--- /dev/null
+From ff3154d1d89a2343fd5f82e65bc0cf1d4e6659b3 Mon Sep 17 00:00:00 2001
+From: Hans de Goede <hdegoede@redhat.com>
+Date: Tue, 10 Dec 2019 10:57:52 +0100
+Subject: ACPI / battery: Deal better with neither design nor full capacity not being reported
+
+From: Hans de Goede <hdegoede@redhat.com>
+
+commit ff3154d1d89a2343fd5f82e65bc0cf1d4e6659b3 upstream.
+
+Commit b41901a2cf06 ("ACPI / battery: Do not export energy_full[_design] on
+devices without full_charge_capacity") added support for some (broken)
+devices which always report 0 for both design_capacity and
+full_charge_capacity.
+
+Since the device that commit was written as a fix for is not reporting any
+form of "full" capacity we cannot calculate the value for the
+POWER_SUPPLY_PROP_CAPACITY, this is worked around by using an alternative
+array of available properties which does not contain this property.
+
+This is necessary because userspace (upower) treats us returning -ENODEV
+as 0 and then typically will trigger an emergency shutdown because of that.
+Userspace does not do this if the capacity sysfs attribute is not present
+at all.
+
+There are two potential problems with that commit:
+ 1) It assumes that both full_charge- and design-capacity are broken at the
+ same time and only checks if full_charge- is broken.
+ 2) It assumes that this only ever happens for devices which report energy
+ units rather then charge units.
+
+This commit fixes both issues by only using the alternative
+array of available properties if both full_charge- and design-capacity are
+broken and by also adding an alternative array of available properties for
+devices using mA units.
+
+Fixes: b41901a2cf06 ("ACPI / battery: Do not export energy_full[_design] on devices without full_charge_capacity")
+Cc: 4.19+ <stable@vger.kernel.org> # 4.19+
+Signed-off-by: Hans de Goede <hdegoede@redhat.com>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/acpi/battery.c | 51 +++++++++++++++++++++++++++++++++++++------------
+ 1 file changed, 39 insertions(+), 12 deletions(-)
+
+--- a/drivers/acpi/battery.c
++++ b/drivers/acpi/battery.c
+@@ -342,6 +342,20 @@ static enum power_supply_property charge
+ POWER_SUPPLY_PROP_SERIAL_NUMBER,
+ };
+
++static enum power_supply_property charge_battery_full_cap_broken_props[] = {
++ POWER_SUPPLY_PROP_STATUS,
++ POWER_SUPPLY_PROP_PRESENT,
++ POWER_SUPPLY_PROP_TECHNOLOGY,
++ POWER_SUPPLY_PROP_CYCLE_COUNT,
++ POWER_SUPPLY_PROP_VOLTAGE_MIN_DESIGN,
++ POWER_SUPPLY_PROP_VOLTAGE_NOW,
++ POWER_SUPPLY_PROP_CURRENT_NOW,
++ POWER_SUPPLY_PROP_CHARGE_NOW,
++ POWER_SUPPLY_PROP_MODEL_NAME,
++ POWER_SUPPLY_PROP_MANUFACTURER,
++ POWER_SUPPLY_PROP_SERIAL_NUMBER,
++};
++
+ static enum power_supply_property energy_battery_props[] = {
+ POWER_SUPPLY_PROP_STATUS,
+ POWER_SUPPLY_PROP_PRESENT,
+@@ -803,21 +817,34 @@ static void __exit battery_hook_exit(voi
+ static int sysfs_add_battery(struct acpi_battery *battery)
+ {
+ struct power_supply_config psy_cfg = { .drv_data = battery, };
++ bool full_cap_broken = false;
++
++ if (!ACPI_BATTERY_CAPACITY_VALID(battery->full_charge_capacity) &&
++ !ACPI_BATTERY_CAPACITY_VALID(battery->design_capacity))
++ full_cap_broken = true;
+
+ if (battery->power_unit == ACPI_BATTERY_POWER_UNIT_MA) {
+- battery->bat_desc.properties = charge_battery_props;
+- battery->bat_desc.num_properties =
+- ARRAY_SIZE(charge_battery_props);
+- } else if (!ACPI_BATTERY_CAPACITY_VALID(
+- battery->full_charge_capacity)) {
+- battery->bat_desc.properties =
+- energy_battery_full_cap_broken_props;
+- battery->bat_desc.num_properties =
+- ARRAY_SIZE(energy_battery_full_cap_broken_props);
++ if (full_cap_broken) {
++ battery->bat_desc.properties =
++ charge_battery_full_cap_broken_props;
++ battery->bat_desc.num_properties =
++ ARRAY_SIZE(charge_battery_full_cap_broken_props);
++ } else {
++ battery->bat_desc.properties = charge_battery_props;
++ battery->bat_desc.num_properties =
++ ARRAY_SIZE(charge_battery_props);
++ }
+ } else {
+- battery->bat_desc.properties = energy_battery_props;
+- battery->bat_desc.num_properties =
+- ARRAY_SIZE(energy_battery_props);
++ if (full_cap_broken) {
++ battery->bat_desc.properties =
++ energy_battery_full_cap_broken_props;
++ battery->bat_desc.num_properties =
++ ARRAY_SIZE(energy_battery_full_cap_broken_props);
++ } else {
++ battery->bat_desc.properties = energy_battery_props;
++ battery->bat_desc.num_properties =
++ ARRAY_SIZE(energy_battery_props);
++ }
+ }
+
+ battery->bat_desc.name = acpi_device_bid(battery->device);
--- /dev/null
+From cc99f0ad52467028cb1251160f23ad4bb65baf20 Mon Sep 17 00:00:00 2001
+From: Hans de Goede <hdegoede@redhat.com>
+Date: Tue, 10 Dec 2019 10:57:50 +0100
+Subject: ACPI / battery: Deal with design or full capacity being reported as -1
+
+From: Hans de Goede <hdegoede@redhat.com>
+
+commit cc99f0ad52467028cb1251160f23ad4bb65baf20 upstream.
+
+Commit b41901a2cf06 ("ACPI / battery: Do not export energy_full[_design]
+on devices without full_charge_capacity") added support for some (broken)
+devices which always report 0 for both design- and full_charge-capacity.
+
+This assumes that if the capacity is not being reported it is 0. The
+ThunderSoft TS178 tablet's _BIX implementation falsifies this assumption.
+It reports ACPI_BATTERY_VALUE_UNKNOWN (-1) as full_charge_capacity, which
+we treat as a valid value which causes several problems.
+
+This commit fixes this by adding a new ACPI_BATTERY_CAPACITY_VALID() helper
+which checks that the value is not 0 and not -1; and using this whenever we
+need to test if either design_capacity or full_charge_capacity is valid.
+
+Fixes: b41901a2cf06 ("ACPI / battery: Do not export energy_full[_design] on devices without full_charge_capacity")
+Cc: 4.19+ <stable@vger.kernel.org> # 4.19+
+Signed-off-by: Hans de Goede <hdegoede@redhat.com>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/acpi/battery.c | 19 ++++++++++++-------
+ 1 file changed, 12 insertions(+), 7 deletions(-)
+
+--- a/drivers/acpi/battery.c
++++ b/drivers/acpi/battery.c
+@@ -38,6 +38,8 @@
+ #define PREFIX "ACPI: "
+
+ #define ACPI_BATTERY_VALUE_UNKNOWN 0xFFFFFFFF
++#define ACPI_BATTERY_CAPACITY_VALID(capacity) \
++ ((capacity) != 0 && (capacity) != ACPI_BATTERY_VALUE_UNKNOWN)
+
+ #define ACPI_BATTERY_DEVICE_NAME "Battery"
+
+@@ -192,7 +194,8 @@ static int acpi_battery_is_charged(struc
+
+ static bool acpi_battery_is_degraded(struct acpi_battery *battery)
+ {
+- return battery->full_charge_capacity && battery->design_capacity &&
++ return ACPI_BATTERY_CAPACITY_VALID(battery->full_charge_capacity) &&
++ ACPI_BATTERY_CAPACITY_VALID(battery->design_capacity) &&
+ battery->full_charge_capacity < battery->design_capacity;
+ }
+
+@@ -263,14 +266,14 @@ static int acpi_battery_get_property(str
+ break;
+ case POWER_SUPPLY_PROP_CHARGE_FULL_DESIGN:
+ case POWER_SUPPLY_PROP_ENERGY_FULL_DESIGN:
+- if (battery->design_capacity == ACPI_BATTERY_VALUE_UNKNOWN)
++ if (!ACPI_BATTERY_CAPACITY_VALID(battery->design_capacity))
+ ret = -ENODEV;
+ else
+ val->intval = battery->design_capacity * 1000;
+ break;
+ case POWER_SUPPLY_PROP_CHARGE_FULL:
+ case POWER_SUPPLY_PROP_ENERGY_FULL:
+- if (battery->full_charge_capacity == ACPI_BATTERY_VALUE_UNKNOWN)
++ if (!ACPI_BATTERY_CAPACITY_VALID(battery->full_charge_capacity))
+ ret = -ENODEV;
+ else
+ val->intval = battery->full_charge_capacity * 1000;
+@@ -283,11 +286,12 @@ static int acpi_battery_get_property(str
+ val->intval = battery->capacity_now * 1000;
+ break;
+ case POWER_SUPPLY_PROP_CAPACITY:
+- if (battery->capacity_now && battery->full_charge_capacity)
++ if (battery->capacity_now == ACPI_BATTERY_VALUE_UNKNOWN ||
++ !ACPI_BATTERY_CAPACITY_VALID(battery->full_charge_capacity))
++ ret = -ENODEV;
++ else
+ val->intval = battery->capacity_now * 100/
+ battery->full_charge_capacity;
+- else
+- val->intval = 0;
+ break;
+ case POWER_SUPPLY_PROP_CAPACITY_LEVEL:
+ if (battery->state & ACPI_BATTERY_STATE_CRITICAL)
+@@ -799,7 +803,8 @@ static int sysfs_add_battery(struct acpi
+ battery->bat_desc.properties = charge_battery_props;
+ battery->bat_desc.num_properties =
+ ARRAY_SIZE(charge_battery_props);
+- } else if (battery->full_charge_capacity == 0) {
++ } else if (!ACPI_BATTERY_CAPACITY_VALID(
++ battery->full_charge_capacity)) {
+ battery->bat_desc.properties =
+ energy_battery_full_cap_broken_props;
+ battery->bat_desc.num_properties =
--- /dev/null
+From 5b74d1d16e2f5753fcbdecd6771b2d8370dda414 Mon Sep 17 00:00:00 2001
+From: Hans de Goede <hdegoede@redhat.com>
+Date: Tue, 10 Dec 2019 10:57:51 +0100
+Subject: ACPI / battery: Use design-cap for capacity calculations if full-cap is not available
+
+From: Hans de Goede <hdegoede@redhat.com>
+
+commit 5b74d1d16e2f5753fcbdecd6771b2d8370dda414 upstream.
+
+The ThunderSoft TS178 tablet's _BIX implementation reports design_capacity
+but not full_charge_capacity.
+
+Before this commit this would cause us to return -ENODEV for the capacity
+attribute, which userspace does not like. Specifically upower does this:
+
+ if (sysfs_file_exists (native_path, "capacity")) {
+ percentage = sysfs_get_double (native_path, "capacity");
+
+Where the sysfs_get_double() helper returns 0 when we return -ENODEV,
+so the battery always reads 0% if we return -ENODEV.
+
+This commit fixes this by using the design-capacity instead of the
+full-charge-capacity when the full-charge-capacity is not available.
+
+Fixes: b41901a2cf06 ("ACPI / battery: Do not export energy_full[_design] on devices without full_charge_capacity")
+Cc: 4.19+ <stable@vger.kernel.org> # 4.19+
+Signed-off-by: Hans de Goede <hdegoede@redhat.com>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/acpi/battery.c | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+--- a/drivers/acpi/battery.c
++++ b/drivers/acpi/battery.c
+@@ -217,7 +217,7 @@ static int acpi_battery_get_property(str
+ enum power_supply_property psp,
+ union power_supply_propval *val)
+ {
+- int ret = 0;
++ int full_capacity = ACPI_BATTERY_VALUE_UNKNOWN, ret = 0;
+ struct acpi_battery *battery = to_acpi_battery(psy);
+
+ if (acpi_battery_present(battery)) {
+@@ -286,12 +286,17 @@ static int acpi_battery_get_property(str
+ val->intval = battery->capacity_now * 1000;
+ break;
+ case POWER_SUPPLY_PROP_CAPACITY:
++ if (ACPI_BATTERY_CAPACITY_VALID(battery->full_charge_capacity))
++ full_capacity = battery->full_charge_capacity;
++ else if (ACPI_BATTERY_CAPACITY_VALID(battery->design_capacity))
++ full_capacity = battery->design_capacity;
++
+ if (battery->capacity_now == ACPI_BATTERY_VALUE_UNKNOWN ||
+- !ACPI_BATTERY_CAPACITY_VALID(battery->full_charge_capacity))
++ full_capacity == ACPI_BATTERY_VALUE_UNKNOWN)
+ ret = -ENODEV;
+ else
+ val->intval = battery->capacity_now * 100/
+- battery->full_charge_capacity;
++ full_capacity;
+ break;
+ case POWER_SUPPLY_PROP_CAPACITY_LEVEL:
+ if (battery->state & ACPI_BATTERY_STATE_CRITICAL)
--- /dev/null
+From d21a91629f4b8e794fc4c0e0c17c85cedf1d806c Mon Sep 17 00:00:00 2001
+From: Hans de Goede <hdegoede@redhat.com>
+Date: Tue, 17 Dec 2019 20:08:11 +0100
+Subject: ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards
+
+From: Hans de Goede <hdegoede@redhat.com>
+
+commit d21a91629f4b8e794fc4c0e0c17c85cedf1d806c upstream.
+
+Despite our heuristics to not wrongly export a non working ACPI backlight
+interface on desktop machines, we still end up exporting one on desktops
+using a motherboard from the MSI MS-7721 series.
+
+I've looked at improving the heuristics, but in this case a quirk seems
+to be the only way to solve this.
+
+While at it also add a comment to separate the video_detect_force_none
+entries in the video_detect_dmi_table from other type of entries, as we
+already do for the other entry types.
+
+Cc: All applicable <stable@vger.kernel.org>
+BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1783786
+Signed-off-by: Hans de Goede <hdegoede@redhat.com>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/acpi/video_detect.c | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+
+--- a/drivers/acpi/video_detect.c
++++ b/drivers/acpi/video_detect.c
+@@ -336,6 +336,11 @@ static const struct dmi_system_id video_
+ DMI_MATCH(DMI_PRODUCT_NAME, "Precision 7510"),
+ },
+ },
++
++ /*
++ * Desktops which falsely report a backlight and which our heuristics
++ * for this do not catch.
++ */
+ {
+ .callback = video_detect_force_none,
+ .ident = "Dell OptiPlex 9020M",
+@@ -344,6 +349,14 @@ static const struct dmi_system_id video_
+ DMI_MATCH(DMI_PRODUCT_NAME, "OptiPlex 9020M"),
+ },
+ },
++ {
++ .callback = video_detect_force_none,
++ .ident = "MSI MS-7721",
++ .matches = {
++ DMI_MATCH(DMI_SYS_VENDOR, "MSI"),
++ DMI_MATCH(DMI_PRODUCT_NAME, "MS-7721"),
++ },
++ },
+ { },
+ };
+
--- /dev/null
+From 6b6d188aae79a630957aefd88ff5c42af6553ee3 Mon Sep 17 00:00:00 2001
+From: Stephen Boyd <swboyd@chromium.org>
+Date: Thu, 9 Jan 2020 07:59:07 -0800
+Subject: alarmtimer: Unregister wakeup source when module get fails
+
+From: Stephen Boyd <swboyd@chromium.org>
+
+commit 6b6d188aae79a630957aefd88ff5c42af6553ee3 upstream.
+
+The alarmtimer_rtc_add_device() function creates a wakeup source and then
+tries to grab a module reference. If that fails the function returns early
+with an error code, but fails to remove the wakeup source.
+
+Cleanup this exit path so there is no dangling wakeup source, which is
+named 'alarmtime' left allocated which will conflict with another RTC
+device that may be registered later.
+
+Fixes: 51218298a25e ("alarmtimer: Ensure RTC module is not unloaded")
+Signed-off-by: Stephen Boyd <swboyd@chromium.org>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Reviewed-by: Douglas Anderson <dianders@chromium.org>
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/20200109155910.907-2-swboyd@chromium.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ kernel/time/alarmtimer.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+--- a/kernel/time/alarmtimer.c
++++ b/kernel/time/alarmtimer.c
+@@ -88,6 +88,7 @@ static int alarmtimer_rtc_add_device(str
+ unsigned long flags;
+ struct rtc_device *rtc = to_rtc_device(dev);
+ struct wakeup_source *__ws;
++ int ret = 0;
+
+ if (rtcdev)
+ return -EBUSY;
+@@ -102,8 +103,8 @@ static int alarmtimer_rtc_add_device(str
+ spin_lock_irqsave(&rtcdev_lock, flags);
+ if (!rtcdev) {
+ if (!try_module_get(rtc->owner)) {
+- spin_unlock_irqrestore(&rtcdev_lock, flags);
+- return -1;
++ ret = -1;
++ goto unlock;
+ }
+
+ rtcdev = rtc;
+@@ -112,11 +113,12 @@ static int alarmtimer_rtc_add_device(str
+ ws = __ws;
+ __ws = NULL;
+ }
++unlock:
+ spin_unlock_irqrestore(&rtcdev_lock, flags);
+
+ wakeup_source_unregister(__ws);
+
+- return 0;
++ return ret;
+ }
+
+ static inline void alarmtimer_rtc_timer_init(void)
--- /dev/null
+From 13a10da94615d81087e718517794f2868a8b3fab Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Sun, 19 Jan 2020 22:07:32 -0800
+Subject: fscrypt: don't print name of busy file when removing key
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit 13a10da94615d81087e718517794f2868a8b3fab upstream.
+
+When an encryption key can't be fully removed due to file(s) protected
+by it still being in-use, we shouldn't really print the path to one of
+these files to the kernel log, since parts of this path are likely to be
+encrypted on-disk, and (depending on how the system is set up) the
+confidentiality of this path might be lost by printing it to the log.
+
+This is a trade-off: a single file path often doesn't matter at all,
+especially if it's a directory; the kernel log might still be protected
+in some way; and I had originally hoped that any "inode(s) still busy"
+bugs (which are security weaknesses in their own right) would be quickly
+fixed and that to do so it would be super helpful to always know the
+file path and not have to run 'find dir -inum $inum' after the fact.
+
+But in practice, these bugs can be hard to fix (e.g. due to asynchronous
+process killing that is difficult to eliminate, for performance
+reasons), and also not tied to specific files, so knowing a file path
+doesn't necessarily help.
+
+So to be safe, for now let's just show the inode number, not the path.
+If someone really wants to know a path they can use 'find -inum'.
+
+Fixes: b1c0ec3599f4 ("fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl")
+Cc: <stable@vger.kernel.org> # v5.4+
+Link: https://lore.kernel.org/r/20200120060732.390362-1-ebiggers@kernel.org
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/crypto/keyring.c | 15 ++-------------
+ 1 file changed, 2 insertions(+), 13 deletions(-)
+
+--- a/fs/crypto/keyring.c
++++ b/fs/crypto/keyring.c
+@@ -664,9 +664,6 @@ static int check_for_busy_inodes(struct
+ struct list_head *pos;
+ size_t busy_count = 0;
+ unsigned long ino;
+- struct dentry *dentry;
+- char _path[256];
+- char *path = NULL;
+
+ spin_lock(&mk->mk_decrypted_inodes_lock);
+
+@@ -685,22 +682,14 @@ static int check_for_busy_inodes(struct
+ struct fscrypt_info,
+ ci_master_key_link)->ci_inode;
+ ino = inode->i_ino;
+- dentry = d_find_alias(inode);
+ }
+ spin_unlock(&mk->mk_decrypted_inodes_lock);
+
+- if (dentry) {
+- path = dentry_path(dentry, _path, sizeof(_path));
+- dput(dentry);
+- }
+- if (IS_ERR_OR_NULL(path))
+- path = "(unknown)";
+-
+ fscrypt_warn(NULL,
+- "%s: %zu inode(s) still busy after removing key with %s %*phN, including ino %lu (%s)",
++ "%s: %zu inode(s) still busy after removing key with %s %*phN, including ino %lu",
+ sb->s_id, busy_count, master_key_spec_type(&mk->mk_spec),
+ master_key_spec_len(&mk->mk_spec), (u8 *)&mk->mk_spec.u,
+- ino, path);
++ ino);
+ return -EBUSY;
+ }
+
--- /dev/null
+From af3ed119329cf9690598c5a562d95dfd128e91d6 Mon Sep 17 00:00:00 2001
+From: Linus Walleij <linus.walleij@linaro.org>
+Date: Wed, 4 Dec 2019 16:27:49 +0100
+Subject: mmc: spi: Toggle SPI polarity, do not hardcode it
+
+From: Linus Walleij <linus.walleij@linaro.org>
+
+commit af3ed119329cf9690598c5a562d95dfd128e91d6 upstream.
+
+The code in mmc_spi_initsequence() tries to send a burst with
+high chipselect and for this reason hardcodes the device into
+SPI_CS_HIGH.
+
+This is not good because the SPI_CS_HIGH flag indicates
+logical "asserted" CS not always the physical level. In
+some cases the signal is inverted in the GPIO library and
+in that case SPI_CS_HIGH is already set, and enforcing
+SPI_CS_HIGH again will actually drive it low.
+
+Instead of hard-coding this, toggle the polarity so if the
+default is LOW it goes high to assert chipselect but if it
+is already high then toggle it low instead.
+
+Cc: Phil Elwell <phil@raspberrypi.org>
+Reported-by: Mark Brown <broonie@kernel.org>
+Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
+Reviewed-by: Mark Brown <broonie@kernel.org>
+Link: https://lore.kernel.org/r/20191204152749.12652-1-linus.walleij@linaro.org
+Cc: stable@vger.kernel.org
+Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/mmc/host/mmc_spi.c | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+--- a/drivers/mmc/host/mmc_spi.c
++++ b/drivers/mmc/host/mmc_spi.c
+@@ -1134,17 +1134,22 @@ static void mmc_spi_initsequence(struct
+ * SPI protocol. Another is that when chipselect is released while
+ * the card returns BUSY status, the clock must issue several cycles
+ * with chipselect high before the card will stop driving its output.
++ *
++ * SPI_CS_HIGH means "asserted" here. In some cases like when using
++ * GPIOs for chip select, SPI_CS_HIGH is set but this will be logically
++ * inverted by gpiolib, so if we want to ascertain to drive it high
++ * we should toggle the default with an XOR as we do here.
+ */
+- host->spi->mode |= SPI_CS_HIGH;
++ host->spi->mode ^= SPI_CS_HIGH;
+ if (spi_setup(host->spi) != 0) {
+ /* Just warn; most cards work without it. */
+ dev_warn(&host->spi->dev,
+ "can't change chip-select polarity\n");
+- host->spi->mode &= ~SPI_CS_HIGH;
++ host->spi->mode ^= SPI_CS_HIGH;
+ } else {
+ mmc_spi_readbytes(host, 18);
+
+- host->spi->mode &= ~SPI_CS_HIGH;
++ host->spi->mode ^= SPI_CS_HIGH;
+ if (spi_setup(host->spi) != 0) {
+ /* Wot, we can't get the same setup we had before? */
+ dev_err(&host->spi->dev,
--- /dev/null
+From b0de922af53eede340986a2d05b6cd4b6d6efa43 Mon Sep 17 00:00:00 2001
+From: Kishon Vijay Abraham I <kishon@ti.com>
+Date: Tue, 21 Jan 2020 17:27:34 +0530
+Subject: PCI: keystone: Fix error handling when "num-viewport" DT property is not populated
+
+From: Kishon Vijay Abraham I <kishon@ti.com>
+
+commit b0de922af53eede340986a2d05b6cd4b6d6efa43 upstream.
+
+Fix error handling when "num-viewport" DT property is not populated.
+
+Fixes: 23284ad677a9 ("PCI: keystone: Add support for PCIe EP in AM654x Platforms")
+Signed-off-by: Kishon Vijay Abraham I <kishon@ti.com>
+Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
+Cc: stable@vger.kernel.org # v5.2+
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/controller/dwc/pci-keystone.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/pci/controller/dwc/pci-keystone.c
++++ b/drivers/pci/controller/dwc/pci-keystone.c
+@@ -1354,7 +1354,7 @@ static int __init ks_pcie_probe(struct p
+ ret = of_property_read_u32(np, "num-viewport", &num_viewport);
+ if (ret < 0) {
+ dev_err(dev, "unable to read *num-viewport* property\n");
+- return ret;
++ goto err_get_sync;
+ }
+
+ /*
--- /dev/null
+From 6df19872d881641e6394f93ef2938cffcbdae5bb Mon Sep 17 00:00:00 2001
+From: Yurii Monakov <monakov.y@gmail.com>
+Date: Tue, 17 Dec 2019 14:38:36 +0300
+Subject: PCI: keystone: Fix link training retries initiation
+
+From: Yurii Monakov <monakov.y@gmail.com>
+
+commit 6df19872d881641e6394f93ef2938cffcbdae5bb upstream.
+
+ks_pcie_stop_link() function does not clear LTSSM_EN_VAL bit so
+link training was not triggered more than once after startup.
+In configurations where link can be unstable during early boot,
+for example, under low temperature, it will never be established.
+
+Fixes: 0c4ffcfe1fbc ("PCI: keystone: Add TI Keystone PCIe driver")
+Signed-off-by: Yurii Monakov <monakov.y@gmail.com>
+Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
+Acked-by: Andrew Murray <andrew.murray@arm.com>
+Cc: stable@vger.kernel.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/controller/dwc/pci-keystone.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/pci/controller/dwc/pci-keystone.c
++++ b/drivers/pci/controller/dwc/pci-keystone.c
+@@ -510,7 +510,7 @@ static void ks_pcie_stop_link(struct dw_
+ /* Disable Link training */
+ val = ks_pcie_app_readl(ks_pcie, CMD_STATUS);
+ val &= ~LTSSM_EN_VAL;
+- ks_pcie_app_writel(ks_pcie, CMD_STATUS, LTSSM_EN_VAL | val);
++ ks_pcie_app_writel(ks_pcie, CMD_STATUS, val);
+ }
+
+ static int ks_pcie_start_link(struct dw_pcie *pci)
--- /dev/null
+From 2d0c3fbe43fa0e6fcb7a6c755c5f4cd702c0d2f4 Mon Sep 17 00:00:00 2001
+From: Yurii Monakov <monakov.y@gmail.com>
+Date: Fri, 4 Oct 2019 18:48:11 +0300
+Subject: PCI: keystone: Fix outbound region mapping
+
+From: Yurii Monakov <monakov.y@gmail.com>
+
+commit 2d0c3fbe43fa0e6fcb7a6c755c5f4cd702c0d2f4 upstream.
+
+The Keystone outbound Address Translation Unit (ATU) maps PCI MMIO space in
+8 MB windows. When programming the ATU windows, we previously incremented
+the starting address by 8, not 8 MB, so all the windows were mapped to the
+first 8 MB. Therefore, only 8 MB of MMIO space was accessible.
+
+Update the loop so it increments the starting address by 8 MB, not 8, so
+more MMIO space is accessible.
+
+Fixes: e75043ad9792 ("PCI: keystone: Cleanup outbound window configuration")
+Link: https://lore.kernel.org/r/20191004154811.GA31397@monakov-y.office.kontur-niirs.ru
+Signed-off-by: Yurii Monakov <monakov.y@gmail.com>
+[bhelgaas: commit log]
+Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
+Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
+Acked-by: Andrew Murray <andrew.murray@arm.com>
+Acked-by: Kishon Vijay Abraham I <kishon@ti.com>
+Cc: stable@vger.kernel.org # v4.20+
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/controller/dwc/pci-keystone.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/pci/controller/dwc/pci-keystone.c
++++ b/drivers/pci/controller/dwc/pci-keystone.c
+@@ -422,7 +422,7 @@ static void ks_pcie_setup_rc_app_regs(st
+ lower_32_bits(start) | OB_ENABLEN);
+ ks_pcie_app_writel(ks_pcie, OB_OFFSET_HI(i),
+ upper_32_bits(start));
+- start += OB_WIN_SIZE;
++ start += OB_WIN_SIZE * SZ_1M;
+ }
+
+ val = ks_pcie_app_readl(ks_pcie, CMD_STATUS);
--- /dev/null
+From 885199148442f56b880995d703d2ed03b6481a3c Mon Sep 17 00:00:00 2001
+From: David Engraf <david.engraf@sysgo.com>
+Date: Mon, 16 Dec 2019 12:18:25 +0100
+Subject: PCI: tegra: Fix return value check of pm_runtime_get_sync()
+
+From: David Engraf <david.engraf@sysgo.com>
+
+commit 885199148442f56b880995d703d2ed03b6481a3c upstream.
+
+pm_runtime_get_sync() returns the device's usage counter. This might
+be >0 if the device is already powered up or CONFIG_PM is disabled.
+
+Abort probe function on real error only.
+
+Fixes: da76ba50963b ("PCI: tegra: Add power management support")
+Link: https://lore.kernel.org/r/20191216111825.28136-1-david.engraf@sysgo.com
+Signed-off-by: David Engraf <david.engraf@sysgo.com>
+Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
+Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
+Acked-by: Andrew Murray <andrew.murray@arm.com>
+Cc: stable@vger.kernel.org # v4.17+
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/controller/pci-tegra.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/pci/controller/pci-tegra.c
++++ b/drivers/pci/controller/pci-tegra.c
+@@ -2798,7 +2798,7 @@ static int tegra_pcie_probe(struct platf
+
+ pm_runtime_enable(pcie->dev);
+ err = pm_runtime_get_sync(pcie->dev);
+- if (err) {
++ if (err < 0) {
+ dev_err(dev, "fail to enable pcie controller: %d\n", err);
+ goto teardown_msi;
+ }
powerpc-32s-fix-bad_kuap_fault.patch
powerpc-32s-fix-cpu-wake-up-from-sleep-mode.patch
tracing-fix-now-invalid-var_ref_vals-assumption-in-t.patch
+pci-tegra-fix-return-value-check-of-pm_runtime_get_sync.patch
+pci-keystone-fix-outbound-region-mapping.patch
+pci-keystone-fix-link-training-retries-initiation.patch
+pci-keystone-fix-error-handling-when-num-viewport-dt-property-is-not-populated.patch
+mmc-spi-toggle-spi-polarity-do-not-hardcode-it.patch
+acpi-video-do-not-export-a-non-working-backlight-interface-on-msi-ms-7721-boards.patch
+acpi-battery-deal-with-design-or-full-capacity-being-reported-as-1.patch
+acpi-battery-use-design-cap-for-capacity-calculations-if-full-cap-is-not-available.patch
+acpi-battery-deal-better-with-neither-design-nor-full-capacity-not-being-reported.patch
+alarmtimer-unregister-wakeup-source-when-module-get-fails.patch
+fscrypt-don-t-print-name-of-busy-file-when-removing-key.patch
+ubifs-don-t-trigger-assertion-on-invalid-no-key-filename.patch
+ubifs-fix-wrong-memory-allocation.patch
+ubifs-fix-fs_ioc_setflags-unexpectedly-clearing-encrypt-flag.patch
+ubifs-fix-deadlock-in-concurrent-bulk-read-and-writepage.patch
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
- kernel/trace/trace_events_hist.c | 53 +++++++++++++++++++++++---------
+ kernel/trace/trace_events_hist.c | 53 +++++++++++++++++++++++++++------------
1 file changed, 38 insertions(+), 15 deletions(-)
-diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c
-index 205692181e7bc..4be7fc84d6b6a 100644
--- a/kernel/trace/trace_events_hist.c
+++ b/kernel/trace/trace_events_hist.c
@@ -470,11 +470,12 @@ struct action_data {
struct synth_event *synth_event;
bool use_trace_keyword;
char *synth_event_name;
-@@ -875,14 +876,14 @@ static struct trace_event_functions synth_event_funcs = {
+@@ -875,14 +876,14 @@ static struct trace_event_functions synt
static notrace void trace_event_raw_event_synth(void *__data,
u64 *var_ref_vals,
int fields_size = 0;
event = trace_file->event_call->data;
-@@ -905,15 +906,16 @@ static notrace void trace_event_raw_event_synth(void *__data,
+@@ -905,15 +906,16 @@ static notrace void trace_event_raw_even
goto out;
for (i = 0, n_u64 = 0; i < event->n_fields; i++) {
switch (field->size) {
case 1:
-@@ -1113,10 +1115,10 @@ static struct tracepoint *alloc_synth_tracepoint(char *name)
+@@ -1113,10 +1115,10 @@ static struct tracepoint *alloc_synth_tr
}
typedef void (*synth_probe_func_t) (void *__data, u64 *var_ref_vals,
{
struct tracepoint *tp = event->tp;
-@@ -2655,6 +2657,22 @@ static int init_var_ref(struct hist_field *ref_field,
+@@ -2655,6 +2657,22 @@ static int init_var_ref(struct hist_fiel
goto out;
}
/**
* create_var_ref - Create a variable reference and attach it to trigger
* @hist_data: The trigger that will be referencing the variable
-@@ -4228,11 +4246,11 @@ static int trace_action_create(struct hist_trigger_data *hist_data,
+@@ -4228,11 +4246,11 @@ static int trace_action_create(struct hi
struct trace_array *tr = hist_data->event_file->tr;
char *event_name, *param, *system = NULL;
struct hist_field *hist_field, *var_ref;
lockdep_assert_held(&event_mutex);
-@@ -4249,8 +4267,6 @@ static int trace_action_create(struct hist_trigger_data *hist_data,
+@@ -4249,8 +4267,6 @@ static int trace_action_create(struct hi
event->ref++;
for (i = 0; i < data->n_params; i++) {
char *p;
-@@ -4299,6 +4315,14 @@ static int trace_action_create(struct hist_trigger_data *hist_data,
+@@ -4299,6 +4315,14 @@ static int trace_action_create(struct hi
goto err;
}
field_pos++;
kfree(p);
continue;
-@@ -4317,7 +4341,6 @@ static int trace_action_create(struct hist_trigger_data *hist_data,
+@@ -4317,7 +4341,6 @@ static int trace_action_create(struct hi
}
data->synth_event = event;
out:
return ret;
err:
---
-2.20.1
-
--- /dev/null
+From f0d07a98a070bb5e443df19c3aa55693cbca9341 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Mon, 20 Jan 2020 14:31:59 -0800
+Subject: ubifs: don't trigger assertion on invalid no-key filename
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit f0d07a98a070bb5e443df19c3aa55693cbca9341 upstream.
+
+If userspace provides an invalid fscrypt no-key filename which encodes a
+hash value with any of the UBIFS node type bits set (i.e. the high 3
+bits), gracefully report ENOENT rather than triggering ubifs_assert().
+
+Test case with kvm-xfstests shell:
+
+ . fs/ubifs/config
+ . ~/xfstests/common/encrypt
+ dev=$(__blkdev_to_ubi_volume /dev/vdc)
+ ubiupdatevol $dev -t
+ mount $dev /mnt -t ubifs
+ mkdir /mnt/edir
+ xfs_io -c set_encpolicy /mnt/edir
+ rm /mnt/edir/_,,,,,DAAAAAAAAAAAAAAAAAAAAAAAAAA
+
+With the bug, the following assertion fails on the 'rm' command:
+
+ [ 19.066048] UBIFS error (ubi0:0 pid 379): ubifs_assert_failed: UBIFS assert failed: !(hash & ~UBIFS_S_KEY_HASH_MASK), in fs/ubifs/key.h:170
+
+Fixes: f4f61d2cc6d8 ("ubifs: Implement encrypted filenames")
+Cc: <stable@vger.kernel.org> # v4.10+
+Link: https://lore.kernel.org/r/20200120223201.241390-5-ebiggers@kernel.org
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/ubifs/dir.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/fs/ubifs/dir.c
++++ b/fs/ubifs/dir.c
+@@ -228,6 +228,8 @@ static struct dentry *ubifs_lookup(struc
+ if (nm.hash) {
+ ubifs_assert(c, fname_len(&nm) == 0);
+ ubifs_assert(c, fname_name(&nm) == NULL);
++ if (nm.hash & ~UBIFS_S_KEY_HASH_MASK)
++ goto done; /* ENOENT */
+ dent_key_init_hash(c, &key, dir->i_ino, nm.hash);
+ err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash);
+ } else {
--- /dev/null
+From f5de5b83303e61b1f3fb09bd77ce3ac2d7a475f2 Mon Sep 17 00:00:00 2001
+From: Zhihao Cheng <chengzhihao1@huawei.com>
+Date: Sat, 11 Jan 2020 17:50:36 +0800
+Subject: ubifs: Fix deadlock in concurrent bulk-read and writepage
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Zhihao Cheng <chengzhihao1@huawei.com>
+
+commit f5de5b83303e61b1f3fb09bd77ce3ac2d7a475f2 upstream.
+
+In ubifs, concurrent execution of writepage and bulk read on the same file
+may cause ABBA deadlock, for example (Reproduce method see Link):
+
+Process A(Bulk-read starts from page4) Process B(write page4 back)
+ vfs_read wb_workfn or fsync
+ ... ...
+ generic_file_buffered_read write_cache_pages
+ ubifs_readpage LOCK(page4)
+
+ ubifs_bulk_read ubifs_writepage
+ LOCK(ui->ui_mutex) ubifs_write_inode
+
+ ubifs_do_bulk_read LOCK(ui->ui_mutex)
+ find_or_create_page(alloc page4) ↑
+ LOCK(page4) <-- ABBA deadlock occurs!
+
+In order to ensure the serialization execution of bulk read, we can't
+remove the big lock 'ui->ui_mutex' in ubifs_bulk_read(). Instead, we
+allow ubifs_do_bulk_read() to lock page failed by replacing
+find_or_create_page(FGP_LOCK) with
+pagecache_get_page(FGP_LOCK | FGP_NOWAIT).
+
+Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
+Suggested-by: zhangyi (F) <yi.zhang@huawei.com>
+Cc: <Stable@vger.kernel.org>
+Fixes: 4793e7c5e1c ("UBIFS: add bulk-read facility")
+Link: https://bugzilla.kernel.org/show_bug.cgi?id=206153
+Signed-off-by: Richard Weinberger <richard@nod.at>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/ubifs/file.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/fs/ubifs/file.c
++++ b/fs/ubifs/file.c
+@@ -786,7 +786,9 @@ static int ubifs_do_bulk_read(struct ubi
+
+ if (page_offset > end_index)
+ break;
+- page = find_or_create_page(mapping, page_offset, ra_gfp_mask);
++ page = pagecache_get_page(mapping, page_offset,
++ FGP_LOCK|FGP_ACCESSED|FGP_CREAT|FGP_NOWAIT,
++ ra_gfp_mask);
+ if (!page)
+ break;
+ if (!PageUptodate(page))
--- /dev/null
+From 2b57067a7778484c10892fa191997bfda29fea13 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Mon, 9 Dec 2019 14:23:24 -0800
+Subject: ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit 2b57067a7778484c10892fa191997bfda29fea13 upstream.
+
+UBIFS's implementation of FS_IOC_SETFLAGS fails to preserve existing
+inode flags that aren't settable by FS_IOC_SETFLAGS, namely the encrypt
+flag. This causes the encrypt flag to be unexpectedly cleared.
+
+Fix it by preserving existing unsettable flags, like ext4 and f2fs do.
+
+Test case with kvm-xfstests shell:
+
+ FSTYP=ubifs KEYCTL_PROG=keyctl
+ . fs/ubifs/config
+ . ~/xfstests/common/encrypt
+ dev=$(__blkdev_to_ubi_volume /dev/vdc)
+ ubiupdatevol -t $dev
+ mount $dev /mnt -t ubifs
+ k=$(_generate_session_encryption_key)
+ mkdir /mnt/edir
+ xfs_io -c "set_encpolicy $k" /mnt/edir
+ echo contents > /mnt/edir/file
+ chattr +i /mnt/edir/file
+ chattr -i /mnt/edir/file
+
+With the bug, the following errors occur on the last command:
+
+ [ 18.081559] fscrypt (ubifs, inode 67): Inconsistent encryption context (parent directory: 65)
+ chattr: Operation not permitted while reading flags on /mnt/edir/file
+
+Fixes: d475a507457b ("ubifs: Add skeleton for fscrypto")
+Cc: <stable@vger.kernel.org> # v4.10+
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Richard Weinberger <richard@nod.at>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/ubifs/ioctl.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/fs/ubifs/ioctl.c
++++ b/fs/ubifs/ioctl.c
+@@ -113,7 +113,8 @@ static int setflags(struct inode *inode,
+ if (err)
+ goto out_unlock;
+
+- ui->flags = ioctl2ubifs(flags);
++ ui->flags &= ~ioctl2ubifs(UBIFS_SUPPORTED_IOCTL_FLAGS);
++ ui->flags |= ioctl2ubifs(flags);
+ ubifs_set_inode_flags(inode);
+ inode->i_ctime = current_time(inode);
+ release = ui->dirty;
--- /dev/null
+From edec51374bce779f37fc209a228139c55d90ec8d Mon Sep 17 00:00:00 2001
+From: Sascha Hauer <s.hauer@pengutronix.de>
+Date: Wed, 4 Dec 2019 11:09:58 +0100
+Subject: ubifs: Fix wrong memory allocation
+
+From: Sascha Hauer <s.hauer@pengutronix.de>
+
+commit edec51374bce779f37fc209a228139c55d90ec8d upstream.
+
+In create_default_filesystem() when we allocate the idx node we must use
+the idx_node_size we calculated just one line before, not tmp, which
+contains completely other data.
+
+Fixes: c4de6d7e4319 ("ubifs: Refactor create_default_filesystem()")
+Cc: stable@vger.kernel.org # v4.20+
+Reported-by: Naga Sureshkumar Relli <nagasure@xilinx.com>
+Tested-by: Naga Sureshkumar Relli <nagasure@xilinx.com>
+Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
+Signed-off-by: Richard Weinberger <richard@nod.at>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/ubifs/sb.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/fs/ubifs/sb.c
++++ b/fs/ubifs/sb.c
+@@ -161,7 +161,7 @@ static int create_default_filesystem(str
+ sup = kzalloc(ALIGN(UBIFS_SB_NODE_SZ, c->min_io_size), GFP_KERNEL);
+ mst = kzalloc(c->mst_node_alsz, GFP_KERNEL);
+ idx_node_size = ubifs_idx_node_sz(c, 1);
+- idx = kzalloc(ALIGN(tmp, c->min_io_size), GFP_KERNEL);
++ idx = kzalloc(ALIGN(idx_node_size, c->min_io_size), GFP_KERNEL);
+ ino = kzalloc(ALIGN(UBIFS_INO_NODE_SZ, c->min_io_size), GFP_KERNEL);
+ cs = kzalloc(ALIGN(UBIFS_CS_NODE_SZ, c->min_io_size), GFP_KERNEL);
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
