Linux-stable-mirror
September 2024
linux-stable-mirror@lists.linaro.org
- 503 participants
- 1018 discussions
[PATCH] workqueue: Clear worker->pool in the worker thread context
by Lai Jiangshan
From: Lai Jiangshan <jiangshan.ljs(a)antgroup.com>
Marc Hartmayer reported:
[ 23.133876] Unable to handle kernel pointer dereference in virtual kernel address space
[ 23.133950] Failing address: 0000000000000000 TEID: 0000000000000483
[ 23.133954] Fault in home space mode while using kernel ASCE.
[ 23.133957] AS:000000001b8f0007 R3:0000000056cf4007 S:0000000056cf3800 P:000000000000003d
[ 23.134207] Oops: 0004 ilc:2 [#1] SMP
(snip)
[ 23.134516] Call Trace:
[ 23.134520] [<0000024e326caf28>] worker_thread+0x48/0x430
[ 23.134525] ([<0000024e326caf18>] worker_thread+0x38/0x430)
[ 23.134528] [<0000024e326d3a3e>] kthread+0x11e/0x130
[ 23.134533] [<0000024e3264b0dc>] __ret_from_fork+0x3c/0x60
[ 23.134536] [<0000024e333fb37a>] ret_from_fork+0xa/0x38
[ 23.134552] Last Breaking-Event-Address:
[ 23.134553] [<0000024e333f4c04>] mutex_unlock+0x24/0x30
[ 23.134562] Kernel panic - not syncing: Fatal exception: panic_on_oops
With debuging and analysis, worker_thread() accesses to the nullified
worker->pool when the newly created worker is destroyed before being
waken-up, in which case worker_thread() can see the result detach_worker()
reseting worker->pool to NULL at the begining.
Move the code "worker->pool = NULL;" out from detach_worker() to fix the
problem.
worker->pool had been designed to be constant for regular workers and
changeable for rescuer. To share attaching/detaching code for regular
and rescuer workers and to avoid worker->pool being accessed inadvertently
when the worker has been detached, worker->pool is reset to NULL when
detached no matter the worker is rescuer or not.
To maintain worker->pool being reset after detached, move the code
"worker->pool = NULL;" in the worker thread context after detached.
It is either be in the regular worker thread context after PF_WQ_WORKER
is cleared or in rescuer worker thread context with wq_pool_attach_mutex
held. So it is safe to do so.
Cc: Marc Hartmayer <mhartmay(a)linux.ibm.com>
Link: https://lore.kernel.org/lkml/87wmjj971b.fsf@linux.ibm.com/
Reported-by: Marc Hartmayer <mhartmay(a)linux.ibm.com>
Fixes: f4b7b53c94af ("workqueue: Detach workers directly in idle_cull_fn()")
Cc: stable(a)vger.kernel.org # v6.11+
Signed-off-by: Lai Jiangshan <jiangshan.ljs(a)antgroup.com>
---
kernel/workqueue.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/kernel/workqueue.c b/kernel/workqueue.c
index e7b005ff3750..6f2545037e57 100644
--- a/kernel/workqueue.c
+++ b/kernel/workqueue.c
@@ -2709,7 +2709,6 @@ static void detach_worker(struct worker *worker)
unbind_worker(worker);
list_del(&worker->node);
- worker->pool = NULL;
}
/**
@@ -2729,6 +2728,7 @@ static void worker_detach_from_pool(struct worker *worker)
mutex_lock(&wq_pool_attach_mutex);
detach_worker(worker);
+ worker->pool = NULL;
mutex_unlock(&wq_pool_attach_mutex);
/* clear leftover flags without pool->lock after it is detached */
@@ -3349,7 +3349,11 @@ static int worker_thread(void *__worker)
if (unlikely(worker->flags & WORKER_DIE)) {
raw_spin_unlock_irq(&pool->lock);
set_pf_worker(false);
-
+ /*
+ * The worker is dead and PF_WQ_WORKER is cleared, worker->pool
+ * shouldn't be accessed, reset it to NULL in case otherwise.
+ */
+ worker->pool = NULL;
ida_free(&pool->worker_ida, worker->id);
return 0;
}
--
2.19.1.6.gb485710b
9 months, 1 week
- 3
- 2
[PATCH] USB: misc: yurex: fix race between read and write
by Oliver Neukum
The write code path touches the bbu member in a non atomic manner
without taking the spinlock. Fix it.
The bug is as old as the driver.
Signed-off-by: Oliver Neukum <oneukum(a)suse.com>
CC: stable(a)vger.kernel.org
---
drivers/usb/misc/yurex.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/drivers/usb/misc/yurex.c b/drivers/usb/misc/yurex.c
index 4745a320eae4..4a9859e03f6b 100644
--- a/drivers/usb/misc/yurex.c
+++ b/drivers/usb/misc/yurex.c
@@ -404,7 +404,6 @@ static ssize_t yurex_read(struct file *file, char __user *buffer, size_t count,
struct usb_yurex *dev;
int len = 0;
char in_buffer[MAX_S64_STRLEN];
- unsigned long flags;
dev = file->private_data;
@@ -419,9 +418,9 @@ static ssize_t yurex_read(struct file *file, char __user *buffer, size_t count,
return -EIO;
}
- spin_lock_irqsave(&dev->lock, flags);
+ spin_lock_irq(&dev->lock);
scnprintf(in_buffer, MAX_S64_STRLEN, "%lld\n", dev->bbu);
- spin_unlock_irqrestore(&dev->lock, flags);
+ spin_unlock_irq(&dev->lock);
mutex_unlock(&dev->io_mutex);
return simple_read_from_buffer(buffer, count, ppos, in_buffer, len);
@@ -511,8 +510,11 @@ static ssize_t yurex_write(struct file *file, const char __user *user_buffer,
__func__, retval);
goto error;
}
- if (set && timeout)
+ if (set && timeout) {
+ spin_lock_irq(&dev->lock);
dev->bbu = c2;
+ spin_unlock_irq(&dev->lock);
+ }
return timeout ? count : -EIO;
error:
--
2.45.2
9 months, 1 week
- 1
- 0
[PATCH] brbd: Fix atomicity violation in drbd_uuid_set_bm()
by Qiu-ji Chen
The violation of atomicity occurs when the brbd_uuid_set_bm function is
executed simultaneously with modifying the value of
device->ldev->md.uuid[UI_BITMAP]. Consider a scenario where, while
device->ldev->md.uuid[UI_BITMAP] passes the validity check when its value
is not zero, the value of device->ldev->md.uuid[UI_BITMAP] is written to
zero. In this case, the check in brbd_uuid_set_bm might refer to the old
value of device->ldev->md.uuid[UI_BITMAP] (before locking), which allows
an invalid value to pass the validity check, resulting in inconsistency.
To address this issue, it is recommended to include the data validity check
within the locked section of the function. This modification ensures that
the value of device->ldev->md.uuid[UI_BITMAP] does not change during the
validation process, thereby maintaining its integrity.
This possible bug is found by an experimental static analysis tool
developed by our team. This tool analyzes the locking APIs to extract
function pairs that can be concurrently executed, and then analyzes the
instructions in the paired functions to identify possible concurrency bugs
including data races and atomicity violations.
Fixes: 9f2247bb9b75 ("drbd: Protect accesses to the uuid set with a spinlock")
Cc: stable(a)vger.kernel.org
Signed-off-by: Qiu-ji Chen <chenqiuji666(a)gmail.com>
---
drivers/block/drbd/drbd_main.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/drivers/block/drbd/drbd_main.c b/drivers/block/drbd/drbd_main.c
index a9e49b212341..abafc4edf9ed 100644
--- a/drivers/block/drbd/drbd_main.c
+++ b/drivers/block/drbd/drbd_main.c
@@ -3399,10 +3399,12 @@ void drbd_uuid_new_current(struct drbd_device *device) __must_hold(local)
void drbd_uuid_set_bm(struct drbd_device *device, u64 val) __must_hold(local)
{
unsigned long flags;
- if (device->ldev->md.uuid[UI_BITMAP] == 0 && val == 0)
+ spin_lock_irqsave(&device->ldev->md.uuid_lock, flags);
+ if (device->ldev->md.uuid[UI_BITMAP] == 0 && val == 0) {
+ spin_unlock_irqrestore(&device->ldev->md.uuid_lock, flags);
return;
+ }
- spin_lock_irqsave(&device->ldev->md.uuid_lock, flags);
if (val == 0) {
drbd_uuid_move_history(device);
device->ldev->md.uuid[UI_HISTORY_START] = device->ldev->md.uuid[UI_BITMAP];
--
2.34.1
9 months, 1 week
- 2
- 1
[PATCH] USB: misc: cypress_cy7c63: check for short transfer
by Oliver Neukum
As we process the second byte of a control transfer, transfers
of less than 2 bytes must be discarded.
This bug is as old as the driver.
SIgned-off-by: Oliver Neukum <oneukum(a)suse.com>
CC: stable(a)vger.kernel.org
---
drivers/usb/misc/cypress_cy7c63.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/usb/misc/cypress_cy7c63.c b/drivers/usb/misc/cypress_cy7c63.c
index cecd7693b741..75f5a740cba3 100644
--- a/drivers/usb/misc/cypress_cy7c63.c
+++ b/drivers/usb/misc/cypress_cy7c63.c
@@ -88,6 +88,9 @@ static int vendor_command(struct cypress *dev, unsigned char request,
USB_DIR_IN | USB_TYPE_VENDOR | USB_RECIP_OTHER,
address, data, iobuf, CYPRESS_MAX_REQSIZE,
USB_CTRL_GET_TIMEOUT);
+ /* we must not process garbage */
+ if (retval < 2)
+ goto err_buf;
/* store returned data (more READs to be added) */
switch (request) {
@@ -107,6 +110,7 @@ static int vendor_command(struct cypress *dev, unsigned char request,
break;
}
+err_buf:
kfree(iobuf);
error:
return retval;
--
2.45.2
9 months, 1 week
- 1
- 0
[PATCH] appledisplay: close race between probe and completion handler
by Oliver Neukum
There is a small window during probing when IO is running
but the backlight is not registered. Processing events
during that time will crash. The completion handler
needs to check for a backlight before scheduling work.
The bug is as old as the driver.
Signed-off-by: Oliver Neukum <oneukum(a)suse.com>
CC: stable(a)vger.kernel.org
---
drivers/usb/misc/appledisplay.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/drivers/usb/misc/appledisplay.c b/drivers/usb/misc/appledisplay.c
index c8098e9b432e..62b5a30edc42 100644
--- a/drivers/usb/misc/appledisplay.c
+++ b/drivers/usb/misc/appledisplay.c
@@ -107,7 +107,12 @@ static void appledisplay_complete(struct urb *urb)
case ACD_BTN_BRIGHT_UP:
case ACD_BTN_BRIGHT_DOWN:
pdata->button_pressed = 1;
- schedule_delayed_work(&pdata->work, 0);
+ /*
+ * there is a window during which no device
+ * is registered
+ */
+ if (pdata->bd )
+ schedule_delayed_work(&pdata->work, 0);
break;
case ACD_BTN_NONE:
default:
@@ -202,6 +207,7 @@ static int appledisplay_probe(struct usb_interface *iface,
const struct usb_device_id *id)
{
struct backlight_properties props;
+ struct backlight_device *backlight;
struct appledisplay *pdata;
struct usb_device *udev = interface_to_usbdev(iface);
struct usb_endpoint_descriptor *endpoint;
@@ -272,13 +278,14 @@ static int appledisplay_probe(struct usb_interface *iface,
memset(&props, 0, sizeof(struct backlight_properties));
props.type = BACKLIGHT_RAW;
props.max_brightness = 0xff;
- pdata->bd = backlight_device_register(bl_name, NULL, pdata,
+ backlight = backlight_device_register(bl_name, NULL, pdata,
&appledisplay_bl_data, &props);
- if (IS_ERR(pdata->bd)) {
+ if (IS_ERR(backlight)) {
dev_err(&iface->dev, "Backlight registration failed\n");
- retval = PTR_ERR(pdata->bd);
+ retval = PTR_ERR(backlight);
goto error;
}
+ pdata->bd = backlight;
/* Try to get brightness */
brightness = appledisplay_bl_get_brightness(pdata->bd);
--
2.45.2
9 months, 1 week
- 1
- 0
Linux 6.10.10
by Greg Kroah-Hartman
I'm announcing the release of the 6.10.10 kernel.
All users of the 6.10 kernel series must upgrade.
The updated 6.10.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.10.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/admin-guide/cgroup-v2.rst | 15
Documentation/devicetree/bindings/nvmem/xlnx,zynqmp-nvmem.yaml | 2
Makefile | 2
arch/arm64/include/asm/acpi.h | 12
arch/arm64/kernel/acpi_numa.c | 11
arch/loongarch/include/asm/hugetlb.h | 4
arch/loongarch/include/asm/kfence.h | 6
arch/loongarch/include/asm/pgtable.h | 48 -
arch/loongarch/kernel/relocate.c | 4
arch/loongarch/kvm/mmu.c | 8
arch/loongarch/mm/hugetlbpage.c | 6
arch/loongarch/mm/init.c | 10
arch/loongarch/mm/kasan_init.c | 10
arch/loongarch/mm/pgtable.c | 2
arch/mips/kernel/cevt-r4k.c | 15
arch/parisc/mm/init.c | 16
arch/powerpc/include/asm/nohash/mmu-e500.h | 3
arch/powerpc/kernel/rtas.c | 4
arch/powerpc/kernel/vdso/vdso32.lds.S | 4
arch/powerpc/kernel/vdso/vdso64.lds.S | 4
arch/powerpc/lib/qspinlock.c | 10
arch/powerpc/mm/nohash/Makefile | 2
arch/powerpc/mm/nohash/tlb.c | 398 ----------
arch/powerpc/mm/nohash/tlb_64e.c | 361 +++++++++
arch/powerpc/mm/nohash/tlb_low_64e.S | 195 ----
arch/riscv/Kconfig | 4
arch/riscv/include/asm/processor.h | 26
arch/riscv/include/asm/sbi.h | 30
arch/riscv/include/asm/trace.h | 54 +
arch/riscv/kernel/Makefile | 6
arch/riscv/kernel/head.S | 3
arch/riscv/kernel/probes/kprobes.c | 5
arch/riscv/kernel/sbi.c | 56 -
arch/riscv/kernel/sbi_ecall.c | 48 +
arch/riscv/kernel/traps_misaligned.c | 4
arch/riscv/mm/init.c | 2
arch/s390/boot/startup.c | 8
arch/s390/kernel/vmlinux.lds.S | 17
arch/um/drivers/line.c | 2
arch/x86/coco/tdx/tdx.c | 1
arch/x86/events/intel/core.c | 57 +
arch/x86/include/asm/fpu/types.h | 7
arch/x86/include/asm/page_64.h | 1
arch/x86/include/asm/pgtable_64_types.h | 4
arch/x86/kernel/apic/apic.c | 11
arch/x86/kernel/fpu/xstate.c | 3
arch/x86/kernel/fpu/xstate.h | 4
arch/x86/kvm/svm/svm.c | 15
arch/x86/kvm/x86.c | 2
arch/x86/lib/iomem.c | 5
arch/x86/mm/init_64.c | 4
arch/x86/mm/kaslr.c | 32
arch/x86/mm/pti.c | 45 -
block/bio.c | 14
drivers/accel/habanalabs/gaudi2/gaudi2_security.c | 1
drivers/acpi/acpi_processor.c | 15
drivers/android/binder.c | 1
drivers/ata/libata-core.c | 4
drivers/ata/libata-scsi.c | 24
drivers/ata/pata_macio.c | 7
drivers/base/devres.c | 1
drivers/base/regmap/regcache-maple.c | 3
drivers/block/ublk_drv.c | 2
drivers/bluetooth/btnxpuart.c | 12
drivers/bluetooth/hci_qca.c | 1
drivers/clk/qcom/clk-alpha-pll.c | 6
drivers/clk/qcom/clk-rcg.h | 1
drivers/clk/qcom/clk-rcg2.c | 30
drivers/clk/qcom/gcc-ipq9574.c | 12
drivers/clk/qcom/gcc-sm8550.c | 54 -
drivers/clk/qcom/gcc-x1e80100.c | 52 -
drivers/clk/starfive/clk-starfive-jh7110-sys.c | 31
drivers/clk/starfive/clk-starfive-jh71x0.h | 2
drivers/clocksource/timer-imx-tpm.c | 16
drivers/clocksource/timer-of.c | 17
drivers/clocksource/timer-of.h | 1
drivers/crypto/intel/qat/qat_common/adf_gen2_pfvf.c | 4
drivers/crypto/intel/qat/qat_common/adf_rl.c | 1
drivers/crypto/intel/qat/qat_dh895xcc/adf_dh895xcc_hw_data.c | 8
drivers/crypto/starfive/jh7110-cryp.h | 4
drivers/crypto/starfive/jh7110-rsa.c | 15
drivers/cxl/core/region.c | 24
drivers/firmware/cirrus/cs_dsp.c | 3
drivers/gpio/gpio-rockchip.c | 1
drivers/gpio/gpio-zynqmp-modepin.c | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 15
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 79 +
drivers/gpu/drm/amd/amdgpu/amdgpu_display.c | 30
drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c | 3
drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c | 6
drivers/gpu/drm/amd/amdgpu/amdgpu_ids.c | 15
drivers/gpu/drm/amd/amdgpu/amdgpu_ids.h | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 123 ++-
drivers/gpu/drm/amd/amdgpu/amdgpu_psp.h | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c | 2
drivers/gpu/drm/amd/amdgpu/amdgpu_reset.h | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 6
drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 8
drivers/gpu/drm/amd/amdgpu/gfxhub_v1_2.c | 8
drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 3
drivers/gpu/drm/amd/amdgpu/ih_v6_0.c | 28
drivers/gpu/drm/amd/amdgpu/mmhub_v1_8.c | 8
drivers/gpu/drm/amd/amdgpu/mxgpu_ai.c | 3
drivers/gpu/drm/amd/amdgpu/mxgpu_nv.c | 3
drivers/gpu/drm/amd/amdgpu/mxgpu_vi.c | 3
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 15
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_plane.c | 47 -
drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c | 7
drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hubbub.c | 3
drivers/gpu/drm/amd/display/dc/dml2/display_mode_core.c | 2
drivers/gpu/drm/amd/display/dc/link/link_factory.c | 6
drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_training.c | 3
drivers/gpu/drm/amd/display/dc/resource/dcn315/dcn315_resource.c | 2
drivers/gpu/drm/amd/display/modules/hdcp/hdcp1_execution.c | 15
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6
drivers/gpu/drm/i915/display/intel_display_types.h | 4
drivers/gpu/drm/i915/display/intel_dp.c | 4
drivers/gpu/drm/i915/display/intel_dp_aux.c | 16
drivers/gpu/drm/i915/display/intel_dp_aux.h | 2
drivers/gpu/drm/i915/display/intel_psr.c | 2
drivers/gpu/drm/i915/display/intel_quirks.c | 68 +
drivers/gpu/drm/i915/display/intel_quirks.h | 6
drivers/gpu/drm/i915/gt/uc/intel_gsc_uc.c | 2
drivers/gpu/drm/i915/gt/uc/intel_uc_fw.h | 5
drivers/gpu/drm/i915/i915_sw_fence.c | 8
drivers/gpu/drm/imagination/pvr_vm.c | 4
drivers/gpu/drm/nouveau/nvkm/subdev/gsp/fwsec.c | 2
drivers/gpu/drm/panthor/panthor_drv.c | 23
drivers/gpu/drm/panthor/panthor_fw.c | 8
drivers/gpu/drm/panthor/panthor_mmu.c | 21
drivers/gpu/drm/panthor/panthor_mmu.h | 1
drivers/gpu/drm/panthor/panthor_sched.c | 2
drivers/gpu/drm/xe/regs/xe_gt_regs.h | 1
drivers/gpu/drm/xe/xe_gsc.c | 12
drivers/gpu/drm/xe/xe_uc_fw.h | 9
drivers/gpu/drm/xe/xe_wa.c | 8
drivers/hid/amd-sfh-hid/amd_sfh_hid.c | 4
drivers/hid/bpf/Kconfig | 2
drivers/hid/hid-cougar.c | 2
drivers/hv/vmbus_drv.c | 1
drivers/hwmon/adc128d818.c | 4
drivers/hwmon/hp-wmi-sensors.c | 2
drivers/hwmon/lm95234.c | 9
drivers/hwmon/ltc2991.c | 6
drivers/hwmon/nct6775-core.c | 2
drivers/hwmon/w83627ehf.c | 4
drivers/i3c/master/mipi-i3c-hci/dma.c | 5
drivers/i3c/master/svc-i3c-master.c | 58 +
drivers/iio/adc/ad7124.c | 30
drivers/iio/adc/ad7606.c | 28
drivers/iio/adc/ad7606.h | 2
drivers/iio/adc/ad7606_par.c | 48 +
drivers/iio/adc/ad_sigma_delta.c | 2
drivers/iio/buffer/industrialio-buffer-dmaengine.c | 4
drivers/iio/imu/inv_mpu6050/inv_mpu_trigger.c | 13
drivers/iio/inkern.c | 8
drivers/input/misc/uinput.c | 14
drivers/input/touchscreen/ili210x.c | 6
drivers/iommu/intel/dmar.c | 2
drivers/iommu/intel/iommu.c | 4
drivers/iommu/intel/iommu.h | 6
drivers/iommu/intel/pasid.c | 1
drivers/iommu/intel/pasid.h | 10
drivers/iommu/iommufd/hw_pagetable.c | 3
drivers/iommu/sun50i-iommu.c | 1
drivers/irqchip/irq-armada-370-xp.c | 4
drivers/irqchip/irq-gic-v2m.c | 6
drivers/irqchip/irq-renesas-rzg2l.c | 2
drivers/irqchip/irq-riscv-aplic-main.c | 4
drivers/irqchip/irq-sifive-plic.c | 115 +-
drivers/leds/leds-spi-byte.c | 6
drivers/md/dm-init.c | 4
drivers/media/platform/qcom/camss/camss.c | 5
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 17
drivers/media/test-drivers/vivid/vivid-vid-out.c | 16
drivers/media/usb/b2c2/flexcop-usb.c | 7
drivers/misc/fastrpc.c | 5
drivers/misc/vmw_vmci/vmci_resource.c | 3
drivers/mmc/core/quirks.h | 22
drivers/mmc/core/sd.c | 4
drivers/mmc/host/cqhci-core.c | 2
drivers/mmc/host/dw_mmc.c | 4
drivers/mmc/host/sdhci-of-aspeed.c | 1
drivers/net/bareudp.c | 22
drivers/net/can/kvaser_pciefd.c | 43 -
drivers/net/can/m_can/m_can.c | 100 +-
drivers/net/can/spi/mcp251x.c | 2
drivers/net/can/spi/mcp251xfd/mcp251xfd-core.c | 28
drivers/net/can/spi/mcp251xfd/mcp251xfd-ram.c | 11
drivers/net/can/spi/mcp251xfd/mcp251xfd-ring.c | 23
drivers/net/can/spi/mcp251xfd/mcp251xfd-rx.c | 165 ++--
drivers/net/can/spi/mcp251xfd/mcp251xfd-tef.c | 2
drivers/net/can/spi/mcp251xfd/mcp251xfd-timestamp.c | 22
drivers/net/can/spi/mcp251xfd/mcp251xfd.h | 42 -
drivers/net/dsa/vitesse-vsc73xx-core.c | 10
drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 20
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 10
drivers/net/ethernet/google/gve/gve.h | 1
drivers/net/ethernet/google/gve/gve_adminq.c | 22
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_err.c | 6
drivers/net/ethernet/intel/ice/ice.h | 2
drivers/net/ethernet/intel/ice/ice_base.c | 11
drivers/net/ethernet/intel/ice/ice_lib.c | 175 +---
drivers/net/ethernet/intel/ice/ice_lib.h | 10
drivers/net/ethernet/intel/ice/ice_main.c | 63 +
drivers/net/ethernet/intel/ice/ice_xsk.c | 12
drivers/net/ethernet/intel/igb/igb_main.c | 10
drivers/net/ethernet/intel/igc/igc_main.c | 1
drivers/net/ethernet/mellanox/mlx5/core/en.h | 20
drivers/net/ethernet/mellanox/mlx5/core/en/params.c | 12
drivers/net/ethernet/mellanox/mlx5/core/en/txrx.h | 19
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 21
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 66 -
drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c | 14
drivers/net/ethernet/microsoft/mana/mana_en.c | 22
drivers/net/ethernet/ti/am65-cpsw-nuss.c | 82 +-
drivers/net/ethernet/xilinx/xilinx_axienet.h | 3
drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 8
drivers/net/mctp/mctp-serial.c | 4
drivers/net/phy/phy_device.c | 2
drivers/net/usb/ipheth.c | 2
drivers/net/usb/r8152.c | 17
drivers/net/usb/usbnet.c | 11
drivers/net/wireless/ath/ath11k/ahb.c | 4
drivers/net/wireless/ath/ath11k/core.c | 115 --
drivers/net/wireless/ath/ath11k/core.h | 4
drivers/net/wireless/ath/ath11k/hif.h | 12
drivers/net/wireless/ath/ath11k/mhi.c | 12
drivers/net/wireless/ath/ath11k/mhi.h | 3
drivers/net/wireless/ath/ath11k/pci.c | 44 -
drivers/net/wireless/ath/ath11k/qmi.c | 2
drivers/net/wireless/ath/ath12k/mac.c | 9
drivers/net/wireless/broadcom/brcm80211/brcmsmac/mac80211_if.c | 1
drivers/net/wireless/intel/iwlwifi/mvm/mvm.h | 3
drivers/net/wireless/marvell/mwifiex/main.h | 3
drivers/net/wireless/realtek/rtw88/usb.c | 13
drivers/net/wireless/realtek/rtw89/core.c | 3
drivers/nvme/host/constants.c | 2
drivers/nvme/host/core.c | 40 -
drivers/nvme/host/fabrics.c | 10
drivers/nvme/host/fault_inject.c | 2
drivers/nvme/host/fc.c | 6
drivers/nvme/host/multipath.c | 2
drivers/nvme/host/nvme.h | 6
drivers/nvme/host/pci.c | 17
drivers/nvme/host/pr.c | 10
drivers/nvme/target/admin-cmd.c | 34
drivers/nvme/target/core.c | 46 -
drivers/nvme/target/discovery.c | 14
drivers/nvme/target/fabrics-cmd-auth.c | 16
drivers/nvme/target/fabrics-cmd.c | 36
drivers/nvme/target/io-cmd-bdev.c | 12
drivers/nvme/target/passthru.c | 10
drivers/nvme/target/rdma.c | 10
drivers/nvme/target/tcp.c | 8
drivers/nvme/target/zns.c | 30
drivers/nvmem/core.c | 6
drivers/nvmem/u-boot-env.c | 7
drivers/of/irq.c | 15
drivers/pci/controller/dwc/pci-keystone.c | 44 +
drivers/pci/controller/dwc/pcie-qcom.c | 25
drivers/pci/hotplug/pnv_php.c | 3
drivers/pci/pci.c | 35
drivers/pcmcia/yenta_socket.c | 6
drivers/phy/xilinx/phy-zynqmp.c | 1
drivers/pinctrl/qcom/pinctrl-x1e80100.c | 4
drivers/platform/x86/dell/dell-smbios-base.c | 5
drivers/ptp/ptp_ocp.c | 168 ++--
drivers/scsi/lpfc/lpfc_els.c | 17
drivers/scsi/pm8001/pm8001_sas.c | 4
drivers/spi/spi-fsl-lpspi.c | 31
drivers/spi/spi-hisi-kunpeng.c | 3
drivers/spi/spi-intel.c | 3
drivers/spi/spi-rockchip.c | 23
drivers/staging/iio/frequency/ad9834.c | 2
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c | 31
drivers/ufs/core/ufshcd.c | 7
drivers/uio/uio_hv_generic.c | 11
drivers/usb/dwc3/core.c | 15
drivers/usb/dwc3/core.h | 2
drivers/usb/dwc3/gadget.c | 41 -
drivers/usb/gadget/udc/aspeed_udc.c | 2
drivers/usb/gadget/udc/cdns2/cdns2-gadget.c | 12
drivers/usb/gadget/udc/cdns2/cdns2-gadget.h | 9
drivers/usb/storage/uas.c | 1
drivers/usb/typec/ucsi/ucsi.c | 50 -
drivers/vfio/vfio_iommu_spapr_tce.c | 13
drivers/virt/coco/sev-guest/sev-guest.c | 7
drivers/virtio/virtio_ring.c | 4
drivers/watchdog/imx7ulp_wdt.c | 5
drivers/xen/privcmd.c | 10
fs/binfmt_elf.c | 5
fs/btrfs/ctree.c | 12
fs/btrfs/ctree.h | 1
fs/btrfs/extent-tree.c | 62 +
fs/btrfs/file.c | 25
fs/btrfs/inode.c | 2
fs/btrfs/qgroup.c | 90 ++
fs/btrfs/transaction.h | 6
fs/btrfs/zoned.c | 30
fs/cachefiles/io.c | 2
fs/ext4/fast_commit.c | 8
fs/fuse/dev.c | 14
fs/fuse/dir.c | 2
fs/fuse/file.c | 8
fs/fuse/inode.c | 7
fs/fuse/xattr.c | 4
fs/jbd2/recovery.c | 30
fs/libfs.c | 6
fs/namespace.c | 93 +-
fs/netfs/fscache_main.c | 1
fs/netfs/io.c | 19
fs/nfs/super.c | 2
fs/nilfs2/recovery.c | 35
fs/nilfs2/segment.c | 10
fs/nilfs2/sysfs.c | 43 -
fs/ntfs3/dir.c | 52 -
fs/ntfs3/frecord.c | 4
fs/smb/client/cifsfs.c | 21
fs/smb/client/cifsglob.h | 1
fs/smb/client/cifssmb.c | 54 +
fs/smb/client/file.c | 37
fs/smb/client/inode.c | 2
fs/smb/client/smb2inode.c | 3
fs/smb/client/smb2ops.c | 18
fs/smb/client/smb2pdu.c | 41 -
fs/smb/client/trace.h | 1
fs/smb/server/oplock.c | 2
fs/smb/server/smb2pdu.c | 14
fs/smb/server/transport_tcp.c | 4
fs/squashfs/inode.c | 7
fs/tracefs/event_inode.c | 2
fs/udf/super.c | 15
fs/xattr.c | 91 +-
fs/xfs/libxfs/xfs_ialloc_btree.c | 2
include/linux/bpf-cgroup.h | 9
include/linux/mlx5/device.h | 1
include/linux/mm.h | 4
include/linux/netfs.h | 1
include/linux/nvme.h | 16
include/linux/path.h | 9
include/linux/regulator/consumer.h | 8
include/linux/zswap.h | 4
include/net/bluetooth/hci_core.h | 5
include/net/bluetooth/hci_sync.h | 4
include/net/mana/mana.h | 2
include/uapi/drm/drm_fourcc.h | 18
include/uapi/drm/panthor_drm.h | 6
kernel/bpf/btf.c | 4
kernel/bpf/verifier.c | 4
kernel/cgroup/cgroup.c | 2
kernel/cgroup/cpuset.c | 36
kernel/dma/map_benchmark.c | 16
kernel/events/core.c | 18
kernel/events/internal.h | 1
kernel/events/ring_buffer.c | 2
kernel/events/uprobes.c | 3
kernel/exit.c | 3
kernel/kexec_file.c | 2
kernel/locking/rtmutex.c | 9
kernel/resource.c | 6
kernel/seccomp.c | 23
kernel/smp.c | 1
kernel/trace/trace.c | 2
kernel/trace/trace_kprobe.c | 125 ++-
kernel/trace/trace_osnoise.c | 50 -
kernel/workqueue.c | 12
lib/codetag.c | 17
lib/generic-radix-tree.c | 2
lib/maple_tree.c | 7
lib/overflow_kunit.c | 3
mm/memcontrol.c | 12
mm/memory_hotplug.c | 2
mm/page_alloc.c | 7
mm/slub.c | 4
mm/sparse.c | 2
mm/userfaultfd.c | 29
mm/vmalloc.c | 7
mm/vmscan.c | 24
mm/zswap.c | 2
net/bluetooth/hci_conn.c | 6
net/bluetooth/hci_sync.c | 42 +
net/bluetooth/mgmt.c | 144 +--
net/bluetooth/smp.c | 7
net/bridge/br_fdb.c | 6
net/can/bcm.c | 4
net/core/filter.c | 1
net/core/net-sysfs.c | 2
net/ethtool/channels.c | 6
net/ethtool/common.c | 26
net/ethtool/common.h | 2
net/ethtool/ioctl.c | 4
net/ipv4/fou_core.c | 29
net/ipv4/tcp_bpf.c | 2
net/ipv4/tcp_input.c | 6
net/ipv6/ila/ila.h | 1
net/ipv6/ila/ila_main.c | 6
net/ipv6/ila/ila_xlat.c | 13
net/netfilter/nf_conncount.c | 8
net/sched/sch_cake.c | 11
net/sched/sch_netem.c | 9
net/socket.c | 4
net/unix/af_unix.c | 9
rust/Makefile | 2
rust/macros/module.rs | 6
scripts/gfp-translate | 66 +
security/smack/smack_lsm.c | 12
sound/core/control.c | 6
sound/hda/hdmi_chmap.c | 18
sound/pci/hda/patch_conexant.c | 11
sound/pci/hda/patch_realtek.c | 22
sound/soc/codecs/tas2781-fmwlib.c | 71 -
sound/soc/intel/boards/bxt_rt298.c | 2
sound/soc/intel/boards/bytcht_cx2072x.c | 2
sound/soc/intel/boards/bytcht_da7213.c | 2
sound/soc/intel/boards/bytcht_es8316.c | 2
sound/soc/intel/boards/bytcr_rt5640.c | 2
sound/soc/intel/boards/bytcr_rt5651.c | 2
sound/soc/intel/boards/bytcr_wm5102.c | 2
sound/soc/intel/boards/cht_bsw_rt5645.c | 2
sound/soc/intel/boards/cht_bsw_rt5672.c | 2
sound/soc/soc-dapm.c | 1
sound/soc/soc-topology.c | 2
sound/soc/sof/topology.c | 2
sound/soc/sunxi/sun4i-i2s.c | 143 +--
sound/soc/tegra/tegra210_ahub.c | 10
tools/lib/bpf/libbpf.c | 4
tools/net/ynl/lib/ynl.py | 7
tools/perf/util/bpf_lock_contention.c | 3
tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c | 4
tools/testing/selftests/mm/mseal_test.c | 37
tools/testing/selftests/mm/seal_elf.c | 13
tools/testing/selftests/net/Makefile | 3
tools/testing/selftests/riscv/mm/mmap_bottomup.c | 2
tools/testing/selftests/riscv/mm/mmap_default.c | 2
tools/testing/selftests/riscv/mm/mmap_test.h | 67 -
436 files changed, 4628 insertions(+), 3085 deletions(-)
Aaradhana Sahu (1):
wifi: ath12k: fix uninitialize symbol error on ath12k_peer_assoc_h_he()
Abel Vesa (1):
clk: qcom: gcc-x1e80100: Fix USB 0 and 1 PHY GDSC pwrsts flags
Adam Queler (1):
ALSA: hda/realtek: Enable Mute Led for HP Victus 15-fb1xxx
Adrian Huang (1):
mm: vmalloc: optimize vmap_lazy_nr arithmetic when purging each vmap_area
Adrián Larumbe (1):
drm/panthor: flush FW AS caches in slow reset path
Ajith C (1):
wifi: ath12k: fix firmware crash due to invalid peer nss
Aleksandr Mishin (2):
platform/x86: dell-smbios: Fix error path in dell_smbios_init()
staging: iio: frequency: ad9834: Validate frequency parameter value
Alex Deucher (2):
Revert "drm/amdgpu: align pp_power_profile_mode with kernel docs"
drm/amdgpu: always allocate cleared VRAM for GEM allocations
Alex Hung (6):
drm/amd/display: Check UnboundedRequestEnabled's value
drm/amd/display: Run DC_LOG_DC after checking link->link_enc
drm/amd/display: Check HDCP returned status
drm/amd/display: Validate function returns
drm/amd/display: Check denominator pbn_div before used
drm/amd/display: Check denominator crb_pipes before used
Alexander Gordeev (1):
s390/boot: Do not assume the decompressor range is reserved
Alexandre Ghiti (3):
riscv: Do not restrict memory size because of linear mapping on nommu
riscv: Improve sbi_ecall() code generation by reordering arguments
riscv: Fix RISCV_ALTERNATIVE_EARLY
Alexey Dobriyan (1):
ELF: fix kernel.randomize_va_space double read
Alison Schofield (1):
cxl/region: Verify target positions using the ordered target list
Amadeusz Sławiński (1):
ASoC: topology: Properly initialize soc_enum values
Andreas Hindborg (1):
rust: kbuild: fix export of bss symbols
Andreas Ziegler (1):
libbpf: Add NULL checks to bpf_object__{prev_map,next_map}
Andrei Vagin (1):
seccomp: release task filters when the task exits
Andy Shevchenko (3):
leds: spi-byte: Call of_node_put() on error path
drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused
drm/i915/fence: Mark debug_fence_free() with __maybe_unused
Anton Blanchard (1):
riscv: Fix toolchain vector detection
Anup Patel (1):
irqchip/sifive-plic: Probe plic driver early for Allwinner D1 platform
Arend van Spriel (1):
wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3
Arkadiusz Kubalewski (1):
tools/net/ynl: fix cli.py --subscribe feature
Armin Wolf (1):
hwmon: (hp-wmi-sensors) Check if WMI event data exists
Arnd Bergmann (2):
regmap: maple: work around gcc-14.1 false-positive warning
hid: bpf: add BPF_JIT dependency
Aurabindo Pillai (1):
drm/amd: Add gfx12 swizzle mode defs
Baochen Qiang (2):
Revert "wifi: ath11k: restore country code during resume"
Revert "wifi: ath11k: support hibernation"
Baokun Li (1):
fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF
Benjamin Marzinski (1):
dm init: Handle minors larger than 255
Bernd Schubert (1):
fuse: disable the combination of passthrough and writeback cache
Bob Zhou (1):
drm/amdgpu: add missing error handling in function amdgpu_gmc_flush_gpu_tlb_pasid
Bommu Krishnaiah (2):
drm/xe/xe2: Add workaround 14021402888
drm/xe/xe2lpg: Extend workaround 14021402888
Boqun Feng (1):
rust: macros: provide correct provenance when constructing THIS_MODULE
Breno Leitao (1):
net: dqs: Do not use extern for unused dql_group
Brian Johannesmeyer (1):
x86/kmsan: Fix hook for unaligned accesses
Brian Norris (1):
spi: rockchip: Resolve unbalanced runtime PM / system PM handling
Bryan O'Donoghue (1):
clk: qcom: gcc-x1e80100: Don't use parking clk_ops for QUPs
Camila Alvarez (1):
HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup
Carlos Llamas (1):
binder: fix UAF caused by offsets overwrite
Carlos Song (1):
spi: spi-fsl-lpspi: limit PRESCALE bit in TCR register
Charles Han (1):
spi: intel: Add check devm_kasprintf() returned value
Charlie Jenkins (2):
riscv: selftests: Remove mmap hint address checks
riscv: mm: Do not restrict mmap address based on hint
Chen Ni (1):
media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse
Chen-Yu Tsai (1):
ASoc: SOF: topology: Clear SOF link platform name upon unload
ChenXiaoSong (1):
smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()
Chih-Kang Chang (1):
wifi: rtw89: wow: prevent to send unexpected H2C during download Firmware
Christian Brauner (7):
libfs: fix get_stashed_dentry()
fs: don't copy to userspace under namespace semaphore
fs: relax permissions for statmount()
fs: only copy to userspace on success in listmount()
path: add cleanup helper
fs: simplify error handling
fs: relax permissions for listmount()
Christian König (1):
drm/amdgpu: reject gang submit on reserved VMIDs
Christoffer Sandberg (1):
ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices
Christoph Hellwig (1):
block: don't call bio_uninit from bio_endio
Christophe Leroy (2):
powerpc/64e: Define mmu_pte_psize static
powerpc/vdso: Don't discard rela sections
Cong Wang (1):
tcp_bpf: fix return value of tcp_bpf_sendmsg()
Daiwei Li (1):
igb: Fix not clearing TimeSync interrupts for 82580
Dan Carpenter (3):
ksmbd: Unlock on in ksmbd_tcp_set_interfaces()
irqchip/riscv-aplic: Fix an IS_ERR() vs NULL bug in probe()
igc: Unlock on error in igc_io_resume()
Dan Williams (1):
PCI: Add missing bridge lock to pci_bus_lock()
Daniel Lezcano (1):
clocksource/drivers/timer-of: Remove percpu irq related code
Daniele Ceraolo Spurio (2):
drm/xe/gsc: Do not attempt to load the GSC multiple times
drm/i915: Do not attempt to load the GSC multiple times
Danijel Slivka (1):
drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts
Dave Airlie (1):
nouveau: fix the fwsec sb verification register.
Dave Chinner (1):
xfs: xfs_finobt_count_blocks() walks the wrong btree
David Fernandez Gonzalez (1):
VMCI: Fix use-after-free when removing resource in vmci_resource_remove()
David Howells (8):
cifs: Fix lack of credit renegotiation on read retry
netfs, cifs: Fix handling of short DIO read
cifs: Fix copy offload to flush destination region
cifs: Fix FALLOC_FL_ZERO_RANGE to preflush buffered part of target region
cachefiles: Set the max subreq size for cache writes to MAX_RW_COUNT
vfs: Fix potential circular locking through setxattr() and removexattr()
cifs: Fix zero_point init on inode initialisation
cifs: Fix SMB1 readv/writev callback in the same way as SMB2/3
David Lechner (1):
iio: buffer-dmaengine: fix releasing dma channel on error
David Sterba (1):
btrfs: initialize location to fix -Wmaybe-uninitialized in btrfs_lookup_dentry()
Dawid Osuchowski (1):
ice: Add netif_device_attach/detach into PF reset flow
Devyn Liu (1):
spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware
Dmitry Torokhov (2):
Input: ili210x - use kvmalloc() to allocate buffer for firmware update
Input: uinput - reject requests with unreasonable number of slots
Douglas Anderson (2):
regulator: core: Stub devm_regulator_bulk_get_const() if !CONFIG_REGULATOR
Bluetooth: qca: If memdump doesn't work, re-enable IBS
Dragos Tatulea (1):
net/mlx5e: SHAMPO, Fix page leak
Dumitru Ceclan (3):
iio: adc: ad7124: fix config comparison
iio: adc: ad7124: fix chip ID mismatch
iio: adc: ad7124: fix DT configuration parsing
Eric Dumazet (1):
ila: call nf_unregister_net_hooks() sooner
Eric Joyner (1):
ice: Check all ice_vsi_rebuild() errors in function
Faisal Hassan (1):
usb: dwc3: core: update LC timer as per USB Spec V3.2
Fedor Pchelkin (1):
btrfs: qgroup: don't use extent changeset when not needed
Filipe Manana (3):
btrfs: replace BUG_ON() with error handling at update_ref_for_cow()
btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info()
btrfs: fix race between direct IO write and fsync when using same fd
Frank Li (1):
i3c: master: svc: resend target address when get NACK
Geert Uytterhoeven (1):
nvmem: Fix return type of devm_nvmem_device_get() in kerneldoc
Georg Gottleuber (1):
nvme-pci: Add sleep quirk for Samsung 990 Evo
Greg Kroah-Hartman (1):
Linux 6.10.10
Guenter Roeck (4):
hwmon: (adc128d818) Fix underflows seen when writing limit attributes
hwmon: (lm95234) Fix underflows seen when writing limit attributes
hwmon: (nct6775-core) Fix underflows seen when writing limit attributes
hwmon: (w83627ehf) Fix underflows seen when writing limit attributes
Guillaume Nault (1):
bareudp: Fix device stats updates.
Guillaume Stols (1):
iio: adc: ad7606: remove frstdata check for serial mode
Hans Verkuil (3):
media: b2c2: flexcop-usb: fix flexcop_usb_memory_req
media: vivid: fix wrong sizeimage value for mplane
media: vivid: don't set HDMI TX controls if there are no HDMI outputs
Hans de Goede (1):
ASoC: Intel: Boards: Fix NULL pointer deref in BYT/CHT boards harder
Hao Ge (2):
codetag: debug: mark codetags for poisoned page as empty
mm/slub: add check for s->flags in the alloc_tagging_slab_free_hook
Hareshx Sankar Raj (1):
crypto: qat - fix unintentional re-enabling of error interrupts
Hawking Zhang (3):
drm/amdgpu: Fix register access violation
drm/amdgpu: Fix smatch static checker warning
drm/amdgpu: Correct register used to clear fault status
Hayes Wang (1):
r8152: fix the firmware doesn't work
Heikki Krogerus (1):
usb: typec: ucsi: Fix the partner PD revision
Heiko Carstens (1):
s390/vmlinux.lds.S: Move ro_after_init section behind rodata section
Helge Deller (1):
parisc: Delay write-protection until mark_rodata_ro() call
Huacai Chen (2):
LoongArch: Use correct API to map cmdline in relocate_kernel()
LoongArch: Use accessors to page table entries instead of direct dereference
Huang Ying (1):
cxl/region: Fix a race condition in memory hotplug notifier
Igor Pylypiv (3):
scsi: pm80xx: Set phy->enable_completion only when we wait for it
ata: libata-scsi: Remove redundant sense_buffer memsets
ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf
Ivan Orlov (1):
kunit/overflow: Fix UB in overflow_allocation_test
Jacky Bai (2):
clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX
clocksource/drivers/imx-tpm: Fix next event not taking effect sometime
Jacob Pan (1):
iommu/vt-d: Handle volatile descriptor status read
Jakub Kicinski (1):
ethtool: fail closed if we can't get max channel used in indirection tables
James Morse (1):
arm64: acpi: Move get_cpu_for_acpi_id() to a header
Jamie Bainbridge (1):
selftests: net: enable bind tests
Jan Kara (1):
udf: Avoid excessive partition lengths
Jann Horn (3):
fuse: use unsigned type for getxattr/listxattr size truncation
userfaultfd: don't BUG_ON() if khugepaged yanks our page table
userfaultfd: fix checks for huge PMDs
Jarkko Nikula (1):
i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup
Jason Gunthorpe (1):
iommufd: Require drivers to supply the cache_invalidate_user ops
Jean-Baptiste Maneyrol (1):
iio: imu: inv_mpu6050: fix interrupt status read for old buggy chips
Jens Emil Schulz Østergaard (1):
net: microchip: vcap: Fix use-after-free error in kunit test
Jeongjun Park (1):
bpf: add check for invalid name in btf_name_valid_section()
Jernej Skrabec (1):
iommu: sun50i: clear bypass register
Jia Jie Ho (2):
crypto: starfive - Align rsa input data to 32-bit
crypto: starfive - Fix nent assignment in rsa dec
Jiaxun Yang (1):
MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed
Jinjie Ruan (1):
net: phy: Fix missing of_node_put() for leds
Jiwei Sun (1):
crypto: qat - initialize user_input.lock for rate_limiting
Joanne Koong (2):
fuse: update stats for pages in dropped aux writeback list
fuse: check aborted connection before adding requests to pending list for resending
Johannes Berg (2):
wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check
um: line: always fill *error_out in setup_one_line()
John Thomson (1):
nvmem: u-boot-env: error if NVMEM device is too small
Jonas Gorski (1):
net: bridge: br_fdb_external_learn_add(): always set EXT_LEARN
Jonathan Bell (1):
mmc: core: apply SD quirks earlier during probe
Jonathan Cameron (3):
ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add()
ACPI: processor: Fix memory leaks in error paths of processor_add()
arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry
Josef Bacik (4):
btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc()
btrfs: replace BUG_ON with ASSERT in walk_down_proc()
btrfs: clean up our handling of refs == 0 in snapshot delete
btrfs: handle errors from btrfs_dec_ref() properly
Jouni Högander (2):
drm/i915/display: Add mechanism to use sink model when applying quirk
drm/i915/display: Increase Fast Wake Sync length as a quirk
Jules Irenge (1):
pcmcia: Use resource_size function on resource object
Justin Tee (1):
scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info
Kan Liang (2):
perf/x86/intel: Limit the period on Haswell
perf/x86/intel: Hide Topdown metrics events if the feature is not enumerated
Keith Busch (1):
nvme-pci: allocate tagset on reset if necessary
Kent Overstreet (1):
lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()
Kirill A. Shutemov (1):
x86/tdx: Fix data leak in mmio_read()
Kishon Vijay Abraham I (1):
PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)
Konstantin Andreev (1):
smack: unix sockets: fix accept()ed socket label
Konstantin Komarov (2):
fs/ntfs3: One more reason to mark inode bad
fs/ntfs3: Check more cases when directory is corrupted
Krishna Kumar (1):
pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv
Krzysztof Kozlowski (1):
gpio: rockchip: fix OF node leak in probe()
Kuniyuki Iwashima (4):
af_unix: Remove put_pid()/put_cred() in copy_peercred().
can: bcm: Remove proc entry when dev is unregistered.
fou: Fix null-ptr-deref in GRO.
tcp: Don't drop SYN+ACK for simultaneous connect().
Kyoungrul Kim (1):
scsi: ufs: core: Remove SCSI host only if added
Lad Prabhakar (1):
irqchip/renesas-rzg2l: Reorder function calls in rzg2l_irqc_irq_disable()
Larysa Zaremba (5):
ice: move netif_queue_set_napi to rtnl-protected sections
ice: protect XDP configuration with a mutex
ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset
ice: remove ICE_CFG_BUSY locking from AF_XDP code
ice: do not bring the VSI up, if it was down before the XDP setup
Leo Li (1):
drm/amd/display: Lock DC and exit IPS when changing backlight
Leon Hwang (1):
bpf, verifier: Correct tail_call_reachable for bpf prog
Li Nan (1):
ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery()
Liam R. Howlett (1):
maple_tree: remove rcu_read_lock() from mt_validate()
Liao Chen (2):
mmc: sdhci-of-aspeed: fix module autoloading
gpio: modepin: Enable module autoloading
Lu Baolu (1):
iommu/vt-d: Remove control over Execute-Requested requests
Luis Henriques (SUSE) (1):
ext4: fix possible tid_t sequence overflows
Luiz Augusto von Dentz (4):
Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
Bluetooth: MGMT: Ignore keys being loaded with invalid type
Bluetooth: hci_sync: Introduce hci_cmd_sync_run/hci_cmd_sync_run_once
Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT
Ma Ke (2):
irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init()
usb: gadget: aspeed_udc: validate endpoint index for ast udc
Marc Kleine-Budde (5):
can: mcp251xfd: fix ring configuration when switching from CAN-CC to CAN-FD mode
can: mcp251xfd: mcp251xfd_handle_rxif_ring_uinc(): factor out in separate function
can: mcp251xfd: rx: prepare to workaround broken RX FIFO head index erratum
can: mcp251xfd: clarify the meaning of timestamp
can: mcp251xfd: rx: add workaround for erratum DS80000789E 6 of mcp2518fd
Marc Zyngier (1):
scripts: fix gfp-translate after ___GFP_*_BITS conversion to an enum
Marcin Ślusarz (1):
wifi: rtw88: usb: schedule rx work after everything is set up
Marek Marczykowski-Górecki (1):
ALSA: hda/realtek: extend quirks for Clevo V5[46]0
Marek Olšák (3):
drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6
drm/amdgpu/display: handle gfx12 in amdgpu_dm_plane_format_mod_supported
drm/amdgpu: handle gfx12 in amdgpu_display_verify_sizes
Markus Schneider-Pargmann (6):
can: m_can: Reset coalescing during suspend/resume
can: m_can: Remove coalesing disable in isr during suspend
can: m_can: Remove m_can_rx_peripheral indirection
can: m_can: Do not cancel timer from within timer
can: m_can: disable_all_interrupts, not clear active_interrupts
can: m_can: Reset cached active_interrupts on start
Martin Jocic (5):
can: kvaser_pciefd: Skip redundant NULL pointer check in ISR
can: kvaser_pciefd: Remove unnecessary comment
can: kvaser_pciefd: Rename board_irq to pci_irq
can: kvaser_pciefd: Move reset of DMA RX buffers to the end of the ISR
can: kvaser_pciefd: Use a single write when releasing RX buffers
Mary Guillemard (1):
drm/panthor: Restrict high priorities on group_create
Masami Hiramatsu (Google) (1):
tracing/kprobes: Add symbol counting check when module loads
Matt Coster (1):
drm/imagination: Free pvr_vm_gpuva after unlink
Matt Johnston (1):
net: mctp-serial: Fix missing escapes on transmit
Matteo Martelli (2):
iio: fix scale application in iio_convert_raw_to_processed_unlocked
ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode
Matthieu Baerts (NGI0) (1):
tcp: process the 3rd ACK with sk_socket for TFO/MPTCP
Maurizio Lombardi (2):
nvmet-tcp: fix kernel crash if commands allocation fails
nvmet: Identify-Active Namespace ID List command should reject invalid nsid
Maxim Levitsky (1):
KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE
Maximilien Perreault (1):
ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx
Michael Ellerman (3):
ata: pata_macio: Use WARN instead of BUG
powerpc/64e: remove unused IBM HTW code
powerpc/64e: split out nohash Book3E 64-bit code
Michal Simek (1):
dt-bindings: nvmem: Use soc-nvmem node name instead of nvmem
Mike Yuan (1):
mm/memcontrol: respect zswap.writeback setting from parent cg too
Miklos Szeredi (1):
fuse: clear PG_uptodate when using a stolen page
Mitchell Levy (1):
x86/fpu: Avoid writing LBR bit to IA32_XSS unless supported
Mohan Kumar (1):
ASoC: tegra: Fix CBB error during probe()
Mrinmay Sarkar (1):
PCI: qcom: Override NO_SNOOP attribute for SA8775P RC
Muhammad Usama Anjum (1):
selftests: mm: fix build errors on armhf
Naman Jain (1):
Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic
Namhyung Kim (1):
perf lock contention: Fix spinlock and rwlock accounting
Namjae Jeon (1):
ksmbd: unset the binding mark of a reused connection
Naohiro Aota (1):
btrfs: zoned: handle broken write pointer on zones
Nathan Lynch (1):
powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()
Neeraj Sanjay Kale (1):
Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush()
Nicholas Piggin (2):
workqueue: wq_watchdog_touch is always called with valid CPU
workqueue: Improve scalability of workqueue watchdog touch
Nuno Sa (1):
iio: adc: ad_sigma_delta: fix irq_flags on irq request
Nysal Jan K.A. (1):
powerpc/qspinlock: Fix deadlock in MCS queue
Oliver Neukum (2):
usbnet: modern method to get random MAC
usbnet: ipheth: race between ipheth_close and error handling
Olivier Sobrie (1):
HID: amd_sfh: free driver_data after destroying hid device
Pali Rohár (1):
irqchip/armada-370-xp: Do not allow mapping IRQ 0 and 1
Paulo Alcantara (2):
smb: client: fix double put of @cfile in smb2_set_path_size()
smb: client: fix double put of @cfile in smb2_rename_path()
Pawel Dembicki (2):
hwmon: ltc2991: fix register bits defines
net: dsa: vsc73xx: fix possible subblocks range of CAPT block
Pawel Laszczak (1):
usb: cdns2: Fix controller reset issue
Peiyang Wang (1):
net: hns3: void array out of bound when loop tnl_num
Peter Zijlstra (1):
perf/aux: Fix AUX buffer serialization
Petr Tesarik (1):
kexec_file: fix elfcorehdr digest exclusion when CONFIG_CRASH_HOTPLUG=y
Phillip Lougher (1):
Squashfs: sanity check symbolic link size
Prashanth K (1):
usb: dwc3: Avoid waking up gadget during startxfer
Qu Wenruo (1):
btrfs: slightly loosen the requirement for qgroup removal
Rakesh Ughreja (1):
accel/habanalabs/gaudi2: unsecure edma max outstanding register
Ravi Bangoria (1):
KVM: SVM: Don't advertise Bus Lock Detect to guest if SVM support is missing
Richard Fitzgerald (1):
firmware: cs_dsp: Don't allow writes to read-only controls
Roger Quadros (3):
net: ethernet: ti: am65-cpsw: Fix NULL dereference on XDP_TX
net: ethernet: ti: am65-cpsw: fix XDP_DROP, XDP_TX and XDP_REDIRECT
net: ethernet: ti: am65-cpsw: Fix RX statistics for XDP_TX and XDP_REDIRECT
Roland Xu (1):
rtmutex: Drop rt_mutex::wait_lock before scheduling
Ryusuke Konishi (3):
nilfs2: fix missing cleanup on rollforward recovery error
nilfs2: protect references to superblock parameters exposed in sysfs
nilfs2: fix state management in error path of log writing function
Sam Protsenko (1):
mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K
Samuel Holland (3):
riscv: misaligned: Restrict user access to kernel memory
riscv: kprobes: Use patch_text_nosync() for insn slots
riscv: Add tracepoints for SBI calls and returns
Sascha Hauer (2):
wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()
watchdog: imx7ulp_wdt: keep already running watchdog enabled
Satya Priya Kakitapalli (2):
clk: qcom: clk-alpha-pll: Fix the pll post div mask
clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API
Saurabh Sengar (1):
uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind
Sean Anderson (2):
net: xilinx: axienet: Fix race in axienet_stop
phy: zynqmp: Take the phy mutex in xlate
Sean Christopherson (1):
KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS
Sebastian Andrzej Siewior (1):
bpf: Remove tst_run from lwt_seg6local_prog_ops.
Seunghwan Baek (1):
mmc: cqhci: Fix checking of CQHCI_HALT state
Shantanu Goel (1):
usb: uas: set host status byte on data completion error
Shenghao Ding (1):
ASoc: TAS2781: replace beXX_to_cpup with get_unaligned_beXX for potentially broken alignment
Shivaprasad G Bhat (1):
vfio/spapr: Always clear TCEs before unsetting the window
Simon Arlott (1):
can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open
Simon Horman (1):
can: m_can: Release irq on error in m_can_open
Souradeep Chakrabarti (1):
net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup
Stefan Wahren (1):
spi: spi-fsl-lpspi: Fix off-by-one in prescale max
Stefan Wiehler (1):
of/irq: Prevent device address out-of-bounds read in interrupt map walk
Stephan Gerhold (1):
pinctrl: qcom: x1e80100: Bypass PDC wakeup parent for now
Stephen Boyd (2):
clk: qcom: gcc-sm8550: Don't use parking clk_ops for QUPs
clk: qcom: gcc-sm8550: Don't park the USB RCG at registration time
Stephen Hemminger (1):
sch/netem: fix use after free in netem_dequeue
Steven Rostedt (4):
tracing/osnoise: Use a cpumask to know what threads are kthreads
tracing/timerlat: Only clear timer if a kthread exists
tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread()
eventfs: Use list_del_rcu() for SRCU protected list variable
Sukrut Bellary (1):
misc: fastrpc: Fix double free of 'buf' in error path
Suren Baghdasaryan (1):
alloc_tag: fix allocation tag reporting when CONFIG_MODULES=n
Sven Schnelle (1):
uprobes: Use kzalloc to allocate xol area
Takashi Iwai (2):
ALSA: control: Apply sanity check of input values for user elements
ALSA: hda: Add input value sanity checks to HDMI channel map controls
Terry Cheong (1):
ALSA: hda/realtek: add patch for internal mic in Lenovo V145
Thomas Gleixner (2):
x86/kaslr: Expose and use the end of the physical memory address space
x86/mm: Fix PTI for i386 some more
Toke Høiland-Jørgensen (1):
sched: sch_cake: fix bulk flow accounting logic for host fairness
Trond Myklebust (1):
NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations
Tze-nan Wu (1):
bpf, net: Fix a potential race in do_sock_getsockopt()
Umang Jain (1):
staging: vchiq_core: Bubble up wait_event_interruptible() return value
Usama Arif (1):
Revert "mm: skip CMA pages when they are not available"
Uwe Kleine-König (1):
virt: sev-guest: Mark driver struct with __refdata to prevent section mismatch
Vadim Fedorenko (2):
ptp: ocp: convert serial ports to array
ptp: ocp: adjust sysfs entries to expose tty information
Vasiliy Kovalev (1):
ALSA: hda/realtek - Fix inactive headset mic jack for ASUS Vivobook 15 X1504VAP
Viresh Kumar (1):
xen: privcmd: Fix possible access to a freed kirqfd instance
Vladimir Oltean (1):
net: dpaa: avoid on-stack arrays of NR_CPUS elements
Waiman Long (2):
cgroup/cpuset: Delay setting of CS_CPU_EXCLUSIVE until valid partition
cgroup: Protect css->cgroup write under css_set_lock
Weiwen Hu (3):
nvme: rename nvme_sc_to_pr_err to nvme_status_to_pr_err
nvme: fix status magic numbers
nvme: rename CDR/MORE/DNR to NVME_STATUS_*
Will Deacon (1):
mm: vmalloc: ensure vmap_block is initialised before adding to queue
Xingyu Wu (1):
clk: starfive: jh7110-sys: Add notifier for PLL0 clock
Xuan Zhuo (1):
virtio_ring: fix KMSAN error for premapped mode
Ye Bin (1):
jbd2: avoid mount failed when commit block is partial submitted
YiPeng Chai (1):
drm/amdgpu: add mutex to protect ras shared memory
Yicong Yang (1):
dma-mapping: benchmark: Don't starve others when doing the test
Yifan Zha (1):
drm/amdgpu: Set no_hw_access when VF request full GPU fails
Yoray Zack (1):
net/mlx5e: SHAMPO, Use KSMs instead of KLMs
Yosry Ahmed (1):
mm: zswap: rename is_zswap_enabled() to zswap_is_enabled()
Yunjian Wang (1):
netfilter: nf_conncount: fix wrong variable type
Yuntao Wang (1):
x86/apic: Make x2apic_disable() work correctly
Yunxiang Li (3):
drm/amdgpu: Fix two reset triggered in a row
drm/amdgpu: Add reset_context flag for host FLR
drm/amdgpu: Fix amdgpu_device_reset_sriov retry logic
Zenghui Yu (1):
kselftests: dmabuf-heaps: Ensure the driver name is null-terminated
Zheng Qixing (1):
ata: libata: Fix memory leak for error path in ata_host_alloc()
Zheng Yejian (1):
tracing: Avoid possible softlockup in tracing_iter_reset()
Zijun Hu (1):
devres: Initialize an uninitialized struct member
Ziwei Xiao (1):
gve: Add adminq mutex lock
Zqiang (1):
smp: Add missing destroy_work_on_stack() call in smp_call_on_cpu()
devi priya (1):
clk: qcom: ipq9574: Update the alpha PLL type for GPLLs
robelin (1):
ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object
yang.zhang (1):
riscv: set trap vector earlier
yangyun (1):
fuse: fix memory leak in fuse_create_open
9 months, 1 week
- 1
- 1
Linux 6.6.51
by Greg Kroah-Hartman
I'm announcing the release of the 6.6.51 kernel.
All users of the 6.6 kernel series must upgrade.
The updated 6.6.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
MAINTAINERS | 2
Makefile | 2
arch/arm/include/asm/pgtable.h | 2
arch/arm64/include/asm/acpi.h | 12
arch/arm64/kernel/acpi_numa.c | 11
arch/loongarch/kernel/relocate.c | 4
arch/mips/kernel/cevt-r4k.c | 15
arch/powerpc/include/asm/nohash/mmu-e500.h | 3
arch/powerpc/kernel/vdso/vdso32.lds.S | 4
arch/powerpc/kernel/vdso/vdso64.lds.S | 4
arch/powerpc/lib/qspinlock.c | 10
arch/powerpc/mm/nohash/Makefile | 2
arch/powerpc/mm/nohash/tlb.c | 398 ----------
arch/powerpc/mm/nohash/tlb_64e.c | 361 +++++++++
arch/powerpc/mm/nohash/tlb_low_64e.S | 195 ----
arch/riscv/Kconfig | 5
arch/riscv/include/asm/kfence.h | 4
arch/riscv/include/asm/membarrier.h | 31
arch/riscv/include/asm/pgtable-64.h | 22
arch/riscv/include/asm/pgtable.h | 33
arch/riscv/kernel/efi.c | 2
arch/riscv/kernel/head.S | 3
arch/riscv/kernel/probes/kprobes.c | 5
arch/riscv/kvm/mmu.c | 22
arch/riscv/mm/Makefile | 3
arch/riscv/mm/context.c | 2
arch/riscv/mm/fault.c | 16
arch/riscv/mm/hugetlbpage.c | 12
arch/riscv/mm/init.c | 2
arch/riscv/mm/kasan_init.c | 45 -
arch/riscv/mm/pageattr.c | 44 -
arch/riscv/mm/pgtable.c | 51 +
arch/s390/kernel/vmlinux.lds.S | 9
arch/um/drivers/line.c | 2
arch/x86/coco/tdx/tdx.c | 1
arch/x86/events/intel/core.c | 23
arch/x86/include/asm/fpu/types.h | 7
arch/x86/include/asm/page_64.h | 1
arch/x86/include/asm/pgtable_64_types.h | 4
arch/x86/kernel/apic/apic.c | 11
arch/x86/kernel/fpu/xstate.c | 3
arch/x86/kernel/fpu/xstate.h | 4
arch/x86/kvm/svm/svm.c | 15
arch/x86/kvm/x86.c | 2
arch/x86/lib/iomem.c | 5
arch/x86/mm/init_64.c | 4
arch/x86/mm/kaslr.c | 32
arch/x86/mm/pti.c | 45 -
drivers/accel/habanalabs/gaudi2/gaudi2_security.c | 1
drivers/acpi/acpi_processor.c | 15
drivers/acpi/cppc_acpi.c | 13
drivers/android/binder.c | 1
drivers/ata/libata-core.c | 4
drivers/ata/libata-scsi.c | 24
drivers/ata/pata_macio.c | 7
drivers/base/devres.c | 1
drivers/base/regmap/regcache-maple.c | 3
drivers/block/ublk_drv.c | 2
drivers/bluetooth/btnxpuart.c | 12
drivers/bluetooth/hci_qca.c | 1
drivers/clk/qcom/clk-alpha-pll.c | 6
drivers/clk/qcom/clk-rcg.h | 1
drivers/clk/qcom/clk-rcg2.c | 30
drivers/clk/qcom/gcc-ipq9574.c | 12
drivers/clk/qcom/gcc-sm8550.c | 54 -
drivers/clk/starfive/clk-starfive-jh7110-sys.c | 31
drivers/clk/starfive/clk-starfive-jh71x0.h | 2
drivers/clocksource/timer-imx-tpm.c | 16
drivers/clocksource/timer-of.c | 17
drivers/clocksource/timer-of.h | 1
drivers/cpufreq/amd-pstate.c | 147 +++
drivers/crypto/intel/qat/qat_common/adf_gen2_pfvf.c | 4
drivers/crypto/intel/qat/qat_dh895xcc/adf_dh895xcc_hw_data.c | 8
drivers/crypto/starfive/jh7110-cryp.h | 4
drivers/crypto/starfive/jh7110-rsa.c | 15
drivers/cxl/core/region.c | 5
drivers/firmware/cirrus/cs_dsp.c | 3
drivers/gpio/gpio-rockchip.c | 1
drivers/gpio/gpio-zynqmp-modepin.c | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 15
drivers/gpu/drm/amd/amdgpu/amdgpu_display.c | 30
drivers/gpu/drm/amd/amdgpu/amdgpu_ids.c | 15
drivers/gpu/drm/amd/amdgpu/amdgpu_ids.h | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 4
drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 8
drivers/gpu/drm/amd/amdgpu/ih_v6_0.c | 28
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 2
drivers/gpu/drm/amd/display/dc/link/link_factory.c | 6
drivers/gpu/drm/amd/display/modules/hdcp/hdcp1_execution.c | 15
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6
drivers/gpu/drm/i915/gt/uc/intel_gsc_uc.c | 2
drivers/gpu/drm/i915/gt/uc/intel_uc_fw.h | 5
drivers/gpu/drm/i915/i915_sw_fence.c | 8
drivers/hid/amd-sfh-hid/amd_sfh_hid.c | 4
drivers/hid/hid-cougar.c | 2
drivers/hv/vmbus_drv.c | 1
drivers/hwmon/adc128d818.c | 4
drivers/hwmon/hp-wmi-sensors.c | 2
drivers/hwmon/lm95234.c | 9
drivers/hwmon/nct6775-core.c | 2
drivers/hwmon/w83627ehf.c | 4
drivers/i3c/master/mipi-i3c-hci/dma.c | 5
drivers/i3c/master/svc-i3c-master.c | 58 +
drivers/iio/adc/ad7124.c | 27
drivers/iio/adc/ad7606.c | 28
drivers/iio/adc/ad7606.h | 2
drivers/iio/adc/ad7606_par.c | 48 +
drivers/iio/buffer/industrialio-buffer-dmaengine.c | 4
drivers/iio/inkern.c | 8
drivers/input/misc/uinput.c | 14
drivers/input/touchscreen/ili210x.c | 6
drivers/iommu/intel/dmar.c | 2
drivers/iommu/sun50i-iommu.c | 1
drivers/irqchip/irq-armada-370-xp.c | 4
drivers/irqchip/irq-gic-v2m.c | 6
drivers/leds/leds-spi-byte.c | 6
drivers/md/dm-init.c | 4
drivers/media/platform/qcom/camss/camss.c | 5
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 17
drivers/media/test-drivers/vivid/vivid-vid-out.c | 16
drivers/misc/fastrpc.c | 5
drivers/misc/vmw_vmci/vmci_resource.c | 3
drivers/mmc/core/quirks.h | 22
drivers/mmc/core/sd.c | 4
drivers/mmc/host/cqhci-core.c | 2
drivers/mmc/host/dw_mmc.c | 4
drivers/mmc/host/sdhci-of-aspeed.c | 1
drivers/net/bareudp.c | 22
drivers/net/can/kvaser_pciefd.c | 43 -
drivers/net/can/m_can/m_can.c | 5
drivers/net/can/spi/mcp251x.c | 2
drivers/net/can/spi/mcp251xfd/mcp251xfd-core.c | 28
drivers/net/can/spi/mcp251xfd/mcp251xfd-ram.c | 11
drivers/net/can/spi/mcp251xfd/mcp251xfd-ring.c | 23
drivers/net/can/spi/mcp251xfd/mcp251xfd-rx.c | 165 ++--
drivers/net/can/spi/mcp251xfd/mcp251xfd-tef.c | 2
drivers/net/can/spi/mcp251xfd/mcp251xfd-timestamp.c | 22
drivers/net/can/spi/mcp251xfd/mcp251xfd.h | 42 -
drivers/net/dsa/vitesse-vsc73xx-core.c | 10
drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 20
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 10
drivers/net/ethernet/intel/e1000e/ich8lan.c | 2
drivers/net/ethernet/intel/ice/ice.h | 2
drivers/net/ethernet/intel/ice/ice_lib.c | 34
drivers/net/ethernet/intel/ice/ice_main.c | 46 -
drivers/net/ethernet/intel/ice/ice_xsk.c | 3
drivers/net/ethernet/intel/igb/igb_main.c | 10
drivers/net/ethernet/intel/igc/igc_main.c | 1
drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c | 14
drivers/net/ethernet/microsoft/mana/mana_en.c | 22
drivers/net/mctp/mctp-serial.c | 4
drivers/net/phy/phy_device.c | 2
drivers/net/usb/ipheth.c | 2
drivers/net/usb/r8152.c | 17
drivers/net/usb/usbnet.c | 11
drivers/net/wireless/ath/ath12k/mac.c | 9
drivers/net/wireless/broadcom/brcm80211/brcmsmac/mac80211_if.c | 1
drivers/net/wireless/intel/iwlwifi/mvm/mvm.h | 3
drivers/net/wireless/marvell/mwifiex/main.h | 3
drivers/net/wireless/realtek/rtw88/usb.c | 13
drivers/nvme/host/pci.c | 17
drivers/nvme/target/tcp.c | 4
drivers/nvmem/core.c | 6
drivers/of/irq.c | 15
drivers/pci/controller/dwc/pci-keystone.c | 44 +
drivers/pci/hotplug/pnv_php.c | 3
drivers/pci/pci.c | 35
drivers/pcmcia/yenta_socket.c | 6
drivers/phy/xilinx/phy-zynqmp.c | 1
drivers/platform/x86/dell/dell-smbios-base.c | 5
drivers/scsi/pm8001/pm8001_sas.c | 4
drivers/spi/spi-fsl-lpspi.c | 31
drivers/spi/spi-hisi-kunpeng.c | 3
drivers/spi/spi-rockchip.c | 23
drivers/staging/iio/frequency/ad9834.c | 2
drivers/ufs/core/ufshcd.c | 7
drivers/uio/uio_hv_generic.c | 11
drivers/usb/dwc3/core.c | 15
drivers/usb/dwc3/core.h | 2
drivers/usb/dwc3/gadget.c | 41 -
drivers/usb/gadget/udc/aspeed_udc.c | 2
drivers/usb/gadget/udc/cdns2/cdns2-gadget.c | 12
drivers/usb/gadget/udc/cdns2/cdns2-gadget.h | 9
drivers/usb/storage/uas.c | 1
drivers/vfio/vfio_iommu_spapr_tce.c | 13
drivers/virtio/virtio_ring.c | 4
drivers/xen/privcmd.c | 10
fs/binfmt_elf.c | 5
fs/btrfs/ctree.c | 12
fs/btrfs/ctree.h | 1
fs/btrfs/extent-tree.c | 32
fs/btrfs/file.c | 25
fs/btrfs/inode.c | 2
fs/btrfs/transaction.h | 6
fs/ext4/fast_commit.c | 8
fs/fscache/main.c | 1
fs/fuse/dir.c | 2
fs/fuse/file.c | 8
fs/fuse/xattr.c | 4
fs/jbd2/recovery.c | 30
fs/nfs/super.c | 2
fs/nilfs2/recovery.c | 35
fs/nilfs2/segment.c | 10
fs/nilfs2/sysfs.c | 43 -
fs/ntfs3/dir.c | 52 -
fs/ntfs3/frecord.c | 4
fs/smb/client/smb2inode.c | 3
fs/smb/client/smb2ops.c | 16
fs/smb/server/oplock.c | 2
fs/smb/server/smb2pdu.c | 14
fs/smb/server/transport_tcp.c | 4
fs/squashfs/inode.c | 7
fs/tracefs/event_inode.c | 2
fs/udf/super.c | 15
fs/xattr.c | 91 +-
include/acpi/cppc_acpi.h | 5
include/linux/amd-pstate.h | 4
include/linux/bpf-cgroup.h | 16
include/linux/mm.h | 4
include/linux/pgtable.h | 21
include/linux/regulator/consumer.h | 8
include/net/bluetooth/hci.h | 3
include/net/bluetooth/hci_core.h | 25
include/net/bluetooth/hci_sync.h | 24
include/net/mana/mana.h | 2
include/net/sock.h | 6
include/uapi/drm/drm_fourcc.h | 18
kernel/bpf/cgroup.c | 25
kernel/bpf/verifier.c | 4
kernel/cgroup/cgroup.c | 2
kernel/dma/map_benchmark.c | 16
kernel/events/core.c | 18
kernel/events/internal.h | 1
kernel/events/ring_buffer.c | 2
kernel/events/uprobes.c | 3
kernel/kexec_file.c | 2
kernel/locking/rtmutex.c | 9
kernel/resource.c | 6
kernel/sched/core.c | 5
kernel/smp.c | 1
kernel/trace/trace.c | 2
kernel/trace/trace_osnoise.c | 50 -
kernel/workqueue.c | 12
lib/generic-radix-tree.c | 2
mm/memory_hotplug.c | 2
mm/sparse.c | 2
mm/userfaultfd.c | 29
mm/vmalloc.c | 2
mm/vmscan.c | 24
net/bluetooth/hci_conn.c | 158 ---
net/bluetooth/hci_event.c | 27
net/bluetooth/hci_sync.c | 307 +++++++
net/bluetooth/mgmt.c | 144 +--
net/bluetooth/smp.c | 7
net/bridge/br_fdb.c | 6
net/can/bcm.c | 4
net/core/sock.c | 8
net/ipv4/fou_core.c | 29
net/ipv4/tcp_bpf.c | 2
net/ipv4/tcp_input.c | 6
net/ipv6/ila/ila.h | 1
net/ipv6/ila/ila_main.c | 6
net/ipv6/ila/ila_xlat.c | 13
net/netfilter/nf_conncount.c | 8
net/sched/sch_cake.c | 11
net/sched/sch_netem.c | 9
net/socket.c | 104 +-
net/unix/af_unix.c | 9
rust/Makefile | 4
rust/kernel/types.rs | 2
rust/macros/module.rs | 6
security/smack/smack_lsm.c | 12
sound/core/control.c | 6
sound/hda/hdmi_chmap.c | 18
sound/pci/hda/patch_conexant.c | 11
sound/pci/hda/patch_realtek.c | 10
sound/soc/codecs/tas2781-fmwlib.c | 71 -
sound/soc/soc-dapm.c | 1
sound/soc/soc-topology.c | 2
sound/soc/sof/topology.c | 2
sound/soc/sunxi/sun4i-i2s.c | 143 +--
sound/soc/tegra/tegra210_ahub.c | 10
tools/lib/bpf/libbpf.c | 4
tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c | 4
tools/testing/selftests/net/Makefile | 3
285 files changed, 3297 insertions(+), 2004 deletions(-)
Aaradhana Sahu (1):
wifi: ath12k: fix uninitialize symbol error on ath12k_peer_assoc_h_he()
Ajith C (1):
wifi: ath12k: fix firmware crash due to invalid peer nss
Aleksandr Mishin (2):
platform/x86: dell-smbios: Fix error path in dell_smbios_init()
staging: iio: frequency: ad9834: Validate frequency parameter value
Alex Deucher (1):
Revert "drm/amdgpu: align pp_power_profile_mode with kernel docs"
Alex Hung (3):
drm/amd/display: Run DC_LOG_DC after checking link->link_enc
drm/amd/display: Check HDCP returned status
drm/amd/display: Check denominator pbn_div before used
Alexandre Ghiti (5):
riscv: Use WRITE_ONCE() when setting page table entries
mm: Introduce pudp/p4dp/pgdp_get() functions
riscv: mm: Only compile pgtable.c if MMU
riscv: Use accessors to page table entries instead of direct dereference
riscv: Do not restrict memory size because of linear mapping on nommu
Alexey Dobriyan (1):
ELF: fix kernel.randomize_va_space double read
Alison Schofield (1):
cxl/region: Verify target positions using the ordered target list
Amadeusz Sławiński (1):
ASoC: topology: Properly initialize soc_enum values
Andrea Parri (1):
membarrier: riscv: Add full memory barrier in switch_mm()
Andreas Hindborg (1):
rust: kbuild: fix export of bss symbols
Andreas Ziegler (1):
libbpf: Add NULL checks to bpf_object__{prev_map,next_map}
Andy Shevchenko (3):
leds: spi-byte: Call of_node_put() on error path
drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused
drm/i915/fence: Mark debug_fence_free() with __maybe_unused
Anton Blanchard (1):
riscv: Fix toolchain vector detection
Arend van Spriel (1):
wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3
Armin Wolf (1):
hwmon: (hp-wmi-sensors) Check if WMI event data exists
Arnd Bergmann (1):
regmap: maple: work around gcc-14.1 false-positive warning
Aurabindo Pillai (1):
drm/amd: Add gfx12 swizzle mode defs
Baokun Li (1):
fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF
Benjamin Marzinski (1):
dm init: Handle minors larger than 255
Boqun Feng (2):
rust: types: Make Opaque::get const
rust: macros: provide correct provenance when constructing THIS_MODULE
Breno Leitao (4):
bpf: Add sockptr support for getsockopt
bpf: Add sockptr support for setsockopt
net/socket: Break down __sys_setsockopt
net/socket: Break down __sys_getsockopt
Brian Johannesmeyer (1):
x86/kmsan: Fix hook for unaligned accesses
Brian Norris (1):
spi: rockchip: Resolve unbalanced runtime PM / system PM handling
Camila Alvarez (1):
HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup
Carlos Llamas (1):
binder: fix UAF caused by offsets overwrite
Carlos Song (1):
spi: spi-fsl-lpspi: limit PRESCALE bit in TCR register
Chen Ni (1):
media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse
Chen-Yu Tsai (1):
ASoc: SOF: topology: Clear SOF link platform name upon unload
ChenXiaoSong (1):
smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()
Christian König (1):
drm/amdgpu: reject gang submit on reserved VMIDs
Christoffer Sandberg (1):
ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices
Christophe Leroy (2):
powerpc/64e: Define mmu_pte_psize static
powerpc/vdso: Don't discard rela sections
Cong Wang (1):
tcp_bpf: fix return value of tcp_bpf_sendmsg()
Daiwei Li (1):
igb: Fix not clearing TimeSync interrupts for 82580
Dan Carpenter (2):
ksmbd: Unlock on in ksmbd_tcp_set_interfaces()
igc: Unlock on error in igc_io_resume()
Dan Williams (1):
PCI: Add missing bridge lock to pci_bus_lock()
Daniel Lezcano (1):
clocksource/drivers/timer-of: Remove percpu irq related code
Daniele Ceraolo Spurio (1):
drm/i915: Do not attempt to load the GSC multiple times
Danijel Slivka (1):
drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts
David Fernandez Gonzalez (1):
VMCI: Fix use-after-free when removing resource in vmci_resource_remove()
David Howells (2):
cifs: Fix FALLOC_FL_ZERO_RANGE to preflush buffered part of target region
vfs: Fix potential circular locking through setxattr() and removexattr()
David Lechner (1):
iio: buffer-dmaengine: fix releasing dma channel on error
David Sterba (1):
btrfs: initialize location to fix -Wmaybe-uninitialized in btrfs_lookup_dentry()
Dawid Osuchowski (1):
ice: Add netif_device_attach/detach into PF reset flow
Devyn Liu (1):
spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware
Dmitry Torokhov (2):
Input: ili210x - use kvmalloc() to allocate buffer for firmware update
Input: uinput - reject requests with unreasonable number of slots
Douglas Anderson (2):
regulator: core: Stub devm_regulator_bulk_get_const() if !CONFIG_REGULATOR
Bluetooth: qca: If memdump doesn't work, re-enable IBS
Dumitru Ceclan (2):
iio: adc: ad7124: fix config comparison
iio: adc: ad7124: fix chip ID mismatch
Eric Dumazet (1):
ila: call nf_unregister_net_hooks() sooner
Eric Joyner (1):
ice: Check all ice_vsi_rebuild() errors in function
Faisal Hassan (1):
usb: dwc3: core: update LC timer as per USB Spec V3.2
Filipe Manana (2):
btrfs: replace BUG_ON() with error handling at update_ref_for_cow()
btrfs: fix race between direct IO write and fsync when using same fd
Frank Li (1):
i3c: master: svc: resend target address when get NACK
Geert Uytterhoeven (1):
nvmem: Fix return type of devm_nvmem_device_get() in kerneldoc
Georg Gottleuber (1):
nvme-pci: Add sleep quirk for Samsung 990 Evo
Greg Kroah-Hartman (1):
Linux 6.6.51
Guenter Roeck (4):
hwmon: (adc128d818) Fix underflows seen when writing limit attributes
hwmon: (lm95234) Fix underflows seen when writing limit attributes
hwmon: (nct6775-core) Fix underflows seen when writing limit attributes
hwmon: (w83627ehf) Fix underflows seen when writing limit attributes
Guillaume Nault (1):
bareudp: Fix device stats updates.
Guillaume Stols (1):
iio: adc: ad7606: remove frstdata check for serial mode
Hans Verkuil (2):
media: vivid: fix wrong sizeimage value for mplane
media: vivid: don't set HDMI TX controls if there are no HDMI outputs
Hareshx Sankar Raj (1):
crypto: qat - fix unintentional re-enabling of error interrupts
Hawking Zhang (1):
drm/amdgpu: Fix smatch static checker warning
Hayes Wang (1):
r8152: fix the firmware doesn't work
Heiko Carstens (1):
s390/vmlinux.lds.S: Move ro_after_init section behind rodata section
Huacai Chen (1):
LoongArch: Use correct API to map cmdline in relocate_kernel()
Igor Pylypiv (3):
scsi: pm80xx: Set phy->enable_completion only when we wait for it
ata: libata-scsi: Remove redundant sense_buffer memsets
ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf
Jacky Bai (2):
clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX
clocksource/drivers/imx-tpm: Fix next event not taking effect sometime
Jacob Pan (1):
iommu/vt-d: Handle volatile descriptor status read
James Morse (1):
arm64: acpi: Move get_cpu_for_acpi_id() to a header
Jamie Bainbridge (1):
selftests: net: enable bind tests
Jan Kara (1):
udf: Avoid excessive partition lengths
Jann Horn (3):
fuse: use unsigned type for getxattr/listxattr size truncation
userfaultfd: don't BUG_ON() if khugepaged yanks our page table
userfaultfd: fix checks for huge PMDs
Jarkko Nikula (1):
i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup
Jens Emil Schulz Østergaard (1):
net: microchip: vcap: Fix use-after-free error in kunit test
Jernej Skrabec (1):
iommu: sun50i: clear bypass register
Jia Jie Ho (2):
crypto: starfive - Align rsa input data to 32-bit
crypto: starfive - Fix nent assignment in rsa dec
Jiaxun Yang (1):
MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed
Jinjie Ruan (1):
net: phy: Fix missing of_node_put() for leds
Joanne Koong (1):
fuse: update stats for pages in dropped aux writeback list
Johannes Berg (2):
wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check
um: line: always fill *error_out in setup_one_line()
Jonas Dreßler (3):
Bluetooth: hci_event: Use HCI error defines instead of magic values
Bluetooth: hci_conn: Only do ACL connections sequentially
Bluetooth: Remove pending ACL connection attempts
Jonas Gorski (1):
net: bridge: br_fdb_external_learn_add(): always set EXT_LEARN
Jonathan Bell (1):
mmc: core: apply SD quirks earlier during probe
Jonathan Cameron (3):
ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add()
ACPI: processor: Fix memory leaks in error paths of processor_add()
arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry
Josef Bacik (2):
btrfs: replace BUG_ON with ASSERT in walk_down_proc()
btrfs: clean up our handling of refs == 0 in snapshot delete
Jules Irenge (1):
pcmcia: Use resource_size function on resource object
Kan Liang (1):
perf/x86/intel: Limit the period on Haswell
Keith Busch (1):
nvme-pci: allocate tagset on reset if necessary
Kent Overstreet (1):
lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()
Kirill A. Shutemov (1):
x86/tdx: Fix data leak in mmio_read()
Kishon Vijay Abraham I (1):
PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)
Konstantin Andreev (1):
smack: unix sockets: fix accept()ed socket label
Konstantin Komarov (2):
fs/ntfs3: One more reason to mark inode bad
fs/ntfs3: Check more cases when directory is corrupted
Krishna Kumar (1):
pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv
Krzysztof Kozlowski (1):
gpio: rockchip: fix OF node leak in probe()
Kuniyuki Iwashima (4):
af_unix: Remove put_pid()/put_cred() in copy_peercred().
can: bcm: Remove proc entry when dev is unregistered.
fou: Fix null-ptr-deref in GRO.
tcp: Don't drop SYN+ACK for simultaneous connect().
Kyoungrul Kim (1):
scsi: ufs: core: Remove SCSI host only if added
Larysa Zaremba (2):
ice: protect XDP configuration with a mutex
ice: do not bring the VSI up, if it was down before the XDP setup
Leon Hwang (1):
bpf, verifier: Correct tail_call_reachable for bpf prog
Li Nan (1):
ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery()
Liao Chen (2):
mmc: sdhci-of-aspeed: fix module autoloading
gpio: modepin: Enable module autoloading
Luis Henriques (SUSE) (1):
ext4: fix possible tid_t sequence overflows
Luiz Augusto von Dentz (10):
Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
Bluetooth: MGMT: Ignore keys being loaded with invalid type
Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync
Bluetooth: hci_sync: Add helper functions to manipulate cmd_sync queue
Bluetooth: hci_sync: Attempt to dequeue connection attempt
Bluetooth: hci_sync: Introduce hci_cmd_sync_run/hci_cmd_sync_run_once
Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT
Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync
Bluetooth: hci_sync: Fix UAF on create_le_conn_complete
Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync
Ma Ke (2):
irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init()
usb: gadget: aspeed_udc: validate endpoint index for ast udc
Marc Kleine-Budde (5):
can: mcp251xfd: fix ring configuration when switching from CAN-CC to CAN-FD mode
can: mcp251xfd: mcp251xfd_handle_rxif_ring_uinc(): factor out in separate function
can: mcp251xfd: rx: prepare to workaround broken RX FIFO head index erratum
can: mcp251xfd: clarify the meaning of timestamp
can: mcp251xfd: rx: add workaround for erratum DS80000789E 6 of mcp2518fd
Marcin Ślusarz (1):
wifi: rtw88: usb: schedule rx work after everything is set up
Marek Olšák (2):
drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6
drm/amdgpu: handle gfx12 in amdgpu_display_verify_sizes
Martin Jocic (5):
can: kvaser_pciefd: Skip redundant NULL pointer check in ISR
can: kvaser_pciefd: Remove unnecessary comment
can: kvaser_pciefd: Rename board_irq to pci_irq
can: kvaser_pciefd: Move reset of DMA RX buffers to the end of the ISR
can: kvaser_pciefd: Use a single write when releasing RX buffers
Matt Johnston (1):
net: mctp-serial: Fix missing escapes on transmit
Matteo Martelli (2):
iio: fix scale application in iio_convert_raw_to_processed_unlocked
ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode
Matthew Maurer (1):
rust: Use awk instead of recent xargs
Matthieu Baerts (NGI0) (1):
tcp: process the 3rd ACK with sk_socket for TFO/MPTCP
Maurizio Lombardi (1):
nvmet-tcp: fix kernel crash if commands allocation fails
Maxim Levitsky (1):
KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE
Maximilien Perreault (1):
ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx
Meng Li (2):
ACPI: CPPC: Add helper to get the highest performance value
cpufreq: amd-pstate: Enable amd-pstate preferred core support
Michael Ellerman (3):
ata: pata_macio: Use WARN instead of BUG
powerpc/64e: remove unused IBM HTW code
powerpc/64e: split out nohash Book3E 64-bit code
Mitchell Levy (1):
x86/fpu: Avoid writing LBR bit to IA32_XSS unless supported
Mohan Kumar (1):
ASoC: tegra: Fix CBB error during probe()
Naman Jain (1):
Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic
Namjae Jeon (1):
ksmbd: unset the binding mark of a reused connection
Neeraj Sanjay Kale (1):
Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush()
Nicholas Piggin (2):
workqueue: wq_watchdog_touch is always called with valid CPU
workqueue: Improve scalability of workqueue watchdog touch
Nysal Jan K.A. (1):
powerpc/qspinlock: Fix deadlock in MCS queue
Oliver Neukum (2):
usbnet: modern method to get random MAC
usbnet: ipheth: race between ipheth_close and error handling
Olivier Sobrie (1):
HID: amd_sfh: free driver_data after destroying hid device
Pali Rohár (1):
irqchip/armada-370-xp: Do not allow mapping IRQ 0 and 1
Paulo Alcantara (2):
smb: client: fix double put of @cfile in smb2_set_path_size()
smb: client: fix double put of @cfile in smb2_rename_path()
Pawel Dembicki (1):
net: dsa: vsc73xx: fix possible subblocks range of CAPT block
Pawel Laszczak (1):
usb: cdns2: Fix controller reset issue
Perry Yuan (1):
cpufreq: amd-pstate: fix the highest frequency issue which limits performance
Peter Zijlstra (1):
perf/aux: Fix AUX buffer serialization
Petr Tesarik (1):
kexec_file: fix elfcorehdr digest exclusion when CONFIG_CRASH_HOTPLUG=y
Phillip Lougher (1):
Squashfs: sanity check symbolic link size
Prashanth K (1):
usb: dwc3: Avoid waking up gadget during startxfer
Rakesh Ughreja (1):
accel/habanalabs/gaudi2: unsecure edma max outstanding register
Ravi Bangoria (1):
KVM: SVM: Don't advertise Bus Lock Detect to guest if SVM support is missing
Richard Fitzgerald (1):
firmware: cs_dsp: Don't allow writes to read-only controls
Roland Xu (1):
rtmutex: Drop rt_mutex::wait_lock before scheduling
Ryusuke Konishi (3):
nilfs2: fix missing cleanup on rollforward recovery error
nilfs2: protect references to superblock parameters exposed in sysfs
nilfs2: fix state management in error path of log writing function
Sam Protsenko (1):
mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K
Samuel Holland (1):
riscv: kprobes: Use patch_text_nosync() for insn slots
Sascha Hauer (1):
wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()
Sasha Neftin (1):
intel: legacy: Partial revert of field get conversion
Satya Priya Kakitapalli (2):
clk: qcom: clk-alpha-pll: Fix the pll post div mask
clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API
Saurabh Sengar (1):
uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind
Sean Anderson (1):
phy: zynqmp: Take the phy mutex in xlate
Sean Christopherson (1):
KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS
Seunghwan Baek (1):
mmc: cqhci: Fix checking of CQHCI_HALT state
Shantanu Goel (1):
usb: uas: set host status byte on data completion error
Shenghao Ding (1):
ASoc: TAS2781: replace beXX_to_cpup with get_unaligned_beXX for potentially broken alignment
Shivaprasad G Bhat (1):
vfio/spapr: Always clear TCEs before unsetting the window
Simon Arlott (1):
can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open
Simon Horman (1):
can: m_can: Release irq on error in m_can_open
Souradeep Chakrabarti (1):
net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup
Stefan Wahren (1):
spi: spi-fsl-lpspi: Fix off-by-one in prescale max
Stefan Wiehler (1):
of/irq: Prevent device address out-of-bounds read in interrupt map walk
Stephen Boyd (2):
clk: qcom: gcc-sm8550: Don't use parking clk_ops for QUPs
clk: qcom: gcc-sm8550: Don't park the USB RCG at registration time
Stephen Hemminger (1):
sch/netem: fix use after free in netem_dequeue
Steven Rostedt (4):
tracing/osnoise: Use a cpumask to know what threads are kthreads
tracing/timerlat: Only clear timer if a kthread exists
tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread()
eventfs: Use list_del_rcu() for SRCU protected list variable
Sukrut Bellary (1):
misc: fastrpc: Fix double free of 'buf' in error path
Sven Schnelle (1):
uprobes: Use kzalloc to allocate xol area
Takashi Iwai (2):
ALSA: control: Apply sanity check of input values for user elements
ALSA: hda: Add input value sanity checks to HDMI channel map controls
Terry Cheong (1):
ALSA: hda/realtek: add patch for internal mic in Lenovo V145
Thomas Gleixner (2):
x86/kaslr: Expose and use the end of the physical memory address space
x86/mm: Fix PTI for i386 some more
Toke Høiland-Jørgensen (1):
sched: sch_cake: fix bulk flow accounting logic for host fairness
Trond Myklebust (1):
NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations
Tze-nan Wu (1):
bpf, net: Fix a potential race in do_sock_getsockopt()
Usama Arif (1):
Revert "mm: skip CMA pages when they are not available"
Vern Hao (1):
mm/vmscan: use folio_migratetype() instead of get_pageblock_migratetype()
Viresh Kumar (1):
xen: privcmd: Fix possible access to a freed kirqfd instance
Vladimir Oltean (1):
net: dpaa: avoid on-stack arrays of NR_CPUS elements
Waiman Long (1):
cgroup: Protect css->cgroup write under css_set_lock
Will Deacon (1):
mm: vmalloc: ensure vmap_block is initialised before adding to queue
Xingyu Wu (1):
clk: starfive: jh7110-sys: Add notifier for PLL0 clock
Xuan Zhuo (1):
virtio_ring: fix KMSAN error for premapped mode
Ye Bin (1):
jbd2: avoid mount failed when commit block is partial submitted
Yicong Yang (1):
dma-mapping: benchmark: Don't starve others when doing the test
Yifan Zha (1):
drm/amdgpu: Set no_hw_access when VF request full GPU fails
Yunjian Wang (1):
netfilter: nf_conncount: fix wrong variable type
Yuntao Wang (1):
x86/apic: Make x2apic_disable() work correctly
Zenghui Yu (1):
kselftests: dmabuf-heaps: Ensure the driver name is null-terminated
Zheng Qixing (1):
ata: libata: Fix memory leak for error path in ata_host_alloc()
Zheng Yejian (1):
tracing: Avoid possible softlockup in tracing_iter_reset()
Zijun Hu (1):
devres: Initialize an uninitialized struct member
Zqiang (1):
smp: Add missing destroy_work_on_stack() call in smp_call_on_cpu()
devi priya (1):
clk: qcom: ipq9574: Update the alpha PLL type for GPLLs
robelin (1):
ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object
yang.zhang (1):
riscv: set trap vector earlier
yangyun (1):
fuse: fix memory leak in fuse_create_open
9 months, 1 week
- 1
- 1
Linux 6.1.110
by Greg Kroah-Hartman
I'm announcing the release of the 6.1.110 kernel.
All users of the 6.1 kernel series must upgrade.
The updated 6.1.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Makefile | 2
arch/arm64/include/asm/acpi.h | 12
arch/arm64/kernel/acpi_numa.c | 11
arch/mips/kernel/cevt-r4k.c | 15
arch/powerpc/include/asm/nohash/mmu-e500.h | 3
arch/powerpc/mm/nohash/Makefile | 2
arch/powerpc/mm/nohash/tlb.c | 398 ----------
arch/powerpc/mm/nohash/tlb_64e.c | 361 +++++++++
arch/powerpc/mm/nohash/tlb_low_64e.S | 195 ----
arch/riscv/kernel/head.S | 3
arch/s390/kernel/vmlinux.lds.S | 9
arch/um/drivers/line.c | 2
arch/x86/coco/tdx/tdx.c | 1
arch/x86/events/intel/core.c | 23
arch/x86/include/asm/fpu/types.h | 7
arch/x86/include/asm/page_64.h | 1
arch/x86/include/asm/pgtable_64_types.h | 4
arch/x86/kernel/fpu/xstate.c | 3
arch/x86/kernel/fpu/xstate.h | 4
arch/x86/kvm/svm/svm.c | 15
arch/x86/kvm/x86.c | 2
arch/x86/lib/iomem.c | 5
arch/x86/mm/init_64.c | 4
arch/x86/mm/kaslr.c | 32
arch/x86/mm/pti.c | 45 -
drivers/acpi/acpi_processor.c | 15
drivers/android/binder.c | 1
drivers/ata/libata-core.c | 4
drivers/ata/pata_macio.c | 7
drivers/base/devres.c | 1
drivers/block/ublk_drv.c | 2
drivers/clk/qcom/clk-alpha-pll.c | 6
drivers/clocksource/timer-imx-tpm.c | 16
drivers/clocksource/timer-of.c | 17
drivers/clocksource/timer-of.h | 1
drivers/crypto/qat/qat_common/adf_gen2_pfvf.c | 4
drivers/crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.c | 8
drivers/firmware/cirrus/cs_dsp.c | 3
drivers/gpio/gpio-rockchip.c | 1
drivers/gpio/gpio-zynqmp-modepin.c | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_display.c | 30
drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 4
drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 8
drivers/gpu/drm/amd/amdgpu/ih_v6_0.c | 28
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 2
drivers/gpu/drm/amd/display/modules/hdcp/hdcp1_execution.c | 15
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6
drivers/gpu/drm/i915/i915_sw_fence.c | 8
drivers/hid/amd-sfh-hid/amd_sfh_hid.c | 4
drivers/hid/hid-cougar.c | 2
drivers/hv/vmbus_drv.c | 1
drivers/hwmon/adc128d818.c | 4
drivers/hwmon/lm95234.c | 9
drivers/hwmon/nct6775-core.c | 2
drivers/hwmon/w83627ehf.c | 4
drivers/i3c/master/mipi-i3c-hci/dma.c | 5
drivers/iio/adc/ad7124.c | 27
drivers/iio/adc/ad7606.c | 28
drivers/iio/adc/ad7606.h | 2
drivers/iio/adc/ad7606_par.c | 48 +
drivers/iio/buffer/industrialio-buffer-dmaengine.c | 4
drivers/iio/inkern.c | 8
drivers/input/misc/uinput.c | 14
drivers/input/touchscreen/ili210x.c | 6
drivers/iommu/intel/dmar.c | 2
drivers/iommu/sun50i-iommu.c | 1
drivers/irqchip/irq-armada-370-xp.c | 4
drivers/irqchip/irq-gic-v2m.c | 6
drivers/leds/leds-spi-byte.c | 6
drivers/md/dm-init.c | 4
drivers/media/platform/qcom/camss/camss.c | 5
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 17
drivers/media/test-drivers/vivid/vivid-vid-out.c | 16
drivers/misc/vmw_vmci/vmci_resource.c | 3
drivers/mmc/core/quirks.h | 22
drivers/mmc/core/sd.c | 4
drivers/mmc/host/cqhci-core.c | 2
drivers/mmc/host/dw_mmc.c | 4
drivers/mmc/host/sdhci-of-aspeed.c | 1
drivers/net/bareudp.c | 22
drivers/net/can/m_can/m_can.c | 5
drivers/net/can/spi/mcp251x.c | 2
drivers/net/can/spi/mcp251xfd/mcp251xfd-core.c | 28
drivers/net/can/spi/mcp251xfd/mcp251xfd-ram.c | 11
drivers/net/can/spi/mcp251xfd/mcp251xfd-ring.c | 23
drivers/net/can/spi/mcp251xfd/mcp251xfd-rx.c | 165 ++--
drivers/net/can/spi/mcp251xfd/mcp251xfd-tef.c | 2
drivers/net/can/spi/mcp251xfd/mcp251xfd-timestamp.c | 22
drivers/net/can/spi/mcp251xfd/mcp251xfd.h | 42 -
drivers/net/dsa/vitesse-vsc73xx-core.c | 10
drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 20
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 10
drivers/net/ethernet/intel/ice/ice_main.c | 61 -
drivers/net/ethernet/intel/igb/igb_main.c | 10
drivers/net/ethernet/intel/igc/igc_main.c | 1
drivers/net/ethernet/microsoft/mana/mana.h | 2
drivers/net/ethernet/microsoft/mana/mana_en.c | 22
drivers/net/mctp/mctp-serial.c | 4
drivers/net/usb/ipheth.c | 2
drivers/net/usb/usbnet.c | 11
drivers/net/wireless/broadcom/brcm80211/brcmsmac/mac80211_if.c | 1
drivers/net/wireless/marvell/mwifiex/main.h | 3
drivers/nvme/host/pci.c | 11
drivers/nvme/target/tcp.c | 4
drivers/nvmem/core.c | 6
drivers/of/irq.c | 15
drivers/pci/controller/dwc/pci-keystone.c | 44 +
drivers/pci/hotplug/pnv_php.c | 3
drivers/pci/pci.c | 35
drivers/pcmcia/yenta_socket.c | 6
drivers/phy/xilinx/phy-zynqmp.c | 1
drivers/platform/x86/dell/dell-smbios-base.c | 5
drivers/regulator/of_regulator.c | 92 ++
drivers/spi/spi-rockchip.c | 23
drivers/staging/iio/frequency/ad9834.c | 2
drivers/uio/uio_hv_generic.c | 11
drivers/usb/dwc3/core.c | 15
drivers/usb/dwc3/core.h | 2
drivers/usb/gadget/udc/aspeed_udc.c | 2
drivers/usb/storage/uas.c | 1
fs/binfmt_elf.c | 5
fs/btrfs/ctree.c | 12
fs/btrfs/ctree.h | 1
fs/btrfs/extent-tree.c | 32
fs/btrfs/file.c | 25
fs/btrfs/inode.c | 2
fs/btrfs/transaction.h | 6
fs/ext4/fast_commit.c | 8
fs/fuse/dev.c | 6
fs/fuse/dir.c | 72 +
fs/fuse/file.c | 51 +
fs/fuse/fuse_i.h | 8
fs/fuse/inode.c | 3
fs/fuse/xattr.c | 4
fs/nfs/super.c | 2
fs/nilfs2/recovery.c | 35
fs/nilfs2/segment.c | 10
fs/nilfs2/sysfs.c | 43 -
fs/ntfs3/dir.c | 52 -
fs/ntfs3/frecord.c | 4
fs/smb/client/smb2ops.c | 16
fs/smb/server/smb2pdu.c | 4
fs/smb/server/transport_tcp.c | 4
fs/squashfs/inode.c | 7
fs/udf/super.c | 15
include/linux/mm.h | 4
include/linux/regulator/consumer.h | 16
include/net/bluetooth/hci_core.h | 5
include/uapi/drm/drm_fourcc.h | 18
include/uapi/linux/fuse.h | 46 +
io_uring/io-wq.c | 16
io_uring/sqpoll.c | 1
kernel/bpf/btf.c | 13
kernel/cgroup/cgroup.c | 2
kernel/dma/map_benchmark.c | 16
kernel/events/core.c | 18
kernel/events/internal.h | 1
kernel/events/ring_buffer.c | 2
kernel/events/uprobes.c | 3
kernel/locking/rtmutex.c | 9
kernel/resource.c | 6
kernel/smp.c | 1
kernel/trace/trace.c | 2
kernel/workqueue.c | 12
lib/generic-radix-tree.c | 2
mm/memcontrol.c | 22
mm/memory_hotplug.c | 2
mm/sparse.c | 2
net/bluetooth/mgmt.c | 60 -
net/bluetooth/smp.c | 7
net/bridge/br_fdb.c | 6
net/can/bcm.c | 4
net/ipv4/fou.c | 29
net/ipv4/tcp_bpf.c | 2
net/ipv4/tcp_input.c | 6
net/ipv6/ila/ila.h | 1
net/ipv6/ila/ila_main.c | 6
net/ipv6/ila/ila_xlat.c | 13
net/netfilter/nf_conncount.c | 8
net/sched/sch_cake.c | 11
net/sched/sch_netem.c | 9
net/unix/af_unix.c | 9
rust/Makefile | 4
security/smack/smack_lsm.c | 12
sound/core/control.c | 6
sound/hda/hdmi_chmap.c | 18
sound/pci/hda/patch_conexant.c | 11
sound/pci/hda/patch_realtek.c | 10
sound/soc/soc-dapm.c | 1
sound/soc/soc-topology.c | 2
sound/soc/sof/topology.c | 2
sound/soc/sunxi/sun4i-i2s.c | 143 +--
sound/soc/tegra/tegra210_ahub.c | 10
tools/lib/bpf/libbpf.c | 4
tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c | 4
tools/testing/selftests/net/mptcp/mptcp_join.sh | 234 ++++-
tools/testing/selftests/net/mptcp/mptcp_lib.sh | 15
197 files changed, 2263 insertions(+), 1399 deletions(-)
Aleksandr Mishin (2):
platform/x86: dell-smbios: Fix error path in dell_smbios_init()
staging: iio: frequency: ad9834: Validate frequency parameter value
Alex Deucher (1):
Revert "drm/amdgpu: align pp_power_profile_mode with kernel docs"
Alex Hung (2):
drm/amd/display: Check HDCP returned status
drm/amd/display: Check denominator pbn_div before used
Alexey Dobriyan (1):
ELF: fix kernel.randomize_va_space double read
Amadeusz Sławiński (1):
ASoC: topology: Properly initialize soc_enum values
Andreas Hindborg (1):
rust: kbuild: fix export of bss symbols
Andreas Ziegler (1):
libbpf: Add NULL checks to bpf_object__{prev_map,next_map}
Andy Shevchenko (3):
leds: spi-byte: Call of_node_put() on error path
drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused
drm/i915/fence: Mark debug_fence_free() with __maybe_unused
Arend van Spriel (1):
wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3
Aurabindo Pillai (1):
drm/amd: Add gfx12 swizzle mode defs
Benjamin Marzinski (1):
dm init: Handle minors larger than 255
Brian Johannesmeyer (1):
x86/kmsan: Fix hook for unaligned accesses
Brian Norris (1):
spi: rockchip: Resolve unbalanced runtime PM / system PM handling
Camila Alvarez (1):
HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup
Carlos Llamas (1):
binder: fix UAF caused by offsets overwrite
Chen Ni (1):
media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse
Chen-Yu Tsai (1):
ASoc: SOF: topology: Clear SOF link platform name upon unload
Christoffer Sandberg (1):
ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices
Christophe Leroy (1):
powerpc/64e: Define mmu_pte_psize static
Cong Wang (1):
tcp_bpf: fix return value of tcp_bpf_sendmsg()
Corentin Labbe (1):
regulator: Add of_regulator_bulk_get_all
Daiwei Li (1):
igb: Fix not clearing TimeSync interrupts for 82580
Dan Carpenter (2):
ksmbd: Unlock on in ksmbd_tcp_set_interfaces()
igc: Unlock on error in igc_io_resume()
Dan Williams (1):
PCI: Add missing bridge lock to pci_bus_lock()
Daniel Lezcano (1):
clocksource/drivers/timer-of: Remove percpu irq related code
Danijel Slivka (1):
drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts
David Fernandez Gonzalez (1):
VMCI: Fix use-after-free when removing resource in vmci_resource_remove()
David Howells (1):
cifs: Fix FALLOC_FL_ZERO_RANGE to preflush buffered part of target region
David Lechner (1):
iio: buffer-dmaengine: fix releasing dma channel on error
David Sterba (1):
btrfs: initialize location to fix -Wmaybe-uninitialized in btrfs_lookup_dentry()
Dawid Osuchowski (1):
ice: Add netif_device_attach/detach into PF reset flow
Dharmendra Singh (1):
fuse: allow non-extending parallel direct writes on the same file
Dmitry Torokhov (2):
Input: ili210x - use kvmalloc() to allocate buffer for firmware update
Input: uinput - reject requests with unreasonable number of slots
Douglas Anderson (1):
regulator: core: Stub devm_regulator_bulk_get_const() if !CONFIG_REGULATOR
Dumitru Ceclan (2):
iio: adc: ad7124: fix config comparison
iio: adc: ad7124: fix chip ID mismatch
Eric Dumazet (1):
ila: call nf_unregister_net_hooks() sooner
Faisal Hassan (1):
usb: dwc3: core: update LC timer as per USB Spec V3.2
Filipe Manana (2):
btrfs: replace BUG_ON() with error handling at update_ref_for_cow()
btrfs: fix race between direct IO write and fsync when using same fd
Geert Uytterhoeven (1):
nvmem: Fix return type of devm_nvmem_device_get() in kerneldoc
Georg Gottleuber (1):
nvme-pci: Add sleep quirk for Samsung 990 Evo
Greg Kroah-Hartman (1):
Linux 6.1.110
Guenter Roeck (4):
hwmon: (adc128d818) Fix underflows seen when writing limit attributes
hwmon: (lm95234) Fix underflows seen when writing limit attributes
hwmon: (nct6775-core) Fix underflows seen when writing limit attributes
hwmon: (w83627ehf) Fix underflows seen when writing limit attributes
Guillaume Nault (1):
bareudp: Fix device stats updates.
Guillaume Stols (1):
iio: adc: ad7606: remove frstdata check for serial mode
Hans Verkuil (2):
media: vivid: fix wrong sizeimage value for mplane
media: vivid: don't set HDMI TX controls if there are no HDMI outputs
Hareshx Sankar Raj (1):
crypto: qat - fix unintentional re-enabling of error interrupts
Hawking Zhang (1):
drm/amdgpu: Fix smatch static checker warning
Heiko Carstens (1):
s390/vmlinux.lds.S: Move ro_after_init section behind rodata section
Jacky Bai (2):
clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX
clocksource/drivers/imx-tpm: Fix next event not taking effect sometime
Jacob Pan (1):
iommu/vt-d: Handle volatile descriptor status read
James Morse (1):
arm64: acpi: Move get_cpu_for_acpi_id() to a header
Jan Kara (1):
udf: Avoid excessive partition lengths
Jann Horn (1):
fuse: use unsigned type for getxattr/listxattr size truncation
Jarkko Nikula (1):
i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup
Jens Axboe (1):
io_uring/io-wq: stop setting PF_NO_SETAFFINITY on io-wq workers
Jernej Skrabec (1):
iommu: sun50i: clear bypass register
Jiaxun Yang (1):
MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed
Joanne Koong (1):
fuse: update stats for pages in dropped aux writeback list
Johannes Berg (1):
um: line: always fill *error_out in setup_one_line()
Jonas Gorski (1):
net: bridge: br_fdb_external_learn_add(): always set EXT_LEARN
Jonathan Bell (1):
mmc: core: apply SD quirks earlier during probe
Jonathan Cameron (3):
ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add()
ACPI: processor: Fix memory leaks in error paths of processor_add()
arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry
Josef Bacik (2):
btrfs: replace BUG_ON with ASSERT in walk_down_proc()
btrfs: clean up our handling of refs == 0 in snapshot delete
Jules Irenge (1):
pcmcia: Use resource_size function on resource object
Kan Liang (1):
perf/x86/intel: Limit the period on Haswell
Kent Overstreet (1):
lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()
Kirill A. Shutemov (1):
x86/tdx: Fix data leak in mmio_read()
Kishon Vijay Abraham I (1):
PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)
Konstantin Andreev (1):
smack: unix sockets: fix accept()ed socket label
Konstantin Komarov (2):
fs/ntfs3: One more reason to mark inode bad
fs/ntfs3: Check more cases when directory is corrupted
Krishna Kumar (1):
pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv
Krzysztof Kozlowski (1):
gpio: rockchip: fix OF node leak in probe()
Kuniyuki Iwashima (4):
af_unix: Remove put_pid()/put_cred() in copy_peercred().
can: bcm: Remove proc entry when dev is unregistered.
fou: Fix null-ptr-deref in GRO.
tcp: Don't drop SYN+ACK for simultaneous connect().
Larysa Zaremba (1):
ice: do not bring the VSI up, if it was down before the XDP setup
Li Nan (1):
ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery()
Liao Chen (2):
mmc: sdhci-of-aspeed: fix module autoloading
gpio: modepin: Enable module autoloading
Luis Henriques (SUSE) (1):
ext4: fix possible tid_t sequence overflows
Luiz Augusto von Dentz (2):
Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
Bluetooth: MGMT: Ignore keys being loaded with invalid type
Ma Ke (2):
irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init()
usb: gadget: aspeed_udc: validate endpoint index for ast udc
Maciej Fijalkowski (2):
ice: Use ice_max_xdp_frame_size() in ice_xdp_setup_prog()
ice: allow hot-swapping XDP programs
Marc Kleine-Budde (5):
can: mcp251xfd: fix ring configuration when switching from CAN-CC to CAN-FD mode
can: mcp251xfd: mcp251xfd_handle_rxif_ring_uinc(): factor out in separate function
can: mcp251xfd: rx: prepare to workaround broken RX FIFO head index erratum
can: mcp251xfd: clarify the meaning of timestamp
can: mcp251xfd: rx: add workaround for erratum DS80000789E 6 of mcp2518fd
Marek Olšák (2):
drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6
drm/amdgpu: handle gfx12 in amdgpu_display_verify_sizes
Matt Johnston (1):
net: mctp-serial: Fix missing escapes on transmit
Matteo Martelli (2):
iio: fix scale application in iio_convert_raw_to_processed_unlocked
ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode
Matthew Maurer (1):
rust: Use awk instead of recent xargs
Matthieu Baerts (NGI0) (4):
selftests: mptcp: fix backport issues
selftests: mptcp: join: validate event numbers
selftests: mptcp: join: check re-re-adding ID 0 signal
tcp: process the 3rd ACK with sk_socket for TFO/MPTCP
Maurizio Lombardi (1):
nvmet-tcp: fix kernel crash if commands allocation fails
Maxim Levitsky (1):
KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE
Maximilien Perreault (1):
ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx
Michael Ellerman (3):
ata: pata_macio: Use WARN instead of BUG
powerpc/64e: remove unused IBM HTW code
powerpc/64e: split out nohash Book3E 64-bit code
Michal Koutný (1):
io_uring/sqpoll: Do not set PF_NO_SETAFFINITY on sqpoll threads
Miklos Szeredi (3):
fuse: add "expire only" mode to FUSE_NOTIFY_INVAL_ENTRY
fuse: add request extension
fuse: add feature flag for expire-only
Mitchell Levy (1):
x86/fpu: Avoid writing LBR bit to IA32_XSS unless supported
Mohan Kumar (1):
ASoC: tegra: Fix CBB error during probe()
Naman Jain (1):
Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic
Namjae Jeon (1):
ksmbd: unset the binding mark of a reused connection
Nicholas Piggin (2):
workqueue: wq_watchdog_touch is always called with valid CPU
workqueue: Improve scalability of workqueue watchdog touch
Oliver Neukum (2):
usbnet: modern method to get random MAC
usbnet: ipheth: race between ipheth_close and error handling
Olivier Sobrie (1):
HID: amd_sfh: free driver_data after destroying hid device
Pali Rohár (1):
irqchip/armada-370-xp: Do not allow mapping IRQ 0 and 1
Pawel Dembicki (1):
net: dsa: vsc73xx: fix possible subblocks range of CAPT block
Peng Wu (1):
regulator: of: fix a NULL vs IS_ERR() check in of_regulator_bulk_get_all()
Peter Zijlstra (1):
perf/aux: Fix AUX buffer serialization
Phillip Lougher (1):
Squashfs: sanity check symbolic link size
Ravi Bangoria (1):
KVM: SVM: Don't advertise Bus Lock Detect to guest if SVM support is missing
Richard Fitzgerald (1):
firmware: cs_dsp: Don't allow writes to read-only controls
Roland Xu (1):
rtmutex: Drop rt_mutex::wait_lock before scheduling
Ryusuke Konishi (3):
nilfs2: fix missing cleanup on rollforward recovery error
nilfs2: protect references to superblock parameters exposed in sysfs
nilfs2: fix state management in error path of log writing function
Sam Protsenko (1):
mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K
Sascha Hauer (1):
wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()
Satya Priya Kakitapalli (2):
clk: qcom: clk-alpha-pll: Fix the pll post div mask
clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API
Saurabh Sengar (1):
uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind
Sean Anderson (1):
phy: zynqmp: Take the phy mutex in xlate
Sean Christopherson (1):
KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS
Seunghwan Baek (1):
mmc: cqhci: Fix checking of CQHCI_HALT state
Shakeel Butt (1):
memcg: protect concurrent access to mem_cgroup_idr
Shantanu Goel (1):
usb: uas: set host status byte on data completion error
Simon Arlott (1):
can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open
Simon Horman (1):
can: m_can: Release irq on error in m_can_open
Souradeep Chakrabarti (1):
net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup
Stefan Wiehler (1):
of/irq: Prevent device address out-of-bounds read in interrupt map walk
Stephen Hemminger (1):
sch/netem: fix use after free in netem_dequeue
Sven Schnelle (1):
uprobes: Use kzalloc to allocate xol area
Takashi Iwai (2):
ALSA: control: Apply sanity check of input values for user elements
ALSA: hda: Add input value sanity checks to HDMI channel map controls
Terry Cheong (1):
ALSA: hda/realtek: add patch for internal mic in Lenovo V145
Thomas Gleixner (2):
x86/kaslr: Expose and use the end of the physical memory address space
x86/mm: Fix PTI for i386 some more
Toke Høiland-Jørgensen (1):
sched: sch_cake: fix bulk flow accounting logic for host fairness
Trond Myklebust (1):
NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations
Vladimir Oltean (1):
net: dpaa: avoid on-stack arrays of NR_CPUS elements
Waiman Long (1):
cgroup: Protect css->cgroup write under css_set_lock
Yicong Yang (1):
dma-mapping: benchmark: Don't starve others when doing the test
Yifan Zha (1):
drm/amdgpu: Set no_hw_access when VF request full GPU fails
Yonghong Song (1):
bpf: Silence a warning in btf_type_id_size()
Yunjian Wang (1):
netfilter: nf_conncount: fix wrong variable type
Zenghui Yu (1):
kselftests: dmabuf-heaps: Ensure the driver name is null-terminated
Zheng Qixing (1):
ata: libata: Fix memory leak for error path in ata_host_alloc()
Zheng Yejian (1):
tracing: Avoid possible softlockup in tracing_iter_reset()
Zijun Hu (1):
devres: Initialize an uninitialized struct member
Zqiang (1):
smp: Add missing destroy_work_on_stack() call in smp_call_on_cpu()
robelin (1):
ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object
yang.zhang (1):
riscv: set trap vector earlier
yangyun (1):
fuse: fix memory leak in fuse_create_open
9 months, 1 week
- 1
- 1
Linux 5.15.167
by Greg Kroah-Hartman
I'm announcing the release of the 5.15.167 kernel.
All users of the 5.15 kernel series must upgrade.
The updated 5.15.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/locking/hwspinlock.rst | 11
Makefile | 2
arch/arm64/include/asm/acpi.h | 12
arch/arm64/kernel/acpi_numa.c | 11
arch/mips/kernel/cevt-r4k.c | 15
arch/riscv/kernel/head.S | 3
arch/s390/kernel/vmlinux.lds.S | 9
arch/um/drivers/line.c | 2
arch/x86/kvm/svm/svm.c | 15
arch/x86/mm/pti.c | 45 +-
block/blk-integrity.c | 2
drivers/acpi/acpi_processor.c | 15
drivers/android/binder.c | 1
drivers/ata/libata-core.c | 4
drivers/ata/pata_macio.c | 7
drivers/base/devres.c | 1
drivers/clk/qcom/clk-alpha-pll.c | 6
drivers/clocksource/timer-imx-tpm.c | 16
drivers/clocksource/timer-of.c | 17
drivers/clocksource/timer-of.h | 1
drivers/cpufreq/scmi-cpufreq.c | 4
drivers/gpio/gpio-rockchip.c | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_afmt.c | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c | 2
drivers/gpu/drm/amd/amdgpu/amdgpu_cgs.c | 3
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 3
drivers/gpu/drm/amd/amdgpu/amdgpu_display.c | 3
drivers/gpu/drm/amd/amdgpu/amdgpu_eeprom.c | 6
drivers/gpu/drm/amd/amdgpu/amdgpu_eeprom.h | 4
drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 3
drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 5
drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 8
drivers/gpu/drm/amd/amdgpu/df_v1_7.c | 2
drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c | 2
drivers/gpu/drm/amd/amdkfd/kfd_crat.h | 2
drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 3
drivers/gpu/drm/amd/amdkfd/kfd_topology.h | 5
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 5
drivers/gpu/drm/amd/display/dc/clk_mgr/dcn21/rn_clk_mgr.c | 3
drivers/gpu/drm/amd/display/dc/core/dc.c | 1
drivers/gpu/drm/amd/display/dc/dcn20/dcn20_dwb_scl.c | 3
drivers/gpu/drm/amd/display/dc/gpio/gpio_service.c | 17
drivers/gpu/drm/amd/display/dc/hdcp/hdcp_msg.c | 17
drivers/gpu/drm/amd/display/modules/hdcp/hdcp1_execution.c | 15
drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c | 28 +
drivers/gpu/drm/amd/pm/powerplay/hwmgr/pp_psm.c | 13
drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c | 5
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu10_hwmgr.c | 29 +
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 2
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu8_hwmgr.c | 15
drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega10_hwmgr.c | 90 ++++-
drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega12_hwmgr.c | 20 -
drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega20_hwmgr.c | 31 +
drivers/gpu/drm/amd/pm/powerplay/smumgr/vega10_smumgr.c | 6
drivers/gpu/drm/amd/pm/swsmu/smu13/aldebaran_ppt.c | 3
drivers/gpu/drm/bridge/tc358767.c | 2
drivers/gpu/drm/drm_panel_orientation_quirks.c | 6
drivers/gpu/drm/i915/i915_sw_fence.c | 8
drivers/gpu/drm/meson/meson_plane.c | 17
drivers/hid/amd-sfh-hid/amd_sfh_hid.c | 4
drivers/hid/hid-cougar.c | 2
drivers/hv/vmbus_drv.c | 1
drivers/hwmon/adc128d818.c | 4
drivers/hwmon/lm95234.c | 9
drivers/hwmon/nct6775.c | 2
drivers/hwmon/w83627ehf.c | 4
drivers/hwspinlock/hwspinlock_core.c | 28 +
drivers/hwspinlock/hwspinlock_internal.h | 3
drivers/i3c/master/mipi-i3c-hci/dma.c | 5
drivers/iio/adc/ad7124.c | 27 -
drivers/iio/buffer/industrialio-buffer-dmaengine.c | 4
drivers/iio/inkern.c | 8
drivers/infiniband/hw/efa/efa_com.c | 30 -
drivers/input/misc/uinput.c | 14
drivers/iommu/intel/dmar.c | 2
drivers/iommu/sun50i-iommu.c | 1
drivers/irqchip/irq-armada-370-xp.c | 4
drivers/irqchip/irq-gic-v2m.c | 6
drivers/leds/leds-spi-byte.c | 6
drivers/md/dm-init.c | 4
drivers/media/platform/qcom/camss/camss.c | 5
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 17
drivers/media/test-drivers/vivid/vivid-vid-out.c | 16
drivers/media/usb/uvc/uvc_driver.c | 18 -
drivers/misc/vmw_vmci/vmci_resource.c | 3
drivers/mmc/host/cqhci-core.c | 2
drivers/mmc/host/dw_mmc.c | 4
drivers/mmc/host/sdhci-of-aspeed.c | 1
drivers/net/bareudp.c | 22 -
drivers/net/can/m_can/m_can.c | 5
drivers/net/can/spi/mcp251x.c | 2
drivers/net/dsa/vitesse-vsc73xx-core.c | 10
drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 20 -
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 10
drivers/net/ethernet/intel/ice/ice_lib.c | 12
drivers/net/ethernet/intel/igb/igb_main.c | 10
drivers/net/ethernet/intel/igc/igc_main.c | 1
drivers/net/ethernet/pensando/ionic/ionic_lif.c | 2
drivers/net/geneve.c | 8
drivers/net/usb/ch9200.c | 4
drivers/net/usb/cx82310_eth.c | 5
drivers/net/usb/ipheth.c | 2
drivers/net/usb/kaweth.c | 3
drivers/net/usb/mcs7830.c | 4
drivers/net/usb/qmi_wwan.c | 1
drivers/net/usb/sierra_net.c | 6
drivers/net/usb/sr9700.c | 4
drivers/net/usb/sr9800.c | 5
drivers/net/usb/usbnet.c | 15
drivers/net/virtio_net.c | 8
drivers/net/wireless/broadcom/brcm80211/brcmsmac/mac80211_if.c | 1
drivers/net/wireless/intel/iwlwifi/fw/debugfs.c | 3
drivers/net/wireless/intel/iwlwifi/fw/runtime.h | 1
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 6
drivers/net/wireless/marvell/mwifiex/main.h | 3
drivers/nvme/host/pci.c | 11
drivers/nvme/target/tcp.c | 4
drivers/nvmem/core.c | 6
drivers/of/irq.c | 15
drivers/pci/controller/dwc/pci-keystone.c | 44 ++
drivers/pci/controller/dwc/pcie-al.c | 16
drivers/pci/hotplug/pnv_php.c | 3
drivers/pci/pci.c | 35 +-
drivers/pcmcia/yenta_socket.c | 6
drivers/platform/x86/dell/dell-smbios-base.c | 5
drivers/staging/iio/frequency/ad9834.c | 2
drivers/uio/uio_hv_generic.c | 11
drivers/usb/dwc3/core.c | 15
drivers/usb/dwc3/core.h | 2
drivers/usb/storage/uas.c | 1
drivers/usb/typec/ucsi/ucsi.h | 2
drivers/usb/usbip/stub_rx.c | 77 ++--
fs/btrfs/ctree.c | 12
fs/btrfs/ctree.h | 1
fs/btrfs/extent-tree.c | 32 +
fs/btrfs/file.c | 25 -
fs/btrfs/inode.c | 2
fs/btrfs/transaction.h | 6
fs/cifs/smb2ops.c | 24 -
fs/ext4/fast_commit.c | 8
fs/ext4/inode.c | 5
fs/ext4/page-io.c | 14
fs/fuse/file.c | 8
fs/fuse/xattr.c | 4
fs/ksmbd/smb2pdu.c | 4
fs/ksmbd/transport_tcp.c | 4
fs/nfs/super.c | 2
fs/nilfs2/recovery.c | 35 +-
fs/nilfs2/segment.c | 10
fs/nilfs2/sysfs.c | 117 ++++--
fs/notify/fsnotify.c | 31 +
fs/notify/fsnotify.h | 2
fs/notify/mark.c | 32 +
fs/ntfs3/dir.c | 52 +-
fs/squashfs/inode.c | 7
fs/udf/super.c | 24 +
include/linux/fsnotify_backend.h | 8
include/linux/hwspinlock.h | 6
include/linux/i2c.h | 2
include/linux/udp.h | 2
include/linux/virtio_net.h | 35 +-
include/net/bluetooth/hci_core.h | 5
kernel/cgroup/cgroup.c | 2
kernel/dma/debug.c | 5
kernel/dma/map_benchmark.c | 16
kernel/events/core.c | 18 -
kernel/events/internal.h | 1
kernel/events/ring_buffer.c | 2
kernel/events/uprobes.c | 3
kernel/locking/rtmutex.c | 9
kernel/rcu/tasks.h | 2
kernel/rcu/tree.h | 1
kernel/rcu/tree_nocb.h | 32 -
kernel/smp.c | 1
kernel/trace/trace.c | 2
kernel/workqueue.c | 12
lib/generic-radix-tree.c | 2
mm/memcontrol.c | 23 +
net/8021q/vlan_core.c | 7
net/bluetooth/mgmt.c | 60 +--
net/bluetooth/smp.c | 7
net/bridge/br_fdb.c | 6
net/can/bcm.c | 4
net/ethernet/eth.c | 7
net/ipv4/af_inet.c | 19 -
net/ipv4/fou.c | 54 +--
net/ipv4/gre_offload.c | 12
net/ipv4/tcp_bpf.c | 2
net/ipv4/tcp_offload.c | 3
net/ipv4/udp_offload.c | 22 -
net/ipv6/ila/ila.h | 1
net/ipv6/ila/ila_main.c | 6
net/ipv6/ila/ila_xlat.c | 13
net/ipv6/ip6_offload.c | 14
net/ipv6/udp_offload.c | 2
net/mptcp/options.c | 44 +-
net/mptcp/pm.c | 36 +-
net/mptcp/pm_netlink.c | 174 ++++++----
net/mptcp/protocol.c | 61 ++-
net/mptcp/protocol.h | 28 -
net/mptcp/sockopt.c | 4
net/mptcp/subflow.c | 56 +--
net/netfilter/nf_conncount.c | 8
net/sched/sch_cake.c | 11
net/sched/sch_netem.c | 9
net/sunrpc/xprtsock.c | 7
net/unix/af_unix.c | 9
net/wireless/scan.c | 46 +-
security/apparmor/apparmorfs.c | 4
security/smack/smack_lsm.c | 14
sound/hda/hdmi_chmap.c | 18 +
sound/pci/hda/hda_generic.c | 63 +++
sound/pci/hda/hda_generic.h | 1
sound/pci/hda/patch_conexant.c | 13
sound/pci/hda/patch_realtek.c | 10
sound/soc/soc-dapm.c | 1
sound/soc/soc-topology.c | 2
sound/soc/sunxi/sun4i-i2s.c | 143 ++++----
tools/lib/bpf/libbpf.c | 4
tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c | 4
tools/testing/selftests/net/udpgso.c | 2
221 files changed, 1925 insertions(+), 986 deletions(-)
Abhishek Pandit-Subedi (1):
usb: typec: ucsi: Fix null pointer dereference in trace
Aleksandr Mishin (3):
PCI: al: Check IORESOURCE_BUS existence during probe
platform/x86: dell-smbios: Fix error path in dell_smbios_init()
staging: iio: frequency: ad9834: Validate frequency parameter value
Alex Hung (5):
drm/amd/display: Check gpio_id before used as array index
drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]
drm/amd/display: Check msg_id before processing transcation
drm/amd/display: Skip wbscl_set_scaler_filter if filter is null
drm/amd/display: Check HDCP returned status
Alvin Lee (1):
drm/amd/display: Assign linear_pitch_alignment even for VM
Amadeusz Sławiński (1):
ASoC: topology: Properly initialize soc_enum values
Amir Goldstein (1):
fsnotify: clear PARENT_WATCHED flags lazily
Andreas Ziegler (1):
libbpf: Add NULL checks to bpf_object__{prev_map,next_map}
Andy Shevchenko (3):
leds: spi-byte: Call of_node_put() on error path
drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused
drm/i915/fence: Mark debug_fence_free() with __maybe_unused
Arend van Spriel (1):
wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3
Asad Kamal (1):
drm/amd/amdgpu: Check tbo resource pointer
Benjamin Marzinski (1):
dm init: Handle minors larger than 255
Bob Zhou (1):
drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr
Breno Leitao (1):
virtio_net: Fix napi_skb_cache_put warning
Camila Alvarez (1):
HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup
Carlos Llamas (1):
binder: fix UAF caused by offsets overwrite
Casey Schaufler (1):
smack: tcp: ipv4, fix incorrect labeling
Chen Ni (1):
media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse
Christoffer Sandberg (1):
ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices
Christoph Hellwig (1):
block: remove the blk_flush_integrity call in blk_integrity_unregister
Cong Wang (1):
tcp_bpf: fix return value of tcp_bpf_sendmsg()
Daiwei Li (1):
igb: Fix not clearing TimeSync interrupts for 82580
Dan Carpenter (2):
igc: Unlock on error in igc_io_resume()
ksmbd: Unlock on in ksmbd_tcp_set_interfaces()
Dan Williams (1):
PCI: Add missing bridge lock to pci_bus_lock()
Daniel Borkmann (1):
net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket
Daniel Lezcano (1):
clocksource/drivers/timer-of: Remove percpu irq related code
David Fernandez Gonzalez (1):
VMCI: Fix use-after-free when removing resource in vmci_resource_remove()
David Lechner (1):
iio: buffer-dmaengine: fix releasing dma channel on error
David Sterba (1):
btrfs: initialize location to fix -Wmaybe-uninitialized in btrfs_lookup_dentry()
Dmitry Torokhov (1):
Input: uinput - reject requests with unreasonable number of slots
Dumitru Ceclan (2):
iio: adc: ad7124: fix config comparison
iio: adc: ad7124: fix chip ID mismatch
Eric Biggers (1):
ext4: reject casefold inode flag without casefold feature
Eric Dumazet (3):
ila: call nf_unregister_net_hooks() sooner
gro: remove rcu_read_lock/rcu_read_unlock from gro_receive handlers
gro: remove rcu_read_lock/rcu_read_unlock from gro_complete handlers
Faisal Hassan (1):
usb: dwc3: core: update LC timer as per USB Spec V3.2
Felix Fietkau (1):
udp: fix receiving fraglist GSO packets
Filipe Manana (2):
btrfs: replace BUG_ON() with error handling at update_ref_for_cow()
btrfs: fix race between direct IO write and fsync when using same fd
Frederic Weisbecker (1):
rcu/nocb: Remove buggy bypass lock contention mitigation
Geert Uytterhoeven (1):
nvmem: Fix return type of devm_nvmem_device_get() in kerneldoc
Georg Gottleuber (1):
nvme-pci: Add sleep quirk for Samsung 990 Evo
Greg Kroah-Hartman (1):
Linux 5.15.167
Guenter Roeck (4):
hwmon: (adc128d818) Fix underflows seen when writing limit attributes
hwmon: (lm95234) Fix underflows seen when writing limit attributes
hwmon: (nct6775-core) Fix underflows seen when writing limit attributes
hwmon: (w83627ehf) Fix underflows seen when writing limit attributes
Guillaume Nault (1):
bareudp: Fix device stats updates.
Hans Verkuil (2):
media: vivid: fix wrong sizeimage value for mplane
media: vivid: don't set HDMI TX controls if there are no HDMI outputs
Haoran Liu (1):
drm/meson: plane: Add error handling
Heiko Carstens (1):
s390/vmlinux.lds.S: Move ro_after_init section behind rodata section
Hersen Wu (3):
drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6
drm/amd/display: Add array index check for hdcp ddc access
drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create
Jacky Bai (2):
clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX
clocksource/drivers/imx-tpm: Fix next event not taking effect sometime
Jacob Pan (1):
iommu/vt-d: Handle volatile descriptor status read
Jagadeesh Kona (1):
cpufreq: scmi: Avoid overflow of target_freq in fast switch
Jakub Kicinski (1):
net: usb: don't write directly to netdev->dev_addr
James Morse (1):
arm64: acpi: Move get_cpu_for_acpi_id() to a header
Jan Kara (3):
udf: Limit file size to 4TB
ext4: handle redirtying in ext4_bio_write_page()
udf: Avoid excessive partition lengths
Jann Horn (1):
fuse: use unsigned type for getxattr/listxattr size truncation
Jarkko Nikula (1):
i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup
Jernej Skrabec (1):
iommu: sun50i: clear bypass register
Jesse Zhang (6):
drm/amd/pm: fix warning using uninitialized value of max_vid_step
drm/amd/pm: fix the Out-of-bounds read warning
drm/amdgpu: fix the waring dereferencing hive
drm/amd/pm: check specific index for aldebaran
drm/amdgpu: the warning dereferencing obj for nbio_v7_4
drm/amd/pm: check negtive return for table entries
Jiaxun Yang (1):
MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed
Joanne Koong (1):
fuse: update stats for pages in dropped aux writeback list
Johannes Berg (2):
wifi: cfg80211: make hash table duplicates more survivable
um: line: always fill *error_out in setup_one_line()
Jonas Gorski (1):
net: bridge: br_fdb_external_learn_add(): always set EXT_LEARN
Jonathan Cameron (3):
ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add()
ACPI: processor: Fix memory leaks in error paths of processor_add()
arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry
Josef Bacik (2):
btrfs: replace BUG_ON with ASSERT in walk_down_proc()
btrfs: clean up our handling of refs == 0 in snapshot delete
Jules Irenge (1):
pcmcia: Use resource_size function on resource object
Kent Overstreet (1):
lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()
Kishon Vijay Abraham I (1):
PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)
Konstantin Andreev (1):
smack: unix sockets: fix accept()ed socket label
Konstantin Komarov (1):
fs/ntfs3: Check more cases when directory is corrupted
Krishna Kumar (1):
pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv
Krzysztof Kozlowski (1):
gpio: rockchip: fix OF node leak in probe()
Kuniyuki Iwashima (3):
af_unix: Remove put_pid()/put_cred() in copy_peercred().
can: bcm: Remove proc entry when dev is unregistered.
fou: Fix null-ptr-deref in GRO.
Larysa Zaremba (1):
ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset
Leesoo Ahn (1):
apparmor: fix possible NULL pointer dereference
Liao Chen (1):
mmc: sdhci-of-aspeed: fix module autoloading
Luis Henriques (SUSE) (1):
ext4: fix possible tid_t sequence overflows
Luiz Augusto von Dentz (2):
Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
Bluetooth: MGMT: Ignore keys being loaded with invalid type
Ma Jun (7):
drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr
drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc
drm/amdgpu/pm: Fix uninitialized variable warning for smu10
drm/amdgpu/pm: Fix uninitialized variable agc_btc_response
drm/amdgpu: Fix out-of-bounds write warning
drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number
drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs
Ma Ke (1):
irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init()
Marek Olšák (1):
drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6
Marek Vasut (1):
drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ
Matteo Martelli (2):
iio: fix scale application in iio_convert_raw_to_processed_unlocked
ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode
Matthieu Baerts (NGI0) (12):
mptcp: pm: re-using ID of unused flushed subflows
mptcp: pm: only decrement add_addr_accepted for MPJ req
mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR
mptcp: pm: fullmesh: select the right ID later
mptcp: pm: avoid possible UaF when selecting endp
mptcp: avoid duplicated SUB_CLOSED events
mptcp: close subflow when receiving TCP+FIN
mptcp: pm: ADD_ADDR 0 is not a new address
mptcp: pm: do not remove already closed subflows
mptcp: pm: skip connecting to already established sf
mptcp: pr_debug: add missing \n at the end
mptcp: pm: send ACK on an active subflow
Maurizio Lombardi (1):
nvmet-tcp: fix kernel crash if commands allocation fails
Maxim Levitsky (1):
KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE
Maximilien Perreault (1):
ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx
Michael Chen (1):
drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device
Michael Ellerman (1):
ata: pata_macio: Use WARN instead of BUG
Michael Margolin (1):
RDMA/efa: Properly handle unexpected AQ completions
Naman Jain (1):
Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic
Namjae Jeon (1):
ksmbd: unset the binding mark of a reused connection
Nicholas Piggin (2):
workqueue: wq_watchdog_touch is always called with valid CPU
workqueue: Improve scalability of workqueue watchdog touch
Nikita Kiryushin (1):
rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow
Oliver Neukum (2):
usbnet: modern method to get random MAC
usbnet: ipheth: race between ipheth_close and error handling
Olivier Sobrie (1):
HID: amd_sfh: free driver_data after destroying hid device
Pali Rohár (1):
irqchip/armada-370-xp: Do not allow mapping IRQ 0 and 1
Paolo Abeni (1):
mptcp: constify a bunch of of helpers
Pawel Dembicki (1):
net: dsa: vsc73xx: fix possible subblocks range of CAPT block
Peter Zijlstra (1):
perf/aux: Fix AUX buffer serialization
Philip Mueller (1):
drm: panel-orientation-quirks: Add quirk for OrangePi Neo
Phillip Lougher (1):
Squashfs: sanity check symbolic link size
Qing Wang (1):
nilfs2: replace snprintf in show functions with sysfs_emit
Ravi Bangoria (1):
KVM: SVM: Don't advertise Bus Lock Detect to guest if SVM support is missing
Ricardo Ribalda (1):
media: uvcvideo: Enforce alignment of frame and interval
Richard Fitzgerald (2):
i2c: Fix conditional for substituting empty ACPI functions
i2c: Use IS_REACHABLE() for substituting empty ACPI functions
Richard Maina (1):
hwspinlock: Introduce hwspin_lock_bust()
Rik van Riel (1):
dma-debug: avoid deadlock between dma debug vs printk and netconsole
Roland Xu (1):
rtmutex: Drop rt_mutex::wait_lock before scheduling
Ronnie Sahlberg (1):
cifs: Check the lease context if we actually got a lease
Ryusuke Konishi (3):
nilfs2: fix missing cleanup on rollforward recovery error
nilfs2: fix state management in error path of log writing function
nilfs2: protect references to superblock parameters exposed in sysfs
Sam Protsenko (1):
mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K
Sascha Hauer (1):
wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()
Satya Priya Kakitapalli (2):
clk: qcom: clk-alpha-pll: Fix the pll post div mask
clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API
Saurabh Sengar (1):
uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind
Seunghwan Baek (1):
mmc: cqhci: Fix checking of CQHCI_HALT state
Shahar S Matityahu (1):
wifi: iwlwifi: remove fw_running op
Shakeel Butt (1):
memcg: protect concurrent access to mem_cgroup_idr
Shannon Nelson (1):
ionic: fix potential irq name truncation
Shantanu Goel (1):
usb: uas: set host status byte on data completion error
Simon Arlott (1):
can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open
Simon Holesch (1):
usbip: Don't submit special requests twice
Simon Horman (1):
can: m_can: Release irq on error in m_can_open
Stefan Wiehler (1):
of/irq: Prevent device address out-of-bounds read in interrupt map walk
Stephen Hemminger (1):
sch/netem: fix use after free in netem_dequeue
Sven Schnelle (1):
uprobes: Use kzalloc to allocate xol area
Takashi Iwai (3):
ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown
ALSA: hda/conexant: Mute speakers at suspend / shutdown
ALSA: hda: Add input value sanity checks to HDMI channel map controls
Tao Zhou (1):
drm/amdgpu: update type of buf size to u32 for eeprom functions
Terry Cheong (1):
ALSA: hda/realtek: add patch for internal mic in Lenovo V145
Thomas Gleixner (1):
x86/mm: Fix PTI for i386 some more
Tim Huang (6):
drm/amdgpu: fix overflowed array index read warning
drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr
drm/amdgpu: fix uninitialized scalar variable warning
drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr
drm/amdgpu: fix ucode out-of-bounds read warning
drm/amdgpu: fix mc_data out-of-bounds read warning
Toke Høiland-Jørgensen (1):
sched: sch_cake: fix bulk flow accounting logic for host fairness
Trond Myklebust (1):
NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations
Vladimir Oltean (1):
net: dpaa: avoid on-stack arrays of NR_CPUS elements
Waiman Long (1):
cgroup: Protect css->cgroup write under css_set_lock
Willem de Bruijn (2):
net: more strict VIRTIO_NET_HDR_GSO_UDP_L4 validation
net: drop bad gso csum_start and offset in virtio_net_hdr
Yan Zhai (1):
gso: fix dodgy bit handling for GSO_UDP_L4
Yicong Yang (1):
dma-mapping: benchmark: Don't starve others when doing the test
Yifan Zha (1):
drm/amdgpu: Set no_hw_access when VF request full GPU fails
Yunjian Wang (1):
netfilter: nf_conncount: fix wrong variable type
Yuri Benditovich (1):
net: change maximum number of UDP segments to 128
ZHANG Yuntian (1):
net: usb: qmi_wwan: add MeiG Smart SRM825L
Zenghui Yu (1):
kselftests: dmabuf-heaps: Ensure the driver name is null-terminated
Zheng Qixing (1):
ata: libata: Fix memory leak for error path in ata_host_alloc()
Zheng Yejian (1):
tracing: Avoid possible softlockup in tracing_iter_reset()
Zhigang Luo (1):
drm/amdgpu: avoid reading vf2pf info size from FB
Zijun Hu (1):
devres: Initialize an uninitialized struct member
Zqiang (1):
smp: Add missing destroy_work_on_stack() call in smp_call_on_cpu()
robelin (1):
ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object
yang.zhang (1):
riscv: set trap vector earlier
9 months, 1 week
- 1
- 1
Linux 5.10.226
by Greg Kroah-Hartman
I'm announcing the release of the 5.10.226 kernel.
All users of the 5.10 kernel series must upgrade.
The updated 5.10.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/locking/hwspinlock.rst | 11
Makefile | 2
arch/arm64/include/asm/acpi.h | 12
arch/arm64/kernel/acpi_numa.c | 11
arch/mips/kernel/cevt-r4k.c | 15
arch/s390/kernel/vmlinux.lds.S | 9
arch/um/drivers/line.c | 2
arch/x86/mm/pti.c | 45 +-
block/bio-integrity.c | 11
block/blk-integrity.c | 2
drivers/acpi/acpi_processor.c | 15
drivers/android/binder.c | 1
drivers/ata/libata-core.c | 4
drivers/ata/pata_macio.c | 7
drivers/base/devres.c | 1
drivers/clk/qcom/clk-alpha-pll.c | 6
drivers/clocksource/timer-imx-tpm.c | 16
drivers/clocksource/timer-of.c | 17
drivers/clocksource/timer-of.h | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_afmt.c | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c | 2
drivers/gpu/drm/amd/amdgpu/amdgpu_cgs.c | 3
drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 5
drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 4
drivers/gpu/drm/amd/amdgpu/df_v1_7.c | 2
drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c | 2
drivers/gpu/drm/amd/amdkfd/kfd_crat.h | 2
drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 3
drivers/gpu/drm/amd/amdkfd/kfd_topology.h | 5
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 5
drivers/gpu/drm/amd/display/dc/clk_mgr/dcn21/rn_clk_mgr.c | 3
drivers/gpu/drm/amd/display/dc/dcn20/dcn20_dwb_scl.c | 3
drivers/gpu/drm/amd/display/dc/gpio/gpio_service.c | 17
drivers/gpu/drm/amd/display/dc/hdcp/hdcp_msg.c | 17
drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c | 28 +
drivers/gpu/drm/amd/pm/powerplay/hwmgr/pp_psm.c | 13
drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c | 5
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 2
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu8_hwmgr.c | 15
drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega10_hwmgr.c | 90 +++-
drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega20_hwmgr.c | 8
drivers/gpu/drm/amd/pm/powerplay/smumgr/vega10_smumgr.c | 6
drivers/gpu/drm/drm_panel_orientation_quirks.c | 6
drivers/gpu/drm/i915/i915_sw_fence.c | 8
drivers/gpu/drm/meson/meson_plane.c | 17
drivers/hid/hid-cougar.c | 2
drivers/hv/vmbus_drv.c | 1
drivers/hwmon/adc128d818.c | 4
drivers/hwmon/lm95234.c | 9
drivers/hwmon/nct6775.c | 2
drivers/hwmon/w83627ehf.c | 4
drivers/hwspinlock/hwspinlock_core.c | 28 +
drivers/hwspinlock/hwspinlock_internal.h | 3
drivers/iio/adc/ad7124.c | 1
drivers/iio/buffer/industrialio-buffer-dmaengine.c | 4
drivers/iio/inkern.c | 8
drivers/input/misc/uinput.c | 14
drivers/iommu/intel/dmar.c | 2
drivers/iommu/sun50i-iommu.c | 1
drivers/irqchip/irq-armada-370-xp.c | 4
drivers/irqchip/irq-gic-v2m.c | 6
drivers/leds/leds-spi-byte.c | 6
drivers/md/dm-init.c | 4
drivers/media/platform/qcom/camss/camss.c | 5
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 17
drivers/media/test-drivers/vivid/vivid-vid-out.c | 16
drivers/media/usb/uvc/uvc_driver.c | 18
drivers/misc/vmw_vmci/vmci_resource.c | 3
drivers/mmc/host/cqhci.c | 2
drivers/mmc/host/dw_mmc.c | 4
drivers/mmc/host/sdhci-of-aspeed.c | 1
drivers/net/bareudp.c | 22 -
drivers/net/can/spi/mcp251x.c | 2
drivers/net/dsa/vitesse-vsc73xx-core.c | 10
drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 20 -
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 10
drivers/net/ethernet/intel/igb/igb_main.c | 10
drivers/net/ethernet/intel/igc/igc_main.c | 1
drivers/net/ethernet/pensando/ionic/ionic_lif.c | 2
drivers/net/geneve.c | 8
drivers/net/usb/ch9200.c | 4
drivers/net/usb/cx82310_eth.c | 5
drivers/net/usb/ipheth.c | 4
drivers/net/usb/kaweth.c | 3
drivers/net/usb/mcs7830.c | 4
drivers/net/usb/qmi_wwan.c | 1
drivers/net/usb/sierra_net.c | 6
drivers/net/usb/sr9700.c | 4
drivers/net/usb/sr9800.c | 5
drivers/net/usb/usbnet.c | 23 -
drivers/net/virtio_net.c | 8
drivers/net/wireless/broadcom/brcm80211/brcmsmac/mac80211_if.c | 1
drivers/net/wireless/intel/iwlwifi/fw/debugfs.c | 3
drivers/net/wireless/intel/iwlwifi/fw/runtime.h | 1
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 6
drivers/net/wireless/marvell/mwifiex/main.h | 3
drivers/nvme/target/tcp.c | 4
drivers/nvmem/core.c | 6
drivers/of/irq.c | 15
drivers/pci/controller/dwc/pci-keystone.c | 44 ++
drivers/pci/controller/dwc/pcie-al.c | 16
drivers/pci/hotplug/pnv_php.c | 3
drivers/pci/pci.c | 35 +
drivers/pcmcia/yenta_socket.c | 6
drivers/platform/x86/dell-smbios-base.c | 5
drivers/staging/iio/frequency/ad9834.c | 2
drivers/uio/uio_hv_generic.c | 11
drivers/usb/storage/uas.c | 1
drivers/usb/typec/ucsi/ucsi.h | 2
drivers/usb/usbip/stub_rx.c | 77 ++-
fs/btrfs/extent-tree.c | 32 +
fs/btrfs/inode.c | 2
fs/btrfs/ioctl.c | 5
fs/btrfs/transaction.c | 24 +
fs/btrfs/transaction.h | 2
fs/ext4/page-io.c | 14
fs/fuse/file.c | 8
fs/fuse/xattr.c | 4
fs/lockd/svc.c | 3
fs/nfs/callback.c | 3
fs/nfs/super.c | 2
fs/nfsd/export.c | 32 +
fs/nfsd/export.h | 4
fs/nfsd/netns.h | 25 +
fs/nfsd/nfs4proc.c | 6
fs/nfsd/nfscache.c | 200 +++++-----
fs/nfsd/nfsctl.c | 24 -
fs/nfsd/nfsd.h | 1
fs/nfsd/nfsfh.c | 3
fs/nfsd/nfssvc.c | 38 -
fs/nfsd/stats.c | 52 +-
fs/nfsd/stats.h | 85 +---
fs/nfsd/trace.h | 22 +
fs/nfsd/vfs.c | 6
fs/nilfs2/recovery.c | 35 +
fs/nilfs2/segment.c | 10
fs/nilfs2/sysfs.c | 117 +++--
fs/notify/fsnotify.c | 31 +
fs/notify/fsnotify.h | 2
fs/notify/mark.c | 32 +
fs/squashfs/inode.c | 7
fs/udf/super.c | 24 +
include/linux/cgroup-defs.h | 107 +----
include/linux/cgroup.h | 22 -
include/linux/fsnotify_backend.h | 8
include/linux/hwspinlock.h | 6
include/linux/i2c.h | 2
include/linux/sunrpc/svc.h | 5
include/net/bluetooth/hci_core.h | 5
kernel/cgroup/cgroup.c | 65 +--
kernel/dma/debug.c | 5
kernel/events/core.c | 18
kernel/events/internal.h | 1
kernel/events/ring_buffer.c | 2
kernel/events/uprobes.c | 3
kernel/locking/rtmutex.c | 4
kernel/rcu/tasks.h | 2
kernel/smp.c | 1
kernel/trace/trace.c | 2
lib/generic-radix-tree.c | 2
mm/memcontrol.c | 23 +
net/8021q/vlan_core.c | 7
net/bluetooth/mgmt.c | 60 +--
net/bluetooth/smp.c | 7
net/bridge/br_fdb.c | 6
net/can/bcm.c | 4
net/core/netclassid_cgroup.c | 7
net/core/netprio_cgroup.c | 10
net/ethernet/eth.c | 7
net/ipv4/af_inet.c | 19
net/ipv4/fou.c | 62 +--
net/ipv4/gre_offload.c | 12
net/ipv4/inet_hashtables.c | 2
net/ipv4/tcp_bpf.c | 2
net/ipv4/udp_offload.c | 6
net/ipv6/ila/ila.h | 1
net/ipv6/ila/ila_main.c | 6
net/ipv6/ila/ila_xlat.c | 13
net/ipv6/ip6_offload.c | 14
net/ipv6/udp_offload.c | 2
net/mptcp/options.c | 34 -
net/mptcp/pm.c | 24 -
net/mptcp/pm_netlink.c | 59 +-
net/mptcp/protocol.c | 54 +-
net/mptcp/protocol.h | 4
net/mptcp/subflow.c | 50 +-
net/netfilter/nf_conncount.c | 8
net/sched/sch_cake.c | 11
net/sched/sch_netem.c | 9
net/sunrpc/stats.c | 2
net/sunrpc/svc.c | 36 +
net/sunrpc/xprtrdma/svc_rdma_rw.c | 2
net/sunrpc/xprtsock.c | 7
net/unix/af_unix.c | 9
net/wireless/scan.c | 46 +-
security/apparmor/apparmorfs.c | 4
security/smack/smack_lsm.c | 14
sound/hda/hdmi_chmap.c | 18
sound/pci/hda/hda_generic.c | 63 +++
sound/pci/hda/hda_generic.h | 1
sound/pci/hda/patch_conexant.c | 13
sound/pci/hda/patch_realtek.c | 10
sound/soc/soc-dapm.c | 1
sound/soc/soc-topology.c | 2
tools/lib/bpf/libbpf.c | 4
tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c | 4
206 files changed, 1799 insertions(+), 1097 deletions(-)
Abhishek Pandit-Subedi (1):
usb: typec: ucsi: Fix null pointer dereference in trace
Aleksandr Mishin (3):
PCI: al: Check IORESOURCE_BUS existence during probe
platform/x86: dell-smbios: Fix error path in dell_smbios_init()
staging: iio: frequency: ad9834: Validate frequency parameter value
Alex Hung (4):
drm/amd/display: Check gpio_id before used as array index
drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]
drm/amd/display: Check msg_id before processing transcation
drm/amd/display: Skip wbscl_set_scaler_filter if filter is null
Amadeusz Sławiński (1):
ASoC: topology: Properly initialize soc_enum values
Amir Goldstein (1):
fsnotify: clear PARENT_WATCHED flags lazily
Andreas Ziegler (1):
libbpf: Add NULL checks to bpf_object__{prev_map,next_map}
Andy Shevchenko (3):
leds: spi-byte: Call of_node_put() on error path
drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused
drm/i915/fence: Mark debug_fence_free() with __maybe_unused
Arend van Spriel (1):
wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3
Benjamin Marzinski (1):
dm init: Handle minors larger than 255
Bob Zhou (1):
drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr
Breno Leitao (1):
virtio_net: Fix napi_skb_cache_put warning
Camila Alvarez (1):
HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup
Carlos Llamas (1):
binder: fix UAF caused by offsets overwrite
Casey Schaufler (1):
smack: tcp: ipv4, fix incorrect labeling
Chen Ni (1):
media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse
Christoffer Sandberg (1):
ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices
Christoph Hellwig (2):
block: remove the blk_flush_integrity call in blk_integrity_unregister
block: initialize integrity buffer to zero before writing it to media
Chuck Lever (7):
NFSD: Refactor nfsd_reply_cache_free_locked()
NFSD: Rename nfsd_reply_cache_alloc()
NFSD: Replace nfsd_prune_bucket()
NFSD: Refactor the duplicate reply cache shrinker
NFSD: Rewrite synopsis of nfsd_percpu_counters_init()
NFSD: Fix frame size warning in svc_export_parse()
svcrdma: Catch another Reply chunk overflow case
Cong Wang (1):
tcp_bpf: fix return value of tcp_bpf_sendmsg()
Connor O'Brien (2):
bpf, cgroups: Fix cgroup v2 fallback on v1/v2 mixed mode
bpf, cgroup: Assign cgroup in cgroup_sk_alloc when called from interrupt
Daiwei Li (1):
igb: Fix not clearing TimeSync interrupts for 82580
Dan Carpenter (1):
igc: Unlock on error in igc_io_resume()
Dan Williams (1):
PCI: Add missing bridge lock to pci_bus_lock()
Daniel Borkmann (1):
net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket
Daniel Lezcano (1):
clocksource/drivers/timer-of: Remove percpu irq related code
David Fernandez Gonzalez (1):
VMCI: Fix use-after-free when removing resource in vmci_resource_remove()
David Lechner (1):
iio: buffer-dmaengine: fix releasing dma channel on error
David Sterba (1):
btrfs: initialize location to fix -Wmaybe-uninitialized in btrfs_lookup_dentry()
Dmitry Torokhov (1):
Input: uinput - reject requests with unreasonable number of slots
Dumitru Ceclan (1):
iio: adc: ad7124: fix chip ID mismatch
Eric Dumazet (4):
ila: call nf_unregister_net_hooks() sooner
fou: remove sparse errors
gro: remove rcu_read_lock/rcu_read_unlock from gro_receive handlers
gro: remove rcu_read_lock/rcu_read_unlock from gro_complete handlers
Filipe Manana (1):
btrfs: fix use-after-free after failure to create a snapshot
Geert Uytterhoeven (1):
nvmem: Fix return type of devm_nvmem_device_get() in kerneldoc
Greg Kroah-Hartman (1):
Linux 5.10.226
Guenter Roeck (4):
hwmon: (adc128d818) Fix underflows seen when writing limit attributes
hwmon: (lm95234) Fix underflows seen when writing limit attributes
hwmon: (nct6775-core) Fix underflows seen when writing limit attributes
hwmon: (w83627ehf) Fix underflows seen when writing limit attributes
Guillaume Nault (1):
bareudp: Fix device stats updates.
Hans Verkuil (2):
media: vivid: fix wrong sizeimage value for mplane
media: vivid: don't set HDMI TX controls if there are no HDMI outputs
Haoran Liu (1):
drm/meson: plane: Add error handling
Heiko Carstens (1):
s390/vmlinux.lds.S: Move ro_after_init section behind rodata section
Hersen Wu (3):
drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6
drm/amd/display: Add array index check for hdcp ddc access
drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create
Jacky Bai (2):
clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX
clocksource/drivers/imx-tpm: Fix next event not taking effect sometime
Jacob Pan (1):
iommu/vt-d: Handle volatile descriptor status read
Jakub Kicinski (1):
net: usb: don't write directly to netdev->dev_addr
James Morse (1):
arm64: acpi: Move get_cpu_for_acpi_id() to a header
Jan Kara (3):
udf: Limit file size to 4TB
ext4: handle redirtying in ext4_bio_write_page()
udf: Avoid excessive partition lengths
Jann Horn (1):
fuse: use unsigned type for getxattr/listxattr size truncation
Jeff Layton (2):
nfsd: move reply cache initialization into nfsd startup
nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net
Jernej Skrabec (1):
iommu: sun50i: clear bypass register
Jesse Zhang (4):
drm/amd/pm: fix warning using uninitialized value of max_vid_step
drm/amd/pm: fix the Out-of-bounds read warning
drm/amdgpu: the warning dereferencing obj for nbio_v7_4
drm/amd/pm: check negtive return for table entries
Jiaxun Yang (1):
MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed
Joanne Koong (1):
fuse: update stats for pages in dropped aux writeback list
Johannes Berg (2):
wifi: cfg80211: make hash table duplicates more survivable
um: line: always fill *error_out in setup_one_line()
Jonas Gorski (1):
net: bridge: br_fdb_external_learn_add(): always set EXT_LEARN
Jonathan Cameron (3):
ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add()
ACPI: processor: Fix memory leaks in error paths of processor_add()
arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry
Josef Bacik (12):
sunrpc: don't change ->sv_stats if it doesn't exist
nfsd: stop setting ->pg_stats for unused stats
sunrpc: pass in the sv_stats struct through svc_create_pooled
sunrpc: remove ->pg_stats from svc_program
sunrpc: use the struct net as the svc proc private
nfsd: rename NFSD_NET_* to NFSD_STATS_*
nfsd: expose /proc/net/sunrpc/nfsd in net namespaces
nfsd: make all of the nfsd stats per-network namespace
nfsd: remove nfsd_stats, make th_cnt a global counter
nfsd: make svc_stat per-network namespace instead of global
btrfs: replace BUG_ON with ASSERT in walk_down_proc()
btrfs: clean up our handling of refs == 0 in snapshot delete
Jules Irenge (1):
pcmcia: Use resource_size function on resource object
Kent Overstreet (1):
lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()
Kishon Vijay Abraham I (1):
PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)
Konstantin Andreev (1):
smack: unix sockets: fix accept()ed socket label
Krishna Kumar (1):
pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv
Kuniyuki Iwashima (3):
af_unix: Remove put_pid()/put_cred() in copy_peercred().
can: bcm: Remove proc entry when dev is unregistered.
fou: Fix null-ptr-deref in GRO.
Leesoo Ahn (1):
apparmor: fix possible NULL pointer dereference
Len Baker (1):
drivers/net/usb: Remove all strcpy() uses
Liao Chen (1):
mmc: sdhci-of-aspeed: fix module autoloading
Luiz Augusto von Dentz (2):
Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
Bluetooth: MGMT: Ignore keys being loaded with invalid type
Ma Jun (5):
drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr
drm/amdgpu/pm: Fix uninitialized variable agc_btc_response
drm/amdgpu: Fix out-of-bounds write warning
drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number
drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs
Ma Ke (1):
irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init()
Matteo Martelli (1):
iio: fix scale application in iio_convert_raw_to_processed_unlocked
Matthieu Baerts (NGI0) (2):
mptcp: pr_debug: add missing \n at the end
mptcp: pm: avoid possible UaF when selecting endp
Maurizio Lombardi (1):
nvmet-tcp: fix kernel crash if commands allocation fails
Maximilien Perreault (1):
ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx
Michael Chen (1):
drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device
Michael Ellerman (1):
ata: pata_macio: Use WARN instead of BUG
Naman Jain (1):
Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic
NeilBrown (1):
NFSD: simplify error paths in nfsd_svc()
Nikita Kiryushin (1):
rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow
Oliver Neukum (2):
usbnet: modern method to get random MAC
usbnet: ipheth: race between ipheth_close and error handling
Pali Rohár (1):
irqchip/armada-370-xp: Do not allow mapping IRQ 0 and 1
Pawel Dembicki (1):
net: dsa: vsc73xx: fix possible subblocks range of CAPT block
Peter Zijlstra (1):
perf/aux: Fix AUX buffer serialization
Philip Mueller (1):
drm: panel-orientation-quirks: Add quirk for OrangePi Neo
Phillip Lougher (1):
Squashfs: sanity check symbolic link size
Qing Wang (1):
nilfs2: replace snprintf in show functions with sysfs_emit
Ricardo Ribalda (1):
media: uvcvideo: Enforce alignment of frame and interval
Richard Fitzgerald (2):
i2c: Fix conditional for substituting empty ACPI functions
i2c: Use IS_REACHABLE() for substituting empty ACPI functions
Richard Maina (1):
hwspinlock: Introduce hwspin_lock_bust()
Rik van Riel (1):
dma-debug: avoid deadlock between dma debug vs printk and netconsole
Roland Xu (1):
rtmutex: Drop rt_mutex::wait_lock before scheduling
Ryusuke Konishi (3):
nilfs2: fix missing cleanup on rollforward recovery error
nilfs2: fix state management in error path of log writing function
nilfs2: protect references to superblock parameters exposed in sysfs
Sam Protsenko (1):
mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K
Sascha Hauer (1):
wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()
Satya Priya Kakitapalli (2):
clk: qcom: clk-alpha-pll: Fix the pll post div mask
clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API
Saurabh Sengar (1):
uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind
Seunghwan Baek (1):
mmc: cqhci: Fix checking of CQHCI_HALT state
Shahar S Matityahu (1):
wifi: iwlwifi: remove fw_running op
Shakeel Butt (1):
memcg: protect concurrent access to mem_cgroup_idr
Shannon Nelson (1):
ionic: fix potential irq name truncation
Shantanu Goel (1):
usb: uas: set host status byte on data completion error
Simon Arlott (1):
can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open
Simon Holesch (1):
usbip: Don't submit special requests twice
Stanislav Fomichev (1):
net: set SOCK_RCU_FREE before inserting socket into hashtable
Stefan Wiehler (1):
of/irq: Prevent device address out-of-bounds read in interrupt map walk
Stephen Hemminger (1):
sch/netem: fix use after free in netem_dequeue
Sven Schnelle (1):
uprobes: Use kzalloc to allocate xol area
Takashi Iwai (3):
ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown
ALSA: hda/conexant: Mute speakers at suspend / shutdown
ALSA: hda: Add input value sanity checks to HDMI channel map controls
Terry Cheong (1):
ALSA: hda/realtek: add patch for internal mic in Lenovo V145
Thomas Gleixner (1):
x86/mm: Fix PTI for i386 some more
Tim Huang (6):
drm/amdgpu: fix overflowed array index read warning
drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr
drm/amdgpu: fix uninitialized scalar variable warning
drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr
drm/amdgpu: fix ucode out-of-bounds read warning
drm/amdgpu: fix mc_data out-of-bounds read warning
Toke Høiland-Jørgensen (1):
sched: sch_cake: fix bulk flow accounting logic for host fairness
Trond Myklebust (1):
NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations
Vladimir Oltean (1):
net: dpaa: avoid on-stack arrays of NR_CPUS elements
Waiman Long (1):
cgroup: Protect css->cgroup write under css_set_lock
Yunjian Wang (1):
netfilter: nf_conncount: fix wrong variable type
ZHANG Yuntian (1):
net: usb: qmi_wwan: add MeiG Smart SRM825L
Zenghui Yu (1):
kselftests: dmabuf-heaps: Ensure the driver name is null-terminated
Zheng Qixing (1):
ata: libata: Fix memory leak for error path in ata_host_alloc()
Zheng Yejian (1):
tracing: Avoid possible softlockup in tracing_iter_reset()
Zhigang Luo (1):
drm/amdgpu: avoid reading vf2pf info size from FB
Zijun Hu (1):
devres: Initialize an uninitialized struct member
Zqiang (1):
smp: Add missing destroy_work_on_stack() call in smp_call_on_cpu()
robelin (1):
ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object
9 months, 1 week
- 1
- 1