July 2024 - Linux-stable-mirror

[PATCH AUTOSEL 5.15 1/6] fs: remove accidental overflow during wraparound check

by Sasha Levin

From: Justin Stitt <justinstitt(a)google.com> [ Upstream commit 23cc6ef6fd453b13502caae23130844e7d6ed0fe ] Running syzkaller with the newly enabled signed integer overflow sanitizer produces this report: [ 195.401651] ------------[ cut here ]------------ [ 195.404808] UBSAN: signed-integer-overflow in ../fs/open.c:321:15 [ 195.408739] 9223372036854775807 + 562984447377399 cannot be represented in type 'loff_t' (aka 'long long') [ 195.414683] CPU: 1 PID: 703 Comm: syz-executor.0 Not tainted 6.8.0-rc2-00039-g14de58dbe653-dirty #11 [ 195.420138] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 195.425804] Call Trace: [ 195.427360] <TASK> [ 195.428791] dump_stack_lvl+0x93/0xd0 [ 195.431150] handle_overflow+0x171/0x1b0 [ 195.433640] vfs_fallocate+0x459/0x4f0 ... [ 195.490053] ------------[ cut here ]------------ [ 195.493146] UBSAN: signed-integer-overflow in ../fs/open.c:321:61 [ 195.497030] 9223372036854775807 + 562984447377399 cannot be represented in type 'loff_t' (aka 'long long) [ 195.502940] CPU: 1 PID: 703 Comm: syz-executor.0 Not tainted 6.8.0-rc2-00039-g14de58dbe653-dirty #11 [ 195.508395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 195.514075] Call Trace: [ 195.515636] <TASK> [ 195.517000] dump_stack_lvl+0x93/0xd0 [ 195.519255] handle_overflow+0x171/0x1b0 [ 195.521677] vfs_fallocate+0x4cb/0x4f0 [ 195.524033] __x64_sys_fallocate+0xb2/0xf0 Historically, the signed integer overflow sanitizer did not work in the kernel due to its interaction with `-fwrapv` but this has since been changed [1] in the newest version of Clang. It was re-enabled in the kernel with Commit 557f8c582a9ba8ab ("ubsan: Reintroduce signed overflow sanitizer"). Let's use the check_add_overflow helper to first verify the addition stays within the bounds of its type (long long); then we can use that sum for the following check. Link: https://github.com/llvm/llvm-project/pull/82432 [1] Closes: https://github.com/KSPP/linux/issues/356 Cc: linux-hardening(a)vger.kernel.org Reviewed-by: Kees Cook <keescook(a)chromium.org> Signed-off-by: Justin Stitt <justinstitt(a)google.com> Link: https://lore.kernel.org/r/20240513-b4-sio-vfs_fallocate-v2-1-db415872fb16@g… Reviewed-by: Jan Kara <jack(a)suse.cz> Signed-off-by: Christian Brauner <brauner(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- fs/open.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/fs/open.c b/fs/open.c index 97932af49071a..73d864636ae57 100644 --- a/fs/open.c +++ b/fs/open.c @@ -229,6 +229,7 @@ int vfs_fallocate(struct file *file, int mode, loff_t offset, loff_t len) { struct inode *inode = file_inode(file); long ret; + loff_t sum; if (offset < 0 || len <= 0) return -EINVAL; @@ -297,8 +298,11 @@ int vfs_fallocate(struct file *file, int mode, loff_t offset, loff_t len) if (!S_ISREG(inode->i_mode) && !S_ISBLK(inode->i_mode)) return -ENODEV; - /* Check for wrap through zero too */ - if (((offset + len) > inode->i_sb->s_maxbytes) || ((offset + len) < 0)) + /* Check for wraparound */ + if (check_add_overflow(offset, len, &sum)) + return -EFBIG; + + if (sum > inode->i_sb->s_maxbytes) return -EFBIG; if (!file->f_op->fallocate) -- 2.43.0

3 months, 2 weeks

1
5
0 0

[PATCH AUTOSEL 6.1 1/8] fs: remove accidental overflow during wraparound check

by Sasha Levin

From: Justin Stitt <justinstitt(a)google.com> [ Upstream commit 23cc6ef6fd453b13502caae23130844e7d6ed0fe ] Running syzkaller with the newly enabled signed integer overflow sanitizer produces this report: [ 195.401651] ------------[ cut here ]------------ [ 195.404808] UBSAN: signed-integer-overflow in ../fs/open.c:321:15 [ 195.408739] 9223372036854775807 + 562984447377399 cannot be represented in type 'loff_t' (aka 'long long') [ 195.414683] CPU: 1 PID: 703 Comm: syz-executor.0 Not tainted 6.8.0-rc2-00039-g14de58dbe653-dirty #11 [ 195.420138] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 195.425804] Call Trace: [ 195.427360] <TASK> [ 195.428791] dump_stack_lvl+0x93/0xd0 [ 195.431150] handle_overflow+0x171/0x1b0 [ 195.433640] vfs_fallocate+0x459/0x4f0 ... [ 195.490053] ------------[ cut here ]------------ [ 195.493146] UBSAN: signed-integer-overflow in ../fs/open.c:321:61 [ 195.497030] 9223372036854775807 + 562984447377399 cannot be represented in type 'loff_t' (aka 'long long) [ 195.502940] CPU: 1 PID: 703 Comm: syz-executor.0 Not tainted 6.8.0-rc2-00039-g14de58dbe653-dirty #11 [ 195.508395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 195.514075] Call Trace: [ 195.515636] <TASK> [ 195.517000] dump_stack_lvl+0x93/0xd0 [ 195.519255] handle_overflow+0x171/0x1b0 [ 195.521677] vfs_fallocate+0x4cb/0x4f0 [ 195.524033] __x64_sys_fallocate+0xb2/0xf0 Historically, the signed integer overflow sanitizer did not work in the kernel due to its interaction with `-fwrapv` but this has since been changed [1] in the newest version of Clang. It was re-enabled in the kernel with Commit 557f8c582a9ba8ab ("ubsan: Reintroduce signed overflow sanitizer"). Let's use the check_add_overflow helper to first verify the addition stays within the bounds of its type (long long); then we can use that sum for the following check. Link: https://github.com/llvm/llvm-project/pull/82432 [1] Closes: https://github.com/KSPP/linux/issues/356 Cc: linux-hardening(a)vger.kernel.org Reviewed-by: Kees Cook <keescook(a)chromium.org> Signed-off-by: Justin Stitt <justinstitt(a)google.com> Link: https://lore.kernel.org/r/20240513-b4-sio-vfs_fallocate-v2-1-db415872fb16@g… Reviewed-by: Jan Kara <jack(a)suse.cz> Signed-off-by: Christian Brauner <brauner(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- fs/open.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/fs/open.c b/fs/open.c index 0d63c94e1c5e6..dd68725cd7247 100644 --- a/fs/open.c +++ b/fs/open.c @@ -244,6 +244,7 @@ int vfs_fallocate(struct file *file, int mode, loff_t offset, loff_t len) { struct inode *inode = file_inode(file); long ret; + loff_t sum; if (offset < 0 || len <= 0) return -EINVAL; @@ -312,8 +313,11 @@ int vfs_fallocate(struct file *file, int mode, loff_t offset, loff_t len) if (!S_ISREG(inode->i_mode) && !S_ISBLK(inode->i_mode)) return -ENODEV; - /* Check for wrap through zero too */ - if (((offset + len) > inode->i_sb->s_maxbytes) || ((offset + len) < 0)) + /* Check for wraparound */ + if (check_add_overflow(offset, len, &sum)) + return -EFBIG; + + if (sum > inode->i_sb->s_maxbytes) return -EFBIG; if (!file->f_op->fallocate) -- 2.43.0

3 months, 2 weeks

1
7
0 0

[PATCH AUTOSEL 6.6 1/9] fs: remove accidental overflow during wraparound check

by Sasha Levin

From: Justin Stitt <justinstitt(a)google.com> [ Upstream commit 23cc6ef6fd453b13502caae23130844e7d6ed0fe ] Running syzkaller with the newly enabled signed integer overflow sanitizer produces this report: [ 195.401651] ------------[ cut here ]------------ [ 195.404808] UBSAN: signed-integer-overflow in ../fs/open.c:321:15 [ 195.408739] 9223372036854775807 + 562984447377399 cannot be represented in type 'loff_t' (aka 'long long') [ 195.414683] CPU: 1 PID: 703 Comm: syz-executor.0 Not tainted 6.8.0-rc2-00039-g14de58dbe653-dirty #11 [ 195.420138] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 195.425804] Call Trace: [ 195.427360] <TASK> [ 195.428791] dump_stack_lvl+0x93/0xd0 [ 195.431150] handle_overflow+0x171/0x1b0 [ 195.433640] vfs_fallocate+0x459/0x4f0 ... [ 195.490053] ------------[ cut here ]------------ [ 195.493146] UBSAN: signed-integer-overflow in ../fs/open.c:321:61 [ 195.497030] 9223372036854775807 + 562984447377399 cannot be represented in type 'loff_t' (aka 'long long) [ 195.502940] CPU: 1 PID: 703 Comm: syz-executor.0 Not tainted 6.8.0-rc2-00039-g14de58dbe653-dirty #11 [ 195.508395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 195.514075] Call Trace: [ 195.515636] <TASK> [ 195.517000] dump_stack_lvl+0x93/0xd0 [ 195.519255] handle_overflow+0x171/0x1b0 [ 195.521677] vfs_fallocate+0x4cb/0x4f0 [ 195.524033] __x64_sys_fallocate+0xb2/0xf0 Historically, the signed integer overflow sanitizer did not work in the kernel due to its interaction with `-fwrapv` but this has since been changed [1] in the newest version of Clang. It was re-enabled in the kernel with Commit 557f8c582a9ba8ab ("ubsan: Reintroduce signed overflow sanitizer"). Let's use the check_add_overflow helper to first verify the addition stays within the bounds of its type (long long); then we can use that sum for the following check. Link: https://github.com/llvm/llvm-project/pull/82432 [1] Closes: https://github.com/KSPP/linux/issues/356 Cc: linux-hardening(a)vger.kernel.org Reviewed-by: Kees Cook <keescook(a)chromium.org> Signed-off-by: Justin Stitt <justinstitt(a)google.com> Link: https://lore.kernel.org/r/20240513-b4-sio-vfs_fallocate-v2-1-db415872fb16@g… Reviewed-by: Jan Kara <jack(a)suse.cz> Signed-off-by: Christian Brauner <brauner(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- fs/open.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/fs/open.c b/fs/open.c index 59db720693f9a..61f0b733ad962 100644 --- a/fs/open.c +++ b/fs/open.c @@ -245,6 +245,7 @@ int vfs_fallocate(struct file *file, int mode, loff_t offset, loff_t len) { struct inode *inode = file_inode(file); long ret; + loff_t sum; if (offset < 0 || len <= 0) return -EINVAL; @@ -313,8 +314,11 @@ int vfs_fallocate(struct file *file, int mode, loff_t offset, loff_t len) if (!S_ISREG(inode->i_mode) && !S_ISBLK(inode->i_mode)) return -ENODEV; - /* Check for wrap through zero too */ - if (((offset + len) > inode->i_sb->s_maxbytes) || ((offset + len) < 0)) + /* Check for wraparound */ + if (check_add_overflow(offset, len, &sum)) + return -EFBIG; + + if (sum > inode->i_sb->s_maxbytes) return -EFBIG; if (!file->f_op->fallocate) -- 2.43.0

3 months, 2 weeks

1
8
0 0

[PATCH v2] Bluetooth: hci_core: fix suspicious RCU usage in hci_conn_drop()

by Yunseong Kim

Protection from the queuing operation is achieved with an RCU read lock to avoid calling 'queue_delayed_work()' after 'cancel_delayed_work()', but this does not apply to 'hci_conn_drop()'. commit deee93d13d38 ("Bluetooth: use hdev->workqueue when queuing hdev->{cmd,ncmd}_timer works") The situation described raises concerns about suspicious RCU usage in a corrupted context. CPU 1 CPU 2 hci_dev_do_reset() synchronize_rcu() hci_conn_drop() drain_workqueue() <-- no RCU read protection during queuing. --> queue_delayed_work() It displays a warning message like the following Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 ============================= WARNING: suspicious RCU usage 6.10.0-rc6-01340-gf14c0bb78769 #5 Not tainted ----------------------------- net/mac80211/util.c:4000 RCU-list traversed in non-reader section!! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 2 locks held by syz-executor/798: #0: ffff800089a3de50 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x28/0x40 net/core/rtnetlink.c:79 stack backtrace: CPU: 0 PID: 798 Comm: syz-executor Not tainted 6.10.0-rc6-01340-gf14c0bb78769 #5 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace.part.0+0x1b8/0x1d0 arch/arm64/kernel/stacktrace.c:317 dump_backtrace arch/arm64/kernel/stacktrace.c:323 [inline] show_stack+0x34/0x50 arch/arm64/kernel/stacktrace.c:324 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xf0/0x170 lib/dump_stack.c:114 dump_stack+0x20/0x30 lib/dump_stack.c:123 lockdep_rcu_suspicious+0x204/0x2f8 kernel/locking/lockdep.c:6712 ieee80211_check_combinations+0x71c/0x828 [mac80211] ieee80211_check_concurrent_iface+0x494/0x700 [mac80211] ieee80211_open+0x140/0x238 [mac80211] __dev_open+0x270/0x498 net/core/dev.c:1474 __dev_change_flags+0x47c/0x610 net/core/dev.c:8837 dev_change_flags+0x98/0x170 net/core/dev.c:8909 devinet_ioctl+0xdf0/0x18d0 net/ipv4/devinet.c:1177 inet_ioctl+0x34c/0x388 net/ipv4/af_inet.c:1003 sock_do_ioctl+0xe4/0x240 net/socket.c:1222 sock_ioctl+0x4cc/0x740 net/socket.c:1341 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl fs/ioctl.c:893 [inline] __arm64_sys_ioctl+0x184/0x218 fs/ioctl.c:893 __invoke_syscall arch/arm64/kernel/syscall.c:34 [inline] invoke_syscall+0x90/0x2e8 arch/arm64/kernel/syscall.c:48 el0_svc_common.constprop.0+0x200/0x2a8 arch/arm64/kernel/syscall.c:131 el0_svc+0x48/0xc0 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x120/0x130 arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x198 arch/arm64/kernel/entry.S:598 This patch attempts to fix that issue with the same convention. Cc: stable(a)vger.kernel.org # v6.1+ Fixes: deee93d13d38 ("Bluetooth: use hdev->workqueue when queuing hdev->{cmd,ncmd}_timer works") Signed-off-by: Yeoreum Yun <yeoreum.yun(a)arm.com> Tested-by: Yunseong Kim <yskelg(a)gmail.com> Signed-off-by: Yunseong Kim <yskelg(a)gmail.com> --- include/net/bluetooth/hci_core.h | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h index 31020891fc68..111509dc1a23 100644 --- a/include/net/bluetooth/hci_core.h +++ b/include/net/bluetooth/hci_core.h @@ -1572,8 +1572,13 @@ static inline void hci_conn_drop(struct hci_conn *conn) } cancel_delayed_work(&conn->disc_work); - queue_delayed_work(conn->hdev->workqueue, - &conn->disc_work, timeo); + + rcu_read_lock(); + if (!hci_dev_test_flag(conn->hdev, HCI_CMD_DRAIN_WORKQUEUE)) { + queue_delayed_work(conn->hdev->workqueue, + &conn->disc_work, timeo); + } + rcu_read_unlock(); } } -- 2.45.2

3 months, 2 weeks

2
2
0 0

[REGRESSION] Brightness at max level after waking up from sleep on AMD Laptop

by serg.partizan＠gmail.com

Hello, After updating from 6.8.9 to 6.9.1 I noticed a bug on my HP Envy x360 with AMD Ryzen 5 4500U. #regzbot introduced: v6.8.9..v6.9.1 After waking up from sleep brightness is set to max level, ignoring previous value. With the help of Arch Linux team, we was able to track bad commit to this: https://gitlab.freedesktop.org/agd5f/linux/-/commit/63d0b87213a0ba241b3fcfb… I have tested this on latest mainline kernel: Results after waking up: > cat /sys/class/backlight/amdgpu_bl1/{brightness,actual_brightness} 12 252 Then, on exact this commit (63d0b87213a0ba241b3fcfba3fe7b0aed0cd1cc5), result is the same. Then, on commit just before this one (aeaf3e6cf842): > cat /sys/class/backlight/amdgpu_bl1/{brightness,actual_brightness} 12 12 I hope I included all relevant information, more info can be found here: https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/issues/52

3 months, 2 weeks

1
0
0 0

Linux 6.10.2

by Greg Kroah-Hartman

I'm announcing the release of the 6.10.2 kernel. All users of the 6.10 kernel series must upgrade. The updated 6.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 - arch/arm64/boot/dts/qcom/ipq6018.dtsi | 1 arch/arm64/boot/dts/qcom/ipq8074.dtsi | 2 + arch/arm64/boot/dts/qcom/msm8996.dtsi | 1 arch/arm64/boot/dts/qcom/msm8998.dtsi | 1 arch/arm64/boot/dts/qcom/qrb2210-rb1.dts | 13 +++++++- arch/arm64/boot/dts/qcom/qrb4210-rb2.dts | 13 +++++++- arch/arm64/boot/dts/qcom/sc7180.dtsi | 1 arch/arm64/boot/dts/qcom/sc7280.dtsi | 1 arch/arm64/boot/dts/qcom/sdm630.dtsi | 1 arch/arm64/boot/dts/qcom/sdm845.dtsi | 2 + arch/arm64/boot/dts/qcom/sm6115.dtsi | 1 arch/arm64/boot/dts/qcom/sm6350.dtsi | 1 arch/arm64/boot/dts/qcom/x1e80100-crd.dts | 17 ++++++++--- arch/arm64/boot/dts/qcom/x1e80100-qcp.dts | 17 ++++++++--- arch/s390/mm/fault.c | 3 + drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c | 2 - drivers/net/tap.c | 5 +++ drivers/net/tun.c | 3 + drivers/usb/gadget/function/f_midi2.c | 19 +++++++----- fs/jfs/xattr.c | 23 ++++++++++++--- fs/locks.c | 9 ++--- fs/ntfs3/fslog.c | 44 ++++++++++++++++++++++++---- fs/ocfs2/dir.c | 46 ++++++++++++++++++------------ sound/core/pcm_dmaengine.c | 6 +++ sound/core/seq/seq_ump_client.c | 16 ++++++++++ sound/pci/hda/patch_realtek.c | 3 + 27 files changed, 198 insertions(+), 55 deletions(-) Abel Vesa (4): arm64: dts: qcom: x1e80100-qcp: Fix USB PHYs regulators arm64: dts: qcom: x1e80100-crd: Fix the PHY regulator for PCIe 6a arm64: dts: qcom: x1e80100-qcp: Fix the PHY regulator for PCIe 6a arm64: dts: qcom: x1e80100-crd: Fix USB PHYs regulators Dan Carpenter (1): drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() Dmitry Baryshkov (2): arm64: dts: qcom: qrb2210-rb1: switch I2C2 to i2c-gpio arm64: dts: qcom: qrb4210-rb2: switch I2C2 to i2c-gpio Dongli Zhang (1): tun: add missing verification for short frame Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 Gerald Schaefer (1): s390/mm: Fix VM_FAULT_HWPOISON handling in do_exception() Greg Kroah-Hartman (1): Linux 6.10.2 Jann Horn (1): filelock: Fix fcntl/close race recovery compat path Konstantin Komarov (1): fs/ntfs3: Add a check for attr_names and oatbl Krishna Kurapati (10): arm64: dts: qcom: sc7180: Disable SuperSpeed instances in park mode arm64: dts: qcom: sc7280: Disable SuperSpeed instances in park mode arm64: dts: qcom: msm8996: Disable SS instance in Parkmode for USB arm64: dts: qcom: sm6350: Disable SS instance in Parkmode for USB arm64: dts: qcom: msm8998: Disable SS instance in Parkmode for USB arm64: dts: qcom: ipq6018: Disable SS instance in Parkmode for USB arm64: dts: qcom: sdm630: Disable SS instance in Parkmode for USB arm64: dts: qcom: ipq8074: Disable SS instance in Parkmode for USB arm64: dts: qcom: sdm845: Disable SS instance in Parkmode for USB arm64: dts: qcom: sm6115: Disable SS instance in Parkmode for USB Seunghun Han (1): ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 Shenghao Ding (1): ALSA: hda/tas2781: Add new quirk for Lenovo Hera2 Laptop Shengjiu Wang (1): ALSA: pcm_dmaengine: Don't synchronize DMA channel when DMA is paused Si-Wei Liu (1): tap: add missing verification for short frame Takashi Iwai (2): usb: gadget: midi2: Fix incorrect default MIDI2 protocol setup ALSA: seq: ump: Skip useless ports for static blocks lei lu (3): ocfs2: add bounds checking to ocfs2_check_dir_entry() jfs: don't walk off the end of ealist fs/ntfs3: Validate ff offset

3 months, 2 weeks

1
1
0 0

Linux 6.6.43

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.43 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 - arch/arm64/boot/dts/qcom/ipq6018.dtsi | 1 arch/arm64/boot/dts/qcom/msm8996.dtsi | 1 arch/arm64/boot/dts/qcom/qrb4210-rb2.dts | 13 ++++++++ arch/arm64/boot/dts/qcom/sdm630.dtsi | 1 arch/arm64/boot/dts/qcom/sm6350.dtsi | 1 drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c | 2 - drivers/net/tap.c | 5 +++ drivers/net/tun.c | 3 ++ drivers/usb/gadget/function/f_midi2.c | 19 +++++++----- fs/jfs/xattr.c | 23 ++++++++++++--- fs/locks.c | 9 ++---- fs/ntfs3/fslog.c | 44 ++++++++++++++++++++++++----- fs/ocfs2/dir.c | 46 +++++++++++++++++++------------ sound/core/pcm_dmaengine.c | 6 +++- sound/core/seq/seq_ump_client.c | 16 ++++++++++ sound/pci/hda/patch_realtek.c | 2 + 17 files changed, 149 insertions(+), 45 deletions(-) Dan Carpenter (1): drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() Dmitry Baryshkov (1): arm64: dts: qcom: qrb4210-rb2: switch I2C2 to i2c-gpio Dongli Zhang (1): tun: add missing verification for short frame Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 Greg Kroah-Hartman (1): Linux 6.6.43 Jann Horn (1): filelock: Fix fcntl/close race recovery compat path Konstantin Komarov (1): fs/ntfs3: Add a check for attr_names and oatbl Krishna Kurapati (4): arm64: dts: qcom: msm8996: Disable SS instance in Parkmode for USB arm64: dts: qcom: sm6350: Disable SS instance in Parkmode for USB arm64: dts: qcom: ipq6018: Disable SS instance in Parkmode for USB arm64: dts: qcom: sdm630: Disable SS instance in Parkmode for USB Seunghun Han (1): ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 Shengjiu Wang (1): ALSA: pcm_dmaengine: Don't synchronize DMA channel when DMA is paused Si-Wei Liu (1): tap: add missing verification for short frame Takashi Iwai (2): usb: gadget: midi2: Fix incorrect default MIDI2 protocol setup ALSA: seq: ump: Skip useless ports for static blocks lei lu (3): ocfs2: add bounds checking to ocfs2_check_dir_entry() jfs: don't walk off the end of ealist fs/ntfs3: Validate ff offset

3 months, 2 weeks

1
1
0 0

Linux 6.1.102

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.102 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 - arch/arm64/boot/dts/qcom/ipq6018.dtsi | 1 arch/arm64/boot/dts/qcom/msm8996.dtsi | 1 arch/arm64/boot/dts/qcom/sdm630.dtsi | 1 drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c | 2 - drivers/net/tap.c | 5 +++ drivers/net/tun.c | 3 ++ fs/btrfs/transaction.c | 5 ++- fs/f2fs/super.c | 15 +++++++++- fs/jfs/xattr.c | 23 +++++++++++++--- fs/locks.c | 9 ++---- fs/ntfs3/fslog.c | 6 +++- fs/ocfs2/dir.c | 46 ++++++++++++++++++++------------- sound/core/pcm_dmaengine.c | 6 +++- sound/pci/hda/patch_realtek.c | 2 + 15 files changed, 94 insertions(+), 33 deletions(-) Chao Yu (1): f2fs: avoid dead loop in f2fs_issue_checkpoint() Dan Carpenter (1): drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() Dongli Zhang (1): tun: add missing verification for short frame Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 Filipe Manana (1): btrfs: do not BUG_ON on failure to get dir index for new snapshot Greg Kroah-Hartman (1): Linux 6.1.102 Jann Horn (1): filelock: Fix fcntl/close race recovery compat path Krishna Kurapati (3): arm64: dts: qcom: msm8996: Disable SS instance in Parkmode for USB arm64: dts: qcom: ipq6018: Disable SS instance in Parkmode for USB arm64: dts: qcom: sdm630: Disable SS instance in Parkmode for USB Seunghun Han (1): ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 Shengjiu Wang (1): ALSA: pcm_dmaengine: Don't synchronize DMA channel when DMA is paused Si-Wei Liu (1): tap: add missing verification for short frame lei lu (3): ocfs2: add bounds checking to ocfs2_check_dir_entry() jfs: don't walk off the end of ealist fs/ntfs3: Validate ff offset

3 months, 2 weeks

1
1
0 0

Linux 5.15.164

by Greg Kroah-Hartman

I'm announcing the release of the 5.15.164 kernel. All users of the 5.15 kernel series must upgrade. The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/admin-guide/filesystem-monitoring.rst | 20 +- Makefile | 2 arch/arm/include/asm/uaccess.h | 14 - arch/arm64/boot/dts/qcom/msm8996.dtsi | 1 arch/arm64/boot/dts/qcom/sdm630.dtsi | 1 arch/arm64/kernel/armv8_deprecated.c | 3 arch/mips/kernel/syscalls/syscall_o32.tbl | 2 arch/powerpc/kernel/eeh_pe.c | 7 arch/powerpc/kvm/book3s_64_vio.c | 18 +- arch/powerpc/platforms/pseries/setup.c | 4 arch/riscv/kernel/stacktrace.c | 3 drivers/acpi/ec.c | 9 - drivers/acpi/processor_idle.c | 40 +--- drivers/block/null_blk/main.c | 4 drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c | 2 drivers/gpu/drm/radeon/radeon_gem.c | 2 drivers/gpu/drm/vmwgfx/Kconfig | 2 drivers/input/mouse/elantech.c | 31 +++ drivers/input/serio/i8042-acpipnpio.h | 18 +- drivers/input/touchscreen/silead.c | 19 -- drivers/misc/mei/main.c | 2 drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 2 drivers/net/tap.c | 5 drivers/net/tun.c | 3 drivers/net/usb/qmi_wwan.c | 2 drivers/net/wireless/intel/iwlwifi/mvm/d3.c | 16 + drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 5 drivers/net/wireless/ralink/rt2x00/rt2400pci.c | 8 drivers/net/wireless/ralink/rt2x00/rt2400pci.h | 2 drivers/net/wireless/ralink/rt2x00/rt2500pci.c | 8 drivers/net/wireless/ralink/rt2x00/rt2500pci.h | 2 drivers/net/wireless/ralink/rt2x00/rt2500usb.c | 8 drivers/net/wireless/ralink/rt2x00/rt2500usb.h | 2 drivers/net/wireless/ralink/rt2x00/rt2800lib.c | 36 ++-- drivers/net/wireless/ralink/rt2x00/rt2800lib.h | 8 drivers/net/wireless/ralink/rt2x00/rt2x00usb.c | 6 drivers/net/wireless/ralink/rt2x00/rt61pci.c | 4 drivers/net/wireless/ralink/rt2x00/rt61pci.h | 2 drivers/net/wireless/ralink/rt2x00/rt73usb.c | 4 drivers/net/wireless/ralink/rt2x00/rt73usb.h | 2 drivers/nvme/host/core.c | 1 drivers/platform/x86/lg-laptop.c | 89 +++------- drivers/platform/x86/wireless-hotkey.c | 2 drivers/s390/char/sclp.c | 1 drivers/scsi/device_handler/scsi_dh_alua.c | 31 ++- drivers/scsi/hosts.c | 16 + drivers/scsi/libsas/sas_internal.h | 14 + drivers/scsi/qedf/qedf.h | 1 drivers/scsi/qedf/qedf_main.c | 47 ++++- drivers/scsi/scsi_lib.c | 6 drivers/scsi/scsi_priv.h | 2 drivers/scsi/scsi_scan.c | 1 drivers/scsi/scsi_sysfs.c | 1 drivers/spi/spi-imx.c | 2 drivers/spi/spi-mux.c | 1 fs/btrfs/qgroup.c | 4 fs/dcache.c | 31 +-- fs/file.c | 4 fs/hfsplus/xattr.c | 2 fs/jfs/xattr.c | 23 ++ fs/locks.c | 18 -- fs/ntfs3/fslog.c | 6 fs/ocfs2/dir.c | 46 +++-- include/linux/compiler.h | 6 include/linux/minmax.h | 89 +++++++--- include/linux/overflow.h | 1 include/linux/trace_events.h | 2 include/scsi/scsi_host.h | 2 include/sound/dmaengine_pcm.h | 1 kernel/bpf/ringbuf.c | 30 ++- mm/damon/core.c | 23 ++ net/bluetooth/hci_core.c | 4 net/ipv4/af_inet.c | 4 net/ipv6/ila/ila_lwt.c | 7 net/ipv6/rpl_iptunnel.c | 14 - net/mac80211/ieee80211_i.h | 2 net/mac80211/main.c | 11 + net/mac80211/mesh.c | 1 net/mac80211/scan.c | 14 + net/mac80211/util.c | 4 net/mac802154/tx.c | 8 net/wireless/scan.c | 8 samples/Kconfig | 9 + samples/Makefile | 1 samples/fanotify/.gitignore | 1 samples/fanotify/Makefile | 5 samples/fanotify/fs-monitor.c | 142 ++++++++++++++++ scripts/gcc-plugins/gcc-common.h | 4 scripts/kconfig/expr.c | 29 --- scripts/kconfig/expr.h | 1 scripts/kconfig/gconf.c | 3 scripts/kconfig/menu.c | 2 sound/core/pcm_dmaengine.c | 26 ++ sound/pci/hda/patch_realtek.c | 7 sound/soc/intel/boards/bytcr_rt5640.c | 11 + sound/soc/soc-generic-dmaengine-pcm.c | 8 sound/soc/ti/davinci-mcasp.c | 9 - sound/soc/ti/omap-hdmi.c | 6 tools/power/cpupower/utils/helpers/amd.c | 26 ++ tools/testing/selftests/openat2/openat2_test.c | 1 tools/testing/selftests/vDSO/parse_vdso.c | 16 + tools/testing/selftests/vDSO/vdso_standalone_test_x86.c | 18 +- 102 files changed, 868 insertions(+), 366 deletions(-) Aivaz Latypov (1): ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx Alexander Usyskin (1): mei: demote client disconnect warning on suspend to debug Alexey Makhalov (1): drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency Andreas Hindborg (1): null_blk: fix validation of block size Andy Shevchenko (1): minmax: fix header inclusions Anjali K (1): powerpc/pseries: Whitelist dtl slub object for copying to userspace Armin Wolf (6): ACPI: EC: Abort address space access upon error ACPI: EC: Avoid returning AE_OK on errors in address space handler platform/x86: wireless-hotkey: Add support for LG Airplane Button platform/x86: lg-laptop: Remove LGEX0815 hotkey handling platform/x86: lg-laptop: Change ACPI device id platform/x86: lg-laptop: Use ACPI device handle when evaluating WMAB/WMBB Arnd Bergmann (1): mips: fix compat_sys_lseek syscall Ayala Beker (1): wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option Bart Van Assche (2): scsi: core: Fix a use-after-free tracing: Define the is_signed_type() macro once Chen Ni (1): can: kvaser_usb: fix return value for hif_usb_send_regout Christian Brauner (1): fs: better handle deep ancestor chains in is_subdir() Chunguang Xu (1): nvme: avoid double free special payload Dan Carpenter (1): drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() Daniel Borkmann (1): bpf: Fix overrunning reservations in ringbuf Daniele Palmas (1): net: usb: qmi_wwan: add Telit FN912 compositions David Laight (3): minmax: allow min()/max()/clamp() if the arguments have the same signedness. minmax: allow comparisons of 'int' against 'unsigned char/short' minmax: relax check to allow comparison between unsigned arguments and signed constants David Lechner (1): spi: mux: set ctlr->bits_per_word_mask Dhananjay Ugwekar (1): tools/power/cpupower: Fix Pstate frequency reporting on AMD Family 1Ah CPUs Dmitry Antipov (2): wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() wifi: cfg80211: wext: add extra SIOCSIWSCAN data check Dongli Zhang (1): tun: add missing verification for short frame Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 Edward Adam Davis (1): hfsplus: fix uninit-value in copy_name Eric Dumazet (2): net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() ila: block BH in ila_output() Filipe Manana (1): btrfs: qgroup: fix quota root leak after quota disable failure Gabriel Krisman Bertazi (3): samples: Add fs error monitoring example samples: Make fs-monitor depend on libc and headers docs: Fix formatting of literal sections in fanotify docs Ganesh Goudar (1): powerpc/eeh: avoid possible crash when edev->pdev changes Greg Kroah-Hartman (1): Linux 5.15.164 Hans de Goede (1): Input: silead - Always support 10 fingers Heiko Carstens (1): s390/sclp: Fix sclp_init() cleanup on failure Jai Luthra (2): ALSA: dmaengine: Synchronize dma channel after drop() ASoC: ti: davinci-mcasp: Set min period size using FIFO config Jann Horn (2): filelock: Remove locks reliably when fcntl/close race is detected filelock: Fix fcntl/close race recovery compat path Jason A. Donenfeld (3): minmax: sanity check constant bounds when clamping minmax: clamp more efficiently by avoiding extra comparison wifi: rt2x00: use explicitly signed or unsigned types Johannes Berg (2): wifi: mac80211: handle tasklet frames before stopping wifi: mac80211: disable softirqs for queued frame handling John Hubbard (1): selftests/vDSO: fix clang build errors and warnings Jonathan Denose (1): Input: elantech - fix touchpad state on resume for Lenovo N24 Kailang Yang (1): ALSA: hda/realtek: Add more codec ID to no shutup pins list Kees Cook (1): gcc-plugins: Rename last_stmt() for GCC 14+ Krishna Kurapati (2): arm64: dts: qcom: msm8996: Disable SS instance in Parkmode for USB arm64: dts: qcom: sdm630: Disable SS instance in Parkmode for USB Kuan-Wei Chiu (1): ACPI: processor_idle: Fix invalid comparison with insertion sort for latency Linus Torvalds (1): Add gitignore file for samples/fanotify/ subdirectory Martin Wilck (1): scsi: core: alua: I/O errors for ALUA state transitions Masahiro Yamada (3): ARM: 9324/1: fix get_user() broken with veneer kconfig: gconf: give a proper initial state to the Save button kconfig: remove wrong expr_trans_bool() Michael Ellerman (2): selftests/openat2: Fix build warnings on ppc64 KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() Nicolas Escande (1): wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata Paolo Abeni (1): net: relax socket state check at accept time. Pierre-Eric Pelloux-Prayer (1): drm/radeon: check bo_va->bo is non-NULL before using it Primoz Fiser (1): ASoC: ti: omap-hdmi: Fix too long driver name Puranjay Mohan (1): riscv: stacktrace: fix usage of ftrace_graph_ret_addr() Saurav Kashyap (3): scsi: qedf: Don't process stag work during unload and recovery scsi: qedf: Wait for stag work during unload scsi: qedf: Set qed_slowpath_params to zero before use SeongJae Park (1): mm/damon/core: merge regions aggressively when max_nr_regions is unmet Seunghun Han (1): ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 Shengjiu Wang (2): ALSA: dmaengine_pcm: terminate dmaengine before synchronize ALSA: pcm_dmaengine: Don't synchronize DMA channel when DMA is paused Si-Wei Liu (1): tap: add missing verification for short frame Tetsuo Handa (1): Bluetooth: hci_core: cancel all works upon hci_unregister_dev() Thomas GENTY (1): bytcr_rt5640 : inverse jack detect for Archos 101 cesium Tobias Jakobi (1): Input: i8042 - add Ayaneo Kun to i8042 quirk table Uwe Kleine-König (1): spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices Wei Li (1): arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process Xingui Yang (1): scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed Yedidya Benshimol (2): wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd Yunshui Jiang (1): net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() Yuntao Wang (1): fs/file: fix the check in find_next_fd() lei lu (3): ocfs2: add bounds checking to ocfs2_check_dir_entry() jfs: don't walk off the end of ealist fs/ntfs3: Validate ff offset

3 months, 2 weeks

1
1
0 0

Linux 5.10.223

by Greg Kroah-Hartman

I'm announcing the release of the 5.10.223 kernel. All users of the 5.10 kernel series must upgrade. The updated 5.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/include/asm/uaccess.h | 14 ---- arch/arm64/boot/dts/qcom/msm8996.dtsi | 1 arch/arm64/kernel/armv8_deprecated.c | 3 + arch/mips/kernel/syscalls/syscall_o32.tbl | 2 arch/powerpc/kernel/eeh_pe.c | 7 +- arch/powerpc/kvm/book3s_64_vio.c | 18 ++++-- arch/powerpc/platforms/pseries/setup.c | 4 - drivers/acpi/ec.c | 9 ++- drivers/acpi/processor_idle.c | 40 +++++-------- drivers/block/null_blk/main.c | 4 - drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c | 2 drivers/input/mouse/elantech.c | 31 ++++++++++ drivers/input/serio/i8042-acpipnpio.h | 18 +++++- drivers/input/touchscreen/silead.c | 19 +----- drivers/misc/mei/main.c | 2 drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 2 drivers/net/tap.c | 5 + drivers/net/tun.c | 3 + drivers/net/usb/qmi_wwan.c | 2 drivers/s390/char/sclp.c | 1 drivers/scsi/hosts.c | 16 ++++- drivers/scsi/libsas/sas_internal.h | 14 ++++ drivers/scsi/qedf/qedf_main.c | 1 drivers/scsi/scsi_lib.c | 6 +- drivers/scsi/scsi_priv.h | 2 drivers/scsi/scsi_scan.c | 1 drivers/scsi/scsi_sysfs.c | 1 drivers/spi/spi-imx.c | 2 drivers/spi/spi-mux.c | 1 fs/btrfs/qgroup.c | 4 - fs/dcache.c | 31 ++++------ fs/ext4/super.c | 9 ++- fs/file.c | 4 - fs/hfsplus/xattr.c | 2 fs/jfs/xattr.c | 23 ++++++-- fs/locks.c | 18 ++---- fs/ocfs2/dir.c | 46 ++++++++++------ include/linux/skmsg.h | 2 include/scsi/scsi_host.h | 2 include/sound/dmaengine_pcm.h | 1 kernel/bpf/ringbuf.c | 30 ++++++++-- net/bluetooth/hci_core.c | 4 + net/ipv4/af_inet.c | 4 + net/ipv6/ila/ila_lwt.c | 7 ++ net/ipv6/rpl_iptunnel.c | 14 ++-- net/mac80211/mesh.c | 1 net/mac80211/scan.c | 14 +++- net/mac802154/tx.c | 8 +- net/wireless/scan.c | 8 ++ scripts/gcc-plugins/gcc-common.h | 4 + scripts/kconfig/expr.c | 29 ---------- scripts/kconfig/expr.h | 1 scripts/kconfig/gconf.c | 3 - scripts/kconfig/menu.c | 2 sound/core/pcm_dmaengine.c | 26 +++++++++ sound/pci/hda/patch_realtek.c | 7 ++ sound/soc/intel/boards/bytcr_rt5640.c | 11 +++ sound/soc/soc-generic-dmaengine-pcm.c | 8 ++ sound/soc/ti/davinci-mcasp.c | 9 ++- sound/soc/ti/omap-hdmi.c | 6 -- tools/testing/selftests/openat2/openat2_test.c | 1 tools/testing/selftests/vDSO/parse_vdso.c | 16 +++-- tools/testing/selftests/vDSO/vdso_standalone_test_x86.c | 18 +++++- 64 files changed, 403 insertions(+), 203 deletions(-) Aivaz Latypov (1): ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx Alexander Usyskin (1): mei: demote client disconnect warning on suspend to debug Andreas Hindborg (1): null_blk: fix validation of block size Anjali K (1): powerpc/pseries: Whitelist dtl slub object for copying to userspace Armin Wolf (2): ACPI: EC: Abort address space access upon error ACPI: EC: Avoid returning AE_OK on errors in address space handler Arnd Bergmann (1): mips: fix compat_sys_lseek syscall Bart Van Assche (1): scsi: core: Fix a use-after-free Chen Ni (1): can: kvaser_usb: fix return value for hif_usb_send_regout Christian Brauner (1): fs: better handle deep ancestor chains in is_subdir() Dan Carpenter (1): drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() Daniel Borkmann (1): bpf: Fix overrunning reservations in ringbuf Daniele Palmas (1): net: usb: qmi_wwan: add Telit FN912 compositions David Lechner (1): spi: mux: set ctlr->bits_per_word_mask Dmitry Antipov (2): wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() wifi: cfg80211: wext: add extra SIOCSIWSCAN data check Dongli Zhang (1): tun: add missing verification for short frame Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 Edward Adam Davis (1): hfsplus: fix uninit-value in copy_name Eric Dumazet (2): net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() ila: block BH in ila_output() Filipe Manana (1): btrfs: qgroup: fix quota root leak after quota disable failure Gabriel Krisman Bertazi (2): ext4: fix error code saved on super block during file system abort ext4: Send notifications on error Ganesh Goudar (1): powerpc/eeh: avoid possible crash when edev->pdev changes Greg Kroah-Hartman (1): Linux 5.10.223 Hans de Goede (1): Input: silead - Always support 10 fingers Heiko Carstens (1): s390/sclp: Fix sclp_init() cleanup on failure Jai Luthra (2): ALSA: dmaengine: Synchronize dma channel after drop() ASoC: ti: davinci-mcasp: Set min period size using FIFO config Jann Horn (2): filelock: Remove locks reliably when fcntl/close race is detected filelock: Fix fcntl/close race recovery compat path Jason Xing (1): bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue John Hubbard (1): selftests/vDSO: fix clang build errors and warnings Jonathan Denose (1): Input: elantech - fix touchpad state on resume for Lenovo N24 Kailang Yang (1): ALSA: hda/realtek: Add more codec ID to no shutup pins list Kees Cook (1): gcc-plugins: Rename last_stmt() for GCC 14+ Krishna Kurapati (1): arm64: dts: qcom: msm8996: Disable SS instance in Parkmode for USB Kuan-Wei Chiu (1): ACPI: processor_idle: Fix invalid comparison with insertion sort for latency Masahiro Yamada (3): kconfig: gconf: give a proper initial state to the Save button kconfig: remove wrong expr_trans_bool() ARM: 9324/1: fix get_user() broken with veneer Michael Ellerman (2): selftests/openat2: Fix build warnings on ppc64 KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() Nicolas Escande (1): wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata Paolo Abeni (1): net: relax socket state check at accept time. Primoz Fiser (1): ASoC: ti: omap-hdmi: Fix too long driver name Saurav Kashyap (1): scsi: qedf: Set qed_slowpath_params to zero before use Seunghun Han (1): ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 Shengjiu Wang (2): ALSA: dmaengine_pcm: terminate dmaengine before synchronize ALSA: pcm_dmaengine: Don't synchronize DMA channel when DMA is paused Si-Wei Liu (1): tap: add missing verification for short frame Tetsuo Handa (1): Bluetooth: hci_core: cancel all works upon hci_unregister_dev() Thomas GENTY (1): bytcr_rt5640 : inverse jack detect for Archos 101 cesium Tobias Jakobi (1): Input: i8042 - add Ayaneo Kun to i8042 quirk table Uwe Kleine-König (1): spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices Wei Li (1): arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process Xingui Yang (1): scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed Yunshui Jiang (1): net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() Yuntao Wang (1): fs/file: fix the check in find_next_fd() lei lu (2): ocfs2: add bounds checking to ocfs2_check_dir_entry() jfs: don't walk off the end of ealist

3 months, 2 weeks

1
1
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror July 2024