December 2022 - Linux-stable-mirror

[PATCH v2] Input: xen-kbdfront - drop keys to shrink modalias

by Jason Andryuk

xen kbdfront registers itself as being able to deliver *any* key since it doesn't know what keys the backend may produce. Unfortunately, the generated modalias gets too large and uevent creation fails with -ENOMEM. This can lead to gdm not using the keyboard since there is no seat associated [1] and the debian installer crashing [2]. Trim the ranges of key capabilities by removing some BTN_* ranges. While doing this, some neighboring undefined ranges are removed to trim it further. An upper limit of KEY_KBD_LCD_MENU5 is still too large. Use an upper limit of KEY_BRIGHTNESS_MENU. This removes: BTN_DPAD_UP(0x220)..BTN_DPAD_RIGHT(0x223) Empty space 0x224..0x229 Empty space 0x28a..0x28f KEY_MACRO1(0x290)..KEY_MACRO30(0x2ad) KEY_MACRO_RECORD_START 0x2b0 KEY_MACRO_RECORD_STOP 0x2b1 KEY_MACRO_PRESET_CYCLE 0x2b2 KEY_MACRO_PRESET1(0x2b3)..KEY_MACRO_PRESET3(0xb5) Empty space 0x2b6..0x2b7 KEY_KBD_LCD_MENU1(0x2b8)..KEY_KBD_LCD_MENU5(0x2bc) Empty space 0x2bd..0x2bf BTN_TRIGGER_HAPPY(0x2c0)..BTN_TRIGGER_HAPPY40(0x2e7) Empty space 0x2e8..0x2ff The modalias shrinks from 2082 to 1550 bytes. A chunk of keys need to be removed to allow the keyboard to be used. This may break some functionality, but the hope is these macro keys are uncommon and don't affect any users. [1] https://github.com/systemd/systemd/issues/22944 [2] https://lore.kernel.org/xen-devel/87o8dw52jc.fsf@vps.thesusis.net/T/ Cc: Phillip Susi <phill(a)thesusis.net> Cc: stable(a)vger.kernel.org Signed-off-by: Jason Andryuk <jandryuk(a)gmail.com> --- drivers/input/misc/xen-kbdfront.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) v2: Remove more keys: v1 didn't remove enough and modalias was still broken. diff --git a/drivers/input/misc/xen-kbdfront.c b/drivers/input/misc/xen-kbdfront.c index 8d8ebdc2039b..4ecb579df748 100644 --- a/drivers/input/misc/xen-kbdfront.c +++ b/drivers/input/misc/xen-kbdfront.c @@ -256,7 +256,14 @@ static int xenkbd_probe(struct xenbus_device *dev, __set_bit(EV_KEY, kbd->evbit); for (i = KEY_ESC; i < KEY_UNKNOWN; i++) __set_bit(i, kbd->keybit); - for (i = KEY_OK; i < KEY_MAX; i++) + /* In theory we want to go KEY_OK..KEY_MAX, but that grows the + * modalias line too long. There is a gap of buttons from + * BTN_DPAD_UP..BTN_DPAD_RIGHT and KEY_ALS_TOGGLE is the next + * defined. Then continue up to KEY_BRIGHTNESS_MENU as an upper + * limit. */ + for (i = KEY_OK; i < BTN_DPAD_UP; i++) + __set_bit(i, kbd->keybit); + for (i = KEY_ALS_TOGGLE; i <= KEY_BRIGHTNESS_MENU; i++) __set_bit(i, kbd->keybit); ret = input_register_device(kbd); -- 2.38.1

1 year, 4 months

2
4
0 0

tcpci module in Kernel 5.15.74 with PTN5110 not working correctly

by Christian Bach

Hello For a few weeks now I am trying to make the PTN5110 chip work with the new Kernel 5.15.74. The same hardware setup was working with the 4.19.72 Kernel. The steps I took so far are as follows: 1. Study the Documentation and look at example Device Tree's in the Kernel 2. Try out different Device Tree configurations derived from the Documentation and examples 3. I did look on Stackoverflow, the NXP and other forums for any similar issue but could not find any 4. Updating the Kernel to the newest Version I was able to find: 5.15.74 (Hash: f0bee94053065c7cb8eacadfdd6bf739a2042b35 in Repo: git://git.yoctoproject.org/linux-yocto.git;branch=v5.15/standard/base) 5. Downgrade to the earliest Kernel possible: v5.10-rc1 (Hash: 3650b228f83adda7e5ee532e2b90429c03f7b9ec in Repo: git://git.yoctoproject.org/linux-yocto.git;branch=v5.15/standard/base) None of those steps had any effect. Every time I plug in a USB-A to USB-C cable the Kernel gets stuck in the ISR until I unplug the cable. (Attaching a full USB-PD capable Power Source over a USB-C cable works fine) This results in an unreasonable high CPU usage (most of the times the CPU gets blocked completely). I did analyze the I2C bus and found that the old Kernel did change many configurations after the A-C cable got attached while the new Kernel does nothing (please see logs below). I also did compare what happens on the I2C bus during chip initialization but did not find any mentionable differences. My HW setup is an i.mx6ul with the PTN5110 attached on I2C4. ================================================= My device tree looks like this: / { regulators { compatible = "simple-bus"; #address-cells = <1>; #size-cells = <0>; reg_usb_otg1_vbus: regulator@2 { compatible = "regulator-fixed"; reg = <2>; regulator-name = "usb_otg1_vbus"; pinctrl-names = "default"; pinctrl-0 = <&pinctrl_usb_otg1_vbus>; regulator-min-microvolt = <5000000>; regulator-max-microvolt = <5000000>; gpio = <&gpio2 8 GPIO_ACTIVE_HIGH>; enable-active-high; status = "okay"; }; }; }; &usbotg1 { /*pinctrl-names = "default"; pinctrl-0 = <&pinctrl_usbotg1>;*/ dr_mode = "otg"; status = "okay"; disable-over-current; vbus-supply = <&reg_usb_otg1_vbus>; }; &i2c4 { clock-frequency = <100000>; pinctrl-names = "default"; pinctrl-0 = <&pinctrl_i2c4>; status = "okay"; usb_pd: ptn5110@50 { compatible = "nxp,ptn5110"; reg = <0x50>; pinctrl-names = "default"; pinctrl-0 = <&pinctrl_usb_pd>; interrupt-parent = <&gpio2>; interrupts = <11 IRQ_TYPE_LEVEL_LOW>; wakeup-source; usb_con: connector { compatible = "usb-c-connector"; label = "USB-C"; data-role = "dual"; power-role = "dual"; try-power-role = "sink"; source-pdos = <PDO_FIXED(VSAFE5V, 2000, PDO_FIXED_USB_COMM | PDO_FIXED_DUAL_ROLE)>; sink-pdos = <PDO_FIXED(VSAFE5V, 2000, PDO_FIXED_USB_COMM | PDO_FIXED_DUAL_ROLE) //PDO_FIXED(VSAFE5V, 3000, 0) //PDO_FIXED(9000, 3000, 0) PDO_FIXED(12000, 3000, 0) PDO_FIXED(20000, 3000, 0)>; //PDO_FIXED(20000, 5000, 0)>; op-sink-microwatt = <10000000>; }; }; }; &iomuxc { pinctrl_i2c4: i2c4grp { fsl,pins = < MX6UL_PAD_UART2_TX_DATA__I2C4_SCL 0x4001b8b0 MX6UL_PAD_UART2_RX_DATA__I2C4_SDA 0x4001b8b0 >; }; pinctrl_usb_pd: usbpdgrp { fsl,pins = < MX6UL_PAD_ENET2_TX_DATA0__GPIO2_IO11 0x0001b020 /* Alert Interrupt */ MX6UL_PAD_ENET2_TX_CLK__GPIO2_IO14 0x0001b020 /* Fault Interrupt */ >; }; pinctrl_usb_otg1_vbus: usbotg1 { fsl,pins = < MX6UL_PAD_ENET2_RX_DATA0__GPIO2_IO08 0x000000b9 MX6UL_PAD_ENET2_RX_DATA1__USB_OTG1_OC 0x000010b0 >; }; }; ================================================= I2C Log on plug in event of Kernel 5.15.68: Direction | Address | Data ------------------------------- Read | 10 | 02 22 Write | 10 | 02 22 Read | 14 | 04 Read | 10 | 02 02 Write | 10 | 02 02 Read | 1E | 0C Read | 14 | 04 Read | 10 | 03 02 Write | 10 | 03 02 Read | 1E | 0C Read | 1A | 4A Read | 14 | 04 Read | 1D | 11 Read | 1E | 0C Pause for 200ms Read | 1A | 4A Read | 1A | 4A Read | 1D | 11 Write | 1A | 0E Write | 19 | 00 Write | 2E | 02 Write | 23 | 66 Write | 23 | 55 Write | 2F | 21 Pause for 300ms Write | 51 | 02 Write | 52 | 00 00 Write | 50 | 25 Read | 10 | 50 02 Write | 10 | 50 02 Read | 10 | 00 02 Write | 10 | 00 02 Write | 72 | 8C 00 Read | 1C | 60 Read | 10 | 00 02 Write | 10 | 00 02 Write | 2F | 00 Read | 1C | 60 Read | 10 | 00 02 Write | 10 | 00 02 Write | 2E | 02 Read | 10 | 00 02 Write | 10 | 00 02 Read | 10 | 00 02 Write | 10 | 00 02 Read | 10 | 00 02 Write | 10 | 00 02 Read | 10 | 00 02 Write | 10 | 00 02 (It will loop like this until the cable gets detached) I2C Log on plug in event of Kernel 5.15.68: Direction | Address | Data ------------------------------- Read | 10 | 02 22 Write | 10 | 02 22 Read | 14 | 04 Read | 10 | 02 02 Write | 10 | 02 02 Read | 1E | 0C Read | 14 | 04 Read | 10 | 02 02 Write | 10 | 02 02 Read | 1E | 0C Read | 14 | 04 Read | 1E | 0C Pause for 200ms Read | 10 | 01 02 Write | 10 | 01 02 Read | 1D | 11 Pause for 250ms Read | 1A | 4A Write | 1A | 4E Write | 19 | 00 Write | 2E | 02 Write | 23 | 66 Write | 23 | 55 Write | 2F | 21 Pause for 4ms Write | 51 | 02 Write | 52 | 00 00 Write | 50 | 35 Read | 10 | 50 02 Write | 10 | 50 02 Read | 10 | 00 02 Write | 10 | 00 02 Write | 2F | 00 Read | 10 | 00 02 Write | 10 | 00 02 Read | 1C | 60 Read | 10 | 00 02 Write | 10 | 00 02 Write | 23 | 66 Read | 10 | 02 02 Write | 10 | 02 02 Write | 23 | 44 Read | 14 | FF Write | 2E | 02 Read | 1E | 0C Write | 10 | FF FF Write | 14 | 04 Write | 23 | 33 Write | 12 | 7F 00 Write | 2F | 00 Write | 23 | 66 Write | 23 | 44 Read | 1C | 60 Read | 1A | 4E Write | 1A | 4E Write | 19 | 00 Write | 2E | 02 Read | 1E | 0C Read | 1D | 11 Write | 2F | 00 Write | 23 | 66 Write | 23 | 44 Read | 1C | 60 Read | 1A | 4E Write | 1A | 4E Write | 19 | 00 Write | 2E | 02 Write | 1A | 0F Read | 10 | 01 02 Write | 10 | 01 02 Read | 1D | 00 Write | 1A | 4A Write | 23 | 99 Read | 10 | 01 02 Write | 10 | 01 02 Read | 1D | 11 (no more communication after this point) -- Dipl. El-Ing. FH Christian Bach, Projektleiter Direct +41 43 456 16 96 . http://www.scs.ch Supercomputing Systems AG . Technoparkstrasse 1 . CH-8005 Zürich

1 year, 5 months

3
9
0 0

[PATCH 0/6] hwpoison, shmem, hugetlb: fix data loss issue 5.10.y

by Mike Kravetz

This is a request for adding the following patches to stable 5.10.y. Poisoned shmem and hugetlb pages are removed from the pagecache. Subsequent access to the offset in the file results in a NEW zero filled page. Application code does not get notified of the data loss, and the only 'clue' is a message in the system log. Data loss has been experienced by real users. This was addressed upstream. Most commits were marked for backports, but some were not. This was discussed here [1] and here [2]. Patches apply cleanly to v5.4.224 and pass tests checking for this specific data loss issue. LTP mm tests show no regressions. All patches except 4 "mm: hwpoison: handle non-anonymous THP correctly" required a small bit of change to apply correctly: mostly for context. linux-mm Cc'ed as it would be great to get at least an ACK from others familiar with this issue. [1] https://lore.kernel.org/linux-mm/Y2UTUNBHVY5U9si2@monkey/ [2] https://lore.kernel.org/stable/20221114131403.GA3807058@u2004/ James Houghton (1): hugetlbfs: don't delete error page from pagecache Yang Shi (5): mm: hwpoison: remove the unnecessary THP check mm: filemap: check if THP has hwpoisoned subpage for PMD page fault mm: hwpoison: refactor refcount check handling mm: hwpoison: handle non-anonymous THP correctly mm: shmem: don't truncate page if memory failure happens fs/hugetlbfs/inode.c | 13 ++-- include/linux/page-flags.h | 23 ++++++ mm/huge_memory.c | 2 + mm/hugetlb.c | 4 + mm/memory-failure.c | 153 ++++++++++++++++++++++++------------- mm/memory.c | 9 +++ mm/page_alloc.c | 4 +- mm/shmem.c | 51 +++++++++++-- 8 files changed, 191 insertions(+), 68 deletions(-) -- 2.38.1

1 year, 5 months

2
7
0 0

[PATCH 5.4 00/67] 5.4.227-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.4.227 release. There are 67 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 14 Dec 2022 13:08:57 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.227-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.4.227-rc1 Frank Jungclaus <frank.jungclaus(a)esd.eu> can: esd_usb: Allow REC and TEC to return to zero Dan Carpenter <error27(a)gmail.com> net: mvneta: Fix an out of bounds check Eric Dumazet <edumazet(a)google.com> ipv6: avoid use-after-free in ip6_fragment() Yang Yingliang <yangyingliang(a)huawei.com> net: plip: don't call kfree_skb/dev_kfree_skb() under spin_lock_irq() Juergen Gross <jgross(a)suse.com> xen/netback: fix build warning Zhang Changzhong <zhangchangzhong(a)huawei.com> ethernet: aeroflex: fix potential skb leak in greth_init_rings() Ido Schimmel <idosch(a)nvidia.com> ipv4: Fix incorrect route flushing when table ID 0 is used Ido Schimmel <idosch(a)nvidia.com> ipv4: Fix incorrect route flushing when source address is deleted YueHaibing <yuehaibing(a)huawei.com> tipc: Fix potential OOB in tipc_link_proto_rcv() Liu Jian <liujian56(a)huawei.com> net: hisilicon: Fix potential use-after-free in hix5hd2_rx() Liu Jian <liujian56(a)huawei.com> net: hisilicon: Fix potential use-after-free in hisi_femac_rx() Yongqiang Liu <liuyongqiang13(a)huawei.com> net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq Jisheng Zhang <jszhang(a)kernel.org> net: stmmac: fix "snps,axi-config" node property parsing Pankaj Raghav <p.raghav(a)samsung.com> nvme initialize core quirks before calling nvme_init_subsystem Kees Cook <keescook(a)chromium.org> NFC: nci: Bounds check struct nfc_target arrays Przemyslaw Patynowski <przemyslawx.patynowski(a)intel.com> i40e: Disallow ip4 and ip6 l4_4_bytes Sylwester Dziedziuch <sylwesterx.dziedziuch(a)intel.com> i40e: Fix for VF MAC address 0 Michal Jaron <michalx.jaron(a)intel.com> i40e: Fix not setting default xps_cpus after reset Dan Carpenter <error27(a)gmail.com> net: mvneta: Prevent out of bounds read in mvneta_config_rss() Lin Liu <lin.liu(a)citrix.com> xen-netfront: Fix NULL sring after live migration Valentina Goncharenko <goncharenko.vp(a)ispras.ru> net: encx24j600: Fix invalid logic in reading of MISTAT register Valentina Goncharenko <goncharenko.vp(a)ispras.ru> net: encx24j600: Add parentheses to fix precedence Wei Yongjun <weiyongjun1(a)huawei.com> mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() Zhengchao Shao <shaozhengchao(a)huawei.com> selftests: rtnetlink: correct xfrm policy rule in kci_test_ipsec_offload Artem Chernyshev <artem.chernyshev(a)red-soft.ru> net: dsa: ksz: Check return value Chen Zhongjin <chenzhongjin(a)huawei.com> Bluetooth: Fix not cleanup led when bt_init fails Wang ShaoBo <bobo.shaobowang(a)huawei.com> Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn() Kuniyuki Iwashima <kuniyu(a)amazon.com> af_unix: Get user_ns from in_skb in unix_diag_get_exact(). Akihiko Odaki <akihiko.odaki(a)daynix.com> igb: Allocate MSI-X vector when testing Akihiko Odaki <akihiko.odaki(a)daynix.com> e1000e: Fix TX dispatch condition Xiongfeng Wang <wangxiongfeng2(a)huawei.com> gpio: amd8111: Fix PCI device reference count leak Qiqi Zhang <eddy.zhang(a)rock-chips.com> drm/bridge: ti-sn65dsi86: Fix output polarity setting bug Hauke Mehrtens <hauke(a)hauke-m.de> ca8210: Fix crash by zero initializing data Ziyang Xuan <william.xuanziyang(a)huawei.com> ieee802154: cc2520: Fix error return code in cc2520_hw_init() Baolin Wang <baolin.wang(a)linux.alibaba.com> mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page Oliver Hartkopp <socketcan(a)hartkopp.net> can: af_can: fix NULL pointer dereference in can_rcv_filter ZhangPeng <zhangpeng362(a)huawei.com> HID: core: fix shift-out-of-bounds in hid_report_raw_event Anastasia Belova <abelova(a)astralinux.ru> HID: hid-lg4ff: Add check for empty lbuf Ankit Patel <anpatel(a)nvidia.com> HID: usbhid: Add ALWAYS_POLL quirk for some mice Rob Clark <robdclark(a)chromium.org> drm/shmem-helper: Remove errant put in error path Thomas Huth <thuth(a)redhat.com> KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field John Starks <jostarks(a)microsoft.com> mm/gup: fix gup_pud_range() for dax Tejun Heo <tj(a)kernel.org> memcg: fix possible use-after-free in memcg_write_event_control() Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: v4l2-dv-timings.c: fix too strict blanking sanity checks Rafał Miłecki <rafal(a)milecki.pl> Revert "net: dsa: b53: Fix valid setting for MDB entries" Juergen Gross <jgross(a)suse.com> xen/netback: don't call kfree_skb() with interrupts disabled Juergen Gross <jgross(a)suse.com> xen/netback: do some code cleanup Ross Lagerwall <ross.lagerwall(a)citrix.com> xen/netback: Ensure protocol headers don't fall in the non-linear area Jann Horn <jannh(a)google.com> mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths Jann Horn <jannh(a)google.com> mm/khugepaged: fix GUP-fast interaction by sending IPI Jann Horn <jannh(a)google.com> mm/khugepaged: take the right locks for page table retraction Davide Tronchin <davide.tronchin.94(a)gmail.com> net: usb: qmi_wwan: add u-blox 0x1342 composition Dominique Martinet <asmadeus(a)codewreck.org> 9p/xen: check logical size for buffer size Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> fbcon: Use kzalloc() in fbcon_prepare_logo() Andreas Kemnade <andreas(a)kemnade.info> regulator: twl6030: fix get status of twl6032 regulators Srinivasa Rao Mandadapu <quic_srivasam(a)quicinc.com> ASoC: soc-pcm: Add NULL check in BE reparenting Filipe Manana <fdmanana(a)suse.com> btrfs: send: avoid unaligned encoded writes when attempting to clone range Kees Cook <keescook(a)chromium.org> ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event Konrad Dybcio <konrad.dybcio(a)linaro.org> regulator: slg51000: Wait after asserting CS pin GUO Zihua <guozihua(a)huawei.com> 9p/fd: Use P9_HDRSZ for header size Johan Jonker <jbx6244(a)gmail.com> ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188 Giulio Benetti <giulio.benetti(a)benettiengineering.com> ARM: 9266/1: mm: fix no-MMU ZERO_PAGE() implementation Tomislav Novak <tnovak(a)fb.com> ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels Johan Jonker <jbx6244(a)gmail.com> ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name Johan Jonker <jbx6244(a)gmail.com> ARM: dts: rockchip: fix ir-receiver node names Sebastian Reichel <sebastian.reichel(a)collabora.com> arm: dts: rockchip: fix node name for hym8563 rtc FUKAUMI Naoki <naoki(a)radxa.com> arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4 series ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/rk3036-evb.dts | 2 +- arch/arm/boot/dts/rk3188-radxarock.dts | 2 +- arch/arm/boot/dts/rk3188.dtsi | 3 +- arch/arm/boot/dts/rk3288-evb-act8846.dts | 2 +- arch/arm/boot/dts/rk3288-firefly.dtsi | 2 +- arch/arm/boot/dts/rk3288-miqi.dts | 2 +- arch/arm/boot/dts/rk3288-rock2-square.dts | 2 +- arch/arm/boot/dts/rk3xxx.dtsi | 7 + arch/arm/include/asm/perf_event.h | 2 +- arch/arm/include/asm/pgtable-nommu.h | 6 - arch/arm/include/asm/pgtable.h | 16 +- arch/arm/mm/nommu.c | 19 + arch/arm64/boot/dts/rockchip/rk3399-rock-pi-4.dts | 1 - arch/s390/kvm/vsie.c | 4 +- drivers/gpio/gpio-amd8111.c | 4 + drivers/gpu/drm/bridge/ti-sn65dsi86.c | 4 +- drivers/gpu/drm/drm_gem_shmem_helper.c | 4 +- drivers/hid/hid-core.c | 3 + drivers/hid/hid-ids.h | 3 + drivers/hid/hid-lg4ff.c | 6 + drivers/hid/hid-quirks.c | 3 + drivers/media/v4l2-core/v4l2-dv-timings.c | 20 +- drivers/net/can/usb/esd_usb2.c | 6 + drivers/net/dsa/b53/b53_common.c | 1 + drivers/net/ethernet/aeroflex/greth.c | 1 + drivers/net/ethernet/cavium/thunder/nicvf_main.c | 4 +- drivers/net/ethernet/hisilicon/hisi_femac.c | 2 +- drivers/net/ethernet/hisilicon/hix5hd2_gmac.c | 2 +- drivers/net/ethernet/intel/e1000e/netdev.c | 4 +- drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 6 +- drivers/net/ethernet/intel/i40e/i40e_main.c | 19 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 2 + drivers/net/ethernet/intel/igb/igb_ethtool.c | 2 + drivers/net/ethernet/marvell/mvneta.c | 2 +- drivers/net/ethernet/microchip/encx24j600-regmap.c | 4 +- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 8 +- drivers/net/ieee802154/ca8210.c | 2 +- drivers/net/ieee802154/cc2520.c | 2 +- drivers/net/plip/plip.c | 4 +- drivers/net/usb/qmi_wwan.c | 1 + drivers/net/xen-netback/common.h | 14 +- drivers/net/xen-netback/interface.c | 22 +- drivers/net/xen-netback/netback.c | 229 +-- drivers/net/xen-netback/rx.c | 10 +- drivers/net/xen-netfront.c | 6 + drivers/nvme/host/core.c | 8 +- drivers/regulator/slg51000-regulator.c | 2 + drivers/regulator/twl6030-regulator.c | 15 +- drivers/video/fbdev/core/fbcon.c | 2 +- fs/btrfs/send.c | 24 +- include/asm-generic/tlb.h | 4 + include/linux/cgroup.h | 1 + include/linux/hugetlb.h | 6 +- kernel/cgroup/cgroup-internal.h | 1 - mm/gup.c | 15 +- mm/hugetlb.c | 28 +- mm/khugepaged.c | 47 +- mm/memcontrol.c | 15 +- mm/mmu_gather.c | 5 + net/9p/trans_fd.c | 6 +- net/9p/trans_xen.c | 9 + net/bluetooth/6lowpan.c | 1 + net/bluetooth/af_bluetooth.c | 4 +- net/can/af_can.c | 4 +- net/dsa/tag_ksz.c | 3 +- net/ipv4/fib_frontend.c | 3 + net/ipv4/fib_semantics.c | 1 + net/ipv6/ip6_output.c | 5 + net/mac802154/iface.c | 1 + net/nfc/nci/ntf.c | 6 + net/tipc/link.c | 4 +- net/unix/diag.c | 20 +- sound/core/seq/seq_memory.c | 11 +- sound/soc/soc-pcm.c | 2 + tools/testing/selftests/net/fib_tests.sh | 1727 -------------------- tools/testing/selftests/net/rtnetlink.sh | 2 +- 77 files changed, 476 insertions(+), 1980 deletions(-)

1 year, 5 months

9
85
0 0

crypto-rockchip patches queued for 6.1

by Diederik de Haas

Hi, I couldn't find an existing mail with "[PATCH AUTOSEL 6.1 N/M] XYZ" to reply to, so I'm just sending an email like this. Hope that's ok. In https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/ tree/queue-6.1 there are a number of patches which start with: crypto-rockchip- like crypto-rockchip-add-fallback-for-ahash.patch I guess they were (auto) selected as they contain a "Fixes: <commitid>" line. Those 7 patches are actually part of a larger patch set, see here: https://lore.kernel.org/all/20220927075511.3147847-1-clabbe@baylibre.com/ All those patches have been merged into Linus' tree for 6.2 and there's a hotfix planned to be submitted for 6.2 here: https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip.git/ commit/?h=v6.2-armsoc/dtsfixes&id=53e8e1e6e9c1653095211a8edf17912f2374bb03 Wouldn't it make more sense to queue the whole patch set for 6.1? Or (at least) the whole crypto rockchip part as mentioned here: https://lore.kernel.org/all/Y5mGGrBJaDL6mnQJ@gondor.apana.org.au/ under the "Corentin Labbe (32):" label? Cheers, Diederik

1 year, 5 months

2
6
0 0

[PATCH v2] KVM: x86: Do not return host topology information from KVM_GET_SUPPORTED_CPUID

by Paolo Bonzini

Passing the host topology to the guest is almost certainly wrong and will confuse the scheduler. In addition, several fields of these CPUID leaves vary on each processor; it is simply impossible to return the right values from KVM_GET_SUPPORTED_CPUID in such a way that they can be passed to KVM_SET_CPUID2. The values that will most likely prevent confusion are all zeroes. Userspace will have to override it anyway if it wishes to present a specific topology to the guest. Cc: stable(a)vger.kernel.org Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> --- Documentation/virt/kvm/api.rst | 14 ++++++++++++++ arch/x86/kvm/cpuid.c | 32 ++++++++++++++++---------------- 2 files changed, 30 insertions(+), 16 deletions(-) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index eee9f857a986..20f4f6b302ff 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -8249,6 +8249,20 @@ CPU[EAX=1]:ECX[24] (TSC_DEADLINE) is not reported by ``KVM_GET_SUPPORTED_CPUID`` It can be enabled if ``KVM_CAP_TSC_DEADLINE_TIMER`` is present and the kernel has enabled in-kernel emulation of the local APIC. +CPU topology +~~~~~~~~~~~~ + +Several CPUID values include topology information for the host CPU: +0x0b and 0x1f for Intel systems, 0x8000001e for AMD systems. Different +versions of KVM return different values for this information and userspace +should not rely on it. Currently they return all zeroes. + +If userspace wishes to set up a guest topology, it should be careful that +the values of these three leaves differ for each CPU. In particular, +the APIC ID is found in EDX for all subleaves of 0x0b and 0x1f, and in EAX +for 0x8000001e; the latter also encodes the core id and node id in bits +7:0 of EBX and ECX respectively. + Obsolete ioctls and capabilities ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 0810e93cbedc..164bfb7e7a16 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -759,16 +759,22 @@ struct kvm_cpuid_array { int nent; }; +static struct kvm_cpuid_entry2 *get_next_cpuid(struct kvm_cpuid_array *array) +{ + if (array->nent >= array->maxnent) + return NULL; + + return &array->entries[array->nent++]; +} + static struct kvm_cpuid_entry2 *do_host_cpuid(struct kvm_cpuid_array *array, u32 function, u32 index) { - struct kvm_cpuid_entry2 *entry; + struct kvm_cpuid_entry2 *entry = get_next_cpuid(array); - if (array->nent >= array->maxnent) + if (!entry) return NULL; - entry = &array->entries[array->nent++]; - memset(entry, 0, sizeof(*entry)); entry->function = function; entry->index = index; @@ -945,22 +951,13 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function) entry->edx = edx.full; break; } - /* - * Per Intel's SDM, the 0x1f is a superset of 0xb, - * thus they can be handled by common code. - */ case 0x1f: case 0xb: /* - * Populate entries until the level type (ECX[15:8]) of the - * previous entry is zero. Note, CPUID EAX.{0x1f,0xb}.0 is - * the starting entry, filled by the primary do_host_cpuid(). + * No topology; a valid topology is indicated by the presence + * of subleaf 1. */ - for (i = 1; entry->ecx & 0xff00; ++i) { - entry = do_host_cpuid(array, function, i); - if (!entry) - goto out; - } + entry->eax = entry->ebx = entry->ecx = 0; break; case 0xd: { u64 permitted_xcr0 = kvm_caps.supported_xcr0 & xstate_get_guest_group_perm(); @@ -1193,6 +1190,9 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function) entry->ebx = entry->ecx = entry->edx = 0; break; case 0x8000001e: + /* Do not return host topology information. */ + entry->eax = entry->ebx = entry->ecx = 0; + entry->edx = 0; /* reserved */ break; case 0x8000001F: if (!kvm_cpu_cap_has(X86_FEATURE_SEV)) { -- 2.31.1

1 year, 6 months

3
12
0 0

[PATCH] clk: ingenic: jz4760: Update M/N/OD calculation algorithm

by Paul Cercueil

The previous algorithm was pretty broken. - The inner loop had a '(m > m_max)' condition, and the value of 'm' would increase in each iteration; - Each iteration would actually multiply 'm' by two, so it is not needed to re-compute the whole equation at each iteration; - It would loop until (m & 1) == 0, which means it would loop at most once. - The outer loop would divide the 'n' value by two at the end of each iteration. This meant that for a 12 MHz parent clock and a 1.2 GHz requested clock, it would first try n=12, then n=6, then n=3, then n=1, none of which would work; the only valid value is n=2 in this case. Simplify this algorithm with a single for loop, which decrements 'n' after each iteration, addressing all of the above problems. Fixes: bdbfc029374f ("clk: ingenic: Add support for the JZ4760") Cc: <stable(a)vger.kernel.org> Signed-off-by: Paul Cercueil <paul(a)crapouillou.net> --- drivers/clk/ingenic/jz4760-cgu.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/drivers/clk/ingenic/jz4760-cgu.c b/drivers/clk/ingenic/jz4760-cgu.c index ecd395ac8a28..e407f00bd594 100644 --- a/drivers/clk/ingenic/jz4760-cgu.c +++ b/drivers/clk/ingenic/jz4760-cgu.c @@ -58,7 +58,7 @@ jz4760_cgu_calc_m_n_od(const struct ingenic_cgu_pll_info *pll_info, unsigned long rate, unsigned long parent_rate, unsigned int *pm, unsigned int *pn, unsigned int *pod) { - unsigned int m, n, od, m_max = (1 << pll_info->m_bits) - 2; + unsigned int m, n, od, m_max = (1 << pll_info->m_bits) - 1; /* The frequency after the N divider must be between 1 and 50 MHz. */ n = parent_rate / (1 * MHZ); @@ -66,19 +66,17 @@ jz4760_cgu_calc_m_n_od(const struct ingenic_cgu_pll_info *pll_info, /* The N divider must be >= 2. */ n = clamp_val(n, 2, 1 << pll_info->n_bits); - for (;; n >>= 1) { - od = (unsigned int)-1; + rate /= MHZ; + parent_rate /= MHZ; - do { - m = (rate / MHZ) * (1 << ++od) * n / (parent_rate / MHZ); - } while ((m > m_max || m & 1) && (od < 4)); - - if (od < 4 && m >= 4 && m <= m_max) - break; + for (m = m_max; m >= m_max && n >= 2; n--) { + m = rate * n / parent_rate; + od = m & 1; + m <<= od; } *pm = m; - *pn = n; + *pn = n + 1; *pod = 1 << od; } -- 2.35.1

1 year, 6 months

2
1
0 0

[PATCH v1] KVM: destruct kvm_io_device while unregistering it from kvm_io_bus

by Wei Wang

Current usage of kvm_io_device requires users to destruct it with an extra call of kvm_iodevice_destructor after the device gets unregistered from the kvm_io_bus. This is not necessary and can cause errors if a user forgot to make the extra call. Simplify the usage by combining kvm_iodevice_destructor into kvm_io_bus_unregister_dev. This reduces LOCs a bit for users and can avoid the leakage of destructing the device explicitly. The fix was originally provided by Sean Christopherson. Link: https://lore.kernel.org/lkml/DS0PR11MB6373F27D0EE6CD28C784478BDCEC9@DS0PR11… Fixes: 5d3c4c79384a ("KVM: Stop looking for coalesced MMIO zones if the bus is destroyed") Cc: stable(a)vger.kernel.org Reported-by: �� <liujingfeng(a)qianxin.com> Signed-off-by: Wei Wang <wei.w.wang(a)intel.com> --- include/kvm/iodev.h | 6 ------ virt/kvm/coalesced_mmio.c | 1 - virt/kvm/eventfd.c | 1 - virt/kvm/kvm_main.c | 24 +++++++++++++++--------- 4 files changed, 15 insertions(+), 17 deletions(-) diff --git a/include/kvm/iodev.h b/include/kvm/iodev.h index d75fc4365746..56619e33251e 100644 --- a/include/kvm/iodev.h +++ b/include/kvm/iodev.h @@ -55,10 +55,4 @@ static inline int kvm_iodevice_write(struct kvm_vcpu *vcpu, : -EOPNOTSUPP; } -static inline void kvm_iodevice_destructor(struct kvm_io_device *dev) -{ - if (dev->ops->destructor) - dev->ops->destructor(dev); -} - #endif /* __KVM_IODEV_H__ */ diff --git a/virt/kvm/coalesced_mmio.c b/virt/kvm/coalesced_mmio.c index 0be80c213f7f..d7135a5e76f8 100644 --- a/virt/kvm/coalesced_mmio.c +++ b/virt/kvm/coalesced_mmio.c @@ -195,7 +195,6 @@ int kvm_vm_ioctl_unregister_coalesced_mmio(struct kvm *kvm, */ if (r) break; - kvm_iodevice_destructor(&dev->dev); } } diff --git a/virt/kvm/eventfd.c b/virt/kvm/eventfd.c index 2a3ed401ce46..1b277afb545b 100644 --- a/virt/kvm/eventfd.c +++ b/virt/kvm/eventfd.c @@ -898,7 +898,6 @@ kvm_deassign_ioeventfd_idx(struct kvm *kvm, enum kvm_bus bus_idx, bus = kvm_get_bus(kvm, bus_idx); if (bus) bus->ioeventfd_count--; - ioeventfd_release(p); ret = 0; break; } diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 13e88297f999..582757ebdce6 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -5200,6 +5200,12 @@ static struct notifier_block kvm_reboot_notifier = { .priority = 0, }; +static void kvm_iodevice_destructor(struct kvm_io_device *dev) +{ + if (dev->ops->destructor) + dev->ops->destructor(dev); +} + static void kvm_io_bus_destroy(struct kvm_io_bus *bus) { int i; @@ -5423,7 +5429,7 @@ int kvm_io_bus_register_dev(struct kvm *kvm, enum kvm_bus bus_idx, gpa_t addr, int kvm_io_bus_unregister_dev(struct kvm *kvm, enum kvm_bus bus_idx, struct kvm_io_device *dev) { - int i, j; + int i; struct kvm_io_bus *new_bus, *bus; lockdep_assert_held(&kvm->slots_lock); @@ -5453,18 +5459,18 @@ int kvm_io_bus_unregister_dev(struct kvm *kvm, enum kvm_bus bus_idx, rcu_assign_pointer(kvm->buses[bus_idx], new_bus); synchronize_srcu_expedited(&kvm->srcu); - /* Destroy the old bus _after_ installing the (null) bus. */ + /* + * If (null) bus is installed, destroy the old bus, including all the + * attached devices. Otherwise, destroy the caller's device only. + */ if (!new_bus) { pr_err("kvm: failed to shrink bus, removing it completely\n"); - for (j = 0; j < bus->dev_count; j++) { - if (j == i) - continue; - kvm_iodevice_destructor(bus->range[j].dev); - } + kvm_io_bus_destroy(bus); + return -ENOMEM; } - kfree(bus); - return new_bus ? 0 : -ENOMEM; + kvm_iodevice_destructor(dev); + return 0; } struct kvm_io_device *kvm_io_bus_get_dev(struct kvm *kvm, enum kvm_bus bus_idx, -- 2.27.0

1 year, 6 months

4
5
0 0

[PATCH v2] security: Restore passing final prot to ima_file_mmap()

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> Commit 98de59bfe4b2f ("take calculation of final prot in security_mmap_file() into a helper") moved the code to update prot with the actual protection flags to be granted to the requestor by the kernel to a helper called mmap_prot(). However, the patch didn't update the argument passed to ima_file_mmap(), making it receive the requested prot instead of the final computed prot. A possible consequence is that files mmapped as executable might not be measured/appraised if PROT_EXEC is not requested but subsequently added in the final prot. Replace prot with mmap_prot(file, prot) as the second argument of ima_file_mmap() to restore the original behavior. Cc: stable(a)vger.kernel.org Fixes: 98de59bfe4b2 ("take calculation of final prot in security_mmap_file() into a helper") Signed-off-by: Roberto Sassu <roberto.sassu(a)huawei.com> --- security/security.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/security.c b/security/security.c index d1571900a8c7..0d2359d588a1 100644 --- a/security/security.c +++ b/security/security.c @@ -1666,7 +1666,7 @@ int security_mmap_file(struct file *file, unsigned long prot, mmap_prot(file, prot), flags); if (ret) return ret; - return ima_file_mmap(file, prot); + return ima_file_mmap(file, mmap_prot(file, prot)); } int security_mmap_addr(unsigned long addr) -- 2.25.1

1 year, 6 months

3
10
0 0

[PATCH AUTOSEL 6.1 01/28] fs/ntfs3: Validate BOOT record_size

by Sasha Levin

From: edward lo <edward.lo(a)ambergroup.io> [ Upstream commit 0b66046266690454dc04e6307bcff4a5605b42a1 ] When the NTFS BOOT record_size field < 0, it represents a shift value. However, there is no sanity check on the shift result and the sbi->record_bits calculation through blksize_bits() assumes the size always > 256, which could lead to NPD while mounting a malformed NTFS image. [ 318.675159] BUG: kernel NULL pointer dereference, address: 0000000000000158 [ 318.675682] #PF: supervisor read access in kernel mode [ 318.675869] #PF: error_code(0x0000) - not-present page [ 318.676246] PGD 0 P4D 0 [ 318.676502] Oops: 0000 [#1] PREEMPT SMP NOPTI [ 318.676934] CPU: 0 PID: 259 Comm: mount Not tainted 5.19.0 #5 [ 318.677289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 318.678136] RIP: 0010:ni_find_attr+0x2d/0x1c0 [ 318.678656] Code: 89 ca 4d 89 c7 41 56 41 55 41 54 41 89 cc 55 48 89 fd 53 48 89 d3 48 83 ec 20 65 48 8b 04 25 28 00 00 00 48 89 44 24 180 [ 318.679848] RSP: 0018:ffffa6c8c0297bd8 EFLAGS: 00000246 [ 318.680104] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000080 [ 318.680790] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 318.681679] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 318.682577] R10: 0000000000000000 R11: 0000000000000005 R12: 0000000000000080 [ 318.683015] R13: ffff8d5582e68400 R14: 0000000000000100 R15: 0000000000000000 [ 318.683618] FS: 00007fd9e1c81e40(0000) GS:ffff8d55fdc00000(0000) knlGS:0000000000000000 [ 318.684280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 318.684651] CR2: 0000000000000158 CR3: 0000000002e1a000 CR4: 00000000000006f0 [ 318.685623] Call Trace: [ 318.686607] <TASK> [ 318.686872] ? ntfs_alloc_inode+0x1a/0x60 [ 318.687235] attr_load_runs_vcn+0x2b/0xa0 [ 318.687468] mi_read+0xbb/0x250 [ 318.687576] ntfs_iget5+0x114/0xd90 [ 318.687750] ntfs_fill_super+0x588/0x11b0 [ 318.687953] ? put_ntfs+0x130/0x130 [ 318.688065] ? snprintf+0x49/0x70 [ 318.688164] ? put_ntfs+0x130/0x130 [ 318.688256] get_tree_bdev+0x16a/0x260 [ 318.688407] vfs_get_tree+0x20/0xb0 [ 318.688519] path_mount+0x2dc/0x9b0 [ 318.688877] do_mount+0x74/0x90 [ 318.689142] __x64_sys_mount+0x89/0xd0 [ 318.689636] do_syscall_64+0x3b/0x90 [ 318.689998] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 318.690318] RIP: 0033:0x7fd9e133c48a [ 318.690687] Code: 48 8b 0d 11 fa 2a 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 008 [ 318.691357] RSP: 002b:00007ffd374406c8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 318.691632] RAX: ffffffffffffffda RBX: 0000564d0b051080 RCX: 00007fd9e133c48a [ 318.691920] RDX: 0000564d0b051280 RSI: 0000564d0b051300 RDI: 0000564d0b0596a0 [ 318.692123] RBP: 0000000000000000 R08: 0000564d0b0512a0 R09: 0000000000000020 [ 318.692349] R10: 00000000c0ed0000 R11: 0000000000000202 R12: 0000564d0b0596a0 [ 318.692673] R13: 0000564d0b051280 R14: 0000000000000000 R15: 00000000ffffffff [ 318.693007] </TASK> [ 318.693271] Modules linked in: [ 318.693614] CR2: 0000000000000158 [ 318.694446] ---[ end trace 0000000000000000 ]--- [ 318.694779] RIP: 0010:ni_find_attr+0x2d/0x1c0 [ 318.694952] Code: 89 ca 4d 89 c7 41 56 41 55 41 54 41 89 cc 55 48 89 fd 53 48 89 d3 48 83 ec 20 65 48 8b 04 25 28 00 00 00 48 89 44 24 180 [ 318.696042] RSP: 0018:ffffa6c8c0297bd8 EFLAGS: 00000246 [ 318.696531] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000080 [ 318.698114] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 318.699286] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 318.699795] R10: 0000000000000000 R11: 0000000000000005 R12: 0000000000000080 [ 318.700236] R13: ffff8d5582e68400 R14: 0000000000000100 R15: 0000000000000000 [ 318.700973] FS: 00007fd9e1c81e40(0000) GS:ffff8d55fdc00000(0000) knlGS:0000000000000000 [ 318.701688] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 318.702190] CR2: 0000000000000158 CR3: 0000000002e1a000 CR4: 00000000000006f0 [ 318.726510] mount (259) used greatest stack depth: 13320 bytes left This patch adds a sanity check. Signed-off-by: edward lo <edward.lo(a)ambergroup.io> Signed-off-by: Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- fs/ntfs3/super.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ntfs3/super.c b/fs/ntfs3/super.c index 47012c9bf505..d998cb083d95 100644 --- a/fs/ntfs3/super.c +++ b/fs/ntfs3/super.c @@ -789,7 +789,7 @@ static int ntfs_init_from_boot(struct super_block *sb, u32 sector_size, : (u32)boot->record_size << sbi->cluster_bits; - if (record_size > MAXIMUM_BYTES_PER_MFT) + if (record_size > MAXIMUM_BYTES_PER_MFT || record_size < SECTOR_SIZE) goto out; sbi->record_bits = blksize_bits(record_size); -- 2.35.1

1 year, 6 months

2
28
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror December 2022