Merge android-4.4.166 (4c4bedf) into msm-4.4

* refs/heads/tmp-4c4bedf
  Linux 4.4.166
  drm/ast: Remove existing framebuffers before loading driver
  s390/mm: Check for valid vma before zapping in gmap_discard
  namei: allow restricted O_CREAT of FIFOs and regular files
  sched/core: Allow __sched_setscheduler() in interrupts when PI is not used
  btrfs: Ensure btrfs_trim_fs can trim the whole filesystem
  usb: xhci: fix uninitialized completion when USB3 port got wrong status
  tty: wipe buffer if not echoing data
  tty: wipe buffer.
  iwlwifi: mvm: fix regulatory domain update when the firmware starts
  scsi: qla2xxx: do not queue commands when unloading
  scsi: ufshcd: release resources if probe fails
  scsi: ufs: fix race between clock gating and devfreq scaling work
  scsi: ufshcd: Fix race between clk scaling and ungate work
  scsi: ufs: fix bugs related to null pointer access and array size
  netfilter: nf_tables: fix oops when inserting an element into a verdict map
  mwifiex: fix p2p device doesn't find in scan problem
  mwifiex: Fix NULL pointer dereference in skb_dequeue()
  cw1200: Don't leak memory if krealloc failes
  Input: xpad - add support for Xbox1 PDP Camo series gamepad
  Input: xpad - fix GPD Win 2 controller name
  Input: xpad - add GPD Win 2 Controller USB IDs
  Input: xpad - avoid using __set_bit() for capabilities
  Input: xpad - fix some coding style issues
  Input: xpad - add PDP device id 0x02a4
  Input: xpad - add support for PDP Xbox One controllers
  Input: xpad - validate USB endpoint type during probe
  Input: xpad - fix PowerA init quirk for some gamepad models
  Input: xpad - constify usb_device_id
  Input: xpad - sync supported devices with XBCD
  Input: xpad - sync supported devices with 360Controller
  Input: xpad - add USB IDs for Mad Catz Brawlstick and Razer Sabertooth
  Input: xpad - sync supported devices with xboxdrv
  Input: xpad - sort supported devices by USB ID
  Input: xpad - support some quirky Xbox One pads
  Input: xpad - restore LED state after device resume
  Input: xpad - fix stuck mode button on Xbox One S pad
  Input: xpad - don't depend on endpoint order
  Input: xpad - simplify error condition in init_output
  Input: xpad - move reporting xbox one home button to common function
  Input: xpad - correctly sort vendor id's
  Input: xpad - fix Xbox One rumble stopping after 2.5 secs
  Input: xpad - add product ID for Xbox One S pad
  Input: xpad - power off wireless 360 controllers on suspend
  Input: xpad - fix rumble on Xbox One controllers with 2015 firmware
  Input: xpad - xbox one elite controller support
  Input: xpad - add more third-party controllers
  Input: xpad - prevent spurious input from wired Xbox 360 controllers
  Input: xpad - add Mad Catz FightStick TE 2 VID/PID
  Input: xpad - remove unused function
  Input: xpad - correct xbox one pad device name
  Input: xpad - use LED API when identifying wireless controllers
  Input: xpad - workaround dead irq_out after suspend/ resume
  Input: xpad - update Xbox One Force Feedback Support
  Input: xpad - handle "present" and "gone" correctly
  Input: xpad - remove spurious events of wireless xpad 360 controller
  ath10k: fix kernel panic due to race in accessing arvif list
  arm64: remove no-op -p linker flag
  x86/entry/64: Remove %ebx handling from error_entry/exit
  x86/entry: spell EBX register correctly in documentation
  net: bcmgenet: fix OF child-node lookup
  NFC: nfcmrvl_uart: fix OF child-node lookup
  of: add helper to lookup compatible child node
  tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset
  powerpc/numa: Suppress "VPHN is not supported" messages
  kdb: Use strscpy with destination buffer size
  SUNRPC: Fix a bogus get/put in generic_key_to_expire()
  cpufreq: imx6q: add return value check for voltage scale
  KVM: PPC: Move and undef TRACE_INCLUDE_PATH/FILE
  usb: xhci: Prevent bus suspend if a port connect change or polling state is detected
  can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb
  can: dev: __can_get_echo_skb(): Don't crash the kernel if can_priv::echo_skb is accessed out of bounds
  can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length
  can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb()
  drm/ast: fixed cursor may disappear sometimes
  drm/ast: change resolution may cause screen blurred
  llc: do not use sk_eat_skb()
  gfs2: Don't leave s_fs_info pointing to freed memory in init_sbd
  sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer
  bfs: add sanity check at bfs_fill_super()
  v9fs_dir_readdir: fix double-free on p9stat_read error
  iwlwifi: mvm: support sta_statistics() even on older firmware
  MAINTAINERS: Add Sasha as a stable branch maintainer
  usb: xhci: fix timeout for transition from RExit to U0
  usb: core: Fix hub port connection events lost
  ANDROID: arm64 defconfig / build config for cuttlefish
  ANDROID: Kbuild, LLVMLinux: allow overriding clang target triple
  Revert "ANDROID: Kbuild, LLVMLinux: allow overriding clang target triple"
  ANDROID: sdcardfs: Add option to not link obb
  ANDROID: sdcardfs: Add sandbox
  UPSTREAM: seccomp: Fix tracer exit notifications during fatal signals
  UPSTREAM: arm64/ptrace: run seccomp after ptrace
  UPSTREAM: arm/ptrace: run seccomp after ptrace
  BACKPORT: x86/ptrace: run seccomp after ptrace
  UPSTREAM: seccomp: recheck the syscall after RET_TRACE
  UPSTREAM: seccomp: remove 2-phase API
  BACKPORT: x86/entry: Get rid of two-phase syscall entry work
  BACKPORT: seccomp: Add a seccomp_data parameter secure_computing()
  BACKPORT: x86/entry/64: Always run ptregs-using syscalls on the slow path
  UPSTREAM: x86/syscalls: Add syscall entry qualifiers
  UPSTREAM: x86/syscalls: Move compat syscall entry handling into syscalltbl.sh
  UPSTREAM: x86/syscalls: Remove __SYSCALL_COMMON and __SYSCALL_X32
  UPSTREAM: x86/syscalls: Refactor syscalltbl.sh
  Makefile: Tidy up 4.4.165 merge

Conflicts:
	drivers/scsi/ufs/ufshcd.c

Change-Id: I18bf85f3f24b37e8bb0839bd43eba65cc7eafc64
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>

1 files changed, 60 insertions, 88 deletions

diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index 9a9203b15cde..a39f81c7e87a 100644
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -175,7 +175,7 @@ static int seccomp_check_filter(struct sock_filter *filter, unsigned int flen)
  *
  * Returns valid seccomp BPF response codes.
  */
-static u32 seccomp_run_filters(struct seccomp_data *sd)
+static u32 seccomp_run_filters(const struct seccomp_data *sd)
 {
 	struct seccomp_data sd_local;
 	u32 ret = SECCOMP_RET_ALLOW;
@@ -579,20 +579,10 @@ void secure_computing_strict(int this_syscall)
 		BUG();
 }
 #else
-int __secure_computing(void)
-{
-	u32 phase1_result = seccomp_phase1(NULL);
-
-	if (likely(phase1_result == SECCOMP_PHASE1_OK))
-		return 0;
-	else if (likely(phase1_result == SECCOMP_PHASE1_SKIP))
-		return -1;
-	else
-		return seccomp_phase2(phase1_result);
-}
 
 #ifdef CONFIG_SECCOMP_FILTER
-static u32 __seccomp_phase1_filter(int this_syscall, struct seccomp_data *sd)
+static int __seccomp_filter(int this_syscall, const struct seccomp_data *sd,
+			    const bool recheck_after_trace)
 {
 	u32 filter_ret, action;
 	int data;
@@ -624,10 +614,50 @@ static u32 __seccomp_phase1_filter(int this_syscall, struct seccomp_data *sd)
 		goto skip;
 
 	case SECCOMP_RET_TRACE:
-		return filter_ret;  /* Save the rest for phase 2. */
+		/* We've been put in this state by the ptracer already. */
+		if (recheck_after_trace)
+			return 0;
+
+		/* ENOSYS these calls if there is no tracer attached. */
+		if (!ptrace_event_enabled(current, PTRACE_EVENT_SECCOMP)) {
+			syscall_set_return_value(current,
+						 task_pt_regs(current),
+						 -ENOSYS, 0);
+			goto skip;
+		}
+
+		/* Allow the BPF to provide the event message */
+		ptrace_event(PTRACE_EVENT_SECCOMP, data);
+		/*
+		 * The delivery of a fatal signal during event
+		 * notification may silently skip tracer notification,
+		 * which could leave us with a potentially unmodified
+		 * syscall that the tracer would have liked to have
+		 * changed. Since the process is about to die, we just
+		 * force the syscall to be skipped and let the signal
+		 * kill the process and correctly handle any tracer exit
+		 * notifications.
+		 */
+		if (fatal_signal_pending(current))
+			goto skip;
+		/* Check if the tracer forced the syscall to be skipped. */
+		this_syscall = syscall_get_nr(current, task_pt_regs(current));
+		if (this_syscall < 0)
+			goto skip;
+
+		/*
+		 * Recheck the syscall, since it may have changed. This
+		 * intentionally uses a NULL struct seccomp_data to force
+		 * a reload of all registers. This does not goto skip since
+		 * a skip would have already been reported.
+		 */
+		if (__seccomp_filter(this_syscall, NULL, true))
+			return -1;
+
+		return 0;
 
 	case SECCOMP_RET_ALLOW:
-		return SECCOMP_PHASE1_OK;
+		return 0;
 
 	case SECCOMP_RET_KILL:
 	default:
@@ -639,96 +669,38 @@ static u32 __seccomp_phase1_filter(int this_syscall, struct seccomp_data *sd)
 
 skip:
 	audit_seccomp(this_syscall, 0, action);
-	return SECCOMP_PHASE1_SKIP;
+	return -1;
+}
+#else
+static int __seccomp_filter(int this_syscall, const struct seccomp_data *sd,
+			    const bool recheck_after_trace)
+{
+	BUG();
 }
 #endif
 
-/**
- * seccomp_phase1() - run fast path seccomp checks on the current syscall
- * @arg sd: The seccomp_data or NULL
- *
- * This only reads pt_regs via the syscall_xyz helpers.  The only change
- * it will make to pt_regs is via syscall_set_return_value, and it will
- * only do that if it returns SECCOMP_PHASE1_SKIP.
- *
- * If sd is provided, it will not read pt_regs at all.
- *
- * It may also call do_exit or force a signal; these actions must be
- * safe.
- *
- * If it returns SECCOMP_PHASE1_OK, the syscall passes checks and should
- * be processed normally.
- *
- * If it returns SECCOMP_PHASE1_SKIP, then the syscall should not be
- * invoked.  In this case, seccomp_phase1 will have set the return value
- * using syscall_set_return_value.
- *
- * If it returns anything else, then the return value should be passed
- * to seccomp_phase2 from a context in which ptrace hooks are safe.
- */
-u32 seccomp_phase1(struct seccomp_data *sd)
+int __secure_computing(const struct seccomp_data *sd)
 {
 	int mode = current->seccomp.mode;
-	int this_syscall = sd ? sd->nr :
-		syscall_get_nr(current, task_pt_regs(current));
+	int this_syscall;
 
 	if (config_enabled(CONFIG_CHECKPOINT_RESTORE) &&
 	    unlikely(current->ptrace & PT_SUSPEND_SECCOMP))
-		return SECCOMP_PHASE1_OK;
+		return 0;
+
+	this_syscall = sd ? sd->nr :
+		syscall_get_nr(current, task_pt_regs(current));
 
 	switch (mode) {
 	case SECCOMP_MODE_STRICT:
 		__secure_computing_strict(this_syscall);  /* may call do_exit */
-		return SECCOMP_PHASE1_OK;
-#ifdef CONFIG_SECCOMP_FILTER
+		return 0;
 	case SECCOMP_MODE_FILTER:
-		return __seccomp_phase1_filter(this_syscall, sd);
-#endif
+		return __seccomp_filter(this_syscall, sd, false);
 	default:
 		BUG();
 	}
 }
-
-/**
- * seccomp_phase2() - finish slow path seccomp work for the current syscall
- * @phase1_result: The return value from seccomp_phase1()
- *
- * This must be called from a context in which ptrace hooks can be used.
- *
- * Returns 0 if the syscall should be processed or -1 to skip the syscall.
- */
-int seccomp_phase2(u32 phase1_result)
-{
-	struct pt_regs *regs = task_pt_regs(current);
-	u32 action = phase1_result & SECCOMP_RET_ACTION;
-	int data = phase1_result & SECCOMP_RET_DATA;
-
-	BUG_ON(action != SECCOMP_RET_TRACE);
-
-	audit_seccomp(syscall_get_nr(current, regs), 0, action);
-
-	/* Skip these calls if there is no tracer. */
-	if (!ptrace_event_enabled(current, PTRACE_EVENT_SECCOMP)) {
-		syscall_set_return_value(current, regs,
-					 -ENOSYS, 0);
-		return -1;
-	}
-
-	/* Allow the BPF to provide the event message */
-	ptrace_event(PTRACE_EVENT_SECCOMP, data);
-	/*
-	 * The delivery of a fatal signal during event
-	 * notification may silently skip tracer notification.
-	 * Terminating the task now avoids executing a system
-	 * call that may not be intended.
-	 */
-	if (fatal_signal_pending(current))
-		do_exit(SIGSYS);
-	if (syscall_get_nr(current, regs) < 0)
-		return -1;  /* Explicit request to skip. */
-
-	return 0;
-}
 #endif /* CONFIG_HAVE_ARCH_SECCOMP_FILTER */
 
 long prctl_get_seccomp(void)