[ANNOUNCE] v5.6.4-rt3v5.6.4-rt3-patches

Dear RT folks!

I'm pleased to announce the v5.6.4-rt3 patch set.

Changes since v5.6.4-rt2:

  - The printk thread could schedule where it is not appropriate.
    Affects only PREEMPT_VOLUNTARY. Reported by kernel test robot,
    patched by John Ogness.

  - The initialization of nohz_full_kick_work triggered a warning.
    Reported by kbuild test robot.

  - Patch by patch compilation could fail to compile in the fs/proc due
    to a missing header file. Reported by kbuild test robot.

  - The cached signal struct could lead to a double free of another data
    structure. Reported by Daniel Wagner, patch by Matt Fleming.

Known issues
     - It has been pointed out that due to changes to the printk code the
       internal buffer representation changed. This is only an issue if tools
       like `crash' are used to extract the printk buffer from a kernel memory
       image.

The delta patch against v5.6.4-rt2 is appended below and can be found here:

     https://cdn.kernel.org/pub/linux/kernel/projects/rt/5.6/incr/patch-5.6.4-rt2-rt3.patch.xz

You can get this release via the git tree at:

    git://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-rt-devel.git v5.6.4-rt3

The RT patch against v5.6.4 can be found here:

    https://cdn.kernel.org/pub/linux/kernel/projects/rt/5.6/older/patch-5.6.4-rt3.patch.xz

The split quilt queue is available at:

    https://cdn.kernel.org/pub/linux/kernel/projects/rt/5.6/older/patches-5.6.4-rt3.tar.xz

Sebastian

Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>

19 files changed, 169 insertions, 29 deletions

diff --git a/patches/0011-printk_safe-remove-printk-safe-code.patch b/patches/0011-printk_safe-remove-printk-safe-code.patch
index c44fea4c387d..dfc9c076bd1d 100644
--- a/patches/0011-printk_safe-remove-printk-safe-code.patch
+++ b/patches/0011-printk_safe-remove-printk-safe-code.patch
@@ -240,7 +240,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  asmlinkage int vprintk(const char *fmt, va_list args)
  {
  	return vprintk_func(fmt, args);
-@@ -3211,5 +3209,4 @@ void kmsg_dump_rewind(struct kmsg_dumper
+@@ -3212,5 +3210,4 @@ void kmsg_dump_rewind(struct kmsg_dumper
  	logbuf_unlock_irqrestore(flags);
  }
  EXPORT_SYMBOL_GPL(kmsg_dump_rewind);
diff --git a/patches/0013-printk-track-seq-per-console.patch b/patches/0013-printk-track-seq-per-console.patch
index 7c81d6d21271..8e203fa0f3a9 100644
--- a/patches/0013-printk-track-seq-per-console.patch
+++ b/patches/0013-printk-track-seq-per-console.patch
@@ -79,10 +79,10 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  				 const char *text, size_t len) {}
  static size_t msg_print_text(const struct printk_log *msg, bool syslog,
  			     bool time, char *buf, size_t size) { return 0; }
-@@ -2550,8 +2573,9 @@ static int printk_kthread_func(void *dat
- 			    &len, printk_time);
+@@ -2551,8 +2574,9 @@ static int printk_kthread_func(void *dat
  
  		console_lock();
+ 		console_may_schedule = 0;
 +		call_console_drivers(master_seq, ext_text,
 +				     ext_len, text, len);
  		if (len > 0 || ext_len > 0) {
diff --git a/patches/0014-printk-do-boot_delay_msec-inside-printk_delay.patch b/patches/0014-printk-do-boot_delay_msec-inside-printk_delay.patch
index 0a12b5135740..fd5d1b9f7086 100644
--- a/patches/0014-printk-do-boot_delay_msec-inside-printk_delay.patch
+++ b/patches/0014-printk-do-boot_delay_msec-inside-printk_delay.patch
@@ -56,8 +56,8 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  static inline u32 printk_caller_id(void)
  {
  	return in_task() ? task_pid_nr(current) :
-@@ -2575,10 +2576,8 @@ static int printk_kthread_func(void *dat
- 		console_lock();
+@@ -2576,10 +2577,8 @@ static int printk_kthread_func(void *dat
+ 		console_may_schedule = 0;
  		call_console_drivers(master_seq, ext_text,
  				     ext_len, text, len);
 -		if (len > 0 || ext_len > 0) {
diff --git a/patches/0018-console-add-write_atomic-interface.patch b/patches/0018-console-add-write_atomic-interface.patch
index 9f8343500b8a..c4c6a2b2f077 100644
--- a/patches/0018-console-add-write_atomic-interface.patch
+++ b/patches/0018-console-add-write_atomic-interface.patch
@@ -46,7 +46,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  #endif /* _LINUX_CONSOLE_H */
 --- a/kernel/printk/printk.c
 +++ b/kernel/printk/printk.c
-@@ -3044,3 +3044,15 @@ void kmsg_dump_rewind(struct kmsg_dumper
+@@ -3045,3 +3045,15 @@ void kmsg_dump_rewind(struct kmsg_dumper
  }
  EXPORT_SYMBOL_GPL(kmsg_dump_rewind);
  #endif
diff --git a/patches/0019-printk-introduce-emergency-messages.patch b/patches/0019-printk-introduce-emergency-messages.patch
index 21e12d3a7fec..603037a620d9 100644
--- a/patches/0019-printk-introduce-emergency-messages.patch
+++ b/patches/0019-printk-introduce-emergency-messages.patch
@@ -158,16 +158,16 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  static size_t msg_print_text(const struct printk_log *msg, bool syslog,
  			     bool time, char *buf, size_t size) { return 0; }
  static bool suppress_message_printing(int level) { return false; }
-@@ -2639,7 +2668,7 @@ static int printk_kthread_func(void *dat
- 
+@@ -2640,7 +2669,7 @@ static int printk_kthread_func(void *dat
  		console_lock();
+ 		console_may_schedule = 0;
  		call_console_drivers(master_seq, ext_text,
 -				     ext_len, text, len);
 +				     ext_len, text, len, msg->level);
  		if (len > 0 || ext_len > 0)
  			printk_delay(msg->level);
  		console_unlock();
-@@ -3043,6 +3072,76 @@ void kmsg_dump_rewind(struct kmsg_dumper
+@@ -3044,6 +3073,76 @@ void kmsg_dump_rewind(struct kmsg_dumper
  	logbuf_unlock_irqrestore(flags);
  }
  EXPORT_SYMBOL_GPL(kmsg_dump_rewind);
diff --git a/patches/0024-printk-implement-kmsg_dump.patch b/patches/0024-printk-implement-kmsg_dump.patch
index 4de0076408f1..1255d288a70c 100644
--- a/patches/0024-printk-implement-kmsg_dump.patch
+++ b/patches/0024-printk-implement-kmsg_dump.patch
@@ -94,7 +94,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  static char *log_text(const struct printk_log *msg) { return NULL; }
  static char *log_dict(const struct printk_log *msg) { return NULL; }
  static struct printk_log *log_from_idx(u32 idx) { return NULL; }
-@@ -3032,7 +2998,6 @@ module_param_named(always_kmsg_dump, alw
+@@ -3033,7 +2999,6 @@ module_param_named(always_kmsg_dump, alw
  void kmsg_dump(enum kmsg_dump_reason reason)
  {
  	struct kmsg_dumper *dumper;
@@ -102,7 +102,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  
  	if ((reason > KMSG_DUMP_OOPS) && !always_kmsg_dump)
  		return;
-@@ -3045,12 +3010,7 @@ void kmsg_dump(enum kmsg_dump_reason rea
+@@ -3046,12 +3011,7 @@ void kmsg_dump(enum kmsg_dump_reason rea
  		/* initialize iterator with data about the stored records */
  		dumper->active = true;
  
@@ -116,7 +116,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  
  		/* invoke dumper which will iterate over records */
  		dumper->dump(dumper, reason);
-@@ -3083,33 +3043,67 @@ void kmsg_dump(enum kmsg_dump_reason rea
+@@ -3084,33 +3044,67 @@ void kmsg_dump(enum kmsg_dump_reason rea
  bool kmsg_dump_get_line_nolock(struct kmsg_dumper *dumper, bool syslog,
  			       char *line, size_t size, size_t *len)
  {
@@ -199,7 +199,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  }
  
  /**
-@@ -3132,12 +3126,11 @@ bool kmsg_dump_get_line_nolock(struct km
+@@ -3133,12 +3127,11 @@ bool kmsg_dump_get_line_nolock(struct km
  bool kmsg_dump_get_line(struct kmsg_dumper *dumper, bool syslog,
  			char *line, size_t size, size_t *len)
  {
@@ -214,7 +214,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  
  	return ret;
  }
-@@ -3165,74 +3158,101 @@ EXPORT_SYMBOL_GPL(kmsg_dump_get_line);
+@@ -3166,74 +3159,101 @@ EXPORT_SYMBOL_GPL(kmsg_dump_get_line);
  bool kmsg_dump_get_buffer(struct kmsg_dumper *dumper, bool syslog,
  			  char *buf, size_t size, size_t *len)
  {
@@ -368,7 +368,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  }
  EXPORT_SYMBOL_GPL(kmsg_dump_get_buffer);
  
-@@ -3248,10 +3268,8 @@ EXPORT_SYMBOL_GPL(kmsg_dump_get_buffer);
+@@ -3249,10 +3269,8 @@ EXPORT_SYMBOL_GPL(kmsg_dump_get_buffer);
   */
  void kmsg_dump_rewind_nolock(struct kmsg_dumper *dumper)
  {
@@ -381,7 +381,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  }
  
  /**
-@@ -3264,11 +3282,9 @@ void kmsg_dump_rewind_nolock(struct kmsg
+@@ -3265,11 +3283,9 @@ void kmsg_dump_rewind_nolock(struct kmsg
   */
  void kmsg_dump_rewind(struct kmsg_dumper *dumper)
  {
diff --git a/patches/0025-printk-remove-unused-code.patch b/patches/0025-printk-remove-unused-code.patch
index 82946296179f..0fe3538e8348 100644
--- a/patches/0025-printk-remove-unused-code.patch
+++ b/patches/0025-printk-remove-unused-code.patch
@@ -308,7 +308,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  static int printk_kthread_func(void *data)
  {
  	struct prb_iterator iter;
-@@ -2860,22 +2742,9 @@ static int __init init_printk_kthread(vo
+@@ -2861,22 +2743,9 @@ static int __init init_printk_kthread(vo
  }
  late_initcall(init_printk_kthread);
  
diff --git a/patches/fs-dcache-Include-swait.h-header.patch b/patches/fs-dcache-Include-swait.h-header.patch
new file mode 100644
index 000000000000..c219a8e3e254
--- /dev/null
+++ b/patches/fs-dcache-Include-swait.h-header.patch
@@ -0,0 +1,23 @@
+From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+Date: Thu, 16 Apr 2020 12:42:15 +0200
+Subject: [PATCH] fs/dcache: Include swait.h header
+
+Include the swait.h header so it compiles even if not all patches are
+applied.
+
+Reported-by: kbuild test robot <lkp@intel.com>
+Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+---
+ fs/proc/base.c |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/fs/proc/base.c
++++ b/fs/proc/base.c
+@@ -96,6 +96,7 @@
+ #include <linux/posix-timers.h>
+ #include <linux/time_namespace.h>
+ #include <linux/resctrl.h>
++#include <linux/swait.h>
+ #include <trace/events/oom.h>
+ #include "internal.h"
+ #include "fd.h"
diff --git a/patches/fs-dcache-use-swait_queue-instead-of-waitqueue.patch b/patches/fs-dcache-use-swait_queue-instead-of-waitqueue.patch
index 5a8437006e7c..444aa0ecc54b 100644
--- a/patches/fs-dcache-use-swait_queue-instead-of-waitqueue.patch
+++ b/patches/fs-dcache-use-swait_queue-instead-of-waitqueue.patch
@@ -163,7 +163,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  	spin_lock(&dentry->d_lock);
 --- a/fs/proc/base.c
 +++ b/fs/proc/base.c
-@@ -1982,7 +1982,7 @@ bool proc_fill_cache(struct file *file,
+@@ -1983,7 +1983,7 @@ bool proc_fill_cache(struct file *file,
  
  	child = d_hash_and_lookup(dir, &qname);
  	if (!child) {
diff --git a/patches/localversion.patch b/patches/localversion.patch
index 279489a1d145..e36eb4b6666a 100644
--- a/patches/localversion.patch
+++ b/patches/localversion.patch
@@ -10,4 +10,4 @@ Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
 --- /dev/null
 +++ b/localversion-rt
 @@ -0,0 +1 @@
-+-rt2
++-rt3
diff --git a/patches/printk-console-must-not-schedule-for-drivers.patch b/patches/printk-console-must-not-schedule-for-drivers.patch
new file mode 100644
index 000000000000..5b49f04a9439
--- /dev/null
+++ b/patches/printk-console-must-not-schedule-for-drivers.patch
@@ -0,0 +1,44 @@
+From: John Ogness <john.ogness@linutronix.de>
+Date: Mon, 6 Apr 2020 23:22:17 +0200
+Subject: [PATCH] printk: console must not schedule for drivers
+
+Even though the printk kthread is always preemptible, it is still not
+allowed to call cond_resched() from within console drivers. The
+task may become non-preemptible in the console driver call chain. For
+example, vt_console_print() takes a spinlock and then can call into
+fbcon_redraw(), which can conditionally invoke cond_resched():
+
+|BUG: sleeping function called from invalid context at kernel/printk/printk.c:2322
+|in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 177, name: printk
+|CPU: 0 PID: 177 Comm: printk Not tainted 5.6.2-00011-ga536059557f1d9 #1
+|Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
+|Call Trace:
+| dump_stack+0x66/0x8b
+| ___might_sleep+0x102/0x120
+| console_conditional_schedule+0x24/0x30
+| fbcon_redraw+0x96/0x1c0
+| fbcon_scroll+0x556/0xd70
+| con_scroll+0x147/0x1e0
+| lf+0x9e/0xb0
+| vt_console_print+0x253/0x3d0
+| printk_kthread_func+0x1d5/0x3b0
+
+Disable cond_resched() for the call into the console drivers.
+
+Reported-by: kernel test robot <rong.a.chen@intel.com>
+Signed-off-by: John Ogness <john.ogness@linutronix.de>
+Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+---
+ kernel/printk/printk.c |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/kernel/printk/printk.c
++++ b/kernel/printk/printk.c
+@@ -3028,6 +3028,7 @@ static int printk_kthread_func(void *dat
+ 			    &len, printk_time);
+ 
+ 		console_lock();
++		console_may_schedule = 0;
+ 		if (len > 0 || ext_len > 0) {
+ 			call_console_drivers(ext_text, ext_len, text, len);
+ 			boot_delay_msec(msg->level);
diff --git a/patches/printk-hack-out-emergency-loglevel-usage.patch b/patches/printk-hack-out-emergency-loglevel-usage.patch
index 71cd11d5d722..4c4940f55df4 100644
--- a/patches/printk-hack-out-emergency-loglevel-usage.patch
+++ b/patches/printk-hack-out-emergency-loglevel-usage.patch
@@ -32,7 +32,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  			if (con->printk_seq < seq)
  				con->printk_seq = seq;
  			continue;
-@@ -3171,7 +3164,7 @@ static bool console_can_emergency(int le
+@@ -3172,7 +3165,7 @@ static bool console_can_emergency(int le
  	for_each_console(con) {
  		if (!(con->flags & CON_ENABLED))
  			continue;
@@ -41,7 +41,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  			return true;
  		if (con->write && (con->flags & CON_BOOT))
  			return true;
-@@ -3187,7 +3180,7 @@ static void call_emergency_console_drive
+@@ -3188,7 +3181,7 @@ static void call_emergency_console_drive
  	for_each_console(con) {
  		if (!(con->flags & CON_ENABLED))
  			continue;
diff --git a/patches/printk-handle-iterating-while-buffer-changing.patch b/patches/printk-handle-iterating-while-buffer-changing.patch
index 1ce4ccb6b6a3..02296a85a8c0 100644
--- a/patches/printk-handle-iterating-while-buffer-changing.patch
+++ b/patches/printk-handle-iterating-while-buffer-changing.patch
@@ -32,7 +32,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  		if (copy_to_user(buf + len, text, textlen))
  			len = -EFAULT;
  		else
-@@ -3085,7 +3088,7 @@ bool kmsg_dump_get_buffer(struct kmsg_du
+@@ -3086,7 +3089,7 @@ bool kmsg_dump_get_buffer(struct kmsg_du
  		ret = prb_iter_next(&iter, msgbuf, PRINTK_RECORD_MAX, &seq);
  		if (ret == 0) {
  			break;
diff --git a/patches/printk-kmsg_dump-remove-mutex-usage.patch b/patches/printk-kmsg_dump-remove-mutex-usage.patch
index 6fa6ca680de9..5527315069e3 100644
--- a/patches/printk-kmsg_dump-remove-mutex-usage.patch
+++ b/patches/printk-kmsg_dump-remove-mutex-usage.patch
@@ -28,7 +28,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  /* the next printk record to read after the last 'clear' command */
  static u64 clear_seq;
  
-@@ -2877,6 +2875,7 @@ module_param_named(always_kmsg_dump, alw
+@@ -2878,6 +2876,7 @@ module_param_named(always_kmsg_dump, alw
   */
  void kmsg_dump(enum kmsg_dump_reason reason)
  {
@@ -36,7 +36,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  	struct kmsg_dumper *dumper;
  
  	if ((reason > KMSG_DUMP_OOPS) && !always_kmsg_dump)
-@@ -2887,16 +2886,18 @@ void kmsg_dump(enum kmsg_dump_reason rea
+@@ -2888,16 +2887,18 @@ void kmsg_dump(enum kmsg_dump_reason rea
  		if (dumper->max_reason && reason > dumper->max_reason)
  			continue;
  
@@ -62,7 +62,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  	}
  	rcu_read_unlock();
  }
-@@ -3008,9 +3009,7 @@ bool kmsg_dump_get_line(struct kmsg_dump
+@@ -3009,9 +3010,7 @@ bool kmsg_dump_get_line(struct kmsg_dump
  {
  	bool ret;
  
@@ -72,7 +72,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  
  	return ret;
  }
-@@ -3162,9 +3161,7 @@ void kmsg_dump_rewind_nolock(struct kmsg
+@@ -3163,9 +3162,7 @@ void kmsg_dump_rewind_nolock(struct kmsg
   */
  void kmsg_dump_rewind(struct kmsg_dumper *dumper)
  {
diff --git a/patches/printk-only-allow-kernel-to-emergency-message.patch b/patches/printk-only-allow-kernel-to-emergency-message.patch
index 396335cd4945..87e355ff2d93 100644
--- a/patches/printk-only-allow-kernel-to-emergency-message.patch
+++ b/patches/printk-only-allow-kernel-to-emergency-message.patch
@@ -54,10 +54,10 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  
  	if ((lflags & LOG_CONT) || !(lflags & LOG_NEWLINE)) {
  		 cont_add(ctx, cpu, caller_id, facility, level, lflags, text, text_len);
-@@ -2715,8 +2720,8 @@ static int printk_kthread_func(void *dat
- 			    &len, printk_time);
+@@ -2716,8 +2721,8 @@ static int printk_kthread_func(void *dat
  
  		console_lock();
+ 		console_may_schedule = 0;
 -		call_console_drivers(master_seq, ext_text,
 -				     ext_len, text, len, msg->level);
 +		call_console_drivers(master_seq, ext_text, ext_len, text, len,
diff --git a/patches/printk-set-deferred-to-default-loglevel-enforce-mask.patch b/patches/printk-set-deferred-to-default-loglevel-enforce-mask.patch
index 5942464ff319..9d6b7840de6a 100644
--- a/patches/printk-set-deferred-to-default-loglevel-enforce-mask.patch
+++ b/patches/printk-set-deferred-to-default-loglevel-enforce-mask.patch
@@ -27,7 +27,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
  
  	if ((lflags & LOG_CONT) || !(lflags & LOG_NEWLINE)) {
  		 cont_add(ctx, cpu, caller_id, facility, level, lflags, text, text_len);
-@@ -2744,7 +2744,7 @@ late_initcall(init_printk_kthread);
+@@ -2745,7 +2745,7 @@ late_initcall(init_printk_kthread);
  
  static int vprintk_deferred(const char *fmt, va_list args)
  {
diff --git a/patches/series b/patches/series
index 7dc62ce3232f..3ea0bb029820 100644
--- a/patches/series
+++ b/patches/series
@@ -26,6 +26,7 @@ time-sched_clock-Expire-timer-in-hardirq-context.patch
 0007-printk-rb-add-functionality-required-by-printk.patch
 0008-printk-add-ring-buffer-and-kthread.patch
 0009-printk-remove-exclusive-console-hack.patch
+printk-console-must-not-schedule-for-drivers.patch
 0010-printk-redirect-emit-store-to-new-ringbuffer.patch
 0011-printk_safe-remove-printk-safe-code.patch
 0012-printk-minimize-console-locking-implementation.patch
@@ -198,6 +199,7 @@ list_bl.h-make-list-head-locking-RT-safe.patch
 # Check .... (these are needed due to the previous list_bl change)
 fscache-initialize-cookie-hash-table-raw-spinlocks.patch
 fs-dcache-bring-back-explicit-INIT_HLIST_BL_HEAD-in.patch
+fs-dcache-Include-swait.h-header.patch
 fs-dcache-use-swait_queue-instead-of-waitqueue.patch
 ############################################################
 
@@ -392,6 +394,7 @@ net-dev-always-take-qdisc-s-busylock-in-__dev_xmit_s.patch
 # irqwork
 # Revisit
 irqwork-push_most_work_into_softirq_context.patch
+time-Properly-initialize-nohz_full_kick_work.patch
 
 # crypto drivers
 # Revisit
@@ -503,6 +506,7 @@ tpm_tis-fix-stall-after-iowrite-s.patch
 
 # Postpone
 signals-allow-rt-tasks-to-cache-one-sigqueue-struct.patch
+signal-Prevent-double-free-of-user-struct.patch
 genirq-disable-irqpoll-on-rt.patch
 
 # SYSFS - RT indicator
diff --git a/patches/signal-Prevent-double-free-of-user-struct.patch b/patches/signal-Prevent-double-free-of-user-struct.patch
new file mode 100644
index 000000000000..a2fe81c873d9
--- /dev/null
+++ b/patches/signal-Prevent-double-free-of-user-struct.patch
@@ -0,0 +1,45 @@
+From: Matt Fleming <matt@codeblueprint.co.uk>
+Date: Tue, 7 Apr 2020 10:54:13 +0100
+Subject: [PATCH] signal: Prevent double-free of user struct
+
+The way user struct reference counting works changed significantly with,
+
+  fda31c50292a ("signal: avoid double atomic counter increments for user accounting")
+
+Now user structs are only freed once the last pending signal is
+dequeued. Make sigqueue_free_current() follow this new convention to
+avoid freeing the user struct multiple times and triggering this
+warning:
+
+ refcount_t: underflow; use-after-free.
+ WARNING: CPU: 0 PID: 6794 at lib/refcount.c:288 refcount_dec_not_one+0x45/0x50
+ Call Trace:
+  refcount_dec_and_lock_irqsave+0x16/0x60
+  free_uid+0x31/0xa0
+  __dequeue_signal+0x17c/0x190
+  dequeue_signal+0x5a/0x1b0
+  do_sigtimedwait+0x208/0x250
+  __x64_sys_rt_sigtimedwait+0x6f/0xd0
+  do_syscall_64+0x72/0x200
+  entry_SYSCALL_64_after_hwframe+0x49/0xbe
+
+Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
+Reported-by: Daniel Wagner <wagi@monom.org>
+Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+---
+ kernel/signal.c |    4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/kernel/signal.c
++++ b/kernel/signal.c
+@@ -494,8 +494,8 @@ static void sigqueue_free_current(struct
+ 
+ 	up = q->user;
+ 	if (rt_prio(current->normal_prio) && !put_task_cache(current, q)) {
+-		atomic_dec(&up->sigpending);
+-		free_uid(up);
++		if (atomic_dec_and_test(&up->sigpending))
++			free_uid(up);
+ 	} else
+ 		  __sigqueue_free(q);
+ }
diff --git a/patches/time-Properly-initialize-nohz_full_kick_work.patch b/patches/time-Properly-initialize-nohz_full_kick_work.patch
new file mode 100644
index 000000000000..60e34fc5ae58
--- /dev/null
+++ b/patches/time-Properly-initialize-nohz_full_kick_work.patch
@@ -0,0 +1,24 @@
+From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+Date: Thu, 16 Apr 2020 11:37:51 +0200
+Subject: [PATCH] time: Properly initialize nohz_full_kick_work
+
+The ->flags member is of atomic_t type, use the proper initialisation
+method.
+
+Reported-by: kbuild test robot <lkp@intel.com>
+Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+---
+ kernel/time/tick-sched.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/kernel/time/tick-sched.c
++++ b/kernel/time/tick-sched.c
+@@ -245,7 +245,7 @@ static void nohz_full_kick_func(struct i
+ 
+ static DEFINE_PER_CPU(struct irq_work, nohz_full_kick_work) = {
+ 	.func = nohz_full_kick_func,
+-	.flags = IRQ_WORK_HARD_IRQ,
++	.flags = ATOMIC_INIT(IRQ_WORK_HARD_IRQ),
+ };
+ 
+ /*