--- /dev/null
+From 900a081f6912a8985dc15380ec912752cb66025a Mon Sep 17 00:00:00 2001
+From: Herbert Xu <herbert@gondor.apana.org.au>
+Date: Mon, 26 Mar 2018 08:53:25 +0800
+Subject: crypto: ahash - Fix early termination in hash walk
+
+From: Herbert Xu <herbert@gondor.apana.org.au>
+
+commit 900a081f6912a8985dc15380ec912752cb66025a upstream.
+
+When we have an unaligned SG list entry where there is no leftover
+aligned data, the hash walk code will incorrectly return zero as if
+the entire SG list has been processed.
+
+This patch fixes it by moving onto the next page instead.
+
+Reported-by: Eli Cooper <elicooper@gmx.com>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ crypto/ahash.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+--- a/crypto/ahash.c
++++ b/crypto/ahash.c
+@@ -92,13 +92,14 @@ int crypto_hash_walk_done(struct crypto_
+
+ if (nbytes && walk->offset & alignmask && !err) {
+ walk->offset = ALIGN(walk->offset, alignmask + 1);
+- walk->data += walk->offset;
+-
+ nbytes = min(nbytes,
+ ((unsigned int)(PAGE_SIZE)) - walk->offset);
+ walk->entrylen -= nbytes;
+
+- return nbytes;
++ if (nbytes) {
++ walk->data += walk->offset;
++ return nbytes;
++ }
+ }
+
+ if (walk->flags & CRYPTO_ALG_ASYNC)
--- /dev/null
+From 6aaf49b495b446ff6eec0ac983f781ca0dc56a73 Mon Sep 17 00:00:00 2001
+From: Leonard Crestez <leonard.crestez@nxp.com>
+Date: Tue, 13 Mar 2018 22:17:23 +0200
+Subject: crypto: arm,arm64 - Fix random regeneration of S_shipped
+
+From: Leonard Crestez <leonard.crestez@nxp.com>
+
+commit 6aaf49b495b446ff6eec0ac983f781ca0dc56a73 upstream.
+
+The decision to rebuild .S_shipped is made based on the relative
+timestamps of .S_shipped and .pl files but git makes this essentially
+random. This means that the perl script might run anyway (usually at
+most once per checkout), defeating the whole purpose of _shipped.
+
+Fix by skipping the rule unless explicit make variables are provided:
+REGENERATE_ARM_CRYPTO or REGENERATE_ARM64_CRYPTO.
+
+This can produce nasty occasional build failures downstream, for example
+for toolchains with broken perl. The solution is minimally intrusive to
+make it easier to push into stable.
+
+Another report on a similar issue here: https://lkml.org/lkml/2018/3/8/1379
+
+Signed-off-by: Leonard Crestez <leonard.crestez@nxp.com>
+Cc: <stable@vger.kernel.org>
+Reviewed-by: Masahiro Yamada <yamada.masahiro@socionext.com>
+Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/crypto/Makefile | 2 ++
+ arch/arm64/crypto/Makefile | 2 ++
+ 2 files changed, 4 insertions(+)
+
+--- a/arch/arm/crypto/Makefile
++++ b/arch/arm/crypto/Makefile
+@@ -54,6 +54,7 @@ crct10dif-arm-ce-y := crct10dif-ce-core.
+ crc32-arm-ce-y:= crc32-ce-core.o crc32-ce-glue.o
+ chacha20-neon-y := chacha20-neon-core.o chacha20-neon-glue.o
+
++ifdef REGENERATE_ARM_CRYPTO
+ quiet_cmd_perl = PERL $@
+ cmd_perl = $(PERL) $(<) > $(@)
+
+@@ -62,5 +63,6 @@ $(src)/sha256-core.S_shipped: $(src)/sha
+
+ $(src)/sha512-core.S_shipped: $(src)/sha512-armv4.pl
+ $(call cmd,perl)
++endif
+
+ .PRECIOUS: $(obj)/sha256-core.S $(obj)/sha512-core.S
+--- a/arch/arm64/crypto/Makefile
++++ b/arch/arm64/crypto/Makefile
+@@ -58,6 +58,7 @@ CFLAGS_aes-glue-ce.o := -DUSE_V8_CRYPTO_
+ $(obj)/aes-glue-%.o: $(src)/aes-glue.c FORCE
+ $(call if_changed_rule,cc_o_c)
+
++ifdef REGENERATE_ARM64_CRYPTO
+ quiet_cmd_perlasm = PERLASM $@
+ cmd_perlasm = $(PERL) $(<) void $(@)
+
+@@ -66,5 +67,6 @@ $(src)/sha256-core.S_shipped: $(src)/sha
+
+ $(src)/sha512-core.S_shipped: $(src)/sha512-armv8.pl
+ $(call cmd,perlasm)
++endif
+
+ .PRECIOUS: $(obj)/sha256-core.S $(obj)/sha512-core.S
--- /dev/null
+From b85149f6f5d5a9279f29a73b2e95342f4d465e73 Mon Sep 17 00:00:00 2001
+From: Rui Miguel Silva <rui.silva@linaro.org>
+Date: Thu, 22 Feb 2018 14:22:47 +0000
+Subject: crypto: caam - Fix null dereference at error path
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Rui Miguel Silva <rui.silva@linaro.org>
+
+commit b85149f6f5d5a9279f29a73b2e95342f4d465e73 upstream.
+
+caam_remove already removes the debugfs entry, so we need to remove the one
+immediately before calling caam_remove.
+
+This fix a NULL dereference at error paths is caam_probe fail.
+
+Fixes: 67c2315def06 ("crypto: caam - add Queue Interface (QI) backend support")
+
+Tested-by: Ryan Harkin <ryan.harkin@linaro.org>
+Cc: "Horia Geantă" <horia.geanta@nxp.com>
+Cc: Aymen Sghaier <aymen.sghaier@nxp.com>
+Cc: Fabio Estevam <fabio.estevam@nxp.com>
+Cc: Peng Fan <peng.fan@nxp.com>
+Cc: "David S. Miller" <davem@davemloft.net>
+Cc: Lukas Auer <lukas.auer@aisec.fraunhofer.de>
+Cc: <stable@vger.kernel.org> # 4.12+
+Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
+Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/crypto/caam/ctrl.c | 3 ---
+ 1 file changed, 3 deletions(-)
+
+--- a/drivers/crypto/caam/ctrl.c
++++ b/drivers/crypto/caam/ctrl.c
+@@ -813,9 +813,6 @@ static int caam_probe(struct platform_de
+ return 0;
+
+ caam_remove:
+-#ifdef CONFIG_DEBUG_FS
+- debugfs_remove_recursive(ctrlpriv->dfs_root);
+-#endif
+ caam_remove(pdev);
+ return ret;
+
--- /dev/null
+From 0a9eb80e643064266868bd2fb2cd608e669309b0 Mon Sep 17 00:00:00 2001
+From: "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
+Date: Sat, 24 Feb 2018 17:03:21 +0100
+Subject: crypto: ccp - return an actual key size from RSA max_size callback
+
+From: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
+
+commit 0a9eb80e643064266868bd2fb2cd608e669309b0 upstream.
+
+rsa-pkcs1pad uses a value returned from a RSA implementation max_size
+callback as a size of an input buffer passed to the RSA implementation for
+encrypt and sign operations.
+
+CCP RSA implementation uses a hardware input buffer which size depends only
+on the current RSA key length, so it should return this key length in
+the max_size callback, too.
+This also matches what the kernel software RSA implementation does.
+
+Previously, the value returned from this callback was always the maximum
+RSA key size the CCP hardware supports.
+This resulted in this huge buffer being passed by rsa-pkcs1pad to CCP even
+for smaller key sizes and then in a buffer overflow when ccp_run_rsa_cmd()
+tried to copy this large input buffer into a RSA key length-sized hardware
+input buffer.
+
+Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
+Fixes: ceeec0afd684 ("crypto: ccp - Add support for RSA on the CCP")
+Cc: stable@vger.kernel.org
+Acked-by: Gary R Hook <gary.hook@amd.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/crypto/ccp/ccp-crypto-rsa.c | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+--- a/drivers/crypto/ccp/ccp-crypto-rsa.c
++++ b/drivers/crypto/ccp/ccp-crypto-rsa.c
+@@ -60,10 +60,9 @@ static int ccp_rsa_complete(struct crypt
+
+ static unsigned int ccp_rsa_maxsize(struct crypto_akcipher *tfm)
+ {
+- if (ccp_version() > CCP_VERSION(3, 0))
+- return CCP5_RSA_MAXMOD;
+- else
+- return CCP_RSA_MAXMOD;
++ struct ccp_ctx *ctx = akcipher_tfm_ctx(tfm);
++
++ return ctx->u.rsa.n_len;
+ }
+
+ static int ccp_rsa_crypt(struct akcipher_request *req, bool encrypt)
--- /dev/null
+From f962eb46e7a9b98a58d2483f5eb216e738fec732 Mon Sep 17 00:00:00 2001
+From: Gregory CLEMENT <gregory.clement@bootlin.com>
+Date: Tue, 13 Mar 2018 17:48:40 +0100
+Subject: crypto: inside-secure - fix clock management
+
+From: Gregory CLEMENT <gregory.clement@bootlin.com>
+
+commit f962eb46e7a9b98a58d2483f5eb216e738fec732 upstream.
+
+In this driver the clock is got but never put when the driver is removed
+or if there is an error in the probe.
+
+Using the managed version of clk_get() allows to let the kernel take care
+of it.
+
+Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto
+engine driver")
+cc: stable@vger.kernel.org
+Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/crypto/inside-secure/safexcel.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/crypto/inside-secure/safexcel.c
++++ b/drivers/crypto/inside-secure/safexcel.c
+@@ -789,7 +789,7 @@ static int safexcel_probe(struct platfor
+ return PTR_ERR(priv->base);
+ }
+
+- priv->clk = of_clk_get(dev->of_node, 0);
++ priv->clk = devm_clk_get(&pdev->dev, NULL);
+ if (!IS_ERR(priv->clk)) {
+ ret = clk_prepare_enable(priv->clk);
+ if (ret) {
--- /dev/null
+From 8c9bdab21289c211ca1ca6a5f9b7537b4a600a02 Mon Sep 17 00:00:00 2001
+From: Herbert Xu <herbert@gondor.apana.org.au>
+Date: Fri, 23 Mar 2018 08:14:44 +0800
+Subject: crypto: lrw - Free rctx->ext with kzfree
+
+From: Herbert Xu <herbert@gondor.apana.org.au>
+
+commit 8c9bdab21289c211ca1ca6a5f9b7537b4a600a02 upstream.
+
+The buffer rctx->ext contains potentially sensitive data and should
+be freed with kzfree.
+
+Cc: <stable@vger.kernel.org>
+Fixes: 700cb3f5fe75 ("crypto: lrw - Convert to skcipher")
+Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ crypto/lrw.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/crypto/lrw.c
++++ b/crypto/lrw.c
+@@ -313,7 +313,7 @@ static void exit_crypt(struct skcipher_r
+ rctx->left = 0;
+
+ if (rctx->ext)
+- kfree(rctx->ext);
++ kzfree(rctx->ext);
+ }
+
+ static int do_encrypt(struct skcipher_request *req, int err)
--- /dev/null
+From 333e18c5cc74438f8940c7f3a8b3573748a371f9 Mon Sep 17 00:00:00 2001
+From: Conor McLoughlin <conor.mcloughlin@intel.com>
+Date: Tue, 13 Feb 2018 08:29:56 +0000
+Subject: crypto: testmgr - Fix incorrect values in PKCS#1 test vector
+
+From: Conor McLoughlin <conor.mcloughlin@intel.com>
+
+commit 333e18c5cc74438f8940c7f3a8b3573748a371f9 upstream.
+
+The RSA private key for the first form should have
+version, prime1, prime2, exponent1, exponent2, coefficient
+values 0.
+With non-zero values for prime1,2, exponent 1,2 and coefficient
+the Intel QAT driver will assume that values are provided for the
+private key second form. This will result in signature verification
+failures for modules where QAT device is present and the modules
+are signed with rsa,sha256.
+
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
+Signed-off-by: Conor McLoughlin <conor.mcloughlin@intel.com>
+Reviewed-by: Stephan Mueller <smueller@chronox.de>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ crypto/testmgr.h | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/crypto/testmgr.h
++++ b/crypto/testmgr.h
+@@ -548,7 +548,7 @@ static const struct akcipher_testvec rsa
+ static const struct akcipher_testvec pkcs1pad_rsa_tv_template[] = {
+ {
+ .key =
+- "\x30\x82\x03\x1f\x02\x01\x10\x02\x82\x01\x01\x00\xd7\x1e\x77\x82"
++ "\x30\x82\x03\x1f\x02\x01\x00\x02\x82\x01\x01\x00\xd7\x1e\x77\x82"
+ "\x8c\x92\x31\xe7\x69\x02\xa2\xd5\x5c\x78\xde\xa2\x0c\x8f\xfe\x28"
+ "\x59\x31\xdf\x40\x9c\x60\x61\x06\xb9\x2f\x62\x40\x80\x76\xcb\x67"
+ "\x4a\xb5\x59\x56\x69\x17\x07\xfa\xf9\x4c\xbd\x6c\x37\x7a\x46\x7d"
+@@ -597,8 +597,8 @@ static const struct akcipher_testvec pkc
+ "\xfe\xf8\x27\x1b\xd6\x55\x60\x5e\x48\xb7\x6d\x9a\xa8\x37\xf9\x7a"
+ "\xde\x1b\xcd\x5d\x1a\x30\xd4\xe9\x9e\x5b\x3c\x15\xf8\x9c\x1f\xda"
+ "\xd1\x86\x48\x55\xce\x83\xee\x8e\x51\xc7\xde\x32\x12\x47\x7d\x46"
+- "\xb8\x35\xdf\x41\x02\x01\x30\x02\x01\x30\x02\x01\x30\x02\x01\x30"
+- "\x02\x01\x30",
++ "\xb8\x35\xdf\x41\x02\x01\x00\x02\x01\x00\x02\x01\x00\x02\x01\x00"
++ "\x02\x01\x00",
+ .key_len = 804,
+ /*
+ * m is SHA256 hash of following message:
--- /dev/null
+From 8f461b1e02ed546fbd0f11611138da67fd85a30f Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Mon, 19 Feb 2018 23:48:12 -0800
+Subject: crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit 8f461b1e02ed546fbd0f11611138da67fd85a30f upstream.
+
+With ecb-cast5-avx, if a 128+ byte scatterlist element followed a
+shorter one, then the algorithm accidentally encrypted/decrypted only 8
+bytes instead of the expected 128 bytes. Fix it by setting the
+encryption/decryption 'fn' correctly.
+
+Fixes: c12ab20b162c ("crypto: cast5/avx - avoid using temporary stack buffers")
+Cc: <stable@vger.kernel.org> # v3.8+
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/crypto/cast5_avx_glue.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+--- a/arch/x86/crypto/cast5_avx_glue.c
++++ b/arch/x86/crypto/cast5_avx_glue.c
+@@ -66,8 +66,6 @@ static int ecb_crypt(struct blkcipher_de
+ void (*fn)(struct cast5_ctx *ctx, u8 *dst, const u8 *src);
+ int err;
+
+- fn = (enc) ? cast5_ecb_enc_16way : cast5_ecb_dec_16way;
+-
+ err = blkcipher_walk_virt(desc, walk);
+ desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
+
+@@ -79,6 +77,7 @@ static int ecb_crypt(struct blkcipher_de
+
+ /* Process multi-block batch */
+ if (nbytes >= bsize * CAST5_PARALLEL_BLOCKS) {
++ fn = (enc) ? cast5_ecb_enc_16way : cast5_ecb_dec_16way;
+ do {
+ fn(ctx, wdst, wsrc);
+
--- /dev/null
+From b5b38200ebe54879a7264cb6f33821f61c586a7e Mon Sep 17 00:00:00 2001
+From: Kees Cook <keescook@chromium.org>
+Date: Tue, 27 Mar 2018 14:06:14 -0700
+Subject: /dev/mem: Avoid overwriting "err" in read_mem()
+
+From: Kees Cook <keescook@chromium.org>
+
+commit b5b38200ebe54879a7264cb6f33821f61c586a7e upstream.
+
+Successes in probe_kernel_read() would mask failures in copy_to_user()
+during read_mem().
+
+Reported-by: Brad Spengler <spender@grsecurity.net>
+Fixes: 22ec1a2aea73 ("/dev/mem: Add bounce buffer for copy-out")
+Cc: stable@vger.kernel.org
+Signed-off-by: Kees Cook <keescook@chromium.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/char/mem.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/drivers/char/mem.c
++++ b/drivers/char/mem.c
+@@ -137,7 +137,7 @@ static ssize_t read_mem(struct file *fil
+
+ while (count > 0) {
+ unsigned long remaining;
+- int allowed;
++ int allowed, probe;
+
+ sz = size_inside_page(p, count);
+
+@@ -160,9 +160,9 @@ static ssize_t read_mem(struct file *fil
+ if (!ptr)
+ goto failed;
+
+- err = probe_kernel_read(bounce, ptr, sz);
++ probe = probe_kernel_read(bounce, ptr, sz);
+ unxlate_dev_mem_ptr(p, ptr);
+- if (err)
++ if (probe)
+ goto failed;
+
+ remaining = copy_to_user(buf, bounce, sz);
--- /dev/null
+From 50e7044535537b2a54c7ab798cd34c7f6d900bd2 Mon Sep 17 00:00:00 2001
+From: Oliver Neukum <oneukum@suse.com>
+Date: Mon, 8 Jan 2018 09:21:07 -0500
+Subject: media: usbtv: prevent double free in error case
+
+From: Oliver Neukum <oneukum@suse.com>
+
+commit 50e7044535537b2a54c7ab798cd34c7f6d900bd2 upstream.
+
+Quoting the original report:
+
+It looks like there is a double-free vulnerability in Linux usbtv driver
+on an error path of usbtv_probe function. When audio registration fails,
+usbtv_video_free function ends up freeing usbtv data structure, which
+gets freed the second time under usbtv_video_fail label.
+
+usbtv_audio_fail:
+
+ usbtv_video_free(usbtv); =>
+
+ v4l2_device_put(&usbtv->v4l2_dev);
+
+ => v4l2_device_put
+
+ => kref_put
+
+ => v4l2_device_release
+
+ => usbtv_release (CALLBACK)
+
+ => kfree(usbtv) (1st time)
+
+usbtv_video_fail:
+
+ usb_set_intfdata(intf, NULL);
+
+ usb_put_dev(usbtv->udev);
+
+ kfree(usbtv); (2nd time)
+
+So, as we have refcounting, use it
+
+Reported-by: Yavuz, Tuba <tuba@ece.ufl.edu>
+Signed-off-by: Oliver Neukum <oneukum@suse.com>
+CC: stable@vger.kernel.org
+Signed-off-by: Hans Verkuil <hans.verkuil@cisco.com>
+Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/media/usb/usbtv/usbtv-core.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/drivers/media/usb/usbtv/usbtv-core.c
++++ b/drivers/media/usb/usbtv/usbtv-core.c
+@@ -112,6 +112,8 @@ static int usbtv_probe(struct usb_interf
+ return 0;
+
+ usbtv_audio_fail:
++ /* we must not free at this point */
++ usb_get_dev(usbtv->udev);
+ usbtv_video_free(usbtv);
+
+ usbtv_video_fail:
--- /dev/null
+From bb0829a741792b56c908d7745bc0b2b540293bcc Mon Sep 17 00:00:00 2001
+From: Colin Ian King <colin.king@canonical.com>
+Date: Tue, 27 Feb 2018 16:21:05 +0000
+Subject: mei: remove dev_err message on an unsupported ioctl
+
+From: Colin Ian King <colin.king@canonical.com>
+
+commit bb0829a741792b56c908d7745bc0b2b540293bcc upstream.
+
+Currently the driver spams the kernel log on unsupported ioctls which is
+unnecessary as the ioctl returns -ENOIOCTLCMD to indicate this anyway.
+I suspect this was originally for debugging purposes but it really is not
+required so remove it.
+
+Signed-off-by: Colin Ian King <colin.king@canonical.com>
+Cc: stable <stable@vger.kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/misc/mei/main.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/drivers/misc/mei/main.c
++++ b/drivers/misc/mei/main.c
+@@ -507,7 +507,6 @@ static long mei_ioctl(struct file *file,
+ break;
+
+ default:
+- dev_err(dev->dev, ": unsupported ioctl %d.\n", cmd);
+ rets = -ENOIOCTLCMD;
+ }
+
--- /dev/null
+From 823f7923833c6cc2b16e601546d607dcfb368004 Mon Sep 17 00:00:00 2001
+From: Alexander Gerasiov <gq@redlab-i.ru>
+Date: Sun, 4 Feb 2018 02:50:22 +0300
+Subject: parport_pc: Add support for WCH CH382L PCI-E single parallel port card.
+
+From: Alexander Gerasiov <gq@redlab-i.ru>
+
+commit 823f7923833c6cc2b16e601546d607dcfb368004 upstream.
+
+WCH CH382L is a PCI-E adapter with 1 parallel port. It is similair to CH382
+but serial ports are not soldered on board. Detected as
+Serial controller: Device 1c00:3050 (rev 10) (prog-if 05 [16850])
+
+Signed-off-by: Alexander Gerasiov <gq@redlab-i.ru>
+Cc: stable <stable@vger.kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/parport/parport_pc.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/drivers/parport/parport_pc.c
++++ b/drivers/parport/parport_pc.c
+@@ -2646,6 +2646,7 @@ enum parport_pc_pci_cards {
+ netmos_9901,
+ netmos_9865,
+ quatech_sppxp100,
++ wch_ch382l,
+ };
+
+
+@@ -2708,6 +2709,7 @@ static struct parport_pc_pci {
+ /* netmos_9901 */ { 1, { { 0, -1 }, } },
+ /* netmos_9865 */ { 1, { { 0, -1 }, } },
+ /* quatech_sppxp100 */ { 1, { { 0, 1 }, } },
++ /* wch_ch382l */ { 1, { { 2, -1 }, } },
+ };
+
+ static const struct pci_device_id parport_pc_pci_tbl[] = {
+@@ -2797,6 +2799,8 @@ static const struct pci_device_id parpor
+ /* Quatech SPPXP-100 Parallel port PCI ExpressCard */
+ { PCI_VENDOR_ID_QUATECH, PCI_DEVICE_ID_QUATECH_SPPXP_100,
+ PCI_ANY_ID, PCI_ANY_ID, 0, 0, quatech_sppxp100 },
++ /* WCH CH382L PCI-E single parallel port card */
++ { 0x1c00, 0x3050, 0x1c00, 0x3050, 0, 0, wch_ch382l },
+ { 0, } /* terminate list */
+ };
+ MODULE_DEVICE_TABLE(pci, parport_pc_pci_tbl);
--- /dev/null
+From f597fbce38d230af95384f4a04e0a13a1d0ad45d Mon Sep 17 00:00:00 2001
+From: Joel Stanley <joel@jms.id.au>
+Date: Mon, 5 Mar 2018 22:17:38 +1030
+Subject: serial: 8250: Add Nuvoton NPCM UART
+
+From: Joel Stanley <joel@jms.id.au>
+
+commit f597fbce38d230af95384f4a04e0a13a1d0ad45d upstream.
+
+The Nuvoton UART is almost compatible with the 8250 driver when probed
+via the 8250_of driver, however it requires some extra configuration
+at startup.
+
+Reviewed-by: Rob Herring <robh@kernel.org>
+Signed-off-by: Joel Stanley <joel@jms.id.au>
+Cc: stable <stable@vger.kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ Documentation/devicetree/bindings/serial/8250.txt | 1
+ drivers/tty/serial/8250/8250_of.c | 1
+ drivers/tty/serial/8250/8250_port.c | 33 ++++++++++++++++++++++
+ include/uapi/linux/serial_core.h | 3 ++
+ 4 files changed, 38 insertions(+)
+
+--- a/Documentation/devicetree/bindings/serial/8250.txt
++++ b/Documentation/devicetree/bindings/serial/8250.txt
+@@ -24,6 +24,7 @@ Required properties:
+ - "ti,da830-uart"
+ - "aspeed,ast2400-vuart"
+ - "aspeed,ast2500-vuart"
++ - "nuvoton,npcm750-uart"
+ - "serial" if the port type is unknown.
+ - reg : offset and length of the register set for the device.
+ - interrupts : should contain uart interrupt.
+--- a/drivers/tty/serial/8250/8250_of.c
++++ b/drivers/tty/serial/8250/8250_of.c
+@@ -321,6 +321,7 @@ static const struct of_device_id of_plat
+ { .compatible = "mrvl,mmp-uart",
+ .data = (void *)PORT_XSCALE, },
+ { .compatible = "ti,da830-uart", .data = (void *)PORT_DA830, },
++ { .compatible = "nuvoton,npcm750-uart", .data = (void *)PORT_NPCM, },
+ { /* end of list */ },
+ };
+ MODULE_DEVICE_TABLE(of, of_platform_serial_table);
+--- a/drivers/tty/serial/8250/8250_port.c
++++ b/drivers/tty/serial/8250/8250_port.c
+@@ -51,6 +51,10 @@
+ #define UART_EXAR_SLEEP 0x8b /* Sleep mode */
+ #define UART_EXAR_DVID 0x8d /* Device identification */
+
++/* Nuvoton NPCM timeout register */
++#define UART_NPCM_TOR 7
++#define UART_NPCM_TOIE BIT(7) /* Timeout Interrupt Enable */
++
+ /*
+ * Debugging.
+ */
+@@ -297,6 +301,15 @@ static const struct serial8250_config ua
+ UART_FCR_CLEAR_RCVR | UART_FCR_CLEAR_XMIT,
+ .flags = UART_CAP_FIFO,
+ },
++ [PORT_NPCM] = {
++ .name = "Nuvoton 16550",
++ .fifo_size = 16,
++ .tx_loadsz = 16,
++ .fcr = UART_FCR_ENABLE_FIFO | UART_FCR_R_TRIG_10 |
++ UART_FCR_CLEAR_RCVR | UART_FCR_CLEAR_XMIT,
++ .rxtrig_bytes = {1, 4, 8, 14},
++ .flags = UART_CAP_FIFO,
++ },
+ };
+
+ /* Uart divisor latch read */
+@@ -2168,6 +2181,15 @@ int serial8250_do_startup(struct uart_po
+ UART_DA830_PWREMU_MGMT_FREE);
+ }
+
++ if (port->type == PORT_NPCM) {
++ /*
++ * Nuvoton calls the scratch register 'UART_TOR' (timeout
++ * register). Enable it, and set TIOC (timeout interrupt
++ * comparator) to be 0x20 for correct operation.
++ */
++ serial_port_out(port, UART_NPCM_TOR, UART_NPCM_TOIE | 0x20);
++ }
++
+ #ifdef CONFIG_SERIAL_8250_RSA
+ /*
+ * If this is an RSA port, see if we can kick it up to the
+@@ -2490,6 +2512,15 @@ static unsigned int xr17v35x_get_divisor
+ return quot_16 >> 4;
+ }
+
++/* Nuvoton NPCM UARTs have a custom divisor calculation */
++static unsigned int npcm_get_divisor(struct uart_8250_port *up,
++ unsigned int baud)
++{
++ struct uart_port *port = &up->port;
++
++ return DIV_ROUND_CLOSEST(port->uartclk, 16 * baud + 2) - 2;
++}
++
+ static unsigned int serial8250_get_divisor(struct uart_8250_port *up,
+ unsigned int baud,
+ unsigned int *frac)
+@@ -2510,6 +2541,8 @@ static unsigned int serial8250_get_divis
+ quot = 0x8002;
+ else if (up->port.type == PORT_XR17V35X)
+ quot = xr17v35x_get_divisor(up, baud, frac);
++ else if (up->port.type == PORT_NPCM)
++ quot = npcm_get_divisor(up, baud);
+ else
+ quot = uart_get_divisor(port, baud);
+
+--- a/include/uapi/linux/serial_core.h
++++ b/include/uapi/linux/serial_core.h
+@@ -76,6 +76,9 @@
+ #define PORT_SUNZILOG 38
+ #define PORT_SUNSAB 39
+
++/* Nuvoton UART */
++#define PORT_NPCM 40
++
+ /* Intel EG20 */
+ #define PORT_PCH_8LINE 44
+ #define PORT_PCH_2LINE 45
bluetooth-fix-missing-encryption-refresh-on-security-request.patch
usb-dwc2-improve-gadget-state-disconnection-handling.patch
bitmap-fix-memset-optimization-on-big-endian-systems.patch
+usb-serial-ftdi_sio-add-rt-systems-vx-8-cable.patch
+usb-serial-ftdi_sio-add-support-for-harman-firmwarehubemulator.patch
+usb-serial-cp210x-add-eldat-easywave-rx09-id.patch
+serial-8250-add-nuvoton-npcm-uart.patch
+mei-remove-dev_err-message-on-an-unsupported-ioctl.patch
+dev-mem-avoid-overwriting-err-in-read_mem.patch
+media-usbtv-prevent-double-free-in-error-case.patch
+parport_pc-add-support-for-wch-ch382l-pci-e-single-parallel-port-card.patch
+crypto-lrw-free-rctx-ext-with-kzfree.patch
+crypto-inside-secure-fix-clock-management.patch
+crypto-testmgr-fix-incorrect-values-in-pkcs-1-test-vector.patch
+crypto-ahash-fix-early-termination-in-hash-walk.patch
+crypto-caam-fix-null-dereference-at-error-path.patch
+crypto-ccp-return-an-actual-key-size-from-rsa-max_size-callback.patch
+crypto-arm-arm64-fix-random-regeneration-of-s_shipped.patch
+crypto-x86-cast5-avx-fix-ecb-encryption-when-long-sg-follows-short-one.patch
--- /dev/null
+From 1f1e82f74c0947e40144688c9e36abe4b3999f49 Mon Sep 17 00:00:00 2001
+From: Johan Hovold <johan@kernel.org>
+Date: Tue, 6 Mar 2018 09:32:43 +0100
+Subject: USB: serial: cp210x: add ELDAT Easywave RX09 id
+
+From: Johan Hovold <johan@kernel.org>
+
+commit 1f1e82f74c0947e40144688c9e36abe4b3999f49 upstream.
+
+Add device id for ELDAT Easywave RX09 tranceiver.
+
+Reported-by: Jan Jansen <nattelip@hotmail.com>
+Cc: stable <stable@vger.kernel.org>
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/usb/serial/cp210x.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/drivers/usb/serial/cp210x.c
++++ b/drivers/usb/serial/cp210x.c
+@@ -158,6 +158,7 @@ static const struct usb_device_id id_tab
+ { USB_DEVICE(0x12B8, 0xEC62) }, /* Link G4+ ECU */
+ { USB_DEVICE(0x13AD, 0x9999) }, /* Baltech card reader */
+ { USB_DEVICE(0x1555, 0x0004) }, /* Owen AC4 USB-RS485 Converter */
++ { USB_DEVICE(0x155A, 0x1006) }, /* ELDAT Easywave RX09 */
+ { USB_DEVICE(0x166A, 0x0201) }, /* Clipsal 5500PACA C-Bus Pascal Automation Controller */
+ { USB_DEVICE(0x166A, 0x0301) }, /* Clipsal 5800PC C-Bus Wireless PC Interface */
+ { USB_DEVICE(0x166A, 0x0303) }, /* Clipsal 5500PCU C-Bus USB interface */
--- /dev/null
+From 9608e5c0f079390473b484ef92334dfd3431bb89 Mon Sep 17 00:00:00 2001
+From: Major Hayden <major@mhtx.net>
+Date: Fri, 23 Feb 2018 14:29:54 -0600
+Subject: USB: serial: ftdi_sio: add RT Systems VX-8 cable
+
+From: Major Hayden <major@mhtx.net>
+
+commit 9608e5c0f079390473b484ef92334dfd3431bb89 upstream.
+
+This patch adds a device ID for the RT Systems cable used to
+program Yaesu VX-8R/VX-8DR handheld radios. It uses the main
+FTDI VID instead of the common RT Systems VID.
+
+Signed-off-by: Major Hayden <major@mhtx.net>
+Cc: stable <stable@vger.kernel.org>
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/usb/serial/ftdi_sio.c | 1 +
+ drivers/usb/serial/ftdi_sio_ids.h | 3 +++
+ 2 files changed, 4 insertions(+)
+
+--- a/drivers/usb/serial/ftdi_sio.c
++++ b/drivers/usb/serial/ftdi_sio.c
+@@ -773,6 +773,7 @@ static const struct usb_device_id id_tab
+ .driver_info = (kernel_ulong_t)&ftdi_NDI_device_quirk },
+ { USB_DEVICE(TELLDUS_VID, TELLDUS_TELLSTICK_PID) },
+ { USB_DEVICE(NOVITUS_VID, NOVITUS_BONO_E_PID) },
++ { USB_DEVICE(FTDI_VID, RTSYSTEMS_USB_VX8_PID) },
+ { USB_DEVICE(RTSYSTEMS_VID, RTSYSTEMS_USB_S03_PID) },
+ { USB_DEVICE(RTSYSTEMS_VID, RTSYSTEMS_USB_59_PID) },
+ { USB_DEVICE(RTSYSTEMS_VID, RTSYSTEMS_USB_57A_PID) },
+--- a/drivers/usb/serial/ftdi_sio_ids.h
++++ b/drivers/usb/serial/ftdi_sio_ids.h
+@@ -923,6 +923,9 @@
+ /*
+ * RT Systems programming cables for various ham radios
+ */
++/* This device uses the VID of FTDI */
++#define RTSYSTEMS_USB_VX8_PID 0x9e50 /* USB-VX8 USB to 7 pin modular plug for Yaesu VX-8 radio */
++
+ #define RTSYSTEMS_VID 0x2100 /* Vendor ID */
+ #define RTSYSTEMS_USB_S03_PID 0x9001 /* RTS-03 USB to Serial Adapter */
+ #define RTSYSTEMS_USB_59_PID 0x9e50 /* USB-59 USB to 8 pin plug */
--- /dev/null
+From 6555ad13a01952c16485c82a52ad1f3e07e34b3a Mon Sep 17 00:00:00 2001
+From: Clemens Werther <clemens.werther@gmail.com>
+Date: Fri, 16 Mar 2018 10:20:46 +0100
+Subject: USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator
+
+From: Clemens Werther <clemens.werther@gmail.com>
+
+commit 6555ad13a01952c16485c82a52ad1f3e07e34b3a upstream.
+
+Add device id for Harman FirmwareHubEmulator to make the device
+auto-detectable by the driver.
+
+Signed-off-by: Clemens Werther <clemens.werther@gmail.com>
+Cc: stable <stable@vger.kernel.org>
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/usb/serial/ftdi_sio.c | 1 +
+ drivers/usb/serial/ftdi_sio_ids.h | 6 ++++++
+ 2 files changed, 7 insertions(+)
+
+--- a/drivers/usb/serial/ftdi_sio.c
++++ b/drivers/usb/serial/ftdi_sio.c
+@@ -936,6 +936,7 @@ static const struct usb_device_id id_tab
+ { USB_DEVICE(FTDI_VID, FTDI_SCIENCESCOPE_LS_LOGBOOK_PID) },
+ { USB_DEVICE(FTDI_VID, FTDI_SCIENCESCOPE_HS_LOGBOOK_PID) },
+ { USB_DEVICE(FTDI_VID, FTDI_CINTERION_MC55I_PID) },
++ { USB_DEVICE(FTDI_VID, FTDI_FHE_PID) },
+ { USB_DEVICE(FTDI_VID, FTDI_DOTEC_PID) },
+ { USB_DEVICE(QIHARDWARE_VID, MILKYMISTONE_JTAGSERIAL_PID),
+ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk },
+--- a/drivers/usb/serial/ftdi_sio_ids.h
++++ b/drivers/usb/serial/ftdi_sio_ids.h
+@@ -1445,6 +1445,12 @@
+ #define FTDI_CINTERION_MC55I_PID 0xA951
+
+ /*
++ * Product: FirmwareHubEmulator
++ * Manufacturer: Harman Becker Automotive Systems
++ */
++#define FTDI_FHE_PID 0xA9A0
++
++/*
+ * Product: Comet Caller ID decoder
+ * Manufacturer: Crucible Technologies
+ */
projects / thirdparty / kernel / stable-queue.git / commitdiff
