Merge 4.4.130 into android-4.4

Changes in 4.4.130
	cifs: do not allow creating sockets except with SMB1 posix exensions
	x86/tsc: Prevent 32bit truncation in calc_hpet_ref()
	perf: Return proper values for user stack errors
	staging: ion : Donnot wakeup kswapd in ion system alloc
	r8152: add Linksys USB3GIGV1 id
	Input: drv260x - fix initializing overdrive voltage
	ath9k_hw: check if the chip failed to wake up
	jbd2: fix use after free in kjournald2()
	Revert "ath10k: send (re)assoc peer command when NSS changed"
	s390: introduce CPU alternatives
	s390: enable CPU alternatives unconditionally
	KVM: s390: wire up bpb feature
	s390: scrub registers on kernel entry and KVM exit
	s390: add optimized array_index_mask_nospec
	s390/alternative: use a copy of the facility bit mask
	s390: add options to change branch prediction behaviour for the kernel
	s390: run user space and KVM guests with modified branch prediction
	s390: introduce execute-trampolines for branches
	s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*)
	s390: do not bypass BPENTER for interrupt system calls
	s390/entry.S: fix spurious zeroing of r0
	s390: move nobp parameter functions to nospec-branch.c
	s390: add automatic detection of the spectre defense
	s390: report spectre mitigation via syslog
	s390: add sysfs attributes for spectre
	s390: correct nospec auto detection init order
	s390: correct module section names for expoline code revert
	bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave
	KEYS: DNS: limit the length of option strings
	l2tp: check sockaddr length in pppol2tp_connect()
	net: validate attribute sizes in neigh_dump_table()
	llc: delete timers synchronously in llc_sk_free()
	tcp: don't read out-of-bounds opsize
	team: avoid adding twice the same option to the event list
	team: fix netconsole setup over team
	packet: fix bitfield update race
	pppoe: check sockaddr length in pppoe_connect()
	vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
	sctp: do not check port in sctp_inet6_cmp_addr
	llc: hold llc_sap before release_sock()
	llc: fix NULL pointer deref for SOCK_ZAPPED
	tipc: add policy for TIPC_NLA_NET_ADDR
	net: fix deadlock while clearing neighbor proxy table
	tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
	net: af_packet: fix race in PACKET_{R|T}X_RING
	ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
	scsi: mptsas: Disable WRITE SAME
	cdrom: information leak in cdrom_ioctl_media_changed()
	s390/cio: update chpid descriptor after resource accessibility event
	s390/uprobes: implement arch_uretprobe_is_alive()
	Linux 4.4.130

Change-Id: I58646180c70ac61da3e2a602085760881d914eb5
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>

1 files changed, 6 insertions, 7 deletions

diff --git a/net/dns_resolver/dns_key.c b/net/dns_resolver/dns_key.c
index 6abc5012200b..e26df2764e83 100644
--- a/net/dns_resolver/dns_key.c
+++ b/net/dns_resolver/dns_key.c
@@ -25,6 +25,7 @@
 #include <linux/moduleparam.h>
 #include <linux/slab.h>
 #include <linux/string.h>
+#include <linux/ratelimit.h>
 #include <linux/kernel.h>
 #include <linux/keyctl.h>
 #include <linux/err.h>
@@ -91,9 +92,9 @@ dns_resolver_preparse(struct key_preparsed_payload *prep)
 
 			next_opt = memchr(opt, '#', end - opt) ?: end;
 			opt_len = next_opt - opt;
-			if (!opt_len) {
-				printk(KERN_WARNING
-				       "Empty option to dns_resolver key\n");
+			if (opt_len <= 0 || opt_len > 128) {
+				pr_warn_ratelimited("Invalid option length (%d) for dns_resolver key\n",
+						    opt_len);
 				return -EINVAL;
 			}
 
@@ -127,10 +128,8 @@ dns_resolver_preparse(struct key_preparsed_payload *prep)
 			}
 
 		bad_option_value:
-			printk(KERN_WARNING
-			       "Option '%*.*s' to dns_resolver key:"
-			       " bad/missing value\n",
-			       opt_nlen, opt_nlen, opt);
+			pr_warn_ratelimited("Option '%*.*s' to dns_resolver key: bad/missing value\n",
+					    opt_nlen, opt_nlen, opt);
 			return -EINVAL;
 		} while (opt = next_opt + 1, opt < end);
 	}