March 2024 - Linux-stable-mirror

by Greg Kroah-Hartman

I'm announcing the release of the 5.15.150 kernel. All users of the 5.15 kernel series must upgrade. The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-platform-asus-wmi | 9 Makefile | 2 arch/arm/boot/dts/bcm47189-luxul-xap-1440.dts | 1 arch/arm/boot/dts/bcm47189-luxul-xap-810.dts | 2 arch/arm/boot/dts/bcm53573.dtsi | 20 arch/arm/mach-ep93xx/core.c | 1 arch/arm64/boot/dts/rockchip/px30.dtsi | 2 arch/arm64/boot/dts/rockchip/rk3399-rock-pi-4.dtsi | 79 arch/arm64/include/asm/exception.h | 5 arch/arm64/kvm/vgic/vgic-its.c | 5 arch/arm64/mm/mmu.c | 4 arch/mips/include/asm/vpe.h | 1 arch/mips/kernel/smp-cps.c | 8 arch/mips/kernel/traps.c | 8 arch/mips/kernel/vpe-mt.c | 7 arch/mips/lantiq/prom.c | 6 arch/powerpc/kernel/eeh_driver.c | 71 arch/powerpc/kernel/rtas.c | 24 arch/powerpc/perf/hv-24x7.c | 42 arch/powerpc/platforms/powernv/pci-ioda.c | 3 arch/powerpc/platforms/pseries/lpar.c | 20 arch/powerpc/platforms/pseries/lparcfg.c | 20 arch/riscv/include/asm/parse_asm.h | 2 arch/s390/pci/pci.c | 2 arch/x86/include/asm/nospec-branch.h | 2 arch/x86/include/asm/text-patching.h | 30 arch/x86/kernel/alternative.c | 13 arch/x86/kernel/fpu/signal.c | 12 arch/x86/kernel/ftrace.c | 4 arch/x86/kernel/paravirt.c | 23 arch/x86/kernel/static_call.c | 2 arch/x86/net/bpf_jit_comp.c | 2 drivers/acpi/button.c | 9 drivers/acpi/property.c | 4 drivers/acpi/resource.c | 35 drivers/acpi/video_detect.c | 34 drivers/ata/ahci.c | 34 drivers/ata/ahci.h | 6 drivers/ata/ahci_ceva.c | 125 - drivers/ata/ahci_da850.c | 47 drivers/ata/ahci_dm816.c | 4 drivers/ata/libahci_platform.c | 133 - drivers/block/nbd.c | 3 drivers/block/virtio_blk.c | 7 drivers/clk/clk.c | 11 drivers/clk/imx/clk-imx8mp.c | 23 drivers/clk/imx/clk.c | 3 drivers/clk/qcom/gcc-qcs404.c | 24 drivers/clk/qcom/gpucc-sc7180.c | 7 drivers/clk/qcom/gpucc-sdm845.c | 7 drivers/clk/renesas/renesas-cpg-mssr.c | 8 drivers/dma/fsl-qdma.c | 2 drivers/dma/sh/shdma.h | 2 drivers/dma/ti/edma.c | 10 drivers/firewire/core-card.c | 18 drivers/firmware/efi/arm-runtime.c | 2 drivers/firmware/efi/efi-init.c | 19 drivers/firmware/efi/riscv-runtime.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 8 drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 2 drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 8 drivers/gpu/drm/amd/amdgpu/soc15.c | 22 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 1 drivers/gpu/drm/drm_syncobj.c | 6 drivers/gpu/drm/i915/display/intel_display_debugfs.c | 4 drivers/gpu/drm/i915/i915_reg.h | 3 drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadow.c | 8 drivers/gpu/drm/nouveau/nvkm/subdev/instmem/nv50.c | 2 drivers/gpu/drm/ttm/ttm_pool.c | 2 drivers/hwmon/coretemp.c | 2 drivers/i2c/busses/i2c-imx.c | 97 - drivers/infiniband/hw/bnxt_re/ib_verbs.c | 5 drivers/infiniband/hw/hfi1/pio.c | 6 drivers/infiniband/hw/hfi1/sdma.c | 2 drivers/infiniband/hw/irdma/defs.h | 1 drivers/infiniband/hw/irdma/hw.c | 8 drivers/infiniband/hw/irdma/verbs.c | 9 drivers/infiniband/hw/qedr/verbs.c | 11 drivers/infiniband/sw/siw/siw_cm.c | 1 drivers/infiniband/sw/siw/siw_verbs.c | 2 drivers/infiniband/ulp/srpt/ib_srpt.c | 17 drivers/input/joystick/xpad.c | 2 drivers/input/misc/iqs269a.c | 335 +-- drivers/input/serio/i8042-acpipnpio.h | 8 drivers/input/touchscreen/ads7846.c | 23 drivers/md/dm-crypt.c | 6 drivers/md/md.c | 14 drivers/md/raid10.c | 2 drivers/mmc/host/jz4740_mmc.c | 10 drivers/mmc/host/mxcmmc.c | 6 drivers/mtd/nand/raw/sunxi_nand.c | 2 drivers/net/ethernet/intel/igb/igb_main.c | 5 drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c | 4 drivers/net/ethernet/realtek/r8169_main.c | 14 drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 20 drivers/net/ethernet/ti/am65-cpsw-nuss.c | 29 drivers/net/gtp.c | 10 drivers/net/wireless/ath/ath11k/mac.c | 2 drivers/net/wireless/intel/iwlwifi/mvm/sta.c | 2 drivers/nvme/host/fc.c | 47 drivers/nvme/target/fc.c | 131 - drivers/nvme/target/fcloop.c | 6 drivers/nvme/target/tcp.c | 1 drivers/pci/controller/dwc/pcie-designware-ep.c | 3 drivers/pci/msi.c | 2 drivers/platform/x86/intel/vbtn.c | 3 drivers/platform/x86/touchscreen_dmi.c | 39 drivers/regulator/pwm-regulator.c | 3 drivers/scsi/Kconfig | 2 drivers/scsi/lpfc/lpfc_scsi.c | 12 drivers/soc/mediatek/mtk-pm-domains.c | 15 drivers/soc/renesas/r8a77980-sysc.c | 3 drivers/spi/spi-hisi-sfc-v3xx.c | 5 drivers/spi/spi-sh-msiof.c | 16 drivers/target/target_core_device.c | 5 drivers/target/target_core_transport.c | 4 drivers/tty/serial/8250/8250_port.c | 18 drivers/tty/serial/amba-pl011.c | 60 drivers/usb/cdns3/cdns3-gadget.c | 8 drivers/usb/cdns3/core.c | 1 drivers/usb/cdns3/drd.c | 13 drivers/usb/cdns3/drd.h | 6 drivers/usb/cdns3/host.c | 16 drivers/usb/dwc3/gadget.c | 5 drivers/usb/gadget/function/f_ncm.c | 10 drivers/usb/host/xhci-hub.c | 228 +- drivers/usb/host/xhci-mem.c | 10 drivers/usb/host/xhci-ring.c | 13 drivers/usb/host/xhci.h | 9 drivers/usb/roles/class.c | 29 drivers/vdpa/mlx5/core/mr.c | 1 drivers/video/fbdev/savage/savagefb_driver.c | 3 drivers/video/fbdev/sis/sis_main.c | 2 fs/afs/volume.c | 4 fs/aio.c | 9 fs/btrfs/disk-io.c | 3 fs/cifs/connect.c | 19 fs/cifs/smb2file.c | 1 fs/cifs/smb2ops.c | 54 fs/cifs/smb2pdu.c | 113 - fs/cifs/smb2proto.h | 16 fs/erofs/decompressor.c | 34 fs/exfat/dir.c | 15 fs/exfat/exfat_fs.h | 5 fs/ext4/extents.c | 111 - fs/ext4/mballoc.c | 70 fs/f2fs/gc.c | 41 fs/ksmbd/smb2pdu.c | 8 fs/ntfs3/attrib.c | 20 fs/ntfs3/attrlist.c | 8 fs/ntfs3/dir.c | 40 fs/ntfs3/file.c | 2 fs/ntfs3/fslog.c | 14 fs/ntfs3/fsntfs.c | 24 fs/ntfs3/inode.c | 2 fs/ntfs3/ntfs.h | 4 fs/ntfs3/ntfs_fs.h | 14 fs/ntfs3/record.c | 16 fs/ntfs3/xattr.c | 3 fs/zonefs/super.c | 68 include/dt-bindings/clock/imx8mp-clock.h | 10 include/linux/ahci_platform.h | 5 include/linux/bpf.h | 14 include/linux/clk-provider.h | 15 include/linux/fs.h | 2 include/linux/pm.h | 80 include/linux/sched.h | 4 include/linux/sched/signal.h | 2 include/linux/socket.h | 5 include/net/netfilter/nf_flow_table.h | 4 include/net/tcp.h | 2 kernel/bpf/bpf_lru_list.c | 21 kernel/bpf/bpf_lru_list.h | 7 kernel/bpf/helpers.c | 76 kernel/bpf/verifier.c | 3 kernel/sched/fair.c | 2 kernel/sched/rt.c | 10 kernel/sysctl.c | 4 kernel/time/posix-timers.c | 31 kernel/trace/bpf_trace.c | 39 lib/debugobjects.c | 9 mm/userfaultfd.c | 14 net/core/dev.c | 2 net/core/dev_ioctl.c | 2 net/core/devlink.c | 5 net/ipv4/arp.c | 3 net/ipv4/devinet.c | 21 net/ipv6/addrconf.c | 21 net/ipv6/seg6.c | 20 net/l2tp/l2tp_ip6.c | 2 net/mac80211/mlme.c | 1 net/mac80211/sta_info.c | 2 net/mac80211/tx.c | 2 net/mptcp/diag.c | 6 net/netfilter/nf_conntrack_proto_sctp.c | 2 net/netfilter/nf_flow_table_core.c | 41 net/netfilter/nf_tables_api.c | 3 net/netfilter/nft_flow_offload.c | 12 net/packet/af_packet.c | 12 net/sched/Kconfig | 42 net/sched/Makefile | 3 net/sched/sch_api.c | 20 net/sched/sch_atm.c | 710 ------- net/sched/sch_cbq.c | 1817 ------------------- net/sched/sch_dsmark.c | 522 ----- net/tls/tls_main.c | 2 net/tls/tls_sw.c | 12 net/wireless/nl80211.c | 1 net/wireless/wext-core.c | 6 scripts/bpf_doc.py | 2 sound/soc/sunxi/sun4i-spdif.c | 5 sound/usb/clock.c | 10 sound/usb/format.c | 20 tools/include/uapi/linux/fscrypt.h | 3 tools/perf/trace/beauty/include/linux/socket.h | 2 tools/testing/selftests/net/vrf-xfrm-tests.sh | 32 tools/virtio/linux/kernel.h | 2 tools/virtio/linux/vringh.h | 1 219 files changed, 2291 insertions(+), 4618 deletions(-) Alex Bee (2): arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 Alexander Tsoy (2): ALSA: usb-audio: Check presence of valid altsetting control ALSA: usb-audio: Ignore clock selector errors for single connection Alexey Khoroshilov (1): clk: renesas: cpg-mssr: Fix use after free if cpg_mssr_common_init() failed Andrei Vagin (1): x86/fpu: Stop relying on userspace for info to fault in xsave buffer Andrew Bresticker (2): efi: runtime: Fix potential overflow of soft-reserved region size efi: Don't add memblocks for soft-reserved memory Armin Wolf (1): drm/amd/display: Fix memory leak in dm_sw_fini() Arnaldo Carvalho de Melo (2): tools headers UAPI: Sync linux/fscrypt.h with the kernel sources perf beauty: Update copy of linux/socket.h with the kernel sources Arnd Bergmann (2): RDMA/srpt: fix function pointer cast warnings nouveau: fix function cast warnings Baokun Li (5): ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() ext4: regenerate buddy after block freeing failed if under fc replay ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks() Bart Van Assche (2): RDMA/srpt: Support specifying the srpt_service_guid parameter fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio Borislav Petkov (AMD) (2): Revert "x86/ftrace: Use alternative RET encoding" Revert "x86/alternative: Make custom return thunk unconditional" Brenton Simpson (1): Input: xpad - add Lenovo Legion Go controllers Byungki Lee (1): f2fs: write checkpoint during FG_GC Chao Yu (1): f2fs: don't set GC_FAILURE_PIN for background GC Chen-Yu Tsai (2): ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616 clk: Honor CLK_OPS_PARENT_ENABLE in clk_core_is_enabled() Chuansheng Liu (1): drm/i915/dg1: Update DMC_DEBUG3 register Conrad Kostecki (1): ahci: asm1166: correct count of reported ports Corey Minyard (2): i2c: imx: Add timer for handling the stop condition i2c: imx: when being a target, mark the last read as processed Cyril Hrubis (3): sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset sched/rt: Fix sysctl_sched_rr_timeslice intial value sched/rt: Disallow writing invalid values to sched_rt_period_us Damien Le Moal (1): zonefs: Improve error handling Dan Carpenter (1): PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() Daniel Axtens (1): powerpc/eeh: Small refactor of eeh_handle_normal_event() Daniel Vacek (1): IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Daniel Wagner (8): nvme-fc: do not wait in vain when unloading module nvmet-fcloop: swap the list_add_tail arguments nvmet-fc: release reference on target port nvmet-fc: defer cleanup using RCU properly nvmet-fc: hold reference on hostport match nvmet-fc: abort command when there is no binding nvmet-fc: avoid deadlock on delete association path nvmet-fc: take ref count on tgtport before delete assoc Daniil Dulov (1): afs: Increase buffer size in afs_update_volume_status() Dave Marchevsky (1): bpf: Merge printk and seq_printf VARARG max macros David Sterba (1): btrfs: add xxhash to fast checksum implementations Devyn Liu (1): spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected Dmitry Baryshkov (4): clk: qcom: gcc-qcs404: disable gpll[04]_out_aux parents clk: qcom: gcc-qcs404: fix names of the DSI clocks used as parents clk: qcom: gpucc-sc7180: fix clk_dis_wait being programmed for CX GDSC clk: qcom: gpucc-sdm845: fix clk_dis_wait being programmed for CX GDSC Dmitry Bogdanov (1): scsi: target: core: Add TMF to tmr_list handling Edward Adam Davis (1): fs/ntfs3: Fix oob in ntfs_listxattr Eli Cohen (1): vdpa/mlx5: Don't clear mr struct on destroy MR Enzo Matsumiya (1): cifs: remove useless parameter 'is_fsctl' from SMB2_ioctl() Eric Dumazet (2): ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid Erik Kurzinger (1): drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is set Eugen Hristev (1): pmdomain: mediatek: fix race conditions with genpd FUKAUMI Naoki (1): arm64: dts: rockchip: fix regulator name on rk3399-rock-4 Fedor Pchelkin (1): ksmbd: free aux buffer if ksmbd_iov_pin_rsp_read fails Felix Fietkau (1): wifi: mac80211: fix race condition on enabling fast-xmit Florian Westphal (4): netfilter: nf_tables: add rescheduling points during loop detection walks netfilter: nf_tables: set dormant flag on hook register failure netfilter: nf_tables: fix scheduling-while-atomic splat netfilter: nf_tables: can't schedule in nft_chain_validate Frank Li (2): usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() usb: cdns3: fix memory double free when handle zero packet Frederic Barrat (1): powerpc/powernv/ioda: Skip unallocated resources when mapping to PE Fullway Wang (2): fbdev: savage: Error out if pixclock equals zero fbdev: sis: Error out if pixclock equals zero Ganesh Goudar (1): powerpc/eeh: Set channel state after notifying the drivers Gao Xiang (1): erofs: fix lz4 inplace decompression Geert Uytterhoeven (2): pmdomain: renesas: r8a77980-sysc: CR7 must be always on clk: renesas: cpg-mssr: Remove superfluous check in resume code Gianmarco Lusvardi (1): bpf, scripts: Correct GPL license name Greg Kroah-Hartman (1): Linux 5.15.150 Guixin Liu (1): nvmet-tcp: fix nvme tcp ida memory leak Guo Zhengkui (1): drm/nouveau/instmem: fix uninitialized_var.cocci warning Guoqing Jiang (2): RDMA/siw: Balance the reference of cep->kref in the error path RDMA/siw: Correct wrong debug message Gustavo A. R. Silva (1): wifi: wext-core: Fix -Wstringop-overflow warning in ioctl_standard_iw_point() Hannes Reinecke (1): scsi: lpfc: Use unsigned type for num_sge Hans de Goede (7): platform/x86: intel-vbtn: Stop calling "VBDL" from notify_handler platform/x86: touchscreen_dmi: Allow partial (prefix) matches for ACPI names ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3 ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e (3371 AMD version) ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1 and iMac12,2 ACPI: resource: Add Asus ExpertBook B2502 to Asus quirks Heiko Stuebner (2): RISC-V: fix funct4 definition for c.jalr in parse_asm.h arm64: dts: rockchip: set num-cs property for spi on px30 Heiner Kallweit (1): r8169: use new PM macros Huang Pei (1): MIPS: reserve exception vector space ONLY ONCE Hui Su (1): kernel/sched: Remove dl_boosted flag comment Ilpo Järvinen (1): serial: 8250: Remove serial_rs485 sanitization from em485 Ism Hong (1): fs/ntfs3: use non-movable memory for ntfs3 MFT buffer cache Jakub Kicinski (2): tls: rx: jump to a more appropriate label tls: rx: drop pointless else after goto Jamal Hadi Salim (3): net/sched: Retire CBQ qdisc net/sched: Retire ATM qdisc net/sched: Retire dsmark qdisc Jason Gunthorpe (1): s390: use the correct count for __iowrite64_copy() Jeff LaBundy (5): Input: iqs269a - drop unused device node references Input: iqs269a - configure device with a single block write Input: iqs269a - increase interrupt handler return delay Input: iqs269a - do not poll during suspend or resume Input: iqs269a - do not poll during ATI Jiri Olsa (3): bpf: Add struct for bin_args arg in bpf_bprintf_prepare bpf: Do cleanup in bpf_bprintf_cleanup only when needed bpf: Remove trace_printk_lock Johannes Berg (2): wifi: mac80211: adding missing drv_mgd_complete_tx() call wifi: iwlwifi: mvm: avoid baid size integer overflow Jonathan Cameron (1): Input: iqs269a - switch to DEFINE_SIMPLE_DEV_PM_OPS() and pm_sleep_ptr() Kalesh AP (1): RDMA/bnxt_re: Return error for SRQ resize Kamal Heib (1): RDMA/qedr: Fix qedr_create_user_qp error flow Kees Cook (1): net: dev: Convert sa_data to flexible array in struct sockaddr Kellen Renshaw (1): ACPI: resource: Add ASUS model S5402ZA to quirks Konstantin Komarov (10): fs/ntfs3: Modified fix directory element type detection fs/ntfs3: Improve ntfs_dir_count fs/ntfs3: Correct hard links updating when dealing with DOS names fs/ntfs3: Print warning while fixing hard links count fs/ntfs3: Fix detected field-spanning write (size 8) of single field "le->name" fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame() fs/ntfs3: Disable ATTR_LIST_ENTRY size check fs/ntfs3: Prevent generic message "attempt to access beyond end of device" fs/ntfs3: Correct function is_rst_area_valid fs/ntfs3: Update inode->i_size after success write into compressed file Krishna Kurapati (1): usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs Kuniyuki Iwashima (1): arp: Prevent overflow in arp_req_get(). Kunwu Chan (1): dmaengine: ti: edma: Add some null pointer checks to the edma_probe Lennert Buytenhek (1): ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers Li Jun (2): clk: imx: imx8mp: add shared clk gate for usb suspend clk dt-bindings: clocks: imx8mp: Add ID for usb suspend clock Lino Sanfilippo (1): serial: amba-pl011: Fix DMA transmission in RS485 mode Lokesh Gidra (1): userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb Luca Ellero (3): Input: ads7846 - don't report pressure for ads7845 Input: ads7846 - always set last command to PWRDOWN Input: ads7846 - don't check penirq immediately for 7845 Lucas Stach (1): clk: imx8mp: add clkout1/2 support Luke D. Jones (1): platform/x86: asus-wmi: Document the dgpu_disable sysfs attribute Magali Lemes (1): selftests: net: vrf-xfrm-tests: change authentication and encryption algos Marek Vasut (1): clk: imx8mp: Add DISP2 pixel clock Mark Rutland (1): arm64: mm: fix VA-range sanity check Martin Blumenstingl (1): regulator: pwm-regulator: Add validity checks in continuous .get_voltage Martin KaFai Lau (2): bpf: Address KCSAN report on bpf_lru_list bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel Mathias Nyman (6): xhci: cleanup xhci_hub_control port references xhci: move port specific items such as state completions to port structure xhci: rename resume_done to resume_timestamp xhci: clear usb2 resume related variables in one place. xhci: decouple usb2 port resume and get_port_status request handling xhci: track port suspend state correctly in unsuccessful resume cases Maxime Bizon (1): wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Michal Kazior (1): wifi: cfg80211: fix missing interfaces when dumping Mike Marciniszyn (1): RDMA/irdma: Fix KASAN issue with tasklet Mikulas Patocka (1): dm-crypt: don't modify the data when using authenticated encryption Mustafa Ismail (2): RDMA/irdma: Set the CQ read threshold for GEN 1 RDMA/irdma: Add AE for too many RNRS Nathan Lynch (5): powerpc/pseries/lparcfg: add missing RTAS retry status handling powerpc/perf/hv-24x7: add missing RTAS retry status handling powerpc/pseries/lpar: add missing RTAS retry status handling powerpc/rtas: make all exports GPL powerpc/rtas: ensure 4KB alignment for rtas_data_buf Nikita Shubin (1): ARM: ep93xx: Add terminator to gpiod_lookup_table Oliver Upton (2): KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() Pablo Neira Ayuso (3): netfilter: flowtable: simplify route logic netfilter: nft_flow_offload: reset dst in route object after setting up flow netfilter: nft_flow_offload: release dst in case direct xmit path is used Paolo Abeni (1): mptcp: fix lockless access in subflow ULP diag Paul Cercueil (5): PM: core: Redefine pm_ptr() macro PM: core: Add new *_PM_OPS macros, deprecate old ones mmc: jz4740: Use the new PM macros mmc: mxc: Use the new PM macros PM: core: Remove static qualifier in DEFINE_SIMPLE_DEV_PM_OPS macro Paul Menzel (1): ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CBA Paulo Alcantara (3): smb: client: fix OOB in receive_encrypted_standard() smb: client: fix potential OOBs in smb2_parse_contexts() smb: client: fix parsing of SMB3.1.1 POSIX create context Pavel Sakharov (1): net: stmmac: Fix incorrect dereference in interrupt handlers Pawel Laszczak (2): usb: cdnsp: blocked some cdns3 specific code usb: cdnsp: fixed issue with incorrect detecting CDNSP family controllers Peilin Ye (1): net/sched: Refactor qdisc_graft() for ingress and clsact Qdiscs Peng Fan (1): clk: imx: avoid memory leak Peter Zijlstra (5): x86/text-patching: Make text_gen_insn() play nice with ANNOTATE_NOENDBR x86/ibt,paravirt: Use text_gen_insn() for paravirt_patch() x86/ftrace: Use alternative RET encoding x86/returnthunk: Allow different return thunks x86/alternative: Make custom return thunk unconditional Petr Oros (1): devlink: report devlink_port_type_warn source device Phoenix Chen (1): platform/x86: touchscreen_dmi: Add info for the TECLAST X16 Plus tablet Prike Liang (2): drm/amdgpu: skip to program GFXDEC registers for suspend abort drm/amdgpu: reset gpu for s3 suspend abort case Radhey Shyam Pandey (1): ata: ahci_ceva: fix error handling for Xilinx GT PHY support Rafał Miłecki (3): ARM: dts: BCM53573: Drop nonexistent #usb-cells ARM: dts: BCM53573: Drop nonexistent "default-off" LED trigger ARM: dts: BCM53573: Describe on-SoC BCM53125 rev 4 switch Randy Dunlap (4): MIPS: SMP-CPS: fix build error when HOTPLUG_CPU not set MIPS: vpe-mt: drop physical_memsize clk: linux/clk-provider.h: fix kernel-doc warnings and typos scsi: jazz_esp: Only build if SCSI core is builtin Sabrina Dubroca (1): tls: stop recv() if initial process_rx_list gave us non-DATA Sakari Ailus (1): acpi: property: Let args be NULL in __acpi_node_get_property_reference Samuel Holland (1): mtd: rawnand: sunxi: Fix the size of the last OOB region Serge Semin (2): ata: libahci_platform: Convert to using devm bulk clocks API ata: libahci_platform: Introduce reset assertion/deassertion methods Shiraz Saleem (1): RDMA/irdma: Validate max_send_wr and max_recv_wr Shyam Prasad N (2): cifs: add a warning when the in-flight count goes negative cifs: fix mid leak during reconnection after timeout threshold Stefano Garzarella (1): tools/virtio: fix build Subbaraya Sundeep (1): octeontx2-af: Consider the action set by PF Szilard Fabian (1): Input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table Takashi Sakamoto (1): firewire: core: send bus reset promptly on gap count error Tamim Khan (2): ACPI: resource: Skip IRQ override on Asus Vivobook S5602ZA ACPI: resource: Skip IRQ override on Asus Expertbook B2402CBA Tetsuo Handa (1): debugobjects: Recheck debug_objects_enabled before reporting Thinh Nguyen (1): usb: dwc3: gadget: Don't disconnect if not started Thomas Gleixner (1): posix-timers: Ensure timer ID search-loop limit is valid Thomas Hellström (1): drm/ttm: Fix an invalid freeing on already freed page in error path Tom Parkin (1): l2tp: pass correct message length to ip6_append_data Vasiliy Kovalev (2): gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() ipv6: sr: fix possible use-after-free and null-ptr-deref Vidya Sagar (1): PCI/MSI: Prevent MSI hardware interrupt number truncation Vinod Koul (2): dmaengine: shdma: increase size of 'dev_id' dmaengine: fsl-qdma: increase size of 'irq_name' Wang Qing (1): net: ethernet: ti: add missing of_node_put before return Wolfram Sang (2): spi: sh-msiof: avoid integer overflow in constants packet: move from strlcpy with unused retval to strscpy Xin Long (1): netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new Xu Yang (2): usb: roles: fix NULL pointer issue when put module's reference usb: roles: don't get/set_role() when usb_role_switch is unregistered Yi Sun (1): virtio-blk: Ensure no requests in virtqueues before deleting vqs. Yicong Yang (1): sched/fair: Don't balance task to its current running CPU Yifan Zhang (1): drm/amdgpu: init iommu after amdkfd device init Ying Hsu (1): igb: Fix igb_down hung on surprise removal Youngmin Nam (1): arm64: set __exception_irq_entry with __irq_entry as a default Yu Kuai (2): md: fix data corruption for raid456 when reshape restart while grow up md/raid10: prevent soft lockup while flush writes Yuezhang Mo (1): exfat: support dynamic allocate bh for exfat_entry_set_cache Zhang Rui (1): hwmon: (coretemp) Enlarge per package core count limit Zhang Yi (1): ext4: correct the hole length returned by ext4_map_blocks() Zhipeng Lu (1): IB/hfi1: Fix a memleak in init_credit_return Zhong Jinghua (1): nbd: Add the maximum limit of allocated index in nbd_dev_add

2 months, 1 week

1
1
0 0

Linux 6.1.80

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.80 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/mach-ep93xx/core.c | 1 arch/arm64/boot/dts/rockchip/px30.dtsi | 2 arch/arm64/include/asm/fpsimd.h | 2 arch/arm64/kernel/fpsimd.c | 14 arch/arm64/kernel/suspend.c | 3 arch/arm64/kvm/vgic/vgic-its.c | 5 arch/loongarch/Kconfig | 23 arch/loongarch/kernel/smp.c | 1 arch/mips/kernel/traps.c | 8 arch/parisc/kernel/processor.c | 8 arch/s390/pci/pci.c | 2 arch/x86/include/asm/nospec-branch.h | 2 arch/x86/kernel/alternative.c | 13 arch/x86/kernel/ftrace.c | 2 arch/x86/kernel/static_call.c | 2 arch/x86/mm/numa.c | 21 arch/x86/net/bpf_jit_comp.c | 2 block/blk-map.c | 13 drivers/ata/ahci.c | 49 drivers/ata/ahci.h | 1 drivers/ata/ahci_ceva.c | 125 drivers/ata/libata-core.c | 4 drivers/block/aoe/aoeblk.c | 5 drivers/block/virtio_blk.c | 7 drivers/crypto/virtio/virtio_crypto_akcipher_algs.c | 5 drivers/cxl/core/pci.c | 6 drivers/dma/apple-admac.c | 5 drivers/dma/fsl-qdma.c | 2 drivers/dma/sh/shdma.h | 2 drivers/dma/ti/edma.c | 10 drivers/firewire/core-card.c | 18 drivers/firmware/efi/arm-runtime.c | 2 drivers/firmware/efi/efi-init.c | 19 drivers/firmware/efi/libstub/Makefile | 2 drivers/firmware/efi/riscv-runtime.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 2 drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 8 drivers/gpu/drm/amd/amdgpu/soc15.c | 22 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 1 drivers/gpu/drm/drm_syncobj.c | 6 drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadow.c | 8 drivers/gpu/drm/ttm/ttm_pool.c | 2 drivers/hwmon/coretemp.c | 2 drivers/i2c/busses/i2c-imx.c | 5 drivers/infiniband/hw/bnxt_re/ib_verbs.c | 5 drivers/infiniband/hw/hfi1/pio.c | 6 drivers/infiniband/hw/hfi1/sdma.c | 2 drivers/infiniband/hw/irdma/defs.h | 1 drivers/infiniband/hw/irdma/hw.c | 8 drivers/infiniband/hw/irdma/verbs.c | 9 drivers/infiniband/hw/qedr/verbs.c | 11 drivers/infiniband/ulp/srpt/ib_srpt.c | 17 drivers/input/joystick/xpad.c | 2 drivers/input/serio/i8042-acpipnpio.h | 8 drivers/input/touchscreen/goodix.c | 3 drivers/irqchip/irq-gic-v3-its.c | 2 drivers/irqchip/irq-sifive-plic.c | 8 drivers/md/dm-crypt.c | 95 drivers/md/dm-integrity.c | 91 drivers/md/dm-verity-target.c | 86 drivers/md/dm-verity.h | 6 drivers/md/md.c | 6 drivers/misc/open-dice.c | 2 drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c | 4 drivers/net/ethernet/microchip/sparx5/sparx5_main.c | 1 drivers/net/ethernet/microchip/sparx5/sparx5_main.h | 1 drivers/net/ethernet/microchip/sparx5/sparx5_packet.c | 2 drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 20 drivers/net/gtp.c | 10 drivers/net/phy/realtek.c | 4 drivers/nvme/host/fc.c | 47 drivers/nvme/target/fc.c | 131 drivers/nvme/target/fcloop.c | 6 drivers/nvme/target/tcp.c | 1 drivers/pci/controller/dwc/pcie-designware-ep.c | 3 drivers/pci/msi/irqdomain.c | 2 drivers/platform/x86/intel/vbtn.c | 3 drivers/platform/x86/thinkpad_acpi.c | 5 drivers/platform/x86/touchscreen_dmi.c | 39 drivers/regulator/pwm-regulator.c | 3 drivers/s390/cio/device_ops.c | 6 drivers/scsi/Kconfig | 2 drivers/scsi/lpfc/lpfc_scsi.c | 12 drivers/scsi/scsi.c | 22 drivers/scsi/smartpqi/smartpqi_init.c | 5 drivers/soc/mediatek/mtk-pm-domains.c | 15 drivers/soc/renesas/r8a77980-sysc.c | 3 drivers/spi/spi-hisi-sfc-v3xx.c | 5 drivers/spi/spi-sh-msiof.c | 16 drivers/target/target_core_device.c | 5 drivers/target/target_core_pscsi.c | 9 drivers/target/target_core_transport.c | 4 drivers/tty/serial/amba-pl011.c | 60 drivers/ufs/core/ufshcd.c | 1 drivers/usb/cdns3/cdns3-gadget.c | 8 drivers/usb/cdns3/core.c | 1 drivers/usb/cdns3/drd.c | 13 drivers/usb/cdns3/drd.h | 6 drivers/usb/cdns3/host.c | 16 drivers/usb/dwc3/gadget.c | 5 drivers/usb/gadget/function/f_ncm.c | 10 drivers/usb/roles/class.c | 29 drivers/usb/typec/ucsi/ucsi_acpi.c | 71 drivers/vfio/iova_bitmap.c | 25 drivers/video/fbdev/savage/savagefb_driver.c | 3 drivers/video/fbdev/sis/sis_main.c | 2 fs/afs/volume.c | 4 fs/aio.c | 9 fs/cachefiles/cache.c | 2 fs/cachefiles/daemon.c | 1 fs/erofs/compress.h | 4 fs/erofs/decompressor.c | 60 fs/erofs/decompressor_lzma.c | 4 fs/erofs/internal.h | 28 fs/erofs/namei.c | 28 fs/erofs/super.c | 72 fs/erofs/zmap.c | 23 fs/ext4/extents.c | 111 fs/ext4/mballoc.c | 15 fs/ntfs3/attrib.c | 20 fs/ntfs3/attrlist.c | 8 fs/ntfs3/dir.c | 40 fs/ntfs3/file.c | 2 fs/ntfs3/fslog.c | 14 fs/ntfs3/fsntfs.c | 24 fs/ntfs3/inode.c | 2 fs/ntfs3/ntfs.h | 4 fs/ntfs3/ntfs_fs.h | 14 fs/ntfs3/record.c | 25 fs/ntfs3/xattr.c | 3 fs/smb/client/cached_dir.c | 2 fs/smb/client/cifsencrypt.c | 2 fs/smb/client/cifsglob.h | 2 fs/smb/client/fs_context.c | 2 fs/smb/client/readdir.c | 15 fs/smb/client/smb2pdu.c | 6 fs/smb/client/transport.c | 15 include/linux/fs.h | 2 include/linux/memblock.h | 2 include/linux/socket.h | 5 include/linux/swap.h | 5 include/net/netfilter/nf_flow_table.h | 4 include/net/switchdev.h | 3 include/net/tcp.h | 2 include/scsi/scsi_device.h | 4 kernel/bpf/helpers.c | 5 kernel/sched/rt.c | 12 mm/damon/lru_sort.c | 43 mm/damon/reclaim.c | 18 mm/memblock.c | 5 mm/memcontrol.c | 10 mm/memory.c | 20 mm/swap.h | 5 mm/swapfile.c | 13 mm/zswap.c | 2 net/bridge/br_switchdev.c | 84 net/core/dev.c | 2 net/core/dev_ioctl.c | 2 net/core/skmsg.c | 7 net/ipv4/arp.c | 3 net/ipv4/devinet.c | 21 net/ipv4/inet_hashtables.c | 25 net/ipv6/addrconf.c | 21 net/ipv6/exthdrs.c | 10 net/ipv6/seg6.c | 20 net/l2tp/l2tp_ip6.c | 2 net/mac80211/cfg.c | 2 net/mac80211/mlme.c | 1 net/mac80211/sta_info.c | 2 net/mac80211/tx.c | 2 net/mctp/route.c | 2 net/mptcp/diag.c | 6 net/mptcp/pm_netlink.c | 24 net/mptcp/pm_userspace.c | 54 net/mptcp/protocol.h | 2 net/netfilter/nf_conntrack_proto_sctp.c | 2 net/netfilter/nf_flow_table_core.c | 41 net/netfilter/nf_tables_api.c | 87 net/netfilter/nft_flow_offload.c | 12 net/packet/af_packet.c | 10 net/phonet/datagram.c | 4 net/phonet/pep.c | 41 net/sched/Kconfig | 42 net/sched/Makefile | 3 net/sched/sch_atm.c | 706 ---- net/sched/sch_cbq.c | 1727 ---------- net/sched/sch_dsmark.c | 518 -- net/switchdev/switchdev.c | 73 net/tls/tls_main.c | 2 net/tls/tls_sw.c | 24 net/wireless/nl80211.c | 1 scripts/bpf_doc.py | 2 sound/soc/codecs/wm_adsp.c | 29 sound/soc/sunxi/sun4i-spdif.c | 5 sound/usb/clock.c | 10 sound/usb/format.c | 20 tools/testing/selftests/tc-testing/tc-tests/qdiscs/atm.json | 94 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json | 184 - tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json | 140 201 files changed, 1952 insertions(+), 4290 deletions(-) Alexander Tsoy (2): ALSA: usb-audio: Check presence of valid altsetting control ALSA: usb-audio: Ignore clock selector errors for single connection Alison Schofield (2): x86/numa: Fix the address overlap check in numa_fill_memblks() x86/numa: Fix the sort compare func used in numa_fill_memblks() Andrew Bresticker (2): efi: runtime: Fix potential overflow of soft-reserved region size efi: Don't add memblocks for soft-reserved memory Armin Wolf (1): drm/amd/display: Fix memory leak in dm_sw_fini() Arnd Bergmann (3): dm-integrity, dm-verity: reduce stack usage for recheck RDMA/srpt: fix function pointer cast warnings nouveau: fix function cast warnings Baokun Li (4): ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() cachefiles: fix memory leak in cachefiles_add_cache() Bart Van Assche (2): RDMA/srpt: Support specifying the srpt_service_guid parameter fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio Borislav Petkov (AMD) (1): Revert "x86/alternative: Make custom return thunk unconditional" Brenton Simpson (1): Input: xpad - add Lenovo Legion Go controllers Chen-Yu Tsai (1): ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616 Christian A. Ehrhardt (2): block: Fix WARNING in _copy_from_iter usb: ucsi_acpi: Quirk to ack a connector change ack cmd Conrad Kostecki (1): ahci: asm1166: correct count of reported ports Corey Minyard (1): i2c: imx: when being a target, mark the last read as processed Cyril Hrubis (2): sched/rt: Disallow writing invalid values to sched_rt_period_us sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset Damien Le Moal (1): ata: libata-core: Do not try to set sleeping devices to standby Dan Carpenter (1): PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() Daniel Vacek (1): IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Daniel Wagner (8): nvme-fc: do not wait in vain when unloading module nvmet-fcloop: swap the list_add_tail arguments nvmet-fc: release reference on target port nvmet-fc: defer cleanup using RCU properly nvmet-fc: hold reference on hostport match nvmet-fc: abort command when there is no binding nvmet-fc: avoid deadlock on delete association path nvmet-fc: take ref count on tgtport before delete assoc Daniil Dulov (1): afs: Increase buffer size in afs_update_volume_status() Devyn Liu (1): spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected Dmitry Bogdanov (1): scsi: target: core: Add TMF to tmr_list handling Don Brace (1): scsi: smartpqi: Fix disable_managed_interrupts Edward Adam Davis (1): fs/ntfs3: Fix oob in ntfs_listxattr Edward Lo (1): fs/ntfs3: Enhance the attribute size check Eric Dumazet (2): ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid Erik Kurzinger (1): drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is set Eugen Hristev (1): pmdomain: mediatek: fix race conditions with genpd Felix Fietkau (1): wifi: mac80211: fix race condition on enabling fast-xmit Florian Westphal (2): netfilter: nf_tables: set dormant flag on hook register failure netfilter: nf_tables: use kzalloc for hook allocation Frank Li (2): usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() usb: cdns3: fix memory double free when handle zero packet Fullway Wang (2): fbdev: savage: Error out if pixclock equals zero fbdev: sis: Error out if pixclock equals zero Gao Xiang (2): erofs: simplify compression configuration parser erofs: fix inconsistent per-file compression format Geert Uytterhoeven (1): pmdomain: renesas: r8a77980-sysc: CR7 must be always on Geliang Tang (4): mptcp: make userspace_pm_append_new_local_addr static mptcp: add needs_id for userspace appending addr mptcp: userspace pm send RM_ADDR for ID 0 mptcp: add needs_id for netlink appending addr Gianmarco Lusvardi (1): bpf, scripts: Correct GPL license name Greg Kroah-Hartman (1): Linux 6.1.80 Guixin Liu (1): nvmet-tcp: fix nvme tcp ida memory leak Hannes Reinecke (1): scsi: lpfc: Use unsigned type for num_sge Hans de Goede (3): Input: goodix - accept ACPI resources with gpio_count == 3 && gpio_int_idx == 0 platform/x86: intel-vbtn: Stop calling "VBDL" from notify_handler platform/x86: touchscreen_dmi: Allow partial (prefix) matches for ACPI names Hector Martin (1): dmaengine: apple-admac: Keep upper bits of REG_BUS_WIDTH Heiko Stuebner (1): arm64: dts: rockchip: set num-cs property for spi on px30 Helge Deller (1): Revert "parisc: Only list existing CPUs in cpu_possible_mask" Horatiu Vultur (1): net: sparx5: Add spinlock for frame transmission from CPU Huacai Chen (1): LoongArch: Disable IRQ before init_fn() for nonboot CPUs Huang Pei (1): MIPS: reserve exception vector space ONLY ONCE Ism Hong (1): fs/ntfs3: use non-movable memory for ntfs3 MFT buffer cache Jamal Hadi Salim (3): net/sched: Retire CBQ qdisc net/sched: Retire ATM qdisc net/sched: Retire dsmark qdisc Jan Kiszka (1): riscv/efistub: Ensure GP-relative addressing is not used Jason Gunthorpe (1): s390: use the correct count for __iowrite64_copy() Jeremy Kerr (1): net: mctp: put sock on tag allocation failure Joao Martins (3): iommufd/iova_bitmap: Bounds check mapped::pages access iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array iommufd/iova_bitmap: Consider page offset for the pages to be pinned Johannes Berg (2): wifi: mac80211: set station RX-NSS on reconfig wifi: mac80211: adding missing drv_mgd_complete_tx() call Johannes Weiner (1): mm: memcontrol: clarify swapaccount=0 deprecation warning Justin Iurman (1): Fix write to cloned skb in ipv6_hop_ioam() Kairui Song (1): mm/swap: fix race when skipping swapcache Kalesh AP (1): RDMA/bnxt_re: Return error for SRQ resize Kamal Heib (1): RDMA/qedr: Fix qedr_create_user_qp error flow Kees Cook (2): smb: Work around Clang __bdos() type confusion net: dev: Convert sa_data to flexible array in struct sockaddr Konstantin Komarov (10): fs/ntfs3: Modified fix directory element type detection fs/ntfs3: Improve ntfs_dir_count fs/ntfs3: Correct hard links updating when dealing with DOS names fs/ntfs3: Print warning while fixing hard links count fs/ntfs3: Fix detected field-spanning write (size 8) of single field "le->name" fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame() fs/ntfs3: Disable ATTR_LIST_ENTRY size check fs/ntfs3: Prevent generic message "attempt to access beyond end of device" fs/ntfs3: Correct function is_rst_area_valid fs/ntfs3: Update inode->i_size after success write into compressed file Krishna Kurapati (1): usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs Kuniyuki Iwashima (2): dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished(). arp: Prevent overflow in arp_req_get(). Kunwu Chan (1): dmaengine: ti: edma: Add some null pointer checks to the edma_probe Lennert Buytenhek (2): ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers ahci: Extend ASM1061 43-bit DMA address quirk to other ASM106x parts Lino Sanfilippo (1): serial: amba-pl011: Fix DMA transmission in RS485 mode Maksim Kiselev (1): aoe: avoid potential deadlock at set_capacity Mario Limonciello (1): platform/x86: thinkpad_acpi: Only update profile if successfully converted Mark Brown (1): arm64/sme: Restore SME registers on exit from suspend Martin Blumenstingl (1): regulator: pwm-regulator: Add validity checks in continuous .get_voltage Martin K. Petersen (1): scsi: core: Consult supported VPD page list prior to fetching page Martin KaFai Lau (1): bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel Masahiro Yamada (2): LoongArch: Select ARCH_ENABLE_THP_MIGRATION instead of redefining it LoongArch: Select HAVE_ARCH_SECCOMP to use the common SECCOMP menu Michal Kazior (1): wifi: cfg80211: fix missing interfaces when dumping Mike Marciniszyn (1): RDMA/irdma: Fix KASAN issue with tasklet Mikulas Patocka (4): dm-crypt: recheck the integrity tag after a failure dm-integrity: recheck the integrity tag after a failure dm-crypt: don't modify the data when using authenticated encryption dm-verity: recheck the hash after a failure Mustafa Ismail (2): RDMA/irdma: Set the CQ read threshold for GEN 1 RDMA/irdma: Add AE for too many RNRS Nam Cao (1): irqchip/sifive-plic: Enable interrupt if needed before EOI Naohiro Aota (1): scsi: target: pscsi: Fix bio_put() for error case Nikita Shubin (1): ARM: ep93xx: Add terminator to gpiod_lookup_table Oliver Upton (3): KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() irqchip/gic-v3-its: Do not assume vPE tables are preallocated Pablo Neira Ayuso (5): netfilter: flowtable: simplify route logic netfilter: nft_flow_offload: reset dst in route object after setting up flow netfilter: nft_flow_offload: release dst in case direct xmit path is used netfilter: nf_tables: rename function to destroy hook list netfilter: nf_tables: register hooks last when adding new chain/flowtable Paolo Abeni (1): mptcp: fix lockless access in subflow ULP diag Paulo Alcantara (2): smb: client: increase number of PDUs allowed in a compound request smb: client: set correct d_type for reparse points under DFS mounts Pavel Sakharov (1): net: stmmac: Fix incorrect dereference in interrupt handlers Pawel Laszczak (2): usb: cdnsp: blocked some cdns3 specific code usb: cdnsp: fixed issue with incorrect detecting CDNSP family controllers Peter Oberparleiter (1): s390/cio: fix invalid -EBUSY on ccw_device_start Peter Zijlstra (2): x86/returnthunk: Allow different return thunks x86/alternative: Make custom return thunk unconditional Phoenix Chen (1): platform/x86: touchscreen_dmi: Add info for the TECLAST X16 Plus tablet Prike Liang (2): drm/amdgpu: skip to program GFXDEC registers for suspend abort drm/amdgpu: reset gpu for s3 suspend abort case Radhey Shyam Pandey (1): ata: ahci_ceva: fix error handling for Xilinx GT PHY support Randy Dunlap (1): scsi: jazz_esp: Only build if SCSI core is builtin Richard Fitzgerald (1): ASoC: wm_adsp: Don't overwrite fwf_name with the default Robert Richter (1): cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window Rémi Denis-Courmont (2): phonet: take correct lock to peek at the RX queue phonet/pep: fix racy skb_queue_empty() use SEO HOYOUNG (1): scsi: ufs: core: Remove the ufshcd_release() in ufshcd_err_handling_prepare() Sabrina Dubroca (3): tls: break out of main loop when PEEK gets a non-data record tls: stop recv() if initial process_rx_list gave us non-DATA tls: don't skip over different type records from the rx_list Sandeep Dhavale (1): erofs: fix refcount on the metabuf used for inode lookup SeongJae Park (2): mm/damon/lru_sort: fix quota status loss due to online tunings mm/damon/reclaim: fix quota stauts loss due to online tunings Shigeru Yoshida (1): bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready() Shiraz Saleem (1): RDMA/irdma: Validate max_send_wr and max_recv_wr Shyam Prasad N (2): cifs: open_cached_dir should not rely on primary channel cifs: translate network errors on send to -ECONNABORTED Siddharth Vadapalli (1): net: phy: realtek: Fix rtl8211f_config_init() for RTL8211F(D)(I)-VD-CG PHY Sohaib Nadeem (2): drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz Revert "drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz" Steve French (1): smb3: clarify mount warning Subbaraya Sundeep (1): octeontx2-af: Consider the action set by PF Szilard Fabian (1): Input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table Szuying Chen (1): ata: ahci: add identifiers for ASM2116 series adapters Takashi Sakamoto (1): firewire: core: send bus reset promptly on gap count error Thinh Nguyen (1): usb: dwc3: gadget: Don't disconnect if not started Thomas Hellström (1): drm/ttm: Fix an invalid freeing on already freed page in error path Tobias Waldekranz (2): net: bridge: switchdev: Skip MDB replays of deferred events on offload net: bridge: switchdev: Ensure deferred event delivery on unoffload Tom Parkin (1): l2tp: pass correct message length to ip6_append_data Vasiliy Kovalev (2): gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() ipv6: sr: fix possible use-after-free and null-ptr-deref Vidya Sagar (1): PCI/MSI: Prevent MSI hardware interrupt number truncation Vinod Koul (2): dmaengine: shdma: increase size of 'dev_id' dmaengine: fsl-qdma: increase size of 'irq_name' Will Deacon (1): misc: open-dice: Fix spurious lockdep warning Wolfram Sang (1): spi: sh-msiof: avoid integer overflow in constants Xin Long (1): netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new Xu Yang (2): usb: roles: fix NULL pointer issue when put module's reference usb: roles: don't get/set_role() when usb_role_switch is unregistered Yi Sun (1): virtio-blk: Ensure no requests in virtqueues before deleting vqs. Yosry Ahmed (1): mm: zswap: fix missing folio cleanup in writeback race path Yu Kuai (1): md: Fix missing release of 'active_io' for flush Zhang Rui (1): hwmon: (coretemp) Enlarge per package core count limit Zhang Yi (1): ext4: correct the hole length returned by ext4_map_blocks() Zhipeng Lu (1): IB/hfi1: Fix a memleak in init_credit_return zhenwei pi (1): crypto: virtio/akcipher - Fix stack overflow on memcpy

2 months, 1 week

1
1
0 0

Linux 5.10.211

by Greg Kroah-Hartman

I'm announcing the release of the 5.10.211 kernel. All users of the 5.10 kernel series must upgrade. The updated 5.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/boot/dts/bcm47189-luxul-xap-1440.dts | 1 arch/arm/boot/dts/bcm47189-luxul-xap-810.dts | 2 arch/arm/boot/dts/imx6sx.dtsi | 6 arch/arm/mach-ep93xx/core.c | 1 arch/arm64/boot/dts/rockchip/px30.dtsi | 2 arch/arm64/kvm/vgic/vgic-its.c | 5 arch/powerpc/kernel/hw_breakpoint.c | 76 arch/s390/pci/pci.c | 2 arch/x86/include/asm/cpu_entry_area.h | 2 arch/x86/include/asm/nospec-branch.h | 2 arch/x86/include/asm/text-patching.h | 30 arch/x86/include/asm/uaccess.h | 142 + arch/x86/kernel/alternative.c | 13 arch/x86/kernel/ftrace.c | 4 arch/x86/kernel/paravirt.c | 22 arch/x86/kernel/static_call.c | 2 arch/x86/net/bpf_jit_comp.c | 2 drivers/ata/ahci.c | 34 drivers/ata/ahci.h | 1 drivers/block/ataflop.c | 56 drivers/block/virtio_blk.c | 7 drivers/dma/fsl-qdma.c | 2 drivers/dma/sh/shdma.h | 2 drivers/dma/ti/edma.c | 10 drivers/firewire/core-card.c | 18 drivers/firmware/efi/arm-runtime.c | 2 drivers/firmware/efi/efi-init.c | 19 drivers/firmware/efi/riscv-runtime.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 1 drivers/gpu/drm/drm_syncobj.c | 16 drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadow.c | 8 drivers/hwmon/coretemp.c | 2 drivers/infiniband/hw/bnxt_re/ib_verbs.c | 5 drivers/infiniband/hw/hfi1/pio.c | 6 drivers/infiniband/hw/hfi1/sdma.c | 2 drivers/infiniband/hw/qedr/verbs.c | 11 drivers/infiniband/ulp/srpt/ib_srpt.c | 17 drivers/input/serio/i8042-acpipnpio.h | 8 drivers/irqchip/irq-mips-gic.c | 2 drivers/md/dm-crypt.c | 6 drivers/media/pci/ttpci/av7110_av.c | 4 drivers/mtd/nand/spi/macronix.c | 20 drivers/net/ethernet/microchip/lan743x_ethtool.c | 9 drivers/net/gtp.c | 10 drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 14 drivers/net/wireless/intel/iwlwifi/mvm/mvm.h | 2 drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 2 drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c | 10 drivers/nvme/host/fc.c | 47 drivers/nvme/target/fc.c | 11 drivers/nvme/target/fcloop.c | 6 drivers/nvme/target/tcp.c | 1 drivers/pci/msi.c | 2 drivers/platform/x86/intel-vbtn.c | 6 drivers/regulator/pwm-regulator.c | 3 drivers/s390/cio/device_ops.c | 6 drivers/scsi/Kconfig | 2 drivers/scsi/lpfc/lpfc_scsi.c | 12 drivers/soc/renesas/r8a77980-sysc.c | 3 drivers/spi/spi-hisi-sfc-v3xx.c | 5 drivers/spi/spi-sh-msiof.c | 16 drivers/target/target_core_device.c | 5 drivers/target/target_core_transport.c | 4 drivers/tty/hvc/hvc_xen.c | 19 drivers/usb/cdns3/gadget.c | 8 drivers/usb/gadget/function/f_ncm.c | 10 drivers/usb/roles/class.c | 29 drivers/video/fbdev/savage/savagefb_driver.c | 3 drivers/video/fbdev/sis/sis_main.c | 2 fs/afs/volume.c | 4 fs/aio.c | 9 fs/btrfs/ctree.h | 2 fs/btrfs/dir-item.c | 122 - fs/btrfs/inode.c | 48 fs/btrfs/tree-checker.c | 25 fs/btrfs/tree-log.c | 14 fs/cifs/smb2ops.c | 19 fs/cifs/smb2pdu.c | 93 - fs/cifs/smb2proto.h | 12 fs/erofs/decompressor.c | 24 fs/ext4/extents.c | 111 - fs/ext4/mballoc.c | 33 fs/jbd2/checkpoint.c | 137 - fs/zonefs/super.c | 68 include/linux/fs.h | 2 include/linux/lockdep.h | 5 include/linux/sched/task_stack.h | 2 include/linux/socket.h | 5 include/net/tcp.h | 2 kernel/sched/rt.c | 10 kernel/seccomp.c | 10 kernel/sysctl.c | 4 mm/userfaultfd.c | 14 net/core/dev.c | 2 net/core/dev_ioctl.c | 2 net/hsr/hsr_framereg.c | 16 net/hsr/hsr_framereg.h | 1 net/ipv4/arp.c | 3 net/ipv4/devinet.c | 21 net/ipv6/addrconf.c | 21 net/ipv6/seg6.c | 20 net/l2tp/l2tp_ip6.c | 2 net/mac80211/sta_info.c | 2 net/mac80211/tx.c | 2 net/mptcp/diag.c | 6 net/netfilter/nf_conntrack_proto_sctp.c | 2 net/netfilter/nf_tables_api.c | 1 net/packet/af_packet.c | 12 net/sched/Kconfig | 42 net/sched/Makefile | 3 net/sched/sch_atm.c | 709 -------- net/sched/sch_cbq.c | 1816 ---------------------- net/sched/sch_dsmark.c | 521 ------ net/tls/tls_main.c | 2 net/tls/tls_sw.c | 12 net/wireless/nl80211.c | 1 scripts/bpf_helpers_doc.py | 2 sound/soc/fsl/fsl_micfil.c | 15 sound/soc/intel/boards/bytcht_es8316.c | 14 sound/soc/intel/boards/bytcr_rt5640.c | 46 sound/soc/intel/boards/bytcr_rt5651.c | 41 sound/soc/sunxi/sun4i-spdif.c | 5 123 files changed, 1257 insertions(+), 3684 deletions(-) Andrew Bresticker (2): efi: runtime: Fix potential overflow of soft-reserved region size efi: Don't add memblocks for soft-reserved memory Andy Shevchenko (1): ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use Armin Wolf (1): drm/amd/display: Fix memory leak in dm_sw_fini() Arnd Bergmann (2): RDMA/srpt: fix function pointer cast warnings nouveau: fix function cast warnings Baokun Li (3): ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() ext4: regenerate buddy after block freeing failed if under fc replay Bart Van Assche (2): RDMA/srpt: Support specifying the srpt_service_guid parameter fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio Benjamin Gray (1): powerpc/watchpoints: Annotate atomic context in more places Borislav Petkov (1): task_stack, x86/cea: Force-inline stack helpers Borislav Petkov (AMD) (2): Revert "x86/ftrace: Use alternative RET encoding" Revert "x86/alternative: Make custom return thunk unconditional" Chen-Yu Tsai (1): ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616 Christian König (1): drm/syncobj: make lockdep complain on WAIT_FOR_SUBMIT v3 Conrad Kostecki (1): ahci: asm1166: correct count of reported ports Cyril Hrubis (3): sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset sched/rt: Fix sysctl_sched_rr_timeslice intial value sched/rt: Disallow writing invalid values to sched_rt_period_us Damien Le Moal (1): zonefs: Improve error handling Dan Carpenter (1): media: av7110: prevent underflow in write_ts_to_decoder() Daniel Vacek (1): IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Daniel Wagner (4): nvme-fc: do not wait in vain when unloading module nvmet-fcloop: swap the list_add_tail arguments nvmet-fc: release reference on target port nvmet-fc: abort command when there is no binding Daniil Dulov (1): afs: Increase buffer size in afs_update_volume_status() Devyn Liu (1): spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected Dmitry Bogdanov (1): scsi: target: core: Add TMF to tmr_list handling Eric Dumazet (2): ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid Erik Kurzinger (1): drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is set Felix Fietkau (1): wifi: mac80211: fix race condition on enabling fast-xmit Filipe Manana (2): btrfs: unify lookup return value when dir entry is missing btrfs: do not pin logs too early during renames Florian Westphal (1): netfilter: nf_tables: set dormant flag on hook register failure Frank Li (2): usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() usb: cdns3: fix memory double free when handle zero packet Fullway Wang (2): fbdev: savage: Error out if pixclock equals zero fbdev: sis: Error out if pixclock equals zero Gao Xiang (1): erofs: fix lz4 inplace decompression Geert Uytterhoeven (1): pmdomain: renesas: r8a77980-sysc: CR7 must be always on Gianmarco Lusvardi (1): bpf, scripts: Correct GPL license name Greg Kroah-Hartman (1): Linux 5.10.211 Guixin Liu (1): nvmet-tcp: fix nvme tcp ida memory leak Hannes Reinecke (1): scsi: lpfc: Use unsigned type for num_sge Heiko Stuebner (1): arm64: dts: rockchip: set num-cs property for spi on px30 Jakub Kicinski (2): tls: rx: jump to a more appropriate label tls: rx: drop pointless else after goto Jamal Hadi Salim (3): net/sched: Retire CBQ qdisc net/sched: Retire ATM qdisc net/sched: Retire dsmark qdisc Jan Beulich (1): x86: drop bogus "cc" clobber from __try_cmpxchg_user_asm() Jason Gunthorpe (1): s390: use the correct count for __iowrite64_copy() Jiaxun Yang (1): irqchip/mips-gic: Don't touch vl_map if a local interrupt is not routable Johannes Berg (2): iwlwifi: mvm: do more useful queue sync accounting iwlwifi: mvm: write queue_sync_state only for sync Josef Bacik (1): btrfs: tree-checker: check for overlapping extent items Kalesh AP (1): RDMA/bnxt_re: Return error for SRQ resize Kamal Heib (1): RDMA/qedr: Fix qedr_create_user_qp error flow Kees Cook (2): seccomp: Invalidate seccomp mode to catch death failures net: dev: Convert sa_data to flexible array in struct sockaddr Krishna Kurapati (1): usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs Kuniyuki Iwashima (1): arp: Prevent overflow in arp_req_get(). Kunwu Chan (1): dmaengine: ti: edma: Add some null pointer checks to the edma_probe Lennert Buytenhek (1): ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers Lokesh Gidra (1): userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb Marcos Paulo de Souza (1): btrfs: introduce btrfs_lookup_match_dir Martin Blumenstingl (1): regulator: pwm-regulator: Add validity checks in continuous .get_voltage Max Verevkin (1): platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC Michael Schmitz (2): block: ataflop: fix breakage introduced at blk-mq refactoring block: ataflop: more blk-mq refactoring fixes Michal Kazior (1): wifi: cfg80211: fix missing interfaces when dumping Mikulas Patocka (1): dm-crypt: don't modify the data when using authenticated encryption Nikita Shubin (1): ARM: ep93xx: Add terminator to gpiod_lookup_table Oliver Upton (2): KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() Paolo Abeni (1): mptcp: fix lockless access in subflow ULP diag Paulo Alcantara (3): smb: client: fix OOB in receive_encrypted_standard() smb: client: fix potential OOBs in smb2_parse_contexts() smb: client: fix parsing of SMB3.1.1 POSIX create context Peter Oberparleiter (1): s390/cio: fix invalid -EBUSY on ccw_device_start Peter Zijlstra (6): x86/uaccess: Implement macros for CMPXCHG on user addresses x86/text-patching: Make text_gen_insn() play nice with ANNOTATE_NOENDBR x86/ibt,paravirt: Use text_gen_insn() for paravirt_patch() x86/ftrace: Use alternative RET encoding x86/returnthunk: Allow different return thunks x86/alternative: Make custom return thunk unconditional Pierre-Louis Bossart (2): ASoC: Intel: boards: harden codec property handling ASoC: Intel: boards: get codec device with ACPI instead of bus search Rafał Miłecki (1): ARM: dts: BCM53573: Drop nonexistent "default-off" LED trigger Randy Dunlap (1): scsi: jazz_esp: Only build if SCSI core is builtin Ravi Bangoria (1): powerpc/watchpoint: Workaround P10 DD1 issue with VSX-32 byte instructions Roger Pau Monne (1): hvc/xen: prevent concurrent accesses to the shared ring Sabrina Dubroca (1): tls: stop recv() if initial process_rx_list gave us non-DATA Sebastian Andrzej Siewior (1): hsr: Avoid double remove of a node. Sergej Bauer (1): lan743x: fix for potential NULL pointer dereference with bare card Shengjiu Wang (1): ASoC: fsl_micfil: register platform component before registering cpu dai Shyam Prasad N (1): cifs: add a warning when the in-flight count goes negative Szilard Fabian (1): Input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table Takashi Sakamoto (1): firewire: core: send bus reset promptly on gap count error Tom Parkin (1): l2tp: pass correct message length to ip6_append_data Vasiliy Kovalev (2): gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() ipv6: sr: fix possible use-after-free and null-ptr-deref Vidya Sagar (1): PCI/MSI: Prevent MSI hardware interrupt number truncation Vinod Koul (2): dmaengine: shdma: increase size of 'dev_id' dmaengine: fsl-qdma: increase size of 'irq_name' Wolfram Sang (2): spi: sh-msiof: avoid integer overflow in constants packet: move from strlcpy with unused retval to strscpy Xiaolei Wang (1): ARM: dts: imx: Set default tuning step for imx6sx usdhc Xin Long (1): netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new Xu Yang (2): usb: roles: fix NULL pointer issue when put module's reference usb: roles: don't get/set_role() when usb_role_switch is unregistered Yi Sun (1): virtio-blk: Ensure no requests in virtqueues before deleting vqs. YouChing Lin (1): mtd: spinand: macronix: Add support for MX35LFxGE4AD Zhang Rui (1): hwmon: (coretemp) Enlarge per package core count limit Zhang Yi (3): ext4: correct the hole length returned by ext4_map_blocks() jbd2: remove redundant buffer io error checks jbd2: recheck chechpointing non-dirty buffer Zhihao Cheng (1): jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint Zhipeng Lu (1): IB/hfi1: Fix a memleak in init_credit_return

2 months, 1 week

1
1
0 0

Linux 5.4.270

by Greg Kroah-Hartman

I'm announcing the release of the 5.4.270 kernel. All users of the 5.4 kernel series must upgrade. The updated 5.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/mach-ep93xx/core.c | 1 arch/arm64/boot/dts/qcom/msm8916.dtsi | 4 arch/s390/pci/pci.c | 2 arch/x86/kernel/alternative.c | 13 drivers/ata/ahci.c | 34 drivers/ata/ahci.h | 1 drivers/block/virtio_blk.c | 7 drivers/dma/fsl-qdma.c | 2 drivers/dma/sh/shdma.h | 2 drivers/firewire/core-card.c | 18 drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_virt.h | 5 drivers/gpu/drm/drm_syncobj.c | 16 drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadow.c | 8 drivers/gpu/drm/sun4i/sun6i_mipi_dsi.c | 3 drivers/hwmon/coretemp.c | 2 drivers/infiniband/hw/bnxt_re/ib_verbs.c | 5 drivers/infiniband/hw/hfi1/pio.c | 6 drivers/infiniband/hw/hfi1/sdma.c | 2 drivers/infiniband/ulp/srpt/ib_srpt.c | 18 drivers/md/dm-crypt.c | 6 drivers/md/dm-integrity.c | 11 drivers/net/gtp.c | 10 drivers/nvme/target/fc.c | 8 drivers/nvme/target/tcp.c | 1 drivers/pci/controller/pci-tegra.c | 17 drivers/pci/msi.c | 2 drivers/pinctrl/pinctrl-rockchip.c | 23 drivers/regulator/pwm-regulator.c | 3 drivers/s390/net/qeth_l3_main.c | 9 drivers/scsi/Kconfig | 2 drivers/scsi/lpfc/lpfc_scsi.c | 12 drivers/soc/renesas/r8a77980-sysc.c | 3 drivers/spi/spi-mt7621.c | 8 drivers/target/target_core_device.c | 5 drivers/target/target_core_transport.c | 4 drivers/usb/cdns3/gadget.c | 8 drivers/usb/gadget/function/f_ncm.c | 10 drivers/usb/roles/class.c | 12 drivers/video/fbdev/savage/savagefb_driver.c | 3 drivers/video/fbdev/sis/sis_main.c | 2 fs/afs/volume.c | 4 fs/aio.c | 9 fs/ext4/mballoc.c | 13 fs/iomap/buffered-io.c | 3 fs/nilfs2/dat.c | 27 include/linux/fs.h | 2 include/linux/lockdep.h | 5 include/net/tcp.h | 1 kernel/sched/rt.c | 10 kernel/sysctl.c | 4 mm/memcontrol.c | 6 mm/userfaultfd.c | 14 net/bridge/br_device.c | 2 net/ipv4/af_inet.c | 2 net/ipv4/devinet.c | 21 net/ipv4/tcp.c | 27 net/ipv4/tcp_input.c | 4 net/ipv6/addrconf.c | 21 net/ipv6/seg6.c | 20 net/l2tp/l2tp_ip6.c | 2 net/mac80211/sta_info.c | 2 net/mac80211/tx.c | 2 net/netfilter/nf_conntrack_proto_sctp.c | 2 net/netfilter/nf_tables_api.c | 1 net/packet/af_packet.c | 4 net/sched/Kconfig | 42 net/sched/Makefile | 3 net/sched/sch_atm.c | 710 -------- net/sched/sch_cbq.c | 1818 ---------------------- net/sched/sch_dsmark.c | 523 ------ net/tls/tls_sw.c | 12 net/wireless/nl80211.c | 1 scripts/bpf_helpers_doc.py | 157 + sound/pci/hda/patch_realtek.c | 6 sound/soc/sunxi/sun4i-spdif.c | 5 tools/testing/selftests/bpf/test_verifier.c | 13 virt/kvm/arm/vgic/vgic-its.c | 5 79 files changed, 562 insertions(+), 3254 deletions(-) Alexandra Winter (1): s390/qeth: Fix potential loss of L3-IP@ in case of network issues Andrii Nakryiko (2): scripts/bpf: teach bpf_helpers_doc.py to dump BPF helper definitions scripts/bpf: Fix xdp_md forward declaration typo Arnd Bergmann (2): RDMA/srpt: fix function pointer cast warnings nouveau: fix function cast warnings Baokun Li (2): ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Bart Van Assche (2): RDMA/srpt: Make debug output more detailed fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio Björn Töpel (1): selftests/bpf: Avoid running unprivileged tests with alignment requirements Chen-Yu Tsai (1): ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616 Christian König (1): drm/syncobj: make lockdep complain on WAIT_FOR_SUBMIT v3 Christophe JAILLET (2): spi: mt7621: Fix an error message in mt7621_spi_probe() PCI: tegra: Fix OF node reference leak Conrad Kostecki (1): ahci: asm1166: correct count of reported ports Cyril Hrubis (3): sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset sched/rt: Fix sysctl_sched_rr_timeslice intial value sched/rt: Disallow writing invalid values to sched_rt_period_us Daniel Vacek (1): IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Daniel Wagner (1): nvmet-fc: abort command when there is no binding Daniil Dulov (1): afs: Increase buffer size in afs_update_volume_status() Dmitry Bogdanov (1): scsi: target: core: Add TMF to tmr_list handling Eric Dumazet (3): tcp: add annotations around sk->sk_shutdown accesses ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid Erik Kurzinger (1): drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is set Felix Fietkau (1): wifi: mac80211: fix race condition on enabling fast-xmit Florian Westphal (1): netfilter: nf_tables: set dormant flag on hook register failure Frank Li (2): usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() usb: cdns3: fix memory double free when handle zero packet Fullway Wang (2): fbdev: savage: Error out if pixclock equals zero fbdev: sis: Error out if pixclock equals zero GONG, Ruiqi (1): memcg: add refcnt for pcpu stock to avoid UAF problem in drain_all_stock() Geert Uytterhoeven (1): pmdomain: renesas: r8a77980-sysc: CR7 must be always on Gianmarco Lusvardi (1): bpf, scripts: Correct GPL license name Greg Kroah-Hartman (1): Linux 5.4.270 Guixin Liu (1): nvmet-tcp: fix nvme tcp ida memory leak Hannes Reinecke (1): scsi: lpfc: Use unsigned type for num_sge Icenowy Zheng (1): Revert "drm/sun4i: dsi: Change the start delay calculation" Jakub Kicinski (2): tls: rx: jump to a more appropriate label tls: rx: drop pointless else after goto Jamal Hadi Salim (3): net/sched: Retire CBQ qdisc net/sched: Retire ATM qdisc net/sched: Retire dsmark qdisc Jason Gunthorpe (1): s390: use the correct count for __iowrite64_copy() Kai-Heng Feng (1): ALSA: hda/realtek - Enable micmute LED on and HP system Kalesh AP (1): RDMA/bnxt_re: Return error for SRQ resize Kirill A. Shutemov (1): x86/alternatives: Disable KASAN in apply_alternatives() Krishna Kurapati (1): usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs Lee Jones (1): pinctrl: pinctrl-rockchip: Fix a bunch of kerneldoc misdemeanours Lennert Buytenhek (1): ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers Lokesh Gidra (1): userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb Martin Blumenstingl (1): regulator: pwm-regulator: Add validity checks in continuous .get_voltage Matthew Wilcox (Oracle) (1): iomap: Set all uptodate bits for an Uptodate page Miaoqian Lin (1): pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups Michal Kazior (1): wifi: cfg80211: fix missing interfaces when dumping Mikulas Patocka (2): dm-integrity: don't modify bio's immutable bio_vec in integrity_metadata() dm-crypt: don't modify the data when using authenticated encryption Nathan Chancellor (1): drm/amdgpu: Fix type of second parameter in trans_msg() callback Nikita Shubin (1): ARM: ep93xx: Add terminator to gpiod_lookup_table Nikolay Aleksandrov (1): net: bridge: clear bridge's private skb space on xmit Oliver Upton (2): KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler Pali Rohár (1): PCI: tegra: Fix reporting GPIO error value Paolo Abeni (1): tcp: factor out __tcp_close() helper Randy Dunlap (1): scsi: jazz_esp: Only build if SCSI core is builtin Ryusuke Konishi (1): nilfs2: replace WARN_ONs for invalid DAT metadata block requests Sabrina Dubroca (1): tls: stop recv() if initial process_rx_list gave us non-DATA Sireesh Kodali (1): arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node Soheil Hassas Yeganeh (1): tcp: return EPOLLOUT from tcp_poll only when notsent_bytes is half the limit Takashi Sakamoto (1): firewire: core: send bus reset promptly on gap count error Tom Parkin (1): l2tp: pass correct message length to ip6_append_data Trek (1): drm/amdgpu: Check for valid number of registers to read Vasiliy Kovalev (2): gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() ipv6: sr: fix possible use-after-free and null-ptr-deref Vidya Sagar (1): PCI/MSI: Prevent MSI hardware interrupt number truncation Vinod Koul (2): dmaengine: shdma: increase size of 'dev_id' dmaengine: fsl-qdma: increase size of 'irq_name' Wolfram Sang (1): packet: move from strlcpy with unused retval to strscpy Xin Long (1): netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new Xu Yang (1): usb: roles: don't get/set_role() when usb_role_switch is unregistered Yi Sun (1): virtio-blk: Ensure no requests in virtqueues before deleting vqs. Zhang Rui (1): hwmon: (coretemp) Enlarge per package core count limit Zhipeng Lu (1): IB/hfi1: Fix a memleak in init_credit_return

2 months, 1 week

1
1
0 0

Linux 4.19.308

by Greg Kroah-Hartman

I'm announcing the release of the 4.19.308 kernel. All users of the 4.19 kernel series must upgrade. The updated 4.19.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.19.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/mach-ep93xx/core.c | 1 arch/s390/pci/pci.c | 2 drivers/ata/ahci.c | 5 drivers/block/virtio_blk.c | 7 drivers/dma/sh/shdma.h | 2 drivers/firewire/core-card.c | 18 drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadow.c | 8 drivers/hwmon/coretemp.c | 2 drivers/infiniband/hw/bnxt_re/ib_verbs.c | 5 drivers/infiniband/hw/hfi1/pio.c | 6 drivers/infiniband/hw/hfi1/sdma.c | 2 drivers/infiniband/ulp/ipoib/ipoib_verbs.c | 2 drivers/infiniband/ulp/iser/iser_verbs.c | 9 drivers/infiniband/ulp/isert/ib_isert.c | 2 drivers/infiniband/ulp/opa_vnic/opa_vnic_vema.c | 3 drivers/infiniband/ulp/srp/ib_srp.c | 10 drivers/infiniband/ulp/srpt/ib_srpt.c | 52 drivers/md/dm-crypt.c | 6 drivers/net/ethernet/stmicro/stmmac/stmmac.h | 2 drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 65 drivers/net/gtp.c | 10 drivers/pci/msi.c | 2 drivers/regulator/pwm-regulator.c | 3 drivers/s390/net/qeth_l3_main.c | 9 drivers/scsi/Kconfig | 2 drivers/soc/renesas/r8a77980-sysc.c | 3 drivers/target/target_core_device.c | 5 drivers/target/target_core_transport.c | 4 drivers/usb/gadget/function/f_ncm.c | 10 drivers/usb/roles/class.c | 12 drivers/video/fbdev/savage/savagefb_driver.c | 3 drivers/video/fbdev/sis/sis_main.c | 2 fs/aio.c | 9 fs/ext4/mballoc.c | 13 fs/nilfs2/dat.c | 27 include/linux/fs.h | 2 include/rdma/rdma_vt.h | 2 kernel/sched/rt.c | 10 kernel/sysctl.c | 5 mm/memcontrol.c | 23 mm/userfaultfd.c | 14 net/ipv6/seg6.c | 20 net/l2tp/l2tp_ip6.c | 2 net/mac80211/sta_info.c | 2 net/mac80211/tx.c | 2 net/packet/af_packet.c | 4 net/sched/Kconfig | 42 net/sched/Makefile | 3 net/sched/sch_atm.c | 708 -------- net/sched/sch_cbq.c | 1823 ---------------------- net/sched/sch_dsmark.c | 519 ------ net/wireless/nl80211.c | 1 scripts/bpf_helpers_doc.py | 157 + virt/kvm/arm/vgic/vgic-its.c | 5 55 files changed, 411 insertions(+), 3258 deletions(-) Aaro Koskinen (1): net: stmmac: fix notifier registration Alexandra Winter (1): s390/qeth: Fix potential loss of L3-IP@ in case of network issues Andrii Nakryiko (2): scripts/bpf: teach bpf_helpers_doc.py to dump BPF helper definitions scripts/bpf: Fix xdp_md forward declaration typo Arnd Bergmann (2): RDMA/srpt: fix function pointer cast warnings nouveau: fix function cast warnings Baokun Li (2): ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Bart Van Assche (3): RDMA/srpt: Support specifying the srpt_service_guid parameter RDMA/srpt: Make debug output more detailed fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio Conrad Kostecki (1): ahci: asm1166: correct count of reported ports Cyril Hrubis (3): sched/rt: Fix sysctl_sched_rr_timeslice intial value sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset sched/rt: Disallow writing invalid values to sched_rt_period_us Daniel Vacek (1): IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Dmitry Bogdanov (1): scsi: target: core: Add TMF to tmr_list handling Felix Fietkau (1): wifi: mac80211: fix race condition on enabling fast-xmit Fullway Wang (2): fbdev: savage: Error out if pixclock equals zero fbdev: sis: Error out if pixclock equals zero GONG, Ruiqi (1): memcg: add refcnt for pcpu stock to avoid UAF problem in drain_all_stock() Geert Uytterhoeven (1): pmdomain: renesas: r8a77980-sysc: CR7 must be always on Gianmarco Lusvardi (1): bpf, scripts: Correct GPL license name Greg Kroah-Hartman (2): stmmac: no need to check return value of debugfs_create functions Linux 4.19.308 Jamal Hadi Salim (3): net/sched: Retire CBQ qdisc net/sched: Retire ATM qdisc net/sched: Retire dsmark qdisc Jason Gunthorpe (2): RDMA/ulp: Use dev_name instead of ibdev->name s390: use the correct count for __iowrite64_copy() Kalesh AP (1): RDMA/bnxt_re: Return error for SRQ resize Krishna Kurapati (1): usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs Lokesh Gidra (1): userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb Martin Blumenstingl (1): regulator: pwm-regulator: Add validity checks in continuous .get_voltage Michal Kazior (1): wifi: cfg80211: fix missing interfaces when dumping Mikulas Patocka (1): dm-crypt: don't modify the data when using authenticated encryption Nikita Shubin (1): ARM: ep93xx: Add terminator to gpiod_lookup_table Oliver Upton (2): KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler Randy Dunlap (1): scsi: jazz_esp: Only build if SCSI core is builtin Roman Gushchin (1): mm: memcontrol: switch to rcu protection in drain_all_stock() Ryusuke Konishi (1): nilfs2: replace WARN_ONs for invalid DAT metadata block requests Takashi Sakamoto (1): firewire: core: send bus reset promptly on gap count error Tom Parkin (1): l2tp: pass correct message length to ip6_append_data Vasiliy Kovalev (2): gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() ipv6: sr: fix possible use-after-free and null-ptr-deref Vidya Sagar (1): PCI/MSI: Prevent MSI hardware interrupt number truncation Vinod Koul (1): dmaengine: shdma: increase size of 'dev_id' Wolfram Sang (1): packet: move from strlcpy with unused retval to strscpy Xu Yang (1): usb: roles: don't get/set_role() when usb_role_switch is unregistered Yi Sun (1): virtio-blk: Ensure no requests in virtqueues before deleting vqs. Zhang Rui (1): hwmon: (coretemp) Enlarge per package core count limit Zhipeng Lu (1): IB/hfi1: Fix a memleak in init_credit_return

2 months, 1 week

1
1
0 0

RE: Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg

by Simon Kirby

Hi, I bisected a regression where reading from a Bluetooth device gets stuck in recvfrom() calls. The device here is a Wii Balance Board, using https://github.com/initialstate/beerfridge/blob/master/wiiboard_test.py; this worked fine in v6.6.1 and v6.6.8, but when I tried on a v6.6.14 build, the script no longer outputs any readings. 1d576c3a5af850bf11fbd103f9ba11aa6d6061fb is the first bad commit which maps to upstream commit 2e07e8348ea454615e268222ae3fc240421be768: Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg With this commit in place, as also in v6.7 and v6.7.6, the script does not output anything _unless_ I strace the process, in which case a bunch of recvmsg() syscalls are shown, and then it hangs again. If I ^C the strace and run it a few times, eventually the script will get enough data and output a reading. If I don't strace the script, a hung task warning appears: INFO: task kworker/u9:1:121 blocked for more than 30 seconds. Not tainted 6.7.6-lemon #183 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u9:1 state:D stack:0 pid:121 tgid:121 ppid:2 flags:0x00004000 Workqueue: hci0 hci_rx_work Call Trace: <TASK> __schedule+0x37d/0xa00 schedule+0x32/0xe0 __lock_sock+0x68/0xa0 ? __pfx_autoremove_wake_function+0x10/0x10 lock_sock_nested+0x43/0x50 l2cap_sock_recv_cb+0x21/0xa0 l2cap_recv_frame+0x55b/0x30a0 ? psi_task_switch+0xeb/0x270 ? finish_task_switch.isra.0+0x93/0x2a0 hci_rx_work+0x33a/0x3f0 process_one_work+0x13a/0x2f0 worker_thread+0x2f0/0x410 ? __pfx_worker_thread+0x10/0x10 kthread+0xe0/0x110 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x2c/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 </TASK> On 6.8-rc6 with lockdep enabled, I get the following output: [ 22.122337] wlan0: associated [ 4547.622339] INFO: task kworker/u9:1:3528 blocked for more than 30 seconds. [ 4547.622530] ===================================================== [ 4547.622531] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 4547.622535] 6.8.0-rc6-lemon #190 Not tainted [ 4547.622538] ----------------------------------------------------- [ 4547.622540] khungtaskd/39 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 4547.622546] ffff888101554cf8 ((work_completion)(&(&ops->cursor_work)->work)){+.+.}-{0:0}, at: __flush_work+0x4b/0x3f0 [ 4547.622569] and this task is already holding: [ 4547.622571] ffffffff8367e600 (console_owner){....}-{0:0}, at: console_flush_all+0x1c9/0x4e0 [ 4547.622586] which would create a new lock dependency: [ 4547.622587] (console_owner){....}-{0:0} -> ((work_completion)(&(&ops->cursor_work)->work)){+.+.}-{0:0} [ 4547.622596] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 4547.622598] (&trans_pcie->irq_lock){+.-.}-{3:3} [ 4547.622601] ... which became SOFTIRQ-irq-safe at: [ 4547.622603] lock_acquire+0xb0/0x280 [ 4547.622611] _raw_spin_lock+0x2b/0x40 [ 4547.622618] iwl_pcie_napi_poll+0x7a/0x130 [ 4547.622627] __napi_poll.constprop.0+0x23/0x1e0 [ 4547.622634] net_rx_action+0x137/0x2a0 [ 4547.622639] __do_softirq+0xc7/0x402 [ 4547.622645] do_softirq+0x42/0xa0 [ 4547.622651] __local_bh_enable_ip+0xb8/0xd0 [ 4547.622657] iwl_pcie_irq_handler+0x539/0xb70 [ 4547.622665] irq_thread_fn+0x1b/0x60 [ 4547.622670] irq_thread+0xe0/0x190 [ 4547.622675] kthread+0xe3/0x120 [ 4547.622679] ret_from_fork+0x2c/0x50 [ 4547.622684] ret_from_fork_asm+0x1b/0x30 [ 4547.622692] to a SOFTIRQ-irq-unsafe lock: [ 4547.622694] ((work_completion)(&(&ops->cursor_work)->work)){+.+.}-{0:0} [ 4547.622698] ... which became SOFTIRQ-irq-unsafe at: [ 4547.622699] ... [ 4547.622700] lock_acquire+0xb0/0x280 [ 4547.622706] process_one_work+0x199/0x480 [ 4547.622713] worker_thread+0x1be/0x3b0 [ 4547.622719] kthread+0xe3/0x120 [ 4547.622722] ret_from_fork+0x2c/0x50 [ 4547.622725] ret_from_fork_asm+0x1b/0x30 [ 4547.622731] other info that might help us debug this: [ 4547.622732] Chain exists of: &trans_pcie->irq_lock --> console_owner --> (work_completion)(&(&ops->cursor_work)->work) [ 4547.622739] Possible interrupt unsafe locking scenario: [ 4547.622741] CPU0 CPU1 [ 4547.622742] ---- ---- [ 4547.622742] lock((work_completion)(&(&ops->cursor_work)->work)); [ 4547.622745] local_irq_disable(); [ 4547.622746] lock(&trans_pcie->irq_lock); [ 4547.622749] lock(console_owner); [ 4547.622751] <Interrupt> [ 4547.622752] lock(&trans_pcie->irq_lock); [ 4547.622754] *** DEADLOCK *** [ 4547.622755] 5 locks held by khungtaskd/39: [ 4547.622759] #0: ffffffff836f14e0 (rcu_read_lock){....}-{1:3}, at: watchdog+0xd8/0x7b0 [ 4547.622778] #1: ffffffff836ee820 (console_lock){+.+.}-{0:0}, at: _printk+0x47/0x50 [ 4547.622789] #2: ffffffff836ee870 (console_srcu){....}-{0:0}, at: console_flush_all+0x74/0x4e0 [ 4547.622800] #3: ffffffff8367e600 (console_owner){....}-{0:0}, at: console_flush_all+0x1c9/0x4e0 [ 4547.622810] #4: ffffffff837d8758 (printing_lock){....}-{3:3}, at: vt_console_print+0x47/0x430 [ 4547.622822] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 4547.622824] -> (&trans_pcie->irq_lock){+.-.}-{3:3} { [ 4547.622830] HARDIRQ-ON-W at: [ 4547.622833] lock_acquire+0xb0/0x280 [ 4547.622839] _raw_spin_lock_bh+0x33/0x40 [ 4547.622845] iwl_trans_pcie_alloc+0x2fd/0x990 [ 4547.622853] iwl_pci_probe+0x28/0x810 [ 4547.622859] pci_device_probe+0x94/0x120 [ 4547.622865] really_probe+0x15e/0x2f0 [ 4547.622872] __driver_probe_device+0x6e/0x110 [ 4547.622878] driver_probe_device+0x1a/0xe0 [ 4547.622884] __driver_attach+0x87/0x190 [ 4547.622890] bus_for_each_dev+0x66/0xb0 [ 4547.622894] bus_add_driver+0xea/0x1f0 [ 4547.622898] driver_register+0x54/0x100 [ 4547.622905] iwl_pci_register_driver+0x1a/0x40 [ 4547.622911] do_one_initcall+0x50/0x250 [ 4547.622918] kernel_init_freeable+0x243/0x3e0 [ 4547.622927] kernel_init+0x15/0x1a0 [ 4547.622931] ret_from_fork+0x2c/0x50 [ 4547.622935] ret_from_fork_asm+0x1b/0x30 [ 4547.622941] IN-SOFTIRQ-W at: [ 4547.622943] lock_acquire+0xb0/0x280 [ 4547.622948] _raw_spin_lock+0x2b/0x40 [ 4547.622953] iwl_pcie_napi_poll+0x7a/0x130 [ 4547.622961] __napi_poll.constprop.0+0x23/0x1e0 [ 4547.622966] net_rx_action+0x137/0x2a0 [ 4547.622971] __do_softirq+0xc7/0x402 [ 4547.622978] do_softirq+0x42/0xa0 [ 4547.622983] __local_bh_enable_ip+0xb8/0xd0 [ 4547.622989] iwl_pcie_irq_handler+0x539/0xb70 [ 4547.622996] irq_thread_fn+0x1b/0x60 [ 4547.623002] irq_thread+0xe0/0x190 [ 4547.623006] kthread+0xe3/0x120 [ 4547.623011] ret_from_fork+0x2c/0x50 [ 4547.623014] ret_from_fork_asm+0x1b/0x30 [ 4547.623020] INITIAL USE at: [ 4547.623022] lock_acquire+0xb0/0x280 [ 4547.623027] _raw_spin_lock_bh+0x33/0x40 [ 4547.623032] iwl_trans_pcie_alloc+0x2fd/0x990 [ 4547.623038] iwl_pci_probe+0x28/0x810 [ 4547.623043] pci_device_probe+0x94/0x120 [ 4547.623047] really_probe+0x15e/0x2f0 [ 4547.623053] __driver_probe_device+0x6e/0x110 [ 4547.623059] driver_probe_device+0x1a/0xe0 [ 4547.623064] __driver_attach+0x87/0x190 [ 4547.623070] bus_for_each_dev+0x66/0xb0 [ 4547.623073] bus_add_driver+0xea/0x1f0 [ 4547.623077] driver_register+0x54/0x100 [ 4547.623084] iwl_pci_register_driver+0x1a/0x40 [ 4547.623090] do_one_initcall+0x50/0x250 [ 4547.623096] kernel_init_freeable+0x243/0x3e0 [ 4547.623103] kernel_init+0x15/0x1a0 [ 4547.623107] ret_from_fork+0x2c/0x50 [ 4547.623110] ret_from_fork_asm+0x1b/0x30 [ 4547.623116] } [ 4547.623118] ... key at: [<ffffffff8502fe90>] __key.20+0x0/0x10 [ 4547.623129] -> (&trans_pcie->reg_lock){+...}-{3:3} { [ 4547.623134] HARDIRQ-ON-W at: [ 4547.623137] lock_acquire+0xb0/0x280 [ 4547.623142] _raw_spin_lock_bh+0x33/0x40 [ 4547.623147] iwl_trans_pcie_set_bits_mask+0x25/0x60 [ 4547.623151] iwl_pcie_set_hw_ready+0x1e/0xa0 [ 4547.623160] iwl_pcie_prepare_card_hw+0x33/0x100 [ 4547.623165] iwl_pci_probe+0x42/0x810 [ 4547.623171] pci_device_probe+0x94/0x120 [ 4547.623175] really_probe+0x15e/0x2f0 [ 4547.623181] __driver_probe_device+0x6e/0x110 [ 4547.623186] driver_probe_device+0x1a/0xe0 [ 4547.623192] __driver_attach+0x87/0x190 [ 4547.623197] bus_for_each_dev+0x66/0xb0 [ 4547.623201] bus_add_driver+0xea/0x1f0 [ 4547.623205] driver_register+0x54/0x100 [ 4547.623211] iwl_pci_register_driver+0x1a/0x40 [ 4547.623217] do_one_initcall+0x50/0x250 [ 4547.623223] kernel_init_freeable+0x243/0x3e0 [ 4547.623229] kernel_init+0x15/0x1a0 [ 4547.623233] ret_from_fork+0x2c/0x50 [ 4547.623236] ret_from_fork_asm+0x1b/0x30 [ 4547.623242] INITIAL USE at: [ 4547.623244] lock_acquire+0xb0/0x280 [ 4547.623249] _raw_spin_lock_bh+0x33/0x40 [ 4547.623254] iwl_trans_pcie_set_bits_mask+0x25/0x60 [ 4547.623257] iwl_pcie_set_hw_ready+0x1e/0xa0 [ 4547.623266] iwl_pcie_prepare_card_hw+0x33/0x100 [ 4547.623271] iwl_pci_probe+0x42/0x810 [ 4547.623277] pci_device_probe+0x94/0x120 [ 4547.623281] really_probe+0x15e/0x2f0 [ 4547.623286] __driver_probe_device+0x6e/0x110 [ 4547.623292] driver_probe_device+0x1a/0xe0 [ 4547.623297] __driver_attach+0x87/0x190 [ 4547.623303] bus_for_each_dev+0x66/0xb0 [ 4547.623306] bus_add_driver+0xea/0x1f0 [ 4547.623310] driver_register+0x54/0x100 [ 4547.623316] iwl_pci_register_driver+0x1a/0x40 [ 4547.623323] do_one_initcall+0x50/0x250 [ 4547.623328] kernel_init_freeable+0x243/0x3e0 [ 4547.623334] kernel_init+0x15/0x1a0 [ 4547.623338] ret_from_fork+0x2c/0x50 [ 4547.623342] ret_from_fork_asm+0x1b/0x30 [ 4547.623347] } [ 4547.623348] ... key at: [<ffffffff8502fe80>] __key.19+0x0/0x10 [ 4547.623358] ... acquired at: [ 4547.623359] _raw_spin_lock_bh+0x33/0x40 [ 4547.623364] iwl_trans_pcie_set_bits_mask+0x25/0x60 [ 4547.623368] iwl_pcie_apm_init+0x6e/0x1c0 [ 4547.623372] iwl_trans_pcie_start_fw+0x224/0x670 [ 4547.623377] iwl_mvm_load_ucode_wait_alive+0xd3/0x5a0 [ 4547.623383] iwl_run_init_mvm_ucode+0x8c/0x3a0 [ 4547.623387] iwl_mvm_start_get_nvm+0x87/0x210 [ 4547.623393] iwl_op_mode_mvm_start+0x962/0xb30 [ 4547.623399] _iwl_op_mode_start.isra.0+0x72/0xb0 [ 4547.623403] iwl_opmode_register+0x6a/0xe0 [ 4547.623408] iwl_mvm_init+0x21/0x60 [ 4547.623413] do_one_initcall+0x50/0x250 [ 4547.623419] kernel_init_freeable+0x243/0x3e0 [ 4547.623425] kernel_init+0x15/0x1a0 [ 4547.623429] ret_from_fork+0x2c/0x50 [ 4547.623432] ret_from_fork_asm+0x1b/0x30 [ 4547.623441] -> (console_owner){....}-{0:0} { [ 4547.623446] INITIAL USE at: [ 4547.623452] lock_acquire+0xb0/0x280 [ 4547.623457] console_flush_all+0x1f2/0x4e0 [ 4547.623463] console_unlock+0x33/0x110 [ 4547.623469] vprintk_emit+0x9f/0x320 [ 4547.623475] _printk+0x47/0x50 [ 4547.623479] register_console+0x34b/0x4d0 [ 4547.623485] con_init+0x200/0x270 [ 4547.623494] console_init+0x4a/0x1e0 [ 4547.623504] start_kernel+0x2b9/0x660 [ 4547.623510] x86_64_start_reservations+0x18/0x30 [ 4547.623517] x86_64_start_kernel+0xad/0xc0 [ 4547.623522] secondary_startup_64_no_verify+0x170/0x17b [ 4547.623528] } [ 4547.623529] ... key at: [<ffffffff8367e600>] console_owner_dep_map+0x0/0x28 [ 4547.623538] ... acquired at: [ 4547.623540] console_flush_all+0x1f2/0x4e0 [ 4547.623545] console_unlock+0x33/0x110 [ 4547.623551] vprintk_emit+0x9f/0x320 [ 4547.623557] dev_vprintk_emit+0xce/0x160 [ 4547.623562] dev_printk_emit+0x3d/0x50 [ 4547.623566] _dev_info+0x5b/0x70 [ 4547.623572] __iwl_info+0x58/0x60 [ 4547.623576] iwl_pci_probe+0x11c/0x810 [ 4547.623582] pci_device_probe+0x94/0x120 [ 4547.623587] really_probe+0x15e/0x2f0 [ 4547.623592] __driver_probe_device+0x6e/0x110 [ 4547.623598] driver_probe_device+0x1a/0xe0 [ 4547.623603] __driver_attach+0x87/0x190 [ 4547.623609] bus_for_each_dev+0x66/0xb0 [ 4547.623612] bus_add_driver+0xea/0x1f0 [ 4547.623616] driver_register+0x54/0x100 [ 4547.623622] iwl_pci_register_driver+0x1a/0x40 [ 4547.623629] do_one_initcall+0x50/0x250 [ 4547.623634] kernel_init_freeable+0x243/0x3e0 [ 4547.623640] kernel_init+0x15/0x1a0 [ 4547.623644] ret_from_fork+0x2c/0x50 [ 4547.623648] ret_from_fork_asm+0x1b/0x30 [ 4547.623654] the dependencies between the lock to be acquired [ 4547.623655] and SOFTIRQ-irq-unsafe lock: [ 4547.623665] -> ((work_completion)(&(&ops->cursor_work)->work)){+.+.}-{0:0} { [ 4547.623670] HARDIRQ-ON-W at: [ 4547.623672] lock_acquire+0xb0/0x280 [ 4547.623677] process_one_work+0x199/0x480 [ 4547.623684] worker_thread+0x1be/0x3b0 [ 4547.623690] kthread+0xe3/0x120 [ 4547.623694] ret_from_fork+0x2c/0x50 [ 4547.623698] ret_from_fork_asm+0x1b/0x30 [ 4547.623704] SOFTIRQ-ON-W at: [ 4547.623705] lock_acquire+0xb0/0x280 [ 4547.623710] process_one_work+0x199/0x480 [ 4547.623716] worker_thread+0x1be/0x3b0 [ 4547.623722] kthread+0xe3/0x120 [ 4547.623725] ret_from_fork+0x2c/0x50 [ 4547.623729] ret_from_fork_asm+0x1b/0x30 [ 4547.623734] INITIAL USE at: [ 4547.623736] lock_acquire+0xb0/0x280 [ 4547.623741] process_one_work+0x199/0x480 [ 4547.623747] worker_thread+0x1be/0x3b0 [ 4547.623753] kthread+0xe3/0x120 [ 4547.623757] ret_from_fork+0x2c/0x50 [ 4547.623760] ret_from_fork_asm+0x1b/0x30 [ 4547.623766] } [ 4547.623767] ... key at: [<ffffffff850211b0>] __key.1+0x0/0x10 [ 4547.623775] ... acquired at: [ 4547.623777] lock_acquire+0xb0/0x280 [ 4547.623781] __flush_work+0x56/0x3f0 [ 4547.623789] __cancel_work_timer+0xd3/0x160 [ 4547.623796] fbcon_cursor+0x138/0x170 [ 4547.623802] hide_cursor+0x26/0xc0 [ 4547.623807] vt_console_print+0x41e/0x430 [ 4547.623814] console_flush_all+0x206/0x4e0 [ 4547.623820] console_unlock+0x33/0x110 [ 4547.623825] vprintk_emit+0x9f/0x320 [ 4547.623831] _printk+0x47/0x50 [ 4547.623834] watchdog+0x53a/0x7b0 [ 4547.623838] kthread+0xe3/0x120 [ 4547.623841] ret_from_fork+0x2c/0x50 [ 4547.623845] ret_from_fork_asm+0x1b/0x30 [ 4547.623851] stack backtrace: [ 4547.623854] CPU: 2 PID: 39 Comm: khungtaskd Not tainted 6.8.0-rc6-lemon #190 [ 4547.623860] Hardware name: LENOVO 80MK/VIUU4, BIOS C6CN29WW 09/02/2015 [ 4547.623862] Call Trace: [ 4547.623865] <TASK> [ 4547.623867] dump_stack_lvl+0x4a/0x80 [ 4547.623879] check_irq_usage+0x8aa/0xb10 [ 4547.623886] ? check_path.constprop.0+0x24/0x50 [ 4547.623896] ? check_noncircular+0x6d/0x120 [ 4547.623902] ? __lock_acquire+0x146a/0x25c0 [ 4547.623907] __lock_acquire+0x146a/0x25c0 [ 4547.623913] lock_acquire+0xb0/0x280 [ 4547.623918] ? __flush_work+0x4b/0x3f0 [ 4547.623925] ? __flush_work+0x4b/0x3f0 [ 4547.623932] __flush_work+0x56/0x3f0 [ 4547.623939] ? __flush_work+0x4b/0x3f0 [ 4547.623946] ? __lock_acquire+0x3ef/0x25c0 [ 4547.623952] __cancel_work_timer+0xd3/0x160 [ 4547.623960] fbcon_cursor+0x138/0x170 [ 4547.623965] hide_cursor+0x26/0xc0 [ 4547.623971] vt_console_print+0x41e/0x430 [ 4547.623977] ? lock_release+0xb5/0x230 [ 4547.623982] ? console_flush_all+0x1c9/0x4e0 [ 4547.623988] console_flush_all+0x206/0x4e0 [ 4547.623994] ? console_flush_all+0x1c9/0x4e0 [ 4547.624001] console_unlock+0x33/0x110 [ 4547.624007] vprintk_emit+0x9f/0x320 [ 4547.624013] _printk+0x47/0x50 [ 4547.624017] watchdog+0x53a/0x7b0 [ 4547.624021] ? __pfx_watchdog+0x10/0x10 [ 4547.624025] kthread+0xe3/0x120 [ 4547.624029] ? __pfx_kthread+0x10/0x10 [ 4547.624033] ret_from_fork+0x2c/0x50 [ 4547.624037] ? __pfx_kthread+0x10/0x10 [ 4547.624041] ret_from_fork_asm+0x1b/0x30 [ 4547.624049] </TASK> [ 4548.028173] Not tainted 6.8.0-rc6-lemon #190 [ 4548.029491] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 4548.031047] task:kworker/u9:1 state:D stack:0 pid:3528 tgid:3528 ppid:2 flags:0x00004000 [ 4548.032620] Workqueue: hci0 hci_rx_work [ 4548.034099] Call Trace: [ 4548.035572] <TASK> [ 4548.036925] __schedule+0x427/0xd10 [ 4548.038382] ? schedule+0xf7/0x140 [ 4548.039822] schedule+0x45/0x140 [ 4548.041201] __lock_sock+0x86/0xf0 [ 4548.042601] ? __pfx_autoremove_wake_function+0x10/0x10 [ 4548.044030] lock_sock_nested+0x61/0x70 [ 4548.045390] l2cap_sock_recv_cb+0x21/0xa0 [ 4548.046842] l2cap_recv_frame+0x5be/0x2e70 [ 4548.048283] ? hci_rx_work+0x431/0x830 [ 4548.049701] ? lock_release+0xb5/0x230 [ 4548.051145] ? __mutex_unlock_slowpath+0x25/0x270 [ 4548.052524] hci_rx_work+0x457/0x830 [ 4548.053945] ? process_one_work+0x157/0x480 [ 4548.055460] process_one_work+0x1ca/0x480 [ 4548.056862] worker_thread+0x1be/0x3b0 [ 4548.058281] ? __pfx_worker_thread+0x10/0x10 [ 4548.059783] kthread+0xe3/0x120 [ 4548.061141] ? __pfx_kthread+0x10/0x10 [ 4548.062600] ret_from_fork+0x2c/0x50 [ 4548.064064] ? __pfx_kthread+0x10/0x10 [ 4548.065436] ret_from_fork_asm+0x1b/0x30 [ 4548.066867] </TASK> [ 4548.068313] INFO: lockdep is turned off. # cat /proc/3526/stack [<0>] __skb_wait_for_more_packets+0xfa/0x150 [<0>] __skb_recv_datagram+0x59/0xa0 [<0>] skb_recv_datagram+0x29/0x40 [<0>] bt_sock_recvmsg+0x42/0x1c0 [<0>] l2cap_sock_recvmsg+0x5d/0x170 [<0>] __sys_recvfrom+0x14e/0x160 [<0>] __x64_sys_recvfrom+0x1f/0x30 [<0>] do_syscall_64+0x75/0x150 [<0>] entry_SYSCALL_64_after_hwframe+0x6e/0x76 This is on my laptop with iwlwifi, but at first I saw it on my desktop with Ethernet (and Intel 9260 Bluetooth). I can get another lockdep capture if that would be helpful. Simon-

2 months, 1 week

3
3
0 0

[PATCH v2] PM: suspend: Set mem_sleep_current during kernel command line setup

by Maulik Shah

psci_init_system_suspend() invokes suspend_set_ops() very early during bootup even before kernel command line for mem_sleep_default is setup. This leads to kernel command line mem_sleep_default=s2idle not working as mem_sleep_current gets changed to deep via suspend_set_ops() and never changes back to s2idle. Set mem_sleep_current along with mem_sleep_default during kernel command line setup as default suspend mode. Fixes: faf7ec4a92c0 ("drivers: firmware: psci: add system suspend support") CC: stable(a)vger.kernel.org # 5.4+ Signed-off-by: Maulik Shah <quic_mkshah(a)quicinc.com> --- Changes in v2: - Set mem_sleep_current during mem_sleep_default kernel command line setup - Update commit message accordingly - Retain Fixes: tag - Link to v1: https://lore.kernel.org/r/20240219-suspend_ops_late_init-v1-1-6330ca9597fa@… --- kernel/power/suspend.c | 1 + 1 file changed, 1 insertion(+) diff --git a/kernel/power/suspend.c b/kernel/power/suspend.c index 742eb26618cc..e3ae93bbcb9b 100644 --- a/kernel/power/suspend.c +++ b/kernel/power/suspend.c @@ -192,6 +192,7 @@ static int __init mem_sleep_default_setup(char *str) if (mem_sleep_labels[state] && !strcmp(str, mem_sleep_labels[state])) { mem_sleep_default = state; + mem_sleep_current = state; break; } --- base-commit: d37e1e4c52bc60578969f391fb81f947c3e83118 change-id: 20240219-suspend_ops_late_init-27fb0b15baee Best regards, -- Maulik Shah <quic_mkshah(a)quicinc.com>

2 months, 1 week

3
2
0 0

[PATCH] ubi: eba: properly rollback inside self_check_eba

by Fedor Pchelkin

In case of a memory allocation failure in the volumes loop we can only process the already allocated scan_eba and fm_eba array elements on the error path - others are still uninitialized. Found by Linux Verification Center (linuxtesting.org). Fixes: 00abf3041590 ("UBI: Add self_check_eba()") Cc: stable(a)vger.kernel.org Signed-off-by: Fedor Pchelkin <pchelkin(a)ispras.ru> --- drivers/mtd/ubi/eba.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/mtd/ubi/eba.c b/drivers/mtd/ubi/eba.c index 8d1f0e05892c..6f5eadb1598d 100644 --- a/drivers/mtd/ubi/eba.c +++ b/drivers/mtd/ubi/eba.c @@ -1557,6 +1557,7 @@ int self_check_eba(struct ubi_device *ubi, struct ubi_attach_info *ai_fastmap, GFP_KERNEL); if (!fm_eba[i]) { ret = -ENOMEM; + kfree(scan_eba[i]); goto out_free; } @@ -1592,7 +1593,7 @@ int self_check_eba(struct ubi_device *ubi, struct ubi_attach_info *ai_fastmap, } out_free: - for (i = 0; i < num_volumes; i++) { + while (--i >= 0) { if (!ubi->volumes[i]) continue; -- 2.43.2

2 months, 1 week

2
1
0 0

[PATCH 4.19.y 8/9] loop: Check for overflow while configuring loop

by Genjian

From: Siddh Raman Pant <code(a)siddh.me> [ Upstream commit c490a0b5a4f36da3918181a8acdc6991d967c5f3 ] The userspace can configure a loop using an ioctl call, wherein a configuration of type loop_config is passed (see lo_ioctl()'s case on line 1550 of drivers/block/loop.c). This proceeds to call loop_configure() which in turn calls loop_set_status_from_info() (see line 1050 of loop.c), passing &config->info which is of type loop_info64*. This function then sets the appropriate values, like the offset. loop_device has lo_offset of type loff_t (see line 52 of loop.c), which is typdef-chained to long long, whereas loop_info64 has lo_offset of type __u64 (see line 56 of include/uapi/linux/loop.h). The function directly copies offset from info to the device as follows (See line 980 of loop.c): lo->lo_offset = info->lo_offset; This results in an overflow, which triggers a warning in iomap_iter() due to a call to iomap_iter_done() which has: WARN_ON_ONCE(iter->iomap.offset > iter->pos); Thus, check for negative value during loop_set_status_from_info(). Bug report: https://syzkaller.appspot.com/bug?id=c620fe14aac810396d3c3edc9ad73848bf69a2… Reported-and-tested-by: syzbot+a8e049cd3abd342936b6(a)syzkaller.appspotmail.com Cc: stable(a)vger.kernel.org Reviewed-by: Matthew Wilcox (Oracle) <willy(a)infradead.org> Signed-off-by: Siddh Raman Pant <code(a)siddh.me> Reviewed-by: Christoph Hellwig <hch(a)lst.de> Link: https://lore.kernel.org/r/20220823160810.181275-1-code@siddh.me Signed-off-by: Jens Axboe <axboe(a)kernel.dk> Signed-off-by: Genjian Zhang <zhanggenjian(a)kylinos.cn> --- drivers/block/loop.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/block/loop.c b/drivers/block/loop.c index 0fefd21f0c71..c1caa3e2355f 100644 --- a/drivers/block/loop.c +++ b/drivers/block/loop.c @@ -1271,6 +1271,11 @@ loop_set_status_from_info(struct loop_device *lo, lo->lo_offset = info->lo_offset; lo->lo_sizelimit = info->lo_sizelimit; + + /* loff_t vars have been assigned __u64 */ + if (lo->lo_offset < 0 || lo->lo_sizelimit < 0) + return -EOVERFLOW; + memcpy(lo->lo_file_name, info->lo_file_name, LO_NAME_SIZE); memcpy(lo->lo_crypt_name, info->lo_crypt_name, LO_NAME_SIZE); lo->lo_file_name[LO_NAME_SIZE-1] = 0; -- 2.25.1

2 months, 1 week

1
0
0 0

GET BACK TO ME

by Hala Farooq Almoayyed

2 months, 1 week

1
0
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror March 2024