This fixes CVE-2016-0728.

If a thread is asked to join as a session keyring the keyring that's already
set as its session, we leak a keyring reference.

This can be tested with the following program:

	#include <stddef.h>
	#include <stdio.h>
	#include <sys/types.h>
	#include <keyutils.h>

	int main(int argc, const char *argv[])
	{
		int i = 0;
		key_serial_t serial;

		serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING,
				"leaked-keyring");
		if (serial < 0) {
			perror("keyctl");
			return -1;
		}

		if (keyctl(KEYCTL_SETPERM, serial,
			   KEY_POS_ALL | KEY_USR_ALL) < 0) {
			perror("keyctl");
			return -1;
		}

		for (i = 0; i < 100; i++) {
			serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING,
					"leaked-keyring");
			if (serial < 0) {
				perror("keyctl");
				return -1;
			}
		}

		return 0;
	}

If, after the program has run, there something like the following line in
/proc/keys:

3f3d898f I--Q---   100 perm 3f3f0000     0     0 keyring   leaked-keyring: empty

with a usage count of 100 * the number of times the program has been run,
then the kernel is malfunctioning.  If leaked-keyring has zero usages or
has been garbage collected, then the problem is fixed.

Reported-by: Yevgeny Pats <yevgeny@perception-point.io>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Don Zickus <dzickus@redhat.com>
Acked-by: Prarit Bhargava <prarit@redhat.com>
Acked-by: Jarod Wilson <jarod@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>

Fix the MAINTAINERS record for the certs/ directory to have the new
keyrings mailing list and also to be authoritative for the sign-file tool

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>

Pull arch/tile updates from Chris Metcalf:
 "This is a grab bag of changes that includes some NOHZ and
  context-tracking related changes, some debugging improvements,
  JUMP_LABEL support, and some fixes for tilepro allmodconfig support.

  We also remove the now-unused node_has_online_mem() definitions both
  for tile's asm/topology.h as well as in linux/topology.h itself"

* git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile:
  numa: remove stale node_has_online_mem() define
  arch/tile: move user_exit() to early kernel entry sequence
  tile: fix bug in setting PT_FLAGS_DISABLE_IRQ on kernel entry
  tile: fix tilepro casts for readl, writel, etc
  tile: fix a -Wframe-larger-than warning
  tile: include the syscall number in the backtrace
  MAINTAINERS: add git URL for tile
  arch/tile: adopt prepare_exit_to_usermode() model from x86
  tile/jump_label: add jump label support for TILE-Gx
  tile: define a macro ktext_writable_addr to get writable kernel text address

Pull AVR32 updates from Hans-Christian Noren Egtvedt.

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/egtvedt/linux-avr32:
  mmc: atmel: get rid of struct mci_dma_data
  mmc: atmel-mci: restore dma on AVR32
  avr32: wire up missing syscalls
  avr32: wire up accept4 syscall

Pull btrfs updates from Chris Mason:
 "This has our usual assortment of fixes and cleanups, but the biggest
  change included is Omar Sandoval's free space tree.  It's not the
  default yet, mounting -o space_cache=v2 enables it and sets a readonly
  compat bit.  The tree can actually be deleted and regenerated if there
  are any problems, but it has held up really well in testing so far.

  For very large filesystems (30T+) our existing free space caching code
  can end up taking a huge amount of time during commits.  The new tree
  based code is faster and less work overall to update as the commit
  progresses.

  Omar worked on this during the summer and we'll hammer on it in
  production here at FB over the next few months"

* 'for-linus-4.5' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (73 commits)
  Btrfs: fix fitrim discarding device area reserved for boot loader's use
  Btrfs: Check metadata redundancy on balance
  btrfs: statfs: report zero available if metadata are exhausted
  btrfs: preallocate path for snapshot creation at ioctl time
  btrfs: allocate root item at snapshot ioctl time
  btrfs: do an allocation earlier during snapshot creation
  btrfs: use smaller type for btrfs_path locks
  btrfs: use smaller type for btrfs_path lowest_level
  btrfs: use smaller type for btrfs_path reada
  btrfs: cleanup, use enum values for btrfs_path reada
  btrfs: constify static arrays
  btrfs: constify remaining structs with function pointers
  btrfs tests: replace whole ops structure for free space tests
  btrfs: use list_for_each_entry* in backref.c
  btrfs: use list_for_each_entry_safe in free-space-cache.c
  btrfs: use list_for_each_entry* in check-integrity.c
  Btrfs: use linux/sizes.h to represent constants
  btrfs: cleanup, remove stray return statements
  btrfs: zero out delayed node upon allocation
  btrfs: pass proper enum type to start_transaction()
  ...

Pull more networking fixes from David Miller:

 1) Fix brcmfmac build with older gcc, from Arend van Spriel.

 2) IRQ values unintentionally truncated to u8 in mlx5 driver, from
    Doron Tsur.

 3) Fix build warnings wrt tcp cgroup changes, from Geert Uytterhoeven.

 4) Limit deep recursion in ovs stack, from Hannes Frederic Sowa.

 5) at803x phy driver bug fixes from, Martin Blumenstingl.

 6) Fix TSO handling in hns driver, from Daode Huang

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (22 commits)
  ovs: limit ovs recursions in ovs_execute_actions to not corrupt stack
  team: Replace rcu_read_lock with a mutex in team_vlan_rx_kill_vid
  net: hns: bug fix about hisilicon TSO BD mode
  brcmfmac: fix BRCMF_FW_NVRAM_DEF macro for older gcc compilers
  net: phy: at803x: Add the interrupt register bit definitions
  net: phy: at803x: Clean up duplicate register definitions
  net: phy: at803x: Allow specifying the RGMII RX clock delay via phy mode
  net: phy: at803x: Don't set gbit features for the AR8030 phy
  arm64: bpf: add extra pass to handle faulty codegen
  arm64: insn: remove BUG_ON from codegen
  sctp: the temp asoc's transports should not be hashed/unhashed
  net/mlx5_core: Fix trimming down IRQ number
  tcp_memcontrol: Forward declare cgroup_subsys and mem_cgroup stucts
  batman-adv: Drop immediate orig_node free function
  batman-adv: Drop immediate batadv_hard_iface free function
  batman-adv: Drop immediate neigh_ifinfo free function
  batman-adv: Drop immediate batadv_hardif_neigh_node free function
  batman-adv: Drop immediate batadv_neigh_node free function
  batman-adv: Drop immediate batadv_orig_ifinfo free function
  batman-adv: Avoid recursive call_rcu for batadv_nc_node
  ...

Pull IDE updates from David Miller:
 "Just a few small changes this merge window, marking ops const, printf
  string type fixes, etc"

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/ide:
  drivers/ide: make ide-scan-pci.c driver explicitly non-modular
  ide: constify ide_dma_ops structures
  ide: silence some underflow warnings

Pull RTC updates from Alexandre Belloni:
 "Core:
   - fix module reference count in rtc-proc
   - Replace simple_strtoul by kstrtoul

  New driver:
   - Epson RX8010SJ

  Subsystem wide cleanups:
   - use %ph for short hex dumps
   - constify *_chip_ops structures

  Drivers:
   - abx80x: Microcrystal rv1805 support, alarm support
   - cmos: prevent kernel warning on IRQ flags mismatch
   - s5m: various cleanups
   - rv8803: rx8900 compatibility, small error path fix
   - sunxi: various cleanups
   - lpc32xx: remove irq > NR_IRQS check from probe()
   - imxdi: fix spelling mistake in warning message
   - ds1685: don't try to micromanage sysfs output size
   - da9063: avoid writing undefined data to rtc
   - gemini: Remove unnecessary platform_set_drvdata()
   - efi: add efi_procfs in efi_rtc_ops
   - pcf8523: refuse to write dates later than 2099"

* tag 'rtc-4.5' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux: (24 commits)
  rtc: cmos: prevent kernel warning on IRQ flags mismatch
  rtc: rtc-ds2404: constify ds2404_chip_ops structures
  rtc: s5m: Make register configuration per S2MPS device to remove exceptions
  rtc: s5m: Add separate field for storing auto-cleared mask in register config
  rtc: s5m: Cleanup by removing useless 'rtc' prefix from fields
  rtc: Replace simple_strtoul by kstrtoul
  rtc: abx80x: add alarm support
  rtc: abx80x: Add Microcrystal rv1805 support
  rtc: v3020: constify v3020_chip_ops structures
  rtc: rv8803: Extend compatibility with the rx8900
  rtc: rv8803: fix handling return value of i2c_smbus_read_byte_data
  rtc: Add Epson RX8010SJ RTC driver
  rtc: lpc32xx: remove irq > NR_IRQS check from probe()
  rtc: imxdi: fix spelling mistake in warning message
  rtc: ds1685: don't try to micromanage sysfs output size
  rtc: use %ph for short hex dumps
  rtc: da9063: avoid writing undefined data to rtc
  rtc: sunxi: use of_device_get_match_data
  rtc: sunxi: constify the data_year_param structure
  rtc: sunxi: fix signedness issues
  ...

Pull fbdev updates from Tomi Valkeinen:
 "Summary:

   - pxafb: device-tree support
   - An unsafe kernel parameter 'lockless_register_fb' for debugging
     problems happening while inside the console lock
   - Small miscellaneous fixes & cleanups
   - omapdss: add writeback support functions
   - Separation of omapfb and omapdrm (see below)

  About the separation of omapfb and omapdrm, see

    http://permalink.gmane.org/gmane.comp.video.dri.devel/143151

  for longer story.  The short version:

  omapfb and omapdrm have shared low level drivers (omapdss and panel
  drivers), making further development of omapdrm difficult.  After
  these patches omapfb and omapdrm have their own versions of the
  drivers, which are more or less direct copies for now but will diverge
  soon.

  This also means that omapfb (everything under drivers/video/fbdev/omap2/)
  is now in maintenance mode, and all new development will be done for
  omapdrm (drivers/gpu/drm/omapdrm/)"

* tag 'fbdev-4.5' of git://git.kernel.org/pub/scm/linux/kernel/git/tomba/linux: (49 commits)
  video: fbdev: pxafb: fix out of memory error path
  drm/omap: make omapdrm select OMAP2_DSS
  drm/omap: move omapdss & displays under omapdrm
  omapfb: move vrfb into omapfb
  omapfb: take omapfb's private omapdss into use
  omapfb/displays: change CONFIG_DISPLAY_* to CONFIG_FB_OMAP2_*
  omapfb/dss: change CONFIG_OMAP* to CONFIG_FB_OMAP*
  omapdss: remove CONFIG_OMAP2_DSS_VENC from omapdss.h
  omapfb: copy omapdss & displays for omapfb
  omapfb: allow compilation only if DRM_OMAP is disabled
  fbdev: omap2: panel-dpi: simplify gpio setting
  fbdev: omap2: panel-dpi: in .disable first disable backlight then display
  OMAPDSS: DSS: fix a warning message
  video: omapdss: delete unneeded of_node_put
  OMAPDSS: DISPC: Remove boolean comparisons
  OMAPDSS: DSI: cleanup DSI_IRQ_ERROR_MASK define
  OMAPDSS: remove extra out == NULL checks
  OMAPDSS: change internal dispc functions to static
  OMAPDSS: make a two dss feat funcs internal to omapdss
  OMAPDSS: remove extra EXPORT_SYMBOLs
  ...

This isn't used anywhere, so delete it.

Looks like the last usage (in x86-specific code) was removed by Tejun
in 2011 in commit bd6709a9

 ("x86, NUMA: Make 32bit use common NUMA
init path").

Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>

This ensures that we always notify context tracking that we
have exited from user space no matter how we enter the kernel.
It is similar to how arm64 handles context tracking, for example.

This allows the removal of all the exception_enter() calls that
were added in commit 49e4e156

 ("tile: support CONTEXT_TRACKING and
thus NOHZ_FULL").

Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>

This flag value is saved in ptregs and used to decide whether
to disable irqs when returning from the kernel.  Commit 1168df528fe4
("tile: don't assume user privilege is zero") performed a bad
merge from some KVM-enabled code that had not yet been upstreamed.

The only issue with the old code is that we will read the interrupt
mask in more conditions than we need to (e.g., coming from user
space when user space has the Interrupt Critical Section bit set, or
coming from a guest kernel), which is a slow multi-cycle operation.
This change saves those few cycles in the common case.

Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>

Missing parentheses could cause an argument of the form
"integer + pointer" to get cast to "(long)integer + pointer"
and remain a pointer type, causing compiler warnings.

Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>

The warning occurs in setup.c, where it is known that it can't be
a problem, but it's still a good idea to silence the warning.
The onstack array is converted from an s32 to a u8, which still
is plenty of range for the values being managed there.

Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>

This information is easily available in the backtrace data and can
be helpful when trying to figure out the backtrace, particularly
if we're early in kernel entry or late in kernel exit.

Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>

Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>

This change is a prerequisite change for TASK_ISOLATION but also
stands on its own for readability and maintainability.  The existing
tile do_work_pending() was called in a loop from assembly on
the slow path; this change moves the loop into C code as well.
For the x86 version see commit c5c46f59

 ("x86/entry: Add new,
comprehensible entry and exit handlers written in C").

This change exposes a pre-existing bug on the older tilepro platform;
the singlestep processing is done last, but on tilepro (unlike tilegx)
we enable interrupts while doing that processing, so we could in
theory miss a signal or other asynchronous event.  A future change
could fix this by breaking the singlestep work into a "prepare"
step done in the main loop, and a "trigger" step done after exiting
the loop.  Since this change is intended as purely a restructuring
change, we call out the bug explicitly now, but don't yet fix it.

Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>

The Kconfig for this support is currently:

config IDEPCI_PCIBUS_ORDER
        bool "Probe IDE PCI devices in the PCI bus order (DEPRECATED)"

...meaning that it currently is not being built as a module by anyone.
Lets change the initcall to be the equivalent device_initcall, so that
when reading the driver code, there is no doubt it is builtin-only.

Unlike other similar changes, we leave the module.h header to be
included since this code interacts with other drivers and needs to
know what a struct module is.

Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-ide@vger.kernel.org
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

The ide_dma_ops structures are never modified, so declare these as const,
as is already done for the others.

Done with the help of Coccinelle.

Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: David S. Miller <davem@davemloft.net>

Back in the day we used to just say this code was root only so it was
ok that the bounds checking was sloppy.  These days it annoys static
checkers so we fix it.

In the original code "c > INT_MAX" was never true since "c" was an int.
I am not sure what was intended so I left it alone.  But because I made
"c" unsigned it means we don't have a warning any more.

The second warning is that we cap "i" but allow negatives leading to an
underflow of the ide_disks_chs[] array.  The third set of warnings is
because these values come from the user and we cap most of the upper
bounds but allow negative values.  Negative cylinders doesn't make
sense.

drivers/ide/ide.c:262 ide_set_disk_chs() warn: impossible condition '(c > ((~0 >> 1))) => (s32min-s32max > s32max)'
drivers/ide/ide.c:270 ide_set_disk_chs() warn: check 'ide_disks_chs[i]' for negative offsets 'i' = s32min.  extra = 's32min-19'
drivers/ide/ide.c:271 ide_set_disk_chs() warn: no lower bound on 'h'

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

It was seen that defective configurations of openvswitch could overwrite
the STACK_END_MAGIC and cause a hard crash of the kernel because of too
many recursions within ovs.

This problem arises due to the high stack usage of openvswitch. The rest
of the kernel is fine with the current limit of 10 (RECURSION_LIMIT).

We use the already existing recursion counter in ovs_execute_actions to
implement an upper bound of 5 recursions.

Cc: Pravin Shelar <pshelar@ovn.org>
Cc: Simon Horman <simon.horman@netronome.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Simon Horman <simon.horman@netronome.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

We can't be within an RCU read-side critical section when deleting
VLANs, as underlying drivers might sleep during the hardware operation.
Therefore, replace the RCU critical section with a mutex. This is
consistent with team_vlan_rx_add_vid.

Fixes: 3d249d4c

 ("net: introduce ethernet teaming device")
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

The current upstreaming code fails to set the tso_mode register
when initilizes, when processes large size packets, the default 4 bd is
not enough, so this patch initilizes it and set the default value to 8 bds

Signed-off-by: Daode Huang <huangdaode@hisilicon.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

With gcc < 4.3 __UNIQUE_ID does not create unique ids with the macro
BRCMF_FW_NVRAM_DEF. Fix this by removing the MODULE_FIRMWARE instance
for the nvram file. This file is not in linux-firmware repo so it may
not be needed anyway. Otherwise consider this as a temporary fix.

Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Arend van Spriel <aspriel@gmail.com>
Acked-by: Kalle Valo <kvalo@codeaurora.org>
Tested-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

As seen by Julia, the initial allocation memory is not checked anymore
after commit "video: fbdev: pxafb: initial devicetree conversion".
Introduce back the removed test.

Reported-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Robert Jarzmik <robert.jarzmik@free.fr>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>

Pull security subsystem updates from James Morris:

 - EVM gains support for loading an x509 cert from the kernel
   (EVM_LOAD_X509), into the EVM trusted kernel keyring.

 - Smack implements 'file receive' process-based permission checking for
   sockets, rather than just depending on inode checks.

 - Misc enhancments for TPM & TPM2.

 - Cleanups and bugfixes for SELinux, Keys, and IMA.

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (41 commits)
  selinux: Inode label revalidation performance fix
  KEYS: refcount bug fix
  ima: ima_write_policy() limit locking
  IMA: policy can be updated zero times
  selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()
  selinux: export validatetrans decisions
  gfs2: Invalid security labels of inodes when they go invalid
  selinux: Revalidate invalid inode security labels
  security: Add hook to invalidate inode security labels
  selinux: Add accessor functions for inode->i_security
  security: Make inode argument of inode_getsecid non-const
  security: Make inode argument of inode_getsecurity non-const
  selinux: Remove unused variable in selinux_inode_init_security
  keys, trusted: seal with a TPM2 authorization policy
  keys, trusted: select hash algorithm for TPM2 chips
  keys, trusted: fix: *do not* allow duplicate key options
  tpm_ibmvtpm: properly handle interrupted packet receptions
  tpm_tis: Tighten IRQ auto-probing
  tpm_tis: Refactor the interrupt setup
  tpm_tis: Get rid of the duplicate IRQ probing code
  ...

Pull audit updates from Paul Moore:
 "Seven audit patches for 4.5, all very minor despite the diffstat.

  The diffstat churn for linux/audit.h can be attributed to needing to
  reshuffle the linux/audit.h header to fix the seccomp auditing issue
  (see the commit description for details).

  Besides the seccomp/audit fix, most of the fixes are around trying to
  improve the connection with the audit daemon and a Kconfig
  simplification.  Nothing crazy, and everything passes our little
  audit-testsuite"

* 'upstream' of git://git.infradead.org/users/pcmoore/audit:
  audit: always enable syscall auditing when supported and audit is enabled
  audit: force seccomp event logging to honor the audit_enabled flag
  audit: Delete unnecessary checks before two function calls
  audit: wake up threads if queue switched from limited to unlimited
  audit: include auditd's threads in audit_log_start() wait exception
  audit: remove audit_backlog_wait_overflow
  audit: don't needlessly reset valid wait time

Commit b8d3c4c3

 ("mm/huge_memory.c: don't split THP page when
MADV_FREE syscall is called") introduced this new function, but got the
error handling for when pmd_trans_huge_lock() fails wrong.  In the
failure case, the lock has not been taken, and we should not unlock on
the way out.

Cc: Minchan Kim <minchan@kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

This just fixes a warning on 64-bit builds:

  drivers/gpu/drm/vc4/vc4_validate.c: In function ‘validate_gl_shader_rec’:
  drivers/gpu/drm/vc4/vc4_validate.c:864:12: warning: format ‘%d’ expects argument of type ‘int’, but argument 4 has type ‘size_t {aka long unsigned int}’ [-Wformat=]

Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Also use them instead of a magic value when enabling the interrupts.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

at803x currently automatically enables the RGMII TX clock delay when the
phy interface mode is PHY_INTERFACE_MODE_RGMII_TXID. The same should be
done when PHY_INTERFACE_MODE_RGMII_ID is specified.
Use a similar logic to enable the RGMII RX clock delay as well.
at803x_context_{save,restore} were not touched because these are only
used on AR8030 which is a RMII phy (RGMII clock delays are irrelevant).

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

The 8030 is only a "RMII Fast Ethernet PHY", thus it must not have the
SUPPORTED_1000* bits set.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Code generation functions in arch/arm64/kernel/insn.c previously
BUG_ON invalid parameters. Following change of that behavior, now we
need to handle the error case where AARCH64_BREAK_FAULT is returned.

Instead of error-handling on every emit() in JIT, we add a new
validation pass at the end of JIT compilation. There's no point in
running JITed code at run-time only to trap due to AARCH64_BREAK_FAULT.
Instead, we drop this failed JIT compilation and allow the system to
gracefully fallback on the BPF interpreter.

Signed-off-by: Zi Shen Lim <zlim.lnx@gmail.com>
Suggested-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

During code generation, we used to BUG_ON unknown/unsupported encoding
or invalid parameters.

Instead, now we report these as errors and simply return the
instruction AARCH64_BREAK_FAULT. Users of these codegen helpers should
check for and handle this failure condition as appropriate.

Otherwise, unhandled codegen failure will result in trapping at
run-time due to AARCH64_BREAK_FAULT, which is arguably better than a
BUG_ON.

Signed-off-by: Zi Shen Lim <zlim.lnx@gmail.com>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Re-establish the previous behavior and avoid hashing temporary asocs by
checking t->asoc->temp in sctp_(un)hash_transport. Also, remove the
check of t->asoc->temp in __sctp_lookup_association, since they are
never hashed now.

Fixes: 4f008781

 ("sctp: apply rhashtable api to send/recv path")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Reported-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Pull drm updates from Dave Airlie:
 "This is the main drm pull request for 4.5.  I don't think I've missed
  anything too major, I'm mostly back at work now but I'll probably get
  some sleep in 5 years time.

  Summary:

  New drivers:
   - etnaviv:

     GPU driver for the 3D core on the Vivante core used in numerous
     ARM boards.

  Highlights:

  Core:
   - Atomic suspend/resume helpers
   - Move the headers to using userspace friendlier types.
   - Documentation updates
   - Lots of struct_mutex removal.
   - Bunch of DP MST fixes from AMD.

  Panel:
   - More DSI helpers
   - Support for some new basic panels

  i915:
   - Basic Kabylake support
   - DP link training and detect code refactoring
   - fbc/psr fixes
   - FIFO underrun fixes
   - SDE interrupt handling fixes
   - dma-buf/fence support in pageflip path.
   - GPU side for MST audio support

  radeon/amdgpu:
   - Drop UMS support
   - GPUVM/Scheduler optimisations
   - Initial Powerplay support for Tonga/Fiji/CZ/ST
   - ACP audio prerequisites

  nouveau:
   - GK20a instmem improvements
   - PCIE link speed change support

  msm:
   - DSI support for msm8960/apq8064

  tegra:
   - Host1X support for Tegra210 SoC

  vc4:
   - 3D acceleration support

  armada:
   - Get rid of struct mutex

  tda998x:
   - Atomic modesetting support
   - TMDS clock limitations

  omapdrm:
   - Atomic modesetting support
   - improved TILER performance

  rockchip:
   - RK3036 VOP support
   - Atomic modesetting support
   - Synopsys DW MIPI DSI support

  exynos:
   - Runtime PM support
   - of_graph binding for DP panels
   - Cleanup of IPP code
   - Configurable plane support
   - Kernel panic fixes at release time"

* 'drm-next' of git://people.freedesktop.org/~airlied/linux: (711 commits)
  drm/fb_cma_helper: Remove implicit call to disable_unused_functions
  drm/amdgpu: add missing irq.h include
  drm/vmwgfx: Fix a width / pitch mismatch on framebuffer updates
  drm/vmwgfx: Fix an incorrect lock check
  drm: nouveau: fix nouveau_debugfs_init prototype
  drm/nouveau/pci: fix check in nvkm_pcie_set_link
  drm/amdgpu: validate duplicates first
  drm/amdgpu: move VM page tables to the LRU end on CS v2
  drm/ttm: add ttm_bo_move_to_lru_tail function v2
  drm/ttm: fix adding foreign BOs to the swap LRU
  drm/ttm: fix adding foreign BOs to the LRU during init v2
  drm/radeon: use kobj_to_dev()
  drm/amdgpu: use kobj_to_dev()
  drm/amdgpu/cz: force vce clocks when sclks are forced
  drm/amdgpu/cz: force uvd clocks when sclks are forced
  drm/amdgpu/cz: add code to enable forcing VCE clocks
  drm/amdgpu/cz: add code to enable forcing UVD clocks
  drm/amdgpu: fix lost sync_to if scheduler is enabled.
  drm/amd/powerplay: fix static checker warning for return meaningless value.
  drm/sysfs: use kobj_to_dev()
  ...

Merge tag 'linux-kselftest-4.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest

Pull kselftest updates from Shuah Khan:
 "This 14 patch update:

   - adds a new test for intel_pstate driver
   - adds empty string and async test cases to firmware class tests
   - fixes and cleans up several existing tests"

* tag 'linux-kselftest-4.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest:
  selftests: firmware: add empty string and async tests
  firmware: actually return NULL on failed request_firmware_nowait()
  test: firmware_class: add asynchronous request trigger
  test: firmware_class: use kstrndup() where appropriate
  test: firmware_class: report errors properly on failure
  selftests/seccomp: fix 32-bit build warnings
  add breakpoints/.gitignore
  add ptrace/.gitignore
  update .gitignore in selftests/timers
  update .gitignore in selftests/vm
  tools, testing, add test for intel_pstate driver
  selftest/ipc: actually test it
  selftests/capabilities: actually test it
  selftests/capabilities: clean up for Makefile

Pull parsic updates from Helge Deller:
 "This patchset includes two major fixes which are both scheduled for
  stable:

  First, __ARCH_SI_PREAMBLE_SIZE was defined with a wrong value.
  Second, huge page pte and TLB changes needed protection with a
  spinlock.  Other than that there are just some trivial optimizations
  and cleanups"

* 'parisc-4.5-1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux:
  parisc: Protect huge page pte changes with spinlocks
  parisc: Imporove debug info about space registers and TLB configuration
  parisc: Drop parisc-specific NSIGTRAP define
  parisc: Fix __ARCH_SI_PREAMBLE_SIZE
  parisc: Reduce overhead of parisc_requires_coherency()
  parisc: Initialize PCI bridge cache line and default latency

Merge tag 'drm-intel-next-fixes-2016-01-14' of git://anongit.freedesktop.org/drm-intel into drm-next

misc i915 fixes all over the place.

* tag 'drm-intel-next-fixes-2016-01-14' of git://anongit.freedesktop.org/drm-intel:
  drm/i915/gen9: Set PIN_ZONE_4G end to 4GB - 1 page
  drm/i915: Widen return value for reservation_object_wait_timeout_rcu to long.
  drm/i915: intel_hpd_init(): Fix suspend/resume reprobing
  drm/i915: shut up gen8+ SDE irq dmesg noise, again
  drm/i915: Restore inhibiting the load of the default context
  drm/i915: Tune down rpm wakelock debug checks
  drm/i915: Avoid writing relocs with addresses in non-canonical form
  drm/i915: Move Braswell stop_machine GGTT insertion workaround