--- /dev/null
+From 1c9609e3a8cf5997bd35205cfda1ff2218ee793b Mon Sep 17 00:00:00 2001
+From: Takashi Iwai <tiwai@suse.de>
+Date: Fri, 19 Jan 2018 14:18:34 +0100
+Subject: ALSA: hda - Reduce the suspend time consumption for ALC256
+
+From: Takashi Iwai <tiwai@suse.de>
+
+commit 1c9609e3a8cf5997bd35205cfda1ff2218ee793b upstream.
+
+ALC256 has its own quirk to override the shutup call, and it contains
+the COEF update for pulling down the headset jack control. Currently,
+the COEF update is called after clearing the headphone pin, and this
+seems triggering a stall of the codec communication, and results in a
+long delay over a second at suspend.
+
+A quick resolution is to swap the calls: at first with the COEF
+update, then clear the headphone pin.
+
+Fixes: 4a219ef8f370 ("ALSA: hda/realtek - Add ALC256 HP depop function")
+Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=198503
+Reported-by: Paul Menzel <pmenzel@molgen.mpg.de>
+Signed-off-by: Takashi Iwai <tiwai@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ sound/pci/hda/patch_realtek.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+--- a/sound/pci/hda/patch_realtek.c
++++ b/sound/pci/hda/patch_realtek.c
+@@ -3154,11 +3154,13 @@ static void alc256_shutup(struct hda_cod
+ if (hp_pin_sense)
+ msleep(85);
+
++ /* 3k pull low control for Headset jack. */
++ /* NOTE: call this before clearing the pin, otherwise codec stalls */
++ alc_update_coef_idx(codec, 0x46, 0, 3 << 12);
++
+ snd_hda_codec_write(codec, hp_pin, 0,
+ AC_VERB_SET_PIN_WIDGET_CONTROL, 0x0);
+
+- alc_update_coef_idx(codec, 0x46, 0, 3 << 12); /* 3k pull low control for Headset jack. */
+-
+ if (hp_pin_sense)
+ msleep(100);
+
--- /dev/null
+From fc8517bf627c9b834f80274a1bc9ecd39b27231b Mon Sep 17 00:00:00 2001
+From: Sabrina Dubroca <sd@queasysnail.net>
+Date: Wed, 13 Dec 2017 14:54:36 +0100
+Subject: crypto: aesni - add wrapper for generic gcm(aes)
+
+From: Sabrina Dubroca <sd@queasysnail.net>
+
+commit fc8517bf627c9b834f80274a1bc9ecd39b27231b upstream.
+
+When I added generic-gcm-aes I didn't add a wrapper like the one
+provided for rfc4106(gcm(aes)). We need to add a cryptd wrapper to fall
+back on in case the FPU is not available, otherwise we might corrupt the
+FPU state.
+
+Fixes: cce2ea8d90fe ("crypto: aesni - add generic gcm(aes)")
+Reported-by: Ilya Lesokhin <ilyal@mellanox.com>
+Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
+Reviewed-by: Stefano Brivio <sbrivio@redhat.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/crypto/aesni-intel_glue.c | 66 ++++++++++++++++++++++++++++++-------
+ 1 file changed, 54 insertions(+), 12 deletions(-)
+
+--- a/arch/x86/crypto/aesni-intel_glue.c
++++ b/arch/x86/crypto/aesni-intel_glue.c
+@@ -690,8 +690,8 @@ static int common_rfc4106_set_key(struct
+ rfc4106_set_hash_subkey(ctx->hash_subkey, key, key_len);
+ }
+
+-static int rfc4106_set_key(struct crypto_aead *parent, const u8 *key,
+- unsigned int key_len)
++static int gcmaes_wrapper_set_key(struct crypto_aead *parent, const u8 *key,
++ unsigned int key_len)
+ {
+ struct cryptd_aead **ctx = crypto_aead_ctx(parent);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+@@ -716,8 +716,8 @@ static int common_rfc4106_set_authsize(s
+
+ /* This is the Integrity Check Value (aka the authentication tag length and can
+ * be 8, 12 or 16 bytes long. */
+-static int rfc4106_set_authsize(struct crypto_aead *parent,
+- unsigned int authsize)
++static int gcmaes_wrapper_set_authsize(struct crypto_aead *parent,
++ unsigned int authsize)
+ {
+ struct cryptd_aead **ctx = crypto_aead_ctx(parent);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+@@ -929,7 +929,7 @@ static int helper_rfc4106_decrypt(struct
+ aes_ctx);
+ }
+
+-static int rfc4106_encrypt(struct aead_request *req)
++static int gcmaes_wrapper_encrypt(struct aead_request *req)
+ {
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct cryptd_aead **ctx = crypto_aead_ctx(tfm);
+@@ -945,7 +945,7 @@ static int rfc4106_encrypt(struct aead_r
+ return crypto_aead_encrypt(req);
+ }
+
+-static int rfc4106_decrypt(struct aead_request *req)
++static int gcmaes_wrapper_decrypt(struct aead_request *req)
+ {
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct cryptd_aead **ctx = crypto_aead_ctx(tfm);
+@@ -1128,6 +1128,30 @@ static int generic_gcmaes_decrypt(struct
+ aes_ctx);
+ }
+
++static int generic_gcmaes_init(struct crypto_aead *aead)
++{
++ struct cryptd_aead *cryptd_tfm;
++ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
++
++ cryptd_tfm = cryptd_alloc_aead("__driver-generic-gcm-aes-aesni",
++ CRYPTO_ALG_INTERNAL,
++ CRYPTO_ALG_INTERNAL);
++ if (IS_ERR(cryptd_tfm))
++ return PTR_ERR(cryptd_tfm);
++
++ *ctx = cryptd_tfm;
++ crypto_aead_set_reqsize(aead, crypto_aead_reqsize(&cryptd_tfm->base));
++
++ return 0;
++}
++
++static void generic_gcmaes_exit(struct crypto_aead *aead)
++{
++ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
++
++ cryptd_free_aead(*ctx);
++}
++
+ static struct aead_alg aesni_aead_algs[] = { {
+ .setkey = common_rfc4106_set_key,
+ .setauthsize = common_rfc4106_set_authsize,
+@@ -1147,10 +1171,10 @@ static struct aead_alg aesni_aead_algs[]
+ }, {
+ .init = rfc4106_init,
+ .exit = rfc4106_exit,
+- .setkey = rfc4106_set_key,
+- .setauthsize = rfc4106_set_authsize,
+- .encrypt = rfc4106_encrypt,
+- .decrypt = rfc4106_decrypt,
++ .setkey = gcmaes_wrapper_set_key,
++ .setauthsize = gcmaes_wrapper_set_authsize,
++ .encrypt = gcmaes_wrapper_encrypt,
++ .decrypt = gcmaes_wrapper_decrypt,
+ .ivsize = GCM_RFC4106_IV_SIZE,
+ .maxauthsize = 16,
+ .base = {
+@@ -1170,13 +1194,31 @@ static struct aead_alg aesni_aead_algs[]
+ .ivsize = GCM_AES_IV_SIZE,
+ .maxauthsize = 16,
+ .base = {
++ .cra_name = "__generic-gcm-aes-aesni",
++ .cra_driver_name = "__driver-generic-gcm-aes-aesni",
++ .cra_priority = 0,
++ .cra_flags = CRYPTO_ALG_INTERNAL,
++ .cra_blocksize = 1,
++ .cra_ctxsize = sizeof(struct generic_gcmaes_ctx),
++ .cra_alignmask = AESNI_ALIGN - 1,
++ .cra_module = THIS_MODULE,
++ },
++}, {
++ .init = generic_gcmaes_init,
++ .exit = generic_gcmaes_exit,
++ .setkey = gcmaes_wrapper_set_key,
++ .setauthsize = gcmaes_wrapper_set_authsize,
++ .encrypt = gcmaes_wrapper_encrypt,
++ .decrypt = gcmaes_wrapper_decrypt,
++ .ivsize = GCM_AES_IV_SIZE,
++ .maxauthsize = 16,
++ .base = {
+ .cra_name = "gcm(aes)",
+ .cra_driver_name = "generic-gcm-aesni",
+ .cra_priority = 400,
+ .cra_flags = CRYPTO_ALG_ASYNC,
+ .cra_blocksize = 1,
+- .cra_ctxsize = sizeof(struct generic_gcmaes_ctx),
+- .cra_alignmask = AESNI_ALIGN - 1,
++ .cra_ctxsize = sizeof(struct cryptd_aead *),
+ .cra_module = THIS_MODULE,
+ },
+ } };
--- /dev/null
+From 1ecdd37e308ca149dc378cce225068cbac54e3a6 Mon Sep 17 00:00:00 2001
+From: Junaid Shahid <junaids@google.com>
+Date: Wed, 20 Dec 2017 17:08:38 -0800
+Subject: crypto: aesni - Fix out-of-bounds access of the AAD buffer in generic-gcm-aesni
+
+From: Junaid Shahid <junaids@google.com>
+
+commit 1ecdd37e308ca149dc378cce225068cbac54e3a6 upstream.
+
+The aesni_gcm_enc/dec functions can access memory after the end of
+the AAD buffer if the AAD length is not a multiple of 4 bytes.
+It didn't matter with rfc4106-gcm-aesni as in that case the AAD was
+always followed by the 8 byte IV, but that is no longer the case with
+generic-gcm-aesni. This can potentially result in accessing a page that
+is not mapped and thus causing the machine to crash. This patch fixes
+that by reading the last <16 byte block of the AAD byte-by-byte and
+optionally via an 8-byte load if the block was at least 8 bytes.
+
+Fixes: 0487ccac ("crypto: aesni - make non-AVX AES-GCM work with any aadlen")
+Signed-off-by: Junaid Shahid <junaids@google.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/crypto/aesni-intel_asm.S | 112 ++++----------------------------------
+ 1 file changed, 12 insertions(+), 100 deletions(-)
+
+--- a/arch/x86/crypto/aesni-intel_asm.S
++++ b/arch/x86/crypto/aesni-intel_asm.S
+@@ -90,30 +90,6 @@ SHIFT_MASK: .octa 0x0f0e0d0c0b0a09080706
+ ALL_F: .octa 0xffffffffffffffffffffffffffffffff
+ .octa 0x00000000000000000000000000000000
+
+-.section .rodata
+-.align 16
+-.type aad_shift_arr, @object
+-.size aad_shift_arr, 272
+-aad_shift_arr:
+- .octa 0xffffffffffffffffffffffffffffffff
+- .octa 0xffffffffffffffffffffffffffffff0C
+- .octa 0xffffffffffffffffffffffffffff0D0C
+- .octa 0xffffffffffffffffffffffffff0E0D0C
+- .octa 0xffffffffffffffffffffffff0F0E0D0C
+- .octa 0xffffffffffffffffffffff0C0B0A0908
+- .octa 0xffffffffffffffffffff0D0C0B0A0908
+- .octa 0xffffffffffffffffff0E0D0C0B0A0908
+- .octa 0xffffffffffffffff0F0E0D0C0B0A0908
+- .octa 0xffffffffffffff0C0B0A090807060504
+- .octa 0xffffffffffff0D0C0B0A090807060504
+- .octa 0xffffffffff0E0D0C0B0A090807060504
+- .octa 0xffffffff0F0E0D0C0B0A090807060504
+- .octa 0xffffff0C0B0A09080706050403020100
+- .octa 0xffff0D0C0B0A09080706050403020100
+- .octa 0xff0E0D0C0B0A09080706050403020100
+- .octa 0x0F0E0D0C0B0A09080706050403020100
+-
+-
+ .text
+
+
+@@ -304,62 +280,30 @@ _done_read_partial_block_\@:
+ XMM2 XMM3 XMM4 XMMDst TMP6 TMP7 i i_seq operation
+ MOVADQ SHUF_MASK(%rip), %xmm14
+ mov arg7, %r10 # %r10 = AAD
+- mov arg8, %r12 # %r12 = aadLen
+- mov %r12, %r11
++ mov arg8, %r11 # %r11 = aadLen
+ pxor %xmm\i, %xmm\i
+ pxor \XMM2, \XMM2
+
+ cmp $16, %r11
+- jl _get_AAD_rest8\num_initial_blocks\operation
++ jl _get_AAD_rest\num_initial_blocks\operation
+ _get_AAD_blocks\num_initial_blocks\operation:
+ movdqu (%r10), %xmm\i
+ PSHUFB_XMM %xmm14, %xmm\i # byte-reflect the AAD data
+ pxor %xmm\i, \XMM2
+ GHASH_MUL \XMM2, \TMP3, \TMP1, \TMP2, \TMP4, \TMP5, \XMM1
+ add $16, %r10
+- sub $16, %r12
+ sub $16, %r11
+ cmp $16, %r11
+ jge _get_AAD_blocks\num_initial_blocks\operation
+
+ movdqu \XMM2, %xmm\i
++
++ /* read the last <16B of AAD */
++_get_AAD_rest\num_initial_blocks\operation:
+ cmp $0, %r11
+ je _get_AAD_done\num_initial_blocks\operation
+
+- pxor %xmm\i,%xmm\i
+-
+- /* read the last <16B of AAD. since we have at least 4B of
+- data right after the AAD (the ICV, and maybe some CT), we can
+- read 4B/8B blocks safely, and then get rid of the extra stuff */
+-_get_AAD_rest8\num_initial_blocks\operation:
+- cmp $4, %r11
+- jle _get_AAD_rest4\num_initial_blocks\operation
+- movq (%r10), \TMP1
+- add $8, %r10
+- sub $8, %r11
+- pslldq $8, \TMP1
+- psrldq $8, %xmm\i
+- pxor \TMP1, %xmm\i
+- jmp _get_AAD_rest8\num_initial_blocks\operation
+-_get_AAD_rest4\num_initial_blocks\operation:
+- cmp $0, %r11
+- jle _get_AAD_rest0\num_initial_blocks\operation
+- mov (%r10), %eax
+- movq %rax, \TMP1
+- add $4, %r10
+- sub $4, %r10
+- pslldq $12, \TMP1
+- psrldq $4, %xmm\i
+- pxor \TMP1, %xmm\i
+-_get_AAD_rest0\num_initial_blocks\operation:
+- /* finalize: shift out the extra bytes we read, and align
+- left. since pslldq can only shift by an immediate, we use
+- vpshufb and an array of shuffle masks */
+- movq %r12, %r11
+- salq $4, %r11
+- movdqu aad_shift_arr(%r11), \TMP1
+- PSHUFB_XMM \TMP1, %xmm\i
+-_get_AAD_rest_final\num_initial_blocks\operation:
++ READ_PARTIAL_BLOCK %r10, %r11, \TMP1, %xmm\i
+ PSHUFB_XMM %xmm14, %xmm\i # byte-reflect the AAD data
+ pxor \XMM2, %xmm\i
+ GHASH_MUL %xmm\i, \TMP3, \TMP1, \TMP2, \TMP4, \TMP5, \XMM1
+@@ -563,62 +507,30 @@ _initial_blocks_done\num_initial_blocks\
+ XMM2 XMM3 XMM4 XMMDst TMP6 TMP7 i i_seq operation
+ MOVADQ SHUF_MASK(%rip), %xmm14
+ mov arg7, %r10 # %r10 = AAD
+- mov arg8, %r12 # %r12 = aadLen
+- mov %r12, %r11
++ mov arg8, %r11 # %r11 = aadLen
+ pxor %xmm\i, %xmm\i
+ pxor \XMM2, \XMM2
+
+ cmp $16, %r11
+- jl _get_AAD_rest8\num_initial_blocks\operation
++ jl _get_AAD_rest\num_initial_blocks\operation
+ _get_AAD_blocks\num_initial_blocks\operation:
+ movdqu (%r10), %xmm\i
+ PSHUFB_XMM %xmm14, %xmm\i # byte-reflect the AAD data
+ pxor %xmm\i, \XMM2
+ GHASH_MUL \XMM2, \TMP3, \TMP1, \TMP2, \TMP4, \TMP5, \XMM1
+ add $16, %r10
+- sub $16, %r12
+ sub $16, %r11
+ cmp $16, %r11
+ jge _get_AAD_blocks\num_initial_blocks\operation
+
+ movdqu \XMM2, %xmm\i
++
++ /* read the last <16B of AAD */
++_get_AAD_rest\num_initial_blocks\operation:
+ cmp $0, %r11
+ je _get_AAD_done\num_initial_blocks\operation
+
+- pxor %xmm\i,%xmm\i
+-
+- /* read the last <16B of AAD. since we have at least 4B of
+- data right after the AAD (the ICV, and maybe some PT), we can
+- read 4B/8B blocks safely, and then get rid of the extra stuff */
+-_get_AAD_rest8\num_initial_blocks\operation:
+- cmp $4, %r11
+- jle _get_AAD_rest4\num_initial_blocks\operation
+- movq (%r10), \TMP1
+- add $8, %r10
+- sub $8, %r11
+- pslldq $8, \TMP1
+- psrldq $8, %xmm\i
+- pxor \TMP1, %xmm\i
+- jmp _get_AAD_rest8\num_initial_blocks\operation
+-_get_AAD_rest4\num_initial_blocks\operation:
+- cmp $0, %r11
+- jle _get_AAD_rest0\num_initial_blocks\operation
+- mov (%r10), %eax
+- movq %rax, \TMP1
+- add $4, %r10
+- sub $4, %r10
+- pslldq $12, \TMP1
+- psrldq $4, %xmm\i
+- pxor \TMP1, %xmm\i
+-_get_AAD_rest0\num_initial_blocks\operation:
+- /* finalize: shift out the extra bytes we read, and align
+- left. since pslldq can only shift by an immediate, we use
+- vpshufb and an array of shuffle masks */
+- movq %r12, %r11
+- salq $4, %r11
+- movdqu aad_shift_arr(%r11), \TMP1
+- PSHUFB_XMM \TMP1, %xmm\i
+-_get_AAD_rest_final\num_initial_blocks\operation:
++ READ_PARTIAL_BLOCK %r10, %r11, \TMP1, %xmm\i
+ PSHUFB_XMM %xmm14, %xmm\i # byte-reflect the AAD data
+ pxor \XMM2, %xmm\i
+ GHASH_MUL %xmm\i, \TMP3, \TMP1, \TMP2, \TMP4, \TMP5, \XMM1
--- /dev/null
+From b20209c91e23a9bbad9cac2f80bc16b3c259e10e Mon Sep 17 00:00:00 2001
+From: Junaid Shahid <junaids@google.com>
+Date: Wed, 20 Dec 2017 17:08:37 -0800
+Subject: crypto: aesni - Fix out-of-bounds access of the data buffer in generic-gcm-aesni
+
+From: Junaid Shahid <junaids@google.com>
+
+commit b20209c91e23a9bbad9cac2f80bc16b3c259e10e upstream.
+
+The aesni_gcm_enc/dec functions can access memory before the start of
+the data buffer if the length of the data buffer is less than 16 bytes.
+This is because they perform the read via a single 16-byte load. This
+can potentially result in accessing a page that is not mapped and thus
+causing the machine to crash. This patch fixes that by reading the
+partial block byte-by-byte and optionally an via 8-byte load if the block
+was at least 8 bytes.
+
+Fixes: 0487ccac ("crypto: aesni - make non-AVX AES-GCM work with any aadlen")
+Signed-off-by: Junaid Shahid <junaids@google.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/crypto/aesni-intel_asm.S | 87 +++++++++++++++++++-------------------
+ 1 file changed, 45 insertions(+), 42 deletions(-)
+
+--- a/arch/x86/crypto/aesni-intel_asm.S
++++ b/arch/x86/crypto/aesni-intel_asm.S
+@@ -257,6 +257,37 @@ aad_shift_arr:
+ pxor \TMP1, \GH # result is in TMP1
+ .endm
+
++# Reads DLEN bytes starting at DPTR and stores in XMMDst
++# where 0 < DLEN < 16
++# Clobbers %rax, DLEN and XMM1
++.macro READ_PARTIAL_BLOCK DPTR DLEN XMM1 XMMDst
++ cmp $8, \DLEN
++ jl _read_lt8_\@
++ mov (\DPTR), %rax
++ MOVQ_R64_XMM %rax, \XMMDst
++ sub $8, \DLEN
++ jz _done_read_partial_block_\@
++ xor %eax, %eax
++_read_next_byte_\@:
++ shl $8, %rax
++ mov 7(\DPTR, \DLEN, 1), %al
++ dec \DLEN
++ jnz _read_next_byte_\@
++ MOVQ_R64_XMM %rax, \XMM1
++ pslldq $8, \XMM1
++ por \XMM1, \XMMDst
++ jmp _done_read_partial_block_\@
++_read_lt8_\@:
++ xor %eax, %eax
++_read_next_byte_lt8_\@:
++ shl $8, %rax
++ mov -1(\DPTR, \DLEN, 1), %al
++ dec \DLEN
++ jnz _read_next_byte_lt8_\@
++ MOVQ_R64_XMM %rax, \XMMDst
++_done_read_partial_block_\@:
++.endm
++
+ /*
+ * if a = number of total plaintext bytes
+ * b = floor(a/16)
+@@ -1386,14 +1417,6 @@ _esb_loop_\@:
+ *
+ * AAD Format with 64-bit Extended Sequence Number
+ *
+-* aadLen:
+-* from the definition of the spec, aadLen can only be 8 or 12 bytes.
+-* The code supports 16 too but for other sizes, the code will fail.
+-*
+-* TLen:
+-* from the definition of the spec, TLen can only be 8, 12 or 16 bytes.
+-* For other sizes, the code will fail.
+-*
+ * poly = x^128 + x^127 + x^126 + x^121 + 1
+ *
+ *****************************************************************************/
+@@ -1487,19 +1510,16 @@ _zero_cipher_left_decrypt:
+ PSHUFB_XMM %xmm10, %xmm0
+
+ ENCRYPT_SINGLE_BLOCK %xmm0, %xmm1 # E(K, Yn)
+- sub $16, %r11
+- add %r13, %r11
+- movdqu (%arg3,%r11,1), %xmm1 # receive the last <16 byte block
+- lea SHIFT_MASK+16(%rip), %r12
+- sub %r13, %r12
+-# adjust the shuffle mask pointer to be able to shift 16-%r13 bytes
+-# (%r13 is the number of bytes in plaintext mod 16)
+- movdqu (%r12), %xmm2 # get the appropriate shuffle mask
+- PSHUFB_XMM %xmm2, %xmm1 # right shift 16-%r13 butes
+
++ lea (%arg3,%r11,1), %r10
++ mov %r13, %r12
++ READ_PARTIAL_BLOCK %r10 %r12 %xmm2 %xmm1
++
++ lea ALL_F+16(%rip), %r12
++ sub %r13, %r12
+ movdqa %xmm1, %xmm2
+ pxor %xmm1, %xmm0 # Ciphertext XOR E(K, Yn)
+- movdqu ALL_F-SHIFT_MASK(%r12), %xmm1
++ movdqu (%r12), %xmm1
+ # get the appropriate mask to mask out top 16-%r13 bytes of %xmm0
+ pand %xmm1, %xmm0 # mask out top 16-%r13 bytes of %xmm0
+ pand %xmm1, %xmm2
+@@ -1508,9 +1528,6 @@ _zero_cipher_left_decrypt:
+
+ pxor %xmm2, %xmm8
+ GHASH_MUL %xmm8, %xmm13, %xmm9, %xmm10, %xmm11, %xmm5, %xmm6
+- # GHASH computation for the last <16 byte block
+- sub %r13, %r11
+- add $16, %r11
+
+ # output %r13 bytes
+ MOVQ_R64_XMM %xmm0, %rax
+@@ -1664,14 +1681,6 @@ ENDPROC(aesni_gcm_dec)
+ *
+ * AAD Format with 64-bit Extended Sequence Number
+ *
+-* aadLen:
+-* from the definition of the spec, aadLen can only be 8 or 12 bytes.
+-* The code supports 16 too but for other sizes, the code will fail.
+-*
+-* TLen:
+-* from the definition of the spec, TLen can only be 8, 12 or 16 bytes.
+-* For other sizes, the code will fail.
+-*
+ * poly = x^128 + x^127 + x^126 + x^121 + 1
+ ***************************************************************************/
+ ENTRY(aesni_gcm_enc)
+@@ -1764,19 +1773,16 @@ _zero_cipher_left_encrypt:
+ movdqa SHUF_MASK(%rip), %xmm10
+ PSHUFB_XMM %xmm10, %xmm0
+
+-
+ ENCRYPT_SINGLE_BLOCK %xmm0, %xmm1 # Encrypt(K, Yn)
+- sub $16, %r11
+- add %r13, %r11
+- movdqu (%arg3,%r11,1), %xmm1 # receive the last <16 byte blocks
+- lea SHIFT_MASK+16(%rip), %r12
++
++ lea (%arg3,%r11,1), %r10
++ mov %r13, %r12
++ READ_PARTIAL_BLOCK %r10 %r12 %xmm2 %xmm1
++
++ lea ALL_F+16(%rip), %r12
+ sub %r13, %r12
+- # adjust the shuffle mask pointer to be able to shift 16-r13 bytes
+- # (%r13 is the number of bytes in plaintext mod 16)
+- movdqu (%r12), %xmm2 # get the appropriate shuffle mask
+- PSHUFB_XMM %xmm2, %xmm1 # shift right 16-r13 byte
+ pxor %xmm1, %xmm0 # Plaintext XOR Encrypt(K, Yn)
+- movdqu ALL_F-SHIFT_MASK(%r12), %xmm1
++ movdqu (%r12), %xmm1
+ # get the appropriate mask to mask out top 16-r13 bytes of xmm0
+ pand %xmm1, %xmm0 # mask out top 16-r13 bytes of xmm0
+ movdqa SHUF_MASK(%rip), %xmm10
+@@ -1785,9 +1791,6 @@ _zero_cipher_left_encrypt:
+ pxor %xmm0, %xmm8
+ GHASH_MUL %xmm8, %xmm13, %xmm9, %xmm10, %xmm11, %xmm5, %xmm6
+ # GHASH computation for the last <16 byte block
+- sub %r13, %r11
+- add $16, %r11
+-
+ movdqa SHUF_MASK(%rip), %xmm10
+ PSHUFB_XMM %xmm10, %xmm0
+
--- /dev/null
+From 106840c41096a01079d3a2025225029c13713802 Mon Sep 17 00:00:00 2001
+From: Sabrina Dubroca <sd@queasysnail.net>
+Date: Wed, 13 Dec 2017 14:53:43 +0100
+Subject: crypto: aesni - fix typo in generic_gcmaes_decrypt
+
+From: Sabrina Dubroca <sd@queasysnail.net>
+
+commit 106840c41096a01079d3a2025225029c13713802 upstream.
+
+generic_gcmaes_decrypt needs to use generic_gcmaes_ctx, not
+aesni_rfc4106_gcm_ctx. This is actually harmless because the fields in
+struct generic_gcmaes_ctx share the layout of the same fields in
+aesni_rfc4106_gcm_ctx.
+
+Fixes: cce2ea8d90fe ("crypto: aesni - add generic gcm(aes)")
+Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
+Reviewed-by: Stefano Brivio <sbrivio@redhat.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/crypto/aesni-intel_glue.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/x86/crypto/aesni-intel_glue.c
++++ b/arch/x86/crypto/aesni-intel_glue.c
+@@ -1117,7 +1117,7 @@ static int generic_gcmaes_decrypt(struct
+ {
+ __be32 counter = cpu_to_be32(1);
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+- struct aesni_rfc4106_gcm_ctx *ctx = aesni_rfc4106_gcm_ctx_get(tfm);
++ struct generic_gcmaes_ctx *ctx = generic_gcmaes_ctx_get(tfm);
+ void *aes_ctx = &(ctx->aes_key_expanded);
+ u8 iv[16] __attribute__ ((__aligned__(AESNI_ALIGN)));
+
--- /dev/null
+From 9c674e1e2f9e24fa4392167efe343749008338e0 Mon Sep 17 00:00:00 2001
+From: Stephan Mueller <smueller@chronox.de>
+Date: Thu, 18 Jan 2018 20:41:09 +0100
+Subject: crypto: aesni - handle zero length dst buffer
+
+From: Stephan Mueller <smueller@chronox.de>
+
+commit 9c674e1e2f9e24fa4392167efe343749008338e0 upstream.
+
+GCM can be invoked with a zero destination buffer. This is possible if
+the AAD and the ciphertext have zero lengths and only the tag exists in
+the source buffer (i.e. a source buffer cannot be zero). In this case,
+the GCM cipher only performs the authentication and no decryption
+operation.
+
+When the destination buffer has zero length, it is possible that no page
+is mapped to the SG pointing to the destination. In this case,
+sg_page(req->dst) is an invalid access. Therefore, page accesses should
+only be allowed if the req->dst->length is non-zero which is the
+indicator that a page must exist.
+
+This fixes a crash that can be triggered by user space via AF_ALG.
+
+Signed-off-by: Stephan Mueller <smueller@chronox.de>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/crypto/aesni-intel_glue.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/x86/crypto/aesni-intel_glue.c
++++ b/arch/x86/crypto/aesni-intel_glue.c
+@@ -824,7 +824,7 @@ static int gcmaes_decrypt(struct aead_re
+ if (sg_is_last(req->src) &&
+ (!PageHighMem(sg_page(req->src)) ||
+ req->src->offset + req->src->length <= PAGE_SIZE) &&
+- sg_is_last(req->dst) &&
++ sg_is_last(req->dst) && req->dst->length &&
+ (!PageHighMem(sg_page(req->dst)) ||
+ req->dst->offset + req->dst->length <= PAGE_SIZE)) {
+ one_entry_in_sg = 1;
--- /dev/null
+From bb30b8848c85e18ca7e371d0a869e94b3e383bdf Mon Sep 17 00:00:00 2001
+From: Stephan Mueller <smueller@chronox.de>
+Date: Tue, 2 Jan 2018 08:55:25 +0100
+Subject: crypto: af_alg - whitelist mask and type
+
+From: Stephan Mueller <smueller@chronox.de>
+
+commit bb30b8848c85e18ca7e371d0a869e94b3e383bdf upstream.
+
+The user space interface allows specifying the type and mask field used
+to allocate the cipher. Only a subset of the possible flags are intended
+for user space. Therefore, white-list the allowed flags.
+
+In case the user space caller uses at least one non-allowed flag, EINVAL
+is returned.
+
+Reported-by: syzbot <syzkaller@googlegroups.com>
+Signed-off-by: Stephan Mueller <smueller@chronox.de>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ crypto/af_alg.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+--- a/crypto/af_alg.c
++++ b/crypto/af_alg.c
+@@ -150,7 +150,7 @@ EXPORT_SYMBOL_GPL(af_alg_release_parent)
+
+ static int alg_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
+ {
+- const u32 forbidden = CRYPTO_ALG_INTERNAL;
++ const u32 allowed = CRYPTO_ALG_KERN_DRIVER_ONLY;
+ struct sock *sk = sock->sk;
+ struct alg_sock *ask = alg_sk(sk);
+ struct sockaddr_alg *sa = (void *)uaddr;
+@@ -158,6 +158,10 @@ static int alg_bind(struct socket *sock,
+ void *private;
+ int err;
+
++ /* If caller uses non-allowed flag, return error. */
++ if ((sa->salg_feat & ~allowed) || (sa->salg_mask & ~allowed))
++ return -EINVAL;
++
+ if (sock->state == SS_CONNECTED)
+ return -EINVAL;
+
+@@ -176,9 +180,7 @@ static int alg_bind(struct socket *sock,
+ if (IS_ERR(type))
+ return PTR_ERR(type);
+
+- private = type->bind(sa->salg_name,
+- sa->salg_feat & ~forbidden,
+- sa->salg_mask & ~forbidden);
++ private = type->bind(sa->salg_name, sa->salg_feat, sa->salg_mask);
+ if (IS_ERR(private)) {
+ module_put(type->owner);
+ return PTR_ERR(private);
--- /dev/null
+From b5b9007730ce1d90deaf25d7f678511550744bdc Mon Sep 17 00:00:00 2001
+From: Hauke Mehrtens <hauke@hauke-m.de>
+Date: Sun, 26 Nov 2017 00:16:46 +0100
+Subject: crypto: ecdh - fix typo in KPP dependency of CRYPTO_ECDH
+
+From: Hauke Mehrtens <hauke@hauke-m.de>
+
+commit b5b9007730ce1d90deaf25d7f678511550744bdc upstream.
+
+This fixes a typo in the CRYPTO_KPP dependency of CRYPTO_ECDH.
+
+Fixes: 3c4b23901a0c ("crypto: ecdh - Add ECDH software support")
+Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ crypto/Kconfig | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/crypto/Kconfig
++++ b/crypto/Kconfig
+@@ -130,7 +130,7 @@ config CRYPTO_DH
+
+ config CRYPTO_ECDH
+ tristate "ECDH algorithm"
+- select CRYTPO_KPP
++ select CRYPTO_KPP
+ select CRYPTO_RNG_DEFAULT
+ help
+ Generic implementation of the ECDH algorithm
--- /dev/null
+From c957f8b3e2e54b29f53ef69decc87bbc858c9b58 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Antoine=20T=C3=A9nart?= <antoine.tenart@free-electrons.com>
+Date: Tue, 26 Dec 2017 17:21:16 +0100
+Subject: crypto: inside-secure - avoid unmapping DMA memory that was not mapped
+
+From: Antoine Tenart <antoine.tenart@free-electrons.com>
+
+commit c957f8b3e2e54b29f53ef69decc87bbc858c9b58 upstream.
+
+This patch adds a parameter in the SafeXcel ahash request structure to
+keep track of the number of SG entries mapped. This allows not to call
+dma_unmap_sg() when dma_map_sg() wasn't called in the first place. This
+also removes a warning when the debugging of the DMA-API is enabled in
+the kernel configuration: "DMA-API: device driver tries to free DMA
+memory it has not allocated".
+
+Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver")
+Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/crypto/inside-secure/safexcel_hash.c | 20 ++++++++++++--------
+ 1 file changed, 12 insertions(+), 8 deletions(-)
+
+--- a/drivers/crypto/inside-secure/safexcel_hash.c
++++ b/drivers/crypto/inside-secure/safexcel_hash.c
+@@ -34,6 +34,8 @@ struct safexcel_ahash_req {
+ bool hmac;
+ bool needs_inv;
+
++ int nents;
++
+ u8 state_sz; /* expected sate size, only set once */
+ u32 state[SHA256_DIGEST_SIZE / sizeof(u32)] __aligned(sizeof(u32));
+
+@@ -152,8 +154,10 @@ static int safexcel_handle_req_result(st
+ memcpy(areq->result, sreq->state,
+ crypto_ahash_digestsize(ahash));
+
+- dma_unmap_sg(priv->dev, areq->src,
+- sg_nents_for_len(areq->src, areq->nbytes), DMA_TO_DEVICE);
++ if (sreq->nents) {
++ dma_unmap_sg(priv->dev, areq->src, sreq->nents, DMA_TO_DEVICE);
++ sreq->nents = 0;
++ }
+
+ safexcel_free_context(priv, async, sreq->state_sz);
+
+@@ -178,7 +182,7 @@ static int safexcel_ahash_send_req(struc
+ struct safexcel_command_desc *cdesc, *first_cdesc = NULL;
+ struct safexcel_result_desc *rdesc;
+ struct scatterlist *sg;
+- int i, nents, queued, len, cache_len, extra, n_cdesc = 0, ret = 0;
++ int i, queued, len, cache_len, extra, n_cdesc = 0, ret = 0;
+
+ queued = len = req->len - req->processed;
+ if (queued < crypto_ahash_blocksize(ahash))
+@@ -248,15 +252,15 @@ static int safexcel_ahash_send_req(struc
+ }
+
+ /* Now handle the current ahash request buffer(s) */
+- nents = dma_map_sg(priv->dev, areq->src,
+- sg_nents_for_len(areq->src, areq->nbytes),
+- DMA_TO_DEVICE);
+- if (!nents) {
++ req->nents = dma_map_sg(priv->dev, areq->src,
++ sg_nents_for_len(areq->src, areq->nbytes),
++ DMA_TO_DEVICE);
++ if (!req->nents) {
+ ret = -ENOMEM;
+ goto cdesc_rollback;
+ }
+
+- for_each_sg(areq->src, sg, nents, i) {
++ for_each_sg(areq->src, sg, req->nents, i) {
+ int sglen = sg_dma_len(sg);
+
+ /* Do not overflow the request */
--- /dev/null
+From 809778e02cd45d0625439fee67688f655627bb3c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Antoine=20T=C3=A9nart?= <antoine.tenart@free-electrons.com>
+Date: Tue, 26 Dec 2017 17:21:17 +0100
+Subject: crypto: inside-secure - fix hash when length is a multiple of a block
+
+From: Antoine Tenart <antoine.tenart@free-electrons.com>
+
+commit 809778e02cd45d0625439fee67688f655627bb3c upstream.
+
+This patch fixes the hash support in the SafeXcel driver when the update
+size is a multiple of a block size, and when a final call is made just
+after with a size of 0. In such cases the driver should cache the last
+block from the update to avoid handling 0 length data on the final call
+(that's a hardware limitation).
+
+Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver")
+Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/crypto/inside-secure/safexcel_hash.c | 34 +++++++++++++++++++--------
+ 1 file changed, 24 insertions(+), 10 deletions(-)
+
+--- a/drivers/crypto/inside-secure/safexcel_hash.c
++++ b/drivers/crypto/inside-secure/safexcel_hash.c
+@@ -186,17 +186,31 @@ static int safexcel_ahash_send_req(struc
+ else
+ cache_len = queued - areq->nbytes;
+
+- /*
+- * If this is not the last request and the queued data does not fit
+- * into full blocks, cache it for the next send() call.
+- */
+- extra = queued & (crypto_ahash_blocksize(ahash) - 1);
+- if (!req->last_req && extra) {
+- sg_pcopy_to_buffer(areq->src, sg_nents(areq->src),
+- req->cache_next, extra, areq->nbytes - extra);
++ if (!req->last_req) {
++ /* If this is not the last request and the queued data does not
++ * fit into full blocks, cache it for the next send() call.
++ */
++ extra = queued & (crypto_ahash_blocksize(ahash) - 1);
++ if (!extra)
++ /* If this is not the last request and the queued data
++ * is a multiple of a block, cache the last one for now.
++ */
++ extra = queued - crypto_ahash_blocksize(ahash);
+
+- queued -= extra;
+- len -= extra;
++ if (extra) {
++ sg_pcopy_to_buffer(areq->src, sg_nents(areq->src),
++ req->cache_next, extra,
++ areq->nbytes - extra);
++
++ queued -= extra;
++ len -= extra;
++
++ if (!queued) {
++ *commands = 0;
++ *results = 0;
++ return 0;
++ }
++ }
+ }
+
+ spin_lock_bh(&priv->ring[ring].egress_lock);
--- /dev/null
+From c013cee99d5a18aec8c71fee8f5f41369cd12595 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Date: Fri, 19 Jan 2018 12:04:33 +0000
+Subject: crypto: sha3-generic - fixes for alignment and big endian operation
+
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+
+commit c013cee99d5a18aec8c71fee8f5f41369cd12595 upstream.
+
+Ensure that the input is byte swabbed before injecting it into the
+SHA3 transform. Use the get_unaligned() accessor for this so that
+we don't perform unaligned access inadvertently on architectures
+that do not support that.
+
+Fixes: 53964b9ee63b7075 ("crypto: sha3 - Add SHA-3 hash algorithm")
+Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ crypto/sha3_generic.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/crypto/sha3_generic.c
++++ b/crypto/sha3_generic.c
+@@ -18,6 +18,7 @@
+ #include <linux/types.h>
+ #include <crypto/sha3.h>
+ #include <asm/byteorder.h>
++#include <asm/unaligned.h>
+
+ #define KECCAK_ROUNDS 24
+
+@@ -149,7 +150,7 @@ static int sha3_update(struct shash_desc
+ unsigned int i;
+
+ for (i = 0; i < sctx->rsizw; i++)
+- sctx->st[i] ^= ((u64 *) src)[i];
++ sctx->st[i] ^= get_unaligned_le64(src + 8 * i);
+ keccakf(sctx->st);
+
+ done += sctx->rsiz;
+@@ -174,7 +175,7 @@ static int sha3_final(struct shash_desc
+ sctx->buf[sctx->rsiz - 1] |= 0x80;
+
+ for (i = 0; i < sctx->rsizw; i++)
+- sctx->st[i] ^= ((u64 *) sctx->buf)[i];
++ sctx->st[i] ^= get_unaligned_le64(sctx->buf + 8 * i);
+
+ keccakf(sctx->st);
+
--- /dev/null
+From 539340f37e6d6ed4cd93e8e18c9b2e4eafd4b842 Mon Sep 17 00:00:00 2001
+From: Jesse Chan <jc@linux.com>
+Date: Mon, 20 Nov 2017 12:54:26 -0800
+Subject: gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE
+
+From: Jesse Chan <jc@linux.com>
+
+commit 539340f37e6d6ed4cd93e8e18c9b2e4eafd4b842 upstream.
+
+This change resolves a new compile-time warning
+when built as a loadable module:
+
+WARNING: modpost: missing MODULE_LICENSE() in drivers/gpio/gpio-ath79.o
+see include/linux/module.h for more information
+
+This adds the license as "GPL v2", which matches the header of the file.
+
+MODULE_DESCRIPTION is also added.
+
+Signed-off-by: Jesse Chan <jc@linux.com>
+Acked-by: Alban Bedel <albeu@free.fr>
+Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/gpio/gpio-ath79.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/drivers/gpio/gpio-ath79.c
++++ b/drivers/gpio/gpio-ath79.c
+@@ -324,3 +324,6 @@ static struct platform_driver ath79_gpio
+ };
+
+ module_platform_driver(ath79_gpio_driver);
++
++MODULE_DESCRIPTION("Atheros AR71XX/AR724X/AR913X GPIO API support");
++MODULE_LICENSE("GPL v2");
--- /dev/null
+From 24bd3efc9d1efb5f756a7c6f807a36ddb6adc671 Mon Sep 17 00:00:00 2001
+From: Linus Walleij <linus.walleij@linaro.org>
+Date: Mon, 22 Jan 2018 13:19:28 +0100
+Subject: gpio: Fix kernel stack leak to userspace
+
+From: Linus Walleij <linus.walleij@linaro.org>
+
+commit 24bd3efc9d1efb5f756a7c6f807a36ddb6adc671 upstream.
+
+The GPIO event descriptor was leaking kernel stack to
+userspace because we don't zero the variable before
+use. Ooops. Fix this.
+
+Reported-by: Arnd Bergmann <arnd@arndb.de>
+Reviewed-by: Bartosz Golaszewski <brgl@bgdev.pl>
+Reviewed-by: Arnd Bergmann <arnd@arndb.de>
+Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/gpio/gpiolib.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/drivers/gpio/gpiolib.c
++++ b/drivers/gpio/gpiolib.c
+@@ -732,6 +732,9 @@ static irqreturn_t lineevent_irq_thread(
+ struct gpioevent_data ge;
+ int ret, level;
+
++ /* Do not leak kernel stack to userspace */
++ memset(&ge, 0, sizeof(ge));
++
+ ge.timestamp = ktime_get_real_ns();
+ level = gpiod_get_value_cansleep(le->desc);
+
--- /dev/null
+From 97b03136e1b637d7a9d2274c099e44ecf23f1103 Mon Sep 17 00:00:00 2001
+From: Jesse Chan <jc@linux.com>
+Date: Mon, 20 Nov 2017 12:54:52 -0800
+Subject: gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
+
+From: Jesse Chan <jc@linux.com>
+
+commit 97b03136e1b637d7a9d2274c099e44ecf23f1103 upstream.
+
+This change resolves a new compile-time warning
+when built as a loadable module:
+
+WARNING: modpost: missing MODULE_LICENSE() in drivers/gpio/gpio-iop.o
+see include/linux/module.h for more information
+
+This adds the license as "GPL", which matches the header of the file.
+
+MODULE_DESCRIPTION and MODULE_AUTHOR are also added.
+
+Signed-off-by: Jesse Chan <jc@linux.com>
+Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/gpio/gpio-iop.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/drivers/gpio/gpio-iop.c
++++ b/drivers/gpio/gpio-iop.c
+@@ -58,3 +58,7 @@ static int __init iop3xx_gpio_init(void)
+ return platform_driver_register(&iop3xx_gpio_driver);
+ }
+ arch_initcall(iop3xx_gpio_init);
++
++MODULE_DESCRIPTION("GPIO handling for Intel IOP3xx processors");
++MODULE_AUTHOR("Lennert Buytenhek <buytenh@wantstofly.org>");
++MODULE_LICENSE("GPL");
--- /dev/null
+From b888fb6f2a278442933e3bfab70262e9a5365fb3 Mon Sep 17 00:00:00 2001
+From: Patrice Chotard <patrice.chotard@st.com>
+Date: Fri, 12 Jan 2018 13:16:08 +0100
+Subject: gpio: stmpe: i2c transfer are forbiden in atomic context
+
+From: Patrice Chotard <patrice.chotard@st.com>
+
+commit b888fb6f2a278442933e3bfab70262e9a5365fb3 upstream.
+
+Move the workaround from stmpe_gpio_irq_unmask() which is executed
+in atomic context to stmpe_gpio_irq_sync_unlock() which is not.
+
+It fixes the following issue:
+
+[ 1.500000] BUG: scheduling while atomic: swapper/1/0x00000002
+[ 1.500000] CPU: 0 PID: 1 Comm: swapper Not tainted 4.15.0-rc2-00020-gbd4301f-dirty #28
+[ 1.520000] Hardware name: STM32 (Device Tree Support)
+[ 1.520000] [<0000bfc9>] (unwind_backtrace) from [<0000b347>] (show_stack+0xb/0xc)
+[ 1.530000] [<0000b347>] (show_stack) from [<0001fc49>] (__schedule_bug+0x39/0x58)
+[ 1.530000] [<0001fc49>] (__schedule_bug) from [<00168211>] (__schedule+0x23/0x2b2)
+[ 1.550000] [<00168211>] (__schedule) from [<001684f7>] (schedule+0x57/0x64)
+[ 1.550000] [<001684f7>] (schedule) from [<0016a513>] (schedule_timeout+0x137/0x164)
+[ 1.550000] [<0016a513>] (schedule_timeout) from [<00168b91>] (wait_for_common+0x8d/0xfc)
+[ 1.570000] [<00168b91>] (wait_for_common) from [<00139753>] (stm32f4_i2c_xfer+0xe9/0xfe)
+[ 1.580000] [<00139753>] (stm32f4_i2c_xfer) from [<00138545>] (__i2c_transfer+0x111/0x148)
+[ 1.590000] [<00138545>] (__i2c_transfer) from [<001385cf>] (i2c_transfer+0x53/0x70)
+[ 1.590000] [<001385cf>] (i2c_transfer) from [<001388a5>] (i2c_smbus_xfer+0x12f/0x36e)
+[ 1.600000] [<001388a5>] (i2c_smbus_xfer) from [<00138b49>] (i2c_smbus_read_byte_data+0x1f/0x2a)
+[ 1.610000] [<00138b49>] (i2c_smbus_read_byte_data) from [<00124fdd>] (__stmpe_reg_read+0xd/0x24)
+[ 1.620000] [<00124fdd>] (__stmpe_reg_read) from [<001252b3>] (stmpe_reg_read+0x19/0x24)
+[ 1.630000] [<001252b3>] (stmpe_reg_read) from [<0002c4d1>] (unmask_irq+0x17/0x22)
+[ 1.640000] [<0002c4d1>] (unmask_irq) from [<0002c57f>] (irq_startup+0x6f/0x78)
+[ 1.650000] [<0002c57f>] (irq_startup) from [<0002b7a1>] (__setup_irq+0x319/0x47c)
+[ 1.650000] [<0002b7a1>] (__setup_irq) from [<0002bad3>] (request_threaded_irq+0x6b/0xe8)
+[ 1.660000] [<0002bad3>] (request_threaded_irq) from [<0002d0b9>] (devm_request_threaded_irq+0x3b/0x6a)
+[ 1.670000] [<0002d0b9>] (devm_request_threaded_irq) from [<001446e7>] (mmc_gpiod_request_cd_irq+0x49/0x8a)
+[ 1.680000] [<001446e7>] (mmc_gpiod_request_cd_irq) from [<0013d45d>] (mmc_start_host+0x49/0x60)
+[ 1.690000] [<0013d45d>] (mmc_start_host) from [<0013e40b>] (mmc_add_host+0x3b/0x54)
+[ 1.700000] [<0013e40b>] (mmc_add_host) from [<00148119>] (mmci_probe+0x4d1/0x60c)
+[ 1.710000] [<00148119>] (mmci_probe) from [<000f903b>] (amba_probe+0x7b/0xbe)
+[ 1.720000] [<000f903b>] (amba_probe) from [<001170e5>] (driver_probe_device+0x169/0x1f8)
+[ 1.730000] [<001170e5>] (driver_probe_device) from [<001171b7>] (__driver_attach+0x43/0x5c)
+[ 1.740000] [<001171b7>] (__driver_attach) from [<0011618d>] (bus_for_each_dev+0x3d/0x46)
+[ 1.740000] [<0011618d>] (bus_for_each_dev) from [<001165cd>] (bus_add_driver+0xcd/0x124)
+[ 1.740000] [<001165cd>] (bus_add_driver) from [<00117713>] (driver_register+0x4d/0x7a)
+[ 1.760000] [<00117713>] (driver_register) from [<001fc765>] (do_one_initcall+0xbd/0xe8)
+[ 1.770000] [<001fc765>] (do_one_initcall) from [<001fc88b>] (kernel_init_freeable+0xfb/0x134)
+[ 1.780000] [<001fc88b>] (kernel_init_freeable) from [<00167ee3>] (kernel_init+0x7/0x9c)
+[ 1.790000] [<00167ee3>] (kernel_init) from [<00009b65>] (ret_from_fork+0x11/0x2c)
+
+Signed-off-by: Alexandre TORGUE <alexandre.torgue@st.com>
+Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
+Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/gpio/gpio-stmpe.c | 20 ++++++++++----------
+ 1 file changed, 10 insertions(+), 10 deletions(-)
+
+--- a/drivers/gpio/gpio-stmpe.c
++++ b/drivers/gpio/gpio-stmpe.c
+@@ -190,6 +190,16 @@ static void stmpe_gpio_irq_sync_unlock(s
+ };
+ int i, j;
+
++ /*
++ * STMPE1600: to be able to get IRQ from pins,
++ * a read must be done on GPMR register, or a write in
++ * GPSR or GPCR registers
++ */
++ if (stmpe->partnum == STMPE1600) {
++ stmpe_reg_read(stmpe, stmpe->regs[STMPE_IDX_GPMR_LSB]);
++ stmpe_reg_read(stmpe, stmpe->regs[STMPE_IDX_GPMR_CSB]);
++ }
++
+ for (i = 0; i < CACHE_NR_REGS; i++) {
+ /* STMPE801 and STMPE1600 don't have RE and FE registers */
+ if ((stmpe->partnum == STMPE801 ||
+@@ -227,21 +237,11 @@ static void stmpe_gpio_irq_unmask(struct
+ {
+ struct gpio_chip *gc = irq_data_get_irq_chip_data(d);
+ struct stmpe_gpio *stmpe_gpio = gpiochip_get_data(gc);
+- struct stmpe *stmpe = stmpe_gpio->stmpe;
+ int offset = d->hwirq;
+ int regoffset = offset / 8;
+ int mask = BIT(offset % 8);
+
+ stmpe_gpio->regs[REG_IE][regoffset] |= mask;
+-
+- /*
+- * STMPE1600 workaround: to be able to get IRQ from pins,
+- * a read must be done on GPMR register, or a write in
+- * GPSR or GPCR registers
+- */
+- if (stmpe->partnum == STMPE1600)
+- stmpe_reg_read(stmpe,
+- stmpe->regs[STMPE_IDX_GPMR_LSB + regoffset]);
+ }
+
+ static void stmpe_dbg_show_one(struct seq_file *s,
--- /dev/null
+From 791ae273731fa85d3332e45064dab177ae663e80 Mon Sep 17 00:00:00 2001
+From: Aaron Armstrong Skomra <skomra@gmail.com>
+Date: Thu, 7 Dec 2017 12:31:56 -0800
+Subject: HID: wacom: EKR: ensure devres groups at higher indexes are released
+
+From: Aaron Armstrong Skomra <skomra@gmail.com>
+
+commit 791ae273731fa85d3332e45064dab177ae663e80 upstream.
+
+Background: ExpressKey Remotes communicate their events via usb dongle.
+Each dongle can hold up to 5 pairings at one time and one EKR (identified
+by its serial number) can unfortunately be paired with its dongle
+more than once. The pairing takes place in a round-robin fashion.
+
+Input devices are only created once per EKR, when a new serial number
+is seen in the list of pairings. However, if a device is created for
+a "higher" paring index and subsequently a second pairing occurs at a
+lower pairing index, unpairing the remote with that serial number from
+any pairing index will currently cause a driver crash. This occurs
+infrequently, as two remotes are necessary to trigger this bug and most
+users have only one remote.
+
+As an illustration, to trigger the bug you need to have two remotes,
+and pair them in this order:
+
+1. slot 0 -> remote 1 (input device created for remote 1)
+2. slot 1 -> remote 1 (duplicate pairing - no device created)
+3. slot 2 -> remote 1 (duplicate pairing - no device created)
+4. slot 3 -> remote 1 (duplicate pairing - no device created)
+5. slot 4 -> remote 2 (input device created for remote 2)
+
+6. slot 0 -> remote 2 (1 destroyed and recreated at slot 1)
+7. slot 1 -> remote 2 (1 destroyed and recreated at slot 2)
+8. slot 2 -> remote 2 (1 destroyed and recreated at slot 3)
+9. slot 3 -> remote 2 (1 destroyed and not recreated)
+10. slot 4 -> remote 2 (2 was already in this slot so no changes)
+
+11. slot 0 -> remote 1 (The current code sees remote 2 was paired over in
+ one of the dongle slots it occupied and attempts
+ to remove all information about remote 2 [1]. It
+ calls wacom_remote_destroy_one for remote 2, but
+ the destroy function assumes the lowest index is
+ where the remote's input device was created. The
+ code "cleans up" the other remote 2 pairings
+ including the one which the input device was based
+ on, assuming they were were just duplicate
+ pairings. However, the cleanup doesn't call the
+ devres release function for the input device that
+ was created in slot 4).
+
+This issue is fixed by this commit.
+
+[1] Remote 2 should subsequently be re-created on the next packet from the
+EKR at the lowest numbered slot that it occupies (here slot 1).
+
+Fixes: f9036bd43602 ("HID: wacom: EKR: use devres groups to manage resources")
+Signed-off-by: Aaron Armstrong Skomra <aaron.skomra@wacom.com>
+Signed-off-by: Jiri Kosina <jkosina@suse.cz>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/hid/wacom_sys.c | 24 ++++++++++++------------
+ 1 file changed, 12 insertions(+), 12 deletions(-)
+
+--- a/drivers/hid/wacom_sys.c
++++ b/drivers/hid/wacom_sys.c
+@@ -2347,23 +2347,23 @@ static void wacom_remote_destroy_one(str
+ int i;
+ unsigned long flags;
+
+- spin_lock_irqsave(&remote->remote_lock, flags);
+- remote->remotes[index].registered = false;
+- spin_unlock_irqrestore(&remote->remote_lock, flags);
++ for (i = 0; i < WACOM_MAX_REMOTES; i++) {
++ if (remote->remotes[i].serial == serial) {
+
+- if (remote->remotes[index].battery.battery)
+- devres_release_group(&wacom->hdev->dev,
+- &remote->remotes[index].battery.bat_desc);
++ spin_lock_irqsave(&remote->remote_lock, flags);
++ remote->remotes[i].registered = false;
++ spin_unlock_irqrestore(&remote->remote_lock, flags);
+
+- if (remote->remotes[index].group.name)
+- devres_release_group(&wacom->hdev->dev,
+- &remote->remotes[index]);
++ if (remote->remotes[i].battery.battery)
++ devres_release_group(&wacom->hdev->dev,
++ &remote->remotes[i].battery.bat_desc);
++
++ if (remote->remotes[i].group.name)
++ devres_release_group(&wacom->hdev->dev,
++ &remote->remotes[i]);
+
+- for (i = 0; i < WACOM_MAX_REMOTES; i++) {
+- if (remote->remotes[i].serial == serial) {
+ remote->remotes[i].serial = 0;
+ remote->remotes[i].group.name = NULL;
+- remote->remotes[i].registered = false;
+ remote->remotes[i].battery.battery = NULL;
+ wacom->led.groups[i].select = WACOM_STATUS_UNKNOWN;
+ }
--- /dev/null
+From 403c0f681c1964ff1db8c2fb8de8c4067779d081 Mon Sep 17 00:00:00 2001
+From: Jason Gerecke <killertofu@gmail.com>
+Date: Tue, 26 Dec 2017 14:53:55 -0800
+Subject: HID: wacom: Fix reporting of touch toggle (WACOM_HID_WD_MUTE_DEVICE) events
+
+From: Jason Gerecke <killertofu@gmail.com>
+
+commit 403c0f681c1964ff1db8c2fb8de8c4067779d081 upstream.
+
+Touch toggle softkeys send a '1' while pressed and a '0' while released,
+requring the kernel to keep track of wether touch should be enabled or
+disabled. The code does not handle the state transitions properly,
+however. If the key is pressed repeatedly, the following four states
+of states are cycled through (assuming touch starts out enabled):
+
+Press: shared->is_touch_on => 0, SW_MUTE_DEVICE => 1
+Release: shared->is_touch_on => 0, SW_MUTE_DEVICE => 1
+Press: shared->is_touch_on => 1, SW_MUTE_DEVICE => 0
+Release: shared->is_touch_on => 1, SW_MUTE_DEVICE => 1
+
+The hardware always properly enables/disables touch when the key is
+pressed but applications that listen for SW_MUTE_DEVICE events to provide
+feedback about the state will only ever show touch as being enabled while
+the key is held, and only every-other time. This sequence occurs because
+the fallthrough WACOM_HID_WD_TOUCHONOFF case is always handled, and it
+uses the value of the *local* is_touch_on variable as the value to
+report to userspace. The local value is equal to the shared value when
+the button is pressed, but equal to zero when the button is released.
+
+Reporting the shared value to userspace fixes this problem, but the
+fallthrough case needs to update the shared value in an incompatible
+way (which is why the local variable was introduced in the first place).
+To work around this, we just handle both cases in a single block of code
+and update the shared variable as appropriate.
+
+Fixes: d793ff8187 ("HID: wacom: generic: support touch on/off softkey")
+Signed-off-by: Jason Gerecke <jason.gerecke@wacom.com>
+Reviewed-by: Aaron Skomra <aaron.skomra@wacom.com>
+Tested-by: Aaron Skomra <aaron.skomra@wacom.com>
+Signed-off-by: Jiri Kosina <jkosina@suse.cz>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/hid/wacom_wac.c | 16 ++++++++--------
+ 1 file changed, 8 insertions(+), 8 deletions(-)
+
+--- a/drivers/hid/wacom_wac.c
++++ b/drivers/hid/wacom_wac.c
+@@ -1924,7 +1924,6 @@ static void wacom_wac_pad_event(struct h
+ struct wacom_features *features = &wacom_wac->features;
+ unsigned equivalent_usage = wacom_equivalent_usage(usage->hid);
+ int i;
+- bool is_touch_on = value;
+ bool do_report = false;
+
+ /*
+@@ -1969,16 +1968,17 @@ static void wacom_wac_pad_event(struct h
+ break;
+
+ case WACOM_HID_WD_MUTE_DEVICE:
+- if (wacom_wac->shared->touch_input && value) {
+- wacom_wac->shared->is_touch_on = !wacom_wac->shared->is_touch_on;
+- is_touch_on = wacom_wac->shared->is_touch_on;
+- }
+-
+- /* fall through*/
+ case WACOM_HID_WD_TOUCHONOFF:
+ if (wacom_wac->shared->touch_input) {
++ bool *is_touch_on = &wacom_wac->shared->is_touch_on;
++
++ if (equivalent_usage == WACOM_HID_WD_MUTE_DEVICE && value)
++ *is_touch_on = !(*is_touch_on);
++ else if (equivalent_usage == WACOM_HID_WD_TOUCHONOFF)
++ *is_touch_on = value;
++
+ input_report_switch(wacom_wac->shared->touch_input,
+- SW_MUTE_DEVICE, !is_touch_on);
++ SW_MUTE_DEVICE, !(*is_touch_on));
+ input_sync(wacom_wac->shared->touch_input);
+ }
+ break;
--- /dev/null
+From d822401d1c6898a4a4ee03977b78b8cec402e88a Mon Sep 17 00:00:00 2001
+From: Jesse Chan <jc@linux.com>
+Date: Mon, 20 Nov 2017 12:57:13 -0800
+Subject: mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
+
+From: Jesse Chan <jc@linux.com>
+
+commit d822401d1c6898a4a4ee03977b78b8cec402e88a upstream.
+
+This change resolves a new compile-time warning
+when built as a loadable module:
+
+WARNING: modpost: missing MODULE_LICENSE() in drivers/mtd/nand/denali_pci.o
+see include/linux/module.h for more information
+
+This adds the license as "GPL v2", which matches the header of the file.
+
+MODULE_DESCRIPTION and MODULE_AUTHOR are also added.
+
+Signed-off-by: Jesse Chan <jc@linux.com>
+Acked-by: Masahiro Yamada <yamada.masahiro@socionext.com>
+Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/mtd/nand/denali_pci.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/drivers/mtd/nand/denali_pci.c
++++ b/drivers/mtd/nand/denali_pci.c
+@@ -125,3 +125,7 @@ static struct pci_driver denali_pci_driv
+ .remove = denali_pci_remove,
+ };
+ module_pci_driver(denali_pci_driver);
++
++MODULE_DESCRIPTION("PCI driver for Denali NAND controller");
++MODULE_AUTHOR("Intel Corporation and its suppliers");
++MODULE_LICENSE("GPL v2");
--- /dev/null
+From 348c7cf5fcbcb68838255759d4cb45d039af36d2 Mon Sep 17 00:00:00 2001
+From: Jesse Chan <jc@linux.com>
+Date: Mon, 20 Nov 2017 12:58:27 -0800
+Subject: power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
+
+From: Jesse Chan <jc@linux.com>
+
+commit 348c7cf5fcbcb68838255759d4cb45d039af36d2 upstream.
+
+This change resolves a new compile-time warning
+when built as a loadable module:
+
+WARNING: modpost: missing MODULE_LICENSE() in drivers/power/reset/zx-reboot.o
+see include/linux/module.h for more information
+
+This adds the license as "GPL v2", which matches the header of the file.
+
+MODULE_DESCRIPTION and MODULE_AUTHOR are also added.
+
+Signed-off-by: Jesse Chan <jc@linux.com>
+Signed-off-by: Sebastian Reichel <sebastian.reichel@collabora.co.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/power/reset/zx-reboot.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/drivers/power/reset/zx-reboot.c
++++ b/drivers/power/reset/zx-reboot.c
+@@ -82,3 +82,7 @@ static struct platform_driver zx_reboot_
+ },
+ };
+ module_platform_driver(zx_reboot_driver);
++
++MODULE_DESCRIPTION("ZTE SoCs reset driver");
++MODULE_AUTHOR("Jun Nie <jun.nie@linaro.org>");
++MODULE_LICENSE("GPL v2");
bluetooth-hci_serdev-init-hci_uart-proto_lock-to-avoid-oops.patch
+tools-gpio-fix-build-error-with-musl-libc.patch
+gpio-stmpe-i2c-transfer-are-forbiden-in-atomic-context.patch
+gpio-fix-kernel-stack-leak-to-userspace.patch
+alsa-hda-reduce-the-suspend-time-consumption-for-alc256.patch
+crypto-ecdh-fix-typo-in-kpp-dependency-of-crypto_ecdh.patch
+crypto-aesni-handle-zero-length-dst-buffer.patch
+crypto-aesni-fix-typo-in-generic_gcmaes_decrypt.patch
+crypto-aesni-add-wrapper-for-generic-gcm-aes.patch
+crypto-aesni-fix-out-of-bounds-access-of-the-data-buffer-in-generic-gcm-aesni.patch
+crypto-aesni-fix-out-of-bounds-access-of-the-aad-buffer-in-generic-gcm-aesni.patch
+crypto-inside-secure-fix-hash-when-length-is-a-multiple-of-a-block.patch
+crypto-inside-secure-avoid-unmapping-dma-memory-that-was-not-mapped.patch
+crypto-sha3-generic-fixes-for-alignment-and-big-endian-operation.patch
+crypto-af_alg-whitelist-mask-and-type.patch
+hid-wacom-ekr-ensure-devres-groups-at-higher-indexes-are-released.patch
+hid-wacom-fix-reporting-of-touch-toggle-wacom_hid_wd_mute_device-events.patch
+power-reset-zx-reboot-add-missing-module_description-author-license.patch
+gpio-iop-add-missing-module_description-author-license.patch
+gpio-ath79-add-missing-module_description-license.patch
+mtd-nand-denali_pci-add-missing-module_description-author-license.patch
--- /dev/null
+From 1696784eb7b52b13b62d160c028ef2c2c981d4f2 Mon Sep 17 00:00:00 2001
+From: Joel Stanley <joel@jms.id.au>
+Date: Thu, 21 Dec 2017 11:11:31 +1030
+Subject: tools/gpio: Fix build error with musl libc
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Joel Stanley <joel@jms.id.au>
+
+commit 1696784eb7b52b13b62d160c028ef2c2c981d4f2 upstream.
+
+The GPIO tools build fails when using a buildroot toolchain that uses musl
+as it's C library:
+
+arm-broomstick-linux-musleabi-gcc -Wp,-MD,./.gpio-event-mon.o.d \
+ -Wp,-MT,gpio-event-mon.o -O2 -Wall -g -D_GNU_SOURCE \
+ -Iinclude -D"BUILD_STR(s)=#s" -c -o gpio-event-mon.o gpio-event-mon.c
+gpio-event-mon.c:30:6: error: unknown type name ‘u_int32_t’; did you mean ‘uint32_t’?
+ u_int32_t handleflags,
+ ^~~~~~~~~
+ uint32_t
+
+The glibc headers installed on my laptop include sys/types.h in
+unistd.h, but it appears that musl does not.
+
+Fixes: 97f69747d8b1 ("tools/gpio: add the gpio-event-mon tool")
+Signed-off-by: Joel Stanley <joel@jms.id.au>
+Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/gpio/gpio-event-mon.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/tools/gpio/gpio-event-mon.c
++++ b/tools/gpio/gpio-event-mon.c
+@@ -23,6 +23,7 @@
+ #include <getopt.h>
+ #include <inttypes.h>
+ #include <sys/ioctl.h>
++#include <sys/types.h>
+ #include <linux/gpio.h>
+
+ int monitor_device(const char *device_name,
projects / thirdparty / kernel / stable-queue.git / commitdiff
