--- /dev/null
+From 33bdd9f95536a97b8008a8702ac79abcd19db2c0 Mon Sep 17 00:00:00 2001
+From: Russell King <rmk+kernel@armlinux.org.uk>
+Date: Thu, 19 Jul 2018 11:42:36 +0100
+Subject: ARM: make lookup_processor_type() non-__init
+
+[ Upstream commit 899a42f836678a595f7d2bc36a5a0c2b03d08cbc ]
+
+Move lookup_processor_type() out of the __init section so it is callable
+from (eg) the secondary startup code during hotplug.
+
+Reviewed-by: Julien Thierry <julien.thierry@arm.com>
+Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm/kernel/head-common.S | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/arch/arm/kernel/head-common.S b/arch/arm/kernel/head-common.S
+index 8733012d231f..7e662bdd5cb3 100644
+--- a/arch/arm/kernel/head-common.S
++++ b/arch/arm/kernel/head-common.S
+@@ -122,6 +122,9 @@ __mmap_switched_data:
+ .long init_thread_union + THREAD_START_SP @ sp
+ .size __mmap_switched_data, . - __mmap_switched_data
+
++ __FINIT
++ .text
++
+ /*
+ * This provides a C-API version of __lookup_processor_type
+ */
+@@ -133,9 +136,6 @@ ENTRY(lookup_processor_type)
+ ldmfd sp!, {r4 - r6, r9, pc}
+ ENDPROC(lookup_processor_type)
+
+- __FINIT
+- .text
+-
+ /*
+ * Read processor ID register (CP#15, CR0), and look up in the linker-built
+ * supported processor list. Note that we can't use the absolute addresses
+--
+2.17.1
+
--- /dev/null
+From a1fa33dee93a4e48bd04eb4b760439b7e9eb4f46 Mon Sep 17 00:00:00 2001
+From: Greg Hackmann <ghackmann@android.com>
+Date: Tue, 27 Nov 2018 11:15:20 -0800
+Subject: arm64: remove no-op -p linker flag
+
+(commit 1a381d4a0a9a0f999a13faaba22bf6b3fc80dcb9 upstream)
+
+Linking the ARM64 defconfig kernel with LLVM lld fails with the error:
+
+ ld.lld: error: unknown argument: -p
+ Makefile:1015: recipe for target 'vmlinux' failed
+
+Without this flag, the ARM64 defconfig kernel successfully links with
+lld and boots on Dragonboard 410c.
+
+After digging through binutils source and changelogs, it turns out that
+-p is only relevant to ancient binutils installations targeting 32-bit
+ARM. binutils accepts -p for AArch64 too, but it's always been
+undocumented and silently ignored. A comment in
+ld/emultempl/aarch64elf.em explains that it's "Only here for backwards
+compatibility".
+
+Since this flag is a no-op on ARM64, we can safely drop it.
+
+Acked-by: Will Deacon <will.deacon@arm.com>
+Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
+Signed-off-by: Greg Hackmann <ghackmann@google.com>
+Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
+Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm64/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile
+index c10bb98144b0..fb4ac87fc398 100644
+--- a/arch/arm64/Makefile
++++ b/arch/arm64/Makefile
+@@ -10,7 +10,7 @@
+ #
+ # Copyright (C) 1995-2001 by Russell King
+
+-LDFLAGS_vmlinux :=-p --no-undefined -X
++LDFLAGS_vmlinux :=--no-undefined -X
+ CPPFLAGS_vmlinux.lds = -DTEXT_OFFSET=$(TEXT_OFFSET)
+ OBJCOPYFLAGS :=-O binary -R .note -R .note.gnu.build-id -R .comment -S
+ GZFLAGS :=-9
+--
+2.17.1
+
--- /dev/null
+From fe35dfea0fb7ecfdce22377d0b7c566580143579 Mon Sep 17 00:00:00 2001
+From: Anson Huang <anson.huang@nxp.com>
+Date: Mon, 5 Nov 2018 00:59:28 +0000
+Subject: cpufreq: imx6q: add return value check for voltage scale
+
+[ Upstream commit 6ef28a04d1ccf718eee069b72132ce4aa1e52ab9 ]
+
+Add return value check for voltage scale when ARM clock
+rate change fail.
+
+Signed-off-by: Anson Huang <Anson.Huang@nxp.com>
+Acked-by: Viresh Kumar <viresh.kumar@linaro.org>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/cpufreq/imx6q-cpufreq.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/cpufreq/imx6q-cpufreq.c b/drivers/cpufreq/imx6q-cpufreq.c
+index ef1fa8145419..fa86946d12aa 100644
+--- a/drivers/cpufreq/imx6q-cpufreq.c
++++ b/drivers/cpufreq/imx6q-cpufreq.c
+@@ -130,8 +130,13 @@ static int imx6q_set_target(struct cpufreq_policy *policy, unsigned int index)
+ /* Ensure the arm clock divider is what we expect */
+ ret = clk_set_rate(arm_clk, new_freq * 1000);
+ if (ret) {
++ int ret1;
++
+ dev_err(cpu_dev, "failed to set clock rate: %d\n", ret);
+- regulator_set_voltage_tol(arm_reg, volt_old, 0);
++ ret1 = regulator_set_voltage_tol(arm_reg, volt_old, 0);
++ if (ret1)
++ dev_warn(cpu_dev,
++ "failed to restore vddarm voltage: %d\n", ret1);
+ return ret;
+ }
+
+--
+2.17.1
+
--- /dev/null
+From 2601bb02aede9d0753359fb105dccadf12bc0766 Mon Sep 17 00:00:00 2001
+From: Prarit Bhargava <prarit@redhat.com>
+Date: Thu, 20 Sep 2018 08:59:14 -0400
+Subject: kdb: Use strscpy with destination buffer size
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+[ Upstream commit c2b94c72d93d0929f48157eef128c4f9d2e603ce ]
+
+gcc 8.1.0 warns with:
+
+kernel/debug/kdb/kdb_support.c: In function ‘kallsyms_symbol_next’:
+kernel/debug/kdb/kdb_support.c:239:4: warning: ‘strncpy’ specified bound depends on the length of the source argument [-Wstringop-overflow=]
+ strncpy(prefix_name, name, strlen(name)+1);
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+kernel/debug/kdb/kdb_support.c:239:31: note: length computed here
+
+Use strscpy() with the destination buffer size, and use ellipses when
+displaying truncated symbols.
+
+v2: Use strscpy()
+
+Signed-off-by: Prarit Bhargava <prarit@redhat.com>
+Cc: Jonathan Toppins <jtoppins@redhat.com>
+Cc: Jason Wessel <jason.wessel@windriver.com>
+Cc: Daniel Thompson <daniel.thompson@linaro.org>
+Cc: kgdb-bugreport@lists.sourceforge.net
+Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org>
+Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ kernel/debug/kdb/kdb_io.c | 15 +++++++++------
+ kernel/debug/kdb/kdb_private.h | 2 +-
+ kernel/debug/kdb/kdb_support.c | 10 +++++-----
+ 3 files changed, 15 insertions(+), 12 deletions(-)
+
+diff --git a/kernel/debug/kdb/kdb_io.c b/kernel/debug/kdb/kdb_io.c
+index 77777d918676..cc892a9e109d 100644
+--- a/kernel/debug/kdb/kdb_io.c
++++ b/kernel/debug/kdb/kdb_io.c
+@@ -215,7 +215,7 @@ static char *kdb_read(char *buffer, size_t bufsize)
+ int count;
+ int i;
+ int diag, dtab_count;
+- int key;
++ int key, buf_size, ret;
+
+
+ diag = kdbgetintenv("DTABCOUNT", &dtab_count);
+@@ -335,9 +335,8 @@ poll_again:
+ else
+ p_tmp = tmpbuffer;
+ len = strlen(p_tmp);
+- count = kallsyms_symbol_complete(p_tmp,
+- sizeof(tmpbuffer) -
+- (p_tmp - tmpbuffer));
++ buf_size = sizeof(tmpbuffer) - (p_tmp - tmpbuffer);
++ count = kallsyms_symbol_complete(p_tmp, buf_size);
+ if (tab == 2 && count > 0) {
+ kdb_printf("\n%d symbols are found.", count);
+ if (count > dtab_count) {
+@@ -349,9 +348,13 @@ poll_again:
+ }
+ kdb_printf("\n");
+ for (i = 0; i < count; i++) {
+- if (WARN_ON(!kallsyms_symbol_next(p_tmp, i)))
++ ret = kallsyms_symbol_next(p_tmp, i, buf_size);
++ if (WARN_ON(!ret))
+ break;
+- kdb_printf("%s ", p_tmp);
++ if (ret != -E2BIG)
++ kdb_printf("%s ", p_tmp);
++ else
++ kdb_printf("%s... ", p_tmp);
+ *(p_tmp + len) = '\0';
+ }
+ if (i >= dtab_count)
+diff --git a/kernel/debug/kdb/kdb_private.h b/kernel/debug/kdb/kdb_private.h
+index 75014d7f4568..533e04e75a9c 100644
+--- a/kernel/debug/kdb/kdb_private.h
++++ b/kernel/debug/kdb/kdb_private.h
+@@ -83,7 +83,7 @@ typedef struct __ksymtab {
+ unsigned long sym_start;
+ unsigned long sym_end;
+ } kdb_symtab_t;
+-extern int kallsyms_symbol_next(char *prefix_name, int flag);
++extern int kallsyms_symbol_next(char *prefix_name, int flag, int buf_size);
+ extern int kallsyms_symbol_complete(char *prefix_name, int max_len);
+
+ /* Exported Symbols for kernel loadable modules to use. */
+diff --git a/kernel/debug/kdb/kdb_support.c b/kernel/debug/kdb/kdb_support.c
+index d35cc2d3a4cc..2aed4a33521b 100644
+--- a/kernel/debug/kdb/kdb_support.c
++++ b/kernel/debug/kdb/kdb_support.c
+@@ -221,11 +221,13 @@ int kallsyms_symbol_complete(char *prefix_name, int max_len)
+ * Parameters:
+ * prefix_name prefix of a symbol name to lookup
+ * flag 0 means search from the head, 1 means continue search.
++ * buf_size maximum length that can be written to prefix_name
++ * buffer
+ * Returns:
+ * 1 if a symbol matches the given prefix.
+ * 0 if no string found
+ */
+-int kallsyms_symbol_next(char *prefix_name, int flag)
++int kallsyms_symbol_next(char *prefix_name, int flag, int buf_size)
+ {
+ int prefix_len = strlen(prefix_name);
+ static loff_t pos;
+@@ -235,10 +237,8 @@ int kallsyms_symbol_next(char *prefix_name, int flag)
+ pos = 0;
+
+ while ((name = kdb_walk_kallsyms(&pos))) {
+- if (strncmp(name, prefix_name, prefix_len) == 0) {
+- strncpy(prefix_name, name, strlen(name)+1);
+- return 1;
+- }
++ if (!strncmp(name, prefix_name, prefix_len))
++ return strscpy(prefix_name, name, buf_size);
+ }
+ return 0;
+ }
+--
+2.17.1
+
--- /dev/null
+From e0872cff2c0cd8b692b04bf360ef07c335c3610e Mon Sep 17 00:00:00 2001
+From: Scott Wood <oss@buserror.net>
+Date: Tue, 6 Nov 2018 19:49:34 -0600
+Subject: KVM: PPC: Move and undef TRACE_INCLUDE_PATH/FILE
+
+[ Upstream commit 28c5bcf74fa07c25d5bd118d1271920f51ce2a98 ]
+
+TRACE_INCLUDE_PATH and TRACE_INCLUDE_FILE are used by
+<trace/define_trace.h>, so like that #include, they should
+be outside #ifdef protection.
+
+They also need to be #undefed before defining, in case multiple trace
+headers are included by the same C file. This became the case on
+book3e after commit cf4a6085151a ("powerpc/mm: Add missing tracepoint for
+tlbie"), leading to the following build error:
+
+ CC arch/powerpc/kvm/powerpc.o
+In file included from arch/powerpc/kvm/powerpc.c:51:0:
+arch/powerpc/kvm/trace.h:9:0: error: "TRACE_INCLUDE_PATH" redefined
+[-Werror]
+ #define TRACE_INCLUDE_PATH .
+ ^
+In file included from arch/powerpc/kvm/../mm/mmu_decl.h:25:0,
+ from arch/powerpc/kvm/powerpc.c:48:
+./arch/powerpc/include/asm/trace.h:224:0: note: this is the location of
+the previous definition
+ #define TRACE_INCLUDE_PATH asm
+ ^
+cc1: all warnings being treated as errors
+
+Reported-by: Christian Zigotzky <chzigotzky@xenosoft.de>
+Signed-off-by: Scott Wood <oss@buserror.net>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/powerpc/kvm/trace.h | 8 ++++++--
+ arch/powerpc/kvm/trace_booke.h | 9 +++++++--
+ arch/powerpc/kvm/trace_hv.h | 9 +++++++--
+ arch/powerpc/kvm/trace_pr.h | 9 +++++++--
+ 4 files changed, 27 insertions(+), 8 deletions(-)
+
+diff --git a/arch/powerpc/kvm/trace.h b/arch/powerpc/kvm/trace.h
+index 2e0e67ef3544..e8cedf32345a 100644
+--- a/arch/powerpc/kvm/trace.h
++++ b/arch/powerpc/kvm/trace.h
+@@ -5,8 +5,6 @@
+
+ #undef TRACE_SYSTEM
+ #define TRACE_SYSTEM kvm
+-#define TRACE_INCLUDE_PATH .
+-#define TRACE_INCLUDE_FILE trace
+
+ /*
+ * Tracepoint for guest mode entry.
+@@ -119,4 +117,10 @@ TRACE_EVENT(kvm_check_requests,
+ #endif /* _TRACE_KVM_H */
+
+ /* This part must be outside protection */
++#undef TRACE_INCLUDE_PATH
++#undef TRACE_INCLUDE_FILE
++
++#define TRACE_INCLUDE_PATH .
++#define TRACE_INCLUDE_FILE trace
++
+ #include <trace/define_trace.h>
+diff --git a/arch/powerpc/kvm/trace_booke.h b/arch/powerpc/kvm/trace_booke.h
+index 7ec534d1db9f..7eadbf449a1f 100644
+--- a/arch/powerpc/kvm/trace_booke.h
++++ b/arch/powerpc/kvm/trace_booke.h
+@@ -5,8 +5,6 @@
+
+ #undef TRACE_SYSTEM
+ #define TRACE_SYSTEM kvm_booke
+-#define TRACE_INCLUDE_PATH .
+-#define TRACE_INCLUDE_FILE trace_booke
+
+ #define kvm_trace_symbol_exit \
+ {0, "CRITICAL"}, \
+@@ -217,4 +215,11 @@ TRACE_EVENT(kvm_booke_queue_irqprio,
+ #endif
+
+ /* This part must be outside protection */
++
++#undef TRACE_INCLUDE_PATH
++#undef TRACE_INCLUDE_FILE
++
++#define TRACE_INCLUDE_PATH .
++#define TRACE_INCLUDE_FILE trace_booke
++
+ #include <trace/define_trace.h>
+diff --git a/arch/powerpc/kvm/trace_hv.h b/arch/powerpc/kvm/trace_hv.h
+index 33d9daff5783..d1bfe017d751 100644
+--- a/arch/powerpc/kvm/trace_hv.h
++++ b/arch/powerpc/kvm/trace_hv.h
+@@ -8,8 +8,6 @@
+
+ #undef TRACE_SYSTEM
+ #define TRACE_SYSTEM kvm_hv
+-#define TRACE_INCLUDE_PATH .
+-#define TRACE_INCLUDE_FILE trace_hv
+
+ #define kvm_trace_symbol_hcall \
+ {H_REMOVE, "H_REMOVE"}, \
+@@ -474,4 +472,11 @@ TRACE_EVENT(kvmppc_run_vcpu_exit,
+ #endif /* _TRACE_KVM_HV_H */
+
+ /* This part must be outside protection */
++
++#undef TRACE_INCLUDE_PATH
++#undef TRACE_INCLUDE_FILE
++
++#define TRACE_INCLUDE_PATH .
++#define TRACE_INCLUDE_FILE trace_hv
++
+ #include <trace/define_trace.h>
+diff --git a/arch/powerpc/kvm/trace_pr.h b/arch/powerpc/kvm/trace_pr.h
+index 810507cb688a..1e40aa2aa5af 100644
+--- a/arch/powerpc/kvm/trace_pr.h
++++ b/arch/powerpc/kvm/trace_pr.h
+@@ -7,8 +7,6 @@
+
+ #undef TRACE_SYSTEM
+ #define TRACE_SYSTEM kvm_pr
+-#define TRACE_INCLUDE_PATH .
+-#define TRACE_INCLUDE_FILE trace_pr
+
+ TRACE_EVENT(kvm_book3s_reenter,
+ TP_PROTO(int r, struct kvm_vcpu *vcpu),
+@@ -271,4 +269,11 @@ TRACE_EVENT(kvm_unmap_hva,
+ #endif /* _TRACE_KVM_H */
+
+ /* This part must be outside protection */
++
++#undef TRACE_INCLUDE_PATH
++#undef TRACE_INCLUDE_FILE
++
++#define TRACE_INCLUDE_PATH .
++#define TRACE_INCLUDE_FILE trace_pr
++
+ #include <trace/define_trace.h>
+--
+2.17.1
+
--- /dev/null
+From 4a221ac558e5d18162c0cfb13a3e0114fc98b68e Mon Sep 17 00:00:00 2001
+From: Johan Hovold <johan@kernel.org>
+Date: Mon, 27 Aug 2018 10:21:50 +0200
+Subject: net: bcmgenet: fix OF child-node lookup
+
+[ Upstream commit d397dbe606120a1ea1b11b0020c3f7a3852da5ac ]
+
+Use the new of_get_compatible_child() helper to lookup the mdio child
+node instead of using of_find_compatible_node(), which searches the
+entire tree from a given start node and thus can return an unrelated
+(i.e. non-child) node.
+
+This also addresses a potential use-after-free (e.g. after probe
+deferral) as the tree-wide helper drops a reference to its first
+argument (i.e. the node of the device being probed).
+
+Fixes: aa09677cba42 ("net: bcmgenet: add MDIO routines")
+Cc: stable <stable@vger.kernel.org> # 3.15
+Cc: David S. Miller <davem@davemloft.net>
+Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Signed-off-by: Rob Herring <robh@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/ethernet/broadcom/genet/bcmmii.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/net/ethernet/broadcom/genet/bcmmii.c b/drivers/net/ethernet/broadcom/genet/bcmmii.c
+index 4c73feca4842..0565efad6e6e 100644
+--- a/drivers/net/ethernet/broadcom/genet/bcmmii.c
++++ b/drivers/net/ethernet/broadcom/genet/bcmmii.c
+@@ -491,7 +491,7 @@ static int bcmgenet_mii_of_init(struct bcmgenet_priv *priv)
+ if (!compat)
+ return -ENOMEM;
+
+- priv->mdio_dn = of_find_compatible_node(dn, NULL, compat);
++ priv->mdio_dn = of_get_compatible_child(dn, compat);
+ kfree(compat);
+ if (!priv->mdio_dn) {
+ dev_err(kdev, "unable to find MDIO bus node\n");
+--
+2.17.1
+
--- /dev/null
+From 54f69081afe2f51026e6f3dcf005ac96c2093b6d Mon Sep 17 00:00:00 2001
+From: Johan Hovold <johan@kernel.org>
+Date: Mon, 27 Aug 2018 10:21:52 +0200
+Subject: NFC: nfcmrvl_uart: fix OF child-node lookup
+
+[ Upstream commit 5bf59773aaf36dd62117dc83d50e1bbf9ef432da ]
+
+Use the new of_get_compatible_child() helper to lookup the nfc child
+node instead of using of_find_compatible_node(), which searches the
+entire tree from a given start node and thus can return an unrelated
+(i.e. non-child) node.
+
+This also addresses a potential use-after-free (e.g. after probe
+deferral) as the tree-wide helper drops a reference to its first
+argument (i.e. the parent node).
+
+Fixes: e097dc624f78 ("NFC: nfcmrvl: add UART driver")
+Fixes: d8e018c0b321 ("NFC: nfcmrvl: update device tree bindings for Marvell NFC")
+Cc: stable <stable@vger.kernel.org> # 4.2
+Cc: Vincent Cuissard <cuissard@marvell.com>
+Cc: Samuel Ortiz <sameo@linux.intel.com>
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Signed-off-by: Rob Herring <robh@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/nfc/nfcmrvl/uart.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/nfc/nfcmrvl/uart.c b/drivers/nfc/nfcmrvl/uart.c
+index 6c0c301611c4..1b11ded79c4f 100644
+--- a/drivers/nfc/nfcmrvl/uart.c
++++ b/drivers/nfc/nfcmrvl/uart.c
+@@ -73,10 +73,9 @@ static int nfcmrvl_uart_parse_dt(struct device_node *node,
+ struct device_node *matched_node;
+ int ret;
+
+- matched_node = of_find_compatible_node(node, NULL, "marvell,nfc-uart");
++ matched_node = of_get_compatible_child(node, "marvell,nfc-uart");
+ if (!matched_node) {
+- matched_node = of_find_compatible_node(node, NULL,
+- "mrvl,nfc-uart");
++ matched_node = of_get_compatible_child(node, "mrvl,nfc-uart");
+ if (!matched_node)
+ return -ENODEV;
+ }
+--
+2.17.1
+
--- /dev/null
+From 9f914aeae99f53e7cbecbf997ad58f4dd07619c5 Mon Sep 17 00:00:00 2001
+From: Johan Hovold <johan@kernel.org>
+Date: Mon, 27 Aug 2018 10:21:45 +0200
+Subject: of: add helper to lookup compatible child node
+
+[ Upstream commit 36156f9241cb0f9e37d998052873ca7501ad4b36 ]
+
+Add of_get_compatible_child() helper that can be used to lookup
+compatible child nodes.
+
+Several drivers currently use of_find_compatible_node() to lookup child
+nodes while failing to notice that the of_find_ functions search the
+entire tree depth-first (from a given start node) and therefore can
+match unrelated nodes. The fact that these functions also drop a
+reference to the node they start searching from (e.g. the parent node)
+is typically also overlooked, something which can lead to use-after-free
+bugs.
+
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Signed-off-by: Rob Herring <robh@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/of/base.c | 25 +++++++++++++++++++++++++
+ include/linux/of.h | 8 ++++++++
+ 2 files changed, 33 insertions(+)
+
+diff --git a/drivers/of/base.c b/drivers/of/base.c
+index 31341290cd91..c6e019208d17 100644
+--- a/drivers/of/base.c
++++ b/drivers/of/base.c
+@@ -712,6 +712,31 @@ struct device_node *of_get_next_available_child(const struct device_node *node,
+ }
+ EXPORT_SYMBOL(of_get_next_available_child);
+
++/**
++ * of_get_compatible_child - Find compatible child node
++ * @parent: parent node
++ * @compatible: compatible string
++ *
++ * Lookup child node whose compatible property contains the given compatible
++ * string.
++ *
++ * Returns a node pointer with refcount incremented, use of_node_put() on it
++ * when done; or NULL if not found.
++ */
++struct device_node *of_get_compatible_child(const struct device_node *parent,
++ const char *compatible)
++{
++ struct device_node *child;
++
++ for_each_child_of_node(parent, child) {
++ if (of_device_is_compatible(child, compatible))
++ break;
++ }
++
++ return child;
++}
++EXPORT_SYMBOL(of_get_compatible_child);
++
+ /**
+ * of_get_child_by_name - Find the child node by name for a given parent
+ * @node: parent node
+diff --git a/include/linux/of.h b/include/linux/of.h
+index dd10626a615f..d9371c9cd88a 100644
+--- a/include/linux/of.h
++++ b/include/linux/of.h
+@@ -265,6 +265,8 @@ extern struct device_node *of_get_next_child(const struct device_node *node,
+ extern struct device_node *of_get_next_available_child(
+ const struct device_node *node, struct device_node *prev);
+
++extern struct device_node *of_get_compatible_child(const struct device_node *parent,
++ const char *compatible);
+ extern struct device_node *of_get_child_by_name(const struct device_node *node,
+ const char *name);
+
+@@ -462,6 +464,12 @@ static inline bool of_have_populated_dt(void)
+ return false;
+ }
+
++static inline struct device_node *of_get_compatible_child(const struct device_node *parent,
++ const char *compatible)
++{
++ return NULL;
++}
++
+ static inline struct device_node *of_get_child_by_name(
+ const struct device_node *node,
+ const char *name)
+--
+2.17.1
+
--- /dev/null
+From 6beb5a5a8543f6d96f5d52301076a597d6d012be Mon Sep 17 00:00:00 2001
+From: Satheesh Rajendran <sathnaga@linux.vnet.ibm.com>
+Date: Thu, 8 Nov 2018 10:47:56 +0530
+Subject: powerpc/numa: Suppress "VPHN is not supported" messages
+
+[ Upstream commit 437ccdc8ce629470babdda1a7086e2f477048cbd ]
+
+When VPHN function is not supported and during cpu hotplug event,
+kernel prints message 'VPHN function not supported. Disabling
+polling...'. Currently it prints on every hotplug event, it floods
+dmesg when a KVM guest tries to hotplug huge number of vcpus, let's
+just print once and suppress further kernel prints.
+
+Signed-off-by: Satheesh Rajendran <sathnaga@linux.vnet.ibm.com>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/powerpc/mm/numa.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/powerpc/mm/numa.c b/arch/powerpc/mm/numa.c
+index 3c4faa4c2742..bb3df222ae71 100644
+--- a/arch/powerpc/mm/numa.c
++++ b/arch/powerpc/mm/numa.c
+@@ -1319,7 +1319,7 @@ static long vphn_get_associativity(unsigned long cpu,
+
+ switch (rc) {
+ case H_FUNCTION:
+- printk(KERN_INFO
++ printk_once(KERN_INFO
+ "VPHN is not supported. Disabling polling...\n");
+ stop_topology_update();
+ break;
+--
+2.17.1
+
can-dev-__can_get_echo_skb-print-error-message-if-trying-to-echo-non-existing-skb.patch
acpica-aml-interpreter-add-region-addresses-in-global-list-during-initialization.patch
usb-xhci-prevent-bus-suspend-if-a-port-connect-change-or-polling-state-is-detected.patch
+kvm-ppc-move-and-undef-trace_include_path-file.patch
+cpufreq-imx6q-add-return-value-check-for-voltage-sca.patch
+arm-make-lookup_processor_type-non-__init.patch
+sunrpc-fix-a-bogus-get-put-in-generic_key_to_expire.patch
+kdb-use-strscpy-with-destination-buffer-size.patch
+powerpc-numa-suppress-vphn-is-not-supported-messages.patch
+tmpfs-make-lseek-seek_data-sek_hole-return-enxio-wit.patch
+of-add-helper-to-lookup-compatible-child-node.patch
+nfc-nfcmrvl_uart-fix-of-child-node-lookup.patch
+net-bcmgenet-fix-of-child-node-lookup.patch
+x86-entry-spell-ebx-register-correctly-in-documentat.patch
+x86-entry-64-remove-ebx-handling-from-error_entry-ex.patch
+arm64-remove-no-op-p-linker-flag.patch
--- /dev/null
+From 2d138a812c1d2d68423afb1355ad441fb0290424 Mon Sep 17 00:00:00 2001
+From: Trond Myklebust <trond.myklebust@hammerspace.com>
+Date: Mon, 12 Nov 2018 16:06:51 -0500
+Subject: SUNRPC: Fix a bogus get/put in generic_key_to_expire()
+
+[ Upstream commit e3d5e573a54dabdc0f9f3cb039d799323372b251 ]
+
+Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/sunrpc/auth_generic.c | 8 +-------
+ 1 file changed, 1 insertion(+), 7 deletions(-)
+
+diff --git a/net/sunrpc/auth_generic.c b/net/sunrpc/auth_generic.c
+index 41248b1820c7..cc27e38392ea 100644
+--- a/net/sunrpc/auth_generic.c
++++ b/net/sunrpc/auth_generic.c
+@@ -272,13 +272,7 @@ static bool generic_key_to_expire(struct rpc_cred *cred)
+ {
+ struct auth_cred *acred = &container_of(cred, struct generic_cred,
+ gc_base)->acred;
+- bool ret;
+-
+- get_rpccred(cred);
+- ret = test_bit(RPC_CRED_KEY_EXPIRE_SOON, &acred->ac_flags);
+- put_rpccred(cred);
+-
+- return ret;
++ return test_bit(RPC_CRED_KEY_EXPIRE_SOON, &acred->ac_flags);
+ }
+
+ static const struct rpc_credops generic_credops = {
+--
+2.17.1
+
--- /dev/null
+From f05e67d99d168c211bdb15ee80111c7687e956a6 Mon Sep 17 00:00:00 2001
+From: Yufen Yu <yuyufen@huawei.com>
+Date: Fri, 16 Nov 2018 15:08:39 -0800
+Subject: tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative
+ offset
+
+[ Upstream commit 1a413646931cb14442065cfc17561e50f5b5bb44 ]
+
+Other filesystems such as ext4, f2fs and ubifs all return ENXIO when
+lseek (SEEK_DATA or SEEK_HOLE) requests a negative offset.
+
+man 2 lseek says
+
+: EINVAL whence is not valid. Or: the resulting file offset would be
+: negative, or beyond the end of a seekable device.
+:
+: ENXIO whence is SEEK_DATA or SEEK_HOLE, and the file offset is beyond
+: the end of the file.
+
+Make tmpfs return ENXIO under these circumstances as well. After this,
+tmpfs also passes xfstests's generic/448.
+
+[akpm@linux-foundation.org: rewrite changelog]
+Link: http://lkml.kernel.org/r/1540434176-14349-1-git-send-email-yuyufen@huawei.com
+Signed-off-by: Yufen Yu <yuyufen@huawei.com>
+Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
+Cc: Al Viro <viro@zeniv.linux.org.uk>
+Cc: Hugh Dickins <hughd@google.com>
+Cc: William Kucharski <william.kucharski@oracle.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ mm/shmem.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/mm/shmem.c b/mm/shmem.c
+index 8e506a45a6ef..d902b413941a 100644
+--- a/mm/shmem.c
++++ b/mm/shmem.c
+@@ -1818,9 +1818,7 @@ static loff_t shmem_file_llseek(struct file *file, loff_t offset, int whence)
+ mutex_lock(&inode->i_mutex);
+ /* We're holding i_mutex so we can access i_size directly */
+
+- if (offset < 0)
+- offset = -EINVAL;
+- else if (offset >= inode->i_size)
++ if (offset < 0 || offset >= inode->i_size)
+ offset = -ENXIO;
+ else {
+ start = offset >> PAGE_CACHE_SHIFT;
+--
+2.17.1
+
--- /dev/null
+From c65e0172791341b472c6dbf4ef1fde2756a5313a Mon Sep 17 00:00:00 2001
+From: Andy Lutomirski <luto@kernel.org>
+Date: Sun, 22 Jul 2018 11:05:09 -0700
+Subject: x86/entry/64: Remove %ebx handling from error_entry/exit
+
+[ Upstream commit b3681dd548d06deb2e1573890829dff4b15abf46 ]
+
+error_entry and error_exit communicate the user vs. kernel status of
+the frame using %ebx. This is unnecessary -- the information is in
+regs->cs. Just use regs->cs.
+
+This makes error_entry simpler and makes error_exit more robust.
+
+It also fixes a nasty bug. Before all the Spectre nonsense, the
+xen_failsafe_callback entry point returned like this:
+
+ ALLOC_PT_GPREGS_ON_STACK
+ SAVE_C_REGS
+ SAVE_EXTRA_REGS
+ ENCODE_FRAME_POINTER
+ jmp error_exit
+
+And it did not go through error_entry. This was bogus: RBX
+contained garbage, and error_exit expected a flag in RBX.
+
+Fortunately, it generally contained *nonzero* garbage, so the
+correct code path was used. As part of the Spectre fixes, code was
+added to clear RBX to mitigate certain speculation attacks. Now,
+depending on kernel configuration, RBX got zeroed and, when running
+some Wine workloads, the kernel crashes. This was introduced by:
+
+ commit 3ac6d8c787b8 ("x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface")
+
+With this patch applied, RBX is no longer needed as a flag, and the
+problem goes away.
+
+I suspect that malicious userspace could use this bug to crash the
+kernel even without the offending patch applied, though.
+
+[ Historical note: I wrote this patch as a cleanup before I was aware
+ of the bug it fixed. ]
+
+[ Note to stable maintainers: this should probably get applied to all
+ kernels. If you're nervous about that, a more conservative fix to
+ add xorl %ebx,%ebx; incl %ebx before the jump to error_exit should
+ also fix the problem. ]
+
+Reported-and-tested-by: M. Vefa Bicakci <m.v.b@runbox.com>
+Signed-off-by: Andy Lutomirski <luto@kernel.org>
+Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Brian Gerst <brgerst@gmail.com>
+Cc: Dave Hansen <dave.hansen@linux.intel.com>
+Cc: Denys Vlasenko <dvlasenk@redhat.com>
+Cc: Dominik Brodowski <linux@dominikbrodowski.net>
+Cc: Greg KH <gregkh@linuxfoundation.org>
+Cc: H. Peter Anvin <hpa@zytor.com>
+Cc: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Juergen Gross <jgross@suse.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Thomas Gleixner <tglx@linutronix.de>
+Cc: stable@vger.kernel.org
+Cc: xen-devel@lists.xenproject.org
+Fixes: 3ac6d8c787b8 ("x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface")
+Link: http://lkml.kernel.org/r/b5010a090d3586b2d6e06c7ad3ec5542d1241c45.1532282627.git.luto@kernel.org
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/x86/entry/entry_64.S | 20 ++++----------------
+ 1 file changed, 4 insertions(+), 16 deletions(-)
+
+diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
+index b569b46660fc..375ed605c83d 100644
+--- a/arch/x86/entry/entry_64.S
++++ b/arch/x86/entry/entry_64.S
+@@ -856,7 +856,7 @@ ENTRY(\sym)
+
+ call \do_sym
+
+- jmp error_exit /* %ebx: no swapgs flag */
++ jmp error_exit
+ .endif
+ END(\sym)
+ .endm
+@@ -1118,7 +1118,6 @@ END(paranoid_exit)
+
+ /*
+ * Save all registers in pt_regs, and switch gs if needed.
+- * Return: EBX=0: came from user mode; EBX=1: otherwise
+ */
+ ENTRY(error_entry)
+ cld
+@@ -1131,7 +1130,6 @@ ENTRY(error_entry)
+ * the kernel CR3 here.
+ */
+ SWITCH_KERNEL_CR3
+- xorl %ebx, %ebx
+ testb $3, CS+8(%rsp)
+ jz .Lerror_kernelspace
+
+@@ -1165,7 +1163,6 @@ ENTRY(error_entry)
+ * for these here too.
+ */
+ .Lerror_kernelspace:
+- incl %ebx
+ leaq native_irq_return_iret(%rip), %rcx
+ cmpq %rcx, RIP+8(%rsp)
+ je .Lerror_bad_iret
+@@ -1196,28 +1193,19 @@ ENTRY(error_entry)
+
+ /*
+ * Pretend that the exception came from user mode: set up pt_regs
+- * as if we faulted immediately after IRET and clear EBX so that
+- * error_exit knows that we will be returning to user mode.
++ * as if we faulted immediately after IRET.
+ */
+ mov %rsp, %rdi
+ call fixup_bad_iret
+ mov %rax, %rsp
+- decl %ebx
+ jmp .Lerror_entry_from_usermode_after_swapgs
+ END(error_entry)
+
+-
+-/*
+- * On entry, EBX is a "return to kernel mode" flag:
+- * 1: already in kernel mode, don't need SWAPGS
+- * 0: user gsbase is loaded, we need SWAPGS and standard preparation for return to usermode
+- */
+ ENTRY(error_exit)
+- movl %ebx, %eax
+ DISABLE_INTERRUPTS(CLBR_NONE)
+ TRACE_IRQS_OFF
+- testl %eax, %eax
+- jnz retint_kernel
++ testb $3, CS(%rsp)
++ jz retint_kernel
+ jmp retint_user
+ END(error_exit)
+
+--
+2.17.1
+
--- /dev/null
+From 667f304aa0bb348fba9e03042705c053409da9c2 Mon Sep 17 00:00:00 2001
+From: Nicolas Iooss <nicolas.iooss_linux@m4x.org>
+Date: Fri, 29 Jul 2016 13:39:51 +0200
+Subject: x86/entry: spell EBX register correctly in documentation
+
+[ Upstream commit 75ca5b22260ef7b5ce39c6d521eee8b4cba44703 ]
+
+As EBS does not mean anything reasonable in the context it is used, it
+seems like a misspelling for EBX.
+
+Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org>
+Acked-by: Borislav Petkov <bp@suse.de>
+Signed-off-by: Jiri Kosina <jkosina@suse.cz>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/x86/entry/entry_64.S | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
+index 8be48b1d7596..b569b46660fc 100644
+--- a/arch/x86/entry/entry_64.S
++++ b/arch/x86/entry/entry_64.S
+@@ -1208,7 +1208,7 @@ END(error_entry)
+
+
+ /*
+- * On entry, EBS is a "return to kernel mode" flag:
++ * On entry, EBX is a "return to kernel mode" flag:
+ * 1: already in kernel mode, don't need SWAPGS
+ * 0: user gsbase is loaded, we need SWAPGS and standard preparation for return to usermode
+ */
+--
+2.17.1
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
