Merge android-4.4.191 (6da3fbc) into msm-4.4

* refs/heads/tmp-6da3fbc
  Linux 4.4.191
  x86/ptrace: fix up botched merge of spectrev1 fix
  mac80211: fix possible sta leak
  Revert "cfg80211: fix processing world regdomain when non modular"
  VMCI: Release resource if the work is already queued
  stm class: Fix a double free of stm_source_device
  mmc: core: Fix init of SD cards reporting an invalid VDD range
  mmc: sdhci-of-at91: add quirk for broken HS200
  uprobes/x86: Fix detection of 32-bit user mode
  ptrace,x86: Make user_64bit_mode() available to 32-bit builds
  USB: storage: ums-realtek: Whitelist auto-delink support
  USB: storage: ums-realtek: Update module parameter description for auto_delink_en
  usb: host: ohci: fix a race condition between shutdown and irq
  USB: cdc-wdm: fix race between write and disconnect due to flag abuse
  usb-storage: Add new JMS567 revision to unusual_devs
  x86/apic: Include the LDR when clearing out APIC registers
  x86/apic: Do not initialize LDR and DFR for bigsmp
  KVM: x86: Don't update RIP or do single-step on faulting emulation
  ALSA: seq: Fix potential concurrent access to the deleted pool
  tcp: make sure EPOLLOUT wont be missed
  ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
  ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term
  tcp: fix tcp_rtx_queue_tail in case of empty retransmit queue
  watchdog: bcm2835_wdt: Fix module autoload
  tools: hv: fix KVP and VSS daemons exit code
  usb: host: fotg2: restart hcd after port reset
  usb: gadget: composite: Clear "suspended" on reset/disconnect
  dmaengine: ste_dma40: fix unneeded variable warning
  scsi: ufs: Fix NULL pointer dereference in ufshcd_config_vreg_hpm()
  x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h
  x86/pm: Introduce quirk framework to save/restore extra MSR registers around suspend/resume
  Revert "perf test 6: Fix missing kvm module load for s390"
  netfilter: conntrack: Use consistent ct id hash calculation
  netfilter: ctnetlink: don't use conntrack/expect object addresses as id
  inet: switch IP ID generator to siphash
  siphash: implement HalfSipHash1-3 for hash tables
  siphash: add cryptographically secure PRF
  vhost: scsi: add weight support
  vhost_net: fix possible infinite loop
  vhost: introduce vhost_exceeds_weight()
  vhost_net: introduce vhost_exceeds_weight()
  vhost_net: use packet weight for rx handler, too
  vhost-net: set packet weight of tx polling to 2 * vq size
  net: arc_emac: fix koops caused by sk_buff free
  GFS2: don't set rgrp gl_object until it's inserted into rgrp tree
  cgroup: Disable IRQs while holding css_set_lock
  dm table: fix invalid memory accesses with too high sector number
  dm space map metadata: fix missing store of apply_bops() return value
  dm btree: fix order of block initialization in btree_split_beneath
  x86/boot: Fix boot regression caused by bootparam sanitizing
  x86/boot: Save fields explicitly, zero out everything else
  x86/apic: Handle missing global clockevent gracefully
  x86/retpoline: Don't clobber RFLAGS during CALL_NOSPEC on i386
  userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx
  Revert "dm bufio: fix deadlock with loop device"
  HID: wacom: correct misreported EKR ring values
  selftests: kvm: Adding config fragments
  libata: add SG safety checks in SFF pio transfers
  net: hisilicon: Fix dma_map_single failed on arm64
  net: hisilicon: fix hip04-xmit never return TX_BUSY
  net: hisilicon: make hip04_tx_reclaim non-reentrant
  net: cxgb3_main: Fix a resource leak in a error path in 'init_one()'
  NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim()
  can: peak_usb: force the string buffer NULL-terminated
  can: sja1000: force the string buffer NULL-terminated
  perf bench numa: Fix cpu0 binding
  isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the stack
  isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in start_isoc_chain()
  net: usb: qmi_wwan: Add the BroadMobi BM818 card
  ASoC: ti: davinci-mcasp: Correct slot_width posed constraint
  st_nci_hci_connectivity_event_received: null check the allocation
  st21nfca_connectivity_event_received: null check the allocation
  can: dev: call netif_carrier_off() in register_candev()
  bonding: Force slave speed check after link state recovery for 802.3ad
  netfilter: ebtables: fix a memory leak bug in compat
  MIPS: kernel: only use i8253 clocksource with periodic clockevent
  HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT
  ANDROID: sched: Disallow WALT with CFS bandwidth control
  ANDROID: fiq_debugger: remove
  ANDROID: Add a tracepoint for mapping inode to full path

Conflicts:
	drivers/scsi/ufs/ufshcd.c
	drivers/staging/android/fiq_debugger/fiq_debugger.c
	sound/usb/mixer.c

Change-Id: I95d42e2ce37dd5d32e1737f701976079c43b7501
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>

2 files changed, 182 insertions, 0 deletions

diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index 5b605dfaddd7..b3c7bdffbdc0 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -3490,6 +3490,13 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
 			Run specified binary instead of /init from the ramdisk,
 			used for early userspace startup. See initrd.
 
+	rdrand=		[X86]
+			force - Override the decision by the kernel to hide the
+				advertisement of RDRAND support (this affects
+				certain AMD processors because of buggy BIOS
+				support, specifically around the suspend/resume
+				path).
+
 	reboot=		[KNL]
 			Format (x86 or x86_64):
 				[w[arm] | c[old] | h[ard] | s[oft] | g[pio]] \
diff --git a/Documentation/siphash.txt b/Documentation/siphash.txt
new file mode 100644
index 000000000000..908d348ff777
--- /dev/null
+++ b/Documentation/siphash.txt
@@ -0,0 +1,175 @@
+         SipHash - a short input PRF
+-----------------------------------------------
+Written by Jason A. Donenfeld <jason@zx2c4.com>
+
+SipHash is a cryptographically secure PRF -- a keyed hash function -- that
+performs very well for short inputs, hence the name. It was designed by
+cryptographers Daniel J. Bernstein and Jean-Philippe Aumasson. It is intended
+as a replacement for some uses of: `jhash`, `md5_transform`, `sha_transform`,
+and so forth.
+
+SipHash takes a secret key filled with randomly generated numbers and either
+an input buffer or several input integers. It spits out an integer that is
+indistinguishable from random. You may then use that integer as part of secure
+sequence numbers, secure cookies, or mask it off for use in a hash table.
+
+1. Generating a key
+
+Keys should always be generated from a cryptographically secure source of
+random numbers, either using get_random_bytes or get_random_once:
+
+siphash_key_t key;
+get_random_bytes(&key, sizeof(key));
+
+If you're not deriving your key from here, you're doing it wrong.
+
+2. Using the functions
+
+There are two variants of the function, one that takes a list of integers, and
+one that takes a buffer:
+
+u64 siphash(const void *data, size_t len, const siphash_key_t *key);
+
+And:
+
+u64 siphash_1u64(u64, const siphash_key_t *key);
+u64 siphash_2u64(u64, u64, const siphash_key_t *key);
+u64 siphash_3u64(u64, u64, u64, const siphash_key_t *key);
+u64 siphash_4u64(u64, u64, u64, u64, const siphash_key_t *key);
+u64 siphash_1u32(u32, const siphash_key_t *key);
+u64 siphash_2u32(u32, u32, const siphash_key_t *key);
+u64 siphash_3u32(u32, u32, u32, const siphash_key_t *key);
+u64 siphash_4u32(u32, u32, u32, u32, const siphash_key_t *key);
+
+If you pass the generic siphash function something of a constant length, it
+will constant fold at compile-time and automatically choose one of the
+optimized functions.
+
+3. Hashtable key function usage:
+
+struct some_hashtable {
+	DECLARE_HASHTABLE(hashtable, 8);
+	siphash_key_t key;
+};
+
+void init_hashtable(struct some_hashtable *table)
+{
+	get_random_bytes(&table->key, sizeof(table->key));
+}
+
+static inline hlist_head *some_hashtable_bucket(struct some_hashtable *table, struct interesting_input *input)
+{
+	return &table->hashtable[siphash(input, sizeof(*input), &table->key) & (HASH_SIZE(table->hashtable) - 1)];
+}
+
+You may then iterate like usual over the returned hash bucket.
+
+4. Security
+
+SipHash has a very high security margin, with its 128-bit key. So long as the
+key is kept secret, it is impossible for an attacker to guess the outputs of
+the function, even if being able to observe many outputs, since 2^128 outputs
+is significant.
+
+Linux implements the "2-4" variant of SipHash.
+
+5. Struct-passing Pitfalls
+
+Often times the XuY functions will not be large enough, and instead you'll
+want to pass a pre-filled struct to siphash. When doing this, it's important
+to always ensure the struct has no padding holes. The easiest way to do this
+is to simply arrange the members of the struct in descending order of size,
+and to use offsetendof() instead of sizeof() for getting the size. For
+performance reasons, if possible, it's probably a good thing to align the
+struct to the right boundary. Here's an example:
+
+const struct {
+	struct in6_addr saddr;
+	u32 counter;
+	u16 dport;
+} __aligned(SIPHASH_ALIGNMENT) combined = {
+	.saddr = *(struct in6_addr *)saddr,
+	.counter = counter,
+	.dport = dport
+};
+u64 h = siphash(&combined, offsetofend(typeof(combined), dport), &secret);
+
+6. Resources
+
+Read the SipHash paper if you're interested in learning more:
+https://131002.net/siphash/siphash.pdf
+
+
+~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
+
+HalfSipHash - SipHash's insecure younger cousin
+-----------------------------------------------
+Written by Jason A. Donenfeld <jason@zx2c4.com>
+
+On the off-chance that SipHash is not fast enough for your needs, you might be
+able to justify using HalfSipHash, a terrifying but potentially useful
+possibility. HalfSipHash cuts SipHash's rounds down from "2-4" to "1-3" and,
+even scarier, uses an easily brute-forcable 64-bit key (with a 32-bit output)
+instead of SipHash's 128-bit key. However, this may appeal to some
+high-performance `jhash` users.
+
+Danger!
+
+Do not ever use HalfSipHash except for as a hashtable key function, and only
+then when you can be absolutely certain that the outputs will never be
+transmitted out of the kernel. This is only remotely useful over `jhash` as a
+means of mitigating hashtable flooding denial of service attacks.
+
+1. Generating a key
+
+Keys should always be generated from a cryptographically secure source of
+random numbers, either using get_random_bytes or get_random_once:
+
+hsiphash_key_t key;
+get_random_bytes(&key, sizeof(key));
+
+If you're not deriving your key from here, you're doing it wrong.
+
+2. Using the functions
+
+There are two variants of the function, one that takes a list of integers, and
+one that takes a buffer:
+
+u32 hsiphash(const void *data, size_t len, const hsiphash_key_t *key);
+
+And:
+
+u32 hsiphash_1u32(u32, const hsiphash_key_t *key);
+u32 hsiphash_2u32(u32, u32, const hsiphash_key_t *key);
+u32 hsiphash_3u32(u32, u32, u32, const hsiphash_key_t *key);
+u32 hsiphash_4u32(u32, u32, u32, u32, const hsiphash_key_t *key);
+
+If you pass the generic hsiphash function something of a constant length, it
+will constant fold at compile-time and automatically choose one of the
+optimized functions.
+
+3. Hashtable key function usage:
+
+struct some_hashtable {
+	DECLARE_HASHTABLE(hashtable, 8);
+	hsiphash_key_t key;
+};
+
+void init_hashtable(struct some_hashtable *table)
+{
+	get_random_bytes(&table->key, sizeof(table->key));
+}
+
+static inline hlist_head *some_hashtable_bucket(struct some_hashtable *table, struct interesting_input *input)
+{
+	return &table->hashtable[hsiphash(input, sizeof(*input), &table->key) & (HASH_SIZE(table->hashtable) - 1)];
+}
+
+You may then iterate like usual over the returned hash bucket.
+
+4. Performance
+
+HalfSipHash is roughly 3 times slower than JenkinsHash. For many replacements,
+this will not be a problem, as the hashtable lookup isn't the bottleneck. And
+in general, this is probably a good sacrifice to make for the security and DoS
+resistance of HalfSipHash.