Merge 4.4.100 into android-4.4

Changes in 4.4.100
	media: imon: Fix null-ptr-deref in imon_probe
	media: dib0700: fix invalid dvb_detach argument
	ext4: fix data exposure after a crash
	KVM: x86: fix singlestepping over syscall
	bpf: don't let ldimm64 leak map addresses on unprivileged
	xen-blkback: don't leak stack data via response ring
	sctp: do not peel off an assoc from one netns to another one
	net: cdc_ether: fix divide by 0 on bad descriptors
	net: qmi_wwan: fix divide by 0 on bad descriptors
	arm: crypto: reduce priority of bit-sliced AES cipher
	Bluetooth: btusb: fix QCA Rome suspend/resume
	dmaengine: dmatest: warn user when dma test times out
	extcon: palmas: Check the parent instance to prevent the NULL
	fm10k: request reset when mbx->state changes
	ARM: dts: Fix compatible for ti81xx uarts for 8250
	ARM: dts: Fix am335x and dm814x scm syscon to probe children
	ARM: OMAP2+: Fix init for multiple quirks for the same SoC
	ARM: dts: Fix omap3 off mode pull defines
	ata: ATA_BMDMA should depend on HAS_DMA
	ata: SATA_HIGHBANK should depend on HAS_DMA
	ata: SATA_MV should depend on HAS_DMA
	drm/sti: sti_vtg: Handle return NULL error from devm_ioremap_nocache
	igb: reset the PHY before reading the PHY ID
	igb: close/suspend race in netif_device_detach
	igb: Fix hw_dbg logging in igb_update_flash_i210
	scsi: ufs-qcom: Fix module autoload
	scsi: ufs: add capability to keep auto bkops always enabled
	staging: rtl8188eu: fix incorrect ERROR tags from logs
	scsi: lpfc: Add missing memory barrier
	scsi: lpfc: FCoE VPort enable-disable does not bring up the VPort
	scsi: lpfc: Correct host name in symbolic_name field
	scsi: lpfc: Correct issue leading to oops during link reset
	scsi: lpfc: Clear the VendorVersion in the PLOGI/PLOGI ACC payload
	ALSA: vx: Don't try to update capture stream before running
	ALSA: vx: Fix possible transfer overflow
	backlight: lcd: Fix race condition during register
	backlight: adp5520: Fix error handling in adp5520_bl_probe()
	gpu: drm: mgag200: mgag200_main:- Handle error from pci_iomap
	ALSA: hda/realtek - Add new codec ID ALC299
	arm64: dts: NS2: reserve memory for Nitro firmware
	ixgbe: fix AER error handling
	ixgbe: handle close/suspend race with netif_device_detach/present
	ixgbe: Reduce I2C retry count on X550 devices
	ixgbe: add mask for 64 RSS queues
	ixgbe: do not disable FEC from the driver
	staging: rtl8712: fixed little endian problem
	MIPS: End asm function prologue macros with .insn
	mm: add PHYS_PFN, use it in __phys_to_pfn()
	MIPS: init: Ensure bootmem does not corrupt reserved memory
	MIPS: init: Ensure reserved memory regions are not added to bootmem
	MIPS: Netlogic: Exclude netlogic,xlp-pic code from XLR builds
	Revert "crypto: xts - Add ECB dependency"
	Revert "uapi: fix linux/rds.h userspace compilation errors"
	uapi: fix linux/rds.h userspace compilation error
	uapi: fix linux/rds.h userspace compilation errors
	USB: usbfs: compute urb->actual_length for isochronous
	USB: Add delay-init quirk for Corsair K70 LUX keyboards
	USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
	USB: serial: garmin_gps: fix I/O after failed probe and remove
	USB: serial: garmin_gps: fix memory leak on probe errors
	Linux 4.4.100

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>

1 files changed, 22 insertions, 30 deletions

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 8e526c6fd784..3ffd5900da5b 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -5095,6 +5095,8 @@ static void init_emulate_ctxt(struct kvm_vcpu *vcpu)
 	kvm_x86_ops->get_cs_db_l_bits(vcpu, &cs_db, &cs_l);
 
 	ctxt->eflags = kvm_get_rflags(vcpu);
+	ctxt->tf = (ctxt->eflags & X86_EFLAGS_TF) != 0;
+
 	ctxt->eip = kvm_rip_read(vcpu);
 	ctxt->mode = (!is_protmode(vcpu))		? X86EMUL_MODE_REAL :
 		     (ctxt->eflags & X86_EFLAGS_VM)	? X86EMUL_MODE_VM86 :
@@ -5315,37 +5317,26 @@ static int kvm_vcpu_check_hw_bp(unsigned long addr, u32 type, u32 dr7,
 	return dr6;
 }
 
-static void kvm_vcpu_check_singlestep(struct kvm_vcpu *vcpu, unsigned long rflags, int *r)
+static void kvm_vcpu_do_singlestep(struct kvm_vcpu *vcpu, int *r)
 {
 	struct kvm_run *kvm_run = vcpu->run;
 
-	/*
-	 * rflags is the old, "raw" value of the flags.  The new value has
-	 * not been saved yet.
-	 *
-	 * This is correct even for TF set by the guest, because "the
-	 * processor will not generate this exception after the instruction
-	 * that sets the TF flag".
-	 */
-	if (unlikely(rflags & X86_EFLAGS_TF)) {
-		if (vcpu->guest_debug & KVM_GUESTDBG_SINGLESTEP) {
-			kvm_run->debug.arch.dr6 = DR6_BS | DR6_FIXED_1 |
-						  DR6_RTM;
-			kvm_run->debug.arch.pc = vcpu->arch.singlestep_rip;
-			kvm_run->debug.arch.exception = DB_VECTOR;
-			kvm_run->exit_reason = KVM_EXIT_DEBUG;
-			*r = EMULATE_USER_EXIT;
-		} else {
-			vcpu->arch.emulate_ctxt.eflags &= ~X86_EFLAGS_TF;
-			/*
-			 * "Certain debug exceptions may clear bit 0-3.  The
-			 * remaining contents of the DR6 register are never
-			 * cleared by the processor".
-			 */
-			vcpu->arch.dr6 &= ~15;
-			vcpu->arch.dr6 |= DR6_BS | DR6_RTM;
-			kvm_queue_exception(vcpu, DB_VECTOR);
-		}
+	if (vcpu->guest_debug & KVM_GUESTDBG_SINGLESTEP) {
+		kvm_run->debug.arch.dr6 = DR6_BS | DR6_FIXED_1 | DR6_RTM;
+		kvm_run->debug.arch.pc = vcpu->arch.singlestep_rip;
+		kvm_run->debug.arch.exception = DB_VECTOR;
+		kvm_run->exit_reason = KVM_EXIT_DEBUG;
+		*r = EMULATE_USER_EXIT;
+	} else {
+		vcpu->arch.emulate_ctxt.eflags &= ~X86_EFLAGS_TF;
+		/*
+		 * "Certain debug exceptions may clear bit 0-3.  The
+		 * remaining contents of the DR6 register are never
+		 * cleared by the processor".
+		 */
+		vcpu->arch.dr6 &= ~15;
+		vcpu->arch.dr6 |= DR6_BS | DR6_RTM;
+		kvm_queue_exception(vcpu, DB_VECTOR);
 	}
 }
 
@@ -5500,8 +5491,9 @@ restart:
 		toggle_interruptibility(vcpu, ctxt->interruptibility);
 		vcpu->arch.emulate_regs_need_sync_to_vcpu = false;
 		kvm_rip_write(vcpu, ctxt->eip);
-		if (r == EMULATE_DONE)
-			kvm_vcpu_check_singlestep(vcpu, rflags, &r);
+		if (r == EMULATE_DONE &&
+		    (ctxt->tf || (vcpu->guest_debug & KVM_GUESTDBG_SINGLESTEP)))
+			kvm_vcpu_do_singlestep(vcpu, &r);
 		if (!ctxt->have_exception ||
 		    exception_type(ctxt->exception.vector) == EXCPT_TRAP)
 			__kvm_set_rflags(vcpu, ctxt->eflags);