--- /dev/null
+From 9b23e1a3e8fde76e8cc0e366ab1ed4ffb4440feb Mon Sep 17 00:00:00 2001
+From: Sylwester Nawrocki <s.nawrocki@samsung.com>
+Date: Wed, 20 Mar 2019 10:59:50 +0100
+Subject: ARM: dts: exynos: Fix audio (microphone) routing on Odroid XU3
+
+From: Sylwester Nawrocki <s.nawrocki@samsung.com>
+
+commit 9b23e1a3e8fde76e8cc0e366ab1ed4ffb4440feb upstream.
+
+The name of CODEC input widget to which microphone is connected through
+the "Headphone" jack is "IN12" not "IN1". This fixes microphone support
+on Odroid XU3.
+
+Cc: <stable@vger.kernel.org> # v4.14+
+Signed-off-by: Sylwester Nawrocki <s.nawrocki@samsung.com>
+Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/boot/dts/exynos5422-odroidxu3-audio.dtsi | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/arm/boot/dts/exynos5422-odroidxu3-audio.dtsi
++++ b/arch/arm/boot/dts/exynos5422-odroidxu3-audio.dtsi
+@@ -23,7 +23,7 @@
+ "Headphone Jack", "HPL",
+ "Headphone Jack", "HPR",
+ "Headphone Jack", "MICBIAS",
+- "IN1", "Headphone Jack",
++ "IN12", "Headphone Jack",
+ "Speakers", "SPKL",
+ "Speakers", "SPKR";
+
--- /dev/null
+From b7ed69d67ff0788d8463e599dd5dd1b45c701a7e Mon Sep 17 00:00:00 2001
+From: Stuart Menefy <stuart.menefy@mathembedded.com>
+Date: Tue, 19 Feb 2019 13:03:37 +0000
+Subject: ARM: dts: exynos: Fix interrupt for shared EINTs on Exynos5260
+
+From: Stuart Menefy <stuart.menefy@mathembedded.com>
+
+commit b7ed69d67ff0788d8463e599dd5dd1b45c701a7e upstream.
+
+Fix the interrupt information for the GPIO lines with a shared EINT
+interrupt.
+
+Fixes: 16d7ff2642e7 ("ARM: dts: add dts files for exynos5260 SoC")
+Cc: stable@vger.kernel.org
+Signed-off-by: Stuart Menefy <stuart.menefy@mathembedded.com>
+Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/boot/dts/exynos5260.dtsi | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/arm/boot/dts/exynos5260.dtsi
++++ b/arch/arm/boot/dts/exynos5260.dtsi
+@@ -226,7 +226,7 @@
+ wakeup-interrupt-controller {
+ compatible = "samsung,exynos4210-wakeup-eint";
+ interrupt-parent = <&gic>;
+- interrupts = <GIC_SPI 32 IRQ_TYPE_LEVEL_HIGH>;
++ interrupts = <GIC_SPI 48 IRQ_TYPE_LEVEL_HIGH>;
+ };
+ };
+
--- /dev/null
+From 629266bf7229cd6a550075f5961f95607b823b59 Mon Sep 17 00:00:00 2001
+From: Wen Yang <wen.yang99@zte.com.cn>
+Date: Tue, 5 Mar 2019 19:33:54 +0800
+Subject: ARM: exynos: Fix a leaked reference by adding missing of_node_put
+
+From: Wen Yang <wen.yang99@zte.com.cn>
+
+commit 629266bf7229cd6a550075f5961f95607b823b59 upstream.
+
+The call to of_get_next_child returns a node pointer with refcount
+incremented thus it must be explicitly decremented after the last
+usage.
+
+Detected by coccinelle with warnings like:
+ arch/arm/mach-exynos/firmware.c:201:2-8: ERROR: missing of_node_put;
+ acquired a node pointer with refcount incremented on line 193,
+ but without a corresponding object release within this function.
+
+Cc: stable@vger.kernel.org
+Signed-off-by: Wen Yang <wen.yang99@zte.com.cn>
+Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/mach-exynos/firmware.c | 1 +
+ arch/arm/mach-exynos/suspend.c | 2 ++
+ 2 files changed, 3 insertions(+)
+
+--- a/arch/arm/mach-exynos/firmware.c
++++ b/arch/arm/mach-exynos/firmware.c
+@@ -205,6 +205,7 @@ void __init exynos_firmware_init(void)
+ return;
+
+ addr = of_get_address(nd, 0, NULL, NULL);
++ of_node_put(nd);
+ if (!addr) {
+ pr_err("%s: No address specified.\n", __func__);
+ return;
+--- a/arch/arm/mach-exynos/suspend.c
++++ b/arch/arm/mach-exynos/suspend.c
+@@ -649,8 +649,10 @@ void __init exynos_pm_init(void)
+
+ if (WARN_ON(!of_find_property(np, "interrupt-controller", NULL))) {
+ pr_warn("Outdated DT detected, suspend/resume will NOT work\n");
++ of_node_put(np);
+ return;
+ }
++ of_node_put(np);
+
+ pm_data = (const struct exynos_pm_data *) match->data;
+
--- /dev/null
+From 6fda41bf12615ee7c3ddac88155099b1a8cf8d00 Mon Sep 17 00:00:00 2001
+From: Jean-Philippe Brucker <jean-philippe.brucker@arm.com>
+Date: Mon, 8 Apr 2019 18:17:18 +0100
+Subject: arm64: Clear OSDLR_EL1 on CPU boot
+
+From: Jean-Philippe Brucker <jean-philippe.brucker@arm.com>
+
+commit 6fda41bf12615ee7c3ddac88155099b1a8cf8d00 upstream.
+
+Some firmwares may reboot CPUs with OS Double Lock set. Make sure that
+it is unlocked, in order to use debug exceptions.
+
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Jean-Philippe Brucker <jean-philippe.brucker@arm.com>
+Signed-off-by: Will Deacon <will.deacon@arm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/kernel/debug-monitors.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/arch/arm64/kernel/debug-monitors.c
++++ b/arch/arm64/kernel/debug-monitors.c
+@@ -133,6 +133,7 @@ NOKPROBE_SYMBOL(disable_debug_monitors);
+ */
+ static int clear_os_lock(unsigned int cpu)
+ {
++ write_sysreg(0, osdlr_el1);
+ write_sysreg(0, oslar_el1);
+ isb();
+ return 0;
--- /dev/null
+From d263119387de9975d2acba1dfd3392f7c5979c18 Mon Sep 17 00:00:00 2001
+From: Vincenzo Frascino <vincenzo.frascino@arm.com>
+Date: Mon, 1 Apr 2019 12:30:14 +0100
+Subject: arm64: compat: Reduce address limit
+
+From: Vincenzo Frascino <vincenzo.frascino@arm.com>
+
+commit d263119387de9975d2acba1dfd3392f7c5979c18 upstream.
+
+Currently, compat tasks running on arm64 can allocate memory up to
+TASK_SIZE_32 (UL(0x100000000)).
+
+This means that mmap() allocations, if we treat them as returning an
+array, are not compliant with the sections 6.5.8 of the C standard
+(C99) which states that: "If the expression P points to an element of
+an array object and the expression Q points to the last element of the
+same array object, the pointer expression Q+1 compares greater than P".
+
+Redefine TASK_SIZE_32 to address the issue.
+
+Cc: Catalin Marinas <catalin.marinas@arm.com>
+Cc: Will Deacon <will.deacon@arm.com>
+Cc: Jann Horn <jannh@google.com>
+Cc: <stable@vger.kernel.org>
+Reported-by: Jann Horn <jannh@google.com>
+Signed-off-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
+[will: fixed typo in comment]
+Signed-off-by: Will Deacon <will.deacon@arm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/include/asm/processor.h | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+--- a/arch/arm64/include/asm/processor.h
++++ b/arch/arm64/include/asm/processor.h
+@@ -49,7 +49,15 @@
+ * TASK_UNMAPPED_BASE - the lower boundary of the mmap VM area.
+ */
+ #ifdef CONFIG_COMPAT
++#ifdef CONFIG_ARM64_64K_PAGES
++/*
++ * With CONFIG_ARM64_64K_PAGES enabled, the last page is occupied
++ * by the compat vectors page.
++ */
+ #define TASK_SIZE_32 UL(0x100000000)
++#else
++#define TASK_SIZE_32 (UL(0x100000000) - PAGE_SIZE)
++#endif /* CONFIG_ARM64_64K_PAGES */
+ #define TASK_SIZE (test_thread_flag(TIF_32BIT) ? \
+ TASK_SIZE_32 : TASK_SIZE_64)
+ #define TASK_SIZE_OF(tsk) (test_tsk_thread_flag(tsk, TIF_32BIT) ? \
--- /dev/null
+From 827a108e354db633698f0b4a10c1ffd2b1f8d1d0 Mon Sep 17 00:00:00 2001
+From: Jean-Philippe Brucker <jean-philippe.brucker@arm.com>
+Date: Mon, 8 Apr 2019 18:17:19 +0100
+Subject: arm64: Save and restore OSDLR_EL1 across suspend/resume
+
+From: Jean-Philippe Brucker <jean-philippe.brucker@arm.com>
+
+commit 827a108e354db633698f0b4a10c1ffd2b1f8d1d0 upstream.
+
+When the CPU comes out of suspend, the firmware may have modified the OS
+Double Lock Register. Save it in an unused slot of cpu_suspend_ctx, and
+restore it on resume.
+
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Jean-Philippe Brucker <jean-philippe.brucker@arm.com>
+Signed-off-by: Will Deacon <will.deacon@arm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/mm/proc.S | 34 ++++++++++++++++++----------------
+ 1 file changed, 18 insertions(+), 16 deletions(-)
+
+--- a/arch/arm64/mm/proc.S
++++ b/arch/arm64/mm/proc.S
+@@ -64,24 +64,25 @@ ENTRY(cpu_do_suspend)
+ mrs x2, tpidr_el0
+ mrs x3, tpidrro_el0
+ mrs x4, contextidr_el1
+- mrs x5, cpacr_el1
+- mrs x6, tcr_el1
+- mrs x7, vbar_el1
+- mrs x8, mdscr_el1
+- mrs x9, oslsr_el1
+- mrs x10, sctlr_el1
++ mrs x5, osdlr_el1
++ mrs x6, cpacr_el1
++ mrs x7, tcr_el1
++ mrs x8, vbar_el1
++ mrs x9, mdscr_el1
++ mrs x10, oslsr_el1
++ mrs x11, sctlr_el1
+ alternative_if_not ARM64_HAS_VIRT_HOST_EXTN
+- mrs x11, tpidr_el1
++ mrs x12, tpidr_el1
+ alternative_else
+- mrs x11, tpidr_el2
++ mrs x12, tpidr_el2
+ alternative_endif
+- mrs x12, sp_el0
++ mrs x13, sp_el0
+ stp x2, x3, [x0]
+- stp x4, xzr, [x0, #16]
+- stp x5, x6, [x0, #32]
+- stp x7, x8, [x0, #48]
+- stp x9, x10, [x0, #64]
+- stp x11, x12, [x0, #80]
++ stp x4, x5, [x0, #16]
++ stp x6, x7, [x0, #32]
++ stp x8, x9, [x0, #48]
++ stp x10, x11, [x0, #64]
++ stp x12, x13, [x0, #80]
+ ret
+ ENDPROC(cpu_do_suspend)
+
+@@ -104,8 +105,8 @@ ENTRY(cpu_do_resume)
+ msr cpacr_el1, x6
+
+ /* Don't change t0sz here, mask those bits when restoring */
+- mrs x5, tcr_el1
+- bfi x8, x5, TCR_T0SZ_OFFSET, TCR_TxSZ_WIDTH
++ mrs x7, tcr_el1
++ bfi x8, x7, TCR_T0SZ_OFFSET, TCR_TxSZ_WIDTH
+
+ msr tcr_el1, x8
+ msr vbar_el1, x9
+@@ -129,6 +130,7 @@ alternative_endif
+ /*
+ * Restore oslsr_el1 by writing oslar_el1
+ */
++ msr osdlr_el1, x5
+ ubfx x11, x11, #1, #1
+ msr oslar_el1, x11
+ reset_pmuserenr_el0 x0 // Disable PMU access from EL0
--- /dev/null
+From 767f015ea0b7ab9d60432ff6cd06b664fd71f50f Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Tue, 9 Apr 2019 23:46:31 -0700
+Subject: crypto: arm/aes-neonbs - don't access already-freed walk.iv
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit 767f015ea0b7ab9d60432ff6cd06b664fd71f50f upstream.
+
+If the user-provided IV needs to be aligned to the algorithm's
+alignmask, then skcipher_walk_virt() copies the IV into a new aligned
+buffer walk.iv. But skcipher_walk_virt() can fail afterwards, and then
+if the caller unconditionally accesses walk.iv, it's a use-after-free.
+
+arm32 xts-aes-neonbs doesn't set an alignmask, so currently it isn't
+affected by this despite unconditionally accessing walk.iv. However
+this is more subtle than desired, and it was actually broken prior to
+the alignmask being removed by commit cc477bf64573 ("crypto: arm/aes -
+replace bit-sliced OpenSSL NEON code"). Thus, update xts-aes-neonbs to
+start checking the return value of skcipher_walk_virt().
+
+Fixes: e4e7f10bfc40 ("ARM: add support for bit sliced AES using NEON instructions")
+Cc: <stable@vger.kernel.org> # v3.13+
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/crypto/aes-neonbs-glue.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/arch/arm/crypto/aes-neonbs-glue.c
++++ b/arch/arm/crypto/aes-neonbs-glue.c
+@@ -280,6 +280,8 @@ static int __xts_crypt(struct skcipher_r
+ int err;
+
+ err = skcipher_walk_virt(&walk, req, true);
++ if (err)
++ return err;
+
+ crypto_cipher_encrypt_one(ctx->tweak_tfm, walk.iv, walk.iv);
+
--- /dev/null
+From 5e27f38f1f3f45a0c938299c3a34a2d2db77165a Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Sun, 31 Mar 2019 13:04:16 -0700
+Subject: crypto: chacha20poly1305 - set cra_name correctly
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit 5e27f38f1f3f45a0c938299c3a34a2d2db77165a upstream.
+
+If the rfc7539 template is instantiated with specific implementations,
+e.g. "rfc7539(chacha20-generic,poly1305-generic)" rather than
+"rfc7539(chacha20,poly1305)", then the implementation names end up
+included in the instance's cra_name. This is incorrect because it then
+prevents all users from allocating "rfc7539(chacha20,poly1305)", if the
+highest priority implementations of chacha20 and poly1305 were selected.
+Also, the self-tests aren't run on an instance allocated in this way.
+
+Fix it by setting the instance's cra_name from the underlying
+algorithms' actual cra_names, rather than from the requested names.
+This matches what other templates do.
+
+Fixes: 71ebc4d1b27d ("crypto: chacha20poly1305 - Add a ChaCha20-Poly1305 AEAD construction, RFC7539")
+Cc: <stable@vger.kernel.org> # v4.2+
+Cc: Martin Willi <martin@strongswan.org>
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Reviewed-by: Martin Willi <martin@strongswan.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ crypto/chacha20poly1305.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/crypto/chacha20poly1305.c
++++ b/crypto/chacha20poly1305.c
+@@ -647,8 +647,8 @@ static int chachapoly_create(struct cryp
+
+ err = -ENAMETOOLONG;
+ if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME,
+- "%s(%s,%s)", name, chacha_name,
+- poly_name) >= CRYPTO_MAX_ALG_NAME)
++ "%s(%s,%s)", name, chacha->base.cra_name,
++ poly->cra_name) >= CRYPTO_MAX_ALG_NAME)
+ goto out_drop_chacha;
+ if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME,
+ "%s(%s,%s)", name, chacha->base.cra_driver_name,
--- /dev/null
+From 307508d1072979f4435416f87936f87eaeb82054 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Sun, 31 Mar 2019 13:04:12 -0700
+Subject: crypto: crct10dif-generic - fix use via crypto_shash_digest()
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit 307508d1072979f4435416f87936f87eaeb82054 upstream.
+
+The ->digest() method of crct10dif-generic reads the current CRC value
+from the shash_desc context. But this value is uninitialized, causing
+crypto_shash_digest() to compute the wrong result. Fix it.
+
+Probably this wasn't noticed before because lib/crc-t10dif.c only uses
+crypto_shash_update(), not crypto_shash_digest(). Likewise,
+crypto_shash_digest() is not yet tested by the crypto self-tests because
+those only test the ahash API which only uses shash init/update/final.
+
+This bug was detected by my patches that improve testmgr to fuzz
+algorithms against their generic implementation.
+
+Fixes: 2d31e518a428 ("crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework")
+Cc: <stable@vger.kernel.org> # v3.11+
+Cc: Tim Chen <tim.c.chen@linux.intel.com>
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ crypto/crct10dif_generic.c | 11 ++++-------
+ 1 file changed, 4 insertions(+), 7 deletions(-)
+
+--- a/crypto/crct10dif_generic.c
++++ b/crypto/crct10dif_generic.c
+@@ -65,10 +65,9 @@ static int chksum_final(struct shash_des
+ return 0;
+ }
+
+-static int __chksum_finup(__u16 *crcp, const u8 *data, unsigned int len,
+- u8 *out)
++static int __chksum_finup(__u16 crc, const u8 *data, unsigned int len, u8 *out)
+ {
+- *(__u16 *)out = crc_t10dif_generic(*crcp, data, len);
++ *(__u16 *)out = crc_t10dif_generic(crc, data, len);
+ return 0;
+ }
+
+@@ -77,15 +76,13 @@ static int chksum_finup(struct shash_des
+ {
+ struct chksum_desc_ctx *ctx = shash_desc_ctx(desc);
+
+- return __chksum_finup(&ctx->crc, data, len, out);
++ return __chksum_finup(ctx->crc, data, len, out);
+ }
+
+ static int chksum_digest(struct shash_desc *desc, const u8 *data,
+ unsigned int length, u8 *out)
+ {
+- struct chksum_desc_ctx *ctx = shash_desc_ctx(desc);
+-
+- return __chksum_finup(&ctx->crc, data, length, out);
++ return __chksum_finup(0, data, length, out);
+ }
+
+ static struct shash_alg alg = {
--- /dev/null
+From f699594d436960160f6d5ba84ed4a222f20d11cd Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Thu, 18 Apr 2019 14:43:02 -0700
+Subject: crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit f699594d436960160f6d5ba84ed4a222f20d11cd upstream.
+
+GCM instances can be created by either the "gcm" template, which only
+allows choosing the block cipher, e.g. "gcm(aes)"; or by "gcm_base",
+which allows choosing the ctr and ghash implementations, e.g.
+"gcm_base(ctr(aes-generic),ghash-generic)".
+
+However, a "gcm_base" instance prevents a "gcm" instance from being
+registered using the same implementations. Nor will the instance be
+found by lookups of "gcm". This can be used as a denial of service.
+Moreover, "gcm_base" instances are never tested by the crypto
+self-tests, even if there are compatible "gcm" tests.
+
+The root cause of these problems is that instances of the two templates
+use different cra_names. Therefore, fix these problems by making
+"gcm_base" instances set the same cra_name as "gcm" instances, e.g.
+"gcm(aes)" instead of "gcm_base(ctr(aes-generic),ghash-generic)".
+
+This requires extracting the block cipher name from the name of the ctr
+algorithm. It also requires starting to verify that the algorithms are
+really ctr and ghash, not something else entirely. But it would be
+bizarre if anyone were actually using non-gcm-compatible algorithms with
+gcm_base, so this shouldn't break anyone in practice.
+
+Fixes: d00aa19b507b ("[CRYPTO] gcm: Allow block cipher parameter")
+Cc: stable@vger.kernel.org
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ crypto/gcm.c | 34 +++++++++++-----------------------
+ 1 file changed, 11 insertions(+), 23 deletions(-)
+
+--- a/crypto/gcm.c
++++ b/crypto/gcm.c
+@@ -616,7 +616,6 @@ static void crypto_gcm_free(struct aead_
+
+ static int crypto_gcm_create_common(struct crypto_template *tmpl,
+ struct rtattr **tb,
+- const char *full_name,
+ const char *ctr_name,
+ const char *ghash_name)
+ {
+@@ -657,7 +656,8 @@ static int crypto_gcm_create_common(stru
+ goto err_free_inst;
+
+ err = -EINVAL;
+- if (ghash->digestsize != 16)
++ if (strcmp(ghash->base.cra_name, "ghash") != 0 ||
++ ghash->digestsize != 16)
+ goto err_drop_ghash;
+
+ crypto_set_skcipher_spawn(&ctx->ctr, aead_crypto_instance(inst));
+@@ -669,24 +669,24 @@ static int crypto_gcm_create_common(stru
+
+ ctr = crypto_spawn_skcipher_alg(&ctx->ctr);
+
+- /* We only support 16-byte blocks. */
++ /* The skcipher algorithm must be CTR mode, using 16-byte blocks. */
+ err = -EINVAL;
+- if (crypto_skcipher_alg_ivsize(ctr) != 16)
++ if (strncmp(ctr->base.cra_name, "ctr(", 4) != 0 ||
++ crypto_skcipher_alg_ivsize(ctr) != 16 ||
++ ctr->base.cra_blocksize != 1)
+ goto out_put_ctr;
+
+- /* Not a stream cipher? */
+- if (ctr->base.cra_blocksize != 1)
++ err = -ENAMETOOLONG;
++ if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME,
++ "gcm(%s", ctr->base.cra_name + 4) >= CRYPTO_MAX_ALG_NAME)
+ goto out_put_ctr;
+
+- err = -ENAMETOOLONG;
+ if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME,
+ "gcm_base(%s,%s)", ctr->base.cra_driver_name,
+ ghash_alg->cra_driver_name) >=
+ CRYPTO_MAX_ALG_NAME)
+ goto out_put_ctr;
+
+- memcpy(inst->alg.base.cra_name, full_name, CRYPTO_MAX_ALG_NAME);
+-
+ inst->alg.base.cra_flags = (ghash->base.cra_flags |
+ ctr->base.cra_flags) & CRYPTO_ALG_ASYNC;
+ inst->alg.base.cra_priority = (ghash->base.cra_priority +
+@@ -728,7 +728,6 @@ static int crypto_gcm_create(struct cryp
+ {
+ const char *cipher_name;
+ char ctr_name[CRYPTO_MAX_ALG_NAME];
+- char full_name[CRYPTO_MAX_ALG_NAME];
+
+ cipher_name = crypto_attr_alg_name(tb[1]);
+ if (IS_ERR(cipher_name))
+@@ -738,12 +737,7 @@ static int crypto_gcm_create(struct cryp
+ CRYPTO_MAX_ALG_NAME)
+ return -ENAMETOOLONG;
+
+- if (snprintf(full_name, CRYPTO_MAX_ALG_NAME, "gcm(%s)", cipher_name) >=
+- CRYPTO_MAX_ALG_NAME)
+- return -ENAMETOOLONG;
+-
+- return crypto_gcm_create_common(tmpl, tb, full_name,
+- ctr_name, "ghash");
++ return crypto_gcm_create_common(tmpl, tb, ctr_name, "ghash");
+ }
+
+ static struct crypto_template crypto_gcm_tmpl = {
+@@ -757,7 +751,6 @@ static int crypto_gcm_base_create(struct
+ {
+ const char *ctr_name;
+ const char *ghash_name;
+- char full_name[CRYPTO_MAX_ALG_NAME];
+
+ ctr_name = crypto_attr_alg_name(tb[1]);
+ if (IS_ERR(ctr_name))
+@@ -767,12 +760,7 @@ static int crypto_gcm_base_create(struct
+ if (IS_ERR(ghash_name))
+ return PTR_ERR(ghash_name);
+
+- if (snprintf(full_name, CRYPTO_MAX_ALG_NAME, "gcm_base(%s,%s)",
+- ctr_name, ghash_name) >= CRYPTO_MAX_ALG_NAME)
+- return -ENAMETOOLONG;
+-
+- return crypto_gcm_create_common(tmpl, tb, full_name,
+- ctr_name, ghash_name);
++ return crypto_gcm_create_common(tmpl, tb, ctr_name, ghash_name);
+ }
+
+ static struct crypto_template crypto_gcm_base_tmpl = {
--- /dev/null
+From f0cfd57b43fec65761ca61d3892b983a71515f23 Mon Sep 17 00:00:00 2001
+From: Zhang Zhijie <zhangzj@rock-chips.com>
+Date: Fri, 12 Apr 2019 17:16:33 +0800
+Subject: crypto: rockchip - update IV buffer to contain the next IV
+
+From: Zhang Zhijie <zhangzj@rock-chips.com>
+
+commit f0cfd57b43fec65761ca61d3892b983a71515f23 upstream.
+
+The Kernel Crypto API request output the next IV data to
+IV buffer for CBC implementation. So the last block data of
+ciphertext should be copid into assigned IV buffer.
+
+Reported-by: Eric Biggers <ebiggers@google.com>
+Fixes: 433cd2c617bf ("crypto: rockchip - add crypto driver for rk3288")
+Cc: <stable@vger.kernel.org> # v4.5+
+Signed-off-by: Zhang Zhijie <zhangzj@rock-chips.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c | 25 +++++++++++++++------
+ 1 file changed, 18 insertions(+), 7 deletions(-)
+
+--- a/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c
++++ b/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c
+@@ -250,9 +250,14 @@ static int rk_set_data_start(struct rk_c
+ u8 *src_last_blk = page_address(sg_page(dev->sg_src)) +
+ dev->sg_src->offset + dev->sg_src->length - ivsize;
+
+- /* store the iv that need to be updated in chain mode */
+- if (ctx->mode & RK_CRYPTO_DEC)
++ /* Store the iv that need to be updated in chain mode.
++ * And update the IV buffer to contain the next IV for decryption mode.
++ */
++ if (ctx->mode & RK_CRYPTO_DEC) {
+ memcpy(ctx->iv, src_last_blk, ivsize);
++ sg_pcopy_to_buffer(dev->first, dev->src_nents, req->info,
++ ivsize, dev->total - ivsize);
++ }
+
+ err = dev->load_data(dev, dev->sg_src, dev->sg_dst);
+ if (!err)
+@@ -288,13 +293,19 @@ static void rk_iv_copyback(struct rk_cry
+ struct ablkcipher_request *req =
+ ablkcipher_request_cast(dev->async_req);
+ struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req);
++ struct rk_cipher_ctx *ctx = crypto_ablkcipher_ctx(tfm);
+ u32 ivsize = crypto_ablkcipher_ivsize(tfm);
+
+- if (ivsize == DES_BLOCK_SIZE)
+- memcpy_fromio(req->info, dev->reg + RK_CRYPTO_TDES_IV_0,
+- ivsize);
+- else if (ivsize == AES_BLOCK_SIZE)
+- memcpy_fromio(req->info, dev->reg + RK_CRYPTO_AES_IV_0, ivsize);
++ /* Update the IV buffer to contain the next IV for encryption mode. */
++ if (!(ctx->mode & RK_CRYPTO_DEC)) {
++ if (dev->aligned) {
++ memcpy(req->info, sg_virt(dev->sg_dst) +
++ dev->sg_dst->length - ivsize, ivsize);
++ } else {
++ memcpy(req->info, dev->addr_vir +
++ dev->count - ivsize, ivsize);
++ }
++ }
+ }
+
+ static void rk_update_iv(struct rk_crypto_info *dev)
--- /dev/null
+From dcaca01a42cc2c425154a13412b4124293a6e11e Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Sun, 31 Mar 2019 13:04:15 -0700
+Subject: crypto: skcipher - don't WARN on unprocessed data after slow walk step
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit dcaca01a42cc2c425154a13412b4124293a6e11e upstream.
+
+skcipher_walk_done() assumes it's a bug if, after the "slow" path is
+executed where the next chunk of data is processed via a bounce buffer,
+the algorithm says it didn't process all bytes. Thus it WARNs on this.
+
+However, this can happen legitimately when the message needs to be
+evenly divisible into "blocks" but isn't, and the algorithm has a
+'walksize' greater than the block size. For example, ecb-aes-neonbs
+sets 'walksize' to 128 bytes and only supports messages evenly divisible
+into 16-byte blocks. If, say, 17 message bytes remain but they straddle
+scatterlist elements, the skcipher_walk code will take the "slow" path
+and pass the algorithm all 17 bytes in the bounce buffer. But the
+algorithm will only be able to process 16 bytes, triggering the WARN.
+
+Fix this by just removing the WARN_ON(). Returning -EINVAL, as the code
+already does, is the right behavior.
+
+This bug was detected by my patches that improve testmgr to fuzz
+algorithms against their generic implementation.
+
+Fixes: b286d8b1a690 ("crypto: skcipher - Add skcipher walk interface")
+Cc: <stable@vger.kernel.org> # v4.10+
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ crypto/skcipher.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+--- a/crypto/skcipher.c
++++ b/crypto/skcipher.c
+@@ -131,8 +131,13 @@ unmap_src:
+ memcpy(walk->dst.virt.addr, walk->page, n);
+ skcipher_unmap_dst(walk);
+ } else if (unlikely(walk->flags & SKCIPHER_WALK_SLOW)) {
+- if (WARN_ON(err)) {
+- /* unexpected case; didn't process all bytes */
++ if (err) {
++ /*
++ * Didn't process all bytes. Either the algorithm is
++ * broken, or this was the last step and it turned out
++ * the message wasn't evenly divisible into blocks but
++ * the algorithm requires it.
++ */
+ err = -EINVAL;
+ goto finish;
+ }
--- /dev/null
+From dcf7b48212c0fab7df69e84fab22d6cb7c8c0fb9 Mon Sep 17 00:00:00 2001
+From: Daniel Axtens <dja@axtens.net>
+Date: Fri, 15 Mar 2019 13:09:01 +1100
+Subject: crypto: vmx - fix copy-paste error in CTR mode
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Daniel Axtens <dja@axtens.net>
+
+commit dcf7b48212c0fab7df69e84fab22d6cb7c8c0fb9 upstream.
+
+The original assembly imported from OpenSSL has two copy-paste
+errors in handling CTR mode. When dealing with a 2 or 3 block tail,
+the code branches to the CBC decryption exit path, rather than to
+the CTR exit path.
+
+This leads to corruption of the IV, which leads to subsequent blocks
+being corrupted.
+
+This can be detected with libkcapi test suite, which is available at
+https://github.com/smuellerDD/libkcapi
+
+Reported-by: Ondrej Mosnáček <omosnacek@gmail.com>
+Fixes: 5c380d623ed3 ("crypto: vmx - Add support for VMS instructions by ASM")
+Cc: stable@vger.kernel.org
+Signed-off-by: Daniel Axtens <dja@axtens.net>
+Tested-by: Michael Ellerman <mpe@ellerman.id.au>
+Tested-by: Ondrej Mosnacek <omosnacek@gmail.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/crypto/vmx/aesp8-ppc.pl | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/drivers/crypto/vmx/aesp8-ppc.pl
++++ b/drivers/crypto/vmx/aesp8-ppc.pl
+@@ -1815,7 +1815,7 @@ Lctr32_enc8x_three:
+ stvx_u $out1,$x10,$out
+ stvx_u $out2,$x20,$out
+ addi $out,$out,0x30
+- b Lcbc_dec8x_done
++ b Lctr32_enc8x_done
+
+ .align 5
+ Lctr32_enc8x_two:
+@@ -1827,7 +1827,7 @@ Lctr32_enc8x_two:
+ stvx_u $out0,$x00,$out
+ stvx_u $out1,$x10,$out
+ addi $out,$out,0x20
+- b Lcbc_dec8x_done
++ b Lctr32_enc8x_done
+
+ .align 5
+ Lctr32_enc8x_one:
--- /dev/null
+From dec3d0b1071a0f3194e66a83d26ecf4aa8c5910e Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Sun, 31 Mar 2019 13:04:13 -0700
+Subject: crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit dec3d0b1071a0f3194e66a83d26ecf4aa8c5910e upstream.
+
+The ->digest() method of crct10dif-pclmul reads the current CRC value
+from the shash_desc context. But this value is uninitialized, causing
+crypto_shash_digest() to compute the wrong result. Fix it.
+
+Probably this wasn't noticed before because lib/crc-t10dif.c only uses
+crypto_shash_update(), not crypto_shash_digest(). Likewise,
+crypto_shash_digest() is not yet tested by the crypto self-tests because
+those only test the ahash API which only uses shash init/update/final.
+
+Fixes: 0b95a7f85718 ("crypto: crct10dif - Glue code to cast accelerated CRCT10DIF assembly as a crypto transform")
+Cc: <stable@vger.kernel.org> # v3.11+
+Cc: Tim Chen <tim.c.chen@linux.intel.com>
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/crypto/crct10dif-pclmul_glue.c | 13 +++++--------
+ 1 file changed, 5 insertions(+), 8 deletions(-)
+
+--- a/arch/x86/crypto/crct10dif-pclmul_glue.c
++++ b/arch/x86/crypto/crct10dif-pclmul_glue.c
+@@ -76,15 +76,14 @@ static int chksum_final(struct shash_des
+ return 0;
+ }
+
+-static int __chksum_finup(__u16 *crcp, const u8 *data, unsigned int len,
+- u8 *out)
++static int __chksum_finup(__u16 crc, const u8 *data, unsigned int len, u8 *out)
+ {
+ if (irq_fpu_usable()) {
+ kernel_fpu_begin();
+- *(__u16 *)out = crc_t10dif_pcl(*crcp, data, len);
++ *(__u16 *)out = crc_t10dif_pcl(crc, data, len);
+ kernel_fpu_end();
+ } else
+- *(__u16 *)out = crc_t10dif_generic(*crcp, data, len);
++ *(__u16 *)out = crc_t10dif_generic(crc, data, len);
+ return 0;
+ }
+
+@@ -93,15 +92,13 @@ static int chksum_finup(struct shash_des
+ {
+ struct chksum_desc_ctx *ctx = shash_desc_ctx(desc);
+
+- return __chksum_finup(&ctx->crc, data, len, out);
++ return __chksum_finup(ctx->crc, data, len, out);
+ }
+
+ static int chksum_digest(struct shash_desc *desc, const u8 *data,
+ unsigned int length, u8 *out)
+ {
+- struct chksum_desc_ctx *ctx = shash_desc_ctx(desc);
+-
+- return __chksum_finup(&ctx->crc, data, length, out);
++ return __chksum_finup(0, data, length, out);
+ }
+
+ static struct shash_alg alg = {
--- /dev/null
+From e6f393bc939d566ce3def71232d8013de9aaadde Mon Sep 17 00:00:00 2001
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+Date: Mon, 13 May 2019 12:01:32 -0500
+Subject: objtool: Fix function fallthrough detection
+
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+
+commit e6f393bc939d566ce3def71232d8013de9aaadde upstream.
+
+When a function falls through to the next function due to a compiler
+bug, objtool prints some obscure warnings. For example:
+
+ drivers/regulator/core.o: warning: objtool: regulator_count_voltages()+0x95: return with modified stack frame
+ drivers/regulator/core.o: warning: objtool: regulator_count_voltages()+0x0: stack state mismatch: cfa1=7+32 cfa2=7+8
+
+Instead it should be printing:
+
+ drivers/regulator/core.o: warning: objtool: regulator_supply_is_couple() falls through to next function regulator_count_voltages()
+
+This used to work, but was broken by the following commit:
+
+ 13810435b9a7 ("objtool: Support GCC 8's cold subfunctions")
+
+The padding nops at the end of a function aren't actually part of the
+function, as defined by the symbol table. So the 'func' variable in
+validate_branch() is getting cleared to NULL when a padding nop is
+encountered, breaking the fallthrough detection.
+
+If the current instruction doesn't have a function associated with it,
+just consider it to be part of the previously detected function by not
+overwriting the previous value of 'func'.
+
+Reported-by: kbuild test robot <lkp@intel.com>
+Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Thomas Gleixner <tglx@linutronix.de>
+Cc: <stable@vger.kernel.org>
+Fixes: 13810435b9a7 ("objtool: Support GCC 8's cold subfunctions")
+Link: http://lkml.kernel.org/r/546d143820cd08a46624ae8440d093dd6c902cae.1557766718.git.jpoimboe@redhat.com
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/objtool/check.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -1779,7 +1779,8 @@ static int validate_branch(struct objtoo
+ return 1;
+ }
+
+- func = insn->func ? insn->func->pfunc : NULL;
++ if (insn->func)
++ func = insn->func->pfunc;
+
+ if (func && insn->ignore) {
+ WARN_FUNC("BUG: why am I validating an ignored function?",
--- /dev/null
+From c3422ad5f84a66739ec6a37251ca27638c85b6be Mon Sep 17 00:00:00 2001
+From: "Gustavo A. R. Silva" <gustavo@embeddedor.com>
+Date: Mon, 18 Mar 2019 11:14:39 -0500
+Subject: power: supply: axp288_charger: Fix unchecked return value
+
+From: Gustavo A. R. Silva <gustavo@embeddedor.com>
+
+commit c3422ad5f84a66739ec6a37251ca27638c85b6be upstream.
+
+Currently there is no check on platform_get_irq() return value
+in case it fails, hence never actually reporting any errors and
+causing unexpected behavior when using such value as argument
+for function regmap_irq_get_virq().
+
+Fix this by adding a proper check, a message reporting any errors
+and returning *pirq*
+
+Addresses-Coverity-ID: 1443940 ("Improper use of negative value")
+Fixes: 843735b788a4 ("power: axp288_charger: axp288 charger driver")
+Cc: stable@vger.kernel.org
+Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
+Reviewed-by: Hans de Goede <hdegoede@redhat.com>
+Signed-off-by: Sebastian Reichel <sebastian.reichel@collabora.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/power/supply/axp288_charger.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/drivers/power/supply/axp288_charger.c
++++ b/drivers/power/supply/axp288_charger.c
+@@ -881,6 +881,10 @@ static int axp288_charger_probe(struct p
+ /* Register charger interrupts */
+ for (i = 0; i < CHRG_INTR_END; i++) {
+ pirq = platform_get_irq(info->pdev, i);
++ if (pirq < 0) {
++ dev_err(&pdev->dev, "Failed to get IRQ: %d\n", pirq);
++ return pirq;
++ }
+ info->irq[i] = regmap_irq_get_virq(info->regmap_irqc, pirq);
+ if (info->irq[i] < 0) {
+ dev_warn(&info->pdev->dev,
--- /dev/null
+From 6690e86be83ac75832e461c141055b5d601c0a6d Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Thu, 14 Feb 2019 10:30:52 +0100
+Subject: sched/x86: Save [ER]FLAGS on context switch
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit 6690e86be83ac75832e461c141055b5d601c0a6d upstream.
+
+Effectively reverts commit:
+
+ 2c7577a75837 ("sched/x86_64: Don't save flags on context switch")
+
+Specifically because SMAP uses FLAGS.AC which invalidates the claim
+that the kernel has clean flags.
+
+In particular; while preemption from interrupt return is fine (the
+IRET frame on the exception stack contains FLAGS) it breaks any code
+that does synchonous scheduling, including preempt_enable().
+
+This has become a significant issue ever since commit:
+
+ 5b24a7a2aa20 ("Add 'unsafe' user access functions for batched accesses")
+
+provided for means of having 'normal' C code between STAC / CLAC,
+exposing the FLAGS.AC state. So far this hasn't led to trouble,
+however fix it before it comes apart.
+
+Reported-by: Julien Thierry <julien.thierry@arm.com>
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Acked-by: Andy Lutomirski <luto@amacapital.net>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Thomas Gleixner <tglx@linutronix.de>
+Cc: stable@kernel.org
+Fixes: 5b24a7a2aa20 ("Add 'unsafe' user access functions for batched accesses")
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/entry/entry_32.S | 2 ++
+ arch/x86/entry/entry_64.S | 2 ++
+ arch/x86/include/asm/switch_to.h | 1 +
+ arch/x86/kernel/process_32.c | 7 +++++++
+ arch/x86/kernel/process_64.c | 8 ++++++++
+ 5 files changed, 20 insertions(+)
+
+--- a/arch/x86/entry/entry_32.S
++++ b/arch/x86/entry/entry_32.S
+@@ -234,6 +234,7 @@ ENTRY(__switch_to_asm)
+ pushl %ebx
+ pushl %edi
+ pushl %esi
++ pushfl
+
+ /* switch stack */
+ movl %esp, TASK_threadsp(%eax)
+@@ -256,6 +257,7 @@ ENTRY(__switch_to_asm)
+ #endif
+
+ /* restore callee-saved registers */
++ popfl
+ popl %esi
+ popl %edi
+ popl %ebx
+--- a/arch/x86/entry/entry_64.S
++++ b/arch/x86/entry/entry_64.S
+@@ -342,6 +342,7 @@ ENTRY(__switch_to_asm)
+ pushq %r13
+ pushq %r14
+ pushq %r15
++ pushfq
+
+ /* switch stack */
+ movq %rsp, TASK_threadsp(%rdi)
+@@ -364,6 +365,7 @@ ENTRY(__switch_to_asm)
+ #endif
+
+ /* restore callee-saved registers */
++ popfq
+ popq %r15
+ popq %r14
+ popq %r13
+--- a/arch/x86/include/asm/switch_to.h
++++ b/arch/x86/include/asm/switch_to.h
+@@ -41,6 +41,7 @@ asmlinkage void ret_from_fork(void);
+ * order of the fields must match the code in __switch_to_asm().
+ */
+ struct inactive_task_frame {
++ unsigned long flags;
+ #ifdef CONFIG_X86_64
+ unsigned long r15;
+ unsigned long r14;
+--- a/arch/x86/kernel/process_32.c
++++ b/arch/x86/kernel/process_32.c
+@@ -132,6 +132,13 @@ int copy_thread_tls(unsigned long clone_
+ struct task_struct *tsk;
+ int err;
+
++ /*
++ * For a new task use the RESET flags value since there is no before.
++ * All the status flags are zero; DF and all the system flags must also
++ * be 0, specifically IF must be 0 because we context switch to the new
++ * task with interrupts disabled.
++ */
++ frame->flags = X86_EFLAGS_FIXED;
+ frame->bp = 0;
+ frame->ret_addr = (unsigned long) ret_from_fork;
+ p->thread.sp = (unsigned long) fork_frame;
+--- a/arch/x86/kernel/process_64.c
++++ b/arch/x86/kernel/process_64.c
+@@ -278,6 +278,14 @@ int copy_thread_tls(unsigned long clone_
+ childregs = task_pt_regs(p);
+ fork_frame = container_of(childregs, struct fork_frame, regs);
+ frame = &fork_frame->frame;
++
++ /*
++ * For a new task use the RESET flags value since there is no before.
++ * All the status flags are zero; DF and all the system flags must also
++ * be 0, specifically IF must be 0 because we context switch to the new
++ * task with interrupts disabled.
++ */
++ frame->flags = X86_EFLAGS_FIXED;
+ frame->bp = 0;
+ frame->ret_addr = (unsigned long) ret_from_fork;
+ p->thread.sp = (unsigned long) fork_frame;
pci-hv-fix-a-memory-leak-in-hv_eject_device_work.patch
pci-hv-add-hv_pci_remove_slots-when-we-unload-the-dr.patch
pci-hv-add-pci_destroy_slot-in-pci_devices_present_w.patch
+x86-speculation-mds-revert-cpu-buffer-clear-on-double-fault-exit.patch
+x86-speculation-mds-improve-cpu-buffer-clear-documentation.patch
+objtool-fix-function-fallthrough-detection.patch
+arm-dts-exynos-fix-interrupt-for-shared-eints-on-exynos5260.patch
+arm-dts-exynos-fix-audio-microphone-routing-on-odroid-xu3.patch
+arm-exynos-fix-a-leaked-reference-by-adding-missing-of_node_put.patch
+power-supply-axp288_charger-fix-unchecked-return-value.patch
+arm64-compat-reduce-address-limit.patch
+arm64-clear-osdlr_el1-on-cpu-boot.patch
+arm64-save-and-restore-osdlr_el1-across-suspend-resume.patch
+sched-x86-save-flags-on-context-switch.patch
+crypto-chacha20poly1305-set-cra_name-correctly.patch
+crypto-vmx-fix-copy-paste-error-in-ctr-mode.patch
+crypto-skcipher-don-t-warn-on-unprocessed-data-after-slow-walk-step.patch
+crypto-crct10dif-generic-fix-use-via-crypto_shash_digest.patch
+crypto-x86-crct10dif-pcl-fix-use-via-crypto_shash_digest.patch
+crypto-gcm-fix-incompatibility-between-gcm-and-gcm_base.patch
+crypto-rockchip-update-iv-buffer-to-contain-the-next-iv.patch
+crypto-arm-aes-neonbs-don-t-access-already-freed-walk.iv.patch
--- /dev/null
+From 9d8d0294e78a164d407133dea05caf4b84247d6a Mon Sep 17 00:00:00 2001
+From: Andy Lutomirski <luto@kernel.org>
+Date: Tue, 14 May 2019 13:24:40 -0700
+Subject: x86/speculation/mds: Improve CPU buffer clear documentation
+
+From: Andy Lutomirski <luto@kernel.org>
+
+commit 9d8d0294e78a164d407133dea05caf4b84247d6a upstream.
+
+On x86_64, all returns to usermode go through
+prepare_exit_to_usermode(), with the sole exception of do_nmi().
+This even includes machine checks -- this was added several years
+ago to support MCE recovery. Update the documentation.
+
+Signed-off-by: Andy Lutomirski <luto@kernel.org>
+Cc: Borislav Petkov <bp@suse.de>
+Cc: Frederic Weisbecker <frederic@kernel.org>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Jon Masters <jcm@redhat.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Thomas Gleixner <tglx@linutronix.de>
+Cc: stable@vger.kernel.org
+Fixes: 04dcbdb80578 ("x86/speculation/mds: Clear CPU buffers on exit to user")
+Link: http://lkml.kernel.org/r/999fa9e126ba6a48e9d214d2f18dbde5c62ac55c.1557865329.git.luto@kernel.org
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ Documentation/x86/mds.rst | 39 +++++++--------------------------------
+ 1 file changed, 7 insertions(+), 32 deletions(-)
+
+--- a/Documentation/x86/mds.rst
++++ b/Documentation/x86/mds.rst
+@@ -142,38 +142,13 @@ Mitigation points
+ mds_user_clear.
+
+ The mitigation is invoked in prepare_exit_to_usermode() which covers
+- most of the kernel to user space transitions. There are a few exceptions
+- which are not invoking prepare_exit_to_usermode() on return to user
+- space. These exceptions use the paranoid exit code.
+-
+- - Non Maskable Interrupt (NMI):
+-
+- Access to sensible data like keys, credentials in the NMI context is
+- mostly theoretical: The CPU can do prefetching or execute a
+- misspeculated code path and thereby fetching data which might end up
+- leaking through a buffer.
+-
+- But for mounting other attacks the kernel stack address of the task is
+- already valuable information. So in full mitigation mode, the NMI is
+- mitigated on the return from do_nmi() to provide almost complete
+- coverage.
+-
+- - Machine Check Exception (#MC):
+-
+- Another corner case is a #MC which hits between the CPU buffer clear
+- invocation and the actual return to user. As this still is in kernel
+- space it takes the paranoid exit path which does not clear the CPU
+- buffers. So the #MC handler repopulates the buffers to some
+- extent. Machine checks are not reliably controllable and the window is
+- extremly small so mitigation would just tick a checkbox that this
+- theoretical corner case is covered. To keep the amount of special
+- cases small, ignore #MC.
+-
+- - Debug Exception (#DB):
+-
+- This takes the paranoid exit path only when the INT1 breakpoint is in
+- kernel space. #DB on a user space address takes the regular exit path,
+- so no extra mitigation required.
++ all but one of the kernel to user space transitions. The exception
++ is when we return from a Non Maskable Interrupt (NMI), which is
++ handled directly in do_nmi().
++
++ (The reason that NMI is special is that prepare_exit_to_usermode() can
++ enable IRQs. In NMI context, NMIs are blocked, and we don't want to
++ enable IRQs with NMIs blocked.)
+
+
+ 2. C-State transition
--- /dev/null
+From 88640e1dcd089879530a49a8d212d1814678dfe7 Mon Sep 17 00:00:00 2001
+From: Andy Lutomirski <luto@kernel.org>
+Date: Tue, 14 May 2019 13:24:39 -0700
+Subject: x86/speculation/mds: Revert CPU buffer clear on double fault exit
+
+From: Andy Lutomirski <luto@kernel.org>
+
+commit 88640e1dcd089879530a49a8d212d1814678dfe7 upstream.
+
+The double fault ESPFIX path doesn't return to user mode at all --
+it returns back to the kernel by simulating a #GP fault.
+prepare_exit_to_usermode() will run on the way out of
+general_protection before running user code.
+
+Signed-off-by: Andy Lutomirski <luto@kernel.org>
+Cc: Borislav Petkov <bp@suse.de>
+Cc: Frederic Weisbecker <frederic@kernel.org>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Jon Masters <jcm@redhat.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Thomas Gleixner <tglx@linutronix.de>
+Cc: stable@vger.kernel.org
+Fixes: 04dcbdb80578 ("x86/speculation/mds: Clear CPU buffers on exit to user")
+Link: http://lkml.kernel.org/r/ac97612445c0a44ee10374f6ea79c222fe22a5c4.1557865329.git.luto@kernel.org
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ Documentation/x86/mds.rst | 7 -------
+ arch/x86/kernel/traps.c | 8 --------
+ 2 files changed, 15 deletions(-)
+
+--- a/Documentation/x86/mds.rst
++++ b/Documentation/x86/mds.rst
+@@ -158,13 +158,6 @@ Mitigation points
+ mitigated on the return from do_nmi() to provide almost complete
+ coverage.
+
+- - Double fault (#DF):
+-
+- A double fault is usually fatal, but the ESPFIX workaround, which can
+- be triggered from user space through modify_ldt(2) is a recoverable
+- double fault. #DF uses the paranoid exit path, so explicit mitigation
+- in the double fault handler is required.
+-
+ - Machine Check Exception (#MC):
+
+ Another corner case is a #MC which hits between the CPU buffer clear
+--- a/arch/x86/kernel/traps.c
++++ b/arch/x86/kernel/traps.c
+@@ -58,7 +58,6 @@
+ #include <asm/alternative.h>
+ #include <asm/fpu/xstate.h>
+ #include <asm/trace/mpx.h>
+-#include <asm/nospec-branch.h>
+ #include <asm/mpx.h>
+ #include <asm/vm86.h>
+
+@@ -386,13 +385,6 @@ dotraplinkage void do_double_fault(struc
+ regs->ip = (unsigned long)general_protection;
+ regs->sp = (unsigned long)&gpregs->orig_ax;
+
+- /*
+- * This situation can be triggered by userspace via
+- * modify_ldt(2) and the return does not take the regular
+- * user space exit, so a CPU buffer clear is required when
+- * MDS mitigation is enabled.
+- */
+- mds_user_clear_cpu_buffers();
+ return;
+ }
+ #endif
projects / thirdparty / kernel / stable-queue.git / commitdiff
