+--- linux-3.18.9.orig/include/linux/interrupt.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/interrupt.h 2015-03-15 16:03:03.804094874 -0500
+@@ -57,6 +57,7 @@
+ * IRQF_NO_THREAD - Interrupt cannot be threaded
+ * IRQF_EARLY_RESUME - Resume IRQ early during syscore instead of at device
+ * resume time.
++ * IRQF_NO_SOFTIRQ_CALL - Do not process softirqs in the irq thread context (RT)
+ */
+ #define IRQF_DISABLED 0x00000020
+ #define IRQF_SHARED 0x00000080
+@@ -70,6 +71,7 @@
+ #define IRQF_FORCE_RESUME 0x00008000
+ #define IRQF_NO_THREAD 0x00010000
+ #define IRQF_EARLY_RESUME 0x00020000
++#define IRQF_NO_SOFTIRQ_CALL 0x00080000
+
+ #define IRQF_TIMER (__IRQF_TIMER | IRQF_NO_SUSPEND | IRQF_NO_THREAD)
+
+@@ -180,7 +182,7 @@
+ #ifdef CONFIG_LOCKDEP
+ # define local_irq_enable_in_hardirq() do { } while (0)
+ #else
+-# define local_irq_enable_in_hardirq() local_irq_enable()
++# define local_irq_enable_in_hardirq() local_irq_enable_nort()
+ #endif
+
+ extern void disable_irq_nosync(unsigned int irq);
+@@ -210,6 +212,7 @@
+ unsigned int irq;
+ struct kref kref;
+ struct work_struct work;
++ struct list_head list;
+ void (*notify)(struct irq_affinity_notify *, const cpumask_t *mask);
+ void (*release)(struct kref *ref);
+ };
+@@ -358,9 +361,13 @@
+
+
+ #ifdef CONFIG_IRQ_FORCED_THREADING
++# ifndef CONFIG_PREEMPT_RT_BASE
+ extern bool force_irqthreads;
++# else
++# define force_irqthreads (true)
++# endif
+ #else
+-#define force_irqthreads (0)
++#define force_irqthreads (false)
+ #endif
+
+ #ifndef __ARCH_SET_SOFTIRQ_PENDING
+@@ -416,9 +423,10 @@
+ void (*action)(struct softirq_action *);
+ };
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ asmlinkage void do_softirq(void);
+ asmlinkage void __do_softirq(void);
+-
++static inline void thread_do_softirq(void) { do_softirq(); }
+ #ifdef __ARCH_HAS_DO_SOFTIRQ
+ void do_softirq_own_stack(void);
+ #else
+@@ -427,6 +435,9 @@
+ __do_softirq();
+ }
+ #endif
++#else
++extern void thread_do_softirq(void);
++#endif
+
+ extern void open_softirq(int nr, void (*action)(struct softirq_action *));
+ extern void softirq_init(void);
+@@ -434,6 +445,7 @@
+
+ extern void raise_softirq_irqoff(unsigned int nr);
+ extern void raise_softirq(unsigned int nr);
++extern void softirq_check_pending_idle(void);
+
+ DECLARE_PER_CPU(struct task_struct *, ksoftirqd);
+
+@@ -455,8 +467,9 @@
+ to be executed on some cpu at least once after this.
+ * If the tasklet is already scheduled, but its execution is still not
+ started, it will be executed only once.
+- * If this tasklet is already running on another CPU (or schedule is called
+- from tasklet itself), it is rescheduled for later.
++ * If this tasklet is already running on another CPU, it is rescheduled
++ for later.
++ * Schedule must not be called from the tasklet itself (a lockup occurs)
+ * Tasklet is strictly serialized wrt itself, but not
+ wrt another tasklets. If client needs some intertask synchronization,
+ he makes it with spinlocks.
+@@ -481,27 +494,36 @@
+ enum
+ {
+ TASKLET_STATE_SCHED, /* Tasklet is scheduled for execution */
+- TASKLET_STATE_RUN /* Tasklet is running (SMP only) */
++ TASKLET_STATE_RUN, /* Tasklet is running (SMP only) */
++ TASKLET_STATE_PENDING /* Tasklet is pending */
+ };
+
+-#ifdef CONFIG_SMP
++#define TASKLET_STATEF_SCHED (1 << TASKLET_STATE_SCHED)
++#define TASKLET_STATEF_RUN (1 << TASKLET_STATE_RUN)
++#define TASKLET_STATEF_PENDING (1 << TASKLET_STATE_PENDING)
++
++#if defined(CONFIG_SMP) || defined(CONFIG_PREEMPT_RT_FULL)
+ static inline int tasklet_trylock(struct tasklet_struct *t)
+ {
+ return !test_and_set_bit(TASKLET_STATE_RUN, &(t)->state);
+ }
+
++static inline int tasklet_tryunlock(struct tasklet_struct *t)
++{
++ return cmpxchg(&t->state, TASKLET_STATEF_RUN, 0) == TASKLET_STATEF_RUN;
++}
++
+ static inline void tasklet_unlock(struct tasklet_struct *t)
+ {
+ smp_mb__before_atomic();
+ clear_bit(TASKLET_STATE_RUN, &(t)->state);
+ }
+
+-static inline void tasklet_unlock_wait(struct tasklet_struct *t)
+-{
+- while (test_bit(TASKLET_STATE_RUN, &(t)->state)) { barrier(); }
+-}
++extern void tasklet_unlock_wait(struct tasklet_struct *t);
++
+ #else
+ #define tasklet_trylock(t) 1
++#define tasklet_tryunlock(t) 1
+ #define tasklet_unlock_wait(t) do { } while (0)
+ #define tasklet_unlock(t) do { } while (0)
+ #endif
+@@ -550,17 +572,8 @@
+ smp_mb();
+ }
+
+-static inline void tasklet_enable(struct tasklet_struct *t)
+-{
+- smp_mb__before_atomic();
+- atomic_dec(&t->count);
+-}
+-
+-static inline void tasklet_hi_enable(struct tasklet_struct *t)
+-{
+- smp_mb__before_atomic();
+- atomic_dec(&t->count);
+-}
++extern void tasklet_enable(struct tasklet_struct *t);
++extern void tasklet_hi_enable(struct tasklet_struct *t);
+
+ extern void tasklet_kill(struct tasklet_struct *t);
+ extern void tasklet_kill_immediate(struct tasklet_struct *t, unsigned int cpu);
+@@ -592,6 +605,12 @@
+ tasklet_kill(&ttimer->tasklet);
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++extern void softirq_early_init(void);
++#else
++static inline void softirq_early_init(void) { }
++#endif
++
+ /*
+ * Autoprobing for irqs:
+ *
+diff -Nur linux-3.18.9.orig/include/linux/irqdesc.h linux-3.18.9/include/linux/irqdesc.h
+--- linux-3.18.9.orig/include/linux/irqdesc.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/irqdesc.h 2015-03-15 16:03:03.804094874 -0500
+@@ -63,6 +63,7 @@
+ unsigned int irqs_unhandled;
+ atomic_t threads_handled;
+ int threads_handled_last;
++ u64 random_ip;
+ raw_spinlock_t lock;
+ struct cpumask *percpu_enabled;
+ #ifdef CONFIG_SMP
+diff -Nur linux-3.18.9.orig/include/linux/irqflags.h linux-3.18.9/include/linux/irqflags.h
+--- linux-3.18.9.orig/include/linux/irqflags.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/irqflags.h 2015-03-15 16:03:03.804094874 -0500
+@@ -25,8 +25,6 @@
+ # define trace_softirqs_enabled(p) ((p)->softirqs_enabled)
+ # define trace_hardirq_enter() do { current->hardirq_context++; } while (0)
+ # define trace_hardirq_exit() do { current->hardirq_context--; } while (0)
+-# define lockdep_softirq_enter() do { current->softirq_context++; } while (0)
+-# define lockdep_softirq_exit() do { current->softirq_context--; } while (0)
+ # define INIT_TRACE_IRQFLAGS .softirqs_enabled = 1,
+ #else
+ # define trace_hardirqs_on() do { } while (0)
+@@ -39,9 +37,15 @@
+ # define trace_softirqs_enabled(p) 0
+ # define trace_hardirq_enter() do { } while (0)
+ # define trace_hardirq_exit() do { } while (0)
++# define INIT_TRACE_IRQFLAGS
++#endif
++
++#if defined(CONFIG_TRACE_IRQFLAGS) && !defined(CONFIG_PREEMPT_RT_FULL)
++# define lockdep_softirq_enter() do { current->softirq_context++; } while (0)
++# define lockdep_softirq_exit() do { current->softirq_context--; } while (0)
++#else
+ # define lockdep_softirq_enter() do { } while (0)
+ # define lockdep_softirq_exit() do { } while (0)
+-# define INIT_TRACE_IRQFLAGS
+ #endif
+
+ #if defined(CONFIG_IRQSOFF_TRACER) || \
+@@ -147,4 +151,23 @@
+
+ #endif /* CONFIG_TRACE_IRQFLAGS_SUPPORT */
+
++/*
++ * local_irq* variants depending on RT/!RT
++ */
++#ifdef CONFIG_PREEMPT_RT_FULL
++# define local_irq_disable_nort() do { } while (0)
++# define local_irq_enable_nort() do { } while (0)
++# define local_irq_save_nort(flags) local_save_flags(flags)
++# define local_irq_restore_nort(flags) (void)(flags)
++# define local_irq_disable_rt() local_irq_disable()
++# define local_irq_enable_rt() local_irq_enable()
++#else
++# define local_irq_disable_nort() local_irq_disable()
++# define local_irq_enable_nort() local_irq_enable()
++# define local_irq_save_nort(flags) local_irq_save(flags)
++# define local_irq_restore_nort(flags) local_irq_restore(flags)
++# define local_irq_disable_rt() do { } while (0)
++# define local_irq_enable_rt() do { } while (0)
++#endif
++
+ #endif
+diff -Nur linux-3.18.9.orig/include/linux/irq.h linux-3.18.9/include/linux/irq.h
+--- linux-3.18.9.orig/include/linux/irq.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/irq.h 2015-03-15 16:03:03.804094874 -0500
+@@ -73,6 +73,7 @@
+ * IRQ_IS_POLLED - Always polled by another interrupt. Exclude
+ * it from the spurious interrupt detection
+ * mechanism and from core side polling.
++ * IRQ_NO_SOFTIRQ_CALL - No softirq processing in the irq thread context (RT)
+ */
+ enum {
+ IRQ_TYPE_NONE = 0x00000000,
+@@ -98,13 +99,14 @@
+ IRQ_NOTHREAD = (1 << 16),
+ IRQ_PER_CPU_DEVID = (1 << 17),
+ IRQ_IS_POLLED = (1 << 18),
++ IRQ_NO_SOFTIRQ_CALL = (1 << 19),
+ };
+
+ #define IRQF_MODIFY_MASK \
+ (IRQ_TYPE_SENSE_MASK | IRQ_NOPROBE | IRQ_NOREQUEST | \
+ IRQ_NOAUTOEN | IRQ_MOVE_PCNTXT | IRQ_LEVEL | IRQ_NO_BALANCING | \
+ IRQ_PER_CPU | IRQ_NESTED_THREAD | IRQ_NOTHREAD | IRQ_PER_CPU_DEVID | \
+- IRQ_IS_POLLED)
++ IRQ_IS_POLLED | IRQ_NO_SOFTIRQ_CALL)
+
+ #define IRQ_NO_BALANCING_MASK (IRQ_PER_CPU | IRQ_NO_BALANCING)
+
+diff -Nur linux-3.18.9.orig/include/linux/irq_work.h linux-3.18.9/include/linux/irq_work.h
+--- linux-3.18.9.orig/include/linux/irq_work.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/irq_work.h 2015-03-15 16:03:03.804094874 -0500
+@@ -16,6 +16,7 @@
+ #define IRQ_WORK_BUSY 2UL
+ #define IRQ_WORK_FLAGS 3UL
+ #define IRQ_WORK_LAZY 4UL /* Doesn't want IPI, wait for tick */
++#define IRQ_WORK_HARD_IRQ 8UL /* Run hard IRQ context, even on RT */
+
+ struct irq_work {
+ unsigned long flags;
+diff -Nur linux-3.18.9.orig/include/linux/jbd_common.h linux-3.18.9/include/linux/jbd_common.h
+--- linux-3.18.9.orig/include/linux/jbd_common.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/jbd_common.h 2015-03-15 16:03:03.804094874 -0500
+@@ -15,32 +15,56 @@
+
+ static inline void jbd_lock_bh_state(struct buffer_head *bh)
+ {
++#ifndef CONFIG_PREEMPT_RT_BASE
+ bit_spin_lock(BH_State, &bh->b_state);
++#else
++ spin_lock(&bh->b_state_lock);
++#endif
+ }
+
+ static inline int jbd_trylock_bh_state(struct buffer_head *bh)
+ {
++#ifndef CONFIG_PREEMPT_RT_BASE
+ return bit_spin_trylock(BH_State, &bh->b_state);
++#else
++ return spin_trylock(&bh->b_state_lock);
++#endif
+ }
+
+ static inline int jbd_is_locked_bh_state(struct buffer_head *bh)
+ {
++#ifndef CONFIG_PREEMPT_RT_BASE
+ return bit_spin_is_locked(BH_State, &bh->b_state);
++#else
++ return spin_is_locked(&bh->b_state_lock);
++#endif
+ }
+
+ static inline void jbd_unlock_bh_state(struct buffer_head *bh)
+ {
++#ifndef CONFIG_PREEMPT_RT_BASE
+ bit_spin_unlock(BH_State, &bh->b_state);
++#else
++ spin_unlock(&bh->b_state_lock);
++#endif
+ }
+
+ static inline void jbd_lock_bh_journal_head(struct buffer_head *bh)
+ {
++#ifndef CONFIG_PREEMPT_RT_BASE
+ bit_spin_lock(BH_JournalHead, &bh->b_state);
++#else
++ spin_lock(&bh->b_journal_head_lock);
++#endif
+ }
+
+ static inline void jbd_unlock_bh_journal_head(struct buffer_head *bh)
+ {
++#ifndef CONFIG_PREEMPT_RT_BASE
+ bit_spin_unlock(BH_JournalHead, &bh->b_state);
++#else
++ spin_unlock(&bh->b_journal_head_lock);
++#endif
+ }
+
+ #endif
+diff -Nur linux-3.18.9.orig/include/linux/jump_label.h linux-3.18.9/include/linux/jump_label.h
+--- linux-3.18.9.orig/include/linux/jump_label.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/jump_label.h 2015-03-15 16:03:03.804094874 -0500
+@@ -55,7 +55,8 @@
+ "%s used before call to jump_label_init", \
+ __func__)
+
+-#if defined(CC_HAVE_ASM_GOTO) && defined(CONFIG_JUMP_LABEL)
++#if defined(CC_HAVE_ASM_GOTO) && defined(CONFIG_JUMP_LABEL) && \
++ !defined(CONFIG_PREEMPT_BASE)
+
+ struct static_key {
+ atomic_t enabled;
+diff -Nur linux-3.18.9.orig/include/linux/kdb.h linux-3.18.9/include/linux/kdb.h
+--- linux-3.18.9.orig/include/linux/kdb.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/kdb.h 2015-03-15 16:03:03.804094874 -0500
+@@ -116,7 +116,7 @@
+ extern __printf(1, 0) int vkdb_printf(const char *fmt, va_list args);
+ extern __printf(1, 2) int kdb_printf(const char *, ...);
+ typedef __printf(1, 2) int (*kdb_printf_t)(const char *, ...);
+-
++#define in_kdb_printk() (kdb_trap_printk)
+ extern void kdb_init(int level);
+
+ /* Access to kdb specific polling devices */
+@@ -151,6 +151,7 @@
+ extern int kdb_unregister(char *);
+ #else /* ! CONFIG_KGDB_KDB */
+ static inline __printf(1, 2) int kdb_printf(const char *fmt, ...) { return 0; }
++#define in_kdb_printk() (0)
+ static inline void kdb_init(int level) {}
+ static inline int kdb_register(char *cmd, kdb_func_t func, char *usage,
+ char *help, short minlen) { return 0; }
+diff -Nur linux-3.18.9.orig/include/linux/kernel.h linux-3.18.9/include/linux/kernel.h
+--- linux-3.18.9.orig/include/linux/kernel.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/kernel.h 2015-03-15 16:03:03.804094874 -0500
+@@ -451,6 +451,7 @@
+ SYSTEM_HALT,
+ SYSTEM_POWER_OFF,
+ SYSTEM_RESTART,
++ SYSTEM_SUSPEND,
+ } system_state;
+
+ #define TAINT_PROPRIETARY_MODULE 0
+diff -Nur linux-3.18.9.orig/include/linux/lglock.h linux-3.18.9/include/linux/lglock.h
+--- linux-3.18.9.orig/include/linux/lglock.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/lglock.h 2015-03-15 16:03:03.804094874 -0500
+@@ -34,22 +34,39 @@
+ #endif
+
+ struct lglock {
++#ifndef CONFIG_PREEMPT_RT_FULL
+ arch_spinlock_t __percpu *lock;
++#else
++ struct rt_mutex __percpu *lock;
++#endif
+ #ifdef CONFIG_DEBUG_LOCK_ALLOC
+ struct lock_class_key lock_key;
+ struct lockdep_map lock_dep_map;
+ #endif
+ };
+
+-#define DEFINE_LGLOCK(name) \
++#ifndef CONFIG_PREEMPT_RT_FULL
++# define DEFINE_LGLOCK(name) \
+ static DEFINE_PER_CPU(arch_spinlock_t, name ## _lock) \
+ = __ARCH_SPIN_LOCK_UNLOCKED; \
+ struct lglock name = { .lock = &name ## _lock }
+
+-#define DEFINE_STATIC_LGLOCK(name) \
++# define DEFINE_STATIC_LGLOCK(name) \
+ static DEFINE_PER_CPU(arch_spinlock_t, name ## _lock) \
+ = __ARCH_SPIN_LOCK_UNLOCKED; \
+ static struct lglock name = { .lock = &name ## _lock }
++#else
++
++# define DEFINE_LGLOCK(name) \
++ static DEFINE_PER_CPU(struct rt_mutex, name ## _lock) \
++ = __RT_MUTEX_INITIALIZER( name ## _lock); \
++ struct lglock name = { .lock = &name ## _lock }
++
++# define DEFINE_STATIC_LGLOCK(name) \
++ static DEFINE_PER_CPU(struct rt_mutex, name ## _lock) \
++ = __RT_MUTEX_INITIALIZER( name ## _lock); \
++ static struct lglock name = { .lock = &name ## _lock }
++#endif
+
+ void lg_lock_init(struct lglock *lg, char *name);
+ void lg_local_lock(struct lglock *lg);
+@@ -59,6 +76,12 @@
+ void lg_global_lock(struct lglock *lg);
+ void lg_global_unlock(struct lglock *lg);
+
++#ifndef CONFIG_PREEMPT_RT_FULL
++#define lg_global_trylock_relax(name) lg_global_lock(name)
++#else
++void lg_global_trylock_relax(struct lglock *lg);
++#endif
++
+ #else
+ /* When !CONFIG_SMP, map lglock to spinlock */
+ #define lglock spinlock
+diff -Nur linux-3.18.9.orig/include/linux/list_bl.h linux-3.18.9/include/linux/list_bl.h
+--- linux-3.18.9.orig/include/linux/list_bl.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/list_bl.h 2015-03-15 16:03:03.808094874 -0500
+@@ -2,6 +2,7 @@
+ #define _LINUX_LIST_BL_H
+
+ #include <linux/list.h>
++#include <linux/spinlock.h>
+ #include <linux/bit_spinlock.h>
+
+ /*
+@@ -32,13 +33,22 @@
+
+ struct hlist_bl_head {
+ struct hlist_bl_node *first;
++#ifdef CONFIG_PREEMPT_RT_BASE
++ raw_spinlock_t lock;
++#endif
+ };
+
+ struct hlist_bl_node {
+ struct hlist_bl_node *next, **pprev;
+ };
+-#define INIT_HLIST_BL_HEAD(ptr) \
+- ((ptr)->first = NULL)
++
++static inline void INIT_HLIST_BL_HEAD(struct hlist_bl_head *h)
++{
++ h->first = NULL;
++#ifdef CONFIG_PREEMPT_RT_BASE
++ raw_spin_lock_init(&h->lock);
++#endif
++}
+
+ static inline void INIT_HLIST_BL_NODE(struct hlist_bl_node *h)
+ {
+@@ -117,12 +127,26 @@
+
+ static inline void hlist_bl_lock(struct hlist_bl_head *b)
+ {
++#ifndef CONFIG_PREEMPT_RT_BASE
+ bit_spin_lock(0, (unsigned long *)b);
++#else
++ raw_spin_lock(&b->lock);
++#if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)
++ __set_bit(0, (unsigned long *)b);
++#endif
++#endif
+ }
+
+ static inline void hlist_bl_unlock(struct hlist_bl_head *b)
+ {
++#ifndef CONFIG_PREEMPT_RT_BASE
+ __bit_spin_unlock(0, (unsigned long *)b);
++#else
++#if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)
++ __clear_bit(0, (unsigned long *)b);
++#endif
++ raw_spin_unlock(&b->lock);
++#endif
+ }
+
+ static inline bool hlist_bl_is_locked(struct hlist_bl_head *b)
+diff -Nur linux-3.18.9.orig/include/linux/locallock.h linux-3.18.9/include/linux/locallock.h
+--- linux-3.18.9.orig/include/linux/locallock.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/linux/locallock.h 2015-03-15 16:03:03.808094874 -0500
+@@ -0,0 +1,270 @@
++#ifndef _LINUX_LOCALLOCK_H
++#define _LINUX_LOCALLOCK_H
++
++#include <linux/percpu.h>
++#include <linux/spinlock.h>
++
++#ifdef CONFIG_PREEMPT_RT_BASE
++
++#ifdef CONFIG_DEBUG_SPINLOCK
++# define LL_WARN(cond) WARN_ON(cond)
++#else
++# define LL_WARN(cond) do { } while (0)
++#endif
++
++/*
++ * per cpu lock based substitute for local_irq_*()
++ */
++struct local_irq_lock {
++ spinlock_t lock;
++ struct task_struct *owner;
++ int nestcnt;
++ unsigned long flags;
++};
++
++#define DEFINE_LOCAL_IRQ_LOCK(lvar) \
++ DEFINE_PER_CPU(struct local_irq_lock, lvar) = { \
++ .lock = __SPIN_LOCK_UNLOCKED((lvar).lock) }
++
++#define DECLARE_LOCAL_IRQ_LOCK(lvar) \
++ DECLARE_PER_CPU(struct local_irq_lock, lvar)
++
++#define local_irq_lock_init(lvar) \
++ do { \
++ int __cpu; \
++ for_each_possible_cpu(__cpu) \
++ spin_lock_init(&per_cpu(lvar, __cpu).lock); \
++ } while (0)
++
++/*
++ * spin_lock|trylock|unlock_local flavour that does not migrate disable
++ * used for __local_lock|trylock|unlock where get_local_var/put_local_var
++ * already takes care of the migrate_disable/enable
++ * for CONFIG_PREEMPT_BASE map to the normal spin_* calls.
++ */
++#ifdef CONFIG_PREEMPT_RT_FULL
++# define spin_lock_local(lock) rt_spin_lock(lock)
++# define spin_trylock_local(lock) rt_spin_trylock(lock)
++# define spin_unlock_local(lock) rt_spin_unlock(lock)
++#else
++# define spin_lock_local(lock) spin_lock(lock)
++# define spin_trylock_local(lock) spin_trylock(lock)
++# define spin_unlock_local(lock) spin_unlock(lock)
++#endif
++
++static inline void __local_lock(struct local_irq_lock *lv)
++{
++ if (lv->owner != current) {
++ spin_lock_local(&lv->lock);
++ LL_WARN(lv->owner);
++ LL_WARN(lv->nestcnt);
++ lv->owner = current;
++ }
++ lv->nestcnt++;
++}
++
++#define local_lock(lvar) \
++ do { __local_lock(&get_local_var(lvar)); } while (0)
++
++static inline int __local_trylock(struct local_irq_lock *lv)
++{
++ if (lv->owner != current && spin_trylock_local(&lv->lock)) {
++ LL_WARN(lv->owner);
++ LL_WARN(lv->nestcnt);
++ lv->owner = current;
++ lv->nestcnt = 1;
++ return 1;
++ }
++ return 0;
++}
++
++#define local_trylock(lvar) \
++ ({ \
++ int __locked; \
++ __locked = __local_trylock(&get_local_var(lvar)); \
++ if (!__locked) \
++ put_local_var(lvar); \
++ __locked; \
++ })
++
++static inline void __local_unlock(struct local_irq_lock *lv)
++{
++ LL_WARN(lv->nestcnt == 0);
++ LL_WARN(lv->owner != current);
++ if (--lv->nestcnt)
++ return;
++
++ lv->owner = NULL;
++ spin_unlock_local(&lv->lock);
++}
++
++#define local_unlock(lvar) \
++ do { \
++ __local_unlock(&__get_cpu_var(lvar)); \
++ put_local_var(lvar); \
++ } while (0)
++
++static inline void __local_lock_irq(struct local_irq_lock *lv)
++{
++ spin_lock_irqsave(&lv->lock, lv->flags);
++ LL_WARN(lv->owner);
++ LL_WARN(lv->nestcnt);
++ lv->owner = current;
++ lv->nestcnt = 1;
++}
++
++#define local_lock_irq(lvar) \
++ do { __local_lock_irq(&get_local_var(lvar)); } while (0)
++
++#define local_lock_irq_on(lvar, cpu) \
++ do { __local_lock_irq(&per_cpu(lvar, cpu)); } while (0)
++
++static inline void __local_unlock_irq(struct local_irq_lock *lv)
++{
++ LL_WARN(!lv->nestcnt);
++ LL_WARN(lv->owner != current);
++ lv->owner = NULL;
++ lv->nestcnt = 0;
++ spin_unlock_irq(&lv->lock);
++}
++
++#define local_unlock_irq(lvar) \
++ do { \
++ __local_unlock_irq(&__get_cpu_var(lvar)); \
++ put_local_var(lvar); \
++ } while (0)
++
++#define local_unlock_irq_on(lvar, cpu) \
++ do { \
++ __local_unlock_irq(&per_cpu(lvar, cpu)); \
++ } while (0)
++
++static inline int __local_lock_irqsave(struct local_irq_lock *lv)
++{
++ if (lv->owner != current) {
++ __local_lock_irq(lv);
++ return 0;
++ } else {
++ lv->nestcnt++;
++ return 1;
++ }
++}
++
++#define local_lock_irqsave(lvar, _flags) \
++ do { \
++ if (__local_lock_irqsave(&get_local_var(lvar))) \
++ put_local_var(lvar); \
++ _flags = __get_cpu_var(lvar).flags; \
++ } while (0)
++
++#define local_lock_irqsave_on(lvar, _flags, cpu) \
++ do { \
++ __local_lock_irqsave(&per_cpu(lvar, cpu)); \
++ _flags = per_cpu(lvar, cpu).flags; \
++ } while (0)
++
++static inline int __local_unlock_irqrestore(struct local_irq_lock *lv,
++ unsigned long flags)
++{
++ LL_WARN(!lv->nestcnt);
++ LL_WARN(lv->owner != current);
++ if (--lv->nestcnt)
++ return 0;
++
++ lv->owner = NULL;
++ spin_unlock_irqrestore(&lv->lock, lv->flags);
++ return 1;
++}
++
++#define local_unlock_irqrestore(lvar, flags) \
++ do { \
++ if (__local_unlock_irqrestore(&__get_cpu_var(lvar), flags)) \
++ put_local_var(lvar); \
++ } while (0)
++
++#define local_unlock_irqrestore_on(lvar, flags, cpu) \
++ do { \
++ __local_unlock_irqrestore(&per_cpu(lvar, cpu), flags); \
++ } while (0)
++
++#define local_spin_trylock_irq(lvar, lock) \
++ ({ \
++ int __locked; \
++ local_lock_irq(lvar); \
++ __locked = spin_trylock(lock); \
++ if (!__locked) \
++ local_unlock_irq(lvar); \
++ __locked; \
++ })
++
++#define local_spin_lock_irq(lvar, lock) \
++ do { \
++ local_lock_irq(lvar); \
++ spin_lock(lock); \
++ } while (0)
++
++#define local_spin_unlock_irq(lvar, lock) \
++ do { \
++ spin_unlock(lock); \
++ local_unlock_irq(lvar); \
++ } while (0)
++
++#define local_spin_lock_irqsave(lvar, lock, flags) \
++ do { \
++ local_lock_irqsave(lvar, flags); \
++ spin_lock(lock); \
++ } while (0)
++
++#define local_spin_unlock_irqrestore(lvar, lock, flags) \
++ do { \
++ spin_unlock(lock); \
++ local_unlock_irqrestore(lvar, flags); \
++ } while (0)
++
++#define get_locked_var(lvar, var) \
++ (*({ \
++ local_lock(lvar); \
++ &__get_cpu_var(var); \
++ }))
++
++#define put_locked_var(lvar, var) local_unlock(lvar);
++
++#define local_lock_cpu(lvar) \
++ ({ \
++ local_lock(lvar); \
++ smp_processor_id(); \
++ })
++
++#define local_unlock_cpu(lvar) local_unlock(lvar)
++
++#else /* PREEMPT_RT_BASE */
++
++#define DEFINE_LOCAL_IRQ_LOCK(lvar) __typeof__(const int) lvar
++#define DECLARE_LOCAL_IRQ_LOCK(lvar) extern __typeof__(const int) lvar
++
++static inline void local_irq_lock_init(int lvar) { }
++
++#define local_lock(lvar) preempt_disable()
++#define local_unlock(lvar) preempt_enable()
++#define local_lock_irq(lvar) local_irq_disable()
++#define local_unlock_irq(lvar) local_irq_enable()
++#define local_lock_irqsave(lvar, flags) local_irq_save(flags)
++#define local_unlock_irqrestore(lvar, flags) local_irq_restore(flags)
++
++#define local_spin_trylock_irq(lvar, lock) spin_trylock_irq(lock)
++#define local_spin_lock_irq(lvar, lock) spin_lock_irq(lock)
++#define local_spin_unlock_irq(lvar, lock) spin_unlock_irq(lock)
++#define local_spin_lock_irqsave(lvar, lock, flags) \
++ spin_lock_irqsave(lock, flags)
++#define local_spin_unlock_irqrestore(lvar, lock, flags) \
++ spin_unlock_irqrestore(lock, flags)
++
++#define get_locked_var(lvar, var) get_cpu_var(var)
++#define put_locked_var(lvar, var) put_cpu_var(var)
++
++#define local_lock_cpu(lvar) get_cpu()
++#define local_unlock_cpu(lvar) put_cpu()
++
++#endif
++
++#endif
+diff -Nur linux-3.18.9.orig/include/linux/mm_types.h linux-3.18.9/include/linux/mm_types.h
+--- linux-3.18.9.orig/include/linux/mm_types.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/mm_types.h 2015-03-15 16:03:03.808094874 -0500
+@@ -11,6 +11,7 @@
+ #include <linux/completion.h>
+ #include <linux/cpumask.h>
+ #include <linux/page-debug-flags.h>
++#include <linux/rcupdate.h>
+ #include <linux/uprobes.h>
+ #include <linux/page-flags-layout.h>
+ #include <asm/page.h>
+@@ -454,6 +455,9 @@
+ bool tlb_flush_pending;
+ #endif
+ struct uprobes_state uprobes_state;
++#ifdef CONFIG_PREEMPT_RT_BASE
++ struct rcu_head delayed_drop;
++#endif
+ };
+
+ static inline void mm_init_cpumask(struct mm_struct *mm)
+diff -Nur linux-3.18.9.orig/include/linux/mutex.h linux-3.18.9/include/linux/mutex.h
+--- linux-3.18.9.orig/include/linux/mutex.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/mutex.h 2015-03-15 16:03:03.808094874 -0500
+@@ -19,6 +19,17 @@
+ #include <asm/processor.h>
+ #include <linux/osq_lock.h>
+
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++# define __DEP_MAP_MUTEX_INITIALIZER(lockname) \
++ , .dep_map = { .name = #lockname }
++#else
++# define __DEP_MAP_MUTEX_INITIALIZER(lockname)
++#endif
++
++#ifdef CONFIG_PREEMPT_RT_FULL
++# include <linux/mutex_rt.h>
++#else
++
+ /*
+ * Simple, straightforward mutexes with strict semantics:
+ *
+@@ -100,13 +111,6 @@
+ static inline void mutex_destroy(struct mutex *lock) {}
+ #endif
+
+-#ifdef CONFIG_DEBUG_LOCK_ALLOC
+-# define __DEP_MAP_MUTEX_INITIALIZER(lockname) \
+- , .dep_map = { .name = #lockname }
+-#else
+-# define __DEP_MAP_MUTEX_INITIALIZER(lockname)
+-#endif
+-
+ #define __MUTEX_INITIALIZER(lockname) \
+ { .count = ATOMIC_INIT(1) \
+ , .wait_lock = __SPIN_LOCK_UNLOCKED(lockname.wait_lock) \
+@@ -174,6 +178,8 @@
+ extern int mutex_trylock(struct mutex *lock);
+ extern void mutex_unlock(struct mutex *lock);
+
++#endif /* !PREEMPT_RT_FULL */
++
+ extern int atomic_dec_and_mutex_lock(atomic_t *cnt, struct mutex *lock);
+
+ #endif /* __LINUX_MUTEX_H */
+diff -Nur linux-3.18.9.orig/include/linux/mutex_rt.h linux-3.18.9/include/linux/mutex_rt.h
+--- linux-3.18.9.orig/include/linux/mutex_rt.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/linux/mutex_rt.h 2015-03-15 16:03:03.808094874 -0500
+@@ -0,0 +1,84 @@
++#ifndef __LINUX_MUTEX_RT_H
++#define __LINUX_MUTEX_RT_H
++
++#ifndef __LINUX_MUTEX_H
++#error "Please include mutex.h"
++#endif
++
++#include <linux/rtmutex.h>
++
++/* FIXME: Just for __lockfunc */
++#include <linux/spinlock.h>
++
++struct mutex {
++ struct rt_mutex lock;
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++ struct lockdep_map dep_map;
++#endif
++};
++
++#define __MUTEX_INITIALIZER(mutexname) \
++ { \
++ .lock = __RT_MUTEX_INITIALIZER(mutexname.lock) \
++ __DEP_MAP_MUTEX_INITIALIZER(mutexname) \
++ }
++
++#define DEFINE_MUTEX(mutexname) \
++ struct mutex mutexname = __MUTEX_INITIALIZER(mutexname)
++
++extern void __mutex_do_init(struct mutex *lock, const char *name, struct lock_class_key *key);
++extern void __lockfunc _mutex_lock(struct mutex *lock);
++extern int __lockfunc _mutex_lock_interruptible(struct mutex *lock);
++extern int __lockfunc _mutex_lock_killable(struct mutex *lock);
++extern void __lockfunc _mutex_lock_nested(struct mutex *lock, int subclass);
++extern void __lockfunc _mutex_lock_nest_lock(struct mutex *lock, struct lockdep_map *nest_lock);
++extern int __lockfunc _mutex_lock_interruptible_nested(struct mutex *lock, int subclass);
++extern int __lockfunc _mutex_lock_killable_nested(struct mutex *lock, int subclass);
++extern int __lockfunc _mutex_trylock(struct mutex *lock);
++extern void __lockfunc _mutex_unlock(struct mutex *lock);
++
++#define mutex_is_locked(l) rt_mutex_is_locked(&(l)->lock)
++#define mutex_lock(l) _mutex_lock(l)
++#define mutex_lock_interruptible(l) _mutex_lock_interruptible(l)
++#define mutex_lock_killable(l) _mutex_lock_killable(l)
++#define mutex_trylock(l) _mutex_trylock(l)
++#define mutex_unlock(l) _mutex_unlock(l)
++#define mutex_destroy(l) rt_mutex_destroy(&(l)->lock)
++
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++# define mutex_lock_nested(l, s) _mutex_lock_nested(l, s)
++# define mutex_lock_interruptible_nested(l, s) \
++ _mutex_lock_interruptible_nested(l, s)
++# define mutex_lock_killable_nested(l, s) \
++ _mutex_lock_killable_nested(l, s)
++
++# define mutex_lock_nest_lock(lock, nest_lock) \
++do { \
++ typecheck(struct lockdep_map *, &(nest_lock)->dep_map); \
++ _mutex_lock_nest_lock(lock, &(nest_lock)->dep_map); \
++} while (0)
++
++#else
++# define mutex_lock_nested(l, s) _mutex_lock(l)
++# define mutex_lock_interruptible_nested(l, s) \
++ _mutex_lock_interruptible(l)
++# define mutex_lock_killable_nested(l, s) \
++ _mutex_lock_killable(l)
++# define mutex_lock_nest_lock(lock, nest_lock) mutex_lock(lock)
++#endif
++
++# define mutex_init(mutex) \
++do { \
++ static struct lock_class_key __key; \
++ \
++ rt_mutex_init(&(mutex)->lock); \
++ __mutex_do_init((mutex), #mutex, &__key); \
++} while (0)
++
++# define __mutex_init(mutex, name, key) \
++do { \
++ rt_mutex_init(&(mutex)->lock); \
++ __mutex_do_init((mutex), name, key); \
++} while (0)
++
++#endif
+diff -Nur linux-3.18.9.orig/include/linux/netdevice.h linux-3.18.9/include/linux/netdevice.h
+--- linux-3.18.9.orig/include/linux/netdevice.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/netdevice.h 2015-03-15 16:03:03.808094874 -0500
+@@ -2345,6 +2345,7 @@
+ unsigned int dropped;
+ struct sk_buff_head input_pkt_queue;
+ struct napi_struct backlog;
++ struct sk_buff_head tofree_queue;
+
+ #ifdef CONFIG_NET_FLOW_LIMIT
+ struct sd_flow_limit __rcu *flow_limit;
+diff -Nur linux-3.18.9.orig/include/linux/netfilter/x_tables.h linux-3.18.9/include/linux/netfilter/x_tables.h
+--- linux-3.18.9.orig/include/linux/netfilter/x_tables.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/netfilter/x_tables.h 2015-03-15 16:03:03.808094874 -0500
+@@ -3,6 +3,7 @@
+
+
+ #include <linux/netdevice.h>
++#include <linux/locallock.h>
+ #include <uapi/linux/netfilter/x_tables.h>
+
+ /**
+@@ -282,6 +283,8 @@
+ */
+ DECLARE_PER_CPU(seqcount_t, xt_recseq);
+
++DECLARE_LOCAL_IRQ_LOCK(xt_write_lock);
++
+ /**
+ * xt_write_recseq_begin - start of a write section
+ *
+@@ -296,6 +299,9 @@
+ {
+ unsigned int addend;
+
++ /* RT protection */
++ local_lock(xt_write_lock);
++
+ /*
+ * Low order bit of sequence is set if we already
+ * called xt_write_recseq_begin().
+@@ -326,6 +332,7 @@
+ /* this is kind of a write_seqcount_end(), but addend is 0 or 1 */
+ smp_wmb();
+ __this_cpu_add(xt_recseq.sequence, addend);
++ local_unlock(xt_write_lock);
+ }
+
+ /*
+diff -Nur linux-3.18.9.orig/include/linux/notifier.h linux-3.18.9/include/linux/notifier.h
+--- linux-3.18.9.orig/include/linux/notifier.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/notifier.h 2015-03-15 16:03:03.808094874 -0500
+@@ -6,7 +6,7 @@
+ *
+ * Alan Cox <Alan.Cox@linux.org>
+ */
+-
++
+ #ifndef _LINUX_NOTIFIER_H
+ #define _LINUX_NOTIFIER_H
+ #include <linux/errno.h>
+@@ -42,9 +42,7 @@
+ * in srcu_notifier_call_chain(): no cache bounces and no memory barriers.
+ * As compensation, srcu_notifier_chain_unregister() is rather expensive.
+ * SRCU notifier chains should be used when the chain will be called very
+- * often but notifier_blocks will seldom be removed. Also, SRCU notifier
+- * chains are slightly more difficult to use because they require special
+- * runtime initialization.
++ * often but notifier_blocks will seldom be removed.
+ */
+
+ typedef int (*notifier_fn_t)(struct notifier_block *nb,
+@@ -88,7 +86,7 @@
+ (name)->head = NULL; \
+ } while (0)
+
+-/* srcu_notifier_heads must be initialized and cleaned up dynamically */
++/* srcu_notifier_heads must be cleaned up dynamically */
+ extern void srcu_init_notifier_head(struct srcu_notifier_head *nh);
+ #define srcu_cleanup_notifier_head(name) \
+ cleanup_srcu_struct(&(name)->srcu);
+@@ -101,7 +99,13 @@
+ .head = NULL }
+ #define RAW_NOTIFIER_INIT(name) { \
+ .head = NULL }
+-/* srcu_notifier_heads cannot be initialized statically */
++
++#define SRCU_NOTIFIER_INIT(name, pcpu) \
++ { \
++ .mutex = __MUTEX_INITIALIZER(name.mutex), \
++ .head = NULL, \
++ .srcu = __SRCU_STRUCT_INIT(name.srcu, pcpu), \
++ }
+
+ #define ATOMIC_NOTIFIER_HEAD(name) \
+ struct atomic_notifier_head name = \
+@@ -113,6 +117,18 @@
+ struct raw_notifier_head name = \
+ RAW_NOTIFIER_INIT(name)
+
++#define _SRCU_NOTIFIER_HEAD(name, mod) \
++ static DEFINE_PER_CPU(struct srcu_struct_array, \
++ name##_head_srcu_array); \
++ mod struct srcu_notifier_head name = \
++ SRCU_NOTIFIER_INIT(name, name##_head_srcu_array)
++
++#define SRCU_NOTIFIER_HEAD(name) \
++ _SRCU_NOTIFIER_HEAD(name, )
++
++#define SRCU_NOTIFIER_HEAD_STATIC(name) \
++ _SRCU_NOTIFIER_HEAD(name, static)
++
+ #ifdef __KERNEL__
+
+ extern int atomic_notifier_chain_register(struct atomic_notifier_head *nh,
+@@ -182,12 +198,12 @@
+
+ /*
+ * Declared notifiers so far. I can imagine quite a few more chains
+- * over time (eg laptop power reset chains, reboot chain (to clean
++ * over time (eg laptop power reset chains, reboot chain (to clean
+ * device units up), device [un]mount chain, module load/unload chain,
+- * low memory chain, screenblank chain (for plug in modular screenblankers)
++ * low memory chain, screenblank chain (for plug in modular screenblankers)
+ * VC switch chains (for loadable kernel svgalib VC switch helpers) etc...
+ */
+-
++
+ /* CPU notfiers are defined in include/linux/cpu.h. */
+
+ /* netdevice notifiers are defined in include/linux/netdevice.h */
+diff -Nur linux-3.18.9.orig/include/linux/percpu.h linux-3.18.9/include/linux/percpu.h
+--- linux-3.18.9.orig/include/linux/percpu.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/percpu.h 2015-03-15 16:03:03.808094874 -0500
+@@ -23,6 +23,35 @@
+ PERCPU_MODULE_RESERVE)
+ #endif
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++
++#define get_local_var(var) (*({ \
++ migrate_disable(); \
++ &__get_cpu_var(var); }))
++
++#define put_local_var(var) do { \
++ (void)&(var); \
++ migrate_enable(); \
++} while (0)
++
++# define get_local_ptr(var) ({ \
++ migrate_disable(); \
++ this_cpu_ptr(var); })
++
++# define put_local_ptr(var) do { \
++ (void)(var); \
++ migrate_enable(); \
++} while (0)
++
++#else
++
++#define get_local_var(var) get_cpu_var(var)
++#define put_local_var(var) put_cpu_var(var)
++#define get_local_ptr(var) get_cpu_ptr(var)
++#define put_local_ptr(var) put_cpu_ptr(var)
++
++#endif
++
+ /* minimum unit size, also is the maximum supported allocation size */
+ #define PCPU_MIN_UNIT_SIZE PFN_ALIGN(32 << 10)
+
+diff -Nur linux-3.18.9.orig/include/linux/pid.h linux-3.18.9/include/linux/pid.h
+--- linux-3.18.9.orig/include/linux/pid.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/pid.h 2015-03-15 16:03:03.808094874 -0500
+@@ -2,6 +2,7 @@
+ #define _LINUX_PID_H
+
+ #include <linux/rcupdate.h>
++#include <linux/atomic.h>
+
+ enum pid_type
+ {
+diff -Nur linux-3.18.9.orig/include/linux/preempt.h linux-3.18.9/include/linux/preempt.h
+--- linux-3.18.9.orig/include/linux/preempt.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/preempt.h 2015-03-15 16:03:03.808094874 -0500
+@@ -33,6 +33,20 @@
+ #define preempt_count_inc() preempt_count_add(1)
+ #define preempt_count_dec() preempt_count_sub(1)
+
++#ifdef CONFIG_PREEMPT_LAZY
++#define add_preempt_lazy_count(val) do { preempt_lazy_count() += (val); } while (0)
++#define sub_preempt_lazy_count(val) do { preempt_lazy_count() -= (val); } while (0)
++#define inc_preempt_lazy_count() add_preempt_lazy_count(1)
++#define dec_preempt_lazy_count() sub_preempt_lazy_count(1)
++#define preempt_lazy_count() (current_thread_info()->preempt_lazy_count)
++#else
++#define add_preempt_lazy_count(val) do { } while (0)
++#define sub_preempt_lazy_count(val) do { } while (0)
++#define inc_preempt_lazy_count() do { } while (0)
++#define dec_preempt_lazy_count() do { } while (0)
++#define preempt_lazy_count() (0)
++#endif
++
+ #ifdef CONFIG_PREEMPT_COUNT
+
+ #define preempt_disable() \
+@@ -41,13 +55,25 @@
+ barrier(); \
+ } while (0)
+
++#define preempt_lazy_disable() \
++do { \
++ inc_preempt_lazy_count(); \
++ barrier(); \
++} while (0)
++
+ #define sched_preempt_enable_no_resched() \
+ do { \
+ barrier(); \
+ preempt_count_dec(); \
+ } while (0)
+
+-#define preempt_enable_no_resched() sched_preempt_enable_no_resched()
++#ifdef CONFIG_PREEMPT_RT_BASE
++# define preempt_enable_no_resched() sched_preempt_enable_no_resched()
++# define preempt_check_resched_rt() preempt_check_resched()
++#else
++# define preempt_enable_no_resched() preempt_enable()
++# define preempt_check_resched_rt() barrier();
++#endif
+
+ #ifdef CONFIG_PREEMPT
+ #define preempt_enable() \
+@@ -63,6 +89,13 @@
+ __preempt_schedule(); \
+ } while (0)
+
++#define preempt_lazy_enable() \
++do { \
++ dec_preempt_lazy_count(); \
++ barrier(); \
++ preempt_check_resched(); \
++} while (0)
++
+ #else
+ #define preempt_enable() \
+ do { \
+@@ -121,6 +154,7 @@
+ #define preempt_disable_notrace() barrier()
+ #define preempt_enable_no_resched_notrace() barrier()
+ #define preempt_enable_notrace() barrier()
++#define preempt_check_resched_rt() barrier()
+
+ #endif /* CONFIG_PREEMPT_COUNT */
+
+@@ -140,10 +174,31 @@
+ } while (0)
+ #define preempt_fold_need_resched() \
+ do { \
+- if (tif_need_resched()) \
++ if (tif_need_resched_now()) \
+ set_preempt_need_resched(); \
+ } while (0)
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++# define preempt_disable_rt() preempt_disable()
++# define preempt_enable_rt() preempt_enable()
++# define preempt_disable_nort() barrier()
++# define preempt_enable_nort() barrier()
++# ifdef CONFIG_SMP
++ extern void migrate_disable(void);
++ extern void migrate_enable(void);
++# else /* CONFIG_SMP */
++# define migrate_disable() barrier()
++# define migrate_enable() barrier()
++# endif /* CONFIG_SMP */
++#else
++# define preempt_disable_rt() barrier()
++# define preempt_enable_rt() barrier()
++# define preempt_disable_nort() preempt_disable()
++# define preempt_enable_nort() preempt_enable()
++# define migrate_disable() preempt_disable()
++# define migrate_enable() preempt_enable()
++#endif
++
+ #ifdef CONFIG_PREEMPT_NOTIFIERS
+
+ struct preempt_notifier;
+diff -Nur linux-3.18.9.orig/include/linux/preempt_mask.h linux-3.18.9/include/linux/preempt_mask.h
+--- linux-3.18.9.orig/include/linux/preempt_mask.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/preempt_mask.h 2015-03-15 16:03:03.808094874 -0500
+@@ -44,16 +44,26 @@
+ #define HARDIRQ_OFFSET (1UL << HARDIRQ_SHIFT)
+ #define NMI_OFFSET (1UL << NMI_SHIFT)
+
+-#define SOFTIRQ_DISABLE_OFFSET (2 * SOFTIRQ_OFFSET)
++#ifndef CONFIG_PREEMPT_RT_FULL
++# define SOFTIRQ_DISABLE_OFFSET (2 * SOFTIRQ_OFFSET)
++#else
++# define SOFTIRQ_DISABLE_OFFSET (0)
++#endif
+
+ #define PREEMPT_ACTIVE_BITS 1
+ #define PREEMPT_ACTIVE_SHIFT (NMI_SHIFT + NMI_BITS)
+ #define PREEMPT_ACTIVE (__IRQ_MASK(PREEMPT_ACTIVE_BITS) << PREEMPT_ACTIVE_SHIFT)
+
+ #define hardirq_count() (preempt_count() & HARDIRQ_MASK)
+-#define softirq_count() (preempt_count() & SOFTIRQ_MASK)
+ #define irq_count() (preempt_count() & (HARDIRQ_MASK | SOFTIRQ_MASK \
+ | NMI_MASK))
++#ifndef CONFIG_PREEMPT_RT_FULL
++# define softirq_count() (preempt_count() & SOFTIRQ_MASK)
++# define in_serving_softirq() (softirq_count() & SOFTIRQ_OFFSET)
++#else
++# define softirq_count() (0UL)
++extern int in_serving_softirq(void);
++#endif
+
+ /*
+ * Are we doing bottom half or hardware interrupt processing?
+@@ -64,7 +74,6 @@
+ #define in_irq() (hardirq_count())
+ #define in_softirq() (softirq_count())
+ #define in_interrupt() (irq_count())
+-#define in_serving_softirq() (softirq_count() & SOFTIRQ_OFFSET)
+
+ /*
+ * Are we in NMI context?
+diff -Nur linux-3.18.9.orig/include/linux/printk.h linux-3.18.9/include/linux/printk.h
+--- linux-3.18.9.orig/include/linux/printk.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/printk.h 2015-03-15 16:03:03.808094874 -0500
+@@ -119,9 +119,11 @@
+ extern asmlinkage __printf(1, 2)
+ void early_printk(const char *fmt, ...);
+ void early_vprintk(const char *fmt, va_list ap);
++extern void printk_kill(void);
+ #else
+ static inline __printf(1, 2) __cold
+ void early_printk(const char *s, ...) { }
++static inline void printk_kill(void) { }
+ #endif
+
+ #ifdef CONFIG_PRINTK
+@@ -155,7 +157,6 @@
+ #define printk_ratelimit() __printk_ratelimit(__func__)
+ extern bool printk_timed_ratelimit(unsigned long *caller_jiffies,
+ unsigned int interval_msec);
+-
+ extern int printk_delay_msec;
+ extern int dmesg_restrict;
+ extern int kptr_restrict;
+diff -Nur linux-3.18.9.orig/include/linux/radix-tree.h linux-3.18.9/include/linux/radix-tree.h
+--- linux-3.18.9.orig/include/linux/radix-tree.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/radix-tree.h 2015-03-15 16:03:03.808094874 -0500
+@@ -277,8 +277,13 @@
+ unsigned int radix_tree_gang_lookup_slot(struct radix_tree_root *root,
+ void ***results, unsigned long *indices,
+ unsigned long first_index, unsigned int max_items);
++#ifndef CONFIG_PREEMPT_RT_FULL
+ int radix_tree_preload(gfp_t gfp_mask);
+ int radix_tree_maybe_preload(gfp_t gfp_mask);
++#else
++static inline int radix_tree_preload(gfp_t gm) { return 0; }
++static inline int radix_tree_maybe_preload(gfp_t gfp_mask) { return 0; }
++#endif
+ void radix_tree_init(void);
+ void *radix_tree_tag_set(struct radix_tree_root *root,
+ unsigned long index, unsigned int tag);
+@@ -303,7 +308,7 @@
+
+ static inline void radix_tree_preload_end(void)
+ {
+- preempt_enable();
++ preempt_enable_nort();
+ }
+
+ /**
+diff -Nur linux-3.18.9.orig/include/linux/random.h linux-3.18.9/include/linux/random.h
+--- linux-3.18.9.orig/include/linux/random.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/random.h 2015-03-15 16:03:03.808094874 -0500
+@@ -11,7 +11,7 @@
+ extern void add_device_randomness(const void *, unsigned int);
+ extern void add_input_randomness(unsigned int type, unsigned int code,
+ unsigned int value);
+-extern void add_interrupt_randomness(int irq, int irq_flags);
++extern void add_interrupt_randomness(int irq, int irq_flags, __u64 ip);
+
+ extern void get_random_bytes(void *buf, int nbytes);
+ extern void get_random_bytes_arch(void *buf, int nbytes);
+diff -Nur linux-3.18.9.orig/include/linux/rcupdate.h linux-3.18.9/include/linux/rcupdate.h
+--- linux-3.18.9.orig/include/linux/rcupdate.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/rcupdate.h 2015-03-15 16:03:03.812094874 -0500
+@@ -147,6 +147,9 @@
+
+ #endif /* #else #ifdef CONFIG_PREEMPT_RCU */
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++#define call_rcu_bh call_rcu
++#else
+ /**
+ * call_rcu_bh() - Queue an RCU for invocation after a quicker grace period.
+ * @head: structure to be used for queueing the RCU updates.
+@@ -170,6 +173,7 @@
+ */
+ void call_rcu_bh(struct rcu_head *head,
+ void (*func)(struct rcu_head *head));
++#endif
+
+ /**
+ * call_rcu_sched() - Queue an RCU for invocation after sched grace period.
+@@ -231,6 +235,11 @@
+ * types of kernel builds, the rcu_read_lock() nesting depth is unknowable.
+ */
+ #define rcu_preempt_depth() (current->rcu_read_lock_nesting)
++#ifndef CONFIG_PREEMPT_RT_FULL
++#define sched_rcu_preempt_depth() rcu_preempt_depth()
++#else
++static inline int sched_rcu_preempt_depth(void) { return 0; }
++#endif
+
+ #else /* #ifdef CONFIG_PREEMPT_RCU */
+
+@@ -254,6 +263,8 @@
+ return 0;
+ }
+
++#define sched_rcu_preempt_depth() rcu_preempt_depth()
++
+ #endif /* #else #ifdef CONFIG_PREEMPT_RCU */
+
+ /* Internal to kernel */
+@@ -430,7 +441,14 @@
+ int debug_lockdep_rcu_enabled(void);
+
+ int rcu_read_lock_held(void);
++#ifdef CONFIG_PREEMPT_RT_FULL
++static inline int rcu_read_lock_bh_held(void)
++{
++ return rcu_read_lock_held();
++}
++#else
+ int rcu_read_lock_bh_held(void);
++#endif
+
+ /**
+ * rcu_read_lock_sched_held() - might we be in RCU-sched read-side critical section?
+@@ -955,10 +973,14 @@
+ static inline void rcu_read_lock_bh(void)
+ {
+ local_bh_disable();
++#ifdef CONFIG_PREEMPT_RT_FULL
++ rcu_read_lock();
++#else
+ __acquire(RCU_BH);
+ rcu_lock_acquire(&rcu_bh_lock_map);
+ rcu_lockdep_assert(rcu_is_watching(),
+ "rcu_read_lock_bh() used illegally while idle");
++#endif
+ }
+
+ /*
+@@ -968,10 +990,14 @@
+ */
+ static inline void rcu_read_unlock_bh(void)
+ {
++#ifdef CONFIG_PREEMPT_RT_FULL
++ rcu_read_unlock();
++#else
+ rcu_lockdep_assert(rcu_is_watching(),
+ "rcu_read_unlock_bh() used illegally while idle");
+ rcu_lock_release(&rcu_bh_lock_map);
+ __release(RCU_BH);
++#endif
+ local_bh_enable();
+ }
+
+diff -Nur linux-3.18.9.orig/include/linux/rcutree.h linux-3.18.9/include/linux/rcutree.h
+--- linux-3.18.9.orig/include/linux/rcutree.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/rcutree.h 2015-03-15 16:03:03.812094874 -0500
+@@ -46,7 +46,11 @@
+ rcu_note_context_switch(cpu);
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++# define synchronize_rcu_bh synchronize_rcu
++#else
+ void synchronize_rcu_bh(void);
++#endif
+ void synchronize_sched_expedited(void);
+ void synchronize_rcu_expedited(void);
+
+@@ -74,7 +78,11 @@
+ }
+
+ void rcu_barrier(void);
++#ifdef CONFIG_PREEMPT_RT_FULL
++# define rcu_barrier_bh rcu_barrier
++#else
+ void rcu_barrier_bh(void);
++#endif
+ void rcu_barrier_sched(void);
+ unsigned long get_state_synchronize_rcu(void);
+ void cond_synchronize_rcu(unsigned long oldstate);
+@@ -82,12 +90,10 @@
+ extern unsigned long rcutorture_testseq;
+ extern unsigned long rcutorture_vernum;
+ long rcu_batches_completed(void);
+-long rcu_batches_completed_bh(void);
+ long rcu_batches_completed_sched(void);
+ void show_rcu_gp_kthreads(void);
+
+ void rcu_force_quiescent_state(void);
+-void rcu_bh_force_quiescent_state(void);
+ void rcu_sched_force_quiescent_state(void);
+
+ void exit_rcu(void);
+@@ -97,4 +103,12 @@
+
+ bool rcu_is_watching(void);
+
++#ifndef CONFIG_PREEMPT_RT_FULL
++void rcu_bh_force_quiescent_state(void);
++long rcu_batches_completed_bh(void);
++#else
++# define rcu_bh_force_quiescent_state rcu_force_quiescent_state
++# define rcu_batches_completed_bh rcu_batches_completed
++#endif
++
+ #endif /* __LINUX_RCUTREE_H */
+diff -Nur linux-3.18.9.orig/include/linux/rtmutex.h linux-3.18.9/include/linux/rtmutex.h
+--- linux-3.18.9.orig/include/linux/rtmutex.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/rtmutex.h 2015-03-15 16:03:03.812094874 -0500
+@@ -14,10 +14,14 @@
+
+ #include <linux/linkage.h>
+ #include <linux/rbtree.h>
+-#include <linux/spinlock_types.h>
++#include <linux/spinlock_types_raw.h>
+
+ extern int max_lock_depth; /* for sysctl */
+
++#ifdef CONFIG_DEBUG_MUTEXES
++#include <linux/debug_locks.h>
++#endif
++
+ /**
+ * The rt_mutex structure
+ *
+@@ -31,8 +35,8 @@
+ struct rb_root waiters;
+ struct rb_node *waiters_leftmost;
+ struct task_struct *owner;
+-#ifdef CONFIG_DEBUG_RT_MUTEXES
+ int save_state;
++#ifdef CONFIG_DEBUG_RT_MUTEXES
+ const char *name, *file;
+ int line;
+ void *magic;
+@@ -55,22 +59,33 @@
+ # define rt_mutex_debug_check_no_locks_held(task) do { } while (0)
+ #endif
+
++# define rt_mutex_init(mutex) \
++ do { \
++ raw_spin_lock_init(&(mutex)->wait_lock); \
++ __rt_mutex_init(mutex, #mutex); \
++ } while (0)
++
+ #ifdef CONFIG_DEBUG_RT_MUTEXES
+ # define __DEBUG_RT_MUTEX_INITIALIZER(mutexname) \
+ , .name = #mutexname, .file = __FILE__, .line = __LINE__
+-# define rt_mutex_init(mutex) __rt_mutex_init(mutex, __func__)
+ extern void rt_mutex_debug_task_free(struct task_struct *tsk);
+ #else
+ # define __DEBUG_RT_MUTEX_INITIALIZER(mutexname)
+-# define rt_mutex_init(mutex) __rt_mutex_init(mutex, NULL)
+ # define rt_mutex_debug_task_free(t) do { } while (0)
+ #endif
+
+-#define __RT_MUTEX_INITIALIZER(mutexname) \
+- { .wait_lock = __RAW_SPIN_LOCK_UNLOCKED(mutexname.wait_lock) \
++#define __RT_MUTEX_INITIALIZER_PLAIN(mutexname) \
++ .wait_lock = __RAW_SPIN_LOCK_UNLOCKED(mutexname.wait_lock) \
+ , .waiters = RB_ROOT \
+ , .owner = NULL \
+- __DEBUG_RT_MUTEX_INITIALIZER(mutexname)}
++ __DEBUG_RT_MUTEX_INITIALIZER(mutexname)
++
++#define __RT_MUTEX_INITIALIZER(mutexname) \
++ { __RT_MUTEX_INITIALIZER_PLAIN(mutexname) }
++
++#define __RT_MUTEX_INITIALIZER_SAVE_STATE(mutexname) \
++ { __RT_MUTEX_INITIALIZER_PLAIN(mutexname) \
++ , .save_state = 1 }
+
+ #define DEFINE_RT_MUTEX(mutexname) \
+ struct rt_mutex mutexname = __RT_MUTEX_INITIALIZER(mutexname)
+@@ -91,6 +106,7 @@
+
+ extern void rt_mutex_lock(struct rt_mutex *lock);
+ extern int rt_mutex_lock_interruptible(struct rt_mutex *lock);
++extern int rt_mutex_lock_killable(struct rt_mutex *lock);
+ extern int rt_mutex_timed_lock(struct rt_mutex *lock,
+ struct hrtimer_sleeper *timeout);
+
+diff -Nur linux-3.18.9.orig/include/linux/rwlock_rt.h linux-3.18.9/include/linux/rwlock_rt.h
+--- linux-3.18.9.orig/include/linux/rwlock_rt.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/linux/rwlock_rt.h 2015-03-15 16:03:03.812094874 -0500
+@@ -0,0 +1,99 @@
++#ifndef __LINUX_RWLOCK_RT_H
++#define __LINUX_RWLOCK_RT_H
++
++#ifndef __LINUX_SPINLOCK_H
++#error Do not include directly. Use spinlock.h
++#endif
++
++#define rwlock_init(rwl) \
++do { \
++ static struct lock_class_key __key; \
++ \
++ rt_mutex_init(&(rwl)->lock); \
++ __rt_rwlock_init(rwl, #rwl, &__key); \
++} while (0)
++
++extern void __lockfunc rt_write_lock(rwlock_t *rwlock);
++extern void __lockfunc rt_read_lock(rwlock_t *rwlock);
++extern int __lockfunc rt_write_trylock(rwlock_t *rwlock);
++extern int __lockfunc rt_write_trylock_irqsave(rwlock_t *trylock, unsigned long *flags);
++extern int __lockfunc rt_read_trylock(rwlock_t *rwlock);
++extern void __lockfunc rt_write_unlock(rwlock_t *rwlock);
++extern void __lockfunc rt_read_unlock(rwlock_t *rwlock);
++extern unsigned long __lockfunc rt_write_lock_irqsave(rwlock_t *rwlock);
++extern unsigned long __lockfunc rt_read_lock_irqsave(rwlock_t *rwlock);
++extern void __rt_rwlock_init(rwlock_t *rwlock, char *name, struct lock_class_key *key);
++
++#define read_trylock(lock) __cond_lock(lock, rt_read_trylock(lock))
++#define write_trylock(lock) __cond_lock(lock, rt_write_trylock(lock))
++
++#define write_trylock_irqsave(lock, flags) \
++ __cond_lock(lock, rt_write_trylock_irqsave(lock, &flags))
++
++#define read_lock_irqsave(lock, flags) \
++ do { \
++ typecheck(unsigned long, flags); \
++ flags = rt_read_lock_irqsave(lock); \
++ } while (0)
++
++#define write_lock_irqsave(lock, flags) \
++ do { \
++ typecheck(unsigned long, flags); \
++ flags = rt_write_lock_irqsave(lock); \
++ } while (0)
++
++#define read_lock(lock) rt_read_lock(lock)
++
++#define read_lock_bh(lock) \
++ do { \
++ local_bh_disable(); \
++ rt_read_lock(lock); \
++ } while (0)
++
++#define read_lock_irq(lock) read_lock(lock)
++
++#define write_lock(lock) rt_write_lock(lock)
++
++#define write_lock_bh(lock) \
++ do { \
++ local_bh_disable(); \
++ rt_write_lock(lock); \
++ } while (0)
++
++#define write_lock_irq(lock) write_lock(lock)
++
++#define read_unlock(lock) rt_read_unlock(lock)
++
++#define read_unlock_bh(lock) \
++ do { \
++ rt_read_unlock(lock); \
++ local_bh_enable(); \
++ } while (0)
++
++#define read_unlock_irq(lock) read_unlock(lock)
++
++#define write_unlock(lock) rt_write_unlock(lock)
++
++#define write_unlock_bh(lock) \
++ do { \
++ rt_write_unlock(lock); \
++ local_bh_enable(); \
++ } while (0)
++
++#define write_unlock_irq(lock) write_unlock(lock)
++
++#define read_unlock_irqrestore(lock, flags) \
++ do { \
++ typecheck(unsigned long, flags); \
++ (void) flags; \
++ rt_read_unlock(lock); \
++ } while (0)
++
++#define write_unlock_irqrestore(lock, flags) \
++ do { \
++ typecheck(unsigned long, flags); \
++ (void) flags; \
++ rt_write_unlock(lock); \
++ } while (0)
++
++#endif
+diff -Nur linux-3.18.9.orig/include/linux/rwlock_types.h linux-3.18.9/include/linux/rwlock_types.h
+--- linux-3.18.9.orig/include/linux/rwlock_types.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/rwlock_types.h 2015-03-15 16:03:03.812094874 -0500
+@@ -1,6 +1,10 @@
+ #ifndef __LINUX_RWLOCK_TYPES_H
+ #define __LINUX_RWLOCK_TYPES_H
+
++#if !defined(__LINUX_SPINLOCK_TYPES_H)
++# error "Do not include directly, include spinlock_types.h"
++#endif
++
+ /*
+ * include/linux/rwlock_types.h - generic rwlock type definitions
+ * and initializers
+@@ -43,6 +47,7 @@
+ RW_DEP_MAP_INIT(lockname) }
+ #endif
+
+-#define DEFINE_RWLOCK(x) rwlock_t x = __RW_LOCK_UNLOCKED(x)
++#define DEFINE_RWLOCK(name) \
++ rwlock_t name __cacheline_aligned_in_smp = __RW_LOCK_UNLOCKED(name)
+
+ #endif /* __LINUX_RWLOCK_TYPES_H */
+diff -Nur linux-3.18.9.orig/include/linux/rwlock_types_rt.h linux-3.18.9/include/linux/rwlock_types_rt.h
+--- linux-3.18.9.orig/include/linux/rwlock_types_rt.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/linux/rwlock_types_rt.h 2015-03-15 16:03:03.812094874 -0500
+@@ -0,0 +1,33 @@
++#ifndef __LINUX_RWLOCK_TYPES_RT_H
++#define __LINUX_RWLOCK_TYPES_RT_H
++
++#ifndef __LINUX_SPINLOCK_TYPES_H
++#error "Do not include directly. Include spinlock_types.h instead"
++#endif
++
++/*
++ * rwlocks - rtmutex which allows single reader recursion
++ */
++typedef struct {
++ struct rt_mutex lock;
++ int read_depth;
++ unsigned int break_lock;
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++ struct lockdep_map dep_map;
++#endif
++} rwlock_t;
++
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++# define RW_DEP_MAP_INIT(lockname) .dep_map = { .name = #lockname }
++#else
++# define RW_DEP_MAP_INIT(lockname)
++#endif
++
++#define __RW_LOCK_UNLOCKED(name) \
++ { .lock = __RT_MUTEX_INITIALIZER_SAVE_STATE(name.lock), \
++ RW_DEP_MAP_INIT(name) }
++
++#define DEFINE_RWLOCK(name) \
++ rwlock_t name __cacheline_aligned_in_smp = __RW_LOCK_UNLOCKED(name)
++
++#endif
+diff -Nur linux-3.18.9.orig/include/linux/rwsem.h linux-3.18.9/include/linux/rwsem.h
+--- linux-3.18.9.orig/include/linux/rwsem.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/rwsem.h 2015-03-15 16:03:03.812094874 -0500
+@@ -18,6 +18,10 @@
+ #include <linux/osq_lock.h>
+ #endif
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++#include <linux/rwsem_rt.h>
++#else /* PREEMPT_RT_FULL */
++
+ struct rw_semaphore;
+
+ #ifdef CONFIG_RWSEM_GENERIC_SPINLOCK
+@@ -177,4 +181,6 @@
+ # define up_read_non_owner(sem) up_read(sem)
+ #endif
+
++#endif /* !PREEMPT_RT_FULL */
++
+ #endif /* _LINUX_RWSEM_H */
+diff -Nur linux-3.18.9.orig/include/linux/rwsem_rt.h linux-3.18.9/include/linux/rwsem_rt.h
+--- linux-3.18.9.orig/include/linux/rwsem_rt.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/linux/rwsem_rt.h 2015-03-15 16:03:03.812094874 -0500
+@@ -0,0 +1,133 @@
++#ifndef _LINUX_RWSEM_RT_H
++#define _LINUX_RWSEM_RT_H
++
++#ifndef _LINUX_RWSEM_H
++#error "Include rwsem.h"
++#endif
++
++/*
++ * RW-semaphores are a spinlock plus a reader-depth count.
++ *
++ * Note that the semantics are different from the usual
++ * Linux rw-sems, in PREEMPT_RT mode we do not allow
++ * multiple readers to hold the lock at once, we only allow
++ * a read-lock owner to read-lock recursively. This is
++ * better for latency, makes the implementation inherently
++ * fair and makes it simpler as well.
++ */
++
++#include <linux/rtmutex.h>
++
++struct rw_semaphore {
++ struct rt_mutex lock;
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++ struct lockdep_map dep_map;
++#endif
++};
++
++#define __RWSEM_INITIALIZER(name) \
++ { .lock = __RT_MUTEX_INITIALIZER(name.lock), \
++ RW_DEP_MAP_INIT(name) }
++
++#define DECLARE_RWSEM(lockname) \
++ struct rw_semaphore lockname = __RWSEM_INITIALIZER(lockname)
++
++extern void __rt_rwsem_init(struct rw_semaphore *rwsem, const char *name,
++ struct lock_class_key *key);
++
++#define __rt_init_rwsem(sem, name, key) \
++ do { \
++ rt_mutex_init(&(sem)->lock); \
++ __rt_rwsem_init((sem), (name), (key));\
++ } while (0)
++
++#define __init_rwsem(sem, name, key) __rt_init_rwsem(sem, name, key)
++
++# define rt_init_rwsem(sem) \
++do { \
++ static struct lock_class_key __key; \
++ \
++ __rt_init_rwsem((sem), #sem, &__key); \
++} while (0)
++
++extern void rt_down_write(struct rw_semaphore *rwsem);
++extern void rt_down_read_nested(struct rw_semaphore *rwsem, int subclass);
++extern void rt_down_write_nested(struct rw_semaphore *rwsem, int subclass);
++extern void rt_down_write_nested_lock(struct rw_semaphore *rwsem,
++ struct lockdep_map *nest);
++extern void rt_down_read(struct rw_semaphore *rwsem);
++extern int rt_down_write_trylock(struct rw_semaphore *rwsem);
++extern int rt_down_read_trylock(struct rw_semaphore *rwsem);
++extern void rt_up_read(struct rw_semaphore *rwsem);
++extern void rt_up_write(struct rw_semaphore *rwsem);
++extern void rt_downgrade_write(struct rw_semaphore *rwsem);
++
++#define init_rwsem(sem) rt_init_rwsem(sem)
++#define rwsem_is_locked(s) rt_mutex_is_locked(&(s)->lock)
++
++static inline int rwsem_is_contended(struct rw_semaphore *sem)
++{
++ /* rt_mutex_has_waiters() */
++ return !RB_EMPTY_ROOT(&sem->lock.waiters);
++}
++
++static inline void down_read(struct rw_semaphore *sem)
++{
++ rt_down_read(sem);
++}
++
++static inline int down_read_trylock(struct rw_semaphore *sem)
++{
++ return rt_down_read_trylock(sem);
++}
++
++static inline void down_write(struct rw_semaphore *sem)
++{
++ rt_down_write(sem);
++}
++
++static inline int down_write_trylock(struct rw_semaphore *sem)
++{
++ return rt_down_write_trylock(sem);
++}
++
++static inline void up_read(struct rw_semaphore *sem)
++{
++ rt_up_read(sem);
++}
++
++static inline void up_write(struct rw_semaphore *sem)
++{
++ rt_up_write(sem);
++}
++
++static inline void downgrade_write(struct rw_semaphore *sem)
++{
++ rt_downgrade_write(sem);
++}
++
++static inline void down_read_nested(struct rw_semaphore *sem, int subclass)
++{
++ return rt_down_read_nested(sem, subclass);
++}
++
++static inline void down_write_nested(struct rw_semaphore *sem, int subclass)
++{
++ rt_down_write_nested(sem, subclass);
++}
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++static inline void down_write_nest_lock(struct rw_semaphore *sem,
++ struct rw_semaphore *nest_lock)
++{
++ rt_down_write_nested_lock(sem, &nest_lock->dep_map);
++}
++
++#else
++
++static inline void down_write_nest_lock(struct rw_semaphore *sem,
++ struct rw_semaphore *nest_lock)
++{
++ rt_down_write_nested_lock(sem, NULL);
++}
++#endif
++#endif
+diff -Nur linux-3.18.9.orig/include/linux/sched.h linux-3.18.9/include/linux/sched.h
+--- linux-3.18.9.orig/include/linux/sched.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/sched.h 2015-03-15 16:03:03.812094874 -0500
+@@ -26,6 +26,7 @@
+ #include <linux/nodemask.h>
+ #include <linux/mm_types.h>
+ #include <linux/preempt_mask.h>
++#include <asm/kmap_types.h>
+
+ #include <asm/page.h>
+ #include <asm/ptrace.h>
+@@ -56,6 +57,7 @@
+ #include <linux/cred.h>
+ #include <linux/llist.h>
+ #include <linux/uidgid.h>
++#include <linux/hardirq.h>
+ #include <linux/gfp.h>
+ #include <linux/magic.h>
+
+@@ -235,10 +237,7 @@
+ TASK_UNINTERRUPTIBLE | __TASK_STOPPED | \
+ __TASK_TRACED | EXIT_ZOMBIE | EXIT_DEAD)
+
+-#define task_is_traced(task) ((task->state & __TASK_TRACED) != 0)
+ #define task_is_stopped(task) ((task->state & __TASK_STOPPED) != 0)
+-#define task_is_stopped_or_traced(task) \
+- ((task->state & (__TASK_STOPPED | __TASK_TRACED)) != 0)
+ #define task_contributes_to_load(task) \
+ ((task->state & TASK_UNINTERRUPTIBLE) != 0 && \
+ (task->flags & PF_FROZEN) == 0)
+@@ -1234,6 +1233,7 @@
+
+ struct task_struct {
+ volatile long state; /* -1 unrunnable, 0 runnable, >0 stopped */
++ volatile long saved_state; /* saved state for "spinlock sleepers" */
+ void *stack;
+ atomic_t usage;
+ unsigned int flags; /* per process flags, defined below */
+@@ -1270,6 +1270,12 @@
+ #endif
+
+ unsigned int policy;
++#ifdef CONFIG_PREEMPT_RT_FULL
++ int migrate_disable;
++# ifdef CONFIG_SCHED_DEBUG
++ int migrate_disable_atomic;
++# endif
++#endif
+ int nr_cpus_allowed;
+ cpumask_t cpus_allowed;
+
+@@ -1371,7 +1377,8 @@
+ struct cputime prev_cputime;
+ #endif
+ #ifdef CONFIG_VIRT_CPU_ACCOUNTING_GEN
+- seqlock_t vtime_seqlock;
++ raw_spinlock_t vtime_lock;
++ seqcount_t vtime_seq;
+ unsigned long long vtime_snap;
+ enum {
+ VTIME_SLEEPING = 0,
+@@ -1387,6 +1394,9 @@
+
+ struct task_cputime cputime_expires;
+ struct list_head cpu_timers[3];
++#ifdef CONFIG_PREEMPT_RT_BASE
++ struct task_struct *posix_timer_list;
++#endif
+
+ /* process credentials */
+ const struct cred __rcu *real_cred; /* objective and real subjective task
+@@ -1419,10 +1429,15 @@
+ /* signal handlers */
+ struct signal_struct *signal;
+ struct sighand_struct *sighand;
++ struct sigqueue *sigqueue_cache;
+
+ sigset_t blocked, real_blocked;
+ sigset_t saved_sigmask; /* restored if set_restore_sigmask() was used */
+ struct sigpending pending;
++#ifdef CONFIG_PREEMPT_RT_FULL
++ /* TODO: move me into ->restart_block ? */
++ struct siginfo forced_info;
++#endif
+
+ unsigned long sas_ss_sp;
+ size_t sas_ss_size;
+@@ -1460,6 +1475,9 @@
+ /* mutex deadlock detection */
+ struct mutex_waiter *blocked_on;
+ #endif
++#ifdef CONFIG_PREEMPT_RT_FULL
++ int pagefault_disabled;
++#endif
+ #ifdef CONFIG_TRACE_IRQFLAGS
+ unsigned int irq_events;
+ unsigned long hardirq_enable_ip;
+@@ -1644,6 +1662,12 @@
+ unsigned long trace;
+ /* bitmask and counter of trace recursion */
+ unsigned long trace_recursion;
++#ifdef CONFIG_WAKEUP_LATENCY_HIST
++ u64 preempt_timestamp_hist;
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++ long timer_offset;
++#endif
++#endif
+ #endif /* CONFIG_TRACING */
+ #ifdef CONFIG_MEMCG /* memcg uses this to do batch job */
+ unsigned int memcg_kmem_skip_account;
+@@ -1661,11 +1685,19 @@
+ unsigned int sequential_io;
+ unsigned int sequential_io_avg;
+ #endif
++#ifdef CONFIG_PREEMPT_RT_BASE
++ struct rcu_head put_rcu;
++ int softirq_nestcnt;
++ unsigned int softirqs_raised;
++#endif
++#ifdef CONFIG_PREEMPT_RT_FULL
++# if defined CONFIG_HIGHMEM || defined CONFIG_X86_32
++ int kmap_idx;
++ pte_t kmap_pte[KM_TYPE_NR];
++# endif
++#endif
+ };
+
+-/* Future-safe accessor for struct task_struct's cpus_allowed. */
+-#define tsk_cpus_allowed(tsk) (&(tsk)->cpus_allowed)
+-
+ #define TNF_MIGRATED 0x01
+ #define TNF_NO_GROUP 0x02
+ #define TNF_SHARED 0x04
+@@ -1700,6 +1732,17 @@
+ }
+ #endif
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++static inline bool cur_pf_disabled(void) { return current->pagefault_disabled; }
++#else
++static inline bool cur_pf_disabled(void) { return false; }
++#endif
++
++static inline bool pagefault_disabled(void)
++{
++ return in_atomic() || cur_pf_disabled();
++}
++
+ static inline struct pid *task_pid(struct task_struct *task)
+ {
+ return task->pids[PIDTYPE_PID].pid;
+@@ -1853,6 +1896,15 @@
+ extern void free_task(struct task_struct *tsk);
+ #define get_task_struct(tsk) do { atomic_inc(&(tsk)->usage); } while(0)
+
++#ifdef CONFIG_PREEMPT_RT_BASE
++extern void __put_task_struct_cb(struct rcu_head *rhp);
++
++static inline void put_task_struct(struct task_struct *t)
++{
++ if (atomic_dec_and_test(&t->usage))
++ call_rcu(&t->put_rcu, __put_task_struct_cb);
++}
++#else
+ extern void __put_task_struct(struct task_struct *t);
+
+ static inline void put_task_struct(struct task_struct *t)
+@@ -1860,6 +1912,7 @@
+ if (atomic_dec_and_test(&t->usage))
+ __put_task_struct(t);
+ }
++#endif
+
+ #ifdef CONFIG_VIRT_CPU_ACCOUNTING_GEN
+ extern void task_cputime(struct task_struct *t,
+@@ -1898,6 +1951,7 @@
+ /*
+ * Per process flags
+ */
++#define PF_IN_SOFTIRQ 0x00000001 /* Task is serving softirq */
+ #define PF_EXITING 0x00000004 /* getting shut down */
+ #define PF_EXITPIDONE 0x00000008 /* pi exit done on shut down */
+ #define PF_VCPU 0x00000010 /* I'm a virtual CPU */
+@@ -2058,6 +2112,10 @@
+
+ extern int set_cpus_allowed_ptr(struct task_struct *p,
+ const struct cpumask *new_mask);
++int migrate_me(void);
++void tell_sched_cpu_down_begin(int cpu);
++void tell_sched_cpu_down_done(int cpu);
++
+ #else
+ static inline void do_set_cpus_allowed(struct task_struct *p,
+ const struct cpumask *new_mask)
+@@ -2070,6 +2128,9 @@
+ return -EINVAL;
+ return 0;
+ }
++static inline int migrate_me(void) { return 0; }
++static inline void tell_sched_cpu_down_begin(int cpu) { }
++static inline void tell_sched_cpu_down_done(int cpu) { }
+ #endif
+
+ #ifdef CONFIG_NO_HZ_COMMON
+@@ -2290,6 +2351,7 @@
+
+ extern int wake_up_state(struct task_struct *tsk, unsigned int state);
+ extern int wake_up_process(struct task_struct *tsk);
++extern int wake_up_lock_sleeper(struct task_struct * tsk);
+ extern void wake_up_new_task(struct task_struct *tsk);
+ #ifdef CONFIG_SMP
+ extern void kick_process(struct task_struct *tsk);
+@@ -2406,12 +2468,24 @@
+
+ /* mmdrop drops the mm and the page tables */
+ extern void __mmdrop(struct mm_struct *);
++
+ static inline void mmdrop(struct mm_struct * mm)
+ {
+ if (unlikely(atomic_dec_and_test(&mm->mm_count)))
+ __mmdrop(mm);
+ }
+
++#ifdef CONFIG_PREEMPT_RT_BASE
++extern void __mmdrop_delayed(struct rcu_head *rhp);
++static inline void mmdrop_delayed(struct mm_struct *mm)
++{
++ if (atomic_dec_and_test(&mm->mm_count))
++ call_rcu(&mm->delayed_drop, __mmdrop_delayed);
++}
++#else
++# define mmdrop_delayed(mm) mmdrop(mm)
++#endif
++
+ /* mmput gets rid of the mappings and all user-space */
+ extern void mmput(struct mm_struct *);
+ /* Grab a reference to a task's mm, if it is not already going away */
+@@ -2719,6 +2793,43 @@
+ return unlikely(test_tsk_thread_flag(tsk,TIF_NEED_RESCHED));
+ }
+
++#ifdef CONFIG_PREEMPT_LAZY
++static inline void set_tsk_need_resched_lazy(struct task_struct *tsk)
++{
++ set_tsk_thread_flag(tsk,TIF_NEED_RESCHED_LAZY);
++}
++
++static inline void clear_tsk_need_resched_lazy(struct task_struct *tsk)
++{
++ clear_tsk_thread_flag(tsk,TIF_NEED_RESCHED_LAZY);
++}
++
++static inline int test_tsk_need_resched_lazy(struct task_struct *tsk)
++{
++ return unlikely(test_tsk_thread_flag(tsk,TIF_NEED_RESCHED_LAZY));
++}
++
++static inline int need_resched_lazy(void)
++{
++ return test_thread_flag(TIF_NEED_RESCHED_LAZY);
++}
++
++static inline int need_resched_now(void)
++{
++ return test_thread_flag(TIF_NEED_RESCHED);
++}
++
++#else
++static inline void clear_tsk_need_resched_lazy(struct task_struct *tsk) { }
++static inline int need_resched_lazy(void) { return 0; }
++
++static inline int need_resched_now(void)
++{
++ return test_thread_flag(TIF_NEED_RESCHED);
++}
++
++#endif
++
+ static inline int restart_syscall(void)
+ {
+ set_tsk_thread_flag(current, TIF_SIGPENDING);
+@@ -2750,6 +2861,51 @@
+ return (state & TASK_INTERRUPTIBLE) || __fatal_signal_pending(p);
+ }
+
++static inline bool __task_is_stopped_or_traced(struct task_struct *task)
++{
++ if (task->state & (__TASK_STOPPED | __TASK_TRACED))
++ return true;
++#ifdef CONFIG_PREEMPT_RT_FULL
++ if (task->saved_state & (__TASK_STOPPED | __TASK_TRACED))
++ return true;
++#endif
++ return false;
++}
++
++static inline bool task_is_stopped_or_traced(struct task_struct *task)
++{
++ bool traced_stopped;
++
++#ifdef CONFIG_PREEMPT_RT_FULL
++ unsigned long flags;
++
++ raw_spin_lock_irqsave(&task->pi_lock, flags);
++ traced_stopped = __task_is_stopped_or_traced(task);
++ raw_spin_unlock_irqrestore(&task->pi_lock, flags);
++#else
++ traced_stopped = __task_is_stopped_or_traced(task);
++#endif
++ return traced_stopped;
++}
++
++static inline bool task_is_traced(struct task_struct *task)
++{
++ bool traced = false;
++
++ if (task->state & __TASK_TRACED)
++ return true;
++#ifdef CONFIG_PREEMPT_RT_FULL
++ /* in case the task is sleeping on tasklist_lock */
++ raw_spin_lock_irq(&task->pi_lock);
++ if (task->state & __TASK_TRACED)
++ traced = true;
++ else if (task->saved_state & __TASK_TRACED)
++ traced = true;
++ raw_spin_unlock_irq(&task->pi_lock);
++#endif
++ return traced;
++}
++
+ /*
+ * cond_resched() and cond_resched_lock(): latency reduction via
+ * explicit rescheduling in places that are safe. The return
+@@ -2766,7 +2922,7 @@
+
+ extern int __cond_resched_lock(spinlock_t *lock);
+
+-#ifdef CONFIG_PREEMPT_COUNT
++#if defined(CONFIG_PREEMPT_COUNT) && !defined(CONFIG_PREEMPT_RT_FULL)
+ #define PREEMPT_LOCK_OFFSET PREEMPT_OFFSET
+ #else
+ #define PREEMPT_LOCK_OFFSET 0
+@@ -2777,12 +2933,16 @@
+ __cond_resched_lock(lock); \
+ })
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ extern int __cond_resched_softirq(void);
+
+ #define cond_resched_softirq() ({ \
+ __might_sleep(__FILE__, __LINE__, SOFTIRQ_DISABLE_OFFSET); \
+ __cond_resched_softirq(); \
+ })
++#else
++# define cond_resched_softirq() cond_resched()
++#endif
+
+ static inline void cond_resched_rcu(void)
+ {
+@@ -2949,6 +3109,26 @@
+
+ #endif /* CONFIG_SMP */
+
++static inline int __migrate_disabled(struct task_struct *p)
++{
++#ifdef CONFIG_PREEMPT_RT_FULL
++ return p->migrate_disable;
++#else
++ return 0;
++#endif
++}
++
++/* Future-safe accessor for struct task_struct's cpus_allowed. */
++static inline const struct cpumask *tsk_cpus_allowed(struct task_struct *p)
++{
++#ifdef CONFIG_PREEMPT_RT_FULL
++ if (p->migrate_disable)
++ return cpumask_of(task_cpu(p));
++#endif
++
++ return &p->cpus_allowed;
++}
++
+ extern long sched_setaffinity(pid_t pid, const struct cpumask *new_mask);
+ extern long sched_getaffinity(pid_t pid, struct cpumask *mask);
+
+diff -Nur linux-3.18.9.orig/include/linux/seqlock.h linux-3.18.9/include/linux/seqlock.h
+--- linux-3.18.9.orig/include/linux/seqlock.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/seqlock.h 2015-03-15 16:03:03.812094874 -0500
+@@ -219,20 +219,30 @@
+ return __read_seqcount_retry(s, start);
+ }
+
+-
+-
+-static inline void raw_write_seqcount_begin(seqcount_t *s)
++static inline void __raw_write_seqcount_begin(seqcount_t *s)
+ {
+ s->sequence++;
+ smp_wmb();
+ }
+
+-static inline void raw_write_seqcount_end(seqcount_t *s)
++static inline void raw_write_seqcount_begin(seqcount_t *s)
++{
++ preempt_disable_rt();
++ __raw_write_seqcount_begin(s);
++}
++
++static inline void __raw_write_seqcount_end(seqcount_t *s)
+ {
+ smp_wmb();
+ s->sequence++;
+ }
+
++static inline void raw_write_seqcount_end(seqcount_t *s)
++{
++ __raw_write_seqcount_end(s);
++ preempt_enable_rt();
++}
++
+ /*
+ * raw_write_seqcount_latch - redirect readers to even/odd copy
+ * @s: pointer to seqcount_t
+@@ -305,10 +315,32 @@
+ /*
+ * Read side functions for starting and finalizing a read side section.
+ */
++#ifndef CONFIG_PREEMPT_RT_FULL
+ static inline unsigned read_seqbegin(const seqlock_t *sl)
+ {
+ return read_seqcount_begin(&sl->seqcount);
+ }
++#else
++/*
++ * Starvation safe read side for RT
++ */
++static inline unsigned read_seqbegin(seqlock_t *sl)
++{
++ unsigned ret;
++
++repeat:
++ ret = ACCESS_ONCE(sl->seqcount.sequence);
++ if (unlikely(ret & 1)) {
++ /*
++ * Take the lock and let the writer proceed (i.e. evtl
++ * boost it), otherwise we could loop here forever.
++ */
++ spin_unlock_wait(&sl->lock);
++ goto repeat;
++ }
++ return ret;
++}
++#endif
+
+ static inline unsigned read_seqretry(const seqlock_t *sl, unsigned start)
+ {
+@@ -323,36 +355,36 @@
+ static inline void write_seqlock(seqlock_t *sl)
+ {
+ spin_lock(&sl->lock);
+- write_seqcount_begin(&sl->seqcount);
++ __raw_write_seqcount_begin(&sl->seqcount);
+ }
+
+ static inline void write_sequnlock(seqlock_t *sl)
+ {
+- write_seqcount_end(&sl->seqcount);
++ __raw_write_seqcount_end(&sl->seqcount);
+ spin_unlock(&sl->lock);
+ }
+
+ static inline void write_seqlock_bh(seqlock_t *sl)
+ {
+ spin_lock_bh(&sl->lock);
+- write_seqcount_begin(&sl->seqcount);
++ __raw_write_seqcount_begin(&sl->seqcount);
+ }
+
+ static inline void write_sequnlock_bh(seqlock_t *sl)
+ {
+- write_seqcount_end(&sl->seqcount);
++ __raw_write_seqcount_end(&sl->seqcount);
+ spin_unlock_bh(&sl->lock);
+ }
+
+ static inline void write_seqlock_irq(seqlock_t *sl)
+ {
+ spin_lock_irq(&sl->lock);
+- write_seqcount_begin(&sl->seqcount);
++ __raw_write_seqcount_begin(&sl->seqcount);
+ }
+
+ static inline void write_sequnlock_irq(seqlock_t *sl)
+ {
+- write_seqcount_end(&sl->seqcount);
++ __raw_write_seqcount_end(&sl->seqcount);
+ spin_unlock_irq(&sl->lock);
+ }
+
+@@ -361,7 +393,7 @@
+ unsigned long flags;
+
+ spin_lock_irqsave(&sl->lock, flags);
+- write_seqcount_begin(&sl->seqcount);
++ __raw_write_seqcount_begin(&sl->seqcount);
+ return flags;
+ }
+
+@@ -371,7 +403,7 @@
+ static inline void
+ write_sequnlock_irqrestore(seqlock_t *sl, unsigned long flags)
+ {
+- write_seqcount_end(&sl->seqcount);
++ __raw_write_seqcount_end(&sl->seqcount);
+ spin_unlock_irqrestore(&sl->lock, flags);
+ }
+
+diff -Nur linux-3.18.9.orig/include/linux/signal.h linux-3.18.9/include/linux/signal.h
+--- linux-3.18.9.orig/include/linux/signal.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/signal.h 2015-03-15 16:03:03.812094874 -0500
+@@ -218,6 +218,7 @@
+ }
+
+ extern void flush_sigqueue(struct sigpending *queue);
++extern void flush_task_sigqueue(struct task_struct *tsk);
+
+ /* Test if 'sig' is valid signal. Use this instead of testing _NSIG directly */
+ static inline int valid_signal(unsigned long sig)
+diff -Nur linux-3.18.9.orig/include/linux/skbuff.h linux-3.18.9/include/linux/skbuff.h
+--- linux-3.18.9.orig/include/linux/skbuff.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/skbuff.h 2015-03-15 16:03:03.816094874 -0500
+@@ -172,6 +172,7 @@
+
+ __u32 qlen;
+ spinlock_t lock;
++ raw_spinlock_t raw_lock;
+ };
+
+ struct sk_buff;
+@@ -1327,6 +1328,12 @@
+ __skb_queue_head_init(list);
+ }
+
++static inline void skb_queue_head_init_raw(struct sk_buff_head *list)
++{
++ raw_spin_lock_init(&list->raw_lock);
++ __skb_queue_head_init(list);
++}
++
+ static inline void skb_queue_head_init_class(struct sk_buff_head *list,
+ struct lock_class_key *class)
+ {
+diff -Nur linux-3.18.9.orig/include/linux/smp.h linux-3.18.9/include/linux/smp.h
+--- linux-3.18.9.orig/include/linux/smp.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/smp.h 2015-03-15 16:03:03.816094874 -0500
+@@ -178,6 +178,9 @@
+ #define get_cpu() ({ preempt_disable(); smp_processor_id(); })
+ #define put_cpu() preempt_enable()
+
++#define get_cpu_light() ({ migrate_disable(); smp_processor_id(); })
++#define put_cpu_light() migrate_enable()
++
+ /*
+ * Callback to arch code if there's nosmp or maxcpus=0 on the
+ * boot command line:
+diff -Nur linux-3.18.9.orig/include/linux/spinlock_api_smp.h linux-3.18.9/include/linux/spinlock_api_smp.h
+--- linux-3.18.9.orig/include/linux/spinlock_api_smp.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/spinlock_api_smp.h 2015-03-15 16:03:03.816094874 -0500
+@@ -187,6 +187,8 @@
+ return 0;
+ }
+
+-#include <linux/rwlock_api_smp.h>
++#ifndef CONFIG_PREEMPT_RT_FULL
++# include <linux/rwlock_api_smp.h>
++#endif
+
+ #endif /* __LINUX_SPINLOCK_API_SMP_H */
+diff -Nur linux-3.18.9.orig/include/linux/spinlock.h linux-3.18.9/include/linux/spinlock.h
+--- linux-3.18.9.orig/include/linux/spinlock.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/spinlock.h 2015-03-15 16:03:03.816094874 -0500
+@@ -278,7 +278,11 @@
+ #define raw_spin_can_lock(lock) (!raw_spin_is_locked(lock))
+
+ /* Include rwlock functions */
+-#include <linux/rwlock.h>
++#ifdef CONFIG_PREEMPT_RT_FULL
++# include <linux/rwlock_rt.h>
++#else
++# include <linux/rwlock.h>
++#endif
+
+ /*
+ * Pull the _spin_*()/_read_*()/_write_*() functions/declarations:
+@@ -289,6 +293,10 @@
+ # include <linux/spinlock_api_up.h>
+ #endif
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++# include <linux/spinlock_rt.h>
++#else /* PREEMPT_RT_FULL */
++
+ /*
+ * Map the spin_lock functions to the raw variants for PREEMPT_RT=n
+ */
+@@ -418,4 +426,6 @@
+ #define atomic_dec_and_lock(atomic, lock) \
+ __cond_lock(lock, _atomic_dec_and_lock(atomic, lock))
+
++#endif /* !PREEMPT_RT_FULL */
++
+ #endif /* __LINUX_SPINLOCK_H */
+diff -Nur linux-3.18.9.orig/include/linux/spinlock_rt.h linux-3.18.9/include/linux/spinlock_rt.h
+--- linux-3.18.9.orig/include/linux/spinlock_rt.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/linux/spinlock_rt.h 2015-03-15 16:03:03.816094874 -0500
+@@ -0,0 +1,167 @@
++#ifndef __LINUX_SPINLOCK_RT_H
++#define __LINUX_SPINLOCK_RT_H
++
++#ifndef __LINUX_SPINLOCK_H
++#error Do not include directly. Use spinlock.h
++#endif
++
++#include <linux/bug.h>
++
++extern void
++__rt_spin_lock_init(spinlock_t *lock, char *name, struct lock_class_key *key);
++
++#define spin_lock_init(slock) \
++do { \
++ static struct lock_class_key __key; \
++ \
++ rt_mutex_init(&(slock)->lock); \
++ __rt_spin_lock_init(slock, #slock, &__key); \
++} while (0)
++
++extern void __lockfunc rt_spin_lock(spinlock_t *lock);
++extern unsigned long __lockfunc rt_spin_lock_trace_flags(spinlock_t *lock);
++extern void __lockfunc rt_spin_lock_nested(spinlock_t *lock, int subclass);
++extern void __lockfunc rt_spin_unlock(spinlock_t *lock);
++extern void __lockfunc rt_spin_unlock_after_trylock_in_irq(spinlock_t *lock);
++extern void __lockfunc rt_spin_unlock_wait(spinlock_t *lock);
++extern int __lockfunc rt_spin_trylock_irqsave(spinlock_t *lock, unsigned long *flags);
++extern int __lockfunc rt_spin_trylock_bh(spinlock_t *lock);
++extern int __lockfunc rt_spin_trylock(spinlock_t *lock);
++extern int atomic_dec_and_spin_lock(atomic_t *atomic, spinlock_t *lock);
++
++/*
++ * lockdep-less calls, for derived types like rwlock:
++ * (for trylock they can use rt_mutex_trylock() directly.
++ */
++extern void __lockfunc __rt_spin_lock(struct rt_mutex *lock);
++extern void __lockfunc __rt_spin_unlock(struct rt_mutex *lock);
++extern int __lockfunc __rt_spin_trylock(struct rt_mutex *lock);
++
++#define spin_lock(lock) \
++ do { \
++ migrate_disable(); \
++ rt_spin_lock(lock); \
++ } while (0)
++
++#define spin_lock_bh(lock) \
++ do { \
++ local_bh_disable(); \
++ migrate_disable(); \
++ rt_spin_lock(lock); \
++ } while (0)
++
++#define spin_lock_irq(lock) spin_lock(lock)
++
++#define spin_do_trylock(lock) __cond_lock(lock, rt_spin_trylock(lock))
++
++#define spin_trylock(lock) \
++({ \
++ int __locked; \
++ migrate_disable(); \
++ __locked = spin_do_trylock(lock); \
++ if (!__locked) \
++ migrate_enable(); \
++ __locked; \
++})
++
++#ifdef CONFIG_LOCKDEP
++# define spin_lock_nested(lock, subclass) \
++ do { \
++ migrate_disable(); \
++ rt_spin_lock_nested(lock, subclass); \
++ } while (0)
++
++# define spin_lock_irqsave_nested(lock, flags, subclass) \
++ do { \
++ typecheck(unsigned long, flags); \
++ flags = 0; \
++ migrate_disable(); \
++ rt_spin_lock_nested(lock, subclass); \
++ } while (0)
++#else
++# define spin_lock_nested(lock, subclass) spin_lock(lock)
++
++# define spin_lock_irqsave_nested(lock, flags, subclass) \
++ do { \
++ typecheck(unsigned long, flags); \
++ flags = 0; \
++ spin_lock(lock); \
++ } while (0)
++#endif
++
++#define spin_lock_irqsave(lock, flags) \
++ do { \
++ typecheck(unsigned long, flags); \
++ flags = 0; \
++ spin_lock(lock); \
++ } while (0)
++
++static inline unsigned long spin_lock_trace_flags(spinlock_t *lock)
++{
++ unsigned long flags = 0;
++#ifdef CONFIG_TRACE_IRQFLAGS
++ flags = rt_spin_lock_trace_flags(lock);
++#else
++ spin_lock(lock); /* lock_local */
++#endif
++ return flags;
++}
++
++/* FIXME: we need rt_spin_lock_nest_lock */
++#define spin_lock_nest_lock(lock, nest_lock) spin_lock_nested(lock, 0)
++
++#define spin_unlock(lock) \
++ do { \
++ rt_spin_unlock(lock); \
++ migrate_enable(); \
++ } while (0)
++
++#define spin_unlock_bh(lock) \
++ do { \
++ rt_spin_unlock(lock); \
++ migrate_enable(); \
++ local_bh_enable(); \
++ } while (0)
++
++#define spin_unlock_irq(lock) spin_unlock(lock)
++
++#define spin_unlock_irqrestore(lock, flags) \
++ do { \
++ typecheck(unsigned long, flags); \
++ (void) flags; \
++ spin_unlock(lock); \
++ } while (0)
++
++#define spin_trylock_bh(lock) __cond_lock(lock, rt_spin_trylock_bh(lock))
++#define spin_trylock_irq(lock) spin_trylock(lock)
++
++#define spin_trylock_irqsave(lock, flags) \
++ rt_spin_trylock_irqsave(lock, &(flags))
++
++#define spin_unlock_wait(lock) rt_spin_unlock_wait(lock)
++
++#ifdef CONFIG_GENERIC_LOCKBREAK
++# define spin_is_contended(lock) ((lock)->break_lock)
++#else
++# define spin_is_contended(lock) (((void)(lock), 0))
++#endif
++
++static inline int spin_can_lock(spinlock_t *lock)
++{
++ return !rt_mutex_is_locked(&lock->lock);
++}
++
++static inline int spin_is_locked(spinlock_t *lock)
++{
++ return rt_mutex_is_locked(&lock->lock);
++}
++
++static inline void assert_spin_locked(spinlock_t *lock)
++{
++ BUG_ON(!spin_is_locked(lock));
++}
++
++#define atomic_dec_and_lock(atomic, lock) \
++ atomic_dec_and_spin_lock(atomic, lock)
++
++#endif
+diff -Nur linux-3.18.9.orig/include/linux/spinlock_types.h linux-3.18.9/include/linux/spinlock_types.h
+--- linux-3.18.9.orig/include/linux/spinlock_types.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/spinlock_types.h 2015-03-15 16:03:03.816094874 -0500
+@@ -9,80 +9,15 @@
+ * Released under the General Public License (GPL).
+ */
+
+-#if defined(CONFIG_SMP)
+-# include <asm/spinlock_types.h>
+-#else
+-# include <linux/spinlock_types_up.h>
+-#endif
+-
+-#include <linux/lockdep.h>
+-
+-typedef struct raw_spinlock {
+- arch_spinlock_t raw_lock;
+-#ifdef CONFIG_GENERIC_LOCKBREAK
+- unsigned int break_lock;
+-#endif
+-#ifdef CONFIG_DEBUG_SPINLOCK
+- unsigned int magic, owner_cpu;
+- void *owner;
+-#endif
+-#ifdef CONFIG_DEBUG_LOCK_ALLOC
+- struct lockdep_map dep_map;
+-#endif
+-} raw_spinlock_t;
+-
+-#define SPINLOCK_MAGIC 0xdead4ead
+-
+-#define SPINLOCK_OWNER_INIT ((void *)-1L)
+-
+-#ifdef CONFIG_DEBUG_LOCK_ALLOC
+-# define SPIN_DEP_MAP_INIT(lockname) .dep_map = { .name = #lockname }
+-#else
+-# define SPIN_DEP_MAP_INIT(lockname)
+-#endif
++#include <linux/spinlock_types_raw.h>
+
+-#ifdef CONFIG_DEBUG_SPINLOCK
+-# define SPIN_DEBUG_INIT(lockname) \
+- .magic = SPINLOCK_MAGIC, \
+- .owner_cpu = -1, \
+- .owner = SPINLOCK_OWNER_INIT,
++#ifndef CONFIG_PREEMPT_RT_FULL
++# include <linux/spinlock_types_nort.h>
++# include <linux/rwlock_types.h>
+ #else
+-# define SPIN_DEBUG_INIT(lockname)
++# include <linux/rtmutex.h>
++# include <linux/spinlock_types_rt.h>
++# include <linux/rwlock_types_rt.h>
+ #endif
+
+-#define __RAW_SPIN_LOCK_INITIALIZER(lockname) \
+- { \
+- .raw_lock = __ARCH_SPIN_LOCK_UNLOCKED, \
+- SPIN_DEBUG_INIT(lockname) \
+- SPIN_DEP_MAP_INIT(lockname) }
+-
+-#define __RAW_SPIN_LOCK_UNLOCKED(lockname) \
+- (raw_spinlock_t) __RAW_SPIN_LOCK_INITIALIZER(lockname)
+-
+-#define DEFINE_RAW_SPINLOCK(x) raw_spinlock_t x = __RAW_SPIN_LOCK_UNLOCKED(x)
+-
+-typedef struct spinlock {
+- union {
+- struct raw_spinlock rlock;
+-
+-#ifdef CONFIG_DEBUG_LOCK_ALLOC
+-# define LOCK_PADSIZE (offsetof(struct raw_spinlock, dep_map))
+- struct {
+- u8 __padding[LOCK_PADSIZE];
+- struct lockdep_map dep_map;
+- };
+-#endif
+- };
+-} spinlock_t;
+-
+-#define __SPIN_LOCK_INITIALIZER(lockname) \
+- { { .rlock = __RAW_SPIN_LOCK_INITIALIZER(lockname) } }
+-
+-#define __SPIN_LOCK_UNLOCKED(lockname) \
+- (spinlock_t ) __SPIN_LOCK_INITIALIZER(lockname)
+-
+-#define DEFINE_SPINLOCK(x) spinlock_t x = __SPIN_LOCK_UNLOCKED(x)
+-
+-#include <linux/rwlock_types.h>
+-
+ #endif /* __LINUX_SPINLOCK_TYPES_H */
+diff -Nur linux-3.18.9.orig/include/linux/spinlock_types_nort.h linux-3.18.9/include/linux/spinlock_types_nort.h
+--- linux-3.18.9.orig/include/linux/spinlock_types_nort.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/linux/spinlock_types_nort.h 2015-03-15 16:03:03.816094874 -0500
+@@ -0,0 +1,33 @@
++#ifndef __LINUX_SPINLOCK_TYPES_NORT_H
++#define __LINUX_SPINLOCK_TYPES_NORT_H
++
++#ifndef __LINUX_SPINLOCK_TYPES_H
++#error "Do not include directly. Include spinlock_types.h instead"
++#endif
++
++/*
++ * The non RT version maps spinlocks to raw_spinlocks
++ */
++typedef struct spinlock {
++ union {
++ struct raw_spinlock rlock;
++
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++# define LOCK_PADSIZE (offsetof(struct raw_spinlock, dep_map))
++ struct {
++ u8 __padding[LOCK_PADSIZE];
++ struct lockdep_map dep_map;
++ };
++#endif
++ };
++} spinlock_t;
++
++#define __SPIN_LOCK_INITIALIZER(lockname) \
++ { { .rlock = __RAW_SPIN_LOCK_INITIALIZER(lockname) } }
++
++#define __SPIN_LOCK_UNLOCKED(lockname) \
++ (spinlock_t ) __SPIN_LOCK_INITIALIZER(lockname)
++
++#define DEFINE_SPINLOCK(x) spinlock_t x = __SPIN_LOCK_UNLOCKED(x)
++
++#endif
+diff -Nur linux-3.18.9.orig/include/linux/spinlock_types_raw.h linux-3.18.9/include/linux/spinlock_types_raw.h
+--- linux-3.18.9.orig/include/linux/spinlock_types_raw.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/linux/spinlock_types_raw.h 2015-03-15 16:03:03.816094874 -0500
+@@ -0,0 +1,56 @@
++#ifndef __LINUX_SPINLOCK_TYPES_RAW_H
++#define __LINUX_SPINLOCK_TYPES_RAW_H
++
++#if defined(CONFIG_SMP)
++# include <asm/spinlock_types.h>
++#else
++# include <linux/spinlock_types_up.h>
++#endif
++
++#include <linux/lockdep.h>
++
++typedef struct raw_spinlock {
++ arch_spinlock_t raw_lock;
++#ifdef CONFIG_GENERIC_LOCKBREAK
++ unsigned int break_lock;
++#endif
++#ifdef CONFIG_DEBUG_SPINLOCK
++ unsigned int magic, owner_cpu;
++ void *owner;
++#endif
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++ struct lockdep_map dep_map;
++#endif
++} raw_spinlock_t;
++
++#define SPINLOCK_MAGIC 0xdead4ead
++
++#define SPINLOCK_OWNER_INIT ((void *)-1L)
++
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++# define SPIN_DEP_MAP_INIT(lockname) .dep_map = { .name = #lockname }
++#else
++# define SPIN_DEP_MAP_INIT(lockname)
++#endif
++
++#ifdef CONFIG_DEBUG_SPINLOCK
++# define SPIN_DEBUG_INIT(lockname) \
++ .magic = SPINLOCK_MAGIC, \
++ .owner_cpu = -1, \
++ .owner = SPINLOCK_OWNER_INIT,
++#else
++# define SPIN_DEBUG_INIT(lockname)
++#endif
++
++#define __RAW_SPIN_LOCK_INITIALIZER(lockname) \
++ { \
++ .raw_lock = __ARCH_SPIN_LOCK_UNLOCKED, \
++ SPIN_DEBUG_INIT(lockname) \
++ SPIN_DEP_MAP_INIT(lockname) }
++
++#define __RAW_SPIN_LOCK_UNLOCKED(lockname) \
++ (raw_spinlock_t) __RAW_SPIN_LOCK_INITIALIZER(lockname)
++
++#define DEFINE_RAW_SPINLOCK(x) raw_spinlock_t x = __RAW_SPIN_LOCK_UNLOCKED(x)
++
++#endif
+diff -Nur linux-3.18.9.orig/include/linux/spinlock_types_rt.h linux-3.18.9/include/linux/spinlock_types_rt.h
+--- linux-3.18.9.orig/include/linux/spinlock_types_rt.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/linux/spinlock_types_rt.h 2015-03-15 16:03:03.816094874 -0500
+@@ -0,0 +1,51 @@
++#ifndef __LINUX_SPINLOCK_TYPES_RT_H
++#define __LINUX_SPINLOCK_TYPES_RT_H
++
++#ifndef __LINUX_SPINLOCK_TYPES_H
++#error "Do not include directly. Include spinlock_types.h instead"
++#endif
++
++#include <linux/cache.h>
++
++/*
++ * PREEMPT_RT: spinlocks - an RT mutex plus lock-break field:
++ */
++typedef struct spinlock {
++ struct rt_mutex lock;
++ unsigned int break_lock;
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++ struct lockdep_map dep_map;
++#endif
++} spinlock_t;
++
++#ifdef CONFIG_DEBUG_RT_MUTEXES
++# define __RT_SPIN_INITIALIZER(name) \
++ { \
++ .wait_lock = __RAW_SPIN_LOCK_UNLOCKED(name.wait_lock), \
++ .save_state = 1, \
++ .file = __FILE__, \
++ .line = __LINE__ , \
++ }
++#else
++# define __RT_SPIN_INITIALIZER(name) \
++ { \
++ .wait_lock = __RAW_SPIN_LOCK_UNLOCKED(name.wait_lock), \
++ .save_state = 1, \
++ }
++#endif
++
++/*
++.wait_list = PLIST_HEAD_INIT_RAW((name).lock.wait_list, (name).lock.wait_lock)
++*/
++
++#define __SPIN_LOCK_UNLOCKED(name) \
++ { .lock = __RT_SPIN_INITIALIZER(name.lock), \
++ SPIN_DEP_MAP_INIT(name) }
++
++#define __DEFINE_SPINLOCK(name) \
++ spinlock_t name = __SPIN_LOCK_UNLOCKED(name)
++
++#define DEFINE_SPINLOCK(name) \
++ spinlock_t name __cacheline_aligned_in_smp = __SPIN_LOCK_UNLOCKED(name)
++
++#endif
+diff -Nur linux-3.18.9.orig/include/linux/srcu.h linux-3.18.9/include/linux/srcu.h
+--- linux-3.18.9.orig/include/linux/srcu.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/srcu.h 2015-03-15 16:03:03.820094874 -0500
+@@ -84,10 +84,10 @@
+
+ void process_srcu(struct work_struct *work);
+
+-#define __SRCU_STRUCT_INIT(name) \
++#define __SRCU_STRUCT_INIT(name, pcpu_name) \
+ { \
+ .completed = -300, \
+- .per_cpu_ref = &name##_srcu_array, \
++ .per_cpu_ref = &pcpu_name, \
+ .queue_lock = __SPIN_LOCK_UNLOCKED(name.queue_lock), \
+ .running = false, \
+ .batch_queue = RCU_BATCH_INIT(name.batch_queue), \
+@@ -104,11 +104,12 @@
+ */
+ #define DEFINE_SRCU(name) \
+ static DEFINE_PER_CPU(struct srcu_struct_array, name##_srcu_array);\
+- struct srcu_struct name = __SRCU_STRUCT_INIT(name);
++ struct srcu_struct name = __SRCU_STRUCT_INIT(name, name##_srcu_array);
+
+ #define DEFINE_STATIC_SRCU(name) \
+ static DEFINE_PER_CPU(struct srcu_struct_array, name##_srcu_array);\
+- static struct srcu_struct name = __SRCU_STRUCT_INIT(name);
++ static struct srcu_struct name = __SRCU_STRUCT_INIT(\
++ name, name##_srcu_array);
+
+ /**
+ * call_srcu() - Queue a callback for invocation after an SRCU grace period
+diff -Nur linux-3.18.9.orig/include/linux/swap.h linux-3.18.9/include/linux/swap.h
+--- linux-3.18.9.orig/include/linux/swap.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/swap.h 2015-03-15 16:03:03.824094874 -0500
+@@ -11,6 +11,7 @@
+ #include <linux/fs.h>
+ #include <linux/atomic.h>
+ #include <linux/page-flags.h>
++#include <linux/locallock.h>
+ #include <asm/page.h>
+
+ struct notifier_block;
+@@ -260,7 +261,8 @@
+ void *workingset_eviction(struct address_space *mapping, struct page *page);
+ bool workingset_refault(void *shadow);
+ void workingset_activation(struct page *page);
+-extern struct list_lru workingset_shadow_nodes;
++extern struct list_lru __workingset_shadow_nodes;
++DECLARE_LOCAL_IRQ_LOCK(workingset_shadow_lock);
+
+ static inline unsigned int workingset_node_pages(struct radix_tree_node *node)
+ {
+diff -Nur linux-3.18.9.orig/include/linux/sysctl.h linux-3.18.9/include/linux/sysctl.h
+--- linux-3.18.9.orig/include/linux/sysctl.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/sysctl.h 2015-03-15 16:03:03.824094874 -0500
+@@ -25,6 +25,7 @@
+ #include <linux/rcupdate.h>
+ #include <linux/wait.h>
+ #include <linux/rbtree.h>
++#include <linux/atomic.h>
+ #include <uapi/linux/sysctl.h>
+
+ /* For the /proc/sys support */
+diff -Nur linux-3.18.9.orig/include/linux/thread_info.h linux-3.18.9/include/linux/thread_info.h
+--- linux-3.18.9.orig/include/linux/thread_info.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/thread_info.h 2015-03-15 16:03:03.824094874 -0500
+@@ -102,7 +102,17 @@
+ #define test_thread_flag(flag) \
+ test_ti_thread_flag(current_thread_info(), flag)
+
+-#define tif_need_resched() test_thread_flag(TIF_NEED_RESCHED)
++#ifdef CONFIG_PREEMPT_LAZY
++#define tif_need_resched() (test_thread_flag(TIF_NEED_RESCHED) || \
++ test_thread_flag(TIF_NEED_RESCHED_LAZY))
++#define tif_need_resched_now() (test_thread_flag(TIF_NEED_RESCHED))
++#define tif_need_resched_lazy() test_thread_flag(TIF_NEED_RESCHED_LAZY))
++
++#else
++#define tif_need_resched() test_thread_flag(TIF_NEED_RESCHED)
++#define tif_need_resched_now() test_thread_flag(TIF_NEED_RESCHED)
++#define tif_need_resched_lazy() 0
++#endif
+
+ #if defined TIF_RESTORE_SIGMASK && !defined HAVE_SET_RESTORE_SIGMASK
+ /*
+diff -Nur linux-3.18.9.orig/include/linux/timer.h linux-3.18.9/include/linux/timer.h
+--- linux-3.18.9.orig/include/linux/timer.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/timer.h 2015-03-15 16:03:03.824094874 -0500
+@@ -241,7 +241,7 @@
+
+ extern int try_to_del_timer_sync(struct timer_list *timer);
+
+-#ifdef CONFIG_SMP
++#if defined(CONFIG_SMP) || defined(CONFIG_PREEMPT_RT_FULL)
+ extern int del_timer_sync(struct timer_list *timer);
+ #else
+ # define del_timer_sync(t) del_timer(t)
+diff -Nur linux-3.18.9.orig/include/linux/uaccess.h linux-3.18.9/include/linux/uaccess.h
+--- linux-3.18.9.orig/include/linux/uaccess.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/uaccess.h 2015-03-15 16:03:03.824094874 -0500
+@@ -6,14 +6,9 @@
+
+ /*
+ * These routines enable/disable the pagefault handler in that
+- * it will not take any locks and go straight to the fixup table.
+- *
+- * They have great resemblance to the preempt_disable/enable calls
+- * and in fact they are identical; this is because currently there is
+- * no other way to make the pagefault handlers do this. So we do
+- * disable preemption but we don't necessarily care about that.
++ * it will not take any MM locks and go straight to the fixup table.
+ */
+-static inline void pagefault_disable(void)
++static inline void raw_pagefault_disable(void)
+ {
+ preempt_count_inc();
+ /*
+@@ -23,7 +18,7 @@
+ barrier();
+ }
+
+-static inline void pagefault_enable(void)
++static inline void raw_pagefault_enable(void)
+ {
+ #ifndef CONFIG_PREEMPT
+ /*
+@@ -37,6 +32,21 @@
+ #endif
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
++static inline void pagefault_disable(void)
++{
++ raw_pagefault_disable();
++}
++
++static inline void pagefault_enable(void)
++{
++ raw_pagefault_enable();
++}
++#else
++extern void pagefault_disable(void);
++extern void pagefault_enable(void);
++#endif
++
+ #ifndef ARCH_HAS_NOCACHE_UACCESS
+
+ static inline unsigned long __copy_from_user_inatomic_nocache(void *to,
+@@ -76,9 +86,9 @@
+ mm_segment_t old_fs = get_fs(); \
+ \
+ set_fs(KERNEL_DS); \
+- pagefault_disable(); \
++ raw_pagefault_disable(); \
+ ret = __copy_from_user_inatomic(&(retval), (__force typeof(retval) __user *)(addr), sizeof(retval)); \
+- pagefault_enable(); \
++ raw_pagefault_enable(); \
+ set_fs(old_fs); \
+ ret; \
+ })
+diff -Nur linux-3.18.9.orig/include/linux/uprobes.h linux-3.18.9/include/linux/uprobes.h
+--- linux-3.18.9.orig/include/linux/uprobes.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/uprobes.h 2015-03-15 16:03:03.824094874 -0500
+@@ -27,6 +27,7 @@
+ #include <linux/errno.h>
+ #include <linux/rbtree.h>
+ #include <linux/types.h>
++#include <linux/wait.h>
+
+ struct vm_area_struct;
+ struct mm_struct;
+diff -Nur linux-3.18.9.orig/include/linux/vmstat.h linux-3.18.9/include/linux/vmstat.h
+--- linux-3.18.9.orig/include/linux/vmstat.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/vmstat.h 2015-03-15 16:03:03.824094874 -0500
+@@ -33,7 +33,9 @@
+ */
+ static inline void __count_vm_event(enum vm_event_item item)
+ {
++ preempt_disable_rt();
+ raw_cpu_inc(vm_event_states.event[item]);
++ preempt_enable_rt();
+ }
+
+ static inline void count_vm_event(enum vm_event_item item)
+@@ -43,7 +45,9 @@
+
+ static inline void __count_vm_events(enum vm_event_item item, long delta)
+ {
++ preempt_disable_rt();
+ raw_cpu_add(vm_event_states.event[item], delta);
++ preempt_enable_rt();
+ }
+
+ static inline void count_vm_events(enum vm_event_item item, long delta)
+diff -Nur linux-3.18.9.orig/include/linux/wait.h linux-3.18.9/include/linux/wait.h
+--- linux-3.18.9.orig/include/linux/wait.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/linux/wait.h 2015-03-15 16:03:03.824094874 -0500
+@@ -8,6 +8,7 @@
+ #include <linux/spinlock.h>
+ #include <asm/current.h>
+ #include <uapi/linux/wait.h>
++#include <linux/atomic.h>
+
+ typedef struct __wait_queue wait_queue_t;
+ typedef int (*wait_queue_func_t)(wait_queue_t *wait, unsigned mode, int flags, void *key);
+diff -Nur linux-3.18.9.orig/include/linux/wait-simple.h linux-3.18.9/include/linux/wait-simple.h
+--- linux-3.18.9.orig/include/linux/wait-simple.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/linux/wait-simple.h 2015-03-15 16:03:03.824094874 -0500
+@@ -0,0 +1,207 @@
++#ifndef _LINUX_WAIT_SIMPLE_H
++#define _LINUX_WAIT_SIMPLE_H
++
++#include <linux/spinlock.h>
++#include <linux/list.h>
++
++#include <asm/current.h>
++
++struct swaiter {
++ struct task_struct *task;
++ struct list_head node;
++};
++
++#define DEFINE_SWAITER(name) \
++ struct swaiter name = { \
++ .task = current, \
++ .node = LIST_HEAD_INIT((name).node), \
++ }
++
++struct swait_head {
++ raw_spinlock_t lock;
++ struct list_head list;
++};
++
++#define SWAIT_HEAD_INITIALIZER(name) { \
++ .lock = __RAW_SPIN_LOCK_UNLOCKED(name.lock), \
++ .list = LIST_HEAD_INIT((name).list), \
++ }
++
++#define DEFINE_SWAIT_HEAD(name) \
++ struct swait_head name = SWAIT_HEAD_INITIALIZER(name)
++
++extern void __init_swait_head(struct swait_head *h, struct lock_class_key *key);
++
++#define init_swait_head(swh) \
++ do { \
++ static struct lock_class_key __key; \
++ \
++ __init_swait_head((swh), &__key); \
++ } while (0)
++
++/*
++ * Waiter functions
++ */
++extern void swait_prepare_locked(struct swait_head *head, struct swaiter *w);
++extern void swait_prepare(struct swait_head *head, struct swaiter *w, int state);
++extern void swait_finish_locked(struct swait_head *head, struct swaiter *w);
++extern void swait_finish(struct swait_head *head, struct swaiter *w);
++
++/* Check whether a head has waiters enqueued */
++static inline bool swaitqueue_active(struct swait_head *h)
++{
++ /* Make sure the condition is visible before checking list_empty() */
++ smp_mb();
++ return !list_empty(&h->list);
++}
++
++/*
++ * Wakeup functions
++ */
++extern unsigned int __swait_wake(struct swait_head *head, unsigned int state, unsigned int num);
++extern unsigned int __swait_wake_locked(struct swait_head *head, unsigned int state, unsigned int num);
++
++#define swait_wake(head) __swait_wake(head, TASK_NORMAL, 1)
++#define swait_wake_interruptible(head) __swait_wake(head, TASK_INTERRUPTIBLE, 1)
++#define swait_wake_all(head) __swait_wake(head, TASK_NORMAL, 0)
++#define swait_wake_all_interruptible(head) __swait_wake(head, TASK_INTERRUPTIBLE, 0)
++
++/*
++ * Event API
++ */
++#define __swait_event(wq, condition) \
++do { \
++ DEFINE_SWAITER(__wait); \
++ \
++ for (;;) { \
++ swait_prepare(&wq, &__wait, TASK_UNINTERRUPTIBLE); \
++ if (condition) \
++ break; \
++ schedule(); \
++ } \
++ swait_finish(&wq, &__wait); \
++} while (0)
++
++/**
++ * swait_event - sleep until a condition gets true
++ * @wq: the waitqueue to wait on
++ * @condition: a C expression for the event to wait for
++ *
++ * The process is put to sleep (TASK_UNINTERRUPTIBLE) until the
++ * @condition evaluates to true. The @condition is checked each time
++ * the waitqueue @wq is woken up.
++ *
++ * wake_up() has to be called after changing any variable that could
++ * change the result of the wait condition.
++ */
++#define swait_event(wq, condition) \
++do { \
++ if (condition) \
++ break; \
++ __swait_event(wq, condition); \
++} while (0)
++
++#define __swait_event_interruptible(wq, condition, ret) \
++do { \
++ DEFINE_SWAITER(__wait); \
++ \
++ for (;;) { \
++ swait_prepare(&wq, &__wait, TASK_INTERRUPTIBLE); \
++ if (condition) \
++ break; \
++ if (signal_pending(current)) { \
++ ret = -ERESTARTSYS; \
++ break; \
++ } \
++ schedule(); \
++ } \
++ swait_finish(&wq, &__wait); \
++} while (0)
++
++#define __swait_event_interruptible_timeout(wq, condition, ret) \
++do { \
++ DEFINE_SWAITER(__wait); \
++ \
++ for (;;) { \
++ swait_prepare(&wq, &__wait, TASK_INTERRUPTIBLE); \
++ if (condition) \
++ break; \
++ if (signal_pending(current)) { \
++ ret = -ERESTARTSYS; \
++ break; \
++ } \
++ ret = schedule_timeout(ret); \
++ if (!ret) \
++ break; \
++ } \
++ swait_finish(&wq, &__wait); \
++} while (0)
++
++/**
++ * swait_event_interruptible - sleep until a condition gets true
++ * @wq: the waitqueue to wait on
++ * @condition: a C expression for the event to wait for
++ *
++ * The process is put to sleep (TASK_INTERRUPTIBLE) until the
++ * @condition evaluates to true. The @condition is checked each time
++ * the waitqueue @wq is woken up.
++ *
++ * wake_up() has to be called after changing any variable that could
++ * change the result of the wait condition.
++ */
++#define swait_event_interruptible(wq, condition) \
++({ \
++ int __ret = 0; \
++ if (!(condition)) \
++ __swait_event_interruptible(wq, condition, __ret); \
++ __ret; \
++})
++
++#define swait_event_interruptible_timeout(wq, condition, timeout) \
++({ \
++ int __ret = timeout; \
++ if (!(condition)) \
++ __swait_event_interruptible_timeout(wq, condition, __ret); \
++ __ret; \
++})
++
++#define __swait_event_timeout(wq, condition, ret) \
++do { \
++ DEFINE_SWAITER(__wait); \
++ \
++ for (;;) { \
++ swait_prepare(&wq, &__wait, TASK_UNINTERRUPTIBLE); \
++ if (condition) \
++ break; \
++ ret = schedule_timeout(ret); \
++ if (!ret) \
++ break; \
++ } \
++ swait_finish(&wq, &__wait); \
++} while (0)
++
++/**
++ * swait_event_timeout - sleep until a condition gets true or a timeout elapses
++ * @wq: the waitqueue to wait on
++ * @condition: a C expression for the event to wait for
++ * @timeout: timeout, in jiffies
++ *
++ * The process is put to sleep (TASK_UNINTERRUPTIBLE) until the
++ * @condition evaluates to true. The @condition is checked each time
++ * the waitqueue @wq is woken up.
++ *
++ * wake_up() has to be called after changing any variable that could
++ * change the result of the wait condition.
++ *
++ * The function returns 0 if the @timeout elapsed, and the remaining
++ * jiffies if the condition evaluated to true before the timeout elapsed.
++ */
++#define swait_event_timeout(wq, condition, timeout) \
++({ \
++ long __ret = timeout; \
++ if (!(condition)) \
++ __swait_event_timeout(wq, condition, __ret); \
++ __ret; \
++})
++
++#endif
+diff -Nur linux-3.18.9.orig/include/linux/work-simple.h linux-3.18.9/include/linux/work-simple.h
+--- linux-3.18.9.orig/include/linux/work-simple.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/linux/work-simple.h 2015-03-15 16:03:03.824094874 -0500
+@@ -0,0 +1,24 @@
++#ifndef _LINUX_SWORK_H
++#define _LINUX_SWORK_H
++
++#include <linux/list.h>
++
++struct swork_event {
++ struct list_head item;
++ unsigned long flags;
++ void (*func)(struct swork_event *);
++};
++
++static inline void INIT_SWORK(struct swork_event *event,
++ void (*func)(struct swork_event *))
++{
++ event->flags = 0;
++ event->func = func;
++}
++
++bool swork_queue(struct swork_event *sev);
++
++int swork_get(void);
++void swork_put(void);
++
++#endif /* _LINUX_SWORK_H */
+diff -Nur linux-3.18.9.orig/include/net/dst.h linux-3.18.9/include/net/dst.h
+--- linux-3.18.9.orig/include/net/dst.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/net/dst.h 2015-03-15 16:03:03.824094874 -0500
+@@ -403,7 +403,7 @@
+ static inline int dst_neigh_output(struct dst_entry *dst, struct neighbour *n,
+ struct sk_buff *skb)
+ {
+- const struct hh_cache *hh;
++ struct hh_cache *hh;
+
+ if (dst->pending_confirm) {
+ unsigned long now = jiffies;
+diff -Nur linux-3.18.9.orig/include/net/neighbour.h linux-3.18.9/include/net/neighbour.h
+--- linux-3.18.9.orig/include/net/neighbour.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/net/neighbour.h 2015-03-15 16:03:03.824094874 -0500
+@@ -387,7 +387,7 @@
+ }
+ #endif
+
+-static inline int neigh_hh_output(const struct hh_cache *hh, struct sk_buff *skb)
++static inline int neigh_hh_output(struct hh_cache *hh, struct sk_buff *skb)
+ {
+ unsigned int seq;
+ int hh_len;
+@@ -442,7 +442,7 @@
+
+ #define NEIGH_CB(skb) ((struct neighbour_cb *)(skb)->cb)
+
+-static inline void neigh_ha_snapshot(char *dst, const struct neighbour *n,
++static inline void neigh_ha_snapshot(char *dst, struct neighbour *n,
+ const struct net_device *dev)
+ {
+ unsigned int seq;
+diff -Nur linux-3.18.9.orig/include/net/netns/ipv4.h linux-3.18.9/include/net/netns/ipv4.h
+--- linux-3.18.9.orig/include/net/netns/ipv4.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/include/net/netns/ipv4.h 2015-03-15 16:03:03.824094874 -0500
+@@ -67,6 +67,7 @@
+
+ int sysctl_icmp_echo_ignore_all;
+ int sysctl_icmp_echo_ignore_broadcasts;
++ int sysctl_icmp_echo_sysrq;
+ int sysctl_icmp_ignore_bogus_error_responses;
+ int sysctl_icmp_ratelimit;
+ int sysctl_icmp_ratemask;
+diff -Nur linux-3.18.9.orig/include/trace/events/hist.h linux-3.18.9/include/trace/events/hist.h
+--- linux-3.18.9.orig/include/trace/events/hist.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/trace/events/hist.h 2015-03-15 16:03:03.824094874 -0500
+@@ -0,0 +1,72 @@
++#undef TRACE_SYSTEM
++#define TRACE_SYSTEM hist
++
++#if !defined(_TRACE_HIST_H) || defined(TRACE_HEADER_MULTI_READ)
++#define _TRACE_HIST_H
++
++#include "latency_hist.h"
++#include <linux/tracepoint.h>
++
++#if !defined(CONFIG_PREEMPT_OFF_HIST) && !defined(CONFIG_INTERRUPT_OFF_HIST)
++#define trace_preemptirqsoff_hist(a, b)
++#else
++TRACE_EVENT(preemptirqsoff_hist,
++
++ TP_PROTO(int reason, int starthist),
++
++ TP_ARGS(reason, starthist),
++
++ TP_STRUCT__entry(
++ __field(int, reason)
++ __field(int, starthist)
++ ),
++
++ TP_fast_assign(
++ __entry->reason = reason;
++ __entry->starthist = starthist;
++ ),
++
++ TP_printk("reason=%s starthist=%s", getaction(__entry->reason),
++ __entry->starthist ? "start" : "stop")
++);
++#endif
++
++#ifndef CONFIG_MISSED_TIMER_OFFSETS_HIST
++#define trace_hrtimer_interrupt(a, b, c, d)
++#else
++TRACE_EVENT(hrtimer_interrupt,
++
++ TP_PROTO(int cpu, long long offset, struct task_struct *curr,
++ struct task_struct *task),
++
++ TP_ARGS(cpu, offset, curr, task),
++
++ TP_STRUCT__entry(
++ __field(int, cpu)
++ __field(long long, offset)
++ __array(char, ccomm, TASK_COMM_LEN)
++ __field(int, cprio)
++ __array(char, tcomm, TASK_COMM_LEN)
++ __field(int, tprio)
++ ),
++
++ TP_fast_assign(
++ __entry->cpu = cpu;
++ __entry->offset = offset;
++ memcpy(__entry->ccomm, curr->comm, TASK_COMM_LEN);
++ __entry->cprio = curr->prio;
++ memcpy(__entry->tcomm, task != NULL ? task->comm : "<none>",
++ task != NULL ? TASK_COMM_LEN : 7);
++ __entry->tprio = task != NULL ? task->prio : -1;
++ ),
++
++ TP_printk("cpu=%d offset=%lld curr=%s[%d] thread=%s[%d]",
++ __entry->cpu, __entry->offset, __entry->ccomm,
++ __entry->cprio, __entry->tcomm, __entry->tprio)
++);
++#endif
++
++#endif /* _TRACE_HIST_H */
++
++/* This part must be outside protection */
++#include <trace/define_trace.h>
+diff -Nur linux-3.18.9.orig/include/trace/events/latency_hist.h linux-3.18.9/include/trace/events/latency_hist.h
+--- linux-3.18.9.orig/include/trace/events/latency_hist.h 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/include/trace/events/latency_hist.h 2015-03-15 16:03:03.824094874 -0500
+@@ -0,0 +1,29 @@
++#ifndef _LATENCY_HIST_H
++#define _LATENCY_HIST_H
++
++enum hist_action {
++ IRQS_ON,
++ PREEMPT_ON,
++ TRACE_STOP,
++ IRQS_OFF,
++ PREEMPT_OFF,
++ TRACE_START,
++};
++
++static char *actions[] = {
++ "IRQS_ON",
++ "PREEMPT_ON",
++ "TRACE_STOP",
++ "IRQS_OFF",
++ "PREEMPT_OFF",
++ "TRACE_START",
++};
++
++static inline char *getaction(int action)
++{
++ if (action >= 0 && action <= sizeof(actions)/sizeof(actions[0]))
++ return actions[action];
++ return "unknown";
++}
++
++#endif /* _LATENCY_HIST_H */
+diff -Nur linux-3.18.9.orig/init/Kconfig linux-3.18.9/init/Kconfig
+--- linux-3.18.9.orig/init/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/init/Kconfig 2015-03-15 16:03:03.824094874 -0500
+@@ -635,7 +635,7 @@
+
+ config RCU_FAST_NO_HZ
+ bool "Accelerate last non-dyntick-idle CPU's grace periods"
+- depends on NO_HZ_COMMON && SMP
++ depends on NO_HZ_COMMON && SMP && !PREEMPT_RT_FULL
+ default n
+ help
+ This option permits CPUs to enter dynticks-idle state even if
+@@ -662,7 +662,7 @@
+ config RCU_BOOST
+ bool "Enable RCU priority boosting"
+ depends on RT_MUTEXES && PREEMPT_RCU
+- default n
++ default y if PREEMPT_RT_FULL
+ help
+ This option boosts the priority of preempted RCU readers that
+ block the current preemptible RCU grace period for too long.
+@@ -1106,6 +1106,7 @@
+ config RT_GROUP_SCHED
+ bool "Group scheduling for SCHED_RR/FIFO"
+ depends on CGROUP_SCHED
++ depends on !PREEMPT_RT_FULL
+ default n
+ help
+ This feature lets you explicitly allocate real CPU bandwidth
+@@ -1677,6 +1678,7 @@
+
+ config SLAB
+ bool "SLAB"
++ depends on !PREEMPT_RT_FULL
+ help
+ The regular slab allocator that is established and known to work
+ well in all environments. It organizes cache hot objects in
+@@ -1695,6 +1697,7 @@
+ config SLOB
+ depends on EXPERT
+ bool "SLOB (Simple Allocator)"
++ depends on !PREEMPT_RT_FULL
+ help
+ SLOB replaces the stock allocator with a drastically simpler
+ allocator. SLOB is generally more space efficient but
+diff -Nur linux-3.18.9.orig/init/main.c linux-3.18.9/init/main.c
+--- linux-3.18.9.orig/init/main.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/init/main.c 2015-03-15 16:03:03.828094874 -0500
+@@ -533,6 +533,7 @@
+ setup_command_line(command_line);
+ setup_nr_cpu_ids();
+ setup_per_cpu_areas();
++ softirq_early_init();
+ smp_prepare_boot_cpu(); /* arch-specific boot-cpu hooks */
+
+ build_all_zonelists(NULL, NULL);
+diff -Nur linux-3.18.9.orig/init/Makefile linux-3.18.9/init/Makefile
+--- linux-3.18.9.orig/init/Makefile 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/init/Makefile 2015-03-15 16:03:03.828094874 -0500
+@@ -33,4 +33,4 @@
+ include/generated/compile.h: FORCE
+ @$($(quiet)chk_compile.h)
+ $(Q)$(CONFIG_SHELL) $(srctree)/scripts/mkcompile_h $@ \
+- "$(UTS_MACHINE)" "$(CONFIG_SMP)" "$(CONFIG_PREEMPT)" "$(CC) $(KBUILD_CFLAGS)"
++ "$(UTS_MACHINE)" "$(CONFIG_SMP)" "$(CONFIG_PREEMPT)" "$(CONFIG_PREEMPT_RT_FULL)" "$(CC) $(KBUILD_CFLAGS)"
+diff -Nur linux-3.18.9.orig/ipc/mqueue.c linux-3.18.9/ipc/mqueue.c
+--- linux-3.18.9.orig/ipc/mqueue.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/ipc/mqueue.c 2015-03-15 16:03:03.828094874 -0500
+@@ -923,12 +923,17 @@
+ struct msg_msg *message,
+ struct ext_wait_queue *receiver)
+ {
++ /*
++ * Keep them in one critical section for PREEMPT_RT:
++ */
++ preempt_disable_rt();
+ receiver->msg = message;
+ list_del(&receiver->list);
+ receiver->state = STATE_PENDING;
+ wake_up_process(receiver->task);
+ smp_wmb();
+ receiver->state = STATE_READY;
++ preempt_enable_rt();
+ }
+
+ /* pipelined_receive() - if there is task waiting in sys_mq_timedsend()
+@@ -942,13 +947,18 @@
+ wake_up_interruptible(&info->wait_q);
+ return;
+ }
+- if (msg_insert(sender->msg, info))
+- return;
+- list_del(&sender->list);
+- sender->state = STATE_PENDING;
+- wake_up_process(sender->task);
+- smp_wmb();
+- sender->state = STATE_READY;
++ /*
++ * Keep them in one critical section for PREEMPT_RT:
++ */
++ preempt_disable_rt();
++ if (!msg_insert(sender->msg, info)) {
++ list_del(&sender->list);
++ sender->state = STATE_PENDING;
++ wake_up_process(sender->task);
++ smp_wmb();
++ sender->state = STATE_READY;
++ }
++ preempt_enable_rt();
+ }
+
+ SYSCALL_DEFINE5(mq_timedsend, mqd_t, mqdes, const char __user *, u_msg_ptr,
+diff -Nur linux-3.18.9.orig/ipc/msg.c linux-3.18.9/ipc/msg.c
+--- linux-3.18.9.orig/ipc/msg.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/ipc/msg.c 2015-03-15 16:03:03.828094874 -0500
+@@ -188,6 +188,12 @@
+ struct msg_receiver *msr, *t;
+
+ list_for_each_entry_safe(msr, t, &msq->q_receivers, r_list) {
++ /*
++ * Make sure that the wakeup doesnt preempt
++ * this CPU prematurely. (on PREEMPT_RT)
++ */
++ preempt_disable_rt();
++
+ msr->r_msg = NULL; /* initialize expunge ordering */
+ wake_up_process(msr->r_tsk);
+ /*
+@@ -198,6 +204,8 @@
+ */
+ smp_mb();
+ msr->r_msg = ERR_PTR(res);
++
++ preempt_enable_rt();
+ }
+ }
+
+@@ -574,6 +582,11 @@
+ if (testmsg(msg, msr->r_msgtype, msr->r_mode) &&
+ !security_msg_queue_msgrcv(msq, msg, msr->r_tsk,
+ msr->r_msgtype, msr->r_mode)) {
++ /*
++ * Make sure that the wakeup doesnt preempt
++ * this CPU prematurely. (on PREEMPT_RT)
++ */
++ preempt_disable_rt();
+
+ list_del(&msr->r_list);
+ if (msr->r_maxsize < msg->m_ts) {
+@@ -595,12 +608,13 @@
+ */
+ smp_mb();
+ msr->r_msg = msg;
++ preempt_enable_rt();
+
+ return 1;
+ }
++ preempt_enable_rt();
+ }
+ }
+-
+ return 0;
+ }
+
+diff -Nur linux-3.18.9.orig/ipc/sem.c linux-3.18.9/ipc/sem.c
+--- linux-3.18.9.orig/ipc/sem.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/ipc/sem.c 2015-03-15 16:03:03.828094874 -0500
+@@ -673,6 +673,13 @@
+ static void wake_up_sem_queue_prepare(struct list_head *pt,
+ struct sem_queue *q, int error)
+ {
++#ifdef CONFIG_PREEMPT_RT_BASE
++ struct task_struct *p = q->sleeper;
++ get_task_struct(p);
++ q->status = error;
++ wake_up_process(p);
++ put_task_struct(p);
++#else
+ if (list_empty(pt)) {
+ /*
+ * Hold preempt off so that we don't get preempted and have the
+@@ -684,6 +691,7 @@
+ q->pid = error;
+
+ list_add_tail(&q->list, pt);
++#endif
+ }
+
+ /**
+@@ -697,6 +705,7 @@
+ */
+ static void wake_up_sem_queue_do(struct list_head *pt)
+ {
++#ifndef CONFIG_PREEMPT_RT_BASE
+ struct sem_queue *q, *t;
+ int did_something;
+
+@@ -709,6 +718,7 @@
+ }
+ if (did_something)
+ preempt_enable();
++#endif
+ }
+
+ static void unlink_queue(struct sem_array *sma, struct sem_queue *q)
+diff -Nur linux-3.18.9.orig/kernel/cgroup.c linux-3.18.9/kernel/cgroup.c
+--- linux-3.18.9.orig/kernel/cgroup.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/cgroup.c 2015-03-15 16:03:03.828094874 -0500
+@@ -4355,10 +4355,10 @@
+ queue_work(cgroup_destroy_wq, &css->destroy_work);
+ }
+
+-static void css_release_work_fn(struct work_struct *work)
++static void css_release_work_fn(struct swork_event *sev)
+ {
+ struct cgroup_subsys_state *css =
+- container_of(work, struct cgroup_subsys_state, destroy_work);
++ container_of(sev, struct cgroup_subsys_state, destroy_swork);
+ struct cgroup_subsys *ss = css->ss;
+ struct cgroup *cgrp = css->cgroup;
+
+@@ -4395,8 +4395,8 @@
+ struct cgroup_subsys_state *css =
+ container_of(ref, struct cgroup_subsys_state, refcnt);
+
+- INIT_WORK(&css->destroy_work, css_release_work_fn);
+- queue_work(cgroup_destroy_wq, &css->destroy_work);
++ INIT_SWORK(&css->destroy_swork, css_release_work_fn);
++ swork_queue(&css->destroy_swork);
+ }
+
+ static void init_and_link_css(struct cgroup_subsys_state *css,
+@@ -4997,6 +4997,7 @@
+ */
+ cgroup_destroy_wq = alloc_workqueue("cgroup_destroy", 0, 1);
+ BUG_ON(!cgroup_destroy_wq);
++ BUG_ON(swork_get());
+
+ /*
+ * Used to destroy pidlists and separate to serve as flush domain.
+diff -Nur linux-3.18.9.orig/kernel/cpu.c linux-3.18.9/kernel/cpu.c
+--- linux-3.18.9.orig/kernel/cpu.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/cpu.c 2015-03-15 16:03:03.828094874 -0500
+@@ -86,6 +86,290 @@
+ #define cpuhp_lock_acquire() lock_map_acquire(&cpu_hotplug.dep_map)
+ #define cpuhp_lock_release() lock_map_release(&cpu_hotplug.dep_map)
+
++/**
++ * hotplug_pcp - per cpu hotplug descriptor
++ * @unplug: set when pin_current_cpu() needs to sync tasks
++ * @sync_tsk: the task that waits for tasks to finish pinned sections
++ * @refcount: counter of tasks in pinned sections
++ * @grab_lock: set when the tasks entering pinned sections should wait
++ * @synced: notifier for @sync_tsk to tell cpu_down it's finished
++ * @mutex: the mutex to make tasks wait (used when @grab_lock is true)
++ * @mutex_init: zero if the mutex hasn't been initialized yet.
++ *
++ * Although @unplug and @sync_tsk may point to the same task, the @unplug
++ * is used as a flag and still exists after @sync_tsk has exited and
++ * @sync_tsk set to NULL.
++ */
++struct hotplug_pcp {
++ struct task_struct *unplug;
++ struct task_struct *sync_tsk;
++ int refcount;
++ int grab_lock;
++ struct completion synced;
++ struct completion unplug_wait;
++#ifdef CONFIG_PREEMPT_RT_FULL
++ /*
++ * Note, on PREEMPT_RT, the hotplug lock must save the state of
++ * the task, otherwise the mutex will cause the task to fail
++ * to sleep when required. (Because it's called from migrate_disable())
++ *
++ * The spinlock_t on PREEMPT_RT is a mutex that saves the task's
++ * state.
++ */
++ spinlock_t lock;
++#else
++ struct mutex mutex;
++#endif
++ int mutex_init;
++};
++
++#ifdef CONFIG_PREEMPT_RT_FULL
++# define hotplug_lock(hp) rt_spin_lock(&(hp)->lock)
++# define hotplug_unlock(hp) rt_spin_unlock(&(hp)->lock)
++#else
++# define hotplug_lock(hp) mutex_lock(&(hp)->mutex)
++# define hotplug_unlock(hp) mutex_unlock(&(hp)->mutex)
++#endif
++
++static DEFINE_PER_CPU(struct hotplug_pcp, hotplug_pcp);
++
++/**
++ * pin_current_cpu - Prevent the current cpu from being unplugged
++ *
++ * Lightweight version of get_online_cpus() to prevent cpu from being
++ * unplugged when code runs in a migration disabled region.
++ *
++ * Must be called with preemption disabled (preempt_count = 1)!
++ */
++void pin_current_cpu(void)
++{
++ struct hotplug_pcp *hp;
++ int force = 0;
++
++retry:
++ hp = &__get_cpu_var(hotplug_pcp);
++
++ if (!hp->unplug || hp->refcount || force || preempt_count() > 1 ||
++ hp->unplug == current) {
++ hp->refcount++;
++ return;
++ }
++ if (hp->grab_lock) {
++ preempt_enable();
++ hotplug_lock(hp);
++ hotplug_unlock(hp);
++ } else {
++ preempt_enable();
++ /*
++ * Try to push this task off of this CPU.
++ */
++ if (!migrate_me()) {
++ preempt_disable();
++ hp = &__get_cpu_var(hotplug_pcp);
++ if (!hp->grab_lock) {
++ /*
++ * Just let it continue it's already pinned
++ * or about to sleep.
++ */
++ force = 1;
++ goto retry;
++ }
++ preempt_enable();
++ }
++ }
++ preempt_disable();
++ goto retry;
++}
++
++/**
++ * unpin_current_cpu - Allow unplug of current cpu
++ *
++ * Must be called with preemption or interrupts disabled!
++ */
++void unpin_current_cpu(void)
++{
++ struct hotplug_pcp *hp = &__get_cpu_var(hotplug_pcp);
++
++ WARN_ON(hp->refcount <= 0);
++
++ /* This is safe. sync_unplug_thread is pinned to this cpu */
++ if (!--hp->refcount && hp->unplug && hp->unplug != current)
++ wake_up_process(hp->unplug);
++}
++
++static void wait_for_pinned_cpus(struct hotplug_pcp *hp)
++{
++ set_current_state(TASK_UNINTERRUPTIBLE);
++ while (hp->refcount) {
++ schedule_preempt_disabled();
++ set_current_state(TASK_UNINTERRUPTIBLE);
++ }
++}
++
++static int sync_unplug_thread(void *data)
++{
++ struct hotplug_pcp *hp = data;
++
++ wait_for_completion(&hp->unplug_wait);
++ preempt_disable();
++ hp->unplug = current;
++ wait_for_pinned_cpus(hp);
++
++ /*
++ * This thread will synchronize the cpu_down() with threads
++ * that have pinned the CPU. When the pinned CPU count reaches
++ * zero, we inform the cpu_down code to continue to the next step.
++ */
++ set_current_state(TASK_UNINTERRUPTIBLE);
++ preempt_enable();
++ complete(&hp->synced);
++
++ /*
++ * If all succeeds, the next step will need tasks to wait till
++ * the CPU is offline before continuing. To do this, the grab_lock
++ * is set and tasks going into pin_current_cpu() will block on the
++ * mutex. But we still need to wait for those that are already in
++ * pinned CPU sections. If the cpu_down() failed, the kthread_should_stop()
++ * will kick this thread out.
++ */
++ while (!hp->grab_lock && !kthread_should_stop()) {
++ schedule();
++ set_current_state(TASK_UNINTERRUPTIBLE);
++ }
++
++ /* Make sure grab_lock is seen before we see a stale completion */
++ smp_mb();
++
++ /*
++ * Now just before cpu_down() enters stop machine, we need to make
++ * sure all tasks that are in pinned CPU sections are out, and new
++ * tasks will now grab the lock, keeping them from entering pinned
++ * CPU sections.
++ */
++ if (!kthread_should_stop()) {
++ preempt_disable();
++ wait_for_pinned_cpus(hp);
++ preempt_enable();
++ complete(&hp->synced);
++ }
++
++ set_current_state(TASK_UNINTERRUPTIBLE);
++ while (!kthread_should_stop()) {
++ schedule();
++ set_current_state(TASK_UNINTERRUPTIBLE);
++ }
++ set_current_state(TASK_RUNNING);
++
++ /*
++ * Force this thread off this CPU as it's going down and
++ * we don't want any more work on this CPU.
++ */
++ current->flags &= ~PF_NO_SETAFFINITY;
++ do_set_cpus_allowed(current, cpu_present_mask);
++ migrate_me();
++ return 0;
++}
++
++static void __cpu_unplug_sync(struct hotplug_pcp *hp)
++{
++ wake_up_process(hp->sync_tsk);
++ wait_for_completion(&hp->synced);
++}
++
++static void __cpu_unplug_wait(unsigned int cpu)
++{
++ struct hotplug_pcp *hp = &per_cpu(hotplug_pcp, cpu);
++
++ complete(&hp->unplug_wait);
++ wait_for_completion(&hp->synced);
++}
++
++/*
++ * Start the sync_unplug_thread on the target cpu and wait for it to
++ * complete.
++ */
++static int cpu_unplug_begin(unsigned int cpu)
++{
++ struct hotplug_pcp *hp = &per_cpu(hotplug_pcp, cpu);
++ int err;
++
++ /* Protected by cpu_hotplug.lock */
++ if (!hp->mutex_init) {
++#ifdef CONFIG_PREEMPT_RT_FULL
++ spin_lock_init(&hp->lock);
++#else
++ mutex_init(&hp->mutex);
++#endif
++ hp->mutex_init = 1;
++ }
++
++ /* Inform the scheduler to migrate tasks off this CPU */
++ tell_sched_cpu_down_begin(cpu);
++
++ init_completion(&hp->synced);
++ init_completion(&hp->unplug_wait);
++
++ hp->sync_tsk = kthread_create(sync_unplug_thread, hp, "sync_unplug/%d", cpu);
++ if (IS_ERR(hp->sync_tsk)) {
++ err = PTR_ERR(hp->sync_tsk);
++ hp->sync_tsk = NULL;
++ return err;
++ }
++ kthread_bind(hp->sync_tsk, cpu);
++
++ /*
++ * Wait for tasks to get out of the pinned sections,
++ * it's still OK if new tasks enter. Some CPU notifiers will
++ * wait for tasks that are going to enter these sections and
++ * we must not have them block.
++ */
++ wake_up_process(hp->sync_tsk);
++ return 0;
++}
++
++static void cpu_unplug_sync(unsigned int cpu)
++{
++ struct hotplug_pcp *hp = &per_cpu(hotplug_pcp, cpu);
++
++ init_completion(&hp->synced);
++ /* The completion needs to be initialzied before setting grab_lock */
++ smp_wmb();
++
++ /* Grab the mutex before setting grab_lock */
++ hotplug_lock(hp);
++ hp->grab_lock = 1;
++
++ /*
++ * The CPU notifiers have been completed.
++ * Wait for tasks to get out of pinned CPU sections and have new
++ * tasks block until the CPU is completely down.
++ */
++ __cpu_unplug_sync(hp);
++
++ /* All done with the sync thread */
++ kthread_stop(hp->sync_tsk);
++ hp->sync_tsk = NULL;
++}
++
++static void cpu_unplug_done(unsigned int cpu)
++{
++ struct hotplug_pcp *hp = &per_cpu(hotplug_pcp, cpu);
++
++ hp->unplug = NULL;
++ /* Let all tasks know cpu unplug is finished before cleaning up */
++ smp_wmb();
++
++ if (hp->sync_tsk)
++ kthread_stop(hp->sync_tsk);
++
++ if (hp->grab_lock) {
++ hotplug_unlock(hp);
++ /* protected by cpu_hotplug.lock */
++ hp->grab_lock = 0;
++ }
++ tell_sched_cpu_down_done(cpu);
++}
++
+ void get_online_cpus(void)
+ {
+ might_sleep();
+@@ -102,6 +386,7 @@
+ {
+ if (cpu_hotplug.active_writer == current)
+ return true;
++
+ if (!mutex_trylock(&cpu_hotplug.lock))
+ return false;
+ cpuhp_lock_acquire_tryread();
+@@ -349,13 +634,15 @@
+ /* Requires cpu_add_remove_lock to be held */
+ static int __ref _cpu_down(unsigned int cpu, int tasks_frozen)
+ {
+- int err, nr_calls = 0;
++ int mycpu, err, nr_calls = 0;
+ void *hcpu = (void *)(long)cpu;
+ unsigned long mod = tasks_frozen ? CPU_TASKS_FROZEN : 0;
+ struct take_cpu_down_param tcd_param = {
+ .mod = mod,
+ .hcpu = hcpu,
+ };
++ cpumask_var_t cpumask;
++ cpumask_var_t cpumask_org;
+
+ if (num_online_cpus() == 1)
+ return -EBUSY;
+@@ -363,7 +650,34 @@
+ if (!cpu_online(cpu))
+ return -EINVAL;
+
++ /* Move the downtaker off the unplug cpu */
++ if (!alloc_cpumask_var(&cpumask, GFP_KERNEL))
++ return -ENOMEM;
++ if (!alloc_cpumask_var(&cpumask_org, GFP_KERNEL)) {
++ free_cpumask_var(cpumask);
++ return -ENOMEM;
++ }
++
++ cpumask_copy(cpumask_org, tsk_cpus_allowed(current));
++ cpumask_andnot(cpumask, cpu_online_mask, cpumask_of(cpu));
++ set_cpus_allowed_ptr(current, cpumask);
++ free_cpumask_var(cpumask);
++ migrate_disable();
++ mycpu = smp_processor_id();
++ if (mycpu == cpu) {
++ printk(KERN_ERR "Yuck! Still on unplug CPU\n!");
++ migrate_enable();
++ err = -EBUSY;
++ goto restore_cpus;
++ }
++ migrate_enable();
++
+ cpu_hotplug_begin();
++ err = cpu_unplug_begin(cpu);
++ if (err) {
++ printk("cpu_unplug_begin(%d) failed\n", cpu);
++ goto out_cancel;
++ }
+
+ err = __cpu_notify(CPU_DOWN_PREPARE | mod, hcpu, -1, &nr_calls);
+ if (err) {
+@@ -389,8 +703,12 @@
+ #endif
+ synchronize_rcu();
+
++ __cpu_unplug_wait(cpu);
+ smpboot_park_threads(cpu);
+
++ /* Notifiers are done. Don't let any more tasks pin this CPU. */
++ cpu_unplug_sync(cpu);
++
+ /*
+ * So now all preempt/rcu users must observe !cpu_active().
+ */
+@@ -423,9 +741,14 @@
+ check_for_tasks(cpu);
+
+ out_release:
++ cpu_unplug_done(cpu);
++out_cancel:
+ cpu_hotplug_done();
+ if (!err)
+ cpu_notify_nofail(CPU_POST_DEAD | mod, hcpu);
++restore_cpus:
++ set_cpus_allowed_ptr(current, cpumask_org);
++ free_cpumask_var(cpumask_org);
+ return err;
+ }
+
+diff -Nur linux-3.18.9.orig/kernel/debug/kdb/kdb_io.c linux-3.18.9/kernel/debug/kdb/kdb_io.c
+--- linux-3.18.9.orig/kernel/debug/kdb/kdb_io.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/debug/kdb/kdb_io.c 2015-03-15 16:03:03.828094874 -0500
+@@ -554,7 +554,6 @@
+ int linecount;
+ int colcount;
+ int logging, saved_loglevel = 0;
+- int saved_trap_printk;
+ int got_printf_lock = 0;
+ int retlen = 0;
+ int fnd, len;
+@@ -565,8 +564,6 @@
+ unsigned long uninitialized_var(flags);
+
+ preempt_disable();
+- saved_trap_printk = kdb_trap_printk;
+- kdb_trap_printk = 0;
+
+ /* Serialize kdb_printf if multiple cpus try to write at once.
+ * But if any cpu goes recursive in kdb, just print the output,
+@@ -833,7 +830,6 @@
+ } else {
+ __release(kdb_printf_lock);
+ }
+- kdb_trap_printk = saved_trap_printk;
+ preempt_enable();
+ return retlen;
+ }
+@@ -843,9 +839,11 @@
+ va_list ap;
+ int r;
+
++ kdb_trap_printk++;
+ va_start(ap, fmt);
+ r = vkdb_printf(fmt, ap);
+ va_end(ap);
++ kdb_trap_printk--;
+
+ return r;
+ }
+diff -Nur linux-3.18.9.orig/kernel/events/core.c linux-3.18.9/kernel/events/core.c
+--- linux-3.18.9.orig/kernel/events/core.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/events/core.c 2015-03-15 16:03:03.832094874 -0500
+@@ -6336,6 +6336,7 @@
+
+ hrtimer_init(&hwc->hrtimer, CLOCK_MONOTONIC, HRTIMER_MODE_REL);
+ hwc->hrtimer.function = perf_swevent_hrtimer;
++ hwc->hrtimer.irqsafe = 1;
+
+ /*
+ * Since hrtimers have a fixed rate, we can do a static freq->period
+diff -Nur linux-3.18.9.orig/kernel/exit.c linux-3.18.9/kernel/exit.c
+--- linux-3.18.9.orig/kernel/exit.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/exit.c 2015-03-15 16:03:03.832094874 -0500
+@@ -147,7 +147,7 @@
+ * Do this under ->siglock, we can race with another thread
+ * doing sigqueue_free() if we have SIGQUEUE_PREALLOC signals.
+ */
+- flush_sigqueue(&tsk->pending);
++ flush_task_sigqueue(tsk);
+ tsk->sighand = NULL;
+ spin_unlock(&sighand->siglock);
+
+diff -Nur linux-3.18.9.orig/kernel/fork.c linux-3.18.9/kernel/fork.c
+--- linux-3.18.9.orig/kernel/fork.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/fork.c 2015-03-15 16:03:03.832094874 -0500
+@@ -97,7 +97,7 @@
+
+ DEFINE_PER_CPU(unsigned long, process_counts) = 0;
+
+-__cacheline_aligned DEFINE_RWLOCK(tasklist_lock); /* outer */
++DEFINE_RWLOCK(tasklist_lock); /* outer */
+
+ #ifdef CONFIG_PROVE_RCU
+ int lockdep_tasklist_lock_is_held(void)
+@@ -233,7 +233,9 @@
+ if (atomic_dec_and_test(&sig->sigcnt))
+ free_signal_struct(sig);
+ }
+-
++#ifdef CONFIG_PREEMPT_RT_BASE
++static
++#endif
+ void __put_task_struct(struct task_struct *tsk)
+ {
+ WARN_ON(!tsk->exit_state);
+@@ -249,7 +251,18 @@
+ if (!profile_handoff_task(tsk))
+ free_task(tsk);
+ }
++#ifndef CONFIG_PREEMPT_RT_BASE
+ EXPORT_SYMBOL_GPL(__put_task_struct);
++#else
++void __put_task_struct_cb(struct rcu_head *rhp)
++{
++ struct task_struct *tsk = container_of(rhp, struct task_struct, put_rcu);
++
++ __put_task_struct(tsk);
++
++}
++EXPORT_SYMBOL_GPL(__put_task_struct_cb);
++#endif
+
+ void __init __weak arch_task_cache_init(void) { }
+
+@@ -643,6 +656,19 @@
+ }
+ EXPORT_SYMBOL_GPL(__mmdrop);
+
++#ifdef CONFIG_PREEMPT_RT_BASE
++/*
++ * RCU callback for delayed mm drop. Not strictly rcu, but we don't
++ * want another facility to make this work.
++ */
++void __mmdrop_delayed(struct rcu_head *rhp)
++{
++ struct mm_struct *mm = container_of(rhp, struct mm_struct, delayed_drop);
++
++ __mmdrop(mm);
++}
++#endif
++
+ /*
+ * Decrement the use count and release all resources for an mm.
+ */
+@@ -1157,6 +1183,9 @@
+ */
+ static void posix_cpu_timers_init(struct task_struct *tsk)
+ {
++#ifdef CONFIG_PREEMPT_RT_BASE
++ tsk->posix_timer_list = NULL;
++#endif
+ tsk->cputime_expires.prof_exp = 0;
+ tsk->cputime_expires.virt_exp = 0;
+ tsk->cputime_expires.sched_exp = 0;
+@@ -1284,6 +1313,7 @@
+ spin_lock_init(&p->alloc_lock);
+
+ init_sigpending(&p->pending);
++ p->sigqueue_cache = NULL;
+
+ p->utime = p->stime = p->gtime = 0;
+ p->utimescaled = p->stimescaled = 0;
+@@ -1291,7 +1321,8 @@
+ p->prev_cputime.utime = p->prev_cputime.stime = 0;
+ #endif
+ #ifdef CONFIG_VIRT_CPU_ACCOUNTING_GEN
+- seqlock_init(&p->vtime_seqlock);
++ raw_spin_lock_init(&p->vtime_lock);
++ seqcount_init(&p->vtime_seq);
+ p->vtime_snap = 0;
+ p->vtime_snap_whence = VTIME_SLEEPING;
+ #endif
+@@ -1342,6 +1373,9 @@
+ p->hardirq_context = 0;
+ p->softirq_context = 0;
+ #endif
++#ifdef CONFIG_PREEMPT_RT_FULL
++ p->pagefault_disabled = 0;
++#endif
+ #ifdef CONFIG_LOCKDEP
+ p->lockdep_depth = 0; /* no locks held yet */
+ p->curr_chain_key = 0;
+diff -Nur linux-3.18.9.orig/kernel/futex.c linux-3.18.9/kernel/futex.c
+--- linux-3.18.9.orig/kernel/futex.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/futex.c 2015-03-15 16:03:03.832094874 -0500
+@@ -738,7 +738,9 @@
+ * task still owns the PI-state:
+ */
+ if (head->next != next) {
++ raw_spin_unlock_irq(&curr->pi_lock);
+ spin_unlock(&hb->lock);
++ raw_spin_lock_irq(&curr->pi_lock);
+ continue;
+ }
+
+@@ -1705,6 +1707,16 @@
+ requeue_pi_wake_futex(this, &key2, hb2);
+ drop_count++;
+ continue;
++ } else if (ret == -EAGAIN) {
++ /*
++ * Waiter was woken by timeout or
++ * signal and has set pi_blocked_on to
++ * PI_WAKEUP_INPROGRESS before we
++ * tried to enqueue it on the rtmutex.
++ */
++ this->pi_state = NULL;
++ free_pi_state(pi_state);
++ continue;
+ } else if (ret) {
+ /* -EDEADLK */
+ this->pi_state = NULL;
+@@ -2549,7 +2561,7 @@
+ struct hrtimer_sleeper timeout, *to = NULL;
+ struct rt_mutex_waiter rt_waiter;
+ struct rt_mutex *pi_mutex = NULL;
+- struct futex_hash_bucket *hb;
++ struct futex_hash_bucket *hb, *hb2;
+ union futex_key key2 = FUTEX_KEY_INIT;
+ struct futex_q q = futex_q_init;
+ int res, ret;
+@@ -2574,10 +2586,7 @@
+ * The waiter is allocated on our stack, manipulated by the requeue
+ * code while we sleep on uaddr.
+ */
+- debug_rt_mutex_init_waiter(&rt_waiter);
+- RB_CLEAR_NODE(&rt_waiter.pi_tree_entry);
+- RB_CLEAR_NODE(&rt_waiter.tree_entry);
+- rt_waiter.task = NULL;
++ rt_mutex_init_waiter(&rt_waiter, false);
+
+ ret = get_futex_key(uaddr2, flags & FLAGS_SHARED, &key2, VERIFY_WRITE);
+ if (unlikely(ret != 0))
+@@ -2608,20 +2617,55 @@
+ /* Queue the futex_q, drop the hb lock, wait for wakeup. */
+ futex_wait_queue_me(hb, &q, to);
+
+- spin_lock(&hb->lock);
+- ret = handle_early_requeue_pi_wakeup(hb, &q, &key2, to);
+- spin_unlock(&hb->lock);
+- if (ret)
+- goto out_put_keys;
++ /*
++ * On RT we must avoid races with requeue and trying to block
++ * on two mutexes (hb->lock and uaddr2's rtmutex) by
++ * serializing access to pi_blocked_on with pi_lock.
++ */
++ raw_spin_lock_irq(&current->pi_lock);
++ if (current->pi_blocked_on) {
++ /*
++ * We have been requeued or are in the process of
++ * being requeued.
++ */
++ raw_spin_unlock_irq(&current->pi_lock);
++ } else {
++ /*
++ * Setting pi_blocked_on to PI_WAKEUP_INPROGRESS
++ * prevents a concurrent requeue from moving us to the
++ * uaddr2 rtmutex. After that we can safely acquire
++ * (and possibly block on) hb->lock.
++ */
++ current->pi_blocked_on = PI_WAKEUP_INPROGRESS;
++ raw_spin_unlock_irq(&current->pi_lock);
++
++ spin_lock(&hb->lock);
++
++ /*
++ * Clean up pi_blocked_on. We might leak it otherwise
++ * when we succeeded with the hb->lock in the fast
++ * path.
++ */
++ raw_spin_lock_irq(&current->pi_lock);
++ current->pi_blocked_on = NULL;
++ raw_spin_unlock_irq(&current->pi_lock);
++
++ ret = handle_early_requeue_pi_wakeup(hb, &q, &key2, to);
++ spin_unlock(&hb->lock);
++ if (ret)
++ goto out_put_keys;
++ }
+
+ /*
+- * In order for us to be here, we know our q.key == key2, and since
+- * we took the hb->lock above, we also know that futex_requeue() has
+- * completed and we no longer have to concern ourselves with a wakeup
+- * race with the atomic proxy lock acquisition by the requeue code. The
+- * futex_requeue dropped our key1 reference and incremented our key2
+- * reference count.
++ * In order to be here, we have either been requeued, are in
++ * the process of being requeued, or requeue successfully
++ * acquired uaddr2 on our behalf. If pi_blocked_on was
++ * non-null above, we may be racing with a requeue. Do not
++ * rely on q->lock_ptr to be hb2->lock until after blocking on
++ * hb->lock or hb2->lock. The futex_requeue dropped our key1
++ * reference and incremented our key2 reference count.
+ */
++ hb2 = hash_futex(&key2);
+
+ /* Check if the requeue code acquired the second futex for us. */
+ if (!q.rt_waiter) {
+@@ -2630,9 +2674,10 @@
+ * did a lock-steal - fix up the PI-state in that case.
+ */
+ if (q.pi_state && (q.pi_state->owner != current)) {
+- spin_lock(q.lock_ptr);
++ spin_lock(&hb2->lock);
++ BUG_ON(&hb2->lock != q.lock_ptr);
+ ret = fixup_pi_state_owner(uaddr2, &q, current);
+- spin_unlock(q.lock_ptr);
++ spin_unlock(&hb2->lock);
+ }
+ } else {
+ /*
+@@ -2645,7 +2690,8 @@
+ ret = rt_mutex_finish_proxy_lock(pi_mutex, to, &rt_waiter);
+ debug_rt_mutex_free_waiter(&rt_waiter);
+
+- spin_lock(q.lock_ptr);
++ spin_lock(&hb2->lock);
++ BUG_ON(&hb2->lock != q.lock_ptr);
+ /*
+ * Fixup the pi_state owner and possibly acquire the lock if we
+ * haven't already.
+diff -Nur linux-3.18.9.orig/kernel/irq/handle.c linux-3.18.9/kernel/irq/handle.c
+--- linux-3.18.9.orig/kernel/irq/handle.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/irq/handle.c 2015-03-15 16:03:03.832094874 -0500
+@@ -133,6 +133,8 @@
+ irqreturn_t
+ handle_irq_event_percpu(struct irq_desc *desc, struct irqaction *action)
+ {
++ struct pt_regs *regs = get_irq_regs();
++ u64 ip = regs ? instruction_pointer(regs) : 0;
+ irqreturn_t retval = IRQ_NONE;
+ unsigned int flags = 0, irq = desc->irq_data.irq;
+
+@@ -173,7 +175,11 @@
+ action = action->next;
+ } while (action);
+
+- add_interrupt_randomness(irq, flags);
++#ifndef CONFIG_PREEMPT_RT_FULL
++ add_interrupt_randomness(irq, flags, ip);
++#else
++ desc->random_ip = ip;
++#endif
+
+ if (!noirqdebug)
+ note_interrupt(irq, desc, retval);
+diff -Nur linux-3.18.9.orig/kernel/irq/manage.c linux-3.18.9/kernel/irq/manage.c
+--- linux-3.18.9.orig/kernel/irq/manage.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/irq/manage.c 2015-03-15 16:03:03.832094874 -0500
+@@ -22,6 +22,7 @@
+ #include "internals.h"
+
+ #ifdef CONFIG_IRQ_FORCED_THREADING
++# ifndef CONFIG_PREEMPT_RT_BASE
+ __read_mostly bool force_irqthreads;
+
+ static int __init setup_forced_irqthreads(char *arg)
+@@ -30,6 +31,7 @@
+ return 0;
+ }
+ early_param("threadirqs", setup_forced_irqthreads);
++# endif
+ #endif
+
+ static void __synchronize_hardirq(struct irq_desc *desc)
+@@ -173,6 +175,62 @@
+ irq_get_pending(struct cpumask *mask, struct irq_desc *desc) { }
+ #endif
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++static void _irq_affinity_notify(struct irq_affinity_notify *notify);
++static struct task_struct *set_affinity_helper;
++static LIST_HEAD(affinity_list);
++static DEFINE_RAW_SPINLOCK(affinity_list_lock);
++
++static int set_affinity_thread(void *unused)
++{
++ while (1) {
++ struct irq_affinity_notify *notify;
++ int empty;
++
++ set_current_state(TASK_INTERRUPTIBLE);
++
++ raw_spin_lock_irq(&affinity_list_lock);
++ empty = list_empty(&affinity_list);
++ raw_spin_unlock_irq(&affinity_list_lock);
++
++ if (empty)
++ schedule();
++ if (kthread_should_stop())
++ break;
++ set_current_state(TASK_RUNNING);
++try_next:
++ notify = NULL;
++
++ raw_spin_lock_irq(&affinity_list_lock);
++ if (!list_empty(&affinity_list)) {
++ notify = list_first_entry(&affinity_list,
++ struct irq_affinity_notify, list);
++ list_del_init(&notify->list);
++ }
++ raw_spin_unlock_irq(&affinity_list_lock);
++
++ if (!notify)
++ continue;
++ _irq_affinity_notify(notify);
++ goto try_next;
++ }
++ return 0;
++}
++
++static void init_helper_thread(void)
++{
++ if (set_affinity_helper)
++ return;
++ set_affinity_helper = kthread_run(set_affinity_thread, NULL,
++ "affinity-cb");
++ WARN_ON(IS_ERR(set_affinity_helper));
++}
++#else
++
++static inline void init_helper_thread(void) { }
++
++#endif
++
+ int irq_do_set_affinity(struct irq_data *data, const struct cpumask *mask,
+ bool force)
+ {
+@@ -211,7 +269,17 @@
+
+ if (desc->affinity_notify) {
+ kref_get(&desc->affinity_notify->kref);
++
++#ifdef CONFIG_PREEMPT_RT_FULL
++ raw_spin_lock(&affinity_list_lock);
++ if (list_empty(&desc->affinity_notify->list))
++ list_add_tail(&affinity_list,
++ &desc->affinity_notify->list);
++ raw_spin_unlock(&affinity_list_lock);
++ wake_up_process(set_affinity_helper);
++#else
+ schedule_work(&desc->affinity_notify->work);
++#endif
+ }
+ irqd_set(data, IRQD_AFFINITY_SET);
+
+@@ -246,10 +314,8 @@
+ }
+ EXPORT_SYMBOL_GPL(irq_set_affinity_hint);
+
+-static void irq_affinity_notify(struct work_struct *work)
++static void _irq_affinity_notify(struct irq_affinity_notify *notify)
+ {
+- struct irq_affinity_notify *notify =
+- container_of(work, struct irq_affinity_notify, work);
+ struct irq_desc *desc = irq_to_desc(notify->irq);
+ cpumask_var_t cpumask;
+ unsigned long flags;
+@@ -271,6 +337,13 @@
+ kref_put(&notify->kref, notify->release);
+ }
+
++static void irq_affinity_notify(struct work_struct *work)
++{
++ struct irq_affinity_notify *notify =
++ container_of(work, struct irq_affinity_notify, work);
++ _irq_affinity_notify(notify);
++}
++
+ /**
+ * irq_set_affinity_notifier - control notification of IRQ affinity changes
+ * @irq: Interrupt for which to enable/disable notification
+@@ -300,6 +373,8 @@
+ notify->irq = irq;
+ kref_init(&notify->kref);
+ INIT_WORK(&notify->work, irq_affinity_notify);
++ INIT_LIST_HEAD(&notify->list);
++ init_helper_thread();
+ }
+
+ raw_spin_lock_irqsave(&desc->lock, flags);
+@@ -788,7 +863,15 @@
+ local_bh_disable();
+ ret = action->thread_fn(action->irq, action->dev_id);
+ irq_finalize_oneshot(desc, action);
+- local_bh_enable();
++ /*
++ * Interrupts which have real time requirements can be set up
++ * to avoid softirq processing in the thread handler. This is
++ * safe as these interrupts do not raise soft interrupts.
++ */
++ if (irq_settings_no_softirq_call(desc))
++ _local_bh_enable();
++ else
++ local_bh_enable();
+ return ret;
+ }
+
+@@ -871,6 +954,12 @@
+ if (action_ret == IRQ_HANDLED)
+ atomic_inc(&desc->threads_handled);
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++ migrate_disable();
++ add_interrupt_randomness(action->irq, 0,
++ desc->random_ip ^ (unsigned long) action);
++ migrate_enable();
++#endif
+ wake_threads_waitq(desc);
+ }
+
+@@ -1184,6 +1273,9 @@
+ irqd_set(&desc->irq_data, IRQD_NO_BALANCING);
+ }
+
++ if (new->flags & IRQF_NO_SOFTIRQ_CALL)
++ irq_settings_set_no_softirq_call(desc);
++
+ /* Set default affinity mask once everything is setup */
+ setup_affinity(irq, desc, mask);
+
+diff -Nur linux-3.18.9.orig/kernel/irq/settings.h linux-3.18.9/kernel/irq/settings.h
+--- linux-3.18.9.orig/kernel/irq/settings.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/irq/settings.h 2015-03-15 16:03:03.836094874 -0500
+@@ -15,6 +15,7 @@
+ _IRQ_NESTED_THREAD = IRQ_NESTED_THREAD,
+ _IRQ_PER_CPU_DEVID = IRQ_PER_CPU_DEVID,
+ _IRQ_IS_POLLED = IRQ_IS_POLLED,
++ _IRQ_NO_SOFTIRQ_CALL = IRQ_NO_SOFTIRQ_CALL,
+ _IRQF_MODIFY_MASK = IRQF_MODIFY_MASK,
+ };
+
+@@ -28,6 +29,7 @@
+ #define IRQ_NESTED_THREAD GOT_YOU_MORON
+ #define IRQ_PER_CPU_DEVID GOT_YOU_MORON
+ #define IRQ_IS_POLLED GOT_YOU_MORON
++#define IRQ_NO_SOFTIRQ_CALL GOT_YOU_MORON
+ #undef IRQF_MODIFY_MASK
+ #define IRQF_MODIFY_MASK GOT_YOU_MORON
+
+@@ -38,6 +40,16 @@
+ desc->status_use_accessors |= (set & _IRQF_MODIFY_MASK);
+ }
+
++static inline bool irq_settings_no_softirq_call(struct irq_desc *desc)
++{
++ return desc->status_use_accessors & _IRQ_NO_SOFTIRQ_CALL;
++}
++
++static inline void irq_settings_set_no_softirq_call(struct irq_desc *desc)
++{
++ desc->status_use_accessors |= _IRQ_NO_SOFTIRQ_CALL;
++}
++
+ static inline bool irq_settings_is_per_cpu(struct irq_desc *desc)
+ {
+ return desc->status_use_accessors & _IRQ_PER_CPU;
+diff -Nur linux-3.18.9.orig/kernel/irq/spurious.c linux-3.18.9/kernel/irq/spurious.c
+--- linux-3.18.9.orig/kernel/irq/spurious.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/irq/spurious.c 2015-03-15 16:03:03.836094874 -0500
+@@ -444,6 +444,10 @@
+
+ static int __init irqfixup_setup(char *str)
+ {
++#ifdef CONFIG_PREEMPT_RT_BASE
++ pr_warn("irqfixup boot option not supported w/ CONFIG_PREEMPT_RT_BASE\n");
++ return 1;
++#endif
+ irqfixup = 1;
+ printk(KERN_WARNING "Misrouted IRQ fixup support enabled.\n");
+ printk(KERN_WARNING "This may impact system performance.\n");
+@@ -456,6 +460,10 @@
+
+ static int __init irqpoll_setup(char *str)
+ {
++#ifdef CONFIG_PREEMPT_RT_BASE
++ pr_warn("irqpoll boot option not supported w/ CONFIG_PREEMPT_RT_BASE\n");
++ return 1;
++#endif
+ irqfixup = 2;
+ printk(KERN_WARNING "Misrouted IRQ fixup and polling support "
+ "enabled\n");
+diff -Nur linux-3.18.9.orig/kernel/irq_work.c linux-3.18.9/kernel/irq_work.c
+--- linux-3.18.9.orig/kernel/irq_work.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/irq_work.c 2015-03-15 16:03:03.836094874 -0500
+@@ -22,7 +22,9 @@
+
+ static DEFINE_PER_CPU(struct llist_head, raised_list);
+ static DEFINE_PER_CPU(struct llist_head, lazy_list);
+-
++#ifdef CONFIG_PREEMPT_RT_FULL
++static DEFINE_PER_CPU(struct llist_head, hirq_work_list);
++#endif
+ /*
+ * Claim the entry so that no one else will poke at it.
+ */
+@@ -49,7 +51,11 @@
+ return true;
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++void arch_irq_work_raise(void)
++#else
+ void __weak arch_irq_work_raise(void)
++#endif
+ {
+ /*
+ * Lame architectures will get the timer tick callback
+@@ -93,8 +99,21 @@
+ /* Queue the entry and raise the IPI if needed. */
+ preempt_disable();
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++ if (work->flags & IRQ_WORK_HARD_IRQ) {
++ if (llist_add(&work->llnode, this_cpu_ptr(&hirq_work_list))) {
++ if (work->flags & IRQ_WORK_LAZY) {
++ if (tick_nohz_tick_stopped())
++ arch_irq_work_raise();
++ } else {
++ arch_irq_work_raise();
++ }
++ }
+ /* If the work is "lazy", handle it from next tick if any */
++ } else if (work->flags & IRQ_WORK_LAZY) {
++#else
+ if (work->flags & IRQ_WORK_LAZY) {
++#endif
+ if (llist_add(&work->llnode, this_cpu_ptr(&lazy_list)) &&
+ tick_nohz_tick_stopped())
+ arch_irq_work_raise();
+@@ -116,7 +135,7 @@
+ raised = this_cpu_ptr(&raised_list);
+ lazy = this_cpu_ptr(&lazy_list);
+
+- if (llist_empty(raised) || arch_irq_work_has_interrupt())
++ if (llist_empty(raised))
+ if (llist_empty(lazy))
+ return false;
+
+@@ -132,7 +151,9 @@
+ struct irq_work *work;
+ struct llist_node *llnode;
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ BUG_ON(!irqs_disabled());
++#endif
+
+ if (llist_empty(list))
+ return;
+@@ -168,6 +189,12 @@
+ */
+ void irq_work_run(void)
+ {
++#ifdef CONFIG_PREEMPT_RT_FULL
++ if (in_irq()) {
++ irq_work_run_list(this_cpu_ptr(&hirq_work_list));
++ return;
++ }
++#endif
+ irq_work_run_list(this_cpu_ptr(&raised_list));
+ irq_work_run_list(this_cpu_ptr(&lazy_list));
+ }
+@@ -175,9 +202,16 @@
+
+ void irq_work_tick(void)
+ {
+- struct llist_head *raised = &__get_cpu_var(raised_list);
++ struct llist_head *raised;
+
+- if (!llist_empty(raised) && !arch_irq_work_has_interrupt())
++#ifdef CONFIG_PREEMPT_RT_FULL
++ if (in_irq()) {
++ irq_work_run_list(this_cpu_ptr(&hirq_work_list));
++ return;
++ }
++#endif
++ raised = &__get_cpu_var(raised_list);
++ if (!llist_empty(raised))
+ irq_work_run_list(raised);
+ irq_work_run_list(&__get_cpu_var(lazy_list));
+ }
+diff -Nur linux-3.18.9.orig/kernel/Kconfig.locks linux-3.18.9/kernel/Kconfig.locks
+--- linux-3.18.9.orig/kernel/Kconfig.locks 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/Kconfig.locks 2015-03-15 16:03:03.836094874 -0500
+@@ -225,11 +225,11 @@
+
+ config MUTEX_SPIN_ON_OWNER
+ def_bool y
+- depends on SMP && !DEBUG_MUTEXES && ARCH_SUPPORTS_ATOMIC_RMW
++ depends on SMP && !DEBUG_MUTEXES && ARCH_SUPPORTS_ATOMIC_RMW && !PREEMPT_RT_FULL
+
+ config RWSEM_SPIN_ON_OWNER
+ def_bool y
+- depends on SMP && RWSEM_XCHGADD_ALGORITHM && ARCH_SUPPORTS_ATOMIC_RMW
++ depends on SMP && RWSEM_XCHGADD_ALGORITHM && ARCH_SUPPORTS_ATOMIC_RMW && !PREEMPT_RT_FULL
+
+ config ARCH_USE_QUEUE_RWLOCK
+ bool
+diff -Nur linux-3.18.9.orig/kernel/Kconfig.preempt linux-3.18.9/kernel/Kconfig.preempt
+--- linux-3.18.9.orig/kernel/Kconfig.preempt 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/Kconfig.preempt 2015-03-15 16:03:03.836094874 -0500
+@@ -1,3 +1,16 @@
++config PREEMPT
++ bool
++ select PREEMPT_COUNT
++
++config PREEMPT_RT_BASE
++ bool
++ select PREEMPT
++
++config HAVE_PREEMPT_LAZY
++ bool
++
++config PREEMPT_LAZY
++ def_bool y if HAVE_PREEMPT_LAZY && PREEMPT_RT_FULL
+
+ choice
+ prompt "Preemption Model"
+@@ -33,9 +46,9 @@
+
+ Select this if you are building a kernel for a desktop system.
+
+-config PREEMPT
++config PREEMPT__LL
+ bool "Preemptible Kernel (Low-Latency Desktop)"
+- select PREEMPT_COUNT
++ select PREEMPT
+ select UNINLINE_SPIN_UNLOCK if !ARCH_INLINE_SPIN_UNLOCK
+ help
+ This option reduces the latency of the kernel by making
+@@ -52,6 +65,22 @@
+ embedded system with latency requirements in the milliseconds
+ range.
+
++config PREEMPT_RTB
++ bool "Preemptible Kernel (Basic RT)"
++ select PREEMPT_RT_BASE
++ help
++ This option is basically the same as (Low-Latency Desktop) but
++ enables changes which are preliminary for the full preemptible
++ RT kernel.
++
++config PREEMPT_RT_FULL
++ bool "Fully Preemptible Kernel (RT)"
++ depends on IRQ_FORCED_THREADING
++ select PREEMPT_RT_BASE
++ select PREEMPT_RCU
++ help
++ All and everything
++
+ endchoice
+
+ config PREEMPT_COUNT
+diff -Nur linux-3.18.9.orig/kernel/ksysfs.c linux-3.18.9/kernel/ksysfs.c
+--- linux-3.18.9.orig/kernel/ksysfs.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/ksysfs.c 2015-03-15 16:03:03.836094874 -0500
+@@ -136,6 +136,15 @@
+
+ #endif /* CONFIG_KEXEC */
+
++#if defined(CONFIG_PREEMPT_RT_FULL)
++static ssize_t realtime_show(struct kobject *kobj,
++ struct kobj_attribute *attr, char *buf)
++{
++ return sprintf(buf, "%d\n", 1);
++}
++KERNEL_ATTR_RO(realtime);
++#endif
++
+ /* whether file capabilities are enabled */
+ static ssize_t fscaps_show(struct kobject *kobj,
+ struct kobj_attribute *attr, char *buf)
+@@ -203,6 +212,9 @@
+ &vmcoreinfo_attr.attr,
+ #endif
+ &rcu_expedited_attr.attr,
++#ifdef CONFIG_PREEMPT_RT_FULL
++ &realtime_attr.attr,
++#endif
+ NULL
+ };
+
+diff -Nur linux-3.18.9.orig/kernel/locking/lglock.c linux-3.18.9/kernel/locking/lglock.c
+--- linux-3.18.9.orig/kernel/locking/lglock.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/locking/lglock.c 2015-03-15 16:03:03.836094874 -0500
+@@ -4,6 +4,15 @@
+ #include <linux/cpu.h>
+ #include <linux/string.h>
+
++#ifndef CONFIG_PREEMPT_RT_FULL
++# define lg_lock_ptr arch_spinlock_t
++# define lg_do_lock(l) arch_spin_lock(l)
++# define lg_do_unlock(l) arch_spin_unlock(l)
++#else
++# define lg_lock_ptr struct rt_mutex
++# define lg_do_lock(l) __rt_spin_lock(l)
++# define lg_do_unlock(l) __rt_spin_unlock(l)
++#endif
+ /*
+ * Note there is no uninit, so lglocks cannot be defined in
+ * modules (but it's fine to use them from there)
+@@ -12,51 +21,60 @@
+
+ void lg_lock_init(struct lglock *lg, char *name)
+ {
++#ifdef CONFIG_PREEMPT_RT_FULL
++ int i;
++
++ for_each_possible_cpu(i) {
++ struct rt_mutex *lock = per_cpu_ptr(lg->lock, i);
++
++ rt_mutex_init(lock);
++ }
++#endif
+ LOCKDEP_INIT_MAP(&lg->lock_dep_map, name, &lg->lock_key, 0);
+ }
+ EXPORT_SYMBOL(lg_lock_init);
+
+ void lg_local_lock(struct lglock *lg)
+ {
+- arch_spinlock_t *lock;
++ lg_lock_ptr *lock;
+
+- preempt_disable();
++ migrate_disable();
+ lock_acquire_shared(&lg->lock_dep_map, 0, 0, NULL, _RET_IP_);
+ lock = this_cpu_ptr(lg->lock);
+- arch_spin_lock(lock);
++ lg_do_lock(lock);
+ }
+ EXPORT_SYMBOL(lg_local_lock);
+
+ void lg_local_unlock(struct lglock *lg)
+ {
+- arch_spinlock_t *lock;
++ lg_lock_ptr *lock;
+
+ lock_release(&lg->lock_dep_map, 1, _RET_IP_);
+ lock = this_cpu_ptr(lg->lock);
+- arch_spin_unlock(lock);
+- preempt_enable();
++ lg_do_unlock(lock);
++ migrate_enable();
+ }
+ EXPORT_SYMBOL(lg_local_unlock);
+
+ void lg_local_lock_cpu(struct lglock *lg, int cpu)
+ {
+- arch_spinlock_t *lock;
++ lg_lock_ptr *lock;
+
+- preempt_disable();
++ preempt_disable_nort();
+ lock_acquire_shared(&lg->lock_dep_map, 0, 0, NULL, _RET_IP_);
+ lock = per_cpu_ptr(lg->lock, cpu);
+- arch_spin_lock(lock);
++ lg_do_lock(lock);
+ }
+ EXPORT_SYMBOL(lg_local_lock_cpu);
+
+ void lg_local_unlock_cpu(struct lglock *lg, int cpu)
+ {
+- arch_spinlock_t *lock;
++ lg_lock_ptr *lock;
+
+ lock_release(&lg->lock_dep_map, 1, _RET_IP_);
+ lock = per_cpu_ptr(lg->lock, cpu);
+- arch_spin_unlock(lock);
+- preempt_enable();
++ lg_do_unlock(lock);
++ preempt_enable_nort();
+ }
+ EXPORT_SYMBOL(lg_local_unlock_cpu);
+
+@@ -64,12 +82,12 @@
+ {
+ int i;
+
+- preempt_disable();
++ preempt_disable_nort();
+ lock_acquire_exclusive(&lg->lock_dep_map, 0, 0, NULL, _RET_IP_);
+ for_each_possible_cpu(i) {
+- arch_spinlock_t *lock;
++ lg_lock_ptr *lock;
+ lock = per_cpu_ptr(lg->lock, i);
+- arch_spin_lock(lock);
++ lg_do_lock(lock);
+ }
+ }
+ EXPORT_SYMBOL(lg_global_lock);
+@@ -80,10 +98,35 @@
+
+ lock_release(&lg->lock_dep_map, 1, _RET_IP_);
+ for_each_possible_cpu(i) {
+- arch_spinlock_t *lock;
++ lg_lock_ptr *lock;
+ lock = per_cpu_ptr(lg->lock, i);
+- arch_spin_unlock(lock);
++ lg_do_unlock(lock);
+ }
+- preempt_enable();
++ preempt_enable_nort();
+ }
+ EXPORT_SYMBOL(lg_global_unlock);
++
++#ifdef CONFIG_PREEMPT_RT_FULL
++/*
++ * HACK: If you use this, you get to keep the pieces.
++ * Used in queue_stop_cpus_work() when stop machinery
++ * is called from inactive CPU, so we can't schedule.
++ */
++# define lg_do_trylock_relax(l) \
++ do { \
++ while (!__rt_spin_trylock(l)) \
++ cpu_relax(); \
++ } while (0)
++
++void lg_global_trylock_relax(struct lglock *lg)
++{
++ int i;
++
++ lock_acquire_exclusive(&lg->lock_dep_map, 0, 0, NULL, _RET_IP_);
++ for_each_possible_cpu(i) {
++ lg_lock_ptr *lock;
++ lock = per_cpu_ptr(lg->lock, i);
++ lg_do_trylock_relax(lock);
++ }
++}
++#endif
+diff -Nur linux-3.18.9.orig/kernel/locking/lockdep.c linux-3.18.9/kernel/locking/lockdep.c
+--- linux-3.18.9.orig/kernel/locking/lockdep.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/locking/lockdep.c 2015-03-15 16:03:03.836094874 -0500
+@@ -3542,6 +3542,7 @@
+ }
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ /*
+ * We dont accurately track softirq state in e.g.
+ * hardirq contexts (such as on 4KSTACKS), so only
+@@ -3556,6 +3557,7 @@
+ DEBUG_LOCKS_WARN_ON(!current->softirqs_enabled);
+ }
+ }
++#endif
+
+ if (!debug_locks)
+ print_irqtrace_events(current);
+diff -Nur linux-3.18.9.orig/kernel/locking/Makefile linux-3.18.9/kernel/locking/Makefile
+--- linux-3.18.9.orig/kernel/locking/Makefile 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/locking/Makefile 2015-03-15 16:03:03.836094874 -0500
+@@ -1,5 +1,5 @@
+
+-obj-y += mutex.o semaphore.o rwsem.o mcs_spinlock.o
++obj-y += semaphore.o mcs_spinlock.o
+
+ ifdef CONFIG_FUNCTION_TRACER
+ CFLAGS_REMOVE_lockdep.o = -pg
+@@ -8,7 +8,11 @@
+ CFLAGS_REMOVE_rtmutex-debug.o = -pg
+ endif
+
++ifneq ($(CONFIG_PREEMPT_RT_FULL),y)
++obj-y += mutex.o
+ obj-$(CONFIG_DEBUG_MUTEXES) += mutex-debug.o
++obj-y += rwsem.o
++endif
+ obj-$(CONFIG_LOCKDEP) += lockdep.o
+ ifeq ($(CONFIG_PROC_FS),y)
+ obj-$(CONFIG_LOCKDEP) += lockdep_proc.o
+@@ -21,8 +25,11 @@
+ obj-$(CONFIG_RT_MUTEX_TESTER) += rtmutex-tester.o
+ obj-$(CONFIG_DEBUG_SPINLOCK) += spinlock.o
+ obj-$(CONFIG_DEBUG_SPINLOCK) += spinlock_debug.o
++ifneq ($(CONFIG_PREEMPT_RT_FULL),y)
+ obj-$(CONFIG_RWSEM_GENERIC_SPINLOCK) += rwsem-spinlock.o
+ obj-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += rwsem-xadd.o
++endif
+ obj-$(CONFIG_PERCPU_RWSEM) += percpu-rwsem.o
++obj-$(CONFIG_PREEMPT_RT_FULL) += rt.o
+ obj-$(CONFIG_QUEUE_RWLOCK) += qrwlock.o
+ obj-$(CONFIG_LOCK_TORTURE_TEST) += locktorture.o
+diff -Nur linux-3.18.9.orig/kernel/locking/percpu-rwsem.c linux-3.18.9/kernel/locking/percpu-rwsem.c
+--- linux-3.18.9.orig/kernel/locking/percpu-rwsem.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/locking/percpu-rwsem.c 2015-03-15 16:03:03.836094874 -0500
+@@ -84,8 +84,12 @@
+
+ down_read(&brw->rw_sem);
+ atomic_inc(&brw->slow_read_ctr);
++#ifdef CONFIG_PREEMPT_RT_FULL
++ up_read(&brw->rw_sem);
++#else
+ /* avoid up_read()->rwsem_release() */
+ __up_read(&brw->rw_sem);
++#endif
+ }
+
+ void percpu_up_read(struct percpu_rw_semaphore *brw)
+diff -Nur linux-3.18.9.orig/kernel/locking/rt.c linux-3.18.9/kernel/locking/rt.c
+--- linux-3.18.9.orig/kernel/locking/rt.c 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/kernel/locking/rt.c 2015-03-15 16:03:03.836094874 -0500
+@@ -0,0 +1,437 @@
++/*
++ * kernel/rt.c
++ *
++ * Real-Time Preemption Support
++ *
++ * started by Ingo Molnar:
++ *
++ * Copyright (C) 2004-2006 Red Hat, Inc., Ingo Molnar <mingo@redhat.com>
++ * Copyright (C) 2006, Timesys Corp., Thomas Gleixner <tglx@timesys.com>
++ *
++ * historic credit for proving that Linux spinlocks can be implemented via
++ * RT-aware mutexes goes to many people: The Pmutex project (Dirk Grambow
++ * and others) who prototyped it on 2.4 and did lots of comparative
++ * research and analysis; TimeSys, for proving that you can implement a
++ * fully preemptible kernel via the use of IRQ threading and mutexes;
++ * Bill Huey for persuasively arguing on lkml that the mutex model is the
++ * right one; and to MontaVista, who ported pmutexes to 2.6.
++ *
++ * This code is a from-scratch implementation and is not based on pmutexes,
++ * but the idea of converting spinlocks to mutexes is used here too.
++ *
++ * lock debugging, locking tree, deadlock detection:
++ *
++ * Copyright (C) 2004, LynuxWorks, Inc., Igor Manyilov, Bill Huey
++ * Released under the General Public License (GPL).
++ *
++ * Includes portions of the generic R/W semaphore implementation from:
++ *
++ * Copyright (c) 2001 David Howells (dhowells@redhat.com).
++ * - Derived partially from idea by Andrea Arcangeli <andrea@suse.de>
++ * - Derived also from comments by Linus
++ *
++ * Pending ownership of locks and ownership stealing:
++ *
++ * Copyright (C) 2005, Kihon Technologies Inc., Steven Rostedt
++ *
++ * (also by Steven Rostedt)
++ * - Converted single pi_lock to individual task locks.
++ *
++ * By Esben Nielsen:
++ * Doing priority inheritance with help of the scheduler.
++ *
++ * Copyright (C) 2006, Timesys Corp., Thomas Gleixner <tglx@timesys.com>
++ * - major rework based on Esben Nielsens initial patch
++ * - replaced thread_info references by task_struct refs
++ * - removed task->pending_owner dependency
++ * - BKL drop/reacquire for semaphore style locks to avoid deadlocks
++ * in the scheduler return path as discussed with Steven Rostedt
++ *
++ * Copyright (C) 2006, Kihon Technologies Inc.
++ * Steven Rostedt <rostedt@goodmis.org>
++ * - debugged and patched Thomas Gleixner's rework.
++ * - added back the cmpxchg to the rework.
++ * - turned atomic require back on for SMP.
++ */
++
++#include <linux/spinlock.h>
++#include <linux/rtmutex.h>
++#include <linux/sched.h>
++#include <linux/delay.h>
++#include <linux/module.h>
++#include <linux/kallsyms.h>
++#include <linux/syscalls.h>
++#include <linux/interrupt.h>
++#include <linux/plist.h>
++#include <linux/fs.h>
++#include <linux/futex.h>
++#include <linux/hrtimer.h>
++
++#include "rtmutex_common.h"
++
++/*
++ * struct mutex functions
++ */
++void __mutex_do_init(struct mutex *mutex, const char *name,
++ struct lock_class_key *key)
++{
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++ /*
++ * Make sure we are not reinitializing a held lock:
++ */
++ debug_check_no_locks_freed((void *)mutex, sizeof(*mutex));
++ lockdep_init_map(&mutex->dep_map, name, key, 0);
++#endif
++ mutex->lock.save_state = 0;
++}
++EXPORT_SYMBOL(__mutex_do_init);
++
++void __lockfunc _mutex_lock(struct mutex *lock)
++{
++ mutex_acquire(&lock->dep_map, 0, 0, _RET_IP_);
++ rt_mutex_lock(&lock->lock);
++}
++EXPORT_SYMBOL(_mutex_lock);
++
++int __lockfunc _mutex_lock_interruptible(struct mutex *lock)
++{
++ int ret;
++
++ mutex_acquire(&lock->dep_map, 0, 0, _RET_IP_);
++ ret = rt_mutex_lock_interruptible(&lock->lock);
++ if (ret)
++ mutex_release(&lock->dep_map, 1, _RET_IP_);
++ return ret;
++}
++EXPORT_SYMBOL(_mutex_lock_interruptible);
++
++int __lockfunc _mutex_lock_killable(struct mutex *lock)
++{
++ int ret;
++
++ mutex_acquire(&lock->dep_map, 0, 0, _RET_IP_);
++ ret = rt_mutex_lock_killable(&lock->lock);
++ if (ret)
++ mutex_release(&lock->dep_map, 1, _RET_IP_);
++ return ret;
++}
++EXPORT_SYMBOL(_mutex_lock_killable);
++
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++void __lockfunc _mutex_lock_nested(struct mutex *lock, int subclass)
++{
++ mutex_acquire_nest(&lock->dep_map, subclass, 0, NULL, _RET_IP_);
++ rt_mutex_lock(&lock->lock);
++}
++EXPORT_SYMBOL(_mutex_lock_nested);
++
++void __lockfunc _mutex_lock_nest_lock(struct mutex *lock, struct lockdep_map *nest)
++{
++ mutex_acquire_nest(&lock->dep_map, 0, 0, nest, _RET_IP_);
++ rt_mutex_lock(&lock->lock);
++}
++EXPORT_SYMBOL(_mutex_lock_nest_lock);
++
++int __lockfunc _mutex_lock_interruptible_nested(struct mutex *lock, int subclass)
++{
++ int ret;
++
++ mutex_acquire_nest(&lock->dep_map, subclass, 0, NULL, _RET_IP_);
++ ret = rt_mutex_lock_interruptible(&lock->lock);
++ if (ret)
++ mutex_release(&lock->dep_map, 1, _RET_IP_);
++ return ret;
++}
++EXPORT_SYMBOL(_mutex_lock_interruptible_nested);
++
++int __lockfunc _mutex_lock_killable_nested(struct mutex *lock, int subclass)
++{
++ int ret;
++
++ mutex_acquire(&lock->dep_map, subclass, 0, _RET_IP_);
++ ret = rt_mutex_lock_killable(&lock->lock);
++ if (ret)
++ mutex_release(&lock->dep_map, 1, _RET_IP_);
++ return ret;
++}
++EXPORT_SYMBOL(_mutex_lock_killable_nested);
++#endif
++
++int __lockfunc _mutex_trylock(struct mutex *lock)
++{
++ int ret = rt_mutex_trylock(&lock->lock);
++
++ if (ret)
++ mutex_acquire(&lock->dep_map, 0, 1, _RET_IP_);
++
++ return ret;
++}
++EXPORT_SYMBOL(_mutex_trylock);
++
++void __lockfunc _mutex_unlock(struct mutex *lock)
++{
++ mutex_release(&lock->dep_map, 1, _RET_IP_);
++ rt_mutex_unlock(&lock->lock);
++}
++EXPORT_SYMBOL(_mutex_unlock);
++
++/*
++ * rwlock_t functions
++ */
++int __lockfunc rt_write_trylock(rwlock_t *rwlock)
++{
++ int ret;
++
++ migrate_disable();
++ ret = rt_mutex_trylock(&rwlock->lock);
++ if (ret)
++ rwlock_acquire(&rwlock->dep_map, 0, 1, _RET_IP_);
++ else
++ migrate_enable();
++
++ return ret;
++}
++EXPORT_SYMBOL(rt_write_trylock);
++
++int __lockfunc rt_write_trylock_irqsave(rwlock_t *rwlock, unsigned long *flags)
++{
++ int ret;
++
++ *flags = 0;
++ ret = rt_write_trylock(rwlock);
++ return ret;
++}
++EXPORT_SYMBOL(rt_write_trylock_irqsave);
++
++int __lockfunc rt_read_trylock(rwlock_t *rwlock)
++{
++ struct rt_mutex *lock = &rwlock->lock;
++ int ret = 1;
++
++ /*
++ * recursive read locks succeed when current owns the lock,
++ * but not when read_depth == 0 which means that the lock is
++ * write locked.
++ */
++ if (rt_mutex_owner(lock) != current) {
++ migrate_disable();
++ ret = rt_mutex_trylock(lock);
++ if (ret)
++ rwlock_acquire(&rwlock->dep_map, 0, 1, _RET_IP_);
++ else
++ migrate_enable();
++
++ } else if (!rwlock->read_depth) {
++ ret = 0;
++ }
++
++ if (ret)
++ rwlock->read_depth++;
++
++ return ret;
++}
++EXPORT_SYMBOL(rt_read_trylock);
++
++void __lockfunc rt_write_lock(rwlock_t *rwlock)
++{
++ rwlock_acquire(&rwlock->dep_map, 0, 0, _RET_IP_);
++ migrate_disable();
++ __rt_spin_lock(&rwlock->lock);
++}
++EXPORT_SYMBOL(rt_write_lock);
++
++void __lockfunc rt_read_lock(rwlock_t *rwlock)
++{
++ struct rt_mutex *lock = &rwlock->lock;
++
++
++ /*
++ * recursive read locks succeed when current owns the lock
++ */
++ if (rt_mutex_owner(lock) != current) {
++ migrate_disable();
++ rwlock_acquire(&rwlock->dep_map, 0, 0, _RET_IP_);
++ __rt_spin_lock(lock);
++ }
++ rwlock->read_depth++;
++}
++
++EXPORT_SYMBOL(rt_read_lock);
++
++void __lockfunc rt_write_unlock(rwlock_t *rwlock)
++{
++ /* NOTE: we always pass in '1' for nested, for simplicity */
++ rwlock_release(&rwlock->dep_map, 1, _RET_IP_);
++ __rt_spin_unlock(&rwlock->lock);
++ migrate_enable();
++}
++EXPORT_SYMBOL(rt_write_unlock);
++
++void __lockfunc rt_read_unlock(rwlock_t *rwlock)
++{
++ /* Release the lock only when read_depth is down to 0 */
++ if (--rwlock->read_depth == 0) {
++ rwlock_release(&rwlock->dep_map, 1, _RET_IP_);
++ __rt_spin_unlock(&rwlock->lock);
++ migrate_enable();
++ }
++}
++EXPORT_SYMBOL(rt_read_unlock);
++
++unsigned long __lockfunc rt_write_lock_irqsave(rwlock_t *rwlock)
++{
++ rt_write_lock(rwlock);
++
++ return 0;
++}
++EXPORT_SYMBOL(rt_write_lock_irqsave);
++
++unsigned long __lockfunc rt_read_lock_irqsave(rwlock_t *rwlock)
++{
++ rt_read_lock(rwlock);
++
++ return 0;
++}
++EXPORT_SYMBOL(rt_read_lock_irqsave);
++
++void __rt_rwlock_init(rwlock_t *rwlock, char *name, struct lock_class_key *key)
++{
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++ /*
++ * Make sure we are not reinitializing a held lock:
++ */
++ debug_check_no_locks_freed((void *)rwlock, sizeof(*rwlock));
++ lockdep_init_map(&rwlock->dep_map, name, key, 0);
++#endif
++ rwlock->lock.save_state = 1;
++ rwlock->read_depth = 0;
++}
++EXPORT_SYMBOL(__rt_rwlock_init);
++
++/*
++ * rw_semaphores
++ */
++
++void rt_up_write(struct rw_semaphore *rwsem)
++{
++ rwsem_release(&rwsem->dep_map, 1, _RET_IP_);
++ rt_mutex_unlock(&rwsem->lock);
++}
++EXPORT_SYMBOL(rt_up_write);
++
++void rt_up_read(struct rw_semaphore *rwsem)
++{
++ rwsem_release(&rwsem->dep_map, 1, _RET_IP_);
++ rt_mutex_unlock(&rwsem->lock);
++}
++EXPORT_SYMBOL(rt_up_read);
++
++/*
++ * downgrade a write lock into a read lock
++ * - just wake up any readers at the front of the queue
++ */
++void rt_downgrade_write(struct rw_semaphore *rwsem)
++{
++ BUG_ON(rt_mutex_owner(&rwsem->lock) != current);
++}
++EXPORT_SYMBOL(rt_downgrade_write);
++
++int rt_down_write_trylock(struct rw_semaphore *rwsem)
++{
++ int ret = rt_mutex_trylock(&rwsem->lock);
++
++ if (ret)
++ rwsem_acquire(&rwsem->dep_map, 0, 1, _RET_IP_);
++ return ret;
++}
++EXPORT_SYMBOL(rt_down_write_trylock);
++
++void rt_down_write(struct rw_semaphore *rwsem)
++{
++ rwsem_acquire(&rwsem->dep_map, 0, 0, _RET_IP_);
++ rt_mutex_lock(&rwsem->lock);
++}
++EXPORT_SYMBOL(rt_down_write);
++
++void rt_down_write_nested(struct rw_semaphore *rwsem, int subclass)
++{
++ rwsem_acquire(&rwsem->dep_map, subclass, 0, _RET_IP_);
++ rt_mutex_lock(&rwsem->lock);
++}
++EXPORT_SYMBOL(rt_down_write_nested);
++
++void rt_down_write_nested_lock(struct rw_semaphore *rwsem,
++ struct lockdep_map *nest)
++{
++ rwsem_acquire_nest(&rwsem->dep_map, 0, 0, nest, _RET_IP_);
++ rt_mutex_lock(&rwsem->lock);
++}
++EXPORT_SYMBOL(rt_down_write_nested_lock);
++
++int rt_down_read_trylock(struct rw_semaphore *rwsem)
++{
++ int ret;
++
++ ret = rt_mutex_trylock(&rwsem->lock);
++ if (ret)
++ rwsem_acquire(&rwsem->dep_map, 0, 1, _RET_IP_);
++
++ return ret;
++}
++EXPORT_SYMBOL(rt_down_read_trylock);
++
++static void __rt_down_read(struct rw_semaphore *rwsem, int subclass)
++{
++ rwsem_acquire(&rwsem->dep_map, subclass, 0, _RET_IP_);
++ rt_mutex_lock(&rwsem->lock);
++}
++
++void rt_down_read(struct rw_semaphore *rwsem)
++{
++ __rt_down_read(rwsem, 0);
++}
++EXPORT_SYMBOL(rt_down_read);
++
++void rt_down_read_nested(struct rw_semaphore *rwsem, int subclass)
++{
++ __rt_down_read(rwsem, subclass);
++}
++EXPORT_SYMBOL(rt_down_read_nested);
++
++void __rt_rwsem_init(struct rw_semaphore *rwsem, const char *name,
++ struct lock_class_key *key)
++{
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++ /*
++ * Make sure we are not reinitializing a held lock:
++ */
++ debug_check_no_locks_freed((void *)rwsem, sizeof(*rwsem));
++ lockdep_init_map(&rwsem->dep_map, name, key, 0);
++#endif
++ rwsem->lock.save_state = 0;
++}
++EXPORT_SYMBOL(__rt_rwsem_init);
++
++/**
++ * atomic_dec_and_mutex_lock - return holding mutex if we dec to 0
++ * @cnt: the atomic which we are to dec
++ * @lock: the mutex to return holding if we dec to 0
++ *
++ * return true and hold lock if we dec to 0, return false otherwise
++ */
++int atomic_dec_and_mutex_lock(atomic_t *cnt, struct mutex *lock)
++{
++ /* dec if we can't possibly hit 0 */
++ if (atomic_add_unless(cnt, -1, 1))
++ return 0;
++ /* we might hit 0, so take the lock */
++ mutex_lock(lock);
++ if (!atomic_dec_and_test(cnt)) {
++ /* when we actually did the dec, we didn't hit 0 */
++ mutex_unlock(lock);
++ return 0;
++ }
++ /* we hit 0, and we hold the lock */
++ return 1;
++}
++EXPORT_SYMBOL(atomic_dec_and_mutex_lock);
+diff -Nur linux-3.18.9.orig/kernel/locking/rtmutex.c linux-3.18.9/kernel/locking/rtmutex.c
+--- linux-3.18.9.orig/kernel/locking/rtmutex.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/locking/rtmutex.c 2015-03-15 16:03:03.836094874 -0500
+@@ -7,6 +7,11 @@
+ * Copyright (C) 2005-2006 Timesys Corp., Thomas Gleixner <tglx@timesys.com>
+ * Copyright (C) 2005 Kihon Technologies Inc., Steven Rostedt
+ * Copyright (C) 2006 Esben Nielsen
++ * Adaptive Spinlocks:
++ * Copyright (C) 2008 Novell, Inc., Gregory Haskins, Sven Dietrich,
++ * and Peter Morreale,
++ * Adaptive Spinlocks simplification:
++ * Copyright (C) 2008 Red Hat, Inc., Steven Rostedt <srostedt@redhat.com>
+ *
+ * See Documentation/locking/rt-mutex-design.txt for details.
+ */
+@@ -16,6 +21,7 @@
+ #include <linux/sched/rt.h>
+ #include <linux/sched/deadline.h>
+ #include <linux/timer.h>
++#include <linux/ww_mutex.h>
+
+ #include "rtmutex_common.h"
+
+@@ -69,6 +75,12 @@
+ clear_rt_mutex_waiters(lock);
+ }
+
++static int rt_mutex_real_waiter(struct rt_mutex_waiter *waiter)
++{
++ return waiter && waiter != PI_WAKEUP_INPROGRESS &&
++ waiter != PI_REQUEUE_INPROGRESS;
++}
++
+ /*
+ * We can speed up the acquire/release, if the architecture
+ * supports cmpxchg and if there's no debugging state to be set up
+@@ -333,6 +345,14 @@
+ return debug_rt_mutex_detect_deadlock(waiter, chwalk);
+ }
+
++static void rt_mutex_wake_waiter(struct rt_mutex_waiter *waiter)
++{
++ if (waiter->savestate)
++ wake_up_lock_sleeper(waiter->task);
++ else
++ wake_up_process(waiter->task);
++}
++
+ /*
+ * Max number of times we'll walk the boosting chain:
+ */
+@@ -340,7 +360,8 @@
+
+ static inline struct rt_mutex *task_blocked_on_lock(struct task_struct *p)
+ {
+- return p->pi_blocked_on ? p->pi_blocked_on->lock : NULL;
++ return rt_mutex_real_waiter(p->pi_blocked_on) ?
++ p->pi_blocked_on->lock : NULL;
+ }
+
+ /*
+@@ -477,7 +498,7 @@
+ * reached or the state of the chain has changed while we
+ * dropped the locks.
+ */
+- if (!waiter)
++ if (!rt_mutex_real_waiter(waiter))
+ goto out_unlock_pi;
+
+ /*
+@@ -639,13 +660,16 @@
+ * follow here. This is the end of the chain we are walking.
+ */
+ if (!rt_mutex_owner(lock)) {
++ struct rt_mutex_waiter *lock_top_waiter;
++
+ /*
+ * If the requeue [7] above changed the top waiter,
+ * then we need to wake the new top waiter up to try
+ * to get the lock.
+ */
+- if (prerequeue_top_waiter != rt_mutex_top_waiter(lock))
+- wake_up_process(rt_mutex_top_waiter(lock)->task);
++ lock_top_waiter = rt_mutex_top_waiter(lock);
++ if (prerequeue_top_waiter != lock_top_waiter)
++ rt_mutex_wake_waiter(lock_top_waiter);
+ raw_spin_unlock(&lock->wait_lock);
+ return 0;
+ }
+@@ -738,6 +762,25 @@
+ return ret;
+ }
+
++
++#define STEAL_NORMAL 0
++#define STEAL_LATERAL 1
++
++/*
++ * Note that RT tasks are excluded from lateral-steals to prevent the
++ * introduction of an unbounded latency
++ */
++static inline int lock_is_stealable(struct task_struct *task,
++ struct task_struct *pendowner, int mode)
++{
++ if (mode == STEAL_NORMAL || rt_task(task)) {
++ if (task->prio >= pendowner->prio)
++ return 0;
++ } else if (task->prio > pendowner->prio)
++ return 0;
++ return 1;
++}
++
+ /*
+ * Try to take an rt-mutex
+ *
+@@ -748,8 +791,9 @@
+ * @waiter: The waiter that is queued to the lock's wait list if the
+ * callsite called task_blocked_on_lock(), otherwise NULL
+ */
+-static int try_to_take_rt_mutex(struct rt_mutex *lock, struct task_struct *task,
+- struct rt_mutex_waiter *waiter)
++static int __try_to_take_rt_mutex(struct rt_mutex *lock,
++ struct task_struct *task,
++ struct rt_mutex_waiter *waiter, int mode)
+ {
+ unsigned long flags;
+
+@@ -788,8 +832,10 @@
+ * If waiter is not the highest priority waiter of
+ * @lock, give up.
+ */
+- if (waiter != rt_mutex_top_waiter(lock))
++ if (waiter != rt_mutex_top_waiter(lock)) {
++ /* XXX lock_is_stealable() ? */
+ return 0;
++ }
+
+ /*
+ * We can acquire the lock. Remove the waiter from the
+@@ -807,14 +853,10 @@
+ * not need to be dequeued.
+ */
+ if (rt_mutex_has_waiters(lock)) {
+- /*
+- * If @task->prio is greater than or equal to
+- * the top waiter priority (kernel view),
+- * @task lost.
+- */
+- if (task->prio >= rt_mutex_top_waiter(lock)->prio)
+- return 0;
++ struct task_struct *pown = rt_mutex_top_waiter(lock)->task;
+
++ if (task != pown && !lock_is_stealable(task, pown, mode))
++ return 0;
+ /*
+ * The current top waiter stays enqueued. We
+ * don't have to change anything in the lock
+@@ -863,6 +905,369 @@
+ return 1;
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++/*
++ * preemptible spin_lock functions:
++ */
++static inline void rt_spin_lock_fastlock(struct rt_mutex *lock,
++ void (*slowfn)(struct rt_mutex *lock))
++{
++ might_sleep();
++
++ if (likely(rt_mutex_cmpxchg(lock, NULL, current)))
++ rt_mutex_deadlock_account_lock(lock, current);
++ else
++ slowfn(lock);
++}
++
++static inline void rt_spin_lock_fastunlock(struct rt_mutex *lock,
++ void (*slowfn)(struct rt_mutex *lock))
++{
++ if (likely(rt_mutex_cmpxchg(lock, current, NULL)))
++ rt_mutex_deadlock_account_unlock(current);
++ else
++ slowfn(lock);
++}
++#ifdef CONFIG_SMP
++/*
++ * Note that owner is a speculative pointer and dereferencing relies
++ * on rcu_read_lock() and the check against the lock owner.
++ */
++static int adaptive_wait(struct rt_mutex *lock,
++ struct task_struct *owner)
++{
++ int res = 0;
++
++ rcu_read_lock();
++ for (;;) {
++ if (owner != rt_mutex_owner(lock))
++ break;
++ /*
++ * Ensure that owner->on_cpu is dereferenced _after_
++ * checking the above to be valid.
++ */
++ barrier();
++ if (!owner->on_cpu) {
++ res = 1;
++ break;
++ }
++ cpu_relax();
++ }
++ rcu_read_unlock();
++ return res;
++}
++#else
++static int adaptive_wait(struct rt_mutex *lock,
++ struct task_struct *orig_owner)
++{
++ return 1;
++}
++#endif
++
++# define pi_lock(lock) raw_spin_lock_irq(lock)
++# define pi_unlock(lock) raw_spin_unlock_irq(lock)
++
++static int task_blocks_on_rt_mutex(struct rt_mutex *lock,
++ struct rt_mutex_waiter *waiter,
++ struct task_struct *task,
++ enum rtmutex_chainwalk chwalk);
++/*
++ * Slow path lock function spin_lock style: this variant is very
++ * careful not to miss any non-lock wakeups.
++ *
++ * We store the current state under p->pi_lock in p->saved_state and
++ * the try_to_wake_up() code handles this accordingly.
++ */
++static void noinline __sched rt_spin_lock_slowlock(struct rt_mutex *lock)
++{
++ struct task_struct *lock_owner, *self = current;
++ struct rt_mutex_waiter waiter, *top_waiter;
++ int ret;
++
++ rt_mutex_init_waiter(&waiter, true);
++
++ raw_spin_lock(&lock->wait_lock);
++
++ if (__try_to_take_rt_mutex(lock, self, NULL, STEAL_LATERAL)) {
++ raw_spin_unlock(&lock->wait_lock);
++ return;
++ }
++
++ BUG_ON(rt_mutex_owner(lock) == self);
++
++ /*
++ * We save whatever state the task is in and we'll restore it
++ * after acquiring the lock taking real wakeups into account
++ * as well. We are serialized via pi_lock against wakeups. See
++ * try_to_wake_up().
++ */
++ pi_lock(&self->pi_lock);
++ self->saved_state = self->state;
++ __set_current_state(TASK_UNINTERRUPTIBLE);
++ pi_unlock(&self->pi_lock);
++
++ ret = task_blocks_on_rt_mutex(lock, &waiter, self, 0);
++ BUG_ON(ret);
++
++ for (;;) {
++ /* Try to acquire the lock again. */
++ if (__try_to_take_rt_mutex(lock, self, &waiter, STEAL_LATERAL))
++ break;
++
++ top_waiter = rt_mutex_top_waiter(lock);
++ lock_owner = rt_mutex_owner(lock);
++
++ raw_spin_unlock(&lock->wait_lock);
++
++ debug_rt_mutex_print_deadlock(&waiter);
++
++ if (top_waiter != &waiter || adaptive_wait(lock, lock_owner))
++ schedule_rt_mutex(lock);
++
++ raw_spin_lock(&lock->wait_lock);
++
++ pi_lock(&self->pi_lock);
++ __set_current_state(TASK_UNINTERRUPTIBLE);
++ pi_unlock(&self->pi_lock);
++ }
++
++ /*
++ * Restore the task state to current->saved_state. We set it
++ * to the original state above and the try_to_wake_up() code
++ * has possibly updated it when a real (non-rtmutex) wakeup
++ * happened while we were blocked. Clear saved_state so
++ * try_to_wakeup() does not get confused.
++ */
++ pi_lock(&self->pi_lock);
++ __set_current_state(self->saved_state);
++ self->saved_state = TASK_RUNNING;
++ pi_unlock(&self->pi_lock);
++
++ /*
++ * try_to_take_rt_mutex() sets the waiter bit
++ * unconditionally. We might have to fix that up:
++ */
++ fixup_rt_mutex_waiters(lock);
++
++ BUG_ON(rt_mutex_has_waiters(lock) && &waiter == rt_mutex_top_waiter(lock));
++ BUG_ON(!RB_EMPTY_NODE(&waiter.tree_entry));
++
++ raw_spin_unlock(&lock->wait_lock);
++
++ debug_rt_mutex_free_waiter(&waiter);
++}
++
++static void wakeup_next_waiter(struct rt_mutex *lock);
++/*
++ * Slow path to release a rt_mutex spin_lock style
++ */
++static void __sched __rt_spin_lock_slowunlock(struct rt_mutex *lock)
++{
++ debug_rt_mutex_unlock(lock);
++
++ rt_mutex_deadlock_account_unlock(current);
++
++ if (!rt_mutex_has_waiters(lock)) {
++ lock->owner = NULL;
++ raw_spin_unlock(&lock->wait_lock);
++ return;
++ }
++
++ wakeup_next_waiter(lock);
++
++ raw_spin_unlock(&lock->wait_lock);
++
++ /* Undo pi boosting.when necessary */
++ rt_mutex_adjust_prio(current);
++}
++
++static void noinline __sched rt_spin_lock_slowunlock(struct rt_mutex *lock)
++{
++ raw_spin_lock(&lock->wait_lock);
++ __rt_spin_lock_slowunlock(lock);
++}
++
++static void noinline __sched rt_spin_lock_slowunlock_hirq(struct rt_mutex *lock)
++{
++ int ret;
++
++ do {
++ ret = raw_spin_trylock(&lock->wait_lock);
++ } while (!ret);
++
++ __rt_spin_lock_slowunlock(lock);
++}
++
++void __lockfunc rt_spin_lock(spinlock_t *lock)
++{
++ rt_spin_lock_fastlock(&lock->lock, rt_spin_lock_slowlock);
++ spin_acquire(&lock->dep_map, 0, 0, _RET_IP_);
++}
++EXPORT_SYMBOL(rt_spin_lock);
++
++void __lockfunc __rt_spin_lock(struct rt_mutex *lock)
++{
++ rt_spin_lock_fastlock(lock, rt_spin_lock_slowlock);
++}
++EXPORT_SYMBOL(__rt_spin_lock);
++
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++void __lockfunc rt_spin_lock_nested(spinlock_t *lock, int subclass)
++{
++ rt_spin_lock_fastlock(&lock->lock, rt_spin_lock_slowlock);
++ spin_acquire(&lock->dep_map, subclass, 0, _RET_IP_);
++}
++EXPORT_SYMBOL(rt_spin_lock_nested);
++#endif
++
++void __lockfunc rt_spin_unlock(spinlock_t *lock)
++{
++ /* NOTE: we always pass in '1' for nested, for simplicity */
++ spin_release(&lock->dep_map, 1, _RET_IP_);
++ rt_spin_lock_fastunlock(&lock->lock, rt_spin_lock_slowunlock);
++}
++EXPORT_SYMBOL(rt_spin_unlock);
++
++void __lockfunc rt_spin_unlock_after_trylock_in_irq(spinlock_t *lock)
++{
++ /* NOTE: we always pass in '1' for nested, for simplicity */
++ spin_release(&lock->dep_map, 1, _RET_IP_);
++ rt_spin_lock_fastunlock(&lock->lock, rt_spin_lock_slowunlock_hirq);
++}
++
++void __lockfunc __rt_spin_unlock(struct rt_mutex *lock)
++{
++ rt_spin_lock_fastunlock(lock, rt_spin_lock_slowunlock);
++}
++EXPORT_SYMBOL(__rt_spin_unlock);
++
++/*
++ * Wait for the lock to get unlocked: instead of polling for an unlock
++ * (like raw spinlocks do), we lock and unlock, to force the kernel to
++ * schedule if there's contention:
++ */
++void __lockfunc rt_spin_unlock_wait(spinlock_t *lock)
++{
++ spin_lock(lock);
++ spin_unlock(lock);
++}
++EXPORT_SYMBOL(rt_spin_unlock_wait);
++
++int __lockfunc __rt_spin_trylock(struct rt_mutex *lock)
++{
++ return rt_mutex_trylock(lock);
++}
++
++int __lockfunc rt_spin_trylock(spinlock_t *lock)
++{
++ int ret = rt_mutex_trylock(&lock->lock);
++
++ if (ret)
++ spin_acquire(&lock->dep_map, 0, 1, _RET_IP_);
++ return ret;
++}
++EXPORT_SYMBOL(rt_spin_trylock);
++
++int __lockfunc rt_spin_trylock_bh(spinlock_t *lock)
++{
++ int ret;
++
++ local_bh_disable();
++ ret = rt_mutex_trylock(&lock->lock);
++ if (ret) {
++ migrate_disable();
++ spin_acquire(&lock->dep_map, 0, 1, _RET_IP_);
++ } else
++ local_bh_enable();
++ return ret;
++}
++EXPORT_SYMBOL(rt_spin_trylock_bh);
++
++int __lockfunc rt_spin_trylock_irqsave(spinlock_t *lock, unsigned long *flags)
++{
++ int ret;
++
++ *flags = 0;
++ ret = rt_mutex_trylock(&lock->lock);
++ if (ret) {
++ migrate_disable();
++ spin_acquire(&lock->dep_map, 0, 1, _RET_IP_);
++ }
++ return ret;
++}
++EXPORT_SYMBOL(rt_spin_trylock_irqsave);
++
++int atomic_dec_and_spin_lock(atomic_t *atomic, spinlock_t *lock)
++{
++ /* Subtract 1 from counter unless that drops it to 0 (ie. it was 1) */
++ if (atomic_add_unless(atomic, -1, 1))
++ return 0;
++ migrate_disable();
++ rt_spin_lock(lock);
++ if (atomic_dec_and_test(atomic))
++ return 1;
++ rt_spin_unlock(lock);
++ migrate_enable();
++ return 0;
++}
++EXPORT_SYMBOL(atomic_dec_and_spin_lock);
++
++ void
++__rt_spin_lock_init(spinlock_t *lock, char *name, struct lock_class_key *key)
++{
++#ifdef CONFIG_DEBUG_LOCK_ALLOC
++ /*
++ * Make sure we are not reinitializing a held lock:
++ */
++ debug_check_no_locks_freed((void *)lock, sizeof(*lock));
++ lockdep_init_map(&lock->dep_map, name, key, 0);
++#endif
++}
++EXPORT_SYMBOL(__rt_spin_lock_init);
++
++#endif /* PREEMPT_RT_FULL */
++
++#ifdef CONFIG_PREEMPT_RT_FULL
++ static inline int __sched
++__mutex_lock_check_stamp(struct rt_mutex *lock, struct ww_acquire_ctx *ctx)
++{
++ struct ww_mutex *ww = container_of(lock, struct ww_mutex, base.lock);
++ struct ww_acquire_ctx *hold_ctx = ACCESS_ONCE(ww->ctx);
++
++ if (!hold_ctx)
++ return 0;
++
++ if (unlikely(ctx == hold_ctx))
++ return -EALREADY;
++
++ if (ctx->stamp - hold_ctx->stamp <= LONG_MAX &&
++ (ctx->stamp != hold_ctx->stamp || ctx > hold_ctx)) {
++#ifdef CONFIG_DEBUG_MUTEXES
++ DEBUG_LOCKS_WARN_ON(ctx->contending_lock);
++ ctx->contending_lock = ww;
++#endif
++ return -EDEADLK;
++ }
++
++ return 0;
++}
++#else
++ static inline int __sched
++__mutex_lock_check_stamp(struct rt_mutex *lock, struct ww_acquire_ctx *ctx)
++{
++ BUG();
++ return 0;
++}
++
++#endif
++
++static inline int
++try_to_take_rt_mutex(struct rt_mutex *lock, struct task_struct *task,
++ struct rt_mutex_waiter *waiter)
++{
++ return __try_to_take_rt_mutex(lock, task, waiter, STEAL_NORMAL);
++}
++
+ /*
+ * Task blocks on lock.
+ *
+@@ -894,6 +1299,23 @@
+ return -EDEADLK;
+
+ raw_spin_lock_irqsave(&task->pi_lock, flags);
++
++ /*
++ * In the case of futex requeue PI, this will be a proxy
++ * lock. The task will wake unaware that it is enqueueed on
++ * this lock. Avoid blocking on two locks and corrupting
++ * pi_blocked_on via the PI_WAKEUP_INPROGRESS
++ * flag. futex_wait_requeue_pi() sets this when it wakes up
++ * before requeue (due to a signal or timeout). Do not enqueue
++ * the task if PI_WAKEUP_INPROGRESS is set.
++ */
++ if (task != current && task->pi_blocked_on == PI_WAKEUP_INPROGRESS) {
++ raw_spin_unlock_irqrestore(&task->pi_lock, flags);
++ return -EAGAIN;
++ }
++
++ BUG_ON(rt_mutex_real_waiter(task->pi_blocked_on));
++
+ __rt_mutex_adjust_prio(task);
+ waiter->task = task;
+ waiter->lock = lock;
+@@ -917,7 +1339,7 @@
+ rt_mutex_enqueue_pi(owner, waiter);
+
+ __rt_mutex_adjust_prio(owner);
+- if (owner->pi_blocked_on)
++ if (rt_mutex_real_waiter(owner->pi_blocked_on))
+ chain_walk = 1;
+ } else if (rt_mutex_cond_detect_deadlock(waiter, chwalk)) {
+ chain_walk = 1;
+@@ -994,7 +1416,7 @@
+ * long as we hold lock->wait_lock. The waiter task needs to
+ * acquire it in order to dequeue the waiter.
+ */
+- wake_up_process(waiter->task);
++ rt_mutex_wake_waiter(waiter);
+ }
+
+ /*
+@@ -1008,7 +1430,7 @@
+ {
+ bool is_top_waiter = (waiter == rt_mutex_top_waiter(lock));
+ struct task_struct *owner = rt_mutex_owner(lock);
+- struct rt_mutex *next_lock;
++ struct rt_mutex *next_lock = NULL;
+ unsigned long flags;
+
+ raw_spin_lock_irqsave(&current->pi_lock, flags);
+@@ -1033,7 +1455,8 @@
+ __rt_mutex_adjust_prio(owner);
+
+ /* Store the lock on which owner is blocked or NULL */
+- next_lock = task_blocked_on_lock(owner);
++ if (rt_mutex_real_waiter(owner->pi_blocked_on))
++ next_lock = task_blocked_on_lock(owner);
+
+ raw_spin_unlock_irqrestore(&owner->pi_lock, flags);
+
+@@ -1069,17 +1492,17 @@
+ raw_spin_lock_irqsave(&task->pi_lock, flags);
+
+ waiter = task->pi_blocked_on;
+- if (!waiter || (waiter->prio == task->prio &&
++ if (!rt_mutex_real_waiter(waiter) || (waiter->prio == task->prio &&
+ !dl_prio(task->prio))) {
+ raw_spin_unlock_irqrestore(&task->pi_lock, flags);
+ return;
+ }
+ next_lock = waiter->lock;
+- raw_spin_unlock_irqrestore(&task->pi_lock, flags);
+
+ /* gets dropped in rt_mutex_adjust_prio_chain()! */
+ get_task_struct(task);
+
++ raw_spin_unlock_irqrestore(&task->pi_lock, flags);
+ rt_mutex_adjust_prio_chain(task, RT_MUTEX_MIN_CHAINWALK, NULL,
+ next_lock, NULL, task);
+ }
+@@ -1097,7 +1520,8 @@
+ static int __sched
+ __rt_mutex_slowlock(struct rt_mutex *lock, int state,
+ struct hrtimer_sleeper *timeout,
+- struct rt_mutex_waiter *waiter)
++ struct rt_mutex_waiter *waiter,
++ struct ww_acquire_ctx *ww_ctx)
+ {
+ int ret = 0;
+
+@@ -1120,6 +1544,12 @@
+ break;
+ }
+
++ if (ww_ctx && ww_ctx->acquired > 0) {
++ ret = __mutex_lock_check_stamp(lock, ww_ctx);
++ if (ret)
++ break;
++ }
++
+ raw_spin_unlock(&lock->wait_lock);
+
+ debug_rt_mutex_print_deadlock(waiter);
+@@ -1153,25 +1583,102 @@
+ }
+ }
+
++static __always_inline void ww_mutex_lock_acquired(struct ww_mutex *ww,
++ struct ww_acquire_ctx *ww_ctx)
++{
++#ifdef CONFIG_DEBUG_MUTEXES
++ /*
++ * If this WARN_ON triggers, you used ww_mutex_lock to acquire,
++ * but released with a normal mutex_unlock in this call.
++ *
++ * This should never happen, always use ww_mutex_unlock.
++ */
++ DEBUG_LOCKS_WARN_ON(ww->ctx);
++
++ /*
++ * Not quite done after calling ww_acquire_done() ?
++ */
++ DEBUG_LOCKS_WARN_ON(ww_ctx->done_acquire);
++
++ if (ww_ctx->contending_lock) {
++ /*
++ * After -EDEADLK you tried to
++ * acquire a different ww_mutex? Bad!
++ */
++ DEBUG_LOCKS_WARN_ON(ww_ctx->contending_lock != ww);
++
++ /*
++ * You called ww_mutex_lock after receiving -EDEADLK,
++ * but 'forgot' to unlock everything else first?
++ */
++ DEBUG_LOCKS_WARN_ON(ww_ctx->acquired > 0);
++ ww_ctx->contending_lock = NULL;
++ }
++
++ /*
++ * Naughty, using a different class will lead to undefined behavior!
++ */
++ DEBUG_LOCKS_WARN_ON(ww_ctx->ww_class != ww->ww_class);
++#endif
++ ww_ctx->acquired++;
++}
++
++#ifdef CONFIG_PREEMPT_RT_FULL
++static void ww_mutex_account_lock(struct rt_mutex *lock,
++ struct ww_acquire_ctx *ww_ctx)
++{
++ struct ww_mutex *ww = container_of(lock, struct ww_mutex, base.lock);
++ struct rt_mutex_waiter *waiter, *n;
++
++ /*
++ * This branch gets optimized out for the common case,
++ * and is only important for ww_mutex_lock.
++ */
++ ww_mutex_lock_acquired(ww, ww_ctx);
++ ww->ctx = ww_ctx;
++
++ /*
++ * Give any possible sleeping processes the chance to wake up,
++ * so they can recheck if they have to back off.
++ */
++ rbtree_postorder_for_each_entry_safe(waiter, n, &lock->waiters,
++ tree_entry) {
++ /* XXX debug rt mutex waiter wakeup */
++
++ BUG_ON(waiter->lock != lock);
++ rt_mutex_wake_waiter(waiter);
++ }
++}
++
++#else
++
++static void ww_mutex_account_lock(struct rt_mutex *lock,
++ struct ww_acquire_ctx *ww_ctx)
++{
++ BUG();
++}
++#endif
++
+ /*
+ * Slow path lock function:
+ */
+ static int __sched
+ rt_mutex_slowlock(struct rt_mutex *lock, int state,
+ struct hrtimer_sleeper *timeout,
+- enum rtmutex_chainwalk chwalk)
++ enum rtmutex_chainwalk chwalk,
++ struct ww_acquire_ctx *ww_ctx)
+ {
+ struct rt_mutex_waiter waiter;
+ int ret = 0;
+
+- debug_rt_mutex_init_waiter(&waiter);
+- RB_CLEAR_NODE(&waiter.pi_tree_entry);
+- RB_CLEAR_NODE(&waiter.tree_entry);
++ rt_mutex_init_waiter(&waiter, false);
+
+ raw_spin_lock(&lock->wait_lock);
+
+ /* Try to acquire the lock again: */
+ if (try_to_take_rt_mutex(lock, current, NULL)) {
++ if (ww_ctx)
++ ww_mutex_account_lock(lock, ww_ctx);
+ raw_spin_unlock(&lock->wait_lock);
+ return 0;
+ }
+@@ -1188,13 +1695,17 @@
+ ret = task_blocks_on_rt_mutex(lock, &waiter, current, chwalk);
+
+ if (likely(!ret))
+- ret = __rt_mutex_slowlock(lock, state, timeout, &waiter);
++ ret = __rt_mutex_slowlock(lock, state, timeout, &waiter,
++ ww_ctx);
+
+ set_current_state(TASK_RUNNING);
+
+ if (unlikely(ret)) {
+- remove_waiter(lock, &waiter);
++ if (rt_mutex_has_waiters(lock))
++ remove_waiter(lock, &waiter);
+ rt_mutex_handle_deadlock(ret, chwalk, &waiter);
++ } else if (ww_ctx) {
++ ww_mutex_account_lock(lock, ww_ctx);
+ }
+
+ /*
+@@ -1233,7 +1744,8 @@
+ * The mutex has currently no owner. Lock the wait lock and
+ * try to acquire the lock.
+ */
+- raw_spin_lock(&lock->wait_lock);
++ if (!raw_spin_trylock(&lock->wait_lock))
++ return 0;
+
+ ret = try_to_take_rt_mutex(lock, current, NULL);
+
+@@ -1319,31 +1831,36 @@
+ */
+ static inline int
+ rt_mutex_fastlock(struct rt_mutex *lock, int state,
++ struct ww_acquire_ctx *ww_ctx,
+ int (*slowfn)(struct rt_mutex *lock, int state,
+ struct hrtimer_sleeper *timeout,
+- enum rtmutex_chainwalk chwalk))
++ enum rtmutex_chainwalk chwalk,
++ struct ww_acquire_ctx *ww_ctx))
+ {
+ if (likely(rt_mutex_cmpxchg(lock, NULL, current))) {
+ rt_mutex_deadlock_account_lock(lock, current);
+ return 0;
+ } else
+- return slowfn(lock, state, NULL, RT_MUTEX_MIN_CHAINWALK);
++ return slowfn(lock, state, NULL, RT_MUTEX_MIN_CHAINWALK,
++ ww_ctx);
+ }
+
+ static inline int
+ rt_mutex_timed_fastlock(struct rt_mutex *lock, int state,
+ struct hrtimer_sleeper *timeout,
+ enum rtmutex_chainwalk chwalk,
++ struct ww_acquire_ctx *ww_ctx,
+ int (*slowfn)(struct rt_mutex *lock, int state,
+ struct hrtimer_sleeper *timeout,
+- enum rtmutex_chainwalk chwalk))
++ enum rtmutex_chainwalk chwalk,
++ struct ww_acquire_ctx *ww_ctx))
+ {
+ if (chwalk == RT_MUTEX_MIN_CHAINWALK &&
+ likely(rt_mutex_cmpxchg(lock, NULL, current))) {
+ rt_mutex_deadlock_account_lock(lock, current);
+ return 0;
+ } else
+- return slowfn(lock, state, timeout, chwalk);
++ return slowfn(lock, state, timeout, chwalk, ww_ctx);
+ }
+
+ static inline int
+@@ -1376,7 +1893,7 @@
+ {
+ might_sleep();
+
+- rt_mutex_fastlock(lock, TASK_UNINTERRUPTIBLE, rt_mutex_slowlock);
++ rt_mutex_fastlock(lock, TASK_UNINTERRUPTIBLE, NULL, rt_mutex_slowlock);
+ }
+ EXPORT_SYMBOL_GPL(rt_mutex_lock);
+
+@@ -1393,7 +1910,7 @@
+ {
+ might_sleep();
+
+- return rt_mutex_fastlock(lock, TASK_INTERRUPTIBLE, rt_mutex_slowlock);
++ return rt_mutex_fastlock(lock, TASK_INTERRUPTIBLE, NULL, rt_mutex_slowlock);
+ }
+ EXPORT_SYMBOL_GPL(rt_mutex_lock_interruptible);
+
+@@ -1406,11 +1923,30 @@
+ might_sleep();
+
+ return rt_mutex_timed_fastlock(lock, TASK_INTERRUPTIBLE, timeout,
+- RT_MUTEX_FULL_CHAINWALK,
++ RT_MUTEX_FULL_CHAINWALK, NULL,
+ rt_mutex_slowlock);
+ }
+
+ /**
++ * rt_mutex_lock_killable - lock a rt_mutex killable
++ *
++ * @lock: the rt_mutex to be locked
++ * @detect_deadlock: deadlock detection on/off
++ *
++ * Returns:
++ * 0 on success
++ * -EINTR when interrupted by a signal
++ * -EDEADLK when the lock would deadlock (when deadlock detection is on)
++ */
++int __sched rt_mutex_lock_killable(struct rt_mutex *lock)
++{
++ might_sleep();
++
++ return rt_mutex_fastlock(lock, TASK_KILLABLE, NULL, rt_mutex_slowlock);
++}
++EXPORT_SYMBOL_GPL(rt_mutex_lock_killable);
++
++/**
+ * rt_mutex_timed_lock - lock a rt_mutex interruptible
+ * the timeout structure is provided
+ * by the caller
+@@ -1430,6 +1966,7 @@
+
+ return rt_mutex_timed_fastlock(lock, TASK_INTERRUPTIBLE, timeout,
+ RT_MUTEX_MIN_CHAINWALK,
++ NULL,
+ rt_mutex_slowlock);
+ }
+ EXPORT_SYMBOL_GPL(rt_mutex_timed_lock);
+@@ -1488,13 +2025,12 @@
+ void __rt_mutex_init(struct rt_mutex *lock, const char *name)
+ {
+ lock->owner = NULL;
+- raw_spin_lock_init(&lock->wait_lock);
+ lock->waiters = RB_ROOT;
+ lock->waiters_leftmost = NULL;
+
+ debug_rt_mutex_init(lock, name);
+ }
+-EXPORT_SYMBOL_GPL(__rt_mutex_init);
++EXPORT_SYMBOL(__rt_mutex_init);
+
+ /**
+ * rt_mutex_init_proxy_locked - initialize and lock a rt_mutex on behalf of a
+@@ -1509,7 +2045,7 @@
+ void rt_mutex_init_proxy_locked(struct rt_mutex *lock,
+ struct task_struct *proxy_owner)
+ {
+- __rt_mutex_init(lock, NULL);
++ rt_mutex_init(lock);
+ debug_rt_mutex_proxy_lock(lock, proxy_owner);
+ rt_mutex_set_owner(lock, proxy_owner);
+ rt_mutex_deadlock_account_lock(lock, proxy_owner);
+@@ -1557,6 +2093,35 @@
+ return 1;
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++ /*
++ * In PREEMPT_RT there's an added race.
++ * If the task, that we are about to requeue, times out,
++ * it can set the PI_WAKEUP_INPROGRESS. This tells the requeue
++ * to skip this task. But right after the task sets
++ * its pi_blocked_on to PI_WAKEUP_INPROGRESS it can then
++ * block on the spin_lock(&hb->lock), which in RT is an rtmutex.
++ * This will replace the PI_WAKEUP_INPROGRESS with the actual
++ * lock that it blocks on. We *must not* place this task
++ * on this proxy lock in that case.
++ *
++ * To prevent this race, we first take the task's pi_lock
++ * and check if it has updated its pi_blocked_on. If it has,
++ * we assume that it woke up and we return -EAGAIN.
++ * Otherwise, we set the task's pi_blocked_on to
++ * PI_REQUEUE_INPROGRESS, so that if the task is waking up
++ * it will know that we are in the process of requeuing it.
++ */
++ raw_spin_lock_irq(&task->pi_lock);
++ if (task->pi_blocked_on) {
++ raw_spin_unlock_irq(&task->pi_lock);
++ raw_spin_unlock(&lock->wait_lock);
++ return -EAGAIN;
++ }
++ task->pi_blocked_on = PI_REQUEUE_INPROGRESS;
++ raw_spin_unlock_irq(&task->pi_lock);
++#endif
++
+ /* We enforce deadlock detection for futexes */
+ ret = task_blocks_on_rt_mutex(lock, waiter, task,
+ RT_MUTEX_FULL_CHAINWALK);
+@@ -1626,7 +2191,7 @@
+
+ set_current_state(TASK_INTERRUPTIBLE);
+
+- ret = __rt_mutex_slowlock(lock, TASK_INTERRUPTIBLE, to, waiter);
++ ret = __rt_mutex_slowlock(lock, TASK_INTERRUPTIBLE, to, waiter, NULL);
+
+ set_current_state(TASK_RUNNING);
+
+@@ -1643,3 +2208,89 @@
+
+ return ret;
+ }
++
++static inline int
++ww_mutex_deadlock_injection(struct ww_mutex *lock, struct ww_acquire_ctx *ctx)
++{
++#ifdef CONFIG_DEBUG_WW_MUTEX_SLOWPATH
++ unsigned tmp;
++
++ if (ctx->deadlock_inject_countdown-- == 0) {
++ tmp = ctx->deadlock_inject_interval;
++ if (tmp > UINT_MAX/4)
++ tmp = UINT_MAX;
++ else
++ tmp = tmp*2 + tmp + tmp/2;
++
++ ctx->deadlock_inject_interval = tmp;
++ ctx->deadlock_inject_countdown = tmp;
++ ctx->contending_lock = lock;
++
++ ww_mutex_unlock(lock);
++
++ return -EDEADLK;
++ }
++#endif
++
++ return 0;
++}
++
++#ifdef CONFIG_PREEMPT_RT_FULL
++int __sched
++__ww_mutex_lock_interruptible(struct ww_mutex *lock, struct ww_acquire_ctx *ww_ctx)
++{
++ int ret;
++
++ might_sleep();
++
++ mutex_acquire_nest(&lock->base.dep_map, 0, 0, &ww_ctx->dep_map, _RET_IP_);
++ ret = rt_mutex_slowlock(&lock->base.lock, TASK_INTERRUPTIBLE, NULL,
++ RT_MUTEX_FULL_CHAINWALK, ww_ctx);
++ if (ret)
++ mutex_release(&lock->base.dep_map, 1, _RET_IP_);
++ else if (!ret && ww_ctx->acquired > 1)
++ return ww_mutex_deadlock_injection(lock, ww_ctx);
++
++ return ret;
++}
++EXPORT_SYMBOL_GPL(__ww_mutex_lock_interruptible);
++
++int __sched
++__ww_mutex_lock(struct ww_mutex *lock, struct ww_acquire_ctx *ww_ctx)
++{
++ int ret;
++
++ might_sleep();
++
++ mutex_acquire_nest(&lock->base.dep_map, 0, 0, &ww_ctx->dep_map, _RET_IP_);
++ ret = rt_mutex_slowlock(&lock->base.lock, TASK_UNINTERRUPTIBLE, NULL,
++ RT_MUTEX_FULL_CHAINWALK, ww_ctx);
++ if (ret)
++ mutex_release(&lock->base.dep_map, 1, _RET_IP_);
++ else if (!ret && ww_ctx->acquired > 1)
++ return ww_mutex_deadlock_injection(lock, ww_ctx);
++
++ return ret;
++}
++EXPORT_SYMBOL_GPL(__ww_mutex_lock);
++
++void __sched ww_mutex_unlock(struct ww_mutex *lock)
++{
++ /*
++ * The unlocking fastpath is the 0->1 transition from 'locked'
++ * into 'unlocked' state:
++ */
++ if (lock->ctx) {
++#ifdef CONFIG_DEBUG_MUTEXES
++ DEBUG_LOCKS_WARN_ON(!lock->ctx->acquired);
++#endif
++ if (lock->ctx->acquired > 0)
++ lock->ctx->acquired--;
++ lock->ctx = NULL;
++ }
++
++ mutex_release(&lock->base.dep_map, 1, _RET_IP_);
++ rt_mutex_unlock(&lock->base.lock);
++}
++EXPORT_SYMBOL(ww_mutex_unlock);
++#endif
+diff -Nur linux-3.18.9.orig/kernel/locking/rtmutex_common.h linux-3.18.9/kernel/locking/rtmutex_common.h
+--- linux-3.18.9.orig/kernel/locking/rtmutex_common.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/locking/rtmutex_common.h 2015-03-15 16:03:03.836094874 -0500
+@@ -49,6 +49,7 @@
+ struct rb_node pi_tree_entry;
+ struct task_struct *task;
+ struct rt_mutex *lock;
++ bool savestate;
+ #ifdef CONFIG_DEBUG_RT_MUTEXES
+ unsigned long ip;
+ struct pid *deadlock_task_pid;
+@@ -119,6 +120,9 @@
+ /*
+ * PI-futex support (proxy locking functions, etc.):
+ */
++#define PI_WAKEUP_INPROGRESS ((struct rt_mutex_waiter *) 1)
++#define PI_REQUEUE_INPROGRESS ((struct rt_mutex_waiter *) 2)
++
+ extern struct task_struct *rt_mutex_next_owner(struct rt_mutex *lock);
+ extern void rt_mutex_init_proxy_locked(struct rt_mutex *lock,
+ struct task_struct *proxy_owner);
+@@ -138,4 +142,14 @@
+ # include "rtmutex.h"
+ #endif
+
++static inline void
++rt_mutex_init_waiter(struct rt_mutex_waiter *waiter, bool savestate)
++{
++ debug_rt_mutex_init_waiter(waiter);
++ waiter->task = NULL;
++ waiter->savestate = savestate;
++ RB_CLEAR_NODE(&waiter->pi_tree_entry);
++ RB_CLEAR_NODE(&waiter->tree_entry);
++}
++
+ #endif
+diff -Nur linux-3.18.9.orig/kernel/locking/spinlock.c linux-3.18.9/kernel/locking/spinlock.c
+--- linux-3.18.9.orig/kernel/locking/spinlock.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/locking/spinlock.c 2015-03-15 16:03:03.840094875 -0500
+@@ -124,8 +124,11 @@
+ * __[spin|read|write]_lock_bh()
+ */
+ BUILD_LOCK_OPS(spin, raw_spinlock);
++
++#ifndef CONFIG_PREEMPT_RT_FULL
+ BUILD_LOCK_OPS(read, rwlock);
+ BUILD_LOCK_OPS(write, rwlock);
++#endif
+
+ #endif
+
+@@ -209,6 +212,8 @@
+ EXPORT_SYMBOL(_raw_spin_unlock_bh);
+ #endif
+
++#ifndef CONFIG_PREEMPT_RT_FULL
++
+ #ifndef CONFIG_INLINE_READ_TRYLOCK
+ int __lockfunc _raw_read_trylock(rwlock_t *lock)
+ {
+@@ -353,6 +358,8 @@
+ EXPORT_SYMBOL(_raw_write_unlock_bh);
+ #endif
+
++#endif /* !PREEMPT_RT_FULL */
++
+ #ifdef CONFIG_DEBUG_LOCK_ALLOC
+
+ void __lockfunc _raw_spin_lock_nested(raw_spinlock_t *lock, int subclass)
+diff -Nur linux-3.18.9.orig/kernel/locking/spinlock_debug.c linux-3.18.9/kernel/locking/spinlock_debug.c
+--- linux-3.18.9.orig/kernel/locking/spinlock_debug.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/locking/spinlock_debug.c 2015-03-15 16:03:03.840094875 -0500
+@@ -31,6 +31,7 @@
+
+ EXPORT_SYMBOL(__raw_spin_lock_init);
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ void __rwlock_init(rwlock_t *lock, const char *name,
+ struct lock_class_key *key)
+ {
+@@ -48,6 +49,7 @@
+ }
+
+ EXPORT_SYMBOL(__rwlock_init);
++#endif
+
+ static void spin_dump(raw_spinlock_t *lock, const char *msg)
+ {
+@@ -159,6 +161,7 @@
+ arch_spin_unlock(&lock->raw_lock);
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ static void rwlock_bug(rwlock_t *lock, const char *msg)
+ {
+ if (!debug_locks_off())
+@@ -300,3 +303,5 @@
+ debug_write_unlock(lock);
+ arch_write_unlock(&lock->raw_lock);
+ }
++
++#endif
+diff -Nur linux-3.18.9.orig/kernel/panic.c linux-3.18.9/kernel/panic.c
+--- linux-3.18.9.orig/kernel/panic.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/panic.c 2015-03-15 16:03:03.840094875 -0500
+@@ -384,9 +384,11 @@
+
+ static int init_oops_id(void)
+ {
++#ifndef CONFIG_PREEMPT_RT_FULL
+ if (!oops_id)
+ get_random_bytes(&oops_id, sizeof(oops_id));
+ else
++#endif
+ oops_id++;
+
+ return 0;
+diff -Nur linux-3.18.9.orig/kernel/power/hibernate.c linux-3.18.9/kernel/power/hibernate.c
+--- linux-3.18.9.orig/kernel/power/hibernate.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/power/hibernate.c 2015-03-15 16:03:03.840094875 -0500
+@@ -287,6 +287,8 @@
+
+ local_irq_disable();
+
++ system_state = SYSTEM_SUSPEND;
++
+ error = syscore_suspend();
+ if (error) {
+ printk(KERN_ERR "PM: Some system devices failed to power down, "
+@@ -316,6 +318,7 @@
+ syscore_resume();
+
+ Enable_irqs:
++ system_state = SYSTEM_RUNNING;
+ local_irq_enable();
+
+ Enable_cpus:
+@@ -439,6 +442,7 @@
+ goto Enable_cpus;
+
+ local_irq_disable();
++ system_state = SYSTEM_SUSPEND;
+
+ error = syscore_suspend();
+ if (error)
+@@ -472,6 +476,7 @@
+ syscore_resume();
+
+ Enable_irqs:
++ system_state = SYSTEM_RUNNING;
+ local_irq_enable();
+
+ Enable_cpus:
+@@ -557,6 +562,7 @@
+ goto Platform_finish;
+
+ local_irq_disable();
++ system_state = SYSTEM_SUSPEND;
+ syscore_suspend();
+ if (pm_wakeup_pending()) {
+ error = -EAGAIN;
+@@ -569,6 +575,7 @@
+
+ Power_up:
+ syscore_resume();
++ system_state = SYSTEM_RUNNING;
+ local_irq_enable();
+ enable_nonboot_cpus();
+
+diff -Nur linux-3.18.9.orig/kernel/power/suspend.c linux-3.18.9/kernel/power/suspend.c
+--- linux-3.18.9.orig/kernel/power/suspend.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/power/suspend.c 2015-03-15 16:03:03.840094875 -0500
+@@ -318,6 +318,8 @@
+ arch_suspend_disable_irqs();
+ BUG_ON(!irqs_disabled());
+
++ system_state = SYSTEM_SUSPEND;
++
+ error = syscore_suspend();
+ if (!error) {
+ *wakeup = pm_wakeup_pending();
+@@ -332,6 +334,8 @@
+ syscore_resume();
+ }
+
++ system_state = SYSTEM_RUNNING;
++
+ arch_suspend_enable_irqs();
+ BUG_ON(irqs_disabled());
+
+diff -Nur linux-3.18.9.orig/kernel/printk/printk.c linux-3.18.9/kernel/printk/printk.c
+--- linux-3.18.9.orig/kernel/printk/printk.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/printk/printk.c 2015-03-15 16:03:03.840094875 -0500
+@@ -1165,6 +1165,7 @@
+ {
+ char *text;
+ int len = 0;
++ int attempts = 0;
+
+ text = kmalloc(LOG_LINE_MAX + PREFIX_MAX, GFP_KERNEL);
+ if (!text)
+@@ -1176,7 +1177,14 @@
+ u64 seq;
+ u32 idx;
+ enum log_flags prev;
+-
++ int num_msg;
++try_again:
++ attempts++;
++ if (attempts > 10) {
++ len = -EBUSY;
++ goto out;
++ }
++ num_msg = 0;
+ if (clear_seq < log_first_seq) {
+ /* messages are gone, move to first available one */
+ clear_seq = log_first_seq;
+@@ -1197,6 +1205,14 @@
+ prev = msg->flags;
+ idx = log_next(idx);
+ seq++;
++ num_msg++;
++ if (num_msg > 5) {
++ num_msg = 0;
++ raw_spin_unlock_irq(&logbuf_lock);
++ raw_spin_lock_irq(&logbuf_lock);
++ if (clear_seq < log_first_seq)
++ goto try_again;
++ }
+ }
+
+ /* move first record forward until length fits into the buffer */
+@@ -1210,6 +1226,14 @@
+ prev = msg->flags;
+ idx = log_next(idx);
+ seq++;
++ num_msg++;
++ if (num_msg > 5) {
++ num_msg = 0;
++ raw_spin_unlock_irq(&logbuf_lock);
++ raw_spin_lock_irq(&logbuf_lock);
++ if (clear_seq < log_first_seq)
++ goto try_again;
++ }
+ }
+
+ /* last message fitting into this dump */
+@@ -1250,6 +1274,7 @@
+ clear_seq = log_next_seq;
+ clear_idx = log_next_idx;
+ }
++out:
+ raw_spin_unlock_irq(&logbuf_lock);
+
+ kfree(text);
+@@ -1407,6 +1432,7 @@
+ if (!console_drivers)
+ return;
+
++ migrate_disable();
+ for_each_console(con) {
+ if (exclusive_console && con != exclusive_console)
+ continue;
+@@ -1419,6 +1445,7 @@
+ continue;
+ con->write(con, text, len);
+ }
++ migrate_enable();
+ }
+
+ /*
+@@ -1479,6 +1506,15 @@
+ static int console_trylock_for_printk(void)
+ {
+ unsigned int cpu = smp_processor_id();
++#ifdef CONFIG_PREEMPT_RT_FULL
++ int lock = !early_boot_irqs_disabled && (preempt_count() == 0) &&
++ !irqs_disabled();
++#else
++ int lock = 1;
++#endif
++
++ if (!lock)
++ return 0;
+
+ if (!console_trylock())
+ return 0;
+@@ -1613,6 +1649,62 @@
+ return textlen;
+ }
+
++#ifdef CONFIG_EARLY_PRINTK
++struct console *early_console;
++
++void early_vprintk(const char *fmt, va_list ap)
++{
++ if (early_console) {
++ char buf[512];
++ int n = vscnprintf(buf, sizeof(buf), fmt, ap);
++
++ early_console->write(early_console, buf, n);
++ }
++}
++
++asmlinkage void early_printk(const char *fmt, ...)
++{
++ va_list ap;
++
++ va_start(ap, fmt);
++ early_vprintk(fmt, ap);
++ va_end(ap);
++}
++
++/*
++ * This is independent of any log levels - a global
++ * kill switch that turns off all of printk.
++ *
++ * Used by the NMI watchdog if early-printk is enabled.
++ */
++static bool __read_mostly printk_killswitch;
++
++static int __init force_early_printk_setup(char *str)
++{
++ printk_killswitch = true;
++ return 0;
++}
++early_param("force_early_printk", force_early_printk_setup);
++
++void printk_kill(void)
++{
++ printk_killswitch = true;
++}
++
++static int forced_early_printk(const char *fmt, va_list ap)
++{
++ if (!printk_killswitch)
++ return 0;
++ early_vprintk(fmt, ap);
++ return 1;
++}
++#else
++static inline int forced_early_printk(const char *fmt, va_list ap)
++{
++ return 0;
++}
++#endif
++
+ asmlinkage int vprintk_emit(int facility, int level,
+ const char *dict, size_t dictlen,
+ const char *fmt, va_list args)
+@@ -1629,6 +1721,13 @@
+ /* cpu currently holding logbuf_lock in this function */
+ static volatile unsigned int logbuf_cpu = UINT_MAX;
+
++ /*
++ * Fall back to early_printk if a debugging subsystem has
++ * killed printk output
++ */
++ if (unlikely(forced_early_printk(fmt, args)))
++ return 1;
++
+ if (level == SCHED_MESSAGE_LOGLEVEL) {
+ level = -1;
+ in_sched = true;
+@@ -1769,8 +1868,7 @@
+ * console_sem which would prevent anyone from printing to
+ * console
+ */
+- preempt_disable();
+-
++ migrate_disable();
+ /*
+ * Try to acquire and then immediately release the console
+ * semaphore. The release will print out buffers and wake up
+@@ -1778,7 +1876,7 @@
+ */
+ if (console_trylock_for_printk())
+ console_unlock();
+- preempt_enable();
++ migrate_enable();
+ lockdep_on();
+ }
+
+@@ -1878,29 +1976,6 @@
+
+ #endif /* CONFIG_PRINTK */
+
+-#ifdef CONFIG_EARLY_PRINTK
+-struct console *early_console;
+-
+-void early_vprintk(const char *fmt, va_list ap)
+-{
+- if (early_console) {
+- char buf[512];
+- int n = vscnprintf(buf, sizeof(buf), fmt, ap);
+-
+- early_console->write(early_console, buf, n);
+- }
+-}
+-
+-asmlinkage __visible void early_printk(const char *fmt, ...)
+-{
+- va_list ap;
+-
+- va_start(ap, fmt);
+- early_vprintk(fmt, ap);
+- va_end(ap);
+-}
+-#endif
+-
+ static int __add_preferred_console(char *name, int idx, char *options,
+ char *brl_options)
+ {
+@@ -2140,11 +2215,16 @@
+ goto out;
+
+ len = cont_print_text(text, size);
++#ifndef CONFIG_PREEMPT_RT_FULL
+ raw_spin_unlock(&logbuf_lock);
+ stop_critical_timings();
+ call_console_drivers(cont.level, text, len);
+ start_critical_timings();
+ local_irq_restore(flags);
++#else
++ raw_spin_unlock_irqrestore(&logbuf_lock, flags);
++ call_console_drivers(cont.level, text, len);
++#endif
+ return;
+ out:
+ raw_spin_unlock_irqrestore(&logbuf_lock, flags);
+@@ -2232,12 +2312,17 @@
+ console_idx = log_next(console_idx);
+ console_seq++;
+ console_prev = msg->flags;
++#ifdef CONFIG_PREEMPT_RT_FULL
++ raw_spin_unlock_irqrestore(&logbuf_lock, flags);
++ call_console_drivers(level, text, len);
++#else
+ raw_spin_unlock(&logbuf_lock);
+
+ stop_critical_timings(); /* don't trace print latency */
+ call_console_drivers(level, text, len);
+ start_critical_timings();
+ local_irq_restore(flags);
++#endif
+ }
+ console_locked = 0;
+
+diff -Nur linux-3.18.9.orig/kernel/ptrace.c linux-3.18.9/kernel/ptrace.c
+--- linux-3.18.9.orig/kernel/ptrace.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/ptrace.c 2015-03-15 16:03:03.840094875 -0500
+@@ -129,7 +129,12 @@
+
+ spin_lock_irq(&task->sighand->siglock);
+ if (task_is_traced(task) && !__fatal_signal_pending(task)) {
+- task->state = __TASK_TRACED;
++ raw_spin_lock_irq(&task->pi_lock);
++ if (task->state & __TASK_TRACED)
++ task->state = __TASK_TRACED;
++ else
++ task->saved_state = __TASK_TRACED;
++ raw_spin_unlock_irq(&task->pi_lock);
+ ret = true;
+ }
+ spin_unlock_irq(&task->sighand->siglock);
+diff -Nur linux-3.18.9.orig/kernel/rcu/tiny.c linux-3.18.9/kernel/rcu/tiny.c
+--- linux-3.18.9.orig/kernel/rcu/tiny.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/rcu/tiny.c 2015-03-15 16:03:03.840094875 -0500
+@@ -370,6 +370,7 @@
+ }
+ EXPORT_SYMBOL_GPL(call_rcu_sched);
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ /*
+ * Post an RCU bottom-half callback to be invoked after any subsequent
+ * quiescent state.
+@@ -379,6 +380,7 @@
+ __call_rcu(head, func, &rcu_bh_ctrlblk);
+ }
+ EXPORT_SYMBOL_GPL(call_rcu_bh);
++#endif
+
+ void rcu_init(void)
+ {
+diff -Nur linux-3.18.9.orig/kernel/rcu/tree.c linux-3.18.9/kernel/rcu/tree.c
+--- linux-3.18.9.orig/kernel/rcu/tree.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/rcu/tree.c 2015-03-15 16:03:03.840094875 -0500
+@@ -56,6 +56,11 @@
+ #include <linux/random.h>
+ #include <linux/ftrace_event.h>
+ #include <linux/suspend.h>
++#include <linux/delay.h>
++#include <linux/gfp.h>
++#include <linux/oom.h>
++#include <linux/smpboot.h>
++#include "../time/tick-internal.h"
+
+ #include "tree.h"
+ #include "rcu.h"
+@@ -152,8 +157,6 @@
+ */
+ static int rcu_scheduler_fully_active __read_mostly;
+
+-#ifdef CONFIG_RCU_BOOST
+-
+ /*
+ * Control variables for per-CPU and per-rcu_node kthreads. These
+ * handle all flavors of RCU.
+@@ -163,8 +166,6 @@
+ DEFINE_PER_CPU(unsigned int, rcu_cpu_kthread_loops);
+ DEFINE_PER_CPU(char, rcu_cpu_has_work);
+
+-#endif /* #ifdef CONFIG_RCU_BOOST */
+-
+ static void rcu_boost_kthread_setaffinity(struct rcu_node *rnp, int outgoingcpu);
+ static void invoke_rcu_core(void);
+ static void invoke_rcu_callbacks(struct rcu_state *rsp, struct rcu_data *rdp);
+@@ -207,6 +208,19 @@
+ }
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++static void rcu_preempt_qs(void);
++
++void rcu_bh_qs(void)
++{
++ unsigned long flags;
++
++ /* Callers to this function, rcu_preempt_qs(), must disable irqs. */
++ local_irq_save(flags);
++ rcu_preempt_qs();
++ local_irq_restore(flags);
++}
++#else
+ void rcu_bh_qs(void)
+ {
+ if (!__this_cpu_read(rcu_bh_data.passed_quiesce)) {
+@@ -216,6 +230,7 @@
+ __this_cpu_write(rcu_bh_data.passed_quiesce, 1);
+ }
+ }
++#endif
+
+ static DEFINE_PER_CPU(int, rcu_sched_qs_mask);
+
+@@ -336,6 +351,7 @@
+ }
+ EXPORT_SYMBOL_GPL(rcu_batches_completed_sched);
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ /*
+ * Return the number of RCU BH batches processed thus far for debug & stats.
+ */
+@@ -362,6 +378,7 @@
+ force_quiescent_state(&rcu_bh_state);
+ }
+ EXPORT_SYMBOL_GPL(rcu_bh_force_quiescent_state);
++#endif
+
+ /*
+ * Show the state of the grace-period kthreads.
+@@ -1411,7 +1428,7 @@
+ !ACCESS_ONCE(rsp->gp_flags) ||
+ !rsp->gp_kthread)
+ return;
+- wake_up(&rsp->gp_wq);
++ swait_wake(&rsp->gp_wq);
+ }
+
+ /*
+@@ -1793,7 +1810,7 @@
+ ACCESS_ONCE(rsp->gpnum),
+ TPS("reqwait"));
+ rsp->gp_state = RCU_GP_WAIT_GPS;
+- wait_event_interruptible(rsp->gp_wq,
++ swait_event_interruptible(rsp->gp_wq,
+ ACCESS_ONCE(rsp->gp_flags) &
+ RCU_GP_FLAG_INIT);
+ /* Locking provides needed memory barrier. */
+@@ -1821,7 +1838,7 @@
+ ACCESS_ONCE(rsp->gpnum),
+ TPS("fqswait"));
+ rsp->gp_state = RCU_GP_WAIT_FQS;
+- ret = wait_event_interruptible_timeout(rsp->gp_wq,
++ ret = swait_event_interruptible_timeout(rsp->gp_wq,
+ ((gf = ACCESS_ONCE(rsp->gp_flags)) &
+ RCU_GP_FLAG_FQS) ||
+ (!ACCESS_ONCE(rnp->qsmask) &&
+@@ -2565,16 +2582,14 @@
+ /*
+ * Do RCU core processing for the current CPU.
+ */
+-static void rcu_process_callbacks(struct softirq_action *unused)
++static void rcu_process_callbacks(void)
+ {
+ struct rcu_state *rsp;
+
+ if (cpu_is_offline(smp_processor_id()))
+ return;
+- trace_rcu_utilization(TPS("Start RCU core"));
+ for_each_rcu_flavor(rsp)
+ __rcu_process_callbacks(rsp);
+- trace_rcu_utilization(TPS("End RCU core"));
+ }
+
+ /*
+@@ -2588,18 +2603,105 @@
+ {
+ if (unlikely(!ACCESS_ONCE(rcu_scheduler_fully_active)))
+ return;
+- if (likely(!rsp->boost)) {
+- rcu_do_batch(rsp, rdp);
++ rcu_do_batch(rsp, rdp);
++}
++
++static void rcu_wake_cond(struct task_struct *t, int status)
++{
++ /*
++ * If the thread is yielding, only wake it when this
++ * is invoked from idle
++ */
++ if (t && (status != RCU_KTHREAD_YIELDING || is_idle_task(current)))
++ wake_up_process(t);
++}
++
++/*
++ * Wake up this CPU's rcuc kthread to do RCU core processing.
++ */
++static void invoke_rcu_core(void)
++{
++ unsigned long flags;
++ struct task_struct *t;
++
++ if (!cpu_online(smp_processor_id()))
+ return;
++ local_irq_save(flags);
++ __this_cpu_write(rcu_cpu_has_work, 1);
++ t = __this_cpu_read(rcu_cpu_kthread_task);
++ if (t != NULL && current != t)
++ rcu_wake_cond(t, __this_cpu_read(rcu_cpu_kthread_status));
++ local_irq_restore(flags);
++}
++
++static void rcu_cpu_kthread_park(unsigned int cpu)
++{
++ per_cpu(rcu_cpu_kthread_status, cpu) = RCU_KTHREAD_OFFCPU;
++}
++
++static int rcu_cpu_kthread_should_run(unsigned int cpu)
++{
++ return __this_cpu_read(rcu_cpu_has_work);
++}
++
++/*
++ * Per-CPU kernel thread that invokes RCU callbacks. This replaces the
++ * RCU softirq used in flavors and configurations of RCU that do not
++ * support RCU priority boosting.
++ */
++static void rcu_cpu_kthread(unsigned int cpu)
++{
++ unsigned int *statusp = &__get_cpu_var(rcu_cpu_kthread_status);
++ char work, *workp = &__get_cpu_var(rcu_cpu_has_work);
++ int spincnt;
++
++ for (spincnt = 0; spincnt < 10; spincnt++) {
++ trace_rcu_utilization(TPS("Start CPU kthread@rcu_wait"));
++ local_bh_disable();
++ *statusp = RCU_KTHREAD_RUNNING;
++ this_cpu_inc(rcu_cpu_kthread_loops);
++ local_irq_disable();
++ work = *workp;
++ *workp = 0;
++ local_irq_enable();
++ if (work)
++ rcu_process_callbacks();
++ local_bh_enable();
++ if (*workp == 0) {
++ trace_rcu_utilization(TPS("End CPU kthread@rcu_wait"));
++ *statusp = RCU_KTHREAD_WAITING;
++ return;
++ }
+ }
+- invoke_rcu_callbacks_kthread();
++ *statusp = RCU_KTHREAD_YIELDING;
++ trace_rcu_utilization(TPS("Start CPU kthread@rcu_yield"));
++ schedule_timeout_interruptible(2);
++ trace_rcu_utilization(TPS("End CPU kthread@rcu_yield"));
++ *statusp = RCU_KTHREAD_WAITING;
+ }
+
+-static void invoke_rcu_core(void)
++static struct smp_hotplug_thread rcu_cpu_thread_spec = {
++ .store = &rcu_cpu_kthread_task,
++ .thread_should_run = rcu_cpu_kthread_should_run,
++ .thread_fn = rcu_cpu_kthread,
++ .thread_comm = "rcuc/%u",
++ .setup = rcu_cpu_kthread_setup,
++ .park = rcu_cpu_kthread_park,
++};
++
++/*
++ * Spawn per-CPU RCU core processing kthreads.
++ */
++static int __init rcu_spawn_core_kthreads(void)
+ {
+- if (cpu_online(smp_processor_id()))
+- raise_softirq(RCU_SOFTIRQ);
++ int cpu;
++
++ for_each_possible_cpu(cpu)
++ per_cpu(rcu_cpu_has_work, cpu) = 0;
++ BUG_ON(smpboot_register_percpu_thread(&rcu_cpu_thread_spec));
++ return 0;
+ }
++early_initcall(rcu_spawn_core_kthreads);
+
+ /*
+ * Handle any core-RCU processing required by a call_rcu() invocation.
+@@ -2734,6 +2836,7 @@
+ }
+ EXPORT_SYMBOL_GPL(call_rcu_sched);
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ /*
+ * Queue an RCU callback for invocation after a quicker grace period.
+ */
+@@ -2742,6 +2845,7 @@
+ __call_rcu(head, func, &rcu_bh_state, -1, 0);
+ }
+ EXPORT_SYMBOL_GPL(call_rcu_bh);
++#endif
+
+ /*
+ * Queue an RCU callback for lazy invocation after a grace period.
+@@ -2833,6 +2937,7 @@
+ }
+ EXPORT_SYMBOL_GPL(synchronize_sched);
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ /**
+ * synchronize_rcu_bh - wait until an rcu_bh grace period has elapsed.
+ *
+@@ -2859,6 +2964,7 @@
+ wait_rcu_gp(call_rcu_bh);
+ }
+ EXPORT_SYMBOL_GPL(synchronize_rcu_bh);
++#endif
+
+ /**
+ * get_state_synchronize_rcu - Snapshot current RCU state
+@@ -3341,6 +3447,7 @@
+ mutex_unlock(&rsp->barrier_mutex);
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ /**
+ * rcu_barrier_bh - Wait until all in-flight call_rcu_bh() callbacks complete.
+ */
+@@ -3349,6 +3456,7 @@
+ _rcu_barrier(&rcu_bh_state);
+ }
+ EXPORT_SYMBOL_GPL(rcu_barrier_bh);
++#endif
+
+ /**
+ * rcu_barrier_sched - Wait for in-flight call_rcu_sched() callbacks.
+@@ -3658,7 +3766,7 @@
+ }
+
+ rsp->rda = rda;
+- init_waitqueue_head(&rsp->gp_wq);
++ init_swait_head(&rsp->gp_wq);
+ rnp = rsp->level[rcu_num_lvls - 1];
+ for_each_possible_cpu(i) {
+ while (i > rnp->grphi)
+@@ -3755,7 +3863,6 @@
+ rcu_init_one(&rcu_bh_state, &rcu_bh_data);
+ rcu_init_one(&rcu_sched_state, &rcu_sched_data);
+ __rcu_init_preempt();
+- open_softirq(RCU_SOFTIRQ, rcu_process_callbacks);
+
+ /*
+ * We don't need protection against CPU-hotplug here because
+diff -Nur linux-3.18.9.orig/kernel/rcu/tree.h linux-3.18.9/kernel/rcu/tree.h
+--- linux-3.18.9.orig/kernel/rcu/tree.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/rcu/tree.h 2015-03-15 16:03:03.840094875 -0500
+@@ -28,6 +28,7 @@
+ #include <linux/cpumask.h>
+ #include <linux/seqlock.h>
+ #include <linux/irq_work.h>
++#include <linux/wait-simple.h>
+
+ /*
+ * Define shape of hierarchy based on NR_CPUS, CONFIG_RCU_FANOUT, and
+@@ -208,7 +209,7 @@
+ /* This can happen due to race conditions. */
+ #endif /* #ifdef CONFIG_RCU_BOOST */
+ #ifdef CONFIG_RCU_NOCB_CPU
+- wait_queue_head_t nocb_gp_wq[2];
++ struct swait_head nocb_gp_wq[2];
+ /* Place for rcu_nocb_kthread() to wait GP. */
+ #endif /* #ifdef CONFIG_RCU_NOCB_CPU */
+ int need_future_gp[2];
+@@ -348,7 +349,7 @@
+ atomic_long_t nocb_follower_count_lazy; /* (approximate). */
+ int nocb_p_count; /* # CBs being invoked by kthread */
+ int nocb_p_count_lazy; /* (approximate). */
+- wait_queue_head_t nocb_wq; /* For nocb kthreads to sleep on. */
++ struct swait_head nocb_wq; /* For nocb kthreads to sleep on. */
+ struct task_struct *nocb_kthread;
+ int nocb_defer_wakeup; /* Defer wakeup of nocb_kthread. */
+
+@@ -439,7 +440,7 @@
+ unsigned long gpnum; /* Current gp number. */
+ unsigned long completed; /* # of last completed gp. */
+ struct task_struct *gp_kthread; /* Task for grace periods. */
+- wait_queue_head_t gp_wq; /* Where GP task waits. */
++ struct swait_head gp_wq; /* Where GP task waits. */
+ short gp_flags; /* Commands for GP task. */
+ short gp_state; /* GP kthread sleep state. */
+
+@@ -570,10 +571,9 @@
+ static void __init __rcu_init_preempt(void);
+ static void rcu_initiate_boost(struct rcu_node *rnp, unsigned long flags);
+ static void rcu_preempt_boost_start_gp(struct rcu_node *rnp);
+-static void invoke_rcu_callbacks_kthread(void);
+ static bool rcu_is_callbacks_kthread(void);
++static void rcu_cpu_kthread_setup(unsigned int cpu);
+ #ifdef CONFIG_RCU_BOOST
+-static void rcu_preempt_do_callbacks(void);
+ static int rcu_spawn_one_boost_kthread(struct rcu_state *rsp,
+ struct rcu_node *rnp);
+ #endif /* #ifdef CONFIG_RCU_BOOST */
+diff -Nur linux-3.18.9.orig/kernel/rcu/tree_plugin.h linux-3.18.9/kernel/rcu/tree_plugin.h
+--- linux-3.18.9.orig/kernel/rcu/tree_plugin.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/rcu/tree_plugin.h 2015-03-15 16:03:03.844094875 -0500
+@@ -24,12 +24,6 @@
+ * Paul E. McKenney <paulmck@linux.vnet.ibm.com>
+ */
+
+-#include <linux/delay.h>
+-#include <linux/gfp.h>
+-#include <linux/oom.h>
+-#include <linux/smpboot.h>
+-#include "../time/tick-internal.h"
+-
+ #define RCU_KTHREAD_PRIO 1
+
+ #ifdef CONFIG_RCU_BOOST
+@@ -335,7 +329,7 @@
+ }
+
+ /* Hardware IRQ handlers cannot block, complain if they get here. */
+- if (WARN_ON_ONCE(in_irq() || in_serving_softirq())) {
++ if (WARN_ON_ONCE(preempt_count() & (HARDIRQ_MASK | SOFTIRQ_OFFSET))) {
+ local_irq_restore(flags);
+ return;
+ }
+@@ -635,15 +629,6 @@
+ t->rcu_read_unlock_special.b.need_qs = true;
+ }
+
+-#ifdef CONFIG_RCU_BOOST
+-
+-static void rcu_preempt_do_callbacks(void)
+-{
+- rcu_do_batch(&rcu_preempt_state, this_cpu_ptr(&rcu_preempt_data));
+-}
+-
+-#endif /* #ifdef CONFIG_RCU_BOOST */
+-
+ /*
+ * Queue a preemptible-RCU callback for invocation after a grace period.
+ */
+@@ -1072,6 +1057,19 @@
+
+ #endif /* #else #ifdef CONFIG_TREE_PREEMPT_RCU */
+
++/*
++ * If boosting, set rcuc kthreads to realtime priority.
++ */
++static void rcu_cpu_kthread_setup(unsigned int cpu)
++{
++#ifdef CONFIG_RCU_BOOST
++ struct sched_param sp;
++
++ sp.sched_priority = RCU_KTHREAD_PRIO;
++ sched_setscheduler_nocheck(current, SCHED_FIFO, &sp);
++#endif /* #ifdef CONFIG_RCU_BOOST */
++}
++
+ #ifdef CONFIG_RCU_BOOST
+
+ #include "../locking/rtmutex_common.h"
+@@ -1103,16 +1101,6 @@
+
+ #endif /* #else #ifdef CONFIG_RCU_TRACE */
+
+-static void rcu_wake_cond(struct task_struct *t, int status)
+-{
+- /*
+- * If the thread is yielding, only wake it when this
+- * is invoked from idle
+- */
+- if (status != RCU_KTHREAD_YIELDING || is_idle_task(current))
+- wake_up_process(t);
+-}
+-
+ /*
+ * Carry out RCU priority boosting on the task indicated by ->exp_tasks
+ * or ->boost_tasks, advancing the pointer to the next task in the
+@@ -1261,23 +1249,6 @@
+ }
+
+ /*
+- * Wake up the per-CPU kthread to invoke RCU callbacks.
+- */
+-static void invoke_rcu_callbacks_kthread(void)
+-{
+- unsigned long flags;
+-
+- local_irq_save(flags);
+- __this_cpu_write(rcu_cpu_has_work, 1);
+- if (__this_cpu_read(rcu_cpu_kthread_task) != NULL &&
+- current != __this_cpu_read(rcu_cpu_kthread_task)) {
+- rcu_wake_cond(__this_cpu_read(rcu_cpu_kthread_task),
+- __this_cpu_read(rcu_cpu_kthread_status));
+- }
+- local_irq_restore(flags);
+-}
+-
+-/*
+ * Is the current CPU running the RCU-callbacks kthread?
+ * Caller must have preemption disabled.
+ */
+@@ -1332,67 +1303,6 @@
+ return 0;
+ }
+
+-static void rcu_kthread_do_work(void)
+-{
+- rcu_do_batch(&rcu_sched_state, this_cpu_ptr(&rcu_sched_data));
+- rcu_do_batch(&rcu_bh_state, this_cpu_ptr(&rcu_bh_data));
+- rcu_preempt_do_callbacks();
+-}
+-
+-static void rcu_cpu_kthread_setup(unsigned int cpu)
+-{
+- struct sched_param sp;
+-
+- sp.sched_priority = RCU_KTHREAD_PRIO;
+- sched_setscheduler_nocheck(current, SCHED_FIFO, &sp);
+-}
+-
+-static void rcu_cpu_kthread_park(unsigned int cpu)
+-{
+- per_cpu(rcu_cpu_kthread_status, cpu) = RCU_KTHREAD_OFFCPU;
+-}
+-
+-static int rcu_cpu_kthread_should_run(unsigned int cpu)
+-{
+- return __this_cpu_read(rcu_cpu_has_work);
+-}
+-
+-/*
+- * Per-CPU kernel thread that invokes RCU callbacks. This replaces the
+- * RCU softirq used in flavors and configurations of RCU that do not
+- * support RCU priority boosting.
+- */
+-static void rcu_cpu_kthread(unsigned int cpu)
+-{
+- unsigned int *statusp = this_cpu_ptr(&rcu_cpu_kthread_status);
+- char work, *workp = this_cpu_ptr(&rcu_cpu_has_work);
+- int spincnt;
+-
+- for (spincnt = 0; spincnt < 10; spincnt++) {
+- trace_rcu_utilization(TPS("Start CPU kthread@rcu_wait"));
+- local_bh_disable();
+- *statusp = RCU_KTHREAD_RUNNING;
+- this_cpu_inc(rcu_cpu_kthread_loops);
+- local_irq_disable();
+- work = *workp;
+- *workp = 0;
+- local_irq_enable();
+- if (work)
+- rcu_kthread_do_work();
+- local_bh_enable();
+- if (*workp == 0) {
+- trace_rcu_utilization(TPS("End CPU kthread@rcu_wait"));
+- *statusp = RCU_KTHREAD_WAITING;
+- return;
+- }
+- }
+- *statusp = RCU_KTHREAD_YIELDING;
+- trace_rcu_utilization(TPS("Start CPU kthread@rcu_yield"));
+- schedule_timeout_interruptible(2);
+- trace_rcu_utilization(TPS("End CPU kthread@rcu_yield"));
+- *statusp = RCU_KTHREAD_WAITING;
+-}
+-
+ /*
+ * Set the per-rcu_node kthread's affinity to cover all CPUs that are
+ * served by the rcu_node in question. The CPU hotplug lock is still
+@@ -1426,26 +1336,13 @@
+ free_cpumask_var(cm);
+ }
+
+-static struct smp_hotplug_thread rcu_cpu_thread_spec = {
+- .store = &rcu_cpu_kthread_task,
+- .thread_should_run = rcu_cpu_kthread_should_run,
+- .thread_fn = rcu_cpu_kthread,
+- .thread_comm = "rcuc/%u",
+- .setup = rcu_cpu_kthread_setup,
+- .park = rcu_cpu_kthread_park,
+-};
+-
+ /*
+ * Spawn boost kthreads -- called as soon as the scheduler is running.
+ */
+ static void __init rcu_spawn_boost_kthreads(void)
+ {
+ struct rcu_node *rnp;
+- int cpu;
+
+- for_each_possible_cpu(cpu)
+- per_cpu(rcu_cpu_has_work, cpu) = 0;
+- BUG_ON(smpboot_register_percpu_thread(&rcu_cpu_thread_spec));
+ rnp = rcu_get_root(rcu_state_p);
+ (void)rcu_spawn_one_boost_kthread(rcu_state_p, rnp);
+ if (NUM_RCU_NODES > 1) {
+@@ -1472,11 +1369,6 @@
+ raw_spin_unlock_irqrestore(&rnp->lock, flags);
+ }
+
+-static void invoke_rcu_callbacks_kthread(void)
+-{
+- WARN_ON_ONCE(1);
+-}
+-
+ static bool rcu_is_callbacks_kthread(void)
+ {
+ return false;
+@@ -1500,7 +1392,7 @@
+
+ #endif /* #else #ifdef CONFIG_RCU_BOOST */
+
+-#if !defined(CONFIG_RCU_FAST_NO_HZ)
++#if !defined(CONFIG_RCU_FAST_NO_HZ) || defined(CONFIG_PREEMPT_RT_FULL)
+
+ /*
+ * Check to see if any future RCU-related work will need to be done
+@@ -1518,7 +1410,9 @@
+ return rcu_cpu_has_callbacks(cpu, NULL);
+ }
+ #endif /* #ifndef CONFIG_RCU_NOCB_CPU_ALL */
++#endif /* !defined(CONFIG_RCU_FAST_NO_HZ) || defined(CONFIG_PREEMPT_RT_FULL) */
+
++#if !defined(CONFIG_RCU_FAST_NO_HZ)
+ /*
+ * Because we do not have RCU_FAST_NO_HZ, don't bother cleaning up
+ * after it.
+@@ -1615,6 +1509,8 @@
+ return cbs_ready;
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
++
+ /*
+ * Allow the CPU to enter dyntick-idle mode unless it has callbacks ready
+ * to invoke. If the CPU has callbacks, try to advance them. Tell the
+@@ -1655,7 +1551,7 @@
+ return 0;
+ }
+ #endif /* #ifndef CONFIG_RCU_NOCB_CPU_ALL */
+-
++#endif /* #ifndef CONFIG_PREEMPT_RT_FULL */
+ /*
+ * Prepare a CPU for idle from an RCU perspective. The first major task
+ * is to sense whether nohz mode has been enabled or disabled via sysfs.
+@@ -2001,7 +1897,7 @@
+ */
+ static void rcu_nocb_gp_cleanup(struct rcu_state *rsp, struct rcu_node *rnp)
+ {
+- wake_up_all(&rnp->nocb_gp_wq[rnp->completed & 0x1]);
++ swait_wake_all(&rnp->nocb_gp_wq[rnp->completed & 0x1]);
+ }
+
+ /*
+@@ -2019,8 +1915,8 @@
+
+ static void rcu_init_one_nocb(struct rcu_node *rnp)
+ {
+- init_waitqueue_head(&rnp->nocb_gp_wq[0]);
+- init_waitqueue_head(&rnp->nocb_gp_wq[1]);
++ init_swait_head(&rnp->nocb_gp_wq[0]);
++ init_swait_head(&rnp->nocb_gp_wq[1]);
+ }
+
+ #ifndef CONFIG_RCU_NOCB_CPU_ALL
+@@ -2045,7 +1941,7 @@
+ if (ACCESS_ONCE(rdp_leader->nocb_leader_sleep) || force) {
+ /* Prior smp_mb__after_atomic() orders against prior enqueue. */
+ ACCESS_ONCE(rdp_leader->nocb_leader_sleep) = false;
+- wake_up(&rdp_leader->nocb_wq);
++ swait_wake(&rdp_leader->nocb_wq);
+ }
+ }
+
+@@ -2238,7 +2134,7 @@
+ */
+ trace_rcu_future_gp(rnp, rdp, c, TPS("StartWait"));
+ for (;;) {
+- wait_event_interruptible(
++ swait_event_interruptible(
+ rnp->nocb_gp_wq[c & 0x1],
+ (d = ULONG_CMP_GE(ACCESS_ONCE(rnp->completed), c)));
+ if (likely(d))
+@@ -2266,7 +2162,7 @@
+ /* Wait for callbacks to appear. */
+ if (!rcu_nocb_poll) {
+ trace_rcu_nocb_wake(my_rdp->rsp->name, my_rdp->cpu, "Sleep");
+- wait_event_interruptible(my_rdp->nocb_wq,
++ swait_event_interruptible(my_rdp->nocb_wq,
+ !ACCESS_ONCE(my_rdp->nocb_leader_sleep));
+ /* Memory barrier handled by smp_mb() calls below and repoll. */
+ } else if (firsttime) {
+@@ -2347,7 +2243,7 @@
+ * List was empty, wake up the follower.
+ * Memory barriers supplied by atomic_long_add().
+ */
+- wake_up(&rdp->nocb_wq);
++ swait_wake(&rdp->nocb_wq);
+ }
+ }
+
+@@ -2368,7 +2264,7 @@
+ if (!rcu_nocb_poll) {
+ trace_rcu_nocb_wake(rdp->rsp->name, rdp->cpu,
+ "FollowerSleep");
+- wait_event_interruptible(rdp->nocb_wq,
++ swait_event_interruptible(rdp->nocb_wq,
+ ACCESS_ONCE(rdp->nocb_follower_head));
+ } else if (firsttime) {
+ /* Don't drown trace log with "Poll"! */
+@@ -2539,7 +2435,7 @@
+ static void __init rcu_boot_init_nocb_percpu_data(struct rcu_data *rdp)
+ {
+ rdp->nocb_tail = &rdp->nocb_head;
+- init_waitqueue_head(&rdp->nocb_wq);
++ init_swait_head(&rdp->nocb_wq);
+ rdp->nocb_follower_tail = &rdp->nocb_follower_head;
+ }
+
+diff -Nur linux-3.18.9.orig/kernel/rcu/update.c linux-3.18.9/kernel/rcu/update.c
+--- linux-3.18.9.orig/kernel/rcu/update.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/rcu/update.c 2015-03-15 16:03:03.844094875 -0500
+@@ -170,6 +170,7 @@
+ }
+ EXPORT_SYMBOL_GPL(rcu_read_lock_held);
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ /**
+ * rcu_read_lock_bh_held() - might we be in RCU-bh read-side critical section?
+ *
+@@ -196,6 +197,7 @@
+ return in_softirq() || irqs_disabled();
+ }
+ EXPORT_SYMBOL_GPL(rcu_read_lock_bh_held);
++#endif
+
+ #endif /* #ifdef CONFIG_DEBUG_LOCK_ALLOC */
+
+diff -Nur linux-3.18.9.orig/kernel/relay.c linux-3.18.9/kernel/relay.c
+--- linux-3.18.9.orig/kernel/relay.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/relay.c 2015-03-15 16:03:03.844094875 -0500
+@@ -339,6 +339,10 @@
+ {
+ struct rchan_buf *buf = (struct rchan_buf *)data;
+ wake_up_interruptible(&buf->read_wait);
++ /*
++ * Stupid polling for now:
++ */
++ mod_timer(&buf->timer, jiffies + 1);
+ }
+
+ /**
+@@ -356,6 +360,7 @@
+ init_waitqueue_head(&buf->read_wait);
+ kref_init(&buf->kref);
+ setup_timer(&buf->timer, wakeup_readers, (unsigned long)buf);
++ mod_timer(&buf->timer, jiffies + 1);
+ } else
+ del_timer_sync(&buf->timer);
+
+@@ -739,15 +744,6 @@
+ else
+ buf->early_bytes += buf->chan->subbuf_size -
+ buf->padding[old_subbuf];
+- smp_mb();
+- if (waitqueue_active(&buf->read_wait))
+- /*
+- * Calling wake_up_interruptible() from here
+- * will deadlock if we happen to be logging
+- * from the scheduler (trying to re-grab
+- * rq->lock), so defer it.
+- */
+- mod_timer(&buf->timer, jiffies + 1);
+ }
+
+ old = buf->data;
+diff -Nur linux-3.18.9.orig/kernel/res_counter.c linux-3.18.9/kernel/res_counter.c
+--- linux-3.18.9.orig/kernel/res_counter.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/res_counter.c 2015-03-15 16:03:03.844094875 -0500
+@@ -59,7 +59,7 @@
+
+ r = ret = 0;
+ *limit_fail_at = NULL;
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ for (c = counter; c != NULL; c = c->parent) {
+ spin_lock(&c->lock);
+ r = res_counter_charge_locked(c, val, force);
+@@ -79,7 +79,7 @@
+ spin_unlock(&u->lock);
+ }
+ }
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+
+ return ret;
+ }
+@@ -104,7 +104,7 @@
+ struct res_counter *c;
+ u64 ret = 0;
+
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ for (c = counter; c != top; c = c->parent) {
+ u64 r;
+ spin_lock(&c->lock);
+@@ -113,7 +113,7 @@
+ ret = r;
+ spin_unlock(&c->lock);
+ }
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ return ret;
+ }
+
+diff -Nur linux-3.18.9.orig/kernel/sched/completion.c linux-3.18.9/kernel/sched/completion.c
+--- linux-3.18.9.orig/kernel/sched/completion.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/sched/completion.c 2015-03-15 16:03:03.844094875 -0500
+@@ -30,10 +30,10 @@
+ {
+ unsigned long flags;
+
+- spin_lock_irqsave(&x->wait.lock, flags);
++ raw_spin_lock_irqsave(&x->wait.lock, flags);
+ x->done++;
+- __wake_up_locked(&x->wait, TASK_NORMAL, 1);
+- spin_unlock_irqrestore(&x->wait.lock, flags);
++ __swait_wake_locked(&x->wait, TASK_NORMAL, 1);
++ raw_spin_unlock_irqrestore(&x->wait.lock, flags);
+ }
+ EXPORT_SYMBOL(complete);
+
+@@ -50,10 +50,10 @@
+ {
+ unsigned long flags;
+
+- spin_lock_irqsave(&x->wait.lock, flags);
++ raw_spin_lock_irqsave(&x->wait.lock, flags);
+ x->done += UINT_MAX/2;
+- __wake_up_locked(&x->wait, TASK_NORMAL, 0);
+- spin_unlock_irqrestore(&x->wait.lock, flags);
++ __swait_wake_locked(&x->wait, TASK_NORMAL, 0);
++ raw_spin_unlock_irqrestore(&x->wait.lock, flags);
+ }
+ EXPORT_SYMBOL(complete_all);
+
+@@ -62,20 +62,20 @@
+ long (*action)(long), long timeout, int state)
+ {
+ if (!x->done) {
+- DECLARE_WAITQUEUE(wait, current);
++ DEFINE_SWAITER(wait);
+
+- __add_wait_queue_tail_exclusive(&x->wait, &wait);
++ swait_prepare_locked(&x->wait, &wait);
+ do {
+ if (signal_pending_state(state, current)) {
+ timeout = -ERESTARTSYS;
+ break;
+ }
+ __set_current_state(state);
+- spin_unlock_irq(&x->wait.lock);
++ raw_spin_unlock_irq(&x->wait.lock);
+ timeout = action(timeout);
+- spin_lock_irq(&x->wait.lock);
++ raw_spin_lock_irq(&x->wait.lock);
+ } while (!x->done && timeout);
+- __remove_wait_queue(&x->wait, &wait);
++ swait_finish_locked(&x->wait, &wait);
+ if (!x->done)
+ return timeout;
+ }
+@@ -89,9 +89,9 @@
+ {
+ might_sleep();
+
+- spin_lock_irq(&x->wait.lock);
++ raw_spin_lock_irq(&x->wait.lock);
+ timeout = do_wait_for_common(x, action, timeout, state);
+- spin_unlock_irq(&x->wait.lock);
++ raw_spin_unlock_irq(&x->wait.lock);
+ return timeout;
+ }
+
+@@ -267,12 +267,12 @@
+ unsigned long flags;
+ int ret = 1;
+
+- spin_lock_irqsave(&x->wait.lock, flags);
++ raw_spin_lock_irqsave(&x->wait.lock, flags);
+ if (!x->done)
+ ret = 0;
+ else
+ x->done--;
+- spin_unlock_irqrestore(&x->wait.lock, flags);
++ raw_spin_unlock_irqrestore(&x->wait.lock, flags);
+ return ret;
+ }
+ EXPORT_SYMBOL(try_wait_for_completion);
+@@ -290,10 +290,10 @@
+ unsigned long flags;
+ int ret = 1;
+
+- spin_lock_irqsave(&x->wait.lock, flags);
++ raw_spin_lock_irqsave(&x->wait.lock, flags);
+ if (!x->done)
+ ret = 0;
+- spin_unlock_irqrestore(&x->wait.lock, flags);
++ raw_spin_unlock_irqrestore(&x->wait.lock, flags);
+ return ret;
+ }
+ EXPORT_SYMBOL(completion_done);
+diff -Nur linux-3.18.9.orig/kernel/sched/core.c linux-3.18.9/kernel/sched/core.c
+--- linux-3.18.9.orig/kernel/sched/core.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/sched/core.c 2015-03-15 16:03:03.844094875 -0500
+@@ -280,7 +280,11 @@
+ * Number of tasks to iterate in a single balance run.
+ * Limited because this is done with IRQs disabled.
+ */
++#ifndef CONFIG_PREEMPT_RT_FULL
+ const_debug unsigned int sysctl_sched_nr_migrate = 32;
++#else
++const_debug unsigned int sysctl_sched_nr_migrate = 8;
++#endif
+
+ /*
+ * period over which we average the RT time consumption, measured
+@@ -511,6 +515,7 @@
+
+ hrtimer_init(&rq->hrtick_timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL);
+ rq->hrtick_timer.function = hrtick;
++ rq->hrtick_timer.irqsafe = 1;
+ }
+ #else /* CONFIG_SCHED_HRTICK */
+ static inline void hrtick_clear(struct rq *rq)
+@@ -622,6 +627,38 @@
+ trace_sched_wake_idle_without_ipi(cpu);
+ }
+
++#ifdef CONFIG_PREEMPT_LAZY
++void resched_curr_lazy(struct rq *rq)
++{
++ struct task_struct *curr = rq->curr;
++ int cpu;
++
++ if (!sched_feat(PREEMPT_LAZY)) {
++ resched_curr(rq);
++ return;
++ }
++
++ lockdep_assert_held(&rq->lock);
++
++ if (test_tsk_need_resched(curr))
++ return;
++
++ if (test_tsk_need_resched_lazy(curr))
++ return;
++
++ set_tsk_need_resched_lazy(curr);
++
++ cpu = cpu_of(rq);
++ if (cpu == smp_processor_id())
++ return;
++
++ /* NEED_RESCHED_LAZY must be visible before we test polling */
++ smp_mb();
++ if (!tsk_is_polling(curr))
++ smp_send_reschedule(cpu);
++}
++#endif
++
+ void resched_cpu(int cpu)
+ {
+ struct rq *rq = cpu_rq(cpu);
+@@ -645,12 +682,14 @@
+ */
+ int get_nohz_timer_target(int pinned)
+ {
+- int cpu = smp_processor_id();
++ int cpu;
+ int i;
+ struct sched_domain *sd;
+
++ preempt_disable_rt();
++ cpu = smp_processor_id();
+ if (pinned || !get_sysctl_timer_migration() || !idle_cpu(cpu))
+- return cpu;
++ goto preempt_en_rt;
+
+ rcu_read_lock();
+ for_each_domain(cpu, sd) {
+@@ -663,6 +702,8 @@
+ }
+ unlock:
+ rcu_read_unlock();
++preempt_en_rt:
++ preempt_enable_rt();
+ return cpu;
+ }
+ /*
+@@ -1193,6 +1234,18 @@
+
+ static int migration_cpu_stop(void *data);
+
++static bool check_task_state(struct task_struct *p, long match_state)
++{
++ bool match = false;
++
++ raw_spin_lock_irq(&p->pi_lock);
++ if (p->state == match_state || p->saved_state == match_state)
++ match = true;
++ raw_spin_unlock_irq(&p->pi_lock);
++
++ return match;
++}
++
+ /*
+ * wait_task_inactive - wait for a thread to unschedule.
+ *
+@@ -1237,7 +1290,7 @@
+ * is actually now running somewhere else!
+ */
+ while (task_running(rq, p)) {
+- if (match_state && unlikely(p->state != match_state))
++ if (match_state && !check_task_state(p, match_state))
+ return 0;
+ cpu_relax();
+ }
+@@ -1252,7 +1305,8 @@
+ running = task_running(rq, p);
+ queued = task_on_rq_queued(p);
+ ncsw = 0;
+- if (!match_state || p->state == match_state)
++ if (!match_state || p->state == match_state ||
++ p->saved_state == match_state)
+ ncsw = p->nvcsw | LONG_MIN; /* sets MSB */
+ task_rq_unlock(rq, p, &flags);
+
+@@ -1477,10 +1531,6 @@
+ {
+ activate_task(rq, p, en_flags);
+ p->on_rq = TASK_ON_RQ_QUEUED;
+-
+- /* if a worker is waking up, notify workqueue */
+- if (p->flags & PF_WQ_WORKER)
+- wq_worker_waking_up(p, cpu_of(rq));
+ }
+
+ /*
+@@ -1694,8 +1744,27 @@
+ */
+ smp_mb__before_spinlock();
+ raw_spin_lock_irqsave(&p->pi_lock, flags);
+- if (!(p->state & state))
++ if (!(p->state & state)) {
++ /*
++ * The task might be running due to a spinlock sleeper
++ * wakeup. Check the saved state and set it to running
++ * if the wakeup condition is true.
++ */
++ if (!(wake_flags & WF_LOCK_SLEEPER)) {
++ if (p->saved_state & state) {
++ p->saved_state = TASK_RUNNING;
++ success = 1;
++ }
++ }
+ goto out;
++ }
++
++ /*
++ * If this is a regular wakeup, then we can unconditionally
++ * clear the saved state of a "lock sleeper".
++ */
++ if (!(wake_flags & WF_LOCK_SLEEPER))
++ p->saved_state = TASK_RUNNING;
+
+ success = 1; /* we're going to change ->state */
+ cpu = task_cpu(p);
+@@ -1738,42 +1807,6 @@
+ }
+
+ /**
+- * try_to_wake_up_local - try to wake up a local task with rq lock held
+- * @p: the thread to be awakened
+- *
+- * Put @p on the run-queue if it's not already there. The caller must
+- * ensure that this_rq() is locked, @p is bound to this_rq() and not
+- * the current task.
+- */
+-static void try_to_wake_up_local(struct task_struct *p)
+-{
+- struct rq *rq = task_rq(p);
+-
+- if (WARN_ON_ONCE(rq != this_rq()) ||
+- WARN_ON_ONCE(p == current))
+- return;
+-
+- lockdep_assert_held(&rq->lock);
+-
+- if (!raw_spin_trylock(&p->pi_lock)) {
+- raw_spin_unlock(&rq->lock);
+- raw_spin_lock(&p->pi_lock);
+- raw_spin_lock(&rq->lock);
+- }
+-
+- if (!(p->state & TASK_NORMAL))
+- goto out;
+-
+- if (!task_on_rq_queued(p))
+- ttwu_activate(rq, p, ENQUEUE_WAKEUP);
+-
+- ttwu_do_wakeup(rq, p, 0);
+- ttwu_stat(p, smp_processor_id(), 0);
+-out:
+- raw_spin_unlock(&p->pi_lock);
+-}
+-
+-/**
+ * wake_up_process - Wake up a specific process
+ * @p: The process to be woken up.
+ *
+@@ -1787,11 +1820,23 @@
+ */
+ int wake_up_process(struct task_struct *p)
+ {
+- WARN_ON(task_is_stopped_or_traced(p));
++ WARN_ON(__task_is_stopped_or_traced(p));
+ return try_to_wake_up(p, TASK_NORMAL, 0);
+ }
+ EXPORT_SYMBOL(wake_up_process);
+
++/**
++ * wake_up_lock_sleeper - Wake up a specific process blocked on a "sleeping lock"
++ * @p: The process to be woken up.
++ *
++ * Same as wake_up_process() above, but wake_flags=WF_LOCK_SLEEPER to indicate
++ * the nature of the wakeup.
++ */
++int wake_up_lock_sleeper(struct task_struct *p)
++{
++ return try_to_wake_up(p, TASK_ALL, WF_LOCK_SLEEPER);
++}
++
+ int wake_up_state(struct task_struct *p, unsigned int state)
+ {
+ return try_to_wake_up(p, state, 0);
+@@ -1982,6 +2027,9 @@
+ p->on_cpu = 0;
+ #endif
+ init_task_preempt_count(p);
++#ifdef CONFIG_HAVE_PREEMPT_LAZY
++ task_thread_info(p)->preempt_lazy_count = 0;
++#endif
+ #ifdef CONFIG_SMP
+ plist_node_init(&p->pushable_tasks, MAX_PRIO);
+ RB_CLEAR_NODE(&p->pushable_dl_tasks);
+@@ -2265,8 +2313,12 @@
+ finish_arch_post_lock_switch();
+
+ fire_sched_in_preempt_notifiers(current);
++ /*
++ * We use mmdrop_delayed() here so we don't have to do the
++ * full __mmdrop() when we are the last user.
++ */
+ if (mm)
+- mmdrop(mm);
++ mmdrop_delayed(mm);
+ if (unlikely(prev_state == TASK_DEAD)) {
+ if (prev->sched_class->task_dead)
+ prev->sched_class->task_dead(prev);
+@@ -2691,6 +2743,133 @@
+ schedstat_inc(this_rq(), sched_count);
+ }
+
++#if defined(CONFIG_PREEMPT_RT_FULL) && defined(CONFIG_SMP)
++#define MIGRATE_DISABLE_SET_AFFIN (1<<30) /* Can't make a negative */
++#define migrate_disabled_updated(p) ((p)->migrate_disable & MIGRATE_DISABLE_SET_AFFIN)
++#define migrate_disable_count(p) ((p)->migrate_disable & ~MIGRATE_DISABLE_SET_AFFIN)
++
++static inline void update_migrate_disable(struct task_struct *p)
++{
++ const struct cpumask *mask;
++
++ if (likely(!p->migrate_disable))
++ return;
++
++ /* Did we already update affinity? */
++ if (unlikely(migrate_disabled_updated(p)))
++ return;
++
++ /*
++ * Since this is always current we can get away with only locking
++ * rq->lock, the ->cpus_allowed value can normally only be changed
++ * while holding both p->pi_lock and rq->lock, but seeing that this
++ * is current, we cannot actually be waking up, so all code that
++ * relies on serialization against p->pi_lock is out of scope.
++ *
++ * Having rq->lock serializes us against things like
++ * set_cpus_allowed_ptr() that can still happen concurrently.
++ */
++ mask = tsk_cpus_allowed(p);
++
++ if (p->sched_class->set_cpus_allowed)
++ p->sched_class->set_cpus_allowed(p, mask);
++ /* mask==cpumask_of(task_cpu(p)) which has a cpumask_weight==1 */
++ p->nr_cpus_allowed = 1;
++
++ /* Let migrate_enable know to fix things back up */
++ p->migrate_disable |= MIGRATE_DISABLE_SET_AFFIN;
++}
++
++void migrate_disable(void)
++{
++ struct task_struct *p = current;
++
++ if (in_atomic()) {
++#ifdef CONFIG_SCHED_DEBUG
++ p->migrate_disable_atomic++;
++#endif
++ return;
++ }
++
++#ifdef CONFIG_SCHED_DEBUG
++ if (unlikely(p->migrate_disable_atomic)) {
++ tracing_off();
++ WARN_ON_ONCE(1);
++ }
++#endif
++
++ if (p->migrate_disable) {
++ p->migrate_disable++;
++ return;
++ }
++
++ preempt_disable();
++ preempt_lazy_disable();
++ pin_current_cpu();
++ p->migrate_disable = 1;
++ preempt_enable();
++}
++EXPORT_SYMBOL(migrate_disable);
++
++void migrate_enable(void)
++{
++ struct task_struct *p = current;
++ const struct cpumask *mask;
++ unsigned long flags;
++ struct rq *rq;
++
++ if (in_atomic()) {
++#ifdef CONFIG_SCHED_DEBUG
++ p->migrate_disable_atomic--;
++#endif
++ return;
++ }
++
++#ifdef CONFIG_SCHED_DEBUG
++ if (unlikely(p->migrate_disable_atomic)) {
++ tracing_off();
++ WARN_ON_ONCE(1);
++ }
++#endif
++ WARN_ON_ONCE(p->migrate_disable <= 0);
++
++ if (migrate_disable_count(p) > 1) {
++ p->migrate_disable--;
++ return;
++ }
++
++ preempt_disable();
++ if (unlikely(migrate_disabled_updated(p))) {
++ /*
++ * Undo whatever update_migrate_disable() did, also see there
++ * about locking.
++ */
++ rq = this_rq();
++ raw_spin_lock_irqsave(&rq->lock, flags);
++
++ /*
++ * Clearing migrate_disable causes tsk_cpus_allowed to
++ * show the tasks original cpu affinity.
++ */
++ p->migrate_disable = 0;
++ mask = tsk_cpus_allowed(p);
++ if (p->sched_class->set_cpus_allowed)
++ p->sched_class->set_cpus_allowed(p, mask);
++ p->nr_cpus_allowed = cpumask_weight(mask);
++ raw_spin_unlock_irqrestore(&rq->lock, flags);
++ } else
++ p->migrate_disable = 0;
++
++ unpin_current_cpu();
++ preempt_enable();
++ preempt_lazy_enable();
++}
++EXPORT_SYMBOL(migrate_enable);
++#else
++static inline void update_migrate_disable(struct task_struct *p) { }
++#define migrate_disabled_updated(p) 0
++#endif
++
+ /*
+ * Pick up the highest-prio task:
+ */
+@@ -2794,6 +2973,8 @@
+ smp_mb__before_spinlock();
+ raw_spin_lock_irq(&rq->lock);
+
++ update_migrate_disable(prev);
++
+ switch_count = &prev->nivcsw;
+ if (prev->state && !(preempt_count() & PREEMPT_ACTIVE)) {
+ if (unlikely(signal_pending_state(prev->state, prev))) {
+@@ -2801,19 +2982,6 @@
+ } else {
+ deactivate_task(rq, prev, DEQUEUE_SLEEP);
+ prev->on_rq = 0;
+-
+- /*
+- * If a worker went to sleep, notify and ask workqueue
+- * whether it wants to wake up a task to maintain
+- * concurrency.
+- */
+- if (prev->flags & PF_WQ_WORKER) {
+- struct task_struct *to_wakeup;
+-
+- to_wakeup = wq_worker_sleeping(prev, cpu);
+- if (to_wakeup)
+- try_to_wake_up_local(to_wakeup);
+- }
+ }
+ switch_count = &prev->nvcsw;
+ }
+@@ -2823,6 +2991,7 @@
+
+ next = pick_next_task(rq, prev);
+ clear_tsk_need_resched(prev);
++ clear_tsk_need_resched_lazy(prev);
+ clear_preempt_need_resched();
+ rq->skip_clock_update = 0;
+
+@@ -2852,9 +3021,20 @@
+
+ static inline void sched_submit_work(struct task_struct *tsk)
+ {
+- if (!tsk->state || tsk_is_pi_blocked(tsk))
++ if (!tsk->state)
+ return;
+ /*
++ * If a worker went to sleep, notify and ask workqueue whether
++ * it wants to wake up a task to maintain concurrency.
++ */
++ if (tsk->flags & PF_WQ_WORKER)
++ wq_worker_sleeping(tsk);
++
++
++ if (tsk_is_pi_blocked(tsk))
++ return;
++
++ /*
+ * If we are going to sleep and we have plugged IO queued,
+ * make sure to submit it to avoid deadlocks.
+ */
+@@ -2862,12 +3042,19 @@
+ blk_schedule_flush_plug(tsk);
+ }
+
++static inline void sched_update_worker(struct task_struct *tsk)
++{
++ if (tsk->flags & PF_WQ_WORKER)
++ wq_worker_running(tsk);
++}
++
+ asmlinkage __visible void __sched schedule(void)
+ {
+ struct task_struct *tsk = current;
+
+ sched_submit_work(tsk);
+ __schedule();
++ sched_update_worker(tsk);
+ }
+ EXPORT_SYMBOL(schedule);
+
+@@ -2917,9 +3104,26 @@
+ if (likely(!preemptible()))
+ return;
+
++#ifdef CONFIG_PREEMPT_LAZY
++ /*
++ * Check for lazy preemption
++ */
++ if (current_thread_info()->preempt_lazy_count &&
++ !test_thread_flag(TIF_NEED_RESCHED))
++ return;
++#endif
+ do {
+ __preempt_count_add(PREEMPT_ACTIVE);
++ /*
++ * The add/subtract must not be traced by the function
++ * tracer. But we still want to account for the
++ * preempt off latency tracer. Since the _notrace versions
++ * of add/subtract skip the accounting for latency tracer
++ * we must force it manually.
++ */
++ start_critical_timings();
+ __schedule();
++ stop_critical_timings();
+ __preempt_count_sub(PREEMPT_ACTIVE);
+
+ /*
+@@ -4229,9 +4433,16 @@
+
+ static void __cond_resched(void)
+ {
+- __preempt_count_add(PREEMPT_ACTIVE);
+- __schedule();
+- __preempt_count_sub(PREEMPT_ACTIVE);
++ do {
++ __preempt_count_add(PREEMPT_ACTIVE);
++ __schedule();
++ __preempt_count_sub(PREEMPT_ACTIVE);
++ /*
++ * Check again in case we missed a preemption
++ * opportunity between schedule and now.
++ */
++ barrier();
++ } while (need_resched());
+ }
+
+ int __sched _cond_resched(void)
+@@ -4272,6 +4483,7 @@
+ }
+ EXPORT_SYMBOL(__cond_resched_lock);
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ int __sched __cond_resched_softirq(void)
+ {
+ BUG_ON(!in_softirq());
+@@ -4285,6 +4497,7 @@
+ return 0;
+ }
+ EXPORT_SYMBOL(__cond_resched_softirq);
++#endif
+
+ /**
+ * yield - yield the current processor to other threads.
+@@ -4646,7 +4859,9 @@
+
+ /* Set the preempt count _outside_ the spinlocks! */
+ init_idle_preempt_count(idle, cpu);
+-
++#ifdef CONFIG_HAVE_PREEMPT_LAZY
++ task_thread_info(idle)->preempt_lazy_count = 0;
++#endif
+ /*
+ * The idle tasks have their own, simple scheduling class:
+ */
+@@ -4688,11 +4903,91 @@
+
+ void do_set_cpus_allowed(struct task_struct *p, const struct cpumask *new_mask)
+ {
+- if (p->sched_class && p->sched_class->set_cpus_allowed)
+- p->sched_class->set_cpus_allowed(p, new_mask);
++ if (!migrate_disabled_updated(p)) {
++ if (p->sched_class && p->sched_class->set_cpus_allowed)
++ p->sched_class->set_cpus_allowed(p, new_mask);
++ p->nr_cpus_allowed = cpumask_weight(new_mask);
++ }
+
+ cpumask_copy(&p->cpus_allowed, new_mask);
+- p->nr_cpus_allowed = cpumask_weight(new_mask);
++}
++
++static DEFINE_PER_CPU(struct cpumask, sched_cpumasks);
++static DEFINE_MUTEX(sched_down_mutex);
++static cpumask_t sched_down_cpumask;
++
++void tell_sched_cpu_down_begin(int cpu)
++{
++ mutex_lock(&sched_down_mutex);
++ cpumask_set_cpu(cpu, &sched_down_cpumask);
++ mutex_unlock(&sched_down_mutex);
++}
++
++void tell_sched_cpu_down_done(int cpu)
++{
++ mutex_lock(&sched_down_mutex);
++ cpumask_clear_cpu(cpu, &sched_down_cpumask);
++ mutex_unlock(&sched_down_mutex);
++}
++
++/**
++ * migrate_me - try to move the current task off this cpu
++ *
++ * Used by the pin_current_cpu() code to try to get tasks
++ * to move off the current CPU as it is going down.
++ * It will only move the task if the task isn't pinned to
++ * the CPU (with migrate_disable, affinity or NO_SETAFFINITY)
++ * and the task has to be in a RUNNING state. Otherwise the
++ * movement of the task will wake it up (change its state
++ * to running) when the task did not expect it.
++ *
++ * Returns 1 if it succeeded in moving the current task
++ * 0 otherwise.
++ */
++int migrate_me(void)
++{
++ struct task_struct *p = current;
++ struct migration_arg arg;
++ struct cpumask *cpumask;
++ struct cpumask *mask;
++ unsigned long flags;
++ unsigned int dest_cpu;
++ struct rq *rq;
++
++ /*
++ * We can not migrate tasks bounded to a CPU or tasks not
++ * running. The movement of the task will wake it up.
++ */
++ if (p->flags & PF_NO_SETAFFINITY || p->state)
++ return 0;
++
++ mutex_lock(&sched_down_mutex);
++ rq = task_rq_lock(p, &flags);
++
++ cpumask = &__get_cpu_var(sched_cpumasks);
++ mask = &p->cpus_allowed;
++
++ cpumask_andnot(cpumask, mask, &sched_down_cpumask);
++
++ if (!cpumask_weight(cpumask)) {
++ /* It's only on this CPU? */
++ task_rq_unlock(rq, p, &flags);
++ mutex_unlock(&sched_down_mutex);
++ return 0;
++ }
++
++ dest_cpu = cpumask_any_and(cpu_active_mask, cpumask);
++
++ arg.task = p;
++ arg.dest_cpu = dest_cpu;
++
++ task_rq_unlock(rq, p, &flags);
++
++ stop_one_cpu(cpu_of(rq), migration_cpu_stop, &arg);
++ tlb_migrate_finish(p->mm);
++ mutex_unlock(&sched_down_mutex);
++
++ return 1;
+ }
+
+ /*
+@@ -4738,7 +5033,7 @@
+ do_set_cpus_allowed(p, new_mask);
+
+ /* Can the task run on the task's current CPU? If so, we're done */
+- if (cpumask_test_cpu(task_cpu(p), new_mask))
++ if (cpumask_test_cpu(task_cpu(p), new_mask) || __migrate_disabled(p))
+ goto out;
+
+ dest_cpu = cpumask_any_and(cpu_active_mask, new_mask);
+@@ -4878,6 +5173,8 @@
+
+ #ifdef CONFIG_HOTPLUG_CPU
+
++static DEFINE_PER_CPU(struct mm_struct *, idle_last_mm);
++
+ /*
+ * Ensures that the idle task is using init_mm right before its cpu goes
+ * offline.
+@@ -4892,7 +5189,11 @@
+ switch_mm(mm, &init_mm, current);
+ finish_arch_post_lock_switch();
+ }
+- mmdrop(mm);
++ /*
++ * Defer the cleanup to an alive cpu. On RT we can neither
++ * call mmdrop() nor mmdrop_delayed() from here.
++ */
++ per_cpu(idle_last_mm, smp_processor_id()) = mm;
+ }
+
+ /*
+@@ -5235,6 +5536,10 @@
+
+ case CPU_DEAD:
+ calc_load_migrate(rq);
++ if (per_cpu(idle_last_mm, cpu)) {
++ mmdrop(per_cpu(idle_last_mm, cpu));
++ per_cpu(idle_last_mm, cpu) = NULL;
++ }
+ break;
+ #endif
+ }
+@@ -7176,7 +7481,8 @@
+ #ifdef CONFIG_DEBUG_ATOMIC_SLEEP
+ static inline int preempt_count_equals(int preempt_offset)
+ {
+- int nested = (preempt_count() & ~PREEMPT_ACTIVE) + rcu_preempt_depth();
++ int nested = (preempt_count() & ~PREEMPT_ACTIVE) +
++ sched_rcu_preempt_depth();
+
+ return (nested == preempt_offset);
+ }
+diff -Nur linux-3.18.9.orig/kernel/sched/cputime.c linux-3.18.9/kernel/sched/cputime.c
+--- linux-3.18.9.orig/kernel/sched/cputime.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/sched/cputime.c 2015-03-15 16:03:03.848094875 -0500
+@@ -675,37 +675,45 @@
+
+ void vtime_account_system(struct task_struct *tsk)
+ {
+- write_seqlock(&tsk->vtime_seqlock);
++ raw_spin_lock(&tsk->vtime_lock);
++ write_seqcount_begin(&tsk->vtime_seq);
+ __vtime_account_system(tsk);
+- write_sequnlock(&tsk->vtime_seqlock);
++ write_seqcount_end(&tsk->vtime_seq);
++ raw_spin_unlock(&tsk->vtime_lock);
+ }
+
+ void vtime_gen_account_irq_exit(struct task_struct *tsk)
+ {
+- write_seqlock(&tsk->vtime_seqlock);
++ raw_spin_lock(&tsk->vtime_lock);
++ write_seqcount_begin(&tsk->vtime_seq);
+ __vtime_account_system(tsk);
+ if (context_tracking_in_user())
+ tsk->vtime_snap_whence = VTIME_USER;
+- write_sequnlock(&tsk->vtime_seqlock);
++ write_seqcount_end(&tsk->vtime_seq);
++ raw_spin_unlock(&tsk->vtime_lock);
+ }
+
+ void vtime_account_user(struct task_struct *tsk)
+ {
+ cputime_t delta_cpu;
+
+- write_seqlock(&tsk->vtime_seqlock);
++ raw_spin_lock(&tsk->vtime_lock);
++ write_seqcount_begin(&tsk->vtime_seq);
+ delta_cpu = get_vtime_delta(tsk);
+ tsk->vtime_snap_whence = VTIME_SYS;
+ account_user_time(tsk, delta_cpu, cputime_to_scaled(delta_cpu));
+- write_sequnlock(&tsk->vtime_seqlock);
++ write_seqcount_end(&tsk->vtime_seq);
++ raw_spin_unlock(&tsk->vtime_lock);
+ }
+
+ void vtime_user_enter(struct task_struct *tsk)
+ {
+- write_seqlock(&tsk->vtime_seqlock);
++ raw_spin_lock(&tsk->vtime_lock);
++ write_seqcount_begin(&tsk->vtime_seq);
+ __vtime_account_system(tsk);
+ tsk->vtime_snap_whence = VTIME_USER;
+- write_sequnlock(&tsk->vtime_seqlock);
++ write_seqcount_end(&tsk->vtime_seq);
++ raw_spin_unlock(&tsk->vtime_lock);
+ }
+
+ void vtime_guest_enter(struct task_struct *tsk)
+@@ -717,19 +725,23 @@
+ * synchronization against the reader (task_gtime())
+ * that can thus safely catch up with a tickless delta.
+ */
+- write_seqlock(&tsk->vtime_seqlock);
++ raw_spin_lock(&tsk->vtime_lock);
++ write_seqcount_begin(&tsk->vtime_seq);
+ __vtime_account_system(tsk);
+ current->flags |= PF_VCPU;
+- write_sequnlock(&tsk->vtime_seqlock);
++ write_seqcount_end(&tsk->vtime_seq);
++ raw_spin_unlock(&tsk->vtime_lock);
+ }
+ EXPORT_SYMBOL_GPL(vtime_guest_enter);
+
+ void vtime_guest_exit(struct task_struct *tsk)
+ {
+- write_seqlock(&tsk->vtime_seqlock);
++ raw_spin_lock(&tsk->vtime_lock);
++ write_seqcount_begin(&tsk->vtime_seq);
+ __vtime_account_system(tsk);
+ current->flags &= ~PF_VCPU;
+- write_sequnlock(&tsk->vtime_seqlock);
++ write_seqcount_end(&tsk->vtime_seq);
++ raw_spin_unlock(&tsk->vtime_lock);
+ }
+ EXPORT_SYMBOL_GPL(vtime_guest_exit);
+
+@@ -742,24 +754,30 @@
+
+ void arch_vtime_task_switch(struct task_struct *prev)
+ {
+- write_seqlock(&prev->vtime_seqlock);
++ raw_spin_lock(&prev->vtime_lock);
++ write_seqcount_begin(&prev->vtime_seq);
+ prev->vtime_snap_whence = VTIME_SLEEPING;
+- write_sequnlock(&prev->vtime_seqlock);
++ write_seqcount_end(&prev->vtime_seq);
++ raw_spin_unlock(&prev->vtime_lock);
+
+- write_seqlock(&current->vtime_seqlock);
++ raw_spin_lock(&current->vtime_lock);
++ write_seqcount_begin(&current->vtime_seq);
+ current->vtime_snap_whence = VTIME_SYS;
+ current->vtime_snap = sched_clock_cpu(smp_processor_id());
+- write_sequnlock(&current->vtime_seqlock);
++ write_seqcount_end(&current->vtime_seq);
++ raw_spin_unlock(&current->vtime_lock);
+ }
+
+ void vtime_init_idle(struct task_struct *t, int cpu)
+ {
+ unsigned long flags;
+
+- write_seqlock_irqsave(&t->vtime_seqlock, flags);
++ raw_spin_lock_irqsave(&t->vtime_lock, flags);
++ write_seqcount_begin(&t->vtime_seq);
+ t->vtime_snap_whence = VTIME_SYS;
+ t->vtime_snap = sched_clock_cpu(cpu);
+- write_sequnlock_irqrestore(&t->vtime_seqlock, flags);
++ write_seqcount_end(&t->vtime_seq);
++ raw_spin_unlock_irqrestore(&t->vtime_lock, flags);
+ }
+
+ cputime_t task_gtime(struct task_struct *t)
+@@ -768,13 +786,13 @@
+ cputime_t gtime;
+
+ do {
+- seq = read_seqbegin(&t->vtime_seqlock);
++ seq = read_seqcount_begin(&t->vtime_seq);
+
+ gtime = t->gtime;
+ if (t->flags & PF_VCPU)
+ gtime += vtime_delta(t);
+
+- } while (read_seqretry(&t->vtime_seqlock, seq));
++ } while (read_seqcount_retry(&t->vtime_seq, seq));
+
+ return gtime;
+ }
+@@ -797,7 +815,7 @@
+ *udelta = 0;
+ *sdelta = 0;
+
+- seq = read_seqbegin(&t->vtime_seqlock);
++ seq = read_seqcount_begin(&t->vtime_seq);
+
+ if (u_dst)
+ *u_dst = *u_src;
+@@ -821,7 +839,7 @@
+ if (t->vtime_snap_whence == VTIME_SYS)
+ *sdelta = delta;
+ }
+- } while (read_seqretry(&t->vtime_seqlock, seq));
++ } while (read_seqcount_retry(&t->vtime_seq, seq));
+ }
+
+
+diff -Nur linux-3.18.9.orig/kernel/sched/deadline.c linux-3.18.9/kernel/sched/deadline.c
+--- linux-3.18.9.orig/kernel/sched/deadline.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/sched/deadline.c 2015-03-15 16:03:03.848094875 -0500
+@@ -570,6 +570,7 @@
+
+ hrtimer_init(timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL);
+ timer->function = dl_task_timer;
++ timer->irqsafe = 1;
+ }
+
+ static
+diff -Nur linux-3.18.9.orig/kernel/sched/debug.c linux-3.18.9/kernel/sched/debug.c
+--- linux-3.18.9.orig/kernel/sched/debug.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/sched/debug.c 2015-03-15 16:03:03.848094875 -0500
+@@ -256,6 +256,9 @@
+ P(rt_throttled);
+ PN(rt_time);
+ PN(rt_runtime);
++#ifdef CONFIG_SMP
++ P(rt_nr_migratory);
++#endif
+
+ #undef PN
+ #undef P
+@@ -634,6 +637,10 @@
+ #endif
+ P(policy);
+ P(prio);
++#ifdef CONFIG_PREEMPT_RT_FULL
++ P(migrate_disable);
++#endif
++ P(nr_cpus_allowed);
+ #undef PN
+ #undef __PN
+ #undef P
+diff -Nur linux-3.18.9.orig/kernel/sched/fair.c linux-3.18.9/kernel/sched/fair.c
+--- linux-3.18.9.orig/kernel/sched/fair.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/sched/fair.c 2015-03-15 16:03:03.848094875 -0500
+@@ -2951,7 +2951,7 @@
+ ideal_runtime = sched_slice(cfs_rq, curr);
+ delta_exec = curr->sum_exec_runtime - curr->prev_sum_exec_runtime;
+ if (delta_exec > ideal_runtime) {
+- resched_curr(rq_of(cfs_rq));
++ resched_curr_lazy(rq_of(cfs_rq));
+ /*
+ * The current task ran long enough, ensure it doesn't get
+ * re-elected due to buddy favours.
+@@ -2975,7 +2975,7 @@
+ return;
+
+ if (delta > ideal_runtime)
+- resched_curr(rq_of(cfs_rq));
++ resched_curr_lazy(rq_of(cfs_rq));
+ }
+
+ static void
+@@ -3115,7 +3115,7 @@
+ * validating it and just reschedule.
+ */
+ if (queued) {
+- resched_curr(rq_of(cfs_rq));
++ resched_curr_lazy(rq_of(cfs_rq));
+ return;
+ }
+ /*
+@@ -3306,7 +3306,7 @@
+ * hierarchy can be throttled
+ */
+ if (!assign_cfs_rq_runtime(cfs_rq) && likely(cfs_rq->curr))
+- resched_curr(rq_of(cfs_rq));
++ resched_curr_lazy(rq_of(cfs_rq));
+ }
+
+ static __always_inline
+@@ -3925,7 +3925,7 @@
+
+ if (delta < 0) {
+ if (rq->curr == p)
+- resched_curr(rq);
++ resched_curr_lazy(rq);
+ return;
+ }
+ hrtick_start(rq, delta);
+@@ -4792,7 +4792,7 @@
+ return;
+
+ preempt:
+- resched_curr(rq);
++ resched_curr_lazy(rq);
+ /*
+ * Only set the backward buddy when the current task is still
+ * on the rq. This can happen when a wakeup gets interleaved
+@@ -7576,7 +7576,7 @@
+ * 'current' within the tree based on its new key value.
+ */
+ swap(curr->vruntime, se->vruntime);
+- resched_curr(rq);
++ resched_curr_lazy(rq);
+ }
+
+ se->vruntime -= cfs_rq->min_vruntime;
+@@ -7601,7 +7601,7 @@
+ */
+ if (rq->curr == p) {
+ if (p->prio > oldprio)
+- resched_curr(rq);
++ resched_curr_lazy(rq);
+ } else
+ check_preempt_curr(rq, p, 0);
+ }
+diff -Nur linux-3.18.9.orig/kernel/sched/features.h linux-3.18.9/kernel/sched/features.h
+--- linux-3.18.9.orig/kernel/sched/features.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/sched/features.h 2015-03-15 16:03:03.848094875 -0500
+@@ -50,12 +50,18 @@
+ */
+ SCHED_FEAT(NONTASK_CAPACITY, true)
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++SCHED_FEAT(TTWU_QUEUE, false)
++# ifdef CONFIG_PREEMPT_LAZY
++SCHED_FEAT(PREEMPT_LAZY, true)
++# endif
++#else
+ /*
+ * Queue remote wakeups on the target CPU and process them
+ * using the scheduler IPI. Reduces rq->lock contention/bounces.
+ */
+ SCHED_FEAT(TTWU_QUEUE, true)
+-
++#endif
+ SCHED_FEAT(FORCE_SD_OVERLAP, false)
+ SCHED_FEAT(RT_RUNTIME_SHARE, true)
+ SCHED_FEAT(LB_MIN, false)
+diff -Nur linux-3.18.9.orig/kernel/sched/Makefile linux-3.18.9/kernel/sched/Makefile
+--- linux-3.18.9.orig/kernel/sched/Makefile 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/sched/Makefile 2015-03-15 16:03:03.848094875 -0500
+@@ -13,7 +13,7 @@
+
+ obj-y += core.o proc.o clock.o cputime.o
+ obj-y += idle_task.o fair.o rt.o deadline.o stop_task.o
+-obj-y += wait.o completion.o idle.o
++obj-y += wait.o wait-simple.o work-simple.o completion.o idle.o
+ obj-$(CONFIG_SMP) += cpupri.o cpudeadline.o
+ obj-$(CONFIG_SCHED_AUTOGROUP) += auto_group.o
+ obj-$(CONFIG_SCHEDSTATS) += stats.o
+diff -Nur linux-3.18.9.orig/kernel/sched/rt.c linux-3.18.9/kernel/sched/rt.c
+--- linux-3.18.9.orig/kernel/sched/rt.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/sched/rt.c 2015-03-15 16:03:03.848094875 -0500
+@@ -43,6 +43,7 @@
+
+ hrtimer_init(&rt_b->rt_period_timer,
+ CLOCK_MONOTONIC, HRTIMER_MODE_REL);
++ rt_b->rt_period_timer.irqsafe = 1;
+ rt_b->rt_period_timer.function = sched_rt_period_timer;
+ }
+
+diff -Nur linux-3.18.9.orig/kernel/sched/sched.h linux-3.18.9/kernel/sched/sched.h
+--- linux-3.18.9.orig/kernel/sched/sched.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/sched/sched.h 2015-03-15 16:03:03.848094875 -0500
+@@ -1018,6 +1018,7 @@
+ #define WF_SYNC 0x01 /* waker goes to sleep after wakeup */
+ #define WF_FORK 0x02 /* child wakeup after fork */
+ #define WF_MIGRATED 0x4 /* internal use, task got migrated */
++#define WF_LOCK_SLEEPER 0x08 /* wakeup spinlock "sleeper" */
+
+ /*
+ * To aid in avoiding the subversion of "niceness" due to uneven distribution
+@@ -1210,6 +1211,15 @@
+ extern void resched_curr(struct rq *rq);
+ extern void resched_cpu(int cpu);
+
++#ifdef CONFIG_PREEMPT_LAZY
++extern void resched_curr_lazy(struct rq *rq);
++#else
++static inline void resched_curr_lazy(struct rq *rq)
++{
++ resched_curr(rq);
++}
++#endif
++
+ extern struct rt_bandwidth def_rt_bandwidth;
+ extern void init_rt_bandwidth(struct rt_bandwidth *rt_b, u64 period, u64 runtime);
+
+diff -Nur linux-3.18.9.orig/kernel/sched/wait-simple.c linux-3.18.9/kernel/sched/wait-simple.c
+--- linux-3.18.9.orig/kernel/sched/wait-simple.c 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/kernel/sched/wait-simple.c 2015-03-15 16:03:03.848094875 -0500
+@@ -0,0 +1,115 @@
++/*
++ * Simple waitqueues without fancy flags and callbacks
++ *
++ * (C) 2011 Thomas Gleixner <tglx@linutronix.de>
++ *
++ * Based on kernel/wait.c
++ *
++ * For licencing details see kernel-base/COPYING
++ */
++#include <linux/init.h>
++#include <linux/export.h>
++#include <linux/sched.h>
++#include <linux/wait-simple.h>
++
++/* Adds w to head->list. Must be called with head->lock locked. */
++static inline void __swait_enqueue(struct swait_head *head, struct swaiter *w)
++{
++ list_add(&w->node, &head->list);
++ /* We can't let the condition leak before the setting of head */
++ smp_mb();
++}
++
++/* Removes w from head->list. Must be called with head->lock locked. */
++static inline void __swait_dequeue(struct swaiter *w)
++{
++ list_del_init(&w->node);
++}
++
++void __init_swait_head(struct swait_head *head, struct lock_class_key *key)
++{
++ raw_spin_lock_init(&head->lock);
++ lockdep_set_class(&head->lock, key);
++ INIT_LIST_HEAD(&head->list);
++}
++EXPORT_SYMBOL(__init_swait_head);
++
++void swait_prepare_locked(struct swait_head *head, struct swaiter *w)
++{
++ w->task = current;
++ if (list_empty(&w->node))
++ __swait_enqueue(head, w);
++}
++
++void swait_prepare(struct swait_head *head, struct swaiter *w, int state)
++{
++ unsigned long flags;
++
++ raw_spin_lock_irqsave(&head->lock, flags);
++ swait_prepare_locked(head, w);
++ __set_current_state(state);
++ raw_spin_unlock_irqrestore(&head->lock, flags);
++}
++EXPORT_SYMBOL(swait_prepare);
++
++void swait_finish_locked(struct swait_head *head, struct swaiter *w)
++{
++ __set_current_state(TASK_RUNNING);
++ if (w->task)
++ __swait_dequeue(w);
++}
++
++void swait_finish(struct swait_head *head, struct swaiter *w)
++{
++ unsigned long flags;
++
++ __set_current_state(TASK_RUNNING);
++ if (w->task) {
++ raw_spin_lock_irqsave(&head->lock, flags);
++ __swait_dequeue(w);
++ raw_spin_unlock_irqrestore(&head->lock, flags);
++ }
++}
++EXPORT_SYMBOL(swait_finish);
++
++unsigned int
++__swait_wake_locked(struct swait_head *head, unsigned int state, unsigned int num)
++{
++ struct swaiter *curr, *next;
++ int woken = 0;
++
++ list_for_each_entry_safe(curr, next, &head->list, node) {
++ if (wake_up_state(curr->task, state)) {
++ __swait_dequeue(curr);
++ /*
++ * The waiting task can free the waiter as
++ * soon as curr->task = NULL is written,
++ * without taking any locks. A memory barrier
++ * is required here to prevent the following
++ * store to curr->task from getting ahead of
++ * the dequeue operation.
++ */
++ smp_wmb();
++ curr->task = NULL;
++ if (++woken == num)
++ break;
++ }
++ }
++ return woken;
++}
++
++unsigned int
++__swait_wake(struct swait_head *head, unsigned int state, unsigned int num)
++{
++ unsigned long flags;
++ int woken;
++
++ if (!swaitqueue_active(head))
++ return 0;
++
++ raw_spin_lock_irqsave(&head->lock, flags);
++ woken = __swait_wake_locked(head, state, num);
++ raw_spin_unlock_irqrestore(&head->lock, flags);
++ return woken;
++}
++EXPORT_SYMBOL(__swait_wake);
+diff -Nur linux-3.18.9.orig/kernel/sched/work-simple.c linux-3.18.9/kernel/sched/work-simple.c
+--- linux-3.18.9.orig/kernel/sched/work-simple.c 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/kernel/sched/work-simple.c 2015-03-15 16:03:03.852094875 -0500
+@@ -0,0 +1,176 @@
++/*
++ * Copyright (C) 2014 BMW Car IT GmbH, Daniel Wagner daniel.wagner@bmw-carit.de
++ *
++ * Provides a framework for enqueuing callbacks from irq context
++ * PREEMPT_RT_FULL safe. The callbacks are executed in kthread context.
++ */
++
++#include <linux/wait-simple.h>
++#include <linux/work-simple.h>
++#include <linux/kthread.h>
++#include <linux/slab.h>
++#include <linux/spinlock.h>
++
++#define SWORK_EVENT_PENDING (1 << 0)
++
++static DEFINE_MUTEX(worker_mutex);
++static struct sworker *glob_worker;
++
++struct sworker {
++ struct list_head events;
++ struct swait_head wq;
++
++ raw_spinlock_t lock;
++
++ struct task_struct *task;
++ int refs;
++};
++
++static bool swork_readable(struct sworker *worker)
++{
++ bool r;
++
++ if (kthread_should_stop())
++ return true;
++
++ raw_spin_lock(&worker->lock);
++ r = !list_empty(&worker->events);
++ raw_spin_unlock(&worker->lock);
++
++ return r;
++}
++
++static int swork_kthread(void *arg)
++{
++ struct sworker *worker = arg;
++
++ pr_info("swork_kthread enter\n");
++
++ for (;;) {
++ swait_event_interruptible(worker->wq,
++ swork_readable(worker));
++ if (kthread_should_stop())
++ break;
++
++ raw_spin_lock(&worker->lock);
++ while (!list_empty(&worker->events)) {
++ struct swork_event *sev;
++
++ sev = list_first_entry(&worker->events,
++ struct swork_event, item);
++ list_del(&sev->item);
++ raw_spin_unlock(&worker->lock);
++
++ WARN_ON_ONCE(!test_and_clear_bit(SWORK_EVENT_PENDING,
++ &sev->flags));
++ sev->func(sev);
++ raw_spin_lock(&worker->lock);
++ }
++ raw_spin_unlock(&worker->lock);
++ }
++
++ pr_info("swork_kthread exit\n");
++ return 0;
++}
++
++static struct sworker *swork_create(void)
++{
++ struct sworker *worker;
++
++ worker = kzalloc(sizeof(*worker), GFP_KERNEL);
++ if (!worker)
++ return ERR_PTR(-ENOMEM);
++
++ INIT_LIST_HEAD(&worker->events);
++ raw_spin_lock_init(&worker->lock);
++ init_swait_head(&worker->wq);
++
++ worker->task = kthread_run(swork_kthread, worker, "kswork");
++ if (IS_ERR(worker->task)) {
++ kfree(worker);
++ return ERR_PTR(-ENOMEM);
++ }
++
++ return worker;
++}
++
++static void swork_destroy(struct sworker *worker)
++{
++ kthread_stop(worker->task);
++
++ WARN_ON(!list_empty(&worker->events));
++ kfree(worker);
++}
++
++/**
++ * swork_queue - queue swork
++ *
++ * Returns %false if @work was already on a queue, %true otherwise.
++ *
++ * The work is queued and processed on a random CPU
++ */
++bool swork_queue(struct swork_event *sev)
++{
++ if (test_and_set_bit(SWORK_EVENT_PENDING, &sev->flags))
++ return false;
++
++ WARN_ON(irqs_disabled());
++
++ raw_spin_lock(&glob_worker->lock);
++ list_add_tail(&sev->item, &glob_worker->events);
++ raw_spin_unlock(&glob_worker->lock);
++
++ swait_wake(&glob_worker->wq);
++ return true;
++}
++EXPORT_SYMBOL_GPL(swork_queue);
++
++/**
++ * swork_get - get an instance of the sworker
++ *
++ * Returns an negative error code if the initialization if the worker did not
++ * work, %0 otherwise.
++ *
++ */
++int swork_get(void)
++{
++ struct sworker *worker;
++
++ mutex_lock(&worker_mutex);
++ if (!glob_worker) {
++ worker = swork_create();
++ if (IS_ERR(worker)) {
++ mutex_unlock(&worker_mutex);
++ return -ENOMEM;
++ }
++
++ glob_worker = worker;
++ }
++
++ glob_worker->refs++;
++ mutex_unlock(&worker_mutex);
++
++ return 0;
++}
++EXPORT_SYMBOL_GPL(swork_get);
++
++/**
++ * swork_put - puts an instance of the sworker
++ *
++ * Will destroy the sworker thread. This function must not be called until all
++ * queued events have been completed.
++ */
++void swork_put(void)
++{
++ mutex_lock(&worker_mutex);
++
++ glob_worker->refs--;
++ if (glob_worker->refs > 0)
++ goto out;
++
++ swork_destroy(glob_worker);
++ glob_worker = NULL;
++out:
++ mutex_unlock(&worker_mutex);
++}
++EXPORT_SYMBOL_GPL(swork_put);
+diff -Nur linux-3.18.9.orig/kernel/signal.c linux-3.18.9/kernel/signal.c
+--- linux-3.18.9.orig/kernel/signal.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/signal.c 2015-03-15 16:03:03.852094875 -0500
+@@ -14,6 +14,7 @@
+ #include <linux/export.h>
+ #include <linux/init.h>
+ #include <linux/sched.h>
++#include <linux/sched/rt.h>
+ #include <linux/fs.h>
+ #include <linux/tty.h>
+ #include <linux/binfmts.h>
+@@ -352,13 +353,45 @@
+ return false;
+ }
+
++#ifdef __HAVE_ARCH_CMPXCHG
++static inline struct sigqueue *get_task_cache(struct task_struct *t)
++{
++ struct sigqueue *q = t->sigqueue_cache;
++
++ if (cmpxchg(&t->sigqueue_cache, q, NULL) != q)
++ return NULL;
++ return q;
++}
++
++static inline int put_task_cache(struct task_struct *t, struct sigqueue *q)
++{
++ if (cmpxchg(&t->sigqueue_cache, NULL, q) == NULL)
++ return 0;
++ return 1;
++}
++
++#else
++
++static inline struct sigqueue *get_task_cache(struct task_struct *t)
++{
++ return NULL;
++}
++
++static inline int put_task_cache(struct task_struct *t, struct sigqueue *q)
++{
++ return 1;
++}
++
++#endif
++
+ /*
+ * allocate a new signal queue record
+ * - this may be called without locks if and only if t == current, otherwise an
+ * appropriate lock must be held to stop the target task from exiting
+ */
+ static struct sigqueue *
+-__sigqueue_alloc(int sig, struct task_struct *t, gfp_t flags, int override_rlimit)
++__sigqueue_do_alloc(int sig, struct task_struct *t, gfp_t flags,
++ int override_rlimit, int fromslab)
+ {
+ struct sigqueue *q = NULL;
+ struct user_struct *user;
+@@ -375,7 +408,10 @@
+ if (override_rlimit ||
+ atomic_read(&user->sigpending) <=
+ task_rlimit(t, RLIMIT_SIGPENDING)) {
+- q = kmem_cache_alloc(sigqueue_cachep, flags);
++ if (!fromslab)
++ q = get_task_cache(t);
++ if (!q)
++ q = kmem_cache_alloc(sigqueue_cachep, flags);
+ } else {
+ print_dropped_signal(sig);
+ }
+@@ -392,6 +428,13 @@
+ return q;
+ }
+
++static struct sigqueue *
++__sigqueue_alloc(int sig, struct task_struct *t, gfp_t flags,
++ int override_rlimit)
++{
++ return __sigqueue_do_alloc(sig, t, flags, override_rlimit, 0);
++}
++
+ static void __sigqueue_free(struct sigqueue *q)
+ {
+ if (q->flags & SIGQUEUE_PREALLOC)
+@@ -401,6 +444,21 @@
+ kmem_cache_free(sigqueue_cachep, q);
+ }
+
++static void sigqueue_free_current(struct sigqueue *q)
++{
++ struct user_struct *up;
++
++ if (q->flags & SIGQUEUE_PREALLOC)
++ return;
++
++ up = q->user;
++ if (rt_prio(current->normal_prio) && !put_task_cache(current, q)) {
++ atomic_dec(&up->sigpending);
++ free_uid(up);
++ } else
++ __sigqueue_free(q);
++}
++
+ void flush_sigqueue(struct sigpending *queue)
+ {
+ struct sigqueue *q;
+@@ -414,6 +472,21 @@
+ }
+
+ /*
++ * Called from __exit_signal. Flush tsk->pending and
++ * tsk->sigqueue_cache
++ */
++void flush_task_sigqueue(struct task_struct *tsk)
++{
++ struct sigqueue *q;
++
++ flush_sigqueue(&tsk->pending);
++
++ q = get_task_cache(tsk);
++ if (q)
++ kmem_cache_free(sigqueue_cachep, q);
++}
++
++/*
+ * Flush all pending signals for a task.
+ */
+ void __flush_signals(struct task_struct *t)
+@@ -565,7 +638,7 @@
+ still_pending:
+ list_del_init(&first->list);
+ copy_siginfo(info, &first->info);
+- __sigqueue_free(first);
++ sigqueue_free_current(first);
+ } else {
+ /*
+ * Ok, it wasn't in the queue. This must be
+@@ -611,6 +684,8 @@
+ {
+ int signr;
+
++ WARN_ON_ONCE(tsk != current);
++
+ /* We only dequeue private signals from ourselves, we don't let
+ * signalfd steal them
+ */
+@@ -1207,8 +1282,8 @@
+ * We don't want to have recursive SIGSEGV's etc, for example,
+ * that is why we also clear SIGNAL_UNKILLABLE.
+ */
+-int
+-force_sig_info(int sig, struct siginfo *info, struct task_struct *t)
++static int
++do_force_sig_info(int sig, struct siginfo *info, struct task_struct *t)
+ {
+ unsigned long int flags;
+ int ret, blocked, ignored;
+@@ -1233,6 +1308,39 @@
+ return ret;
+ }
+
++int force_sig_info(int sig, struct siginfo *info, struct task_struct *t)
++{
++/*
++ * On some archs, PREEMPT_RT has to delay sending a signal from a trap
++ * since it can not enable preemption, and the signal code's spin_locks
++ * turn into mutexes. Instead, it must set TIF_NOTIFY_RESUME which will
++ * send the signal on exit of the trap.
++ */
++#ifdef ARCH_RT_DELAYS_SIGNAL_SEND
++ if (in_atomic()) {
++ if (WARN_ON_ONCE(t != current))
++ return 0;
++ if (WARN_ON_ONCE(t->forced_info.si_signo))
++ return 0;
++
++ if (is_si_special(info)) {
++ WARN_ON_ONCE(info != SEND_SIG_PRIV);
++ t->forced_info.si_signo = sig;
++ t->forced_info.si_errno = 0;
++ t->forced_info.si_code = SI_KERNEL;
++ t->forced_info.si_pid = 0;
++ t->forced_info.si_uid = 0;
++ } else {
++ t->forced_info = *info;
++ }
++
++ set_tsk_thread_flag(t, TIF_NOTIFY_RESUME);
++ return 0;
++ }
++#endif
++ return do_force_sig_info(sig, info, t);
++}
++
+ /*
+ * Nuke all other threads in the group.
+ */
+@@ -1267,12 +1375,12 @@
+ * Disable interrupts early to avoid deadlocks.
+ * See rcu_read_unlock() comment header for details.
+ */
+- local_irq_save(*flags);
++ local_irq_save_nort(*flags);
+ rcu_read_lock();
+ sighand = rcu_dereference(tsk->sighand);
+ if (unlikely(sighand == NULL)) {
+ rcu_read_unlock();
+- local_irq_restore(*flags);
++ local_irq_restore_nort(*flags);
+ break;
+ }
+
+@@ -1283,7 +1391,7 @@
+ }
+ spin_unlock(&sighand->siglock);
+ rcu_read_unlock();
+- local_irq_restore(*flags);
++ local_irq_restore_nort(*flags);
+ }
+
+ return sighand;
+@@ -1528,7 +1636,8 @@
+ */
+ struct sigqueue *sigqueue_alloc(void)
+ {
+- struct sigqueue *q = __sigqueue_alloc(-1, current, GFP_KERNEL, 0);
++ /* Preallocated sigqueue objects always from the slabcache ! */
++ struct sigqueue *q = __sigqueue_do_alloc(-1, current, GFP_KERNEL, 0, 1);
+
+ if (q)
+ q->flags |= SIGQUEUE_PREALLOC;
+@@ -1889,15 +1998,7 @@
+ if (gstop_done && ptrace_reparented(current))
+ do_notify_parent_cldstop(current, false, why);
+
+- /*
+- * Don't want to allow preemption here, because
+- * sys_ptrace() needs this task to be inactive.
+- *
+- * XXX: implement read_unlock_no_resched().
+- */
+- preempt_disable();
+ read_unlock(&tasklist_lock);
+- preempt_enable_no_resched();
+ freezable_schedule();
+ } else {
+ /*
+diff -Nur linux-3.18.9.orig/kernel/softirq.c linux-3.18.9/kernel/softirq.c
+--- linux-3.18.9.orig/kernel/softirq.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/softirq.c 2015-03-15 16:03:03.852094875 -0500
+@@ -21,10 +21,12 @@
+ #include <linux/freezer.h>
+ #include <linux/kthread.h>
+ #include <linux/rcupdate.h>
++#include <linux/delay.h>
+ #include <linux/ftrace.h>
+ #include <linux/smp.h>
+ #include <linux/smpboot.h>
+ #include <linux/tick.h>
++#include <linux/locallock.h>
+ #include <linux/irq.h>
+
+ #define CREATE_TRACE_POINTS
+@@ -62,6 +64,98 @@
+ "TASKLET", "SCHED", "HRTIMER", "RCU"
+ };
+
++#ifdef CONFIG_NO_HZ_COMMON
++# ifdef CONFIG_PREEMPT_RT_FULL
++
++struct softirq_runner {
++ struct task_struct *runner[NR_SOFTIRQS];
++};
++
++static DEFINE_PER_CPU(struct softirq_runner, softirq_runners);
++
++static inline void softirq_set_runner(unsigned int sirq)
++{
++ struct softirq_runner *sr = &__get_cpu_var(softirq_runners);
++
++ sr->runner[sirq] = current;
++}
++
++static inline void softirq_clr_runner(unsigned int sirq)
++{
++ struct softirq_runner *sr = &__get_cpu_var(softirq_runners);
++
++ sr->runner[sirq] = NULL;
++}
++
++/*
++ * On preempt-rt a softirq running context might be blocked on a
++ * lock. There might be no other runnable task on this CPU because the
++ * lock owner runs on some other CPU. So we have to go into idle with
++ * the pending bit set. Therefor we need to check this otherwise we
++ * warn about false positives which confuses users and defeats the
++ * whole purpose of this test.
++ *
++ * This code is called with interrupts disabled.
++ */
++void softirq_check_pending_idle(void)
++{
++ static int rate_limit;
++ struct softirq_runner *sr = &__get_cpu_var(softirq_runners);
++ u32 warnpending;
++ int i;
++
++ if (rate_limit >= 10)
++ return;
++
++ warnpending = local_softirq_pending() & SOFTIRQ_STOP_IDLE_MASK;
++ for (i = 0; i < NR_SOFTIRQS; i++) {
++ struct task_struct *tsk = sr->runner[i];
++
++ /*
++ * The wakeup code in rtmutex.c wakes up the task
++ * _before_ it sets pi_blocked_on to NULL under
++ * tsk->pi_lock. So we need to check for both: state
++ * and pi_blocked_on.
++ */
++ if (tsk) {
++ raw_spin_lock(&tsk->pi_lock);
++ if (tsk->pi_blocked_on || tsk->state == TASK_RUNNING) {
++ /* Clear all bits pending in that task */
++ warnpending &= ~(tsk->softirqs_raised);
++ warnpending &= ~(1 << i);
++ }
++ raw_spin_unlock(&tsk->pi_lock);
++ }
++ }
++
++ if (warnpending) {
++ printk(KERN_ERR "NOHZ: local_softirq_pending %02x\n",
++ warnpending);
++ rate_limit++;
++ }
++}
++# else
++/*
++ * On !PREEMPT_RT we just printk rate limited:
++ */
++void softirq_check_pending_idle(void)
++{
++ static int rate_limit;
++
++ if (rate_limit < 10 &&
++ (local_softirq_pending() & SOFTIRQ_STOP_IDLE_MASK)) {
++ printk(KERN_ERR "NOHZ: local_softirq_pending %02x\n",
++ local_softirq_pending());
++ rate_limit++;
++ }
++}
++# endif
++
++#else /* !CONFIG_NO_HZ_COMMON */
++static inline void softirq_set_runner(unsigned int sirq) { }
++static inline void softirq_clr_runner(unsigned int sirq) { }
++#endif
++
+ /*
+ * we cannot loop indefinitely here to avoid userspace starvation,
+ * but we also don't want to introduce a worst case 1/HZ latency
+@@ -77,6 +171,70 @@
+ wake_up_process(tsk);
+ }
+
++static void handle_softirq(unsigned int vec_nr)
++{
++ struct softirq_action *h = softirq_vec + vec_nr;
++ int prev_count;
++
++ prev_count = preempt_count();
++
++ kstat_incr_softirqs_this_cpu(vec_nr);
++
++ trace_softirq_entry(vec_nr);
++ h->action(h);
++ trace_softirq_exit(vec_nr);
++ if (unlikely(prev_count != preempt_count())) {
++ pr_err("huh, entered softirq %u %s %p with preempt_count %08x, exited with %08x?\n",
++ vec_nr, softirq_to_name[vec_nr], h->action,
++ prev_count, preempt_count());
++ preempt_count_set(prev_count);
++ }
++}
++
++#ifndef CONFIG_PREEMPT_RT_FULL
++static inline int ksoftirqd_softirq_pending(void)
++{
++ return local_softirq_pending();
++}
++
++static void handle_pending_softirqs(u32 pending, int need_rcu_bh_qs)
++{
++ struct softirq_action *h = softirq_vec;
++ int softirq_bit;
++
++ local_irq_enable();
++
++ h = softirq_vec;
++
++ while ((softirq_bit = ffs(pending))) {
++ unsigned int vec_nr;
++
++ h += softirq_bit - 1;
++ vec_nr = h - softirq_vec;
++ handle_softirq(vec_nr);
++
++ h++;
++ pending >>= softirq_bit;
++ }
++
++ if (need_rcu_bh_qs)
++ rcu_bh_qs();
++ local_irq_disable();
++}
++
++static void run_ksoftirqd(unsigned int cpu)
++{
++ local_irq_disable();
++ if (ksoftirqd_softirq_pending()) {
++ __do_softirq();
++ rcu_note_context_switch(cpu);
++ local_irq_enable();
++ cond_resched();
++ return;
++ }
++ local_irq_enable();
++}
++
+ /*
+ * preempt_count and SOFTIRQ_OFFSET usage:
+ * - preempt_count is changed by SOFTIRQ_OFFSET on entering or leaving
+@@ -228,10 +386,8 @@
+ unsigned long end = jiffies + MAX_SOFTIRQ_TIME;
+ unsigned long old_flags = current->flags;
+ int max_restart = MAX_SOFTIRQ_RESTART;
+- struct softirq_action *h;
+ bool in_hardirq;
+ __u32 pending;
+- int softirq_bit;
+
+ /*
+ * Mask out PF_MEMALLOC s current task context is borrowed for the
+@@ -250,36 +406,7 @@
+ /* Reset the pending bitmask before enabling irqs */
+ set_softirq_pending(0);
+
+- local_irq_enable();
+-
+- h = softirq_vec;
+-
+- while ((softirq_bit = ffs(pending))) {
+- unsigned int vec_nr;
+- int prev_count;
+-
+- h += softirq_bit - 1;
+-
+- vec_nr = h - softirq_vec;
+- prev_count = preempt_count();
+-
+- kstat_incr_softirqs_this_cpu(vec_nr);
+-
+- trace_softirq_entry(vec_nr);
+- h->action(h);
+- trace_softirq_exit(vec_nr);
+- if (unlikely(prev_count != preempt_count())) {
+- pr_err("huh, entered softirq %u %s %p with preempt_count %08x, exited with %08x?\n",
+- vec_nr, softirq_to_name[vec_nr], h->action,
+- prev_count, preempt_count());
+- preempt_count_set(prev_count);
+- }
+- h++;
+- pending >>= softirq_bit;
+- }
+-
+- rcu_bh_qs();
+- local_irq_disable();
++ handle_pending_softirqs(pending, 1);
+
+ pending = local_softirq_pending();
+ if (pending) {
+@@ -316,6 +443,285 @@
+ }
+
+ /*
++ * This function must run with irqs disabled!
++ */
++void raise_softirq_irqoff(unsigned int nr)
++{
++ __raise_softirq_irqoff(nr);
++
++ /*
++ * If we're in an interrupt or softirq, we're done
++ * (this also catches softirq-disabled code). We will
++ * actually run the softirq once we return from
++ * the irq or softirq.
++ *
++ * Otherwise we wake up ksoftirqd to make sure we
++ * schedule the softirq soon.
++ */
++ if (!in_interrupt())
++ wakeup_softirqd();
++}
++
++void __raise_softirq_irqoff(unsigned int nr)
++{
++ trace_softirq_raise(nr);
++ or_softirq_pending(1UL << nr);
++}
++
++static inline void local_bh_disable_nort(void) { local_bh_disable(); }
++static inline void _local_bh_enable_nort(void) { _local_bh_enable(); }
++static void ksoftirqd_set_sched_params(unsigned int cpu) { }
++static void ksoftirqd_clr_sched_params(unsigned int cpu, bool online) { }
++
++#else /* !PREEMPT_RT_FULL */
++
++/*
++ * On RT we serialize softirq execution with a cpu local lock per softirq
++ */
++static DEFINE_PER_CPU(struct local_irq_lock [NR_SOFTIRQS], local_softirq_locks);
++
++void __init softirq_early_init(void)
++{
++ int i;
++
++ for (i = 0; i < NR_SOFTIRQS; i++)
++ local_irq_lock_init(local_softirq_locks[i]);
++}
++
++static void lock_softirq(int which)
++{
++ local_lock(local_softirq_locks[which]);
++}
++
++static void unlock_softirq(int which)
++{
++ local_unlock(local_softirq_locks[which]);
++}
++
++static void do_single_softirq(int which, int need_rcu_bh_qs)
++{
++ unsigned long old_flags = current->flags;
++
++ current->flags &= ~PF_MEMALLOC;
++ vtime_account_irq_enter(current);
++ current->flags |= PF_IN_SOFTIRQ;
++ lockdep_softirq_enter();
++ local_irq_enable();
++ handle_softirq(which);
++ local_irq_disable();
++ lockdep_softirq_exit();
++ current->flags &= ~PF_IN_SOFTIRQ;
++ vtime_account_irq_enter(current);
++ tsk_restore_flags(current, old_flags, PF_MEMALLOC);
++}
++
++/*
++ * Called with interrupts disabled. Process softirqs which were raised
++ * in current context (or on behalf of ksoftirqd).
++ */
++static void do_current_softirqs(int need_rcu_bh_qs)
++{
++ while (current->softirqs_raised) {
++ int i = __ffs(current->softirqs_raised);
++ unsigned int pending, mask = (1U << i);
++
++ current->softirqs_raised &= ~mask;
++ local_irq_enable();
++
++ /*
++ * If the lock is contended, we boost the owner to
++ * process the softirq or leave the critical section
++ * now.
++ */
++ lock_softirq(i);
++ local_irq_disable();
++ softirq_set_runner(i);
++ /*
++ * Check with the local_softirq_pending() bits,
++ * whether we need to process this still or if someone
++ * else took care of it.
++ */
++ pending = local_softirq_pending();
++ if (pending & mask) {
++ set_softirq_pending(pending & ~mask);
++ do_single_softirq(i, need_rcu_bh_qs);
++ }
++ softirq_clr_runner(i);
++ unlock_softirq(i);
++ WARN_ON(current->softirq_nestcnt != 1);
++ }
++}
++
++static void __local_bh_disable(void)
++{
++ if (++current->softirq_nestcnt == 1)
++ migrate_disable();
++}
++
++void local_bh_disable(void)
++{
++ __local_bh_disable();
++}
++EXPORT_SYMBOL(local_bh_disable);
++
++void __local_bh_disable_ip(unsigned long ip, unsigned int cnt)
++{
++ __local_bh_disable();
++ if (cnt & PREEMPT_CHECK_OFFSET)
++ preempt_disable();
++}
++
++static void __local_bh_enable(void)
++{
++ if (WARN_ON(current->softirq_nestcnt == 0))
++ return;
++
++ local_irq_disable();
++ if (current->softirq_nestcnt == 1 && current->softirqs_raised)
++ do_current_softirqs(1);
++ local_irq_enable();
++
++ if (--current->softirq_nestcnt == 0)
++ migrate_enable();
++}
++
++void local_bh_enable(void)
++{
++ __local_bh_enable();
++}
++EXPORT_SYMBOL(local_bh_enable);
++
++extern void __local_bh_enable_ip(unsigned long ip, unsigned int cnt)
++{
++ __local_bh_enable();
++ if (cnt & PREEMPT_CHECK_OFFSET)
++ preempt_enable();
++}
++
++void local_bh_enable_ip(unsigned long ip)
++{
++ local_bh_enable();
++}
++EXPORT_SYMBOL(local_bh_enable_ip);
++
++void _local_bh_enable(void)
++{
++ if (WARN_ON(current->softirq_nestcnt == 0))
++ return;
++ if (--current->softirq_nestcnt == 0)
++ migrate_enable();
++}
++EXPORT_SYMBOL(_local_bh_enable);
++
++int in_serving_softirq(void)
++{
++ return current->flags & PF_IN_SOFTIRQ;
++}
++EXPORT_SYMBOL(in_serving_softirq);
++
++/* Called with preemption disabled */
++static void run_ksoftirqd(unsigned int cpu)
++{
++ local_irq_disable();
++ current->softirq_nestcnt++;
++
++ do_current_softirqs(1);
++ current->softirq_nestcnt--;
++ rcu_note_context_switch(cpu);
++ local_irq_enable();
++}
++
++/*
++ * Called from netif_rx_ni(). Preemption enabled, but migration
++ * disabled. So the cpu can't go away under us.
++ */
++void thread_do_softirq(void)
++{
++ if (!in_serving_softirq() && current->softirqs_raised) {
++ current->softirq_nestcnt++;
++ do_current_softirqs(0);
++ current->softirq_nestcnt--;
++ }
++}
++
++static void do_raise_softirq_irqoff(unsigned int nr)
++{
++ trace_softirq_raise(nr);
++ or_softirq_pending(1UL << nr);
++
++ /*
++ * If we are not in a hard interrupt and inside a bh disabled
++ * region, we simply raise the flag on current. local_bh_enable()
++ * will make sure that the softirq is executed. Otherwise we
++ * delegate it to ksoftirqd.
++ */
++ if (!in_irq() && current->softirq_nestcnt)
++ current->softirqs_raised |= (1U << nr);
++ else if (__this_cpu_read(ksoftirqd))
++ __this_cpu_read(ksoftirqd)->softirqs_raised |= (1U << nr);
++}
++
++void __raise_softirq_irqoff(unsigned int nr)
++{
++ do_raise_softirq_irqoff(nr);
++ if (!in_irq() && !current->softirq_nestcnt)
++ wakeup_softirqd();
++}
++
++/*
++ * This function must run with irqs disabled!
++ */
++void raise_softirq_irqoff(unsigned int nr)
++{
++ do_raise_softirq_irqoff(nr);
++
++ /*
++ * If we're in an hard interrupt we let irq return code deal
++ * with the wakeup of ksoftirqd.
++ */
++ if (in_irq())
++ return;
++ /*
++ * If we are in thread context but outside of a bh disabled
++ * region, we need to wake ksoftirqd as well.
++ *
++ * CHECKME: Some of the places which do that could be wrapped
++ * into local_bh_disable/enable pairs. Though it's unclear
++ * whether this is worth the effort. To find those places just
++ * raise a WARN() if the condition is met.
++ */
++ if (!current->softirq_nestcnt)
++ wakeup_softirqd();
++}
++
++static inline int ksoftirqd_softirq_pending(void)
++{
++ return current->softirqs_raised;
++}
++
++static inline void local_bh_disable_nort(void) { }
++static inline void _local_bh_enable_nort(void) { }
++
++static inline void ksoftirqd_set_sched_params(unsigned int cpu)
++{
++ struct sched_param param = { .sched_priority = 1 };
++
++ sched_setscheduler(current, SCHED_FIFO, &param);
++ /* Take over all pending softirqs when starting */
++ local_irq_disable();
++ current->softirqs_raised = local_softirq_pending();
++ local_irq_enable();
++}
++
++static inline void ksoftirqd_clr_sched_params(unsigned int cpu, bool online)
++{
++ struct sched_param param = { .sched_priority = 0 };
++
++ sched_setscheduler(current, SCHED_NORMAL, &param);
++}
++
++#endif /* PREEMPT_RT_FULL */
++/*
+ * Enter an interrupt context.
+ */
+ void irq_enter(void)
+@@ -326,9 +732,9 @@
+ * Prevent raise_softirq from needlessly waking up ksoftirqd
+ * here, as softirq will be serviced on return from interrupt.
+ */
+- local_bh_disable();
++ local_bh_disable_nort();
+ tick_irq_enter();
+- _local_bh_enable();
++ _local_bh_enable_nort();
+ }
+
+ __irq_enter();
+@@ -336,6 +742,7 @@
+
+ static inline void invoke_softirq(void)
+ {
++#ifndef CONFIG_PREEMPT_RT_FULL
+ if (!force_irqthreads) {
+ #ifdef CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK
+ /*
+@@ -355,6 +762,15 @@
+ } else {
+ wakeup_softirqd();
+ }
++#else /* PREEMPT_RT_FULL */
++ unsigned long flags;
++
++ local_irq_save(flags);
++ if (__this_cpu_read(ksoftirqd) &&
++ __this_cpu_read(ksoftirqd)->softirqs_raised)
++ wakeup_softirqd();
++ local_irq_restore(flags);
++#endif
+ }
+
+ static inline void tick_irq_exit(void)
+@@ -391,26 +807,6 @@
+ trace_hardirq_exit(); /* must be last! */
+ }
+
+-/*
+- * This function must run with irqs disabled!
+- */
+-inline void raise_softirq_irqoff(unsigned int nr)
+-{
+- __raise_softirq_irqoff(nr);
+-
+- /*
+- * If we're in an interrupt or softirq, we're done
+- * (this also catches softirq-disabled code). We will
+- * actually run the softirq once we return from
+- * the irq or softirq.
+- *
+- * Otherwise we wake up ksoftirqd to make sure we
+- * schedule the softirq soon.
+- */
+- if (!in_interrupt())
+- wakeup_softirqd();
+-}
+-
+ void raise_softirq(unsigned int nr)
+ {
+ unsigned long flags;
+@@ -420,12 +816,6 @@
+ local_irq_restore(flags);
+ }
+
+-void __raise_softirq_irqoff(unsigned int nr)
+-{
+- trace_softirq_raise(nr);
+- or_softirq_pending(1UL << nr);
+-}
+-
+ void open_softirq(int nr, void (*action)(struct softirq_action *))
+ {
+ softirq_vec[nr].action = action;
+@@ -442,15 +832,45 @@
+ static DEFINE_PER_CPU(struct tasklet_head, tasklet_vec);
+ static DEFINE_PER_CPU(struct tasklet_head, tasklet_hi_vec);
+
++static void inline
++__tasklet_common_schedule(struct tasklet_struct *t, struct tasklet_head *head, unsigned int nr)
++{
++ if (tasklet_trylock(t)) {
++again:
++ /* We may have been preempted before tasklet_trylock
++ * and __tasklet_action may have already run.
++ * So double check the sched bit while the takslet
++ * is locked before adding it to the list.
++ */
++ if (test_bit(TASKLET_STATE_SCHED, &t->state)) {
++ t->next = NULL;
++ *head->tail = t;
++ head->tail = &(t->next);
++ raise_softirq_irqoff(nr);
++ tasklet_unlock(t);
++ } else {
++ /* This is subtle. If we hit the corner case above
++ * It is possible that we get preempted right here,
++ * and another task has successfully called
++ * tasklet_schedule(), then this function, and
++ * failed on the trylock. Thus we must be sure
++ * before releasing the tasklet lock, that the
++ * SCHED_BIT is clear. Otherwise the tasklet
++ * may get its SCHED_BIT set, but not added to the
++ * list
++ */
++ if (!tasklet_tryunlock(t))
++ goto again;
++ }
++ }
++}
++
+ void __tasklet_schedule(struct tasklet_struct *t)
+ {
+ unsigned long flags;
+
+ local_irq_save(flags);
+- t->next = NULL;
+- *__this_cpu_read(tasklet_vec.tail) = t;
+- __this_cpu_write(tasklet_vec.tail, &(t->next));
+- raise_softirq_irqoff(TASKLET_SOFTIRQ);
++ __tasklet_common_schedule(t, &__get_cpu_var(tasklet_vec), TASKLET_SOFTIRQ);
+ local_irq_restore(flags);
+ }
+ EXPORT_SYMBOL(__tasklet_schedule);
+@@ -460,10 +880,7 @@
+ unsigned long flags;
+
+ local_irq_save(flags);
+- t->next = NULL;
+- *__this_cpu_read(tasklet_hi_vec.tail) = t;
+- __this_cpu_write(tasklet_hi_vec.tail, &(t->next));
+- raise_softirq_irqoff(HI_SOFTIRQ);
++ __tasklet_common_schedule(t, &__get_cpu_var(tasklet_hi_vec), HI_SOFTIRQ);
+ local_irq_restore(flags);
+ }
+ EXPORT_SYMBOL(__tasklet_hi_schedule);
+@@ -472,48 +889,116 @@
+ {
+ BUG_ON(!irqs_disabled());
+
+- t->next = __this_cpu_read(tasklet_hi_vec.head);
+- __this_cpu_write(tasklet_hi_vec.head, t);
+- __raise_softirq_irqoff(HI_SOFTIRQ);
++ __tasklet_hi_schedule(t);
+ }
+ EXPORT_SYMBOL(__tasklet_hi_schedule_first);
+
+-static void tasklet_action(struct softirq_action *a)
++void tasklet_enable(struct tasklet_struct *t)
+ {
+- struct tasklet_struct *list;
++ if (!atomic_dec_and_test(&t->count))
++ return;
++ if (test_and_clear_bit(TASKLET_STATE_PENDING, &t->state))
++ tasklet_schedule(t);
++}
++EXPORT_SYMBOL(tasklet_enable);
+
+- local_irq_disable();
+- list = __this_cpu_read(tasklet_vec.head);
+- __this_cpu_write(tasklet_vec.head, NULL);
+- __this_cpu_write(tasklet_vec.tail, this_cpu_ptr(&tasklet_vec.head));
+- local_irq_enable();
++void tasklet_hi_enable(struct tasklet_struct *t)
++{
++ if (!atomic_dec_and_test(&t->count))
++ return;
++ if (test_and_clear_bit(TASKLET_STATE_PENDING, &t->state))
++ tasklet_hi_schedule(t);
++}
++EXPORT_SYMBOL(tasklet_hi_enable);
++
++static void __tasklet_action(struct softirq_action *a,
++ struct tasklet_struct *list)
++{
++ int loops = 1000000;
+
+ while (list) {
+ struct tasklet_struct *t = list;
+
+ list = list->next;
+
+- if (tasklet_trylock(t)) {
+- if (!atomic_read(&t->count)) {
+- if (!test_and_clear_bit(TASKLET_STATE_SCHED,
+- &t->state))
+- BUG();
+- t->func(t->data);
+- tasklet_unlock(t);
+- continue;
+- }
+- tasklet_unlock(t);
++ /*
++ * Should always succeed - after a tasklist got on the
++ * list (after getting the SCHED bit set from 0 to 1),
++ * nothing but the tasklet softirq it got queued to can
++ * lock it:
++ */
++ if (!tasklet_trylock(t)) {
++ WARN_ON(1);
++ continue;
+ }
+
+- local_irq_disable();
+ t->next = NULL;
+- *__this_cpu_read(tasklet_vec.tail) = t;
+- __this_cpu_write(tasklet_vec.tail, &(t->next));
+- __raise_softirq_irqoff(TASKLET_SOFTIRQ);
+- local_irq_enable();
++
++ /*
++ * If we cannot handle the tasklet because it's disabled,
++ * mark it as pending. tasklet_enable() will later
++ * re-schedule the tasklet.
++ */
++ if (unlikely(atomic_read(&t->count))) {
++out_disabled:
++ /* implicit unlock: */
++ wmb();
++ t->state = TASKLET_STATEF_PENDING;
++ continue;
++ }
++
++ /*
++ * After this point on the tasklet might be rescheduled
++ * on another CPU, but it can only be added to another
++ * CPU's tasklet list if we unlock the tasklet (which we
++ * dont do yet).
++ */
++ if (!test_and_clear_bit(TASKLET_STATE_SCHED, &t->state))
++ WARN_ON(1);
++
++again:
++ t->func(t->data);
++
++ /*
++ * Try to unlock the tasklet. We must use cmpxchg, because
++ * another CPU might have scheduled or disabled the tasklet.
++ * We only allow the STATE_RUN -> 0 transition here.
++ */
++ while (!tasklet_tryunlock(t)) {
++ /*
++ * If it got disabled meanwhile, bail out:
++ */
++ if (atomic_read(&t->count))
++ goto out_disabled;
++ /*
++ * If it got scheduled meanwhile, re-execute
++ * the tasklet function:
++ */
++ if (test_and_clear_bit(TASKLET_STATE_SCHED, &t->state))
++ goto again;
++ if (!--loops) {
++ printk("hm, tasklet state: %08lx\n", t->state);
++ WARN_ON(1);
++ tasklet_unlock(t);
++ break;
++ }
++ }
+ }
+ }
+
++static void tasklet_action(struct softirq_action *a)
++{
++ struct tasklet_struct *list;
++
++ local_irq_disable();
++ list = __get_cpu_var(tasklet_vec).head;
++ __get_cpu_var(tasklet_vec).head = NULL;
++ __get_cpu_var(tasklet_vec).tail = &__get_cpu_var(tasklet_vec).head;
++ local_irq_enable();
++
++ __tasklet_action(a, list);
++}
++
+ static void tasklet_hi_action(struct softirq_action *a)
+ {
+ struct tasklet_struct *list;
+@@ -524,30 +1009,7 @@
+ __this_cpu_write(tasklet_hi_vec.tail, this_cpu_ptr(&tasklet_hi_vec.head));
+ local_irq_enable();
+
+- while (list) {
+- struct tasklet_struct *t = list;
+-
+- list = list->next;
+-
+- if (tasklet_trylock(t)) {
+- if (!atomic_read(&t->count)) {
+- if (!test_and_clear_bit(TASKLET_STATE_SCHED,
+- &t->state))
+- BUG();
+- t->func(t->data);
+- tasklet_unlock(t);
+- continue;
+- }
+- tasklet_unlock(t);
+- }
+-
+- local_irq_disable();
+- t->next = NULL;
+- *__this_cpu_read(tasklet_hi_vec.tail) = t;
+- __this_cpu_write(tasklet_hi_vec.tail, &(t->next));
+- __raise_softirq_irqoff(HI_SOFTIRQ);
+- local_irq_enable();
+- }
++ __tasklet_action(a, list);
+ }
+
+ void tasklet_init(struct tasklet_struct *t,
+@@ -568,7 +1030,7 @@
+
+ while (test_and_set_bit(TASKLET_STATE_SCHED, &t->state)) {
+ do {
+- yield();
++ msleep(1);
+ } while (test_bit(TASKLET_STATE_SCHED, &t->state));
+ }
+ tasklet_unlock_wait(t);
+@@ -642,26 +1104,26 @@
+ open_softirq(HI_SOFTIRQ, tasklet_hi_action);
+ }
+
+-static int ksoftirqd_should_run(unsigned int cpu)
+-{
+- return local_softirq_pending();
+-}
+-
+-static void run_ksoftirqd(unsigned int cpu)
++#if defined(CONFIG_SMP) || defined(CONFIG_PREEMPT_RT_FULL)
++void tasklet_unlock_wait(struct tasklet_struct *t)
+ {
+- local_irq_disable();
+- if (local_softirq_pending()) {
++ while (test_bit(TASKLET_STATE_RUN, &(t)->state)) {
+ /*
+- * We can safely run softirq on inline stack, as we are not deep
+- * in the task stack here.
++ * Hack for now to avoid this busy-loop:
+ */
+- __do_softirq();
+- rcu_note_context_switch(cpu);
+- local_irq_enable();
+- cond_resched();
+- return;
++#ifdef CONFIG_PREEMPT_RT_FULL
++ msleep(1);
++#else
++ barrier();
++#endif
+ }
+- local_irq_enable();
++}
++EXPORT_SYMBOL(tasklet_unlock_wait);
++#endif
++
++static int ksoftirqd_should_run(unsigned int cpu)
++{
++ return ksoftirqd_softirq_pending();
+ }
+
+ #ifdef CONFIG_HOTPLUG_CPU
+@@ -743,6 +1205,8 @@
+
+ static struct smp_hotplug_thread softirq_threads = {
+ .store = &ksoftirqd,
++ .setup = ksoftirqd_set_sched_params,
++ .cleanup = ksoftirqd_clr_sched_params,
+ .thread_should_run = ksoftirqd_should_run,
+ .thread_fn = run_ksoftirqd,
+ .thread_comm = "ksoftirqd/%u",
+diff -Nur linux-3.18.9.orig/kernel/stop_machine.c linux-3.18.9/kernel/stop_machine.c
+--- linux-3.18.9.orig/kernel/stop_machine.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/stop_machine.c 2015-03-15 16:03:03.852094875 -0500
+@@ -30,12 +30,12 @@
+ atomic_t nr_todo; /* nr left to execute */
+ bool executed; /* actually executed? */
+ int ret; /* collected return value */
+- struct completion completion; /* fired if nr_todo reaches 0 */
++ struct task_struct *waiter; /* woken when nr_todo reaches 0 */
+ };
+
+ /* the actual stopper, one per every possible cpu, enabled on online cpus */
+ struct cpu_stopper {
+- spinlock_t lock;
++ raw_spinlock_t lock;
+ bool enabled; /* is this stopper enabled? */
+ struct list_head works; /* list of pending works */
+ };
+@@ -56,7 +56,7 @@
+ {
+ memset(done, 0, sizeof(*done));
+ atomic_set(&done->nr_todo, nr_todo);
+- init_completion(&done->completion);
++ done->waiter = current;
+ }
+
+ /* signal completion unless @done is NULL */
+@@ -65,8 +65,10 @@
+ if (done) {
+ if (executed)
+ done->executed = true;
+- if (atomic_dec_and_test(&done->nr_todo))
+- complete(&done->completion);
++ if (atomic_dec_and_test(&done->nr_todo)) {
++ wake_up_process(done->waiter);
++ done->waiter = NULL;
++ }
+ }
+ }
+
+@@ -78,7 +80,7 @@
+
+ unsigned long flags;
+
+- spin_lock_irqsave(&stopper->lock, flags);
++ raw_spin_lock_irqsave(&stopper->lock, flags);
+
+ if (stopper->enabled) {
+ list_add_tail(&work->list, &stopper->works);
+@@ -86,7 +88,23 @@
+ } else
+ cpu_stop_signal_done(work->done, false);
+
+- spin_unlock_irqrestore(&stopper->lock, flags);
++ raw_spin_unlock_irqrestore(&stopper->lock, flags);
++}
++
++static void wait_for_stop_done(struct cpu_stop_done *done)
++{
++ set_current_state(TASK_UNINTERRUPTIBLE);
++ while (atomic_read(&done->nr_todo)) {
++ schedule();
++ set_current_state(TASK_UNINTERRUPTIBLE);
++ }
++ /*
++ * We need to wait until cpu_stop_signal_done() has cleared
++ * done->waiter.
++ */
++ while (done->waiter)
++ cpu_relax();
++ set_current_state(TASK_RUNNING);
+ }
+
+ /**
+@@ -120,7 +138,7 @@
+
+ cpu_stop_init_done(&done, 1);
+ cpu_stop_queue_work(cpu, &work);
+- wait_for_completion(&done.completion);
++ wait_for_stop_done(&done);
+ return done.executed ? done.ret : -ENOENT;
+ }
+
+@@ -248,7 +266,7 @@
+ struct irq_cpu_stop_queue_work_info call_args;
+ struct multi_stop_data msdata;
+
+- preempt_disable();
++ preempt_disable_nort();
+ msdata = (struct multi_stop_data){
+ .fn = fn,
+ .data = arg,
+@@ -281,7 +299,7 @@
+ * This relies on the stopper workqueues to be FIFO.
+ */
+ if (!cpu_active(cpu1) || !cpu_active(cpu2)) {
+- preempt_enable();
++ preempt_enable_nort();
+ return -ENOENT;
+ }
+
+@@ -295,9 +313,9 @@
+ &irq_cpu_stop_queue_work,
+ &call_args, 1);
+ lg_local_unlock(&stop_cpus_lock);
+- preempt_enable();
++ preempt_enable_nort();
+
+- wait_for_completion(&done.completion);
++ wait_for_stop_done(&done);
+
+ return done.executed ? done.ret : -ENOENT;
+ }
+@@ -329,7 +347,7 @@
+
+ static void queue_stop_cpus_work(const struct cpumask *cpumask,
+ cpu_stop_fn_t fn, void *arg,
+- struct cpu_stop_done *done)
++ struct cpu_stop_done *done, bool inactive)
+ {
+ struct cpu_stop_work *work;
+ unsigned int cpu;
+@@ -343,11 +361,13 @@
+ }
+
+ /*
+- * Disable preemption while queueing to avoid getting
+- * preempted by a stopper which might wait for other stoppers
+- * to enter @fn which can lead to deadlock.
++ * Make sure that all work is queued on all cpus before
++ * any of the cpus can execute it.
+ */
+- lg_global_lock(&stop_cpus_lock);
++ if (!inactive)
++ lg_global_lock(&stop_cpus_lock);
++ else
++ lg_global_trylock_relax(&stop_cpus_lock);
+ for_each_cpu(cpu, cpumask)
+ cpu_stop_queue_work(cpu, &per_cpu(stop_cpus_work, cpu));
+ lg_global_unlock(&stop_cpus_lock);
+@@ -359,8 +379,8 @@
+ struct cpu_stop_done done;
+
+ cpu_stop_init_done(&done, cpumask_weight(cpumask));
+- queue_stop_cpus_work(cpumask, fn, arg, &done);
+- wait_for_completion(&done.completion);
++ queue_stop_cpus_work(cpumask, fn, arg, &done, false);
++ wait_for_stop_done(&done);
+ return done.executed ? done.ret : -ENOENT;
+ }
+
+@@ -439,9 +459,9 @@
+ unsigned long flags;
+ int run;
+
+- spin_lock_irqsave(&stopper->lock, flags);
++ raw_spin_lock_irqsave(&stopper->lock, flags);
+ run = !list_empty(&stopper->works);
+- spin_unlock_irqrestore(&stopper->lock, flags);
++ raw_spin_unlock_irqrestore(&stopper->lock, flags);
+ return run;
+ }
+
+@@ -453,13 +473,13 @@
+
+ repeat:
+ work = NULL;
+- spin_lock_irq(&stopper->lock);
++ raw_spin_lock_irq(&stopper->lock);
+ if (!list_empty(&stopper->works)) {
+ work = list_first_entry(&stopper->works,
+ struct cpu_stop_work, list);
+ list_del_init(&work->list);
+ }
+- spin_unlock_irq(&stopper->lock);
++ raw_spin_unlock_irq(&stopper->lock);
+
+ if (work) {
+ cpu_stop_fn_t fn = work->fn;
+@@ -467,6 +487,16 @@
+ struct cpu_stop_done *done = work->done;
+ char ksym_buf[KSYM_NAME_LEN] __maybe_unused;
+
++ /*
++ * Wait until the stopper finished scheduling on all
++ * cpus
++ */
++ lg_global_lock(&stop_cpus_lock);
++ /*
++ * Let other cpu threads continue as well
++ */
++ lg_global_unlock(&stop_cpus_lock);
++
+ /* cpu stop callbacks are not allowed to sleep */
+ preempt_disable();
+
+@@ -481,7 +511,13 @@
+ kallsyms_lookup((unsigned long)fn, NULL, NULL, NULL,
+ ksym_buf), arg);
+
++ /*
++ * Make sure that the wakeup and setting done->waiter
++ * to NULL is atomic.
++ */
++ local_irq_disable();
+ cpu_stop_signal_done(done, true);
++ local_irq_enable();
+ goto repeat;
+ }
+ }
+@@ -500,20 +536,20 @@
+ unsigned long flags;
+
+ /* drain remaining works */
+- spin_lock_irqsave(&stopper->lock, flags);
++ raw_spin_lock_irqsave(&stopper->lock, flags);
+ list_for_each_entry(work, &stopper->works, list)
+ cpu_stop_signal_done(work->done, false);
+ stopper->enabled = false;
+- spin_unlock_irqrestore(&stopper->lock, flags);
++ raw_spin_unlock_irqrestore(&stopper->lock, flags);
+ }
+
+ static void cpu_stop_unpark(unsigned int cpu)
+ {
+ struct cpu_stopper *stopper = &per_cpu(cpu_stopper, cpu);
+
+- spin_lock_irq(&stopper->lock);
++ raw_spin_lock_irq(&stopper->lock);
+ stopper->enabled = true;
+- spin_unlock_irq(&stopper->lock);
++ raw_spin_unlock_irq(&stopper->lock);
+ }
+
+ static struct smp_hotplug_thread cpu_stop_threads = {
+@@ -535,10 +571,12 @@
+ for_each_possible_cpu(cpu) {
+ struct cpu_stopper *stopper = &per_cpu(cpu_stopper, cpu);
+
+- spin_lock_init(&stopper->lock);
++ raw_spin_lock_init(&stopper->lock);
+ INIT_LIST_HEAD(&stopper->works);
+ }
+
++ lg_lock_init(&stop_cpus_lock, "stop_cpus_lock");
++
+ BUG_ON(smpboot_register_percpu_thread(&cpu_stop_threads));
+ stop_machine_initialized = true;
+ return 0;
+@@ -634,11 +672,11 @@
+ set_state(&msdata, MULTI_STOP_PREPARE);
+ cpu_stop_init_done(&done, num_active_cpus());
+ queue_stop_cpus_work(cpu_active_mask, multi_cpu_stop, &msdata,
+- &done);
++ &done, true);
+ ret = multi_cpu_stop(&msdata);
+
+ /* Busy wait for completion. */
+- while (!completion_done(&done.completion))
++ while (atomic_read(&done.nr_todo))
+ cpu_relax();
+
+ mutex_unlock(&stop_cpus_mutex);
+diff -Nur linux-3.18.9.orig/kernel/time/hrtimer.c linux-3.18.9/kernel/time/hrtimer.c
+--- linux-3.18.9.orig/kernel/time/hrtimer.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/time/hrtimer.c 2015-03-15 16:03:03.852094875 -0500
+@@ -48,11 +48,13 @@
+ #include <linux/sched/rt.h>
+ #include <linux/sched/deadline.h>
+ #include <linux/timer.h>
++#include <linux/kthread.h>
+ #include <linux/freezer.h>
+
+ #include <asm/uaccess.h>
+
+ #include <trace/events/timer.h>
++#include <trace/events/hist.h>
+
+ #include "timekeeping.h"
+
+@@ -568,8 +570,7 @@
+ * When the callback is running, we do not reprogram the clock event
+ * device. The timer callback is either running on a different CPU or
+ * the callback is executed in the hrtimer_interrupt context. The
+- * reprogramming is handled either by the softirq, which called the
+- * callback or at the end of the hrtimer_interrupt.
++ * reprogramming is handled at the end of the hrtimer_interrupt.
+ */
+ if (hrtimer_callback_running(timer))
+ return 0;
+@@ -604,6 +605,9 @@
+ return res;
+ }
+
++static void __run_hrtimer(struct hrtimer *timer, ktime_t *now);
++static int hrtimer_rt_defer(struct hrtimer *timer);
++
+ /*
+ * Initialize the high resolution related parts of cpu_base
+ */
+@@ -613,6 +617,21 @@
+ base->hres_active = 0;
+ }
+
++static inline int hrtimer_enqueue_reprogram(struct hrtimer *timer,
++ struct hrtimer_clock_base *base,
++ int wakeup)
++{
++ if (!hrtimer_reprogram(timer, base))
++ return 0;
++ if (!wakeup)
++ return -ETIME;
++#ifdef CONFIG_PREEMPT_RT_BASE
++ if (!hrtimer_rt_defer(timer))
++ return -ETIME;
++#endif
++ return 1;
++}
++
+ static inline ktime_t hrtimer_update_base(struct hrtimer_cpu_base *base)
+ {
+ ktime_t *offs_real = &base->clock_base[HRTIMER_BASE_REALTIME].offset;
+@@ -678,6 +697,44 @@
+
+ static DECLARE_WORK(hrtimer_work, clock_was_set_work);
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++/*
++ * RT can not call schedule_work from real interrupt context.
++ * Need to make a thread to do the real work.
++ */
++static struct task_struct *clock_set_delay_thread;
++static bool do_clock_set_delay;
++
++static int run_clock_set_delay(void *ignore)
++{
++ while (!kthread_should_stop()) {
++ set_current_state(TASK_INTERRUPTIBLE);
++ if (do_clock_set_delay) {
++ do_clock_set_delay = false;
++ schedule_work(&hrtimer_work);
++ }
++ schedule();
++ }
++ __set_current_state(TASK_RUNNING);
++ return 0;
++}
++
++void clock_was_set_delayed(void)
++{
++ do_clock_set_delay = true;
++ /* Make visible before waking up process */
++ smp_wmb();
++ wake_up_process(clock_set_delay_thread);
++}
++
++static __init int create_clock_set_delay_thread(void)
++{
++ clock_set_delay_thread = kthread_run(run_clock_set_delay, NULL, "kclksetdelayd");
++ BUG_ON(!clock_set_delay_thread);
++ return 0;
++}
++early_initcall(create_clock_set_delay_thread);
++#else /* PREEMPT_RT_FULL */
+ /*
+ * Called from timekeeping and resume code to reprogramm the hrtimer
+ * interrupt device on all cpus.
+@@ -686,6 +743,7 @@
+ {
+ schedule_work(&hrtimer_work);
+ }
++#endif
+
+ #else
+
+@@ -694,6 +752,13 @@
+ static inline int hrtimer_switch_to_hres(void) { return 0; }
+ static inline void
+ hrtimer_force_reprogram(struct hrtimer_cpu_base *base, int skip_equal) { }
++static inline int hrtimer_enqueue_reprogram(struct hrtimer *timer,
++ struct hrtimer_clock_base *base,
++ int wakeup)
++{
++ return 0;
++}
++
+ static inline int hrtimer_reprogram(struct hrtimer *timer,
+ struct hrtimer_clock_base *base)
+ {
+@@ -701,7 +766,6 @@
+ }
+ static inline void hrtimer_init_hres(struct hrtimer_cpu_base *base) { }
+ static inline void retrigger_next_event(void *arg) { }
+-
+ #endif /* CONFIG_HIGH_RES_TIMERS */
+
+ /*
+@@ -819,6 +883,32 @@
+ }
+ EXPORT_SYMBOL_GPL(hrtimer_forward);
+
++#ifdef CONFIG_PREEMPT_RT_BASE
++# define wake_up_timer_waiters(b) wake_up(&(b)->wait)
++
++/**
++ * hrtimer_wait_for_timer - Wait for a running timer
++ *
++ * @timer: timer to wait for
++ *
++ * The function waits in case the timers callback function is
++ * currently executed on the waitqueue of the timer base. The
++ * waitqueue is woken up after the timer callback function has
++ * finished execution.
++ */
++void hrtimer_wait_for_timer(const struct hrtimer *timer)
++{
++ struct hrtimer_clock_base *base = timer->base;
++
++ if (base && base->cpu_base && !timer->irqsafe)
++ wait_event(base->cpu_base->wait,
++ !(timer->state & HRTIMER_STATE_CALLBACK));
++}
++
++#else
++# define wake_up_timer_waiters(b) do { } while (0)
++#endif
++
+ /*
+ * enqueue_hrtimer - internal function to (re)start a timer
+ *
+@@ -862,6 +952,11 @@
+ if (!(timer->state & HRTIMER_STATE_ENQUEUED))
+ goto out;
+
++ if (unlikely(!list_empty(&timer->cb_entry))) {
++ list_del_init(&timer->cb_entry);
++ goto out;
++ }
++
+ next_timer = timerqueue_getnext(&base->active);
+ timerqueue_del(&base->active, &timer->node);
+ if (&timer->node == next_timer) {
+@@ -949,7 +1044,16 @@
+ new_base = switch_hrtimer_base(timer, base, mode & HRTIMER_MODE_PINNED);
+
+ timer_stats_hrtimer_set_start_info(timer);
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++ {
++ ktime_t now = new_base->get_time();
+
++ if (ktime_to_ns(tim) < ktime_to_ns(now))
++ timer->praecox = now;
++ else
++ timer->praecox = ktime_set(0, 0);
++ }
++#endif
+ leftmost = enqueue_hrtimer(timer, new_base);
+
+ if (!leftmost) {
+@@ -963,15 +1067,26 @@
+ * on dynticks target.
+ */
+ wake_up_nohz_cpu(new_base->cpu_base->cpu);
+- } else if (new_base->cpu_base == this_cpu_ptr(&hrtimer_bases) &&
+- hrtimer_reprogram(timer, new_base)) {
++ } else if (new_base->cpu_base == this_cpu_ptr(&hrtimer_bases)) {
++
++ ret = hrtimer_enqueue_reprogram(timer, new_base, wakeup);
++ if (ret < 0) {
++ /*
++ * In case we failed to reprogram the timer (mostly
++ * because out current timer is already elapsed),
++ * remove it again and report a failure. This avoids
++ * stale base->first entries.
++ */
++ debug_deactivate(timer);
++ __remove_hrtimer(timer, new_base,
++ timer->state & HRTIMER_STATE_CALLBACK, 0);
++ } else if (ret > 0) {
+ /*
+ * Only allow reprogramming if the new base is on this CPU.
+ * (it might still be on another CPU if the timer was pending)
+ *
+ * XXX send_remote_softirq() ?
+ */
+- if (wakeup) {
+ /*
+ * We need to drop cpu_base->lock to avoid a
+ * lock ordering issue vs. rq->lock.
+@@ -979,9 +1094,7 @@
+ raw_spin_unlock(&new_base->cpu_base->lock);
+ raise_softirq_irqoff(HRTIMER_SOFTIRQ);
+ local_irq_restore(flags);
+- return ret;
+- } else {
+- __raise_softirq_irqoff(HRTIMER_SOFTIRQ);
++ return 0;
+ }
+ }
+
+@@ -1072,7 +1185,7 @@
+
+ if (ret >= 0)
+ return ret;
+- cpu_relax();
++ hrtimer_wait_for_timer(timer);
+ }
+ }
+ EXPORT_SYMBOL_GPL(hrtimer_cancel);
+@@ -1151,6 +1264,7 @@
+
+ base = hrtimer_clockid_to_base(clock_id);
+ timer->base = &cpu_base->clock_base[base];
++ INIT_LIST_HEAD(&timer->cb_entry);
+ timerqueue_init(&timer->node);
+
+ #ifdef CONFIG_TIMER_STATS
+@@ -1234,6 +1348,126 @@
+ timer->state &= ~HRTIMER_STATE_CALLBACK;
+ }
+
++static enum hrtimer_restart hrtimer_wakeup(struct hrtimer *timer);
++
++#ifdef CONFIG_PREEMPT_RT_BASE
++static void hrtimer_rt_reprogram(int restart, struct hrtimer *timer,
++ struct hrtimer_clock_base *base)
++{
++ /*
++ * Note, we clear the callback flag before we requeue the
++ * timer otherwise we trigger the callback_running() check
++ * in hrtimer_reprogram().
++ */
++ timer->state &= ~HRTIMER_STATE_CALLBACK;
++
++ if (restart != HRTIMER_NORESTART) {
++ BUG_ON(hrtimer_active(timer));
++ /*
++ * Enqueue the timer, if it's the leftmost timer then
++ * we need to reprogram it.
++ */
++ if (!enqueue_hrtimer(timer, base))
++ return;
++
++#ifndef CONFIG_HIGH_RES_TIMERS
++ }
++#else
++ if (base->cpu_base->hres_active &&
++ hrtimer_reprogram(timer, base))
++ goto requeue;
++
++ } else if (hrtimer_active(timer)) {
++ /*
++ * If the timer was rearmed on another CPU, reprogram
++ * the event device.
++ */
++ if (&timer->node == base->active.next &&
++ base->cpu_base->hres_active &&
++ hrtimer_reprogram(timer, base))
++ goto requeue;
++ }
++ return;
++
++requeue:
++ /*
++ * Timer is expired. Thus move it from tree to pending list
++ * again.
++ */
++ __remove_hrtimer(timer, base, timer->state, 0);
++ list_add_tail(&timer->cb_entry, &base->expired);
++#endif
++}
++
++/*
++ * The changes in mainline which removed the callback modes from
++ * hrtimer are not yet working with -rt. The non wakeup_process()
++ * based callbacks which involve sleeping locks need to be treated
++ * seperately.
++ */
++static void hrtimer_rt_run_pending(void)
++{
++ enum hrtimer_restart (*fn)(struct hrtimer *);
++ struct hrtimer_cpu_base *cpu_base;
++ struct hrtimer_clock_base *base;
++ struct hrtimer *timer;
++ int index, restart;
++
++ local_irq_disable();
++ cpu_base = &per_cpu(hrtimer_bases, smp_processor_id());
++
++ raw_spin_lock(&cpu_base->lock);
++
++ for (index = 0; index < HRTIMER_MAX_CLOCK_BASES; index++) {
++ base = &cpu_base->clock_base[index];
++
++ while (!list_empty(&base->expired)) {
++ timer = list_first_entry(&base->expired,
++ struct hrtimer, cb_entry);
++
++ /*
++ * Same as the above __run_hrtimer function
++ * just we run with interrupts enabled.
++ */
++ debug_hrtimer_deactivate(timer);
++ __remove_hrtimer(timer, base, HRTIMER_STATE_CALLBACK, 0);
++ timer_stats_account_hrtimer(timer);
++ fn = timer->function;
++
++ raw_spin_unlock_irq(&cpu_base->lock);
++ restart = fn(timer);
++ raw_spin_lock_irq(&cpu_base->lock);
++
++ hrtimer_rt_reprogram(restart, timer, base);
++ }
++ }
++
++ raw_spin_unlock_irq(&cpu_base->lock);
++
++ wake_up_timer_waiters(cpu_base);
++}
++
++static int hrtimer_rt_defer(struct hrtimer *timer)
++{
++ if (timer->irqsafe)
++ return 0;
++
++ __remove_hrtimer(timer, timer->base, timer->state, 0);
++ list_add_tail(&timer->cb_entry, &timer->base->expired);
++ return 1;
++}
++
++#else
++
++static inline void hrtimer_rt_run_pending(void)
++{
++ hrtimer_peek_ahead_timers();
++}
++
++static inline int hrtimer_rt_defer(struct hrtimer *timer) { return 0; }
++
++#endif
++
+ #ifdef CONFIG_HIGH_RES_TIMERS
+
+ /*
+@@ -1244,7 +1478,7 @@
+ {
+ struct hrtimer_cpu_base *cpu_base = this_cpu_ptr(&hrtimer_bases);
+ ktime_t expires_next, now, entry_time, delta;
+- int i, retries = 0;
++ int i, retries = 0, raise = 0;
+
+ BUG_ON(!cpu_base->hres_active);
+ cpu_base->nr_events++;
+@@ -1279,6 +1513,15 @@
+
+ timer = container_of(node, struct hrtimer, node);
+
++ trace_hrtimer_interrupt(raw_smp_processor_id(),
++ ktime_to_ns(ktime_sub(ktime_to_ns(timer->praecox) ?
++ timer->praecox : hrtimer_get_expires(timer),
++ basenow)),
++ current,
++ timer->function == hrtimer_wakeup ?
++ container_of(timer, struct hrtimer_sleeper,
++ timer)->task : NULL);
++
+ /*
+ * The immediate goal for using the softexpires is
+ * minimizing wakeups, not running timers at the
+@@ -1304,7 +1547,10 @@
+ break;
+ }
+
+- __run_hrtimer(timer, &basenow);
++ if (!hrtimer_rt_defer(timer))
++ __run_hrtimer(timer, &basenow);
++ else
++ raise = 1;
+ }
+ }
+
+@@ -1319,7 +1565,7 @@
+ if (expires_next.tv64 == KTIME_MAX ||
+ !tick_program_event(expires_next, 0)) {
+ cpu_base->hang_detected = 0;
+- return;
++ goto out;
+ }
+
+ /*
+@@ -1363,6 +1609,9 @@
+ tick_program_event(expires_next, 1);
+ printk_once(KERN_WARNING "hrtimer: interrupt took %llu ns\n",
+ ktime_to_ns(delta));
++out:
++ if (raise)
++ raise_softirq_irqoff(HRTIMER_SOFTIRQ);
+ }
+
+ /*
+@@ -1398,18 +1647,18 @@
+ __hrtimer_peek_ahead_timers();
+ local_irq_restore(flags);
+ }
+-
+-static void run_hrtimer_softirq(struct softirq_action *h)
+-{
+- hrtimer_peek_ahead_timers();
+-}
+-
+ #else /* CONFIG_HIGH_RES_TIMERS */
+
+ static inline void __hrtimer_peek_ahead_timers(void) { }
+
+ #endif /* !CONFIG_HIGH_RES_TIMERS */
+
++
++static void run_hrtimer_softirq(struct softirq_action *h)
++{
++ hrtimer_rt_run_pending();
++}
++
+ /*
+ * Called from timer softirq every jiffy, expire hrtimers:
+ *
+@@ -1442,7 +1691,7 @@
+ struct timerqueue_node *node;
+ struct hrtimer_cpu_base *cpu_base = this_cpu_ptr(&hrtimer_bases);
+ struct hrtimer_clock_base *base;
+- int index, gettime = 1;
++ int index, gettime = 1, raise = 0;
+
+ if (hrtimer_hres_active())
+ return;
+@@ -1467,10 +1716,16 @@
+ hrtimer_get_expires_tv64(timer))
+ break;
+
+- __run_hrtimer(timer, &base->softirq_time);
++ if (!hrtimer_rt_defer(timer))
++ __run_hrtimer(timer, &base->softirq_time);
++ else
++ raise = 1;
+ }
+ raw_spin_unlock(&cpu_base->lock);
+ }
++
++ if (raise)
++ raise_softirq_irqoff(HRTIMER_SOFTIRQ);
+ }
+
+ /*
+@@ -1492,16 +1747,18 @@
+ void hrtimer_init_sleeper(struct hrtimer_sleeper *sl, struct task_struct *task)
+ {
+ sl->timer.function = hrtimer_wakeup;
++ sl->timer.irqsafe = 1;
+ sl->task = task;
+ }
+ EXPORT_SYMBOL_GPL(hrtimer_init_sleeper);
+
+-static int __sched do_nanosleep(struct hrtimer_sleeper *t, enum hrtimer_mode mode)
++static int __sched do_nanosleep(struct hrtimer_sleeper *t, enum hrtimer_mode mode,
++ unsigned long state)
+ {
+ hrtimer_init_sleeper(t, current);
+
+ do {
+- set_current_state(TASK_INTERRUPTIBLE);
++ set_current_state(state);
+ hrtimer_start_expires(&t->timer, mode);
+ if (!hrtimer_active(&t->timer))
+ t->task = NULL;
+@@ -1545,7 +1802,8 @@
+ HRTIMER_MODE_ABS);
+ hrtimer_set_expires_tv64(&t.timer, restart->nanosleep.expires);
+
+- if (do_nanosleep(&t, HRTIMER_MODE_ABS))
++ /* cpu_chill() does not care about restart state. */
++ if (do_nanosleep(&t, HRTIMER_MODE_ABS, TASK_INTERRUPTIBLE))
+ goto out;
+
+ rmtp = restart->nanosleep.rmtp;
+@@ -1562,8 +1820,10 @@
+ return ret;
+ }
+
+-long hrtimer_nanosleep(struct timespec *rqtp, struct timespec __user *rmtp,
+- const enum hrtimer_mode mode, const clockid_t clockid)
++static long
++__hrtimer_nanosleep(struct timespec *rqtp, struct timespec __user *rmtp,
++ const enum hrtimer_mode mode, const clockid_t clockid,
++ unsigned long state)
+ {
+ struct restart_block *restart;
+ struct hrtimer_sleeper t;
+@@ -1576,7 +1836,7 @@
+
+ hrtimer_init_on_stack(&t.timer, clockid, mode);
+ hrtimer_set_expires_range_ns(&t.timer, timespec_to_ktime(*rqtp), slack);
+- if (do_nanosleep(&t, mode))
++ if (do_nanosleep(&t, mode, state))
+ goto out;
+
+ /* Absolute timers do not update the rmtp value and restart: */
+@@ -1603,6 +1863,12 @@
+ return ret;
+ }
+
++long hrtimer_nanosleep(struct timespec *rqtp, struct timespec __user *rmtp,
++ const enum hrtimer_mode mode, const clockid_t clockid)
++{
++ return __hrtimer_nanosleep(rqtp, rmtp, mode, clockid, TASK_INTERRUPTIBLE);
++}
++
+ SYSCALL_DEFINE2(nanosleep, struct timespec __user *, rqtp,
+ struct timespec __user *, rmtp)
+ {
+@@ -1617,6 +1883,26 @@
+ return hrtimer_nanosleep(&tu, rmtp, HRTIMER_MODE_REL, CLOCK_MONOTONIC);
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++/*
++ * Sleep for 1 ms in hope whoever holds what we want will let it go.
++ */
++void cpu_chill(void)
++{
++ struct timespec tu = {
++ .tv_nsec = NSEC_PER_MSEC,
++ };
++ unsigned int freeze_flag = current->flags & PF_NOFREEZE;
++
++ current->flags |= PF_NOFREEZE;
++ __hrtimer_nanosleep(&tu, NULL, HRTIMER_MODE_REL, CLOCK_MONOTONIC,
++ TASK_UNINTERRUPTIBLE);
++ if (!freeze_flag)
++ current->flags &= ~PF_NOFREEZE;
++}
++EXPORT_SYMBOL(cpu_chill);
++#endif
++
+ /*
+ * Functions related to boot-time initialization:
+ */
+@@ -1628,10 +1914,14 @@
+ for (i = 0; i < HRTIMER_MAX_CLOCK_BASES; i++) {
+ cpu_base->clock_base[i].cpu_base = cpu_base;
+ timerqueue_init_head(&cpu_base->clock_base[i].active);
++ INIT_LIST_HEAD(&cpu_base->clock_base[i].expired);
+ }
+
+ cpu_base->cpu = cpu;
+ hrtimer_init_hres(cpu_base);
++#ifdef CONFIG_PREEMPT_RT_BASE
++ init_waitqueue_head(&cpu_base->wait);
++#endif
+ }
+
+ #ifdef CONFIG_HOTPLUG_CPU
+@@ -1744,9 +2034,7 @@
+ hrtimer_cpu_notify(&hrtimers_nb, (unsigned long)CPU_UP_PREPARE,
+ (void *)(long)smp_processor_id());
+ register_cpu_notifier(&hrtimers_nb);
+-#ifdef CONFIG_HIGH_RES_TIMERS
+ open_softirq(HRTIMER_SOFTIRQ, run_hrtimer_softirq);
+-#endif
+ }
+
+ /**
+diff -Nur linux-3.18.9.orig/kernel/time/itimer.c linux-3.18.9/kernel/time/itimer.c
+--- linux-3.18.9.orig/kernel/time/itimer.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/time/itimer.c 2015-03-15 16:03:03.852094875 -0500
+@@ -213,6 +213,7 @@
+ /* We are sharing ->siglock with it_real_fn() */
+ if (hrtimer_try_to_cancel(timer) < 0) {
+ spin_unlock_irq(&tsk->sighand->siglock);
++ hrtimer_wait_for_timer(&tsk->signal->real_timer);
+ goto again;
+ }
+ expires = timeval_to_ktime(value->it_value);
+diff -Nur linux-3.18.9.orig/kernel/time/jiffies.c linux-3.18.9/kernel/time/jiffies.c
+--- linux-3.18.9.orig/kernel/time/jiffies.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/time/jiffies.c 2015-03-15 16:03:03.852094875 -0500
+@@ -73,7 +73,8 @@
+ .shift = JIFFIES_SHIFT,
+ };
+
+-__cacheline_aligned_in_smp DEFINE_SEQLOCK(jiffies_lock);
++__cacheline_aligned_in_smp DEFINE_RAW_SPINLOCK(jiffies_lock);
++__cacheline_aligned_in_smp seqcount_t jiffies_seq;
+
+ #if (BITS_PER_LONG < 64)
+ u64 get_jiffies_64(void)
+@@ -82,9 +83,9 @@
+ u64 ret;
+
+ do {
+- seq = read_seqbegin(&jiffies_lock);
++ seq = read_seqcount_begin(&jiffies_seq);
+ ret = jiffies_64;
+- } while (read_seqretry(&jiffies_lock, seq));
++ } while (read_seqcount_retry(&jiffies_seq, seq));
+ return ret;
+ }
+ EXPORT_SYMBOL(get_jiffies_64);
+diff -Nur linux-3.18.9.orig/kernel/time/ntp.c linux-3.18.9/kernel/time/ntp.c
+--- linux-3.18.9.orig/kernel/time/ntp.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/time/ntp.c 2015-03-15 16:03:03.852094875 -0500
+@@ -10,6 +10,7 @@
+ #include <linux/workqueue.h>
+ #include <linux/hrtimer.h>
+ #include <linux/jiffies.h>
++#include <linux/kthread.h>
+ #include <linux/math64.h>
+ #include <linux/timex.h>
+ #include <linux/time.h>
+@@ -519,10 +520,52 @@
+ &sync_cmos_work, timespec_to_jiffies(&next));
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++/*
++ * RT can not call schedule_delayed_work from real interrupt context.
++ * Need to make a thread to do the real work.
++ */
++static struct task_struct *cmos_delay_thread;
++static bool do_cmos_delay;
++
++static int run_cmos_delay(void *ignore)
++{
++ while (!kthread_should_stop()) {
++ set_current_state(TASK_INTERRUPTIBLE);
++ if (do_cmos_delay) {
++ do_cmos_delay = false;
++ queue_delayed_work(system_power_efficient_wq,
++ &sync_cmos_work, 0);
++ }
++ schedule();
++ }
++ __set_current_state(TASK_RUNNING);
++ return 0;
++}
++
++void ntp_notify_cmos_timer(void)
++{
++ do_cmos_delay = true;
++ /* Make visible before waking up process */
++ smp_wmb();
++ wake_up_process(cmos_delay_thread);
++}
++
++static __init int create_cmos_delay_thread(void)
++{
++ cmos_delay_thread = kthread_run(run_cmos_delay, NULL, "kcmosdelayd");
++ BUG_ON(!cmos_delay_thread);
++ return 0;
++}
++early_initcall(create_cmos_delay_thread);
++
++#else
++
+ void ntp_notify_cmos_timer(void)
+ {
+ queue_delayed_work(system_power_efficient_wq, &sync_cmos_work, 0);
+ }
++#endif /* CONFIG_PREEMPT_RT_FULL */
+
+ #else
+ void ntp_notify_cmos_timer(void) { }
+diff -Nur linux-3.18.9.orig/kernel/time/posix-cpu-timers.c linux-3.18.9/kernel/time/posix-cpu-timers.c
+--- linux-3.18.9.orig/kernel/time/posix-cpu-timers.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/time/posix-cpu-timers.c 2015-03-15 16:03:03.856094875 -0500
+@@ -3,6 +3,7 @@
+ */
+
+ #include <linux/sched.h>
++#include <linux/sched/rt.h>
+ #include <linux/posix-timers.h>
+ #include <linux/errno.h>
+ #include <linux/math64.h>
+@@ -626,7 +627,7 @@
+ /*
+ * Disarm any old timer after extracting its expiry time.
+ */
+- WARN_ON_ONCE(!irqs_disabled());
++ WARN_ON_ONCE_NONRT(!irqs_disabled());
+
+ ret = 0;
+ old_incr = timer->it.cpu.incr;
+@@ -1047,7 +1048,7 @@
+ /*
+ * Now re-arm for the new expiry time.
+ */
+- WARN_ON_ONCE(!irqs_disabled());
++ WARN_ON_ONCE_NONRT(!irqs_disabled());
+ arm_timer(timer);
+ unlock_task_sighand(p, &flags);
+
+@@ -1113,10 +1114,11 @@
+ sig = tsk->signal;
+ if (sig->cputimer.running) {
+ struct task_cputime group_sample;
++ unsigned long flags;
+
+- raw_spin_lock(&sig->cputimer.lock);
++ raw_spin_lock_irqsave(&sig->cputimer.lock, flags);
+ group_sample = sig->cputimer.cputime;
+- raw_spin_unlock(&sig->cputimer.lock);
++ raw_spin_unlock_irqrestore(&sig->cputimer.lock, flags);
+
+ if (task_cputime_expired(&group_sample, &sig->cputime_expires))
+ return 1;
+@@ -1130,13 +1132,13 @@
+ * already updated our counts. We need to check if any timers fire now.
+ * Interrupts are disabled.
+ */
+-void run_posix_cpu_timers(struct task_struct *tsk)
++static void __run_posix_cpu_timers(struct task_struct *tsk)
+ {
+ LIST_HEAD(firing);
+ struct k_itimer *timer, *next;
+ unsigned long flags;
+
+- WARN_ON_ONCE(!irqs_disabled());
++ WARN_ON_ONCE_NONRT(!irqs_disabled());
+
+ /*
+ * The fast path checks that there are no expired thread or thread
+@@ -1194,6 +1196,190 @@
+ }
+ }
+
++#ifdef CONFIG_PREEMPT_RT_BASE
++#include <linux/kthread.h>
++#include <linux/cpu.h>
++DEFINE_PER_CPU(struct task_struct *, posix_timer_task);
++DEFINE_PER_CPU(struct task_struct *, posix_timer_tasklist);
++
++static int posix_cpu_timers_thread(void *data)
++{
++ int cpu = (long)data;
++
++ BUG_ON(per_cpu(posix_timer_task,cpu) != current);
++
++ while (!kthread_should_stop()) {
++ struct task_struct *tsk = NULL;
++ struct task_struct *next = NULL;
++
++ if (cpu_is_offline(cpu))
++ goto wait_to_die;
++
++ /* grab task list */
++ raw_local_irq_disable();
++ tsk = per_cpu(posix_timer_tasklist, cpu);
++ per_cpu(posix_timer_tasklist, cpu) = NULL;
++ raw_local_irq_enable();
++
++ /* its possible the list is empty, just return */
++ if (!tsk) {
++ set_current_state(TASK_INTERRUPTIBLE);
++ schedule();
++ __set_current_state(TASK_RUNNING);
++ continue;
++ }
++
++ /* Process task list */
++ while (1) {
++ /* save next */
++ next = tsk->posix_timer_list;
++
++ /* run the task timers, clear its ptr and
++ * unreference it
++ */
++ __run_posix_cpu_timers(tsk);
++ tsk->posix_timer_list = NULL;
++ put_task_struct(tsk);
++
++ /* check if this is the last on the list */
++ if (next == tsk)
++ break;
++ tsk = next;
++ }
++ }
++ return 0;
++
++wait_to_die:
++ /* Wait for kthread_stop */
++ set_current_state(TASK_INTERRUPTIBLE);
++ while (!kthread_should_stop()) {
++ schedule();
++ set_current_state(TASK_INTERRUPTIBLE);
++ }
++ __set_current_state(TASK_RUNNING);
++ return 0;
++}
++
++static inline int __fastpath_timer_check(struct task_struct *tsk)
++{
++ /* tsk == current, ensure it is safe to use ->signal/sighand */
++ if (unlikely(tsk->exit_state))
++ return 0;
++
++ if (!task_cputime_zero(&tsk->cputime_expires))
++ return 1;
++
++ if (!task_cputime_zero(&tsk->signal->cputime_expires))
++ return 1;
++
++ return 0;
++}
++
++void run_posix_cpu_timers(struct task_struct *tsk)
++{
++ unsigned long cpu = smp_processor_id();
++ struct task_struct *tasklist;
++
++ BUG_ON(!irqs_disabled());
++ if(!per_cpu(posix_timer_task, cpu))
++ return;
++ /* get per-cpu references */
++ tasklist = per_cpu(posix_timer_tasklist, cpu);
++
++ /* check to see if we're already queued */
++ if (!tsk->posix_timer_list && __fastpath_timer_check(tsk)) {
++ get_task_struct(tsk);
++ if (tasklist) {
++ tsk->posix_timer_list = tasklist;
++ } else {
++ /*
++ * The list is terminated by a self-pointing
++ * task_struct
++ */
++ tsk->posix_timer_list = tsk;
++ }
++ per_cpu(posix_timer_tasklist, cpu) = tsk;
++
++ wake_up_process(per_cpu(posix_timer_task, cpu));
++ }
++}
++
++/*
++ * posix_cpu_thread_call - callback that gets triggered when a CPU is added.
++ * Here we can start up the necessary migration thread for the new CPU.
++ */
++static int posix_cpu_thread_call(struct notifier_block *nfb,
++ unsigned long action, void *hcpu)
++{
++ int cpu = (long)hcpu;
++ struct task_struct *p;
++ struct sched_param param;
++
++ switch (action) {
++ case CPU_UP_PREPARE:
++ p = kthread_create(posix_cpu_timers_thread, hcpu,
++ "posixcputmr/%d",cpu);
++ if (IS_ERR(p))
++ return NOTIFY_BAD;
++ p->flags |= PF_NOFREEZE;
++ kthread_bind(p, cpu);
++ /* Must be high prio to avoid getting starved */
++ param.sched_priority = MAX_RT_PRIO-1;
++ sched_setscheduler(p, SCHED_FIFO, &param);
++ per_cpu(posix_timer_task,cpu) = p;
++ break;
++ case CPU_ONLINE:
++ /* Strictly unneccessary, as first user will wake it. */
++ wake_up_process(per_cpu(posix_timer_task,cpu));
++ break;
++#ifdef CONFIG_HOTPLUG_CPU
++ case CPU_UP_CANCELED:
++ /* Unbind it from offline cpu so it can run. Fall thru. */
++ kthread_bind(per_cpu(posix_timer_task, cpu),
++ cpumask_any(cpu_online_mask));
++ kthread_stop(per_cpu(posix_timer_task,cpu));
++ per_cpu(posix_timer_task,cpu) = NULL;
++ break;
++ case CPU_DEAD:
++ kthread_stop(per_cpu(posix_timer_task,cpu));
++ per_cpu(posix_timer_task,cpu) = NULL;
++ break;
++#endif
++ }
++ return NOTIFY_OK;
++}
++
++/* Register at highest priority so that task migration (migrate_all_tasks)
++ * happens before everything else.
++ */
++static struct notifier_block posix_cpu_thread_notifier = {
++ .notifier_call = posix_cpu_thread_call,
++ .priority = 10
++};
++
++static int __init posix_cpu_thread_init(void)
++{
++ void *hcpu = (void *)(long)smp_processor_id();
++ /* Start one for boot CPU. */
++ unsigned long cpu;
++
++ /* init the per-cpu posix_timer_tasklets */
++ for_each_possible_cpu(cpu)
++ per_cpu(posix_timer_tasklist, cpu) = NULL;
++
++ posix_cpu_thread_call(&posix_cpu_thread_notifier, CPU_UP_PREPARE, hcpu);
++ posix_cpu_thread_call(&posix_cpu_thread_notifier, CPU_ONLINE, hcpu);
++ register_cpu_notifier(&posix_cpu_thread_notifier);
++ return 0;
++}
++early_initcall(posix_cpu_thread_init);
++#else /* CONFIG_PREEMPT_RT_BASE */
++void run_posix_cpu_timers(struct task_struct *tsk)
++{
++ __run_posix_cpu_timers(tsk);
++}
++#endif /* CONFIG_PREEMPT_RT_BASE */
++
+ /*
+ * Set one of the process-wide special case CPU timers or RLIMIT_CPU.
+ * The tsk->sighand->siglock must be held by the caller.
+diff -Nur linux-3.18.9.orig/kernel/time/posix-timers.c linux-3.18.9/kernel/time/posix-timers.c
+--- linux-3.18.9.orig/kernel/time/posix-timers.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/time/posix-timers.c 2015-03-15 16:03:03.856094875 -0500
+@@ -499,6 +499,7 @@
+ static struct pid *good_sigevent(sigevent_t * event)
+ {
+ struct task_struct *rtn = current->group_leader;
++ int sig = event->sigev_signo;
+
+ if ((event->sigev_notify & SIGEV_THREAD_ID ) &&
+ (!(rtn = find_task_by_vpid(event->sigev_notify_thread_id)) ||
+@@ -507,7 +508,8 @@
+ return NULL;
+
+ if (((event->sigev_notify & ~SIGEV_THREAD_ID) != SIGEV_NONE) &&
+- ((event->sigev_signo <= 0) || (event->sigev_signo > SIGRTMAX)))
++ (sig <= 0 || sig > SIGRTMAX || sig_kernel_only(sig) ||
++ sig_kernel_coredump(sig)))
+ return NULL;
+
+ return task_pid(rtn);
+@@ -819,6 +821,20 @@
+ return overrun;
+ }
+
++/*
++ * Protected by RCU!
++ */
++static void timer_wait_for_callback(struct k_clock *kc, struct k_itimer *timr)
++{
++#ifdef CONFIG_PREEMPT_RT_FULL
++ if (kc->timer_set == common_timer_set)
++ hrtimer_wait_for_timer(&timr->it.real.timer);
++ else
++ /* FIXME: Whacky hack for posix-cpu-timers */
++ schedule_timeout(1);
++#endif
++}
++
+ /* Set a POSIX.1b interval timer. */
+ /* timr->it_lock is taken. */
+ static int
+@@ -896,6 +912,7 @@
+ if (!timr)
+ return -EINVAL;
+
++ rcu_read_lock();
+ kc = clockid_to_kclock(timr->it_clock);
+ if (WARN_ON_ONCE(!kc || !kc->timer_set))
+ error = -EINVAL;
+@@ -904,9 +921,12 @@
+
+ unlock_timer(timr, flag);
+ if (error == TIMER_RETRY) {
++ timer_wait_for_callback(kc, timr);
+ rtn = NULL; // We already got the old time...
++ rcu_read_unlock();
+ goto retry;
+ }
++ rcu_read_unlock();
+
+ if (old_setting && !error &&
+ copy_to_user(old_setting, &old_spec, sizeof (old_spec)))
+@@ -944,10 +964,15 @@
+ if (!timer)
+ return -EINVAL;
+
++ rcu_read_lock();
+ if (timer_delete_hook(timer) == TIMER_RETRY) {
+ unlock_timer(timer, flags);
++ timer_wait_for_callback(clockid_to_kclock(timer->it_clock),
++ timer);
++ rcu_read_unlock();
+ goto retry_delete;
+ }
++ rcu_read_unlock();
+
+ spin_lock(&current->sighand->siglock);
+ list_del(&timer->list);
+@@ -973,8 +998,18 @@
+ retry_delete:
+ spin_lock_irqsave(&timer->it_lock, flags);
+
++ /* On RT we can race with a deletion */
++ if (!timer->it_signal) {
++ unlock_timer(timer, flags);
++ return;
++ }
++
+ if (timer_delete_hook(timer) == TIMER_RETRY) {
++ rcu_read_lock();
+ unlock_timer(timer, flags);
++ timer_wait_for_callback(clockid_to_kclock(timer->it_clock),
++ timer);
++ rcu_read_unlock();
+ goto retry_delete;
+ }
+ list_del(&timer->list);
+diff -Nur linux-3.18.9.orig/kernel/time/tick-common.c linux-3.18.9/kernel/time/tick-common.c
+--- linux-3.18.9.orig/kernel/time/tick-common.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/time/tick-common.c 2015-03-15 16:03:03.856094875 -0500
+@@ -78,13 +78,15 @@
+ static void tick_periodic(int cpu)
+ {
+ if (tick_do_timer_cpu == cpu) {
+- write_seqlock(&jiffies_lock);
++ raw_spin_lock(&jiffies_lock);
++ write_seqcount_begin(&jiffies_seq);
+
+ /* Keep track of the next tick event */
+ tick_next_period = ktime_add(tick_next_period, tick_period);
+
+ do_timer(1);
+- write_sequnlock(&jiffies_lock);
++ write_seqcount_end(&jiffies_seq);
++ raw_spin_unlock(&jiffies_lock);
+ update_wall_time();
+ }
+
+@@ -146,9 +148,9 @@
+ ktime_t next;
+
+ do {
+- seq = read_seqbegin(&jiffies_lock);
++ seq = read_seqcount_begin(&jiffies_seq);
+ next = tick_next_period;
+- } while (read_seqretry(&jiffies_lock, seq));
++ } while (read_seqcount_retry(&jiffies_seq, seq));
+
+ clockevents_set_mode(dev, CLOCK_EVT_MODE_ONESHOT);
+
+diff -Nur linux-3.18.9.orig/kernel/time/tick-internal.h linux-3.18.9/kernel/time/tick-internal.h
+--- linux-3.18.9.orig/kernel/time/tick-internal.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/time/tick-internal.h 2015-03-15 16:03:03.856094875 -0500
+@@ -6,7 +6,8 @@
+
+ #include "timekeeping.h"
+
+-extern seqlock_t jiffies_lock;
++extern raw_spinlock_t jiffies_lock;
++extern seqcount_t jiffies_seq;
+
+ #define CS_NAME_LEN 32
+
+diff -Nur linux-3.18.9.orig/kernel/time/tick-sched.c linux-3.18.9/kernel/time/tick-sched.c
+--- linux-3.18.9.orig/kernel/time/tick-sched.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/time/tick-sched.c 2015-03-15 16:03:03.856094875 -0500
+@@ -62,7 +62,8 @@
+ return;
+
+ /* Reevalute with jiffies_lock held */
+- write_seqlock(&jiffies_lock);
++ raw_spin_lock(&jiffies_lock);
++ write_seqcount_begin(&jiffies_seq);
+
+ delta = ktime_sub(now, last_jiffies_update);
+ if (delta.tv64 >= tick_period.tv64) {
+@@ -85,10 +86,12 @@
+ /* Keep the tick_next_period variable up to date */
+ tick_next_period = ktime_add(last_jiffies_update, tick_period);
+ } else {
+- write_sequnlock(&jiffies_lock);
++ write_seqcount_end(&jiffies_seq);
++ raw_spin_unlock(&jiffies_lock);
+ return;
+ }
+- write_sequnlock(&jiffies_lock);
++ write_seqcount_end(&jiffies_seq);
++ raw_spin_unlock(&jiffies_lock);
+ update_wall_time();
+ }
+
+@@ -99,12 +102,14 @@
+ {
+ ktime_t period;
+
+- write_seqlock(&jiffies_lock);
++ raw_spin_lock(&jiffies_lock);
++ write_seqcount_begin(&jiffies_seq);
+ /* Did we start the jiffies update yet ? */
+ if (last_jiffies_update.tv64 == 0)
+ last_jiffies_update = tick_next_period;
+ period = last_jiffies_update;
+- write_sequnlock(&jiffies_lock);
++ write_seqcount_end(&jiffies_seq);
++ raw_spin_unlock(&jiffies_lock);
+ return period;
+ }
+
+@@ -222,6 +227,7 @@
+
+ static DEFINE_PER_CPU(struct irq_work, nohz_full_kick_work) = {
+ .func = nohz_full_kick_work_func,
++ .flags = IRQ_WORK_HARD_IRQ,
+ };
+
+ /*
+@@ -580,10 +586,10 @@
+
+ /* Read jiffies and the time when jiffies were updated last */
+ do {
+- seq = read_seqbegin(&jiffies_lock);
++ seq = read_seqcount_begin(&jiffies_seq);
+ last_update = last_jiffies_update;
+ last_jiffies = jiffies;
+- } while (read_seqretry(&jiffies_lock, seq));
++ } while (read_seqcount_retry(&jiffies_seq, seq));
+
+ if (rcu_needs_cpu(cpu, &rcu_delta_jiffies) ||
+ arch_needs_cpu() || irq_work_needs_cpu()) {
+@@ -761,14 +767,7 @@
+ return false;
+
+ if (unlikely(local_softirq_pending() && cpu_online(cpu))) {
+- static int ratelimit;
+-
+- if (ratelimit < 10 &&
+- (local_softirq_pending() & SOFTIRQ_STOP_IDLE_MASK)) {
+- pr_warn("NOHZ: local_softirq_pending %02x\n",
+- (unsigned int) local_softirq_pending());
+- ratelimit++;
+- }
++ softirq_check_pending_idle();
+ return false;
+ }
+
+@@ -1156,6 +1155,7 @@
+ * Emulate tick processing via per-CPU hrtimers:
+ */
+ hrtimer_init(&ts->sched_timer, CLOCK_MONOTONIC, HRTIMER_MODE_ABS);
++ ts->sched_timer.irqsafe = 1;
+ ts->sched_timer.function = tick_sched_timer;
+
+ /* Get the next period (per cpu) */
+diff -Nur linux-3.18.9.orig/kernel/time/timekeeping.c linux-3.18.9/kernel/time/timekeeping.c
+--- linux-3.18.9.orig/kernel/time/timekeeping.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/time/timekeeping.c 2015-03-15 16:03:03.856094875 -0500
+@@ -1814,8 +1814,10 @@
+ */
+ void xtime_update(unsigned long ticks)
+ {
+- write_seqlock(&jiffies_lock);
++ raw_spin_lock(&jiffies_lock);
++ write_seqcount_begin(&jiffies_seq);
+ do_timer(ticks);
+- write_sequnlock(&jiffies_lock);
++ write_seqcount_end(&jiffies_seq);
++ raw_spin_unlock(&jiffies_lock);
+ update_wall_time();
+ }
+diff -Nur linux-3.18.9.orig/kernel/time/timer.c linux-3.18.9/kernel/time/timer.c
+--- linux-3.18.9.orig/kernel/time/timer.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/time/timer.c 2015-03-15 16:03:03.856094875 -0500
+@@ -78,6 +78,9 @@
+ struct tvec_base {
+ spinlock_t lock;
+ struct timer_list *running_timer;
++#ifdef CONFIG_PREEMPT_RT_FULL
++ wait_queue_head_t wait_for_running_timer;
++#endif
+ unsigned long timer_jiffies;
+ unsigned long next_timer;
+ unsigned long active_timers;
+@@ -758,6 +761,36 @@
+ }
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
++static inline struct tvec_base *switch_timer_base(struct timer_list *timer,
++ struct tvec_base *old,
++ struct tvec_base *new)
++{
++ /* See the comment in lock_timer_base() */
++ timer_set_base(timer, NULL);
++ spin_unlock(&old->lock);
++ spin_lock(&new->lock);
++ timer_set_base(timer, new);
++ return new;
++}
++#else
++static inline struct tvec_base *switch_timer_base(struct timer_list *timer,
++ struct tvec_base *old,
++ struct tvec_base *new)
++{
++ /*
++ * We cannot do the above because we might be preempted and
++ * then the preempter would see NULL and loop forever.
++ */
++ if (spin_trylock(&new->lock)) {
++ timer_set_base(timer, new);
++ spin_unlock(&old->lock);
++ return new;
++ }
++ return old;
++}
++#endif
++
+ static inline int
+ __mod_timer(struct timer_list *timer, unsigned long expires,
+ bool pending_only, int pinned)
+@@ -788,14 +821,8 @@
+ * handler yet has not finished. This also guarantees that
+ * the timer is serialized wrt itself.
+ */
+- if (likely(base->running_timer != timer)) {
+- /* See the comment in lock_timer_base() */
+- timer_set_base(timer, NULL);
+- spin_unlock(&base->lock);
+- base = new_base;
+- spin_lock(&base->lock);
+- timer_set_base(timer, base);
+- }
++ if (likely(base->running_timer != timer))
++ base = switch_timer_base(timer, base, new_base);
+ }
+
+ timer->expires = expires;
+@@ -969,6 +996,29 @@
+ }
+ EXPORT_SYMBOL_GPL(add_timer_on);
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++/*
++ * Wait for a running timer
++ */
++static void wait_for_running_timer(struct timer_list *timer)
++{
++ struct tvec_base *base = timer->base;
++
++ if (base->running_timer == timer)
++ wait_event(base->wait_for_running_timer,
++ base->running_timer != timer);
++}
++
++# define wakeup_timer_waiters(b) wake_up(&(b)->wait_for_running_timer)
++#else
++static inline void wait_for_running_timer(struct timer_list *timer)
++{
++ cpu_relax();
++}
++
++# define wakeup_timer_waiters(b) do { } while (0)
++#endif
++
+ /**
+ * del_timer - deactive a timer.
+ * @timer: the timer to be deactivated
+@@ -1026,7 +1076,7 @@
+ }
+ EXPORT_SYMBOL(try_to_del_timer_sync);
+
+-#ifdef CONFIG_SMP
++#if defined(CONFIG_SMP) || defined(CONFIG_PREEMPT_RT_FULL)
+ /**
+ * del_timer_sync - deactivate a timer and wait for the handler to finish.
+ * @timer: the timer to be deactivated
+@@ -1086,7 +1136,7 @@
+ int ret = try_to_del_timer_sync(timer);
+ if (ret >= 0)
+ return ret;
+- cpu_relax();
++ wait_for_running_timer(timer);
+ }
+ }
+ EXPORT_SYMBOL(del_timer_sync);
+@@ -1207,15 +1257,17 @@
+ if (irqsafe) {
+ spin_unlock(&base->lock);
+ call_timer_fn(timer, fn, data);
++ base->running_timer = NULL;
+ spin_lock(&base->lock);
+ } else {
+ spin_unlock_irq(&base->lock);
+ call_timer_fn(timer, fn, data);
++ base->running_timer = NULL;
+ spin_lock_irq(&base->lock);
+ }
+ }
+ }
+- base->running_timer = NULL;
++ wakeup_timer_waiters(base);
+ spin_unlock_irq(&base->lock);
+ }
+
+@@ -1355,17 +1407,31 @@
+ if (cpu_is_offline(smp_processor_id()))
+ return expires;
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++ /*
++ * On PREEMPT_RT we cannot sleep here. If the trylock does not
++ * succeed then we return the worst-case 'expires in 1 tick'
++ * value. We use the rt functions here directly to avoid a
++ * migrate_disable() call.
++ */
++ if (!spin_do_trylock(&base->lock))
++ return now + 1;
++#else
+ spin_lock(&base->lock);
++#endif
+ if (base->active_timers) {
+ if (time_before_eq(base->next_timer, base->timer_jiffies))
+ base->next_timer = __next_timer_interrupt(base);
+ expires = base->next_timer;
+ }
++#ifdef CONFIG_PREEMPT_RT_FULL
++ rt_spin_unlock_after_trylock_in_irq(&base->lock);
++#else
+ spin_unlock(&base->lock);
++#endif
+
+ if (time_before_eq(expires, now))
+ return now;
+-
+ return cmp_next_hrtimer_event(now, expires);
+ }
+ #endif
+@@ -1381,13 +1447,13 @@
+
+ /* Note: this timer irq context must be accounted for as well. */
+ account_process_tick(p, user_tick);
++ scheduler_tick();
+ run_local_timers();
+ rcu_check_callbacks(cpu, user_tick);
+ #ifdef CONFIG_IRQ_WORK
+ if (in_irq())
+ irq_work_tick();
+ #endif
+- scheduler_tick();
+ run_posix_cpu_timers(p);
+ }
+
+@@ -1400,6 +1466,10 @@
+
+ hrtimer_run_pending();
+
++#if defined(CONFIG_IRQ_WORK) && defined(CONFIG_PREEMPT_RT_FULL)
++ irq_work_tick();
++#endif
++
+ if (time_after_eq(jiffies, base->timer_jiffies))
+ __run_timers(base);
+ }
+@@ -1574,6 +1644,9 @@
+ base = per_cpu(tvec_bases, cpu);
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++ init_waitqueue_head(&base->wait_for_running_timer);
++#endif
+
+ for (j = 0; j < TVN_SIZE; j++) {
+ INIT_LIST_HEAD(base->tv5.vec + j);
+@@ -1613,7 +1686,7 @@
+
+ BUG_ON(cpu_online(cpu));
+ old_base = per_cpu(tvec_bases, cpu);
+- new_base = get_cpu_var(tvec_bases);
++ new_base = get_local_var(tvec_bases);
+ /*
+ * The caller is globally serialized and nobody else
+ * takes two locks at once, deadlock is not possible.
+@@ -1634,7 +1707,7 @@
+
+ spin_unlock(&old_base->lock);
+ spin_unlock_irq(&new_base->lock);
+- put_cpu_var(tvec_bases);
++ put_local_var(tvec_bases);
+ }
+ #endif /* CONFIG_HOTPLUG_CPU */
+
+diff -Nur linux-3.18.9.orig/kernel/trace/Kconfig linux-3.18.9/kernel/trace/Kconfig
+--- linux-3.18.9.orig/kernel/trace/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/trace/Kconfig 2015-03-15 16:03:03.856094875 -0500
+@@ -187,6 +187,24 @@
+ enabled. This option and the preempt-off timing option can be
+ used together or separately.)
+
++config INTERRUPT_OFF_HIST
++ bool "Interrupts-off Latency Histogram"
++ depends on IRQSOFF_TRACER
++ help
++ This option generates continuously updated histograms (one per cpu)
++ of the duration of time periods with interrupts disabled. The
++ histograms are disabled by default. To enable them, write a non-zero
++ number to
++
++ /sys/kernel/debug/tracing/latency_hist/enable/preemptirqsoff
++
++ If PREEMPT_OFF_HIST is also selected, additional histograms (one
++ per cpu) are generated that accumulate the duration of time periods
++ when both interrupts and preemption are disabled. The histogram data
++ will be located in the debug file system at
++
++ /sys/kernel/debug/tracing/latency_hist/irqsoff
++
+ config PREEMPT_TRACER
+ bool "Preemption-off Latency Tracer"
+ default n
+@@ -211,6 +229,24 @@
+ enabled. This option and the irqs-off timing option can be
+ used together or separately.)
+
++config PREEMPT_OFF_HIST
++ bool "Preemption-off Latency Histogram"
++ depends on PREEMPT_TRACER
++ help
++ This option generates continuously updated histograms (one per cpu)
++ of the duration of time periods with preemption disabled. The
++ histograms are disabled by default. To enable them, write a non-zero
++ number to
++
++ /sys/kernel/debug/tracing/latency_hist/enable/preemptirqsoff
++
++ If INTERRUPT_OFF_HIST is also selected, additional histograms (one
++ per cpu) are generated that accumulate the duration of time periods
++ when both interrupts and preemption are disabled. The histogram data
++ will be located in the debug file system at
++
++ /sys/kernel/debug/tracing/latency_hist/preemptoff
++
+ config SCHED_TRACER
+ bool "Scheduling Latency Tracer"
+ select GENERIC_TRACER
+@@ -221,6 +257,74 @@
+ This tracer tracks the latency of the highest priority task
+ to be scheduled in, starting from the point it has woken up.
+
++config WAKEUP_LATENCY_HIST
++ bool "Scheduling Latency Histogram"
++ depends on SCHED_TRACER
++ help
++ This option generates continuously updated histograms (one per cpu)
++ of the scheduling latency of the highest priority task.
++ The histograms are disabled by default. To enable them, write a
++ non-zero number to
++
++ /sys/kernel/debug/tracing/latency_hist/enable/wakeup
++
++ Two different algorithms are used, one to determine the latency of
++ processes that exclusively use the highest priority of the system and
++ another one to determine the latency of processes that share the
++ highest system priority with other processes. The former is used to
++ improve hardware and system software, the latter to optimize the
++ priority design of a given system. The histogram data will be
++ located in the debug file system at
++
++ /sys/kernel/debug/tracing/latency_hist/wakeup
++
++ and
++
++ /sys/kernel/debug/tracing/latency_hist/wakeup/sharedprio
++
++ If both Scheduling Latency Histogram and Missed Timer Offsets
++ Histogram are selected, additional histogram data will be collected
++ that contain, in addition to the wakeup latency, the timer latency, in
++ case the wakeup was triggered by an expired timer. These histograms
++ are available in the
++
++ /sys/kernel/debug/tracing/latency_hist/timerandwakeup
++
++ directory. They reflect the apparent interrupt and scheduling latency
++ and are best suitable to determine the worst-case latency of a given
++ system. To enable these histograms, write a non-zero number to
++
++ /sys/kernel/debug/tracing/latency_hist/enable/timerandwakeup
++
++config MISSED_TIMER_OFFSETS_HIST
++ depends on HIGH_RES_TIMERS
++ select GENERIC_TRACER
++ bool "Missed Timer Offsets Histogram"
++ help
++ Generate a histogram of missed timer offsets in microseconds. The
++ histograms are disabled by default. To enable them, write a non-zero
++ number to
++
++ /sys/kernel/debug/tracing/latency_hist/enable/missed_timer_offsets
++
++ The histogram data will be located in the debug file system at
++
++ /sys/kernel/debug/tracing/latency_hist/missed_timer_offsets
++
++ If both Scheduling Latency Histogram and Missed Timer Offsets
++ Histogram are selected, additional histogram data will be collected
++ that contain, in addition to the wakeup latency, the timer latency, in
++ case the wakeup was triggered by an expired timer. These histograms
++ are available in the
++
++ /sys/kernel/debug/tracing/latency_hist/timerandwakeup
++
++ directory. They reflect the apparent interrupt and scheduling latency
++ and are best suitable to determine the worst-case latency of a given
++ system. To enable these histograms, write a non-zero number to
++
++ /sys/kernel/debug/tracing/latency_hist/enable/timerandwakeup
++
+ config ENABLE_DEFAULT_TRACERS
+ bool "Trace process context switches and events"
+ depends on !GENERIC_TRACER
+diff -Nur linux-3.18.9.orig/kernel/trace/latency_hist.c linux-3.18.9/kernel/trace/latency_hist.c
+--- linux-3.18.9.orig/kernel/trace/latency_hist.c 1969-12-31 18:00:00.000000000 -0600
++++ linux-3.18.9/kernel/trace/latency_hist.c 2015-03-15 16:03:03.860094875 -0500
+@@ -0,0 +1,1178 @@
++/*
++ * kernel/trace/latency_hist.c
++ *
++ * Add support for histograms of preemption-off latency and
++ * interrupt-off latency and wakeup latency, it depends on
++ * Real-Time Preemption Support.
++ *
++ * Copyright (C) 2005 MontaVista Software, Inc.
++ * Yi Yang <yyang@ch.mvista.com>
++ *
++ * Converted to work with the new latency tracer.
++ * Copyright (C) 2008 Red Hat, Inc.
++ * Steven Rostedt <srostedt@redhat.com>
++ *
++ */
++#include <linux/module.h>
++#include <linux/debugfs.h>
++#include <linux/seq_file.h>
++#include <linux/percpu.h>
++#include <linux/kallsyms.h>
++#include <linux/uaccess.h>
++#include <linux/sched.h>
++#include <linux/sched/rt.h>
++#include <linux/slab.h>
++#include <linux/atomic.h>
++#include <asm/div64.h>
++
++#include "trace.h"
++#include <trace/events/sched.h>
++
++#define NSECS_PER_USECS 1000L
++
++#define CREATE_TRACE_POINTS
++#include <trace/events/hist.h>
++
++enum {
++ IRQSOFF_LATENCY = 0,
++ PREEMPTOFF_LATENCY,
++ PREEMPTIRQSOFF_LATENCY,
++ WAKEUP_LATENCY,
++ WAKEUP_LATENCY_SHAREDPRIO,
++ MISSED_TIMER_OFFSETS,
++ TIMERANDWAKEUP_LATENCY,
++ MAX_LATENCY_TYPE,
++};
++
++#define MAX_ENTRY_NUM 10240
++
++struct hist_data {
++ atomic_t hist_mode; /* 0 log, 1 don't log */
++ long offset; /* set it to MAX_ENTRY_NUM/2 for a bipolar scale */
++ long min_lat;
++ long max_lat;
++ unsigned long long below_hist_bound_samples;
++ unsigned long long above_hist_bound_samples;
++ long long accumulate_lat;
++ unsigned long long total_samples;
++ unsigned long long hist_array[MAX_ENTRY_NUM];
++};
++
++struct enable_data {
++ int latency_type;
++ int enabled;
++};
++
++static char *latency_hist_dir_root = "latency_hist";
++
++#ifdef CONFIG_INTERRUPT_OFF_HIST
++static DEFINE_PER_CPU(struct hist_data, irqsoff_hist);
++static char *irqsoff_hist_dir = "irqsoff";
++static DEFINE_PER_CPU(cycles_t, hist_irqsoff_start);
++static DEFINE_PER_CPU(int, hist_irqsoff_counting);
++#endif
++
++#ifdef CONFIG_PREEMPT_OFF_HIST
++static DEFINE_PER_CPU(struct hist_data, preemptoff_hist);
++static char *preemptoff_hist_dir = "preemptoff";
++static DEFINE_PER_CPU(cycles_t, hist_preemptoff_start);
++static DEFINE_PER_CPU(int, hist_preemptoff_counting);
++#endif
++
++#if defined(CONFIG_PREEMPT_OFF_HIST) && defined(CONFIG_INTERRUPT_OFF_HIST)
++static DEFINE_PER_CPU(struct hist_data, preemptirqsoff_hist);
++static char *preemptirqsoff_hist_dir = "preemptirqsoff";
++static DEFINE_PER_CPU(cycles_t, hist_preemptirqsoff_start);
++static DEFINE_PER_CPU(int, hist_preemptirqsoff_counting);
++#endif
++
++#if defined(CONFIG_PREEMPT_OFF_HIST) || defined(CONFIG_INTERRUPT_OFF_HIST)
++static notrace void probe_preemptirqsoff_hist(void *v, int reason, int start);
++static struct enable_data preemptirqsoff_enabled_data = {
++ .latency_type = PREEMPTIRQSOFF_LATENCY,
++ .enabled = 0,
++};
++#endif
++
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++struct maxlatproc_data {
++ char comm[FIELD_SIZEOF(struct task_struct, comm)];
++ char current_comm[FIELD_SIZEOF(struct task_struct, comm)];
++ int pid;
++ int current_pid;
++ int prio;
++ int current_prio;
++ long latency;
++ long timeroffset;
++ cycle_t timestamp;
++};
++#endif
++
++#ifdef CONFIG_WAKEUP_LATENCY_HIST
++static DEFINE_PER_CPU(struct hist_data, wakeup_latency_hist);
++static DEFINE_PER_CPU(struct hist_data, wakeup_latency_hist_sharedprio);
++static char *wakeup_latency_hist_dir = "wakeup";
++static char *wakeup_latency_hist_dir_sharedprio = "sharedprio";
++static notrace void probe_wakeup_latency_hist_start(void *v,
++ struct task_struct *p, int success);
++static notrace void probe_wakeup_latency_hist_stop(void *v,
++ struct task_struct *prev, struct task_struct *next);
++static notrace void probe_sched_migrate_task(void *,
++ struct task_struct *task, int cpu);
++static struct enable_data wakeup_latency_enabled_data = {
++ .latency_type = WAKEUP_LATENCY,
++ .enabled = 0,
++};
++static DEFINE_PER_CPU(struct maxlatproc_data, wakeup_maxlatproc);
++static DEFINE_PER_CPU(struct maxlatproc_data, wakeup_maxlatproc_sharedprio);
++static DEFINE_PER_CPU(struct task_struct *, wakeup_task);
++static DEFINE_PER_CPU(int, wakeup_sharedprio);
++static unsigned long wakeup_pid;
++#endif
++
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++static DEFINE_PER_CPU(struct hist_data, missed_timer_offsets);
++static char *missed_timer_offsets_dir = "missed_timer_offsets";
++static notrace void probe_hrtimer_interrupt(void *v, int cpu,
++ long long offset, struct task_struct *curr, struct task_struct *task);
++static struct enable_data missed_timer_offsets_enabled_data = {
++ .latency_type = MISSED_TIMER_OFFSETS,
++ .enabled = 0,
++};
++static DEFINE_PER_CPU(struct maxlatproc_data, missed_timer_offsets_maxlatproc);
++static unsigned long missed_timer_offsets_pid;
++#endif
++
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) && \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++static DEFINE_PER_CPU(struct hist_data, timerandwakeup_latency_hist);
++static char *timerandwakeup_latency_hist_dir = "timerandwakeup";
++static struct enable_data timerandwakeup_enabled_data = {
++ .latency_type = TIMERANDWAKEUP_LATENCY,
++ .enabled = 0,
++};
++static DEFINE_PER_CPU(struct maxlatproc_data, timerandwakeup_maxlatproc);
++#endif
++
++void notrace latency_hist(int latency_type, int cpu, long latency,
++ long timeroffset, cycle_t stop,
++ struct task_struct *p)
++{
++ struct hist_data *my_hist;
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++ struct maxlatproc_data *mp = NULL;
++#endif
++
++ if (!cpu_possible(cpu) || latency_type < 0 ||
++ latency_type >= MAX_LATENCY_TYPE)
++ return;
++
++ switch (latency_type) {
++#ifdef CONFIG_INTERRUPT_OFF_HIST
++ case IRQSOFF_LATENCY:
++ my_hist = &per_cpu(irqsoff_hist, cpu);
++ break;
++#endif
++#ifdef CONFIG_PREEMPT_OFF_HIST
++ case PREEMPTOFF_LATENCY:
++ my_hist = &per_cpu(preemptoff_hist, cpu);
++ break;
++#endif
++#if defined(CONFIG_PREEMPT_OFF_HIST) && defined(CONFIG_INTERRUPT_OFF_HIST)
++ case PREEMPTIRQSOFF_LATENCY:
++ my_hist = &per_cpu(preemptirqsoff_hist, cpu);
++ break;
++#endif
++#ifdef CONFIG_WAKEUP_LATENCY_HIST
++ case WAKEUP_LATENCY:
++ my_hist = &per_cpu(wakeup_latency_hist, cpu);
++ mp = &per_cpu(wakeup_maxlatproc, cpu);
++ break;
++ case WAKEUP_LATENCY_SHAREDPRIO:
++ my_hist = &per_cpu(wakeup_latency_hist_sharedprio, cpu);
++ mp = &per_cpu(wakeup_maxlatproc_sharedprio, cpu);
++ break;
++#endif
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++ case MISSED_TIMER_OFFSETS:
++ my_hist = &per_cpu(missed_timer_offsets, cpu);
++ mp = &per_cpu(missed_timer_offsets_maxlatproc, cpu);
++ break;
++#endif
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) && \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++ case TIMERANDWAKEUP_LATENCY:
++ my_hist = &per_cpu(timerandwakeup_latency_hist, cpu);
++ mp = &per_cpu(timerandwakeup_maxlatproc, cpu);
++ break;
++#endif
++
++ default:
++ return;
++ }
++
++ latency += my_hist->offset;
++
++ if (atomic_read(&my_hist->hist_mode) == 0)
++ return;
++
++ if (latency < 0 || latency >= MAX_ENTRY_NUM) {
++ if (latency < 0)
++ my_hist->below_hist_bound_samples++;
++ else
++ my_hist->above_hist_bound_samples++;
++ } else
++ my_hist->hist_array[latency]++;
++
++ if (unlikely(latency > my_hist->max_lat ||
++ my_hist->min_lat == LONG_MAX)) {
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++ if (latency_type == WAKEUP_LATENCY ||
++ latency_type == WAKEUP_LATENCY_SHAREDPRIO ||
++ latency_type == MISSED_TIMER_OFFSETS ||
++ latency_type == TIMERANDWAKEUP_LATENCY) {
++ strncpy(mp->comm, p->comm, sizeof(mp->comm));
++ strncpy(mp->current_comm, current->comm,
++ sizeof(mp->current_comm));
++ mp->pid = task_pid_nr(p);
++ mp->current_pid = task_pid_nr(current);
++ mp->prio = p->prio;
++ mp->current_prio = current->prio;
++ mp->latency = latency;
++ mp->timeroffset = timeroffset;
++ mp->timestamp = stop;
++ }
++#endif
++ my_hist->max_lat = latency;
++ }
++ if (unlikely(latency < my_hist->min_lat))
++ my_hist->min_lat = latency;
++ my_hist->total_samples++;
++ my_hist->accumulate_lat += latency;
++}
++
++static void *l_start(struct seq_file *m, loff_t *pos)
++{
++ loff_t *index_ptr = NULL;
++ loff_t index = *pos;
++ struct hist_data *my_hist = m->private;
++
++ if (index == 0) {
++ char minstr[32], avgstr[32], maxstr[32];
++
++ atomic_dec(&my_hist->hist_mode);
++
++ if (likely(my_hist->total_samples)) {
++ long avg = (long) div64_s64(my_hist->accumulate_lat,
++ my_hist->total_samples);
++ snprintf(minstr, sizeof(minstr), "%ld",
++ my_hist->min_lat - my_hist->offset);
++ snprintf(avgstr, sizeof(avgstr), "%ld",
++ avg - my_hist->offset);
++ snprintf(maxstr, sizeof(maxstr), "%ld",
++ my_hist->max_lat - my_hist->offset);
++ } else {
++ strcpy(minstr, "<undef>");
++ strcpy(avgstr, minstr);
++ strcpy(maxstr, minstr);
++ }
++
++ seq_printf(m, "#Minimum latency: %s microseconds\n"
++ "#Average latency: %s microseconds\n"
++ "#Maximum latency: %s microseconds\n"
++ "#Total samples: %llu\n"
++ "#There are %llu samples lower than %ld"
++ " microseconds.\n"
++ "#There are %llu samples greater or equal"
++ " than %ld microseconds.\n"
++ "#usecs\t%16s\n",
++ minstr, avgstr, maxstr,
++ my_hist->total_samples,
++ my_hist->below_hist_bound_samples,
++ -my_hist->offset,
++ my_hist->above_hist_bound_samples,
++ MAX_ENTRY_NUM - my_hist->offset,
++ "samples");
++ }
++ if (index < MAX_ENTRY_NUM) {
++ index_ptr = kmalloc(sizeof(loff_t), GFP_KERNEL);
++ if (index_ptr)
++ *index_ptr = index;
++ }
++
++ return index_ptr;
++}
++
++static void *l_next(struct seq_file *m, void *p, loff_t *pos)
++{
++ loff_t *index_ptr = p;
++ struct hist_data *my_hist = m->private;
++
++ if (++*pos >= MAX_ENTRY_NUM) {
++ atomic_inc(&my_hist->hist_mode);
++ return NULL;
++ }
++ *index_ptr = *pos;
++ return index_ptr;
++}
++
++static void l_stop(struct seq_file *m, void *p)
++{
++ kfree(p);
++}
++
++static int l_show(struct seq_file *m, void *p)
++{
++ int index = *(loff_t *) p;
++ struct hist_data *my_hist = m->private;
++
++ seq_printf(m, "%6ld\t%16llu\n", index - my_hist->offset,
++ my_hist->hist_array[index]);
++ return 0;
++}
++
++static const struct seq_operations latency_hist_seq_op = {
++ .start = l_start,
++ .next = l_next,
++ .stop = l_stop,
++ .show = l_show
++};
++
++static int latency_hist_open(struct inode *inode, struct file *file)
++{
++ int ret;
++
++ ret = seq_open(file, &latency_hist_seq_op);
++ if (!ret) {
++ struct seq_file *seq = file->private_data;
++ seq->private = inode->i_private;
++ }
++ return ret;
++}
++
++static const struct file_operations latency_hist_fops = {
++ .open = latency_hist_open,
++ .read = seq_read,
++ .llseek = seq_lseek,
++ .release = seq_release,
++};
++
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++static void clear_maxlatprocdata(struct maxlatproc_data *mp)
++{
++ mp->comm[0] = mp->current_comm[0] = '\0';
++ mp->prio = mp->current_prio = mp->pid = mp->current_pid =
++ mp->latency = mp->timeroffset = -1;
++ mp->timestamp = 0;
++}
++#endif
++
++static void hist_reset(struct hist_data *hist)
++{
++ atomic_dec(&hist->hist_mode);
++
++ memset(hist->hist_array, 0, sizeof(hist->hist_array));
++ hist->below_hist_bound_samples = 0ULL;
++ hist->above_hist_bound_samples = 0ULL;
++ hist->min_lat = LONG_MAX;
++ hist->max_lat = LONG_MIN;
++ hist->total_samples = 0ULL;
++ hist->accumulate_lat = 0LL;
++
++ atomic_inc(&hist->hist_mode);
++}
++
++static ssize_t
++latency_hist_reset(struct file *file, const char __user *a,
++ size_t size, loff_t *off)
++{
++ int cpu;
++ struct hist_data *hist = NULL;
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++ struct maxlatproc_data *mp = NULL;
++#endif
++ off_t latency_type = (off_t) file->private_data;
++
++ for_each_online_cpu(cpu) {
++
++ switch (latency_type) {
++#ifdef CONFIG_PREEMPT_OFF_HIST
++ case PREEMPTOFF_LATENCY:
++ hist = &per_cpu(preemptoff_hist, cpu);
++ break;
++#endif
++#ifdef CONFIG_INTERRUPT_OFF_HIST
++ case IRQSOFF_LATENCY:
++ hist = &per_cpu(irqsoff_hist, cpu);
++ break;
++#endif
++#if defined(CONFIG_INTERRUPT_OFF_HIST) && defined(CONFIG_PREEMPT_OFF_HIST)
++ case PREEMPTIRQSOFF_LATENCY:
++ hist = &per_cpu(preemptirqsoff_hist, cpu);
++ break;
++#endif
++#ifdef CONFIG_WAKEUP_LATENCY_HIST
++ case WAKEUP_LATENCY:
++ hist = &per_cpu(wakeup_latency_hist, cpu);
++ mp = &per_cpu(wakeup_maxlatproc, cpu);
++ break;
++ case WAKEUP_LATENCY_SHAREDPRIO:
++ hist = &per_cpu(wakeup_latency_hist_sharedprio, cpu);
++ mp = &per_cpu(wakeup_maxlatproc_sharedprio, cpu);
++ break;
++#endif
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++ case MISSED_TIMER_OFFSETS:
++ hist = &per_cpu(missed_timer_offsets, cpu);
++ mp = &per_cpu(missed_timer_offsets_maxlatproc, cpu);
++ break;
++#endif
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) && \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++ case TIMERANDWAKEUP_LATENCY:
++ hist = &per_cpu(timerandwakeup_latency_hist, cpu);
++ mp = &per_cpu(timerandwakeup_maxlatproc, cpu);
++ break;
++#endif
++ }
++
++ hist_reset(hist);
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++ if (latency_type == WAKEUP_LATENCY ||
++ latency_type == WAKEUP_LATENCY_SHAREDPRIO ||
++ latency_type == MISSED_TIMER_OFFSETS ||
++ latency_type == TIMERANDWAKEUP_LATENCY)
++ clear_maxlatprocdata(mp);
++#endif
++ }
++
++ return size;
++}
++
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++static ssize_t
++show_pid(struct file *file, char __user *ubuf, size_t cnt, loff_t *ppos)
++{
++ char buf[64];
++ int r;
++ unsigned long *this_pid = file->private_data;
++
++ r = snprintf(buf, sizeof(buf), "%lu\n", *this_pid);
++ return simple_read_from_buffer(ubuf, cnt, ppos, buf, r);
++}
++
++static ssize_t do_pid(struct file *file, const char __user *ubuf,
++ size_t cnt, loff_t *ppos)
++{
++ char buf[64];
++ unsigned long pid;
++ unsigned long *this_pid = file->private_data;
++
++ if (cnt >= sizeof(buf))
++ return -EINVAL;
++
++ if (copy_from_user(&buf, ubuf, cnt))
++ return -EFAULT;
++
++ buf[cnt] = '\0';
++
++ if (kstrtoul(buf, 10, &pid))
++ return -EINVAL;
++
++ *this_pid = pid;
++
++ return cnt;
++}
++#endif
++
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++static ssize_t
++show_maxlatproc(struct file *file, char __user *ubuf, size_t cnt, loff_t *ppos)
++{
++ int r;
++ struct maxlatproc_data *mp = file->private_data;
++ int strmaxlen = (TASK_COMM_LEN * 2) + (8 * 8);
++ unsigned long long t;
++ unsigned long usecs, secs;
++ char *buf;
++
++ if (mp->pid == -1 || mp->current_pid == -1) {
++ buf = "(none)\n";
++ return simple_read_from_buffer(ubuf, cnt, ppos, buf,
++ strlen(buf));
++ }
++
++ buf = kmalloc(strmaxlen, GFP_KERNEL);
++ if (buf == NULL)
++ return -ENOMEM;
++
++ t = ns2usecs(mp->timestamp);
++ usecs = do_div(t, USEC_PER_SEC);
++ secs = (unsigned long) t;
++ r = snprintf(buf, strmaxlen,
++ "%d %d %ld (%ld) %s <- %d %d %s %lu.%06lu\n", mp->pid,
++ MAX_RT_PRIO-1 - mp->prio, mp->latency, mp->timeroffset, mp->comm,
++ mp->current_pid, MAX_RT_PRIO-1 - mp->current_prio, mp->current_comm,
++ secs, usecs);
++ r = simple_read_from_buffer(ubuf, cnt, ppos, buf, r);
++ kfree(buf);
++ return r;
++}
++#endif
++
++static ssize_t
++show_enable(struct file *file, char __user *ubuf, size_t cnt, loff_t *ppos)
++{
++ char buf[64];
++ struct enable_data *ed = file->private_data;
++ int r;
++
++ r = snprintf(buf, sizeof(buf), "%d\n", ed->enabled);
++ return simple_read_from_buffer(ubuf, cnt, ppos, buf, r);
++}
++
++static ssize_t
++do_enable(struct file *file, const char __user *ubuf, size_t cnt, loff_t *ppos)
++{
++ char buf[64];
++ long enable;
++ struct enable_data *ed = file->private_data;
++
++ if (cnt >= sizeof(buf))
++ return -EINVAL;
++
++ if (copy_from_user(&buf, ubuf, cnt))
++ return -EFAULT;
++
++ buf[cnt] = 0;
++
++ if (kstrtoul(buf, 10, &enable))
++ return -EINVAL;
++
++ if ((enable && ed->enabled) || (!enable && !ed->enabled))
++ return cnt;
++
++ if (enable) {
++ int ret;
++
++ switch (ed->latency_type) {
++#if defined(CONFIG_INTERRUPT_OFF_HIST) || defined(CONFIG_PREEMPT_OFF_HIST)
++ case PREEMPTIRQSOFF_LATENCY:
++ ret = register_trace_preemptirqsoff_hist(
++ probe_preemptirqsoff_hist, NULL);
++ if (ret) {
++ pr_info("wakeup trace: Couldn't assign "
++ "probe_preemptirqsoff_hist "
++ "to trace_preemptirqsoff_hist\n");
++ return ret;
++ }
++ break;
++#endif
++#ifdef CONFIG_WAKEUP_LATENCY_HIST
++ case WAKEUP_LATENCY:
++ ret = register_trace_sched_wakeup(
++ probe_wakeup_latency_hist_start, NULL);
++ if (ret) {
++ pr_info("wakeup trace: Couldn't assign "
++ "probe_wakeup_latency_hist_start "
++ "to trace_sched_wakeup\n");
++ return ret;
++ }
++ ret = register_trace_sched_wakeup_new(
++ probe_wakeup_latency_hist_start, NULL);
++ if (ret) {
++ pr_info("wakeup trace: Couldn't assign "
++ "probe_wakeup_latency_hist_start "
++ "to trace_sched_wakeup_new\n");
++ unregister_trace_sched_wakeup(
++ probe_wakeup_latency_hist_start, NULL);
++ return ret;
++ }
++ ret = register_trace_sched_switch(
++ probe_wakeup_latency_hist_stop, NULL);
++ if (ret) {
++ pr_info("wakeup trace: Couldn't assign "
++ "probe_wakeup_latency_hist_stop "
++ "to trace_sched_switch\n");
++ unregister_trace_sched_wakeup(
++ probe_wakeup_latency_hist_start, NULL);
++ unregister_trace_sched_wakeup_new(
++ probe_wakeup_latency_hist_start, NULL);
++ return ret;
++ }
++ ret = register_trace_sched_migrate_task(
++ probe_sched_migrate_task, NULL);
++ if (ret) {
++ pr_info("wakeup trace: Couldn't assign "
++ "probe_sched_migrate_task "
++ "to trace_sched_migrate_task\n");
++ unregister_trace_sched_wakeup(
++ probe_wakeup_latency_hist_start, NULL);
++ unregister_trace_sched_wakeup_new(
++ probe_wakeup_latency_hist_start, NULL);
++ unregister_trace_sched_switch(
++ probe_wakeup_latency_hist_stop, NULL);
++ return ret;
++ }
++ break;
++#endif
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++ case MISSED_TIMER_OFFSETS:
++ ret = register_trace_hrtimer_interrupt(
++ probe_hrtimer_interrupt, NULL);
++ if (ret) {
++ pr_info("wakeup trace: Couldn't assign "
++ "probe_hrtimer_interrupt "
++ "to trace_hrtimer_interrupt\n");
++ return ret;
++ }
++ break;
++#endif
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) && \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++ case TIMERANDWAKEUP_LATENCY:
++ if (!wakeup_latency_enabled_data.enabled ||
++ !missed_timer_offsets_enabled_data.enabled)
++ return -EINVAL;
++ break;
++#endif
++ default:
++ break;
++ }
++ } else {
++ switch (ed->latency_type) {
++#if defined(CONFIG_INTERRUPT_OFF_HIST) || defined(CONFIG_PREEMPT_OFF_HIST)
++ case PREEMPTIRQSOFF_LATENCY:
++ {
++ int cpu;
++
++ unregister_trace_preemptirqsoff_hist(
++ probe_preemptirqsoff_hist, NULL);
++ for_each_online_cpu(cpu) {
++#ifdef CONFIG_INTERRUPT_OFF_HIST
++ per_cpu(hist_irqsoff_counting,
++ cpu) = 0;
++#endif
++#ifdef CONFIG_PREEMPT_OFF_HIST
++ per_cpu(hist_preemptoff_counting,
++ cpu) = 0;
++#endif
++#if defined(CONFIG_INTERRUPT_OFF_HIST) && defined(CONFIG_PREEMPT_OFF_HIST)
++ per_cpu(hist_preemptirqsoff_counting,
++ cpu) = 0;
++#endif
++ }
++ }
++ break;
++#endif
++#ifdef CONFIG_WAKEUP_LATENCY_HIST
++ case WAKEUP_LATENCY:
++ {
++ int cpu;
++
++ unregister_trace_sched_wakeup(
++ probe_wakeup_latency_hist_start, NULL);
++ unregister_trace_sched_wakeup_new(
++ probe_wakeup_latency_hist_start, NULL);
++ unregister_trace_sched_switch(
++ probe_wakeup_latency_hist_stop, NULL);
++ unregister_trace_sched_migrate_task(
++ probe_sched_migrate_task, NULL);
++
++ for_each_online_cpu(cpu) {
++ per_cpu(wakeup_task, cpu) = NULL;
++ per_cpu(wakeup_sharedprio, cpu) = 0;
++ }
++ }
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++ timerandwakeup_enabled_data.enabled = 0;
++#endif
++ break;
++#endif
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++ case MISSED_TIMER_OFFSETS:
++ unregister_trace_hrtimer_interrupt(
++ probe_hrtimer_interrupt, NULL);
++#ifdef CONFIG_WAKEUP_LATENCY_HIST
++ timerandwakeup_enabled_data.enabled = 0;
++#endif
++ break;
++#endif
++ default:
++ break;
++ }
++ }
++ ed->enabled = enable;
++ return cnt;
++}
++
++static const struct file_operations latency_hist_reset_fops = {
++ .open = tracing_open_generic,
++ .write = latency_hist_reset,
++};
++
++static const struct file_operations enable_fops = {
++ .open = tracing_open_generic,
++ .read = show_enable,
++ .write = do_enable,
++};
++
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++static const struct file_operations pid_fops = {
++ .open = tracing_open_generic,
++ .read = show_pid,
++ .write = do_pid,
++};
++
++static const struct file_operations maxlatproc_fops = {
++ .open = tracing_open_generic,
++ .read = show_maxlatproc,
++};
++#endif
++
++#if defined(CONFIG_INTERRUPT_OFF_HIST) || defined(CONFIG_PREEMPT_OFF_HIST)
++static notrace void probe_preemptirqsoff_hist(void *v, int reason,
++ int starthist)
++{
++ int cpu = raw_smp_processor_id();
++ int time_set = 0;
++
++ if (starthist) {
++ cycle_t uninitialized_var(start);
++
++ if (!preempt_count() && !irqs_disabled())
++ return;
++
++#ifdef CONFIG_INTERRUPT_OFF_HIST
++ if ((reason == IRQS_OFF || reason == TRACE_START) &&
++ !per_cpu(hist_irqsoff_counting, cpu)) {
++ per_cpu(hist_irqsoff_counting, cpu) = 1;
++ start = ftrace_now(cpu);
++ time_set++;
++ per_cpu(hist_irqsoff_start, cpu) = start;
++ }
++#endif
++
++#ifdef CONFIG_PREEMPT_OFF_HIST
++ if ((reason == PREEMPT_OFF || reason == TRACE_START) &&
++ !per_cpu(hist_preemptoff_counting, cpu)) {
++ per_cpu(hist_preemptoff_counting, cpu) = 1;
++ if (!(time_set++))
++ start = ftrace_now(cpu);
++ per_cpu(hist_preemptoff_start, cpu) = start;
++ }
++#endif
++
++#if defined(CONFIG_INTERRUPT_OFF_HIST) && defined(CONFIG_PREEMPT_OFF_HIST)
++ if (per_cpu(hist_irqsoff_counting, cpu) &&
++ per_cpu(hist_preemptoff_counting, cpu) &&
++ !per_cpu(hist_preemptirqsoff_counting, cpu)) {
++ per_cpu(hist_preemptirqsoff_counting, cpu) = 1;
++ if (!time_set)
++ start = ftrace_now(cpu);
++ per_cpu(hist_preemptirqsoff_start, cpu) = start;
++ }
++#endif
++ } else {
++ cycle_t uninitialized_var(stop);
++
++#ifdef CONFIG_INTERRUPT_OFF_HIST
++ if ((reason == IRQS_ON || reason == TRACE_STOP) &&
++ per_cpu(hist_irqsoff_counting, cpu)) {
++ cycle_t start = per_cpu(hist_irqsoff_start, cpu);
++
++ stop = ftrace_now(cpu);
++ time_set++;
++ if (start) {
++ long latency = ((long) (stop - start)) /
++ NSECS_PER_USECS;
++
++ latency_hist(IRQSOFF_LATENCY, cpu, latency, 0,
++ stop, NULL);
++ }
++ per_cpu(hist_irqsoff_counting, cpu) = 0;
++ }
++#endif
++
++#ifdef CONFIG_PREEMPT_OFF_HIST
++ if ((reason == PREEMPT_ON || reason == TRACE_STOP) &&
++ per_cpu(hist_preemptoff_counting, cpu)) {
++ cycle_t start = per_cpu(hist_preemptoff_start, cpu);
++
++ if (!(time_set++))
++ stop = ftrace_now(cpu);
++ if (start) {
++ long latency = ((long) (stop - start)) /
++ NSECS_PER_USECS;
++
++ latency_hist(PREEMPTOFF_LATENCY, cpu, latency,
++ 0, stop, NULL);
++ }
++ per_cpu(hist_preemptoff_counting, cpu) = 0;
++ }
++#endif
++
++#if defined(CONFIG_INTERRUPT_OFF_HIST) && defined(CONFIG_PREEMPT_OFF_HIST)
++ if ((!per_cpu(hist_irqsoff_counting, cpu) ||
++ !per_cpu(hist_preemptoff_counting, cpu)) &&
++ per_cpu(hist_preemptirqsoff_counting, cpu)) {
++ cycle_t start = per_cpu(hist_preemptirqsoff_start, cpu);
++
++ if (!time_set)
++ stop = ftrace_now(cpu);
++ if (start) {
++ long latency = ((long) (stop - start)) /
++ NSECS_PER_USECS;
++
++ latency_hist(PREEMPTIRQSOFF_LATENCY, cpu,
++ latency, 0, stop, NULL);
++ }
++ per_cpu(hist_preemptirqsoff_counting, cpu) = 0;
++ }
++#endif
++ }
++}
++#endif
++
++#ifdef CONFIG_WAKEUP_LATENCY_HIST
++static DEFINE_RAW_SPINLOCK(wakeup_lock);
++static notrace void probe_sched_migrate_task(void *v, struct task_struct *task,
++ int cpu)
++{
++ int old_cpu = task_cpu(task);
++
++ if (cpu != old_cpu) {
++ unsigned long flags;
++ struct task_struct *cpu_wakeup_task;
++
++ raw_spin_lock_irqsave(&wakeup_lock, flags);
++
++ cpu_wakeup_task = per_cpu(wakeup_task, old_cpu);
++ if (task == cpu_wakeup_task) {
++ put_task_struct(cpu_wakeup_task);
++ per_cpu(wakeup_task, old_cpu) = NULL;
++ cpu_wakeup_task = per_cpu(wakeup_task, cpu) = task;
++ get_task_struct(cpu_wakeup_task);
++ }
++
++ raw_spin_unlock_irqrestore(&wakeup_lock, flags);
++ }
++}
++
++static notrace void probe_wakeup_latency_hist_start(void *v,
++ struct task_struct *p, int success)
++{
++ unsigned long flags;
++ struct task_struct *curr = current;
++ int cpu = task_cpu(p);
++ struct task_struct *cpu_wakeup_task;
++
++ raw_spin_lock_irqsave(&wakeup_lock, flags);
++
++ cpu_wakeup_task = per_cpu(wakeup_task, cpu);
++
++ if (wakeup_pid) {
++ if ((cpu_wakeup_task && p->prio == cpu_wakeup_task->prio) ||
++ p->prio == curr->prio)
++ per_cpu(wakeup_sharedprio, cpu) = 1;
++ if (likely(wakeup_pid != task_pid_nr(p)))
++ goto out;
++ } else {
++ if (likely(!rt_task(p)) ||
++ (cpu_wakeup_task && p->prio > cpu_wakeup_task->prio) ||
++ p->prio > curr->prio)
++ goto out;
++ if ((cpu_wakeup_task && p->prio == cpu_wakeup_task->prio) ||
++ p->prio == curr->prio)
++ per_cpu(wakeup_sharedprio, cpu) = 1;
++ }
++
++ if (cpu_wakeup_task)
++ put_task_struct(cpu_wakeup_task);
++ cpu_wakeup_task = per_cpu(wakeup_task, cpu) = p;
++ get_task_struct(cpu_wakeup_task);
++ cpu_wakeup_task->preempt_timestamp_hist =
++ ftrace_now(raw_smp_processor_id());
++out:
++ raw_spin_unlock_irqrestore(&wakeup_lock, flags);
++}
++
++static notrace void probe_wakeup_latency_hist_stop(void *v,
++ struct task_struct *prev, struct task_struct *next)
++{
++ unsigned long flags;
++ int cpu = task_cpu(next);
++ long latency;
++ cycle_t stop;
++ struct task_struct *cpu_wakeup_task;
++
++ raw_spin_lock_irqsave(&wakeup_lock, flags);
++
++ cpu_wakeup_task = per_cpu(wakeup_task, cpu);
++
++ if (cpu_wakeup_task == NULL)
++ goto out;
++
++ /* Already running? */
++ if (unlikely(current == cpu_wakeup_task))
++ goto out_reset;
++
++ if (next != cpu_wakeup_task) {
++ if (next->prio < cpu_wakeup_task->prio)
++ goto out_reset;
++
++ if (next->prio == cpu_wakeup_task->prio)
++ per_cpu(wakeup_sharedprio, cpu) = 1;
++
++ goto out;
++ }
++
++ if (current->prio == cpu_wakeup_task->prio)
++ per_cpu(wakeup_sharedprio, cpu) = 1;
++
++ /*
++ * The task we are waiting for is about to be switched to.
++ * Calculate latency and store it in histogram.
++ */
++ stop = ftrace_now(raw_smp_processor_id());
++
++ latency = ((long) (stop - next->preempt_timestamp_hist)) /
++ NSECS_PER_USECS;
++
++ if (per_cpu(wakeup_sharedprio, cpu)) {
++ latency_hist(WAKEUP_LATENCY_SHAREDPRIO, cpu, latency, 0, stop,
++ next);
++ per_cpu(wakeup_sharedprio, cpu) = 0;
++ } else {
++ latency_hist(WAKEUP_LATENCY, cpu, latency, 0, stop, next);
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++ if (timerandwakeup_enabled_data.enabled) {
++ latency_hist(TIMERANDWAKEUP_LATENCY, cpu,
++ next->timer_offset + latency, next->timer_offset,
++ stop, next);
++ }
++#endif
++ }
++
++out_reset:
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++ next->timer_offset = 0;
++#endif
++ put_task_struct(cpu_wakeup_task);
++ per_cpu(wakeup_task, cpu) = NULL;
++out:
++ raw_spin_unlock_irqrestore(&wakeup_lock, flags);
++}
++#endif
++
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++static notrace void probe_hrtimer_interrupt(void *v, int cpu,
++ long long latency_ns, struct task_struct *curr,
++ struct task_struct *task)
++{
++ if (latency_ns <= 0 && task != NULL && rt_task(task) &&
++ (task->prio < curr->prio ||
++ (task->prio == curr->prio &&
++ !cpumask_test_cpu(cpu, &task->cpus_allowed)))) {
++ long latency;
++ cycle_t now;
++
++ if (missed_timer_offsets_pid) {
++ if (likely(missed_timer_offsets_pid !=
++ task_pid_nr(task)))
++ return;
++ }
++
++ now = ftrace_now(cpu);
++ latency = (long) div_s64(-latency_ns, NSECS_PER_USECS);
++ latency_hist(MISSED_TIMER_OFFSETS, cpu, latency, latency, now,
++ task);
++#ifdef CONFIG_WAKEUP_LATENCY_HIST
++ task->timer_offset = latency;
++#endif
++ }
++}
++#endif
++
++static __init int latency_hist_init(void)
++{
++ struct dentry *latency_hist_root = NULL;
++ struct dentry *dentry;
++#ifdef CONFIG_WAKEUP_LATENCY_HIST
++ struct dentry *dentry_sharedprio;
++#endif
++ struct dentry *entry;
++ struct dentry *enable_root;
++ int i = 0;
++ struct hist_data *my_hist;
++ char name[64];
++ char *cpufmt = "CPU%d";
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) || \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++ char *cpufmt_maxlatproc = "max_latency-CPU%d";
++ struct maxlatproc_data *mp = NULL;
++#endif
++
++ dentry = tracing_init_dentry();
++ latency_hist_root = debugfs_create_dir(latency_hist_dir_root, dentry);
++ enable_root = debugfs_create_dir("enable", latency_hist_root);
++
++#ifdef CONFIG_INTERRUPT_OFF_HIST
++ dentry = debugfs_create_dir(irqsoff_hist_dir, latency_hist_root);
++ for_each_possible_cpu(i) {
++ sprintf(name, cpufmt, i);
++ entry = debugfs_create_file(name, 0444, dentry,
++ &per_cpu(irqsoff_hist, i), &latency_hist_fops);
++ my_hist = &per_cpu(irqsoff_hist, i);
++ atomic_set(&my_hist->hist_mode, 1);
++ my_hist->min_lat = LONG_MAX;
++ }
++ entry = debugfs_create_file("reset", 0644, dentry,
++ (void *)IRQSOFF_LATENCY, &latency_hist_reset_fops);
++#endif
++
++#ifdef CONFIG_PREEMPT_OFF_HIST
++ dentry = debugfs_create_dir(preemptoff_hist_dir,
++ latency_hist_root);
++ for_each_possible_cpu(i) {
++ sprintf(name, cpufmt, i);
++ entry = debugfs_create_file(name, 0444, dentry,
++ &per_cpu(preemptoff_hist, i), &latency_hist_fops);
++ my_hist = &per_cpu(preemptoff_hist, i);
++ atomic_set(&my_hist->hist_mode, 1);
++ my_hist->min_lat = LONG_MAX;
++ }
++ entry = debugfs_create_file("reset", 0644, dentry,
++ (void *)PREEMPTOFF_LATENCY, &latency_hist_reset_fops);
++#endif
++
++#if defined(CONFIG_INTERRUPT_OFF_HIST) && defined(CONFIG_PREEMPT_OFF_HIST)
++ dentry = debugfs_create_dir(preemptirqsoff_hist_dir,
++ latency_hist_root);
++ for_each_possible_cpu(i) {
++ sprintf(name, cpufmt, i);
++ entry = debugfs_create_file(name, 0444, dentry,
++ &per_cpu(preemptirqsoff_hist, i), &latency_hist_fops);
++ my_hist = &per_cpu(preemptirqsoff_hist, i);
++ atomic_set(&my_hist->hist_mode, 1);
++ my_hist->min_lat = LONG_MAX;
++ }
++ entry = debugfs_create_file("reset", 0644, dentry,
++ (void *)PREEMPTIRQSOFF_LATENCY, &latency_hist_reset_fops);
++#endif
++
++#if defined(CONFIG_INTERRUPT_OFF_HIST) || defined(CONFIG_PREEMPT_OFF_HIST)
++ entry = debugfs_create_file("preemptirqsoff", 0644,
++ enable_root, (void *)&preemptirqsoff_enabled_data,
++ &enable_fops);
++#endif
++
++#ifdef CONFIG_WAKEUP_LATENCY_HIST
++ dentry = debugfs_create_dir(wakeup_latency_hist_dir,
++ latency_hist_root);
++ dentry_sharedprio = debugfs_create_dir(
++ wakeup_latency_hist_dir_sharedprio, dentry);
++ for_each_possible_cpu(i) {
++ sprintf(name, cpufmt, i);
++
++ entry = debugfs_create_file(name, 0444, dentry,
++ &per_cpu(wakeup_latency_hist, i),
++ &latency_hist_fops);
++ my_hist = &per_cpu(wakeup_latency_hist, i);
++ atomic_set(&my_hist->hist_mode, 1);
++ my_hist->min_lat = LONG_MAX;
++
++ entry = debugfs_create_file(name, 0444, dentry_sharedprio,
++ &per_cpu(wakeup_latency_hist_sharedprio, i),
++ &latency_hist_fops);
++ my_hist = &per_cpu(wakeup_latency_hist_sharedprio, i);
++ atomic_set(&my_hist->hist_mode, 1);
++ my_hist->min_lat = LONG_MAX;
++
++ sprintf(name, cpufmt_maxlatproc, i);
++
++ mp = &per_cpu(wakeup_maxlatproc, i);
++ entry = debugfs_create_file(name, 0444, dentry, mp,
++ &maxlatproc_fops);
++ clear_maxlatprocdata(mp);
++
++ mp = &per_cpu(wakeup_maxlatproc_sharedprio, i);
++ entry = debugfs_create_file(name, 0444, dentry_sharedprio, mp,
++ &maxlatproc_fops);
++ clear_maxlatprocdata(mp);
++ }
++ entry = debugfs_create_file("pid", 0644, dentry,
++ (void *)&wakeup_pid, &pid_fops);
++ entry = debugfs_create_file("reset", 0644, dentry,
++ (void *)WAKEUP_LATENCY, &latency_hist_reset_fops);
++ entry = debugfs_create_file("reset", 0644, dentry_sharedprio,
++ (void *)WAKEUP_LATENCY_SHAREDPRIO, &latency_hist_reset_fops);
++ entry = debugfs_create_file("wakeup", 0644,
++ enable_root, (void *)&wakeup_latency_enabled_data,
++ &enable_fops);
++#endif
++
++#ifdef CONFIG_MISSED_TIMER_OFFSETS_HIST
++ dentry = debugfs_create_dir(missed_timer_offsets_dir,
++ latency_hist_root);
++ for_each_possible_cpu(i) {
++ sprintf(name, cpufmt, i);
++ entry = debugfs_create_file(name, 0444, dentry,
++ &per_cpu(missed_timer_offsets, i), &latency_hist_fops);
++ my_hist = &per_cpu(missed_timer_offsets, i);
++ atomic_set(&my_hist->hist_mode, 1);
++ my_hist->min_lat = LONG_MAX;
++
++ sprintf(name, cpufmt_maxlatproc, i);
++ mp = &per_cpu(missed_timer_offsets_maxlatproc, i);
++ entry = debugfs_create_file(name, 0444, dentry, mp,
++ &maxlatproc_fops);
++ clear_maxlatprocdata(mp);
++ }
++ entry = debugfs_create_file("pid", 0644, dentry,
++ (void *)&missed_timer_offsets_pid, &pid_fops);
++ entry = debugfs_create_file("reset", 0644, dentry,
++ (void *)MISSED_TIMER_OFFSETS, &latency_hist_reset_fops);
++ entry = debugfs_create_file("missed_timer_offsets", 0644,
++ enable_root, (void *)&missed_timer_offsets_enabled_data,
++ &enable_fops);
++#endif
++
++#if defined(CONFIG_WAKEUP_LATENCY_HIST) && \
++ defined(CONFIG_MISSED_TIMER_OFFSETS_HIST)
++ dentry = debugfs_create_dir(timerandwakeup_latency_hist_dir,
++ latency_hist_root);
++ for_each_possible_cpu(i) {
++ sprintf(name, cpufmt, i);
++ entry = debugfs_create_file(name, 0444, dentry,
++ &per_cpu(timerandwakeup_latency_hist, i),
++ &latency_hist_fops);
++ my_hist = &per_cpu(timerandwakeup_latency_hist, i);
++ atomic_set(&my_hist->hist_mode, 1);
++ my_hist->min_lat = LONG_MAX;
++
++ sprintf(name, cpufmt_maxlatproc, i);
++ mp = &per_cpu(timerandwakeup_maxlatproc, i);
++ entry = debugfs_create_file(name, 0444, dentry, mp,
++ &maxlatproc_fops);
++ clear_maxlatprocdata(mp);
++ }
++ entry = debugfs_create_file("reset", 0644, dentry,
++ (void *)TIMERANDWAKEUP_LATENCY, &latency_hist_reset_fops);
++ entry = debugfs_create_file("timerandwakeup", 0644,
++ enable_root, (void *)&timerandwakeup_enabled_data,
++ &enable_fops);
++#endif
++ return 0;
++}
++
++device_initcall(latency_hist_init);
+diff -Nur linux-3.18.9.orig/kernel/trace/Makefile linux-3.18.9/kernel/trace/Makefile
+--- linux-3.18.9.orig/kernel/trace/Makefile 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/trace/Makefile 2015-03-15 16:03:03.860094875 -0500
+@@ -36,6 +36,10 @@
+ obj-$(CONFIG_IRQSOFF_TRACER) += trace_irqsoff.o
+ obj-$(CONFIG_PREEMPT_TRACER) += trace_irqsoff.o
+ obj-$(CONFIG_SCHED_TRACER) += trace_sched_wakeup.o
++obj-$(CONFIG_INTERRUPT_OFF_HIST) += latency_hist.o
++obj-$(CONFIG_PREEMPT_OFF_HIST) += latency_hist.o
++obj-$(CONFIG_WAKEUP_LATENCY_HIST) += latency_hist.o
++obj-$(CONFIG_MISSED_TIMER_OFFSETS_HIST) += latency_hist.o
+ obj-$(CONFIG_NOP_TRACER) += trace_nop.o
+ obj-$(CONFIG_STACK_TRACER) += trace_stack.o
+ obj-$(CONFIG_MMIOTRACE) += trace_mmiotrace.o
+diff -Nur linux-3.18.9.orig/kernel/trace/trace.c linux-3.18.9/kernel/trace/trace.c
+--- linux-3.18.9.orig/kernel/trace/trace.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/trace/trace.c 2015-03-15 16:03:03.860094875 -0500
+@@ -1579,6 +1579,7 @@
+ struct task_struct *tsk = current;
+
+ entry->preempt_count = pc & 0xff;
++ entry->preempt_lazy_count = preempt_lazy_count();
+ entry->pid = (tsk) ? tsk->pid : 0;
+ entry->flags =
+ #ifdef CONFIG_TRACE_IRQFLAGS_SUPPORT
+@@ -1588,8 +1589,11 @@
+ #endif
+ ((pc & HARDIRQ_MASK) ? TRACE_FLAG_HARDIRQ : 0) |
+ ((pc & SOFTIRQ_MASK) ? TRACE_FLAG_SOFTIRQ : 0) |
+- (tif_need_resched() ? TRACE_FLAG_NEED_RESCHED : 0) |
++ (tif_need_resched_now() ? TRACE_FLAG_NEED_RESCHED : 0) |
++ (need_resched_lazy() ? TRACE_FLAG_NEED_RESCHED_LAZY : 0) |
+ (test_preempt_need_resched() ? TRACE_FLAG_PREEMPT_RESCHED : 0);
++
++ entry->migrate_disable = (tsk) ? __migrate_disabled(tsk) & 0xFF : 0;
+ }
+ EXPORT_SYMBOL_GPL(tracing_generic_entry_update);
+
+@@ -2509,14 +2513,17 @@
+
+ static void print_lat_help_header(struct seq_file *m)
+ {
+- seq_puts(m, "# _------=> CPU# \n");
+- seq_puts(m, "# / _-----=> irqs-off \n");
+- seq_puts(m, "# | / _----=> need-resched \n");
+- seq_puts(m, "# || / _---=> hardirq/softirq \n");
+- seq_puts(m, "# ||| / _--=> preempt-depth \n");
+- seq_puts(m, "# |||| / delay \n");
+- seq_puts(m, "# cmd pid ||||| time | caller \n");
+- seq_puts(m, "# \\ / ||||| \\ | / \n");
++ seq_puts(m, "# _--------=> CPU# \n");
++ seq_puts(m, "# / _-------=> irqs-off \n");
++ seq_puts(m, "# | / _------=> need-resched \n");
++ seq_puts(m, "# || / _-----=> need-resched_lazy \n");
++ seq_puts(m, "# ||| / _----=> hardirq/softirq \n");
++ seq_puts(m, "# |||| / _---=> preempt-depth \n");
++ seq_puts(m, "# ||||| / _--=> preempt-lazy-depth\n");
++ seq_puts(m, "# |||||| / _-=> migrate-disable \n");
++ seq_puts(m, "# ||||||| / delay \n");
++ seq_puts(m, "# cmd pid |||||||| time | caller \n");
++ seq_puts(m, "# \\ / |||||||| \\ | / \n");
+ }
+
+ static void print_event_info(struct trace_buffer *buf, struct seq_file *m)
+@@ -2540,13 +2547,16 @@
+ static void print_func_help_header_irq(struct trace_buffer *buf, struct seq_file *m)
+ {
+ print_event_info(buf, m);
+- seq_puts(m, "# _-----=> irqs-off\n");
+- seq_puts(m, "# / _----=> need-resched\n");
+- seq_puts(m, "# | / _---=> hardirq/softirq\n");
+- seq_puts(m, "# || / _--=> preempt-depth\n");
+- seq_puts(m, "# ||| / delay\n");
+- seq_puts(m, "# TASK-PID CPU# |||| TIMESTAMP FUNCTION\n");
+- seq_puts(m, "# | | | |||| | |\n");
++ seq_puts(m, "# _-------=> irqs-off \n");
++ seq_puts(m, "# / _------=> need-resched \n");
++ seq_puts(m, "# |/ _-----=> need-resched_lazy \n");
++ seq_puts(m, "# ||/ _----=> hardirq/softirq \n");
++ seq_puts(m, "# |||/ _---=> preempt-depth \n");
++ seq_puts(m, "# ||||/ _--=> preempt-lazy-depth\n");
++ seq_puts(m, "# ||||| / _-=> migrate-disable \n");
++ seq_puts(m, "# |||||| / delay\n");
++ seq_puts(m, "# TASK-PID CPU# |||||| TIMESTAMP FUNCTION\n");
++ seq_puts(m, "# | | | |||||| | |\n");
+ }
+
+ void
+diff -Nur linux-3.18.9.orig/kernel/trace/trace_events.c linux-3.18.9/kernel/trace/trace_events.c
+--- linux-3.18.9.orig/kernel/trace/trace_events.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/trace/trace_events.c 2015-03-15 16:03:03.860094875 -0500
+@@ -162,6 +162,8 @@
+ __common_field(unsigned char, flags);
+ __common_field(unsigned char, preempt_count);
+ __common_field(int, pid);
++ __common_field(unsigned short, migrate_disable);
++ __common_field(unsigned short, padding);
+
+ return ret;
+ }
+diff -Nur linux-3.18.9.orig/kernel/trace/trace.h linux-3.18.9/kernel/trace/trace.h
+--- linux-3.18.9.orig/kernel/trace/trace.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/trace/trace.h 2015-03-15 16:03:03.860094875 -0500
+@@ -119,6 +119,7 @@
+ * NEED_RESCHED - reschedule is requested
+ * HARDIRQ - inside an interrupt handler
+ * SOFTIRQ - inside a softirq handler
++ * NEED_RESCHED_LAZY - lazy reschedule is requested
+ */
+ enum trace_flag_type {
+ TRACE_FLAG_IRQS_OFF = 0x01,
+@@ -127,6 +128,7 @@
+ TRACE_FLAG_HARDIRQ = 0x08,
+ TRACE_FLAG_SOFTIRQ = 0x10,
+ TRACE_FLAG_PREEMPT_RESCHED = 0x20,
++ TRACE_FLAG_NEED_RESCHED_LAZY = 0x40,
+ };
+
+ #define TRACE_BUF_SIZE 1024
+diff -Nur linux-3.18.9.orig/kernel/trace/trace_irqsoff.c linux-3.18.9/kernel/trace/trace_irqsoff.c
+--- linux-3.18.9.orig/kernel/trace/trace_irqsoff.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/trace/trace_irqsoff.c 2015-03-15 16:03:03.860094875 -0500
+@@ -17,6 +17,7 @@
+ #include <linux/fs.h>
+
+ #include "trace.h"
++#include <trace/events/hist.h>
+
+ static struct trace_array *irqsoff_trace __read_mostly;
+ static int tracer_enabled __read_mostly;
+@@ -435,11 +436,13 @@
+ {
+ if (preempt_trace() || irq_trace())
+ start_critical_timing(CALLER_ADDR0, CALLER_ADDR1);
++ trace_preemptirqsoff_hist(TRACE_START, 1);
+ }
+ EXPORT_SYMBOL_GPL(start_critical_timings);
+
+ void stop_critical_timings(void)
+ {
++ trace_preemptirqsoff_hist(TRACE_STOP, 0);
+ if (preempt_trace() || irq_trace())
+ stop_critical_timing(CALLER_ADDR0, CALLER_ADDR1);
+ }
+@@ -449,6 +452,7 @@
+ #ifdef CONFIG_PROVE_LOCKING
+ void time_hardirqs_on(unsigned long a0, unsigned long a1)
+ {
++ trace_preemptirqsoff_hist(IRQS_ON, 0);
+ if (!preempt_trace() && irq_trace())
+ stop_critical_timing(a0, a1);
+ }
+@@ -457,6 +461,7 @@
+ {
+ if (!preempt_trace() && irq_trace())
+ start_critical_timing(a0, a1);
++ trace_preemptirqsoff_hist(IRQS_OFF, 1);
+ }
+
+ #else /* !CONFIG_PROVE_LOCKING */
+@@ -482,6 +487,7 @@
+ */
+ void trace_hardirqs_on(void)
+ {
++ trace_preemptirqsoff_hist(IRQS_ON, 0);
+ if (!preempt_trace() && irq_trace())
+ stop_critical_timing(CALLER_ADDR0, CALLER_ADDR1);
+ }
+@@ -491,11 +497,13 @@
+ {
+ if (!preempt_trace() && irq_trace())
+ start_critical_timing(CALLER_ADDR0, CALLER_ADDR1);
++ trace_preemptirqsoff_hist(IRQS_OFF, 1);
+ }
+ EXPORT_SYMBOL(trace_hardirqs_off);
+
+ __visible void trace_hardirqs_on_caller(unsigned long caller_addr)
+ {
++ trace_preemptirqsoff_hist(IRQS_ON, 0);
+ if (!preempt_trace() && irq_trace())
+ stop_critical_timing(CALLER_ADDR0, caller_addr);
+ }
+@@ -505,6 +513,7 @@
+ {
+ if (!preempt_trace() && irq_trace())
+ start_critical_timing(CALLER_ADDR0, caller_addr);
++ trace_preemptirqsoff_hist(IRQS_OFF, 1);
+ }
+ EXPORT_SYMBOL(trace_hardirqs_off_caller);
+
+@@ -514,12 +523,14 @@
+ #ifdef CONFIG_PREEMPT_TRACER
+ void trace_preempt_on(unsigned long a0, unsigned long a1)
+ {
++ trace_preemptirqsoff_hist(PREEMPT_ON, 0);
+ if (preempt_trace() && !irq_trace())
+ stop_critical_timing(a0, a1);
+ }
+
+ void trace_preempt_off(unsigned long a0, unsigned long a1)
+ {
++ trace_preemptirqsoff_hist(PREEMPT_ON, 1);
+ if (preempt_trace() && !irq_trace())
+ start_critical_timing(a0, a1);
+ }
+diff -Nur linux-3.18.9.orig/kernel/trace/trace_output.c linux-3.18.9/kernel/trace/trace_output.c
+--- linux-3.18.9.orig/kernel/trace/trace_output.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/trace/trace_output.c 2015-03-15 16:03:03.860094875 -0500
+@@ -410,6 +410,7 @@
+ {
+ char hardsoft_irq;
+ char need_resched;
++ char need_resched_lazy;
+ char irqs_off;
+ int hardirq;
+ int softirq;
+@@ -438,6 +439,8 @@
+ need_resched = '.';
+ break;
+ }
++ need_resched_lazy =
++ (entry->flags & TRACE_FLAG_NEED_RESCHED_LAZY) ? 'L' : '.';
+
+ hardsoft_irq =
+ (hardirq && softirq) ? 'H' :
+@@ -445,8 +448,9 @@
+ softirq ? 's' :
+ '.';
+
+- if (!trace_seq_printf(s, "%c%c%c",
+- irqs_off, need_resched, hardsoft_irq))
++ if (!trace_seq_printf(s, "%c%c%c%c",
++ irqs_off, need_resched, need_resched_lazy,
++ hardsoft_irq))
+ return 0;
+
+ if (entry->preempt_count)
+@@ -454,6 +458,16 @@
+ else
+ ret = trace_seq_putc(s, '.');
+
++ if (entry->preempt_lazy_count)
++ ret = trace_seq_printf(s, "%x", entry->preempt_lazy_count);
++ else
++ ret = trace_seq_putc(s, '.');
++
++ if (entry->migrate_disable)
++ ret = trace_seq_printf(s, "%x", entry->migrate_disable);
++ else
++ ret = trace_seq_putc(s, '.');
++
+ return ret;
+ }
+
+diff -Nur linux-3.18.9.orig/kernel/user.c linux-3.18.9/kernel/user.c
+--- linux-3.18.9.orig/kernel/user.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/user.c 2015-03-15 16:03:03.860094875 -0500
+@@ -158,11 +158,11 @@
+ if (!up)
+ return;
+
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+ if (atomic_dec_and_lock(&up->__count, &uidhash_lock))
+ free_user(up, flags);
+ else
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ }
+
+ struct user_struct *alloc_uid(kuid_t uid)
+diff -Nur linux-3.18.9.orig/kernel/watchdog.c linux-3.18.9/kernel/watchdog.c
+--- linux-3.18.9.orig/kernel/watchdog.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/watchdog.c 2015-03-15 16:03:03.864094875 -0500
+@@ -248,6 +248,8 @@
+
+ #ifdef CONFIG_HARDLOCKUP_DETECTOR
+
++static DEFINE_RAW_SPINLOCK(watchdog_output_lock);
++
+ static struct perf_event_attr wd_hw_attr = {
+ .type = PERF_TYPE_HARDWARE,
+ .config = PERF_COUNT_HW_CPU_CYCLES,
+@@ -281,13 +283,21 @@
+ /* only print hardlockups once */
+ if (__this_cpu_read(hard_watchdog_warn) == true)
+ return;
++ /*
++ * If early-printk is enabled then make sure we do not
++ * lock up in printk() and kill console logging:
++ */
++ printk_kill();
+
+- if (hardlockup_panic)
++ if (hardlockup_panic) {
+ panic("Watchdog detected hard LOCKUP on cpu %d",
+ this_cpu);
+- else
++ } else {
++ raw_spin_lock(&watchdog_output_lock);
+ WARN(1, "Watchdog detected hard LOCKUP on cpu %d",
+ this_cpu);
++ raw_spin_unlock(&watchdog_output_lock);
++ }
+
+ __this_cpu_write(hard_watchdog_warn, true);
+ return;
+@@ -430,6 +440,7 @@
+ /* kick off the timer for the hardlockup detector */
+ hrtimer_init(hrtimer, CLOCK_MONOTONIC, HRTIMER_MODE_REL);
+ hrtimer->function = watchdog_timer_fn;
++ hrtimer->irqsafe = 1;
+
+ /* Enable the perf event */
+ watchdog_nmi_enable(cpu);
+diff -Nur linux-3.18.9.orig/kernel/workqueue.c linux-3.18.9/kernel/workqueue.c
+--- linux-3.18.9.orig/kernel/workqueue.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/workqueue.c 2015-03-15 16:03:03.864094875 -0500
+@@ -48,6 +48,8 @@
+ #include <linux/nodemask.h>
+ #include <linux/moduleparam.h>
+ #include <linux/uaccess.h>
++#include <linux/locallock.h>
++#include <linux/delay.h>
+
+ #include "workqueue_internal.h"
+
+@@ -121,15 +123,20 @@
+ * cpu or grabbing pool->lock is enough for read access. If
+ * POOL_DISASSOCIATED is set, it's identical to L.
+ *
++ * On RT we need the extra protection via rt_lock_idle_list() for
++ * the list manipulations against read access from
++ * wq_worker_sleeping(). All other places are nicely serialized via
++ * pool->lock.
++ *
+ * A: pool->attach_mutex protected.
+ *
+ * PL: wq_pool_mutex protected.
+ *
+- * PR: wq_pool_mutex protected for writes. Sched-RCU protected for reads.
++ * PR: wq_pool_mutex protected for writes. RCU protected for reads.
+ *
+ * WQ: wq->mutex protected.
+ *
+- * WR: wq->mutex protected for writes. Sched-RCU protected for reads.
++ * WR: wq->mutex protected for writes. RCU protected for reads.
+ *
+ * MD: wq_mayday_lock protected.
+ */
+@@ -177,7 +184,7 @@
+ atomic_t nr_running ____cacheline_aligned_in_smp;
+
+ /*
+- * Destruction of pool is sched-RCU protected to allow dereferences
++ * Destruction of pool is RCU protected to allow dereferences
+ * from get_work_pool().
+ */
+ struct rcu_head rcu;
+@@ -206,7 +213,7 @@
+ /*
+ * Release of unbound pwq is punted to system_wq. See put_pwq()
+ * and pwq_unbound_release_workfn() for details. pool_workqueue
+- * itself is also sched-RCU protected so that the first pwq can be
++ * itself is also RCU protected so that the first pwq can be
+ * determined without grabbing wq->mutex.
+ */
+ struct work_struct unbound_release_work;
+@@ -321,6 +328,8 @@
+ struct workqueue_struct *system_freezable_power_efficient_wq __read_mostly;
+ EXPORT_SYMBOL_GPL(system_freezable_power_efficient_wq);
+
++static DEFINE_LOCAL_IRQ_LOCK(pendingb_lock);
++
+ static int worker_thread(void *__worker);
+ static void copy_workqueue_attrs(struct workqueue_attrs *to,
+ const struct workqueue_attrs *from);
+@@ -329,14 +338,14 @@
+ #include <trace/events/workqueue.h>
+
+ #define assert_rcu_or_pool_mutex() \
+- rcu_lockdep_assert(rcu_read_lock_sched_held() || \
++ rcu_lockdep_assert(rcu_read_lock_held() || \
+ lockdep_is_held(&wq_pool_mutex), \
+- "sched RCU or wq_pool_mutex should be held")
++ "RCU or wq_pool_mutex should be held")
+
+ #define assert_rcu_or_wq_mutex(wq) \
+- rcu_lockdep_assert(rcu_read_lock_sched_held() || \
++ rcu_lockdep_assert(rcu_read_lock_held() || \
+ lockdep_is_held(&wq->mutex), \
+- "sched RCU or wq->mutex should be held")
++ "RCU or wq->mutex should be held")
+
+ #define for_each_cpu_worker_pool(pool, cpu) \
+ for ((pool) = &per_cpu(cpu_worker_pools, cpu)[0]; \
+@@ -348,7 +357,7 @@
+ * @pool: iteration cursor
+ * @pi: integer used for iteration
+ *
+- * This must be called either with wq_pool_mutex held or sched RCU read
++ * This must be called either with wq_pool_mutex held or RCU read
+ * locked. If the pool needs to be used beyond the locking in effect, the
+ * caller is responsible for guaranteeing that the pool stays online.
+ *
+@@ -380,7 +389,7 @@
+ * @pwq: iteration cursor
+ * @wq: the target workqueue
+ *
+- * This must be called either with wq->mutex held or sched RCU read locked.
++ * This must be called either with wq->mutex held or RCU read locked.
+ * If the pwq needs to be used beyond the locking in effect, the caller is
+ * responsible for guaranteeing that the pwq stays online.
+ *
+@@ -392,6 +401,31 @@
+ if (({ assert_rcu_or_wq_mutex(wq); false; })) { } \
+ else
+
++#ifdef CONFIG_PREEMPT_RT_BASE
++static inline void rt_lock_idle_list(struct worker_pool *pool)
++{
++ preempt_disable();
++}
++static inline void rt_unlock_idle_list(struct worker_pool *pool)
++{
++ preempt_enable();
++}
++static inline void sched_lock_idle_list(struct worker_pool *pool) { }
++static inline void sched_unlock_idle_list(struct worker_pool *pool) { }
++#else
++static inline void rt_lock_idle_list(struct worker_pool *pool) { }
++static inline void rt_unlock_idle_list(struct worker_pool *pool) { }
++static inline void sched_lock_idle_list(struct worker_pool *pool)
++{
++ spin_lock_irq(&pool->lock);
++}
++static inline void sched_unlock_idle_list(struct worker_pool *pool)
++{
++ spin_unlock_irq(&pool->lock);
++}
++#endif
++
++
+ #ifdef CONFIG_DEBUG_OBJECTS_WORK
+
+ static struct debug_obj_descr work_debug_descr;
+@@ -542,7 +576,7 @@
+ * @wq: the target workqueue
+ * @node: the node ID
+ *
+- * This must be called either with pwq_lock held or sched RCU read locked.
++ * This must be called either with pwq_lock held or RCU read locked.
+ * If the pwq needs to be used beyond the locking in effect, the caller is
+ * responsible for guaranteeing that the pwq stays online.
+ *
+@@ -646,8 +680,8 @@
+ * @work: the work item of interest
+ *
+ * Pools are created and destroyed under wq_pool_mutex, and allows read
+- * access under sched-RCU read lock. As such, this function should be
+- * called under wq_pool_mutex or with preemption disabled.
++ * access under RCU read lock. As such, this function should be
++ * called under wq_pool_mutex or inside of a rcu_read_lock() region.
+ *
+ * All fields of the returned pool are accessible as long as the above
+ * mentioned locking is in effect. If the returned pool needs to be used
+@@ -784,51 +818,44 @@
+ */
+ static void wake_up_worker(struct worker_pool *pool)
+ {
+- struct worker *worker = first_idle_worker(pool);
++ struct worker *worker;
++
++ rt_lock_idle_list(pool);
++
++ worker = first_idle_worker(pool);
+
+ if (likely(worker))
+ wake_up_process(worker->task);
++
++ rt_unlock_idle_list(pool);
+ }
+
+ /**
+- * wq_worker_waking_up - a worker is waking up
+- * @task: task waking up
+- * @cpu: CPU @task is waking up to
+- *
+- * This function is called during try_to_wake_up() when a worker is
+- * being awoken.
++ * wq_worker_running - a worker is running again
++ * @task: task returning from sleep
+ *
+- * CONTEXT:
+- * spin_lock_irq(rq->lock)
++ * This function is called when a worker returns from schedule()
+ */
+-void wq_worker_waking_up(struct task_struct *task, int cpu)
++void wq_worker_running(struct task_struct *task)
+ {
+ struct worker *worker = kthread_data(task);
+
+- if (!(worker->flags & WORKER_NOT_RUNNING)) {
+- WARN_ON_ONCE(worker->pool->cpu != cpu);
++ if (!worker->sleeping)
++ return;
++ if (!(worker->flags & WORKER_NOT_RUNNING))
+ atomic_inc(&worker->pool->nr_running);
+- }
++ worker->sleeping = 0;
+ }
+
+ /**
+ * wq_worker_sleeping - a worker is going to sleep
+ * @task: task going to sleep
+- * @cpu: CPU in question, must be the current CPU number
+- *
+- * This function is called during schedule() when a busy worker is
+- * going to sleep. Worker on the same cpu can be woken up by
+- * returning pointer to its task.
+- *
+- * CONTEXT:
+- * spin_lock_irq(rq->lock)
+- *
+- * Return:
+- * Worker task on @cpu to wake up, %NULL if none.
++ * This function is called from schedule() when a busy worker is
++ * going to sleep.
+ */
+-struct task_struct *wq_worker_sleeping(struct task_struct *task, int cpu)
++void wq_worker_sleeping(struct task_struct *task)
+ {
+- struct worker *worker = kthread_data(task), *to_wakeup = NULL;
++ struct worker *worker = kthread_data(task);
+ struct worker_pool *pool;
+
+ /*
+@@ -837,29 +864,26 @@
+ * checking NOT_RUNNING.
+ */
+ if (worker->flags & WORKER_NOT_RUNNING)
+- return NULL;
++ return;
+
+ pool = worker->pool;
+
+- /* this can only happen on the local cpu */
+- if (WARN_ON_ONCE(cpu != raw_smp_processor_id() || pool->cpu != cpu))
+- return NULL;
++ if (WARN_ON_ONCE(worker->sleeping))
++ return;
++
++ worker->sleeping = 1;
+
+ /*
+ * The counterpart of the following dec_and_test, implied mb,
+ * worklist not empty test sequence is in insert_work().
+ * Please read comment there.
+- *
+- * NOT_RUNNING is clear. This means that we're bound to and
+- * running on the local cpu w/ rq lock held and preemption
+- * disabled, which in turn means that none else could be
+- * manipulating idle_list, so dereferencing idle_list without pool
+- * lock is safe.
+ */
+ if (atomic_dec_and_test(&pool->nr_running) &&
+- !list_empty(&pool->worklist))
+- to_wakeup = first_idle_worker(pool);
+- return to_wakeup ? to_wakeup->task : NULL;
++ !list_empty(&pool->worklist)) {
++ sched_lock_idle_list(pool);
++ wake_up_worker(pool);
++ sched_unlock_idle_list(pool);
++ }
+ }
+
+ /**
+@@ -1053,12 +1077,12 @@
+ {
+ if (pwq) {
+ /*
+- * As both pwqs and pools are sched-RCU protected, the
++ * As both pwqs and pools are RCU protected, the
+ * following lock operations are safe.
+ */
+- spin_lock_irq(&pwq->pool->lock);
++ local_spin_lock_irq(pendingb_lock, &pwq->pool->lock);
+ put_pwq(pwq);
+- spin_unlock_irq(&pwq->pool->lock);
++ local_spin_unlock_irq(pendingb_lock, &pwq->pool->lock);
+ }
+ }
+
+@@ -1160,7 +1184,7 @@
+ struct worker_pool *pool;
+ struct pool_workqueue *pwq;
+
+- local_irq_save(*flags);
++ local_lock_irqsave(pendingb_lock, *flags);
+
+ /* try to steal the timer if it exists */
+ if (is_dwork) {
+@@ -1179,6 +1203,7 @@
+ if (!test_and_set_bit(WORK_STRUCT_PENDING_BIT, work_data_bits(work)))
+ return 0;
+
++ rcu_read_lock();
+ /*
+ * The queueing is in progress, or it is already queued. Try to
+ * steal it from ->worklist without clearing WORK_STRUCT_PENDING.
+@@ -1217,14 +1242,16 @@
+ set_work_pool_and_keep_pending(work, pool->id);
+
+ spin_unlock(&pool->lock);
++ rcu_read_unlock();
+ return 1;
+ }
+ spin_unlock(&pool->lock);
+ fail:
+- local_irq_restore(*flags);
++ rcu_read_unlock();
++ local_unlock_irqrestore(pendingb_lock, *flags);
+ if (work_is_canceling(work))
+ return -ENOENT;
+- cpu_relax();
++ cpu_chill();
+ return -EAGAIN;
+ }
+
+@@ -1293,7 +1320,7 @@
+ * queued or lose PENDING. Grabbing PENDING and queueing should
+ * happen with IRQ disabled.
+ */
+- WARN_ON_ONCE(!irqs_disabled());
++ WARN_ON_ONCE_NONRT(!irqs_disabled());
+
+ debug_work_activate(work);
+
+@@ -1301,6 +1328,8 @@
+ if (unlikely(wq->flags & __WQ_DRAINING) &&
+ WARN_ON_ONCE(!is_chained_work(wq)))
+ return;
++
++ rcu_read_lock();
+ retry:
+ if (req_cpu == WORK_CPU_UNBOUND)
+ cpu = raw_smp_processor_id();
+@@ -1357,10 +1386,8 @@
+ /* pwq determined, queue */
+ trace_workqueue_queue_work(req_cpu, pwq, work);
+
+- if (WARN_ON(!list_empty(&work->entry))) {
+- spin_unlock(&pwq->pool->lock);
+- return;
+- }
++ if (WARN_ON(!list_empty(&work->entry)))
++ goto out;
+
+ pwq->nr_in_flight[pwq->work_color]++;
+ work_flags = work_color_to_flags(pwq->work_color);
+@@ -1376,7 +1403,9 @@
+
+ insert_work(pwq, work, worklist, work_flags);
+
++out:
+ spin_unlock(&pwq->pool->lock);
++ rcu_read_unlock();
+ }
+
+ /**
+@@ -1396,14 +1425,14 @@
+ bool ret = false;
+ unsigned long flags;
+
+- local_irq_save(flags);
++ local_lock_irqsave(pendingb_lock,flags);
+
+ if (!test_and_set_bit(WORK_STRUCT_PENDING_BIT, work_data_bits(work))) {
+ __queue_work(cpu, wq, work);
+ ret = true;
+ }
+
+- local_irq_restore(flags);
++ local_unlock_irqrestore(pendingb_lock, flags);
+ return ret;
+ }
+ EXPORT_SYMBOL(queue_work_on);
+@@ -1470,14 +1499,14 @@
+ unsigned long flags;
+
+ /* read the comment in __queue_work() */
+- local_irq_save(flags);
++ local_lock_irqsave(pendingb_lock, flags);
+
+ if (!test_and_set_bit(WORK_STRUCT_PENDING_BIT, work_data_bits(work))) {
+ __queue_delayed_work(cpu, wq, dwork, delay);
+ ret = true;
+ }
+
+- local_irq_restore(flags);
++ local_unlock_irqrestore(pendingb_lock, flags);
+ return ret;
+ }
+ EXPORT_SYMBOL(queue_delayed_work_on);
+@@ -1512,7 +1541,7 @@
+
+ if (likely(ret >= 0)) {
+ __queue_delayed_work(cpu, wq, dwork, delay);
+- local_irq_restore(flags);
++ local_unlock_irqrestore(pendingb_lock, flags);
+ }
+
+ /* -ENOENT from try_to_grab_pending() becomes %true */
+@@ -1545,7 +1574,9 @@
+ worker->last_active = jiffies;
+
+ /* idle_list is LIFO */
++ rt_lock_idle_list(pool);
+ list_add(&worker->entry, &pool->idle_list);
++ rt_unlock_idle_list(pool);
+
+ if (too_many_workers(pool) && !timer_pending(&pool->idle_timer))
+ mod_timer(&pool->idle_timer, jiffies + IDLE_WORKER_TIMEOUT);
+@@ -1578,7 +1609,9 @@
+ return;
+ worker_clr_flags(worker, WORKER_IDLE);
+ pool->nr_idle--;
++ rt_lock_idle_list(pool);
+ list_del_init(&worker->entry);
++ rt_unlock_idle_list(pool);
+ }
+
+ static struct worker *alloc_worker(int node)
+@@ -1746,7 +1779,9 @@
+ pool->nr_workers--;
+ pool->nr_idle--;
+
++ rt_lock_idle_list(pool);
+ list_del_init(&worker->entry);
++ rt_unlock_idle_list(pool);
+ worker->flags |= WORKER_DIE;
+ wake_up_process(worker->task);
+ }
+@@ -2641,14 +2676,14 @@
+
+ might_sleep();
+
+- local_irq_disable();
++ rcu_read_lock();
+ pool = get_work_pool(work);
+ if (!pool) {
+- local_irq_enable();
++ rcu_read_unlock();
+ return false;
+ }
+
+- spin_lock(&pool->lock);
++ spin_lock_irq(&pool->lock);
+ /* see the comment in try_to_grab_pending() with the same code */
+ pwq = get_work_pwq(work);
+ if (pwq) {
+@@ -2675,10 +2710,11 @@
+ else
+ lock_map_acquire_read(&pwq->wq->lockdep_map);
+ lock_map_release(&pwq->wq->lockdep_map);
+-
++ rcu_read_unlock();
+ return true;
+ already_gone:
+ spin_unlock_irq(&pool->lock);
++ rcu_read_unlock();
+ return false;
+ }
+
+@@ -2727,7 +2763,7 @@
+
+ /* tell other tasks trying to grab @work to back off */
+ mark_work_canceling(work);
+- local_irq_restore(flags);
++ local_unlock_irqrestore(pendingb_lock, flags);
+
+ flush_work(work);
+ clear_work_data(work);
+@@ -2772,10 +2808,10 @@
+ */
+ bool flush_delayed_work(struct delayed_work *dwork)
+ {
+- local_irq_disable();
++ local_lock_irq(pendingb_lock);
+ if (del_timer_sync(&dwork->timer))
+ __queue_work(dwork->cpu, dwork->wq, &dwork->work);
+- local_irq_enable();
++ local_unlock_irq(pendingb_lock);
+ return flush_work(&dwork->work);
+ }
+ EXPORT_SYMBOL(flush_delayed_work);
+@@ -2810,7 +2846,7 @@
+
+ set_work_pool_and_clear_pending(&dwork->work,
+ get_work_pool_id(&dwork->work));
+- local_irq_restore(flags);
++ local_unlock_irqrestore(pendingb_lock, flags);
+ return ret;
+ }
+ EXPORT_SYMBOL(cancel_delayed_work);
+@@ -2996,7 +3032,8 @@
+ const char *delim = "";
+ int node, written = 0;
+
+- rcu_read_lock_sched();
++ get_online_cpus();
++ rcu_read_lock();
+ for_each_node(node) {
+ written += scnprintf(buf + written, PAGE_SIZE - written,
+ "%s%d:%d", delim, node,
+@@ -3004,7 +3041,8 @@
+ delim = " ";
+ }
+ written += scnprintf(buf + written, PAGE_SIZE - written, "\n");
+- rcu_read_unlock_sched();
++ rcu_read_unlock();
++ put_online_cpus();
+
+ return written;
+ }
+@@ -3372,7 +3410,7 @@
+ * put_unbound_pool - put a worker_pool
+ * @pool: worker_pool to put
+ *
+- * Put @pool. If its refcnt reaches zero, it gets destroyed in sched-RCU
++ * Put @pool. If its refcnt reaches zero, it gets destroyed in RCU
+ * safe manner. get_unbound_pool() calls this function on its failure path
+ * and this function should be able to release pools which went through,
+ * successfully or not, init_worker_pool().
+@@ -3426,8 +3464,8 @@
+ del_timer_sync(&pool->idle_timer);
+ del_timer_sync(&pool->mayday_timer);
+
+- /* sched-RCU protected to allow dereferences from get_work_pool() */
+- call_rcu_sched(&pool->rcu, rcu_free_pool);
++ /* RCU protected to allow dereferences from get_work_pool() */
++ call_rcu(&pool->rcu, rcu_free_pool);
+ }
+
+ /**
+@@ -3532,7 +3570,7 @@
+ put_unbound_pool(pool);
+ mutex_unlock(&wq_pool_mutex);
+
+- call_rcu_sched(&pwq->rcu, rcu_free_pwq);
++ call_rcu(&pwq->rcu, rcu_free_pwq);
+
+ /*
+ * If we're the last pwq going away, @wq is already dead and no one
+@@ -4244,7 +4282,8 @@
+ struct pool_workqueue *pwq;
+ bool ret;
+
+- rcu_read_lock_sched();
++ rcu_read_lock();
++ preempt_disable();
+
+ if (cpu == WORK_CPU_UNBOUND)
+ cpu = smp_processor_id();
+@@ -4255,7 +4294,8 @@
+ pwq = unbound_pwq_by_node(wq, cpu_to_node(cpu));
+
+ ret = !list_empty(&pwq->delayed_works);
+- rcu_read_unlock_sched();
++ preempt_enable();
++ rcu_read_unlock();
+
+ return ret;
+ }
+@@ -4281,16 +4321,15 @@
+ if (work_pending(work))
+ ret |= WORK_BUSY_PENDING;
+
+- local_irq_save(flags);
++ rcu_read_lock();
+ pool = get_work_pool(work);
+ if (pool) {
+- spin_lock(&pool->lock);
++ spin_lock_irqsave(&pool->lock, flags);
+ if (find_worker_executing_work(pool, work))
+ ret |= WORK_BUSY_RUNNING;
+- spin_unlock(&pool->lock);
++ spin_unlock_irqrestore(&pool->lock, flags);
+ }
+- local_irq_restore(flags);
+-
++ rcu_read_unlock();
+ return ret;
+ }
+ EXPORT_SYMBOL_GPL(work_busy);
+@@ -4719,16 +4758,16 @@
+ * nr_active is monotonically decreasing. It's safe
+ * to peek without lock.
+ */
+- rcu_read_lock_sched();
++ rcu_read_lock();
+ for_each_pwq(pwq, wq) {
+ WARN_ON_ONCE(pwq->nr_active < 0);
+ if (pwq->nr_active) {
+ busy = true;
+- rcu_read_unlock_sched();
++ rcu_read_unlock();
+ goto out_unlock;
+ }
+ }
+- rcu_read_unlock_sched();
++ rcu_read_unlock();
+ }
+ out_unlock:
+ mutex_unlock(&wq_pool_mutex);
+diff -Nur linux-3.18.9.orig/kernel/workqueue_internal.h linux-3.18.9/kernel/workqueue_internal.h
+--- linux-3.18.9.orig/kernel/workqueue_internal.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/kernel/workqueue_internal.h 2015-03-15 16:03:03.864094875 -0500
+@@ -43,6 +43,7 @@
+ unsigned long last_active; /* L: last active timestamp */
+ unsigned int flags; /* X: flags */
+ int id; /* I: worker id */
++ int sleeping; /* None */
+
+ /*
+ * Opaque string set with work_set_desc(). Printed out with task
+@@ -68,7 +69,7 @@
+ * Scheduler hooks for concurrency managed workqueue. Only to be used from
+ * sched/core.c and workqueue.c.
+ */
+-void wq_worker_waking_up(struct task_struct *task, int cpu);
+-struct task_struct *wq_worker_sleeping(struct task_struct *task, int cpu);
++void wq_worker_running(struct task_struct *task);
++void wq_worker_sleeping(struct task_struct *task);
+
+ #endif /* _KERNEL_WORKQUEUE_INTERNAL_H */
+diff -Nur linux-3.18.9.orig/lib/debugobjects.c linux-3.18.9/lib/debugobjects.c
+--- linux-3.18.9.orig/lib/debugobjects.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/lib/debugobjects.c 2015-03-15 16:03:03.864094875 -0500
+@@ -309,7 +309,10 @@
+ struct debug_obj *obj;
+ unsigned long flags;
+
+- fill_pool();
++#ifdef CONFIG_PREEMPT_RT_FULL
++ if (preempt_count() == 0 && !irqs_disabled())
++#endif
++ fill_pool();
+
+ db = get_bucket((unsigned long) addr);
+
+diff -Nur linux-3.18.9.orig/lib/idr.c linux-3.18.9/lib/idr.c
+--- linux-3.18.9.orig/lib/idr.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/lib/idr.c 2015-03-15 16:03:03.868094875 -0500
+@@ -31,6 +31,7 @@
+ #include <linux/spinlock.h>
+ #include <linux/percpu.h>
+ #include <linux/hardirq.h>
++#include <linux/locallock.h>
+
+ #define MAX_IDR_SHIFT (sizeof(int) * 8 - 1)
+ #define MAX_IDR_BIT (1U << MAX_IDR_SHIFT)
+@@ -367,6 +368,35 @@
+ idr_mark_full(pa, id);
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++static DEFINE_LOCAL_IRQ_LOCK(idr_lock);
++
++static inline void idr_preload_lock(void)
++{
++ local_lock(idr_lock);
++}
++
++static inline void idr_preload_unlock(void)
++{
++ local_unlock(idr_lock);
++}
++
++void idr_preload_end(void)
++{
++ idr_preload_unlock();
++}
++EXPORT_SYMBOL(idr_preload_end);
++#else
++static inline void idr_preload_lock(void)
++{
++ preempt_disable();
++}
++
++static inline void idr_preload_unlock(void)
++{
++ preempt_enable();
++}
++#endif
+
+ /**
+ * idr_preload - preload for idr_alloc()
+@@ -402,7 +432,7 @@
+ WARN_ON_ONCE(in_interrupt());
+ might_sleep_if(gfp_mask & __GFP_WAIT);
+
+- preempt_disable();
++ idr_preload_lock();
+
+ /*
+ * idr_alloc() is likely to succeed w/o full idr_layer buffer and
+@@ -414,9 +444,9 @@
+ while (__this_cpu_read(idr_preload_cnt) < MAX_IDR_FREE) {
+ struct idr_layer *new;
+
+- preempt_enable();
++ idr_preload_unlock();
+ new = kmem_cache_zalloc(idr_layer_cache, gfp_mask);
+- preempt_disable();
++ idr_preload_lock();
+ if (!new)
+ break;
+
+diff -Nur linux-3.18.9.orig/lib/Kconfig linux-3.18.9/lib/Kconfig
+--- linux-3.18.9.orig/lib/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/lib/Kconfig 2015-03-15 16:03:03.868094875 -0500
+@@ -383,6 +383,7 @@
+
+ config CPUMASK_OFFSTACK
+ bool "Force CPU masks off stack" if DEBUG_PER_CPU_MAPS
++ depends on !PREEMPT_RT_FULL
+ help
+ Use dynamic allocation for cpumask_var_t, instead of putting
+ them on the stack. This is a bit more expensive, but avoids
+diff -Nur linux-3.18.9.orig/lib/Kconfig.debug linux-3.18.9/lib/Kconfig.debug
+--- linux-3.18.9.orig/lib/Kconfig.debug 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/lib/Kconfig.debug 2015-03-15 16:03:03.868094875 -0500
+@@ -639,7 +639,7 @@
+
+ config DEBUG_SHIRQ
+ bool "Debug shared IRQ handlers"
+- depends on DEBUG_KERNEL
++ depends on DEBUG_KERNEL && !PREEMPT_RT_BASE
+ help
+ Enable this to generate a spurious interrupt as soon as a shared
+ interrupt handler is registered, and just before one is deregistered.
+diff -Nur linux-3.18.9.orig/lib/locking-selftest.c linux-3.18.9/lib/locking-selftest.c
+--- linux-3.18.9.orig/lib/locking-selftest.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/lib/locking-selftest.c 2015-03-15 16:03:03.868094875 -0500
+@@ -1858,6 +1858,7 @@
+
+ printk(" --------------------------------------------------------------------------\n");
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ /*
+ * irq-context testcases:
+ */
+@@ -1870,6 +1871,28 @@
+
+ DO_TESTCASE_6x2("irq read-recursion", irq_read_recursion);
+ // DO_TESTCASE_6x2B("irq read-recursion #2", irq_read_recursion2);
++#else
++ /* On -rt, we only do hardirq context test for raw spinlock */
++ DO_TESTCASE_1B("hard-irqs-on + irq-safe-A", irqsafe1_hard_spin, 12);
++ DO_TESTCASE_1B("hard-irqs-on + irq-safe-A", irqsafe1_hard_spin, 21);
++
++ DO_TESTCASE_1B("hard-safe-A + irqs-on", irqsafe2B_hard_spin, 12);
++ DO_TESTCASE_1B("hard-safe-A + irqs-on", irqsafe2B_hard_spin, 21);
++
++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #1", irqsafe3_hard_spin, 123);
++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #1", irqsafe3_hard_spin, 132);
++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #1", irqsafe3_hard_spin, 213);
++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #1", irqsafe3_hard_spin, 231);
++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #1", irqsafe3_hard_spin, 312);
++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #1", irqsafe3_hard_spin, 321);
++
++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #2", irqsafe4_hard_spin, 123);
++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #2", irqsafe4_hard_spin, 132);
++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #2", irqsafe4_hard_spin, 213);
++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #2", irqsafe4_hard_spin, 231);
++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #2", irqsafe4_hard_spin, 312);
++ DO_TESTCASE_1B("hard-safe-A + unsafe-B #2", irqsafe4_hard_spin, 321);
++#endif
+
+ ww_tests();
+
+diff -Nur linux-3.18.9.orig/lib/percpu_ida.c linux-3.18.9/lib/percpu_ida.c
+--- linux-3.18.9.orig/lib/percpu_ida.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/lib/percpu_ida.c 2015-03-15 16:03:03.868094875 -0500
+@@ -29,6 +29,9 @@
+ #include <linux/string.h>
+ #include <linux/spinlock.h>
+ #include <linux/percpu_ida.h>
++#include <linux/locallock.h>
++
++static DEFINE_LOCAL_IRQ_LOCK(irq_off_lock);
+
+ struct percpu_ida_cpu {
+ /*
+@@ -151,13 +154,13 @@
+ unsigned long flags;
+ int tag;
+
+- local_irq_save(flags);
++ local_lock_irqsave(irq_off_lock, flags);
+ tags = this_cpu_ptr(pool->tag_cpu);
+
+ /* Fastpath */
+ tag = alloc_local_tag(tags);
+ if (likely(tag >= 0)) {
+- local_irq_restore(flags);
++ local_unlock_irqrestore(irq_off_lock, flags);
+ return tag;
+ }
+
+@@ -176,6 +179,7 @@
+
+ if (!tags->nr_free)
+ alloc_global_tags(pool, tags);
++
+ if (!tags->nr_free)
+ steal_tags(pool, tags);
+
+@@ -187,7 +191,7 @@
+ }
+
+ spin_unlock(&pool->lock);
+- local_irq_restore(flags);
++ local_unlock_irqrestore(irq_off_lock, flags);
+
+ if (tag >= 0 || state == TASK_RUNNING)
+ break;
+@@ -199,7 +203,7 @@
+
+ schedule();
+
+- local_irq_save(flags);
++ local_lock_irqsave(irq_off_lock, flags);
+ tags = this_cpu_ptr(pool->tag_cpu);
+ }
+ if (state != TASK_RUNNING)
+@@ -224,7 +228,7 @@
+
+ BUG_ON(tag >= pool->nr_tags);
+
+- local_irq_save(flags);
++ local_lock_irqsave(irq_off_lock, flags);
+ tags = this_cpu_ptr(pool->tag_cpu);
+
+ spin_lock(&tags->lock);
+@@ -256,7 +260,7 @@
+ spin_unlock(&pool->lock);
+ }
+
+- local_irq_restore(flags);
++ local_unlock_irqrestore(irq_off_lock, flags);
+ }
+ EXPORT_SYMBOL_GPL(percpu_ida_free);
+
+@@ -348,7 +352,7 @@
+ struct percpu_ida_cpu *remote;
+ unsigned cpu, i, err = 0;
+
+- local_irq_save(flags);
++ local_lock_irqsave(irq_off_lock, flags);
+ for_each_possible_cpu(cpu) {
+ remote = per_cpu_ptr(pool->tag_cpu, cpu);
+ spin_lock(&remote->lock);
+@@ -370,7 +374,7 @@
+ }
+ spin_unlock(&pool->lock);
+ out:
+- local_irq_restore(flags);
++ local_unlock_irqrestore(irq_off_lock, flags);
+ return err;
+ }
+ EXPORT_SYMBOL_GPL(percpu_ida_for_each_free);
+diff -Nur linux-3.18.9.orig/lib/radix-tree.c linux-3.18.9/lib/radix-tree.c
+--- linux-3.18.9.orig/lib/radix-tree.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/lib/radix-tree.c 2015-03-15 16:03:03.868094875 -0500
+@@ -195,12 +195,13 @@
+ * succeed in getting a node here (and never reach
+ * kmem_cache_alloc)
+ */
+- rtp = this_cpu_ptr(&radix_tree_preloads);
++ rtp = &get_cpu_var(radix_tree_preloads);
+ if (rtp->nr) {
+ ret = rtp->nodes[rtp->nr - 1];
+ rtp->nodes[rtp->nr - 1] = NULL;
+ rtp->nr--;
+ }
++ put_cpu_var(radix_tree_preloads);
+ /*
+ * Update the allocation stack trace as this is more useful
+ * for debugging.
+@@ -240,6 +241,7 @@
+ call_rcu(&node->rcu_head, radix_tree_node_rcu_free);
+ }
+
++#ifndef CONFIG_PREEMPT_RT_FULL
+ /*
+ * Load up this CPU's radix_tree_node buffer with sufficient objects to
+ * ensure that the addition of a single element in the tree cannot fail. On
+@@ -305,6 +307,7 @@
+ return 0;
+ }
+ EXPORT_SYMBOL(radix_tree_maybe_preload);
++#endif
+
+ /*
+ * Return the maximum key which can be store into a
+diff -Nur linux-3.18.9.orig/lib/scatterlist.c linux-3.18.9/lib/scatterlist.c
+--- linux-3.18.9.orig/lib/scatterlist.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/lib/scatterlist.c 2015-03-15 16:03:03.868094875 -0500
+@@ -592,7 +592,7 @@
+ flush_kernel_dcache_page(miter->page);
+
+ if (miter->__flags & SG_MITER_ATOMIC) {
+- WARN_ON_ONCE(preemptible());
++ WARN_ON_ONCE(!pagefault_disabled());
+ kunmap_atomic(miter->addr);
+ } else
+ kunmap(miter->page);
+@@ -637,7 +637,7 @@
+ if (!sg_miter_skip(&miter, skip))
+ return false;
+
+- local_irq_save(flags);
++ local_irq_save_nort(flags);
+
+ while (sg_miter_next(&miter) && offset < buflen) {
+ unsigned int len;
+@@ -654,7 +654,7 @@
+
+ sg_miter_stop(&miter);
+
+- local_irq_restore(flags);
++ local_irq_restore_nort(flags);
+ return offset;
+ }
+
+diff -Nur linux-3.18.9.orig/lib/smp_processor_id.c linux-3.18.9/lib/smp_processor_id.c
+--- linux-3.18.9.orig/lib/smp_processor_id.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/lib/smp_processor_id.c 2015-03-15 16:03:03.868094875 -0500
+@@ -39,8 +39,9 @@
+ if (!printk_ratelimit())
+ goto out_enable;
+
+- printk(KERN_ERR "BUG: using %s%s() in preemptible [%08x] code: %s/%d\n",
+- what1, what2, preempt_count() - 1, current->comm, current->pid);
++ printk(KERN_ERR "BUG: using %s%s() in preemptible [%08x %08x] code: %s/%d\n",
++ what1, what2, preempt_count() - 1, __migrate_disabled(current),
++ current->comm, current->pid);
+
+ print_symbol("caller is %s\n", (long)__builtin_return_address(0));
+ dump_stack();
+diff -Nur linux-3.18.9.orig/mm/filemap.c linux-3.18.9/mm/filemap.c
+--- linux-3.18.9.orig/mm/filemap.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/filemap.c 2015-03-15 16:03:03.868094875 -0500
+@@ -168,7 +168,9 @@
+ if (!workingset_node_pages(node) &&
+ list_empty(&node->private_list)) {
+ node->private_data = mapping;
+- list_lru_add(&workingset_shadow_nodes, &node->private_list);
++ local_lock(workingset_shadow_lock);
++ list_lru_add(&__workingset_shadow_nodes, &node->private_list);
++ local_unlock(workingset_shadow_lock);
+ }
+ }
+
+@@ -535,9 +537,12 @@
+ * node->private_list is protected by
+ * mapping->tree_lock.
+ */
+- if (!list_empty(&node->private_list))
+- list_lru_del(&workingset_shadow_nodes,
++ if (!list_empty(&node->private_list)) {
++ local_lock(workingset_shadow_lock);
++ list_lru_del(&__workingset_shadow_nodes,
+ &node->private_list);
++ local_unlock(workingset_shadow_lock);
++ }
+ }
+ return 0;
+ }
+diff -Nur linux-3.18.9.orig/mm/highmem.c linux-3.18.9/mm/highmem.c
+--- linux-3.18.9.orig/mm/highmem.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/highmem.c 2015-03-15 16:03:03.868094875 -0500
+@@ -29,10 +29,11 @@
+ #include <linux/kgdb.h>
+ #include <asm/tlbflush.h>
+
+-
++#ifndef CONFIG_PREEMPT_RT_FULL
+ #if defined(CONFIG_HIGHMEM) || defined(CONFIG_X86_32)
+ DEFINE_PER_CPU(int, __kmap_atomic_idx);
+ #endif
++#endif
+
+ /*
+ * Virtual_count is not a pure "count".
+@@ -107,8 +108,9 @@
+ unsigned long totalhigh_pages __read_mostly;
+ EXPORT_SYMBOL(totalhigh_pages);
+
+-
++#ifndef CONFIG_PREEMPT_RT_FULL
+ EXPORT_PER_CPU_SYMBOL(__kmap_atomic_idx);
++#endif
+
+ unsigned int nr_free_highpages (void)
+ {
+diff -Nur linux-3.18.9.orig/mm/Kconfig linux-3.18.9/mm/Kconfig
+--- linux-3.18.9.orig/mm/Kconfig 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/Kconfig 2015-03-15 16:03:03.872094875 -0500
+@@ -408,7 +408,7 @@
+
+ config TRANSPARENT_HUGEPAGE
+ bool "Transparent Hugepage Support"
+- depends on HAVE_ARCH_TRANSPARENT_HUGEPAGE
++ depends on HAVE_ARCH_TRANSPARENT_HUGEPAGE && !PREEMPT_RT_FULL
+ select COMPACTION
+ help
+ Transparent Hugepages allows the kernel to use huge pages and
+diff -Nur linux-3.18.9.orig/mm/memcontrol.c linux-3.18.9/mm/memcontrol.c
+--- linux-3.18.9.orig/mm/memcontrol.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/memcontrol.c 2015-03-15 16:03:03.872094875 -0500
+@@ -60,6 +60,8 @@
+ #include <net/sock.h>
+ #include <net/ip.h>
+ #include <net/tcp_memcontrol.h>
++#include <linux/locallock.h>
++
+ #include "slab.h"
+
+ #include <asm/uaccess.h>
+@@ -87,6 +89,7 @@
+ #define do_swap_account 0
+ #endif
+
++static DEFINE_LOCAL_IRQ_LOCK(event_lock);
+
+ static const char * const mem_cgroup_stat_names[] = {
+ "cache",
+@@ -2376,14 +2379,17 @@
+ */
+ static void refill_stock(struct mem_cgroup *memcg, unsigned int nr_pages)
+ {
+- struct memcg_stock_pcp *stock = &get_cpu_var(memcg_stock);
++ struct memcg_stock_pcp *stock;
++ int cpu = get_cpu_light();
++
++ stock = &per_cpu(memcg_stock, cpu);
+
+ if (stock->cached != memcg) { /* reset if necessary */
+ drain_stock(stock);
+ stock->cached = memcg;
+ }
+ stock->nr_pages += nr_pages;
+- put_cpu_var(memcg_stock);
++ put_cpu_light();
+ }
+
+ /*
+@@ -2397,7 +2403,7 @@
+
+ /* Notify other cpus that system-wide "drain" is running */
+ get_online_cpus();
+- curcpu = get_cpu();
++ curcpu = get_cpu_light();
+ for_each_online_cpu(cpu) {
+ struct memcg_stock_pcp *stock = &per_cpu(memcg_stock, cpu);
+ struct mem_cgroup *memcg;
+@@ -2414,7 +2420,7 @@
+ schedule_work_on(cpu, &stock->work);
+ }
+ }
+- put_cpu();
++ put_cpu_light();
+
+ if (!sync)
+ goto out;
+@@ -3419,12 +3425,12 @@
+ move_unlock_mem_cgroup(from, &flags);
+ ret = 0;
+
+- local_irq_disable();
++ local_lock_irq(event_lock);
+ mem_cgroup_charge_statistics(to, page, nr_pages);
+ memcg_check_events(to, page);
+ mem_cgroup_charge_statistics(from, page, -nr_pages);
+ memcg_check_events(from, page);
+- local_irq_enable();
++ local_unlock_irq(event_lock);
+ out_unlock:
+ unlock_page(page);
+ out:
+@@ -6406,10 +6412,10 @@
+ VM_BUG_ON_PAGE(!PageTransHuge(page), page);
+ }
+
+- local_irq_disable();
++ local_lock_irq(event_lock);
+ mem_cgroup_charge_statistics(memcg, page, nr_pages);
+ memcg_check_events(memcg, page);
+- local_irq_enable();
++ local_unlock_irq(event_lock);
+
+ if (do_swap_account && PageSwapCache(page)) {
+ swp_entry_t entry = { .val = page_private(page) };
+@@ -6468,14 +6474,14 @@
+ memcg_oom_recover(memcg);
+ }
+
+- local_irq_save(flags);
++ local_lock_irqsave(event_lock, flags);
+ __this_cpu_sub(memcg->stat->count[MEM_CGROUP_STAT_RSS], nr_anon);
+ __this_cpu_sub(memcg->stat->count[MEM_CGROUP_STAT_CACHE], nr_file);
+ __this_cpu_sub(memcg->stat->count[MEM_CGROUP_STAT_RSS_HUGE], nr_huge);
+ __this_cpu_add(memcg->stat->events[MEM_CGROUP_EVENTS_PGPGOUT], pgpgout);
+ __this_cpu_add(memcg->stat->nr_page_events, nr_anon + nr_file);
+ memcg_check_events(memcg, dummy_page);
+- local_irq_restore(flags);
++ local_unlock_irqrestore(event_lock, flags);
+ }
+
+ static void uncharge_list(struct list_head *page_list)
+diff -Nur linux-3.18.9.orig/mm/memory.c linux-3.18.9/mm/memory.c
+--- linux-3.18.9.orig/mm/memory.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/memory.c 2015-03-15 16:03:03.872094875 -0500
+@@ -3258,6 +3258,32 @@
+ return 0;
+ }
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++void pagefault_disable(void)
++{
++ migrate_disable();
++ current->pagefault_disabled++;
++ /*
++ * make sure to have issued the store before a pagefault
++ * can hit.
++ */
++ barrier();
++}
++EXPORT_SYMBOL(pagefault_disable);
++
++void pagefault_enable(void)
++{
++ /*
++ * make sure to issue those last loads/stores before enabling
++ * the pagefault handler again.
++ */
++ barrier();
++ current->pagefault_disabled--;
++ migrate_enable();
++}
++EXPORT_SYMBOL(pagefault_enable);
++#endif
++
+ /*
+ * By the time we get here, we already hold the mm semaphore
+ *
+diff -Nur linux-3.18.9.orig/mm/mmu_context.c linux-3.18.9/mm/mmu_context.c
+--- linux-3.18.9.orig/mm/mmu_context.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/mmu_context.c 2015-03-15 16:03:03.872094875 -0500
+@@ -23,6 +23,7 @@
+ struct task_struct *tsk = current;
+
+ task_lock(tsk);
++ preempt_disable_rt();
+ active_mm = tsk->active_mm;
+ if (active_mm != mm) {
+ atomic_inc(&mm->mm_count);
+@@ -30,6 +31,7 @@
+ }
+ tsk->mm = mm;
+ switch_mm(active_mm, mm, tsk);
++ preempt_enable_rt();
+ task_unlock(tsk);
+ #ifdef finish_arch_post_lock_switch
+ finish_arch_post_lock_switch();
+diff -Nur linux-3.18.9.orig/mm/page_alloc.c linux-3.18.9/mm/page_alloc.c
+--- linux-3.18.9.orig/mm/page_alloc.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/page_alloc.c 2015-03-15 16:03:03.872094875 -0500
+@@ -59,6 +59,7 @@
+ #include <linux/page-debug-flags.h>
+ #include <linux/hugetlb.h>
+ #include <linux/sched/rt.h>
++#include <linux/locallock.h>
+
+ #include <asm/sections.h>
+ #include <asm/tlbflush.h>
+@@ -230,6 +231,18 @@
+ EXPORT_SYMBOL(nr_online_nodes);
+ #endif
+
++static DEFINE_LOCAL_IRQ_LOCK(pa_lock);
++
++#ifdef CONFIG_PREEMPT_RT_BASE
++# define cpu_lock_irqsave(cpu, flags) \
++ local_lock_irqsave_on(pa_lock, flags, cpu)
++# define cpu_unlock_irqrestore(cpu, flags) \
++ local_unlock_irqrestore_on(pa_lock, flags, cpu)
++#else
++# define cpu_lock_irqsave(cpu, flags) local_irq_save(flags)
++# define cpu_unlock_irqrestore(cpu, flags) local_irq_restore(flags)
++#endif
++
+ int page_group_by_mobility_disabled __read_mostly;
+
+ void set_pageblock_migratetype(struct page *page, int migratetype)
+@@ -654,7 +667,7 @@
+ }
+
+ /*
+- * Frees a number of pages from the PCP lists
++ * Frees a number of pages which have been collected from the pcp lists.
+ * Assumes all pages on list are in same zone, and of same order.
+ * count is the number of pages to free.
+ *
+@@ -665,18 +678,51 @@
+ * pinned" detection logic.
+ */
+ static void free_pcppages_bulk(struct zone *zone, int count,
+- struct per_cpu_pages *pcp)
++ struct list_head *list)
+ {
+- int migratetype = 0;
+- int batch_free = 0;
+ int to_free = count;
+ unsigned long nr_scanned;
++ unsigned long flags;
++
++ spin_lock_irqsave(&zone->lock, flags);
+
+- spin_lock(&zone->lock);
+ nr_scanned = zone_page_state(zone, NR_PAGES_SCANNED);
+ if (nr_scanned)
+ __mod_zone_page_state(zone, NR_PAGES_SCANNED, -nr_scanned);
+
++ while (!list_empty(list)) {
++ struct page *page = list_first_entry(list, struct page, lru);
++ int mt; /* migratetype of the to-be-freed page */
++
++ /* must delete as __free_one_page list manipulates */
++ list_del(&page->lru);
++
++ mt = get_freepage_migratetype(page);
++ if (unlikely(has_isolate_pageblock(zone)))
++ mt = get_pageblock_migratetype(page);
++
++ /* MIGRATE_MOVABLE list may include MIGRATE_RESERVEs */
++ __free_one_page(page, page_to_pfn(page), zone, 0, mt);
++ trace_mm_page_pcpu_drain(page, 0, mt);
++ to_free--;
++ }
++ WARN_ON(to_free != 0);
++ spin_unlock_irqrestore(&zone->lock, flags);
++}
++
++/*
++ * Moves a number of pages from the PCP lists to free list which
++ * is freed outside of the locked region.
++ *
++ * Assumes all pages on list are in same zone, and of same order.
++ * count is the number of pages to free.
++ */
++static void isolate_pcp_pages(int to_free, struct per_cpu_pages *src,
++ struct list_head *dst)
++{
++ int migratetype = 0;
++ int batch_free = 0;
++
+ while (to_free) {
+ struct page *page;
+ struct list_head *list;
+@@ -692,7 +738,7 @@
+ batch_free++;
+ if (++migratetype == MIGRATE_PCPTYPES)
+ migratetype = 0;
+- list = &pcp->lists[migratetype];
++ list = &src->lists[migratetype];
+ } while (list_empty(list));
+
+ /* This is the only non-empty list. Free them all. */
+@@ -700,21 +746,11 @@
+ batch_free = to_free;
+
+ do {
+- int mt; /* migratetype of the to-be-freed page */
+-
+- page = list_entry(list->prev, struct page, lru);
+- /* must delete as __free_one_page list manipulates */
++ page = list_last_entry(list, struct page, lru);
+ list_del(&page->lru);
+- mt = get_freepage_migratetype(page);
+- if (unlikely(has_isolate_pageblock(zone)))
+- mt = get_pageblock_migratetype(page);
+-
+- /* MIGRATE_MOVABLE list may include MIGRATE_RESERVEs */
+- __free_one_page(page, page_to_pfn(page), zone, 0, mt);
+- trace_mm_page_pcpu_drain(page, 0, mt);
++ list_add(&page->lru, dst);
+ } while (--to_free && --batch_free && !list_empty(list));
+ }
+- spin_unlock(&zone->lock);
+ }
+
+ static void free_one_page(struct zone *zone,
+@@ -723,7 +759,9 @@
+ int migratetype)
+ {
+ unsigned long nr_scanned;
+- spin_lock(&zone->lock);
++ unsigned long flags;
++
++ spin_lock_irqsave(&zone->lock, flags);
+ nr_scanned = zone_page_state(zone, NR_PAGES_SCANNED);
+ if (nr_scanned)
+ __mod_zone_page_state(zone, NR_PAGES_SCANNED, -nr_scanned);
+@@ -733,7 +771,7 @@
+ migratetype = get_pfnblock_migratetype(page, pfn);
+ }
+ __free_one_page(page, pfn, zone, order, migratetype);
+- spin_unlock(&zone->lock);
++ spin_unlock_irqrestore(&zone->lock, flags);
+ }
+
+ static bool free_pages_prepare(struct page *page, unsigned int order)
+@@ -773,11 +811,11 @@
+ return;
+
+ migratetype = get_pfnblock_migratetype(page, pfn);
+- local_irq_save(flags);
++ local_lock_irqsave(pa_lock, flags);
+ __count_vm_events(PGFREE, 1 << order);
+ set_freepage_migratetype(page, migratetype);
+ free_one_page(page_zone(page), page, pfn, order, migratetype);
+- local_irq_restore(flags);
++ local_unlock_irqrestore(pa_lock, flags);
+ }
+
+ void __init __free_pages_bootmem(struct page *page, unsigned int order)
+@@ -1253,16 +1291,18 @@
+ void drain_zone_pages(struct zone *zone, struct per_cpu_pages *pcp)
+ {
+ unsigned long flags;
++ LIST_HEAD(dst);
+ int to_drain, batch;
+
+- local_irq_save(flags);
++ local_lock_irqsave(pa_lock, flags);
+ batch = ACCESS_ONCE(pcp->batch);
+ to_drain = min(pcp->count, batch);
+ if (to_drain > 0) {
+- free_pcppages_bulk(zone, to_drain, pcp);
++ isolate_pcp_pages(to_drain, pcp, &dst);
+ pcp->count -= to_drain;
+ }
+- local_irq_restore(flags);
++ local_unlock_irqrestore(pa_lock, flags);
++ free_pcppages_bulk(zone, to_drain, &dst);
+ }
+ #endif
+
+@@ -1281,16 +1321,21 @@
+ for_each_populated_zone(zone) {
+ struct per_cpu_pageset *pset;
+ struct per_cpu_pages *pcp;
++ LIST_HEAD(dst);
++ int count;
+
+- local_irq_save(flags);
++ cpu_lock_irqsave(cpu, flags);
+ pset = per_cpu_ptr(zone->pageset, cpu);
+
+ pcp = &pset->pcp;
+- if (pcp->count) {
+- free_pcppages_bulk(zone, pcp->count, pcp);
++ count = pcp->count;
++ if (count) {
++ isolate_pcp_pages(count, pcp, &dst);
+ pcp->count = 0;
+ }
+- local_irq_restore(flags);
++ cpu_unlock_irqrestore(cpu, flags);
++ if (count)
++ free_pcppages_bulk(zone, count, &dst);
+ }
+ }
+
+@@ -1343,7 +1388,12 @@
+ else
+ cpumask_clear_cpu(cpu, &cpus_with_pcps);
+ }
++#ifndef CONFIG_PREEMPT_RT_BASE
+ on_each_cpu_mask(&cpus_with_pcps, drain_local_pages, NULL, 1);
++#else
++ for_each_cpu(cpu, &cpus_with_pcps)
++ drain_pages(cpu);
++#endif
+ }
+
+ #ifdef CONFIG_HIBERNATION
+@@ -1399,7 +1449,7 @@
+
+ migratetype = get_pfnblock_migratetype(page, pfn);
+ set_freepage_migratetype(page, migratetype);
+- local_irq_save(flags);
++ local_lock_irqsave(pa_lock, flags);
+ __count_vm_event(PGFREE);
+
+ /*
+@@ -1425,12 +1475,17 @@
+ pcp->count++;
+ if (pcp->count >= pcp->high) {
+ unsigned long batch = ACCESS_ONCE(pcp->batch);
+- free_pcppages_bulk(zone, batch, pcp);
++ LIST_HEAD(dst);
++
++ isolate_pcp_pages(batch, pcp, &dst);
+ pcp->count -= batch;
++ local_unlock_irqrestore(pa_lock, flags);
++ free_pcppages_bulk(zone, batch, &dst);
++ return;
+ }
+
+ out:
+- local_irq_restore(flags);
++ local_unlock_irqrestore(pa_lock, flags);
+ }
+
+ /*
+@@ -1560,7 +1615,7 @@
+ struct per_cpu_pages *pcp;
+ struct list_head *list;
+
+- local_irq_save(flags);
++ local_lock_irqsave(pa_lock, flags);
+ pcp = &this_cpu_ptr(zone->pageset)->pcp;
+ list = &pcp->lists[migratetype];
+ if (list_empty(list)) {
+@@ -1592,13 +1647,15 @@
+ */
+ WARN_ON_ONCE(order > 1);
+ }
+- spin_lock_irqsave(&zone->lock, flags);
++ local_spin_lock_irqsave(pa_lock, &zone->lock, flags);
+ page = __rmqueue(zone, order, migratetype);
+- spin_unlock(&zone->lock);
+- if (!page)
++ if (!page) {
++ spin_unlock(&zone->lock);
+ goto failed;
++ }
+ __mod_zone_freepage_state(zone, -(1 << order),
+ get_freepage_migratetype(page));
++ spin_unlock(&zone->lock);
+ }
+
+ __mod_zone_page_state(zone, NR_ALLOC_BATCH, -(1 << order));
+@@ -1608,7 +1665,7 @@
+
+ __count_zone_vm_events(PGALLOC, zone, 1 << order);
+ zone_statistics(preferred_zone, zone, gfp_flags);
+- local_irq_restore(flags);
++ local_unlock_irqrestore(pa_lock, flags);
+
+ VM_BUG_ON_PAGE(bad_range(zone, page), page);
+ if (prep_new_page(page, order, gfp_flags))
+@@ -1616,7 +1673,7 @@
+ return page;
+
+ failed:
+- local_irq_restore(flags);
++ local_unlock_irqrestore(pa_lock, flags);
+ return NULL;
+ }
+
+@@ -2327,8 +2384,8 @@
+ count_vm_event(COMPACTSTALL);
+
+ /* Page migration frees to the PCP lists but we want merging */
+- drain_pages(get_cpu());
+- put_cpu();
++ drain_pages(get_cpu_light());
++ put_cpu_light();
+
+ page = get_page_from_freelist(gfp_mask, nodemask,
+ order, zonelist, high_zoneidx,
+@@ -5567,6 +5624,7 @@
+ void __init page_alloc_init(void)
+ {
+ hotcpu_notifier(page_alloc_cpu_notify, 0);
++ local_irq_lock_init(pa_lock);
+ }
+
+ /*
+@@ -6461,7 +6519,7 @@
+ struct per_cpu_pageset *pset;
+
+ /* avoid races with drain_pages() */
+- local_irq_save(flags);
++ local_lock_irqsave(pa_lock, flags);
+ if (zone->pageset != &boot_pageset) {
+ for_each_online_cpu(cpu) {
+ pset = per_cpu_ptr(zone->pageset, cpu);
+@@ -6470,7 +6528,7 @@
+ free_percpu(zone->pageset);
+ zone->pageset = &boot_pageset;
+ }
+- local_irq_restore(flags);
++ local_unlock_irqrestore(pa_lock, flags);
+ }
+
+ #ifdef CONFIG_MEMORY_HOTREMOVE
+diff -Nur linux-3.18.9.orig/mm/slab.h linux-3.18.9/mm/slab.h
+--- linux-3.18.9.orig/mm/slab.h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/slab.h 2015-03-15 16:03:03.872094875 -0500
+@@ -315,7 +315,11 @@
+ * The slab lists for all objects.
+ */
+ struct kmem_cache_node {
++#ifdef CONFIG_SLUB
++ raw_spinlock_t list_lock;
++#else
+ spinlock_t list_lock;
++#endif
+
+ #ifdef CONFIG_SLAB
+ struct list_head slabs_partial; /* partial list first, better asm code */
+diff -Nur linux-3.18.9.orig/mm/slub.c linux-3.18.9/mm/slub.c
+--- linux-3.18.9.orig/mm/slub.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/slub.c 2015-03-15 16:03:03.876094875 -0500
+@@ -1044,7 +1044,7 @@
+ {
+ struct kmem_cache_node *n = get_node(s, page_to_nid(page));
+
+- spin_lock_irqsave(&n->list_lock, *flags);
++ raw_spin_lock_irqsave(&n->list_lock, *flags);
+ slab_lock(page);
+
+ if (!check_slab(s, page))
+@@ -1091,7 +1091,7 @@
+
+ fail:
+ slab_unlock(page);
+- spin_unlock_irqrestore(&n->list_lock, *flags);
++ raw_spin_unlock_irqrestore(&n->list_lock, *flags);
+ slab_fix(s, "Object at 0x%p not freed", object);
+ return NULL;
+ }
+@@ -1219,6 +1219,12 @@
+
+ #endif /* CONFIG_SLUB_DEBUG */
+
++struct slub_free_list {
++ raw_spinlock_t lock;
++ struct list_head list;
++};
++static DEFINE_PER_CPU(struct slub_free_list, slub_free_list);
++
+ /*
+ * Hooks for other subsystems that check memory allocations. In a typical
+ * production configuration these hooks all should produce no code at all.
+@@ -1303,10 +1309,15 @@
+ struct page *page;
+ struct kmem_cache_order_objects oo = s->oo;
+ gfp_t alloc_gfp;
++ bool enableirqs;
+
+ flags &= gfp_allowed_mask;
+
+- if (flags & __GFP_WAIT)
++ enableirqs = (flags & __GFP_WAIT) != 0;
++#ifdef CONFIG_PREEMPT_RT_FULL
++ enableirqs |= system_state == SYSTEM_RUNNING;
++#endif
++ if (enableirqs)
+ local_irq_enable();
+
+ flags |= s->allocflags;
+@@ -1347,7 +1358,7 @@
+ kmemcheck_mark_unallocated_pages(page, pages);
+ }
+
+- if (flags & __GFP_WAIT)
++ if (enableirqs)
+ local_irq_disable();
+ if (!page)
+ return NULL;
+@@ -1365,8 +1376,10 @@
+ void *object)
+ {
+ setup_object_debug(s, page, object);
++#ifndef CONFIG_PREEMPT_RT_FULL
+ if (unlikely(s->ctor))
+ s->ctor(object);
++#endif
+ }
+
+ static struct page *new_slab(struct kmem_cache *s, gfp_t flags, int node)
+@@ -1442,6 +1455,16 @@
+ memcg_uncharge_slab(s, order);
+ }
+
++static void free_delayed(struct list_head *h)
++{
++ while(!list_empty(h)) {
++ struct page *page = list_first_entry(h, struct page, lru);
++
++ list_del(&page->lru);
++ __free_slab(page->slab_cache, page);
++ }
++}
++
+ #define need_reserve_slab_rcu \
+ (sizeof(((struct page *)NULL)->lru) < sizeof(struct rcu_head))
+
+@@ -1476,6 +1499,12 @@
+ }
+
+ call_rcu(head, rcu_free_slab);
++ } else if (irqs_disabled()) {
++ struct slub_free_list *f = &__get_cpu_var(slub_free_list);
++
++ raw_spin_lock(&f->lock);
++ list_add(&page->lru, &f->list);
++ raw_spin_unlock(&f->lock);
+ } else
+ __free_slab(s, page);
+ }
+@@ -1589,7 +1618,7 @@
+ if (!n || !n->nr_partial)
+ return NULL;
+
+- spin_lock(&n->list_lock);
++ raw_spin_lock(&n->list_lock);
+ list_for_each_entry_safe(page, page2, &n->partial, lru) {
+ void *t;
+
+@@ -1614,7 +1643,7 @@
+ break;
+
+ }
+- spin_unlock(&n->list_lock);
++ raw_spin_unlock(&n->list_lock);
+ return object;
+ }
+
+@@ -1860,7 +1889,7 @@
+ * that acquire_slab() will see a slab page that
+ * is frozen
+ */
+- spin_lock(&n->list_lock);
++ raw_spin_lock(&n->list_lock);
+ }
+ } else {
+ m = M_FULL;
+@@ -1871,7 +1900,7 @@
+ * slabs from diagnostic functions will not see
+ * any frozen slabs.
+ */
+- spin_lock(&n->list_lock);
++ raw_spin_lock(&n->list_lock);
+ }
+ }
+
+@@ -1906,7 +1935,7 @@
+ goto redo;
+
+ if (lock)
+- spin_unlock(&n->list_lock);
++ raw_spin_unlock(&n->list_lock);
+
+ if (m == M_FREE) {
+ stat(s, DEACTIVATE_EMPTY);
+@@ -1938,10 +1967,10 @@
+ n2 = get_node(s, page_to_nid(page));
+ if (n != n2) {
+ if (n)
+- spin_unlock(&n->list_lock);
++ raw_spin_unlock(&n->list_lock);
+
+ n = n2;
+- spin_lock(&n->list_lock);
++ raw_spin_lock(&n->list_lock);
+ }
+
+ do {
+@@ -1970,7 +1999,7 @@
+ }
+
+ if (n)
+- spin_unlock(&n->list_lock);
++ raw_spin_unlock(&n->list_lock);
+
+ while (discard_page) {
+ page = discard_page;
+@@ -2008,14 +2037,21 @@
+ pobjects = oldpage->pobjects;
+ pages = oldpage->pages;
+ if (drain && pobjects > s->cpu_partial) {
++ struct slub_free_list *f;
+ unsigned long flags;
++ LIST_HEAD(tofree);
+ /*
+ * partial array is full. Move the existing
+ * set to the per node partial list.
+ */
+ local_irq_save(flags);
+ unfreeze_partials(s, this_cpu_ptr(s->cpu_slab));
++ f = &__get_cpu_var(slub_free_list);
++ raw_spin_lock(&f->lock);
++ list_splice_init(&f->list, &tofree);
++ raw_spin_unlock(&f->lock);
+ local_irq_restore(flags);
++ free_delayed(&tofree);
+ oldpage = NULL;
+ pobjects = 0;
+ pages = 0;
+@@ -2079,7 +2115,22 @@
+
+ static void flush_all(struct kmem_cache *s)
+ {
++ LIST_HEAD(tofree);
++ int cpu;
++
+ on_each_cpu_cond(has_cpu_slab, flush_cpu_slab, s, 1, GFP_ATOMIC);
++ for_each_online_cpu(cpu) {
++ struct slub_free_list *f;
++
++ if (!has_cpu_slab(cpu, s))
++ continue;
++
++ f = &per_cpu(slub_free_list, cpu);
++ raw_spin_lock_irq(&f->lock);
++ list_splice_init(&f->list, &tofree);
++ raw_spin_unlock_irq(&f->lock);
++ free_delayed(&tofree);
++ }
+ }
+
+ /*
+@@ -2115,10 +2166,10 @@
+ unsigned long x = 0;
+ struct page *page;
+
+- spin_lock_irqsave(&n->list_lock, flags);
++ raw_spin_lock_irqsave(&n->list_lock, flags);
+ list_for_each_entry(page, &n->partial, lru)
+ x += get_count(page);
+- spin_unlock_irqrestore(&n->list_lock, flags);
++ raw_spin_unlock_irqrestore(&n->list_lock, flags);
+ return x;
+ }
+ #endif /* CONFIG_SLUB_DEBUG || CONFIG_SYSFS */
+@@ -2255,9 +2306,11 @@
+ static void *__slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
+ unsigned long addr, struct kmem_cache_cpu *c)
+ {
++ struct slub_free_list *f;
+ void *freelist;
+ struct page *page;
+ unsigned long flags;
++ LIST_HEAD(tofree);
+
+ local_irq_save(flags);
+ #ifdef CONFIG_PREEMPT
+@@ -2325,7 +2378,13 @@
+ VM_BUG_ON(!c->page->frozen);
+ c->freelist = get_freepointer(s, freelist);
+ c->tid = next_tid(c->tid);
++out:
++ f = &__get_cpu_var(slub_free_list);
++ raw_spin_lock(&f->lock);
++ list_splice_init(&f->list, &tofree);
++ raw_spin_unlock(&f->lock);
+ local_irq_restore(flags);
++ free_delayed(&tofree);
+ return freelist;
+
+ new_slab:
+@@ -2342,8 +2401,7 @@
+
+ if (unlikely(!freelist)) {
+ slab_out_of_memory(s, gfpflags, node);
+- local_irq_restore(flags);
+- return NULL;
++ goto out;
+ }
+
+ page = c->page;
+@@ -2358,8 +2416,7 @@
+ deactivate_slab(s, page, get_freepointer(s, freelist));
+ c->page = NULL;
+ c->freelist = NULL;
+- local_irq_restore(flags);
+- return freelist;
++ goto out;
+ }
+
+ /*
+@@ -2444,6 +2501,10 @@
+
+ if (unlikely(gfpflags & __GFP_ZERO) && object)
+ memset(object, 0, s->object_size);
++#ifdef CONFIG_PREEMPT_RT_FULL
++ if (unlikely(s->ctor) && object)
++ s->ctor(object);
++#endif
+
+ slab_post_alloc_hook(s, gfpflags, object);
+
+@@ -2531,7 +2592,7 @@
+
+ do {
+ if (unlikely(n)) {
+- spin_unlock_irqrestore(&n->list_lock, flags);
++ raw_spin_unlock_irqrestore(&n->list_lock, flags);
+ n = NULL;
+ }
+ prior = page->freelist;
+@@ -2563,7 +2624,7 @@
+ * Otherwise the list_lock will synchronize with
+ * other processors updating the list of slabs.
+ */
+- spin_lock_irqsave(&n->list_lock, flags);
++ raw_spin_lock_irqsave(&n->list_lock, flags);
+
+ }
+ }
+@@ -2605,7 +2666,7 @@
+ add_partial(n, page, DEACTIVATE_TO_TAIL);
+ stat(s, FREE_ADD_PARTIAL);
+ }
+- spin_unlock_irqrestore(&n->list_lock, flags);
++ raw_spin_unlock_irqrestore(&n->list_lock, flags);
+ return;
+
+ slab_empty:
+@@ -2620,7 +2681,7 @@
+ remove_full(s, n, page);
+ }
+
+- spin_unlock_irqrestore(&n->list_lock, flags);
++ raw_spin_unlock_irqrestore(&n->list_lock, flags);
+ stat(s, FREE_SLAB);
+ discard_slab(s, page);
+ }
+@@ -2816,7 +2877,7 @@
+ init_kmem_cache_node(struct kmem_cache_node *n)
+ {
+ n->nr_partial = 0;
+- spin_lock_init(&n->list_lock);
++ raw_spin_lock_init(&n->list_lock);
+ INIT_LIST_HEAD(&n->partial);
+ #ifdef CONFIG_SLUB_DEBUG
+ atomic_long_set(&n->nr_slabs, 0);
+@@ -3373,7 +3434,7 @@
+ for (i = 0; i < objects; i++)
+ INIT_LIST_HEAD(slabs_by_inuse + i);
+
+- spin_lock_irqsave(&n->list_lock, flags);
++ raw_spin_lock_irqsave(&n->list_lock, flags);
+
+ /*
+ * Build lists indexed by the items in use in each slab.
+@@ -3394,7 +3455,7 @@
+ for (i = objects - 1; i > 0; i--)
+ list_splice(slabs_by_inuse + i, n->partial.prev);
+
+- spin_unlock_irqrestore(&n->list_lock, flags);
++ raw_spin_unlock_irqrestore(&n->list_lock, flags);
+
+ /* Release empty slabs */
+ list_for_each_entry_safe(page, t, slabs_by_inuse, lru)
+@@ -3567,6 +3628,12 @@
+ {
+ static __initdata struct kmem_cache boot_kmem_cache,
+ boot_kmem_cache_node;
++ int cpu;
++
++ for_each_possible_cpu(cpu) {
++ raw_spin_lock_init(&per_cpu(slub_free_list, cpu).lock);
++ INIT_LIST_HEAD(&per_cpu(slub_free_list, cpu).list);
++ }
+
+ if (debug_guardpage_minorder())
+ slub_max_order = 0;
+@@ -3815,7 +3882,7 @@
+ struct page *page;
+ unsigned long flags;
+
+- spin_lock_irqsave(&n->list_lock, flags);
++ raw_spin_lock_irqsave(&n->list_lock, flags);
+
+ list_for_each_entry(page, &n->partial, lru) {
+ validate_slab_slab(s, page, map);
+@@ -3837,7 +3904,7 @@
+ s->name, count, atomic_long_read(&n->nr_slabs));
+
+ out:
+- spin_unlock_irqrestore(&n->list_lock, flags);
++ raw_spin_unlock_irqrestore(&n->list_lock, flags);
+ return count;
+ }
+
+@@ -4025,12 +4092,12 @@
+ if (!atomic_long_read(&n->nr_slabs))
+ continue;
+
+- spin_lock_irqsave(&n->list_lock, flags);
++ raw_spin_lock_irqsave(&n->list_lock, flags);
+ list_for_each_entry(page, &n->partial, lru)
+ process_slab(&t, s, page, alloc, map);
+ list_for_each_entry(page, &n->full, lru)
+ process_slab(&t, s, page, alloc, map);
+- spin_unlock_irqrestore(&n->list_lock, flags);
++ raw_spin_unlock_irqrestore(&n->list_lock, flags);
+ }
+
+ for (i = 0; i < t.count; i++) {
+diff -Nur linux-3.18.9.orig/mm/swap.c linux-3.18.9/mm/swap.c
+--- linux-3.18.9.orig/mm/swap.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/swap.c 2015-03-15 16:03:03.876094875 -0500
+@@ -31,6 +31,7 @@
+ #include <linux/memcontrol.h>
+ #include <linux/gfp.h>
+ #include <linux/uio.h>
++#include <linux/locallock.h>
+
+ #include "internal.h"
+
+@@ -44,6 +45,9 @@
+ static DEFINE_PER_CPU(struct pagevec, lru_rotate_pvecs);
+ static DEFINE_PER_CPU(struct pagevec, lru_deactivate_pvecs);
+
++static DEFINE_LOCAL_IRQ_LOCK(rotate_lock);
++static DEFINE_LOCAL_IRQ_LOCK(swapvec_lock);
++
+ /*
+ * This path almost never happens for VM activity - pages are normally
+ * freed via pagevecs. But it gets used by networking.
+@@ -473,11 +477,11 @@
+ unsigned long flags;
+
+ page_cache_get(page);
+- local_irq_save(flags);
++ local_lock_irqsave(rotate_lock, flags);
+ pvec = this_cpu_ptr(&lru_rotate_pvecs);
+ if (!pagevec_add(pvec, page))
+ pagevec_move_tail(pvec);
+- local_irq_restore(flags);
++ local_unlock_irqrestore(rotate_lock, flags);
+ }
+ }
+
+@@ -528,12 +532,13 @@
+ void activate_page(struct page *page)
+ {
+ if (PageLRU(page) && !PageActive(page) && !PageUnevictable(page)) {
+- struct pagevec *pvec = &get_cpu_var(activate_page_pvecs);
++ struct pagevec *pvec = &get_locked_var(swapvec_lock,
++ activate_page_pvecs);
+
+ page_cache_get(page);
+ if (!pagevec_add(pvec, page))
+ pagevec_lru_move_fn(pvec, __activate_page, NULL);
+- put_cpu_var(activate_page_pvecs);
++ put_locked_var(swapvec_lock, activate_page_pvecs);
+ }
+ }
+
+@@ -559,7 +564,7 @@
+
+ static void __lru_cache_activate_page(struct page *page)
+ {
+- struct pagevec *pvec = &get_cpu_var(lru_add_pvec);
++ struct pagevec *pvec = &get_locked_var(swapvec_lock, lru_add_pvec);
+ int i;
+
+ /*
+@@ -581,7 +586,7 @@
+ }
+ }
+
+- put_cpu_var(lru_add_pvec);
++ put_locked_var(swapvec_lock, lru_add_pvec);
+ }
+
+ /*
+@@ -620,13 +625,13 @@
+
+ static void __lru_cache_add(struct page *page)
+ {
+- struct pagevec *pvec = &get_cpu_var(lru_add_pvec);
++ struct pagevec *pvec = &get_locked_var(swapvec_lock, lru_add_pvec);
+
+ page_cache_get(page);
+ if (!pagevec_space(pvec))
+ __pagevec_lru_add(pvec);
+ pagevec_add(pvec, page);
+- put_cpu_var(lru_add_pvec);
++ put_locked_var(swapvec_lock, lru_add_pvec);
+ }
+
+ /**
+@@ -806,9 +811,9 @@
+ unsigned long flags;
+
+ /* No harm done if a racing interrupt already did this */
+- local_irq_save(flags);
++ local_lock_irqsave(rotate_lock, flags);
+ pagevec_move_tail(pvec);
+- local_irq_restore(flags);
++ local_unlock_irqrestore(rotate_lock, flags);
+ }
+
+ pvec = &per_cpu(lru_deactivate_pvecs, cpu);
+@@ -836,18 +841,19 @@
+ return;
+
+ if (likely(get_page_unless_zero(page))) {
+- struct pagevec *pvec = &get_cpu_var(lru_deactivate_pvecs);
++ struct pagevec *pvec = &get_locked_var(swapvec_lock,
++ lru_deactivate_pvecs);
+
+ if (!pagevec_add(pvec, page))
+ pagevec_lru_move_fn(pvec, lru_deactivate_fn, NULL);
+- put_cpu_var(lru_deactivate_pvecs);
++ put_locked_var(swapvec_lock, lru_deactivate_pvecs);
+ }
+ }
+
+ void lru_add_drain(void)
+ {
+- lru_add_drain_cpu(get_cpu());
+- put_cpu();
++ lru_add_drain_cpu(local_lock_cpu(swapvec_lock));
++ local_unlock_cpu(swapvec_lock);
+ }
+
+ static void lru_add_drain_per_cpu(struct work_struct *dummy)
+diff -Nur linux-3.18.9.orig/mm/truncate.c linux-3.18.9/mm/truncate.c
+--- linux-3.18.9.orig/mm/truncate.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/truncate.c 2015-03-15 16:03:03.876094875 -0500
+@@ -56,8 +56,11 @@
+ * protected by mapping->tree_lock.
+ */
+ if (!workingset_node_shadows(node) &&
+- !list_empty(&node->private_list))
+- list_lru_del(&workingset_shadow_nodes, &node->private_list);
++ !list_empty(&node->private_list)) {
++ local_lock(workingset_shadow_lock);
++ list_lru_del(&__workingset_shadow_nodes, &node->private_list);
++ local_unlock(workingset_shadow_lock);
++ }
+ __radix_tree_delete_node(&mapping->page_tree, node);
+ unlock:
+ spin_unlock_irq(&mapping->tree_lock);
+diff -Nur linux-3.18.9.orig/mm/vmalloc.c linux-3.18.9/mm/vmalloc.c
+--- linux-3.18.9.orig/mm/vmalloc.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/vmalloc.c 2015-03-15 16:03:03.876094875 -0500
+@@ -798,7 +798,7 @@
+ struct vmap_block *vb;
+ struct vmap_area *va;
+ unsigned long vb_idx;
+- int node, err;
++ int node, err, cpu;
+
+ node = numa_node_id();
+
+@@ -836,11 +836,12 @@
+ BUG_ON(err);
+ radix_tree_preload_end();
+
+- vbq = &get_cpu_var(vmap_block_queue);
++ cpu = get_cpu_light();
++ vbq = &__get_cpu_var(vmap_block_queue);
+ spin_lock(&vbq->lock);
+ list_add_rcu(&vb->free_list, &vbq->free);
+ spin_unlock(&vbq->lock);
+- put_cpu_var(vmap_block_queue);
++ put_cpu_light();
+
+ return vb;
+ }
+@@ -908,6 +909,7 @@
+ struct vmap_block *vb;
+ unsigned long addr = 0;
+ unsigned int order;
++ int cpu = 0;
+
+ BUG_ON(size & ~PAGE_MASK);
+ BUG_ON(size > PAGE_SIZE*VMAP_MAX_ALLOC);
+@@ -923,7 +925,8 @@
+
+ again:
+ rcu_read_lock();
+- vbq = &get_cpu_var(vmap_block_queue);
++ cpu = get_cpu_light();
++ vbq = &__get_cpu_var(vmap_block_queue);
+ list_for_each_entry_rcu(vb, &vbq->free, free_list) {
+ int i;
+
+@@ -947,7 +950,7 @@
+ spin_unlock(&vb->lock);
+ }
+
+- put_cpu_var(vmap_block_queue);
++ put_cpu_light();
+ rcu_read_unlock();
+
+ if (!addr) {
+diff -Nur linux-3.18.9.orig/mm/vmstat.c linux-3.18.9/mm/vmstat.c
+--- linux-3.18.9.orig/mm/vmstat.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/vmstat.c 2015-03-15 16:03:03.876094875 -0500
+@@ -221,6 +221,7 @@
+ long x;
+ long t;
+
++ preempt_disable_rt();
+ x = delta + __this_cpu_read(*p);
+
+ t = __this_cpu_read(pcp->stat_threshold);
+@@ -230,6 +231,7 @@
+ x = 0;
+ }
+ __this_cpu_write(*p, x);
++ preempt_enable_rt();
+ }
+ EXPORT_SYMBOL(__mod_zone_page_state);
+
+@@ -262,6 +264,7 @@
+ s8 __percpu *p = pcp->vm_stat_diff + item;
+ s8 v, t;
+
++ preempt_disable_rt();
+ v = __this_cpu_inc_return(*p);
+ t = __this_cpu_read(pcp->stat_threshold);
+ if (unlikely(v > t)) {
+@@ -270,6 +273,7 @@
+ zone_page_state_add(v + overstep, zone, item);
+ __this_cpu_write(*p, -overstep);
+ }
++ preempt_enable_rt();
+ }
+
+ void __inc_zone_page_state(struct page *page, enum zone_stat_item item)
+@@ -284,6 +288,7 @@
+ s8 __percpu *p = pcp->vm_stat_diff + item;
+ s8 v, t;
+
++ preempt_disable_rt();
+ v = __this_cpu_dec_return(*p);
+ t = __this_cpu_read(pcp->stat_threshold);
+ if (unlikely(v < - t)) {
+@@ -292,6 +297,7 @@
+ zone_page_state_add(v - overstep, zone, item);
+ __this_cpu_write(*p, overstep);
+ }
++ preempt_enable_rt();
+ }
+
+ void __dec_zone_page_state(struct page *page, enum zone_stat_item item)
+diff -Nur linux-3.18.9.orig/mm/workingset.c linux-3.18.9/mm/workingset.c
+--- linux-3.18.9.orig/mm/workingset.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/mm/workingset.c 2015-03-15 16:03:03.876094875 -0500
+@@ -264,7 +264,8 @@
+ * point where they would still be useful.
+ */
+
+-struct list_lru workingset_shadow_nodes;
++struct list_lru __workingset_shadow_nodes;
++DEFINE_LOCAL_IRQ_LOCK(workingset_shadow_lock);
+
+ static unsigned long count_shadow_nodes(struct shrinker *shrinker,
+ struct shrink_control *sc)
+@@ -274,9 +275,9 @@
+ unsigned long pages;
+
+ /* list_lru lock nests inside IRQ-safe mapping->tree_lock */
+- local_irq_disable();
+- shadow_nodes = list_lru_count_node(&workingset_shadow_nodes, sc->nid);
+- local_irq_enable();
++ local_lock_irq(workingset_shadow_lock);
++ shadow_nodes = list_lru_count_node(&__workingset_shadow_nodes, sc->nid);
++ local_unlock_irq(workingset_shadow_lock);
+
+ pages = node_present_pages(sc->nid);
+ /*
+@@ -362,9 +363,9 @@
+ spin_unlock(&mapping->tree_lock);
+ ret = LRU_REMOVED_RETRY;
+ out:
+- local_irq_enable();
++ local_unlock_irq(workingset_shadow_lock);
+ cond_resched();
+- local_irq_disable();
++ local_lock_irq(workingset_shadow_lock);
+ spin_lock(lru_lock);
+ return ret;
+ }
+@@ -375,10 +376,10 @@
+ unsigned long ret;
+
+ /* list_lru lock nests inside IRQ-safe mapping->tree_lock */
+- local_irq_disable();
+- ret = list_lru_walk_node(&workingset_shadow_nodes, sc->nid,
++ local_lock_irq(workingset_shadow_lock);
++ ret = list_lru_walk_node(&__workingset_shadow_nodes, sc->nid,
+ shadow_lru_isolate, NULL, &sc->nr_to_scan);
+- local_irq_enable();
++ local_unlock_irq(workingset_shadow_lock);
+ return ret;
+ }
+
+@@ -399,7 +400,7 @@
+ {
+ int ret;
+
+- ret = list_lru_init_key(&workingset_shadow_nodes, &shadow_nodes_key);
++ ret = list_lru_init_key(&__workingset_shadow_nodes, &shadow_nodes_key);
+ if (ret)
+ goto err;
+ ret = register_shrinker(&workingset_shadow_shrinker);
+@@ -407,7 +408,7 @@
+ goto err_list_lru;
+ return 0;
+ err_list_lru:
+- list_lru_destroy(&workingset_shadow_nodes);
++ list_lru_destroy(&__workingset_shadow_nodes);
+ err:
+ return ret;
+ }
+diff -Nur linux-3.18.9.orig/net/core/dev.c linux-3.18.9/net/core/dev.c
+--- linux-3.18.9.orig/net/core/dev.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/net/core/dev.c 2015-03-15 16:03:03.880094875 -0500
+@@ -182,6 +182,7 @@
+ static DEFINE_HASHTABLE(napi_hash, 8);
+
+ static seqcount_t devnet_rename_seq;
++static DEFINE_MUTEX(devnet_rename_mutex);
+
+ static inline void dev_base_seq_inc(struct net *net)
+ {
+@@ -203,14 +204,14 @@
+ static inline void rps_lock(struct softnet_data *sd)
+ {
+ #ifdef CONFIG_RPS
+- spin_lock(&sd->input_pkt_queue.lock);
++ raw_spin_lock(&sd->input_pkt_queue.raw_lock);
+ #endif
+ }
+
+ static inline void rps_unlock(struct softnet_data *sd)
+ {
+ #ifdef CONFIG_RPS
+- spin_unlock(&sd->input_pkt_queue.lock);
++ raw_spin_unlock(&sd->input_pkt_queue.raw_lock);
+ #endif
+ }
+
+@@ -832,7 +833,8 @@
+ strcpy(name, dev->name);
+ rcu_read_unlock();
+ if (read_seqcount_retry(&devnet_rename_seq, seq)) {
+- cond_resched();
++ mutex_lock(&devnet_rename_mutex);
++ mutex_unlock(&devnet_rename_mutex);
+ goto retry;
+ }
+
+@@ -1101,20 +1103,17 @@
+ if (dev->flags & IFF_UP)
+ return -EBUSY;
+
+- write_seqcount_begin(&devnet_rename_seq);
++ mutex_lock(&devnet_rename_mutex);
++ __raw_write_seqcount_begin(&devnet_rename_seq);
+
+- if (strncmp(newname, dev->name, IFNAMSIZ) == 0) {
+- write_seqcount_end(&devnet_rename_seq);
+- return 0;
+- }
++ if (strncmp(newname, dev->name, IFNAMSIZ) == 0)
++ goto outunlock;
+
+ memcpy(oldname, dev->name, IFNAMSIZ);
+
+ err = dev_get_valid_name(net, dev, newname);
+- if (err < 0) {
+- write_seqcount_end(&devnet_rename_seq);
+- return err;
+- }
++ if (err < 0)
++ goto outunlock;
+
+ if (oldname[0] && !strchr(oldname, '%'))
+ netdev_info(dev, "renamed from %s\n", oldname);
+@@ -1127,11 +1126,12 @@
+ if (ret) {
+ memcpy(dev->name, oldname, IFNAMSIZ);
+ dev->name_assign_type = old_assign_type;
+- write_seqcount_end(&devnet_rename_seq);
+- return ret;
++ err = ret;
++ goto outunlock;
+ }
+
+- write_seqcount_end(&devnet_rename_seq);
++ __raw_write_seqcount_end(&devnet_rename_seq);
++ mutex_unlock(&devnet_rename_mutex);
+
+ netdev_adjacent_rename_links(dev, oldname);
+
+@@ -1152,7 +1152,8 @@
+ /* err >= 0 after dev_alloc_name() or stores the first errno */
+ if (err >= 0) {
+ err = ret;
+- write_seqcount_begin(&devnet_rename_seq);
++ mutex_lock(&devnet_rename_mutex);
++ __raw_write_seqcount_begin(&devnet_rename_seq);
+ memcpy(dev->name, oldname, IFNAMSIZ);
+ memcpy(oldname, newname, IFNAMSIZ);
+ dev->name_assign_type = old_assign_type;
+@@ -1165,6 +1166,11 @@
+ }
+
+ return err;
++
++outunlock:
++ __raw_write_seqcount_end(&devnet_rename_seq);
++ mutex_unlock(&devnet_rename_mutex);
++ return err;
+ }
+
+ /**
+@@ -2160,6 +2166,7 @@
+ sd->output_queue_tailp = &q->next_sched;
+ raise_softirq_irqoff(NET_TX_SOFTIRQ);
+ local_irq_restore(flags);
++ preempt_check_resched_rt();
+ }
+
+ void __netif_schedule(struct Qdisc *q)
+@@ -2241,6 +2248,7 @@
+ __this_cpu_write(softnet_data.completion_queue, skb);
+ raise_softirq_irqoff(NET_TX_SOFTIRQ);
+ local_irq_restore(flags);
++ preempt_check_resched_rt();
+ }
+ EXPORT_SYMBOL(__dev_kfree_skb_irq);
+
+@@ -3336,6 +3344,7 @@
+ rps_unlock(sd);
+
+ local_irq_restore(flags);
++ preempt_check_resched_rt();
+
+ atomic_long_inc(&skb->dev->rx_dropped);
+ kfree_skb(skb);
+@@ -3354,7 +3363,7 @@
+ struct rps_dev_flow voidflow, *rflow = &voidflow;
+ int cpu;
+
+- preempt_disable();
++ migrate_disable();
+ rcu_read_lock();
+
+ cpu = get_rps_cpu(skb->dev, skb, &rflow);
+@@ -3364,13 +3373,13 @@
+ ret = enqueue_to_backlog(skb, cpu, &rflow->last_qtail);
+
+ rcu_read_unlock();
+- preempt_enable();
++ migrate_enable();
+ } else
+ #endif
+ {
+ unsigned int qtail;
+- ret = enqueue_to_backlog(skb, get_cpu(), &qtail);
+- put_cpu();
++ ret = enqueue_to_backlog(skb, get_cpu_light(), &qtail);
++ put_cpu_light();
+ }
+ return ret;
+ }
+@@ -3404,16 +3413,44 @@
+
+ trace_netif_rx_ni_entry(skb);
+
+- preempt_disable();
++ local_bh_disable();
+ err = netif_rx_internal(skb);
+- if (local_softirq_pending())
+- do_softirq();
+- preempt_enable();
++ local_bh_enable();
+
+ return err;
+ }
+ EXPORT_SYMBOL(netif_rx_ni);
+
++#ifdef CONFIG_PREEMPT_RT_FULL
++/*
++ * RT runs ksoftirqd as a real time thread and the root_lock is a
++ * "sleeping spinlock". If the trylock fails then we can go into an
++ * infinite loop when ksoftirqd preempted the task which actually
++ * holds the lock, because we requeue q and raise NET_TX softirq
++ * causing ksoftirqd to loop forever.
++ *
++ * It's safe to use spin_lock on RT here as softirqs run in thread
++ * context and cannot deadlock against the thread which is holding
++ * root_lock.
++ *
++ * On !RT the trylock might fail, but there we bail out from the
++ * softirq loop after 10 attempts which we can't do on RT. And the
++ * task holding root_lock cannot be preempted, so the only downside of
++ * that trylock is that we need 10 loops to decide that we should have
++ * given up in the first one :)
++ */
++static inline int take_root_lock(spinlock_t *lock)
++{
++ spin_lock(lock);
++ return 1;
++}
++#else
++static inline int take_root_lock(spinlock_t *lock)
++{
++ return spin_trylock(lock);
++}
++#endif
++
+ static void net_tx_action(struct softirq_action *h)
+ {
+ struct softnet_data *sd = this_cpu_ptr(&softnet_data);
+@@ -3455,7 +3492,7 @@
+ head = head->next_sched;
+
+ root_lock = qdisc_lock(q);
+- if (spin_trylock(root_lock)) {
++ if (take_root_lock(root_lock)) {
+ smp_mb__before_atomic();
+ clear_bit(__QDISC_STATE_SCHED,
+ &q->state);
+@@ -3848,7 +3885,7 @@
+ skb_queue_walk_safe(&sd->input_pkt_queue, skb, tmp) {
+ if (skb->dev == dev) {
+ __skb_unlink(skb, &sd->input_pkt_queue);
+- kfree_skb(skb);
++ __skb_queue_tail(&sd->tofree_queue, skb);
+ input_queue_head_incr(sd);
+ }
+ }
+@@ -3857,10 +3894,13 @@
+ skb_queue_walk_safe(&sd->process_queue, skb, tmp) {
+ if (skb->dev == dev) {
+ __skb_unlink(skb, &sd->process_queue);
+- kfree_skb(skb);
++ __skb_queue_tail(&sd->tofree_queue, skb);
+ input_queue_head_incr(sd);
+ }
+ }
++
++ if (!skb_queue_empty(&sd->tofree_queue))
++ raise_softirq_irqoff(NET_RX_SOFTIRQ);
+ }
+
+ static int napi_gro_complete(struct sk_buff *skb)
+@@ -4323,6 +4363,7 @@
+ } else
+ #endif
+ local_irq_enable();
++ preempt_check_resched_rt();
+ }
+
+ static int process_backlog(struct napi_struct *napi, int quota)
+@@ -4394,6 +4435,7 @@
+ local_irq_save(flags);
+ ____napi_schedule(this_cpu_ptr(&softnet_data), n);
+ local_irq_restore(flags);
++ preempt_check_resched_rt();
+ }
+ EXPORT_SYMBOL(__napi_schedule);
+
+@@ -4516,10 +4558,17 @@
+ struct softnet_data *sd = this_cpu_ptr(&softnet_data);
+ unsigned long time_limit = jiffies + 2;
+ int budget = netdev_budget;
++ struct sk_buff *skb;
+ void *have;
+
+ local_irq_disable();
+
++ while ((skb = __skb_dequeue(&sd->tofree_queue))) {
++ local_irq_enable();
++ kfree_skb(skb);
++ local_irq_disable();
++ }
++
+ while (!list_empty(&sd->poll_list)) {
+ struct napi_struct *n;
+ int work, weight;
+@@ -7008,6 +7057,7 @@
+
+ raise_softirq_irqoff(NET_TX_SOFTIRQ);
+ local_irq_enable();
++ preempt_check_resched_rt();
+
+ /* Process offline CPU's input_pkt_queue */
+ while ((skb = __skb_dequeue(&oldsd->process_queue))) {
+@@ -7018,6 +7068,9 @@
+ netif_rx_internal(skb);
+ input_queue_head_incr(oldsd);
+ }
++ while ((skb = __skb_dequeue(&oldsd->tofree_queue))) {
++ kfree_skb(skb);
++ }
+
+ return NOTIFY_OK;
+ }
+@@ -7319,8 +7372,9 @@
+ for_each_possible_cpu(i) {
+ struct softnet_data *sd = &per_cpu(softnet_data, i);
+
+- skb_queue_head_init(&sd->input_pkt_queue);
+- skb_queue_head_init(&sd->process_queue);
++ skb_queue_head_init_raw(&sd->input_pkt_queue);
++ skb_queue_head_init_raw(&sd->process_queue);
++ skb_queue_head_init_raw(&sd->tofree_queue);
+ INIT_LIST_HEAD(&sd->poll_list);
+ sd->output_queue_tailp = &sd->output_queue;
+ #ifdef CONFIG_RPS
+diff -Nur linux-3.18.9.orig/net/core/skbuff.c linux-3.18.9/net/core/skbuff.c
+--- linux-3.18.9.orig/net/core/skbuff.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/net/core/skbuff.c 2015-03-15 16:03:03.880094875 -0500
+@@ -63,6 +63,7 @@
+ #include <linux/errqueue.h>
+ #include <linux/prefetch.h>
+ #include <linux/if_vlan.h>
++#include <linux/locallock.h>
+
+ #include <net/protocol.h>
+ #include <net/dst.h>
+@@ -336,6 +337,7 @@
+ unsigned int pagecnt_bias;
+ };
+ static DEFINE_PER_CPU(struct netdev_alloc_cache, netdev_alloc_cache);
++static DEFINE_LOCAL_IRQ_LOCK(netdev_alloc_lock);
+
+ static void *__netdev_alloc_frag(unsigned int fragsz, gfp_t gfp_mask)
+ {
+@@ -344,7 +346,7 @@
+ int order;
+ unsigned long flags;
+
+- local_irq_save(flags);
++ local_lock_irqsave(netdev_alloc_lock, flags);
+ nc = this_cpu_ptr(&netdev_alloc_cache);
+ if (unlikely(!nc->frag.page)) {
+ refill:
+@@ -389,7 +391,7 @@
+ nc->frag.offset += fragsz;
+ nc->pagecnt_bias--;
+ end:
+- local_irq_restore(flags);
++ local_unlock_irqrestore(netdev_alloc_lock, flags);
+ return data;
+ }
+
+diff -Nur linux-3.18.9.orig/net/core/sock.c linux-3.18.9/net/core/sock.c
+--- linux-3.18.9.orig/net/core/sock.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/net/core/sock.c 2015-03-15 16:03:03.880094875 -0500
+@@ -2326,12 +2326,11 @@
+ if (sk->sk_lock.owned)
+ __lock_sock(sk);
+ sk->sk_lock.owned = 1;
+- spin_unlock(&sk->sk_lock.slock);
++ spin_unlock_bh(&sk->sk_lock.slock);
+ /*
+ * The sk_lock has mutex_lock() semantics here:
+ */
+ mutex_acquire(&sk->sk_lock.dep_map, subclass, 0, _RET_IP_);
+- local_bh_enable();
+ }
+ EXPORT_SYMBOL(lock_sock_nested);
+
+diff -Nur linux-3.18.9.orig/net/ipv4/icmp.c linux-3.18.9/net/ipv4/icmp.c
+--- linux-3.18.9.orig/net/ipv4/icmp.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/net/ipv4/icmp.c 2015-03-15 16:03:03.880094875 -0500
+@@ -69,6 +69,7 @@
+ #include <linux/jiffies.h>
+ #include <linux/kernel.h>
+ #include <linux/fcntl.h>
++#include <linux/sysrq.h>
+ #include <linux/socket.h>
+ #include <linux/in.h>
+ #include <linux/inet.h>
+@@ -864,6 +865,30 @@
+ }
+
+ /*
++ * 32bit and 64bit have different timestamp length, so we check for
++ * the cookie at offset 20 and verify it is repeated at offset 50
++ */
++#define CO_POS0 20
++#define CO_POS1 50
++#define CO_SIZE sizeof(int)
++#define ICMP_SYSRQ_SIZE 57
++
++/*
++ * We got a ICMP_SYSRQ_SIZE sized ping request. Check for the cookie
++ * pattern and if it matches send the next byte as a trigger to sysrq.
++ */
++static void icmp_check_sysrq(struct net *net, struct sk_buff *skb)
++{
++ int cookie = htonl(net->ipv4.sysctl_icmp_echo_sysrq);
++ char *p = skb->data;
++
++ if (!memcmp(&cookie, p + CO_POS0, CO_SIZE) &&
++ !memcmp(&cookie, p + CO_POS1, CO_SIZE) &&
++ p[CO_POS0 + CO_SIZE] == p[CO_POS1 + CO_SIZE])
++ handle_sysrq(p[CO_POS0 + CO_SIZE]);
++}
++
++/*
+ * Handle ICMP_ECHO ("ping") requests.
+ *
+ * RFC 1122: 3.2.2.6 MUST have an echo server that answers ICMP echo
+@@ -890,6 +915,11 @@
+ icmp_param.data_len = skb->len;
+ icmp_param.head_len = sizeof(struct icmphdr);
+ icmp_reply(&icmp_param, skb);
++
++ if (skb->len == ICMP_SYSRQ_SIZE &&
++ net->ipv4.sysctl_icmp_echo_sysrq) {
++ icmp_check_sysrq(net, skb);
++ }
+ }
+ }
+
+diff -Nur linux-3.18.9.orig/net/ipv4/ip_output.c linux-3.18.9/net/ipv4/ip_output.c
+--- linux-3.18.9.orig/net/ipv4/ip_output.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/net/ipv4/ip_output.c 2015-03-15 16:03:03.880094875 -0500
+@@ -79,6 +79,7 @@
+ #include <linux/mroute.h>
+ #include <linux/netlink.h>
+ #include <linux/tcp.h>
++#include <linux/locallock.h>
+
+ int sysctl_ip_default_ttl __read_mostly = IPDEFTTL;
+ EXPORT_SYMBOL(sysctl_ip_default_ttl);
+@@ -1507,6 +1508,7 @@
+ * Generic function to send a packet as reply to another packet.
+ * Used to send some TCP resets/acks so far.
+ */
++
+ void ip_send_unicast_reply(struct sock *sk, struct sk_buff *skb,
+ const struct ip_options *sopt,
+ __be32 daddr, __be32 saddr,
+diff -Nur linux-3.18.9.orig/net/ipv4/sysctl_net_ipv4.c linux-3.18.9/net/ipv4/sysctl_net_ipv4.c
+--- linux-3.18.9.orig/net/ipv4/sysctl_net_ipv4.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/net/ipv4/sysctl_net_ipv4.c 2015-03-15 16:03:03.880094875 -0500
+@@ -779,6 +779,13 @@
+ .proc_handler = proc_dointvec
+ },
+ {
++ .procname = "icmp_echo_sysrq",
++ .data = &init_net.ipv4.sysctl_icmp_echo_sysrq,
++ .maxlen = sizeof(int),
++ .mode = 0644,
++ .proc_handler = proc_dointvec
++ },
++ {
+ .procname = "icmp_ignore_bogus_error_responses",
+ .data = &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses,
+ .maxlen = sizeof(int),
+diff -Nur linux-3.18.9.orig/net/mac80211/rx.c linux-3.18.9/net/mac80211/rx.c
+--- linux-3.18.9.orig/net/mac80211/rx.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/net/mac80211/rx.c 2015-03-15 16:03:03.884094875 -0500
+@@ -3356,7 +3356,7 @@
+ struct ieee80211_supported_band *sband;
+ struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
+
+- WARN_ON_ONCE(softirq_count() == 0);
++ WARN_ON_ONCE_NONRT(softirq_count() == 0);
+
+ if (WARN_ON(status->band >= IEEE80211_NUM_BANDS))
+ goto drop;
+diff -Nur linux-3.18.9.orig/net/netfilter/core.c linux-3.18.9/net/netfilter/core.c
+--- linux-3.18.9.orig/net/netfilter/core.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/net/netfilter/core.c 2015-03-15 16:03:03.884094875 -0500
+@@ -21,11 +21,17 @@
+ #include <linux/proc_fs.h>
+ #include <linux/mutex.h>
+ #include <linux/slab.h>
++#include <linux/locallock.h>
+ #include <net/net_namespace.h>
+ #include <net/sock.h>
+
+ #include "nf_internals.h"
+
++#ifdef CONFIG_PREEMPT_RT_BASE
++DEFINE_LOCAL_IRQ_LOCK(xt_write_lock);
++EXPORT_PER_CPU_SYMBOL(xt_write_lock);
++#endif
++
+ static DEFINE_MUTEX(afinfo_mutex);
+
+ const struct nf_afinfo __rcu *nf_afinfo[NFPROTO_NUMPROTO] __read_mostly;
+diff -Nur linux-3.18.9.orig/net/packet/af_packet.c linux-3.18.9/net/packet/af_packet.c
+--- linux-3.18.9.orig/net/packet/af_packet.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/net/packet/af_packet.c 2015-03-15 16:03:03.884094875 -0500
+@@ -63,6 +63,7 @@
+ #include <linux/if_packet.h>
+ #include <linux/wireless.h>
+ #include <linux/kernel.h>
++#include <linux/delay.h>
+ #include <linux/kmod.h>
+ #include <linux/slab.h>
+ #include <linux/vmalloc.h>
+@@ -692,7 +693,7 @@
+ if (BLOCK_NUM_PKTS(pbd)) {
+ while (atomic_read(&pkc->blk_fill_in_prog)) {
+ /* Waiting for skb_copy_bits to finish... */
+- cpu_relax();
++ cpu_chill();
+ }
+ }
+
+@@ -943,7 +944,7 @@
+ if (!(status & TP_STATUS_BLK_TMO)) {
+ while (atomic_read(&pkc->blk_fill_in_prog)) {
+ /* Waiting for skb_copy_bits to finish... */
+- cpu_relax();
++ cpu_chill();
+ }
+ }
+ prb_close_block(pkc, pbd, po, status);
+diff -Nur linux-3.18.9.orig/net/rds/ib_rdma.c linux-3.18.9/net/rds/ib_rdma.c
+--- linux-3.18.9.orig/net/rds/ib_rdma.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/net/rds/ib_rdma.c 2015-03-15 16:03:03.884094875 -0500
+@@ -34,6 +34,7 @@
+ #include <linux/slab.h>
+ #include <linux/rculist.h>
+ #include <linux/llist.h>
++#include <linux/delay.h>
+
+ #include "rds.h"
+ #include "ib.h"
+@@ -286,7 +287,7 @@
+ for_each_online_cpu(cpu) {
+ flag = &per_cpu(clean_list_grace, cpu);
+ while (test_bit(CLEAN_LIST_BUSY_BIT, flag))
+- cpu_relax();
++ cpu_chill();
+ }
+ }
+
+diff -Nur linux-3.18.9.orig/net/sched/sch_generic.c linux-3.18.9/net/sched/sch_generic.c
+--- linux-3.18.9.orig/net/sched/sch_generic.c 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/net/sched/sch_generic.c 2015-03-15 16:03:03.884094875 -0500
+@@ -894,7 +894,7 @@
+ /* Wait for outstanding qdisc_run calls. */
+ list_for_each_entry(dev, head, close_list)
+ while (some_qdisc_is_busy(dev))
+- yield();
++ msleep(1);
+ }
+
+ void dev_deactivate(struct net_device *dev)
+diff -Nur linux-3.18.9.orig/scripts/mkcompile_h linux-3.18.9/scripts/mkcompile_h
+--- linux-3.18.9.orig/scripts/mkcompile_h 2015-03-06 16:53:42.000000000 -0600
++++ linux-3.18.9/scripts/mkcompile_h 2015-03-15 16:03:03.884094875 -0500
+@@ -4,7 +4,8 @@
+ ARCH=$2
+ SMP=$3
+ PREEMPT=$4
+-CC=$5
++RT=$5
++CC=$6
+
+ vecho() { [ "${quiet}" = "silent_" ] || echo "$@" ; }
+
+@@ -57,6 +58,7 @@
+ CONFIG_FLAGS=""
+ if [ -n "$SMP" ] ; then CONFIG_FLAGS="SMP"; fi
+ if [ -n "$PREEMPT" ] ; then CONFIG_FLAGS="$CONFIG_FLAGS PREEMPT"; fi
++if [ -n "$RT" ] ; then CONFIG_FLAGS="$CONFIG_FLAGS RT"; fi
+ UTS_VERSION="$UTS_VERSION $CONFIG_FLAGS $TIMESTAMP"
+
+ # Truncate to maximum length