November 2022 - Linux-stable-mirror

[PATCH 4/9] KVM: x86: forcibly leave nested mode on vCPU reset

by Maxim Levitsky

While not obivous, kvm_vcpu_reset() leaves the nested mode by clearing 'vcpu->arch.hflags' but it does so without all the required housekeeping. On SVM, it is possible to have a vCPU reset while in guest mode because unlike VMX, on SVM, INIT's are not latched in SVM non root mode and in addition to that L1 doesn't have to intercept triple fault, which should also trigger L1's reset if happens in L2 while L1 didn't intercept it. If one of the above conditions happen, KVM will continue to use vmcb02 while not having in the guest mode. Later the IA32_EFER will be cleared which will lead to freeing of the nested guest state which will (correctly) free the vmcb02, but since KVM still uses it (incorrectly) this will lead to a use after free and kernel crash. This issue is assigned CVE-2022-3344 Cc: stable(a)vger.kernel.org Signed-off-by: Maxim Levitsky <mlevitsk(a)redhat.com> --- arch/x86/kvm/x86.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 316ab1d5317f92..3fd900504e683b 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -11694,8 +11694,18 @@ void kvm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event) WARN_ON_ONCE(!init_event && (old_cr0 || kvm_read_cr3(vcpu) || kvm_read_cr4(vcpu))); + /* + * SVM doesn't unconditionally VM-Exit on INIT and SHUTDOWN, thus it's + * possible to INIT the vCPU while L2 is active. Force the vCPU back + * into L1 as EFER.SVME is cleared on INIT (along with all other EFER + * bits), i.e. virtualization is disabled. + */ + if (is_guest_mode(vcpu)) + kvm_leave_nested(vcpu); + kvm_lapic_reset(vcpu, init_event); + WARN_ON_ONCE(is_guest_mode(vcpu) || is_smm(vcpu)); vcpu->arch.hflags = 0; vcpu->arch.smi_pending = 0; -- 2.34.3

3 years, 1 month

1
0
0 0

[PATCH 3/9] KVM: x86: add kvm_leave_nested

by Maxim Levitsky

add kvm_leave_nested which wraps a call to nested_ops->leave_nested into a function. Cc: stable(a)vger.kernel.org Signed-off-by: Maxim Levitsky <mlevitsk(a)redhat.com> --- arch/x86/kvm/svm/nested.c | 3 --- arch/x86/kvm/vmx/nested.c | 3 --- arch/x86/kvm/x86.c | 8 +++++++- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index b74da40c1fc40c..bcc4f6620f8aec 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1147,9 +1147,6 @@ void svm_free_nested(struct vcpu_svm *svm) svm->nested.initialized = false; } -/* - * Forcibly leave nested mode in order to be able to reset the VCPU later on. - */ void svm_leave_nested(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 61a2e551640a08..1ebe141a0a015f 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -6441,9 +6441,6 @@ static int vmx_get_nested_state(struct kvm_vcpu *vcpu, return kvm_state.size; } -/* - * Forcibly leave nested mode in order to be able to reset the VCPU later on. - */ void vmx_leave_nested(struct kvm_vcpu *vcpu) { if (is_guest_mode(vcpu)) { diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index cd9eb13e2ed7fc..316ab1d5317f92 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -627,6 +627,12 @@ static void kvm_queue_exception_vmexit(struct kvm_vcpu *vcpu, unsigned int vecto ex->payload = payload; } +/* Forcibly leave the nested mode in cases like a vCPU reset */ +static void kvm_leave_nested(struct kvm_vcpu *vcpu) +{ + kvm_x86_ops.nested_ops->leave_nested(vcpu); +} + static void kvm_multiple_exception(struct kvm_vcpu *vcpu, unsigned nr, bool has_error, u32 error_code, bool has_payload, unsigned long payload, bool reinject) @@ -5193,7 +5199,7 @@ static int kvm_vcpu_ioctl_x86_set_vcpu_events(struct kvm_vcpu *vcpu, if (events->flags & KVM_VCPUEVENT_VALID_SMM) { #ifdef CONFIG_KVM_SMM if (!!(vcpu->arch.hflags & HF_SMM_MASK) != events->smi.smm) { - kvm_x86_ops.nested_ops->leave_nested(vcpu); + kvm_leave_nested(vcpu); kvm_smm_changed(vcpu, events->smi.smm); } -- 2.34.3

3 years, 1 month

1
0
0 0

[PATCH 2/9] KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use

by Maxim Levitsky

Make sure that KVM uses vmcb01 before freeing nested state, and warn if that is not the case. This is a minimal fix for CVE-2022-3344 making the kernel print a warning instead of a kernel panic. Cc: stable(a)vger.kernel.org Signed-off-by: Maxim Levitsky <mlevitsk(a)redhat.com> --- arch/x86/kvm/svm/nested.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index b258d6988f5dde..b74da40c1fc40c 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1126,6 +1126,9 @@ void svm_free_nested(struct vcpu_svm *svm) if (!svm->nested.initialized) return; + if (WARN_ON_ONCE(svm->vmcb != svm->vmcb01.ptr)) + svm_switch_vmcb(svm, &svm->vmcb01); + svm_vcpu_free_msrpm(svm->nested.msrpm); svm->nested.msrpm = NULL; -- 2.34.3

3 years, 1 month

1
0
0 0

[PATCH 1/9] KVM: x86: nSVM: leave nested mode on vCPU free

by Maxim Levitsky

If the VM was terminated while nested, we free the nested state while the vCPU still is in nested mode. Soon a warning will be added for this condition. Cc: stable(a)vger.kernel.org Signed-off-by: Maxim Levitsky <mlevitsk(a)redhat.com> --- arch/x86/kvm/svm/svm.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index d22a809d923339..e9cec1b692051c 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1440,6 +1440,7 @@ static void svm_vcpu_free(struct kvm_vcpu *vcpu) */ svm_clear_current_vmcb(svm->vmcb); + svm_leave_nested(vcpu); svm_free_nested(svm); sev_free_vcpu(vcpu); -- 2.34.3

3 years, 1 month

1
0
0 0

[PATCH 6.0 000/240] 6.0.7-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.0.7 release. There are 240 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 04 Nov 2022 02:20:38 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.0.7-rc1.… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.0.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.0.7-rc1 Kuniyuki Iwashima <kuniyu(a)amazon.com> tcp/udp: Fix memory leak in ipv6_renew_options(). D Scott Phillips <scott(a)os.amperecomputing.com> arm64: Add AMPERE1 to the Spectre-BHB affected list Conor Dooley <conor.dooley(a)microchip.com> riscv: fix detection of toolchain Zihintpause support Conor Dooley <conor.dooley(a)microchip.com> riscv: fix detection of toolchain Zicbom support Qinglin Pan <panqinglin2020(a)iscas.ac.cn> riscv: mm: add missing memcpy in kasan_init Vladimir Oltean <vladimir.oltean(a)nxp.com> net: enetc: survive memory pressure without crashing Eric Dumazet <edumazet(a)google.com> kcm: do not sense pfmemalloc status in kcm_sendpage() Eric Dumazet <edumazet(a)google.com> net: do not sense pfmemalloc status in skb_append_pagefrags() Suresh Devarakonda <ramad(a)nvidia.com> net/mlx5: Fix crash during sync firmware reset Roy Novich <royno(a)nvidia.com> net/mlx5: Update fw fatal reporter state on PCI handlers successful recover Ariel Levkovich <lariel(a)nvidia.com> net/mlx5e: TC, Reject forwarding from internal port to internal port Tariq Toukan <tariqt(a)nvidia.com> net/mlx5: Fix possible use-after-free in async command interface Saeed Mahameed <saeedm(a)nvidia.com> net/mlx5: ASO, Create the ASO SQ with the correct timestamp format Paul Blakey <paulb(a)nvidia.com> net/mlx5e: Update restore chain id for slow path packets Aya Levin <ayal(a)nvidia.com> net/mlx5e: Extend SKB room check to include PTP-SQ Rongwei Liu <rongweil(a)nvidia.com> net/mlx5: DR, Fix matcher disconnect error flow Moshe Shemesh <moshe(a)nvidia.com> net/mlx5: Wait for firmware to enable CRS before pci_restore_state Hyong Youb Kim <hyonkim(a)cisco.com> net/mlx5e: Do not increment ESN when updating IPsec ESN state Zhengchao Shao <shaozhengchao(a)huawei.com> netdevsim: remove dir in nsim_dev_debugfs_init() when creating ports dir failed Zhengchao Shao <shaozhengchao(a)huawei.com> netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed Zhengchao Shao <shaozhengchao(a)huawei.com> netdevsim: fix memory leak in nsim_bus_dev_new() Rafał Miłecki <rafal(a)milecki.pl> net: broadcom: bcm4908_enet: update TX stats after actual transmission Nicolas Dichtel <nicolas.dichtel(a)6wind.com> nh: fix scope used to find saddr when adding non gw nh Florian Fainelli <f.fainelli(a)gmail.com> net: bcmsysport: Indicate MAC is in charge of PHY PM Yang Yingliang <yangyingliang(a)huawei.com> net: ehea: fix possible memory leak in ehea_register_port() Aaron Conole <aconole(a)redhat.com> openvswitch: switch from WARN to pr_warn Takashi Iwai <tiwai(a)suse.de> ALSA: aoa: Fix I2S device accounting Yang Yingliang <yangyingliang(a)huawei.com> ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() Kunihiko Hayashi <hayashi.kunihiko(a)socionext.com> net: ethernet: ave: Fix MAC to be in charge of PHY PM Juergen Borleis <jbe(a)pengutronix.de> net: fec: limit register access on i.MX6UL Shang XiaoJing <shangxiaojing(a)huawei.com> perf vendor events arm64: Fix incorrect Hisi hip08 L3 metrics Sudeep Holla <sudeep.holla(a)arm.com> PM: domains: Fix handling of unavailable/disabled idle states Jisheng Zhang <jszhang(a)kernel.org> riscv: jump_label: mark arguments as const to satisfy asm constraints Yang Yingliang <yangyingliang(a)huawei.com> net: ksz884x: fix missing pci_disable_device() on error in pcidev_init() Slawomir Laba <slawomirx.laba(a)intel.com> i40e: Fix flow-type by setting GL_HASH_INSET registers Sylwester Dziedziuch <sylwesterx.dziedziuch(a)intel.com> i40e: Fix VF hang when reset is triggered on another VF Slawomir Laba <slawomirx.laba(a)intel.com> i40e: Fix ethtool rx-flow-hash setting for X722 Eric Dumazet <edumazet(a)google.com> ipv6: ensure sane device mtu in tunnels Thomas Richter <tmricht(a)linux.ibm.com> perf list: Fix PMU name pai_crypto in perf list on s390 Kajol Jain <kjain(a)linux.ibm.com> perf vendor events power10: Fix hv-24x7 metric events Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vivid: set num_in/outputs to 0 if not supported Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: v4l2-dv-timings: add sanity checks for blanking values Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vivid: dev->bitmap_cap wasn't freed in all cases Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vivid: s_fbuf: add more sanity checks Mario Limonciello <mario.limonciello(a)amd.com> PM: hibernate: Allow hybrid sleep to work with s2idle Dongliang Mu <dzm91(a)hust.edu.cn> can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in error path Dongliang Mu <dzm91(a)hust.edu.cn> can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path Paolo Abeni <pabeni(a)redhat.com> mptcp: set msk local address earlier Horatiu Vultur <horatiu.vultur(a)microchip.com> net: lan966x: Stop replacing tx dcbs and dcbs_buf when changing MTU Rafael Mendonca <rafaelmendsr(a)gmail.com> drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() Jakub Kicinski <kuba(a)kernel.org> net-memcg: avoid stalls when under memory pressure Neal Cardwell <ncardwell(a)google.com> tcp: fix indefinite deferral of RTO with SACK reneging Lu Wei <luwei32(a)huawei.com> tcp: fix a signed-integer-overflow bug in tcp_add_backlog() Zhang Changzhong <zhangchangzhong(a)huawei.com> net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY Zhengchao Shao <shaozhengchao(a)huawei.com> net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed Eric Dumazet <edumazet(a)google.com> kcm: annotate data-races around kcm->rx_wait Eric Dumazet <edumazet(a)google.com> kcm: annotate data-races around kcm->rx_psock Íñigo Huguet <ihuguet(a)redhat.com> atlantic: fix deadlock at aq_nic_stop Ankit Nautiyal <ankit.k.nautiyal(a)intel.com> drm/i915/dp: Reset frl trained flag before restarting FRL training Anshuman Gupta <anshuman.gupta(a)intel.com> drm/i915/dgfx: Keep PCI autosuspend control 'on' by default on all dGPU Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: add the bit rate quirk for Molex cables Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: fix the SFP compliance codes check for DAC cables Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: Yellow carp devices do not need rrc Chang S. Bae <chang.seok.bae(a)intel.com> x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly Douglas Anderson <dianders(a)chromium.org> drm/bridge: ps8640: Add back the 50 ms mystery delay after HPD Chen Zhongjin <chenzhongjin(a)huawei.com> x86/unwind/orc: Fix unreliable stack dump with gcov Anup Patel <apatel(a)ventanamicro.com> RISC-V: KVM: Fix kvm_riscv_vcpu_timer_pending() for Sstc Andrew Jones <ajones(a)ventanamicro.com> RISC-V: Fix compilation without RISCV_ISA_ZICBOM Andrew Jones <ajones(a)ventanamicro.com> RISC-V: KVM: Provide UAPI for Zicbom block size Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: virtual_ncidev: Fix memory leak in virtual_nci_send() Sergiu Moga <sergiu.moga(a)microchip.com> net: macb: Specify PHY PM management done by MAC Zhengchao Shao <shaozhengchao(a)huawei.com> net: hinic: fix the issue of double release MBOX callback of VF Zhengchao Shao <shaozhengchao(a)huawei.com> net: hinic: fix the issue of CMDQ memory leaks Zhengchao Shao <shaozhengchao(a)huawei.com> net: hinic: fix memory leak when reading function table Zhengchao Shao <shaozhengchao(a)huawei.com> net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg() Benjamin Poirier <bpoirier(a)nvidia.com> selftests: net: Fix netdev name mismatch in cleanup Benjamin Poirier <bpoirier(a)nvidia.com> selftests: net: Fix cross-tree inclusion of scripts Horatiu Vultur <horatiu.vultur(a)microchip.com> net: lan966x: Fix the rx drop counter Yang Yingliang <yangyingliang(a)huawei.com> net: netsec: fix error handling in netsec_register_mdio() Xin Long <lucien.xin(a)gmail.com> tipc: fix a null-ptr-deref in tipc_topsrv_accept Paul E. McKenney <paulmck(a)kernel.org> rcu: Keep synchronize_rcu() from enabling irqs in early boot Maxim Levitsky <mlevitsk(a)redhat.com> perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of clear_cpu_cap() Yang Yingliang <yangyingliang(a)huawei.com> ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: SOF: Intel: pci-tgl: fix ADL-N descriptor Kai Vehmanen <kai.vehmanen(a)linux.intel.com> ASoC: SOF: Intel: pci-tgl: use RPL specific firmware definitions Kai Vehmanen <kai.vehmanen(a)linux.intel.com> ASoC: Intel: common: add ACPI matching tables for Raptor Lake Srinivasa Rao Mandadapu <quic_srivasam(a)quicinc.com> ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile Cédric Le Goater <clg(a)kaod.org> spi: aspeed: Fix window offset of CE1 Sven Schnelle <svens(a)linux.ibm.com> selftests/ftrace: fix dynamic_events dependency check Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: SOF: Intel: pci-mtl: fix firmware name Geert Uytterhoeven <geert(a)linux-m68k.org> ASoC: codecs: tlv320adc3xxx: Wrap adc3xxx_i2c_remove() in __exit_p() Horatiu Vultur <horatiu.vultur(a)microchip.com> pinctrl: ocelot: Fix incorrect trigger of the interrupt. Yang Yingliang <yangyingliang(a)huawei.com> mtd: rawnand: intel: Add missing of_node_put() in ebu_nand_probe() Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> mtd: rawnand: intel: Use devm_platform_ioremap_resource_byname() Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> mtd: rawnand: intel: Remove unused nand_pa member from ebu_nand_cs Rafał Miłecki <rafal(a)milecki.pl> mtd: core: add missing of_node_get() in dynamic partitions code Randy Dunlap <rdunlap(a)infradead.org> arc: iounmap() arg is volatile Stanislav Fomichev <sdf(a)google.com> bpf: prevent decl_tag from being referenced in func_proto Lin Shengwang <linshengwang1(a)huawei.com> sched/core: Fix comparison in sched_group_cookie_match() Peter Zijlstra <peterz(a)infradead.org> perf: Fix missing SIGTRAPs Chang S. Bae <chang.seok.bae(a)intel.com> x86/fpu: Exclude dynamic states from init_fpstate Chang S. Bae <chang.seok.bae(a)intel.com> x86/fpu: Fix the init_fpstate size check with the actual size Chang S. Bae <chang.seok.bae(a)intel.com> x86/fpu: Configure init_fpstate attributes orderly Robert Marko <robert.marko(a)sartura.hr> spi: qup: support using GPIO as chip select line Douglas Anderson <dianders(a)chromium.org> pinctrl: qcom: Avoid glitching lines when we first mux to output Gao Xiang <xiang(a)kernel.org> erofs: fix up inplace decompression success rate Yue Hu <huyue2(a)coolpad.com> erofs: fix illegal unmapped accesses in z_erofs_fill_inode_lazy() Rob Clark <robdclark(a)chromium.org> drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage Srinivasa Rao Mandadapu <quic_srivasam(a)quicinc.com> ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile Gavin Shan <gshan(a)redhat.com> KVM: selftests: Fix number of pages for memory slot in memslot_modification_stress_test Randy Dunlap <rdunlap(a)infradead.org> ASoC: codec: tlv320adc3xxx: add GPIOLIB dependency Kuogee Hsieh <quic_khsieh(a)quicinc.com> drm/msm/dp: cleared DP_DOWNSPREAD_CTRL register before start link training Nathan Huckleberry <nhuck(a)google.com> drm/msm: Fix return type of mdp4_lvds_connector_mode_valid Kuogee Hsieh <quic_khsieh(a)quicinc.com> drm/msm/dp: add atomic_check to bridge ops Akhil P Oommen <quic_akhilpo(a)quicinc.com> drm/msm/a6xx: Replace kcalloc() with kvzalloc() Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> media: cedrus: Add a Kconfig dependency on RESET_CONTROLLER Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> media: sun8i-rotate: Add a Kconfig dependency on RESET_CONTROLLER Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> media: sun8i-di: Add a Kconfig dependency on RESET_CONTROLLER Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> media: sun4i-csi: Add a Kconfig dependency on RESET_CONTROLLER Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> media: sun6i-csi: Add a Kconfig dependency on RESET_CONTROLLER Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> media: sun8i-a83t-mipi-csi2: Add a Kconfig dependency on RESET_CONTROLLER Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> media: sun6i-mipi-csi2: Add a Kconfig dependency on RESET_CONTROLLER Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: sunxi: Fix some error handling path of sun6i_mipi_csi2_probe() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: sunxi: Fix some error handling path of sun8i_a83t_mipi_csi2_probe() Dan Carpenter <dan.carpenter(a)oracle.com> media: atomisp: prevent integer overflow in sh_css_set_black_frame() Sakari Ailus <sakari.ailus(a)linux.intel.com> media: sun6i-mipi-csi2: Depend on PHY_SUN6I_MIPI_DPHY Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: ov8865: Fix an error handling path in ov8865_probe() Sakari Ailus <sakari.ailus(a)linux.intel.com> media: ar0521: Fix return value check in writing initial registers Yang Yingliang <yangyingliang(a)huawei.com> media: ar0521: fix error return code in ar0521_power_on() Alexander Stein <alexander.stein(a)ew.tq-group.com> media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation Ming Qian <ming.qian(a)nxp.com> media: amphion: release m2m ctx when releasing vpu instance Wei Yongjun <weiyongjun1(a)huawei.com> net: ieee802154: fix error return code in dgram_bind() Nicholas Piggin <npiggin(a)gmail.com> powerpc/64s/interrupt: Fix clear of PACA_IRQS_HARD_DIS when returning to soft-masked context Manank Patel <pmanank200502(a)gmail.com> ACPI: PCC: Fix unintentional integer overflow Michał Mirosław <mirq-linux(a)rere.qmqm.pl> fbdev/core: Avoid uninitialized read in aperture_remove_conflicting_pci_device() Xin Long <lucien.xin(a)gmail.com> ethtool: eeprom: fix null-deref on genl_info in dump Heiko Carstens <hca(a)linux.ibm.com> s390/pci: add missing EX_TABLE entries to __pcistg_mio_inuser()/__pcilg_mio_inuser() Heiko Carstens <hca(a)linux.ibm.com> s390/futex: add missing EX_TABLE entry to __futex_atomic_op() Heiko Carstens <hca(a)linux.ibm.com> s390/uaccess: add missing EX_TABLE entries to __clear_user() Peter Oberparleiter <oberpar(a)linux.ibm.com> s390/cio: fix out-of-bounds access on cio_ignore free Peter Oberparleiter <oberpar(a)linux.ibm.com> s390/boot: add secure boot trailer Adrian Hunter <adrian.hunter(a)intel.com> perf auxtrace: Fix address filter symbol name match for modules Pavel Kozlov <pavel.kozlov(a)synopsys.com> ARC: mm: fix leakage of memory allocated for PTE Sai Krishna Potthuri <sai.krishna.potthuri(a)amd.com> Revert "pinctrl: pinctrl-zynqmp: Add support for output-enable and bias-high-impedance" Siarhei Volkau <lis8215(a)gmail.com> pinctrl: Ingenic: JZ4755 bug fixes Sai Krishna Potthuri <sai.krishna.potthuri(a)amd.com> Revert "dt-bindings: pinctrl-zynqmp: Add output-enable configuration" Christian A. Ehrhardt <lk(a)c--e.de> kernfs: fix use-after-free in __kernfs_remove Hugh Dickins <hughd(a)google.com> mm: prep_compound_tail() clear page->private Mel Gorman <mgorman(a)techsingularity.net> mm/huge_memory: do not clobber swp_entry_t during THP split Waiman Long <longman(a)redhat.com> mm/kmemleak: prevent soft lockup in kmemleak_scan()'s object iteration loops Rik van Riel <riel(a)surriel.com> mm,madvise,hugetlb: fix unexpected data loss with MADV_DONTNEED on hugetlbfs Baolin Wang <baolin.wang(a)linux.alibaba.com> mm: migrate: fix return value if all subpages of THPs are migrated successfully Peter Xu <peterx(a)redhat.com> mm/uffd: fix vma check on userfault for wp William Breathitt Gray <william.gray(a)linaro.org> counter: 104-quad-8: Fix race getting function mode and direction William Breathitt Gray <william.gray(a)linaro.org> counter: microchip-tcb-capture: Handle Signal1 read and Synapse Sascha Hauer <s.hauer(a)pengutronix.de> mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus Patrick Thompson <ptf(a)google.com> mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake Vincent Whitchurch <vincent.whitchurch(a)axis.com> mmc: core: Fix WRITE_ZEROES CQE handling Matthew Ma <mahongwei(a)zeku.com> mmc: core: Fix kernel panic when remove non-standard SDIO card Christian Löhle <CLoehle(a)hyperstone.com> mmc: queue: Cancel recovery work on cleanup Christian Löhle <CLoehle(a)hyperstone.com> mmc: block: Remove error check of hw_reset on reset Brian Norris <briannorris(a)chromium.org> mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO James Clark <james.clark(a)arm.com> coresight: cti: Fix hang in cti_disable_hw() Jean-Philippe Brucker <jean-philippe(a)linaro.org> random: use arch_get_random*_early() in random_init() Nathan Huckleberry <nhuck(a)google.com> crypto: x86/polyval - Fix crashes when keys are not 16-byte aligned Johan Hovold <johan+linaro(a)kernel.org> drm/msm/dp: fix bridge lifetime Johan Hovold <johan+linaro(a)kernel.org> drm/msm/dp: fix IRQ lifetime Johan Hovold <johan+linaro(a)kernel.org> drm/msm/dp: fix aux-bus EP lifetime Johan Hovold <johan+linaro(a)kernel.org> drm/msm/dp: fix memory corruption with too many bridges Johan Hovold <johan+linaro(a)kernel.org> drm/msm/hdmi: fix IRQ lifetime Johan Hovold <johan+linaro(a)kernel.org> drm/msm/hdmi: fix memory corruption with too many bridges Johan Hovold <johan+linaro(a)kernel.org> drm/msm/dsi: fix memory corruption with too many bridges Johan Hovold <johan+linaro(a)kernel.org> drm/msm: fix use-after-free on probe deferral Jesse Zhang <jesse.zhang(a)amd.com> drm/amdkfd: correct the cache info for gfx1036 Prike Liang <Prike.Liang(a)amd.com> drm/amdkfd: update gfx1037 Lx cache setting Joaquín Ignacio Aramendía <samsagax(a)gmail.com> drm/amd/display: Revert logic for plane modifiers Chengming Gui <Jack.Gui(a)amd.com> drm/amdgpu: fix pstate setting issue Prike Liang <Prike.Liang(a)amd.com> drm/amdgpu: disallow gfxoff until GC IP blocks complete s2idle resume Lijo Lazar <lijo.lazar(a)amd.com> drm/amdgpu: Remove ATC L2 access for MMHUB 2.1.x José Roberto de Souza <jose.souza(a)intel.com> drm/i915: Extend Wa_1607297627 to Alderlake-P Arunpravin Paneer Selvam <Arunpravin.PaneerSelvam(a)amd.com> drm/amdgpu: Fix for BO move issue Arunpravin Paneer Selvam <Arunpravin.PaneerSelvam(a)amd.com> drm/amdgpu: Fix VRAM BO swap issue Manish Rangankar <mrangankar(a)marvell.com> scsi: qla2xxx: Use transport-defined speed mask for supported_speeds Miquel Raynal <miquel.raynal(a)bootlin.com> mac802154: Fix LQI recording Bernd Edlinger <bernd.edlinger(a)hotmail.de> exec: Copy oldsighand->action under spin-lock Li Zetao <lizetao1(a)huawei.com> fs/binfmt_elf: Fix memory leak in load_elf_binary() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: intel_pstate: hybrid: Use known scaling factor for P-cores Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: intel_pstate: Read all MSRs on the target CPU Hyunwoo Kim <imv4bel(a)gmail.com> fbdev: smscufx: Fix several use-after-free bugs Helge Deller <deller(a)gmx.de> fbdev: stifb: Fall back to cfb_fillrect() on 32-bit HCRX cards Matti Vaittinen <mazziesaccount(a)gmail.com> iio: adxl367: Fix unsafe buffer attributes Matti Vaittinen <mazziesaccount(a)gmail.com> iio: adxl372: Fix unsafe buffer attributes Cosmin Tanislav <cosmin.tanislav(a)analog.com> iio: temperature: ltc2983: allocate iio channels once Shreeya Patel <shreeya.patel(a)collabora.com> iio: light: tsl2583: Fix module unloading Matti Vaittinen <mazziesaccount(a)gmail.com> tools: iio: iio_utils: fix digit calculation Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Remove device endpoints from bandwidth list when freeing the device Mario Limonciello <mario.limonciello(a)amd.com> xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Add quirk to reset host back to default state at shutdown Phillip Lougher <phillip(a)squashfs.org.uk> squashfs: fix buffer release race condition in readahead code Phillip Lougher <phillip(a)squashfs.org.uk> squashfs: fix extending readahead beyond end of file Phillip Lougher <phillip(a)squashfs.org.uk> squashfs: fix read regression introduced in readahead code Tony O'Brien <tony.obrien(a)alliedtelesis.co.nz> mtd: rawnand: marvell: Use correct logic for nand-keep-config Linus Walleij <linus.walleij(a)linaro.org> mtd: parsers: bcm47xxpart: Fix halfblock reads Mika Westerberg <mika.westerberg(a)linux.intel.com> mtd: spi-nor: core: Ignore -ENOTSUPP in spi_nor_init() Zhang Qilong <zhangqilong3(a)huawei.com> mtd: rawnand: tegra: Fix PM disable depth imbalance in probe Jens Glathe <jens.glathe(a)oldschoolsolutions.biz> usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller Justin Chen <justinpopo6(a)gmail.com> usb: bdc: change state when port disconnected Andrey Smirnov <andrew.smirnov(a)gmail.com> usb: dwc3: Don't switch OTG -> peripheral if extcon is present Patrice Chotard <patrice.chotard(a)foss.st.com> usb: dwc3: st: Rely on child's compatible instead of name Heikki Krogerus <heikki.krogerus(a)linux.intel.com> usb: typec: ucsi: acpi: Implement resume callback Heikki Krogerus <heikki.krogerus(a)linux.intel.com> usb: typec: ucsi: Check the connection on resume Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> usb: dwc3: gadget: Don't delay End Transfer on delayed_status Wesley Cheng <quic_wcheng(a)quicinc.com> usb: dwc3: gadget: Force sending delayed status during soft disconnect Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> usb: dwc3: gadget: Don't set IMI for no_interrupt Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> usb: dwc3: gadget: Stop processing more requests on IMI Joel Stanley <joel(a)jms.id.au> usb: gadget: aspeed: Fix probe regression Jeff Vanhoof <qjv001(a)motorola.com> usb: gadget: uvc: fix sg handling during video encode Dan Vacura <w36195(a)motorola.com> usb: gadget: uvc: fix sg handling in error case Dan Vacura <w36195(a)motorola.com> usb: gadget: uvc: fix dropped frame after missed isoc Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "usb: gadget: uvc: limit isoc_sg to super speed gadgets" Michael Grzeschik <m.grzeschik(a)pengutronix.de> usb: gadget: uvc: limit isoc_sg to super speed gadgets Hannu Hartikainen <hannu(a)hrtk.in> USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM Jason A. Donenfeld <Jason(a)zx2c4.com> ALSA: rme9652: use explicitly signed char Jason A. Donenfeld <Jason(a)zx2c4.com> ALSA: au88x0: use explicitly signed char Maciej S. Szmigiero <maciej.szmigiero(a)oracle.com> ALSA: ca0106: Use snd_ctl_rename() to rename a control Maciej S. Szmigiero <maciej.szmigiero(a)oracle.com> ALSA: usb-audio: Use snd_ctl_rename() to rename a control Maciej S. Szmigiero <maciej.szmigiero(a)oracle.com> ALSA: ac97: Use snd_ctl_rename() to rename a control Maciej S. Szmigiero <maciej.szmigiero(a)oracle.com> ALSA: emu10k1: Use snd_ctl_rename() to rename a control Maciej S. Szmigiero <maciej.szmigiero(a)oracle.com> ALSA: hda/realtek: Use snd_ctl_rename() to rename a control Maciej S. Szmigiero <maciej.szmigiero(a)oracle.com> ALSA: control: add snd_ctl_rename() Takashi Iwai <tiwai(a)suse.de> ALSA: hda/realtek: Add another HP ZBook G9 model quirks Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Add quirks for M-Audio Fast Track C400/600 Stefan Binding <sbinding(a)opensource.cirrus.com> ALSA: hda/realtek: Add quirk for ASUS Zenbook using CS35L41 Steven Rostedt (Google) <rostedt(a)goodmis.org> ALSA: Use del_timer_sync() before freeing timer Biju Das <biju.das.jz(a)bp.renesas.com> can: rcar_canfd: fix channel specific IRQ handling for RZ/G2L Biju Das <biju.das.jz(a)bp.renesas.com> can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global FIFO receive Anssi Hannula <anssi.hannula(a)bitwise.fi> can: kvaser_usb: Fix possible completions during init_completion Yang Yingliang <yangyingliang(a)huawei.com> can: j1939: transport: j1939_session_skb_drop_old(): spin_unlock_irqrestore() before kfree_skb() Shyam Sundar S K <Shyam-sundar.S-k(a)amd.com> platform/x86/amd: pmc: remove CONFIG_DEBUG_FS checks ------------- Diffstat: .../bindings/pinctrl/xlnx,zynqmp-pinctrl.yaml | 4 - Makefile | 4 +- arch/arc/include/asm/io.h | 2 +- arch/arc/include/asm/pgtable-levels.h | 2 +- arch/arc/mm/ioremap.c | 2 +- arch/arm64/include/asm/cputype.h | 4 + arch/arm64/kernel/proton-pack.c | 6 + arch/powerpc/kernel/interrupt_64.S | 13 +- arch/riscv/Kconfig | 17 ++- arch/riscv/Makefile | 6 +- arch/riscv/include/asm/cacheflush.h | 8 -- arch/riscv/include/asm/jump_label.h | 8 +- arch/riscv/include/asm/kvm_vcpu_timer.h | 1 + arch/riscv/include/asm/vdso/processor.h | 2 +- arch/riscv/include/uapi/asm/kvm.h | 1 + arch/riscv/kvm/vcpu.c | 11 ++ arch/riscv/kvm/vcpu_timer.c | 17 ++- arch/riscv/mm/cacheflush.c | 38 ++++++ arch/riscv/mm/dma-noncoherent.c | 39 ------ arch/riscv/mm/kasan_init.c | 7 +- arch/s390/boot/vmlinux.lds.S | 13 +- arch/s390/include/asm/futex.h | 3 +- arch/s390/lib/uaccess.c | 6 +- arch/s390/pci/pci_mmio.c | 8 +- arch/x86/crypto/polyval-clmulni_glue.c | 19 ++- arch/x86/events/intel/lbr.c | 2 +- arch/x86/kernel/fpu/init.c | 8 -- arch/x86/kernel/fpu/xstate.c | 42 +++--- arch/x86/kernel/unwind_orc.c | 2 +- drivers/acpi/acpi_pcc.c | 2 +- drivers/base/power/domain.c | 4 + drivers/char/random.c | 4 +- drivers/counter/104-quad-8.c | 64 ++++++--- drivers/counter/microchip-tcb-capture.c | 18 ++- drivers/cpufreq/intel_pstate.c | 133 +++++++----------- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 6 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 16 +++ drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 20 ++- drivers/gpu/drm/amd/amdgpu/mmhub_v2_0.c | 28 ++-- drivers/gpu/drm/amd/amdkfd/kfd_crat.c | 106 ++++++++++++++- .../drm/amd/display/amdgpu_dm/amdgpu_dm_plane.c | 50 +------ drivers/gpu/drm/bridge/parade-ps8640.c | 25 +++- drivers/gpu/drm/i915/display/intel_dp.c | 2 + drivers/gpu/drm/i915/gt/intel_workarounds.c | 4 +- drivers/gpu/drm/i915/intel_runtime_pm.c | 11 +- drivers/gpu/drm/msm/adreno/a6xx_gpu_state.c | 7 +- drivers/gpu/drm/msm/adreno/adreno_gpu.c | 7 +- .../gpu/drm/msm/disp/mdp4/mdp4_lvds_connector.c | 5 +- drivers/gpu/drm/msm/dp/dp_ctrl.c | 13 +- drivers/gpu/drm/msm/dp/dp_display.c | 23 +++- drivers/gpu/drm/msm/dp/dp_drm.c | 34 +++++ drivers/gpu/drm/msm/dp/dp_parser.c | 6 +- drivers/gpu/drm/msm/dp/dp_parser.h | 5 +- drivers/gpu/drm/msm/dsi/dsi.c | 6 + drivers/gpu/drm/msm/hdmi/hdmi.c | 7 +- drivers/gpu/drm/msm/msm_drv.c | 1 + drivers/hwtracing/coresight/coresight-cti-core.c | 5 - drivers/iio/accel/adxl367.c | 23 +++- drivers/iio/accel/adxl372.c | 23 +++- drivers/iio/light/tsl2583.c | 2 +- drivers/iio/temperature/ltc2983.c | 13 +- drivers/media/i2c/ar0521.c | 8 +- drivers/media/i2c/ov8865.c | 10 +- drivers/media/platform/amphion/vpu_v4l2.c | 11 +- drivers/media/platform/sunxi/sun4i-csi/Kconfig | 2 +- drivers/media/platform/sunxi/sun6i-csi/Kconfig | 2 +- .../media/platform/sunxi/sun6i-mipi-csi2/Kconfig | 4 +- .../sunxi/sun6i-mipi-csi2/sun6i_mipi_csi2.c | 20 ++- .../platform/sunxi/sun8i-a83t-mipi-csi2/Kconfig | 2 +- .../sun8i-a83t-mipi-csi2/sun8i_a83t_mipi_csi2.c | 23 +++- drivers/media/platform/sunxi/sun8i-di/Kconfig | 2 +- drivers/media/platform/sunxi/sun8i-rotate/Kconfig | 2 +- drivers/media/test-drivers/vivid/vivid-core.c | 38 +++++- drivers/media/test-drivers/vivid/vivid-core.h | 2 + drivers/media/test-drivers/vivid/vivid-vid-cap.c | 27 +++- drivers/media/v4l2-core/v4l2-dv-timings.c | 14 ++ drivers/mmc/core/block.c | 44 +++--- drivers/mmc/core/queue.c | 8 ++ drivers/mmc/core/sdio_bus.c | 3 +- drivers/mmc/host/Kconfig | 3 +- drivers/mmc/host/sdhci-esdhc-imx.c | 14 +- drivers/mmc/host/sdhci-pci-core.c | 14 +- drivers/mtd/mtdcore.c | 2 +- drivers/mtd/nand/raw/intel-nand-controller.c | 35 ++--- drivers/mtd/nand/raw/marvell_nand.c | 2 +- drivers/mtd/nand/raw/tegra_nand.c | 4 +- drivers/mtd/parsers/bcm47xxpart.c | 4 +- drivers/mtd/spi-nor/core.c | 4 +- drivers/net/can/mscan/mpc5xxx_can.c | 8 +- drivers/net/can/rcar/rcar_canfd.c | 24 ++-- drivers/net/can/spi/mcp251x.c | 5 +- drivers/net/can/usb/kvaser_usb/kvaser_usb_hydra.c | 4 +- drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c | 4 +- drivers/net/ethernet/amd/xgbe/xgbe-pci.c | 5 + drivers/net/ethernet/amd/xgbe/xgbe-phy-v2.c | 19 ++- drivers/net/ethernet/amd/xgbe/xgbe.h | 1 + drivers/net/ethernet/aquantia/atlantic/aq_macsec.c | 96 +++++++++---- drivers/net/ethernet/aquantia/atlantic/aq_nic.h | 2 + drivers/net/ethernet/broadcom/bcm4908_enet.c | 12 +- drivers/net/ethernet/broadcom/bcmsysport.c | 3 + drivers/net/ethernet/cadence/macb_main.c | 1 + drivers/net/ethernet/freescale/enetc/enetc.c | 5 + drivers/net/ethernet/freescale/fec_main.c | 46 ++++++- drivers/net/ethernet/huawei/hinic/hinic_debugfs.c | 18 ++- drivers/net/ethernet/huawei/hinic/hinic_hw_cmdq.c | 2 +- drivers/net/ethernet/huawei/hinic/hinic_hw_dev.c | 2 +- drivers/net/ethernet/huawei/hinic/hinic_sriov.c | 1 - drivers/net/ethernet/ibm/ehea/ehea_main.c | 1 + drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 100 ++++++++------ drivers/net/ethernet/intel/i40e/i40e_type.h | 4 + drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 43 ++++-- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 + drivers/net/ethernet/lantiq_etop.c | 1 - drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 10 +- drivers/net/ethernet/mellanox/mlx5/core/en/ptp.h | 9 ++ .../net/ethernet/mellanox/mlx5/core/en/tc_priv.h | 2 + drivers/net/ethernet/mellanox/mlx5/core/en/txrx.h | 6 + .../ethernet/mellanox/mlx5/core/en_accel/ipsec.c | 3 - drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 74 +++++++++- drivers/net/ethernet/mellanox/mlx5/core/en_tx.c | 6 + drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c | 17 +++ drivers/net/ethernet/mellanox/mlx5/core/lib/aso.c | 7 + drivers/net/ethernet/mellanox/mlx5/core/lib/mpfs.c | 6 +- drivers/net/ethernet/mellanox/mlx5/core/main.c | 4 + .../ethernet/mellanox/mlx5/core/steering/dr_rule.c | 3 +- drivers/net/ethernet/micrel/ksz884x.c | 2 +- .../ethernet/microchip/lan966x/lan966x_ethtool.c | 10 +- .../net/ethernet/microchip/lan966x/lan966x_fdma.c | 24 +--- drivers/net/ethernet/socionext/netsec.c | 2 + drivers/net/ethernet/socionext/sni_ave.c | 6 + drivers/net/netdevsim/bus.c | 9 +- drivers/net/netdevsim/dev.c | 31 +++-- drivers/nfc/virtual_ncidev.c | 3 + drivers/pinctrl/pinctrl-ingenic.c | 4 +- drivers/pinctrl/pinctrl-ocelot.c | 17 ++- drivers/pinctrl/pinctrl-zynqmp.c | 9 -- drivers/pinctrl/qcom/pinctrl-msm.c | 21 +++ drivers/platform/x86/amd/pmc.c | 12 -- drivers/s390/cio/css.c | 8 +- drivers/scsi/qla2xxx/qla_attr.c | 28 +++- drivers/spi/spi-aspeed-smc.c | 2 +- drivers/spi/spi-qup.c | 2 + drivers/staging/media/atomisp/pci/sh_css_params.c | 4 +- drivers/staging/media/sunxi/cedrus/Kconfig | 1 + drivers/usb/core/quirks.c | 9 ++ drivers/usb/dwc3/core.c | 49 ++++++- drivers/usb/dwc3/drd.c | 50 ------- drivers/usb/dwc3/dwc3-st.c | 2 +- drivers/usb/dwc3/gadget.c | 21 ++- drivers/usb/gadget/function/uvc_queue.c | 8 +- drivers/usb/gadget/function/uvc_video.c | 25 +++- drivers/usb/gadget/udc/aspeed-vhub/dev.c | 1 + drivers/usb/gadget/udc/bdc/bdc_udc.c | 1 + drivers/usb/host/xhci-mem.c | 20 +-- drivers/usb/host/xhci-pci.c | 44 ++---- drivers/usb/host/xhci.c | 10 +- drivers/usb/host/xhci.h | 1 + drivers/usb/typec/ucsi/ucsi.c | 42 ++++-- drivers/usb/typec/ucsi/ucsi_acpi.c | 10 ++ drivers/video/aperture.c | 5 +- drivers/video/fbdev/smscufx.c | 55 ++++---- drivers/video/fbdev/stifb.c | 3 +- fs/binfmt_elf.c | 3 +- fs/erofs/zdata.c | 6 +- fs/erofs/zmap.c | 17 +-- fs/exec.c | 4 +- fs/kernfs/dir.c | 5 +- fs/squashfs/file.c | 23 ++-- fs/squashfs/page_actor.c | 3 + fs/squashfs/page_actor.h | 6 +- include/linux/mlx5/driver.h | 2 +- include/linux/perf_event.h | 19 ++- include/linux/userfaultfd_k.h | 6 +- include/media/v4l2-common.h | 3 +- include/net/sock.h | 2 +- include/sound/control.h | 1 + include/sound/soc-acpi-intel-match.h | 2 + include/uapi/linux/videodev2.h | 3 +- kernel/bpf/btf.c | 5 + kernel/events/core.c | 151 +++++++++++++++------ kernel/events/ring_buffer.c | 2 +- kernel/power/hibernate.c | 2 +- kernel/rcu/tree.c | 10 +- kernel/sched/sched.h | 18 +-- mm/huge_memory.c | 11 +- mm/kmemleak.c | 61 ++++++--- mm/madvise.c | 12 +- mm/migrate.c | 7 + mm/page_alloc.c | 1 + net/can/j1939/transport.c | 4 +- net/core/net_namespace.c | 7 + net/core/skbuff.c | 2 +- net/ethtool/eeprom.c | 2 +- net/ieee802154/socket.c | 4 +- net/ipv4/nexthop.c | 2 +- net/ipv4/tcp_input.c | 3 +- net/ipv4/tcp_ipv4.c | 4 +- net/ipv6/ip6_gre.c | 12 +- net/ipv6/ip6_tunnel.c | 11 +- net/ipv6/ipv6_sockglue.c | 7 + net/ipv6/sit.c | 8 +- net/kcm/kcmsock.c | 25 ++-- net/mac802154/rx.c | 5 +- net/mptcp/protocol.c | 3 +- net/mptcp/protocol.h | 1 + net/mptcp/subflow.c | 7 + net/openvswitch/datapath.c | 3 +- net/tipc/topsrv.c | 16 ++- sound/aoa/soundbus/i2sbus/core.c | 7 +- sound/core/control.c | 23 ++++ sound/pci/ac97/ac97_codec.c | 33 +++-- sound/pci/au88x0/au88x0.h | 6 +- sound/pci/au88x0/au88x0_core.c | 2 +- sound/pci/ca0106/ca0106_mixer.c | 2 +- sound/pci/emu10k1/emumixer.c | 2 +- sound/pci/hda/patch_realtek.c | 5 +- sound/pci/rme9652/hdsp.c | 26 ++-- sound/pci/rme9652/rme9652.c | 22 +-- sound/soc/codecs/Kconfig | 1 + sound/soc/codecs/tlv320adc3xxx.c | 2 +- sound/soc/intel/common/Makefile | 2 +- sound/soc/intel/common/soc-acpi-intel-rpl-match.c | 51 +++++++ sound/soc/qcom/lpass-cpu.c | 10 ++ sound/soc/sof/intel/pci-mtl.c | 2 +- sound/soc/sof/intel/pci-tgl.c | 92 ++++++++++++- sound/synth/emux/emux.c | 7 +- sound/usb/implicit.c | 2 + sound/usb/mixer.c | 2 +- tools/iio/iio_utils.c | 4 + .../arch/arm64/hisilicon/hip08/metrics.json | 6 +- .../arch/powerpc/power10/nest_metrics.json | 72 +++++----- .../arch/s390/cf_z16/{pai.json => pai_crypto.json} | 0 tools/perf/util/auxtrace.c | 10 +- .../testing/selftests/drivers/net/bonding/Makefile | 4 +- .../drivers/net/bonding/dev_addr_lists.sh | 2 +- .../drivers/net/bonding/net_forwarding_lib.sh | 1 + .../drivers/net/dsa/test_bridge_fdb_stress.sh | 4 +- tools/testing/selftests/drivers/net/team/Makefile | 4 + .../selftests/drivers/net/team/dev_addr_lists.sh | 6 +- .../testing/selftests/drivers/net/team/lag_lib.sh | 1 + .../drivers/net/team/net_forwarding_lib.sh | 1 + .../ftrace/test.d/dynevent/test_duplicates.tc | 2 +- .../inter-event/trigger-synthetic-eprobe.tc | 2 +- .../kvm/memslot_modification_stress_test.c | 2 +- tools/testing/selftests/lib.mk | 4 +- 246 files changed, 2260 insertions(+), 1058 deletions(-)

3 years, 1 month

11
250
0 0

[PATCH 5.4 00/64] 5.4.223-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.4.223 release. There are 64 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 04 Nov 2022 02:20:38 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.223-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.4.223-rc1 Biju Das <biju.das.jz(a)bp.renesas.com> can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global FIFO receive Vladimir Oltean <vladimir.oltean(a)nxp.com> net: enetc: survive memory pressure without crashing Tariq Toukan <tariqt(a)nvidia.com> net/mlx5: Fix possible use-after-free in async command interface Hyong Youb Kim <hyonkim(a)cisco.com> net/mlx5e: Do not increment ESN when updating IPsec ESN state Nicolas Dichtel <nicolas.dichtel(a)6wind.com> nh: fix scope used to find saddr when adding non gw nh Yang Yingliang <yangyingliang(a)huawei.com> net: ehea: fix possible memory leak in ehea_register_port() Aaron Conole <aconole(a)redhat.com> openvswitch: switch from WARN to pr_warn Takashi Iwai <tiwai(a)suse.de> ALSA: aoa: Fix I2S device accounting Yang Yingliang <yangyingliang(a)huawei.com> ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() Sudeep Holla <sudeep.holla(a)arm.com> PM: domains: Fix handling of unavailable/disabled idle states Yang Yingliang <yangyingliang(a)huawei.com> net: ksz884x: fix missing pci_disable_device() on error in pcidev_init() Slawomir Laba <slawomirx.laba(a)intel.com> i40e: Fix flow-type by setting GL_HASH_INSET registers Sylwester Dziedziuch <sylwesterx.dziedziuch(a)intel.com> i40e: Fix VF hang when reset is triggered on another VF Slawomir Laba <slawomirx.laba(a)intel.com> i40e: Fix ethtool rx-flow-hash setting for X722 Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: v4l2-dv-timings: add sanity checks for blanking values Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vivid: dev->bitmap_cap wasn't freed in all cases Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vivid: s_fbuf: add more sanity checks Mario Limonciello <mario.limonciello(a)amd.com> PM: hibernate: Allow hybrid sleep to work with s2idle Dongliang Mu <dzm91(a)hust.edu.cn> can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path Neal Cardwell <ncardwell(a)google.com> tcp: fix indefinite deferral of RTO with SACK reneging Zhang Changzhong <zhangchangzhong(a)huawei.com> net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY Zhengchao Shao <shaozhengchao(a)huawei.com> net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed Eric Dumazet <edumazet(a)google.com> kcm: annotate data-races around kcm->rx_wait Eric Dumazet <edumazet(a)google.com> kcm: annotate data-races around kcm->rx_psock Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: add the bit rate quirk for Molex cables Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: fix the SFP compliance codes check for DAC cables Chen Zhongjin <chenzhongjin(a)huawei.com> x86/unwind/orc: Fix unreliable stack dump with gcov Yang Yingliang <yangyingliang(a)huawei.com> net: netsec: fix error handling in netsec_register_mdio() Xin Long <lucien.xin(a)gmail.com> tipc: fix a null-ptr-deref in tipc_topsrv_accept Yang Yingliang <yangyingliang(a)huawei.com> ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() Randy Dunlap <rdunlap(a)infradead.org> arc: iounmap() arg is volatile Nathan Huckleberry <nhuck(a)google.com> drm/msm: Fix return type of mdp4_lvds_connector_mode_valid Alexander Stein <alexander.stein(a)ew.tq-group.com> media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation Wei Yongjun <weiyongjun1(a)huawei.com> net: ieee802154: fix error return code in dgram_bind() Rik van Riel <riel(a)surriel.com> mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages Chen Zhou <chenzhou10(a)huawei.com> cgroup-v1: add disabled controller check in cgroup1_parse_param() M. Vefa Bicakci <m.v.b(a)runbox.com> xen/gntdev: Prevent leaking grants Jan Beulich <jbeulich(a)suse.com> Xen/gntdev: don't ignore kernel unmapping error Chandan Babu R <chandan.babu(a)oracle.com> xfs: force the log after remapping a synchronous-writes file Chandan Babu R <chandan.babu(a)oracle.com> xfs: clear XFS_DQ_FREEING if we can't lock the dquot buffer to flush Chandan Babu R <chandan.babu(a)oracle.com> xfs: finish dfops on every insert range shift iteration Heiko Carstens <hca(a)linux.ibm.com> s390/pci: add missing EX_TABLE entries to __pcistg_mio_inuser()/__pcilg_mio_inuser() Heiko Carstens <hca(a)linux.ibm.com> s390/futex: add missing EX_TABLE entry to __futex_atomic_op() Adrian Hunter <adrian.hunter(a)intel.com> perf auxtrace: Fix address filter symbol name match for modules Christian A. Ehrhardt <lk(a)c--e.de> kernfs: fix use-after-free in __kernfs_remove Matthew Ma <mahongwei(a)zeku.com> mmc: core: Fix kernel panic when remove non-standard SDIO card Johan Hovold <johan+linaro(a)kernel.org> drm/msm/hdmi: fix memory corruption with too many bridges Johan Hovold <johan+linaro(a)kernel.org> drm/msm/dsi: fix memory corruption with too many bridges Miquel Raynal <miquel.raynal(a)bootlin.com> mac802154: Fix LQI recording Hyunwoo Kim <imv4bel(a)gmail.com> fbdev: smscufx: Fix several use-after-free bugs Shreeya Patel <shreeya.patel(a)collabora.com> iio: light: tsl2583: Fix module unloading Matti Vaittinen <mazziesaccount(a)gmail.com> tools: iio: iio_utils: fix digit calculation Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Remove device endpoints from bandwidth list when freeing the device Tony O'Brien <tony.obrien(a)alliedtelesis.co.nz> mtd: rawnand: marvell: Use correct logic for nand-keep-config Jens Glathe <jens.glathe(a)oldschoolsolutions.biz> usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller Justin Chen <justinpopo6(a)gmail.com> usb: bdc: change state when port disconnected Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> usb: dwc3: gadget: Don't set IMI for no_interrupt Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> usb: dwc3: gadget: Stop processing more requests on IMI Hannu Hartikainen <hannu(a)hrtk.in> USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM Jason A. Donenfeld <Jason(a)zx2c4.com> ALSA: au88x0: use explicitly signed char Steven Rostedt (Google) <rostedt(a)goodmis.org> ALSA: Use del_timer_sync() before freeing timer Anssi Hannula <anssi.hannula(a)bitwise.fi> can: kvaser_usb: Fix possible completions during init_completion Yang Yingliang <yangyingliang(a)huawei.com> can: j1939: transport: j1939_session_skb_drop_old(): spin_unlock_irqrestore() before kfree_skb() ------------- Diffstat: Makefile | 4 +- arch/arc/include/asm/io.h | 2 +- arch/arc/mm/ioremap.c | 2 +- arch/s390/include/asm/futex.h | 3 +- arch/s390/pci/pci_mmio.c | 8 +- arch/x86/kernel/unwind_orc.c | 2 +- drivers/base/power/domain.c | 4 + .../gpu/drm/msm/disp/mdp4/mdp4_lvds_connector.c | 5 +- drivers/gpu/drm/msm/dsi/dsi.c | 6 ++ drivers/gpu/drm/msm/hdmi/hdmi.c | 5 ++ drivers/iio/light/tsl2583.c | 2 +- drivers/media/platform/vivid/vivid-core.c | 22 +++++ drivers/media/platform/vivid/vivid-core.h | 2 + drivers/media/platform/vivid/vivid-vid-cap.c | 27 ++++-- drivers/media/v4l2-core/v4l2-dv-timings.c | 14 +++ drivers/mmc/core/sdio_bus.c | 3 +- drivers/mtd/nand/raw/marvell_nand.c | 2 +- drivers/net/can/mscan/mpc5xxx_can.c | 8 +- drivers/net/can/rcar/rcar_canfd.c | 6 +- drivers/net/can/usb/kvaser_usb/kvaser_usb_hydra.c | 4 +- drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c | 4 +- drivers/net/ethernet/amd/xgbe/xgbe-phy-v2.c | 17 ++-- drivers/net/ethernet/freescale/enetc/enetc.c | 5 ++ drivers/net/ethernet/ibm/ehea/ehea_main.c | 1 + drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 100 ++++++++++++--------- drivers/net/ethernet/intel/i40e/i40e_type.h | 4 + drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 43 ++++++--- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 + drivers/net/ethernet/lantiq_etop.c | 1 - drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 10 +-- .../ethernet/mellanox/mlx5/core/en_accel/ipsec.c | 3 - drivers/net/ethernet/micrel/ksz884x.c | 2 +- drivers/net/ethernet/socionext/netsec.c | 2 + drivers/usb/core/quirks.c | 9 ++ drivers/usb/dwc3/gadget.c | 8 +- drivers/usb/gadget/udc/bdc/bdc_udc.c | 1 + drivers/usb/host/xhci-mem.c | 20 +++-- drivers/usb/host/xhci-pci.c | 8 +- drivers/video/fbdev/smscufx.c | 55 ++++++------ drivers/xen/gntdev.c | 30 +++++-- fs/kernfs/dir.c | 5 +- fs/xfs/xfs_bmap_util.c | 2 +- fs/xfs/xfs_file.c | 17 +++- fs/xfs/xfs_qm.c | 1 + include/linux/mlx5/driver.h | 2 +- include/media/v4l2-common.h | 3 +- include/uapi/linux/videodev2.h | 3 +- kernel/cgroup/cgroup-v1.c | 3 + kernel/power/hibernate.c | 2 +- mm/hugetlb.c | 2 +- net/can/j1939/transport.c | 4 +- net/core/net_namespace.c | 7 ++ net/ieee802154/socket.c | 4 +- net/ipv4/nexthop.c | 2 +- net/ipv4/tcp_input.c | 3 +- net/kcm/kcmsock.c | 23 +++-- net/mac802154/rx.c | 5 +- net/openvswitch/datapath.c | 3 +- net/tipc/topsrv.c | 16 +++- sound/aoa/soundbus/i2sbus/core.c | 7 +- sound/pci/ac97/ac97_codec.c | 1 + sound/pci/au88x0/au88x0.h | 6 +- sound/pci/au88x0/au88x0_core.c | 2 +- sound/synth/emux/emux.c | 7 +- tools/iio/iio_utils.c | 4 + tools/perf/util/auxtrace.c | 10 ++- 66 files changed, 423 insertions(+), 176 deletions(-)

3 years, 1 month

5
68
0 0

[PATCH 5.15 000/132] 5.15.77-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.77 release. There are 132 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 04 Nov 2022 02:20:38 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.77-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.77-rc1 Kuniyuki Iwashima <kuniyu(a)amazon.com> tcp/udp: Fix memory leak in ipv6_renew_options(). Lukas Wunner <lukas(a)wunner.de> serial: Deassert Transmit Enable on probe in driver-specific way Lino Sanfilippo <LinoSanfilippo(a)gmx.de> serial: core: move RS485 configuration tasks from drivers into core Biju Das <biju.das.jz(a)bp.renesas.com> can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global FIFO receive Biju Das <biju.das.jz(a)bp.renesas.com> can: rcar_canfd: fix channel specific IRQ handling for RZ/G2L Yu Kuai <yukuai3(a)huawei.com> scsi: sd: Revert "scsi: sd: Remove a local variable" D Scott Phillips <scott(a)os.amperecomputing.com> arm64: Add AMPERE1 to the Spectre-BHB affected list Vladimir Oltean <vladimir.oltean(a)nxp.com> net: enetc: survive memory pressure without crashing Eric Dumazet <edumazet(a)google.com> kcm: do not sense pfmemalloc status in kcm_sendpage() Eric Dumazet <edumazet(a)google.com> net: do not sense pfmemalloc status in skb_append_pagefrags() Suresh Devarakonda <ramad(a)nvidia.com> net/mlx5: Fix crash during sync firmware reset Roy Novich <royno(a)nvidia.com> net/mlx5: Update fw fatal reporter state on PCI handlers successful recover Saeed Mahameed <saeedm(a)nvidia.com> net/mlx5: Print more info on pci error handlers Tariq Toukan <tariqt(a)nvidia.com> net/mlx5: Fix possible use-after-free in async command interface Aya Levin <ayal(a)nvidia.com> net/mlx5e: Extend SKB room check to include PTP-SQ Hyong Youb Kim <hyonkim(a)cisco.com> net/mlx5e: Do not increment ESN when updating IPsec ESN state Zhengchao Shao <shaozhengchao(a)huawei.com> netdevsim: remove dir in nsim_dev_debugfs_init() when creating ports dir failed Rafał Miłecki <rafal(a)milecki.pl> net: broadcom: bcm4908_enet: update TX stats after actual transmission Colin Ian King <colin.i.king(a)gmail.com> net: broadcom: bcm4908enet: remove redundant variable bytes Nicolas Dichtel <nicolas.dichtel(a)6wind.com> nh: fix scope used to find saddr when adding non gw nh Florian Fainelli <f.fainelli(a)gmail.com> net: bcmsysport: Indicate MAC is in charge of PHY PM Yang Yingliang <yangyingliang(a)huawei.com> net: ehea: fix possible memory leak in ehea_register_port() Aaron Conole <aconole(a)redhat.com> openvswitch: switch from WARN to pr_warn Takashi Iwai <tiwai(a)suse.de> ALSA: aoa: Fix I2S device accounting Yang Yingliang <yangyingliang(a)huawei.com> ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() Kunihiko Hayashi <hayashi.kunihiko(a)socionext.com> net: ethernet: ave: Fix MAC to be in charge of PHY PM Juergen Borleis <jbe(a)pengutronix.de> net: fec: limit register access on i.MX6UL Shang XiaoJing <shangxiaojing(a)huawei.com> perf vendor events arm64: Fix incorrect Hisi hip08 L3 metrics Sudeep Holla <sudeep.holla(a)arm.com> PM: domains: Fix handling of unavailable/disabled idle states Yang Yingliang <yangyingliang(a)huawei.com> net: ksz884x: fix missing pci_disable_device() on error in pcidev_init() Slawomir Laba <slawomirx.laba(a)intel.com> i40e: Fix flow-type by setting GL_HASH_INSET registers Sylwester Dziedziuch <sylwesterx.dziedziuch(a)intel.com> i40e: Fix VF hang when reset is triggered on another VF Slawomir Laba <slawomirx.laba(a)intel.com> i40e: Fix ethtool rx-flow-hash setting for X722 Eric Dumazet <edumazet(a)google.com> ipv6: ensure sane device mtu in tunnels Kajol Jain <kjain(a)linux.ibm.com> perf vendor events power10: Fix hv-24x7 metric events Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vivid: set num_in/outputs to 0 if not supported Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: v4l2-dv-timings: add sanity checks for blanking values Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vivid: dev->bitmap_cap wasn't freed in all cases Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vivid: s_fbuf: add more sanity checks Mario Limonciello <mario.limonciello(a)amd.com> PM: hibernate: Allow hybrid sleep to work with s2idle Dongliang Mu <dzm91(a)hust.edu.cn> can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in error path Dongliang Mu <dzm91(a)hust.edu.cn> can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path Rafael Mendonca <rafaelmendsr(a)gmail.com> drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() Jakub Kicinski <kuba(a)kernel.org> net-memcg: avoid stalls when under memory pressure Neal Cardwell <ncardwell(a)google.com> tcp: fix indefinite deferral of RTO with SACK reneging Lu Wei <luwei32(a)huawei.com> tcp: fix a signed-integer-overflow bug in tcp_add_backlog() Eric Dumazet <edumazet(a)google.com> tcp: minor optimization in tcp_add_backlog() Zhang Changzhong <zhangchangzhong(a)huawei.com> net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY Zhengchao Shao <shaozhengchao(a)huawei.com> net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed Eric Dumazet <edumazet(a)google.com> kcm: annotate data-races around kcm->rx_wait Eric Dumazet <edumazet(a)google.com> kcm: annotate data-races around kcm->rx_psock Íñigo Huguet <ihuguet(a)redhat.com> atlantic: fix deadlock at aq_nic_stop Ankit Nautiyal <ankit.k.nautiyal(a)intel.com> drm/i915/dp: Reset frl trained flag before restarting FRL training Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: add the bit rate quirk for Molex cables Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: fix the SFP compliance codes check for DAC cables Chen Zhongjin <chenzhongjin(a)huawei.com> x86/unwind/orc: Fix unreliable stack dump with gcov Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: virtual_ncidev: Fix memory leak in virtual_nci_send() Sergiu Moga <sergiu.moga(a)microchip.com> net: macb: Specify PHY PM management done by MAC Zhengchao Shao <shaozhengchao(a)huawei.com> net: hinic: fix the issue of double release MBOX callback of VF Zhengchao Shao <shaozhengchao(a)huawei.com> net: hinic: fix the issue of CMDQ memory leaks Zhengchao Shao <shaozhengchao(a)huawei.com> net: hinic: fix memory leak when reading function table Zhengchao Shao <shaozhengchao(a)huawei.com> net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg() Yang Yingliang <yangyingliang(a)huawei.com> net: netsec: fix error handling in netsec_register_mdio() Xin Long <lucien.xin(a)gmail.com> tipc: fix a null-ptr-deref in tipc_topsrv_accept Maxim Levitsky <mlevitsk(a)redhat.com> perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of clear_cpu_cap() Yang Yingliang <yangyingliang(a)huawei.com> ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() Srinivasa Rao Mandadapu <quic_srivasam(a)quicinc.com> ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile Yang Yingliang <yangyingliang(a)huawei.com> mtd: rawnand: intel: Add missing of_node_put() in ebu_nand_probe() Randy Dunlap <rdunlap(a)infradead.org> arc: iounmap() arg is volatile Lin Shengwang <linshengwang1(a)huawei.com> sched/core: Fix comparison in sched_group_cookie_match() Peter Zijlstra <peterz(a)infradead.org> perf: Fix missing SIGTRAPs Srinivasa Rao Mandadapu <quic_srivasam(a)quicinc.com> ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile Gavin Shan <gshan(a)redhat.com> KVM: selftests: Fix number of pages for memory slot in memslot_modification_stress_test Nathan Huckleberry <nhuck(a)google.com> drm/msm: Fix return type of mdp4_lvds_connector_mode_valid Dan Carpenter <dan.carpenter(a)oracle.com> media: atomisp: prevent integer overflow in sh_css_set_black_frame() Alexander Stein <alexander.stein(a)ew.tq-group.com> media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation Wei Yongjun <weiyongjun1(a)huawei.com> net: ieee802154: fix error return code in dgram_bind() Xin Long <lucien.xin(a)gmail.com> ethtool: eeprom: fix null-deref on genl_info in dump Christian Löhle <CLoehle(a)hyperstone.com> mmc: block: Remove error check of hw_reset on reset James Smart <jsmart2021(a)gmail.com> Revert "scsi: lpfc: SLI path split: Refactor lpfc_iocbq" James Smart <jsmart2021(a)gmail.com> Revert "scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4" James Smart <jsmart2021(a)gmail.com> Revert "scsi: lpfc: SLI path split: Refactor SCSI paths" James Smart <jsmart2021(a)gmail.com> Revert "scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup()" James Smart <jsmart2021(a)gmail.com> Revert "scsi: lpfc: Fix element offset in __lpfc_sli_release_iocbq_s4()" James Smart <jsmart2021(a)gmail.com> Revert "scsi: lpfc: Resolve some cleanup issues following SLI path refactoring" Heiko Carstens <hca(a)linux.ibm.com> s390/pci: add missing EX_TABLE entries to __pcistg_mio_inuser()/__pcilg_mio_inuser() Heiko Carstens <hca(a)linux.ibm.com> s390/futex: add missing EX_TABLE entry to __futex_atomic_op() Adrian Hunter <adrian.hunter(a)intel.com> perf auxtrace: Fix address filter symbol name match for modules Pavel Kozlov <pavel.kozlov(a)synopsys.com> ARC: mm: fix leakage of memory allocated for PTE Siarhei Volkau <lis8215(a)gmail.com> pinctrl: Ingenic: JZ4755 bug fixes Christian A. Ehrhardt <lk(a)c--e.de> kernfs: fix use-after-free in __kernfs_remove William Breathitt Gray <william.gray(a)linaro.org> counter: microchip-tcb-capture: Handle Signal1 read and Synapse Sascha Hauer <s.hauer(a)pengutronix.de> mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus Patrick Thompson <ptf(a)google.com> mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake Matthew Ma <mahongwei(a)zeku.com> mmc: core: Fix kernel panic when remove non-standard SDIO card Brian Norris <briannorris(a)chromium.org> mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO James Clark <james.clark(a)arm.com> coresight: cti: Fix hang in cti_disable_hw() Johan Hovold <johan+linaro(a)kernel.org> drm/msm/dp: fix IRQ lifetime Johan Hovold <johan+linaro(a)kernel.org> drm/msm/hdmi: fix memory corruption with too many bridges Johan Hovold <johan+linaro(a)kernel.org> drm/msm/dsi: fix memory corruption with too many bridges Prike Liang <Prike.Liang(a)amd.com> drm/amdgpu: disallow gfxoff until GC IP blocks complete s2idle resume Manish Rangankar <mrangankar(a)marvell.com> scsi: qla2xxx: Use transport-defined speed mask for supported_speeds Miquel Raynal <miquel.raynal(a)bootlin.com> mac802154: Fix LQI recording Bernd Edlinger <bernd.edlinger(a)hotmail.de> exec: Copy oldsighand->action under spin-lock Li Zetao <lizetao1(a)huawei.com> fs/binfmt_elf: Fix memory leak in load_elf_binary() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: intel_pstate: hybrid: Use known scaling factor for P-cores Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: intel_pstate: Read all MSRs on the target CPU Hyunwoo Kim <imv4bel(a)gmail.com> fbdev: smscufx: Fix several use-after-free bugs Matti Vaittinen <mazziesaccount(a)gmail.com> iio: adxl372: Fix unsafe buffer attributes Cosmin Tanislav <cosmin.tanislav(a)analog.com> iio: temperature: ltc2983: allocate iio channels once Shreeya Patel <shreeya.patel(a)collabora.com> iio: light: tsl2583: Fix module unloading Matti Vaittinen <mazziesaccount(a)gmail.com> tools: iio: iio_utils: fix digit calculation Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Remove device endpoints from bandwidth list when freeing the device Mario Limonciello <mario.limonciello(a)amd.com> xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Add quirk to reset host back to default state at shutdown Tony O'Brien <tony.obrien(a)alliedtelesis.co.nz> mtd: rawnand: marvell: Use correct logic for nand-keep-config Jens Glathe <jens.glathe(a)oldschoolsolutions.biz> usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller Justin Chen <justinpopo6(a)gmail.com> usb: bdc: change state when port disconnected Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> usb: dwc3: gadget: Don't set IMI for no_interrupt Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> usb: dwc3: gadget: Stop processing more requests on IMI Jeff Vanhoof <qjv001(a)motorola.com> usb: gadget: uvc: fix sg handling during video encode Dan Vacura <w36195(a)motorola.com> usb: gadget: uvc: fix sg handling in error case Hannu Hartikainen <hannu(a)hrtk.in> USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM Jason A. Donenfeld <Jason(a)zx2c4.com> ALSA: rme9652: use explicitly signed char Jason A. Donenfeld <Jason(a)zx2c4.com> ALSA: au88x0: use explicitly signed char Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Add quirks for M-Audio Fast Track C400/600 Steven Rostedt (Google) <rostedt(a)goodmis.org> ALSA: Use del_timer_sync() before freeing timer Anssi Hannula <anssi.hannula(a)bitwise.fi> can: kvaser_usb: Fix possible completions during init_completion Yang Yingliang <yangyingliang(a)huawei.com> can: j1939: transport: j1939_session_skb_drop_old(): spin_unlock_irqrestore() before kfree_skb() Scott Mayhew <smayhew(a)redhat.com> NFSv4: Add an fattr allocation to _nfs4_discover_trunking() Benjamin Coddington <bcodding(a)redhat.com> NFSv4: Fix free of uninitialized nfs4_label on referral lookup. ------------- Diffstat: Makefile | 4 +- arch/arc/include/asm/io.h | 2 +- arch/arc/include/asm/pgtable-levels.h | 2 +- arch/arc/mm/ioremap.c | 2 +- arch/arm64/include/asm/cputype.h | 4 + arch/arm64/kernel/proton-pack.c | 6 + arch/s390/include/asm/futex.h | 3 +- arch/s390/pci/pci_mmio.c | 8 +- arch/x86/events/intel/lbr.c | 2 +- arch/x86/kernel/unwind_orc.c | 2 +- drivers/base/power/domain.c | 4 + drivers/counter/microchip-tcb-capture.c | 18 +- drivers/cpufreq/intel_pstate.c | 133 ++-- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 6 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 16 + drivers/gpu/drm/i915/display/intel_dp.c | 2 + .../gpu/drm/msm/disp/mdp4/mdp4_lvds_connector.c | 5 +- drivers/gpu/drm/msm/dp/dp_display.c | 2 +- drivers/gpu/drm/msm/dsi/dsi.c | 6 + drivers/gpu/drm/msm/hdmi/hdmi.c | 5 + drivers/hwtracing/coresight/coresight-cti-core.c | 5 - drivers/iio/accel/adxl372.c | 23 +- drivers/iio/light/tsl2583.c | 2 +- drivers/iio/temperature/ltc2983.c | 13 +- drivers/media/test-drivers/vivid/vivid-core.c | 38 +- drivers/media/test-drivers/vivid/vivid-core.h | 2 + drivers/media/test-drivers/vivid/vivid-vid-cap.c | 27 +- drivers/media/v4l2-core/v4l2-dv-timings.c | 14 + drivers/mmc/core/block.c | 44 +- drivers/mmc/core/sdio_bus.c | 3 +- drivers/mmc/host/Kconfig | 3 +- drivers/mmc/host/sdhci-esdhc-imx.c | 14 +- drivers/mmc/host/sdhci-pci-core.c | 14 +- drivers/mtd/nand/raw/intel-nand-controller.c | 19 +- drivers/mtd/nand/raw/marvell_nand.c | 2 +- drivers/net/can/mscan/mpc5xxx_can.c | 8 +- drivers/net/can/rcar/rcar_canfd.c | 24 +- drivers/net/can/spi/mcp251x.c | 5 +- drivers/net/can/usb/kvaser_usb/kvaser_usb_hydra.c | 4 +- drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c | 4 +- drivers/net/ethernet/amd/xgbe/xgbe-phy-v2.c | 17 +- drivers/net/ethernet/aquantia/atlantic/aq_macsec.c | 96 ++- drivers/net/ethernet/aquantia/atlantic/aq_nic.h | 2 + drivers/net/ethernet/broadcom/bcm4908_enet.c | 10 +- drivers/net/ethernet/broadcom/bcmsysport.c | 3 + drivers/net/ethernet/cadence/macb_main.c | 1 + drivers/net/ethernet/freescale/enetc/enetc.c | 5 + drivers/net/ethernet/freescale/fec_main.c | 46 +- drivers/net/ethernet/huawei/hinic/hinic_debugfs.c | 18 +- drivers/net/ethernet/huawei/hinic/hinic_hw_cmdq.c | 2 +- drivers/net/ethernet/huawei/hinic/hinic_hw_dev.c | 2 +- drivers/net/ethernet/huawei/hinic/hinic_sriov.c | 1 - drivers/net/ethernet/ibm/ehea/ehea_main.c | 1 + drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 100 ++- drivers/net/ethernet/intel/i40e/i40e_type.h | 4 + drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 43 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 + drivers/net/ethernet/lantiq_etop.c | 1 - drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 10 +- drivers/net/ethernet/mellanox/mlx5/core/en/ptp.h | 9 + drivers/net/ethernet/mellanox/mlx5/core/en/txrx.h | 6 + .../ethernet/mellanox/mlx5/core/en_accel/ipsec.c | 3 - drivers/net/ethernet/mellanox/mlx5/core/en_tx.c | 6 + drivers/net/ethernet/mellanox/mlx5/core/lib/mpfs.c | 6 +- drivers/net/ethernet/mellanox/mlx5/core/main.c | 55 +- drivers/net/ethernet/micrel/ksz884x.c | 2 +- drivers/net/ethernet/socionext/netsec.c | 2 + drivers/net/ethernet/socionext/sni_ave.c | 6 + drivers/net/netdevsim/dev.c | 11 +- drivers/nfc/virtual_ncidev.c | 3 + drivers/pinctrl/pinctrl-ingenic.c | 4 +- drivers/scsi/lpfc/lpfc.h | 40 - drivers/scsi/lpfc/lpfc_bsg.c | 50 +- drivers/scsi/lpfc/lpfc_crtn.h | 3 +- drivers/scsi/lpfc/lpfc_ct.c | 8 +- drivers/scsi/lpfc/lpfc_els.c | 139 ++-- drivers/scsi/lpfc/lpfc_hw4.h | 7 - drivers/scsi/lpfc/lpfc_init.c | 13 +- drivers/scsi/lpfc/lpfc_nportdisc.c | 4 +- drivers/scsi/lpfc/lpfc_nvme.c | 34 +- drivers/scsi/lpfc/lpfc_nvme.h | 6 +- drivers/scsi/lpfc/lpfc_nvmet.c | 83 +- drivers/scsi/lpfc/lpfc_scsi.c | 441 ++++++----- drivers/scsi/lpfc/lpfc_sli.c | 876 ++++++++++++--------- drivers/scsi/lpfc/lpfc_sli.h | 26 +- drivers/scsi/qla2xxx/qla_attr.c | 28 +- drivers/scsi/sd.c | 3 +- drivers/staging/media/atomisp/pci/sh_css_params.c | 4 +- drivers/tty/serial/8250/8250_omap.c | 3 + drivers/tty/serial/8250/8250_pci.c | 9 +- drivers/tty/serial/8250/8250_port.c | 12 +- drivers/tty/serial/fsl_lpuart.c | 8 +- drivers/tty/serial/imx.c | 8 +- drivers/tty/serial/serial_core.c | 61 +- drivers/usb/core/quirks.c | 9 + drivers/usb/dwc3/gadget.c | 8 +- drivers/usb/gadget/function/uvc_queue.c | 8 +- drivers/usb/gadget/function/uvc_video.c | 22 +- drivers/usb/gadget/udc/bdc/bdc_udc.c | 1 + drivers/usb/host/xhci-mem.c | 20 +- drivers/usb/host/xhci-pci.c | 44 +- drivers/usb/host/xhci.c | 10 +- drivers/usb/host/xhci.h | 1 + drivers/video/fbdev/smscufx.c | 55 +- fs/binfmt_elf.c | 3 +- fs/exec.c | 4 +- fs/kernfs/dir.c | 5 +- fs/nfs/nfs4namespace.c | 9 +- fs/nfs/nfs4proc.c | 34 +- fs/nfs/nfs4state.c | 9 +- fs/nfs/nfs4xdr.c | 4 +- include/linux/mlx5/driver.h | 2 +- include/linux/nfs_xdr.h | 2 +- include/linux/perf_event.h | 19 +- include/media/v4l2-common.h | 3 +- include/net/sock.h | 2 +- include/uapi/linux/videodev2.h | 3 +- kernel/events/core.c | 153 +++- kernel/events/ring_buffer.c | 2 +- kernel/power/hibernate.c | 2 +- kernel/sched/sched.h | 18 +- net/can/j1939/transport.c | 4 +- net/core/net_namespace.c | 7 + net/core/skbuff.c | 2 +- net/ethtool/eeprom.c | 2 +- net/ieee802154/socket.c | 4 +- net/ipv4/nexthop.c | 2 +- net/ipv4/tcp_input.c | 3 +- net/ipv4/tcp_ipv4.c | 7 +- net/ipv6/ip6_gre.c | 12 +- net/ipv6/ip6_tunnel.c | 11 +- net/ipv6/ipv6_sockglue.c | 7 + net/ipv6/sit.c | 8 +- net/kcm/kcmsock.c | 25 +- net/mac802154/rx.c | 5 +- net/openvswitch/datapath.c | 3 +- net/tipc/topsrv.c | 16 +- sound/aoa/soundbus/i2sbus/core.c | 7 +- sound/pci/ac97/ac97_codec.c | 1 + sound/pci/au88x0/au88x0.h | 6 +- sound/pci/au88x0/au88x0_core.c | 2 +- sound/pci/rme9652/hdsp.c | 26 +- sound/pci/rme9652/rme9652.c | 22 +- sound/soc/qcom/lpass-cpu.c | 10 + sound/synth/emux/emux.c | 7 +- sound/usb/implicit.c | 2 + tools/iio/iio_utils.c | 4 + .../arch/arm64/hisilicon/hip08/metrics.json | 6 +- .../arch/powerpc/power10/nest_metrics.json | 72 +- tools/perf/util/auxtrace.c | 10 +- .../kvm/memslot_modification_stress_test.c | 2 +- 151 files changed, 2130 insertions(+), 1459 deletions(-)

3 years, 1 month

8
139
0 0

[PATCH 4.9 00/44] 4.9.332-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.332 release. There are 44 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 04 Nov 2022 02:20:38 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.332-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.332-rc1 Biju Das <biju.das.jz(a)bp.renesas.com> can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global FIFO receive Yang Yingliang <yangyingliang(a)huawei.com> net: ehea: fix possible memory leak in ehea_register_port() Aaron Conole <aconole(a)redhat.com> openvswitch: switch from WARN to pr_warn Takashi Iwai <tiwai(a)suse.de> ALSA: aoa: Fix I2S device accounting Yang Yingliang <yangyingliang(a)huawei.com> ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() Yang Yingliang <yangyingliang(a)huawei.com> net: ksz884x: fix missing pci_disable_device() on error in pcidev_init() Slawomir Laba <slawomirx.laba(a)intel.com> i40e: Fix ethtool rx-flow-hash setting for X722 Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: v4l2-dv-timings: add sanity checks for blanking values Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vivid: dev->bitmap_cap wasn't freed in all cases Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vivid: s_fbuf: add more sanity checks Dongliang Mu <dzm91(a)hust.edu.cn> can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path Neal Cardwell <ncardwell(a)google.com> tcp: fix indefinite deferral of RTO with SACK reneging Zhang Changzhong <zhangchangzhong(a)huawei.com> net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY Eric Dumazet <edumazet(a)google.com> kcm: annotate data-races around kcm->rx_wait Eric Dumazet <edumazet(a)google.com> kcm: annotate data-races around kcm->rx_psock Yang Yingliang <yangyingliang(a)huawei.com> ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() Randy Dunlap <rdunlap(a)infradead.org> arc: iounmap() arg is volatile Nathan Huckleberry <nhuck(a)google.com> drm/msm: Fix return type of mdp4_lvds_connector_mode_valid Wei Yongjun <weiyongjun1(a)huawei.com> net: ieee802154: fix error return code in dgram_bind() Rik van Riel <riel(a)surriel.com> mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages M. Vefa Bicakci <m.v.b(a)runbox.com> xen/gntdev: Prevent leaking grants Jan Beulich <jbeulich(a)suse.com> Xen/gntdev: don't ignore kernel unmapping error Heiko Carstens <hca(a)linux.ibm.com> s390/futex: add missing EX_TABLE entry to __futex_atomic_op() Christian A. Ehrhardt <lk(a)c--e.de> kernfs: fix use-after-free in __kernfs_remove Matthew Ma <mahongwei(a)zeku.com> mmc: core: Fix kernel panic when remove non-standard SDIO card Johan Hovold <johan+linaro(a)kernel.org> drm/msm/hdmi: fix memory corruption with too many bridges Miquel Raynal <miquel.raynal(a)bootlin.com> mac802154: Fix LQI recording Hyunwoo Kim <imv4bel(a)gmail.com> fbdev: smscufx: Fix several use-after-free bugs Matti Vaittinen <mazziesaccount(a)gmail.com> tools: iio: iio_utils: fix digit calculation Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Remove device endpoints from bandwidth list when freeing the device Justin Chen <justinpopo6(a)gmail.com> usb: bdc: change state when port disconnected Hannu Hartikainen <hannu(a)hrtk.in> USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM Jason A. Donenfeld <Jason(a)zx2c4.com> ALSA: au88x0: use explicitly signed char Steven Rostedt (Google) <rostedt(a)goodmis.org> ALSA: Use del_timer_sync() before freeing timer Werner Sembach <wse(a)tuxedocomputers.com> ACPI: video: Force backlight native for more TongFang devices Yang Yingliang <yangyingliang(a)huawei.com> net: hns: fix possible memory leak in hnae_ae_register() Xiaobo Liu <cppcoffee(a)gmail.com> net/atm: fix proc_mpc_write incorrect return value José Expósito <jose.exposito89(a)gmail.com> HID: magicmouse: Do not set BTN_MOUSE on double report James Morse <james.morse(a)arm.com> arm64: errata: Remove AES hwcap for COMPAT tasks Kai-Heng Feng <kai.heng.feng(a)canonical.com> ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS Alexander Stein <alexander.stein(a)ew.tq-group.com> ata: ahci-imx: Fix MODULE_ALIAS Joseph Qi <joseph.qi(a)linux.alibaba.com> ocfs2: fix BUG when iput after ocfs2_mknod fails Joseph Qi <joseph.qi(a)linux.alibaba.com> ocfs2: clear dinode links count in case of error ------------- Diffstat: Documentation/arm64/silicon-errata.txt | 2 + Makefile | 4 +- arch/arc/include/asm/io.h | 2 +- arch/arc/mm/ioremap.c | 2 +- arch/arm64/Kconfig | 16 ++++++ arch/arm64/include/asm/cpucaps.h | 3 +- arch/arm64/kernel/cpu_errata.c | 16 ++++++ arch/arm64/kernel/cpufeature.c | 13 ++++- arch/s390/include/asm/futex.h | 3 +- drivers/acpi/video_detect.c | 64 ++++++++++++++++++++++ drivers/ata/ahci.h | 2 +- drivers/ata/ahci_imx.c | 2 +- drivers/gpu/drm/msm/hdmi/hdmi.c | 5 ++ drivers/gpu/drm/msm/mdp/mdp4/mdp4_lvds_connector.c | 5 +- drivers/hid/hid-magicmouse.c | 2 +- drivers/media/platform/vivid/vivid-core.c | 22 ++++++++ drivers/media/platform/vivid/vivid-core.h | 2 + drivers/media/platform/vivid/vivid-vid-cap.c | 27 +++++++-- drivers/media/v4l2-core/v4l2-dv-timings.c | 14 +++++ drivers/mmc/core/sdio_bus.c | 3 +- drivers/net/can/mscan/mpc5xxx_can.c | 8 ++- drivers/net/can/rcar/rcar_canfd.c | 6 +- drivers/net/ethernet/hisilicon/hns/hnae.c | 4 +- drivers/net/ethernet/ibm/ehea/ehea_main.c | 1 + drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 31 ++++++++--- drivers/net/ethernet/intel/i40e/i40e_type.h | 4 ++ drivers/net/ethernet/lantiq_etop.c | 1 - drivers/net/ethernet/micrel/ksz884x.c | 2 +- drivers/usb/core/quirks.c | 9 +++ drivers/usb/gadget/udc/bdc/bdc_udc.c | 1 + drivers/usb/host/xhci-mem.c | 20 ++++--- drivers/video/fbdev/smscufx.c | 55 ++++++++++--------- drivers/xen/gntdev.c | 30 ++++++++-- fs/kernfs/dir.c | 5 +- fs/ocfs2/namei.c | 23 ++++---- include/uapi/linux/videodev2.h | 3 +- mm/hugetlb.c | 2 +- net/atm/mpoa_proc.c | 3 +- net/ieee802154/socket.c | 4 +- net/ipv4/tcp_input.c | 3 +- net/kcm/kcmsock.c | 23 +++++--- net/mac802154/rx.c | 5 +- net/openvswitch/datapath.c | 3 +- sound/aoa/soundbus/i2sbus/core.c | 7 ++- sound/pci/ac97/ac97_codec.c | 1 + sound/pci/au88x0/au88x0.h | 6 +- sound/pci/au88x0/au88x0_core.c | 2 +- sound/synth/emux/emux.c | 7 +-- tools/iio/iio_utils.c | 4 ++ 49 files changed, 369 insertions(+), 113 deletions(-)

3 years, 1 month

5
48
0 0

[PATCH 4.14 00/60] 4.14.298-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.298 release. There are 60 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 04 Nov 2022 02:20:38 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.298-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.298-rc1 Biju Das <biju.das.jz(a)bp.renesas.com> can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global FIFO receive Yang Yingliang <yangyingliang(a)huawei.com> net: ehea: fix possible memory leak in ehea_register_port() Aaron Conole <aconole(a)redhat.com> openvswitch: switch from WARN to pr_warn Takashi Iwai <tiwai(a)suse.de> ALSA: aoa: Fix I2S device accounting Yang Yingliang <yangyingliang(a)huawei.com> ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() Sudeep Holla <sudeep.holla(a)arm.com> PM: domains: Fix handling of unavailable/disabled idle states Yang Yingliang <yangyingliang(a)huawei.com> net: ksz884x: fix missing pci_disable_device() on error in pcidev_init() Slawomir Laba <slawomirx.laba(a)intel.com> i40e: Fix flow-type by setting GL_HASH_INSET registers Slawomir Laba <slawomirx.laba(a)intel.com> i40e: Fix ethtool rx-flow-hash setting for X722 Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: v4l2-dv-timings: add sanity checks for blanking values Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vivid: dev->bitmap_cap wasn't freed in all cases Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vivid: s_fbuf: add more sanity checks Mario Limonciello <mario.limonciello(a)amd.com> PM: hibernate: Allow hybrid sleep to work with s2idle Dongliang Mu <dzm91(a)hust.edu.cn> can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path Neal Cardwell <ncardwell(a)google.com> tcp: fix indefinite deferral of RTO with SACK reneging Zhang Changzhong <zhangchangzhong(a)huawei.com> net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY Eric Dumazet <edumazet(a)google.com> kcm: annotate data-races around kcm->rx_wait Eric Dumazet <edumazet(a)google.com> kcm: annotate data-races around kcm->rx_psock Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: add the bit rate quirk for Molex cables Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: fix the SFP compliance codes check for DAC cables Chen Zhongjin <chenzhongjin(a)huawei.com> x86/unwind/orc: Fix unreliable stack dump with gcov Yang Yingliang <yangyingliang(a)huawei.com> ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() Randy Dunlap <rdunlap(a)infradead.org> arc: iounmap() arg is volatile Nathan Huckleberry <nhuck(a)google.com> drm/msm: Fix return type of mdp4_lvds_connector_mode_valid Wei Yongjun <weiyongjun1(a)huawei.com> net: ieee802154: fix error return code in dgram_bind() Rik van Riel <riel(a)surriel.com> mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages M. Vefa Bicakci <m.v.b(a)runbox.com> xen/gntdev: Prevent leaking grants Jan Beulich <jbeulich(a)suse.com> Xen/gntdev: don't ignore kernel unmapping error Heiko Carstens <hca(a)linux.ibm.com> s390/futex: add missing EX_TABLE entry to __futex_atomic_op() Christian A. Ehrhardt <lk(a)c--e.de> kernfs: fix use-after-free in __kernfs_remove Matthew Ma <mahongwei(a)zeku.com> mmc: core: Fix kernel panic when remove non-standard SDIO card Johan Hovold <johan+linaro(a)kernel.org> drm/msm/hdmi: fix memory corruption with too many bridges Miquel Raynal <miquel.raynal(a)bootlin.com> mac802154: Fix LQI recording Hyunwoo Kim <imv4bel(a)gmail.com> fbdev: smscufx: Fix several use-after-free bugs Shreeya Patel <shreeya.patel(a)collabora.com> iio: light: tsl2583: Fix module unloading Matti Vaittinen <mazziesaccount(a)gmail.com> tools: iio: iio_utils: fix digit calculation Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Remove device endpoints from bandwidth list when freeing the device Jens Glathe <jens.glathe(a)oldschoolsolutions.biz> usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller Justin Chen <justinpopo6(a)gmail.com> usb: bdc: change state when port disconnected Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> usb: dwc3: gadget: Don't set IMI for no_interrupt Hannu Hartikainen <hannu(a)hrtk.in> USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM Jason A. Donenfeld <Jason(a)zx2c4.com> ALSA: au88x0: use explicitly signed char Steven Rostedt (Google) <rostedt(a)goodmis.org> ALSA: Use del_timer_sync() before freeing timer Werner Sembach <wse(a)tuxedocomputers.com> ACPI: video: Force backlight native for more TongFang devices Chen-Yu Tsai <wenst(a)chromium.org> media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls Jerry Snitselaar <jsnitsel(a)redhat.com> iommu/vt-d: Clean up si_domain in the init_dmars() error path Yang Yingliang <yangyingliang(a)huawei.com> net: hns: fix possible memory leak in hnae_ae_register() Xiaobo Liu <cppcoffee(a)gmail.com> net/atm: fix proc_mpc_write incorrect return value José Expósito <jose.exposito89(a)gmail.com> HID: magicmouse: Do not set BTN_MOUSE on double report Tony Luck <tony.luck(a)intel.com> ACPI: extlog: Handle multiple records Filipe Manana <fdmanana(a)suse.com> btrfs: fix processing of delayed data refs during backref walking Jean-Francois Le Fillatre <jflf_kernel(a)gmx.com> r8152: add PID for the Lenovo OneLink+ Dock James Morse <james.morse(a)arm.com> arm64: errata: Remove AES hwcap for COMPAT tasks Eric Ren <renzhengeek(a)gmail.com> KVM: arm64: vgic: Fix exit condition in scan_its_table() Kai-Heng Feng <kai.heng.feng(a)canonical.com> ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS Alexander Stein <alexander.stein(a)ew.tq-group.com> ata: ahci-imx: Fix MODULE_ALIAS Borislav Petkov <bp(a)suse.de> x86/microcode/AMD: Apply the patch early on every logical thread Joseph Qi <joseph.qi(a)linux.alibaba.com> ocfs2: fix BUG when iput after ocfs2_mknod fails Joseph Qi <joseph.qi(a)linux.alibaba.com> ocfs2: clear dinode links count in case of error ------------- Diffstat: Documentation/arm64/silicon-errata.txt | 2 + Makefile | 4 +- arch/arc/include/asm/io.h | 2 +- arch/arc/mm/ioremap.c | 2 +- arch/arm64/Kconfig | 16 ++++ arch/arm64/include/asm/cpucaps.h | 3 +- arch/arm64/kernel/cpu_errata.c | 16 ++++ arch/arm64/kernel/cpufeature.c | 13 ++- arch/s390/include/asm/futex.h | 3 +- arch/x86/kernel/cpu/microcode/amd.c | 16 +++- arch/x86/kernel/unwind_orc.c | 2 +- drivers/acpi/acpi_extlog.c | 33 ++++--- drivers/acpi/video_detect.c | 64 +++++++++++++ drivers/ata/ahci.h | 2 +- drivers/ata/ahci_imx.c | 2 +- drivers/base/power/domain.c | 4 + drivers/gpu/drm/msm/hdmi/hdmi.c | 5 ++ drivers/gpu/drm/msm/mdp/mdp4/mdp4_lvds_connector.c | 5 +- drivers/hid/hid-magicmouse.c | 2 +- drivers/iio/light/tsl2583.c | 2 +- drivers/iommu/intel-iommu.c | 5 ++ drivers/media/platform/vivid/vivid-core.c | 22 +++++ drivers/media/platform/vivid/vivid-core.h | 2 + drivers/media/platform/vivid/vivid-vid-cap.c | 27 ++++-- drivers/media/v4l2-core/v4l2-dv-timings.c | 14 +++ drivers/media/v4l2-core/v4l2-mem2mem.c | 62 +++++++++---- drivers/mmc/core/sdio_bus.c | 3 +- drivers/net/can/mscan/mpc5xxx_can.c | 8 +- drivers/net/can/rcar/rcar_canfd.c | 6 +- drivers/net/ethernet/amd/xgbe/xgbe-phy-v2.c | 17 ++-- drivers/net/ethernet/hisilicon/hns/hnae.c | 4 +- drivers/net/ethernet/ibm/ehea/ehea_main.c | 1 + drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 100 ++++++++++++--------- drivers/net/ethernet/intel/i40e/i40e_type.h | 4 + drivers/net/ethernet/lantiq_etop.c | 1 - drivers/net/ethernet/micrel/ksz884x.c | 2 +- drivers/net/usb/cdc_ether.c | 7 ++ drivers/net/usb/r8152.c | 1 + drivers/usb/core/quirks.c | 9 ++ drivers/usb/dwc3/gadget.c | 4 +- drivers/usb/gadget/udc/bdc/bdc_udc.c | 1 + drivers/usb/host/xhci-mem.c | 20 +++-- drivers/usb/host/xhci-pci.c | 8 +- drivers/video/fbdev/smscufx.c | 55 ++++++------ drivers/xen/gntdev.c | 30 +++++-- fs/btrfs/backref.c | 33 +++++-- fs/kernfs/dir.c | 5 +- fs/ocfs2/namei.c | 23 +++-- include/uapi/linux/videodev2.h | 3 +- kernel/power/hibernate.c | 2 +- mm/hugetlb.c | 2 +- net/atm/mpoa_proc.c | 3 +- net/ieee802154/socket.c | 4 +- net/ipv4/tcp_input.c | 3 +- net/kcm/kcmsock.c | 23 +++-- net/mac802154/rx.c | 5 +- net/openvswitch/datapath.c | 3 +- sound/aoa/soundbus/i2sbus/core.c | 7 +- sound/pci/ac97/ac97_codec.c | 1 + sound/pci/au88x0/au88x0.h | 6 +- sound/pci/au88x0/au88x0_core.c | 2 +- sound/synth/emux/emux.c | 7 +- tools/iio/iio_utils.c | 4 + virt/kvm/arm/vgic/vgic-its.c | 5 +- 64 files changed, 553 insertions(+), 199 deletions(-)

3 years, 1 month

3
62
0 0

[PATCH RT 2/4] timers: Move clearing of base::timer_running under base:: Lock

by Daniel Wagner

From: Thomas Gleixner <tglx(a)linutronix.de> v4.19.255-rt114-rc2 stable review patch. If anyone has any objections, please let me know. ----------- Upstream commit bb7262b295472eb6858b5c49893954794027cd84 syzbot reported KCSAN data races vs. timer_base::timer_running being set to NULL without holding base::lock in expire_timers(). This looks innocent and most reads are clearly not problematic, but Frederic identified an issue which is: int data = 0; void timer_func(struct timer_list *t) { data = 1; } CPU 0 CPU 1 ------------------------------ -------------------------- base = lock_timer_base(timer, &flags); raw_spin_unlock(&base->lock); if (base->running_timer != timer) call_timer_fn(timer, fn, baseclk); ret = detach_if_pending(timer, base, true); base->running_timer = NULL; raw_spin_unlock_irqrestore(&base->lock, flags); raw_spin_lock(&base->lock); x = data; If the timer has previously executed on CPU 1 and then CPU 0 can observe base->running_timer == NULL and returns, assuming the timer has completed, but it's not guaranteed on all architectures. The comment for del_timer_sync() makes that guarantee. Moving the assignment under base->lock prevents this. For non-RT kernel it's performance wise completely irrelevant whether the store happens before or after taking the lock. For an RT kernel moving the store under the lock requires an extra unlock/lock pair in the case that there is a waiter for the timer, but that's not the end of the world. Reported-by: syzbot+aa7c2385d46c5eba0b89(a)syzkaller.appspotmail.com Reported-by: syzbot+abea4558531bae1ba9fe(a)syzkaller.appspotmail.com Fixes: 030dcdd197d7 ("timers: Prepare support for PREEMPT_RT") Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Tested-by: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> Link: https://lore.kernel.org/r/87lfea7gw8.fsf@nanos.tec.linutronix.de Cc: stable(a)vger.kernel.org Signed-off-by: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> Signed-off-by: Daniel Wagner <wagi(a)monom.org> --- kernel/time/timer.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/kernel/time/timer.c b/kernel/time/timer.c index b859ecf6424b..603985720f54 100644 --- a/kernel/time/timer.c +++ b/kernel/time/timer.c @@ -1282,8 +1282,10 @@ static inline void timer_base_unlock_expiry(struct timer_base *base) static void timer_sync_wait_running(struct timer_base *base) { if (atomic_read(&base->timer_waiters)) { + raw_spin_unlock_irq(&base->lock); spin_unlock(&base->expiry_lock); spin_lock(&base->expiry_lock); + raw_spin_lock_irq(&base->lock); } } @@ -1458,14 +1460,14 @@ static void expire_timers(struct timer_base *base, struct hlist_head *head) if (timer->flags & TIMER_IRQSAFE) { raw_spin_unlock(&base->lock); call_timer_fn(timer, fn); - base->running_timer = NULL; raw_spin_lock(&base->lock); + base->running_timer = NULL; } else { raw_spin_unlock_irq(&base->lock); call_timer_fn(timer, fn); + raw_spin_lock_irq(&base->lock); base->running_timer = NULL; timer_sync_wait_running(base); - raw_spin_lock_irq(&base->lock); } } } -- 2.38.0

3 years, 1 month

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror November 2022