September 2024 - Linux-stable-mirror

FAILED: patch "[PATCH] perf/x86/intel: Limit the period on Haswell" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 25dfc9e357af8aed1ca79b318a73f2c59c1f0b2b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024090839-issuing-jeep-f477@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: 25dfc9e357af ("perf/x86/intel: Limit the period on Haswell") 28f0f3c44b5c ("perf/x86: Change x86_pmu::limit_period signature") 706460a96fc6 ("perf/x86/amd/core: Add generic branch record interfaces") b40d0156f560 ("perf/x86/amd/brs: Move feature-specific functions") 3c27b0c6ea48 ("perf/x86/amd: Fix AMD BRS period adjustment") 9622e67e3980 ("perf/x86/amd/core: Add PerfMonV2 counter control") 21d59e3e2c40 ("perf/x86/amd/core: Detect PerfMonV2 support") cc37e520a236 ("perf/x86/amd: Make Zen3 branch sampling opt-in") ba2fe7500845 ("perf/x86/amd: Add AMD branch sampling period adjustment") ada543459cab ("perf/x86/amd: Add AMD Fam19h Branch Sampling support") 369461ce8fb6 ("x86: perf: Move RDPMC event flag to a common definition") 05485745ad48 ("perf/amd/uncore: Allow the driver to be built as a module") 5471eea5d3bf ("perf/x86: Reset the dirty counter to prevent the leak for an RDPMC task") f83d2f91d259 ("perf/x86/intel: Add Alder Lake Hybrid support") 58ae30c29a37 ("perf/x86/intel: Add attr_update for Hybrid PMUs") d9977c43bff8 ("perf/x86: Register hybrid PMUs") e11c1a7eb302 ("perf/x86: Factor out x86_pmu_show_pmu_cap") b98567298bad ("perf/x86: Remove temporary pmu assignment in event_init") 34d5b61f29ee ("perf/x86/intel: Factor out intel_pmu_check_extra_regs") bc14fe1beeec ("perf/x86/intel: Factor out intel_pmu_check_event_constraints") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 25dfc9e357af8aed1ca79b318a73f2c59c1f0b2b Mon Sep 17 00:00:00 2001 From: Kan Liang <kan.liang(a)linux.intel.com> Date: Mon, 19 Aug 2024 11:30:04 -0700 Subject: [PATCH] perf/x86/intel: Limit the period on Haswell Running the ltp test cve-2015-3290 concurrently reports the following warnings. perfevents: irq loop stuck! WARNING: CPU: 31 PID: 32438 at arch/x86/events/intel/core.c:3174 intel_pmu_handle_irq+0x285/0x370 Call Trace: <NMI> ? __warn+0xa4/0x220 ? intel_pmu_handle_irq+0x285/0x370 ? __report_bug+0x123/0x130 ? intel_pmu_handle_irq+0x285/0x370 ? __report_bug+0x123/0x130 ? intel_pmu_handle_irq+0x285/0x370 ? report_bug+0x3e/0xa0 ? handle_bug+0x3c/0x70 ? exc_invalid_op+0x18/0x50 ? asm_exc_invalid_op+0x1a/0x20 ? irq_work_claim+0x1e/0x40 ? intel_pmu_handle_irq+0x285/0x370 perf_event_nmi_handler+0x3d/0x60 nmi_handle+0x104/0x330 Thanks to Thomas Gleixner's analysis, the issue is caused by the low initial period (1) of the frequency estimation algorithm, which triggers the defects of the HW, specifically erratum HSW11 and HSW143. (For the details, please refer https://lore.kernel.org/lkml/87plq9l5d2.ffs@tglx/) The HSW11 requires a period larger than 100 for the INST_RETIRED.ALL event, but the initial period in the freq mode is 1. The erratum is the same as the BDM11, which has been supported in the kernel. A minimum period of 128 is enforced as well on HSW. HSW143 is regarding that the fixed counter 1 may overcount 32 with the Hyper-Threading is enabled. However, based on the test, the hardware has more issues than it tells. Besides the fixed counter 1, the message 'interrupt took too long' can be observed on any counter which was armed with a period < 32 and two events expired in the same NMI. A minimum period of 32 is enforced for the rest of the events. The recommended workaround code of the HSW143 is not implemented. Because it only addresses the issue for the fixed counter. It brings extra overhead through extra MSR writing. No related overcounting issue has been reported so far. Fixes: 3a632cb229bf ("perf/x86/intel: Add simple Haswell PMU support") Reported-by: Li Huafei <lihuafei1(a)huawei.com> Suggested-by: Thomas Gleixner <tglx(a)linutronix.de> Signed-off-by: Kan Liang <kan.liang(a)linux.intel.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/all/20240819183004.3132920-1-kan.liang@linux.intel.… Closes: https://lore.kernel.org/lkml/20240729223328.327835-1-lihuafei1@huawei.com/ diff --git a/arch/x86/events/intel/core.c b/arch/x86/events/intel/core.c index 0c9c2706d4ec..9e519d8a810a 100644 --- a/arch/x86/events/intel/core.c +++ b/arch/x86/events/intel/core.c @@ -4589,6 +4589,25 @@ static enum hybrid_cpu_type adl_get_hybrid_cpu_type(void) return HYBRID_INTEL_CORE; } +static inline bool erratum_hsw11(struct perf_event *event) +{ + return (event->hw.config & INTEL_ARCH_EVENT_MASK) == + X86_CONFIG(.event=0xc0, .umask=0x01); +} + +/* + * The HSW11 requires a period larger than 100 which is the same as the BDM11. + * A minimum period of 128 is enforced as well for the INST_RETIRED.ALL. + * + * The message 'interrupt took too long' can be observed on any counter which + * was armed with a period < 32 and two events expired in the same NMI. + * A minimum period of 32 is enforced for the rest of the events. + */ +static void hsw_limit_period(struct perf_event *event, s64 *left) +{ + *left = max(*left, erratum_hsw11(event) ? 128 : 32); +} + /* * Broadwell: * @@ -4606,8 +4625,7 @@ static enum hybrid_cpu_type adl_get_hybrid_cpu_type(void) */ static void bdw_limit_period(struct perf_event *event, s64 *left) { - if ((event->hw.config & INTEL_ARCH_EVENT_MASK) == - X86_CONFIG(.event=0xc0, .umask=0x01)) { + if (erratum_hsw11(event)) { if (*left < 128) *left = 128; *left &= ~0x3fULL; @@ -6766,6 +6784,7 @@ __init int intel_pmu_init(void) x86_pmu.hw_config = hsw_hw_config; x86_pmu.get_event_constraints = hsw_get_event_constraints; + x86_pmu.limit_period = hsw_limit_period; x86_pmu.lbr_double_abort = true; extra_attr = boot_cpu_has(X86_FEATURE_RTM) ? hsw_format_attr : nhm_format_attr;

4 months

1
0
0 0

FAILED: patch "[PATCH] perf/x86/intel: Limit the period on Haswell" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 25dfc9e357af8aed1ca79b318a73f2c59c1f0b2b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024090838-facility-embargo-19d0@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: 25dfc9e357af ("perf/x86/intel: Limit the period on Haswell") 28f0f3c44b5c ("perf/x86: Change x86_pmu::limit_period signature") 706460a96fc6 ("perf/x86/amd/core: Add generic branch record interfaces") b40d0156f560 ("perf/x86/amd/brs: Move feature-specific functions") 3c27b0c6ea48 ("perf/x86/amd: Fix AMD BRS period adjustment") 9622e67e3980 ("perf/x86/amd/core: Add PerfMonV2 counter control") 21d59e3e2c40 ("perf/x86/amd/core: Detect PerfMonV2 support") cc37e520a236 ("perf/x86/amd: Make Zen3 branch sampling opt-in") ba2fe7500845 ("perf/x86/amd: Add AMD branch sampling period adjustment") ada543459cab ("perf/x86/amd: Add AMD Fam19h Branch Sampling support") 369461ce8fb6 ("x86: perf: Move RDPMC event flag to a common definition") 05485745ad48 ("perf/amd/uncore: Allow the driver to be built as a module") 5471eea5d3bf ("perf/x86: Reset the dirty counter to prevent the leak for an RDPMC task") f83d2f91d259 ("perf/x86/intel: Add Alder Lake Hybrid support") 58ae30c29a37 ("perf/x86/intel: Add attr_update for Hybrid PMUs") d9977c43bff8 ("perf/x86: Register hybrid PMUs") e11c1a7eb302 ("perf/x86: Factor out x86_pmu_show_pmu_cap") b98567298bad ("perf/x86: Remove temporary pmu assignment in event_init") 34d5b61f29ee ("perf/x86/intel: Factor out intel_pmu_check_extra_regs") bc14fe1beeec ("perf/x86/intel: Factor out intel_pmu_check_event_constraints") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 25dfc9e357af8aed1ca79b318a73f2c59c1f0b2b Mon Sep 17 00:00:00 2001 From: Kan Liang <kan.liang(a)linux.intel.com> Date: Mon, 19 Aug 2024 11:30:04 -0700 Subject: [PATCH] perf/x86/intel: Limit the period on Haswell Running the ltp test cve-2015-3290 concurrently reports the following warnings. perfevents: irq loop stuck! WARNING: CPU: 31 PID: 32438 at arch/x86/events/intel/core.c:3174 intel_pmu_handle_irq+0x285/0x370 Call Trace: <NMI> ? __warn+0xa4/0x220 ? intel_pmu_handle_irq+0x285/0x370 ? __report_bug+0x123/0x130 ? intel_pmu_handle_irq+0x285/0x370 ? __report_bug+0x123/0x130 ? intel_pmu_handle_irq+0x285/0x370 ? report_bug+0x3e/0xa0 ? handle_bug+0x3c/0x70 ? exc_invalid_op+0x18/0x50 ? asm_exc_invalid_op+0x1a/0x20 ? irq_work_claim+0x1e/0x40 ? intel_pmu_handle_irq+0x285/0x370 perf_event_nmi_handler+0x3d/0x60 nmi_handle+0x104/0x330 Thanks to Thomas Gleixner's analysis, the issue is caused by the low initial period (1) of the frequency estimation algorithm, which triggers the defects of the HW, specifically erratum HSW11 and HSW143. (For the details, please refer https://lore.kernel.org/lkml/87plq9l5d2.ffs@tglx/) The HSW11 requires a period larger than 100 for the INST_RETIRED.ALL event, but the initial period in the freq mode is 1. The erratum is the same as the BDM11, which has been supported in the kernel. A minimum period of 128 is enforced as well on HSW. HSW143 is regarding that the fixed counter 1 may overcount 32 with the Hyper-Threading is enabled. However, based on the test, the hardware has more issues than it tells. Besides the fixed counter 1, the message 'interrupt took too long' can be observed on any counter which was armed with a period < 32 and two events expired in the same NMI. A minimum period of 32 is enforced for the rest of the events. The recommended workaround code of the HSW143 is not implemented. Because it only addresses the issue for the fixed counter. It brings extra overhead through extra MSR writing. No related overcounting issue has been reported so far. Fixes: 3a632cb229bf ("perf/x86/intel: Add simple Haswell PMU support") Reported-by: Li Huafei <lihuafei1(a)huawei.com> Suggested-by: Thomas Gleixner <tglx(a)linutronix.de> Signed-off-by: Kan Liang <kan.liang(a)linux.intel.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/all/20240819183004.3132920-1-kan.liang@linux.intel.… Closes: https://lore.kernel.org/lkml/20240729223328.327835-1-lihuafei1@huawei.com/ diff --git a/arch/x86/events/intel/core.c b/arch/x86/events/intel/core.c index 0c9c2706d4ec..9e519d8a810a 100644 --- a/arch/x86/events/intel/core.c +++ b/arch/x86/events/intel/core.c @@ -4589,6 +4589,25 @@ static enum hybrid_cpu_type adl_get_hybrid_cpu_type(void) return HYBRID_INTEL_CORE; } +static inline bool erratum_hsw11(struct perf_event *event) +{ + return (event->hw.config & INTEL_ARCH_EVENT_MASK) == + X86_CONFIG(.event=0xc0, .umask=0x01); +} + +/* + * The HSW11 requires a period larger than 100 which is the same as the BDM11. + * A minimum period of 128 is enforced as well for the INST_RETIRED.ALL. + * + * The message 'interrupt took too long' can be observed on any counter which + * was armed with a period < 32 and two events expired in the same NMI. + * A minimum period of 32 is enforced for the rest of the events. + */ +static void hsw_limit_period(struct perf_event *event, s64 *left) +{ + *left = max(*left, erratum_hsw11(event) ? 128 : 32); +} + /* * Broadwell: * @@ -4606,8 +4625,7 @@ static enum hybrid_cpu_type adl_get_hybrid_cpu_type(void) */ static void bdw_limit_period(struct perf_event *event, s64 *left) { - if ((event->hw.config & INTEL_ARCH_EVENT_MASK) == - X86_CONFIG(.event=0xc0, .umask=0x01)) { + if (erratum_hsw11(event)) { if (*left < 128) *left = 128; *left &= ~0x3fULL; @@ -6766,6 +6784,7 @@ __init int intel_pmu_init(void) x86_pmu.hw_config = hsw_hw_config; x86_pmu.get_event_constraints = hsw_get_event_constraints; + x86_pmu.limit_period = hsw_limit_period; x86_pmu.lbr_double_abort = true; extra_attr = boot_cpu_has(X86_FEATURE_RTM) ? hsw_format_attr : nhm_format_attr;

4 months

1
0
0 0

FAILED: patch "[PATCH] perf/x86/intel: Limit the period on Haswell" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 25dfc9e357af8aed1ca79b318a73f2c59c1f0b2b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024090837-twisty-deodorant-ee35@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 25dfc9e357af ("perf/x86/intel: Limit the period on Haswell") 28f0f3c44b5c ("perf/x86: Change x86_pmu::limit_period signature") 706460a96fc6 ("perf/x86/amd/core: Add generic branch record interfaces") b40d0156f560 ("perf/x86/amd/brs: Move feature-specific functions") 3c27b0c6ea48 ("perf/x86/amd: Fix AMD BRS period adjustment") 9622e67e3980 ("perf/x86/amd/core: Add PerfMonV2 counter control") 21d59e3e2c40 ("perf/x86/amd/core: Detect PerfMonV2 support") cc37e520a236 ("perf/x86/amd: Make Zen3 branch sampling opt-in") ba2fe7500845 ("perf/x86/amd: Add AMD branch sampling period adjustment") ada543459cab ("perf/x86/amd: Add AMD Fam19h Branch Sampling support") 369461ce8fb6 ("x86: perf: Move RDPMC event flag to a common definition") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 25dfc9e357af8aed1ca79b318a73f2c59c1f0b2b Mon Sep 17 00:00:00 2001 From: Kan Liang <kan.liang(a)linux.intel.com> Date: Mon, 19 Aug 2024 11:30:04 -0700 Subject: [PATCH] perf/x86/intel: Limit the period on Haswell Running the ltp test cve-2015-3290 concurrently reports the following warnings. perfevents: irq loop stuck! WARNING: CPU: 31 PID: 32438 at arch/x86/events/intel/core.c:3174 intel_pmu_handle_irq+0x285/0x370 Call Trace: <NMI> ? __warn+0xa4/0x220 ? intel_pmu_handle_irq+0x285/0x370 ? __report_bug+0x123/0x130 ? intel_pmu_handle_irq+0x285/0x370 ? __report_bug+0x123/0x130 ? intel_pmu_handle_irq+0x285/0x370 ? report_bug+0x3e/0xa0 ? handle_bug+0x3c/0x70 ? exc_invalid_op+0x18/0x50 ? asm_exc_invalid_op+0x1a/0x20 ? irq_work_claim+0x1e/0x40 ? intel_pmu_handle_irq+0x285/0x370 perf_event_nmi_handler+0x3d/0x60 nmi_handle+0x104/0x330 Thanks to Thomas Gleixner's analysis, the issue is caused by the low initial period (1) of the frequency estimation algorithm, which triggers the defects of the HW, specifically erratum HSW11 and HSW143. (For the details, please refer https://lore.kernel.org/lkml/87plq9l5d2.ffs@tglx/) The HSW11 requires a period larger than 100 for the INST_RETIRED.ALL event, but the initial period in the freq mode is 1. The erratum is the same as the BDM11, which has been supported in the kernel. A minimum period of 128 is enforced as well on HSW. HSW143 is regarding that the fixed counter 1 may overcount 32 with the Hyper-Threading is enabled. However, based on the test, the hardware has more issues than it tells. Besides the fixed counter 1, the message 'interrupt took too long' can be observed on any counter which was armed with a period < 32 and two events expired in the same NMI. A minimum period of 32 is enforced for the rest of the events. The recommended workaround code of the HSW143 is not implemented. Because it only addresses the issue for the fixed counter. It brings extra overhead through extra MSR writing. No related overcounting issue has been reported so far. Fixes: 3a632cb229bf ("perf/x86/intel: Add simple Haswell PMU support") Reported-by: Li Huafei <lihuafei1(a)huawei.com> Suggested-by: Thomas Gleixner <tglx(a)linutronix.de> Signed-off-by: Kan Liang <kan.liang(a)linux.intel.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/all/20240819183004.3132920-1-kan.liang@linux.intel.… Closes: https://lore.kernel.org/lkml/20240729223328.327835-1-lihuafei1@huawei.com/ diff --git a/arch/x86/events/intel/core.c b/arch/x86/events/intel/core.c index 0c9c2706d4ec..9e519d8a810a 100644 --- a/arch/x86/events/intel/core.c +++ b/arch/x86/events/intel/core.c @@ -4589,6 +4589,25 @@ static enum hybrid_cpu_type adl_get_hybrid_cpu_type(void) return HYBRID_INTEL_CORE; } +static inline bool erratum_hsw11(struct perf_event *event) +{ + return (event->hw.config & INTEL_ARCH_EVENT_MASK) == + X86_CONFIG(.event=0xc0, .umask=0x01); +} + +/* + * The HSW11 requires a period larger than 100 which is the same as the BDM11. + * A minimum period of 128 is enforced as well for the INST_RETIRED.ALL. + * + * The message 'interrupt took too long' can be observed on any counter which + * was armed with a period < 32 and two events expired in the same NMI. + * A minimum period of 32 is enforced for the rest of the events. + */ +static void hsw_limit_period(struct perf_event *event, s64 *left) +{ + *left = max(*left, erratum_hsw11(event) ? 128 : 32); +} + /* * Broadwell: * @@ -4606,8 +4625,7 @@ static enum hybrid_cpu_type adl_get_hybrid_cpu_type(void) */ static void bdw_limit_period(struct perf_event *event, s64 *left) { - if ((event->hw.config & INTEL_ARCH_EVENT_MASK) == - X86_CONFIG(.event=0xc0, .umask=0x01)) { + if (erratum_hsw11(event)) { if (*left < 128) *left = 128; *left &= ~0x3fULL; @@ -6766,6 +6784,7 @@ __init int intel_pmu_init(void) x86_pmu.hw_config = hsw_hw_config; x86_pmu.get_event_constraints = hsw_get_event_constraints; + x86_pmu.limit_period = hsw_limit_period; x86_pmu.lbr_double_abort = true; extra_attr = boot_cpu_has(X86_FEATURE_RTM) ? hsw_format_attr : nhm_format_attr;

4 months

1
0
0 0

FAILED: patch "[PATCH] ksmbd: Unlock on in ksmbd_tcp_set_interfaces()" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 844436e045ac2ab7895d8b281cb784a24de1d14d # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024090848-botch-appointee-7cb2@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 844436e045ac ("ksmbd: Unlock on in ksmbd_tcp_set_interfaces()") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 844436e045ac2ab7895d8b281cb784a24de1d14d Mon Sep 17 00:00:00 2001 From: Dan Carpenter <dan.carpenter(a)linaro.org> Date: Thu, 29 Aug 2024 22:22:35 +0300 Subject: [PATCH] ksmbd: Unlock on in ksmbd_tcp_set_interfaces() Unlock before returning an error code if this allocation fails. Fixes: 0626e6641f6b ("cifsd: add server handler for central processing and tranport layers") Cc: stable(a)vger.kernel.org # v5.15+ Signed-off-by: Dan Carpenter <dan.carpenter(a)linaro.org> Acked-by: Namjae Jeon <linkinjeon(a)kernel.org> Signed-off-by: Steve French <stfrench(a)microsoft.com> diff --git a/fs/smb/server/transport_tcp.c b/fs/smb/server/transport_tcp.c index a84788396daa..aaed9e293b2e 100644 --- a/fs/smb/server/transport_tcp.c +++ b/fs/smb/server/transport_tcp.c @@ -624,8 +624,10 @@ int ksmbd_tcp_set_interfaces(char *ifc_list, int ifc_list_sz) for_each_netdev(&init_net, netdev) { if (netif_is_bridge_port(netdev)) continue; - if (!alloc_iface(kstrdup(netdev->name, GFP_KERNEL))) + if (!alloc_iface(kstrdup(netdev->name, GFP_KERNEL))) { + rtnl_unlock(); return -ENOMEM; + } } rtnl_unlock(); bind_additional_ifaces = 1;

4 months

1
0
0 0

FAILED: patch "[PATCH] ksmbd: unset the binding mark of a reused connection" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 78c5a6f1f630172b19af4912e755e1da93ef0ab5 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024090838-reentry-fender-aec1@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 78c5a6f1f630 ("ksmbd: unset the binding mark of a reused connection") 38c8a9a52082 ("smb: move client and server files to common directory fs/smb") f5c779b7ddbd ("ksmbd: fix racy issue from session setup and logoff") 1d9c4172110e ("ksmbd: Implements sess->ksmbd_chann_list as xarray") 62c487b53a7f ("ksmbd: limit pdu length size according to connection status") abdb1742a312 ("cifs: get rid of mount options string parsing") 9fd29a5bae6e ("cifs: use fs_context for automounts") 5dd8ce24667a ("cifs: missing directory in MAINTAINERS file") 332019e23a51 ("Merge tag '5.20-rc-smb3-client-fixes-part2' of git://git.samba.org/sfrench/cifs-2.6") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 78c5a6f1f630172b19af4912e755e1da93ef0ab5 Mon Sep 17 00:00:00 2001 From: Namjae Jeon <linkinjeon(a)kernel.org> Date: Tue, 27 Aug 2024 21:44:41 +0900 Subject: [PATCH] ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding session, conn->binding can still remain true and generate_preauth_hash() will not set sess->Preauth_HashValue and it will be NULL. It is used as a material to create an encryption key in ksmbd_gen_smb311_encryptionkey. ->Preauth_HashValue cause null pointer dereference error from crypto_shash_update(). BUG: kernel NULL pointer dereference, address: 0000000000000000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 8 PID: 429254 Comm: kworker/8:39 Hardware name: LENOVO 20MAS08500/20MAS08500, BIOS N2CET69W (1.52 ) Workqueue: ksmbd-io handle_ksmbd_work [ksmbd] RIP: 0010:lib_sha256_base_do_update.isra.0+0x11e/0x1d0 [sha256_ssse3] <TASK> ? show_regs+0x6d/0x80 ? __die+0x24/0x80 ? page_fault_oops+0x99/0x1b0 ? do_user_addr_fault+0x2ee/0x6b0 ? exc_page_fault+0x83/0x1b0 ? asm_exc_page_fault+0x27/0x30 ? __pfx_sha256_transform_rorx+0x10/0x10 [sha256_ssse3] ? lib_sha256_base_do_update.isra.0+0x11e/0x1d0 [sha256_ssse3] ? __pfx_sha256_transform_rorx+0x10/0x10 [sha256_ssse3] ? __pfx_sha256_transform_rorx+0x10/0x10 [sha256_ssse3] _sha256_update+0x77/0xa0 [sha256_ssse3] sha256_avx2_update+0x15/0x30 [sha256_ssse3] crypto_shash_update+0x1e/0x40 hmac_update+0x12/0x20 crypto_shash_update+0x1e/0x40 generate_key+0x234/0x380 [ksmbd] generate_smb3encryptionkey+0x40/0x1c0 [ksmbd] ksmbd_gen_smb311_encryptionkey+0x72/0xa0 [ksmbd] ntlm_authenticate.isra.0+0x423/0x5d0 [ksmbd] smb2_sess_setup+0x952/0xaa0 [ksmbd] __process_request+0xa3/0x1d0 [ksmbd] __handle_ksmbd_work+0x1c4/0x2f0 [ksmbd] handle_ksmbd_work+0x2d/0xa0 [ksmbd] process_one_work+0x16c/0x350 worker_thread+0x306/0x440 ? __pfx_worker_thread+0x10/0x10 kthread+0xef/0x120 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x44/0x70 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 </TASK> Fixes: f5a544e3bab7 ("ksmbd: add support for SMB3 multichannel") Cc: stable(a)vger.kernel.org # v5.15+ Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org> Signed-off-by: Steve French <stfrench(a)microsoft.com> diff --git a/fs/smb/server/smb2pdu.c b/fs/smb/server/smb2pdu.c index 20846a4d3031..8bdc59251418 100644 --- a/fs/smb/server/smb2pdu.c +++ b/fs/smb/server/smb2pdu.c @@ -1690,6 +1690,8 @@ int smb2_sess_setup(struct ksmbd_work *work) rc = ksmbd_session_register(conn, sess); if (rc) goto out_err; + + conn->binding = false; } else if (conn->dialect >= SMB30_PROT_ID && (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL) && req->Flags & SMB2_SESSION_REQ_FLAG_BINDING) { @@ -1768,6 +1770,8 @@ int smb2_sess_setup(struct ksmbd_work *work) sess = NULL; goto out_err; } + + conn->binding = false; } work->sess = sess;

4 months

1
0
0 0

Linux 6.10.9

by Greg Kroah-Hartman

I'm announcing the release of the 6.10.9 kernel. All users of the 6.10 kernel series must upgrade. The updated 6.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/locking/hwspinlock.rst | 11 Makefile | 2 arch/arm64/boot/dts/qcom/x1e80100-crd.dts | 81 +++++ arch/arm64/boot/dts/qcom/x1e80100-qcp.dts | 81 +++++ arch/x86/kernel/cpu/amd.c | 2 block/blk-integrity.c | 2 crypto/ecc.c | 2 drivers/base/regmap/regmap-spi.c | 3 drivers/cpufreq/scmi-cpufreq.c | 4 drivers/crypto/stm32/stm32-cryp.c | 6 drivers/dma/altera-msgdma.c | 9 drivers/gpu/drm/amd/amdgpu/amdgpu_aca.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_afmt.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 9 drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_cgs.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_eeprom.c | 6 drivers/gpu/drm/amd/amdgpu/amdgpu_eeprom.h | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_gart.c | 6 drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c | 11 drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c | 19 + drivers/gpu/drm/amd/amdgpu/amdgpu_ras.h | 13 drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_securedisplay.c | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 15 drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c | 12 drivers/gpu/drm/amd/amdgpu/amdgpu_xgmi.c | 3 drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c | 6 drivers/gpu/drm/amd/amdgpu/df_v1_7.c | 2 drivers/gpu/drm/amd/amdgpu/jpeg_v4_0_5.c | 2 drivers/gpu/drm/amd/amdgpu/mmhub_v1_7.c | 2 drivers/gpu/drm/amd/amdgpu/mmhub_v2_0.c | 2 drivers/gpu/drm/amd/amdgpu/mmhub_v3_3.c | 2 drivers/gpu/drm/amd/amdgpu/mmhub_v9_4.c | 2 drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c | 3 drivers/gpu/drm/amd/amdgpu/vcn_v5_0_0.c | 19 - drivers/gpu/drm/amd/amdkfd/kfd_crat.h | 2 drivers/gpu/drm/amd/amdkfd/kfd_debug.c | 4 drivers/gpu/drm/amd/amdkfd/kfd_int_process_v9.c | 4 drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 9 drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 3 drivers/gpu/drm/amd/amdkfd/kfd_topology.h | 5 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 49 +-- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h | 2 drivers/gpu/drm/amd/display/dc/bios/bios_parser.c | 18 + drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c | 7 drivers/gpu/drm/amd/display/dc/clk_mgr/dcn21/rn_clk_mgr.c | 3 drivers/gpu/drm/amd/display/dc/core/dc.c | 1 drivers/gpu/drm/amd/display/dc/core/dc_link_exports.c | 3 drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 8 drivers/gpu/drm/amd/display/dc/core/dc_state.c | 10 drivers/gpu/drm/amd/display/dc/dce/dmub_abm_lcd.c | 2 drivers/gpu/drm/amd/display/dc/dce/dmub_replay.c | 3 drivers/gpu/drm/amd/display/dc/dcn20/dcn20_dwb_scl.c | 3 drivers/gpu/drm/amd/display/dc/dcn35/dcn35_dccg.c | 2 drivers/gpu/drm/amd/display/dc/dml/calcs/dcn_calcs.c | 7 drivers/gpu/drm/amd/display/dc/dml/dcn302/dcn302_fpu.c | 10 drivers/gpu/drm/amd/display/dc/dml/dcn303/dcn303_fpu.c | 10 drivers/gpu/drm/amd/display/dc/dml/dcn32/dcn32_fpu.c | 10 drivers/gpu/drm/amd/display/dc/dml/dcn321/dcn321_fpu.c | 10 drivers/gpu/drm/amd/display/dc/dml/display_mode_vba.c | 7 drivers/gpu/drm/amd/display/dc/gpio/gpio_service.c | 17 - drivers/gpu/drm/amd/display/dc/hdcp/hdcp_msg.c | 17 - drivers/gpu/drm/amd/display/dc/hwss/dcn201/dcn201_hwseq.c | 3 drivers/gpu/drm/amd/display/dc/hwss/dcn21/dcn21_hwseq.c | 2 drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_hwseq.c | 3 drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_capability.c | 26 - drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_training.c | 4 drivers/gpu/drm/amd/display/dc/link/protocols/link_dpcd.c | 1 drivers/gpu/drm/amd/display/dc/resource/dce80/dce80_resource.c | 1 drivers/gpu/drm/amd/display/dc/resource/dcn31/dcn31_resource.c | 1 drivers/gpu/drm/amd/display/dc/resource/dcn314/dcn314_resource.c | 4 drivers/gpu/drm/amd/display/dc/resource/dcn35/dcn35_resource.c | 2 drivers/gpu/drm/amd/display/dc/resource/dcn351/dcn351_resource.c | 1 drivers/gpu/drm/amd/display/dmub/src/dmub_dcn35.c | 5 drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c | 28 + drivers/gpu/drm/amd/pm/powerplay/amd_powerplay.c | 2 drivers/gpu/drm/amd/pm/powerplay/hwmgr/pp_psm.c | 13 drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c | 5 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu10_hwmgr.c | 29 + drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 2 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu8_hwmgr.c | 15 drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega10_hwmgr.c | 60 ++- drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega12_hwmgr.c | 20 - drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega20_hwmgr.c | 31 + drivers/gpu/drm/amd/pm/powerplay/smumgr/vega10_smumgr.c | 6 drivers/gpu/drm/amd/pm/swsmu/inc/smu_v13_0.h | 4 drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c | 5 drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c | 31 + drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c | 4 drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 14 drivers/gpu/drm/amd/pm/swsmu/smu13/aldebaran_ppt.c | 3 drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c | 55 ++- drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c | 5 drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_4_ppt.c | 28 - drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_5_ppt.c | 28 - drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_6_ppt.c | 2 drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c | 4 drivers/gpu/drm/amd/pm/swsmu/smu13/yellow_carp_ppt.c | 28 - drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c | 5 drivers/gpu/drm/bridge/tc358767.c | 2 drivers/gpu/drm/drm_bridge.c | 5 drivers/gpu/drm/drm_fb_helper.c | 11 drivers/gpu/drm/drm_panel_orientation_quirks.c | 6 drivers/gpu/drm/meson/meson_plane.c | 17 - drivers/gpu/drm/xe/xe_force_wake.h | 13 drivers/gpu/drm/xe/xe_gt_ccs_mode.c | 4 drivers/gpu/drm/xe/xe_gt_topology.c | 4 drivers/gpu/drm/xe/xe_guc_relay.c | 9 drivers/gpu/drm/xe/xe_guc_submit.c | 5 drivers/gpu/drm/xe/xe_hwmon.c | 9 drivers/gpu/drm/xe/xe_migrate.c | 55 ++- drivers/gpu/drm/xe/xe_pcode.c | 6 drivers/hwmon/k10temp.c | 36 +- drivers/hwspinlock/hwspinlock_core.c | 28 + drivers/hwspinlock/hwspinlock_internal.h | 3 drivers/iio/industrialio-core.c | 7 drivers/iio/industrialio-event.c | 9 drivers/iio/inkern.c | 32 +- drivers/infiniband/hw/efa/efa_com.c | 30 + drivers/media/usb/uvc/uvc_driver.c | 18 - drivers/media/v4l2-core/v4l2-cci.c | 9 drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 3 drivers/net/ethernet/mellanox/mlx5/core/steering/dr_rule.c | 2 drivers/net/ethernet/pensando/ionic/ionic_lif.c | 2 drivers/net/usb/qmi_wwan.c | 1 drivers/net/virtio_net.c | 6 drivers/net/wireless/ath/ath11k/qmi.c | 2 drivers/net/wireless/ath/ath12k/dp_rx.c | 2 drivers/net/wireless/ath/ath12k/qmi.c | 2 drivers/net/wireless/intel/iwlwifi/fw/debugfs.c | 3 drivers/net/wireless/intel/iwlwifi/fw/runtime.h | 1 drivers/net/wireless/intel/iwlwifi/mvm/link.c | 14 drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 6 drivers/net/wireless/intel/iwlwifi/mvm/tests/links.c | 1 drivers/net/wireless/realtek/rtw89/ser.c | 8 drivers/pci/controller/dwc/pcie-al.c | 16 - drivers/pinctrl/core.c | 1 drivers/pinctrl/renesas/pinctrl-rzg2l.c | 12 drivers/platform/chrome/cros_ec_lpc_mec.c | 76 ++++ drivers/platform/chrome/cros_ec_lpc_mec.h | 11 drivers/platform/x86/amd/pmf/core.c | 3 drivers/platform/x86/amd/pmf/pmf-quirks.c | 9 drivers/ras/amd/atl/dehash.c | 43 -- drivers/ras/amd/atl/map.c | 77 ++++ drivers/remoteproc/mtk_scp.c | 2 drivers/remoteproc/qcom_q6v5_pas.c | 11 drivers/soc/qcom/smem.c | 26 + drivers/spi/spi-hisi-kunpeng.c | 1 drivers/thermal/thermal_sysfs.c | 6 drivers/thermal/thermal_trip.c | 2 drivers/ufs/core/ufshcd.c | 19 + drivers/usb/typec/ucsi/ucsi.h | 2 drivers/usb/usbip/stub_rx.c | 77 +++- fs/btrfs/inode.c | 3 fs/btrfs/scrub.c | 25 + fs/btrfs/tree-checker.c | 47 ++ fs/f2fs/f2fs.h | 2 fs/f2fs/inline.c | 20 + fs/f2fs/inode.c | 2 fs/gfs2/quota.c | 19 - fs/gfs2/util.c | 6 fs/notify/fsnotify.c | 31 + fs/notify/fsnotify.h | 2 fs/notify/mark.c | 32 +- fs/smb/client/smb2inode.c | 6 include/clocksource/timer-xilinx.h | 2 include/linux/fsnotify_backend.h | 8 include/linux/hwspinlock.h | 6 include/linux/i2c.h | 2 include/linux/soc/qcom/smem.h | 2 include/net/inet_timewait_sock.h | 6 include/net/ip.h | 3 include/net/tcp.h | 2 include/sound/ump_convert.h | 1 include/ufs/ufshcd.h | 1 include/ufs/ufshci.h | 1 kernel/dma/debug.c | 5 kernel/rcu/tree.h | 1 kernel/rcu/tree_nocb.h | 32 -- mm/filemap.c | 2 net/dccp/minisocks.c | 3 net/ipv4/fib_semantics.c | 5 net/ipv4/inet_timewait_sock.c | 52 ++- net/ipv4/metrics.c | 8 net/ipv4/tcp_cong.c | 11 net/ipv4/tcp_ipv4.c | 14 net/ipv4/tcp_minisocks.c | 25 - net/ipv6/route.c | 2 net/ipv6/tcp_ipv6.c | 6 net/mac80211/main.c | 3 net/wireless/ibss.c | 5 net/wireless/mesh.c | 5 net/wireless/nl80211.c | 21 - net/wireless/scan.c | 46 ++ security/apparmor/apparmorfs.c | 4 security/smack/smack_lsm.c | 2 sound/core/seq/seq_ports.h | 14 sound/core/seq/seq_ump_convert.c | 95 +++-- sound/core/ump_convert.c | 60 ++- sound/pci/hda/hda_generic.c | 63 +++ sound/pci/hda/hda_generic.h | 1 sound/pci/hda/patch_conexant.c | 2 sound/soc/amd/yc/acp6x-mach.c | 14 sound/soc/codecs/es8326.c | 2 tools/testing/selftests/net/mptcp/mptcp_join.sh | 160 +++++++++- tools/testing/selftests/net/mptcp/mptcp_lib.sh | 4 210 files changed, 2042 insertions(+), 693 deletions(-) Abel Vesa (1): arm64: dts: qcom: x1e80100: Describe the PCIe 6a resources Abhishek Pandit-Subedi (1): usb: typec: ucsi: Fix null pointer dereference in trace Aleksandr Mishin (1): PCI: al: Check IORESOURCE_BUS existence during probe Alex Hung (12): drm/amd/display: Ensure array index tg_inst won't be -1 drm/amd/display: Check gpio_id before used as array index drm/amd/display: Fix incorrect size calculation for loop drm/amd/display: Check index for aux_rd_interval before using drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] drm/amd/display: Check msg_id before processing transcation drm/amd/display: Check link_index before accessing dc->links[] drm/amd/display: Spinlock before reading event drm/amd/display: Ensure index calculation will not overflow drm/amd/display: Avoid overflow from uint32_t to uint8_t drm/amd/display: Check BIOS images before it is used drm/amd/display: Skip wbscl_set_scaler_filter if filter is null Alvin Lee (1): drm/amd/display: Assign linear_pitch_alignment even for VM Amir Goldstein (1): fsnotify: clear PARENT_WATCHED flags lazily Andreas Gruenbacher (1): gfs2: Revert "Add quota_change type" Andy Shevchenko (1): regmap: spi: Fix potential off-by-one when calculating reserved size AngeloGioacchino Del Regno (1): remoteproc: mediatek: Zero out only remaining bytes of IPI buffer Asad Kamal (1): drm/amd/amdgpu: Check tbo resource pointer Ben Walsh (1): platform/chrome: cros_ec_lpc: MEC access can use an AML mutex Bob Zhou (1): drm/amdgpu: fix overflowed constant warning in mmhub_set_clockgating() Boris Burkov (1): btrfs: fix qgroup reserve leaks in cow_file_range Bruno Ancona (1): ASoC: amd: yc: Support mic on HP 14-em0002la Casey Schaufler (1): smack: tcp: ipv4, fix incorrect labeling Chao Yu (1): f2fs: fix to do sanity check on blocks for inline_data inode Chris Lew (1): soc: qcom: smem: Add qcom_smem_bust_hwspin_lock_by_host() Christoph Hellwig (1): block: remove the blk_flush_integrity call in blk_integrity_unregister David (Ming Qiang) Wu (1): drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend David Howells (1): mm: Fix filemap_invalidate_inode() to use invalidate_inode_pages2_range() Devyn Liu (1): spi: hisi-kunpeng: Add validation for the minimum value of speed_hz Dragos Tatulea (1): net/mlx5e: SHAMPO, Fix incorrect page release Eric Dumazet (1): tcp: annotate data-races around tw->tw_ts_recent and tw->tw_ts_recent_stamp Francois Dugast (1): drm/xe/gt: Fix assert in L3 bank mask generation Frederic Weisbecker (1): rcu/nocb: Remove buggy bypass lock contention mitigation Greg Kroah-Hartman (1): Linux 6.10.9 Haoran Liu (1): drm/meson: plane: Add error handling Heng Qi (1): virtio-net: check feature before configuring the vq coalescing command Hersen Wu (13): drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links drm/amd/display: Add missing NULL pointer check within dpcd_extend_address_range drm/amd/display: Add array index check for hdcp ddc access drm/amd/display: Release state memory if amdgpu_dm_create_color_properties fail drm/amd/display: Add otg_master NULL check within resource_log_pipe_topology_update drm/amd/display: Fix Coverity INTERGER_OVERFLOW within construct_integrated_info drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create drm/amd/display: Release clck_src memory if clk_src_construct fails drm/amd/display: Fix Coverity INTEGER_OVERFLOW within decide_fallback_link_setting_max_bw_policy drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration drm/amd/display: Fix writeback job lock evasion within dm_crtc_high_irq drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box Himal Prasad Ghimiray (3): drm/xe: Fix the warning conditions drm/xe: Ensure caller uses sole domain for xe_force_wake_assert_held drm/xe: Check valid domain is passed in xe_force_wake_ref Jagadeesh Kona (1): cpufreq: scmi: Avoid overflow of target_freq in fast switch Jason Xing (1): net: remove NULL-pointer net parameter in ip_metrics_convert Jeff Johnson (3): wifi: ath12k: initialize 'ret' in ath12k_qmi_load_file_target_mem() wifi: ath11k: initialize 'ret' in ath11k_qmi_load_file_target_mem() wifi: ath12k: initialize 'ret' in ath12k_dp_rxdma_ring_sel_config_wcn7850() Jesse Zhang (13): drm/amd/pm: fix uninitialized variable warning drm/amd/pm: fix warning using uninitialized value of max_vid_step drm/amd/pm: Fix negative array index read drm/amd/pm: fix the Out-of-bounds read warning drm/amdgpu: Fix the warning division or modulo by zero drm/amdgpu: fix dereference after null check drm/amdgpu: fix the waring dereferencing hive drm/amd/pm: check specific index for aldebaran drm/amd/pm: check specific index for smu13 drm/amdgpu: the warning dereferencing obj for nbio_v7_4 drm/amdgpu: fix the warning bad bit shift operation for aca_error_type type drm/amd/pm: check negtive return for table entries drm/amdgu: fix Unintentional integer overflow for mall size Johan Hovold (4): arm64: dts: qcom: x1e80100-crd: fix up PCIe6a pinctrl node arm64: dts: qcom: x1e80100-crd: fix missing PCIe4 gpios arm64: dts: qcom: x1e80100-qcp: fix up PCIe6a pinctrl node arm64: dts: qcom: x1e80100-qcp: fix missing PCIe4 gpios Johannes Berg (4): wifi: cfg80211: restrict operation during radar detection wifi: iwlwifi: mvm: use only beacon BSS load for active links wifi: mac80211: check ieee80211_bss_info_change_notify() against MLD wifi: cfg80211: make hash table duplicates more survivable John Allen (1): RAS/AMD/ATL: Validate address map when information is gathered Joshua Aberback (1): Revert "drm/amd/display: Fix incorrect pointer assignment" Julien Stephan (1): driver: iio: add missing checks on iio_info's callback access Karthik Poosa (1): drm/xe/hwmon: Remove unwanted write permission for currN_label Ken Sloat (1): pwm: xilinx: Fix u32 overflow issue in 32-bit width PWM mode. Krzysztof Stępniak (1): ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 Kyoungrul Kim (1): scsi: ufs: core: Check LSDBS cap when !mcq Lad Prabhakar (1): pinctrl: renesas: rzg2l: Validate power registers for SD and ETH Leesoo Ahn (1): apparmor: fix possible NULL pointer dereference Lin.Cao (1): drm/amdkfd: Check debug trap enable before write dbg_ev_file Luke D. Jones (1): platform/x86/amd: pmf: Add quirk for ROG Ally X Léo DUBOIN (1): pinctrl: core: reset gpio_device in loop in pinctrl_pins_show() Ma Jun (10): drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc drm/amdgpu/pm: Fix uninitialized variable warning for smu10 drm/amdgpu/pm: Fix uninitialized variable agc_btc_response drm/amdgpu: Fix the uninitialized variable warning drm/amdgpu: Fix out-of-bounds write warning drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number drm/amdgpu: Fix uninitialized variable warning in amdgpu_info_ioctl drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs drm/amdgpu/pm: Check input value for power profile setting on smu11, smu13 and smu14 Marek Vasut (1): drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ Matthew Brost (2): drm/xe: Don't overmap identity VRAM mapping drm/xe: Add GuC state asserts to deregister_exec_queue Matthieu Baerts (NGI0) (5): selftests: mptcp: join: check re-using ID of unused ADD_ADDR selftests: mptcp: join: check re-adding init endp with != id selftests: mptcp: join: validate event numbers selftests: mptcp: join: check re-re-adding ID 0 signal selftests: mptcp: join: test for flush/re-add endpoints Maxime Méré (1): crypto: stm32/cryp - call finalize with bh disabled Michael Chen (1): drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device Michael Margolin (1): RDMA/efa: Properly handle unexpected AQ completions Nicholas Kazlauskas (3): drm/amd/display: Don't use fsleep for PSR exit waits on dmub replay drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection drm/amd/display: Disable DMCUB timeout for DCN35 Nicholas Susanto (1): drm/amd/display: Fix pipe addition logic in calc_blocks_to_ungate DCN35 Nirmoy Das (1): drm/xe: Use missing lock in relay_needs_worker Olivier Dautricourt (2): dmaengine: altera-msgdma: use irq variant of spin_lock/unlock while invoking callbacks dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor Paolo Abeni (1): selftests: mptcp: add explicit test case for remove/readd Paulo Alcantara (1): smb: client: fix FSCTL_GET_REPARSE_POINT against NetApp Perry Yuan (1): x86/CPU/AMD: Add models 0x60-0x6f to the Zen5 range Peter Wang (1): scsi: ufs: core: Bypass quick recovery if force reset is needed Philip Mueller (1): drm: panel-orientation-quirks: Add quirk for OrangePi Neo Philip Yang (1): drm/amdgpu: Handle sg size limit for contiguous allocation Qiuxu Zhuo (1): drm/fb-helper: Don't schedule_work() to flush frame buffer during panic() Qu Wenruo (3): btrfs: tree-checker: validate dref root and objectid btrfs: factor out stripe length calculation into a helper btrfs: scrub: update last_physical after scrubbing one stripe Rafael J. Wysocki (1): thermal: trip: Use READ_ONCE() for lockless access to trip properties Ricardo Ribalda (1): media: uvcvideo: Enforce alignment of frame and interval Richard Fitzgerald (2): i2c: Fix conditional for substituting empty ACPI functions i2c: Use IS_REACHABLE() for substituting empty ACPI functions Richard Maina (2): hwspinlock: Introduce hwspin_lock_bust() remoteproc: qcom_q6v5_pas: Add hwspinlock bust on stop Rik van Riel (1): dma-debug: avoid deadlock between dma debug vs printk and netconsole Rodrigo Siqueira (1): drm/amd/display: Handle the case which quad_part is equal 0 Rodrigo Vivi (1): drm/xe: Demote CCS_MODE info to debug only Sakari Ailus (1): media: v4l2-cci: Always assign *val Shahar S Matityahu (1): wifi: iwlwifi: remove fw_running op Shannon Nelson (1): ionic: fix potential irq name truncation Shyam Sundar S K (1): platform/x86/amd/pmf: Add new ACPI ID AMDI0107 Simon Holesch (1): usbip: Don't submit special requests twice Stefan Berger (1): crypto: ecc - Fix off-by-one missing to clear most significant digit Sui Jingfeng (1): drm/drm-bridge: Drop conditionals around of_node pointers Takashi Iwai (7): ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown ALSA: hda/conexant: Mute speakers at suspend / shutdown ALSA: ump: Transmit RPN/NRPN message at each MSB/LSB data reception ALSA: ump: Explicitly reset RPN with Null RPN ALSA: seq: ump: Use the common RPN/bank conversion context ALSA: seq: ump: Transmit RPN/NRPN message at each MSB/LSB data reception ALSA: seq: ump: Explicitly reset RPN with Null RPN Tao Zhou (3): drm/amdgpu: update type of buf size to u32 for eeprom functions drm/amdgpu: set RAS fed status for more cases drm/amdkfd: use mode1 reset for RAS poison consumption Tim Huang (10): drm/amdgpu: fix overflowed array index read warning drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr drm/amd/pm: fix uninitialized variable warning for smu_v13 drm/amdgpu: fix uninitialized scalar variable warning drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt drm/amdgpu: fix uninitialized variable warning for amdgpu_xgmi drm/amdgpu: fix uninitialized variable warning for jpeg_v4 drm/amdgpu: fix ucode out-of-bounds read warning drm/amdgpu: fix mc_data out-of-bounds read warning Valentin Schneider (1): net: tcp/dccp: prepare for tw_timer un-pinning Victor Skvortsov (1): drm/amdgpu: Queue KFD reset workitem in VF FED Wayne Lin (1): drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX Wenjing Liu (1): drm/amd/display: use preferred link settings for dp signal only Xiaogang Chen (1): drm/kfd: Correct pinned buffer handling at kfd restore and validate process Yang Wang (2): drm/amdgpu: fix compiler 'side-effect' check issue for RAS_EVENT_LOG() drm/amdgpu: remove redundant semicolons in RAS_EVENT_LOG Yazen Ghannam (1): hwmon: (k10temp) Check return value of amd_smn_read() Yevgeny Kliteynik (1): net/mlx5: DR, Fix 'stack guard page was hit' error in dr_rule Yunxiang Li (3): drm/amdgpu: add skip_hw_access checks for sriov drm/amdgpu: add lock in amdgpu_gart_invalidate_tlb drm/amdgpu: add lock in kfd_process_dequeue_from_device ZHANG Yuntian (1): net: usb: qmi_wwan: add MeiG Smart SRM825L Zhang Yi (1): ASoC: codecs: ES8326: button detect issue Zhigang Luo (1): drm/amdgpu: avoid reading vf2pf info size from FB Zong-Zhe Yang (1): wifi: rtw89: ser: avoid multiple deinit on same CAM winstang (1): drm/amd/display: added NULL check at start of dc_validate_stream

4 months

1
1
0 0

Linux 6.6.50

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.50 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/locking/hwspinlock.rst | 11 Makefile | 2 block/blk-integrity.c | 2 drivers/base/regmap/regmap-spi.c | 3 drivers/cpufreq/scmi-cpufreq.c | 4 drivers/crypto/stm32/stm32-cryp.c | 6 drivers/dma/altera-msgdma.c | 9 drivers/gpu/drm/amd/amdgpu/amdgpu_afmt.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 9 drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_cgs.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_eeprom.c | 6 drivers/gpu/drm/amd/amdgpu/amdgpu_eeprom.h | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_gart.c | 6 drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_securedisplay.c | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 11 drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c | 6 drivers/gpu/drm/amd/amdgpu/df_v1_7.c | 2 drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_crat.h | 2 drivers/gpu/drm/amd/amdkfd/kfd_debug.c | 4 drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 9 drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 3 drivers/gpu/drm/amd/amdkfd/kfd_topology.h | 5 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 19 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h | 2 drivers/gpu/drm/amd/display/dc/bios/bios_parser.c | 18 drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c | 7 drivers/gpu/drm/amd/display/dc/clk_mgr/dcn21/rn_clk_mgr.c | 3 drivers/gpu/drm/amd/display/dc/core/dc.c | 1 drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 3 drivers/gpu/drm/amd/display/dc/dce/dmub_replay.c | 3 drivers/gpu/drm/amd/display/dc/dcn20/dcn20_dwb_scl.c | 3 drivers/gpu/drm/amd/display/dc/dml/calcs/dcn_calcs.c | 7 drivers/gpu/drm/amd/display/dc/dml/dcn302/dcn302_fpu.c | 10 drivers/gpu/drm/amd/display/dc/dml/dcn303/dcn303_fpu.c | 10 drivers/gpu/drm/amd/display/dc/dml/dcn32/dcn32_fpu.c | 10 drivers/gpu/drm/amd/display/dc/dml/dcn321/dcn321_fpu.c | 10 drivers/gpu/drm/amd/display/dc/dml/display_mode_vba.c | 7 drivers/gpu/drm/amd/display/dc/gpio/gpio_service.c | 17 drivers/gpu/drm/amd/display/dc/hdcp/hdcp_msg.c | 17 drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_capability.c | 26 drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_training.c | 4 drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c | 28 drivers/gpu/drm/amd/pm/powerplay/amd_powerplay.c | 2 drivers/gpu/drm/amd/pm/powerplay/hwmgr/pp_psm.c | 13 drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c | 5 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu10_hwmgr.c | 29 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 2 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu8_hwmgr.c | 15 drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega10_hwmgr.c | 60 + drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega12_hwmgr.c | 20 drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega20_hwmgr.c | 31 - drivers/gpu/drm/amd/pm/powerplay/smumgr/vega10_smumgr.c | 6 drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c | 27 drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 14 drivers/gpu/drm/amd/pm/swsmu/smu13/aldebaran_ppt.c | 3 drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_6_ppt.c | 2 drivers/gpu/drm/bridge/tc358767.c | 2 drivers/gpu/drm/drm_fb_helper.c | 11 drivers/gpu/drm/drm_panel_orientation_quirks.c | 6 drivers/gpu/drm/meson/meson_plane.c | 17 drivers/hwmon/k10temp.c | 36 - drivers/hwspinlock/hwspinlock_core.c | 28 drivers/hwspinlock/hwspinlock_internal.h | 3 drivers/iio/industrialio-core.c | 7 drivers/iio/industrialio-event.c | 9 drivers/iio/inkern.c | 32 - drivers/infiniband/hw/efa/efa_com.c | 30 drivers/media/usb/uvc/uvc_driver.c | 18 drivers/media/v4l2-core/v4l2-cci.c | 9 drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 3 drivers/net/ethernet/mellanox/mlx5/core/steering/dr_rule.c | 2 drivers/net/ethernet/pensando/ionic/ionic_lif.c | 2 drivers/net/usb/qmi_wwan.c | 1 drivers/net/virtio_net.c | 8 drivers/net/wireless/ath/ath11k/qmi.c | 2 drivers/net/wireless/ath/ath12k/qmi.c | 2 drivers/net/wireless/intel/iwlwifi/fw/debugfs.c | 3 drivers/net/wireless/intel/iwlwifi/fw/runtime.h | 1 drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 6 drivers/net/wireless/realtek/rtw89/ser.c | 8 drivers/pci/controller/dwc/pcie-al.c | 16 drivers/platform/chrome/cros_ec_lpc_mec.c | 76 ++ drivers/platform/chrome/cros_ec_lpc_mec.h | 11 drivers/soc/qcom/smem.c | 26 drivers/spi/spi-hisi-kunpeng.c | 1 drivers/ufs/core/ufshcd.c | 19 drivers/usb/typec/ucsi/ucsi.h | 2 drivers/usb/usbip/stub_rx.c | 77 +- fs/btrfs/tree-checker.c | 47 + fs/f2fs/f2fs.h | 2 fs/f2fs/inline.c | 20 fs/f2fs/inode.c | 2 fs/gfs2/quota.c | 19 fs/gfs2/util.c | 6 fs/notify/fsnotify.c | 31 - fs/notify/fsnotify.h | 2 fs/notify/mark.c | 32 - fs/smb/client/smb2inode.c | 6 include/clocksource/timer-xilinx.h | 2 include/linux/fsnotify_backend.h | 8 include/linux/hwspinlock.h | 6 include/linux/i2c.h | 2 include/linux/soc/qcom/smem.h | 2 include/net/ip.h | 3 include/net/tcp.h | 2 include/sound/ump_convert.h | 1 include/ufs/ufshcd.h | 1 include/ufs/ufshci.h | 1 kernel/dma/debug.c | 5 kernel/rcu/tree.h | 1 kernel/rcu/tree_nocb.h | 32 - net/ipv4/fib_semantics.c | 5 net/ipv4/metrics.c | 8 net/ipv4/tcp_cong.c | 11 net/ipv6/route.c | 2 net/mac80211/main.c | 3 net/mptcp/fastopen.c | 4 net/mptcp/options.c | 50 - net/mptcp/pm.c | 28 net/mptcp/pm_netlink.c | 52 - net/mptcp/protocol.c | 58 + net/mptcp/protocol.h | 9 net/mptcp/sched.c | 4 net/mptcp/sockopt.c | 4 net/mptcp/subflow.c | 48 - net/wireless/scan.c | 46 + security/apparmor/apparmorfs.c | 4 security/smack/smack_lsm.c | 2 sound/core/seq/seq_ports.h | 14 sound/core/seq/seq_ump_convert.c | 95 +-- sound/core/ump_convert.c | 60 + sound/pci/hda/hda_generic.c | 63 ++ sound/pci/hda/hda_generic.h | 1 sound/pci/hda/patch_conexant.c | 2 sound/soc/amd/yc/acp6x-mach.c | 14 sound/soc/codecs/es8326.c | 2 tools/testing/selftests/net/mptcp/mptcp_join.sh | 304 +++++++++- tools/testing/selftests/net/mptcp/mptcp_lib.sh | 38 + tools/testing/selftests/net/mptcp/userspace_pm.sh | 30 145 files changed, 1662 insertions(+), 571 deletions(-) Abhishek Pandit-Subedi (1): usb: typec: ucsi: Fix null pointer dereference in trace Aleksandr Mishin (1): PCI: al: Check IORESOURCE_BUS existence during probe Alex Hung (8): drm/amd/display: Check gpio_id before used as array index drm/amd/display: Check index for aux_rd_interval before using drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] drm/amd/display: Check msg_id before processing transcation drm/amd/display: Spinlock before reading event drm/amd/display: Ensure index calculation will not overflow drm/amd/display: Check BIOS images before it is used drm/amd/display: Skip wbscl_set_scaler_filter if filter is null Alvin Lee (1): drm/amd/display: Assign linear_pitch_alignment even for VM Amir Goldstein (1): fsnotify: clear PARENT_WATCHED flags lazily Andreas Gruenbacher (1): gfs2: Revert "Add quota_change type" Andy Shevchenko (1): regmap: spi: Fix potential off-by-one when calculating reserved size Asad Kamal (1): drm/amd/amdgpu: Check tbo resource pointer Ben Walsh (1): platform/chrome: cros_ec_lpc: MEC access can use an AML mutex Breno Leitao (1): virtio_net: Fix napi_skb_cache_put warning Bruno Ancona (1): ASoC: amd: yc: Support mic on HP 14-em0002la Casey Schaufler (1): smack: tcp: ipv4, fix incorrect labeling Chao Yu (1): f2fs: fix to do sanity check on blocks for inline_data inode Chris Lew (1): soc: qcom: smem: Add qcom_smem_bust_hwspin_lock_by_host() Christoph Hellwig (1): block: remove the blk_flush_integrity call in blk_integrity_unregister Devyn Liu (1): spi: hisi-kunpeng: Add validation for the minimum value of speed_hz Dragos Tatulea (1): net/mlx5e: SHAMPO, Fix incorrect page release Frederic Weisbecker (1): rcu/nocb: Remove buggy bypass lock contention mitigation Geliang Tang (6): mptcp: make pm_remove_addrs_and_subflows static selftests: mptcp: userspace pm create id 0 subflow selftests: mptcp: dump userspace addrs list selftests: mptcp: userspace pm get addr tests selftests: mptcp: declare event macros in mptcp_lib selftests: mptcp: add mptcp_lib_events helper Greg Kroah-Hartman (1): Linux 6.6.50 Haoran Liu (1): drm/meson: plane: Add error handling Hersen Wu (7): drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 drm/amd/display: Add array index check for hdcp ddc access drm/amd/display: Fix Coverity INTERGER_OVERFLOW within construct_integrated_info drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create drm/amd/display: Fix Coverity INTEGER_OVERFLOW within decide_fallback_link_setting_max_bw_policy drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box Jagadeesh Kona (1): cpufreq: scmi: Avoid overflow of target_freq in fast switch Jason Xing (1): net: remove NULL-pointer net parameter in ip_metrics_convert Jeff Johnson (2): wifi: ath12k: initialize 'ret' in ath12k_qmi_load_file_target_mem() wifi: ath11k: initialize 'ret' in ath11k_qmi_load_file_target_mem() Jesse Zhang (12): drm/amd/pm: fix uninitialized variable warning drm/amd/pm: fix warning using uninitialized value of max_vid_step drm/amd/pm: Fix negative array index read drm/amd/pm: fix the Out-of-bounds read warning drm/amdgpu: Fix the warning division or modulo by zero drm/amdgpu: fix dereference after null check drm/amdgpu: fix the waring dereferencing hive drm/amd/pm: check specific index for aldebaran drm/amd/pm: check specific index for smu13 drm/amdgpu: the warning dereferencing obj for nbio_v7_4 drm/amd/pm: check negtive return for table entries drm/amdgu: fix Unintentional integer overflow for mall size Johannes Berg (2): wifi: mac80211: check ieee80211_bss_info_change_notify() against MLD wifi: cfg80211: make hash table duplicates more survivable Julien Stephan (1): driver: iio: add missing checks on iio_info's callback access Ken Sloat (1): pwm: xilinx: Fix u32 overflow issue in 32-bit width PWM mode. Krzysztof Stępniak (1): ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 Kyoungrul Kim (1): scsi: ufs: core: Check LSDBS cap when !mcq Leesoo Ahn (1): apparmor: fix possible NULL pointer dereference Lin.Cao (1): drm/amdkfd: Check debug trap enable before write dbg_ev_file Ma Jun (8): drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc drm/amdgpu/pm: Fix uninitialized variable warning for smu10 drm/amdgpu/pm: Fix uninitialized variable agc_btc_response drm/amdgpu: Fix the uninitialized variable warning drm/amdgpu: Fix out-of-bounds write warning drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs Marek Vasut (1): drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ Matthieu Baerts (NGI0) (11): mptcp: pm: fix RM_ADDR ID for the initial subflow selftests: mptcp: join: cannot rm sf if closed selftests: mptcp: join: check re-using ID of unused ADD_ADDR selftests: mptcp: join: check re-adding init endp with != id selftests: mptcp: join: validate event numbers selftests: mptcp: join: check re-re-adding ID 0 signal selftests: mptcp: join: test for flush/re-add endpoints selftests: mptcp: join: disable get and dump addr checks selftests: mptcp: join: stop transfer when check is done (part 2.2) mptcp: avoid duplicated SUB_CLOSED events mptcp: pr_debug: add missing \n at the end Maxime Méré (1): crypto: stm32/cryp - call finalize with bh disabled Michael Chen (1): drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device Michael Margolin (1): RDMA/efa: Properly handle unexpected AQ completions Nicholas Kazlauskas (1): drm/amd/display: Don't use fsleep for PSR exit waits on dmub replay Olivier Dautricourt (2): dmaengine: altera-msgdma: use irq variant of spin_lock/unlock while invoking callbacks dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor Paolo Abeni (1): selftests: mptcp: add explicit test case for remove/readd Paulo Alcantara (1): smb: client: fix FSCTL_GET_REPARSE_POINT against NetApp Peter Wang (1): scsi: ufs: core: Bypass quick recovery if force reset is needed Philip Mueller (1): drm: panel-orientation-quirks: Add quirk for OrangePi Neo Qiuxu Zhuo (1): drm/fb-helper: Don't schedule_work() to flush frame buffer during panic() Qu Wenruo (1): btrfs: tree-checker: validate dref root and objectid Ricardo Ribalda (1): media: uvcvideo: Enforce alignment of frame and interval Richard Fitzgerald (2): i2c: Fix conditional for substituting empty ACPI functions i2c: Use IS_REACHABLE() for substituting empty ACPI functions Richard Maina (1): hwspinlock: Introduce hwspin_lock_bust() Rik van Riel (1): dma-debug: avoid deadlock between dma debug vs printk and netconsole Sakari Ailus (1): media: v4l2-cci: Always assign *val Shahar S Matityahu (1): wifi: iwlwifi: remove fw_running op Shannon Nelson (1): ionic: fix potential irq name truncation Simon Holesch (1): usbip: Don't submit special requests twice Takashi Iwai (7): ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown ALSA: hda/conexant: Mute speakers at suspend / shutdown ALSA: ump: Transmit RPN/NRPN message at each MSB/LSB data reception ALSA: ump: Explicitly reset RPN with Null RPN ALSA: seq: ump: Use the common RPN/bank conversion context ALSA: seq: ump: Transmit RPN/NRPN message at each MSB/LSB data reception ALSA: seq: ump: Explicitly reset RPN with Null RPN Tao Zhou (1): drm/amdgpu: update type of buf size to u32 for eeprom functions Tim Huang (6): drm/amdgpu: fix overflowed array index read warning drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt drm/amdgpu: fix ucode out-of-bounds read warning drm/amdgpu: fix mc_data out-of-bounds read warning Wayne Lin (1): drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX Wenjing Liu (1): drm/amd/display: use preferred link settings for dp signal only Xiaogang Chen (1): drm/kfd: Correct pinned buffer handling at kfd restore and validate process Yazen Ghannam (1): hwmon: (k10temp) Check return value of amd_smn_read() Yevgeny Kliteynik (1): net/mlx5: DR, Fix 'stack guard page was hit' error in dr_rule Yunxiang Li (3): drm/amdgpu: add skip_hw_access checks for sriov drm/amdgpu: add lock in amdgpu_gart_invalidate_tlb drm/amdgpu: add lock in kfd_process_dequeue_from_device ZHANG Yuntian (1): net: usb: qmi_wwan: add MeiG Smart SRM825L Zhang Yi (1): ASoC: codecs: ES8326: button detect issue Zhigang Luo (1): drm/amdgpu: avoid reading vf2pf info size from FB Zong-Zhe Yang (1): wifi: rtw89: ser: avoid multiple deinit on same CAM winstang (1): drm/amd/display: added NULL check at start of dc_validate_stream

4 months

1
1
0 0

Linux 6.1.109

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.109 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/locking/hwspinlock.rst | 11 + Makefile | 2 block/blk-integrity.c | 2 drivers/base/regmap/regmap-spi.c | 3 drivers/cpufreq/scmi-cpufreq.c | 4 drivers/dma/altera-msgdma.c | 9 drivers/gpu/drm/amd/amdgpu/amdgpu_afmt.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_cgs.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_eeprom.c | 6 drivers/gpu/drm/amd/amdgpu/amdgpu_eeprom.h | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 2 drivers/gpu/drm/amd/amdgpu/df_v1_7.c | 2 drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_crat.h | 2 drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 3 drivers/gpu/drm/amd/amdkfd/kfd_topology.h | 5 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 19 - drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/dcn21/rn_clk_mgr.c | 3 drivers/gpu/drm/amd/display/dc/core/dc.c | 1 drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 3 drivers/gpu/drm/amd/display/dc/dcn20/dcn20_dwb_scl.c | 3 drivers/gpu/drm/amd/display/dc/dml/calcs/dcn_calcs.c | 7 drivers/gpu/drm/amd/display/dc/dml/display_mode_vba.c | 7 drivers/gpu/drm/amd/display/dc/gpio/gpio_service.c | 17 + drivers/gpu/drm/amd/display/dc/hdcp/hdcp_msg.c | 17 + drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c | 28 ++ drivers/gpu/drm/amd/pm/powerplay/amd_powerplay.c | 2 drivers/gpu/drm/amd/pm/powerplay/hwmgr/pp_psm.c | 13 - drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c | 5 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu10_hwmgr.c | 29 ++ drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 2 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu8_hwmgr.c | 15 + drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega10_hwmgr.c | 60 ++++- drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega12_hwmgr.c | 20 + drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega20_hwmgr.c | 31 ++ drivers/gpu/drm/amd/pm/powerplay/smumgr/vega10_smumgr.c | 6 drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c | 27 +- drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 14 + drivers/gpu/drm/amd/pm/swsmu/smu13/aldebaran_ppt.c | 3 drivers/gpu/drm/bridge/tc358767.c | 2 drivers/gpu/drm/drm_panel_orientation_quirks.c | 6 drivers/gpu/drm/meson/meson_plane.c | 17 + drivers/hwmon/k10temp.c | 36 ++- drivers/hwspinlock/hwspinlock_core.c | 28 ++ drivers/hwspinlock/hwspinlock_internal.h | 3 drivers/iio/industrialio-core.c | 7 drivers/iio/industrialio-event.c | 9 drivers/iio/inkern.c | 32 ++ drivers/infiniband/hw/efa/efa_com.c | 30 +- drivers/media/usb/uvc/uvc_driver.c | 18 + drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 3 drivers/net/ethernet/pensando/ionic/ionic_lif.c | 2 drivers/net/usb/qmi_wwan.c | 1 drivers/net/virtio_net.c | 8 drivers/net/wireless/ath/ath11k/qmi.c | 2 drivers/net/wireless/intel/iwlwifi/fw/debugfs.c | 3 drivers/net/wireless/intel/iwlwifi/fw/runtime.h | 1 drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 6 drivers/net/wireless/realtek/rtw89/ser.c | 8 drivers/pci/controller/dwc/pcie-al.c | 16 + drivers/pci/msi/msi.c | 10 drivers/ufs/core/ufshcd.c | 3 drivers/usb/typec/ucsi/ucsi.h | 2 drivers/usb/usbip/stub_rx.c | 77 ++++--- fs/ext4/extents.c | 2 fs/ext4/inode.c | 5 fs/ext4/page-io.c | 14 + fs/f2fs/f2fs.h | 1 fs/f2fs/file.c | 42 +++ fs/f2fs/inode.c | 8 fs/notify/fsnotify.c | 31 +- fs/notify/fsnotify.h | 2 fs/notify/mark.c | 32 ++ fs/udf/super.c | 9 include/clocksource/timer-xilinx.h | 2 include/linux/fsnotify_backend.h | 8 include/linux/hwspinlock.h | 6 include/linux/i2c.h | 2 kernel/dma/debug.c | 5 kernel/rcu/tree.h | 1 kernel/rcu/tree_nocb.h | 32 -- net/bluetooth/sco.c | 76 ++++--- net/mptcp/options.c | 50 ++-- net/mptcp/pm.c | 28 +- net/mptcp/pm_netlink.c | 151 ++++++++------ net/mptcp/protocol.c | 58 ++--- net/mptcp/protocol.h | 10 net/mptcp/sockopt.c | 4 net/mptcp/subflow.c | 50 ++-- net/wireless/scan.c | 46 +++- security/apparmor/apparmorfs.c | 4 security/smack/smack_lsm.c | 2 sound/pci/hda/hda_generic.c | 63 +++++ sound/pci/hda/hda_generic.h | 1 sound/pci/hda/patch_conexant.c | 2 sound/soc/amd/yc/acp6x-mach.c | 7 tools/testing/selftests/net/mptcp/mptcp_join.sh | 136 ++++++++++-- 102 files changed, 1141 insertions(+), 489 deletions(-) Abhishek Pandit-Subedi (1): usb: typec: ucsi: Fix null pointer dereference in trace Aleksandr Mishin (1): PCI: al: Check IORESOURCE_BUS existence during probe Alex Hung (6): drm/amd/display: Check gpio_id before used as array index drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] drm/amd/display: Check msg_id before processing transcation drm/amd/display: Spinlock before reading event drm/amd/display: Ensure index calculation will not overflow drm/amd/display: Skip wbscl_set_scaler_filter if filter is null Alvin Lee (1): drm/amd/display: Assign linear_pitch_alignment even for VM Amir Goldstein (1): fsnotify: clear PARENT_WATCHED flags lazily Andy Shevchenko (1): regmap: spi: Fix potential off-by-one when calculating reserved size Asad Kamal (1): drm/amd/amdgpu: Check tbo resource pointer Breno Leitao (1): virtio_net: Fix napi_skb_cache_put warning Casey Schaufler (1): smack: tcp: ipv4, fix incorrect labeling Chao Yu (1): f2fs: fix to truncate preallocated blocks in f2fs_file_open() Christoph Hellwig (1): block: remove the blk_flush_integrity call in blk_integrity_unregister Dragos Tatulea (1): net/mlx5e: SHAMPO, Fix incorrect page release Eric Biggers (1): ext4: reject casefold inode flag without casefold feature Frederic Weisbecker (1): rcu/nocb: Remove buggy bypass lock contention mitigation Geliang Tang (1): mptcp: make pm_remove_addrs_and_subflows static Greg Kroah-Hartman (1): Linux 6.1.109 Haoran Liu (1): drm/meson: plane: Add error handling Hersen Wu (4): drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 drm/amd/display: Add array index check for hdcp ddc access drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration Jagadeesh Kona (1): cpufreq: scmi: Avoid overflow of target_freq in fast switch Jan Kara (2): udf: Limit file size to 4TB ext4: handle redirtying in ext4_bio_write_page() Jeff Johnson (1): wifi: ath11k: initialize 'ret' in ath11k_qmi_load_file_target_mem() Jesse Zhang (9): drm/amd/pm: fix uninitialized variable warning drm/amd/pm: fix warning using uninitialized value of max_vid_step drm/amd/pm: Fix negative array index read drm/amd/pm: fix the Out-of-bounds read warning drm/amdgpu: fix dereference after null check drm/amdgpu: fix the waring dereferencing hive drm/amd/pm: check specific index for aldebaran drm/amdgpu: the warning dereferencing obj for nbio_v7_4 drm/amd/pm: check negtive return for table entries Johannes Berg (1): wifi: cfg80211: make hash table duplicates more survivable Julien Stephan (1): driver: iio: add missing checks on iio_info's callback access Ken Sloat (1): pwm: xilinx: Fix u32 overflow issue in 32-bit width PWM mode. Krzysztof Stępniak (1): ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 Leesoo Ahn (1): apparmor: fix possible NULL pointer dereference Luiz Augusto von Dentz (1): Bluetooth: SCO: Fix possible circular locking dependency on sco_connect_cfm Ma Jun (7): drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc drm/amdgpu/pm: Fix uninitialized variable warning for smu10 drm/amdgpu/pm: Fix uninitialized variable agc_btc_response drm/amdgpu: Fix out-of-bounds write warning drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs Marek Vasut (1): drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ Matthieu Baerts (NGI0) (17): mptcp: pm: fix RM_ADDR ID for the initial subflow mptcp: pm: fullmesh: select the right ID later mptcp: pm: avoid possible UaF when selecting endp mptcp: pm: reuse ID 0 after delete and re-add mptcp: pm: fix ID 0 endp usage after multiple re-creations selftests: mptcp: join: validate fullmesh endp on 1st sf selftests: mptcp: join: check re-using ID of closed subflow selftests: mptcp: add explicit test case for remove/readd selftests: mptcp: join: test for flush/re-add endpoints selftests: mptcp: join: check re-using ID of unused ADD_ADDR selftests: mptcp: join: check re-adding init endp with != id mptcp: pr_debug: add missing \n at the end mptcp: avoid duplicated SUB_CLOSED events selftests: mptcp: join: check removing ID 0 endpoint selftests: mptcp: join: no extra msg if no counter selftests: mptcp: join: check re-re-adding ID 0 endp selftests: mptcp: join: cannot rm sf if closed Michael Chen (1): drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device Michael Margolin (1): RDMA/efa: Properly handle unexpected AQ completions Mostafa Saleh (1): PCI/MSI: Fix UAF in msi_capability_init Olivier Dautricourt (2): dmaengine: altera-msgdma: use irq variant of spin_lock/unlock while invoking callbacks dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor Pauli Virtanen (1): Bluetooth: SCO: fix sco_conn related locking and validity issues Peter Wang (1): scsi: ufs: core: Bypass quick recovery if force reset is needed Philip Mueller (1): drm: panel-orientation-quirks: Add quirk for OrangePi Neo Ricardo Ribalda (1): media: uvcvideo: Enforce alignment of frame and interval Richard Fitzgerald (2): i2c: Fix conditional for substituting empty ACPI functions i2c: Use IS_REACHABLE() for substituting empty ACPI functions Richard Maina (1): hwspinlock: Introduce hwspin_lock_bust() Rik van Riel (1): dma-debug: avoid deadlock between dma debug vs printk and netconsole Shahar S Matityahu (1): wifi: iwlwifi: remove fw_running op Shannon Nelson (1): ionic: fix potential irq name truncation Simon Holesch (1): usbip: Don't submit special requests twice Takashi Iwai (2): ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown ALSA: hda/conexant: Mute speakers at suspend / shutdown Tao Zhou (1): drm/amdgpu: update type of buf size to u32 for eeprom functions Tim Huang (6): drm/amdgpu: fix overflowed array index read warning drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt drm/amdgpu: fix ucode out-of-bounds read warning drm/amdgpu: fix mc_data out-of-bounds read warning Wayne Lin (1): drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX Yazen Ghannam (1): hwmon: (k10temp) Check return value of amd_smn_read() ZHANG Yuntian (1): net: usb: qmi_wwan: add MeiG Smart SRM825L Zhigang Luo (1): drm/amdgpu: avoid reading vf2pf info size from FB Zong-Zhe Yang (1): wifi: rtw89: ser: avoid multiple deinit on same CAM winstang (1): drm/amd/display: added NULL check at start of dc_validate_stream zhanchengbin (1): ext4: fix inode tree inconsistency caused by ENOMEM

4 months

1
1
0 0

+ mm-codetag-add-pgalloc_tag_copy.patch added to mm-unstable branch

by Andrew Morton

The patch titled Subject: mm/codetag: add pgalloc_tag_copy() has been added to the -mm mm-unstable branch. Its filename is mm-codetag-add-pgalloc_tag_copy.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Yu Zhao <yuzhao(a)google.com> Subject: mm/codetag: add pgalloc_tag_copy() Date: Thu, 5 Sep 2024 22:21:08 -0600 Add pgalloc_tag_copy() to transfer the codetag from the old folio to the new one during migration. This makes original allocation sites persist cross migration rather than lump into the get_new_folio callbacks passed into migrate_pages(), e.g., compaction_alloc(): # echo 1 >/proc/sys/vm/compact_memory # grep compaction_alloc /proc/allocinfo Before this patch: 132968448 32463 mm/compaction.c:1880 func:compaction_alloc After this patch: 0 0 mm/compaction.c:1880 func:compaction_alloc Link: https://lkml.kernel.org/r/20240906042108.1150526-3-yuzhao@google.com Fixes: dcfe378c81f7 ("lib: introduce support for page allocation tagging") Signed-off-by: Yu Zhao <yuzhao(a)google.com> Acked-by: Suren Baghdasaryan <surenb(a)google.com> Cc: <stable(a)vger.kernel.org> Cc: Kent Overstreet <kent.overstreet(a)linux.dev> Cc: Muchun Song <muchun.song(a)linux.dev> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/alloc_tag.h | 24 ++++++++++-------------- include/linux/mm.h | 27 +++++++++++++++++++++++++++ mm/migrate.c | 1 + 3 files changed, 38 insertions(+), 14 deletions(-) --- a/include/linux/alloc_tag.h~mm-codetag-add-pgalloc_tag_copy +++ a/include/linux/alloc_tag.h @@ -137,7 +137,16 @@ static inline void alloc_tag_sub_check(u /* Caller should verify both ref and tag to be valid */ static inline void __alloc_tag_ref_set(union codetag_ref *ref, struct alloc_tag *tag) { + alloc_tag_add_check(ref, tag); + if (!ref || !tag) + return; + ref->ct = &tag->ct; +} + +static inline void alloc_tag_ref_set(union codetag_ref *ref, struct alloc_tag *tag) +{ + __alloc_tag_ref_set(ref, tag); /* * We need in increment the call counter every time we have a new * allocation or when we split a large allocation into smaller ones. @@ -147,22 +156,9 @@ static inline void __alloc_tag_ref_set(u this_cpu_inc(tag->counters->calls); } -static inline void alloc_tag_ref_set(union codetag_ref *ref, struct alloc_tag *tag) -{ - alloc_tag_add_check(ref, tag); - if (!ref || !tag) - return; - - __alloc_tag_ref_set(ref, tag); -} - static inline void alloc_tag_add(union codetag_ref *ref, struct alloc_tag *tag, size_t bytes) { - alloc_tag_add_check(ref, tag); - if (!ref || !tag) - return; - - __alloc_tag_ref_set(ref, tag); + alloc_tag_ref_set(ref, tag); this_cpu_add(tag->counters->bytes, bytes); } --- a/include/linux/mm.h~mm-codetag-add-pgalloc_tag_copy +++ a/include/linux/mm.h @@ -4161,10 +4161,37 @@ static inline void pgalloc_tag_split(str } } } + +static inline void pgalloc_tag_copy(struct folio *new, struct folio *old) +{ + struct alloc_tag *tag; + union codetag_ref *ref; + + tag = pgalloc_tag_get(&old->page); + if (!tag) + return; + + ref = get_page_tag_ref(&new->page); + if (!ref) + return; + + /* Clear the old ref to the original allocation tag. */ + clear_page_tag_ref(&old->page); + /* Decrement the counters of the tag on get_new_folio. */ + alloc_tag_sub(ref, folio_nr_pages(new)); + + __alloc_tag_ref_set(ref, tag); + + put_page_tag_ref(ref); +} #else /* !CONFIG_MEM_ALLOC_PROFILING */ static inline void pgalloc_tag_split(struct folio *folio, int old_order, int new_order) { } + +static inline void pgalloc_tag_copy(struct folio *new, struct folio *old) +{ +} #endif /* CONFIG_MEM_ALLOC_PROFILING */ #endif /* _LINUX_MM_H */ --- a/mm/migrate.c~mm-codetag-add-pgalloc_tag_copy +++ a/mm/migrate.c @@ -743,6 +743,7 @@ void folio_migrate_flags(struct folio *n folio_set_readahead(newfolio); folio_copy_owner(newfolio, folio); + pgalloc_tag_copy(newfolio, folio); mem_cgroup_migrate(folio, newfolio); } _ Patches currently in -mm which might be from yuzhao(a)google.com are mm-remap-unused-subpages-to-shared-zeropage-when-splitting-isolated-thp.patch mm-codetag-fix-a-typo.patch mm-codetag-fix-pgalloc_tag_split.patch mm-codetag-add-pgalloc_tag_copy.patch

4 months

1
0
0 0

+ mm-codetag-fix-pgalloc_tag_split.patch added to mm-unstable branch

by Andrew Morton

The patch titled Subject: mm/codetag: fix pgalloc_tag_split() has been added to the -mm mm-unstable branch. Its filename is mm-codetag-fix-pgalloc_tag_split.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Yu Zhao <yuzhao(a)google.com> Subject: mm/codetag: fix pgalloc_tag_split() Date: Thu, 5 Sep 2024 22:21:07 -0600 The current assumption is that a large folio can only be split into order-0 folios. That is not the case for hugeTLB demotion, nor for THP split: see commit c010d47f107f ("mm: thp: split huge page to any lower order pages"). When a large folio is split into ones of a lower non-zero order, only the new head pages should be tagged. Tagging tail pages can cause imbalanced "calls" counters, since only head pages are untagged by pgalloc_tag_sub() and the "calls" counts on tail pages are leaked, e.g., # echo 2048kB >/sys/kernel/mm/hugepages/hugepages-1048576kB/demote_size # echo 700 >/sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages # time echo 700 >/sys/kernel/mm/hugepages/hugepages-1048576kB/demote # echo 0 >/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages # grep alloc_gigantic_folio /proc/allocinfo Before this patch: 0 549427200 mm/hugetlb.c:1549 func:alloc_gigantic_folio real 0m2.057s user 0m0.000s sys 0m2.051s After this patch: 0 0 mm/hugetlb.c:1549 func:alloc_gigantic_folio real 0m1.711s user 0m0.000s sys 0m1.704s Not tagging tail pages also improves the splitting time, e.g., by about 15% when demoting 1GB hugeTLB folios to 2MB ones, as shown above. Link: https://lkml.kernel.org/r/20240906042108.1150526-2-yuzhao@google.com Fixes: be25d1d4e822 ("mm: create new codetag references during page splitting") Signed-off-by: Yu Zhao <yuzhao(a)google.com> Acked-by: Suren Baghdasaryan <surenb(a)google.com> Cc: <stable(a)vger.kernel.org> Cc: Kent Overstreet <kent.overstreet(a)linux.dev> Cc: Muchun Song <muchun.song(a)linux.dev> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/mm.h | 30 ++++++++++++++++++++++++++++++ include/linux/pgalloc_tag.h | 31 ------------------------------- mm/huge_memory.c | 2 +- mm/hugetlb.c | 2 +- mm/page_alloc.c | 4 ++-- 5 files changed, 34 insertions(+), 35 deletions(-) --- a/include/linux/mm.h~mm-codetag-fix-pgalloc_tag_split +++ a/include/linux/mm.h @@ -4137,4 +4137,34 @@ void vma_pgtable_walk_end(struct vm_area int reserve_mem_find_by_name(const char *name, phys_addr_t *start, phys_addr_t *size); +#ifdef CONFIG_MEM_ALLOC_PROFILING +static inline void pgalloc_tag_split(struct folio *folio, int old_order, int new_order) +{ + int i; + struct alloc_tag *tag; + unsigned int nr_pages = 1 << new_order; + + if (!mem_alloc_profiling_enabled()) + return; + + tag = pgalloc_tag_get(&folio->page); + if (!tag) + return; + + for (i = nr_pages; i < (1 << old_order); i += nr_pages) { + union codetag_ref *ref = get_page_tag_ref(folio_page(folio, i)); + + if (ref) { + /* Set new reference to point to the original tag */ + alloc_tag_ref_set(ref, tag); + put_page_tag_ref(ref); + } + } +} +#else /* !CONFIG_MEM_ALLOC_PROFILING */ +static inline void pgalloc_tag_split(struct folio *folio, int old_order, int new_order) +{ +} +#endif /* CONFIG_MEM_ALLOC_PROFILING */ + #endif /* _LINUX_MM_H */ --- a/include/linux/pgalloc_tag.h~mm-codetag-fix-pgalloc_tag_split +++ a/include/linux/pgalloc_tag.h @@ -80,36 +80,6 @@ static inline void pgalloc_tag_sub(struc } } -static inline void pgalloc_tag_split(struct page *page, unsigned int nr) -{ - int i; - struct page_ext *first_page_ext; - struct page_ext *page_ext; - union codetag_ref *ref; - struct alloc_tag *tag; - - if (!mem_alloc_profiling_enabled()) - return; - - first_page_ext = page_ext = page_ext_get(page); - if (unlikely(!page_ext)) - return; - - ref = codetag_ref_from_page_ext(page_ext); - if (!ref->ct) - goto out; - - tag = ct_to_alloc_tag(ref->ct); - page_ext = page_ext_next(page_ext); - for (i = 1; i < nr; i++) { - /* Set new reference to point to the original tag */ - alloc_tag_ref_set(codetag_ref_from_page_ext(page_ext), tag); - page_ext = page_ext_next(page_ext); - } -out: - page_ext_put(first_page_ext); -} - static inline struct alloc_tag *pgalloc_tag_get(struct page *page) { struct alloc_tag *tag = NULL; @@ -142,7 +112,6 @@ static inline void clear_page_tag_ref(st static inline void pgalloc_tag_add(struct page *page, struct task_struct *task, unsigned int nr) {} static inline void pgalloc_tag_sub(struct page *page, unsigned int nr) {} -static inline void pgalloc_tag_split(struct page *page, unsigned int nr) {} static inline struct alloc_tag *pgalloc_tag_get(struct page *page) { return NULL; } static inline void pgalloc_tag_sub_pages(struct alloc_tag *tag, unsigned int nr) {} --- a/mm/huge_memory.c~mm-codetag-fix-pgalloc_tag_split +++ a/mm/huge_memory.c @@ -3242,7 +3242,7 @@ static void __split_huge_page(struct pag /* Caller disabled irqs, so they are still disabled here */ split_page_owner(head, order, new_order); - pgalloc_tag_split(head, 1 << order); + pgalloc_tag_split(folio, order, new_order); /* See comment in __split_huge_page_tail() */ if (folio_test_anon(folio)) { --- a/mm/hugetlb.c~mm-codetag-fix-pgalloc_tag_split +++ a/mm/hugetlb.c @@ -3795,7 +3795,7 @@ static long demote_free_hugetlb_folios(s list_del(&folio->lru); split_page_owner(&folio->page, huge_page_order(src), huge_page_order(dst)); - pgalloc_tag_split(&folio->page, 1 << huge_page_order(src)); + pgalloc_tag_split(folio, huge_page_order(src), huge_page_order(dst)); for (i = 0; i < pages_per_huge_page(src); i += pages_per_huge_page(dst)) { struct page *page = folio_page(folio, i); --- a/mm/page_alloc.c~mm-codetag-fix-pgalloc_tag_split +++ a/mm/page_alloc.c @@ -2783,7 +2783,7 @@ void split_page(struct page *page, unsig for (i = 1; i < (1 << order); i++) set_page_refcounted(page + i); split_page_owner(page, order, 0); - pgalloc_tag_split(page, 1 << order); + pgalloc_tag_split(page_folio(page), order, 0); split_page_memcg(page, order, 0); } EXPORT_SYMBOL_GPL(split_page); @@ -4981,7 +4981,7 @@ static void *make_alloc_exact(unsigned l struct page *last = page + nr; split_page_owner(page, order, 0); - pgalloc_tag_split(page, 1 << order); + pgalloc_tag_split(page_folio(page), order, 0); split_page_memcg(page, order, 0); while (page < --last) set_page_refcounted(last); _ Patches currently in -mm which might be from yuzhao(a)google.com are mm-remap-unused-subpages-to-shared-zeropage-when-splitting-isolated-thp.patch mm-codetag-fix-a-typo.patch mm-codetag-fix-pgalloc_tag_split.patch mm-codetag-add-pgalloc_tag_copy.patch

4 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror September 2024