April 2023 - Linux-stable-mirror

[PATCH v4 1/2] usb: gadget: udc: core: Invoke usb_gadget_connect only when started

by Badhri Jagan Sridharan

usb_udc_connect_control does not check to see if the udc has already been started. This causes gadget->ops->pullup to be called through usb_gadget_connect when invoked from usb_udc_vbus_handler even before usb_gadget_udc_start is called. Guard this by checking for udc->started in usb_udc_connect_control before invoking usb_gadget_connect. Guarding udc->vbus, udc->started, gadget->connect, gadget->deactivate related functions with connect_lock. usb_gadget_connect_locked, usb_gadget_disconnect_locked, usb_udc_connect_control_locked, usb_gadget_udc_start_locked, usb_gadget_udc_stop_locked are called with this lock held as they can be simulataneously invoked from different code paths. Adding an additional check to make sure udc is started(udc->started) before pullup callback is invoked. Cc: stable(a)vger.kernel.org Fixes: 628ef0d273a6 ("usb: udc: add usb_udc_vbus_handler") Signed-off-by: Badhri Jagan Sridharan <badhri(a)google.com> --- Changes since v3: * Make internal gadget_connect/disconnect functions static Changes since v2: * Added __must_hold marking for connect_lock Changes since v1: * Fixed commit message comments. * Renamed udc_connect_control_lock to connect_lock and made it per device. * udc->vbus, udc->started, gadget->connect, gadget->deactivate are all now guarded by connect_lock. * Code now checks for udc->started to be set before invoking pullup callback. --- drivers/usb/gadget/udc/core.c | 148 ++++++++++++++++++++++++---------- 1 file changed, 104 insertions(+), 44 deletions(-) diff --git a/drivers/usb/gadget/udc/core.c b/drivers/usb/gadget/udc/core.c index 3dcbba739db6..af92c2e8e10c 100644 --- a/drivers/usb/gadget/udc/core.c +++ b/drivers/usb/gadget/udc/core.c @@ -37,6 +37,10 @@ static struct bus_type gadget_bus_type; * @vbus: for udcs who care about vbus status, this value is real vbus status; * for udcs who do not care about vbus status, this value is always true * @started: the UDC's started state. True if the UDC had started. + * @connect_lock: protects udc->vbus, udc->started, gadget->connect, gadget->deactivate related + * functions. usb_gadget_connect_locked, usb_gadget_disconnect_locked, + * usb_udc_connect_control_locked, usb_gadget_udc_start_locked, usb_gadget_udc_stop_locked are + * called with this lock held. * * This represents the internal data structure which is used by the UDC-class * to hold information about udc driver and gadget together. @@ -48,6 +52,7 @@ struct usb_udc { struct list_head list; bool vbus; bool started; + struct mutex connect_lock; }; static struct class *udc_class; @@ -687,17 +692,9 @@ int usb_gadget_vbus_disconnect(struct usb_gadget *gadget) } EXPORT_SYMBOL_GPL(usb_gadget_vbus_disconnect); -/** - * usb_gadget_connect - software-controlled connect to USB host - * @gadget:the peripheral being connected - * - * Enables the D+ (or potentially D-) pullup. The host will start - * enumerating this gadget when the pullup is active and a VBUS session - * is active (the link is powered). - * - * Returns zero on success, else negative errno. - */ -int usb_gadget_connect(struct usb_gadget *gadget) +/* Internal version of usb_gadget_connect needs to be called with connect_lock held. */ +static int usb_gadget_connect_locked(struct usb_gadget *gadget) + __must_hold(&gadget->udc->connect_lock) { int ret = 0; @@ -706,10 +703,12 @@ int usb_gadget_connect(struct usb_gadget *gadget) goto out; } - if (gadget->deactivated) { + if (gadget->deactivated || !gadget->udc->started) { /* * If gadget is deactivated we only save new state. * Gadget will be connected automatically after activation. + * + * udc first needs to be started before gadget can be pulled up. */ gadget->connected = true; goto out; @@ -724,22 +723,32 @@ int usb_gadget_connect(struct usb_gadget *gadget) return ret; } -EXPORT_SYMBOL_GPL(usb_gadget_connect); /** - * usb_gadget_disconnect - software-controlled disconnect from USB host - * @gadget:the peripheral being disconnected - * - * Disables the D+ (or potentially D-) pullup, which the host may see - * as a disconnect (when a VBUS session is active). Not all systems - * support software pullup controls. + * usb_gadget_connect - software-controlled connect to USB host + * @gadget:the peripheral being connected * - * Following a successful disconnect, invoke the ->disconnect() callback - * for the current gadget driver so that UDC drivers don't need to. + * Enables the D+ (or potentially D-) pullup. The host will start + * enumerating this gadget when the pullup is active and a VBUS session + * is active (the link is powered). * * Returns zero on success, else negative errno. */ -int usb_gadget_disconnect(struct usb_gadget *gadget) +int usb_gadget_connect(struct usb_gadget *gadget) +{ + int ret; + + mutex_lock(&gadget->udc->connect_lock); + ret = usb_gadget_connect_locked(gadget); + mutex_unlock(&gadget->udc->connect_lock); + + return ret; +} +EXPORT_SYMBOL_GPL(usb_gadget_connect); + +/* Internal version of usb_gadget_disconnect needs to be called with connect_lock held. */ +static int usb_gadget_disconnect_locked(struct usb_gadget *gadget) + __must_hold(&gadget->udc->connect_lock) { int ret = 0; @@ -751,10 +760,12 @@ int usb_gadget_disconnect(struct usb_gadget *gadget) if (!gadget->connected) goto out; - if (gadget->deactivated) { + if (gadget->deactivated || !gadget->udc->started) { /* * If gadget is deactivated we only save new state. * Gadget will stay disconnected after activation. + * + * udc should have been started before gadget being pulled down. */ gadget->connected = false; goto out; @@ -774,6 +785,30 @@ int usb_gadget_disconnect(struct usb_gadget *gadget) return ret; } + +/** + * usb_gadget_disconnect - software-controlled disconnect from USB host + * @gadget:the peripheral being disconnected + * + * Disables the D+ (or potentially D-) pullup, which the host may see + * as a disconnect (when a VBUS session is active). Not all systems + * support software pullup controls. + * + * Following a successful disconnect, invoke the ->disconnect() callback + * for the current gadget driver so that UDC drivers don't need to. + * + * Returns zero on success, else negative errno. + */ +int usb_gadget_disconnect(struct usb_gadget *gadget) +{ + int ret; + + mutex_lock(&gadget->udc->connect_lock); + ret = usb_gadget_disconnect_locked(gadget); + mutex_unlock(&gadget->udc->connect_lock); + + return ret; +} EXPORT_SYMBOL_GPL(usb_gadget_disconnect); /** @@ -794,10 +829,11 @@ int usb_gadget_deactivate(struct usb_gadget *gadget) if (gadget->deactivated) goto out; + mutex_lock(&gadget->udc->connect_lock); if (gadget->connected) { - ret = usb_gadget_disconnect(gadget); + ret = usb_gadget_disconnect_locked(gadget); if (ret) - goto out; + goto unlock; /* * If gadget was being connected before deactivation, we want @@ -807,6 +843,8 @@ int usb_gadget_deactivate(struct usb_gadget *gadget) } gadget->deactivated = true; +unlock: + mutex_unlock(&gadget->udc->connect_lock); out: trace_usb_gadget_deactivate(gadget, ret); @@ -830,6 +868,7 @@ int usb_gadget_activate(struct usb_gadget *gadget) if (!gadget->deactivated) goto out; + mutex_lock(&gadget->udc->connect_lock); gadget->deactivated = false; /* @@ -837,7 +876,8 @@ int usb_gadget_activate(struct usb_gadget *gadget) * while it was being deactivated, we call usb_gadget_connect(). */ if (gadget->connected) - ret = usb_gadget_connect(gadget); + ret = usb_gadget_connect_locked(gadget); + mutex_unlock(&gadget->udc->connect_lock); out: trace_usb_gadget_activate(gadget, ret); @@ -1078,12 +1118,13 @@ EXPORT_SYMBOL_GPL(usb_gadget_set_state); /* ------------------------------------------------------------------------- */ -static void usb_udc_connect_control(struct usb_udc *udc) +/* Acquire connect_lock before calling this function. */ +static void usb_udc_connect_control_locked(struct usb_udc *udc) __must_hold(&udc->connect_lock) { - if (udc->vbus) - usb_gadget_connect(udc->gadget); + if (udc->vbus && udc->started) + usb_gadget_connect_locked(udc->gadget); else - usb_gadget_disconnect(udc->gadget); + usb_gadget_disconnect_locked(udc->gadget); } /** @@ -1099,10 +1140,12 @@ void usb_udc_vbus_handler(struct usb_gadget *gadget, bool status) { struct usb_udc *udc = gadget->udc; + mutex_lock(&udc->connect_lock); if (udc) { udc->vbus = status; - usb_udc_connect_control(udc); + usb_udc_connect_control_locked(udc); } + mutex_unlock(&udc->connect_lock); } EXPORT_SYMBOL_GPL(usb_udc_vbus_handler); @@ -1124,7 +1167,7 @@ void usb_gadget_udc_reset(struct usb_gadget *gadget, EXPORT_SYMBOL_GPL(usb_gadget_udc_reset); /** - * usb_gadget_udc_start - tells usb device controller to start up + * usb_gadget_udc_start_locked - tells usb device controller to start up * @udc: The UDC to be started * * This call is issued by the UDC Class driver when it's about @@ -1135,8 +1178,11 @@ EXPORT_SYMBOL_GPL(usb_gadget_udc_reset); * necessary to have it powered on. * * Returns zero on success, else negative errno. + * + * Caller should acquire connect_lock before invoking this function. */ -static inline int usb_gadget_udc_start(struct usb_udc *udc) +static inline int usb_gadget_udc_start_locked(struct usb_udc *udc) + __must_hold(&udc->connect_lock) { int ret; @@ -1153,7 +1199,7 @@ static inline int usb_gadget_udc_start(struct usb_udc *udc) } /** - * usb_gadget_udc_stop - tells usb device controller we don't need it anymore + * usb_gadget_udc_stop_locked - tells usb device controller we don't need it anymore * @udc: The UDC to be stopped * * This call is issued by the UDC Class driver after calling @@ -1162,8 +1208,11 @@ static inline int usb_gadget_udc_start(struct usb_udc *udc) * The details are implementation specific, but it can go as * far as powering off UDC completely and disable its data * line pullups. + * + * Caller should acquire connect lock before invoking this function. */ -static inline void usb_gadget_udc_stop(struct usb_udc *udc) +static inline void usb_gadget_udc_stop_locked(struct usb_udc *udc) + __must_hold(&udc->connect_lock) { if (!udc->started) { dev_err(&udc->dev, "UDC had already stopped\n"); @@ -1322,6 +1371,7 @@ int usb_add_gadget(struct usb_gadget *gadget) udc->gadget = gadget; gadget->udc = udc; + mutex_init(&udc->connect_lock); udc->started = false; @@ -1523,11 +1573,15 @@ static int gadget_bind_driver(struct device *dev) if (ret) goto err_bind; - ret = usb_gadget_udc_start(udc); - if (ret) + mutex_lock(&udc->connect_lock); + ret = usb_gadget_udc_start_locked(udc); + if (ret) { + mutex_unlock(&udc->connect_lock); goto err_start; + } usb_gadget_enable_async_callbacks(udc); - usb_udc_connect_control(udc); + usb_udc_connect_control_locked(udc); + mutex_unlock(&udc->connect_lock); kobject_uevent(&udc->dev.kobj, KOBJ_CHANGE); return 0; @@ -1558,12 +1612,14 @@ static void gadget_unbind_driver(struct device *dev) kobject_uevent(&udc->dev.kobj, KOBJ_CHANGE); - usb_gadget_disconnect(gadget); + mutex_lock(&udc->connect_lock); + usb_gadget_disconnect_locked(gadget); usb_gadget_disable_async_callbacks(udc); if (gadget->irq) synchronize_irq(gadget->irq); udc->driver->unbind(gadget); - usb_gadget_udc_stop(udc); + usb_gadget_udc_stop_locked(udc); + mutex_unlock(&udc->connect_lock); mutex_lock(&udc_lock); driver->is_bound = false; @@ -1649,11 +1705,15 @@ static ssize_t soft_connect_store(struct device *dev, } if (sysfs_streq(buf, "connect")) { - usb_gadget_udc_start(udc); - usb_gadget_connect(udc->gadget); + mutex_lock(&udc->connect_lock); + usb_gadget_udc_start_locked(udc); + usb_gadget_connect_locked(udc->gadget); + mutex_unlock(&udc->connect_lock); } else if (sysfs_streq(buf, "disconnect")) { - usb_gadget_disconnect(udc->gadget); - usb_gadget_udc_stop(udc); + mutex_lock(&udc->connect_lock); + usb_gadget_disconnect_locked(udc->gadget); + usb_gadget_udc_stop_locked(udc); + mutex_unlock(&udc->connect_lock); } else { dev_err(dev, "unsupported command '%s'\n", buf); ret = -EINVAL; base-commit: d629c0e221cd99198b843d8351a0a9bfec6c0423 -- 2.40.0.577.gac1e443424-goog

1 day, 21 hours

5
8
0 0

[PATCH AUTOSEL 6.2 01/30] drm/cirrus: NULL-check pipe->plane.state->fb in cirrus_pipe_update()

by Sasha Levin

From: Alexandr Sapozhnikov <alsp705(a)gmail.com> [ Upstream commit 7245e629dcaaf308f1868aeffa218e9849c77893 ] After having been compared to NULL value at cirrus.c:455, pointer 'pipe->plane.state->fb' is passed as 1st parameter in call to function 'cirrus_fb_blit_rect' at cirrus.c:461, where it is dereferenced at cirrus.c:316. Found by Linux Verification Center (linuxtesting.org) with SVACE. v2: * aligned commit message to line-length limits Signed-off-by: Alexandr Sapozhnikov <alsp705(a)gmail.com> Reviewed-by: Thomas Zimmermann <tzimmermann(a)suse.de> Signed-off-by: Thomas Zimmermann <tzimmermann(a)suse.de> Link: https://patchwork.freedesktop.org/patch/msgid/20230215171549.16305-1-alsp70… Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/gpu/drm/tiny/cirrus.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/tiny/cirrus.c b/drivers/gpu/drm/tiny/cirrus.c index 678c2ef1cae70..ffa7e61dd1835 100644 --- a/drivers/gpu/drm/tiny/cirrus.c +++ b/drivers/gpu/drm/tiny/cirrus.c @@ -455,7 +455,7 @@ static void cirrus_pipe_update(struct drm_simple_display_pipe *pipe, if (state->fb && cirrus->cpp != cirrus_cpp(state->fb)) cirrus_mode_set(cirrus, &crtc->mode, state->fb); - if (drm_atomic_helper_damage_merged(old_state, state, &rect)) + if (state->fb && drm_atomic_helper_damage_merged(old_state, state, &rect)) cirrus_fb_blit_rect(state->fb, &shadow_plane_state->data[0], &rect); } -- 2.39.2

2 days, 7 hours

4
40
0 0

[PATCH v1 1/5] hostfs: Fix ephemeral inodes

by Mickaël Salaün

hostfs creates a new inode for each opened or created file, which created useless inode allocations and forbade identifying a host file with a kernel inode. Fix this uncommon filesystem behavior by tying kernel inodes to host file's inode and device IDs. Even if the host filesystem inodes may be recycled, this cannot happen while a file referencing it is open, which is the case with hostfs. It should be noted that hostfs inode IDs may not be unique for the same hostfs superblock because multiple host's (backed) superblocks may be used. Delete inodes when dropping them to force backed host's file descriptors closing. This enables to entirely remove ARCH_EPHEMERAL_INODES, and then makes Landlock fully supported by UML. This is very useful for testing (ongoing and backported) changes. These changes also factor out and simplify some helpers thanks to the new hostfs_inode_update() and the hostfs_iget() revamp: read_name(), hostfs_create(), hostfs_lookup(), hostfs_mknod(), and hostfs_fill_sb_common(). A following commit with new Landlock tests check this new hostfs inode consistency. Cc: Anton Ivanov <anton.ivanov(a)cambridgegreys.com> Cc: Johannes Berg <johannes(a)sipsolutions.net> Cc: Richard Weinberger <richard(a)nod.at> Cc: <stable(a)vger.kernel.org> # 5.15.x: ce72750f04d6: hostfs: Fix writeback of dirty pages Cc: <stable(a)vger.kernel.org> # 5.15+ Signed-off-by: Mickaël Salaün <mic(a)digikod.net> Link: https://lore.kernel.org/r/20230309165455.175131-2-mic@digikod.net --- arch/Kconfig | 7 -- arch/um/Kconfig | 1 - fs/hostfs/hostfs.h | 1 + fs/hostfs/hostfs_kern.c | 213 +++++++++++++++++++------------------- fs/hostfs/hostfs_user.c | 1 + security/landlock/Kconfig | 2 +- 6 files changed, 109 insertions(+), 116 deletions(-) diff --git a/arch/Kconfig b/arch/Kconfig index e3511afbb7f2..d5f0841ac3c1 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -1156,13 +1156,6 @@ config COMPAT_32BIT_TIME config ARCH_NO_PREEMPT bool -config ARCH_EPHEMERAL_INODES - def_bool n - help - An arch should select this symbol if it doesn't keep track of inode - instances on its own, but instead relies on something else (e.g. the - host kernel for an UML kernel). - config ARCH_SUPPORTS_RT bool diff --git a/arch/um/Kconfig b/arch/um/Kconfig index 541a9b18e343..4057d5267c6a 100644 --- a/arch/um/Kconfig +++ b/arch/um/Kconfig @@ -5,7 +5,6 @@ menu "UML-specific options" config UML bool default y - select ARCH_EPHEMERAL_INODES select ARCH_HAS_FORTIFY_SOURCE select ARCH_HAS_GCOV_PROFILE_ALL select ARCH_HAS_KCOV diff --git a/fs/hostfs/hostfs.h b/fs/hostfs/hostfs.h index 69cb796f6270..0239e3af3945 100644 --- a/fs/hostfs/hostfs.h +++ b/fs/hostfs/hostfs.h @@ -65,6 +65,7 @@ struct hostfs_stat { unsigned long long blocks; unsigned int maj; unsigned int min; + dev_t dev; }; extern int stat_file(const char *path, struct hostfs_stat *p, int fd); diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c index 28b4f15c19eb..19496f732016 100644 --- a/fs/hostfs/hostfs_kern.c +++ b/fs/hostfs/hostfs_kern.c @@ -26,6 +26,7 @@ struct hostfs_inode_info { fmode_t mode; struct inode vfs_inode; struct mutex open_mutex; + dev_t dev; }; static inline struct hostfs_inode_info *HOSTFS_I(struct inode *inode) @@ -182,14 +183,6 @@ static char *follow_link(char *link) return ERR_PTR(n); } -static struct inode *hostfs_iget(struct super_block *sb) -{ - struct inode *inode = new_inode(sb); - if (!inode) - return ERR_PTR(-ENOMEM); - return inode; -} - static int hostfs_statfs(struct dentry *dentry, struct kstatfs *sf) { /* @@ -228,6 +221,7 @@ static struct inode *hostfs_alloc_inode(struct super_block *sb) return NULL; hi->fd = -1; hi->mode = 0; + hi->dev = 0; inode_init_once(&hi->vfs_inode); mutex_init(&hi->open_mutex); return &hi->vfs_inode; @@ -240,6 +234,7 @@ static void hostfs_evict_inode(struct inode *inode) if (HOSTFS_I(inode)->fd != -1) { close_file(&HOSTFS_I(inode)->fd); HOSTFS_I(inode)->fd = -1; + HOSTFS_I(inode)->dev = 0; } } @@ -265,6 +260,7 @@ static int hostfs_show_options(struct seq_file *seq, struct dentry *root) static const struct super_operations hostfs_sbops = { .alloc_inode = hostfs_alloc_inode, .free_inode = hostfs_free_inode, + .drop_inode = generic_delete_inode, .evict_inode = hostfs_evict_inode, .statfs = hostfs_statfs, .show_options = hostfs_show_options, @@ -512,18 +508,31 @@ static const struct address_space_operations hostfs_aops = { .write_end = hostfs_write_end, }; -static int read_name(struct inode *ino, char *name) +static int hostfs_inode_update(struct inode *ino, const struct hostfs_stat *st) +{ + set_nlink(ino, st->nlink); + i_uid_write(ino, st->uid); + i_gid_write(ino, st->gid); + ino->i_atime = + (struct timespec64){ st->atime.tv_sec, st->atime.tv_nsec }; + ino->i_mtime = + (struct timespec64){ st->mtime.tv_sec, st->mtime.tv_nsec }; + ino->i_ctime = + (struct timespec64){ st->ctime.tv_sec, st->ctime.tv_nsec }; + ino->i_size = st->size; + ino->i_blocks = st->blocks; + return 0; +} + +static int hostfs_inode_set(struct inode *ino, void *data) { + struct hostfs_stat *st = data; dev_t rdev; - struct hostfs_stat st; - int err = stat_file(name, &st, -1); - if (err) - return err; /* Reencode maj and min with the kernel encoding.*/ - rdev = MKDEV(st.maj, st.min); + rdev = MKDEV(st->maj, st->min); - switch (st.mode & S_IFMT) { + switch (st->mode & S_IFMT) { case S_IFLNK: ino->i_op = &hostfs_link_iops; break; @@ -535,7 +544,7 @@ static int read_name(struct inode *ino, char *name) case S_IFBLK: case S_IFIFO: case S_IFSOCK: - init_special_inode(ino, st.mode & S_IFMT, rdev); + init_special_inode(ino, st->mode & S_IFMT, rdev); ino->i_op = &hostfs_iops; break; case S_IFREG: @@ -547,17 +556,42 @@ static int read_name(struct inode *ino, char *name) return -EIO; } - ino->i_ino = st.ino; - ino->i_mode = st.mode; - set_nlink(ino, st.nlink); - i_uid_write(ino, st.uid); - i_gid_write(ino, st.gid); - ino->i_atime = (struct timespec64){ st.atime.tv_sec, st.atime.tv_nsec }; - ino->i_mtime = (struct timespec64){ st.mtime.tv_sec, st.mtime.tv_nsec }; - ino->i_ctime = (struct timespec64){ st.ctime.tv_sec, st.ctime.tv_nsec }; - ino->i_size = st.size; - ino->i_blocks = st.blocks; - return 0; + HOSTFS_I(ino)->dev = st->dev; + ino->i_ino = st->ino; + ino->i_mode = st->mode; + return hostfs_inode_update(ino, st); +} + +static int hostfs_inode_test(struct inode *inode, void *data) +{ + const struct hostfs_stat *st = data; + + return inode->i_ino == st->ino && HOSTFS_I(inode)->dev == st->dev; +} + +static struct inode *hostfs_iget(struct super_block *sb, char *name) +{ + struct inode *inode; + struct hostfs_stat st; + int err = stat_file(name, &st, -1); + + if (err) + return ERR_PTR(err); + + inode = iget5_locked(sb, st.ino, hostfs_inode_test, hostfs_inode_set, + &st); + if (!inode) + return ERR_PTR(-ENOMEM); + + if (inode->i_state & I_NEW) { + unlock_new_inode(inode); + } else { + spin_lock(&inode->i_lock); + hostfs_inode_update(inode, &st); + spin_unlock(&inode->i_lock); + } + + return inode; } static int hostfs_create(struct mnt_idmap *idmap, struct inode *dir, @@ -565,62 +599,48 @@ static int hostfs_create(struct mnt_idmap *idmap, struct inode *dir, { struct inode *inode; char *name; - int error, fd; - - inode = hostfs_iget(dir->i_sb); - if (IS_ERR(inode)) { - error = PTR_ERR(inode); - goto out; - } + int fd; - error = -ENOMEM; name = dentry_name(dentry); if (name == NULL) - goto out_put; + return -ENOMEM; fd = file_create(name, mode & 0777); - if (fd < 0) - error = fd; - else - error = read_name(inode, name); + if (fd < 0) { + __putname(name); + return fd; + } + inode = hostfs_iget(dir->i_sb, name); __putname(name); - if (error) - goto out_put; + if (IS_ERR(inode)) + return PTR_ERR(inode); HOSTFS_I(inode)->fd = fd; HOSTFS_I(inode)->mode = FMODE_READ | FMODE_WRITE; d_instantiate(dentry, inode); return 0; - - out_put: - iput(inode); - out: - return error; } static struct dentry *hostfs_lookup(struct inode *ino, struct dentry *dentry, unsigned int flags) { - struct inode *inode; + struct inode *inode = NULL; char *name; - int err; - - inode = hostfs_iget(ino->i_sb); - if (IS_ERR(inode)) - goto out; - err = -ENOMEM; name = dentry_name(dentry); - if (name) { - err = read_name(inode, name); - __putname(name); - } - if (err) { - iput(inode); - inode = (err == -ENOENT) ? NULL : ERR_PTR(err); + if (name == NULL) + return ERR_PTR(-ENOMEM); + + inode = hostfs_iget(ino->i_sb, name); + __putname(name); + if (IS_ERR(inode)) { + if (PTR_ERR(inode) == -ENOENT) + inode = NULL; + else + return ERR_CAST(inode); } - out: + return d_splice_alias(inode, dentry); } @@ -704,35 +724,23 @@ static int hostfs_mknod(struct mnt_idmap *idmap, struct inode *dir, char *name; int err; - inode = hostfs_iget(dir->i_sb); - if (IS_ERR(inode)) { - err = PTR_ERR(inode); - goto out; - } - - err = -ENOMEM; name = dentry_name(dentry); if (name == NULL) - goto out_put; + return -ENOMEM; err = do_mknod(name, mode, MAJOR(dev), MINOR(dev)); - if (err) - goto out_free; + if (err) { + __putname(name); + return err; + } - err = read_name(inode, name); + inode = hostfs_iget(dir->i_sb, name); __putname(name); - if (err) - goto out_put; + if (IS_ERR(inode)) + return PTR_ERR(inode); d_instantiate(dentry, inode); return 0; - - out_free: - __putname(name); - out_put: - iput(inode); - out: - return err; } static int hostfs_rename2(struct mnt_idmap *idmap, @@ -929,49 +937,40 @@ static int hostfs_fill_sb_common(struct super_block *sb, void *d, int silent) sb->s_maxbytes = MAX_LFS_FILESIZE; err = super_setup_bdi(sb); if (err) - goto out; + return err; /* NULL is printed as '(null)' by printf(): avoid that. */ if (req_root == NULL) req_root = ""; - err = -ENOMEM; sb->s_fs_info = host_root_path = kasprintf(GFP_KERNEL, "%s/%s", root_ino, req_root); if (host_root_path == NULL) - goto out; - - root_inode = new_inode(sb); - if (!root_inode) - goto out; + return -ENOMEM; - err = read_name(root_inode, host_root_path); - if (err) - goto out_put; + root_inode = hostfs_iget(sb, host_root_path); + if (IS_ERR(root_inode)) + return PTR_ERR(root_inode); if (S_ISLNK(root_inode->i_mode)) { - char *name = follow_link(host_root_path); - if (IS_ERR(name)) { - err = PTR_ERR(name); - goto out_put; - } - err = read_name(root_inode, name); + char *name; + + iput(root_inode); + name = follow_link(host_root_path); + if (IS_ERR(name)) + return PTR_ERR(name); + + root_inode = hostfs_iget(sb, name); kfree(name); - if (err) - goto out_put; + if (IS_ERR(root_inode)) + return PTR_ERR(root_inode); } - err = -ENOMEM; sb->s_root = d_make_root(root_inode); if (sb->s_root == NULL) - goto out; + return -ENOMEM; return 0; - -out_put: - iput(root_inode); -out: - return err; } static struct dentry *hostfs_read_sb(struct file_system_type *type, diff --git a/fs/hostfs/hostfs_user.c b/fs/hostfs/hostfs_user.c index 5ecc4706172b..840619e39a1a 100644 --- a/fs/hostfs/hostfs_user.c +++ b/fs/hostfs/hostfs_user.c @@ -36,6 +36,7 @@ static void stat64_to_hostfs(const struct stat64 *buf, struct hostfs_stat *p) p->blocks = buf->st_blocks; p->maj = os_major(buf->st_rdev); p->min = os_minor(buf->st_rdev); + p->dev = buf->st_dev; } int stat_file(const char *path, struct hostfs_stat *p, int fd) diff --git a/security/landlock/Kconfig b/security/landlock/Kconfig index 8e33c4e8ffb8..c1e862a38410 100644 --- a/security/landlock/Kconfig +++ b/security/landlock/Kconfig @@ -2,7 +2,7 @@ config SECURITY_LANDLOCK bool "Landlock support" - depends on SECURITY && !ARCH_EPHEMERAL_INODES + depends on SECURITY select SECURITY_PATH help Landlock is a sandboxing mechanism that enables processes to restrict -- 2.39.2

3 days, 4 hours

2
3
0 0

Linux 5.15.104

by Greg Kroah-Hartman

I'm announcing the release of the 5.15.104 kernel. All users of the 5.15 kernel series must upgrade. The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/filesystems/vfs.rst | 2 Makefile | 2 arch/riscv/include/asm/mmu.h | 2 arch/riscv/include/asm/tlbflush.h | 18 arch/riscv/mm/context.c | 40 - arch/riscv/mm/tlbflush.c | 28 - arch/s390/boot/ipl_report.c | 8 arch/s390/pci/pci.c | 16 arch/s390/pci/pci_bus.c | 12 arch/s390/pci/pci_bus.h | 3 arch/x86/kernel/cpu/mce/core.c | 1 arch/x86/kernel/cpu/resctrl/ctrlmondata.c | 7 arch/x86/kernel/cpu/resctrl/internal.h | 1 arch/x86/kernel/cpu/resctrl/rdtgroup.c | 25 + arch/x86/kvm/vmx/nested.c | 10 arch/x86/mm/mem_encrypt_identity.c | 3 drivers/block/loop.c | 25 - drivers/block/null_blk/main.c | 6 drivers/block/sunvdc.c | 2 drivers/clk/Kconfig | 2 drivers/cpuidle/cpuidle-psci-domain.c | 3 drivers/firmware/xilinx/zynqmp.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_events.c | 9 drivers/gpu/drm/amd/display/dc/dml/dcn30/display_mode_vba_30.c | 5 drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c | 43 +- drivers/gpu/drm/drm_gem_shmem_helper.c | 9 drivers/gpu/drm/i915/display/intel_display_types.h | 2 drivers/gpu/drm/i915/display/intel_psr.c | 207 +++++++--- drivers/gpu/drm/i915/gt/intel_ring.c | 2 drivers/gpu/drm/i915/i915_active.c | 24 - drivers/gpu/drm/meson/meson_vpp.c | 2 drivers/gpu/drm/panfrost/panfrost_mmu.c | 2 drivers/gpu/drm/sun4i/sun4i_drv.c | 6 drivers/hid/hid-core.c | 18 drivers/hid/uhid.c | 1 drivers/hwmon/adt7475.c | 8 drivers/hwmon/ina3221.c | 2 drivers/hwmon/ltc2992.c | 1 drivers/hwmon/pmbus/adm1266.c | 1 drivers/hwmon/pmbus/ucd9000.c | 75 +++ drivers/hwmon/tmp513.c | 2 drivers/hwmon/xgene-hwmon.c | 1 drivers/interconnect/core.c | 4 drivers/interconnect/samsung/exynos.c | 6 drivers/media/i2c/m5mols/m5mols_core.c | 2 drivers/mmc/host/atmel-mci.c | 3 drivers/mmc/host/sdhci_am654.c | 2 drivers/net/bonding/bond_main.c | 23 - drivers/net/dsa/mt7530.c | 64 +-- drivers/net/dsa/mv88e6xxx/chip.c | 16 drivers/net/ethernet/intel/i40e/i40e_main.c | 1 drivers/net/ethernet/intel/ice/ice.h | 14 drivers/net/ethernet/intel/ice/ice_main.c | 19 drivers/net/ethernet/intel/ice/ice_xsk.c | 4 drivers/net/ethernet/qlogic/qed/qed_dev.c | 5 drivers/net/ethernet/qlogic/qed/qed_mng_tlv.c | 2 drivers/net/ethernet/renesas/ravb_main.c | 12 drivers/net/ethernet/renesas/sh_eth.c | 12 drivers/net/ethernet/sun/ldmvsw.c | 3 drivers/net/ethernet/sun/sunvnet.c | 3 drivers/net/ipvlan/ipvlan_l3s.c | 1 drivers/net/phy/nxp-c45-tja11xx.c | 2 drivers/net/phy/smsc.c | 5 drivers/net/usb/smsc75xx.c | 7 drivers/nfc/pn533/usb.c | 1 drivers/nfc/st-nci/ndlc.c | 6 drivers/nvme/host/core.c | 28 - drivers/nvme/host/pci.c | 2 drivers/nvme/target/core.c | 4 drivers/pci/bus.c | 21 + drivers/pci/pci-driver.c | 4 drivers/pci/pci.c | 57 +- drivers/pci/pci.h | 16 drivers/pci/pcie/dpc.c | 4 drivers/scsi/hosts.c | 3 drivers/scsi/mpt3sas/mpt3sas_transport.c | 14 drivers/tty/serial/8250/8250_em.c | 4 drivers/tty/serial/8250/8250_fsl.c | 4 drivers/tty/serial/fsl_lpuart.c | 12 drivers/vdpa/vdpa_sim/vdpa_sim.c | 13 drivers/video/fbdev/stifb.c | 27 + fs/cifs/smb2inode.c | 31 + fs/cifs/transport.c | 21 - fs/ext4/inode.c | 18 fs/ext4/namei.c | 4 fs/ext4/super.c | 7 fs/ext4/xattr.c | 11 fs/jffs2/file.c | 15 include/drm/drm_bridge.h | 4 include/linux/hid.h | 3 include/linux/netdevice.h | 6 include/linux/pci.h | 1 include/linux/sh_intc.h | 5 include/linux/tracepoint.h | 15 io_uring/io_uring.c | 4 kernel/events/core.c | 2 kernel/trace/ftrace.c | 3 kernel/trace/trace.c | 2 kernel/trace/trace_events_hist.c | 3 kernel/trace/trace_hwlat.c | 3 mm/huge_memory.c | 6 net/9p/client.c | 2 net/ipv4/fib_frontend.c | 3 net/ipv4/ip_tunnel.c | 12 net/ipv4/tcp_output.c | 2 net/ipv6/ip6_tunnel.c | 4 net/iucv/iucv.c | 2 net/mptcp/pm_netlink.c | 16 net/mptcp/subflow.c | 12 net/netfilter/nft_masq.c | 2 net/netfilter/nft_nat.c | 2 net/netfilter/nft_redir.c | 4 net/smc/smc_cdc.c | 3 net/smc/smc_core.c | 2 net/xfrm/xfrm_state.c | 3 scripts/kconfig/confdata.c | 6 sound/hda/intel-dsp-config.c | 9 sound/pci/hda/hda_intel.c | 5 sound/pci/hda/patch_realtek.c | 1 tools/testing/selftests/net/devlink_port_split.py | 36 + 120 files changed, 919 insertions(+), 439 deletions(-) Alex Hung (1): drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes Alexandra Winter (1): net/iucv: Fix size of interrupt data Arınç ÜNAL (2): net: dsa: mt7530: remove now incorrect comment regarding port 5 net: dsa: mt7530: set PLL frequency and trgmii only when trgmii is used Baokun Li (3): ext4: fail ext4_iget if special inode unallocated ext4: update s_journal_inum if it changes after journal replay ext4: fix task hung in ext4_xattr_delete_inode Bard Liao (1): ALSA: hda: intel-dsp-config: add MTL PCI id Bart Van Assche (2): scsi: core: Fix a procfs host directory removal regression loop: Fix use-after-free issues Biju Das (1): serial: 8250_em: Fix UART port type Bjorn Helgaas (1): ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU() Breno Leitao (1): tcp: tcp_make_synack() can be called from process context Budimir Markovic (1): perf: Fix check before add_event_to_groups() in perf_group_detach() Błażej Szczygieł (1): drm/amd/pm: Fix sienna cichlid incorrect OD volage after resume Chen Zhongjin (1): ftrace: Fix invalid address access in lookup_rec() when index is 0 Christian Hewitt (1): drm/meson: fix 1px pink line on GXM when scaling video overlay D. Wythe (1): net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler() Damien Le Moal (2): block: null_blk: Fix handling of fake timeout request nvmet: avoid potential UAF in nvmet_req_complete() Daniil Tatianin (2): qed/qed_dev: guard against a possible division by zero qed/qed_mng_tlv: correctly zero out ->min instead of ->hour Dave Ertman (1): ice: avoid bonding causing auxiliary plug/unplug under RTNL lock David Hildenbrand (1): mm/userfaultfd: propagate uffd-wp bit when PTE-mapping the huge zeropage Dmitry Osipenko (2): drm/panfrost: Don't sync rpm suspension after mmu flushing drm/shmem-helper: Remove another errant put in error path Elmer Miroslav Mosher Golovin (1): nvme-pci: add NVME_QUIRK_BOGUS_NID for Netac NV3000 Eric Dumazet (1): net: tunnels: annotate lockless accesses to dev->needed_headroom Eric Van Hensbergen (1): net/9p: fix bug in client create for .L Eugenio Pérez (2): vdpa_sim: not reset state in vdpasim_queue_ready vdpa_sim: set last_used_idx as last_avail_idx in vdpasim_queue_ready Fedor Pchelkin (2): nfc: pn533: initialize struct pn533_out_arg properly io_uring: avoid null-ptr-deref in io_arm_poll_handler Francesco Dolcini (1): mmc: sdhci_am654: lower power-on failed message severity Geliang Tang (1): mptcp: add ro_after_init for tcp{,v6}_prot_override Glenn Washburn (1): docs: Correct missing "d_" prefix for dentry_operations member d_weak_revalidate Greg Kroah-Hartman (1): Linux 5.15.104 Guo Ren (1): riscv: asid: Fixup stale TLB entry cause application crash Hamidreza H. Fard (1): ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro Heiner Kallweit (1): net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails Helge Deller (1): fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks Herbert Xu (1): xfrm: Allow transport-mode states with AF_UNSPEC selector Ido Schimmel (1): ipv4: Fix incorrect table ID in IOCTL path Ivan Vecera (1): i40e: Fix kernel crash during reboot when adapter is in recovery mode Janusz Krzysztofik (1): drm/i915/active: Fix misuse of non-idle barriers as fence trackers Jeremy Sowden (4): netfilter: nft_nat: correct length for loading protocol registers netfilter: nft_masq: correct length for loading protocol registers netfilter: nft_redir: correct length for loading protocol registers netfilter: nft_redir: correct value of inet type `.maxattrs` Jianguo Wu (1): ipvlan: Make skb->skb_iif track skb->dev for l3s mode Johan Hovold (4): serial: 8250_fsl: fix handle_irq locking interconnect: fix mem leak when freeing nodes interconnect: exynos: fix node leak in probe PM QoS error path drm/sun4i: fix missing component unbind on bind errors John Harrison (1): drm/i915: Don't use stolen memory for ring buffers with LLC José Roberto de Souza (3): drm/i915/display: Workaround cursor left overs with PSR2 selective fetch enabled drm/i915/display/psr: Use drm damage helpers to calculate plane damaged area drm/i915/display/psr: Handle plane and pipe restrictions at every page flip Jouni Högander (1): drm/i915/psr: Use calculated io and fast wake lines Jurica Vukadin (1): kconfig: Update config changed flag before calling callback Krzysztof Kozlowski (1): hwmon: tmp512: drop of_match_ptr for ID table Lars-Peter Clausen (3): hwmon: (ucd90320) Add minimum delay between bus accesses hwmon: (adm1266) Set `can_sleep` flag for GPIO chip hwmon: (ltc2992) Set `can_sleep` flag for GPIO chip Lee Jones (2): HID: core: Provide new max_buffer_size attribute to over-ride the default HID: uhid: Over-ride the default maximum data buffer value with our own Liang He (2): block: sunvdc: add check for mdesc_grab() returning NULL ethernet: sun: add check for the mdesc_grab() Linus Torvalds (1): media: m5mols: fix off-by-one loop termination error Liu Ying (1): drm/bridge: Fix returned array size name for atomic_get_input_bus_fmts kdoc Lukas Wunner (2): PCI: Unify delay handling for reset and resume PCI/DPC: Await readiness of secondary bus after reset Maciej Fijalkowski (1): ice: xsk: disable txq irq before flushing hw Marcus Folkesson (1): hwmon: (ina3221) return prober error code Matthieu Baerts (1): mptcp: avoid setting TCP_CLOSE state twice Michael Karcher (1): sh: intc: Avoid spurious sizeof-pointer-div warning Ming Lei (1): nvme: fix handling single range discard request Nikita Zhandarovich (1): x86/mm: Fix use of uninitialized buffer in sme_enable() Niklas Schnelle (1): PCI: s390: Fix use-after-free of PCI resources with per-function hotplug Nikolay Aleksandrov (2): bonding: restore IFF_MASTER/SLAVE flags on bond enslave ether type change bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails Paolo Abeni (2): mptcp: fix possible deadlock in subflow_error_report mptcp: fix lockdep false positive in mptcp_pm_nl_create_listen_socket() Paolo Bonzini (1): KVM: nVMX: add missing consistency checks for CR0 and CR4 Po-Hsu Lin (1): selftests: net: devlink_port_split.py: skip test if no suitable device available Qu Huang (1): drm/amdkfd: Fix an illegal memory access Radu Pirea (OSS) (1): net: phy: nxp-c45-tja11xx: fix MII_BASIC_CONFIG_REV bit Randy Dunlap (1): clk: HI655X: select REGMAP instead of depending on it Roman Gushchin (1): firmware: xilinx: don't make a sleepable memory allocation from an atomic context Sergey Matyukevich (1): Revert "riscv: mm: notify remote harts about mmu cache updates" Shawn Guo (1): cpuidle: psci: Iterate backwards over list in psci_pd_remove() Shawn Wang (1): x86/resctrl: Clear staged_config[] before and after it is used Sherry Sun (1): tty: serial: fsl_lpuart: skip waiting for transmission complete when UARTCTRL_SBK is asserted Steven Rostedt (Google) (2): tracing: Check field value in hist_field_name() tracing: Make tracepoint lockdep check actually test something Sung-hun Kim (1): tracing: Make splice_read available again Sven Schnelle (1): s390/ipl: add missing intersection check to ipl_report handling Szymon Heidrich (2): net: usb: smsc75xx: Limit packet length to skb->len net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull Tero Kristo (1): trace/hwlat: Do not wipe the contents of per-cpu thread data Theodore Ts'o (1): ext4: fix possible double unlock when moving a directory Tobias Schramm (1): mmc: atmel-mci: fix race between stop command and start of next command Tom Rix (1): drm/i915/display: clean up comments Tony O'Brien (2): hwmon: (adt7475) Display smoothing attributes in correct order hwmon: (adt7475) Fix masking of hysteresis registers Vladimir Oltean (1): net: dsa: mv88e6xxx: fix max_mtu of 1492 on 6165, 6191, 6220, 6250, 6290 Volker Lendecke (1): cifs: Fix smb2_set_path_size() Wenchao Hao (1): scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Wenjia Zhang (1): net/smc: fix deadlock triggered by cancel_delayed_work_syn() Wolfram Sang (2): ravb: avoid PHY being resumed when interface is not up sh_eth: avoid PHY being resumed when interface is not up Yazen Ghannam (1): x86/mce: Make sure logged MCEs are processed after sysfs update Yifei Liu (1): jffs2: correct logic when creating a hole in jffs2_write_begin Zhang Xiaoxu (1): cifs: Move the in_send statistic to __smb_send_rqst() Zheng Wang (2): nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition

6 days, 2 hours

2
7
0 0

[PATCH 5.10 000/529] 5.10.173-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.10.173 release. There are 529 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 12 Mar 2023 13:36:38 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.173-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.10.173-rc1 Stefan Haberland <sth(a)linux.ibm.com> s390/dasd: add missing discipline function Yang Yingliang <yangyingliang(a)huawei.com> usb: gadget: uvc: fix missing mutex_unlock() if kstrtou8() fails Miaoqian Lin <linmq006(a)gmail.com> malidp: Fix NULL vs IS_ERR() checking Sreekanth Reddy <sreekanth.reddy(a)broadcom.com> scsi: mpt3sas: Remove usage of dma_get_required_mask() API Sreekanth Reddy <sreekanth.reddy(a)broadcom.com> scsi: mpt3sas: re-do lost mpt3sas DMA mask fix Sreekanth Reddy <sreekanth.reddy(a)broadcom.com> scsi: mpt3sas: Don't change DMA mask while reallocating pools Salvatore Bonaccorso <carnil(a)debian.org> Revert "scsi: mpt3sas: Fix return value check of dma_get_required_mask()" Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Fix race condition with usb_kill_urb Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Provide sync and async uvc_ctrl_status_event Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> drm/virtio: Fix error code in virtio_gpu_object_shmem_init() Kuniyuki Iwashima <kuniyu(a)amazon.com> tcp: Fix listen() regression in 5.10.163 Nguyen Dinh Phi <phind.uet(a)gmail.com> Bluetooth: hci_sock: purge socket queues in the destruct() callback Imre Deak <imre.deak(a)intel.com> drm/display/dp_mst: Fix down message handling after a packet reception error Imre Deak <imre.deak(a)intel.com> drm/display/dp_mst: Fix down/up message handling after sink disconnect Linus Torvalds <torvalds(a)linux-foundation.org> x86/resctl: fix scheduler confusion with 'current' Valentin Schneider <valentin.schneider(a)arm.com> x86/resctrl: Apply READ_ONCE/WRITE_ONCE to task_struct.{rmid,closid} Jakub Kicinski <kuba(a)kernel.org> net: tls: avoid hanging tasks on the tx_lock Richard Fitzgerald <rf(a)opensource.cirrus.com> soundwire: cadence: Drain the RX FIFO after an IO timeout Richard Fitzgerald <rf(a)opensource.cirrus.com> soundwire: cadence: Remove wasted space in response_buf Jiapeng Chong <jiapeng.chong(a)linux.alibaba.com> phy: rockchip-typec: Fix unsigned comparison with less than zero Mengyuan Lou <mengyuanlou(a)net-swift.com> PCI: Add ACS quirk for Wangxun NICs Huacai Chen <chenhuacai(a)loongson.cn> PCI: loongson: Add more devices that need MRRS quirk Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> kernel/fail_function: fix memory leak with using debugfs_lookup() Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: Take other bus devices into account when distributing resources Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: Align extra resources for hotplug bridges properly Daniel Scally <dan.scally(a)ideasonboard.com> usb: gadget: uvc: Make bSourceID read/write Daniel Scally <dan.scally(a)ideasonboard.com> usb: uvc: Enumerate valid values for color matching Kees Cook <keescook(a)chromium.org> USB: ene_usb6250: Allocate enough memory for full object Kees Cook <keescook(a)chromium.org> usb: host: xhci: mvebu: Iterate over array indexes instead of using pointer math Huacai Chen <chenhuacai(a)loongson.cn> PCI: loongson: Prevent LS7A MRRS increases Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_config_word() Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_status_word() Yulong Zhang <yulong.zhang(a)metoak.net> tools/iio/iio_utils:fix memory leak Alexander Usyskin <alexander.usyskin(a)intel.com> mei: bus-fixup:upon error print return values of send and receive Isaac True <isaac.true(a)canonical.com> serial: sc16is7xx: setup GPIO controller later in probe Sherry Sun <sherry.sun(a)nxp.com> tty: serial: fsl_lpuart: disable the CTS when send break signal Sven Schnelle <svens(a)linux.ibm.com> tty: fix out-of-bounds access in tty_driver_lookup_tty() Yuan Can <yuancan(a)huawei.com> staging: emxx_udc: Add checks for dma_alloc_coherent() Kees Cook <keescook(a)chromium.org> media: uvcvideo: Silence memcpy() run-time false positive warnings Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910 Guenter Roeck <linux(a)roeck-us.net> media: uvcvideo: Handle errors from calls to usb_string Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Handle cameras with invalid descriptors Dean Luick <dean.luick(a)cornelisnetworks.com> IB/hfi1: Update RMT size calculation Liang He <windhl(a)126.com> mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak Souradeep Chowdhury <quic_schowdhu(a)quicinc.com> bootconfig: Increase max nodes of bootconfig from 1024 to 8192 for DCC support Darrell Kavanagh <darrell.kavanagh(a)gmail.com> firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3 Jia-Ju Bai <baijiaju1990(a)gmail.com> tracing: Add NULL checks for buffer in ring_buffer_free_read_page() Randy Dunlap <rdunlap(a)infradead.org> thermal: intel: BXT_PMIC: select REGMAP instead of depending on it Dan Carpenter <error27(a)gmail.com> thermal: intel: quark_dts: fix error pointer dereference Arnd Bergmann <arnd(a)arndb.de> ASoC: zl38060 add gpiolib dependency Mark Brown <broonie(a)kernel.org> ASoC: zl38060: Remove spurious gpiolib select Nuno Sá <nuno.sa(a)analog.com> ASoC: adau7118: don't disable regulators on device unbind Zhong Jinghua <zhongjinghua(a)huawei.com> loop: loop_set_status_from_info() check before assignment Arnd Bergmann <arnd(a)arndb.de> scsi: ipr: Work around fortify-string warning Samuel Holland <samuel(a)sholland.org> rtc: sun6i: Always export the internal oscillator George Kennedy <george.kennedy(a)oracle.com> vc_screen: modify vcs_size() handling in vcs_read() Eric Dumazet <edumazet(a)google.com> tcp: tcp_check_req() can be called from process context Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: spear320-hmi: correct STMPE GPIO compatible Pedro Tammela <pctammela(a)mojatatu.com> net/sched: act_sample: fix action bind logic Fedor Pchelkin <pchelkin(a)ispras.ru> nfc: fix memory leak of se_io context in nfc_genl_se_io Maor Dickman <maord(a)nvidia.com> net/mlx5: Geneve, Fix handling of Geneve object id as error code Zhengchao Shao <shaozhengchao(a)huawei.com> 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv() Juergen Gross <jgross(a)suse.com> 9p/xen: fix connection sequence Juergen Gross <jgross(a)suse.com> 9p/xen: fix version parsing Eric Dumazet <edumazet(a)google.com> net: fix __dev_kfree_skb_any() vs drop monitor Xin Long <lucien.xin(a)gmail.com> sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop Lu Wei <luwei32(a)huawei.com> ipv6: Add lwtunnel encap size of all siblings in nexthop calculation Florian Westphal <fw(a)strlen.de> netfilter: ebtables: fix table blob use-after-free Hangyu Hua <hbh25y(a)gmail.com> netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() Li Hua <hucool.lihua(a)huawei.com> watchdog: pcwd_usb: Fix attempting to access uninitialized memory Chen Jun <chenjun102(a)huawei.com> watchdog: Fix kmemleak in watchdog_cdev_register ruanjinjie <ruanjinjie(a)huawei.com> watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in error path Ammar Faizi <ammarfaizi2(a)gnuweeb.org> x86: um: vdso: Add '%rcx' and '%r11' to the syscall clobber list Zhihao Cheng <chengzhihao1(a)huawei.com> ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed Zhihao Cheng <chengzhihao1(a)huawei.com> ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show() Zhihao Cheng <chengzhihao1(a)huawei.com> ubi: fastmap: Fix missed fm_anchor PEB in wear-leveling after disabling fastmap Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: ubifs_writepage: Mark page dirty after writing inode failed Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: dirty_cow_znode: Fix memleak in error handling path Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Re-statistic cleaned znode count if commit failed Yang Yingliang <yangyingliang(a)huawei.com> ubi: Fix possible null-ptr-deref in ubi_free_volume() Li Zetao <lizetao1(a)huawei.com> ubifs: Fix memory leak in alloc_wbufs() Li Zetao <lizetao1(a)huawei.com> ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() Li Zetao <lizetao1(a)huawei.com> ubi: Fix use-after-free when volume resizing failed Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Reserve one leb for each journal head while doing budget Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1 Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Fix wrong dirty space budget for dirty inode Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Rectify space budget for ubifs_xrename() Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted Li Hua <hucool.lihua(a)huawei.com> ubifs: Fix build errors as symbol undefined George Kennedy <george.kennedy(a)oracle.com> ubi: ensure that VID header offset + VID header size <= alloc, size Xiang Yang <xiangyang3(a)huawei.com> um: vector: Fix memory leak in vector_config Alexander Potapenko <glider(a)google.com> fs: f2fs: initialize fsdata in pagecache_write() Eric Biggers <ebiggers(a)google.com> f2fs: use memcpy_{to,from}_page() where possible Fabrice Gasnier <fabrice.gasnier(a)foss.st.com> pwm: stm32-lp: fix the check on arr and cmp registers update Emil Renner Berthing <emil.renner.berthing(a)canonical.com> pwm: sifive: Always let the first pwm_apply_state succeed Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> pwm: sifive: Reduce time the controller lock is held Miaoqian Lin <linmq006(a)gmail.com> objtool: Fix memory leak in create_static_call_sections() Liu Shixin via Jfs-discussion <jfs-discussion(a)lists.sourceforge.net> fs/jfs: fix shift exponent db_agl2size negative Jamal Hadi Salim <jhs(a)mojatatu.com> net/sched: Retire tcindex classifier Dmitry Goncharov <dgoncharov(a)users.sf.net> kbuild: Port silent mode detection to future gnu make. Jonas Karlman <jonas(a)kwiboo.se> pinctrl: rockchip: fix reading pull type on rk3568 Jonas Karlman <jonas(a)kwiboo.se> pinctrl: rockchip: fix mux route data for rk3568 Arnd Bergmann <arnd(a)arndb.de> wifi: ath9k: use proper statements in conditionals Robert Marko <robimarko(a)gmail.com> arm64: dts: qcom: ipq8074: fix Gen2 PCIe QMP PHY Jani Nikula <jani.nikula(a)intel.com> drm/edid: fix AVI infoframe aspect ratio handling Mark Hawrylak <mark.hawrylak(a)gmail.com> drm/radeon: Fix eDP for single-display iMac11,2 Mavroudis Chatzilaridis <mavchatz(a)protonmail.com> drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv Steve Sistare <steven.sistare(a)oracle.com> vfio/type1: prevent underflow of locked_vm via exec() Damien Le Moal <damien.lemoal(a)opensource.wdc.com> PCI: Avoid FLR for AMD FCH AHCI adapters Lukas Wunner <lukas(a)wunner.de> PCI: hotplug: Allow marking devices as disconnected during bind/unbind Lukas Wunner <lukas(a)wunner.de> PCI/PM: Observe reset delay irrespective of bridge_d3 Andy Chiu <andy.chiu(a)sifive.com> riscv: jump_label: Fixup unaligned arch_static_branch function Tomas Henzl <thenzl(a)redhat.com> scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() Tomas Henzl <thenzl(a)redhat.com> scsi: ses: Fix possible desc_ptr out-of-bounds accesses Tomas Henzl <thenzl(a)redhat.com> scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses Tomas Henzl <thenzl(a)redhat.com> scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() James Bottomley <jejb(a)linux.ibm.com> scsi: ses: Don't attach if enclosure has no components Quinn Tran <qutran(a)marvell.com> scsi: qla2xxx: Fix erroneous link down Arun Easi <aeasi(a)marvell.com> scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests Quinn Tran <qutran(a)marvell.com> scsi: qla2xxx: Fix link failure in NPIV environment Mukesh Ojha <quic_mojha(a)quicinc.com> ring-buffer: Handle race between rb_move_tail and rb_check_pages Steven Rostedt <rostedt(a)goodmis.org> ktest.pl: Add RUN_TIMEOUT option with default unlimited Steven Rostedt <rostedt(a)goodmis.org> ktest.pl: Fix missing "end_monitor" when machine check fails Steven Rostedt <rostedt(a)goodmis.org> ktest.pl: Give back console on Ctrt^C on monitor Yin Fengwei <fengwei.yin(a)intel.com> mm/thp: check and bail out if page in deferred queue already Johannes Weiner <hannes(a)cmpxchg.org> mm: memcontrol: deprecate charge moving John Ogness <john.ogness(a)linutronix.de> docs: gdbmacros: print newest record Chen-Yu Tsai <wenst(a)chromium.org> remoteproc/mtk_scp: Move clk ops outside send_lock Sakari Ailus <sakari.ailus(a)linux.intel.com> media: ipu3-cio2: Fix PM runtime usage_count in driver unbind Elvira Khabirova <lineprinter0(a)gmail.com> mips: fix syscall_get_nr Dan Williams <dan.j.williams(a)intel.com> dax/kmem: Fix leak of memory-hotplug resources Al Viro <viro(a)zeniv.linux.org.uk> alpha: fix FEN fault handling Ilya Dryomov <idryomov(a)gmail.com> rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: exynos: correct TMU phandle in Odroid HC1 Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: exynos: correct TMU phandle in Odroid XU Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: exynos: correct TMU phandle in Exynos5250 Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: exynos: correct TMU phandle in Odroid XU3 family Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: exynos: correct TMU phandle in Exynos4 Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: exynos: correct TMU phandle in Exynos4210 Mikulas Patocka <mpatocka(a)redhat.com> dm flakey: don't corrupt the zero page Mikulas Patocka <mpatocka(a)redhat.com> dm flakey: fix logic when corrupting a bio Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> thermal: intel: powerclamp: Fix cur_state for multi package system Alexander Wetzel <alexander(a)wetzel-home.de> wifi: cfg80211: Fix use after free for wext Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtl8xxxu: Use a longer retry limit of 48 Pingfan Liu <piliu(a)redhat.com> dm: add cond_resched() to dm_wq_work() Louis Rannou <lrannou(a)baylibre.com> mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type Jun Nie <jun.nie(a)linaro.org> ext4: refuse to create ea block when umounted Jun Nie <jun.nie(a)linaro.org> ext4: optimize ea_inode block expansion Zhihao Cheng <chengzhihao1(a)huawei.com> jbd2: fix data missing when reusing bh which is ready to be checkpointed Łukasz Stelmach <l.stelmach(a)samsung.com> ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC Dmitry Fomin <fomindmitriyfoma(a)mail.ru> ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls() Jens Axboe <axboe(a)kernel.dk> io_uring/poll: allow some retries for poll triggering spuriously David Lamparter <equinox(a)diac24.net> io_uring: remove MSG_NOSIGNAL from recvmsg Pavel Begunkov <asml.silence(a)gmail.com> io_uring/rsrc: disallow multi-source reg buffers Jens Axboe <axboe(a)kernel.dk> io_uring: add a conditional reschedule to the IOPOLL cancelation loop Jens Axboe <axboe(a)kernel.dk> io_uring: mark task TASK_RUNNING before handling resume/task work Jens Axboe <axboe(a)kernel.dk> io_uring: handle TIF_NOTIFY_RESUME when checking for task_work Johan Hovold <johan+linaro(a)kernel.org> irqdomain: Drop bogus fwspec-mapping error handling Johan Hovold <johan+linaro(a)kernel.org> irqdomain: Fix disassociation race Johan Hovold <johan+linaro(a)kernel.org> irqdomain: Fix association race Roberto Sassu <roberto.sassu(a)huawei.com> ima: Align ima_file_mmap() parameters with mmap_file LSM hook Jens Axboe <axboe(a)kernel.dk> brd: return 0/-error from brd_insert_page() KP Singh <kpsingh(a)kernel.org> Documentation/hw-vuln: Document the interaction between IBRS and STIBP KP Singh <kpsingh(a)kernel.org> x86/speculation: Allow enabling STIBP with legacy IBRS Borislav Petkov (AMD) <bp(a)alien8.de> x86/microcode/AMD: Fix mixed steppings support Borislav Petkov (AMD) <bp(a)alien8.de> x86/microcode/AMD: Add a @cpu parameter to the reloading functions Borislav Petkov (AMD) <bp(a)alien8.de> x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter Yang Jihong <yangjihong1(a)huawei.com> x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range Yang Jihong <yangjihong1(a)huawei.com> x86/kprobes: Fix __recover_optprobed_insn check optimizing logic Sean Christopherson <seanjc(a)google.com> x86/reboot: Disable SVM, not just VMX, when stopping CPUs Sean Christopherson <seanjc(a)google.com> x86/reboot: Disable virtualization in an emergency if SVM is supported Sean Christopherson <seanjc(a)google.com> x86/crash: Disable virt in core NMI crash handler to avoid double shootdown Sean Christopherson <seanjc(a)google.com> x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows) Nico Boehr <nrb(a)linux.ibm.com> KVM: s390: disable migration mode when dirty tracking is disabled Sean Christopherson <seanjc(a)google.com> KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI Sean Christopherson <seanjc(a)google.com> KVM: Destroy target device if coalesced MMIO unregistration fails Jan Kara <jack(a)suse.cz> udf: Fix file corruption when appending just after end of preallocated extent Jan Kara <jack(a)suse.cz> udf: Detect system inodes linked into directory hierarchy Jan Kara <jack(a)suse.cz> udf: Preserve link count of system files Jan Kara <jack(a)suse.cz> udf: Do not update file length for failed writes to inline files Jan Kara <jack(a)suse.cz> udf: Do not bother merging very long extents Jan Kara <jack(a)suse.cz> udf: Truncate added extents on failed expansion Heming Zhao via Ocfs2-devel <ocfs2-devel(a)oss.oracle.com> ocfs2: fix non-auto defrag path not working issue Heming Zhao via Ocfs2-devel <ocfs2-devel(a)oss.oracle.com> ocfs2: fix defrag path triggering jbd2 ASSERT Eric Biggers <ebiggers(a)google.com> f2fs: fix cgroup writeback accounting with fs-layer encryption Eric Biggers <ebiggers(a)google.com> f2fs: fix information leak in f2fs_move_inline_dirents() Yuezhang Mo <Yuezhang.Mo(a)sony.com> exfat: fix inode->i_blocks for non-512 byte sector size device Sungjong Seo <sj1557.seo(a)samsung.com> exfat: redefine DIR_DELETED as the bad cluster number Yuezhang Mo <Yuezhang.Mo(a)sony.com> exfat: fix unexpected EOF while reading dir Yuezhang Mo <Yuezhang.Mo(a)sony.com> exfat: fix reporting fs error when reading dir beyond EOF Dongliang Mu <mudongliangabcd(a)gmail.com> fs: hfsplus: fix UAF issue in hfsplus_put_super Liu Shixin <liushixin2(a)huawei.com> hfs: fix missing hfs_bnode_get() in __hfs_bnode_create Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: exynos: correct HDMI phy compatible in Exynos4 Volker Lendecke <vl(a)samba.org> cifs: Fix uninitialized memory read in smb3_qfs_tcon() Vasily Gorbik <gor(a)linux.ibm.com> s390/kprobes: fix current_kprobe never cleared after kprobes reenter Vasily Gorbik <gor(a)linux.ibm.com> s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler Ilya Leoshkevich <iii(a)linux.ibm.com> s390: discard .interp section Gerald Schaefer <gerald.schaefer(a)linux.ibm.com> s390/extmem: return correct segment type in __segment_load() Corey Minyard <cminyard(a)mvista.com> ipmi_ssif: Rename idle state and check Johan Hovold <johan+linaro(a)kernel.org> rtc: pm8xxx: fix set-alarm race Alper Nebi Yasak <alpernebiyasak(a)gmail.com> firmware: coreboot: framebuffer: Ignore reserved pixel color bits Jun ASAKA <JunASAKA(a)zzy040330.moe> wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu Jeff Layton <jlayton(a)kernel.org> nfsd: zero out pointers after putting nfsd_files on COPY setup error Mike Snitzer <snitzer(a)kernel.org> dm cache: add cond_resched() to various workqueue loops Mike Snitzer <snitzer(a)kernel.org> dm thin: add cond_resched() to various workqueue loops Darrell Kavanagh <darrell.kavanagh(a)gmail.com> drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5 Bastien Nocera <hadess(a)hadess.net> HID: logitech-hidpp: Don't restart communication if not necessary Claudiu Beznea <claudiu.beznea(a)microchip.com> pinctrl: at91: use devm_kasprintf() to avoid potential leaks Robin Murphy <robin.murphy(a)arm.com> hwmon: (coretemp) Simplify platform device handling Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Improve gfs2_make_fs_rw error handling Kees Cook <keescook(a)chromium.org> regulator: s5m8767: Bounds check id indexing into arrays Kees Cook <keescook(a)chromium.org> regulator: max77802: Bounds check regulator id against opmode Kees Cook <keescook(a)chromium.org> ASoC: kirkwood: Iterate over array indexes instead of using pointer math Jakob Koschel <jkl820.git(a)gmail.com> docs/scripts/gdb: add necessary make scripts_gdb step Jiasheng Jiang <jiasheng(a)iscas.ac.cn> drm/msm/dsi: Add missing check for alloc_ordered_workqueue Konstantin Meskhidze <konstantin.meskhidze(a)huawei.com> drm: amd: display: Fix memory leakage Liwei Song <liwei.song(a)windriver.com> drm/radeon: free iio for atombios when driver shutdown Carlo Caione <ccaione(a)baylibre.com> drm/tiny: ili9486: Do not assume 8-bit only SPI controllers Jingyuan Liang <jingyliang(a)chromium.org> HID: Add Mapping for System Microphone Mute Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/omap: dsi: Fix excessive stack usage Roman Li <roman.li(a)amd.com> drm/amd/display: Fix potential null-deref in dm_resume Moises Cardona <moisesmcardona(a)gmail.com> Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> PM: EM: fix memory leak with using debugfs_lookup() Kees Cook <keescook(a)chromium.org> uaccess: Add minimum bounds check on kernel buffer size Kees Cook <keescook(a)chromium.org> coda: Avoid partial allocation of sig_inputArgs Shay Drory <shayd(a)nvidia.com> net/mlx5: fw_tracer: Fix debug print Hans de Goede <hdegoede(a)redhat.com> ACPI: video: Fix Lenovo Ideapad Z570 DMI match Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: dma: free rx_head in mt76_dma_rx_cleanup Michael Schmitz <schmitzmic(a)gmail.com> m68k: Check syscall_trace_enter() return code Florian Fainelli <f.fainelli(a)gmail.com> net: bcmgenet: Add a check for oversized packets Kees Cook <keescook(a)chromium.org> crypto: hisilicon: Wipe entire pool on error Feng Tang <feng.tang(a)intel.com> clocksource: Suspend the watchdog temporarily when high read latency detected Mark Rutland <mark.rutland(a)arm.com> ACPI: Don't build ACPICA with '-Os' Jesse Brandeburg <jesse.brandeburg(a)intel.com> ice: add missing checks for PF vsi type Pietro Borrello <borrello(a)diag.uniroma1.it> inet: fix fast path in __inet_hash_connect() Jisoo Jang <jisoo.jang(a)yonsei.ac.kr> wifi: mt7601u: fix an integer underflow Jisoo Jang <jisoo.jang(a)yonsei.ac.kr> wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Breno Leitao <leitao(a)debian.org> x86/bugs: Reset speculation control settings on init Jann Horn <jannh(a)google.com> timers: Prevent union confusion from unexpected restart_syscall() Yang Li <yang.lee(a)linux.alibaba.com> thermal: intel: Fix unsigned comparison with less than zero Kalle Valo <quic_kvalo(a)quicinc.com> wifi: ath11k: debugfs: fix to work with multiple PCI devices Zqiang <qiang1.zhang(a)intel.com> rcu-tasks: Make rude RCU-Tasks work well with CPU hotplug Paul E. McKenney <paulmck(a)kernel.org> rcu: Suppress smp_processor_id() complaint in synchronize_rcu_expedited_wait() Paul E. McKenney <paulmck(a)kernel.org> rcu: Make RCU_LOCKDEP_WARN() avoid early lockdep checks Jisoo Jang <jisoo.jang(a)yonsei.ac.kr> wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() Minsuk Kang <linuxlovemin(a)yonsei.ac.kr> wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() Li Nan <linan122(a)huawei.com> blk-iocost: fix divide by 0 error in calc_lcoefs() Markuss Broks <markuss.broks(a)gmail.com> ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy Jan Kara <jack(a)suse.cz> udf: Define EFSCORRUPTED error code Bjorn Andersson <quic_bjorande(a)quicinc.com> rpmsg: glink: Avoid infinite loop on intent for missing channel Tasos Sahanidis <tasos(a)tasossah.com> media: saa7134: Use video_unregister_device for radio_dev Duoming Zhou <duoming(a)zju.edu.cn> media: usb: siano: Fix use after free bugs caused by do_submit_urb Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: i2c: ov7670: 0 instead of -EINVAL was returned Duoming Zhou <duoming(a)zju.edu.cn> media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() Jai Luthra <j-luthra(a)ti.com> media: i2c: imx219: Fix binning for RAW8 capture Adam Ford <aford173(a)gmail.com> media: i2c: imx219: Split common registers from mode tables Sameer Puri <purisame(a)spuri.io> media: i2c: imx219: remove redundant writes Yuan Can <yuancan(a)huawei.com> media: i2c: ov772x: Fix memleak in ov772x_probe() Shang XiaoJing <shangxiaojing(a)huawei.com> media: ov5675: Fix memleak in ov5675_init_controls() Shang XiaoJing <shangxiaojing(a)huawei.com> media: ov2740: Fix memleak in ov2740_init_controls() Shang XiaoJing <shangxiaojing(a)huawei.com> media: max9286: Fix memleak in max9286_v4l2_register() Bastian Germann <bage(a)linutronix.de> builddeb: clean generated package content Nathan Chancellor <nathan(a)kernel.org> powerpc: Remove linker flag from KBUILD_AFLAGS Jiasheng Jiang <jiasheng(a)iscas.ac.cn> media: platform: ti: Add missing check for devm_regulator_get Gaosheng Cui <cuigaosheng1(a)huawei.com> media: ti: cal: fix possible memory leak in cal_ctx_create() Sibi Sankar <quic_sibis(a)quicinc.com> remoteproc: qcom_q6v5_mss: Use a carveout to authenticate modem headers Jeff LaBundy <jeff(a)labundy.com> Input: iqs269a - do not poll during ATI Jeff LaBundy <jeff(a)labundy.com> Input: iqs269a - do not poll during suspend or resume Al Viro <viro(a)zeniv.linux.org.uk> alpha/boot/tools/objstrip: fix the check for ELF header Eli Cohen <elic(a)nvidia.com> vdpa/mlx5: Don't clear mr struct on destroy MR Randy Dunlap <rdunlap(a)infradead.org> MIPS: vpe-mt: drop physical_memsize Randy Dunlap <rdunlap(a)infradead.org> MIPS: SMP-CPS: fix build error when HOTPLUG_CPU not set Ganesh Goudar <ganeshgr(a)linux.ibm.com> powerpc/eeh: Set channel state after notifying the drivers Daniel Axtens <dja(a)axtens.net> powerpc/eeh: Small refactor of eeh_handle_normal_event() Nathan Lynch <nathanl(a)linux.ibm.com> powerpc/rtas: ensure 4KB alignment for rtas_data_buf Nathan Lynch <nathanl(a)linux.ibm.com> powerpc/rtas: make all exports GPL Nathan Lynch <nathanl(a)linux.ibm.com> powerpc/pseries/lparcfg: add missing RTAS retry status handling Nathan Lynch <nathanl(a)linux.ibm.com> powerpc/pseries/lpar: add missing RTAS retry status handling Nathan Lynch <nathanl(a)linux.ibm.com> powerpc/perf/hv-24x7: add missing RTAS retry status handling Chen-Yu Tsai <wenst(a)chromium.org> clk: Honor CLK_OPS_PARENT_ENABLE in clk_core_is_enabled() Frederic Barrat <fbarrat(a)linux.ibm.com> powerpc/powernv/ioda: Skip unallocated resources when mapping to PE Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> clk: qcom: gpucc-sdm845: fix clk_dis_wait being programmed for CX GDSC Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> clk: qcom: gpucc-sc7180: fix clk_dis_wait being programmed for CX GDSC Luca Ellero <l.ellero(a)asem.it> Input: ads7846 - don't check penirq immediately for 7845 Luca Ellero <l.ellero(a)asem.it> Input: ads7846 - always set last command to PWRDOWN Oleksij Rempel <linux(a)rempel-privat.de> Input: ads7846 - convert to one message Oleksij Rempel <linux(a)rempel-privat.de> Input: ads7846 - convert to full duplex Luca Ellero <l.ellero(a)asem.it> Input: ads7846 - don't report pressure for ads7845 Peng Fan <peng.fan(a)nxp.com> clk: imx: avoid memory leak Geert Uytterhoeven <geert+renesas(a)glider.be> clk: renesas: cpg-mssr: Remove superfluous check in resume code Alexey Khoroshilov <khoroshilov(a)ispras.ru> clk: renesas: cpg-mssr: Fix use after free if cpg_mssr_common_init() failed Masahiro Yamada <masahiroy(a)kernel.org> linux/kconfig.h: replace IF_ENABLED() with PTR_IF() in <linux/kernel.h> Jeff LaBundy <jeff(a)labundy.com> Input: iqs269a - configure device with a single block write Jeff LaBundy <jeff(a)labundy.com> Input: iqs269a - increase interrupt handler return delay Jeff LaBundy <jeff(a)labundy.com> Input: iqs269a - drop unused device node references Samuel Holland <samuel(a)sholland.org> mtd: rawnand: sunxi: Fix the size of the last OOB region Heiko Stuebner <heiko.stuebner(a)vrull.eu> RISC-V: fix funct4 definition for c.jalr in parse_asm.h Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> clk: qcom: gcc-qcs404: fix names of the DSI clocks used as parents Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> clk: qcom: gcc-qcs404: disable gpll[04]_out_aux parents Qiheng Lin <linqiheng(a)huawei.com> mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read() Arnd Bergmann <arnd(a)arndb.de> objtool: add UACCESS exceptions for __tsan_volatile_read/write Arnd Bergmann <arnd(a)arndb.de> printf: fix errname.c list Masami Hiramatsu (Google) <mhiramat(a)kernel.org> selftests/ftrace: Fix bash specific "==" operator Randy Dunlap <rdunlap(a)infradead.org> sparc: allow PM configs for sparc32 COMPILE_TEST Yicong Yang <yangyicong(a)hisilicon.com> perf tools: Fix auto-complete on aarch64 Miaoqian Lin <linmq006(a)gmail.com> leds: led-core: Fix refcount leak in of_led_get() Ian Rogers <irogers(a)google.com> perf llvm: Fix inadvertent file creation Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: jdata writepage fix Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> cifs: Fix warning and UAF when destroy the MR list Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> cifs: Fix lost destroy smbd connection when MR allocate failed Benjamin Coddington <bcodding(a)redhat.com> nfsd: fix race to check ls_layouts Pietro Borrello <borrello(a)diag.uniroma1.it> hid: bigben_probe(): validate report count Pietro Borrello <borrello(a)diag.uniroma1.it> HID: bigben: use spinlock to safely schedule workers Pietro Borrello <borrello(a)diag.uniroma1.it> HID: bigben_worker() remove unneeded check on report_field Pietro Borrello <borrello(a)diag.uniroma1.it> HID: bigben: use spinlock to protect concurrent accesses Lucas Tanure <lucas.tanure(a)collabora.com> ASoC: soc-dapm.h: fixup warning struct snd_pcm_substream not declared Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> spi: synquacer: Fix timeout handling in synquacer_spi_transfer_one() NeilBrown <neilb(a)suse.de> NFS: fix disabling of swap Benjamin Coddington <bcodding(a)redhat.com> nfs4trace: fix state manager flag printing NeilBrown <neilb(a)suse.de> NFSv4: keep state manager thread active if swap is enabled Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix up handling of outstanding layoutcommit in nfs_update_inode() Mike Snitzer <snitzer(a)kernel.org> dm: remove flush_scheduled_work() during local_exit() Steffen Aschbacher <steffen.aschbacher(a)stihl.de> ASoC: tlv320adcx140: fix 'ti,gpio-config' DT property init Vadim Pasternak <vadimp(a)nvidia.com> hwmon: (mlxreg-fan) Return zero speed for broken fan William Zhang <william.zhang(a)broadcom.com> spi: bcm63xx-hsspi: Fix multi-bit mode setting Álvaro Fernández Rojas <noltari(a)gmail.com> spi: bcm63xx-hsspi: fix pm_runtime Jiasheng Jiang <jiasheng(a)iscas.ac.cn> scsi: aic94xx: Add missing check for dma_map_single() Tomas Henzl <thenzl(a)redhat.com> scsi: mpt3sas: Fix a memory leak Arnd Bergmann <arnd(a)arndb.de> drm/amdgpu: fix enum odm_combine_mode mismatch Jonathan Cormier <jcormier(a)criticallink.com> hwmon: (ltc2945) Handle error case in ltc2945_value_store Jerome Brunet <jbrunet(a)baylibre.com> ASoC: dt-bindings: meson: fix gx-card codec node regex Nathan Chancellor <nathan(a)kernel.org> ASoC: mchp-spdifrx: Fix uninitialized use of mr in mchp_spdifrx_hw_params() Claudiu Beznea <claudiu.beznea(a)microchip.com> ASoC: mchp-spdifrx: disable all interrupts in mchp_spdifrx_dai_remove() Claudiu Beznea <claudiu.beznea(a)microchip.com> ASoC: mchp-spdifrx: fix controls that works with completion mechanism Claudiu Beznea <claudiu.beznea(a)microchip.com> ASoC: mchp-spdifrx: fix return value in case completion times out Gu Shengxian <gushengxian(a)yulong.com> ASoC: atmel: fix spelling mistakes Claudiu Beznea <claudiu.beznea(a)microchip.com> ASoC: mchp-spdifrx: fix controls which rely on rsr register Arnd Bergmann <arnd(a)arndb.de> spi: dw_bt1: fix MUX_MMIO dependencies Haibo Chen <haibo.chen(a)nxp.com> gpio: vf610: connect GPIO label to dev name Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress() Nícolas F. R. A. Prado <nfraprado(a)collabora.com> drm/mediatek: Clean dangling pointer on bind error path ruanjinjie <ruanjinjie(a)huawei.com> drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc Rob Clark <robdclark(a)chromium.org> drm/mediatek: Drop unbalanced obj unref Miles Chen <miles.chen(a)mediatek.com> drm/mediatek: Use NULL instead of 0 for NULL pointer Xinlei Lee <xinlei.lee(a)mediatek.com> drm/mediatek: dsi: Reduce the time of dsi from LP11 to sending cmd Mikko Perttunen <mperttunen(a)nvidia.com> gpu: host1x: Don't skip assigning syncpoints to channels Guodong Liu <Guodong.Liu(a)mediatek.com> pinctrl: mediatek: Initialize variable *buf to zero Guodong Liu <Guodong.Liu(a)mediatek.com> pinctrl: mediatek: Initialize variable pullen and pullup to zero Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> pinctrl: bcm2835: Remove of_node_put() in bcm2835_of_gpio_ranges_fallback() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> drm/msm/mdp5: Add check for kzalloc Jiasheng Jiang <jiasheng(a)iscas.ac.cn> drm/msm/dpu: Add check for pstates Jiasheng Jiang <jiasheng(a)iscas.ac.cn> drm/msm/dpu: Add check for cstate Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm: use strscpy instead of strncpy Daniel Mentz <danielmentz(a)google.com> drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/bridge: lt9611: pass a pointer to the of node Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/bridge: lt9611: fix clock calculation Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/bridge: lt9611: fix programming of video modes Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/bridge: lt9611: fix polarity programming Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/bridge: lt9611: fix HPD reenablement Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/bridge: lt9611: fix sleep mode setup Marijn Suijten <marijn.suijten(a)somainline.org> drm/msm/dpu: Disallow unallocated resources to be returned Alexey V. Vissarionov <gremlin(a)altlinux.org> ALSA: hda/ca0132: minor fix for allocation size Akhil P Oommen <quic_akhilpo(a)quicinc.com> drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup() Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: fsl_sai: initialize is_dsp_mode flag Dave Stevenson <dave.stevenson(a)raspberrypi.com> drm/vc4: hdmi: Correct interlaced timings again Dave Stevenson <dave.stevenson(a)raspberrypi.com> drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5 Dave Stevenson <dave.stevenson(a)raspberrypi.com> drm/vc4: hvs: Set AXI panic modes Miaoqian Lin <linmq006(a)gmail.com> pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups Jianqun Xu <jay.xu(a)rock-chips.com> pinctrl: rockchip: do coding style for mux route struct Jianqun Xu <jay.xu(a)rock-chips.com> pinctrl: rockchip: add support for rk3568 Miaoqian Lin <linmq006(a)gmail.com> pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain Adam Skladowski <a39.skl(a)gmail.com> pinctrl: qcom: pinctrl-msm8976: Correct function names for wcss pins Jiasheng Jiang <jiasheng(a)iscas.ac.cn> drm/msm/hdmi: Add missing check for alloc_ordered_workqueue Liang He <windhl(a)126.com> gpu: ipu-v3: common: Add of_node_put() for reference returned by of_graph_get_port_by_id() Randolph Sapp <rs(a)ti.com> drm: tidss: Fix pixel format definition Dave Stevenson <dave.stevenson(a)raspberrypi.com> drm/vc4: dpi: Fix format mapping for RGB565 Dave Stevenson <dave.stevenson(a)raspberrypi.com> drm/vc4: dpi: Add option for inverting pixel clock and output enable Yuan Can <yuancan(a)huawei.com> drm/vkms: Fix null-ptr-deref in vkms_release() Yuan Can <yuancan(a)huawei.com> drm/bridge: megachips: Fix error handling in i2c_register_driver() Geert Uytterhoeven <geert+renesas(a)glider.be> drm: mxsfb: DRM_MXSFB should depend on ARCH_MXS || ARCH_MXC Geert Uytterhoeven <geert(a)linux-m68k.org> drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats Shang XiaoJing <shangxiaojing(a)huawei.com> drm: Fix potential null-ptr-deref due to drmm_mode_config_init() Jiri Pirko <jiri(a)nvidia.com> sefltests: netdevsim: wait for devlink instance after netns removal Roxana Nicolescu <roxana.nicolescu(a)canonical.com> selftest: fib_tests: Always cleanup before exit Doug Berger <opendmb(a)gmail.com> net: bcmgenet: fix MoCA LED control Shigeru Yoshida <syoshida(a)redhat.com> l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register() Jakub Sitnicki <jakub(a)cloudflare.com> selftests/net: Interpret UDP_GRO cmsg data as an int value Florian Fainelli <f.fainelli(a)gmail.com> irqchip/irq-bcm7120-l2: Set IRQ_LEVEL for level triggered interrupts Florian Fainelli <f.fainelli(a)gmail.com> irqchip/irq-brcmstb-l2: Set IRQ_LEVEL for level triggered interrupts Andrii Nakryiko <andrii(a)kernel.org> bpf: Fix global subprog context argument resolution logic Frank Jungclaus <frank.jungclaus(a)esd.eu> can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a bus error Yongqin Liu <yongqin.liu(a)linaro.org> thermal/drivers/hisi: Drop second sensor hi3660 Shayne Chen <shayne.chen(a)mediatek.com> wifi: mac80211: make rate u32 in sta_set_rate_info_rx() Herbert Xu <herbert(a)gondor.apana.org.au> crypto: crypto4xx - Call dma_unmap_page when done Ilya Leoshkevich <iii(a)linux.ibm.com> selftests/bpf: Fix out-of-srctree build Dan Carpenter <error27(a)gmail.com> wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> wifi: iwl4965: Add missing check for create_singlethread_workqueue() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> wifi: iwl3945: Add missing check for create_singlethread_workqueue Conor Dooley <conor.dooley(a)microchip.com> RISC-V: time: initialize hrtimer based broadcast clock event device Randy Dunlap <rdunlap(a)infradead.org> m68k: /proc/hardware should depend on PROC_FS Herbert Xu <herbert(a)gondor.apana.org.au> crypto: rsa-pkcs1pad - Use akcipher_request_complete Pietro Borrello <borrello(a)diag.uniroma1.it> rds: rds_rm_zerocopy_callback() correct order for list_add_tail() Ilya Leoshkevich <iii(a)linux.ibm.com> libbpf: Fix alen calculation in libbpf_nla_dump_errormsg() Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix potential user-after-free Qi Zheng <zhengqi.arch(a)bytedance.com> OPP: fix error checking in opp_migrate_dentry() Pietro Borrello <borrello(a)diag.uniroma1.it> tap: tap_open(): correctly initialize socket uid Pietro Borrello <borrello(a)diag.uniroma1.it> tun: tun_chr_open(): correctly initialize socket uid Pietro Borrello <borrello(a)diag.uniroma1.it> net: add sock_init_data_uid() Vasily Gorbik <gor(a)linux.ibm.com> s390/vmem: fix empty page tables cleanup under KASAN Miaoqian Lin <linmq006(a)gmail.com> irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe Miaoqian Lin <linmq006(a)gmail.com> irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe Miaoqian Lin <linmq006(a)gmail.com> irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains Miaoqian Lin <linmq006(a)gmail.com> irqchip: Fix refcount leak in platform_irqchip_probe Jack Morgenstein <jackm(a)nvidia.com> net/mlx5: Enhance debug print in page allocation failure Tonghao Zhang <tong(a)infragraf.org> bpftool: profile online CPUs instead of possible Tom Lendacky <thomas.lendacky(a)amd.com> crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware Peter Gonda <pgonda(a)google.com> crypto: ccp - Refactor out sev_fw_alloc() Hans de Goede <hdegoede(a)redhat.com> leds: led-class: Add missing put_device() to led_put() Herbert Xu <herbert(a)gondor.apana.org.au> crypto: xts - Handle EBUSY correctly Wang Qing <wangqing(a)vivo.com> net: ethernet: ti: add missing of_node_put before return Grygorii Strashko <grygorii.strashko(a)ti.com> net: ethernet: ti: am65-cpsw: handle deferred probe with dev_err_probe() Grygorii Strashko <grygorii.strashko(a)ti.com> net: ethernet: ti: am65-cpsw: fix tx csum offload for multi mac mode Ashok Raj <ashok.raj(a)intel.com> x86/microcode: Adjust late loading result reporting message Ashok Raj <ashok.raj(a)intel.com> x86/microcode: Check CPU capabilities after late microcode update correctly Ashok Raj <ashok.raj(a)intel.com> x86/microcode: Add a parameter to microcode_check() to store CPU capabilities Ashok Raj <ashok.raj(a)intel.com> x86/microcode: Print previous version of microcode after reload Borislav Petkov <bp(a)suse.de> x86/microcode: Default-disable late loading Borislav Petkov <bp(a)suse.de> x86/microcode: Rip out the OLD_INTERFACE Peter Zijlstra <peterz(a)infradead.org> x86: Mark stop_this_cpu() __noreturn Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> x86/microcode: Replace deprecated CPU-hotplug functions. Borislav Petkov <bp(a)suse.de> x86/cpu: Init AP exception handling from cpu_init_secondary() Yang Yingliang <yangyingliang(a)huawei.com> powercap: fix possible name leak in powercap_register_zone() Herbert Xu <herbert(a)gondor.apana.org.au> crypto: seqiv - Handle EBUSY correctly Herbert Xu <herbert(a)gondor.apana.org.au> crypto: essiv - Handle EBUSY correctly Koba Ko <koba.taiwan(a)gmail.com> crypto: ccp - Failure on re-initialization due to duplicate sysfs filename Armin Wolf <W_Armin(a)gmx.de> ACPI: battery: Fix missing NUL-termination with large strings Shivani Baranwal <quic_shivbara(a)quicinc.com> wifi: cfg80211: Fix extended KCK key length check in nl80211_set_rekey_data() Miaoqian Lin <linmq006(a)gmail.com> wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup Minsuk Kang <linuxlovemin(a)yonsei.ac.kr> wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails Pavel Skripkin <paskripkin(a)gmail.com> ath9k: htc: clean up statistics macros Wan Jiabing <wanjiabing(a)vivo.com> ath9k: hif_usb: simplify if-if to if-else Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function Alexey Kodanev <aleksei.kodanev(a)bell-sw.com> wifi: orinoco: check return value of hermes_write_wordrec() Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> thermal/drivers/tsens: Sort out msm8976 vs msm8956 data Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> thermal/drivers/tsens: Add compat string for the qcom,msm8960 Konrad Dybcio <konrad.dybcio(a)somainline.org> thermal/drivers/qcom/tsens_v1: Enable sensor 3 on MSM8976 Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> thermal/drivers/tsens: Drop msm8976-specific defines Daniil Tatianin <d-tatianin(a)yandex-team.ru> ACPICA: nsrepair: handle cases without a return value correctly David Rientjes <rientjes(a)google.com> crypto: ccp - Avoid page allocation failure warning for SEV_GET_ID2 John Allen <john.allen(a)amd.com> crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak Sean Christopherson <seanjc(a)google.com> crypto: ccp: Use the stack and common buffer for status commands Sean Christopherson <seanjc(a)google.com> crypto: ccp: Use the stack for small SEV command buffers Herbert Xu <herbert(a)gondor.apana.org.au> lib/mpi: Fix buffer overrun when SG is too long Frederic Weisbecker <frederic(a)kernel.org> rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes() Frederic Weisbecker <frederic(a)kernel.org> rcu-tasks: Remove preemption disablement around srcu_read_[un]lock() calls Frederic Weisbecker <frederic(a)kernel.org> rcu-tasks: Improve comments explaining tasks_rcu_exit_srcu purpose Zhen Lei <thunder.leizhen(a)huawei.com> genirq: Fix the return type of kstat_cpu_irqs_sum() Mario Limonciello <mario.limonciello(a)amd.com> ACPICA: Drop port I/O validation for some regions Eric Biggers <ebiggers(a)google.com> crypto: x86/ghash - fix unaligned access in ghash_setkey() Yang Yingliang <yangyingliang(a)huawei.com> wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave() Zhengchao Shao <shaozhengchao(a)huawei.com> wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid() Zhang Changzhong <zhangchangzhong(a)huawei.com> wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit() Zhang Changzhong <zhangchangzhong(a)huawei.com> wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() Zhengchao Shao <shaozhengchao(a)huawei.com> wifi: ipw2200: fix memory leak in ipw_wdev_init() Yang Yingliang <yangyingliang(a)huawei.com> wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave() Andrii Nakryiko <andrii(a)kernel.org> libbpf: Fix btf__align_of() by taking into account field offsets Li Zetao <lizetao1(a)huawei.com> wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit() Arnd Bergmann <arnd(a)arndb.de> rtlwifi: fix -Wpointer-sign warning Yang Yingliang <yangyingliang(a)huawei.com> wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave() Zhengchao Shao <shaozhengchao(a)huawei.com> wifi: libertas: fix memory leak in lbs_init_adapter() Yang Yingliang <yangyingliang(a)huawei.com> wifi: iwlegacy: common: don't call dev_kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> wifi: rtlwifi: rtl8723be: don't call kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> wifi: rtlwifi: rtl8188ee: don't call kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> wifi: rtlwifi: rtl8821ae: don't call kfree_skb() under spin_lock_irqsave() Yuan Can <yuancan(a)huawei.com> wifi: rsi: Fix memory leak in rsi_coex_attach() Martin K. Petersen <martin.petersen(a)oracle.com> block: bio-integrity: Copy flags when bio_integrity_payload is cloned silviazhao <silviazhao-oc(a)zhaoxin.com> x86/perf/zhaoxin: Add stepping check for ZXC Pietro Borrello <borrello(a)diag.uniroma1.it> sched/rt: pick_next_rt_entity(): check list_entry Dietmar Eggemann <dietmar.eggemann(a)arm.com> sched/deadline,rt: Remove unused parameter from pick_next_[rt|dl]_entity() Qiheng Lin <linqiheng(a)huawei.com> s390/dasd: Fix potential memleak in dasd_eckd_init() Jan Höppner <hoeppner(a)linux.ibm.com> s390/dasd: Prepare for additional path event handling Kemeng Shi <shikemeng(a)huaweicloud.com> blk-mq: correct stale comment of .get_budget Kemeng Shi <shikemeng(a)huaweicloud.com> blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx Kemeng Shi <shikemeng(a)huaweicloud.com> blk-mq: avoid sleep in blk_mq_alloc_request_hctx AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mediatek: mt7622: Add missing pwm-cells to pwm node Peng Fan <peng.fan(a)nxp.com> ARM: dts: imx7s: correct iomuxc gpr mux controller cells Samuel Holland <samuel(a)sholland.org> ARM: dts: sun8i: nanopi-duo2: Fix regulator GPIO reference Adam Ford <aford173(a)gmail.com> arm64: dts: renesas: beacon-renesom: Fix gpio expander reference Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: amlogic: meson-gxbb-kii-pro: fix led node name Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: amlogic: meson-gxl-s905d-phicomm-n1: fix led node name Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: amlogic: meson-gx-libretech-pc: fix update button name Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: amlogic: meson-gxl: add missing unit address to eth-phy-mux node name Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: amlogic: meson-gx: add missing unit address to rng node name Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: amlogic: meson-gxl-s905d-sml5442tw: drop invalid clock-names property Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: amlogic: meson-gx: add missing SCPI sensors compatible Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: amlogic: meson-axg: fix SCPI clock dvfs node name Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: amlogic: meson-gx: fix SCPI clock dvfs node name Angus Chen <angus.chen(a)jaguarmicro.com> ARM: imx: Call ida_simple_remove() for ida_simple_get Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: exynos: correct wr-active property in Exynos3250 Rinato Vaishnav Achath <vaishnav.a(a)ti.com> arm64: dts: ti: k3-j7200: Fix wakeup pinmux range Arnd Bergmann <arnd(a)arndb.de> ARM: s3c: fix s3c64xx_set_timer_source prototype Yang Yingliang <yangyingliang(a)huawei.com> ARM: OMAP1: call platform_device_put() in error case in omap1_dm_timer_init() Christian Hewitt <christianshewitt(a)gmail.com> arm64: dts: meson: remove CPU opps below 1GHz for G12A boards Robert Marko <robimarko(a)gmail.com> arm64: dts: qcom: ipq8074: correct PCIe QMP PHY output clock names Robert Marko <robimarko(a)gmail.com> arm64: dts: qcom: ipq8074: fix Gen3 PCIe node Robert Marko <robimarko(a)gmail.com> arm64: dts: qcom: ipq8074: correct Gen2 PCIe ranges Robert Marko <robimarko(a)gmail.com> arm64: dts: qcom: ipq8074: fix Gen3 PCIe QMP PHY Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: ipq8074: fix PCIe PHY serdes size Shawn Guo <shawn.guo(a)linaro.org> arm64: dts: qcom: Fix IPQ8074 PCIe PHY nodes Robert Marko <robimarko(a)gmail.com> arm64: dts: qcom: ipq8074: correct USB3 QMP PHY-s clock output names Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> arm64: dts: meson-g12a: Fix internal Ethernet PHY unit name Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> arm64: dts: meson-gx: Fix Ethernet MAC address unit name Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sc7180: correct SPMI bus address cells Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sdm845-db845c: fix audio codec interrupt pin name Chen-Yu Tsai <wenst(a)chromium.org> arm64: dts: mediatek: mt8183: Fix systimer 13 MHz clock description Qiheng Lin <linqiheng(a)huawei.com> ARM: zynq: Fix refcount leak in zynq_early_slcr_init Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> arm64: dts: qcom: qcs404: use symbol names for PCIe resets Chen Hui <judy.chenhui(a)huawei.com> ARM: OMAP2+: Fix memory leak in realtime_counter_init() Anders Roxell <anders.roxell(a)linaro.org> powerpc/mm: Rearrange if-else block to avoid clang warning Pietro Borrello <borrello(a)diag.uniroma1.it> HID: asus: use spinlock to safely schedule workers Pietro Borrello <borrello(a)diag.uniroma1.it> HID: asus: use spinlock to protect concurrent accesses Luke D. Jones <luke(a)ljones.dev> HID: asus: Remove check for same LED brightness on set ------------- Diffstat: Documentation/ABI/testing/configfs-usb-gadget-uvc | 2 +- Documentation/admin-guide/cgroup-v1/memory.rst | 13 +- Documentation/admin-guide/hw-vuln/spectre.rst | 21 +- Documentation/admin-guide/kdump/gdbmacros.txt | 2 +- Documentation/dev-tools/gdb-kernel-debugging.rst | 4 + .../bindings/sound/amlogic,gx-sound-card.yaml | 2 +- Documentation/virt/kvm/api.rst | 18 +- Documentation/virt/kvm/devices/vm.rst | 4 + Makefile | 15 +- arch/alpha/boot/tools/objstrip.c | 2 +- arch/alpha/kernel/traps.c | 30 +- arch/arm/boot/dts/exynos3250-rinato.dts | 2 +- arch/arm/boot/dts/exynos4-cpu-thermal.dtsi | 2 +- arch/arm/boot/dts/exynos4.dtsi | 2 +- arch/arm/boot/dts/exynos4210.dtsi | 1 - arch/arm/boot/dts/exynos5250.dtsi | 2 +- arch/arm/boot/dts/exynos5410-odroidxu.dts | 1 - arch/arm/boot/dts/exynos5420.dtsi | 2 +- arch/arm/boot/dts/exynos5422-odroidhc1.dts | 10 +- arch/arm/boot/dts/exynos5422-odroidxu3-common.dtsi | 10 +- arch/arm/boot/dts/imx7s.dtsi | 2 +- arch/arm/boot/dts/spear320-hmi.dts | 2 +- arch/arm/boot/dts/sun8i-h3-nanopi-duo2.dts | 2 +- arch/arm/mach-imx/mmdc.c | 24 +- arch/arm/mach-omap1/timer.c | 2 +- arch/arm/mach-omap2/timer.c | 1 + arch/arm/mach-s3c/s3c64xx.c | 3 +- arch/arm/mach-zynq/slcr.c | 1 + arch/arm64/boot/dts/amlogic/meson-axg.dtsi | 4 +- arch/arm64/boot/dts/amlogic/meson-g12-common.dtsi | 2 +- arch/arm64/boot/dts/amlogic/meson-g12a.dtsi | 20 - .../boot/dts/amlogic/meson-gx-libretech-pc.dtsi | 2 +- arch/arm64/boot/dts/amlogic/meson-gx.dtsi | 6 +- arch/arm64/boot/dts/amlogic/meson-gxbb-kii-pro.dts | 2 +- .../dts/amlogic/meson-gxl-s905d-phicomm-n1.dts | 2 +- .../boot/dts/amlogic/meson-gxl-s905d-sml5442tw.dts | 1 - arch/arm64/boot/dts/amlogic/meson-gxl.dtsi | 2 +- arch/arm64/boot/dts/mediatek/mt7622.dtsi | 1 + arch/arm64/boot/dts/mediatek/mt8183.dtsi | 12 +- arch/arm64/boot/dts/qcom/ipq8074.dtsi | 93 +- arch/arm64/boot/dts/qcom/qcs404.dtsi | 12 +- arch/arm64/boot/dts/qcom/sc7180.dtsi | 4 +- arch/arm64/boot/dts/qcom/sdm845-db845c.dts | 2 +- .../boot/dts/renesas/beacon-renesom-baseboard.dtsi | 24 +- .../boot/dts/ti/k3-j7200-common-proc-board.dts | 2 +- arch/arm64/boot/dts/ti/k3-j7200-mcu-wakeup.dtsi | 29 +- arch/m68k/68000/entry.S | 2 + arch/m68k/Kconfig.devices | 1 + arch/m68k/coldfire/entry.S | 2 + arch/m68k/kernel/entry.S | 3 + arch/mips/include/asm/syscall.h | 2 +- arch/mips/include/asm/vpe.h | 1 - arch/mips/kernel/smp-cps.c | 8 +- arch/mips/kernel/vpe-mt.c | 7 +- arch/mips/lantiq/prom.c | 6 - arch/powerpc/Makefile | 2 +- arch/powerpc/kernel/eeh_driver.c | 71 +- arch/powerpc/kernel/rtas.c | 24 +- arch/powerpc/mm/book3s64/radix_tlb.c | 11 +- arch/powerpc/perf/hv-24x7.c | 42 +- arch/powerpc/platforms/powernv/pci-ioda.c | 3 +- arch/powerpc/platforms/pseries/lpar.c | 20 +- arch/powerpc/platforms/pseries/lparcfg.c | 20 +- arch/riscv/include/asm/jump_label.h | 2 + arch/riscv/include/asm/parse_asm.h | 2 +- arch/riscv/kernel/time.c | 3 + arch/s390/kernel/kprobes.c | 4 +- arch/s390/kernel/vmlinux.lds.S | 1 + arch/s390/kvm/kvm-s390.c | 17 + arch/s390/mm/extmem.c | 12 +- arch/s390/mm/vmem.c | 6 +- arch/sparc/Kconfig | 2 +- arch/um/drivers/vector_kern.c | 1 + arch/x86/Kconfig | 15 +- arch/x86/crypto/ghash-clmulni-intel_glue.c | 6 +- arch/x86/events/zhaoxin/core.c | 8 +- arch/x86/include/asm/microcode.h | 4 +- arch/x86/include/asm/microcode_amd.h | 4 +- arch/x86/include/asm/msr-index.h | 4 + arch/x86/include/asm/processor.h | 6 +- arch/x86/include/asm/reboot.h | 2 + arch/x86/include/asm/resctrl.h | 19 +- arch/x86/include/asm/virtext.h | 16 +- arch/x86/kernel/cpu/bugs.c | 35 +- arch/x86/kernel/cpu/common.c | 75 +- arch/x86/kernel/cpu/microcode/amd.c | 53 +- arch/x86/kernel/cpu/microcode/core.c | 148 +--- arch/x86/kernel/cpu/resctrl/rdtgroup.c | 14 +- arch/x86/kernel/crash.c | 17 +- arch/x86/kernel/kprobes/opt.c | 6 +- arch/x86/kernel/process.c | 2 +- arch/x86/kernel/process_32.c | 2 +- arch/x86/kernel/process_64.c | 2 +- arch/x86/kernel/reboot.c | 88 +- arch/x86/kernel/smp.c | 6 +- arch/x86/kernel/smpboot.c | 3 +- arch/x86/kernel/sysfb_efi.c | 8 + arch/x86/kernel/traps.c | 4 +- arch/x86/kvm/lapic.c | 10 +- arch/x86/um/vdso/um_vdso.c | 12 +- block/bio-integrity.c | 1 + block/blk-iocost.c | 11 +- block/blk-mq-sched.c | 7 +- block/blk-mq.c | 3 +- crypto/essiv.c | 7 +- crypto/rsa-pkcs1pad.c | 34 +- crypto/seqiv.c | 2 +- crypto/xts.c | 8 +- drivers/acpi/acpica/Makefile | 2 +- drivers/acpi/acpica/hwvalid.c | 7 +- drivers/acpi/acpica/nsrepair.c | 12 +- drivers/acpi/battery.c | 2 +- drivers/acpi/video_detect.c | 2 +- drivers/block/brd.c | 26 +- drivers/block/loop.c | 8 +- drivers/block/rbd.c | 20 +- drivers/bluetooth/btusb.c | 4 + drivers/char/ipmi/ipmi_ssif.c | 46 +- drivers/clk/clk.c | 11 + drivers/clk/imx/clk.c | 3 +- drivers/clk/qcom/gcc-qcs404.c | 24 +- drivers/clk/qcom/gpucc-sc7180.c | 7 +- drivers/clk/qcom/gpucc-sdm845.c | 7 +- drivers/clk/renesas/renesas-cpg-mssr.c | 8 +- drivers/crypto/amcc/crypto4xx_core.c | 10 +- drivers/crypto/ccp/ccp-dmaengine.c | 21 +- drivers/crypto/ccp/sev-dev.c | 185 ++-- drivers/crypto/ccp/sev-dev.h | 1 - drivers/crypto/hisilicon/sgl.c | 3 +- drivers/dax/bus.c | 2 +- drivers/dax/kmem.c | 4 +- drivers/firmware/google/framebuffer-coreboot.c | 4 +- drivers/gpio/gpio-vf610.c | 2 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 6 +- drivers/gpu/drm/amd/display/dc/core/dc.c | 1 + .../amd/display/dc/dml/dcn20/display_mode_vba_20.c | 8 +- .../display/dc/dml/dcn20/display_mode_vba_20v2.c | 10 +- .../amd/display/dc/dml/dcn21/display_mode_vba_21.c | 12 +- drivers/gpu/drm/arm/malidp_planes.c | 2 +- drivers/gpu/drm/bridge/lontium-lt9611.c | 65 +- .../drm/bridge/megachips-stdpxxxx-ge-b850v3-fw.c | 6 +- drivers/gpu/drm/drm_dp_mst_topology.c | 5 +- drivers/gpu/drm/drm_edid.c | 21 +- drivers/gpu/drm/drm_fourcc.c | 4 + drivers/gpu/drm/drm_mipi_dsi.c | 52 ++ drivers/gpu/drm/drm_mode_config.c | 8 +- drivers/gpu/drm/drm_panel_orientation_quirks.c | 6 + drivers/gpu/drm/i915/display/intel_quirks.c | 2 + drivers/gpu/drm/mediatek/mtk_drm_crtc.c | 2 + drivers/gpu/drm/mediatek/mtk_drm_drv.c | 1 + drivers/gpu/drm/mediatek/mtk_drm_gem.c | 4 +- drivers/gpu/drm/mediatek/mtk_dsi.c | 2 +- drivers/gpu/drm/msm/adreno/adreno_gpu.c | 4 +- drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c | 7 +- drivers/gpu/drm/msm/disp/dpu1/dpu_rm.c | 5 + drivers/gpu/drm/msm/disp/mdp5/mdp5_crtc.c | 5 +- drivers/gpu/drm/msm/dsi/dsi_host.c | 3 + drivers/gpu/drm/msm/hdmi/hdmi.c | 4 + drivers/gpu/drm/msm/msm_fence.c | 2 +- drivers/gpu/drm/mxsfb/Kconfig | 1 + drivers/gpu/drm/omapdrm/dss/dsi.c | 26 +- drivers/gpu/drm/radeon/atombios_encoders.c | 5 +- drivers/gpu/drm/radeon/radeon_device.c | 1 + drivers/gpu/drm/tidss/tidss_dispc.c | 4 +- drivers/gpu/drm/tiny/ili9486.c | 13 +- drivers/gpu/drm/vc4/vc4_dpi.c | 66 +- drivers/gpu/drm/vc4/vc4_hdmi.c | 5 +- drivers/gpu/drm/vc4/vc4_hvs.c | 11 + drivers/gpu/drm/vc4/vc4_plane.c | 2 + drivers/gpu/drm/vc4/vc4_regs.h | 6 + drivers/gpu/drm/virtio/virtgpu_object.c | 3 +- drivers/gpu/drm/vkms/vkms_drv.c | 3 +- drivers/gpu/host1x/hw/syncpt_hw.c | 3 - drivers/gpu/ipu-v3/ipu-common.c | 1 + drivers/hid/hid-asus.c | 38 +- drivers/hid/hid-bigbenff.c | 75 +- drivers/hid/hid-debug.c | 1 + drivers/hid/hid-input.c | 8 + drivers/hid/hid-logitech-hidpp.c | 32 +- drivers/hwmon/coretemp.c | 128 ++- drivers/hwmon/ltc2945.c | 2 + drivers/hwmon/mlxreg-fan.c | 6 + drivers/iio/accel/mma9551_core.c | 10 +- drivers/infiniband/hw/hfi1/chip.c | 59 +- drivers/input/misc/iqs269a.c | 327 +++---- drivers/input/touchscreen/ads7846.c | 473 +++++----- drivers/irqchip/irq-alpine-msi.c | 1 + drivers/irqchip/irq-bcm7120-l2.c | 3 +- drivers/irqchip/irq-brcmstb-l2.c | 6 +- drivers/irqchip/irq-mvebu-gicp.c | 1 + drivers/irqchip/irq-ti-sci-intr.c | 1 + drivers/irqchip/irqchip.c | 8 +- drivers/leds/led-class.c | 6 +- drivers/md/dm-cache-target.c | 4 + drivers/md/dm-flakey.c | 30 +- drivers/md/dm-thin.c | 2 + drivers/md/dm.c | 2 +- drivers/media/i2c/imx219.c | 257 +++--- drivers/media/i2c/max9286.c | 1 + drivers/media/i2c/ov2740.c | 4 +- drivers/media/i2c/ov5675.c | 4 +- drivers/media/i2c/ov7670.c | 2 +- drivers/media/i2c/ov772x.c | 3 +- drivers/media/pci/intel/ipu3/ipu3-cio2.c | 3 + drivers/media/pci/saa7134/saa7134-core.c | 2 +- drivers/media/platform/omap3isp/isp.c | 9 + drivers/media/platform/ti-vpe/cal.c | 4 +- drivers/media/rc/ene_ir.c | 3 +- drivers/media/usb/siano/smsusb.c | 1 + drivers/media/usb/uvc/uvc_ctrl.c | 30 +- drivers/media/usb/uvc/uvc_driver.c | 66 +- drivers/media/usb/uvc/uvc_entity.c | 2 +- drivers/media/usb/uvc/uvc_status.c | 40 +- drivers/media/usb/uvc/uvc_video.c | 15 +- drivers/media/usb/uvc/uvcvideo.h | 6 +- drivers/mfd/arizona-core.c | 2 +- drivers/mfd/pcf50633-adc.c | 7 +- drivers/misc/mei/bus-fixup.c | 8 +- drivers/mtd/nand/raw/sunxi_nand.c | 2 +- drivers/mtd/spi-nor/core.c | 9 + drivers/mtd/spi-nor/core.h | 1 + drivers/mtd/spi-nor/sfdp.c | 4 +- drivers/mtd/ubi/build.c | 7 + drivers/mtd/ubi/fastmap-wl.c | 12 +- drivers/mtd/ubi/vmt.c | 18 +- drivers/mtd/ubi/wl.c | 25 +- drivers/net/can/usb/esd_usb2.c | 4 +- drivers/net/ethernet/broadcom/genet/bcmgenet.c | 8 + drivers/net/ethernet/broadcom/genet/bcmmii.c | 11 +- drivers/net/ethernet/intel/ice/ice_main.c | 17 +- .../ethernet/mellanox/mlx5/core/diag/fw_tracer.c | 2 +- .../net/ethernet/mellanox/mlx5/core/lib/geneve.c | 1 + .../net/ethernet/mellanox/mlx5/core/pagealloc.c | 3 +- drivers/net/ethernet/ti/am65-cpsw-nuss.c | 79 +- drivers/net/tap.c | 2 +- drivers/net/tun.c | 2 +- drivers/net/wireless/ath/ath11k/core.h | 1 - drivers/net/wireless/ath/ath11k/debugfs.c | 48 +- drivers/net/wireless/ath/ath11k/dp_rx.c | 1 + drivers/net/wireless/ath/ath9k/hif_usb.c | 62 +- drivers/net/wireless/ath/ath9k/htc.h | 32 +- drivers/net/wireless/ath/ath9k/htc_drv_init.c | 2 + drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 10 +- drivers/net/wireless/ath/ath9k/htc_hst.c | 4 +- drivers/net/wireless/ath/ath9k/wmi.c | 1 + .../wireless/broadcom/brcm80211/brcmfmac/common.c | 7 +- .../wireless/broadcom/brcm80211/brcmfmac/core.c | 1 + .../wireless/broadcom/brcm80211/brcmfmac/msgbuf.c | 5 +- drivers/net/wireless/intel/ipw2x00/ipw2200.c | 11 +- drivers/net/wireless/intel/iwlegacy/3945-mac.c | 16 +- drivers/net/wireless/intel/iwlegacy/4965-mac.c | 12 +- drivers/net/wireless/intel/iwlegacy/common.c | 4 +- drivers/net/wireless/intersil/orinoco/hw.c | 2 + drivers/net/wireless/marvell/libertas/cmdresp.c | 2 +- drivers/net/wireless/marvell/libertas/if_usb.c | 2 +- drivers/net/wireless/marvell/libertas/main.c | 3 +- drivers/net/wireless/marvell/libertas_tf/if_usb.c | 2 +- drivers/net/wireless/marvell/mwifiex/11n.c | 6 +- drivers/net/wireless/mediatek/mt76/dma.c | 13 +- drivers/net/wireless/mediatek/mt7601u/dma.c | 3 +- drivers/net/wireless/microchip/wilc1000/netdev.c | 1 + .../net/wireless/realtek/rtl8xxxu/rtl8xxxu_8192e.c | 5 + .../net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 19 +- .../net/wireless/realtek/rtlwifi/rtl8188ee/hw.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8723be/hw.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8821ae/hw.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8821ae/phy.c | 91 +- .../net/wireless/realtek/rtlwifi/rtl8821ae/table.c | 4 +- .../net/wireless/realtek/rtlwifi/rtl8821ae/table.h | 4 +- drivers/net/wireless/rsi/rsi_91x_coex.c | 1 + drivers/net/wireless/wl3501_cs.c | 2 +- drivers/nfc/st-nci/se.c | 6 + drivers/nfc/st21nfca/se.c | 6 + drivers/opp/debugfs.c | 2 +- drivers/pci/controller/pci-loongson.c | 71 +- drivers/pci/pci.c | 12 +- drivers/pci/pci.h | 43 +- drivers/pci/quirks.c | 23 + drivers/pci/setup-bus.c | 179 ++-- drivers/phy/rockchip/phy-rockchip-typec.c | 3 +- drivers/pinctrl/bcm/pinctrl-bcm2835.c | 2 - drivers/pinctrl/mediatek/pinctrl-paris.c | 4 +- drivers/pinctrl/pinctrl-at91-pio4.c | 4 +- drivers/pinctrl/pinctrl-at91.c | 2 +- drivers/pinctrl/pinctrl-ingenic.c | 3 + drivers/pinctrl/pinctrl-rockchip.c | 952 ++++++++------------- drivers/pinctrl/qcom/pinctrl-msm8976.c | 8 +- drivers/pinctrl/stm32/pinctrl-stm32.c | 1 + drivers/powercap/powercap_sys.c | 14 +- drivers/pwm/pwm-sifive.c | 16 +- drivers/pwm/pwm-stm32-lp.c | 2 +- drivers/regulator/max77802-regulator.c | 34 +- drivers/regulator/s5m8767.c | 6 +- drivers/remoteproc/mtk_scp_ipi.c | 11 +- drivers/remoteproc/qcom_q6v5_mss.c | 59 +- drivers/rpmsg/qcom_glink_native.c | 1 + drivers/rtc/rtc-pm8xxx.c | 24 +- drivers/rtc/rtc-sun6i.c | 16 +- drivers/s390/block/dasd.c | 4 +- drivers/s390/block/dasd_diag.c | 8 +- drivers/s390/block/dasd_eckd.c | 82 +- drivers/s390/block/dasd_fba.c | 8 +- drivers/s390/block/dasd_int.h | 2 +- drivers/scsi/aic94xx/aic94xx_task.c | 3 + drivers/scsi/ipr.c | 41 +- drivers/scsi/mpt3sas/mpt3sas_base.c | 23 +- drivers/scsi/qla2xxx/qla_nvme.c | 19 +- drivers/scsi/qla2xxx/qla_os.c | 9 +- drivers/scsi/ses.c | 64 +- drivers/soundwire/cadence_master.c | 43 +- drivers/soundwire/cadence_master.h | 13 +- drivers/spi/Kconfig | 1 - drivers/spi/spi-bcm63xx-hsspi.c | 19 +- drivers/spi/spi-synquacer.c | 7 +- drivers/staging/emxx_udc/emxx_udc.c | 7 +- drivers/thermal/hisi_thermal.c | 4 - drivers/thermal/intel/Kconfig | 3 +- drivers/thermal/intel/intel_powerclamp.c | 20 +- drivers/thermal/intel/intel_quark_dts_thermal.c | 12 +- drivers/thermal/intel/intel_soc_dts_iosf.c | 2 +- drivers/thermal/qcom/tsens-v1.c | 63 +- drivers/thermal/qcom/tsens.c | 6 + drivers/thermal/qcom/tsens.h | 2 +- drivers/tty/serial/fsl_lpuart.c | 24 +- drivers/tty/serial/sc16is7xx.c | 51 +- drivers/tty/tty_io.c | 8 +- drivers/tty/vt/vc_screen.c | 4 +- drivers/usb/gadget/function/uvc_configfs.c | 59 +- drivers/usb/host/xhci-mvebu.c | 2 +- drivers/usb/storage/ene_ub6250.c | 2 +- drivers/vdpa/mlx5/core/mr.c | 1 - drivers/vfio/vfio_iommu_type1.c | 41 +- drivers/watchdog/at91sam9_wdt.c | 7 +- drivers/watchdog/pcwd_usb.c | 6 +- drivers/watchdog/watchdog_dev.c | 2 +- fs/cifs/smb2ops.c | 13 +- fs/cifs/smbdirect.c | 4 +- fs/coda/upcall.c | 2 +- fs/exfat/dir.c | 7 +- fs/exfat/exfat_fs.h | 2 +- fs/exfat/file.c | 3 +- fs/exfat/inode.c | 6 +- fs/exfat/namei.c | 2 +- fs/exfat/super.c | 3 +- fs/ext4/xattr.c | 35 +- fs/f2fs/data.c | 6 +- fs/f2fs/inline.c | 28 +- fs/f2fs/super.c | 11 +- fs/f2fs/verity.c | 12 +- fs/gfs2/aops.c | 3 +- fs/gfs2/super.c | 8 +- fs/hfs/bnode.c | 1 + fs/hfsplus/super.c | 4 +- fs/jbd2/transaction.c | 50 +- fs/jfs/jfs_dmap.c | 3 +- fs/nfs/file.c | 15 +- fs/nfs/inode.c | 6 +- fs/nfs/nfs4_fs.h | 1 + fs/nfs/nfs4proc.c | 22 + fs/nfs/nfs4state.c | 40 +- fs/nfs/nfs4trace.h | 42 +- fs/nfsd/nfs4layouts.c | 4 +- fs/nfsd/nfs4proc.c | 2 + fs/ocfs2/move_extents.c | 34 +- fs/ubifs/budget.c | 9 +- fs/ubifs/dir.c | 9 +- fs/ubifs/file.c | 12 +- fs/ubifs/super.c | 17 +- fs/ubifs/tnc.c | 24 +- fs/ubifs/ubifs.h | 5 + fs/udf/file.c | 26 +- fs/udf/inode.c | 74 +- fs/udf/super.c | 1 + fs/udf/udf_i.h | 3 +- fs/udf/udf_sb.h | 2 + include/drm/drm_mipi_dsi.h | 4 + include/linux/bootconfig.h | 2 +- include/linux/ima.h | 6 +- include/linux/kernel.h | 2 + include/linux/kernel_stat.h | 2 +- include/linux/kprobes.h | 2 + include/linux/nfs_xdr.h | 2 + include/linux/pci.h | 1 + include/linux/pci_ids.h | 2 + include/linux/rcupdate.h | 11 +- include/linux/uaccess.h | 4 + include/net/sctp/structs.h | 1 + include/net/sock.h | 7 +- include/sound/soc-dapm.h | 1 + include/uapi/linux/usb/video.h | 30 + include/uapi/linux/uvcvideo.h | 2 +- io_uring/io_uring.c | 41 +- kernel/bpf/btf.c | 13 +- kernel/fail_function.c | 5 +- kernel/irq/irqdomain.c | 31 +- kernel/kprobes.c | 6 +- kernel/pid_namespace.c | 17 + kernel/power/energy_model.c | 5 +- kernel/rcu/tasks.h | 64 +- kernel/rcu/tree_exp.h | 2 + kernel/resource.c | 14 - kernel/sched/deadline.c | 5 +- kernel/sched/rt.c | 10 +- kernel/time/clocksource.c | 45 +- kernel/time/hrtimer.c | 2 + kernel/time/posix-stubs.c | 2 + kernel/time/posix-timers.c | 2 + kernel/trace/ring_buffer.c | 49 +- lib/errname.c | 22 +- lib/mpi/mpicoder.c | 3 +- mm/huge_memory.c | 3 + mm/memcontrol.c | 4 + net/9p/trans_rdma.c | 15 +- net/9p/trans_xen.c | 48 +- net/bluetooth/hci_sock.c | 11 +- net/bluetooth/l2cap_core.c | 24 - net/bluetooth/l2cap_sock.c | 8 + net/bridge/netfilter/ebtables.c | 2 +- net/core/dev.c | 4 +- net/core/sock.c | 15 +- net/ipv4/inet_connection_sock.c | 1 + net/ipv4/inet_hashtables.c | 12 +- net/ipv4/netfilter/ip_tables.c | 3 +- net/ipv4/tcp_minisocks.c | 7 +- net/ipv6/netfilter/ip6_tables.c | 3 +- net/ipv6/route.c | 11 +- net/l2tp/l2tp_ppp.c | 125 +-- net/mac80211/sta_info.c | 2 +- net/netfilter/nf_conntrack_netlink.c | 5 +- net/nfc/netlink.c | 4 + net/rds/message.c | 2 +- net/sched/Kconfig | 11 - net/sched/Makefile | 1 - net/sched/act_sample.c | 11 +- net/sched/cls_tcindex.c | 756 ---------------- net/sctp/stream_sched_prio.c | 52 +- net/sunrpc/clnt.c | 4 + net/tls/tls_sw.c | 26 +- net/wireless/nl80211.c | 2 +- net/wireless/sme.c | 31 +- scripts/package/mkdebian | 2 +- security/integrity/ima/ima_main.c | 7 +- security/security.c | 7 +- sound/pci/hda/patch_ca0132.c | 2 +- sound/pci/hda/patch_realtek.c | 1 + sound/pci/ice1712/aureon.c | 2 +- sound/soc/atmel/mchp-spdifrx.c | 344 +++++--- sound/soc/atmel/mchp-spdiftx.c | 2 +- sound/soc/atmel/tse850-pcm5142.c | 2 +- sound/soc/codecs/Kconfig | 2 +- sound/soc/codecs/adau7118.c | 19 +- sound/soc/codecs/tlv320adcx140.c | 2 +- sound/soc/fsl/fsl_sai.c | 1 + sound/soc/kirkwood/kirkwood-dma.c | 2 +- sound/soc/soc-compress.c | 2 +- tools/bpf/bpftool/prog.c | 38 +- tools/iio/iio_utils.c | 23 +- tools/lib/bpf/btf.c | 13 + tools/lib/bpf/nlattr.c | 2 +- tools/objtool/check.c | 5 + tools/perf/perf-completion.sh | 11 +- tools/perf/util/llvm-utils.c | 25 +- tools/testing/ktest/ktest.pl | 26 +- tools/testing/ktest/sample.conf | 5 + tools/testing/selftests/bpf/Makefile | 2 - .../selftests/drivers/net/netdevsim/devlink.sh | 18 + .../ftrace/test.d/ftrace/func_event_triggers.tc | 2 +- tools/testing/selftests/net/fib_tests.sh | 2 + tools/testing/selftests/net/udpgso_bench_rx.c | 6 +- virt/kvm/coalesced_mmio.c | 8 +- 470 files changed, 4823 insertions(+), 4538 deletions(-)

6 days, 3 hours

6
540
0 0

[PATCH v5 0/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> Changelog: v4: - Replace sg_init_table()/sg_set_buf() with sg_init_one() (suggested by Eric) v3: v2: - Add patch by Herbert to take only the needed bytes for a MPI from the scatterlist - Use only one scatterlist for signature and digest (suggested by Eric) - Rename key variable to buf (suggested by Eric) - Rename key_max_len variable to buf_len - Use size_t for the buf_len variable instead of u32 v1: - Unconditionally copy the signature and digest to the buffer to keep the code simple (suggested by Eric) Herbert Xu (1): lib/mpi: Fix buffer overrun when SG is too long Roberto Sassu (1): KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() crypto/asymmetric_keys/public_key.c | 38 ++++++++++++++++------------- lib/mpi/mpicoder.c | 3 ++- 2 files changed, 23 insertions(+), 18 deletions(-) -- 2.25.1

6 days, 11 hours

7
20
0 0

[PATCH v3 2/6] PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic

by Dexuan Cui

When the host tries to remove a PCI device, the host first sends a PCI_EJECT message to the guest, and the guest is supposed to gracefully remove the PCI device and send a PCI_EJECTION_COMPLETE message to the host; the host then sends a VMBus message CHANNELMSG_RESCIND_CHANNELOFFER to the guest (when the guest receives this message, the device is already unassigned from the guest) and the guest can do some final cleanup work; if the guest fails to respond to the PCI_EJECT message within one minute, the host sends the VMBus message CHANNELMSG_RESCIND_CHANNELOFFER and removes the PCI device forcibly. In the case of fast device addition/removal, it's possible that the PCI device driver is still configuring MSI-X interrupts when the guest receives the PCI_EJECT message; the channel callback calls hv_pci_eject_device(), which sets hpdev->state to hv_pcichild_ejecting, and schedules a work hv_eject_device_work(); if the PCI device driver is calling pci_alloc_irq_vectors() -> ... -> hv_compose_msi_msg(), we can break the while loop in hv_compose_msi_msg() due to the updated hpdev->state, and leave data->chip_data with its default value of NULL; later, when the PCI device driver calls request_irq() -> ... -> hv_irq_unmask(), the guest crashes in hv_arch_irq_unmask() due to data->chip_data being NULL. Fix the issue by not testing hpdev->state in the while loop: when the guest receives PCI_EJECT, the device is still assigned to the guest, and the guest has one minute to finish the device removal gracefully. We don't really need to (and we should not) test hpdev->state in the loop. Fixes: de0aa7b2f97d ("PCI: hv: Fix 2 hang issues in hv_compose_msi_msg()") Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Reviewed-by: Michael Kelley <mikelley(a)microsoft.com> Cc: stable(a)vger.kernel.org --- v2: Removed the "debug code". No change to the patch body. Added Cc:stable v3: Added Michael's Reviewed-by. drivers/pci/controller/pci-hyperv.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/drivers/pci/controller/pci-hyperv.c b/drivers/pci/controller/pci-hyperv.c index b82c7cde19e66..1b11cf7391933 100644 --- a/drivers/pci/controller/pci-hyperv.c +++ b/drivers/pci/controller/pci-hyperv.c @@ -643,6 +643,11 @@ static void hv_arch_irq_unmask(struct irq_data *data) pbus = pdev->bus; hbus = container_of(pbus->sysdata, struct hv_pcibus_device, sysdata); int_desc = data->chip_data; + if (!int_desc) { + dev_warn(&hbus->hdev->device, "%s() can not unmask irq %u\n", + __func__, data->irq); + return; + } spin_lock_irqsave(&hbus->retarget_msi_interrupt_lock, flags); @@ -1911,12 +1916,6 @@ static void hv_compose_msi_msg(struct irq_data *data, struct msi_msg *msg) hv_pci_onchannelcallback(hbus); spin_unlock_irqrestore(&channel->sched_lock, flags); - if (hpdev->state == hv_pcichild_ejecting) { - dev_err_once(&hbus->hdev->device, - "the device is being ejected\n"); - goto enable_tasklet; - } - udelay(100); } -- 2.25.1

1 week

2
1
0 0

[PATCH v3 5/6] PCI: hv: Add a per-bus mutex state_lock

by Dexuan Cui

In the case of fast device addition/removal, it's possible that hv_eject_device_work() can start to run before create_root_hv_pci_bus() starts to run; as a result, the pci_get_domain_bus_and_slot() in hv_eject_device_work() can return a 'pdev' of NULL, and hv_eject_device_work() can remove the 'hpdev', and immediately send a message PCI_EJECTION_COMPLETE to the host, and the host immediately unassigns the PCI device from the guest; meanwhile, create_root_hv_pci_bus() and the PCI device driver can be probing the dead PCI device and reporting timeout errors. Fix the issue by adding a per-bus mutex 'state_lock' and grabbing the mutex before powering on the PCI bus in hv_pci_enter_d0(): when hv_eject_device_work() starts to run, it's able to find the 'pdev' and call pci_stop_and_remove_bus_device(pdev): if the PCI device driver has loaded, the PCI device driver's probe() function is already called in create_root_hv_pci_bus() -> pci_bus_add_devices(), and now hv_eject_device_work() -> pci_stop_and_remove_bus_device() is able to call the PCI device driver's remove() function and remove the device reliably; if the PCI device driver hasn't loaded yet, the function call hv_eject_device_work() -> pci_stop_and_remove_bus_device() is able to remove the PCI device reliably and the PCI device driver's probe() function won't be called; if the PCI device driver's probe() is already running (e.g., systemd-udev is loading the PCI device driver), it must be holding the per-device lock, and after the probe() finishes and releases the lock, hv_eject_device_work() -> pci_stop_and_remove_bus_device() is able to proceed to remove the device reliably. Fixes: 4daace0d8ce8 ("PCI: hv: Add paravirtual PCI front-end for Microsoft Hyper-V VMs") Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Reviewed-by: Michael Kelley <mikelley(a)microsoft.com> Cc: stable(a)vger.kernel.org --- v2: Removed the "debug code". Fixed the "goto out" in hv_pci_resume() [Michael Kelley] Added Cc:stable v3: Added Michael's Reviewed-by. drivers/pci/controller/pci-hyperv.c | 29 ++++++++++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/drivers/pci/controller/pci-hyperv.c b/drivers/pci/controller/pci-hyperv.c index 48feab095a144..3ae2f99dea8c2 100644 --- a/drivers/pci/controller/pci-hyperv.c +++ b/drivers/pci/controller/pci-hyperv.c @@ -489,7 +489,10 @@ struct hv_pcibus_device { struct fwnode_handle *fwnode; /* Protocol version negotiated with the host */ enum pci_protocol_version_t protocol_version; + + struct mutex state_lock; enum hv_pcibus_state state; + struct hv_device *hdev; resource_size_t low_mmio_space; resource_size_t high_mmio_space; @@ -2512,6 +2515,8 @@ static void pci_devices_present_work(struct work_struct *work) if (!dr) return; + mutex_lock(&hbus->state_lock); + /* First, mark all existing children as reported missing. */ spin_lock_irqsave(&hbus->device_list_lock, flags); list_for_each_entry(hpdev, &hbus->children, list_entry) { @@ -2593,6 +2598,8 @@ static void pci_devices_present_work(struct work_struct *work) break; } + mutex_unlock(&hbus->state_lock); + kfree(dr); } @@ -2741,6 +2748,8 @@ static void hv_eject_device_work(struct work_struct *work) hpdev = container_of(work, struct hv_pci_dev, wrk); hbus = hpdev->hbus; + mutex_lock(&hbus->state_lock); + /* * Ejection can come before or after the PCI bus has been set up, so * attempt to find it and tear down the bus state, if it exists. This @@ -2777,6 +2786,8 @@ static void hv_eject_device_work(struct work_struct *work) put_pcichild(hpdev); put_pcichild(hpdev); /* hpdev has been freed. Do not use it any more. */ + + mutex_unlock(&hbus->state_lock); } /** @@ -3562,6 +3573,7 @@ static int hv_pci_probe(struct hv_device *hdev, return -ENOMEM; hbus->bridge = bridge; + mutex_init(&hbus->state_lock); hbus->state = hv_pcibus_init; hbus->wslot_res_allocated = -1; @@ -3670,9 +3682,11 @@ static int hv_pci_probe(struct hv_device *hdev, if (ret) goto free_irq_domain; + mutex_lock(&hbus->state_lock); + ret = hv_pci_enter_d0(hdev); if (ret) - goto free_irq_domain; + goto release_state_lock; ret = hv_pci_allocate_bridge_windows(hbus); if (ret) @@ -3690,12 +3704,15 @@ static int hv_pci_probe(struct hv_device *hdev, if (ret) goto free_windows; + mutex_unlock(&hbus->state_lock); return 0; free_windows: hv_pci_free_bridge_windows(hbus); exit_d0: (void) hv_pci_bus_exit(hdev, true); +release_state_lock: + mutex_unlock(&hbus->state_lock); free_irq_domain: irq_domain_remove(hbus->irq_domain); free_fwnode: @@ -3945,20 +3962,26 @@ static int hv_pci_resume(struct hv_device *hdev) if (ret) goto out; + mutex_lock(&hbus->state_lock); + ret = hv_pci_enter_d0(hdev); if (ret) - goto out; + goto release_state_lock; ret = hv_send_resources_allocated(hdev); if (ret) - goto out; + goto release_state_lock; prepopulate_bars(hbus); hv_pci_restore_msi_state(hbus); hbus->state = hv_pcibus_installed; + mutex_unlock(&hbus->state_lock); return 0; + +release_state_lock: + mutex_unlock(&hbus->state_lock); out: vmbus_close(hdev->channel); return ret; -- 2.25.1

1 week

2
1
0 0

[PATCH v3 4/6] Revert "PCI: hv: Fix a timing issue which causes kdump to fail occasionally"

by Dexuan Cui

This reverts commit d6af2ed29c7c1c311b96dac989dcb991e90ee195. The statement "the hv_pci_bus_exit() call releases structures of all its child devices" in commit d6af2ed29c7c is not true: in the path hv_pci_probe() -> hv_pci_enter_d0() -> hv_pci_bus_exit(hdev, true): the parameter "keep_devs" is true, so hv_pci_bus_exit() does *not* release the child "struct hv_pci_dev *hpdev" that is created earlier in pci_devices_present_work() -> new_pcichild_device(). The commit d6af2ed29c7c was originally made in July 2020 for RHEL 7.7, where the old version of hv_pci_bus_exit() was used; when the commit was rebased and merged into the upstream, people didn't notice that it's not really necessary. The commit itself doesn't cause any issue, but it makes hv_pci_probe() more complicated. Revert it to facilitate some upcoming changes to hv_pci_probe(). Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Reviewed-by: Michael Kelley <mikelley(a)microsoft.com> Acked-by: Wei Hu <weh(a)microsoft.com> Cc: stable(a)vger.kernel.org --- v2: No change to the patch body. Added Wei Hu's Acked-by. Added Cc:stable v3: Added Michael's Reviewed-by. drivers/pci/controller/pci-hyperv.c | 71 ++++++++++++++--------------- 1 file changed, 34 insertions(+), 37 deletions(-) diff --git a/drivers/pci/controller/pci-hyperv.c b/drivers/pci/controller/pci-hyperv.c index 46df6d093d683..48feab095a144 100644 --- a/drivers/pci/controller/pci-hyperv.c +++ b/drivers/pci/controller/pci-hyperv.c @@ -3225,8 +3225,10 @@ static int hv_pci_enter_d0(struct hv_device *hdev) struct pci_bus_d0_entry *d0_entry; struct hv_pci_compl comp_pkt; struct pci_packet *pkt; + bool retry = true; int ret; +enter_d0_retry: /* * Tell the host that the bus is ready to use, and moved into the * powered-on state. This includes telling the host which region @@ -3253,6 +3255,38 @@ static int hv_pci_enter_d0(struct hv_device *hdev) if (ret) goto exit; + /* + * In certain case (Kdump) the pci device of interest was + * not cleanly shut down and resource is still held on host + * side, the host could return invalid device status. + * We need to explicitly request host to release the resource + * and try to enter D0 again. + */ + if (comp_pkt.completion_status < 0 && retry) { + retry = false; + + dev_err(&hdev->device, "Retrying D0 Entry\n"); + + /* + * Hv_pci_bus_exit() calls hv_send_resource_released() + * to free up resources of its child devices. + * In the kdump kernel we need to set the + * wslot_res_allocated to 255 so it scans all child + * devices to release resources allocated in the + * normal kernel before panic happened. + */ + hbus->wslot_res_allocated = 255; + + ret = hv_pci_bus_exit(hdev, true); + + if (ret == 0) { + kfree(pkt); + goto enter_d0_retry; + } + dev_err(&hdev->device, + "Retrying D0 failed with ret %d\n", ret); + } + if (comp_pkt.completion_status < 0) { dev_err(&hdev->device, "PCI Pass-through VSP failed D0 Entry with status %x\n", @@ -3493,7 +3527,6 @@ static int hv_pci_probe(struct hv_device *hdev, struct hv_pcibus_device *hbus; u16 dom_req, dom; char *name; - bool enter_d0_retry = true; int ret; /* @@ -3633,47 +3666,11 @@ static int hv_pci_probe(struct hv_device *hdev, if (ret) goto free_fwnode; -retry: ret = hv_pci_query_relations(hdev); if (ret) goto free_irq_domain; ret = hv_pci_enter_d0(hdev); - /* - * In certain case (Kdump) the pci device of interest was - * not cleanly shut down and resource is still held on host - * side, the host could return invalid device status. - * We need to explicitly request host to release the resource - * and try to enter D0 again. - * Since the hv_pci_bus_exit() call releases structures - * of all its child devices, we need to start the retry from - * hv_pci_query_relations() call, requesting host to send - * the synchronous child device relations message before this - * information is needed in hv_send_resources_allocated() - * call later. - */ - if (ret == -EPROTO && enter_d0_retry) { - enter_d0_retry = false; - - dev_err(&hdev->device, "Retrying D0 Entry\n"); - - /* - * Hv_pci_bus_exit() calls hv_send_resources_released() - * to free up resources of its child devices. - * In the kdump kernel we need to set the - * wslot_res_allocated to 255 so it scans all child - * devices to release resources allocated in the - * normal kernel before panic happened. - */ - hbus->wslot_res_allocated = 255; - ret = hv_pci_bus_exit(hdev, true); - - if (ret == 0) - goto retry; - - dev_err(&hdev->device, - "Retrying D0 failed with ret %d\n", ret); - } if (ret) goto free_irq_domain; -- 2.25.1

1 week

2
1
0 0

[PATCH v3 3/6] PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev

by Dexuan Cui

The hpdev->state is never really useful. The only use in hv_pci_eject_device() and hv_eject_device_work() is not really necessary. Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Reviewed-by: Michael Kelley <mikelley(a)microsoft.com> Cc: stable(a)vger.kernel.org --- v2: No change to the patch body. Added Cc:stable v3: Added Michael's Reviewed-by. drivers/pci/controller/pci-hyperv.c | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/drivers/pci/controller/pci-hyperv.c b/drivers/pci/controller/pci-hyperv.c index 1b11cf7391933..46df6d093d683 100644 --- a/drivers/pci/controller/pci-hyperv.c +++ b/drivers/pci/controller/pci-hyperv.c @@ -553,19 +553,10 @@ struct hv_dr_state { struct hv_pcidev_description func[]; }; -enum hv_pcichild_state { - hv_pcichild_init = 0, - hv_pcichild_requirements, - hv_pcichild_resourced, - hv_pcichild_ejecting, - hv_pcichild_maximum -}; - struct hv_pci_dev { /* List protected by pci_rescan_remove_lock */ struct list_head list_entry; refcount_t refs; - enum hv_pcichild_state state; struct pci_slot *pci_slot; struct hv_pcidev_description desc; bool reported_missing; @@ -2750,8 +2741,6 @@ static void hv_eject_device_work(struct work_struct *work) hpdev = container_of(work, struct hv_pci_dev, wrk); hbus = hpdev->hbus; - WARN_ON(hpdev->state != hv_pcichild_ejecting); - /* * Ejection can come before or after the PCI bus has been set up, so * attempt to find it and tear down the bus state, if it exists. This @@ -2808,7 +2797,6 @@ static void hv_pci_eject_device(struct hv_pci_dev *hpdev) return; } - hpdev->state = hv_pcichild_ejecting; get_pcichild(hpdev); INIT_WORK(&hpdev->wrk, hv_eject_device_work); queue_work(hbus->wq, &hpdev->wrk); -- 2.25.1

1 week

2
1
0 0

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror April 2023