--- /dev/null
+From 5faf071d08ddd1c1be66deaa93a09ccf43f5b538 Mon Sep 17 00:00:00 2001
+From: Charles Keepax <ckeepax@opensource.wolfsonmicro.com>
+Date: Fri, 21 Oct 2016 14:18:48 +0100
+Subject: ASoC: samsung: i2s: Fixup last IRQ unsafe spin lock call
+
+From: Charles Keepax <ckeepax@opensource.wolfsonmicro.com>
+
+commit 5faf071d08ddd1c1be66deaa93a09ccf43f5b538 upstream.
+
+Unfortunately, I seem to have missed a case where an IRQ safe spinlock was
+required, in samsung_i2s_dai_remove, when I fixed up the other calls in
+this patch:
+
+316fa9e09ad7 ("ASoC: samsung: Use IRQ safe spin lock calls")
+
+This causes a lockdep warning when unbinding and rebinding the audio card:
+
+[ 104.357664] CPU0 CPU1
+[ 104.362174] ---- ----
+[ 104.366692] lock(&(&pri_dai->spinlock)->rlock);
+[ 104.371372] local_irq_disable();
+[ 104.377283] lock(&(&substream->self_group.lock)->rlock);
+[ 104.385259] lock(&(&pri_dai->spinlock)->rlock);
+[ 104.392469] <Interrupt>
+[ 104.395072] lock(&(&substream->self_group.lock)->rlock);
+[ 104.400710]
+[ 104.400710] *** DEADLOCK ***
+
+Fixes: ce8bcdbb61d9 ("ASoC: samsung: i2s: Protect more registers with a spinlock")
+Signed-off-by: Charles Keepax <ckeepax@opensource.wolfsonmicro.com>
+Reviewed-by: Krzysztof Kozlowski <krzk@kernel.org>
+Reviewed-by: Sylwester Nawrocki <s.nawrocki@samsung.com>
+Signed-off-by: Mark Brown <broonie@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ sound/soc/samsung/i2s.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sound/soc/samsung/i2s.c
++++ b/sound/soc/samsung/i2s.c
+@@ -1027,12 +1027,13 @@ static int samsung_i2s_dai_probe(struct
+ static int samsung_i2s_dai_remove(struct snd_soc_dai *dai)
+ {
+ struct i2s_dai *i2s = snd_soc_dai_get_drvdata(dai);
++ unsigned long flags;
+
+ if (!is_secondary(i2s)) {
+ if (i2s->quirks & QUIRK_NEED_RSTCLR) {
+- spin_lock(i2s->lock);
++ spin_lock_irqsave(i2s->lock, flags);
+ writel(0, i2s->addr + I2SCON);
+- spin_unlock(i2s->lock);
++ spin_unlock_irqrestore(i2s->lock, flags);
+ }
+ }
+
--- /dev/null
+From 20979202ee6e4c68dab7bcf408787225a656d18e Mon Sep 17 00:00:00 2001
+From: Pan Bian <bianpan2016@163.com>
+Date: Thu, 1 Dec 2016 14:25:44 +0800
+Subject: clk: clk-wm831x: fix a logic error
+
+From: Pan Bian <bianpan2016@163.com>
+
+commit 20979202ee6e4c68dab7bcf408787225a656d18e upstream.
+
+Fix bug https://bugzilla.kernel.org/show_bug.cgi?id=188561. Function
+wm831x_clkout_is_prepared() returns "true" when it fails to read
+CLOCK_CONTROL_1. "true" means the device is already prepared. So
+return "true" on the read failure seems improper.
+
+Signed-off-by: Pan Bian <bianpan2016@163.com>
+Acked-by: Charles Keepax <ckeepax@opensource.wolfsonmicro.com>
+Fixes: f05259a6ffa4 ("clk: wm831x: Add initial WM831x clock driver")
+Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/clk/clk-wm831x.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/clk/clk-wm831x.c
++++ b/drivers/clk/clk-wm831x.c
+@@ -247,7 +247,7 @@ static int wm831x_clkout_is_prepared(str
+ if (ret < 0) {
+ dev_err(wm831x->dev, "Unable to read CLOCK_CONTROL_1: %d\n",
+ ret);
+- return true;
++ return false;
+ }
+
+ return (ret & WM831X_CLKOUT_ENA) != 0;
--- /dev/null
+From bae203d58b7dce89664071b3fafe20cedaa3e4f6 Mon Sep 17 00:00:00 2001
+From: Vladimir Zapolskiy <vz@mleia.com>
+Date: Mon, 26 Sep 2016 03:03:42 +0300
+Subject: clk: imx31: fix rewritten input argument of mx31_clocks_init()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Vladimir Zapolskiy <vz@mleia.com>
+
+commit bae203d58b7dce89664071b3fafe20cedaa3e4f6 upstream.
+
+Function mx31_clocks_init() is called during clock intialization on
+legacy boards with reference clock frequency passed as its input
+argument, this can be verified by examination of the function
+declaration found in arch/arm/mach-imx/common.h and actual function
+users which include that header file.
+
+Inside CCF driver the function ignores its input argument, by chance
+the used value in the function body is the same as input arguments on
+side of all callers.
+
+Fixes: d9388c843237 ("clk: imx31: Do not call mxc_timer_init twice when booting with DT")
+Signed-off-by: Vladimir Zapolskiy <vz@mleia.com>
+Reviewed-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
+Acked-by: Stephen Boyd <sboyd@codeaurora.org>
+Signed-off-by: Shawn Guo <shawnguo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/clk/imx/clk-imx31.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+--- a/drivers/clk/imx/clk-imx31.c
++++ b/drivers/clk/imx/clk-imx31.c
+@@ -157,10 +157,8 @@ static void __init _mx31_clocks_init(uns
+ }
+ }
+
+-int __init mx31_clocks_init(void)
++int __init mx31_clocks_init(unsigned long fref)
+ {
+- u32 fref = 26000000; /* default */
+-
+ _mx31_clocks_init(fref);
+
+ clk_register_clkdev(clk[gpt_gate], "per", "imx-gpt.0");
--- /dev/null
+From 58010fa6f71c9577922b22e46014b95a4ec80fa0 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Date: Tue, 11 Oct 2016 19:15:20 +0100
+Subject: crypto: arm/aes-ce - fix for big endian
+
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+
+commit 58010fa6f71c9577922b22e46014b95a4ec80fa0 upstream.
+
+The AES key schedule generation is mostly endian agnostic, with the
+exception of the rotation and the incorporation of the round constant
+at the start of each round. So implement a big endian specific version
+of that part to make the whole routine big endian compatible.
+
+Fixes: 86464859cc77 ("crypto: arm - AES in ECB/CBC/CTR/XTS modes using ARMv8 Crypto Extensions")
+Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/crypto/aes-ce-glue.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/arch/arm/crypto/aes-ce-glue.c
++++ b/arch/arm/crypto/aes-ce-glue.c
+@@ -87,8 +87,13 @@ static int ce_aes_expandkey(struct crypt
+ u32 *rki = ctx->key_enc + (i * kwords);
+ u32 *rko = rki + kwords;
+
++#ifndef CONFIG_CPU_BIG_ENDIAN
+ rko[0] = ror32(ce_aes_sub(rki[kwords - 1]), 8);
+ rko[0] = rko[0] ^ rki[0] ^ rcon[i];
++#else
++ rko[0] = rol32(ce_aes_sub(rki[kwords - 1]), 8);
++ rko[0] = rko[0] ^ rki[0] ^ (rcon[i] << 24);
++#endif
+ rko[1] = rko[0] ^ rki[1];
+ rko[2] = rko[1] ^ rki[2];
+ rko[3] = rko[2] ^ rki[3];
--- /dev/null
+From 56e4e76c68fcb51547b5299e5b66a135935ff414 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Date: Tue, 11 Oct 2016 19:15:17 +0100
+Subject: crypto: arm64/aes-ccm-ce: fix for big endian
+
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+
+commit 56e4e76c68fcb51547b5299e5b66a135935ff414 upstream.
+
+The AES-CCM implementation that uses ARMv8 Crypto Extensions instructions
+refers to the AES round keys as pairs of 64-bit quantities, which causes
+failures when building the code for big endian. In addition, it byte swaps
+the input counter unconditionally, while this is only required for little
+endian builds. So fix both issues.
+
+Fixes: 12ac3efe74f8 ("arm64/crypto: use crypto instructions to generate AES key schedule")
+Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/crypto/aes-ce-ccm-core.S | 53 ++++++++++++++++++------------------
+ 1 file changed, 27 insertions(+), 26 deletions(-)
+
+--- a/arch/arm64/crypto/aes-ce-ccm-core.S
++++ b/arch/arm64/crypto/aes-ce-ccm-core.S
+@@ -9,6 +9,7 @@
+ */
+
+ #include <linux/linkage.h>
++#include <asm/assembler.h>
+
+ .text
+ .arch armv8-a+crypto
+@@ -19,7 +20,7 @@
+ */
+ ENTRY(ce_aes_ccm_auth_data)
+ ldr w8, [x3] /* leftover from prev round? */
+- ld1 {v0.2d}, [x0] /* load mac */
++ ld1 {v0.16b}, [x0] /* load mac */
+ cbz w8, 1f
+ sub w8, w8, #16
+ eor v1.16b, v1.16b, v1.16b
+@@ -31,7 +32,7 @@ ENTRY(ce_aes_ccm_auth_data)
+ beq 8f /* out of input? */
+ cbnz w8, 0b
+ eor v0.16b, v0.16b, v1.16b
+-1: ld1 {v3.2d}, [x4] /* load first round key */
++1: ld1 {v3.16b}, [x4] /* load first round key */
+ prfm pldl1strm, [x1]
+ cmp w5, #12 /* which key size? */
+ add x6, x4, #16
+@@ -41,17 +42,17 @@ ENTRY(ce_aes_ccm_auth_data)
+ mov v5.16b, v3.16b
+ b 4f
+ 2: mov v4.16b, v3.16b
+- ld1 {v5.2d}, [x6], #16 /* load 2nd round key */
++ ld1 {v5.16b}, [x6], #16 /* load 2nd round key */
+ 3: aese v0.16b, v4.16b
+ aesmc v0.16b, v0.16b
+-4: ld1 {v3.2d}, [x6], #16 /* load next round key */
++4: ld1 {v3.16b}, [x6], #16 /* load next round key */
+ aese v0.16b, v5.16b
+ aesmc v0.16b, v0.16b
+-5: ld1 {v4.2d}, [x6], #16 /* load next round key */
++5: ld1 {v4.16b}, [x6], #16 /* load next round key */
+ subs w7, w7, #3
+ aese v0.16b, v3.16b
+ aesmc v0.16b, v0.16b
+- ld1 {v5.2d}, [x6], #16 /* load next round key */
++ ld1 {v5.16b}, [x6], #16 /* load next round key */
+ bpl 3b
+ aese v0.16b, v4.16b
+ subs w2, w2, #16 /* last data? */
+@@ -60,7 +61,7 @@ ENTRY(ce_aes_ccm_auth_data)
+ ld1 {v1.16b}, [x1], #16 /* load next input block */
+ eor v0.16b, v0.16b, v1.16b /* xor with mac */
+ bne 1b
+-6: st1 {v0.2d}, [x0] /* store mac */
++6: st1 {v0.16b}, [x0] /* store mac */
+ beq 10f
+ adds w2, w2, #16
+ beq 10f
+@@ -79,7 +80,7 @@ ENTRY(ce_aes_ccm_auth_data)
+ adds w7, w7, #1
+ bne 9b
+ eor v0.16b, v0.16b, v1.16b
+- st1 {v0.2d}, [x0]
++ st1 {v0.16b}, [x0]
+ 10: str w8, [x3]
+ ret
+ ENDPROC(ce_aes_ccm_auth_data)
+@@ -89,27 +90,27 @@ ENDPROC(ce_aes_ccm_auth_data)
+ * u32 rounds);
+ */
+ ENTRY(ce_aes_ccm_final)
+- ld1 {v3.2d}, [x2], #16 /* load first round key */
+- ld1 {v0.2d}, [x0] /* load mac */
++ ld1 {v3.16b}, [x2], #16 /* load first round key */
++ ld1 {v0.16b}, [x0] /* load mac */
+ cmp w3, #12 /* which key size? */
+ sub w3, w3, #2 /* modified # of rounds */
+- ld1 {v1.2d}, [x1] /* load 1st ctriv */
++ ld1 {v1.16b}, [x1] /* load 1st ctriv */
+ bmi 0f
+ bne 3f
+ mov v5.16b, v3.16b
+ b 2f
+ 0: mov v4.16b, v3.16b
+-1: ld1 {v5.2d}, [x2], #16 /* load next round key */
++1: ld1 {v5.16b}, [x2], #16 /* load next round key */
+ aese v0.16b, v4.16b
+ aesmc v0.16b, v0.16b
+ aese v1.16b, v4.16b
+ aesmc v1.16b, v1.16b
+-2: ld1 {v3.2d}, [x2], #16 /* load next round key */
++2: ld1 {v3.16b}, [x2], #16 /* load next round key */
+ aese v0.16b, v5.16b
+ aesmc v0.16b, v0.16b
+ aese v1.16b, v5.16b
+ aesmc v1.16b, v1.16b
+-3: ld1 {v4.2d}, [x2], #16 /* load next round key */
++3: ld1 {v4.16b}, [x2], #16 /* load next round key */
+ subs w3, w3, #3
+ aese v0.16b, v3.16b
+ aesmc v0.16b, v0.16b
+@@ -120,47 +121,47 @@ ENTRY(ce_aes_ccm_final)
+ aese v1.16b, v4.16b
+ /* final round key cancels out */
+ eor v0.16b, v0.16b, v1.16b /* en-/decrypt the mac */
+- st1 {v0.2d}, [x0] /* store result */
++ st1 {v0.16b}, [x0] /* store result */
+ ret
+ ENDPROC(ce_aes_ccm_final)
+
+ .macro aes_ccm_do_crypt,enc
+ ldr x8, [x6, #8] /* load lower ctr */
+- ld1 {v0.2d}, [x5] /* load mac */
+- rev x8, x8 /* keep swabbed ctr in reg */
++ ld1 {v0.16b}, [x5] /* load mac */
++CPU_LE( rev x8, x8 ) /* keep swabbed ctr in reg */
+ 0: /* outer loop */
+- ld1 {v1.1d}, [x6] /* load upper ctr */
++ ld1 {v1.8b}, [x6] /* load upper ctr */
+ prfm pldl1strm, [x1]
+ add x8, x8, #1
+ rev x9, x8
+ cmp w4, #12 /* which key size? */
+ sub w7, w4, #2 /* get modified # of rounds */
+ ins v1.d[1], x9 /* no carry in lower ctr */
+- ld1 {v3.2d}, [x3] /* load first round key */
++ ld1 {v3.16b}, [x3] /* load first round key */
+ add x10, x3, #16
+ bmi 1f
+ bne 4f
+ mov v5.16b, v3.16b
+ b 3f
+ 1: mov v4.16b, v3.16b
+- ld1 {v5.2d}, [x10], #16 /* load 2nd round key */
++ ld1 {v5.16b}, [x10], #16 /* load 2nd round key */
+ 2: /* inner loop: 3 rounds, 2x interleaved */
+ aese v0.16b, v4.16b
+ aesmc v0.16b, v0.16b
+ aese v1.16b, v4.16b
+ aesmc v1.16b, v1.16b
+-3: ld1 {v3.2d}, [x10], #16 /* load next round key */
++3: ld1 {v3.16b}, [x10], #16 /* load next round key */
+ aese v0.16b, v5.16b
+ aesmc v0.16b, v0.16b
+ aese v1.16b, v5.16b
+ aesmc v1.16b, v1.16b
+-4: ld1 {v4.2d}, [x10], #16 /* load next round key */
++4: ld1 {v4.16b}, [x10], #16 /* load next round key */
+ subs w7, w7, #3
+ aese v0.16b, v3.16b
+ aesmc v0.16b, v0.16b
+ aese v1.16b, v3.16b
+ aesmc v1.16b, v1.16b
+- ld1 {v5.2d}, [x10], #16 /* load next round key */
++ ld1 {v5.16b}, [x10], #16 /* load next round key */
+ bpl 2b
+ aese v0.16b, v4.16b
+ aese v1.16b, v4.16b
+@@ -177,14 +178,14 @@ ENDPROC(ce_aes_ccm_final)
+ eor v0.16b, v0.16b, v2.16b /* xor mac with pt ^ rk[last] */
+ st1 {v1.16b}, [x0], #16 /* write output block */
+ bne 0b
+- rev x8, x8
+- st1 {v0.2d}, [x5] /* store mac */
++CPU_LE( rev x8, x8 )
++ st1 {v0.16b}, [x5] /* store mac */
+ str x8, [x6, #8] /* store lsb end of ctr (BE) */
+ 5: ret
+
+ 6: eor v0.16b, v0.16b, v5.16b /* final round mac */
+ eor v1.16b, v1.16b, v5.16b /* final round enc */
+- st1 {v0.2d}, [x5] /* store mac */
++ st1 {v0.16b}, [x5] /* store mac */
+ add w2, w2, #16 /* process partial tail block */
+ 7: ldrb w9, [x1], #1 /* get 1 byte of input */
+ umov w6, v1.b[0] /* get top crypted ctr byte */
--- /dev/null
+From 1803b9a52c4e5a5dbb8a27126f6bc06939359753 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Date: Tue, 11 Oct 2016 19:15:13 +0100
+Subject: crypto: arm64/aes-ce - fix for big endian
+
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+
+commit 1803b9a52c4e5a5dbb8a27126f6bc06939359753 upstream.
+
+The core AES cipher implementation that uses ARMv8 Crypto Extensions
+instructions erroneously loads the round keys as 64-bit quantities,
+which causes the algorithm to fail when built for big endian. In
+addition, the key schedule generation routine fails to take endianness
+into account as well, when loading the combining the input key with
+the round constants. So fix both issues.
+
+Fixes: 12ac3efe74f8 ("arm64/crypto: use crypto instructions to generate AES key schedule")
+Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/crypto/aes-ce-cipher.c | 25 +++++++++++++++----------
+ 1 file changed, 15 insertions(+), 10 deletions(-)
+
+--- a/arch/arm64/crypto/aes-ce-cipher.c
++++ b/arch/arm64/crypto/aes-ce-cipher.c
+@@ -47,24 +47,24 @@ static void aes_cipher_encrypt(struct cr
+ kernel_neon_begin_partial(4);
+
+ __asm__(" ld1 {v0.16b}, %[in] ;"
+- " ld1 {v1.2d}, [%[key]], #16 ;"
++ " ld1 {v1.16b}, [%[key]], #16 ;"
+ " cmp %w[rounds], #10 ;"
+ " bmi 0f ;"
+ " bne 3f ;"
+ " mov v3.16b, v1.16b ;"
+ " b 2f ;"
+ "0: mov v2.16b, v1.16b ;"
+- " ld1 {v3.2d}, [%[key]], #16 ;"
++ " ld1 {v3.16b}, [%[key]], #16 ;"
+ "1: aese v0.16b, v2.16b ;"
+ " aesmc v0.16b, v0.16b ;"
+- "2: ld1 {v1.2d}, [%[key]], #16 ;"
++ "2: ld1 {v1.16b}, [%[key]], #16 ;"
+ " aese v0.16b, v3.16b ;"
+ " aesmc v0.16b, v0.16b ;"
+- "3: ld1 {v2.2d}, [%[key]], #16 ;"
++ "3: ld1 {v2.16b}, [%[key]], #16 ;"
+ " subs %w[rounds], %w[rounds], #3 ;"
+ " aese v0.16b, v1.16b ;"
+ " aesmc v0.16b, v0.16b ;"
+- " ld1 {v3.2d}, [%[key]], #16 ;"
++ " ld1 {v3.16b}, [%[key]], #16 ;"
+ " bpl 1b ;"
+ " aese v0.16b, v2.16b ;"
+ " eor v0.16b, v0.16b, v3.16b ;"
+@@ -92,24 +92,24 @@ static void aes_cipher_decrypt(struct cr
+ kernel_neon_begin_partial(4);
+
+ __asm__(" ld1 {v0.16b}, %[in] ;"
+- " ld1 {v1.2d}, [%[key]], #16 ;"
++ " ld1 {v1.16b}, [%[key]], #16 ;"
+ " cmp %w[rounds], #10 ;"
+ " bmi 0f ;"
+ " bne 3f ;"
+ " mov v3.16b, v1.16b ;"
+ " b 2f ;"
+ "0: mov v2.16b, v1.16b ;"
+- " ld1 {v3.2d}, [%[key]], #16 ;"
++ " ld1 {v3.16b}, [%[key]], #16 ;"
+ "1: aesd v0.16b, v2.16b ;"
+ " aesimc v0.16b, v0.16b ;"
+- "2: ld1 {v1.2d}, [%[key]], #16 ;"
++ "2: ld1 {v1.16b}, [%[key]], #16 ;"
+ " aesd v0.16b, v3.16b ;"
+ " aesimc v0.16b, v0.16b ;"
+- "3: ld1 {v2.2d}, [%[key]], #16 ;"
++ "3: ld1 {v2.16b}, [%[key]], #16 ;"
+ " subs %w[rounds], %w[rounds], #3 ;"
+ " aesd v0.16b, v1.16b ;"
+ " aesimc v0.16b, v0.16b ;"
+- " ld1 {v3.2d}, [%[key]], #16 ;"
++ " ld1 {v3.16b}, [%[key]], #16 ;"
+ " bpl 1b ;"
+ " aesd v0.16b, v2.16b ;"
+ " eor v0.16b, v0.16b, v3.16b ;"
+@@ -173,7 +173,12 @@ int ce_aes_expandkey(struct crypto_aes_c
+ u32 *rki = ctx->key_enc + (i * kwords);
+ u32 *rko = rki + kwords;
+
++#ifndef CONFIG_CPU_BIG_ENDIAN
+ rko[0] = ror32(aes_sub(rki[kwords - 1]), 8) ^ rcon[i] ^ rki[0];
++#else
++ rko[0] = rol32(aes_sub(rki[kwords - 1]), 8) ^ (rcon[i] << 24) ^
++ rki[0];
++#endif
+ rko[1] = rko[0] ^ rki[1];
+ rko[2] = rko[1] ^ rki[2];
+ rko[3] = rko[2] ^ rki[3];
--- /dev/null
+From a2c435cc99862fd3d165e1b66bf48ac72c839c62 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Date: Tue, 11 Oct 2016 19:15:18 +0100
+Subject: crypto: arm64/aes-neon - fix for big endian
+
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+
+commit a2c435cc99862fd3d165e1b66bf48ac72c839c62 upstream.
+
+The AES implementation using pure NEON instructions relies on the generic
+AES key schedule generation routines, which store the round keys as arrays
+of 32-bit quantities stored in memory using native endianness. This means
+we should refer to these round keys using 4x4 loads rather than 16x1 loads.
+In addition, the ShiftRows tables are loading using a single scalar load,
+which is also affected by endianness, so emit these tables in the correct
+order depending on whether we are building for big endian or not.
+
+Fixes: 49788fe2a128 ("arm64/crypto: AES-ECB/CBC/CTR/XTS using ARMv8 NEON and Crypto Extensions")
+Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/crypto/aes-neon.S | 25 +++++++++++++++----------
+ 1 file changed, 15 insertions(+), 10 deletions(-)
+
+--- a/arch/arm64/crypto/aes-neon.S
++++ b/arch/arm64/crypto/aes-neon.S
+@@ -9,6 +9,7 @@
+ */
+
+ #include <linux/linkage.h>
++#include <asm/assembler.h>
+
+ #define AES_ENTRY(func) ENTRY(neon_ ## func)
+ #define AES_ENDPROC(func) ENDPROC(neon_ ## func)
+@@ -83,13 +84,13 @@
+ .endm
+
+ .macro do_block, enc, in, rounds, rk, rkp, i
+- ld1 {v15.16b}, [\rk]
++ ld1 {v15.4s}, [\rk]
+ add \rkp, \rk, #16
+ mov \i, \rounds
+ 1111: eor \in\().16b, \in\().16b, v15.16b /* ^round key */
+ tbl \in\().16b, {\in\().16b}, v13.16b /* ShiftRows */
+ sub_bytes \in
+- ld1 {v15.16b}, [\rkp], #16
++ ld1 {v15.4s}, [\rkp], #16
+ subs \i, \i, #1
+ beq 2222f
+ .if \enc == 1
+@@ -229,7 +230,7 @@
+ .endm
+
+ .macro do_block_2x, enc, in0, in1 rounds, rk, rkp, i
+- ld1 {v15.16b}, [\rk]
++ ld1 {v15.4s}, [\rk]
+ add \rkp, \rk, #16
+ mov \i, \rounds
+ 1111: eor \in0\().16b, \in0\().16b, v15.16b /* ^round key */
+@@ -237,7 +238,7 @@
+ sub_bytes_2x \in0, \in1
+ tbl \in0\().16b, {\in0\().16b}, v13.16b /* ShiftRows */
+ tbl \in1\().16b, {\in1\().16b}, v13.16b /* ShiftRows */
+- ld1 {v15.16b}, [\rkp], #16
++ ld1 {v15.4s}, [\rkp], #16
+ subs \i, \i, #1
+ beq 2222f
+ .if \enc == 1
+@@ -254,7 +255,7 @@
+ .endm
+
+ .macro do_block_4x, enc, in0, in1, in2, in3, rounds, rk, rkp, i
+- ld1 {v15.16b}, [\rk]
++ ld1 {v15.4s}, [\rk]
+ add \rkp, \rk, #16
+ mov \i, \rounds
+ 1111: eor \in0\().16b, \in0\().16b, v15.16b /* ^round key */
+@@ -266,7 +267,7 @@
+ tbl \in1\().16b, {\in1\().16b}, v13.16b /* ShiftRows */
+ tbl \in2\().16b, {\in2\().16b}, v13.16b /* ShiftRows */
+ tbl \in3\().16b, {\in3\().16b}, v13.16b /* ShiftRows */
+- ld1 {v15.16b}, [\rkp], #16
++ ld1 {v15.4s}, [\rkp], #16
+ subs \i, \i, #1
+ beq 2222f
+ .if \enc == 1
+@@ -306,12 +307,16 @@
+ .text
+ .align 4
+ .LForward_ShiftRows:
+- .byte 0x0, 0x5, 0xa, 0xf, 0x4, 0x9, 0xe, 0x3
+- .byte 0x8, 0xd, 0x2, 0x7, 0xc, 0x1, 0x6, 0xb
++CPU_LE( .byte 0x0, 0x5, 0xa, 0xf, 0x4, 0x9, 0xe, 0x3 )
++CPU_LE( .byte 0x8, 0xd, 0x2, 0x7, 0xc, 0x1, 0x6, 0xb )
++CPU_BE( .byte 0xb, 0x6, 0x1, 0xc, 0x7, 0x2, 0xd, 0x8 )
++CPU_BE( .byte 0x3, 0xe, 0x9, 0x4, 0xf, 0xa, 0x5, 0x0 )
+
+ .LReverse_ShiftRows:
+- .byte 0x0, 0xd, 0xa, 0x7, 0x4, 0x1, 0xe, 0xb
+- .byte 0x8, 0x5, 0x2, 0xf, 0xc, 0x9, 0x6, 0x3
++CPU_LE( .byte 0x0, 0xd, 0xa, 0x7, 0x4, 0x1, 0xe, 0xb )
++CPU_LE( .byte 0x8, 0x5, 0x2, 0xf, 0xc, 0x9, 0x6, 0x3 )
++CPU_BE( .byte 0x3, 0x6, 0x9, 0xc, 0xf, 0x2, 0x5, 0x8 )
++CPU_BE( .byte 0xb, 0xe, 0x1, 0x4, 0x7, 0xa, 0xd, 0x0 )
+
+ .LForward_Sbox:
+ .byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
--- /dev/null
+From caf4b9e2b326cc2a5005a5c557274306536ace61 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Date: Tue, 11 Oct 2016 19:15:19 +0100
+Subject: crypto: arm64/aes-xts-ce: fix for big endian
+
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+
+commit caf4b9e2b326cc2a5005a5c557274306536ace61 upstream.
+
+Emit the XTS tweak literal constants in the appropriate order for a
+single 128-bit scalar literal load.
+
+Fixes: 49788fe2a128 ("arm64/crypto: AES-ECB/CBC/CTR/XTS using ARMv8 NEON and Crypto Extensions")
+Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/crypto/aes-ce.S | 1 +
+ arch/arm64/crypto/aes-modes.S | 3 ++-
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+--- a/arch/arm64/crypto/aes-ce.S
++++ b/arch/arm64/crypto/aes-ce.S
+@@ -10,6 +10,7 @@
+ */
+
+ #include <linux/linkage.h>
++#include <asm/assembler.h>
+
+ #define AES_ENTRY(func) ENTRY(ce_ ## func)
+ #define AES_ENDPROC(func) ENDPROC(ce_ ## func)
+--- a/arch/arm64/crypto/aes-modes.S
++++ b/arch/arm64/crypto/aes-modes.S
+@@ -386,7 +386,8 @@ AES_ENDPROC(aes_ctr_encrypt)
+ .endm
+
+ .Lxts_mul_x:
+- .word 1, 0, 0x87, 0
++CPU_LE( .quad 1, 0x87 )
++CPU_BE( .quad 0x87, 1 )
+
+ AES_ENTRY(aes_xts_encrypt)
+ FRAME_PUSH
--- /dev/null
+From 9c433ad5083fd4a4a3c721d86cbfbd0b2a2326a5 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Date: Tue, 11 Oct 2016 19:15:14 +0100
+Subject: crypto: arm64/ghash-ce - fix for big endian
+
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+
+commit 9c433ad5083fd4a4a3c721d86cbfbd0b2a2326a5 upstream.
+
+The GHASH key and digest are both pairs of 64-bit quantities, but the
+GHASH code does not always refer to them as such, causing failures when
+built for big endian. So replace the 16x1 loads and stores with 2x8 ones.
+
+Fixes: b913a6404ce2 ("arm64/crypto: improve performance of GHASH algorithm")
+Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/crypto/ghash-ce-core.S | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/arch/arm64/crypto/ghash-ce-core.S
++++ b/arch/arm64/crypto/ghash-ce-core.S
+@@ -29,8 +29,8 @@
+ * struct ghash_key const *k, const char *head)
+ */
+ ENTRY(pmull_ghash_update)
+- ld1 {SHASH.16b}, [x3]
+- ld1 {XL.16b}, [x1]
++ ld1 {SHASH.2d}, [x3]
++ ld1 {XL.2d}, [x1]
+ movi MASK.16b, #0xe1
+ ext SHASH2.16b, SHASH.16b, SHASH.16b, #8
+ shl MASK.2d, MASK.2d, #57
+@@ -74,6 +74,6 @@ CPU_LE( rev64 T1.16b, T1.16b )
+
+ cbnz w0, 0b
+
+- st1 {XL.16b}, [x1]
++ st1 {XL.2d}, [x1]
+ ret
+ ENDPROC(pmull_ghash_update)
--- /dev/null
+From ee71e5f1e7d25543ee63a80451871f8985b8d431 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Date: Tue, 11 Oct 2016 19:15:15 +0100
+Subject: crypto: arm64/sha1-ce - fix for big endian
+
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+
+commit ee71e5f1e7d25543ee63a80451871f8985b8d431 upstream.
+
+The SHA1 digest is an array of 5 32-bit quantities, so we should refer
+to them as such in order for this code to work correctly when built for
+big endian. So replace 16 byte scalar loads and stores with 4x4 vector
+ones where appropriate.
+
+Fixes: 2c98833a42cd ("arm64/crypto: SHA-1 using ARMv8 Crypto Extensions")
+Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/crypto/sha1-ce-core.S | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/arch/arm64/crypto/sha1-ce-core.S
++++ b/arch/arm64/crypto/sha1-ce-core.S
+@@ -78,7 +78,7 @@ ENTRY(sha1_ce_transform)
+ ld1r {k3.4s}, [x6]
+
+ /* load state */
+- ldr dga, [x0]
++ ld1 {dgav.4s}, [x0]
+ ldr dgb, [x0, #16]
+
+ /* load sha1_ce_state::finalize */
+@@ -144,7 +144,7 @@ CPU_LE( rev32 v11.16b, v11.16b )
+ b 1b
+
+ /* store new state */
+-3: str dga, [x0]
++3: st1 {dgav.4s}, [x0]
+ str dgb, [x0, #16]
+ ret
+ ENDPROC(sha1_ce_transform)
--- /dev/null
+From 174122c39c369ed924d2608fc0be0171997ce800 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Date: Tue, 11 Oct 2016 19:15:16 +0100
+Subject: crypto: arm64/sha2-ce - fix for big endian
+
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+
+commit 174122c39c369ed924d2608fc0be0171997ce800 upstream.
+
+The SHA256 digest is an array of 8 32-bit quantities, so we should refer
+to them as such in order for this code to work correctly when built for
+big endian. So replace 16 byte scalar loads and stores with 4x32 vector
+ones where appropriate.
+
+Fixes: 6ba6c74dfc6b ("arm64/crypto: SHA-224/SHA-256 using ARMv8 Crypto Extensions")
+Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/crypto/sha2-ce-core.S | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/arch/arm64/crypto/sha2-ce-core.S
++++ b/arch/arm64/crypto/sha2-ce-core.S
+@@ -85,7 +85,7 @@ ENTRY(sha2_ce_transform)
+ ld1 {v12.4s-v15.4s}, [x8]
+
+ /* load state */
+- ldp dga, dgb, [x0]
++ ld1 {dgav.4s, dgbv.4s}, [x0]
+
+ /* load sha256_ce_state::finalize */
+ ldr w4, [x0, #:lo12:sha256_ce_offsetof_finalize]
+@@ -148,6 +148,6 @@ CPU_LE( rev32 v19.16b, v19.16b )
+ b 1b
+
+ /* store new state */
+-3: stp dga, dgb, [x0]
++3: st1 {dgav.4s, dgbv.4s}, [x0]
+ ret
+ ENDPROC(sha2_ce_transform)
--- /dev/null
+From 4538bfbf2d9f1fc48c07ac0cc0ee58716fe7fe96 Mon Sep 17 00:00:00 2001
+From: Jared Bents <jared.bents@rockwellcollins.com>
+Date: Fri, 18 Nov 2016 22:20:38 -0600
+Subject: hwmon: (amc6821) sign extension temperature
+
+From: Jared Bents <jared.bents@rockwellcollins.com>
+
+commit 4538bfbf2d9f1fc48c07ac0cc0ee58716fe7fe96 upstream.
+
+Converts the unsigned temperature values from the i2c read
+to be sign extended as defined in the datasheet so that
+negative temperatures are properly read.
+
+Fixes: 28e6274d8fa67 ("hwmon: (amc6821) Avoid forward declaration")
+Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
+Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
+[groeck: Dropped unnecessary continuation line]
+Signed-off-by: Guenter Roeck <linux@roeck-us.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/hwmon/amc6821.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/drivers/hwmon/amc6821.c
++++ b/drivers/hwmon/amc6821.c
+@@ -188,8 +188,8 @@ static struct amc6821_data *amc6821_upda
+ !data->valid) {
+
+ for (i = 0; i < TEMP_IDX_LEN; i++)
+- data->temp[i] = i2c_smbus_read_byte_data(client,
+- temp_reg[i]);
++ data->temp[i] = (int8_t)i2c_smbus_read_byte_data(
++ client, temp_reg[i]);
+
+ data->stat1 = i2c_smbus_read_byte_data(client,
+ AMC6821_REG_STAT1);
--- /dev/null
+From e36ce99ee0815d7919a7b589bfb66f3de50b6bc7 Mon Sep 17 00:00:00 2001
+From: Guenter Roeck <linux@roeck-us.net>
+Date: Sun, 20 Nov 2016 10:37:39 -0800
+Subject: hwmon: (ds620) Fix overflows seen when writing temperature limits
+
+From: Guenter Roeck <linux@roeck-us.net>
+
+commit e36ce99ee0815d7919a7b589bfb66f3de50b6bc7 upstream.
+
+Module test reports:
+
+temp1_max: Suspected overflow: [160000 vs. 0]
+temp1_min: Suspected overflow: [160000 vs. 0]
+
+This is seen because the values passed when writing temperature limits
+are unbound.
+
+Reviewed-by: Jean Delvare <jdelvare@suse.de>
+Fixes: 6099469805c2 ("hwmon: Support for Dallas Semiconductor DS620")
+Signed-off-by: Guenter Roeck <linux@roeck-us.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/hwmon/ds620.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/hwmon/ds620.c
++++ b/drivers/hwmon/ds620.c
+@@ -166,7 +166,7 @@ static ssize_t set_temp(struct device *d
+ if (res)
+ return res;
+
+- val = (val * 10 / 625) * 8;
++ val = (clamp_val(val, -128000, 128000) * 10 / 625) * 8;
+
+ mutex_lock(&data->update_lock);
+ data->temp[attr->index] = val;
--- /dev/null
+From 4fccd4a1e8944033bcd7693ea4e8fb478cd2059a Mon Sep 17 00:00:00 2001
+From: Guenter Roeck <linux@roeck-us.net>
+Date: Sun, 11 Dec 2016 13:27:42 -0800
+Subject: hwmon: (g762) Fix overflows and crash seen when writing limit attributes
+
+From: Guenter Roeck <linux@roeck-us.net>
+
+commit 4fccd4a1e8944033bcd7693ea4e8fb478cd2059a upstream.
+
+Fix overflows seen when writing into fan speed limit attributes.
+Also fix crash due to division by zero, seen when certain very
+large values (such as 2147483648, or 0x80000000) are written
+into fan speed limit attributes.
+
+Fixes: 594fbe713bf60 ("Add support for GMT G762/G763 PWM fan controllers")
+Cc: Arnaud Ebalard <arno@natisbad.org>
+Reviewed-by: Jean Delvare <jdelvare@suse.de>
+Signed-off-by: Guenter Roeck <linux@roeck-us.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/hwmon/g762.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+--- a/drivers/hwmon/g762.c
++++ b/drivers/hwmon/g762.c
+@@ -193,14 +193,17 @@ static inline unsigned int rpm_from_cnt(
+ * Convert fan RPM value from sysfs into count value for fan controller
+ * register (FAN_SET_CNT).
+ */
+-static inline unsigned char cnt_from_rpm(u32 rpm, u32 clk_freq, u16 p,
++static inline unsigned char cnt_from_rpm(unsigned long rpm, u32 clk_freq, u16 p,
+ u8 clk_div, u8 gear_mult)
+ {
+- if (!rpm) /* to stop the fan, set cnt to 255 */
++ unsigned long f1 = clk_freq * 30 * gear_mult;
++ unsigned long f2 = p * clk_div;
++
++ if (!rpm) /* to stop the fan, set cnt to 255 */
+ return 0xff;
+
+- return clamp_val(((clk_freq * 30 * gear_mult) / (rpm * p * clk_div)),
+- 0, 255);
++ rpm = clamp_val(rpm, f1 / (255 * f2), ULONG_MAX / f2);
++ return DIV_ROUND_CLOSEST(f1, rpm * f2);
+ }
+
+ /* helper to grab and cache data, at most one time per second */
--- /dev/null
+From c0d04e9112ad59d73f23f3b0f6726c5e798dfcbf Mon Sep 17 00:00:00 2001
+From: Guenter Roeck <linux@roeck-us.net>
+Date: Sun, 4 Dec 2016 18:15:25 -0800
+Subject: hwmon: (nct7802) Fix overflows seen when writing into limit attributes
+
+From: Guenter Roeck <linux@roeck-us.net>
+
+commit c0d04e9112ad59d73f23f3b0f6726c5e798dfcbf upstream.
+
+Fix overflows seen when writing voltage and temperature limit attributes.
+
+The value passed to DIV_ROUND_CLOSEST() needs to be clamped, and the
+value parameter passed to nct7802_write_fan_min() is an unsigned long.
+
+Also, writing values larger than 2700000 into a fan limit attribute results
+in writing 0 into the chip's limit registers. The exact behavior when
+writing this value is unspecified. For consistency, report a limit of
+1350000 if the chip register reads 0. This may be wrong, and the chip
+behavior should be verified with the actual chip, but it is better than
+reporting a value of 0 (which, when written, results in writing a value
+of 0x1fff into the chip register).
+
+Fixes: 3434f3783580 ("hwmon: Driver for Nuvoton NCT7802Y")
+Reviewed-by: Jean Delvare <jdelvare@suse.de>
+Signed-off-by: Guenter Roeck <linux@roeck-us.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/hwmon/nct7802.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+--- a/drivers/hwmon/nct7802.c
++++ b/drivers/hwmon/nct7802.c
+@@ -259,13 +259,15 @@ static int nct7802_read_fan_min(struct n
+ ret = 0;
+ else if (ret)
+ ret = DIV_ROUND_CLOSEST(1350000U, ret);
++ else
++ ret = 1350000U;
+ abort:
+ mutex_unlock(&data->access_lock);
+ return ret;
+ }
+
+ static int nct7802_write_fan_min(struct nct7802_data *data, u8 reg_fan_low,
+- u8 reg_fan_high, unsigned int limit)
++ u8 reg_fan_high, unsigned long limit)
+ {
+ int err;
+
+@@ -326,8 +328,8 @@ static int nct7802_write_voltage(struct
+ int shift = 8 - REG_VOLTAGE_LIMIT_MSB_SHIFT[index - 1][nr];
+ int err;
+
++ voltage = clamp_val(voltage, 0, 0x3ff * nct7802_vmul[nr]);
+ voltage = DIV_ROUND_CLOSEST(voltage, nct7802_vmul[nr]);
+- voltage = clamp_val(voltage, 0, 0x3ff);
+
+ mutex_lock(&data->access_lock);
+ err = regmap_write(data->regmap,
+@@ -402,7 +404,7 @@ static ssize_t store_temp(struct device
+ if (err < 0)
+ return err;
+
+- val = clamp_val(DIV_ROUND_CLOSEST(val, 1000), -128, 127);
++ val = DIV_ROUND_CLOSEST(clamp_val(val, -128000, 127000), 1000);
+
+ err = regmap_write(data->regmap, nr, val & 0xff);
+ return err ? : count;
--- /dev/null
+From 13edb767aa609b6efb7c0c2b57fbd72a6ded0eed Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javier@osg.samsung.com>
+Date: Mon, 7 Nov 2016 17:31:44 -0300
+Subject: hwmon: (scpi) Fix module autoload
+
+From: Javier Martinez Canillas <javier@osg.samsung.com>
+
+commit 13edb767aa609b6efb7c0c2b57fbd72a6ded0eed upstream.
+
+If the driver is built as a module, autoload won't work because the module
+alias information is not filled. So user-space can't match the registered
+device with the corresponding module.
+
+Export the module alias information using the MODULE_DEVICE_TABLE() macro.
+
+Before this patch:
+
+$ modinfo drivers/hwmon/scpi-hwmon.ko | grep alias
+$
+
+After this patch:
+
+$ modinfo drivers/hwmon/scpi-hwmon.ko | grep alias
+alias: of:N*T*Carm,scpi-sensorsC*
+alias: of:N*T*Carm,scpi-sensors
+
+Signed-off-by: Javier Martinez Canillas <javier@osg.samsung.com>
+Fixes: ea98b29a05e9c ("hwmon: Support sensors exported via ARM SCP interface")
+Signed-off-by: Guenter Roeck <linux@roeck-us.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/hwmon/scpi-hwmon.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/drivers/hwmon/scpi-hwmon.c
++++ b/drivers/hwmon/scpi-hwmon.c
+@@ -272,6 +272,7 @@ static const struct of_device_id scpi_of
+ {.compatible = "arm,scpi-sensors"},
+ {},
+ };
++MODULE_DEVICE_TABLE(of, scpi_of_match);
+
+ static struct platform_driver scpi_hwmon_platdrv = {
+ .driver = {
--- /dev/null
+From 432abf68a79332282329286d190e21fe3ac02a31 Mon Sep 17 00:00:00 2001
+From: Huang Rui <ray.huang@amd.com>
+Date: Mon, 12 Dec 2016 07:28:26 -0500
+Subject: iommu/amd: Fix the left value check of cmd buffer
+
+From: Huang Rui <ray.huang@amd.com>
+
+commit 432abf68a79332282329286d190e21fe3ac02a31 upstream.
+
+The generic command buffer entry is 128 bits (16 bytes), so the offset
+of tail and head pointer should be 16 bytes aligned and increased with
+0x10 per command.
+
+When cmd buf is full, head = (tail + 0x10) % CMD_BUFFER_SIZE.
+
+So when left space of cmd buf should be able to store only two
+command, we should be issued one COMPLETE_WAIT additionally to wait
+all older commands completed. Then the left space should be increased
+after IOMMU fetching from cmd buf.
+
+So left check value should be left <= 0x20 (two commands).
+
+Signed-off-by: Huang Rui <ray.huang@amd.com>
+Fixes: ac0ea6e92b222 ('x86/amd-iommu: Improve handling of full command buffer')
+Signed-off-by: Joerg Roedel <jroedel@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/iommu/amd_iommu.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/iommu/amd_iommu.c
++++ b/drivers/iommu/amd_iommu.c
+@@ -926,7 +926,7 @@ again:
+ next_tail = (tail + sizeof(*cmd)) % CMD_BUFFER_SIZE;
+ left = (head - next_tail) % CMD_BUFFER_SIZE;
+
+- if (left <= 2) {
++ if (left <= 0x20) {
+ struct iommu_cmd sync_cmd;
+ volatile u64 sem = 0;
+ int ret;
--- /dev/null
+From 24c790fbf5d8f54c8c82979db11edea8855b74bf Mon Sep 17 00:00:00 2001
+From: Dan Carpenter <dan.carpenter@oracle.com>
+Date: Thu, 24 Nov 2016 14:05:44 +0300
+Subject: iommu/amd: Missing error code in amd_iommu_init_device()
+
+From: Dan Carpenter <dan.carpenter@oracle.com>
+
+commit 24c790fbf5d8f54c8c82979db11edea8855b74bf upstream.
+
+We should set "ret" to -EINVAL if iommu_group_get() fails.
+
+Fixes: 55c99a4dc50f ("iommu/amd: Use iommu_attach_group()")
+Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
+Signed-off-by: Joerg Roedel <jroedel@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/iommu/amd_iommu_v2.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/drivers/iommu/amd_iommu_v2.c
++++ b/drivers/iommu/amd_iommu_v2.c
+@@ -809,8 +809,10 @@ int amd_iommu_init_device(struct pci_dev
+ goto out_free_domain;
+
+ group = iommu_group_get(&pdev->dev);
+- if (!group)
++ if (!group) {
++ ret = -EINVAL;
+ goto out_free_domain;
++ }
+
+ ret = iommu_attach_group(dev_state->domain, group);
+ if (ret != 0)
--- /dev/null
+From 65ca7f5f7d1cdde6c25172fe6107cd16902f826f Mon Sep 17 00:00:00 2001
+From: Jacob Pan <jacob.jun.pan@linux.intel.com>
+Date: Tue, 6 Dec 2016 10:14:23 -0800
+Subject: iommu/vt-d: Fix pasid table size encoding
+
+From: Jacob Pan <jacob.jun.pan@linux.intel.com>
+
+commit 65ca7f5f7d1cdde6c25172fe6107cd16902f826f upstream.
+
+Different encodings are used to represent supported PASID bits
+and number of PASID table entries.
+The current code assigns ecap_pss directly to extended context
+table entry PTS which is wrong and could result in writing
+non-zero bits to the reserved fields. IOMMU fault reason
+11 will be reported when reserved bits are nonzero.
+This patch converts ecap_pss to extend context entry pts encoding
+based on VT-d spec. Chapter 9.4 as follows:
+ - number of PASID bits = ecap_pss + 1
+ - number of PASID table entries = 2^(pts + 5)
+Software assigned limit of pasid_max value is also respected to
+match the allocation limitation of PASID table.
+
+cc: Mika Kuoppala <mika.kuoppala@linux.intel.com>
+cc: Ashok Raj <ashok.raj@intel.com>
+Signed-off-by: Jacob Pan <jacob.jun.pan@linux.intel.com>
+Tested-by: Mika Kuoppala <mika.kuoppala@intel.com>
+Fixes: 2f26e0a9c9860 ('iommu/vt-d: Add basic SVM PASID support')
+Signed-off-by: Joerg Roedel <jroedel@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/iommu/intel-iommu.c | 23 ++++++++++++++++++++++-
+ 1 file changed, 22 insertions(+), 1 deletion(-)
+
+--- a/drivers/iommu/intel-iommu.c
++++ b/drivers/iommu/intel-iommu.c
+@@ -5020,6 +5020,25 @@ static void intel_iommu_remove_device(st
+ }
+
+ #ifdef CONFIG_INTEL_IOMMU_SVM
++#define MAX_NR_PASID_BITS (20)
++static inline unsigned long intel_iommu_get_pts(struct intel_iommu *iommu)
++{
++ /*
++ * Convert ecap_pss to extend context entry pts encoding, also
++ * respect the soft pasid_max value set by the iommu.
++ * - number of PASID bits = ecap_pss + 1
++ * - number of PASID table entries = 2^(pts + 5)
++ * Therefore, pts = ecap_pss - 4
++ * e.g. KBL ecap_pss = 0x13, PASID has 20 bits, pts = 15
++ */
++ if (ecap_pss(iommu->ecap) < 5)
++ return 0;
++
++ /* pasid_max is encoded as actual number of entries not the bits */
++ return find_first_bit((unsigned long *)&iommu->pasid_max,
++ MAX_NR_PASID_BITS) - 5;
++}
++
+ int intel_iommu_enable_pasid(struct intel_iommu *iommu, struct intel_svm_dev *sdev)
+ {
+ struct device_domain_info *info;
+@@ -5052,7 +5071,9 @@ int intel_iommu_enable_pasid(struct inte
+
+ if (!(ctx_lo & CONTEXT_PASIDE)) {
+ context[1].hi = (u64)virt_to_phys(iommu->pasid_state_table);
+- context[1].lo = (u64)virt_to_phys(iommu->pasid_table) | ecap_pss(iommu->ecap);
++ context[1].lo = (u64)virt_to_phys(iommu->pasid_table) |
++ intel_iommu_get_pts(iommu);
++
+ wmb();
+ /* CONTEXT_TT_MULTI_LEVEL and CONTEXT_TT_DEV_IOTLB are both
+ * extended to permit requests-with-PASID if the PASIDE bit
--- /dev/null
+From aec0e86172a79eb5e44aff1055bb953fe4d47c59 Mon Sep 17 00:00:00 2001
+From: Xunlei Pang <xlpang@redhat.com>
+Date: Mon, 5 Dec 2016 20:09:07 +0800
+Subject: iommu/vt-d: Flush old iommu caches for kdump when the device gets context mapped
+
+From: Xunlei Pang <xlpang@redhat.com>
+
+commit aec0e86172a79eb5e44aff1055bb953fe4d47c59 upstream.
+
+We met the DMAR fault both on hpsa P420i and P421 SmartArray controllers
+under kdump, it can be steadily reproduced on several different machines,
+the dmesg log is like:
+HP HPSA Driver (v 3.4.16-0)
+hpsa 0000:02:00.0: using doorbell to reset controller
+hpsa 0000:02:00.0: board ready after hard reset.
+hpsa 0000:02:00.0: Waiting for controller to respond to no-op
+DMAR: Setting identity map for device 0000:02:00.0 [0xe8000 - 0xe8fff]
+DMAR: Setting identity map for device 0000:02:00.0 [0xf4000 - 0xf4fff]
+DMAR: Setting identity map for device 0000:02:00.0 [0xbdf6e000 - 0xbdf6efff]
+DMAR: Setting identity map for device 0000:02:00.0 [0xbdf6f000 - 0xbdf7efff]
+DMAR: Setting identity map for device 0000:02:00.0 [0xbdf7f000 - 0xbdf82fff]
+DMAR: Setting identity map for device 0000:02:00.0 [0xbdf83000 - 0xbdf84fff]
+DMAR: DRHD: handling fault status reg 2
+DMAR: [DMA Read] Request device [02:00.0] fault addr fffff000 [fault reason 06] PTE Read access is not set
+hpsa 0000:02:00.0: controller message 03:00 timed out
+hpsa 0000:02:00.0: no-op failed; re-trying
+
+After some debugging, we found that the fault addr is from DMA initiated at
+the driver probe stage after reset(not in-flight DMA), and the corresponding
+pte entry value is correct, the fault is likely due to the old iommu caches
+of the in-flight DMA before it.
+
+Thus we need to flush the old cache after context mapping is setup for the
+device, where the device is supposed to finish reset at its driver probe
+stage and no in-flight DMA exists hereafter.
+
+I'm not sure if the hardware is responsible for invalidating all the related
+caches allocated in the iommu hardware before, but seems not the case for hpsa,
+actually many device drivers have problems in properly resetting the hardware.
+Anyway flushing (again) by software in kdump kernel when the device gets context
+mapped which is a quite infrequent operation does little harm.
+
+With this patch, the problematic machine can survive the kdump tests.
+
+CC: Myron Stowe <myron.stowe@gmail.com>
+CC: Joseph Szczypek <jszczype@redhat.com>
+CC: Don Brace <don.brace@microsemi.com>
+CC: Baoquan He <bhe@redhat.com>
+CC: Dave Young <dyoung@redhat.com>
+Fixes: 091d42e43d21 ("iommu/vt-d: Copy translation tables from old kernel")
+Fixes: dbcd861f252d ("iommu/vt-d: Do not re-use domain-ids from the old kernel")
+Fixes: cf484d0e6939 ("iommu/vt-d: Mark copied context entries")
+Signed-off-by: Xunlei Pang <xlpang@redhat.com>
+Tested-by: Don Brace <don.brace@microsemi.com>
+Signed-off-by: Joerg Roedel <jroedel@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/iommu/intel-iommu.c | 19 +++++++++++++++++++
+ 1 file changed, 19 insertions(+)
+
+--- a/drivers/iommu/intel-iommu.c
++++ b/drivers/iommu/intel-iommu.c
+@@ -1993,6 +1993,25 @@ static int domain_context_mapping_one(st
+ if (context_present(context))
+ goto out_unlock;
+
++ /*
++ * For kdump cases, old valid entries may be cached due to the
++ * in-flight DMA and copied pgtable, but there is no unmapping
++ * behaviour for them, thus we need an explicit cache flush for
++ * the newly-mapped device. For kdump, at this point, the device
++ * is supposed to finish reset at its driver probe stage, so no
++ * in-flight DMA will exist, and we don't need to worry anymore
++ * hereafter.
++ */
++ if (context_copied(context)) {
++ u16 did_old = context_domain_id(context);
++
++ if (did_old >= 0 && did_old < cap_ndoms(iommu->cap))
++ iommu->flush.flush_context(iommu, did_old,
++ (((u16)bus) << 8) | devfn,
++ DMA_CCMD_MASK_NOBIT,
++ DMA_CCMD_DEVICE_INVL);
++ }
++
+ pgd = domain->pgd;
+
+ context_clear_entry(context);
--- /dev/null
+From 34c535793bcbf9263cf22f8a52101f796cdfab8e Mon Sep 17 00:00:00 2001
+From: Florian Fainelli <f.fainelli@gmail.com>
+Date: Mon, 31 Oct 2016 14:17:35 -0700
+Subject: irqchip/bcm7038-l1: Implement irq_cpu_offline() callback
+
+From: Florian Fainelli <f.fainelli@gmail.com>
+
+commit 34c535793bcbf9263cf22f8a52101f796cdfab8e upstream.
+
+We did not implement an irq_cpu_offline callback for our irqchip, yet we
+support setting a given IRQ's affinity. This resulted in interrupts
+whose affinity mask included CPUs being taken offline not to work
+correctly once the CPU had been put offline.
+
+Fixes: 5f7f0317ed28 ("IRQCHIP: Add new driver for BCM7038-style level 1 interrupt controllers")
+Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
+Cc: linux-mips@linux-mips.org
+Cc: jason@lakedaemon.net
+Cc: marc.zyngier@arm.com
+Cc: cernekee@gmail.com
+Cc: jaedon.shin@gmail.com
+Cc: ralf@linux-mips.org
+Cc: justinpopo6@gmail.com
+Link: http://lkml.kernel.org/r/1477948656-12966-2-git-send-email-f.fainelli@gmail.com
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/irqchip/irq-bcm7038-l1.c | 26 ++++++++++++++++++++++++++
+ 1 file changed, 26 insertions(+)
+
+--- a/drivers/irqchip/irq-bcm7038-l1.c
++++ b/drivers/irqchip/irq-bcm7038-l1.c
+@@ -216,6 +216,31 @@ static int bcm7038_l1_set_affinity(struc
+ return 0;
+ }
+
++static void bcm7038_l1_cpu_offline(struct irq_data *d)
++{
++ struct cpumask *mask = irq_data_get_affinity_mask(d);
++ int cpu = smp_processor_id();
++ cpumask_t new_affinity;
++
++ /* This CPU was not on the affinity mask */
++ if (!cpumask_test_cpu(cpu, mask))
++ return;
++
++ if (cpumask_weight(mask) > 1) {
++ /*
++ * Multiple CPU affinity, remove this CPU from the affinity
++ * mask
++ */
++ cpumask_copy(&new_affinity, mask);
++ cpumask_clear_cpu(cpu, &new_affinity);
++ } else {
++ /* Only CPU, put on the lowest online CPU */
++ cpumask_clear(&new_affinity);
++ cpumask_set_cpu(cpumask_first(cpu_online_mask), &new_affinity);
++ }
++ irq_set_affinity_locked(d, &new_affinity, false);
++}
++
+ static int __init bcm7038_l1_init_one(struct device_node *dn,
+ unsigned int idx,
+ struct bcm7038_l1_chip *intc)
+@@ -267,6 +292,7 @@ static struct irq_chip bcm7038_l1_irq_ch
+ .irq_mask = bcm7038_l1_mask,
+ .irq_unmask = bcm7038_l1_unmask,
+ .irq_set_affinity = bcm7038_l1_set_affinity,
++ .irq_cpu_offline = bcm7038_l1_cpu_offline,
+ };
+
+ static int bcm7038_l1_map(struct irq_domain *d, unsigned int virq,
--- /dev/null
+From 82a301cb0ea2df8a5c88213094a01660067c7fb4 Mon Sep 17 00:00:00 2001
+From: Shaohua Li <shli@fb.com>
+Date: Thu, 8 Dec 2016 15:48:18 -0800
+Subject: md: MD_RECOVERY_NEEDED is set for mddev->recovery
+
+From: Shaohua Li <shli@fb.com>
+
+commit 82a301cb0ea2df8a5c88213094a01660067c7fb4 upstream.
+
+Fixes: 90f5f7ad4f38("md: Wait for md_check_recovery before attempting device
+removal.")
+
+Reviewed-by: NeilBrown <neilb@suse.com>
+Signed-off-by: Shaohua Li <shli@fb.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/md/md.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/md/md.c
++++ b/drivers/md/md.c
+@@ -6771,7 +6771,7 @@ static int md_ioctl(struct block_device
+ /* need to ensure recovery thread has run */
+ wait_event_interruptible_timeout(mddev->sb_wait,
+ !test_bit(MD_RECOVERY_NEEDED,
+- &mddev->flags),
++ &mddev->recovery),
+ msecs_to_jiffies(5000));
+ if (cmd == STOP_ARRAY || cmd == STOP_ARRAY_RO) {
+ /* Need to flush page cache, and ensure no-one else opens
--- /dev/null
+From 16652a936e96f5dae53c3fbd38a570497baadaa8 Mon Sep 17 00:00:00 2001
+From: Dan Carpenter <dan.carpenter@oracle.com>
+Date: Mon, 14 Nov 2016 14:31:34 +0300
+Subject: mmc: mmc_test: Uninitialized return value
+
+From: Dan Carpenter <dan.carpenter@oracle.com>
+
+commit 16652a936e96f5dae53c3fbd38a570497baadaa8 upstream.
+
+We never set "ret" to RESULT_OK.
+
+Fixes: 9f9c4180f88d ("mmc: mmc_test: add test for non-blocking transfers")
+Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
+Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/mmc/card/mmc_test.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/mmc/card/mmc_test.c
++++ b/drivers/mmc/card/mmc_test.c
+@@ -791,7 +791,7 @@ static int mmc_test_nonblock_transfer(st
+ struct mmc_async_req *cur_areq = &test_areq[0].areq;
+ struct mmc_async_req *other_areq = &test_areq[1].areq;
+ int i;
+- int ret;
++ int ret = RESULT_OK;
+
+ test_areq[0].test = test;
+ test_areq[1].test = test;
--- /dev/null
+From bed570307ed78f21b77cb04a1df781dee4a8f05a Mon Sep 17 00:00:00 2001
+From: Tony Lindgren <tony@atomide.com>
+Date: Mon, 5 Dec 2016 16:38:16 -0800
+Subject: PM / wakeirq: Fix dedicated wakeirq for drivers not using autosuspend
+
+From: Tony Lindgren <tony@atomide.com>
+
+commit bed570307ed78f21b77cb04a1df781dee4a8f05a upstream.
+
+I noticed some wakeirq flakeyness with consumer drivers not using
+autosuspend. For drivers not using autosuspend, the wakeirq may never
+get unmasked in rpm_suspend() because of irq desc->depth.
+
+We are configuring dedicated wakeirqs to start with IRQ_NOAUTOEN as we
+naturally don't want them running until rpm_suspend() is called.
+
+However, when a consumer driver initially calls pm_runtime_get(), we
+now wrongly start with disable_irq_nosync() call on the dedicated
+wakeirq that is disabled to start with.
+
+This causes desc->depth to toggle between 1 and 2 instead of the usual
+0 and 1. This can prevent enable_irq() from unmasking the wakeirq as
+that only happens at desc->depth 1.
+
+This does not necessarily show up with drivers using autosuspend as
+there is time for disable_irq_nosync() before rpm_suspend() gets called
+after the autosuspend timeout.
+
+Let's fix the issue by adding wirq->status that lazily gets set on
+the first rpm_suspend(). We also need PM runtime core private functions
+for dev_pm_enable_wake_irq_check() and dev_pm_disable_wake_irq_check()
+so we can enable the dedicated wakeirq on the first rpm_suspend().
+
+While at it, let's also fix the comments for dev_pm_enable_wake_irq()
+and dev_pm_disable_wake_irq(). Those can still be used by the consumer
+drivers as needed because the IRQ core manages the interrupt usecount
+for us.
+
+Fixes: 4990d4fe327b (PM / Wakeirq: Add automated device wake IRQ handling)
+Signed-off-by: Tony Lindgren <tony@atomide.com>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/base/power/power.h | 19 ++++++++++
+ drivers/base/power/runtime.c | 8 ++--
+ drivers/base/power/wakeirq.c | 76 +++++++++++++++++++++++++++++++++++++------
+ 3 files changed, 88 insertions(+), 15 deletions(-)
+
+--- a/drivers/base/power/power.h
++++ b/drivers/base/power/power.h
+@@ -20,14 +20,22 @@ static inline void pm_runtime_early_init
+ extern void pm_runtime_init(struct device *dev);
+ extern void pm_runtime_remove(struct device *dev);
+
++#define WAKE_IRQ_DEDICATED_ALLOCATED BIT(0)
++#define WAKE_IRQ_DEDICATED_MANAGED BIT(1)
++#define WAKE_IRQ_DEDICATED_MASK (WAKE_IRQ_DEDICATED_ALLOCATED | \
++ WAKE_IRQ_DEDICATED_MANAGED)
++
+ struct wake_irq {
+ struct device *dev;
++ unsigned int status;
+ int irq;
+- bool dedicated_irq:1;
+ };
+
+ extern void dev_pm_arm_wake_irq(struct wake_irq *wirq);
+ extern void dev_pm_disarm_wake_irq(struct wake_irq *wirq);
++extern void dev_pm_enable_wake_irq_check(struct device *dev,
++ bool can_change_status);
++extern void dev_pm_disable_wake_irq_check(struct device *dev);
+
+ #ifdef CONFIG_PM_SLEEP
+
+@@ -102,6 +110,15 @@ static inline void dev_pm_disarm_wake_ir
+ {
+ }
+
++static inline void dev_pm_enable_wake_irq_check(struct device *dev,
++ bool can_change_status)
++{
++}
++
++static inline void dev_pm_disable_wake_irq_check(struct device *dev)
++{
++}
++
+ #endif
+
+ #ifdef CONFIG_PM_SLEEP
+--- a/drivers/base/power/runtime.c
++++ b/drivers/base/power/runtime.c
+@@ -515,7 +515,7 @@ static int rpm_suspend(struct device *de
+
+ callback = RPM_GET_CALLBACK(dev, runtime_suspend);
+
+- dev_pm_enable_wake_irq(dev);
++ dev_pm_enable_wake_irq_check(dev, true);
+ retval = rpm_callback(callback, dev);
+ if (retval)
+ goto fail;
+@@ -554,7 +554,7 @@ static int rpm_suspend(struct device *de
+ return retval;
+
+ fail:
+- dev_pm_disable_wake_irq(dev);
++ dev_pm_disable_wake_irq_check(dev);
+ __update_runtime_status(dev, RPM_ACTIVE);
+ dev->power.deferred_resume = false;
+ wake_up_all(&dev->power.wait_queue);
+@@ -737,12 +737,12 @@ static int rpm_resume(struct device *dev
+
+ callback = RPM_GET_CALLBACK(dev, runtime_resume);
+
+- dev_pm_disable_wake_irq(dev);
++ dev_pm_disable_wake_irq_check(dev);
+ retval = rpm_callback(callback, dev);
+ if (retval) {
+ __update_runtime_status(dev, RPM_SUSPENDED);
+ pm_runtime_cancel_pending(dev);
+- dev_pm_enable_wake_irq(dev);
++ dev_pm_enable_wake_irq_check(dev, false);
+ } else {
+ no_callback:
+ __update_runtime_status(dev, RPM_ACTIVE);
+--- a/drivers/base/power/wakeirq.c
++++ b/drivers/base/power/wakeirq.c
+@@ -110,8 +110,10 @@ void dev_pm_clear_wake_irq(struct device
+ dev->power.wakeirq = NULL;
+ spin_unlock_irqrestore(&dev->power.lock, flags);
+
+- if (wirq->dedicated_irq)
++ if (wirq->status & WAKE_IRQ_DEDICATED_ALLOCATED) {
+ free_irq(wirq->irq, wirq);
++ wirq->status &= ~WAKE_IRQ_DEDICATED_MASK;
++ }
+ kfree(wirq);
+ }
+ EXPORT_SYMBOL_GPL(dev_pm_clear_wake_irq);
+@@ -179,7 +181,6 @@ int dev_pm_set_dedicated_wake_irq(struct
+
+ wirq->dev = dev;
+ wirq->irq = irq;
+- wirq->dedicated_irq = true;
+ irq_set_status_flags(irq, IRQ_NOAUTOEN);
+
+ /*
+@@ -195,6 +196,8 @@ int dev_pm_set_dedicated_wake_irq(struct
+ if (err)
+ goto err_free_irq;
+
++ wirq->status = WAKE_IRQ_DEDICATED_ALLOCATED;
++
+ return err;
+
+ err_free_irq:
+@@ -210,9 +213,9 @@ EXPORT_SYMBOL_GPL(dev_pm_set_dedicated_w
+ * dev_pm_enable_wake_irq - Enable device wake-up interrupt
+ * @dev: Device
+ *
+- * Called from the bus code or the device driver for
+- * runtime_suspend() to enable the wake-up interrupt while
+- * the device is running.
++ * Optionally called from the bus code or the device driver for
++ * runtime_resume() to override the PM runtime core managed wake-up
++ * interrupt handling to enable the wake-up interrupt.
+ *
+ * Note that for runtime_suspend()) the wake-up interrupts
+ * should be unconditionally enabled unlike for suspend()
+@@ -222,7 +225,7 @@ void dev_pm_enable_wake_irq(struct devic
+ {
+ struct wake_irq *wirq = dev->power.wakeirq;
+
+- if (wirq && wirq->dedicated_irq)
++ if (wirq && (wirq->status & WAKE_IRQ_DEDICATED_ALLOCATED))
+ enable_irq(wirq->irq);
+ }
+ EXPORT_SYMBOL_GPL(dev_pm_enable_wake_irq);
+@@ -231,20 +234,73 @@ EXPORT_SYMBOL_GPL(dev_pm_enable_wake_irq
+ * dev_pm_disable_wake_irq - Disable device wake-up interrupt
+ * @dev: Device
+ *
+- * Called from the bus code or the device driver for
+- * runtime_resume() to disable the wake-up interrupt while
+- * the device is running.
++ * Optionally called from the bus code or the device driver for
++ * runtime_suspend() to override the PM runtime core managed wake-up
++ * interrupt handling to disable the wake-up interrupt.
+ */
+ void dev_pm_disable_wake_irq(struct device *dev)
+ {
+ struct wake_irq *wirq = dev->power.wakeirq;
+
+- if (wirq && wirq->dedicated_irq)
++ if (wirq && (wirq->status & WAKE_IRQ_DEDICATED_ALLOCATED))
+ disable_irq_nosync(wirq->irq);
+ }
+ EXPORT_SYMBOL_GPL(dev_pm_disable_wake_irq);
+
+ /**
++ * dev_pm_enable_wake_irq_check - Checks and enables wake-up interrupt
++ * @dev: Device
++ * @can_change_status: Can change wake-up interrupt status
++ *
++ * Enables wakeirq conditionally. We need to enable wake-up interrupt
++ * lazily on the first rpm_suspend(). This is needed as the consumer device
++ * starts in RPM_SUSPENDED state, and the the first pm_runtime_get() would
++ * otherwise try to disable already disabled wakeirq. The wake-up interrupt
++ * starts disabled with IRQ_NOAUTOEN set.
++ *
++ * Should be only called from rpm_suspend() and rpm_resume() path.
++ * Caller must hold &dev->power.lock to change wirq->status
++ */
++void dev_pm_enable_wake_irq_check(struct device *dev,
++ bool can_change_status)
++{
++ struct wake_irq *wirq = dev->power.wakeirq;
++
++ if (!wirq || !((wirq->status & WAKE_IRQ_DEDICATED_MASK)))
++ return;
++
++ if (likely(wirq->status & WAKE_IRQ_DEDICATED_MANAGED)) {
++ goto enable;
++ } else if (can_change_status) {
++ wirq->status |= WAKE_IRQ_DEDICATED_MANAGED;
++ goto enable;
++ }
++
++ return;
++
++enable:
++ enable_irq(wirq->irq);
++}
++
++/**
++ * dev_pm_disable_wake_irq_check - Checks and disables wake-up interrupt
++ * @dev: Device
++ *
++ * Disables wake-up interrupt conditionally based on status.
++ * Should be only called from rpm_suspend() and rpm_resume() path.
++ */
++void dev_pm_disable_wake_irq_check(struct device *dev)
++{
++ struct wake_irq *wirq = dev->power.wakeirq;
++
++ if (!wirq || !((wirq->status & WAKE_IRQ_DEDICATED_MASK)))
++ return;
++
++ if (wirq->status & WAKE_IRQ_DEDICATED_MANAGED)
++ disable_irq_nosync(wirq->irq);
++}
++
++/**
+ * dev_pm_arm_wake_irq - Arm device wake-up
+ * @wirq: Device wake-up interrupt
+ *
--- /dev/null
+From 9e6e7c74315095fd40f41003850690c711e44420 Mon Sep 17 00:00:00 2001
+From: Dan Carpenter <dan.carpenter@oracle.com>
+Date: Fri, 18 Nov 2016 14:11:00 +0300
+Subject: s390/crypto: unlock on error in prng_tdes_read()
+
+From: Dan Carpenter <dan.carpenter@oracle.com>
+
+commit 9e6e7c74315095fd40f41003850690c711e44420 upstream.
+
+We added some new locking but forgot to unlock on error.
+
+Fixes: 57127645d79d ("s390/zcrypt: Introduce new SHA-512 based Pseudo Random Generator.")
+Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
+Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/s390/crypto/prng.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+--- a/arch/s390/crypto/prng.c
++++ b/arch/s390/crypto/prng.c
+@@ -565,8 +565,10 @@ static ssize_t prng_tdes_read(struct fil
+ prng_data->prngws.byte_counter += n;
+ prng_data->prngws.reseed_counter += n;
+
+- if (copy_to_user(ubuf, prng_data->buf, chunk))
+- return -EFAULT;
++ if (copy_to_user(ubuf, prng_data->buf, chunk)) {
++ ret = -EFAULT;
++ break;
++ }
+
+ nbytes -= chunk;
+ ret += chunk;
--- /dev/null
+From af15769ffab13d777e55fdef09d0762bf0c249c4 Mon Sep 17 00:00:00 2001
+From: Arnd Bergmann <arnd@arndb.de>
+Date: Wed, 16 Nov 2016 16:08:34 +0100
+Subject: scsi: mvsas: fix command_active typo
+
+From: Arnd Bergmann <arnd@arndb.de>
+
+commit af15769ffab13d777e55fdef09d0762bf0c249c4 upstream.
+
+gcc-7 notices that the condition in mvs_94xx_command_active looks
+suspicious:
+
+drivers/scsi/mvsas/mv_94xx.c: In function 'mvs_94xx_command_active':
+drivers/scsi/mvsas/mv_94xx.c:671:15: error: '<<' in boolean context, did you mean '<' ? [-Werror=int-in-bool-context]
+
+This was introduced when the mv_printk() statement got added, and leads
+to the condition being ignored. This is probably harmless.
+
+Changing '&&' to '&' makes the code look reasonable, as we check the
+command bit before setting and printing it.
+
+Fixes: a4632aae8b66 ("[SCSI] mvsas: Add new macros and functions")
+Signed-off-by: Arnd Bergmann <arnd@arndb.de>
+Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
+Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/scsi/mvsas/mv_94xx.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/scsi/mvsas/mv_94xx.c
++++ b/drivers/scsi/mvsas/mv_94xx.c
+@@ -621,7 +621,7 @@ static void mvs_94xx_command_active(stru
+ {
+ u32 tmp;
+ tmp = mvs_cr32(mvi, MVS_COMMAND_ACTIVE+(slot_idx >> 3));
+- if (tmp && 1 << (slot_idx % 32)) {
++ if (tmp & 1 << (slot_idx % 32)) {
+ mv_printk("command active %08X, slot [%x].\n", tmp, slot_idx);
+ mvs_cw32(mvi, MVS_COMMAND_ACTIVE + (slot_idx >> 3),
+ 1 << (slot_idx % 32));
stable-fixup-hotplug-fix-unused-function-warning.patch
ath10k-use-the-right-length-of-background.patch
cris-only-build-flash-rescue-image-if-config_etrax_axisflashmap-is-selected.patch
+hwmon-scpi-fix-module-autoload.patch
+hwmon-amc6821-sign-extension-temperature.patch
+hwmon-ds620-fix-overflows-seen-when-writing-temperature-limits.patch
+hwmon-nct7802-fix-overflows-seen-when-writing-into-limit-attributes.patch
+hwmon-g762-fix-overflows-and-crash-seen-when-writing-limit-attributes.patch
+clk-clk-wm831x-fix-a-logic-error.patch
+clk-imx31-fix-rewritten-input-argument-of-mx31_clocks_init.patch
+iommu-amd-missing-error-code-in-amd_iommu_init_device.patch
+iommu-amd-fix-the-left-value-check-of-cmd-buffer.patch
+iommu-vt-d-fix-pasid-table-size-encoding.patch
+iommu-vt-d-flush-old-iommu-caches-for-kdump-when-the-device-gets-context-mapped.patch
+asoc-samsung-i2s-fixup-last-irq-unsafe-spin-lock-call.patch
+scsi-mvsas-fix-command_active-typo.patch
+target-iscsi-fix-double-free-in-lio_target_tiqn_addtpg.patch
+irqchip-bcm7038-l1-implement-irq_cpu_offline-callback.patch
+pm-wakeirq-fix-dedicated-wakeirq-for-drivers-not-using-autosuspend.patch
+mmc-mmc_test-uninitialized-return-value.patch
+s390-crypto-unlock-on-error-in-prng_tdes_read.patch
+crypto-arm64-sha2-ce-fix-for-big-endian.patch
+crypto-arm64-ghash-ce-fix-for-big-endian.patch
+crypto-arm-aes-ce-fix-for-big-endian.patch
+crypto-arm64-aes-ccm-ce-fix-for-big-endian.patch
+crypto-arm64-aes-neon-fix-for-big-endian.patch
+crypto-arm64-sha1-ce-fix-for-big-endian.patch
+crypto-arm64-aes-xts-ce-fix-for-big-endian.patch
+crypto-arm64-aes-ce-fix-for-big-endian.patch
+md-md_recovery_needed-is-set-for-mddev-recovery.patch
--- /dev/null
+From a91918cd3ea11f91c68e08e1e8ce1b560447a80e Mon Sep 17 00:00:00 2001
+From: Dan Carpenter <dan.carpenter@oracle.com>
+Date: Tue, 13 Dec 2016 15:27:04 +0300
+Subject: target/iscsi: Fix double free in lio_target_tiqn_addtpg()
+
+From: Dan Carpenter <dan.carpenter@oracle.com>
+
+commit a91918cd3ea11f91c68e08e1e8ce1b560447a80e upstream.
+
+This iscsit_tpg_add_portal_group() function is only called from
+lio_target_tiqn_addtpg(). Both functions free the "tpg" pointer on
+error so it's a double free bug. The memory is allocated in the caller
+so it should be freed in the caller and not here.
+
+Fixes: e48354ce078c ("iscsi-target: Add iSCSI fabric support for target v4.1")
+Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
+Reviewed-by: David Disseldorp <ddiss@suse.de>
+[ bvanassche: Added "Fix" at start of patch title ]
+Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/target/iscsi/iscsi_target_tpg.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/drivers/target/iscsi/iscsi_target_tpg.c
++++ b/drivers/target/iscsi/iscsi_target_tpg.c
+@@ -260,7 +260,6 @@ err_out:
+ iscsi_release_param_list(tpg->param_list);
+ tpg->param_list = NULL;
+ }
+- kfree(tpg);
+ return -ENOMEM;
+ }
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
