--- /dev/null
+From ff3154d1d89a2343fd5f82e65bc0cf1d4e6659b3 Mon Sep 17 00:00:00 2001
+From: Hans de Goede <hdegoede@redhat.com>
+Date: Tue, 10 Dec 2019 10:57:52 +0100
+Subject: ACPI / battery: Deal better with neither design nor full capacity not being reported
+
+From: Hans de Goede <hdegoede@redhat.com>
+
+commit ff3154d1d89a2343fd5f82e65bc0cf1d4e6659b3 upstream.
+
+Commit b41901a2cf06 ("ACPI / battery: Do not export energy_full[_design] on
+devices without full_charge_capacity") added support for some (broken)
+devices which always report 0 for both design_capacity and
+full_charge_capacity.
+
+Since the device that commit was written as a fix for is not reporting any
+form of "full" capacity we cannot calculate the value for the
+POWER_SUPPLY_PROP_CAPACITY, this is worked around by using an alternative
+array of available properties which does not contain this property.
+
+This is necessary because userspace (upower) treats us returning -ENODEV
+as 0 and then typically will trigger an emergency shutdown because of that.
+Userspace does not do this if the capacity sysfs attribute is not present
+at all.
+
+There are two potential problems with that commit:
+ 1) It assumes that both full_charge- and design-capacity are broken at the
+ same time and only checks if full_charge- is broken.
+ 2) It assumes that this only ever happens for devices which report energy
+ units rather then charge units.
+
+This commit fixes both issues by only using the alternative
+array of available properties if both full_charge- and design-capacity are
+broken and by also adding an alternative array of available properties for
+devices using mA units.
+
+Fixes: b41901a2cf06 ("ACPI / battery: Do not export energy_full[_design] on devices without full_charge_capacity")
+Cc: 4.19+ <stable@vger.kernel.org> # 4.19+
+Signed-off-by: Hans de Goede <hdegoede@redhat.com>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/acpi/battery.c | 51 +++++++++++++++++++++++++++++++++++++------------
+ 1 file changed, 39 insertions(+), 12 deletions(-)
+
+--- a/drivers/acpi/battery.c
++++ b/drivers/acpi/battery.c
+@@ -342,6 +342,20 @@ static enum power_supply_property charge
+ POWER_SUPPLY_PROP_SERIAL_NUMBER,
+ };
+
++static enum power_supply_property charge_battery_full_cap_broken_props[] = {
++ POWER_SUPPLY_PROP_STATUS,
++ POWER_SUPPLY_PROP_PRESENT,
++ POWER_SUPPLY_PROP_TECHNOLOGY,
++ POWER_SUPPLY_PROP_CYCLE_COUNT,
++ POWER_SUPPLY_PROP_VOLTAGE_MIN_DESIGN,
++ POWER_SUPPLY_PROP_VOLTAGE_NOW,
++ POWER_SUPPLY_PROP_CURRENT_NOW,
++ POWER_SUPPLY_PROP_CHARGE_NOW,
++ POWER_SUPPLY_PROP_MODEL_NAME,
++ POWER_SUPPLY_PROP_MANUFACTURER,
++ POWER_SUPPLY_PROP_SERIAL_NUMBER,
++};
++
+ static enum power_supply_property energy_battery_props[] = {
+ POWER_SUPPLY_PROP_STATUS,
+ POWER_SUPPLY_PROP_PRESENT,
+@@ -803,21 +817,34 @@ static void __exit battery_hook_exit(voi
+ static int sysfs_add_battery(struct acpi_battery *battery)
+ {
+ struct power_supply_config psy_cfg = { .drv_data = battery, };
++ bool full_cap_broken = false;
++
++ if (!ACPI_BATTERY_CAPACITY_VALID(battery->full_charge_capacity) &&
++ !ACPI_BATTERY_CAPACITY_VALID(battery->design_capacity))
++ full_cap_broken = true;
+
+ if (battery->power_unit == ACPI_BATTERY_POWER_UNIT_MA) {
+- battery->bat_desc.properties = charge_battery_props;
+- battery->bat_desc.num_properties =
+- ARRAY_SIZE(charge_battery_props);
+- } else if (!ACPI_BATTERY_CAPACITY_VALID(
+- battery->full_charge_capacity)) {
+- battery->bat_desc.properties =
+- energy_battery_full_cap_broken_props;
+- battery->bat_desc.num_properties =
+- ARRAY_SIZE(energy_battery_full_cap_broken_props);
++ if (full_cap_broken) {
++ battery->bat_desc.properties =
++ charge_battery_full_cap_broken_props;
++ battery->bat_desc.num_properties =
++ ARRAY_SIZE(charge_battery_full_cap_broken_props);
++ } else {
++ battery->bat_desc.properties = charge_battery_props;
++ battery->bat_desc.num_properties =
++ ARRAY_SIZE(charge_battery_props);
++ }
+ } else {
+- battery->bat_desc.properties = energy_battery_props;
+- battery->bat_desc.num_properties =
+- ARRAY_SIZE(energy_battery_props);
++ if (full_cap_broken) {
++ battery->bat_desc.properties =
++ energy_battery_full_cap_broken_props;
++ battery->bat_desc.num_properties =
++ ARRAY_SIZE(energy_battery_full_cap_broken_props);
++ } else {
++ battery->bat_desc.properties = energy_battery_props;
++ battery->bat_desc.num_properties =
++ ARRAY_SIZE(energy_battery_props);
++ }
+ }
+
+ battery->bat_desc.name = acpi_device_bid(battery->device);
--- /dev/null
+From cc99f0ad52467028cb1251160f23ad4bb65baf20 Mon Sep 17 00:00:00 2001
+From: Hans de Goede <hdegoede@redhat.com>
+Date: Tue, 10 Dec 2019 10:57:50 +0100
+Subject: ACPI / battery: Deal with design or full capacity being reported as -1
+
+From: Hans de Goede <hdegoede@redhat.com>
+
+commit cc99f0ad52467028cb1251160f23ad4bb65baf20 upstream.
+
+Commit b41901a2cf06 ("ACPI / battery: Do not export energy_full[_design]
+on devices without full_charge_capacity") added support for some (broken)
+devices which always report 0 for both design- and full_charge-capacity.
+
+This assumes that if the capacity is not being reported it is 0. The
+ThunderSoft TS178 tablet's _BIX implementation falsifies this assumption.
+It reports ACPI_BATTERY_VALUE_UNKNOWN (-1) as full_charge_capacity, which
+we treat as a valid value which causes several problems.
+
+This commit fixes this by adding a new ACPI_BATTERY_CAPACITY_VALID() helper
+which checks that the value is not 0 and not -1; and using this whenever we
+need to test if either design_capacity or full_charge_capacity is valid.
+
+Fixes: b41901a2cf06 ("ACPI / battery: Do not export energy_full[_design] on devices without full_charge_capacity")
+Cc: 4.19+ <stable@vger.kernel.org> # 4.19+
+Signed-off-by: Hans de Goede <hdegoede@redhat.com>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/acpi/battery.c | 19 ++++++++++++-------
+ 1 file changed, 12 insertions(+), 7 deletions(-)
+
+--- a/drivers/acpi/battery.c
++++ b/drivers/acpi/battery.c
+@@ -38,6 +38,8 @@
+ #define PREFIX "ACPI: "
+
+ #define ACPI_BATTERY_VALUE_UNKNOWN 0xFFFFFFFF
++#define ACPI_BATTERY_CAPACITY_VALID(capacity) \
++ ((capacity) != 0 && (capacity) != ACPI_BATTERY_VALUE_UNKNOWN)
+
+ #define ACPI_BATTERY_DEVICE_NAME "Battery"
+
+@@ -192,7 +194,8 @@ static int acpi_battery_is_charged(struc
+
+ static bool acpi_battery_is_degraded(struct acpi_battery *battery)
+ {
+- return battery->full_charge_capacity && battery->design_capacity &&
++ return ACPI_BATTERY_CAPACITY_VALID(battery->full_charge_capacity) &&
++ ACPI_BATTERY_CAPACITY_VALID(battery->design_capacity) &&
+ battery->full_charge_capacity < battery->design_capacity;
+ }
+
+@@ -263,14 +266,14 @@ static int acpi_battery_get_property(str
+ break;
+ case POWER_SUPPLY_PROP_CHARGE_FULL_DESIGN:
+ case POWER_SUPPLY_PROP_ENERGY_FULL_DESIGN:
+- if (battery->design_capacity == ACPI_BATTERY_VALUE_UNKNOWN)
++ if (!ACPI_BATTERY_CAPACITY_VALID(battery->design_capacity))
+ ret = -ENODEV;
+ else
+ val->intval = battery->design_capacity * 1000;
+ break;
+ case POWER_SUPPLY_PROP_CHARGE_FULL:
+ case POWER_SUPPLY_PROP_ENERGY_FULL:
+- if (battery->full_charge_capacity == ACPI_BATTERY_VALUE_UNKNOWN)
++ if (!ACPI_BATTERY_CAPACITY_VALID(battery->full_charge_capacity))
+ ret = -ENODEV;
+ else
+ val->intval = battery->full_charge_capacity * 1000;
+@@ -283,11 +286,12 @@ static int acpi_battery_get_property(str
+ val->intval = battery->capacity_now * 1000;
+ break;
+ case POWER_SUPPLY_PROP_CAPACITY:
+- if (battery->capacity_now && battery->full_charge_capacity)
++ if (battery->capacity_now == ACPI_BATTERY_VALUE_UNKNOWN ||
++ !ACPI_BATTERY_CAPACITY_VALID(battery->full_charge_capacity))
++ ret = -ENODEV;
++ else
+ val->intval = battery->capacity_now * 100/
+ battery->full_charge_capacity;
+- else
+- val->intval = 0;
+ break;
+ case POWER_SUPPLY_PROP_CAPACITY_LEVEL:
+ if (battery->state & ACPI_BATTERY_STATE_CRITICAL)
+@@ -799,7 +803,8 @@ static int sysfs_add_battery(struct acpi
+ battery->bat_desc.properties = charge_battery_props;
+ battery->bat_desc.num_properties =
+ ARRAY_SIZE(charge_battery_props);
+- } else if (battery->full_charge_capacity == 0) {
++ } else if (!ACPI_BATTERY_CAPACITY_VALID(
++ battery->full_charge_capacity)) {
+ battery->bat_desc.properties =
+ energy_battery_full_cap_broken_props;
+ battery->bat_desc.num_properties =
--- /dev/null
+From 5b74d1d16e2f5753fcbdecd6771b2d8370dda414 Mon Sep 17 00:00:00 2001
+From: Hans de Goede <hdegoede@redhat.com>
+Date: Tue, 10 Dec 2019 10:57:51 +0100
+Subject: ACPI / battery: Use design-cap for capacity calculations if full-cap is not available
+
+From: Hans de Goede <hdegoede@redhat.com>
+
+commit 5b74d1d16e2f5753fcbdecd6771b2d8370dda414 upstream.
+
+The ThunderSoft TS178 tablet's _BIX implementation reports design_capacity
+but not full_charge_capacity.
+
+Before this commit this would cause us to return -ENODEV for the capacity
+attribute, which userspace does not like. Specifically upower does this:
+
+ if (sysfs_file_exists (native_path, "capacity")) {
+ percentage = sysfs_get_double (native_path, "capacity");
+
+Where the sysfs_get_double() helper returns 0 when we return -ENODEV,
+so the battery always reads 0% if we return -ENODEV.
+
+This commit fixes this by using the design-capacity instead of the
+full-charge-capacity when the full-charge-capacity is not available.
+
+Fixes: b41901a2cf06 ("ACPI / battery: Do not export energy_full[_design] on devices without full_charge_capacity")
+Cc: 4.19+ <stable@vger.kernel.org> # 4.19+
+Signed-off-by: Hans de Goede <hdegoede@redhat.com>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/acpi/battery.c | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+--- a/drivers/acpi/battery.c
++++ b/drivers/acpi/battery.c
+@@ -217,7 +217,7 @@ static int acpi_battery_get_property(str
+ enum power_supply_property psp,
+ union power_supply_propval *val)
+ {
+- int ret = 0;
++ int full_capacity = ACPI_BATTERY_VALUE_UNKNOWN, ret = 0;
+ struct acpi_battery *battery = to_acpi_battery(psy);
+
+ if (acpi_battery_present(battery)) {
+@@ -286,12 +286,17 @@ static int acpi_battery_get_property(str
+ val->intval = battery->capacity_now * 1000;
+ break;
+ case POWER_SUPPLY_PROP_CAPACITY:
++ if (ACPI_BATTERY_CAPACITY_VALID(battery->full_charge_capacity))
++ full_capacity = battery->full_charge_capacity;
++ else if (ACPI_BATTERY_CAPACITY_VALID(battery->design_capacity))
++ full_capacity = battery->design_capacity;
++
+ if (battery->capacity_now == ACPI_BATTERY_VALUE_UNKNOWN ||
+- !ACPI_BATTERY_CAPACITY_VALID(battery->full_charge_capacity))
++ full_capacity == ACPI_BATTERY_VALUE_UNKNOWN)
+ ret = -ENODEV;
+ else
+ val->intval = battery->capacity_now * 100/
+- battery->full_charge_capacity;
++ full_capacity;
+ break;
+ case POWER_SUPPLY_PROP_CAPACITY_LEVEL:
+ if (battery->state & ACPI_BATTERY_STATE_CRITICAL)
--- /dev/null
+From d21a91629f4b8e794fc4c0e0c17c85cedf1d806c Mon Sep 17 00:00:00 2001
+From: Hans de Goede <hdegoede@redhat.com>
+Date: Tue, 17 Dec 2019 20:08:11 +0100
+Subject: ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards
+
+From: Hans de Goede <hdegoede@redhat.com>
+
+commit d21a91629f4b8e794fc4c0e0c17c85cedf1d806c upstream.
+
+Despite our heuristics to not wrongly export a non working ACPI backlight
+interface on desktop machines, we still end up exporting one on desktops
+using a motherboard from the MSI MS-7721 series.
+
+I've looked at improving the heuristics, but in this case a quirk seems
+to be the only way to solve this.
+
+While at it also add a comment to separate the video_detect_force_none
+entries in the video_detect_dmi_table from other type of entries, as we
+already do for the other entry types.
+
+Cc: All applicable <stable@vger.kernel.org>
+BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1783786
+Signed-off-by: Hans de Goede <hdegoede@redhat.com>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/acpi/video_detect.c | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+
+--- a/drivers/acpi/video_detect.c
++++ b/drivers/acpi/video_detect.c
+@@ -336,6 +336,11 @@ static const struct dmi_system_id video_
+ DMI_MATCH(DMI_PRODUCT_NAME, "Precision 7510"),
+ },
+ },
++
++ /*
++ * Desktops which falsely report a backlight and which our heuristics
++ * for this do not catch.
++ */
+ {
+ .callback = video_detect_force_none,
+ .ident = "Dell OptiPlex 9020M",
+@@ -344,6 +349,14 @@ static const struct dmi_system_id video_
+ DMI_MATCH(DMI_PRODUCT_NAME, "OptiPlex 9020M"),
+ },
+ },
++ {
++ .callback = video_detect_force_none,
++ .ident = "MSI MS-7721",
++ .matches = {
++ DMI_MATCH(DMI_SYS_VENDOR, "MSI"),
++ DMI_MATCH(DMI_PRODUCT_NAME, "MS-7721"),
++ },
++ },
+ { },
+ };
+
--- /dev/null
+From 6b6d188aae79a630957aefd88ff5c42af6553ee3 Mon Sep 17 00:00:00 2001
+From: Stephen Boyd <swboyd@chromium.org>
+Date: Thu, 9 Jan 2020 07:59:07 -0800
+Subject: alarmtimer: Unregister wakeup source when module get fails
+
+From: Stephen Boyd <swboyd@chromium.org>
+
+commit 6b6d188aae79a630957aefd88ff5c42af6553ee3 upstream.
+
+The alarmtimer_rtc_add_device() function creates a wakeup source and then
+tries to grab a module reference. If that fails the function returns early
+with an error code, but fails to remove the wakeup source.
+
+Cleanup this exit path so there is no dangling wakeup source, which is
+named 'alarmtime' left allocated which will conflict with another RTC
+device that may be registered later.
+
+Fixes: 51218298a25e ("alarmtimer: Ensure RTC module is not unloaded")
+Signed-off-by: Stephen Boyd <swboyd@chromium.org>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Reviewed-by: Douglas Anderson <dianders@chromium.org>
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/20200109155910.907-2-swboyd@chromium.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ kernel/time/alarmtimer.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+--- a/kernel/time/alarmtimer.c
++++ b/kernel/time/alarmtimer.c
+@@ -88,6 +88,7 @@ static int alarmtimer_rtc_add_device(str
+ unsigned long flags;
+ struct rtc_device *rtc = to_rtc_device(dev);
+ struct wakeup_source *__ws;
++ int ret = 0;
+
+ if (rtcdev)
+ return -EBUSY;
+@@ -102,8 +103,8 @@ static int alarmtimer_rtc_add_device(str
+ spin_lock_irqsave(&rtcdev_lock, flags);
+ if (!rtcdev) {
+ if (!try_module_get(rtc->owner)) {
+- spin_unlock_irqrestore(&rtcdev_lock, flags);
+- return -1;
++ ret = -1;
++ goto unlock;
+ }
+
+ rtcdev = rtc;
+@@ -112,11 +113,12 @@ static int alarmtimer_rtc_add_device(str
+ ws = __ws;
+ __ws = NULL;
+ }
++unlock:
+ spin_unlock_irqrestore(&rtcdev_lock, flags);
+
+ wakeup_source_unregister(__ws);
+
+- return 0;
++ return ret;
+ }
+
+ static inline void alarmtimer_rtc_timer_init(void)
--- /dev/null
+From 13a10da94615d81087e718517794f2868a8b3fab Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Sun, 19 Jan 2020 22:07:32 -0800
+Subject: fscrypt: don't print name of busy file when removing key
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit 13a10da94615d81087e718517794f2868a8b3fab upstream.
+
+When an encryption key can't be fully removed due to file(s) protected
+by it still being in-use, we shouldn't really print the path to one of
+these files to the kernel log, since parts of this path are likely to be
+encrypted on-disk, and (depending on how the system is set up) the
+confidentiality of this path might be lost by printing it to the log.
+
+This is a trade-off: a single file path often doesn't matter at all,
+especially if it's a directory; the kernel log might still be protected
+in some way; and I had originally hoped that any "inode(s) still busy"
+bugs (which are security weaknesses in their own right) would be quickly
+fixed and that to do so it would be super helpful to always know the
+file path and not have to run 'find dir -inum $inum' after the fact.
+
+But in practice, these bugs can be hard to fix (e.g. due to asynchronous
+process killing that is difficult to eliminate, for performance
+reasons), and also not tied to specific files, so knowing a file path
+doesn't necessarily help.
+
+So to be safe, for now let's just show the inode number, not the path.
+If someone really wants to know a path they can use 'find -inum'.
+
+Fixes: b1c0ec3599f4 ("fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl")
+Cc: <stable@vger.kernel.org> # v5.4+
+Link: https://lore.kernel.org/r/20200120060732.390362-1-ebiggers@kernel.org
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/crypto/keyring.c | 15 ++-------------
+ 1 file changed, 2 insertions(+), 13 deletions(-)
+
+--- a/fs/crypto/keyring.c
++++ b/fs/crypto/keyring.c
+@@ -666,9 +666,6 @@ static int check_for_busy_inodes(struct
+ struct list_head *pos;
+ size_t busy_count = 0;
+ unsigned long ino;
+- struct dentry *dentry;
+- char _path[256];
+- char *path = NULL;
+
+ spin_lock(&mk->mk_decrypted_inodes_lock);
+
+@@ -687,22 +684,14 @@ static int check_for_busy_inodes(struct
+ struct fscrypt_info,
+ ci_master_key_link)->ci_inode;
+ ino = inode->i_ino;
+- dentry = d_find_alias(inode);
+ }
+ spin_unlock(&mk->mk_decrypted_inodes_lock);
+
+- if (dentry) {
+- path = dentry_path(dentry, _path, sizeof(_path));
+- dput(dentry);
+- }
+- if (IS_ERR_OR_NULL(path))
+- path = "(unknown)";
+-
+ fscrypt_warn(NULL,
+- "%s: %zu inode(s) still busy after removing key with %s %*phN, including ino %lu (%s)",
++ "%s: %zu inode(s) still busy after removing key with %s %*phN, including ino %lu",
+ sb->s_id, busy_count, master_key_spec_type(&mk->mk_spec),
+ master_key_spec_len(&mk->mk_spec), (u8 *)&mk->mk_spec.u,
+- ino, path);
++ ino);
+ return -EBUSY;
+ }
+
--- /dev/null
+From af3ed119329cf9690598c5a562d95dfd128e91d6 Mon Sep 17 00:00:00 2001
+From: Linus Walleij <linus.walleij@linaro.org>
+Date: Wed, 4 Dec 2019 16:27:49 +0100
+Subject: mmc: spi: Toggle SPI polarity, do not hardcode it
+
+From: Linus Walleij <linus.walleij@linaro.org>
+
+commit af3ed119329cf9690598c5a562d95dfd128e91d6 upstream.
+
+The code in mmc_spi_initsequence() tries to send a burst with
+high chipselect and for this reason hardcodes the device into
+SPI_CS_HIGH.
+
+This is not good because the SPI_CS_HIGH flag indicates
+logical "asserted" CS not always the physical level. In
+some cases the signal is inverted in the GPIO library and
+in that case SPI_CS_HIGH is already set, and enforcing
+SPI_CS_HIGH again will actually drive it low.
+
+Instead of hard-coding this, toggle the polarity so if the
+default is LOW it goes high to assert chipselect but if it
+is already high then toggle it low instead.
+
+Cc: Phil Elwell <phil@raspberrypi.org>
+Reported-by: Mark Brown <broonie@kernel.org>
+Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
+Reviewed-by: Mark Brown <broonie@kernel.org>
+Link: https://lore.kernel.org/r/20191204152749.12652-1-linus.walleij@linaro.org
+Cc: stable@vger.kernel.org
+Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/mmc/host/mmc_spi.c | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+--- a/drivers/mmc/host/mmc_spi.c
++++ b/drivers/mmc/host/mmc_spi.c
+@@ -1134,17 +1134,22 @@ static void mmc_spi_initsequence(struct
+ * SPI protocol. Another is that when chipselect is released while
+ * the card returns BUSY status, the clock must issue several cycles
+ * with chipselect high before the card will stop driving its output.
++ *
++ * SPI_CS_HIGH means "asserted" here. In some cases like when using
++ * GPIOs for chip select, SPI_CS_HIGH is set but this will be logically
++ * inverted by gpiolib, so if we want to ascertain to drive it high
++ * we should toggle the default with an XOR as we do here.
+ */
+- host->spi->mode |= SPI_CS_HIGH;
++ host->spi->mode ^= SPI_CS_HIGH;
+ if (spi_setup(host->spi) != 0) {
+ /* Just warn; most cards work without it. */
+ dev_warn(&host->spi->dev,
+ "can't change chip-select polarity\n");
+- host->spi->mode &= ~SPI_CS_HIGH;
++ host->spi->mode ^= SPI_CS_HIGH;
+ } else {
+ mmc_spi_readbytes(host, 18);
+
+- host->spi->mode &= ~SPI_CS_HIGH;
++ host->spi->mode ^= SPI_CS_HIGH;
+ if (spi_setup(host->spi) != 0) {
+ /* Wot, we can't get the same setup we had before? */
+ dev_err(&host->spi->dev,
--- /dev/null
+From 2e34673be0bd6bb0c6c496a861cbc3f7431e7ce3 Mon Sep 17 00:00:00 2001
+From: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
+Date: Wed, 29 Jan 2020 11:14:00 -0800
+Subject: PCI/ATS: Use PF PASID for VFs
+
+From: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
+
+commit 2e34673be0bd6bb0c6c496a861cbc3f7431e7ce3 upstream.
+
+Per PCIe r5.0, sec 9.3.7.14, if a PF implements the PASID Capability, the
+PF PASID configuration is shared by its VFs, and VFs must not implement
+their own PASID Capability. But commit 751035b8dc06 ("PCI/ATS: Cache PASID
+Capability offset") changed pci_max_pasids() and pci_pasid_features() to
+use the PASID Capability of the VF device instead of the associated PF
+device. This leads to IOMMU bind failures when pci_max_pasids() and
+pci_pasid_features() are called for VFs.
+
+In pci_max_pasids() and pci_pasid_features(), always use the PF PASID
+Capability.
+
+Fixes: 751035b8dc06 ("PCI/ATS: Cache PASID Capability offset")
+Link: https://lore.kernel.org/r/fe891f9755cb18349389609e7fed9940fc5b081a.1580325170.git.sathyanarayanan.kuppuswamy@linux.intel.com
+Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
+Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
+CC: stable@vger.kernel.org # v5.5+
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/ats.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+--- a/drivers/pci/ats.c
++++ b/drivers/pci/ats.c
+@@ -424,11 +424,12 @@ void pci_restore_pasid_state(struct pci_
+ int pci_pasid_features(struct pci_dev *pdev)
+ {
+ u16 supported;
+- int pasid = pdev->pasid_cap;
++ int pasid;
+
+ if (pdev->is_virtfn)
+ pdev = pci_physfn(pdev);
+
++ pasid = pdev->pasid_cap;
+ if (!pasid)
+ return -EINVAL;
+
+@@ -451,11 +452,12 @@ int pci_pasid_features(struct pci_dev *p
+ int pci_max_pasids(struct pci_dev *pdev)
+ {
+ u16 supported;
+- int pasid = pdev->pasid_cap;
++ int pasid;
+
+ if (pdev->is_virtfn)
+ pdev = pci_physfn(pdev);
+
++ pasid = pdev->pasid_cap;
+ if (!pasid)
+ return -EINVAL;
+
--- /dev/null
+From b0de922af53eede340986a2d05b6cd4b6d6efa43 Mon Sep 17 00:00:00 2001
+From: Kishon Vijay Abraham I <kishon@ti.com>
+Date: Tue, 21 Jan 2020 17:27:34 +0530
+Subject: PCI: keystone: Fix error handling when "num-viewport" DT property is not populated
+
+From: Kishon Vijay Abraham I <kishon@ti.com>
+
+commit b0de922af53eede340986a2d05b6cd4b6d6efa43 upstream.
+
+Fix error handling when "num-viewport" DT property is not populated.
+
+Fixes: 23284ad677a9 ("PCI: keystone: Add support for PCIe EP in AM654x Platforms")
+Signed-off-by: Kishon Vijay Abraham I <kishon@ti.com>
+Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
+Cc: stable@vger.kernel.org # v5.2+
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/controller/dwc/pci-keystone.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/pci/controller/dwc/pci-keystone.c
++++ b/drivers/pci/controller/dwc/pci-keystone.c
+@@ -1354,7 +1354,7 @@ static int __init ks_pcie_probe(struct p
+ ret = of_property_read_u32(np, "num-viewport", &num_viewport);
+ if (ret < 0) {
+ dev_err(dev, "unable to read *num-viewport* property\n");
+- return ret;
++ goto err_get_sync;
+ }
+
+ /*
--- /dev/null
+From 6df19872d881641e6394f93ef2938cffcbdae5bb Mon Sep 17 00:00:00 2001
+From: Yurii Monakov <monakov.y@gmail.com>
+Date: Tue, 17 Dec 2019 14:38:36 +0300
+Subject: PCI: keystone: Fix link training retries initiation
+
+From: Yurii Monakov <monakov.y@gmail.com>
+
+commit 6df19872d881641e6394f93ef2938cffcbdae5bb upstream.
+
+ks_pcie_stop_link() function does not clear LTSSM_EN_VAL bit so
+link training was not triggered more than once after startup.
+In configurations where link can be unstable during early boot,
+for example, under low temperature, it will never be established.
+
+Fixes: 0c4ffcfe1fbc ("PCI: keystone: Add TI Keystone PCIe driver")
+Signed-off-by: Yurii Monakov <monakov.y@gmail.com>
+Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
+Acked-by: Andrew Murray <andrew.murray@arm.com>
+Cc: stable@vger.kernel.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/controller/dwc/pci-keystone.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/pci/controller/dwc/pci-keystone.c
++++ b/drivers/pci/controller/dwc/pci-keystone.c
+@@ -510,7 +510,7 @@ static void ks_pcie_stop_link(struct dw_
+ /* Disable Link training */
+ val = ks_pcie_app_readl(ks_pcie, CMD_STATUS);
+ val &= ~LTSSM_EN_VAL;
+- ks_pcie_app_writel(ks_pcie, CMD_STATUS, LTSSM_EN_VAL | val);
++ ks_pcie_app_writel(ks_pcie, CMD_STATUS, val);
+ }
+
+ static int ks_pcie_start_link(struct dw_pcie *pci)
--- /dev/null
+From 2d0c3fbe43fa0e6fcb7a6c755c5f4cd702c0d2f4 Mon Sep 17 00:00:00 2001
+From: Yurii Monakov <monakov.y@gmail.com>
+Date: Fri, 4 Oct 2019 18:48:11 +0300
+Subject: PCI: keystone: Fix outbound region mapping
+
+From: Yurii Monakov <monakov.y@gmail.com>
+
+commit 2d0c3fbe43fa0e6fcb7a6c755c5f4cd702c0d2f4 upstream.
+
+The Keystone outbound Address Translation Unit (ATU) maps PCI MMIO space in
+8 MB windows. When programming the ATU windows, we previously incremented
+the starting address by 8, not 8 MB, so all the windows were mapped to the
+first 8 MB. Therefore, only 8 MB of MMIO space was accessible.
+
+Update the loop so it increments the starting address by 8 MB, not 8, so
+more MMIO space is accessible.
+
+Fixes: e75043ad9792 ("PCI: keystone: Cleanup outbound window configuration")
+Link: https://lore.kernel.org/r/20191004154811.GA31397@monakov-y.office.kontur-niirs.ru
+Signed-off-by: Yurii Monakov <monakov.y@gmail.com>
+[bhelgaas: commit log]
+Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
+Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
+Acked-by: Andrew Murray <andrew.murray@arm.com>
+Acked-by: Kishon Vijay Abraham I <kishon@ti.com>
+Cc: stable@vger.kernel.org # v4.20+
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/controller/dwc/pci-keystone.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/pci/controller/dwc/pci-keystone.c
++++ b/drivers/pci/controller/dwc/pci-keystone.c
+@@ -422,7 +422,7 @@ static void ks_pcie_setup_rc_app_regs(st
+ lower_32_bits(start) | OB_ENABLEN);
+ ks_pcie_app_writel(ks_pcie, OB_OFFSET_HI(i),
+ upper_32_bits(start));
+- start += OB_WIN_SIZE;
++ start += OB_WIN_SIZE * SZ_1M;
+ }
+
+ val = ks_pcie_app_readl(ks_pcie, CMD_STATUS);
--- /dev/null
+From 885199148442f56b880995d703d2ed03b6481a3c Mon Sep 17 00:00:00 2001
+From: David Engraf <david.engraf@sysgo.com>
+Date: Mon, 16 Dec 2019 12:18:25 +0100
+Subject: PCI: tegra: Fix return value check of pm_runtime_get_sync()
+
+From: David Engraf <david.engraf@sysgo.com>
+
+commit 885199148442f56b880995d703d2ed03b6481a3c upstream.
+
+pm_runtime_get_sync() returns the device's usage counter. This might
+be >0 if the device is already powered up or CONFIG_PM is disabled.
+
+Abort probe function on real error only.
+
+Fixes: da76ba50963b ("PCI: tegra: Add power management support")
+Link: https://lore.kernel.org/r/20191216111825.28136-1-david.engraf@sysgo.com
+Signed-off-by: David Engraf <david.engraf@sysgo.com>
+Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
+Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
+Acked-by: Andrew Murray <andrew.murray@arm.com>
+Cc: stable@vger.kernel.org # v4.17+
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/controller/pci-tegra.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/pci/controller/pci-tegra.c
++++ b/drivers/pci/controller/pci-tegra.c
+@@ -2798,7 +2798,7 @@ static int tegra_pcie_probe(struct platf
+
+ pm_runtime_enable(pcie->dev);
+ err = pm_runtime_get_sync(pcie->dev);
+- if (err) {
++ if (err < 0) {
+ dev_err(dev, "fail to enable pcie controller: %d\n", err);
+ goto teardown_msi;
+ }
powerpc-pseries-advance-pfn-if-section-is-not-present-in-lmb_is_removable.patch
powerpc-32s-fix-bad_kuap_fault.patch
powerpc-32s-fix-cpu-wake-up-from-sleep-mode.patch
+pci-ats-use-pf-pasid-for-vfs.patch
+pci-tegra-fix-return-value-check-of-pm_runtime_get_sync.patch
+pci-keystone-fix-outbound-region-mapping.patch
+pci-keystone-fix-link-training-retries-initiation.patch
+pci-keystone-fix-error-handling-when-num-viewport-dt-property-is-not-populated.patch
+mmc-spi-toggle-spi-polarity-do-not-hardcode-it.patch
+acpi-video-do-not-export-a-non-working-backlight-interface-on-msi-ms-7721-boards.patch
+acpi-battery-deal-with-design-or-full-capacity-being-reported-as-1.patch
+acpi-battery-use-design-cap-for-capacity-calculations-if-full-cap-is-not-available.patch
+acpi-battery-deal-better-with-neither-design-nor-full-capacity-not-being-reported.patch
+smb3-fix-default-permissions-on-new-files-when-mounting-with-modefromsid.patch
+alarmtimer-unregister-wakeup-source-when-module-get-fails.patch
+fscrypt-don-t-print-name-of-busy-file-when-removing-key.patch
+ubifs-don-t-trigger-assertion-on-invalid-no-key-filename.patch
--- /dev/null
+From 643fbceef48e5b22bf8e0905f903e908b5d2ba69 Mon Sep 17 00:00:00 2001
+From: Steve French <stfrench@microsoft.com>
+Date: Thu, 16 Jan 2020 19:55:33 -0600
+Subject: smb3: fix default permissions on new files when mounting with modefromsid
+
+From: Steve French <stfrench@microsoft.com>
+
+commit 643fbceef48e5b22bf8e0905f903e908b5d2ba69 upstream.
+
+When mounting with "modefromsid" mount parm most servers will require
+that some default permissions are given to users in the ACL on newly
+created files, files created with the new 'sd context' - when passing in
+an sd context on create, permissions are not inherited from the parent
+directory, so in addition to the ACE with the special SID which contains
+the mode, we also must pass in an ACE allowing users to access the file
+(GENERIC_ALL for authenticated users seemed like a reasonable default,
+although later we could allow a mount option or config switch to make
+it GENERIC_ALL for EVERYONE special sid).
+
+CC: Stable <stable@vger.kernel.org>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Reviewed-By: Ronnie Sahlberg <lsahlber@redhat.com>
+Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/cifs/cifsacl.c | 20 ++++++++++++++++++++
+ fs/cifs/cifsproto.h | 1 +
+ fs/cifs/smb2pdu.c | 11 ++++++++---
+ 3 files changed, 29 insertions(+), 3 deletions(-)
+
+--- a/fs/cifs/cifsacl.c
++++ b/fs/cifs/cifsacl.c
+@@ -802,6 +802,26 @@ static void parse_dacl(struct cifs_acl *
+ return;
+ }
+
++unsigned int setup_authusers_ACE(struct cifs_ace *pntace)
++{
++ int i;
++ unsigned int ace_size = 20;
++
++ pntace->type = ACCESS_ALLOWED_ACE_TYPE;
++ pntace->flags = 0x0;
++ pntace->access_req = cpu_to_le32(GENERIC_ALL);
++ pntace->sid.num_subauth = 1;
++ pntace->sid.revision = 1;
++ for (i = 0; i < NUM_AUTHS; i++)
++ pntace->sid.authority[i] = sid_authusers.authority[i];
++
++ pntace->sid.sub_auth[0] = sid_authusers.sub_auth[0];
++
++ /* size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid->num_subauth*4) */
++ pntace->size = cpu_to_le16(ace_size);
++ return ace_size;
++}
++
+ /*
+ * Fill in the special SID based on the mode. See
+ * http://technet.microsoft.com/en-us/library/hh509017(v=ws.10).aspx
+--- a/fs/cifs/cifsproto.h
++++ b/fs/cifs/cifsproto.h
+@@ -213,6 +213,7 @@ extern struct cifs_ntsd *get_cifs_acl_by
+ const struct cifs_fid *, u32 *);
+ extern int set_cifs_acl(struct cifs_ntsd *, __u32, struct inode *,
+ const char *, int);
++extern unsigned int setup_authusers_ACE(struct cifs_ace *pace);
+ extern unsigned int setup_special_mode_ACE(struct cifs_ace *pace, __u64 nmode);
+
+ extern void dequeue_mid(struct mid_q_entry *mid, bool malformed);
+--- a/fs/cifs/smb2pdu.c
++++ b/fs/cifs/smb2pdu.c
+@@ -2199,13 +2199,14 @@ create_sd_buf(umode_t mode, unsigned int
+ struct cifs_ace *pace;
+ unsigned int sdlen, acelen;
+
+- *len = roundup(sizeof(struct crt_sd_ctxt) + sizeof(struct cifs_ace), 8);
++ *len = roundup(sizeof(struct crt_sd_ctxt) + sizeof(struct cifs_ace) * 2,
++ 8);
+ buf = kzalloc(*len, GFP_KERNEL);
+ if (buf == NULL)
+ return buf;
+
+ sdlen = sizeof(struct smb3_sd) + sizeof(struct smb3_acl) +
+- sizeof(struct cifs_ace);
++ 2 * sizeof(struct cifs_ace);
+
+ buf->ccontext.DataOffset = cpu_to_le16(offsetof
+ (struct crt_sd_ctxt, sd));
+@@ -2232,8 +2233,12 @@ create_sd_buf(umode_t mode, unsigned int
+ /* create one ACE to hold the mode embedded in reserved special SID */
+ pace = (struct cifs_ace *)(sizeof(struct crt_sd_ctxt) + (char *)buf);
+ acelen = setup_special_mode_ACE(pace, (__u64)mode);
++ /* and one more ACE to allow access for authenticated users */
++ pace = (struct cifs_ace *)(acelen + (sizeof(struct crt_sd_ctxt) +
++ (char *)buf));
++ acelen += setup_authusers_ACE(pace);
+ buf->acl.AclSize = cpu_to_le16(sizeof(struct cifs_acl) + acelen);
+- buf->acl.AceCount = cpu_to_le16(1);
++ buf->acl.AceCount = cpu_to_le16(2);
+ return buf;
+ }
+
--- /dev/null
+From f0d07a98a070bb5e443df19c3aa55693cbca9341 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Mon, 20 Jan 2020 14:31:59 -0800
+Subject: ubifs: don't trigger assertion on invalid no-key filename
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit f0d07a98a070bb5e443df19c3aa55693cbca9341 upstream.
+
+If userspace provides an invalid fscrypt no-key filename which encodes a
+hash value with any of the UBIFS node type bits set (i.e. the high 3
+bits), gracefully report ENOENT rather than triggering ubifs_assert().
+
+Test case with kvm-xfstests shell:
+
+ . fs/ubifs/config
+ . ~/xfstests/common/encrypt
+ dev=$(__blkdev_to_ubi_volume /dev/vdc)
+ ubiupdatevol $dev -t
+ mount $dev /mnt -t ubifs
+ mkdir /mnt/edir
+ xfs_io -c set_encpolicy /mnt/edir
+ rm /mnt/edir/_,,,,,DAAAAAAAAAAAAAAAAAAAAAAAAAA
+
+With the bug, the following assertion fails on the 'rm' command:
+
+ [ 19.066048] UBIFS error (ubi0:0 pid 379): ubifs_assert_failed: UBIFS assert failed: !(hash & ~UBIFS_S_KEY_HASH_MASK), in fs/ubifs/key.h:170
+
+Fixes: f4f61d2cc6d8 ("ubifs: Implement encrypted filenames")
+Cc: <stable@vger.kernel.org> # v4.10+
+Link: https://lore.kernel.org/r/20200120223201.241390-5-ebiggers@kernel.org
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/ubifs/dir.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/fs/ubifs/dir.c
++++ b/fs/ubifs/dir.c
+@@ -228,6 +228,8 @@ static struct dentry *ubifs_lookup(struc
+ if (nm.hash) {
+ ubifs_assert(c, fname_len(&nm) == 0);
+ ubifs_assert(c, fname_name(&nm) == NULL);
++ if (nm.hash & ~UBIFS_S_KEY_HASH_MASK)
++ goto done; /* ENOENT */
+ dent_key_init_hash(c, &key, dir->i_ino, nm.hash);
+ err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash);
+ } else {
projects / thirdparty / kernel / stable-queue.git / commitdiff
