[POWERPC] spufs: Fix state_mutex leaks

	u64 ea, dsisr, access;

	u64 ea, dsisr, access;

	unsigned long flags;

	unsigned long flags;

	unsigned flt = 0;

	unsigned flt = 0;

	int ret, ret2;

	int ret;

	/*

	/*

	 * dar and dsisr get passed from the registers

	 * dar and dsisr get passed from the registers

		ret = spu_handle_mm_fault(current->mm, ea, dsisr, &flt);

		ret = spu_handle_mm_fault(current->mm, ea, dsisr, &flt);

	/*

	/*

	 * If spu_acquire fails due to a pending signal we just want to return

	 * This is nasty: we need the state_mutex for all the bookkeeping even

	 * EINTR to userspace even if that means missing the dma restart or

	 * if the syscall was interrupted by a signal. ewww.

	 * updating the page fault statistics.

	 */

	 */

	ret2 = spu_acquire(ctx);

	mutex_lock(&ctx->state_mutex);

	if (ret2)

		goto out;

	/*

	/*

	 * Clear dsisr under ctxt lock after handling the fault, so that

	 * Clear dsisr under ctxt lock after handling the fault, so that

	} else

	} else

		spufs_handle_event(ctx, ea, SPE_EVENT_SPE_DATA_STORAGE);

		spufs_handle_event(ctx, ea, SPE_EVENT_SPE_DATA_STORAGE);

 out:

	spuctx_switch_state(ctx, SPU_UTIL_SYSTEM);

	spuctx_switch_state(ctx, SPU_UTIL_SYSTEM);

	return ret;

	return ret;

}

}

{

{

	struct spu_context *ctx = vma->vm_file->private_data;

	struct spu_context *ctx = vma->vm_file->private_data;

	unsigned long area, offset = address - vma->vm_start;

	unsigned long area, offset = address - vma->vm_start;

	int ret = 0;

	spu_context_nospu_trace(spufs_ps_nopfn__enter, ctx);

	spu_context_nospu_trace(spufs_ps_nopfn__enter, ctx);

	if (ctx->state == SPU_STATE_SAVED) {

	if (ctx->state == SPU_STATE_SAVED) {

		up_read(&current->mm->mmap_sem);

		up_read(&current->mm->mmap_sem);

		spu_context_nospu_trace(spufs_ps_nopfn__sleep, ctx);

		spu_context_nospu_trace(spufs_ps_nopfn__sleep, ctx);

		spufs_wait(ctx->run_wq, ctx->state == SPU_STATE_RUNNABLE);

		ret = spufs_wait(ctx->run_wq, ctx->state == SPU_STATE_RUNNABLE);

		spu_context_trace(spufs_ps_nopfn__wake, ctx, ctx->spu);

		spu_context_trace(spufs_ps_nopfn__wake, ctx, ctx->spu);

		down_read(&current->mm->mmap_sem);

		down_read(&current->mm->mmap_sem);

	} else {

	} else {

		spu_context_trace(spufs_ps_nopfn__insert, ctx, ctx->spu);

		spu_context_trace(spufs_ps_nopfn__insert, ctx, ctx->spu);

	}

	}

	if (!ret)

		spu_release(ctx);

		spu_release(ctx);

	return NOPFN_REFAULT;

	return NOPFN_REFAULT;

}

}

	count = spu_acquire(ctx);

	count = spu_acquire(ctx);

	if (count)

	if (count)

		return count;

		goto out;

	/* wait only for the first element */

	/* wait only for the first element */

	count = 0;

	count = 0;

	if (file->f_flags & O_NONBLOCK) {

	if (file->f_flags & O_NONBLOCK) {

		if (!spu_ibox_read(ctx, &ibox_data))

		if (!spu_ibox_read(ctx, &ibox_data)) {

			count = -EAGAIN;

			count = -EAGAIN;

			goto out_unlock;

		}

	} else {

	} else {

		count = spufs_wait(ctx->ibox_wq, spu_ibox_read(ctx, &ibox_data));

		count = spufs_wait(ctx->ibox_wq, spu_ibox_read(ctx, &ibox_data));

	}

		if (count)

		if (count)

			goto out;

			goto out;

	}

	/* if we can't write at all, return -EFAULT */

	/* if we can't write at all, return -EFAULT */

	count = __put_user(ibox_data, udata);

	count = __put_user(ibox_data, udata);

	if (count)

	if (count)

		goto out;

		goto out_unlock;

	for (count = 4, udata++; (count + 4) <= len; count += 4, udata++) {

	for (count = 4, udata++; (count + 4) <= len; count += 4, udata++) {

		int ret;

		int ret;

			break;

			break;

	}

	}

out:

out_unlock:

	spu_release(ctx);

	spu_release(ctx);

out:

	return count;

	return count;

}

}

	count = spu_acquire(ctx);

	count = spu_acquire(ctx);

	if (count)

	if (count)

		return count;

		goto out;

	/*

	/*

	 * make sure we can at least write one element, by waiting

	 * make sure we can at least write one element, by waiting

	 */

	 */

	count = 0;

	count = 0;

	if (file->f_flags & O_NONBLOCK) {

	if (file->f_flags & O_NONBLOCK) {

		if (!spu_wbox_write(ctx, wbox_data))

		if (!spu_wbox_write(ctx, wbox_data)) {

			count = -EAGAIN;

			count = -EAGAIN;

			goto out_unlock;

		}

	} else {

	} else {

		count = spufs_wait(ctx->wbox_wq, spu_wbox_write(ctx, wbox_data));

		count = spufs_wait(ctx->wbox_wq, spu_wbox_write(ctx, wbox_data));

	}

		if (count)

		if (count)

			goto out;

			goto out;

	}

	/* write as much as possible */

	/* write as much as possible */

	for (count = 4, udata++; (count + 4) <= len; count += 4, udata++) {

	for (count = 4, udata++; (count + 4) <= len; count += 4, udata++) {

			break;

			break;

	}

	}

out:

out_unlock:

	spu_release(ctx);

	spu_release(ctx);

out:

	return count;

	return count;

}

}

	} else {

	} else {

		ret = spufs_wait(ctx->mfc_wq,

		ret = spufs_wait(ctx->mfc_wq,

			   spufs_read_mfc_tagstatus(ctx, &status));

			   spufs_read_mfc_tagstatus(ctx, &status));

	}

	spu_release(ctx);

		if (ret)

		if (ret)

			goto out;

			goto out;

	}

	spu_release(ctx);

	ret = 4;

	ret = 4;

	if (copy_to_user(buffer, &status, 4))

	if (copy_to_user(buffer, &status, 4))

		int status;

		int status;

		ret = spufs_wait(ctx->mfc_wq,

		ret = spufs_wait(ctx->mfc_wq,

				 spu_send_mfc_command(ctx, cmd, &status));

				 spu_send_mfc_command(ctx, cmd, &status));

		if (ret)

			goto out;

		if (status)

		if (status)

			ret = status;

			ret = status;

	}

	}

	ret = spu_acquire(ctx);

	ret = spu_acquire(ctx);

	if (ret)

	if (ret)

		return ret;

		goto out;

#if 0

#if 0

/* this currently hangs */

/* this currently hangs */

	ret = spufs_wait(ctx->mfc_wq,

	ret = spufs_wait(ctx->mfc_wq,

		goto out;

		goto out;

	ret = spufs_wait(ctx->mfc_wq,

	ret = spufs_wait(ctx->mfc_wq,

			 ctx->ops->read_mfc_tagstatus(ctx) == ctx->tagwait);

			 ctx->ops->read_mfc_tagstatus(ctx) == ctx->tagwait);

out:

	if (ret)

		goto out;

#else

#else

	ret = 0;

	ret = 0;

#endif

#endif

	spu_release(ctx);

	spu_release(ctx);

out:

	return ret;

	return ret;

}

}

	do {

	do {

		ret = spufs_wait(ctx->stop_wq, spu_stopped(ctx, &status));

		ret = spufs_wait(ctx->stop_wq, spu_stopped(ctx, &status));

		if (unlikely(ret))

		if (unlikely(ret)) {

			/*

			 * This is nasty: we need the state_mutex for all the

			 * bookkeeping even if the syscall was interrupted by

			 * a signal. ewww.

			 */

			mutex_lock(&ctx->state_mutex);

			break;

			break;

		}

		spu = ctx->spu;

		spu = ctx->spu;

		if (unlikely(test_and_clear_bit(SPU_SCHED_NOTIFY_ACTIVE,

		if (unlikely(test_and_clear_bit(SPU_SCHED_NOTIFY_ACTIVE,

						&ctx->sched_flags))) {

						&ctx->sched_flags))) {

 *	Same as wait_event_interruptible(), except that here

 *	Same as wait_event_interruptible(), except that here

 *	we need to call spu_release(ctx) before sleeping, and

 *	we need to call spu_release(ctx) before sleeping, and

 *	then spu_acquire(ctx) when awoken.

 *	then spu_acquire(ctx) when awoken.

 *

 * 	Returns with state_mutex re-acquired when successfull or

 * 	with -ERESTARTSYS and the state_mutex dropped when interrupted.

 */

 */

#define spufs_wait(wq, condition)					\

#define spufs_wait(wq, condition)					\

		prepare_to_wait(&(wq), &__wait, TASK_INTERRUPTIBLE);	\

		prepare_to_wait(&(wq), &__wait, TASK_INTERRUPTIBLE);	\

		if (condition)						\

		if (condition)						\

			break;						\

			break;						\

		spu_release(ctx);					\

		if (signal_pending(current)) {				\

		if (signal_pending(current)) {				\

			__ret = -ERESTARTSYS;				\

			__ret = -ERESTARTSYS;				\

			break;						\

			break;						\

		}							\

		}							\

		spu_release(ctx);					\

		schedule();						\

		schedule();						\

		__ret = spu_acquire(ctx);				\

		__ret = spu_acquire(ctx);				\

		if (__ret)						\

		if (__ret)						\