~hc/RK356X_SDK_RELEASE.git

..	..	@@ -27,7 +27,6 @@
27	27	#include <linux/file.h>
28	28	#include <linux/mm.h>
29	29	#include <linux/mman.h>
30		-#include <linux/mmu_context.h>
31	30	#include <linux/percpu.h>
32	31	#include <linux/slab.h>
33	32	#include <linux/timer.h>
..	..	@@ -42,6 +41,7 @@
42	41	#include <linux/ramfs.h>
43	42	#include <linux/percpu-refcount.h>
44	43	#include <linux/mount.h>
	44	+#include <linux/pseudo_fs.h>
45	45
46	46	#include <asm/kmap_types.h>
47	47	#include <linux/uaccess.h>
..	..	@@ -67,8 +67,14 @@
67	67	unsigned header_length; /* size of aio_ring */
68	68
69	69
70		- struct io_event io_events[0];
	70	+ struct io_event io_events[];
71	71	}; /* 128 bytes + ring size */
	72	+
	73	+/*
	74	+ * Plugging is meant to work with larger batches of IOs. If we don't
	75	+ * have more than the below, then don't bother setting up a plug.
	76	+ */
	77	+#define AIO_PLUG_THRESHOLD 2
72	78
73	79	#define AIO_RING_PAGES 8
74	80
..	..	@@ -121,7 +127,6 @@
121	127	long nr_pages;
122	128
123	129	struct rcu_work free_rwork; /* see free_ioctx() */
124		- struct work_struct free_work; /* see free_ioctx() */
125	130
126	131	/*
127	132	* signals when all in-flight requests are done
..	..	@@ -246,15 +251,12 @@
246	251	return file;
247	252	}
248	253
249		-static struct dentry aio_mount(struct file_system_type fs_type,
250		- int flags, const char dev_name, void data)
	254	+static int aio_init_fs_context(struct fs_context *fc)
251	255	{
252		- struct dentry *root = mount_pseudo(fs_type, "aio:", NULL, NULL,
253		- AIO_RING_MAGIC);
254		-
255		- if (!IS_ERR(root))
256		- root->d_sb->s_iflags \|= SB_I_NOEXEC;
257		- return root;
	256	+ if (!init_pseudo(fc, AIO_RING_MAGIC))
	257	+ return -ENOMEM;
	258	+ fc->s_iflags \|= SB_I_NOEXEC;
	259	+ return 0;
258	260	}
259	261
260	262	/* aio_setup
..	..	@@ -265,7 +267,7 @@
265	267	{
266	268	static struct file_system_type aio_fs = {
267	269	.name = "aio",
268		- .mount = aio_mount,
	270	+ .init_fs_context = aio_init_fs_context,
269	271	.kill_sb = kill_anon_super,
270	272	};
271	273	aio_mnt = kern_mount(&aio_fs);
..	..	@@ -333,6 +335,9 @@
333	335	spin_lock(&mm->ioctx_lock);
334	336	rcu_read_lock();
335	337	table = rcu_dereference(mm->ioctx_table);
	338	+ if (!table)
	339	+ goto out_unlock;
	340	+
336	341	for (i = 0; i < table->nr; i++) {
337	342	struct kioctx *ctx;
338	343
..	..	@@ -346,6 +351,7 @@
346	351	}
347	352	}
348	353
	354	+out_unlock:
349	355	rcu_read_unlock();
350	356	spin_unlock(&mm->ioctx_lock);
351	357	return res;
..	..	@@ -422,7 +428,7 @@
422	428	BUG_ON(PageWriteback(old));
423	429	get_page(new);
424	430
425		- rc = migrate_page_move_mapping(mapping, new, old, NULL, mode, 1);
	431	+ rc = migrate_page_move_mapping(mapping, new, old, 1);
426	432	if (rc != MIGRATEPAGE_SUCCESS) {
427	433	put_page(new);
428	434	goto out_unlock;
..	..	@@ -518,16 +524,16 @@
518	524	ctx->mmap_size = nr_pages * PAGE_SIZE;
519	525	pr_debug("attempting mmap of %lu bytes\n", ctx->mmap_size);
520	526
521		- if (down_write_killable(&mm->mmap_sem)) {
	527	+ if (mmap_write_lock_killable(mm)) {
522	528	ctx->mmap_size = 0;
523	529	aio_free_ring(ctx);
524	530	return -EINTR;
525	531	}
526	532
527		- ctx->mmap_base = do_mmap_pgoff(ctx->aio_ring_file, 0, ctx->mmap_size,
528		- PROT_READ \| PROT_WRITE,
529		- MAP_SHARED, 0, &unused, NULL);
530		- up_write(&mm->mmap_sem);
	533	+ ctx->mmap_base = do_mmap(ctx->aio_ring_file, 0, ctx->mmap_size,
	534	+ PROT_READ \| PROT_WRITE,
	535	+ MAP_SHARED, 0, &unused, NULL);
	536	+ mmap_write_unlock(mm);
531	537	if (IS_ERR((void *)ctx->mmap_base)) {
532	538	ctx->mmap_size = 0;
533	539	aio_free_ring(ctx);
..	..	@@ -609,9 +615,9 @@
609	615	* and ctx->users has dropped to 0, so we know no more kiocbs can be submitted -
610	616	* now it's safe to cancel any that need to be.
611	617	*/
612		-static void free_ioctx_users_work(struct work_struct *work)
	618	+static void free_ioctx_users(struct percpu_ref *ref)
613	619	{
614		- struct kioctx *ctx = container_of(work, struct kioctx, free_work);
	620	+ struct kioctx *ctx = container_of(ref, struct kioctx, users);
615	621	struct aio_kiocb *req;
616	622
617	623	spin_lock_irq(&ctx->ctx_lock);
..	..	@@ -627,14 +633,6 @@
627	633
628	634	percpu_ref_kill(&ctx->reqs);
629	635	percpu_ref_put(&ctx->reqs);
630		-}
631		-
632		-static void free_ioctx_users(struct percpu_ref *ref)
633		-{
634		- struct kioctx *ctx = container_of(ref, struct kioctx, users);
635		-
636		- INIT_WORK(&ctx->free_work, free_ioctx_users_work);
637		- schedule_work(&ctx->free_work);
638	636	}
639	637
640	638	static int ioctx_add_table(struct kioctx ctx, struct mm_struct mm)
..	..	@@ -1038,6 +1036,11 @@
1038	1036	if (unlikely(!req))
1039	1037	return NULL;
1040	1038
	1039	+ if (unlikely(!get_reqs_available(ctx))) {
	1040	+ kmem_cache_free(kiocb_cachep, req);
	1041	+ return NULL;
	1042	+ }
	1043	+
1041	1044	percpu_ref_get(&ctx->reqs);
1042	1045	req->ki_ctx = ctx;
1043	1046	INIT_LIST_HEAD(&req->ki_list);
..	..	@@ -1076,6 +1079,8 @@
1076	1079
1077	1080	static inline void iocb_destroy(struct aio_kiocb *iocb)
1078	1081	{
	1082	+ if (iocb->ki_eventfd)
	1083	+ eventfd_ctx_put(iocb->ki_eventfd);
1079	1084	if (iocb->ki_filp)
1080	1085	fput(iocb->ki_filp);
1081	1086	percpu_ref_put(&iocb->ki_ctx->reqs);
..	..	@@ -1143,10 +1148,8 @@
1143	1148	* eventfd. The eventfd_signal() function is safe to be called
1144	1149	* from IRQ context.
1145	1150	*/
1146		- if (iocb->ki_eventfd) {
	1151	+ if (iocb->ki_eventfd)
1147	1152	eventfd_signal(iocb->ki_eventfd, 1);
1148		- eventfd_ctx_put(iocb->ki_eventfd);
1149		- }
1150	1153
1151	1154	/*
1152	1155	* We have to order our ring_info tail store above and test
..	..	@@ -1469,7 +1472,7 @@
1469	1472
1470	1473	req->ki_ioprio = iocb->aio_reqprio;
1471	1474	} else
1472		- req->ki_ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_NONE, 0);
	1475	+ req->ki_ioprio = get_current_ioprio();
1473	1476
1474	1477	ret = kiocb_set_rw_flags(req, iocb->aio_rw_flags);
1475	1478	if (unlikely(ret))
..	..	@@ -1479,8 +1482,9 @@
1479	1482	return 0;
1480	1483	}
1481	1484
1482		-static int aio_setup_rw(int rw, const struct iocb iocb, struct iovec *iovec,
1483		- bool vectored, bool compat, struct iov_iter *iter)
	1485	+static ssize_t aio_setup_rw(int rw, const struct iocb *iocb,
	1486	+ struct iovec **iovec, bool vectored, bool compat,
	1487	+ struct iov_iter *iter)
1484	1488	{
1485	1489	void __user buf = (void __user )(uintptr_t)iocb->aio_buf;
1486	1490	size_t len = iocb->aio_nbytes;
..	..	@@ -1490,12 +1494,8 @@
1490	1494	*iovec = NULL;
1491	1495	return ret;
1492	1496	}
1493		-#ifdef CONFIG_COMPAT
1494		- if (compat)
1495		- return compat_import_iovec(rw, buf, len, UIO_FASTIOV, iovec,
1496		- iter);
1497		-#endif
1498		- return import_iovec(rw, buf, len, UIO_FASTIOV, iovec, iter);
	1497	+
	1498	+ return __import_iovec(rw, buf, len, UIO_FASTIOV, iovec, iter, compat);
1499	1499	}
1500	1500
1501	1501	static inline void aio_rw_done(struct kiocb *req, ssize_t ret)
..	..	@@ -1512,19 +1512,19 @@
1512	1512	* may be already running. Just fail this IO with EINTR.
1513	1513	*/
1514	1514	ret = -EINTR;
1515		- /FALLTHRU/
	1515	+ fallthrough;
1516	1516	default:
1517	1517	req->ki_complete(req, ret, 0);
1518	1518	}
1519	1519	}
1520	1520
1521		-static ssize_t aio_read(struct kiocb req, const struct iocb iocb,
	1521	+static int aio_read(struct kiocb req, const struct iocb iocb,
1522	1522	bool vectored, bool compat)
1523	1523	{
1524	1524	struct iovec inline_vecs[UIO_FASTIOV], *iovec = inline_vecs;
1525	1525	struct iov_iter iter;
1526	1526	struct file *file;
1527		- ssize_t ret;
	1527	+ int ret;
1528	1528
1529	1529	ret = aio_prep_rw(req, iocb);
1530	1530	if (ret)
..	..	@@ -1537,7 +1537,7 @@
1537	1537	return -EINVAL;
1538	1538
1539	1539	ret = aio_setup_rw(READ, iocb, &iovec, vectored, compat, &iter);
1540		- if (ret)
	1540	+ if (ret < 0)
1541	1541	return ret;
1542	1542	ret = rw_verify_area(READ, file, &req->ki_pos, iov_iter_count(&iter));
1543	1543	if (!ret)
..	..	@@ -1546,13 +1546,13 @@
1546	1546	return ret;
1547	1547	}
1548	1548
1549		-static ssize_t aio_write(struct kiocb req, const struct iocb iocb,
	1549	+static int aio_write(struct kiocb req, const struct iocb iocb,
1550	1550	bool vectored, bool compat)
1551	1551	{
1552	1552	struct iovec inline_vecs[UIO_FASTIOV], *iovec = inline_vecs;
1553	1553	struct iov_iter iter;
1554	1554	struct file *file;
1555		- ssize_t ret;
	1555	+ int ret;
1556	1556
1557	1557	ret = aio_prep_rw(req, iocb);
1558	1558	if (ret)
..	..	@@ -1565,7 +1565,7 @@
1565	1565	return -EINVAL;
1566	1566
1567	1567	ret = aio_setup_rw(WRITE, iocb, &iovec, vectored, compat, &iter);
1568		- if (ret)
	1568	+ if (ret < 0)
1569	1569	return ret;
1570	1570	ret = rw_verify_area(WRITE, file, &req->ki_pos, iov_iter_count(&iter));
1571	1571	if (!ret) {
..	..	@@ -1577,7 +1577,7 @@
1577	1577	* we return to userspace.
1578	1578	*/
1579	1579	if (S_ISREG(file_inode(file)->i_mode)) {
1580		- __sb_start_write(file_inode(file)->i_sb, SB_FREEZE_WRITE, true);
	1580	+ sb_start_write(file_inode(file)->i_sb);
1581	1581	__sb_writers_release(file_inode(file)->i_sb, SB_FREEZE_WRITE);
1582	1582	}
1583	1583	req->ki_flags \|= IOCB_WRITE;
..	..	@@ -1841,7 +1841,7 @@
1841	1841	add_wait_queue(head, &pt->iocb->poll.wait);
1842	1842	}
1843	1843
1844		-static ssize_t aio_poll(struct aio_kiocb aiocb, const struct iocb iocb)
	1844	+static int aio_poll(struct aio_kiocb aiocb, const struct iocb iocb)
1845	1845	{
1846	1846	struct kioctx *ctx = aiocb->ki_ctx;
1847	1847	struct poll_iocb *req = &aiocb->poll;
..	..	@@ -1917,59 +1917,31 @@
1917	1917	}
1918	1918
1919	1919	static int __io_submit_one(struct kioctx ctx, const struct iocb iocb,
1920		- struct iocb __user *user_iocb, bool compat)
	1920	+ struct iocb __user user_iocb, struct aio_kiocb req,
	1921	+ bool compat)
1921	1922	{
1922		- struct aio_kiocb *req;
1923		- ssize_t ret;
1924		-
1925		- /* enforce forwards compatibility on users */
1926		- if (unlikely(iocb->aio_reserved2)) {
1927		- pr_debug("EINVAL: reserve field set\n");
1928		- return -EINVAL;
1929		- }
1930		-
1931		- /* prevent overflows */
1932		- if (unlikely(
1933		- (iocb->aio_buf != (unsigned long)iocb->aio_buf) \|\|
1934		- (iocb->aio_nbytes != (size_t)iocb->aio_nbytes) \|\|
1935		- ((ssize_t)iocb->aio_nbytes < 0)
1936		- )) {
1937		- pr_debug("EINVAL: overflow check\n");
1938		- return -EINVAL;
1939		- }
1940		-
1941		- if (!get_reqs_available(ctx))
1942		- return -EAGAIN;
1943		-
1944		- ret = -EAGAIN;
1945		- req = aio_get_req(ctx);
1946		- if (unlikely(!req))
1947		- goto out_put_reqs_available;
1948		-
1949	1923	req->ki_filp = fget(iocb->aio_fildes);
1950		- ret = -EBADF;
1951	1924	if (unlikely(!req->ki_filp))
1952		- goto out_put_req;
	1925	+ return -EBADF;
1953	1926
1954	1927	if (iocb->aio_flags & IOCB_FLAG_RESFD) {
	1928	+ struct eventfd_ctx *eventfd;
1955	1929	/*
1956	1930	* If the IOCB_FLAG_RESFD flag of aio_flags is set, get an
1957	1931	* instance of the file* now. The file descriptor must be
1958	1932	* an eventfd() fd, and will be signaled for each completed
1959	1933	* event using the eventfd_signal() function.
1960	1934	*/
1961		- req->ki_eventfd = eventfd_ctx_fdget((int) iocb->aio_resfd);
1962		- if (IS_ERR(req->ki_eventfd)) {
1963		- ret = PTR_ERR(req->ki_eventfd);
1964		- req->ki_eventfd = NULL;
1965		- goto out_put_req;
1966		- }
	1935	+ eventfd = eventfd_ctx_fdget(iocb->aio_resfd);
	1936	+ if (IS_ERR(eventfd))
	1937	+ return PTR_ERR(eventfd);
	1938	+
	1939	+ req->ki_eventfd = eventfd;
1967	1940	}
1968	1941
1969		- ret = put_user(KIOCB_KEY, &user_iocb->aio_key);
1970		- if (unlikely(ret)) {
	1942	+ if (unlikely(put_user(KIOCB_KEY, &user_iocb->aio_key))) {
1971	1943	pr_debug("EFAULT: aio_key\n");
1972		- goto out_put_req;
	1944	+ return -EFAULT;
1973	1945	}
1974	1946
1975	1947	req->ki_res.obj = (u64)(unsigned long)user_iocb;
..	..	@@ -1979,61 +1951,70 @@
1979	1951
1980	1952	switch (iocb->aio_lio_opcode) {
1981	1953	case IOCB_CMD_PREAD:
1982		- ret = aio_read(&req->rw, iocb, false, compat);
1983		- break;
	1954	+ return aio_read(&req->rw, iocb, false, compat);
1984	1955	case IOCB_CMD_PWRITE:
1985		- ret = aio_write(&req->rw, iocb, false, compat);
1986		- break;
	1956	+ return aio_write(&req->rw, iocb, false, compat);
1987	1957	case IOCB_CMD_PREADV:
1988		- ret = aio_read(&req->rw, iocb, true, compat);
1989		- break;
	1958	+ return aio_read(&req->rw, iocb, true, compat);
1990	1959	case IOCB_CMD_PWRITEV:
1991		- ret = aio_write(&req->rw, iocb, true, compat);
1992		- break;
	1960	+ return aio_write(&req->rw, iocb, true, compat);
1993	1961	case IOCB_CMD_FSYNC:
1994		- ret = aio_fsync(&req->fsync, iocb, false);
1995		- break;
	1962	+ return aio_fsync(&req->fsync, iocb, false);
1996	1963	case IOCB_CMD_FDSYNC:
1997		- ret = aio_fsync(&req->fsync, iocb, true);
1998		- break;
	1964	+ return aio_fsync(&req->fsync, iocb, true);
1999	1965	case IOCB_CMD_POLL:
2000		- ret = aio_poll(req, iocb);
2001		- break;
	1966	+ return aio_poll(req, iocb);
2002	1967	default:
2003	1968	pr_debug("invalid aio operation %d\n", iocb->aio_lio_opcode);
2004		- ret = -EINVAL;
2005		- break;
	1969	+ return -EINVAL;
2006	1970	}
2007		-
2008		- /* Done with the synchronous reference */
2009		- iocb_put(req);
2010		-
2011		- /*
2012		- * If ret is 0, we'd either done aio_complete() ourselves or have
2013		- * arranged for that to be done asynchronously. Anything non-zero
2014		- * means that we need to destroy req ourselves.
2015		- */
2016		- if (!ret)
2017		- return 0;
2018		-
2019		-out_put_req:
2020		- if (req->ki_eventfd)
2021		- eventfd_ctx_put(req->ki_eventfd);
2022		- iocb_destroy(req);
2023		-out_put_reqs_available:
2024		- put_reqs_available(ctx, 1);
2025		- return ret;
2026	1971	}
2027	1972
2028	1973	static int io_submit_one(struct kioctx ctx, struct iocb __user user_iocb,
2029	1974	bool compat)
2030	1975	{
	1976	+ struct aio_kiocb *req;
2031	1977	struct iocb iocb;
	1978	+ int err;
2032	1979
2033	1980	if (unlikely(copy_from_user(&iocb, user_iocb, sizeof(iocb))))
2034	1981	return -EFAULT;
2035	1982
2036		- return __io_submit_one(ctx, &iocb, user_iocb, compat);
	1983	+ /* enforce forwards compatibility on users */
	1984	+ if (unlikely(iocb.aio_reserved2)) {
	1985	+ pr_debug("EINVAL: reserve field set\n");
	1986	+ return -EINVAL;
	1987	+ }
	1988	+
	1989	+ /* prevent overflows */
	1990	+ if (unlikely(
	1991	+ (iocb.aio_buf != (unsigned long)iocb.aio_buf) \|\|
	1992	+ (iocb.aio_nbytes != (size_t)iocb.aio_nbytes) \|\|
	1993	+ ((ssize_t)iocb.aio_nbytes < 0)
	1994	+ )) {
	1995	+ pr_debug("EINVAL: overflow check\n");
	1996	+ return -EINVAL;
	1997	+ }
	1998	+
	1999	+ req = aio_get_req(ctx);
	2000	+ if (unlikely(!req))
	2001	+ return -EAGAIN;
	2002	+
	2003	+ err = __io_submit_one(ctx, &iocb, user_iocb, req, compat);
	2004	+
	2005	+ /* Done with the synchronous reference */
	2006	+ iocb_put(req);
	2007	+
	2008	+ /*
	2009	+ * If err is 0, we'd either done aio_complete() ourselves or have
	2010	+ * arranged for that to be done asynchronously. Anything non-zero
	2011	+ * means that we need to destroy req ourselves.
	2012	+ */
	2013	+ if (unlikely(err)) {
	2014	+ iocb_destroy(req);
	2015	+ put_reqs_available(ctx, 1);
	2016	+ }
	2017	+ return err;
2037	2018	}
2038	2019
2039	2020	/* sys_io_submit:
..	..	@@ -2068,7 +2049,8 @@
2068	2049	if (nr > ctx->nr_events)
2069	2050	nr = ctx->nr_events;
2070	2051
2071		- blk_start_plug(&plug);
	2052	+ if (nr > AIO_PLUG_THRESHOLD)
	2053	+ blk_start_plug(&plug);
2072	2054	for (i = 0; i < nr; i++) {
2073	2055	struct iocb __user *user_iocb;
2074	2056
..	..	@@ -2081,7 +2063,8 @@
2081	2063	if (ret)
2082	2064	break;
2083	2065	}
2084		- blk_finish_plug(&plug);
	2066	+ if (nr > AIO_PLUG_THRESHOLD)
	2067	+ blk_finish_plug(&plug);
2085	2068
2086	2069	percpu_ref_put(&ctx->users);
2087	2070	return i ? i : ret;
..	..	@@ -2108,7 +2091,8 @@
2108	2091	if (nr > ctx->nr_events)
2109	2092	nr = ctx->nr_events;
2110	2093
2111		- blk_start_plug(&plug);
	2094	+ if (nr > AIO_PLUG_THRESHOLD)
	2095	+ blk_start_plug(&plug);
2112	2096	for (i = 0; i < nr; i++) {
2113	2097	compat_uptr_t user_iocb;
2114	2098
..	..	@@ -2121,7 +2105,8 @@
2121	2105	if (ret)
2122	2106	break;
2123	2107	}
2124		- blk_finish_plug(&plug);
	2108	+ if (nr > AIO_PLUG_THRESHOLD)
	2109	+ blk_finish_plug(&plug);
2125	2110
2126	2111	percpu_ref_put(&ctx->users);
2127	2112	return i ? i : ret;
..	..	@@ -2212,11 +2197,13 @@
2212	2197	* specifies an infinite timeout. Note that the timeout pointed to by
2213	2198	* timeout is relative. Will fail with -ENOSYS if not implemented.
2214	2199	*/
	2200	+#ifdef CONFIG_64BIT
	2201	+
2215	2202	SYSCALL_DEFINE5(io_getevents, aio_context_t, ctx_id,
2216	2203	long, min_nr,
2217	2204	long, nr,
2218	2205	struct io_event __user *, events,
2219		- struct timespec __user *, timeout)
	2206	+ struct __kernel_timespec __user *, timeout)
2220	2207	{
2221	2208	struct timespec64 ts;
2222	2209	int ret;
..	..	@@ -2230,6 +2217,8 @@
2230	2217	return ret;
2231	2218	}
2232	2219
	2220	+#endif
	2221	+
2233	2222	struct __aio_sigset {
2234	2223	const sigset_t __user *sigmask;
2235	2224	size_t sigsetsize;
..	..	@@ -2240,12 +2229,12 @@
2240	2229	long, min_nr,
2241	2230	long, nr,
2242	2231	struct io_event __user *, events,
2243		- struct timespec __user *, timeout,
	2232	+ struct __kernel_timespec __user *, timeout,
2244	2233	const struct __aio_sigset __user *, usig)
2245	2234	{
2246	2235	struct __aio_sigset ksig = { NULL, };
2247		- sigset_t ksigmask, sigsaved;
2248	2236	struct timespec64 ts;
	2237	+ bool interrupted;
2249	2238	int ret;
2250	2239
2251	2240	if (timeout && unlikely(get_timespec64(&ts, timeout)))
..	..	@@ -2254,43 +2243,70 @@
2254	2243	if (usig && copy_from_user(&ksig, usig, sizeof(ksig)))
2255	2244	return -EFAULT;
2256	2245
2257		- if (ksig.sigmask) {
2258		- if (ksig.sigsetsize != sizeof(sigset_t))
2259		- return -EINVAL;
2260		- if (copy_from_user(&ksigmask, ksig.sigmask, sizeof(ksigmask)))
2261		- return -EFAULT;
2262		- sigdelsetmask(&ksigmask, sigmask(SIGKILL) \| sigmask(SIGSTOP));
2263		- sigprocmask(SIG_SETMASK, &ksigmask, &sigsaved);
2264		- }
	2246	+ ret = set_user_sigmask(ksig.sigmask, ksig.sigsetsize);
	2247	+ if (ret)
	2248	+ return ret;
2265	2249
2266	2250	ret = do_io_getevents(ctx_id, min_nr, nr, events, timeout ? &ts : NULL);
2267		- if (signal_pending(current)) {
2268		- if (ksig.sigmask) {
2269		- current->saved_sigmask = sigsaved;
2270		- set_restore_sigmask();
2271		- }
2272	2251
2273		- if (!ret)
2274		- ret = -ERESTARTNOHAND;
2275		- } else {
2276		- if (ksig.sigmask)
2277		- sigprocmask(SIG_SETMASK, &sigsaved, NULL);
2278		- }
	2252	+ interrupted = signal_pending(current);
	2253	+ restore_saved_sigmask_unless(interrupted);
	2254	+ if (interrupted && !ret)
	2255	+ ret = -ERESTARTNOHAND;
2279	2256
2280	2257	return ret;
2281	2258	}
2282	2259
2283		-#ifdef CONFIG_COMPAT
2284		-COMPAT_SYSCALL_DEFINE5(io_getevents, compat_aio_context_t, ctx_id,
2285		- compat_long_t, min_nr,
2286		- compat_long_t, nr,
2287		- struct io_event __user *, events,
2288		- struct compat_timespec __user *, timeout)
	2260	+#if defined(CONFIG_COMPAT_32BIT_TIME) && !defined(CONFIG_64BIT)
	2261	+
	2262	+SYSCALL_DEFINE6(io_pgetevents_time32,
	2263	+ aio_context_t, ctx_id,
	2264	+ long, min_nr,
	2265	+ long, nr,
	2266	+ struct io_event __user *, events,
	2267	+ struct old_timespec32 __user *, timeout,
	2268	+ const struct __aio_sigset __user *, usig)
	2269	+{
	2270	+ struct __aio_sigset ksig = { NULL, };
	2271	+ struct timespec64 ts;
	2272	+ bool interrupted;
	2273	+ int ret;
	2274	+
	2275	+ if (timeout && unlikely(get_old_timespec32(&ts, timeout)))
	2276	+ return -EFAULT;
	2277	+
	2278	+ if (usig && copy_from_user(&ksig, usig, sizeof(ksig)))
	2279	+ return -EFAULT;
	2280	+
	2281	+
	2282	+ ret = set_user_sigmask(ksig.sigmask, ksig.sigsetsize);
	2283	+ if (ret)
	2284	+ return ret;
	2285	+
	2286	+ ret = do_io_getevents(ctx_id, min_nr, nr, events, timeout ? &ts : NULL);
	2287	+
	2288	+ interrupted = signal_pending(current);
	2289	+ restore_saved_sigmask_unless(interrupted);
	2290	+ if (interrupted && !ret)
	2291	+ ret = -ERESTARTNOHAND;
	2292	+
	2293	+ return ret;
	2294	+}
	2295	+
	2296	+#endif
	2297	+
	2298	+#if defined(CONFIG_COMPAT_32BIT_TIME)
	2299	+
	2300	+SYSCALL_DEFINE5(io_getevents_time32, __u32, ctx_id,
	2301	+ __s32, min_nr,
	2302	+ __s32, nr,
	2303	+ struct io_event __user *, events,
	2304	+ struct old_timespec32 __user *, timeout)
2289	2305	{
2290	2306	struct timespec64 t;
2291	2307	int ret;
2292	2308
2293		- if (timeout && compat_get_timespec64(&t, timeout))
	2309	+ if (timeout && get_old_timespec32(&t, timeout))
2294	2310	return -EFAULT;
2295	2311
2296	2312	ret = do_io_getevents(ctx_id, min_nr, nr, events, timeout ? &t : NULL);
..	..	@@ -2299,52 +2315,81 @@
2299	2315	return ret;
2300	2316	}
2301	2317
	2318	+#endif
	2319	+
	2320	+#ifdef CONFIG_COMPAT
2302	2321
2303	2322	struct __compat_aio_sigset {
2304		- compat_sigset_t __user *sigmask;
	2323	+ compat_uptr_t sigmask;
2305	2324	compat_size_t sigsetsize;
2306	2325	};
	2326	+
	2327	+#if defined(CONFIG_COMPAT_32BIT_TIME)
2307	2328
2308	2329	COMPAT_SYSCALL_DEFINE6(io_pgetevents,
2309	2330	compat_aio_context_t, ctx_id,
2310	2331	compat_long_t, min_nr,
2311	2332	compat_long_t, nr,
2312	2333	struct io_event __user *, events,
2313		- struct compat_timespec __user *, timeout,
	2334	+ struct old_timespec32 __user *, timeout,
2314	2335	const struct __compat_aio_sigset __user *, usig)
2315	2336	{
2316		- struct __compat_aio_sigset ksig = { NULL, };
2317		- sigset_t ksigmask, sigsaved;
	2337	+ struct __compat_aio_sigset ksig = { 0, };
2318	2338	struct timespec64 t;
	2339	+ bool interrupted;
2319	2340	int ret;
2320	2341
2321		- if (timeout && compat_get_timespec64(&t, timeout))
	2342	+ if (timeout && get_old_timespec32(&t, timeout))
2322	2343	return -EFAULT;
2323	2344
2324	2345	if (usig && copy_from_user(&ksig, usig, sizeof(ksig)))
2325	2346	return -EFAULT;
2326	2347
2327		- if (ksig.sigmask) {
2328		- if (ksig.sigsetsize != sizeof(compat_sigset_t))
2329		- return -EINVAL;
2330		- if (get_compat_sigset(&ksigmask, ksig.sigmask))
2331		- return -EFAULT;
2332		- sigdelsetmask(&ksigmask, sigmask(SIGKILL) \| sigmask(SIGSTOP));
2333		- sigprocmask(SIG_SETMASK, &ksigmask, &sigsaved);
2334		- }
	2348	+ ret = set_compat_user_sigmask(compat_ptr(ksig.sigmask), ksig.sigsetsize);
	2349	+ if (ret)
	2350	+ return ret;
2335	2351
2336	2352	ret = do_io_getevents(ctx_id, min_nr, nr, events, timeout ? &t : NULL);
2337		- if (signal_pending(current)) {
2338		- if (ksig.sigmask) {
2339		- current->saved_sigmask = sigsaved;
2340		- set_restore_sigmask();
2341		- }
2342		- if (!ret)
2343		- ret = -ERESTARTNOHAND;
2344		- } else {
2345		- if (ksig.sigmask)
2346		- sigprocmask(SIG_SETMASK, &sigsaved, NULL);
2347		- }
	2353	+
	2354	+ interrupted = signal_pending(current);
	2355	+ restore_saved_sigmask_unless(interrupted);
	2356	+ if (interrupted && !ret)
	2357	+ ret = -ERESTARTNOHAND;
	2358	+
	2359	+ return ret;
	2360	+}
	2361	+
	2362	+#endif
	2363	+
	2364	+COMPAT_SYSCALL_DEFINE6(io_pgetevents_time64,
	2365	+ compat_aio_context_t, ctx_id,
	2366	+ compat_long_t, min_nr,
	2367	+ compat_long_t, nr,
	2368	+ struct io_event __user *, events,
	2369	+ struct __kernel_timespec __user *, timeout,
	2370	+ const struct __compat_aio_sigset __user *, usig)
	2371	+{
	2372	+ struct __compat_aio_sigset ksig = { 0, };
	2373	+ struct timespec64 t;
	2374	+ bool interrupted;
	2375	+ int ret;
	2376	+
	2377	+ if (timeout && get_timespec64(&t, timeout))
	2378	+ return -EFAULT;
	2379	+
	2380	+ if (usig && copy_from_user(&ksig, usig, sizeof(ksig)))
	2381	+ return -EFAULT;
	2382	+
	2383	+ ret = set_compat_user_sigmask(compat_ptr(ksig.sigmask), ksig.sigsetsize);
	2384	+ if (ret)
	2385	+ return ret;
	2386	+
	2387	+ ret = do_io_getevents(ctx_id, min_nr, nr, events, timeout ? &t : NULL);
	2388	+
	2389	+ interrupted = signal_pending(current);
	2390	+ restore_saved_sigmask_unless(interrupted);
	2391	+ if (interrupted && !ret)
	2392	+ ret = -ERESTARTNOHAND;
2348	2393
2349	2394	return ret;
2350	2395	}