[PATCH 0/2] Deal with clang's -Wdefault-const-init-unsafe
by Nathan Chancellor
A new on by default warning in clang aims to flag cases where a const
variable or field is not initialized and has no default value (i.e., not
static or thread local). The field version of the warning triggers in
several places within the kernel that are not problematic so it is
disabled in the first patch. The variable version of the warning only
triggers in one place, the typecheck() macro, so I opted to silence it
in that one place to keep it enabled until it can be proved to be
problematic enough to disable it.
---
Nathan Chancellor (2):
kbuild: Disable -Wdefault-const-init-field-unsafe
include/linux/typecheck.h: Zero initialize dummy variables
include/linux/typecheck.h | 4 ++--
scripts/Makefile.extrawarn | 7 +++++++
2 files changed, 9 insertions(+), 2 deletions(-)
---
base-commit: ebd297a2affadb6f6f4d2e5d975c1eda18ac762d
change-id: 20250430-default-const-init-clang-b6e21b8d03b6
Best regards,
--
Nathan Chancellor <nathan(a)kernel.org>
5 days, 22 hours
- 4
- 11
[PATCH 0/1] mm: Fix regression after THP PTE optimization on Xen PV Dom0
by Petr Vaněk
Hi all,
I have found a problem in recent kernels 6.9+ when running under the Xen
hypervisor as a PV dom0. In my setup (PV Dom0 with 4G RAM, using XFS), I
shrink memory to 256M via the balloon driver after boot:
xl mem-set Domain-0 256m
Once memory is reduced, even running a simple command like ls usually
triggers the following warning:
[ 27.963562] [ T2553] page: refcount:88 mapcount:21 mapping:ffff88813ff6f6a8 index:0x110 pfn:0x10085c
[ 27.963564] [ T2553] head: order:2 mapcount:83 entire_mapcount:0 nr_pages_mapped:4 pincount:0
[ 27.963565] [ T2553] memcg:ffff888003573000
[ 27.963567] [ T2553] aops:0xffffffff8226fd20 ino:82467c dentry name(?):"libc.so.6"
[ 27.963570] [ T2553] flags: 0x2000000000416c(referenced|uptodate|lru|active|private|head|node=0|zone=2)
[ 27.963573] [ T2553] raw: 002000000000416c ffffea0004021e88 ffffea0004021908 ffff88813ff6f6a8
[ 27.963574] [ T2553] raw: 0000000000000110 ffff88811bf06b60 0000005800000014 ffff888003573000
[ 27.963576] [ T2553] head: 002000000000416c ffffea0004021e88 ffffea0004021908 ffff88813ff6f6a8
[ 27.963577] [ T2553] head: 0000000000000110 ffff88811bf06b60 0000005800000014 ffff888003573000
[ 27.963578] [ T2553] head: 0020000000000202 ffffea0004021701 0000000400000052 00000000ffffffff
[ 27.963580] [ T2553] head: 0000000300000003 8000000300000002 0000000000000014 0000000000000004
[ 27.963581] [ T2553] page dumped because: VM_WARN_ON_FOLIO((_Generic((page + nr_pages - 1), const struct page *: (const struct folio *)_compound_head(page + nr_pages - 1), struct page *: (struct folio *)_compound_head(page + nr_pages - 1))) != folio)
[ 27.963590] [ T2553] ------------[ cut here ]------------
[ 27.963591] [ T2553] WARNING: CPU: 1 PID: 2553 at include/linux/rmap.h:427 __folio_rmap_sanity_checks+0x1a0/0x270
[ 27.963596] [ T2553] CPU: 1 UID: 0 PID: 2553 Comm: ls Not tainted 6.15.0-rc4-00002-ge0363f942651 #270 PREEMPT(undef)
[ 27.963599] [ T2553] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-20240910_120124-localhost 04/01/2014
[ 27.963601] [ T2553] RIP: e030:__folio_rmap_sanity_checks+0x1a0/0x270
[ 27.963603] [ T2553] Code: 89 df e8 b3 7d fd ff 0f 0b e9 eb fe ff ff 48 8d 42 ff 48 39 c3 0f 84 0e ff ff ff 48 c7 c6 e8 49 5b 82 48 89 df e8 90 7d fd ff <0f> 0b e9 f8 fe ff ff 41 f7 c4 ff 0f 00 00 0f 85 b2 fe ff ff 49 8b
[ 27.963605] [ T2553] RSP: e02b:ffffc90040f8fac0 EFLAGS: 00010246
[ 27.963608] [ T2553] RAX: 00000000000000e5 RBX: ffffea0004021700 RCX: 0000000000000000
[ 27.963609] [ T2553] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00000000ffffffff
[ 27.963610] [ T2553] RBP: ffffc90040f8fae0 R08: 00000000ffffdfff R09: ffffffff82929308
[ 27.963612] [ T2553] R10: ffffffff82879360 R11: 0000000000000002 R12: ffffea0004021700
[ 27.963613] [ T2553] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000005
[ 27.963625] [ T2553] FS: 00007ff06dafe740(0000) GS:ffff8880b7ccb000(0000) knlGS:0000000000000000
[ 27.963627] [ T2553] CS: e030 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 27.963628] [ T2553] CR2: 000055deb932f630 CR3: 0000000002844000 CR4: 0000000000050660
[ 27.963630] [ T2553] Call Trace:
[ 27.963632] [ T2553] <TASK>
[ 27.963633] [ T2553] folio_remove_rmap_ptes+0x24/0x2b0
[ 27.963635] [ T2553] unmap_page_range+0x132e/0x17e0
[ 27.963638] [ T2553] unmap_single_vma+0x81/0xd0
[ 27.963640] [ T2553] unmap_vmas+0xb5/0x180
[ 27.963642] [ T2553] exit_mmap+0x10c/0x460
[ 27.963644] [ T2553] mmput+0x59/0x120
[ 27.963647] [ T2553] do_exit+0x2d1/0xbd0
[ 27.963649] [ T2553] do_group_exit+0x2f/0x90
[ 27.963651] [ T2553] __x64_sys_exit_group+0x13/0x20
[ 27.963652] [ T2553] x64_sys_call+0x126b/0x1d70
[ 27.963655] [ T2553] do_syscall_64+0x54/0x120
[ 27.963657] [ T2553] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 27.963659] [ T2553] RIP: 0033:0x7ff06dbdbe9d
[ 27.963660] [ T2553] Code: Unable to access opcode bytes at 0x7ff06dbdbe73.
[ 27.963661] [ T2553] RSP: 002b:00007ffde44f9ac8 EFLAGS: 00000206 ORIG_RAX: 00000000000000e7
[ 27.963664] [ T2553] RAX: ffffffffffffffda RBX: 00007ff06dce4fa8 RCX: 00007ff06dbdbe9d
[ 27.963665] [ T2553] RDX: 00000000000000e7 RSI: ffffffffffffff88 RDI: 0000000000000000
[ 27.963666] [ T2553] RBP: 0000000000000000 R08: 00007ffde44f9a70 R09: 00007ffde44f99ff
[ 27.963667] [ T2553] R10: 00007ffde44f9980 R11: 0000000000000206 R12: 00007ff06dce3680
[ 27.963668] [ T2553] R13: 00007ff06dd010e0 R14: 0000000000000002 R15: 00007ff06dce4fc0
[ 27.963670] [ T2553] </TASK>
[ 27.963671] [ T2553] ---[ end trace 0000000000000000 ]---
Later on bigger problems start to appear:
[ 69.035059] [ T2593] BUG: Bad page map in process ls pte:10006c125 pmd:1003dc067
[ 69.035061] [ T2593] page: refcount:8 mapcount:20 mapping:ffff88813fd736a8 index:0x110 pfn:0x10006c
[ 69.035064] [ T2593] head: order:2 mapcount:-2 entire_mapcount:0 nr_pages_mapped:8388532 pincount:0
[ 69.035066] [ T2593] memcg:ffff888003573000
[ 69.035067] [ T2593] aops:0xffffffff8226fd20 ino:82467c dentry name(?):"libc.so.6"
[ 69.035069] [ T2593] flags: 0x2000000000416c(referenced|uptodate|lru|active|private|head|node=0|zone=2)
[ 69.035072] [ T2593] raw: 002000000000416c ffffea0004002348 ffffea0004001d08 ffff88813fd736a8
[ 69.035074] [ T2593] raw: 0000000000000110 ffff888100d19860 0000000800000013 ffff888003573000
[ 69.035076] [ T2593] head: 002000000000416c ffffea0004002348 ffffea0004001d08 ffff88813fd736a8
[ 69.035078] [ T2593] head: 0000000000000110 ffff888100d19860 0000000800000013 ffff888003573000
[ 69.035079] [ T2593] head: 0020000000000202 ffffea0004001b01 ffffffb4fffffffd 00000000ffffffff
[ 69.035081] [ T2593] head: 0000000300000003 0000000500000002 0000000000000013 0000000000000004
[ 69.035082] [ T2593] page dumped because: bad pte
[ 69.035083] [ T2593] addr:00007f6524b96000 vm_flags:00000075 anon_vma:0000000000000000 mapping:ffff88813fd736a8 index:110
[ 69.035086] [ T2593] file:libc.so.6 fault:xfs_filemap_fault mmap:xfs_file_mmap read_folio:xfs_vm_read_folio
The system eventually becomes unusable and typically crashes.
I was able to bisect this issue to the commit: 10ebac4f95e7 ("mm/memory:
optimize unmap/zap with PTE-mapped THP").
If I understand correctly, the folio from the first warning has 4 pages,
but folio_pte_batch incorrectly counts 5 pages, because expected_pte and
pte are both zero-valued PTEs, and the loop is not broken in such a case
because pte_same() returns true.
[ 27.963266] [ T2553] folio_pte_batch debug: printing PTE values starting at addr=0x7ff06dc11000
[ 27.963268] [ T2553] PTE[ 0] = 000000010085c125
[ 27.963272] [ T2553] PTE[ 1] = 000000010085d125
[ 27.963274] [ T2553] PTE[ 2] = 000000010085e125
[ 27.963276] [ T2553] PTE[ 3] = 000000010085f125
[ 27.963277] [ T2553] PTE[ 4] = 0000000000000000 <-- not present
[ 27.963279] [ T2553] PTE[ 5] = 0000000102e47125
[ 27.963281] [ T2553] PTE[ 6] = 0000000102e48125
[ 27.963283] [ T2553] PTE[ 7] = 0000000102e49125
As a consequence, zap_present_folio_ptes() is called with nr = 5, which
later calls folio_remove_rmap_ptes(), where __folio_rmap_sanity_checks()
emits the warning log.
The patch in the following message fixes the problem for me. It adds a
check that breaks the loop when encountering non-present PTE, before the
!pte_same() check.
I still don't fully understand how the zero-valued PTE appears there or
why this issue is triggered only when xen-balloon driver shrinks the
memory. I wasn't able to reproduce it without shrinking.
Cheers,
Petr
Petr Vaněk (1):
mm: Fix folio_pte_batch() overcount with zero PTEs
mm/internal.h | 2 ++
1 file changed, 2 insertions(+)
--
2.48.1
5 days, 22 hours
- 3
- 19
[PATCH 1/1] phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode
by Wayne Chang
When transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code
assumed that the regulator should be disabled. However, if the regulator
is marked as always-on, regulator_is_enabled() continues to return true,
leading to an incorrect attempt to disable a regulator which is not
enabled.
This can result in warnings such as:
[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004
_regulator_disable+0xe4/0x1a0
[ 250.155652] unbalanced disables for VIN_SYS_5V0
To fix this, we move the regulator control logic into
tegra186_xusb_padctl_id_override() function since it's directly related
to the ID override state. The regulator is now only disabled when the role
transitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID
register. This ensures that regulator enable/disable operations are
properly balanced and only occur when actually transitioning to/from host
mode.
Fixes: 49d46e3c7e59 ("phy: tegra: xusb: Add set_mode support for UTMI phy on Tegra186")
Cc: stable(a)vger.kernel.org
Signed-off-by: Wayne Chang <waynec(a)nvidia.com>
---
drivers/phy/tegra/xusb-tegra186.c | 59 +++++++++++++++++++------------
1 file changed, 37 insertions(+), 22 deletions(-)
diff --git a/drivers/phy/tegra/xusb-tegra186.c b/drivers/phy/tegra/xusb-tegra186.c
index fae6242aa730..1b35d50821f7 100644
--- a/drivers/phy/tegra/xusb-tegra186.c
+++ b/drivers/phy/tegra/xusb-tegra186.c
@@ -774,13 +774,15 @@ static int tegra186_xusb_padctl_vbus_override(struct tegra_xusb_padctl *padctl,
}
static int tegra186_xusb_padctl_id_override(struct tegra_xusb_padctl *padctl,
- bool status)
+ struct tegra_xusb_usb2_port *port, bool status)
{
- u32 value;
+ u32 value, id_override;
+ int err = 0;
dev_dbg(padctl->dev, "%s id override\n", status ? "set" : "clear");
value = padctl_readl(padctl, USB2_VBUS_ID);
+ id_override = value & ID_OVERRIDE(~0);
if (status) {
if (value & VBUS_OVERRIDE) {
@@ -791,15 +793,35 @@ static int tegra186_xusb_padctl_id_override(struct tegra_xusb_padctl *padctl,
value = padctl_readl(padctl, USB2_VBUS_ID);
}
- value &= ~ID_OVERRIDE(~0);
- value |= ID_OVERRIDE_GROUNDED;
+ if (id_override != ID_OVERRIDE_GROUNDED) {
+ value &= ~ID_OVERRIDE(~0);
+ value |= ID_OVERRIDE_GROUNDED;
+ padctl_writel(padctl, value, USB2_VBUS_ID);
+
+ err = regulator_enable(port->supply);
+ if (err) {
+ dev_err(padctl->dev, "Failed to enable regulator: %d\n", err);
+ return err;
+ }
+ }
} else {
- value &= ~ID_OVERRIDE(~0);
- value |= ID_OVERRIDE_FLOATING;
+ if (id_override == ID_OVERRIDE_GROUNDED) {
+ /*
+ * The regulator is disabled only when the role transitions
+ * from USB_ROLE_HOST to USB_ROLE_NONE.
+ */
+ err = regulator_disable(port->supply);
+ if (err) {
+ dev_err(padctl->dev, "Failed to disable regulator: %d\n", err);
+ return err;
+ }
+
+ value &= ~ID_OVERRIDE(~0);
+ value |= ID_OVERRIDE_FLOATING;
+ padctl_writel(padctl, value, USB2_VBUS_ID);
+ }
}
- padctl_writel(padctl, value, USB2_VBUS_ID);
-
return 0;
}
@@ -818,27 +840,20 @@ static int tegra186_utmi_phy_set_mode(struct phy *phy, enum phy_mode mode,
if (mode == PHY_MODE_USB_OTG) {
if (submode == USB_ROLE_HOST) {
- tegra186_xusb_padctl_id_override(padctl, true);
-
- err = regulator_enable(port->supply);
+ err = tegra186_xusb_padctl_id_override(padctl, port, true);
+ if (err)
+ goto out;
} else if (submode == USB_ROLE_DEVICE) {
tegra186_xusb_padctl_vbus_override(padctl, true);
} else if (submode == USB_ROLE_NONE) {
- /*
- * When port is peripheral only or role transitions to
- * USB_ROLE_NONE from USB_ROLE_DEVICE, regulator is not
- * enabled.
- */
- if (regulator_is_enabled(port->supply))
- regulator_disable(port->supply);
-
- tegra186_xusb_padctl_id_override(padctl, false);
+ err = tegra186_xusb_padctl_id_override(padctl, port, false);
+ if (err)
+ goto out;
tegra186_xusb_padctl_vbus_override(padctl, false);
}
}
-
+out:
mutex_unlock(&padctl->lock);
-
return err;
}
--
2.25.1
5 days, 22 hours
- 1
- 0
[PATCH 0/3 V3] usb: usbtmc: Fix erroneous ioctl returns
by Dave Penkler
Recent tests with timeouts > INT_MAX produced random error returns
with usbtmc_get_stb. This was caused by assigning the return value
of wait_event_interruptible_timeout to an int which overflowed to
negative values. Also return value on success was the remaining
number of jiffies instead of 0.
These patches fix all the cases where the return of
wait_event_interruptible_timeout was assigned to an int and
the case of the remaining jiffies return in usbtmc_get_stb.
Patch 1: Fixes usbtmc_get_stb
Patch 2: Fixes usbtmc488_ioctl_wait_srq
Patch 3: Fixes usbtmc_generic_read
Dave Penkler (3):
usb: usbtmc: Fix erroneous get_stb ioctl error returns
usb: usbtmc: Fix erroneous wait_srq ioctl return
usb: usbtmc: Fix erroneous generic_read ioctl return
drivers/usb/class/usbtmc.c | 53 ++++++++++++++++++++++----------------
1 file changed, 31 insertions(+), 22 deletions(-)
--
Changes V1 => V2 Add cc to stable line
V2 => V3 Add susbsystem to cover letter
2.49.0
6 days, 1 hour
- 1
- 3
Linux 6.14.5
by Greg Kroah-Hartman
I'm announcing the release of the 6.14.5 kernel.
All users of the 6.14 kernel series must upgrade.
The updated 6.14.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.14.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/admin-guide/kernel-parameters.txt | 2
Documentation/bpf/bpf_devel_QA.rst | 8
Documentation/trace/debugging.rst | 2
Makefile | 3
arch/arm/crypto/Kconfig | 10
arch/arm64/crypto/Kconfig | 6
arch/loongarch/Kconfig | 1
arch/loongarch/include/asm/fpu.h | 39
arch/loongarch/include/asm/lbt.h | 10
arch/loongarch/include/asm/ptrace.h | 4
arch/loongarch/kernel/fpu.S | 6
arch/loongarch/kernel/lbt.S | 4
arch/loongarch/kernel/signal.c | 21
arch/loongarch/kernel/traps.c | 20
arch/loongarch/kvm/intc/ipi.c | 4
arch/loongarch/kvm/main.c | 4
arch/loongarch/kvm/vcpu.c | 8
arch/loongarch/mm/hugetlbpage.c | 2
arch/loongarch/mm/init.c | 3
arch/mips/crypto/Kconfig | 7
arch/mips/include/asm/mips-cm.h | 22
arch/mips/kernel/mips-cm.c | 14
arch/parisc/kernel/pdt.c | 2
arch/powerpc/crypto/Kconfig | 7
arch/riscv/crypto/Kconfig | 1
arch/riscv/include/asm/alternative-macros.h | 19
arch/riscv/include/asm/cacheflush.h | 15
arch/riscv/include/asm/ftrace.h | 2
arch/riscv/include/asm/ptrace.h | 18
arch/riscv/kernel/probes/uprobes.c | 10
arch/s390/crypto/Kconfig | 3
arch/s390/kvm/intercept.c | 2
arch/s390/kvm/interrupt.c | 8
arch/s390/kvm/kvm-s390.c | 10
arch/s390/kvm/trace-s390.h | 4
arch/um/include/linux/time-internal.h | 2
arch/um/kernel/skas/syscall.c | 11
arch/x86/crypto/Kconfig | 11
arch/x86/entry/entry.S | 2
arch/x86/events/core.c | 2
arch/x86/include/asm/intel-family.h | 2
arch/x86/include/asm/pgalloc.h | 19
arch/x86/kernel/cpu/bugs.c | 30
arch/x86/kernel/i8253.c | 3
arch/x86/kernel/machine_kexec_32.c | 4
arch/x86/kvm/svm/avic.c | 60
arch/x86/kvm/vmx/posted_intr.c | 28
arch/x86/kvm/x86.c | 20
arch/x86/lib/x86-opcode-map.txt | 4
arch/x86/mm/pgtable.c | 4
arch/x86/mm/tlb.c | 6
arch/x86/pci/xen.c | 8
arch/x86/platform/efi/efi_64.c | 4
arch/x86/xen/enlighten_pvh.c | 19
block/bdev.c | 22
block/blk-cgroup.c | 2
block/blk-settings.c | 8
block/blk.h | 3
block/fops.c | 2
crypto/Kconfig | 3
crypto/crypto_null.c | 39
crypto/ecc.c | 2
crypto/ecdsa-p1363.c | 2
crypto/ecdsa-x962.c | 4
drivers/acpi/ec.c | 28
drivers/acpi/pptt.c | 4
drivers/android/binder.c | 2
drivers/ata/libata-scsi.c | 25
drivers/base/base.h | 17
drivers/base/bus.c | 2
drivers/base/core.c | 38
drivers/base/dd.c | 7
drivers/block/ublk_drv.c | 214 +-
drivers/char/misc.c | 2
drivers/char/virtio_console.c | 7
drivers/clk/clk.c | 4
drivers/clk/renesas/rzv2h-cpg.c | 12
drivers/comedi/drivers/jr3_pci.c | 2
drivers/cpufreq/Kconfig.arm | 20
drivers/cpufreq/apple-soc-cpufreq.c | 10
drivers/cpufreq/cppc_cpufreq.c | 2
drivers/cpufreq/scmi-cpufreq.c | 10
drivers/cpufreq/scpi-cpufreq.c | 13
drivers/cpufreq/sun50i-cpufreq-nvmem.c | 18
drivers/crypto/atmel-sha204a.c | 6
drivers/crypto/ccp/sp-pci.c | 1
drivers/cxl/core/regs.c | 4
drivers/dma-buf/udmabuf.c | 2
drivers/dma/bcm2835-dma.c | 2
drivers/dma/dmatest.c | 6
drivers/firmware/stratix10-svc.c | 14
drivers/gpio/gpiolib-of.c | 6
drivers/gpu/drm/amd/amdgpu/amdgpu.h | 2
drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 14
drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 14
drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c | 19
drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 8
drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 12
drivers/gpu/drm/amd/amdgpu/gfx_v12_0.c | 6
drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c | 4
drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 4
drivers/gpu/drm/amd/amdgpu/gmc_v12_0.c | 4
drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 2
drivers/gpu/drm/amd/amdgpu/psp_v11_0.c | 2
drivers/gpu/drm/amd/amdgpu/psp_v13_0.c | 2
drivers/gpu/drm/amd/amdgpu/psp_v14_0.c | 2
drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 3
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 9
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c | 2
drivers/gpu/drm/meson/meson_drv.c | 2
drivers/gpu/drm/meson/meson_drv.h | 2
drivers/gpu/drm/meson/meson_encoder_hdmi.c | 29
drivers/gpu/drm/meson/meson_vclk.c | 195 +
drivers/gpu/drm/meson/meson_vclk.h | 13
drivers/gpu/drm/panel/panel-jadard-jd9365da-h3.c | 4
drivers/gpu/drm/xe/regs/xe_gt_regs.h | 4
drivers/gpu/drm/xe/tests/xe_rtp_test.c | 2
drivers/gpu/drm/xe/xe_gt.c | 4
drivers/gpu/drm/xe/xe_gt_debugfs.c | 11
drivers/gpu/drm/xe/xe_gt_types.h | 10
drivers/gpu/drm/xe/xe_hw_engine.c | 18
drivers/gpu/drm/xe/xe_reg_whitelist.c | 4
drivers/gpu/drm/xe/xe_rtp.c | 6
drivers/gpu/drm/xe/xe_rtp.h | 2
drivers/gpu/drm/xe/xe_tuning.c | 71
drivers/gpu/drm/xe/xe_tuning.h | 3
drivers/gpu/drm/xe/xe_wa.c | 22
drivers/gpu/drm/xe/xe_wa_oob.rules | 2
drivers/i3c/master/svc-i3c-master.c | 17
drivers/iio/adc/ad4695.c | 34
drivers/iio/adc/ad7768-1.c | 5
drivers/infiniband/hw/qib/qib_fs.c | 1
drivers/iommu/amd/iommu.c | 2
drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-iommufd.c | 2
drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 4
drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h | 1
drivers/iommu/iommu.c | 3
drivers/irqchip/irq-gic-v2m.c | 2
drivers/irqchip/irq-renesas-rzv2h.c | 91
drivers/mailbox/pcc.c | 15
drivers/mcb/mcb-parse.c | 2
drivers/md/raid1.c | 26
drivers/media/i2c/Kconfig | 1
drivers/media/i2c/imx214.c | 978 ++++------
drivers/media/i2c/ov08x40.c | 56
drivers/misc/lkdtm/perms.c | 14
drivers/misc/mchp_pci1xxxx/mchp_pci1xxxx_gpio.c | 8
drivers/misc/mei/hw-me-regs.h | 1
drivers/misc/mei/pci-me.c | 1
drivers/misc/mei/vsc-tp.c | 26
drivers/mmc/host/sdhci-msm.c | 2
drivers/net/dsa/mt7530.c | 6
drivers/net/ethernet/amd/pds_core/adminq.c | 36
drivers/net/ethernet/amd/pds_core/auxbus.c | 3
drivers/net/ethernet/amd/pds_core/core.c | 9
drivers/net/ethernet/amd/pds_core/core.h | 4
drivers/net/ethernet/amd/pds_core/devlink.c | 4
drivers/net/ethernet/freescale/enetc/enetc.c | 45
drivers/net/ethernet/mediatek/mtk_eth_soc.c | 24
drivers/net/ethernet/mediatek/mtk_eth_soc.h | 10
drivers/net/ethernet/mellanox/mlx5/core/lib/fs_ttc.c | 26
drivers/net/ethernet/stmicro/stmmac/dwmac-socfpga.c | 18
drivers/net/ethernet/stmicro/stmmac/dwmac1000.h | 4
drivers/net/ethernet/stmicro/stmmac/dwmac1000_core.c | 2
drivers/net/ethernet/stmicro/stmmac/stmmac_hwtstamp.c | 2
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 62
drivers/net/ethernet/sun/niu.c | 2
drivers/net/phy/dp83822.c | 40
drivers/net/phy/microchip.c | 46
drivers/net/phy/phy_device.c | 53
drivers/net/phy/phy_led_triggers.c | 23
drivers/net/phy/phylink.c | 164 +
drivers/net/virtio_net.c | 125 -
drivers/net/vmxnet3/vmxnet3_xdp.c | 2
drivers/net/xen-netfront.c | 17
drivers/ntb/hw/amd/ntb_hw_amd.c | 1
drivers/ntb/hw/idt/ntb_hw_idt.c | 18
drivers/nvme/host/core.c | 9
drivers/nvme/host/multipath.c | 2
drivers/nvme/target/core.c | 3
drivers/nvme/target/fc.c | 25
drivers/nvme/target/pci-epf.c | 14
drivers/of/resolver.c | 37
drivers/pci/msi/msi.c | 38
drivers/phy/rockchip/phy-rockchip-usbdp.c | 1
drivers/pinctrl/pinctrl-mcp23s08.c | 23
drivers/pinctrl/renesas/pinctrl-rza2.c | 3
drivers/platform/x86/x86-android-tablets/dmi.c | 14
drivers/platform/x86/x86-android-tablets/other.c | 124 -
drivers/platform/x86/x86-android-tablets/x86-android-tablets.h | 3
drivers/pwm/core.c | 13
drivers/pwm/pwm-axi-pwmgen.c | 10
drivers/regulator/rk808-regulator.c | 4
drivers/rtc/rtc-pcf85063.c | 19
drivers/s390/char/sclp_con.c | 17
drivers/s390/char/sclp_tty.c | 12
drivers/scsi/hisi_sas/hisi_sas_main.c | 20
drivers/scsi/mpi3mr/mpi3mr_fw.c | 2
drivers/scsi/pm8001/pm8001_sas.c | 1
drivers/scsi/scsi.c | 36
drivers/scsi/scsi_lib.c | 6
drivers/soc/qcom/ice.c | 48
drivers/spi/spi-imx.c | 5
drivers/spi/spi-tegra210-quad.c | 6
drivers/staging/gpib/agilent_82350b/agilent_82350b.c | 10
drivers/thunderbolt/tb.c | 16
drivers/tty/serial/msm_serial.c | 6
drivers/tty/serial/sifive.c | 6
drivers/tty/vt/selection.c | 5
drivers/ufs/core/ufs-mcq.c | 12
drivers/ufs/core/ufshcd.c | 2
drivers/ufs/host/ufs-exynos.c | 44
drivers/ufs/host/ufs-exynos.h | 1
drivers/ufs/host/ufs-qcom.c | 2
drivers/usb/cdns3/cdns3-gadget.c | 2
drivers/usb/chipidea/ci_hdrc_imx.c | 44
drivers/usb/class/cdc-wdm.c | 21
drivers/usb/core/quirks.c | 9
drivers/usb/dwc3/dwc3-pci.c | 10
drivers/usb/dwc3/dwc3-xilinx.c | 4
drivers/usb/dwc3/gadget.c | 28
drivers/usb/gadget/udc/aspeed-vhub/dev.c | 3
drivers/usb/host/max3421-hcd.c | 7
drivers/usb/host/ohci-pci.c | 23
drivers/usb/host/xhci-hub.c | 30
drivers/usb/host/xhci-mvebu.c | 10
drivers/usb/host/xhci-mvebu.h | 6
drivers/usb/host/xhci-plat.c | 2
drivers/usb/host/xhci-ring.c | 75
drivers/usb/host/xhci.c | 4
drivers/usb/host/xhci.h | 4
drivers/usb/serial/ftdi_sio.c | 2
drivers/usb/serial/ftdi_sio_ids.h | 5
drivers/usb/serial/option.c | 3
drivers/usb/serial/usb-serial-simple.c | 7
drivers/usb/storage/unusual_uas.h | 7
drivers/usb/typec/class.c | 24
drivers/usb/typec/class.h | 1
drivers/usb/typec/ucsi/cros_ec_ucsi.c | 5
drivers/usb/typec/ucsi/ucsi.c | 19
drivers/usb/typec/ucsi/ucsi.h | 6
drivers/usb/typec/ucsi/ucsi_acpi.c | 5
drivers/usb/typec/ucsi/ucsi_ccg.c | 67
drivers/vhost/scsi.c | 80
drivers/virtio/virtio_pci_modern.c | 4
drivers/xen/Kconfig | 2
fs/btrfs/file.c | 9
fs/btrfs/zoned.c | 1
fs/ceph/inode.c | 2
fs/ext4/block_validity.c | 5
fs/ext4/inode.c | 7
fs/iomap/buffered-io.c | 2
fs/namespace.c | 69
fs/netfs/main.c | 4
fs/ntfs3/file.c | 20
fs/smb/client/sess.c | 60
fs/smb/client/smb1ops.c | 36
fs/smb/server/vfs_cache.c | 8
fs/splice.c | 2
fs/xattr.c | 4
include/linux/blkdev.h | 4
include/linux/energy_model.h | 12
include/linux/math.h | 12
include/linux/msi.h | 3
include/linux/pci.h | 2
include/linux/phy.h | 4
include/linux/phylink.h | 4
include/net/netfilter/nft_fib.h | 21
include/soc/qcom/ice.h | 2
include/uapi/linux/virtio_pci.h | 1
init/Kconfig | 2
io_uring/io_uring.c | 15
io_uring/refs.h | 7
kernel/bpf/bpf_cgrp_storage.c | 11
kernel/bpf/hashtab.c | 6
kernel/bpf/preload/bpf_preload_kern.c | 1
kernel/bpf/syscall.c | 6
kernel/bpf/verifier.c | 32
kernel/cgroup/cgroup.c | 29
kernel/cgroup/cpuset-internal.h | 1
kernel/cgroup/cpuset.c | 14
kernel/dma/contiguous.c | 3
kernel/events/core.c | 6
kernel/irq/msi.c | 2
kernel/panic.c | 6
kernel/power/energy_model.c | 47
kernel/sched/ext.c | 4
kernel/sched/fair.c | 4
kernel/time/tick-common.c | 22
kernel/trace/bpf_trace.c | 7
kernel/trace/trace.c | 10
lib/Kconfig.ubsan | 1
lib/crypto/Kconfig | 37
lib/test_ubsan.c | 18
mm/vmscan.c | 7
net/9p/client.c | 30
net/9p/trans_fd.c | 17
net/core/lwtunnel.c | 26
net/core/selftests.c | 18
net/ipv4/netfilter/nft_fib_ipv4.c | 11
net/ipv6/netfilter/nft_fib_ipv6.c | 19
net/mptcp/pm_userspace.c | 6
net/sched/sch_hfsc.c | 23
net/tipc/monitor.c | 3
rust/Makefile | 8
rust/kernel/firmware.rs | 8
scripts/Makefile.lib | 2
scripts/Makefile.vmlinux | 4
sound/soc/codecs/aw88081.c | 10
sound/soc/codecs/wcd934x.c | 2
sound/soc/fsl/fsl_asrc_dma.c | 15
sound/virtio/virtio_pcm.c | 21
tools/arch/x86/lib/x86-opcode-map.txt | 4
tools/bpf/bpftool/prog.c | 1
tools/objtool/check.c | 36
tools/testing/selftests/bpf/cap_helpers.c | 8
tools/testing/selftests/bpf/cap_helpers.h | 1
tools/testing/selftests/bpf/network_helpers.c | 33
tools/testing/selftests/bpf/prog_tests/verifier.c | 4
tools/testing/selftests/bpf/test_loader.c | 6
tools/testing/selftests/mincore/mincore_selftest.c | 3
tools/testing/selftests/pcie_bwctrl/Makefile | 3
tools/testing/selftests/ublk/test_stripe_04.sh | 24
323 files changed, 3670 insertions(+), 2042 deletions(-)
Adam Xue (1):
USB: serial: option: add Sierra Wireless EM9291
Al Viro (2):
fix a couple of races in MNT_TREE_BENEATH handling by do_move_mount()
qibfs: fix _another_ leak
Alexander Stein (1):
usb: host: max3421-hcd: Add missing spi_device_id table
Alexander Usyskin (1):
mei: me: add panther lake H DID
Alexei Starovoitov (2):
bpf: Add namespace to BPF internal symbols
bpf: Fix deadlock between rcu_tasks_trace and event_mutex.
Alexey Nepomnyashih (1):
xen-netfront: handle NULL returned by xdp_convert_buff_to_frame()
Alexis Lothore (1):
net: stmmac: fix dwmac1000 ptp timestamp status offset
Alexis Lothoré (1):
net: stmmac: fix multiplication overflow when reading timestamp
Amery Hung (1):
selftests/bpf: Fix stdout race condition in traffic monitor
Anastasia Kovaleva (1):
scsi: core: Clear flags for scsi_cmnd that did not complete
Andre Przywara (1):
cpufreq: sun50i: prevent out-of-bounds access
Andrei Kuchynski (2):
usb: typec: class: Fix NULL pointer access
usb: typec: class: Invalidate USB device pointers on partner unregistration
Andrew Jones (1):
riscv: Provide all alternative macros all the time
André Apitzsch (6):
media: i2c: imx214: Use subdev active state
media: i2c: imx214: Simplify with dev_err_probe()
media: i2c: imx214: Convert to CCI register access helpers
media: i2c: imx214: Replace register addresses with macros
media: i2c: imx214: Check number of lanes from device tree
media: i2c: imx214: Fix link frequency validation
Andy Shevchenko (3):
usb: dwc3: gadget: Refactor loop to avoid NULL endpoints
usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield
gpiolib: of: Move Atmel HSMCI quirk up out of the regulator comment
Andy Yan (1):
phy: rockchip: usbdp: Avoid call hpd_event_trigger in dp_phy_init
Arnd Bergmann (2):
dma/contiguous: avoid warning about unused size_bytes
ntb: reduce stack usage in idt_scan_mws
Basavaraj Natikar (1):
ntb_hw_amd: Add NTB PCI ID for new gen CPU
Benjamin Berg (1):
um: work around sched_yield not yielding in time-travel mode
Bibo Mao (2):
LoongArch: KVM: Fully clear some CSRs when VM reboot
LoongArch: KVM: Fix PMU pass-through issue if VM exits to host finally
Biju Das (4):
irqchip/renesas-rzv2h: Simplify rzv2h_icu_init()
irqchip/renesas-rzv2h: Add struct rzv2h_hw_info with t_offs variable
irqchip/renesas-rzv2h: Prevent TINT spurious interrupt
clk: renesas: rzv2h: Adjust for CPG_BUS_m_MSTOP starting from m = 1
Björn Töpel (2):
riscv: Replace function-like macro by static inline function
riscv: uprobes: Add missing fence.i after building the XOL buffer
Bo-Cun Chen (1):
net: ethernet: mtk_eth_soc: net: revise NETSYSv3 hardware configuration
Breno Leitao (3):
sched_ext: Use kvzalloc for large exit_dump allocation
spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts
spi: tegra210-quad: add rate limiting and simplify timeout error message
Brett Creeley (3):
pds_core: Prevent possible adminq overflow/stuck condition
pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result
pds_core: Remove unnecessary check in pds_client_adminq_cmd()
Bui Quang Minh (1):
virtio-net: disable delayed refill when pausing rx
Caleb Sander Mateos (1):
ublk: remove unused cmd argument to ublk_dispatch_req()
Carlos Llamas (1):
binder: fix offset calculation in debug log
Charlie Jenkins (1):
riscv: tracing: Fix __write_overflow_field in ftrace_partial_regs()
Chenyuan Yang (4):
scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()
scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer()
pinctrl: renesas: rza2: Fix potential NULL pointer dereference
usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
Christian Hewitt (1):
Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates"
Christian König (1):
drm/amdgpu: use a dummy owner for sysfs triggered cleaner shaders v4
Christian Schrefl (1):
rust: firmware: Use `ffi::c_char` type in `FwFunc`
Christoph Hellwig (4):
block: never reduce ra_pages in blk_apply_bdi_limits
block: move blkdev_{get,put} _no_open prototypes out of blkdev.h
block: remove the backing_inode variable in bdev_statx
block: don't autoload drivers on stat
Cong Wang (2):
net_sched: hfsc: Fix a UAF vulnerability in class handling
net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
Craig Hesling (1):
USB: serial: simple: add OWON HDS200 series oscilloscope support
Damien Le Moal (5):
ata: libata-scsi: Improve CDL control
ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type
ata: libata-scsi: Fix ata_msense_control_ata_feature()
scsi: Improve CDL control
nvmet: pci-epf: cleanup link state management
Dan Carpenter (2):
usb: typec: class: Unlocked on error in typec_register_partner()
media: i2c: imx214: Fix uninitialized variable in imx214_set_ctrl()
Daniel Borkmann (1):
vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp
Daniel Golle (1):
net: dsa: mt7530: sync driver-specific behavior of MT7531 variants
Daniel Jurgens (1):
virtio_pci: Use self group type for cap commands
Daniel Wagner (2):
nvmet-fc: take tgtport reference only once
nvmet-fc: put ref when assoc->del_work is already scheduled
Dave Penkler (1):
staging: gpib: Use min for calculating transfer length
David Howells (1):
ceph: Fix incorrect flush end position calculation
Devaraj Rangasamy (1):
crypto: ccp - Add support for PCI device 0x1134
Dimitri Fedrau (3):
net: phy: Add helper for getting tx amplitude gain
net: phy: dp83822: Add support for changing the transmit amplitude voltage
net: phy: dp83822: fix transmit amplitude if CONFIG_OF_MDIO not defined
Dmitry Baryshkov (2):
usb: typec: ucsi: return CCI and message from sync_control callback
usb: typec: ucsi: ccg: move command quirks to ucsi_ccg_sync_control()
Dmitry Mastykin (1):
pinctrl: mcp23s08: Get rid of spurious level interrupts
Dmitry Torokhov (3):
Revert "drivers: core: synchronize really_probe() and dev_uevent()"
driver core: introduce device_set_driver() helper
driver core: fix potential NULL pointer dereference in dev_uevent()
Dominique Martinet (1):
9p/net: fix improper handling of bogus negative read/write replies
Dongli Zhang (2):
vhost-scsi: Fix vhost_scsi_send_bad_target()
vhost-scsi: Fix vhost_scsi_send_status()
Edward Adam Davis (1):
fs/ntfs3: Fix WARNING in ntfs_extend_initialized_size
Emily Deng (1):
drm/amdkfd: sriov doesn't support per queue reset
Fedor Pchelkin (3):
usb: chipidea: ci_hdrc_imx: fix usbmisc handling
usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines
usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling
Feng Yang (1):
selftests/bpf: Fix cap_enable_effective() return code
Fernando Fernandez Mancera (1):
x86/i8253: Call clockevent_i8253_disable() with interrupts disabled
Fiona Klute (1):
net: phy: microchip: force IRQ polling mode for lan88xx
Florian Westphal (1):
netfilter: fib: avoid lookup if socket is available
Frode Isaksen (1):
usb: dwc3: gadget: check that event count does not exceed event buffer length
Gabriel Shahrouzi (1):
perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init
Gou Hao (1):
iomap: skip unnecessary ifs_block_is_uptodate check
Greg Kroah-Hartman (1):
Linux 6.14.5
Gregory CLEMENT (1):
MIPS: cm: Detect CM quirks from device tree
Günther Noack (1):
tty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT
Halil Pasic (1):
virtio_console: fix missing byte order handling for cols and rows
Hannes Reinecke (3):
nvme: requeue namespace scan on missed AENs
nvme: re-read ANA log page after ns scan completes
nvme: fixup scan failure for non-ANA multipath controllers
Hans de Goede (5):
media: ov08x40: Move ov08x40_identify_module() function up
media: ov08x40: Add missing ov08x40_identify_module() call on stream-start
mei: vsc: Fix fortify-panic caused by invalid counted_by() use
platform/x86: x86-android-tablets: Add "9v" to Vexia EDU ATLA 10 tablet symbols
platform/x86: x86-android-tablets: Add Vexia Edu Atla 10 tablet 5V data
Haoxiang Li (3):
mcb: fix a double free bug in chameleon_parse_gdd()
s390/sclp: Add check for get_zeroed_page()
s390/tty: Fix a potential memory leak bug
Heiko Stuebner (1):
clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec()
Henry Martin (5):
cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()
cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()
cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table()
net/mlx5: Move ttc allocation after switch case to prevent leaks
Herbert Xu (4):
crypto: lib/Kconfig - Fix lib built-in failure when arch is modular
crypto: null - Use spin lock instead of mutex
crypto: lib/Kconfig - Hide arch options from user
crypto: Kconfig - Select LIB generic option
Huacai Chen (1):
USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02)
Hugo Villeneuve (1):
drm: panel: jd9365da: fix reset signal polarity in unprepare
Huisong Li (1):
mailbox: pcc: Fix the possible race in updation of chan_in_use flag
Ian Abbott (1):
comedi: jr3_pci: Fix synchronous deletion of timer
Ignacio Encinas (1):
9p/trans_fd: mark concurrent read and writes to p9_conn->err
Igor Pylypiv (1):
scsi: pm80xx: Set phy_attached to zero when device is gone
Ilpo Järvinen (1):
selftests/pcie_bwctrl: Fix test progs list
Jan Kara (1):
fs/xattr: Fix handling of AT_FDCWD in setxattrat(2) and getxattrat(2)
Jason Andryuk (1):
xen: Change xen-acpi-processor dom0 dependency
Jay Cornwall (1):
drm/amdgpu: Increase KIQ invalidate_tlbs timeout
Jean-Marc Eurin (1):
ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls
Jens Axboe (1):
io_uring: fix 'sync' handling of io_fallback_tw()
Jinjiang Tu (1):
mm/vmscan: don't try to reclaim hwpoison folio
Joe Damato (2):
virtio-net: Refactor napi_enable paths
virtio-net: Refactor napi_disable paths
Johan Hovold (1):
cpufreq: fix compile-test defaults
Johannes Schneider (1):
net: dp83822: Fix OF_MDIO config check
Johannes Thumshirn (1):
btrfs: zoned: return EIO on RAID1 block group write pointer mismatch
John Stultz (1):
sound/virtio: Fix cancel_sync warnings on uninitialized work_structs
Jonathan Cameron (1):
iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check
Jonathan Currier (2):
PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads
net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads
Josh Poimboeuf (11):
objtool: Silence more KCOV warnings
objtool, panic: Disable SMAP in __stack_chk_fail()
objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler()
objtool, regulator: rk808: Remove potential undefined behavior in rk806_set_mode_dcdc()
objtool, lkdtm: Obfuscate the do_nothing() pointer
objtool: Stop UNRET validation on UD2
x86/bugs: Use SBPB in write_ibpb() if applicable
x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline
x86/bugs: Don't fill RSB on context switch with eIBRS
objtool: Ignore end-of-section jumps for KCOV/GCOV
objtool: Silence more KCOV warnings, part 2
Juergen Gross (1):
x86/mm: Fix _pgd_alloc() for Xen PV mode
Julia Filipchuk (1):
drm/xe/xe3lpg: Apply Wa_14022293748, Wa_22019794406
Justin Iurman (1):
net: lwtunnel: disable BHs when required
Kirill A. Shutemov (1):
x86/insn: Fix CTEST instruction decoding
Krzysztof Kozlowski (1):
cpufreq: Do not enable by default during compile testing
Li RongQing (1):
PM: EM: use kfree_rcu() to simplify the code
Lijo Lazar (1):
drm/amdgpu: Use the right function for hdp flush
Lizhi Xu (1):
fs/ntfs3: Keep write operations atomic
Lucas De Marchi (1):
drm/xe/rtp: Drop sentinels from arg to xe_rtp_process_to_sr()
Luis Chamberlain (1):
bdev: use bdev_io_min() for statx block size
Lukas Stockmann (1):
rtc: pcf85063: do a SW reset if POR failed
Lukas Wunner (1):
crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP()
Luo Gengkun (1):
perf/x86: Fix non-sampling (counting) events on certain x86 platforms
Mahesh Rao (1):
firmware: stratix10-svc: Add of_platform_default_populate()
Marc Zyngier (1):
cpufreq: cppc: Fix invalid return value in .get() callback
Marek Behún (1):
crypto: atmel-sha204a - Set hwrng quality to lowest possible
Mario Limonciello (3):
drm/amd/display: Fix ACPI edid parsing on some Lenovo systems
ACPI: EC: Set ec_no_wakeup for Lenovo Go S
drm/amd: Forbid suspending into non-default suspend states
Martin Blumenstingl (1):
drm/meson: use unsigned long long / Hz for frequency types
Martin KaFai Lau (1):
bpf: Only fails the busy counter check in bpf_cgrp_storage_get if it creates storage
Mat Martineau (1):
mptcp: pm: Defer freeing of MPTCP userspace path manager entries
Mathias Nyman (2):
xhci: Limit time spent with xHC interrupts disabled during bus resume
xhci: Handle spurious events on Etron host isoc enpoints
Meir Elisha (1):
md/raid1: Add check for missing source disk in process_checks()
Miao Li (2):
usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive
usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive
Michael Ehrenreich (1):
USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe
Michal Pecio (5):
usb: xhci: Fix invalid pointer dereference in Etron workaround
usb: xhci: Complete 'error mid TD' transfers when handling Missed Service
usb: xhci: Fix isochronous Ring Underrun/Overrun event handling
usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running
usb: xhci: Fix Short Packet handling rework ignoring errors
Miguel Ojeda (1):
rust: kbuild: skip `--remap-path-prefix` for `rustdoc`
Mika Westerberg (1):
thunderbolt: Scan retimers after device router has been enumerated
Mike Christie (1):
vhost-scsi: Add better resource allocation failure handling
Mike Looijmans (1):
usb: dwc3: xilinx: Prevent spike in reset signal
Ming Lei (7):
ublk: comment on ubq->canceling handling in ublk_queue_rq()
ublk: implement ->queue_rqs()
ublk: call ublk_dispatch_req() for handling UBLK_U_IO_NEED_GET_DATA
selftests: ublk: fix test_stripe_04
ublk: add ublk_force_abort_dev()
ublk: rely on ->canceling for dealing with ublk_nosrv_dev_should_queue_io
ublk: don't fail request for recovery & reissue in case of ubq->canceling
Ming Wang (1):
LoongArch: Return NULL from huge_pte_offset() for invalid PMD
Mostafa Saleh (1):
ubsan: Fix panic from test_ubsan_out_of_bounds
Namjae Jeon (1):
ksmbd: fix WARNING "do not call blocking ops when !TASK_RUNNING"
Nathan Chancellor (1):
lib/Kconfig.ubsan: Remove 'default UBSAN' from UBSAN_INTEGER_WRAP
Nicolin Chen (1):
iommu/arm-smmu-v3: Set MEV bit in nested STE for DoS mitigations
Niranjana Vishwanathapura (1):
drm/xe: Ensure fixed_slice_mode gets set after ccs_mode change
Nirmoy Das (1):
drm/xe/ptl: Apply Wa_14023061436
Ojaswin Mujoo (1):
ext4: make block validity check resistent to sb bh corruption
Oleg Nesterov (1):
sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP
Oleksij Rempel (1):
net: selftests: initialize TCP header and skb payload with zero
Oliver Neukum (6):
USB: storage: quirk for ADATA Portable HDD CH94
USB: VLI disk crashes if LPM is used
USB: wdm: handle IO errors in wdm_wwan_port_start
USB: wdm: close race between wdm_open and wdm_wwan_port_stop
USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context
USB: wdm: add annotation
Omar Sandoval (1):
sched/eevdf: Fix se->slice being set to U64_MAX and resulting crash
Pali Rohár (2):
cifs: Fix encoding of SMB1 Session Setup Kerberos Request in non-UNICODE mode
cifs: Fix querying of WSL CHR and BLK reparse points over SMB1
Pavel Begunkov (1):
io_uring: always do atomic put from iowq
Peter Griffin (4):
scsi: ufs: exynos: Ensure pre_link() executes before exynos_ufs_phy_init()
scsi: ufs: exynos: Enable PRDT pre-fetching with UFSHCD_CAP_CRYPTO
scsi: ufs: exynos: Move phy calls to .exit() callback
scsi: ufs: exynos: gs101: Put UFS device in reset on .suspend()
Petr Tesarik (1):
LoongArch: Remove a bogus reference to ZONE_DMA
Pi Xiange (1):
x86/cpu: Add CPU model number for Bartlett Lake CPUs with Raptor Cove cores
Qingfang Deng (1):
net: phy: leds: fix memory leak
Qiuxu Zhuo (1):
selftests/mincore: Allow read-ahead pages to reach the end of the file
Qu Wenruo (1):
btrfs: avoid page_lockend underflow in btrfs_punch_hole_lock_range()
Rafael J. Wysocki (1):
PM: EM: Address RCU-related sparse warnings
Ralph Siemsen (1):
usb: cdns3: Fix deadlock when using NCM gadget
Ranjan Kumar (1):
scsi: mpi3mr: Fix pending I/O counter
Rengarajan S (2):
misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration
misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack
Richard Weinberger (1):
nvmet: fix out-of-bounds access in nvmet_enable_port
Rob Herring (Arm) (1):
of: resolver: Simplify of_resolve_phandles() using __free()
Robin Murphy (1):
iommu: Clear iommu-dma ops on cleanup
Roger Pau Monne (2):
PCI/MSI: Convert pci_msi_ignore_mask to per MSI domain flag
x86/xen: disable CPU idle and frequency drivers for PVH dom0
Roman Li (2):
drm/amd/display: Fix gpu reset in multidisplay config
drm/amd/display: Force full update in gpu reset
Russell King (Oracle) (8):
net: phylink: force link down on major_config failure
net: phylink: fix suspend/resume with WoL enabled and link down
net: stmmac: simplify phylink_suspend() and phylink_resume() calls
net: phylink: add phylink_prepare_resume()
net: stmmac: address non-LPI resume failures properly
net: stmmac: socfpga: remove phy_resume() call
net: phylink: add functions to block/unblock rx clock stop
net: stmmac: block PHY RXC clock-stop
Ryo Takakura (1):
serial: sifive: lock port in startup()/shutdown() callbacks
Sean Christopherson (5):
iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE
KVM: SVM: Allocate IR data using atomic allocation
KVM: x86: Explicitly treat routing entry type changes as changes
KVM: x86: Reset IRTE to host control if *new* route isn't postable
KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer
Sebastian Andrzej Siewior (1):
timekeeping: Add a lockdep override in tick_freeze()
Sergiu Cuciurean (1):
iio: adc: ad7768-1: Fix conversion result sign
Sewon Nam (1):
bpf: bpftool: Setting error code in do_loader()
Shannon Nelson (1):
pds_core: make wait_context part of q_info
Shengjiu Wang (1):
ASoC: fsl_asrc_dma: get codec or cpu dai from backend
Smita Koralahalli (1):
cxl/core/regs.c: Skip Memory Space Enable check for RCD and RCH Ports
Song Liu (1):
netfs: Only create /proc/fs/netfs with CONFIG_PROC_FS
Stanley Chu (1):
i3c: master: svc: Add support for Nuvoton npcm845 i3c
Stefan Wahren (1):
dmaengine: bcm2835-dma: fix warning when CONFIG_PM=n
Stephan Gerhold (1):
serial: msm: Configure correct working mode before starting earlycon
Steven Rostedt (1):
tracing: Enforce the persistent ring buffer to be page aligned
Sudeep Holla (1):
mailbox: pcc: Always clear the platform ack interrupt first
Suzuki K Poulose (1):
irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()
T.J. Mercier (2):
cgroup/cpuset-v1: Add missing support for cpuset_v2_mode
splice: remove duplicate noinline from pipe_clear_nowait
Tamura Dai (1):
spi: spi-imx: Add check for spi_imx_setupxfer()
Tejas Upadhyay (1):
drm/xe/xe3lpg: Add Wa_13012615864
Thadeu Lima de Souza Cascardo (1):
char: misc: register chrdev region with all possible minors
Thomas Bogendoerfer (1):
MIPS: cm: Fix warning if MIPS_CM is disabled
Thomas Gleixner (1):
PCI/MSI: Handle the NOMASK flag correctly for all PCI/MSI backends
Thomas Weißschuh (3):
kbuild, rust: use -fremap-path-prefix to make paths relative
KVM: s390: Don't use %pK through tracepoints
KVM: s390: Don't use %pK through debug printing
Théo Lebrun (1):
usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func
Tiezhu Yang (3):
LoongArch: Make regs_irqs_disabled() more clear
LoongArch: Make do_xyz() exception handlers more robust
LoongArch: Handle fp, lsx, lasx and lbt assembly symbols
Trevor Gamblin (1):
iio: adc: ad4695: make ad4695_exit_conversion_mode() more robust
Tudor Ambarus (3):
soc: qcom: ice: introduce devm_of_qcom_ice_get
mmc: sdhci-msm: fix dev reference leaked through of_qcom_ice_get
scsi: ufs: qcom: fix dev reference leaked through of_qcom_ice_get
Tung Nguyen (1):
tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
Tvrtko Ursulin (1):
drm/xe: Add performance tunings to debugfs
Uday Shankar (2):
ublk: remove io_cmds list in ublk_queue
nvme: multipath: fix return value of nvme_available_path
Uwe Kleine-König (2):
pwm: Let pwm_set_waveform() succeed even if lowlevel driver rounded up
pwm: axi-pwmgen: Let .round_waveform_tohw() signal when request was rounded up
Vinicius Costa Gomes (1):
dmaengine: dmatest: Fix dmatest waiting less when interrupted
Vladimir Oltean (3):
net: enetc: register XDP RX queues with frag_size
net: enetc: refactor bulk flipping of RX buffers to separate function
net: enetc: fix frame corruption on bpf_xdp_adjust_head/tail() and XDP_PASS
Waiman Long (1):
cgroup/cpuset: Don't allow creation of local partition over a remote one
Weidong Wang (1):
ASoC: codecs: Add of_match_table for aw888081 driver
Xi Ruoyao (1):
kbuild: add dependency from vmlinux to sorttable
Xiaogang Chen (1):
udmabuf: fix a buf size overflow issue during udmabuf creation
Xingui Yang (1):
scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes
Yafang Shao (1):
bpf: Reject attaching fexit/fmod_ret to __noreturn functions
Yonghong Song (1):
bpf: Fix kmemleak warning for percpu hashmap
Yu-Chun Lin (1):
parisc: PDT: Fix missing prototype warning
Yuli Wang (1):
LoongArch: Select ARCH_USE_MEMTEST
Yulong Han (1):
LoongArch: KVM: Fix multiple typos of KVM code
Zijun Hu (1):
of: resolver: Fix device node refcount leakage in of_resolve_phandles()
6 days, 2 hours
- 1
- 1
Linux 6.12.26
by Greg Kroah-Hartman
I'm announcing the release of the 6.12.26 kernel.
All users of the 6.12 kernel series must upgrade.
The updated 6.12.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/bpf/bpf_devel_QA.rst | 8
Makefile | 2
arch/arm/crypto/Kconfig | 10
arch/arm64/boot/dts/ti/k3-j784s4-j742s2-common.dtsi | 148
arch/arm64/boot/dts/ti/k3-j784s4-j742s2-main-common.dtsi | 2673 +++++++++
arch/arm64/boot/dts/ti/k3-j784s4-j742s2-mcu-wakeup-common.dtsi | 760 ++
arch/arm64/boot/dts/ti/k3-j784s4-j742s2-thermal-common.dtsi | 104
arch/arm64/boot/dts/ti/k3-j784s4-main.dtsi | 2847 ----------
arch/arm64/boot/dts/ti/k3-j784s4-mcu-wakeup.dtsi | 760 --
arch/arm64/boot/dts/ti/k3-j784s4-thermal.dtsi | 104
arch/arm64/boot/dts/ti/k3-j784s4.dtsi | 133
arch/arm64/crypto/Kconfig | 6
arch/loongarch/Kconfig | 1
arch/loongarch/include/asm/fpu.h | 39
arch/loongarch/include/asm/lbt.h | 10
arch/loongarch/include/asm/ptrace.h | 4
arch/loongarch/kernel/fpu.S | 6
arch/loongarch/kernel/lbt.S | 4
arch/loongarch/kernel/signal.c | 21
arch/loongarch/kernel/traps.c | 20
arch/loongarch/kvm/vcpu.c | 8
arch/loongarch/mm/hugetlbpage.c | 2
arch/loongarch/mm/init.c | 3
arch/mips/crypto/Kconfig | 7
arch/mips/include/asm/mips-cm.h | 22
arch/mips/kernel/mips-cm.c | 14
arch/parisc/kernel/pdt.c | 2
arch/powerpc/crypto/Kconfig | 7
arch/riscv/crypto/Kconfig | 1
arch/riscv/include/asm/alternative-macros.h | 19
arch/riscv/include/asm/cacheflush.h | 15
arch/riscv/kernel/probes/uprobes.c | 10
arch/s390/crypto/Kconfig | 3
arch/s390/kvm/intercept.c | 2
arch/s390/kvm/interrupt.c | 8
arch/s390/kvm/kvm-s390.c | 10
arch/s390/kvm/trace-s390.h | 4
arch/um/include/linux/time-internal.h | 2
arch/um/kernel/skas/syscall.c | 11
arch/x86/crypto/Kconfig | 11
arch/x86/entry/entry.S | 2
arch/x86/events/core.c | 2
arch/x86/include/asm/cpufeatures.h | 1
arch/x86/include/asm/intel-family.h | 2
arch/x86/kernel/cpu/bugs.c | 30
arch/x86/kernel/i8253.c | 3
arch/x86/kvm/svm/avic.c | 66
arch/x86/kvm/vmx/posted_intr.c | 28
arch/x86/kvm/x86.c | 20
arch/x86/lib/x86-opcode-map.txt | 4
arch/x86/mm/tlb.c | 6
arch/x86/pci/xen.c | 8
arch/x86/xen/enlighten_pvh.c | 19
block/blk-merge.c | 26
block/blk-mq.c | 6
block/blk-settings.c | 8
block/mq-deadline.c | 13
crypto/Kconfig | 3
crypto/crypto_null.c | 39
drivers/accel/ivpu/ivpu_drv.c | 10
drivers/accel/ivpu/ivpu_drv.h | 2
drivers/accel/ivpu/ivpu_fw.c | 18
drivers/accel/ivpu/ivpu_fw.h | 3
drivers/accel/ivpu/ivpu_hw.h | 12
drivers/accel/ivpu/ivpu_hw_btrs.c | 128
drivers/accel/ivpu/ivpu_hw_btrs.h | 6
drivers/accel/ivpu/ivpu_job.c | 14
drivers/accel/ivpu/ivpu_sysfs.c | 24
drivers/acpi/ec.c | 28
drivers/acpi/pptt.c | 4
drivers/ata/libata-scsi.c | 25
drivers/base/base.h | 17
drivers/base/bus.c | 2
drivers/base/core.c | 38
drivers/base/dd.c | 7
drivers/char/misc.c | 2
drivers/char/virtio_console.c | 7
drivers/clk/clk.c | 4
drivers/comedi/drivers/jr3_pci.c | 2
drivers/cpufreq/Kconfig.arm | 20
drivers/cpufreq/apple-soc-cpufreq.c | 10
drivers/cpufreq/cppc_cpufreq.c | 2
drivers/cpufreq/scmi-cpufreq.c | 10
drivers/cpufreq/scpi-cpufreq.c | 13
drivers/cpufreq/sun50i-cpufreq-nvmem.c | 18
drivers/crypto/atmel-sha204a.c | 6
drivers/crypto/ccp/sp-pci.c | 1
drivers/cxl/core/regs.c | 4
drivers/dma/dmatest.c | 6
drivers/firmware/stratix10-svc.c | 14
drivers/gpio/gpiolib-of.c | 6
drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 14
drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c | 19
drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 8
drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 12
drivers/gpu/drm/amd/amdgpu/gfx_v12_0.c | 6
drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c | 4
drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 4
drivers/gpu/drm/amd/amdgpu/gmc_v12_0.c | 4
drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 2
drivers/gpu/drm/amd/amdgpu/psp_v11_0.c | 2
drivers/gpu/drm/amd/amdgpu/psp_v13_0.c | 2
drivers/gpu/drm/amd/amdgpu/psp_v14_0.c | 2
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 9
drivers/gpu/drm/amd/display/dc/dml2/dml21/dml21_wrapper.c | 11
drivers/gpu/drm/amd/display/dc/dml2/dml2_wrapper.c | 6
drivers/gpu/drm/panel/panel-jadard-jd9365da-h3.c | 4
drivers/gpu/drm/xe/xe_wa_oob.rules | 2
drivers/i3c/master/svc-i3c-master.c | 17
drivers/iio/adc/ad7768-1.c | 5
drivers/infiniband/hw/qib/qib_fs.c | 1
drivers/iommu/amd/iommu.c | 2
drivers/iommu/iommu.c | 8
drivers/irqchip/irq-gic-v2m.c | 2
drivers/mailbox/pcc.c | 15
drivers/mcb/mcb-parse.c | 2
drivers/md/raid1.c | 26
drivers/media/i2c/Kconfig | 1
drivers/media/i2c/imx214.c | 978 +--
drivers/media/i2c/ov08x40.c | 56
drivers/misc/lkdtm/perms.c | 14
drivers/misc/mchp_pci1xxxx/mchp_pci1xxxx_gpio.c | 8
drivers/misc/mei/hw-me-regs.h | 1
drivers/misc/mei/pci-me.c | 1
drivers/misc/mei/vsc-tp.c | 26
drivers/mmc/host/sdhci-msm.c | 2
drivers/net/dsa/mt7530.c | 6
drivers/net/dsa/mv88e6xxx/chip.c | 27
drivers/net/ethernet/amd/pds_core/adminq.c | 36
drivers/net/ethernet/amd/pds_core/auxbus.c | 3
drivers/net/ethernet/amd/pds_core/core.c | 9
drivers/net/ethernet/amd/pds_core/core.h | 4
drivers/net/ethernet/amd/pds_core/devlink.c | 4
drivers/net/ethernet/mediatek/mtk_eth_soc.c | 24
drivers/net/ethernet/mediatek/mtk_eth_soc.h | 10
drivers/net/ethernet/mellanox/mlx5/core/lib/fs_ttc.c | 26
drivers/net/ethernet/sun/niu.c | 2
drivers/net/phy/microchip.c | 46
drivers/net/phy/phy_led_triggers.c | 23
drivers/net/vmxnet3/vmxnet3_xdp.c | 2
drivers/net/xen-netfront.c | 17
drivers/ntb/hw/amd/ntb_hw_amd.c | 1
drivers/ntb/hw/idt/ntb_hw_idt.c | 18
drivers/nvme/host/core.c | 9
drivers/nvme/host/multipath.c | 2
drivers/nvme/target/fc.c | 25
drivers/of/resolver.c | 37
drivers/pci/msi/msi.c | 38
drivers/phy/rockchip/phy-rockchip-usbdp.c | 1
drivers/pinctrl/pinctrl-mcp23s08.c | 23
drivers/pinctrl/renesas/pinctrl-rza2.c | 3
drivers/regulator/rk808-regulator.c | 4
drivers/rtc/rtc-pcf85063.c | 19
drivers/s390/char/sclp_con.c | 17
drivers/s390/char/sclp_tty.c | 12
drivers/scsi/hisi_sas/hisi_sas_main.c | 20
drivers/scsi/mpi3mr/mpi3mr_fw.c | 2
drivers/scsi/pm8001/pm8001_sas.c | 1
drivers/scsi/scsi.c | 36
drivers/scsi/scsi_lib.c | 6
drivers/scsi/sd.c | 6
drivers/soc/qcom/ice.c | 48
drivers/spi/spi-imx.c | 5
drivers/spi/spi-tegra210-quad.c | 6
drivers/thunderbolt/tb.c | 16
drivers/tty/serial/msm_serial.c | 6
drivers/tty/serial/sifive.c | 6
drivers/tty/vt/selection.c | 5
drivers/ufs/core/ufs-mcq.c | 12
drivers/ufs/core/ufshcd.c | 2
drivers/ufs/host/ufs-exynos.c | 106
drivers/ufs/host/ufs-exynos.h | 8
drivers/ufs/host/ufs-qcom.c | 2
drivers/usb/cdns3/cdns3-gadget.c | 2
drivers/usb/chipidea/ci_hdrc_imx.c | 44
drivers/usb/class/cdc-wdm.c | 21
drivers/usb/core/quirks.c | 9
drivers/usb/dwc3/dwc3-pci.c | 10
drivers/usb/dwc3/dwc3-xilinx.c | 4
drivers/usb/dwc3/gadget.c | 28
drivers/usb/gadget/udc/aspeed-vhub/dev.c | 3
drivers/usb/host/max3421-hcd.c | 7
drivers/usb/host/ohci-pci.c | 23
drivers/usb/host/xhci-hub.c | 30
drivers/usb/host/xhci-mvebu.c | 10
drivers/usb/host/xhci-mvebu.h | 6
drivers/usb/host/xhci-plat.c | 2
drivers/usb/host/xhci-ring.c | 75
drivers/usb/host/xhci.c | 4
drivers/usb/host/xhci.h | 4
drivers/usb/serial/ftdi_sio.c | 2
drivers/usb/serial/ftdi_sio_ids.h | 5
drivers/usb/serial/option.c | 3
drivers/usb/serial/usb-serial-simple.c | 7
drivers/usb/storage/unusual_uas.h | 7
drivers/usb/typec/class.c | 24
drivers/usb/typec/class.h | 1
drivers/vhost/scsi.c | 80
drivers/xen/Kconfig | 2
fs/btrfs/file.c | 9
fs/btrfs/zoned.c | 1
fs/ceph/inode.c | 2
fs/ext4/block_validity.c | 5
fs/ext4/inode.c | 9
fs/iomap/buffered-io.c | 2
fs/namespace.c | 69
fs/netfs/main.c | 4
fs/ntfs3/file.c | 20
fs/smb/client/sess.c | 60
fs/smb/client/smb1ops.c | 36
fs/smb/server/asn1.c | 6
fs/smb/server/auth.c | 19
fs/smb/server/connection.c | 8
fs/smb/server/crypto_ctx.c | 6
fs/smb/server/glob.h | 2
fs/smb/server/ksmbd_netlink.h | 3
fs/smb/server/ksmbd_work.c | 10
fs/smb/server/mgmt/ksmbd_ida.c | 11
fs/smb/server/mgmt/share_config.c | 10
fs/smb/server/mgmt/tree_connect.c | 5
fs/smb/server/mgmt/user_config.c | 8
fs/smb/server/mgmt/user_session.c | 10
fs/smb/server/misc.c | 11
fs/smb/server/ndr.c | 10
fs/smb/server/oplock.c | 12
fs/smb/server/server.c | 4
fs/smb/server/server.h | 1
fs/smb/server/smb2pdu.c | 42
fs/smb/server/smb_common.c | 2
fs/smb/server/smbacl.c | 23
fs/smb/server/transport_ipc.c | 7
fs/smb/server/transport_rdma.c | 10
fs/smb/server/transport_tcp.c | 95
fs/smb/server/transport_tcp.h | 2
fs/smb/server/unicode.c | 4
fs/smb/server/vfs.c | 12
fs/smb/server/vfs_cache.c | 18
fs/splice.c | 2
fs/xfs/xfs_aops.c | 41
fs/xfs/xfs_qm_bhv.c | 49
fs/xfs/xfs_super.c | 8
include/drm/intel/i915_pciids.h | 1
include/linux/blk-mq.h | 8
include/linux/energy_model.h | 12
include/linux/msi.h | 3
include/linux/pci.h | 2
include/net/netfilter/nft_fib.h | 21
include/soc/qcom/ice.h | 2
include/trace/events/block.h | 6
include/trace/stages/stage3_trace_output.h | 8
include/trace/stages/stage7_class_define.h | 1
include/uapi/drm/ivpu_accel.h | 4
init/Kconfig | 2
io_uring/io_uring.c | 15
io_uring/refs.h | 7
kernel/bpf/bpf_cgrp_storage.c | 11
kernel/bpf/hashtab.c | 6
kernel/bpf/preload/bpf_preload_kern.c | 1
kernel/bpf/syscall.c | 6
kernel/bpf/verifier.c | 32
kernel/cgroup/cgroup.c | 29
kernel/cgroup/cpuset-internal.h | 1
kernel/cgroup/cpuset.c | 14
kernel/dma/contiguous.c | 3
kernel/events/core.c | 6
kernel/irq/msi.c | 2
kernel/module/Kconfig | 1
kernel/panic.c | 6
kernel/power/energy_model.c | 47
kernel/sched/ext.c | 4
kernel/time/tick-common.c | 22
kernel/trace/bpf_trace.c | 7
kernel/trace/trace_events.c | 7
lib/Kconfig.ubsan | 1
lib/crypto/Kconfig | 37
lib/test_ubsan.c | 18
mm/vmscan.c | 7
net/9p/client.c | 30
net/9p/trans_fd.c | 17
net/core/lwtunnel.c | 26
net/core/selftests.c | 18
net/ipv4/netfilter/nft_fib_ipv4.c | 11
net/ipv6/netfilter/nft_fib_ipv6.c | 19
net/sched/sch_hfsc.c | 23
net/tipc/monitor.c | 3
rust/kernel/firmware.rs | 8
samples/trace_events/trace-events-sample.h | 13
scripts/Makefile.lib | 2
scripts/Makefile.vmlinux | 4
sound/soc/codecs/wcd934x.c | 2
sound/soc/fsl/fsl_asrc_dma.c | 15
sound/virtio/virtio_pcm.c | 21
tools/arch/x86/lib/x86-opcode-map.txt | 4
tools/bpf/bpftool/prog.c | 1
tools/objtool/check.c | 36
tools/testing/selftests/bpf/network_helpers.c | 33
tools/testing/selftests/bpf/prog_tests/xdp_cpumap_attach.c | 44
tools/testing/selftests/bpf/prog_tests/xdp_devmap_attach.c | 8
tools/testing/selftests/bpf/progs/test_xdp_with_cpumap_helpers.c | 7
tools/testing/selftests/mincore/mincore_selftest.c | 3
tools/testing/selftests/ublk/test_stripe_04.sh | 24
302 files changed, 6817 insertions(+), 5584 deletions(-)
Adam Xue (1):
USB: serial: option: add Sierra Wireless EM9291
Al Viro (2):
fix a couple of races in MNT_TREE_BENEATH handling by do_move_mount()
qibfs: fix _another_ leak
Alex Deucher (1):
drm/amd/display/dml2: use vzalloc rather than kzalloc
Alexander Stein (1):
usb: host: max3421-hcd: Add missing spi_device_id table
Alexander Usyskin (1):
mei: me: add panther lake H DID
Alexei Starovoitov (2):
bpf: Add namespace to BPF internal symbols
bpf: Fix deadlock between rcu_tasks_trace and event_mutex.
Alexey Nepomnyashih (1):
xen-netfront: handle NULL returned by xdp_convert_buff_to_frame()
Alexis Lothoré (eBPF Foundation) (3):
selftests/bpf: fix bpf_map_redirect call for cpu map test
selftests/bpf: make xdp_cpumap_attach keep redirect prog attached
selftests/bpf: check program redirect in xdp_cpumap_attach
Amery Hung (1):
selftests/bpf: Fix stdout race condition in traffic monitor
Anastasia Kovaleva (1):
scsi: core: Clear flags for scsi_cmnd that did not complete
Andre Przywara (1):
cpufreq: sun50i: prevent out-of-bounds access
Andrei Kuchynski (2):
usb: typec: class: Fix NULL pointer access
usb: typec: class: Invalidate USB device pointers on partner unregistration
Andrew Jones (1):
riscv: Provide all alternative macros all the time
Andrzej Kacprowski (1):
accel/ivpu: Fix the NPU's DPU frequency calculation
André Apitzsch (6):
media: i2c: imx214: Use subdev active state
media: i2c: imx214: Simplify with dev_err_probe()
media: i2c: imx214: Convert to CCI register access helpers
media: i2c: imx214: Replace register addresses with macros
media: i2c: imx214: Check number of lanes from device tree
media: i2c: imx214: Fix link frequency validation
Andy Shevchenko (3):
usb: dwc3: gadget: Refactor loop to avoid NULL endpoints
usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield
gpiolib: of: Move Atmel HSMCI quirk up out of the regulator comment
Andy Yan (1):
phy: rockchip: usbdp: Avoid call hpd_event_trigger in dp_phy_init
Arnd Bergmann (2):
dma/contiguous: avoid warning about unused size_bytes
ntb: reduce stack usage in idt_scan_mws
Baokun Li (1):
ext4: goto right label 'out_mmap_sem' in ext4_setattr()
Basavaraj Natikar (1):
ntb_hw_amd: Add NTB PCI ID for new gen CPU
Benjamin Berg (1):
um: work around sched_yield not yielding in time-travel mode
Bibo Mao (2):
LoongArch: KVM: Fully clear some CSRs when VM reboot
LoongArch: KVM: Fix PMU pass-through issue if VM exits to host finally
Björn Töpel (2):
riscv: Replace function-like macro by static inline function
riscv: uprobes: Add missing fence.i after building the XOL buffer
Bo-Cun Chen (1):
net: ethernet: mtk_eth_soc: net: revise NETSYSv3 hardware configuration
Breno Leitao (3):
sched_ext: Use kvzalloc for large exit_dump allocation
spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts
spi: tegra210-quad: add rate limiting and simplify timeout error message
Brett Creeley (3):
pds_core: Prevent possible adminq overflow/stuck condition
pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result
pds_core: Remove unnecessary check in pds_client_adminq_cmd()
Carlos Maiolino (1):
xfs: Do not allow norecovery mount with quotacheck
Chenyuan Yang (4):
scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()
scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer()
pinctrl: renesas: rza2: Fix potential NULL pointer dereference
usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
Christian König (1):
drm/amdgpu: use a dummy owner for sysfs triggered cleaner shaders v4
Christian Schrefl (1):
rust: firmware: Use `ffi::c_char` type in `FwFunc`
Christoph Hellwig (6):
block: remove the write_hint field from struct request
block: remove the ioprio field from struct request
block: never reduce ra_pages in blk_apply_bdi_limits
xfs: rename xfs_iomap_swapfile_activate to xfs_vm_swap_activate
xfs: flush inodegc before swapon
mq-deadline: don't call req_get_ioprio from the I/O completion handler
Cong Wang (2):
net_sched: hfsc: Fix a UAF vulnerability in class handling
net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
Craig Hesling (1):
USB: serial: simple: add OWON HDS200 series oscilloscope support
Damien Le Moal (4):
ata: libata-scsi: Improve CDL control
ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type
ata: libata-scsi: Fix ata_msense_control_ata_feature()
scsi: Improve CDL control
Dan Carpenter (2):
media: i2c: imx214: Fix uninitialized variable in imx214_set_ctrl()
usb: typec: class: Unlocked on error in typec_register_partner()
Daniel Borkmann (1):
vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp
Daniel Golle (1):
net: dsa: mt7530: sync driver-specific behavior of MT7531 variants
Daniel Wagner (2):
nvmet-fc: take tgtport reference only once
nvmet-fc: put ref when assoc->del_work is already scheduled
David Howells (1):
ceph: Fix incorrect flush end position calculation
Devaraj Rangasamy (1):
crypto: ccp - Add support for PCI device 0x1134
Dmitry Mastykin (1):
pinctrl: mcp23s08: Get rid of spurious level interrupts
Dmitry Torokhov (3):
Revert "drivers: core: synchronize really_probe() and dev_uevent()"
driver core: introduce device_set_driver() helper
driver core: fix potential NULL pointer dereference in dev_uevent()
Dominique Martinet (1):
9p/net: fix improper handling of bogus negative read/write replies
Dongli Zhang (2):
vhost-scsi: Fix vhost_scsi_send_bad_target()
vhost-scsi: Fix vhost_scsi_send_status()
Edward Adam Davis (1):
fs/ntfs3: Fix WARNING in ntfs_extend_initialized_size
Fedor Pchelkin (3):
usb: chipidea: ci_hdrc_imx: fix usbmisc handling
usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines
usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling
Fernando Fernandez Mancera (1):
x86/i8253: Call clockevent_i8253_disable() with interrupts disabled
Fiona Klute (1):
net: phy: microchip: force IRQ polling mode for lan88xx
Florian Westphal (1):
netfilter: fib: avoid lookup if socket is available
Frode Isaksen (1):
usb: dwc3: gadget: check that event count does not exceed event buffer length
Gabriel Shahrouzi (1):
perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init
Gou Hao (1):
iomap: skip unnecessary ifs_block_is_uptodate check
Greg Kroah-Hartman (1):
Linux 6.12.26
Gregory CLEMENT (1):
MIPS: cm: Detect CM quirks from device tree
Günther Noack (1):
tty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT
Halil Pasic (1):
virtio_console: fix missing byte order handling for cols and rows
Hannes Reinecke (3):
nvme: requeue namespace scan on missed AENs
nvme: re-read ANA log page after ns scan completes
nvme: fixup scan failure for non-ANA multipath controllers
Hans de Goede (3):
media: ov08x40: Move ov08x40_identify_module() function up
media: ov08x40: Add missing ov08x40_identify_module() call on stream-start
mei: vsc: Fix fortify-panic caused by invalid counted_by() use
Haoxiang Li (3):
mcb: fix a double free bug in chameleon_parse_gdd()
s390/sclp: Add check for get_zeroed_page()
s390/tty: Fix a potential memory leak bug
Heiko Stuebner (1):
clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec()
Henry Martin (5):
cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()
cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()
cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table()
net/mlx5: Move ttc allocation after switch case to prevent leaks
Herbert Xu (4):
crypto: lib/Kconfig - Fix lib built-in failure when arch is modular
crypto: null - Use spin lock instead of mutex
crypto: lib/Kconfig - Hide arch options from user
crypto: Kconfig - Select LIB generic option
Huacai Chen (1):
USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02)
Hugo Villeneuve (1):
drm: panel: jd9365da: fix reset signal polarity in unprepare
Huisong Li (1):
mailbox: pcc: Fix the possible race in updation of chan_in_use flag
Ian Abbott (1):
comedi: jr3_pci: Fix synchronous deletion of timer
Ignacio Encinas (1):
9p/trans_fd: mark concurrent read and writes to p9_conn->err
Igor Pylypiv (1):
scsi: pm80xx: Set phy_attached to zero when device is gone
Jacek Lawrynowicz (1):
accel/ivpu: Add auto selection logic for job scheduler
Jason Andryuk (1):
xen: Change xen-acpi-processor dom0 dependency
Jay Cornwall (1):
drm/amdgpu: Increase KIQ invalidate_tlbs timeout
Jean-Marc Eurin (1):
ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls
Jens Axboe (1):
io_uring: fix 'sync' handling of io_fallback_tw()
Jinjiang Tu (1):
mm/vmscan: don't try to reclaim hwpoison folio
Johan Hovold (1):
cpufreq: fix compile-test defaults
Johannes Thumshirn (1):
btrfs: zoned: return EIO on RAID1 block group write pointer mismatch
John Stultz (1):
sound/virtio: Fix cancel_sync warnings on uninitialized work_structs
Jonathan Cameron (1):
iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check
Jonathan Currier (2):
PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads
net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads
Josh Poimboeuf (11):
objtool: Silence more KCOV warnings
objtool, panic: Disable SMAP in __stack_chk_fail()
objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler()
objtool, regulator: rk808: Remove potential undefined behavior in rk806_set_mode_dcdc()
objtool, lkdtm: Obfuscate the do_nothing() pointer
objtool: Stop UNRET validation on UD2
x86/bugs: Use SBPB in write_ibpb() if applicable
x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline
x86/bugs: Don't fill RSB on context switch with eIBRS
objtool: Ignore end-of-section jumps for KCOV/GCOV
objtool: Silence more KCOV warnings, part 2
Julia Filipchuk (1):
drm/xe/xe3lpg: Apply Wa_14022293748, Wa_22019794406
Justin Iurman (1):
net: lwtunnel: disable BHs when required
Keerthy (1):
arm64: dts: ti: k3-j784s4-j742s2-main-common: Correct the GICD size
Kirill A. Shutemov (1):
x86/insn: Fix CTEST instruction decoding
Krzysztof Kozlowski (1):
cpufreq: Do not enable by default during compile testing
Li RongQing (1):
PM: EM: use kfree_rcu() to simplify the code
Lijo Lazar (1):
drm/amdgpu: Use the right function for hdp flush
Lizhi Xu (1):
fs/ntfs3: Keep write operations atomic
Lukas Herbolt (1):
xfs: do not check NEEDSREPAIR if ro,norecovery mount.
Lukas Stockmann (1):
rtc: pcf85063: do a SW reset if POR failed
Luo Gengkun (1):
perf/x86: Fix non-sampling (counting) events on certain x86 platforms
Mahesh Rao (1):
firmware: stratix10-svc: Add of_platform_default_populate()
Manorit Chawdhry (1):
arm64: dts: ti: Refactor J784s4 SoC files to a common file
Marc Zyngier (1):
cpufreq: cppc: Fix invalid return value in .get() callback
Marek Behún (7):
net: dsa: mv88e6xxx: fix VTU methods for 6320 family
crypto: atmel-sha204a - Set hwrng quality to lowest possible
Revert "net: dsa: mv88e6xxx: fix internal PHYs for 6320 family"
net: dsa: mv88e6xxx: fix atu_move_port_mask for 6341 family
net: dsa: mv88e6xxx: enable PVT for 6321 switch
net: dsa: mv88e6xxx: enable .port_set_policy() for 6320 family
net: dsa: mv88e6xxx: enable STU methods for 6320 family
Mario Limonciello (1):
ACPI: EC: Set ec_no_wakeup for Lenovo Go S
Martin KaFai Lau (1):
bpf: Only fails the busy counter check in bpf_cgrp_storage_get if it creates storage
Mathias Nyman (2):
xhci: Limit time spent with xHC interrupts disabled during bus resume
xhci: Handle spurious events on Etron host isoc enpoints
Matt Roper (1):
drm/xe/bmg: Add one additional PCI ID
Meir Elisha (1):
md/raid1: Add check for missing source disk in process_checks()
Miao Li (2):
usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive
usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive
Michael Ehrenreich (1):
USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe
Michal Pecio (5):
usb: xhci: Fix invalid pointer dereference in Etron workaround
usb: xhci: Complete 'error mid TD' transfers when handling Missed Service
usb: xhci: Fix isochronous Ring Underrun/Overrun event handling
usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running
usb: xhci: Fix Short Packet handling rework ignoring errors
Mika Westerberg (1):
thunderbolt: Scan retimers after device router has been enumerated
Mike Christie (1):
vhost-scsi: Add better resource allocation failure handling
Mike Looijmans (1):
usb: dwc3: xilinx: Prevent spike in reset signal
Ming Lei (2):
block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone
selftests: ublk: fix test_stripe_04
Ming Wang (1):
LoongArch: Return NULL from huge_pte_offset() for invalid PMD
Mostafa Saleh (1):
ubsan: Fix panic from test_ubsan_out_of_bounds
Namjae Jeon (5):
ksmbd: use __GFP_RETRY_MAYFAIL
ksmbd: add netdev-up/down event debug print
ksmbd: browse interfaces list on FSCTL_QUERY_INTERFACE_INFO IOCTL
ksmbd: fix use-after-free in __smb2_lease_break_noti()
ksmbd: fix WARNING "do not call blocking ops when !TASK_RUNNING"
Nathan Chancellor (1):
lib/Kconfig.ubsan: Remove 'default UBSAN' from UBSAN_INTEGER_WRAP
Ojaswin Mujoo (1):
ext4: make block validity check resistent to sb bh corruption
Oleg Nesterov (1):
sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP
Oleksij Rempel (1):
net: selftests: initialize TCP header and skb payload with zero
Oliver Neukum (6):
USB: storage: quirk for ADATA Portable HDD CH94
USB: VLI disk crashes if LPM is used
USB: wdm: handle IO errors in wdm_wwan_port_start
USB: wdm: close race between wdm_open and wdm_wwan_port_stop
USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context
USB: wdm: add annotation
Pali Rohár (2):
cifs: Fix encoding of SMB1 Session Setup Kerberos Request in non-UNICODE mode
cifs: Fix querying of WSL CHR and BLK reparse points over SMB1
Pavel Begunkov (1):
io_uring: always do atomic put from iowq
Peter Griffin (7):
scsi: ufs: exynos: Add gs101_ufs_drv_init() hook and enable WriteBooster
scsi: ufs: exynos: Move UFS shareability value to drvdata
scsi: ufs: exynos: Disable iocc if dma-coherent property isn't set
scsi: ufs: exynos: Ensure pre_link() executes before exynos_ufs_phy_init()
scsi: ufs: exynos: Enable PRDT pre-fetching with UFSHCD_CAP_CRYPTO
scsi: ufs: exynos: Move phy calls to .exit() callback
scsi: ufs: exynos: gs101: Put UFS device in reset on .suspend()
Petr Tesarik (1):
LoongArch: Remove a bogus reference to ZONE_DMA
Pi Xiange (1):
x86/cpu: Add CPU model number for Bartlett Lake CPUs with Raptor Cove cores
Qingfang Deng (1):
net: phy: leds: fix memory leak
Qiuxu Zhuo (1):
selftests/mincore: Allow read-ahead pages to reach the end of the file
Qu Wenruo (1):
btrfs: avoid page_lockend underflow in btrfs_punch_hole_lock_range()
Rafael J. Wysocki (1):
PM: EM: Address RCU-related sparse warnings
Ralph Siemsen (1):
usb: cdns3: Fix deadlock when using NCM gadget
Ranjan Kumar (1):
scsi: mpi3mr: Fix pending I/O counter
Rengarajan S (2):
misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration
misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack
Rob Herring (Arm) (1):
of: resolver: Simplify of_resolve_phandles() using __free()
Robin Murphy (2):
iommu: Clear iommu-dma ops on cleanup
iommu: Handle race with default domain setup
Roger Pau Monne (2):
PCI/MSI: Convert pci_msi_ignore_mask to per MSI domain flag
x86/xen: disable CPU idle and frequency drivers for PVH dom0
Rohit Chavan (1):
drm/amd/display: Fix unnecessary cast warnings from checkpatch
Roman Li (2):
drm/amd/display: Fix gpu reset in multidisplay config
drm/amd/display: Force full update in gpu reset
Ryo Takakura (1):
serial: sifive: lock port in startup()/shutdown() callbacks
Sean Christopherson (5):
iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE
KVM: SVM: Allocate IR data using atomic allocation
KVM: x86: Explicitly treat routing entry type changes as changes
KVM: x86: Reset IRTE to host control if *new* route isn't postable
KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer
Sebastian Andrzej Siewior (1):
timekeeping: Add a lockdep override in tick_freeze()
Sergiu Cuciurean (1):
iio: adc: ad7768-1: Fix conversion result sign
Sewon Nam (1):
bpf: bpftool: Setting error code in do_loader()
Shannon Nelson (1):
pds_core: make wait_context part of q_info
Shengjiu Wang (1):
ASoC: fsl_asrc_dma: get codec or cpu dai from backend
Shigeru Yoshida (1):
selftests/bpf: Adjust data size to have ETH_HLEN
Siddharth Vadapalli (1):
arm64: dts: ti: k3-j784s4-j742s2-main-common: Fix serdes_ln_ctrl reg-masks
Smita Koralahalli (1):
cxl/core/regs.c: Skip Memory Space Enable check for RCD and RCH Ports
Song Liu (1):
netfs: Only create /proc/fs/netfs with CONFIG_PROC_FS
Stanley Chu (1):
i3c: master: svc: Add support for Nuvoton npcm845 i3c
Stephan Gerhold (1):
serial: msm: Configure correct working mode before starting earlycon
Steven Rostedt (2):
tracing: Add __print_dynamic_array() helper
tracing: Verify event formats that have "%*p.."
Sudeep Holla (1):
mailbox: pcc: Always clear the platform ack interrupt first
Suravee Suthikulpanit (1):
KVM: SVM: Disable AVIC on SNP-enabled system without HvInUseWrAllowed feature
Suzuki K Poulose (1):
irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()
T.J. Mercier (2):
cgroup/cpuset-v1: Add missing support for cpuset_v2_mode
splice: remove duplicate noinline from pipe_clear_nowait
Tamura Dai (1):
spi: spi-imx: Add check for spi_imx_setupxfer()
Thadeu Lima de Souza Cascardo (1):
char: misc: register chrdev region with all possible minors
Thomas Bogendoerfer (1):
MIPS: cm: Fix warning if MIPS_CM is disabled
Thomas Gleixner (1):
PCI/MSI: Handle the NOMASK flag correctly for all PCI/MSI backends
Thomas Weißschuh (2):
KVM: s390: Don't use %pK through tracepoints
KVM: s390: Don't use %pK through debug printing
Thorsten Leemhuis (1):
module: sign with sha512 instead of sha1 by default
Théo Lebrun (1):
usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func
Tiezhu Yang (3):
LoongArch: Make regs_irqs_disabled() more clear
LoongArch: Make do_xyz() exception handlers more robust
LoongArch: Handle fp, lsx, lasx and lbt assembly symbols
Tudor Ambarus (5):
soc: qcom: ice: introduce devm_of_qcom_ice_get
mmc: sdhci-msm: fix dev reference leaked through of_qcom_ice_get
scsi: ufs: qcom: fix dev reference leaked through of_qcom_ice_get
scsi: ufs: exynos: Remove empty drv_init method
scsi: ufs: exynos: Remove superfluous function parameter
Tung Nguyen (1):
tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
Uday Shankar (1):
nvme: multipath: fix return value of nvme_available_path
Vinicius Costa Gomes (1):
dmaengine: dmatest: Fix dmatest waiting less when interrupted
Waiman Long (1):
cgroup/cpuset: Don't allow creation of local partition over a remote one
Xi Ruoyao (1):
kbuild: add dependency from vmlinux to sorttable
Xingui Yang (1):
scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes
Yafang Shao (1):
bpf: Reject attaching fexit/fmod_ret to __noreturn functions
Yonghong Song (1):
bpf: Fix kmemleak warning for percpu hashmap
Yu-Chun Lin (1):
parisc: PDT: Fix missing prototype warning
Yuli Wang (1):
LoongArch: Select ARCH_USE_MEMTEST
Zijun Hu (1):
of: resolver: Fix device node refcount leakage in of_resolve_phandles()
6 days, 2 hours
- 1
- 1
Linux 6.6.89
by Greg Kroah-Hartman
I'm announcing the release of the 6.6.89 kernel.
All users of the 6.6 kernel series must upgrade.
The updated 6.6.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/scheduler/sched-capacity.rst | 13 -
Makefile | 2
arch/arm64/boot/dts/nvidia/tegra234-p3768-0000.dtsi | 7
arch/loongarch/Kconfig | 1
arch/loongarch/include/asm/ptrace.h | 4
arch/loongarch/kernel/traps.c | 20 +-
arch/loongarch/mm/hugetlbpage.c | 2
arch/loongarch/mm/init.c | 3
arch/mips/include/asm/mips-cm.h | 22 ++
arch/mips/kernel/mips-cm.c | 14 +
arch/parisc/kernel/pdt.c | 2
arch/riscv/include/asm/alternative-macros.h | 19 --
arch/s390/kvm/intercept.c | 2
arch/s390/kvm/interrupt.c | 8
arch/s390/kvm/kvm-s390.c | 10 -
arch/s390/kvm/trace-s390.h | 4
arch/x86/entry/entry.S | 2
arch/x86/events/core.c | 2
arch/x86/include/asm/asm.h | 3
arch/x86/include/asm/extable_fixup_types.h | 2
arch/x86/include/asm/intel-family.h | 2
arch/x86/kernel/cpu/bugs.c | 30 +--
arch/x86/kernel/cpu/mce/severity.c | 12 -
arch/x86/kernel/i8253.c | 3
arch/x86/kvm/svm/avic.c | 60 +++---
arch/x86/kvm/vmx/posted_intr.c | 28 +--
arch/x86/kvm/x86.c | 3
arch/x86/mm/extable.c | 9 -
arch/x86/mm/tlb.c | 6
arch/x86/platform/pvh/head.S | 7
crypto/crypto_null.c | 39 ++--
drivers/acpi/ec.c | 28 +++
drivers/acpi/pptt.c | 4
drivers/ata/libata-scsi.c | 25 +-
drivers/auxdisplay/hd44780.c | 9 -
drivers/base/base.h | 17 +
drivers/base/bus.c | 2
drivers/base/core.c | 38 +++-
drivers/base/dd.c | 6
drivers/block/loop.c | 2
drivers/char/misc.c | 2
drivers/char/virtio_console.c | 7
drivers/clk/clk.c | 4
drivers/clk/renesas/r9a07g043-cpg.c | 28 ++-
drivers/clk/renesas/r9a07g044-cpg.c | 21 ++
drivers/clk/renesas/rzg2l-cpg.c | 180 ++++++++++++++------
drivers/clk/renesas/rzg2l-cpg.h | 24 +-
drivers/comedi/drivers/jr3_pci.c | 2
drivers/cpufreq/apple-soc-cpufreq.c | 10 -
drivers/cpufreq/cppc_cpufreq.c | 2
drivers/cpufreq/scmi-cpufreq.c | 10 -
drivers/cpufreq/scpi-cpufreq.c | 13 +
drivers/crypto/atmel-sha204a.c | 6
drivers/crypto/ccp/sp-pci.c | 1
drivers/cxl/core/regs.c | 4
drivers/dma-buf/udmabuf.c | 2
drivers/dma/dmatest.c | 6
drivers/gpio/gpiolib-of.c | 6
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 9 -
drivers/iio/adc/ad7768-1.c | 5
drivers/infiniband/hw/qib/qib_fs.c | 1
drivers/iommu/amd/iommu.c | 2
drivers/irqchip/irq-gic-v2m.c | 2
drivers/mailbox/pcc.c | 15 +
drivers/mcb/mcb-parse.c | 2
drivers/md/raid1.c | 26 +-
drivers/media/test-drivers/vimc/vimc-streamer.c | 6
drivers/media/v4l2-core/v4l2-subdev.c | 101 +++++++----
drivers/misc/lkdtm/perms.c | 14 +
drivers/misc/mchp_pci1xxxx/mchp_pci1xxxx_gpio.c | 8
drivers/misc/mei/hw-me-regs.h | 1
drivers/misc/mei/pci-me.c | 1
drivers/mmc/host/sdhci-msm.c | 2
drivers/net/dsa/mt7530.c | 6
drivers/net/dsa/mv88e6xxx/chip.c | 27 ++-
drivers/net/ethernet/amd/pds_core/adminq.c | 36 +---
drivers/net/ethernet/amd/pds_core/auxbus.c | 3
drivers/net/ethernet/amd/pds_core/core.c | 4
drivers/net/ethernet/amd/pds_core/core.h | 2
drivers/net/ethernet/amd/pds_core/devlink.c | 4
drivers/net/ethernet/mediatek/mtk_eth_soc.c | 24 ++
drivers/net/ethernet/mediatek/mtk_eth_soc.h | 10 +
drivers/net/phy/microchip.c | 46 -----
drivers/net/phy/phy_led_triggers.c | 23 +-
drivers/net/vmxnet3/vmxnet3_xdp.c | 2
drivers/net/xen-netfront.c | 17 +
drivers/ntb/hw/amd/ntb_hw_amd.c | 1
drivers/ntb/hw/idt/ntb_hw_idt.c | 18 --
drivers/nvme/host/core.c | 9 +
drivers/nvme/host/multipath.c | 2
drivers/nvme/target/fc.c | 25 +-
drivers/of/resolver.c | 37 +---
drivers/pci/probe.c | 9 -
drivers/pinctrl/renesas/pinctrl-rza2.c | 3
drivers/regulator/rk808-regulator.c | 4
drivers/rtc/rtc-pcf85063.c | 19 ++
drivers/s390/char/sclp_con.c | 17 +
drivers/s390/char/sclp_tty.c | 12 +
drivers/scsi/hisi_sas/hisi_sas_main.c | 20 ++
drivers/scsi/pm8001/pm8001_sas.c | 1
drivers/scsi/scsi.c | 36 ++--
drivers/scsi/scsi_lib.c | 6
drivers/soc/qcom/ice.c | 48 +++++
drivers/spi/spi-imx.c | 5
drivers/spi/spi-tegra210-quad.c | 6
drivers/thunderbolt/tb.c | 16 +
drivers/tty/serial/msm_serial.c | 6
drivers/tty/serial/sifive.c | 6
drivers/ufs/core/ufs-mcq.c | 12 -
drivers/ufs/host/ufs-exynos.c | 10 -
drivers/ufs/host/ufs-qcom.c | 2
drivers/usb/cdns3/cdns3-gadget.c | 2
drivers/usb/chipidea/ci_hdrc_imx.c | 44 +++-
drivers/usb/class/cdc-wdm.c | 21 +-
drivers/usb/core/quirks.c | 9 +
drivers/usb/dwc3/dwc3-pci.c | 10 +
drivers/usb/dwc3/dwc3-xilinx.c | 4
drivers/usb/dwc3/gadget.c | 28 ++-
drivers/usb/gadget/udc/aspeed-vhub/dev.c | 3
drivers/usb/host/max3421-hcd.c | 7
drivers/usb/host/ohci-pci.c | 23 ++
drivers/usb/host/xhci-mvebu.c | 10 -
drivers/usb/host/xhci-mvebu.h | 6
drivers/usb/host/xhci-plat.c | 2
drivers/usb/host/xhci-ring.c | 13 -
drivers/usb/serial/ftdi_sio.c | 2
drivers/usb/serial/ftdi_sio_ids.h | 5
drivers/usb/serial/option.c | 3
drivers/usb/serial/usb-serial-simple.c | 7
drivers/usb/storage/unusual_uas.h | 7
drivers/xen/Kconfig | 2
fs/btrfs/file.c | 9 -
fs/ceph/inode.c | 2
fs/ext4/block_validity.c | 5
fs/ext4/inode.c | 9 -
fs/iomap/buffered-io.c | 2
fs/namespace.c | 69 ++++---
fs/ntfs3/file.c | 1
fs/smb/client/sess.c | 60 ++++--
fs/smb/client/smb1ops.c | 36 ++++
fs/splice.c | 2
include/linux/energy_model.h | 1
include/media/v4l2-subdev.h | 25 ++
include/soc/qcom/ice.h | 2
include/trace/stages/stage3_trace_output.h | 8
include/trace/stages/stage7_class_define.h | 1
init/Kconfig | 2
io_uring/io_uring.c | 15 -
io_uring/refs.h | 7
kernel/bpf/bpf_cgrp_storage.c | 11 -
kernel/bpf/verifier.c | 32 +++
kernel/dma/contiguous.c | 3
kernel/events/core.c | 6
kernel/module/Kconfig | 1
kernel/panic.c | 6
kernel/sched/core.c | 92 ++++------
kernel/sched/cpudeadline.c | 2
kernel/sched/cpufreq_schedutil.c | 63 +++++--
kernel/sched/deadline.c | 4
kernel/sched/fair.c | 40 +++-
kernel/sched/rt.c | 2
kernel/sched/sched.h | 28 ---
kernel/sched/topology.c | 7
kernel/time/tick-common.c | 22 ++
kernel/trace/bpf_trace.c | 7
kernel/trace/trace_events.c | 7
lib/test_ubsan.c | 18 +-
net/9p/client.c | 30 +--
net/core/lwtunnel.c | 26 ++
net/core/selftests.c | 18 +-
net/sched/sch_hfsc.c | 23 +-
net/tipc/monitor.c | 3
samples/trace_events/trace-events-sample.h | 18 +-
scripts/Makefile.lib | 2
sound/soc/codecs/wcd934x.c | 2
sound/soc/qcom/apq8016_sbc.c | 2
sound/soc/qcom/apq8096.c | 2
sound/soc/qcom/common.c | 2
sound/soc/qcom/lpass-apq8016.c | 4
sound/soc/qcom/lpass-cpu.c | 7
sound/soc/qcom/lpass-hdmi.c | 2
sound/soc/qcom/lpass-ipq806x.c | 4
sound/soc/qcom/lpass-platform.c | 2
sound/soc/qcom/lpass-sc7180.c | 4
sound/soc/qcom/lpass-sc7280.c | 2
sound/soc/qcom/lpass.h | 4
sound/soc/qcom/qdsp6/q6afe.c | 8
sound/soc/qcom/qdsp6/q6apm-dai.c | 61 +++---
sound/soc/qcom/qdsp6/q6asm.h | 20 +-
sound/soc/qcom/qdsp6/topology.c | 3
sound/soc/qcom/sc7180.c | 2
sound/soc/qcom/sc8280xp.c | 2
sound/soc/qcom/sdm845.c | 2
sound/soc/qcom/sdw.c | 2
sound/soc/qcom/sm8250.c | 2
sound/soc/qcom/storm.c | 2
sound/virtio/virtio_pcm.c | 21 +-
tools/bpf/bpftool/prog.c | 1
tools/objtool/check.c | 36 +++-
tools/testing/selftests/mincore/mincore_selftest.c | 3
tools/testing/selftests/ublk/test_stripe_04.sh | 24 ++
201 files changed, 1783 insertions(+), 907 deletions(-)
Adam Xue (1):
USB: serial: option: add Sierra Wireless EM9291
Al Viro (2):
fix a couple of races in MNT_TREE_BENEATH handling by do_move_mount()
qibfs: fix _another_ leak
Alexander Stein (1):
usb: host: max3421-hcd: Add missing spi_device_id table
Alexander Usyskin (1):
mei: me: add panther lake H DID
Alexei Starovoitov (1):
bpf: Fix deadlock between rcu_tasks_trace and event_mutex.
Alexey Nepomnyashih (1):
xen-netfront: handle NULL returned by xdp_convert_buff_to_frame()
Anastasia Kovaleva (1):
scsi: core: Clear flags for scsi_cmnd that did not complete
Andrew Jones (1):
riscv: Provide all alternative macros all the time
Andy Shevchenko (3):
usb: dwc3: gadget: Refactor loop to avoid NULL endpoints
usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield
gpiolib: of: Move Atmel HSMCI quirk up out of the regulator comment
Ard Biesheuvel (1):
x86/pvh: Call C code via the kernel virtual mapping
Arnd Bergmann (2):
dma/contiguous: avoid warning about unused size_bytes
ntb: reduce stack usage in idt_scan_mws
Baokun Li (1):
ext4: goto right label 'out_mmap_sem' in ext4_setattr()
Basavaraj Natikar (1):
ntb_hw_amd: Add NTB PCI ID for new gen CPU
Bo-Cun Chen (1):
net: ethernet: mtk_eth_soc: net: revise NETSYSv3 hardware configuration
Breno Leitao (2):
spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts
spi: tegra210-quad: add rate limiting and simplify timeout error message
Brett Creeley (2):
pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result
pds_core: Remove unnecessary check in pds_client_adminq_cmd()
Chenyuan Yang (3):
scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()
pinctrl: renesas: rza2: Fix potential NULL pointer dereference
usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
Claudiu Beznea (6):
clk: renesas: rzg2l: Use u32 for flag and mux_flags
clk: renesas: rzg2l: Add struct clk_hw_data
clk: renesas: rzg2l: Remove CPG_SDHI_DSEL from generic header
clk: renesas: rzg2l: Refactor SD mux driver
clk: renesas: r9a07g04[34]: Use SEL_SDHI1_STS status configuration for SD1 mux
clk: renesas: r9a07g04[34]: Fix typo for sel_shdi variable
Cong Wang (2):
net_sched: hfsc: Fix a UAF vulnerability in class handling
net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
Craig Hesling (1):
USB: serial: simple: add OWON HDS200 series oscilloscope support
Damien Le Moal (4):
ata: libata-scsi: Improve CDL control
ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type
ata: libata-scsi: Fix ata_msense_control_ata_feature()
scsi: Improve CDL control
Daniel Borkmann (1):
vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp
Daniel Golle (1):
net: dsa: mt7530: sync driver-specific behavior of MT7531 variants
Daniel Wagner (2):
nvmet-fc: take tgtport reference only once
nvmet-fc: put ref when assoc->del_work is already scheduled
David Howells (1):
ceph: Fix incorrect flush end position calculation
Devaraj Rangasamy (1):
crypto: ccp - Add support for PCI device 0x1134
Dmitry Torokhov (3):
Revert "drivers: core: synchronize really_probe() and dev_uevent()"
driver core: introduce device_set_driver() helper
driver core: fix potential NULL pointer dereference in dev_uevent()
Dominique Martinet (1):
9p/net: fix improper handling of bogus negative read/write replies
Edward Adam Davis (1):
fs/ntfs3: Fix WARNING in ntfs_extend_initialized_size
Fedor Pchelkin (3):
usb: chipidea: ci_hdrc_imx: fix usbmisc handling
usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines
usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling
Fernando Fernandez Mancera (1):
x86/i8253: Call clockevent_i8253_disable() with interrupts disabled
Fiona Klute (1):
net: phy: microchip: force IRQ polling mode for lan88xx
Frode Isaksen (1):
usb: dwc3: gadget: check that event count does not exceed event buffer length
Gabriel Shahrouzi (1):
perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init
Gou Hao (1):
iomap: skip unnecessary ifs_block_is_uptodate check
Greg Kroah-Hartman (1):
Linux 6.6.89
Gregory CLEMENT (1):
MIPS: cm: Detect CM quirks from device tree
Halil Pasic (1):
virtio_console: fix missing byte order handling for cols and rows
Hannes Reinecke (3):
nvme: requeue namespace scan on missed AENs
nvme: re-read ANA log page after ns scan completes
nvme: fixup scan failure for non-ANA multipath controllers
Haoxiang Li (4):
auxdisplay: hd44780: Fix an API misuse in hd44780.c
mcb: fix a double free bug in chameleon_parse_gdd()
s390/sclp: Add check for get_zeroed_page()
s390/tty: Fix a potential memory leak bug
Heiko Stuebner (1):
clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec()
Henry Martin (3):
cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()
cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()
cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
Herbert Xu (1):
crypto: null - Use spin lock instead of mutex
Huacai Chen (1):
USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02)
Huisong Li (1):
mailbox: pcc: Fix the possible race in updation of chan_in_use flag
Ian Abbott (1):
comedi: jr3_pci: Fix synchronous deletion of timer
Igor Pylypiv (1):
scsi: pm80xx: Set phy_attached to zero when device is gone
Jason Andryuk (1):
xen: Change xen-acpi-processor dom0 dependency
Jean-Marc Eurin (1):
ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls
Jens Axboe (1):
io_uring: fix 'sync' handling of io_fallback_tw()
John Stultz (1):
sound/virtio: Fix cancel_sync warnings on uninitialized work_structs
Jonathan Cameron (1):
iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check
Josh Poimboeuf (11):
objtool: Silence more KCOV warnings
objtool, panic: Disable SMAP in __stack_chk_fail()
objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler()
objtool, regulator: rk808: Remove potential undefined behavior in rk806_set_mode_dcdc()
objtool, lkdtm: Obfuscate the do_nothing() pointer
objtool: Stop UNRET validation on UD2
x86/bugs: Use SBPB in write_ibpb() if applicable
x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline
x86/bugs: Don't fill RSB on context switch with eIBRS
objtool: Ignore end-of-section jumps for KCOV/GCOV
objtool: Silence more KCOV warnings, part 2
Justin Iurman (1):
net: lwtunnel: disable BHs when required
Krzysztof Kozlowski (2):
ASoC: qcom: q6apm-dai: drop unused 'q6apm_dai_rtd' fields
ASoC: qcom: Fix trivial code style issues
Lad Prabhakar (1):
clk: renesas: r9a07g043: Fix HP clock source for RZ/Five
Lukas Stockmann (1):
rtc: pcf85063: do a SW reset if POR failed
Luo Gengkun (1):
perf/x86: Fix non-sampling (counting) events on certain x86 platforms
Ma Ke (1):
PCI: Fix reference leak in pci_register_host_bridge()
Marc Zyngier (1):
cpufreq: cppc: Fix invalid return value in .get() callback
Marek Behún (7):
net: dsa: mv88e6xxx: fix internal PHYs for 6320 family
net: dsa: mv88e6xxx: fix VTU methods for 6320 family
crypto: atmel-sha204a - Set hwrng quality to lowest possible
net: dsa: mv88e6xxx: fix atu_move_port_mask for 6341 family
net: dsa: mv88e6xxx: enable PVT for 6321 switch
net: dsa: mv88e6xxx: enable .port_set_policy() for 6320 family
net: dsa: mv88e6xxx: enable STU methods for 6320 family
Mario Limonciello (1):
ACPI: EC: Set ec_no_wakeup for Lenovo Go S
Martin KaFai Lau (1):
bpf: Only fails the busy counter check in bpf_cgrp_storage_get if it creates storage
Meir Elisha (1):
md/raid1: Add check for missing source disk in process_checks()
Miao Li (2):
usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive
usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive
Michael Ehrenreich (1):
USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe
Michal Pecio (2):
usb: xhci: Fix invalid pointer dereference in Etron workaround
usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running
Mika Westerberg (1):
thunderbolt: Scan retimers after device router has been enumerated
Mike Looijmans (1):
usb: dwc3: xilinx: Prevent spike in reset signal
Ming Lei (1):
selftests: ublk: fix test_stripe_04
Ming Wang (1):
LoongArch: Return NULL from huge_pte_offset() for invalid PMD
Mostafa Saleh (1):
ubsan: Fix panic from test_ubsan_out_of_bounds
Nikita Zhandarovich (1):
media: vimc: skip .s_stream() for stopped entities
Ninad Malwade (1):
arm64: tegra: Remove the Orin NX/Nano suspend key
Ojaswin Mujoo (1):
ext4: make block validity check resistent to sb bh corruption
Oleg Nesterov (1):
sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP
Oleksij Rempel (1):
net: selftests: initialize TCP header and skb payload with zero
Oliver Neukum (6):
USB: storage: quirk for ADATA Portable HDD CH94
USB: VLI disk crashes if LPM is used
USB: wdm: handle IO errors in wdm_wwan_port_start
USB: wdm: close race between wdm_open and wdm_wwan_port_stop
USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context
USB: wdm: add annotation
Pali Rohár (2):
cifs: Fix encoding of SMB1 Session Setup Kerberos Request in non-UNICODE mode
cifs: Fix querying of WSL CHR and BLK reparse points over SMB1
Pavel Begunkov (1):
io_uring: always do atomic put from iowq
Peter Griffin (1):
scsi: ufs: exynos: Ensure pre_link() executes before exynos_ufs_phy_init()
Petr Tesarik (1):
LoongArch: Remove a bogus reference to ZONE_DMA
Pi Xiange (1):
x86/cpu: Add CPU model number for Bartlett Lake CPUs with Raptor Cove cores
Qingfang Deng (1):
net: phy: leds: fix memory leak
Qiuxu Zhuo (1):
selftests/mincore: Allow read-ahead pages to reach the end of the file
Qu Wenruo (1):
btrfs: avoid page_lockend underflow in btrfs_punch_hole_lock_range()
Rafael J. Wysocki (1):
cpufreq/sched: Explicitly synchronize limits_changed flag handling
Ralph Siemsen (1):
usb: cdns3: Fix deadlock when using NCM gadget
Rengarajan S (2):
misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration
misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack
Rob Herring (Arm) (1):
of: resolver: Simplify of_resolve_phandles() using __free()
Roman Li (2):
drm/amd/display: Fix gpu reset in multidisplay config
drm/amd/display: Force full update in gpu reset
Ryo Takakura (1):
serial: sifive: lock port in startup()/shutdown() callbacks
Sean Christopherson (4):
iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE
KVM: SVM: Allocate IR data using atomic allocation
KVM: x86: Explicitly treat routing entry type changes as changes
KVM: x86: Reset IRTE to host control if *new* route isn't postable
Sebastian Andrzej Siewior (1):
timekeeping: Add a lockdep override in tick_freeze()
Sergiu Cuciurean (1):
iio: adc: ad7768-1: Fix conversion result sign
Sewon Nam (1):
bpf: bpftool: Setting error code in do_loader()
Shannon Nelson (1):
pds_core: make wait_context part of q_info
Shuai Xue (1):
x86/mce: use is_copy_from_user() to determine copy-from-user context
Smita Koralahalli (1):
cxl/core/regs.c: Skip Memory Space Enable check for RCD and RCH Ports
Srinivas Kandagatla (2):
ASoC: q6apm-dai: schedule all available frames to avoid dsp under-runs
ASoC: q6apm-dai: make use of q6apm_get_hw_pointer
Stephan Gerhold (1):
serial: msm: Configure correct working mode before starting earlycon
Steven Rostedt (2):
tracing: Add __print_dynamic_array() helper
tracing: Verify event formats that have "%*p.."
Steven Rostedt (Google) (1):
tracing: Add __string_len() example
Sudeep Holla (1):
mailbox: pcc: Always clear the platform ack interrupt first
Suzuki K Poulose (1):
irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()
T.J. Mercier (1):
splice: remove duplicate noinline from pipe_clear_nowait
Tamura Dai (1):
spi: spi-imx: Add check for spi_imx_setupxfer()
Thadeu Lima de Souza Cascardo (1):
char: misc: register chrdev region with all possible minors
Thomas Bogendoerfer (1):
MIPS: cm: Fix warning if MIPS_CM is disabled
Thomas Weißschuh (2):
KVM: s390: Don't use %pK through tracepoints
KVM: s390: Don't use %pK through debug printing
Thorsten Leemhuis (1):
module: sign with sha512 instead of sha1 by default
Théo Lebrun (1):
usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func
Tiezhu Yang (2):
LoongArch: Make regs_irqs_disabled() more clear
LoongArch: Make do_xyz() exception handlers more robust
Tomi Valkeinen (3):
media: subdev: Fix use of sd->enabled_streams in call_s_stream()
media: subdev: Improve v4l2_subdev_enable/disable_streams_fallback
media: subdev: Add v4l2_subdev_is_streaming()
Tong Tiangen (1):
x86/extable: Remove unused fixup type EX_TYPE_COPY
Tudor Ambarus (3):
soc: qcom: ice: introduce devm_of_qcom_ice_get
mmc: sdhci-msm: fix dev reference leaked through of_qcom_ice_get
scsi: ufs: qcom: fix dev reference leaked through of_qcom_ice_get
Tung Nguyen (1):
tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
Uday Shankar (1):
nvme: multipath: fix return value of nvme_available_path
Uwe Kleine-König (2):
auxdisplay: hd44780: Convert to platform remove callback returning void
ASoC: qcom: lpass: Make asoc_qcom_lpass_cpu_platform_remove() return void
Vincent Guittot (2):
sched/topology: Consolidate and clean up access to a CPU's max compute capacity
sched/cpufreq: Rework schedutil governor performance estimation
Vinicius Costa Gomes (1):
dmaengine: dmatest: Fix dmatest waiting less when interrupted
Xiaogang Chen (1):
udmabuf: fix a buf size overflow issue during udmabuf creation
Xingui Yang (1):
scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes
Yafang Shao (1):
bpf: Reject attaching fexit/fmod_ret to __noreturn functions
Yu-Chun Lin (1):
parisc: PDT: Fix missing prototype warning
Yuli Wang (1):
LoongArch: Select ARCH_USE_MEMTEST
Yunlong Xing (1):
loop: aio inherit the ioprio of original request
Zijun Hu (1):
of: resolver: Fix device node refcount leakage in of_resolve_phandles()
6 days, 2 hours
- 1
- 1
Linux 6.1.136
by Greg Kroah-Hartman
I'm announcing the release of the 6.1.136 kernel.
All users of the 6.1 kernel series must upgrade.
The updated 6.1.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Makefile | 2
arch/loongarch/Kconfig | 1
arch/loongarch/include/asm/ptrace.h | 4
arch/loongarch/mm/hugetlbpage.c | 2
arch/loongarch/mm/init.c | 3
arch/mips/include/asm/mips-cm.h | 22 ++
arch/mips/kernel/mips-cm.c | 14 +
arch/parisc/kernel/pdt.c | 2
arch/s390/kvm/trace-s390.h | 4
arch/x86/entry/entry.S | 2
arch/x86/events/core.c | 2
arch/x86/kernel/cpu/bugs.c | 30 +-
arch/x86/kernel/i8253.c | 3
arch/x86/kvm/svm/avic.c | 60 +++--
arch/x86/kvm/vmx/posted_intr.c | 28 --
arch/x86/kvm/x86.c | 3
arch/x86/mm/tlb.c | 6
crypto/crypto_null.c | 39 ++-
drivers/acpi/ec.c | 28 ++
drivers/acpi/pptt.c | 4
drivers/auxdisplay/hd44780.c | 9
drivers/block/loop.c | 2
drivers/char/virtio_console.c | 7
drivers/clk/clk.c | 4
drivers/clk/renesas/r9a07g043-cpg.c | 28 ++
drivers/clk/renesas/r9a07g044-cpg.c | 21 +
drivers/clk/renesas/rzg2l-cpg.c | 180 ++++++++++++-----
drivers/clk/renesas/rzg2l-cpg.h | 24 +-
drivers/comedi/drivers/jr3_pci.c | 17 +
drivers/cpufreq/cppc_cpufreq.c | 2
drivers/cpufreq/scmi-cpufreq.c | 10
drivers/cpufreq/scpi-cpufreq.c | 13 -
drivers/crypto/atmel-sha204a.c | 7
drivers/dma-buf/udmabuf.c | 2
drivers/dma/dmatest.c | 6
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 9
drivers/iio/adc/ad7768-1.c | 5
drivers/infiniband/hw/qib/qib_fs.c | 1
drivers/iommu/amd/iommu.c | 2
drivers/mcb/mcb-parse.c | 2
drivers/md/raid1.c | 26 +-
drivers/misc/lkdtm/perms.c | 14 +
drivers/misc/mchp_pci1xxxx/mchp_pci1xxxx_gpio.c | 8
drivers/misc/mei/hw-me-regs.h | 1
drivers/misc/mei/pci-me.c | 1
drivers/net/dsa/mv88e6xxx/chip.c | 106 ++++++----
drivers/net/dsa/mv88e6xxx/chip.h | 5
drivers/net/dsa/mv88e6xxx/global2.c | 25 --
drivers/net/phy/phy_led_triggers.c | 23 +-
drivers/net/wireless/realtek/rtw88/main.c | 2
drivers/net/wireless/realtek/rtw88/tx.c | 2
drivers/net/xen-netfront.c | 17 +
drivers/ntb/hw/amd/ntb_hw_amd.c | 1
drivers/ntb/hw/idt/ntb_hw_idt.c | 18 -
drivers/nvme/host/core.c | 9
drivers/nvme/target/fc.c | 25 --
drivers/of/device.c | 7
drivers/of/resolver.c | 37 +--
drivers/pci/pci.c | 103 +++++----
drivers/pci/probe.c | 16 +
drivers/pci/remove.c | 7
drivers/phy/freescale/phy-fsl-imx8m-pcie.c | 46 +++-
drivers/pinctrl/renesas/pinctrl-rza2.c | 3
drivers/rtc/rtc-pcf85063.c | 19 +
drivers/s390/char/sclp_con.c | 17 +
drivers/s390/char/sclp_tty.c | 12 +
drivers/scsi/hisi_sas/hisi_sas_main.c | 20 +
drivers/scsi/pm8001/pm8001_sas.c | 1
drivers/scsi/scsi_lib.c | 6
drivers/spi/spi-imx.c | 5
drivers/spi/spi-tegra210-quad.c | 6
drivers/thunderbolt/tb.c | 16 +
drivers/tty/serial/msm_serial.c | 6
drivers/tty/serial/sifive.c | 6
drivers/ufs/host/ufs-exynos.c | 10
drivers/usb/cdns3/cdns3-gadget.c | 2
drivers/usb/chipidea/ci_hdrc_imx.c | 44 ++--
drivers/usb/class/cdc-wdm.c | 21 +
drivers/usb/core/quirks.c | 9
drivers/usb/dwc3/dwc3-pci.c | 10
drivers/usb/dwc3/dwc3-xilinx.c | 4
drivers/usb/dwc3/gadget.c | 28 ++
drivers/usb/gadget/udc/aspeed-vhub/dev.c | 3
drivers/usb/host/max3421-hcd.c | 7
drivers/usb/host/ohci-pci.c | 23 ++
drivers/usb/host/xhci-mvebu.c | 10
drivers/usb/host/xhci-mvebu.h | 6
drivers/usb/host/xhci-plat.c | 2
drivers/usb/host/xhci-ring.c | 11 -
drivers/usb/serial/ftdi_sio.c | 2
drivers/usb/serial/ftdi_sio_ids.h | 5
drivers/usb/serial/option.c | 3
drivers/usb/serial/usb-serial-simple.c | 7
drivers/usb/storage/unusual_uas.h | 7
drivers/video/backlight/led_bl.c | 11 -
drivers/xen/Kconfig | 2
fs/btrfs/file.c | 9
fs/ext4/block_validity.c | 5
fs/ext4/inode.c | 7
fs/jfs/jfs_dinode.h | 2
fs/jfs/jfs_imap.c | 6
fs/jfs/jfs_incore.h | 2
fs/jfs/jfs_txnmgr.c | 4
fs/jfs/jfs_xtree.c | 4
fs/jfs/jfs_xtree.h | 37 ++-
fs/ntfs3/file.c | 1
include/dt-bindings/sound/qcom,q6dsp-lpass-ports.h | 8
include/linux/filter.h | 9
include/linux/pci.h | 1
include/net/dsa.h | 6
include/net/mac80211.h | 13 +
include/trace/bpf_probe.h | 6
include/trace/perf.h | 6
include/trace/stages/stage1_struct_define.h | 6
include/trace/stages/stage2_data_offsets.h | 6
include/trace/stages/stage3_trace_output.h | 14 +
include/trace/stages/stage4_event_fields.h | 12 +
include/trace/stages/stage5_get_offsets.h | 6
include/trace/stages/stage6_event_callback.h | 20 +
include/trace/stages/stage7_class_define.h | 3
init/Kconfig | 2
kernel/dma/contiguous.c | 3
kernel/module/Kconfig | 1
kernel/trace/bpf_trace.c | 7
kernel/trace/trace_events.c | 7
lib/test_ubsan.c | 18 +
net/9p/client.c | 30 +-
net/core/lwtunnel.c | 26 +-
net/core/selftests.c | 18 +
net/dsa/port.c | 32 +++
net/mac80211/ieee80211_i.h | 2
net/mac80211/status.c | 1
net/sched/act_mirred.c | 22 +-
net/sched/sch_hfsc.c | 23 +-
net/tipc/monitor.c | 3
samples/trace_events/trace-events-sample.c | 2
samples/trace_events/trace-events-sample.h | 46 +++-
scripts/Makefile.lib | 2
sound/soc/codecs/wcd934x.c | 2
sound/soc/qcom/lpass.h | 3
sound/soc/qcom/qdsp6/q6afe-dai.c | 2
sound/soc/qcom/qdsp6/q6dsp-lpass-ports.c | 43 ++--
sound/virtio/virtio_pcm.c | 21 +
tools/objtool/check.c | 9
tools/testing/selftests/mincore/mincore_selftest.c | 3
tools/testing/selftests/ublk/test_stripe_04.sh | 24 ++
tools/testing/selftests/vm/charge_reserved_hugetlb.sh | 4
tools/testing/selftests/vm/hugetlb_reparenting_test.sh | 2
148 files changed, 1429 insertions(+), 575 deletions(-)
Adam Xue (1):
USB: serial: option: add Sierra Wireless EM9291
Al Viro (1):
qibfs: fix _another_ leak
Alexander Stein (1):
usb: host: max3421-hcd: Add missing spi_device_id table
Alexander Usyskin (1):
mei: me: add panther lake H DID
Alexei Starovoitov (1):
bpf: Fix deadlock between rcu_tasks_trace and event_mutex.
Alexey Nepomnyashih (1):
xen-netfront: handle NULL returned by xdp_convert_buff_to_frame()
Alexis Lothoré (2):
net: dsa: mv88e6xxx: pass directly chip structure to mv88e6xxx_phy_is_internal
net: dsa: mv88e6xxx: add field to specify internal phys layout
Anastasia Kovaleva (1):
scsi: core: Clear flags for scsi_cmnd that did not complete
Andy Shevchenko (2):
usb: dwc3: gadget: Refactor loop to avoid NULL endpoints
usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield
Arnd Bergmann (2):
dma/contiguous: avoid warning about unused size_bytes
ntb: reduce stack usage in idt_scan_mws
Basavaraj Natikar (1):
ntb_hw_amd: Add NTB PCI ID for new gen CPU
Breno Leitao (2):
spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts
spi: tegra210-quad: add rate limiting and simplify timeout error message
Chenyuan Yang (2):
pinctrl: renesas: rza2: Fix potential NULL pointer dereference
usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
Claudiu Beznea (6):
clk: renesas: rzg2l: Use u32 for flag and mux_flags
clk: renesas: rzg2l: Add struct clk_hw_data
clk: renesas: rzg2l: Remove CPG_SDHI_DSEL from generic header
clk: renesas: rzg2l: Refactor SD mux driver
clk: renesas: r9a07g04[34]: Use SEL_SDHI1_STS status configuration for SD1 mux
clk: renesas: r9a07g04[34]: Fix typo for sel_shdi variable
Cong Wang (2):
net_sched: hfsc: Fix a UAF vulnerability in class handling
net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
Craig Hesling (1):
USB: serial: simple: add OWON HDS200 series oscilloscope support
Daniel Wagner (2):
nvmet-fc: take tgtport reference only once
nvmet-fc: put ref when assoc->del_work is already scheduled
Dave Kleikamp (1):
jfs: define xtree root and page independently
Dominique Martinet (1):
9p/net: fix improper handling of bogus negative read/write replies
Edward Adam Davis (1):
fs/ntfs3: Fix WARNING in ntfs_extend_initialized_size
Evgeny Pimenov (1):
ASoC: qcom: Fix sc7280 lpass potential buffer overflow
Fedor Pchelkin (3):
usb: chipidea: ci_hdrc_imx: fix usbmisc handling
usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines
usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling
Fernando Fernandez Mancera (1):
x86/i8253: Call clockevent_i8253_disable() with interrupts disabled
Frode Isaksen (1):
usb: dwc3: gadget: check that event count does not exceed event buffer length
Greg Kroah-Hartman (1):
Linux 6.1.136
Gregory CLEMENT (1):
MIPS: cm: Detect CM quirks from device tree
Halil Pasic (1):
virtio_console: fix missing byte order handling for cols and rows
Hannes Reinecke (3):
nvme: requeue namespace scan on missed AENs
nvme: re-read ANA log page after ns scan completes
nvme: fixup scan failure for non-ANA multipath controllers
Haoxiang Li (4):
auxdisplay: hd44780: Fix an API misuse in hd44780.c
mcb: fix a double free bug in chameleon_parse_gdd()
s390/sclp: Add check for get_zeroed_page()
s390/tty: Fix a potential memory leak bug
Heiko Stuebner (1):
clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec()
Henry Martin (2):
cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()
cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
Herbert Xu (1):
crypto: null - Use spin lock instead of mutex
Herve Codina (1):
backlight: led_bl: Hold led_access lock when calling led_sysfs_disable()
Huacai Chen (1):
USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02)
Ian Abbott (1):
comedi: jr3_pci: Fix synchronous deletion of timer
Igor Pylypiv (1):
scsi: pm80xx: Set phy_attached to zero when device is gone
Jakub Kicinski (1):
net/sched: act_mirred: don't override retval if we already lost the skb
Jason Andryuk (1):
xen: Change xen-acpi-processor dom0 dependency
Jean-Marc Eurin (1):
ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls
John Stultz (1):
sound/virtio: Fix cancel_sync warnings on uninitialized work_structs
Jonathan Cameron (1):
iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check
Josh Poimboeuf (8):
objtool: Silence more KCOV warnings
objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler()
objtool, lkdtm: Obfuscate the do_nothing() pointer
objtool: Stop UNRET validation on UD2
x86/bugs: Use SBPB in write_ibpb() if applicable
x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline
x86/bugs: Don't fill RSB on context switch with eIBRS
objtool: Silence more KCOV warnings, part 2
Justin Iurman (1):
net: lwtunnel: disable BHs when required
Lad Prabhakar (1):
clk: renesas: r9a07g043: Fix HP clock source for RZ/Five
Lukas Stockmann (1):
rtc: pcf85063: do a SW reset if POR failed
Luo Gengkun (1):
perf/x86: Fix non-sampling (counting) events on certain x86 platforms
Ma Ke (1):
PCI: Fix reference leak in pci_register_host_bridge()
Marc Zyngier (1):
cpufreq: cppc: Fix invalid return value in .get() callback
Marek Behún (7):
net: dsa: mv88e6xxx: fix internal PHYs for 6320 family
net: dsa: mv88e6xxx: fix VTU methods for 6320 family
crypto: atmel-sha204a - Set hwrng quality to lowest possible
net: dsa: mv88e6xxx: fix atu_move_port_mask for 6341 family
net: dsa: mv88e6xxx: enable PVT for 6321 switch
net: dsa: mv88e6xxx: enable .port_set_policy() for 6320 family
net: dsa: mv88e6xxx: enable STU methods for 6320 family
Mario Limonciello (1):
ACPI: EC: Set ec_no_wakeup for Lenovo Go S
Mark Brown (1):
selftests/mm: generate a temporary mountpoint for cgroup filesystem
Meir Elisha (1):
md/raid1: Add check for missing source disk in process_checks()
Miao Li (2):
usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive
usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive
Michael Ehrenreich (1):
USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe
Michal Pecio (1):
usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running
Mika Westerberg (1):
thunderbolt: Scan retimers after device router has been enumerated
Mike Looijmans (1):
usb: dwc3: xilinx: Prevent spike in reset signal
Ming Lei (1):
selftests: ublk: fix test_stripe_04
Ming Wang (1):
LoongArch: Return NULL from huge_pte_offset() for invalid PMD
Mostafa Saleh (1):
ubsan: Fix panic from test_ubsan_out_of_bounds
Ojaswin Mujoo (1):
ext4: make block validity check resistent to sb bh corruption
Oleg Nesterov (1):
sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP
Oleksij Rempel (1):
net: selftests: initialize TCP header and skb payload with zero
Oliver Neukum (6):
USB: storage: quirk for ADATA Portable HDD CH94
USB: VLI disk crashes if LPM is used
USB: wdm: handle IO errors in wdm_wwan_port_start
USB: wdm: close race between wdm_open and wdm_wwan_port_stop
USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context
USB: wdm: add annotation
Pali Rohár (1):
PCI: Assign PCI domain IDs by ida_alloc()
Peter Griffin (1):
scsi: ufs: exynos: Ensure pre_link() executes before exynos_ufs_phy_init()
Petr Tesarik (1):
LoongArch: Remove a bogus reference to ZONE_DMA
Ping-Ke Shih (2):
wifi: mac80211: export ieee80211_purge_tx_queue() for drivers
wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb
Qingfang Deng (1):
net: phy: leds: fix memory leak
Qiuxu Zhuo (1):
selftests/mincore: Allow read-ahead pages to reach the end of the file
Qu Wenruo (1):
btrfs: avoid page_lockend underflow in btrfs_punch_hole_lock_range()
Ralph Siemsen (1):
usb: cdns3: Fix deadlock when using NCM gadget
Rengarajan S (2):
misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration
misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack
Richard Zhu (3):
phy: freescale: imx8m-pcie: Add i.MX8MP PCIe PHY support
phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check
phy: freescale: imx8m-pcie: Add one missing error return
Rob Herring (1):
PCI: Fix use-after-free in pci_bus_release_domain_nr()
Rob Herring (Arm) (1):
of: resolver: Simplify of_resolve_phandles() using __free()
Roman Li (2):
drm/amd/display: Fix gpu reset in multidisplay config
drm/amd/display: Force full update in gpu reset
Russell King (Oracle) (2):
net: dsa: add support for mac_prepare() and mac_finish() calls
net: dsa: mv88e6xxx: move link forcing to mac_prepare/mac_finish
Ryo Takakura (1):
serial: sifive: lock port in startup()/shutdown() callbacks
Sean Christopherson (4):
iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE
KVM: SVM: Allocate IR data using atomic allocation
KVM: x86: Explicitly treat routing entry type changes as changes
KVM: x86: Reset IRTE to host control if *new* route isn't postable
Sebastian Andrzej Siewior (1):
xdp: Reset bpf_redirect_info before running a xdp's BPF prog.
Sergey Shtylyov (1):
of: module: add buffer overflow check in of_modalias()
Sergiu Cuciurean (1):
iio: adc: ad7768-1: Fix conversion result sign
Srinivas Kandagatla (2):
ASoC: qcom: q6dsp: add support to more display ports
ASoC: qcom: q6afe-dai: fix Display Port Playback stream name
Stefan Eichenberger (1):
phy: freescale: imx8m-pcie: assert phy reset and perst in power off
Stephan Gerhold (1):
serial: msm: Configure correct working mode before starting earlycon
Steven Rostedt (2):
tracing: Add __print_dynamic_array() helper
tracing: Verify event formats that have "%*p.."
Steven Rostedt (Google) (4):
tracing: Add __cpumask to denote a trace event field that is a cpumask_t
tracing: Fix cpumask() example typo
tracing: Add __string_len() example
tracing: Remove pointer (asterisk) and brackets from cpumask_t field
Tamura Dai (1):
spi: spi-imx: Add check for spi_imx_setupxfer()
Thomas Bogendoerfer (1):
MIPS: cm: Fix warning if MIPS_CM is disabled
Thomas Weißschuh (1):
KVM: s390: Don't use %pK through tracepoints
Thorsten Leemhuis (1):
module: sign with sha512 instead of sha1 by default
Théo Lebrun (1):
usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func
Tiezhu Yang (1):
LoongArch: Make regs_irqs_disabled() more clear
Tung Nguyen (1):
tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
Uwe Kleine-König (2):
auxdisplay: hd44780: Convert to platform remove callback returning void
backlight: led_bl: Convert to platform remove callback returning void
Vinicius Costa Gomes (1):
dmaengine: dmatest: Fix dmatest waiting less when interrupted
Vladimir Oltean (1):
net: dsa: mv88e6xxx: don't dispose of Global2 IRQ mappings from mdiobus code
Xiaogang Chen (1):
udmabuf: fix a buf size overflow issue during udmabuf creation
Xingui Yang (1):
scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes
Yu-Chun Lin (1):
parisc: PDT: Fix missing prototype warning
Yuli Wang (1):
LoongArch: Select ARCH_USE_MEMTEST
Yunlong Xing (1):
loop: aio inherit the ioprio of original request
Zijun Hu (1):
of: resolver: Fix device node refcount leakage in of_resolve_phandles()
6 days, 2 hours
- 1
- 1
Linux 5.15.181
by Greg Kroah-Hartman
I'm announcing the release of the 5.15.181 kernel.
All users of the 5.15 kernel series must upgrade.
The updated 5.15.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/scsi/libsas.rst | 2
Makefile | 5
arch/arm64/boot/dts/mediatek/mt8173.dtsi | 6
arch/arm64/include/asm/cputype.h | 4
arch/arm64/include/asm/fpsimd.h | 4
arch/arm64/include/asm/kvm_host.h | 17
arch/arm64/include/asm/kvm_hyp.h | 7
arch/arm64/include/asm/processor.h | 7
arch/arm64/include/asm/spectre.h | 1
arch/arm64/kernel/fpsimd.c | 117 +++-
arch/arm64/kernel/process.c | 3
arch/arm64/kernel/proton-pack.c | 218 ++++----
arch/arm64/kernel/ptrace.c | 3
arch/arm64/kernel/signal.c | 3
arch/arm64/kvm/arm.c | 1
arch/arm64/kvm/fpsimd.c | 72 +-
arch/arm64/kvm/hyp/entry.S | 5
arch/arm64/kvm/hyp/include/hyp/switch.h | 86 ++-
arch/arm64/kvm/hyp/nvhe/hyp-main.c | 9
arch/arm64/kvm/hyp/nvhe/switch.c | 52 +-
arch/arm64/kvm/hyp/vhe/switch.c | 4
arch/arm64/kvm/reset.c | 3
arch/mips/dec/prom/init.c | 2
arch/mips/include/asm/ds1287.h | 2
arch/mips/include/asm/mips-cm.h | 22
arch/mips/kernel/cevt-ds1287.c | 1
arch/mips/kernel/mips-cm.c | 14
arch/parisc/kernel/pdt.c | 2
arch/powerpc/kernel/rtas.c | 4
arch/riscv/include/asm/kgdb.h | 9
arch/riscv/include/asm/syscall.h | 7
arch/riscv/kernel/kgdb.c | 6
arch/riscv/kernel/setup.c | 36 +
arch/s390/kvm/trace-s390.h | 4
arch/sparc/mm/tlb.c | 5
arch/x86/entry/entry.S | 2
arch/x86/events/intel/ds.c | 8
arch/x86/events/intel/uncore_snbep.c | 107 ----
arch/x86/kernel/cpu/amd.c | 2
arch/x86/kernel/cpu/bugs.c | 30 -
arch/x86/kernel/e820.c | 17
arch/x86/kvm/svm/avic.c | 60 +-
arch/x86/kvm/vmx/posted_intr.c | 28 -
arch/x86/mm/tlb.c | 6
arch/x86/platform/pvh/head.S | 7
block/blk-cgroup.c | 24
block/blk-iocost.c | 7
crypto/crypto_null.c | 39 +
drivers/acpi/platform_profile.c | 20
drivers/acpi/pptt.c | 4
drivers/ata/ahci.c | 2
drivers/ata/libata-eh.c | 11
drivers/ata/pata_pxa.c | 6
drivers/ata/sata_sx4.c | 118 +---
drivers/auxdisplay/hd44780.c | 9
drivers/base/devres.c | 7
drivers/block/loop.c | 9
drivers/bluetooth/btrtl.c | 2
drivers/bluetooth/hci_ldisc.c | 19
drivers/bluetooth/hci_uart.h | 1
drivers/bus/mhi/host/main.c | 16
drivers/char/virtio_console.c | 7
drivers/clk/clk.c | 4
drivers/clocksource/timer-stm32-lp.c | 4
drivers/comedi/drivers/jr3_pci.c | 17
drivers/cpufreq/cppc_cpufreq.c | 2
drivers/cpufreq/cpufreq.c | 8
drivers/cpufreq/scmi-cpufreq.c | 10
drivers/cpufreq/scpi-cpufreq.c | 13
drivers/crypto/atmel-sha204a.c | 7
drivers/crypto/caam/qi.c | 6
drivers/crypto/ccp/sp-pci.c | 15
drivers/dma-buf/udmabuf.c | 2
drivers/dma/dmatest.c | 6
drivers/gpio/gpio-tegra186.c | 95 ++-
drivers/gpio/gpio-zynq.c | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 2
drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c | 2
drivers/gpu/drm/amd/amdgpu/amdgpu_vce.c | 6
drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 10
drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 2
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 20
drivers/gpu/drm/amd/display/dc/core/dc_link.c | 2
drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c | 22
drivers/gpu/drm/amd/display/dc/dcn21/dcn21_resource.c | 2
drivers/gpu/drm/amd/display/dc/dcn30/dcn30_hwseq.c | 3
drivers/gpu/drm/amd/display/dc/dcn31/dcn31_hubp.c | 2
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_thermal.c | 4
drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega10_thermal.c | 4
drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega20_thermal.c | 2
drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c | 3
drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c | 2
drivers/gpu/drm/drm_atomic_helper.c | 2
drivers/gpu/drm/drm_panel.c | 5
drivers/gpu/drm/drm_panel_orientation_quirks.c | 10
drivers/gpu/drm/i915/gt/intel_engine_cs.c | 7
drivers/gpu/drm/mediatek/mtk_dpi.c | 9
drivers/gpu/drm/msm/adreno/a6xx.xml.h | 4
drivers/gpu/drm/msm/adreno/a6xx_gmu.c | 148 +++--
drivers/gpu/drm/msm/adreno/a6xx_gpu.c | 14
drivers/gpu/drm/msm/adreno/a6xx_gpu.h | 1
drivers/gpu/drm/nouveau/nouveau_bo.c | 3
drivers/gpu/drm/nouveau/nouveau_gem.c | 3
drivers/gpu/drm/sti/Makefile | 2
drivers/gpu/drm/tiny/repaper.c | 4
drivers/hid/usbhid/hid-pidff.c | 60 +-
drivers/hsi/clients/ssi_protocol.c | 1
drivers/i2c/busses/i2c-cros-ec-tunnel.c | 3
drivers/i3c/master.c | 3
drivers/i3c/master/svc-i3c-master.c | 2
drivers/iio/adc/ad7768-1.c | 5
drivers/infiniband/core/umem_odp.c | 6
drivers/infiniband/hw/bnxt_re/qplib_fp.c | 3
drivers/infiniband/hw/hns/hns_roce_main.c | 2
drivers/infiniband/hw/qib/qib_fs.c | 1
drivers/infiniband/hw/usnic/usnic_ib_main.c | 14
drivers/iommu/amd/iommu.c | 2
drivers/mcb/mcb-parse.c | 2
drivers/md/dm-cache-target.c | 24
drivers/md/dm-integrity.c | 3
drivers/md/raid1.c | 26 -
drivers/md/raid10.c | 1
drivers/media/common/siano/smsdvb-main.c | 2
drivers/media/i2c/adv748x/adv748x.h | 2
drivers/media/i2c/ccs/ccs-core.c | 6
drivers/media/i2c/ov7251.c | 4
drivers/media/platform/qcom/venus/hfi_parser.c | 100 ++-
drivers/media/platform/qcom/venus/hfi_venus.c | 18
drivers/media/rc/streamzap.c | 135 ++---
drivers/media/test-drivers/vim2m.c | 6
drivers/media/v4l2-core/v4l2-dv-timings.c | 4
drivers/mfd/ene-kb3930.c | 2
drivers/misc/mei/hw-me-regs.h | 1
drivers/misc/mei/pci-me.c | 1
drivers/misc/pci_endpoint_test.c | 6
drivers/mtd/inftlcore.c | 9
drivers/mtd/mtdpstore.c | 12
drivers/mtd/nand/raw/brcmnand/brcmnand.c | 2
drivers/mtd/nand/raw/r852.c | 3
drivers/net/dsa/b53/b53_common.c | 10
drivers/net/dsa/mv88e6xxx/chip.c | 32 +
drivers/net/dsa/mv88e6xxx/devlink.c | 3
drivers/net/ethernet/chelsio/cxgb4/cxgb4_ethtool.c | 1
drivers/net/ethernet/intel/igc/igc_defines.h | 1
drivers/net/ethernet/intel/igc/igc_main.c | 1
drivers/net/ethernet/intel/igc/igc_ptp.c | 93 ++-
drivers/net/ethernet/microsoft/mana/mana.h | 2
drivers/net/ethernet/microsoft/mana/mana_en.c | 21
drivers/net/phy/phy_led_triggers.c | 23
drivers/net/ppp/ppp_synctty.c | 5
drivers/net/wireless/ath/ath10k/sdio.c | 5
drivers/net/wireless/atmel/at76c50x-usb.c | 2
drivers/net/wireless/mediatek/mt76/eeprom.c | 4
drivers/net/wireless/mediatek/mt76/mt76x2/usb.c | 1
drivers/net/wireless/ti/wl1251/tx.c | 4
drivers/ntb/hw/idt/ntb_hw_idt.c | 18
drivers/ntb/ntb_transport.c | 2
drivers/nvme/host/core.c | 9
drivers/nvme/target/fc.c | 39 -
drivers/nvme/target/fcloop.c | 2
drivers/of/irq.c | 13
drivers/pci/controller/pcie-brcmstb.c | 13
drivers/pci/controller/vmd.c | 12
drivers/pci/pci.c | 107 ++--
drivers/pci/probe.c | 54 +-
drivers/pci/remove.c | 7
drivers/perf/arm_pmu.c | 8
drivers/phy/tegra/xusb.c | 2
drivers/pinctrl/qcom/pinctrl-msm.c | 12
drivers/platform/x86/asus-laptop.c | 9
drivers/pwm/pwm-fsl-ftm.c | 6
drivers/pwm/pwm-mediatek.c | 8
drivers/pwm/pwm-rcar.c | 24
drivers/s390/char/sclp_con.c | 17
drivers/s390/char/sclp_tty.c | 12
drivers/scsi/aic94xx/aic94xx.h | 1
drivers/scsi/aic94xx/aic94xx_init.c | 1
drivers/scsi/aic94xx/aic94xx_tmf.c | 9
drivers/scsi/hisi_sas/hisi_sas.h | 14
drivers/scsi/hisi_sas/hisi_sas_main.c | 363 ++++++--------
drivers/scsi/hisi_sas/hisi_sas_v1_hw.c | 2
drivers/scsi/hisi_sas/hisi_sas_v2_hw.c | 13
drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 16
drivers/scsi/isci/init.c | 1
drivers/scsi/isci/task.c | 18
drivers/scsi/isci/task.h | 4
drivers/scsi/lpfc/lpfc_els.c | 51 +
drivers/scsi/lpfc/lpfc_hbadisc.c | 2
drivers/scsi/mvsas/mv_defs.h | 5
drivers/scsi/mvsas/mv_init.c | 1
drivers/scsi/mvsas/mv_sas.c | 31 -
drivers/scsi/mvsas/mv_sas.h | 1
drivers/scsi/pm8001/pm8001_hwi.c | 4
drivers/scsi/pm8001/pm8001_init.c | 1
drivers/scsi/pm8001/pm8001_sas.c | 27 -
drivers/scsi/pm8001/pm8001_sas.h | 11
drivers/scsi/scsi_transport_iscsi.c | 7
drivers/scsi/st.c | 2
drivers/scsi/ufs/ufs_bsg.c | 1
drivers/soc/samsung/exynos-chipid.c | 74 ++
drivers/soc/ti/omap_prm.c | 2
drivers/spi/spi-cadence-quadspi.c | 6
drivers/thermal/rockchip_thermal.c | 1
drivers/tty/serial/sifive.c | 6
drivers/usb/cdns3/cdns3-gadget.c | 2
drivers/usb/chipidea/ci_hdrc_imx.c | 44 +
drivers/usb/class/cdc-wdm.c | 21
drivers/usb/core/quirks.c | 9
drivers/usb/dwc3/dwc3-pci.c | 10
drivers/usb/dwc3/gadget.c | 6
drivers/usb/gadget/udc/aspeed-vhub/dev.c | 3
drivers/usb/host/max3421-hcd.c | 7
drivers/usb/host/ohci-pci.c | 23
drivers/usb/host/xhci-ring.c | 11
drivers/usb/serial/ftdi_sio.c | 2
drivers/usb/serial/ftdi_sio_ids.h | 5
drivers/usb/serial/option.c | 3
drivers/usb/serial/usb-serial-simple.c | 7
drivers/usb/storage/unusual_uas.h | 7
drivers/vdpa/mlx5/core/mr.c | 7
drivers/video/backlight/led_bl.c | 11
drivers/video/fbdev/omap2/omapfb/dss/dispc.c | 6
drivers/xen/Kconfig | 2
drivers/xen/xenfs/xensyms.c | 4
fs/Kconfig | 1
fs/btrfs/super.c | 3
fs/cifs/cifs_debug.c | 4
fs/cifs/cifsglob.h | 1
fs/cifs/cifsproto.h | 7
fs/cifs/connect.c | 2
fs/cifs/fs_context.c | 5
fs/cifs/ioctl.c | 3
fs/cifs/smb2misc.c | 11
fs/cifs/smb2ops.c | 48 +
fs/cifs/smb2pdu.c | 10
fs/cifs/transport.c | 43 -
fs/ext4/block_validity.c | 5
fs/ext4/inode.c | 75 ++
fs/ext4/namei.c | 2
fs/ext4/super.c | 19
fs/ext4/xattr.c | 11
fs/f2fs/f2fs.h | 12
fs/f2fs/node.c | 9
fs/f2fs/super.c | 27 -
fs/f2fs/sysfs.c | 14
fs/fuse/virtio_fs.c | 3
fs/hfs/bnode.c | 6
fs/hfsplus/bnode.c | 6
fs/isofs/export.c | 2
fs/jbd2/journal.c | 1
fs/jfs/jfs_dinode.h | 2
fs/jfs/jfs_dmap.c | 12
fs/jfs/jfs_imap.c | 10
fs/jfs/jfs_incore.h | 2
fs/jfs/jfs_txnmgr.c | 4
fs/jfs/jfs_xtree.c | 4
fs/jfs/jfs_xtree.h | 37 -
fs/ksmbd/oplock.c | 2
fs/ksmbd/smb2misc.c | 22
fs/ksmbd/smb2pdu.c | 49 +
fs/ksmbd/transport_ipc.c | 7
fs/namespace.c | 3
fs/nfs/Kconfig | 2
fs/nfs/internal.h | 22
fs/nfs/nfs4session.h | 4
fs/nfsd/Kconfig | 1
fs/nfsd/nfs4state.c | 2
fs/nfsd/nfsfh.h | 7
fs/ntfs3/file.c | 1
fs/proc/array.c | 53 +-
include/linux/backing-dev.h | 1
include/linux/blk-cgroup.h | 1
include/linux/filter.h | 9
include/linux/nfs.h | 13
include/linux/pci.h | 1
include/linux/sched/task_stack.h | 2
include/linux/soc/samsung/exynos-chipid.h | 6
include/net/bluetooth/bluetooth.h | 1
include/net/net_namespace.h | 1
include/net/sctp/structs.h | 3
include/net/sock.h | 10
include/scsi/libsas.h | 10
include/uapi/linux/kfd_ioctl.h | 2
include/uapi/linux/landlock.h | 2
include/xen/interface/xen-mca.h | 2
init/Kconfig | 3
kernel/bpf/helpers.c | 14
kernel/bpf/syscall.c | 17
kernel/dma/contiguous.c | 3
kernel/locking/lockdep.c | 3
kernel/sched/cpufreq_schedutil.c | 18
kernel/trace/ftrace.c | 1
kernel/trace/trace_events.c | 4
kernel/trace/trace_events_filter.c | 4
lib/sg_split.c | 2
lib/string.c | 15
lib/test_ubsan.c | 18
mm/filemap.c | 2
mm/gup.c | 4
mm/memory-failure.c | 11
mm/memory.c | 4
mm/vmscan.c | 2
net/8021q/vlan_dev.c | 31 -
net/bluetooth/af_bluetooth.c | 22
net/bluetooth/hci_event.c | 5
net/bluetooth/l2cap_core.c | 3
net/bluetooth/sco.c | 18
net/core/dev.c | 1
net/core/filter.c | 80 +--
net/core/net_namespace.c | 21
net/core/page_pool.c | 8
net/core/rtnetlink.c | 2
net/core/selftests.c | 18
net/core/sock.c | 10
net/dsa/tag_8021q.c | 2
net/ethtool/netlink.c | 8
net/ipv6/route.c | 6
net/mac80211/iface.c | 3
net/mac80211/mesh_hwmp.c | 14
net/mctp/af_mctp.c | 3
net/mptcp/sockopt.c | 16
net/mptcp/subflow.c | 23
net/netfilter/ipvs/ip_vs_ctl.c | 10
net/netfilter/nft_set_pipapo_avx2.c | 3
net/openvswitch/actions.c | 4
net/openvswitch/flow_netlink.c | 3
net/phonet/pep.c | 41 +
net/sched/sch_hfsc.c | 23
net/sctp/socket.c | 22
net/sctp/transport.c | 2
net/tipc/link.c | 1
net/tipc/monitor.c | 3
net/tls/tls_main.c | 6
security/landlock/errata.h | 87 +++
security/landlock/setup.c | 30 +
security/landlock/setup.h | 3
security/landlock/syscalls.c | 22
sound/pci/hda/hda_intel.c | 15
sound/soc/codecs/lpass-wsa-macro.c | 117 +++-
sound/soc/codecs/wcd934x.c | 2
sound/soc/fsl/fsl_audmix.c | 16
sound/soc/qcom/qdsp6/q6asm-dai.c | 19
sound/usb/midi.c | 80 ++-
sound/virtio/virtio_pcm.c | 21
tools/objtool/check.c | 3
tools/power/cpupower/bench/parse.c | 4
tools/testing/ktest/ktest.pl | 8
tools/testing/selftests/landlock/base_test.c | 46 +
tools/testing/selftests/mincore/mincore_selftest.c | 3
tools/testing/selftests/ublk/test_stripe_04.sh | 24
tools/testing/selftests/vm/charge_reserved_hugetlb.sh | 4
tools/testing/selftests/vm/hugetlb_reparenting_test.sh | 2
352 files changed, 3456 insertions(+), 1946 deletions(-)
Abdun Nihaal (3):
wifi: at76c50x: fix use after free access in at76_disconnect
wifi: wl1251: fix memory leak in wl1251_tx_work
cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path
Abhinav Kumar (1):
drm: allow encoder mode_set even when connectors change for crtc
Adam Xue (1):
USB: serial: option: add Sierra Wireless EM9291
Akhil P Oommen (4):
drm/msm/a6xx: Improve gpu recovery sequence
drm/msm/a6xx: Handle GMU prepare-slumber hfi failure
drm/msm/a6xx: Avoid gx gbit halt during rpm suspend
drm/msm/a6xx: Fix stale rpmh votes from GPU
Al Viro (1):
qibfs: fix _another_ leak
Alex Williamson (1):
Revert "PCI: Avoid reset when disabled via sysfs"
Alexander Potapenko (1):
kmsan: disable strscpy() optimization under KMSAN
Alexander Stein (1):
usb: host: max3421-hcd: Add missing spi_device_id table
Alexander Usyskin (1):
mei: me: add panther lake H DID
Alexandra Diupina (1):
cifs: avoid NULL pointer dereference in dbg call
Alexandre Torgue (1):
clocksource/drivers/stm32-lptimer: Use wakeup capable instead of init wakeup
Alexey Klimov (1):
ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path
Andreas Gruenbacher (1):
writeback: fix false warning in inode_to_wb()
Andrew Wyatt (2):
drm: panel-orientation-quirks: Add support for AYANEO 2S
drm: panel-orientation-quirks: Add new quirk for GPD Win 2
Andrii Nakryiko (1):
bpf: avoid holding freeze_mutex during mmap operation
Andy Shevchenko (1):
usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield
AngeloGioacchino Del Regno (1):
drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off
Ard Biesheuvel (1):
x86/pvh: Call C code via the kernel virtual mapping
Arnaud Lecomte (1):
net: ppp: Add bound checking for skb data on ppp_sync_txmung
Arnd Bergmann (2):
dma/contiguous: avoid warning about unused size_bytes
ntb: reduce stack usage in idt_scan_mws
Arseniy Krasnov (2):
Bluetooth: hci_uart: fix race during initialization
Bluetooth: hci_uart: Fix another race during initialization
Artem Sadovnikov (1):
ext4: fix off-by-one error in do_split
Ayush Jain (1):
ktest: Fix Test Failures Due to Missing LOG_FILE Directories
Baoquan He (1):
mm/gup: fix wrongly calculated returned value in fault_in_safe_writeable()
Ben Dooks (1):
bpf: Add endian modifiers to fix endian warnings
Bhupesh (1):
ext4: ignore xattrs past end
Björn Töpel (1):
riscv: Properly export reserved regions in /proc/iomem
Boqun Feng (1):
locking/lockdep: Decrease nr_unused_locks if lock unused in zap_class()
Chao Yu (2):
f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()
f2fs: check validation of fault attrs in f2fs_build_fault_attr()
Chen Hanxiao (1):
ipvs: properly dereference pe in ip_vs_add_service
Chen-Yu Tsai (1):
arm64: dts: mediatek: mt8173: Fix disp-pwm compatible string
ChenXiaoSong (1):
smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()
Chengchang Tang (1):
RDMA/hns: Fix wrong maximum DMA segment size
Chenyuan Yang (3):
mfd: ene-kb3930: Fix a potential NULL pointer dereference
soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()
usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
Chris Bainbridge (1):
drm/nouveau: prime: fix ttm_bo_delayed_delete oops
Chris Wilson (1):
drm/i915/gt: Cleanup partial engine discovery failures
Christopher S M Hall (4):
igc: fix PTM cycle trigger logic
igc: move ktime snapshot into PTM retry loop
igc: handle the IGC_PTP_ENABLED flag correctly
igc: cleanup PTP module if probe fails
Cong Wang (2):
net_sched: hfsc: Fix a UAF vulnerability in class handling
net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
Craig Hesling (1):
USB: serial: simple: add OWON HDS200 series oscilloscope support
Dan Carpenter (1):
Bluetooth: btrtl: Prevent potential NULL dereference
Daniel Kral (1):
ahci: add PCI ID for Marvell 88SE9215 SATA Controller
Daniel Wagner (3):
nvmet-fcloop: swap list_add_tail arguments
nvmet-fc: take tgtport reference only once
nvmet-fc: put ref when assoc->del_work is already scheduled
Dapeng Mi (1):
perf/x86/intel: Allow to update user space GPRs from PEBS records
Dave Kleikamp (1):
jfs: define xtree root and page independently
David Yat Sin (1):
drm/amdkfd: clamp queue size to minimum
Denis Arefev (7):
asus-laptop: Fix an uninitialized variable
drm/amd/pm: Prevent division by zero
drm/amd/pm/powerplay: Prevent division by zero
drm/amd/pm/powerplay/hwmgr/smu7_thermal: Prevent division by zero
drm/amd/pm/swsmu/smu13/smu_v13_0: Prevent division by zero
drm/amd/pm/powerplay/hwmgr/vega20_thermal: Prevent division by zero
ksmbd: Prevent integer overflow in calculation of deadtime
Douglas Anderson (6):
arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD
arm64: cputype: Add MIDR_CORTEX_A76AE
arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list
arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre BHB
arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe list
arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() lists
Edward Adam Davis (4):
jfs: Prevent copying of nlink with value 0 from disk inode
jfs: add sanity check for agwidth in dbMount
isofs: Prevent the use of too small fid
fs/ntfs3: Fix WARNING in ntfs_extend_initialized_size
Enzo Matsumiya (2):
smb: client: fix UAF in async decryption
cifs: print TIDs as hex
Eric Biggers (1):
nfs: add missing selections of CONFIG_CRC32
Eric Dumazet (2):
net: make sock_inuse_add() available
net: defer final 'struct net' free in netns dismantle
Fedor Pchelkin (4):
ntb: use 64-bit arithmetic for the MSI doorbell mask
usb: chipidea: ci_hdrc_imx: fix usbmisc handling
usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines
usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling
Felix Huettner (1):
net: openvswitch: fix race on port output
Florian Westphal (1):
nft_set_pipapo: fix incorrect avx2 match of 5th field octet
Frode Isaksen (1):
usb: dwc3: gadget: check that event count does not exceed event buffer length
Frédéric Danis (1):
Bluetooth: l2cap: Check encryption key size on incoming connection
Fuad Tabba (1):
KVM: arm64: Calculate cptr_el2 traps on activating traps
Gabriele Paoloni (1):
tracing: fix return value in __ftrace_event_enable_disable for TRACE_REG_UNREGISTER
Gang Yan (1):
mptcp: fix NULL pointer in can_accept_new_subflow
Gavrilov Ilia (1):
wifi: mac80211: fix integer overflow in hwmp_route_info_get()
Geert Uytterhoeven (2):
pwm: rcar: Simplify multiplication/shift logic
PCI: Fix dropping valid root bus resources with .end = zero
Greg Kroah-Hartman (1):
Linux 5.15.181
Gregory CLEMENT (1):
MIPS: cm: Detect CM quirks from device tree
Guixin Liu (2):
scsi: ufs: bsg: Set bsg_queue to NULL after removal
gpio: tegra186: fix resource handling in ACPI probe path
Halil Pasic (1):
virtio_console: fix missing byte order handling for cols and rows
Hannes Reinecke (4):
ata: sata_sx4: Drop pointless VPRINTK() calls and convert the remaining ones
nvme: requeue namespace scan on missed AENs
nvme: re-read ANA log page after ns scan completes
nvme: fixup scan failure for non-ANA multipath controllers
Haoxiang Li (5):
wifi: mt76: Add check for devm_kstrdup()
auxdisplay: hd44780: Fix an API misuse in hd44780.c
mcb: fix a double free bug in chameleon_parse_gdd()
s390/sclp: Add check for get_zeroed_page()
s390/tty: Fix a potential memory leak bug
Heiko Stuebner (1):
clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec()
Henry Martin (3):
ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()
cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()
cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
Herbert Xu (2):
crypto: caam/qi - Fix drv_ctx refcount bug
crypto: null - Use spin lock instead of mutex
Hersen Wu (1):
drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links
Herve Codina (1):
backlight: led_bl: Hold led_access lock when calling led_sysfs_disable()
Hou Tao (1):
bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
Huacai Chen (1):
USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02)
Ian Abbott (1):
comedi: jr3_pci: Fix synchronous deletion of timer
Icenowy Zheng (1):
wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table
Igor Pylypiv (1):
scsi: pm80xx: Set phy_attached to zero when device is gone
Ilya Maximets (2):
net: openvswitch: fix nested key length validation in the set() action
openvswitch: fix lockup on tx to unregistering netdev with carrier
Jakub Kicinski (1):
net: tls: explicitly disallow disconnect
James Smart (1):
scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI
Jan Beulich (1):
xenfs/xensyms: respect hypervisor's "next" indication
Jan Kara (1):
jbd2: remove wrong sb->s_sequence check
Jann Horn (1):
ext4: don't treat fhandle lookup of ea_inode as FS corruption
Jason Andryuk (1):
xen: Change xen-acpi-processor dom0 dependency
Jason Xing (1):
page_pool: avoid infinite loop to schedule delayed worker
Jean-Marc Eurin (1):
ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls
Jeff Hugo (1):
bus: mhi: host: Fix race between unprepare and queue_buf
Jeff Layton (1):
nfs: move nfs_fhandle_hash to common include file
Jiasheng Jiang (2):
mtd: Add check for devm_kcalloc()
mtd: Replace kcalloc() with devm_kcalloc()
Johannes Berg (1):
Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Johannes Kimmel (1):
btrfs: correctly escape subvol in btrfs_show_options()
John Garry (6):
scsi: hisi_sas: Start delivery hisi_sas_task_exec() directly
scsi: hisi_sas: Pass abort structure for internal abort
scsi: hisi_sas: Factor out task prep and delivery code
scsi: hisi_sas: Fix setting of hisi_sas_slot.is_internal
scsi: libsas: Delete lldd_clear_aca callback
scsi: libsas: Add struct sas_tmf_task
John Stultz (1):
sound/virtio: Fix cancel_sync warnings on uninitialized work_structs
Jonas Gorski (1):
net: b53: enable BPDU reception for management port
Jonathan Cameron (1):
iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check
Josh Poimboeuf (6):
pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()
objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler()
objtool: Stop UNRET validation on UD2
x86/bugs: Use SBPB in write_ibpb() if applicable
x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline
x86/bugs: Don't fill RSB on context switch with eIBRS
Kai Mäkisara (1):
scsi: st: Fix array overflow in st_setup()
Kai-Heng Feng (1):
PCI: Coalesce host bridge contiguous apertures
Kaixin Wang (1):
HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition
Kamal Dasu (1):
mtd: rawnand: brcmnand: fix PM resume warning
Kan Liang (3):
perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR
perf/x86/intel/uncore: Fix the scale of IIO free running counters on ICX
perf/x86/intel/uncore: Fix the scale of IIO free running counters on SPR
Kang Yang (1):
wifi: ath10k: avoid NULL pointer error during sdio remove
Karina Yankevich (1):
media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf()
Kees Cook (1):
xen/mcelog: Add __nonstring annotations for unterminated strings
Kirill A. Shutemov (1):
mm: fix apply_to_existing_page_range()
Krzysztof Kozlowski (2):
gpio: zynq: Fix wakeup source leaks on device unbind
soc: samsung: exynos-chipid: avoid soc_device_to_device()
Kunihiko Hayashi (3):
misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error
misc: pci_endpoint_test: Fix displaying 'irq_type' after 'request_irq' error
misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type
Kunwu Chan (1):
pmdomain: ti: Add a null pointer check to the omap_prm_domain_init
Leonid Arapov (1):
fbdev: omapfb: Add 'plane' value check
Li Lingfeng (1):
nfsd: decrease sc_count directly if fail to queue dl_recall
Li Nan (1):
blk-iocost: do not WARN if iocg was already offlined
Luca Ceresoli (1):
drm/bridge: panel: forbid initializing a panel with unknown connector type
Lucas De Marchi (1):
drivers: base: devres: Allow to release group on device release
Luiz Augusto von Dentz (2):
Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address
Bluetooth: SCO: Fix UAF on sco_sock_timeout
Ma Ke (2):
PCI: Fix reference leak in pci_alloc_child_bus()
PCI: Fix reference leak in pci_register_host_bridge()
Manjunatha Venkatesh (1):
i3c: Add NULL pointer check in i3c_master_queue_ibi()
Marc Zyngier (2):
KVM: arm64: Always start with clearing SVE flag on load
cpufreq: cppc: Fix invalid return value in .get() callback
Marek Behún (6):
net: dsa: mv88e6xxx: workaround RGMII transmit delay erratum for 6320 family
net: dsa: mv88e6xxx: fix VTU methods for 6320 family
crypto: atmel-sha204a - Set hwrng quality to lowest possible
net: dsa: mv88e6xxx: fix atu_move_port_mask for 6341 family
net: dsa: mv88e6xxx: enable PVT for 6321 switch
net: dsa: mv88e6xxx: enable .port_set_policy() for 6320 family
Mark Brown (6):
KVM: arm64: Get rid of host SVE tracking/saving
KVM: arm64: Discard any SVE state when entering KVM guests
arm64/fpsimd: Track the saved FPSIMD state type separately to TIF_SVE
arm64/fpsimd: Have KVM explicitly say which FP registers to save
arm64/fpsimd: Stop using TIF_SVE to manage register saving in KVM
selftests/mm: generate a temporary mountpoint for cgroup filesystem
Mark Rutland (5):
perf: arm_pmu: Don't disable counter in armpmu_add()
KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state
KVM: arm64: Remove host FPSIMD saving for non-protected KVM
KVM: arm64: Remove VHE host restore of CPACR_EL1.ZEN
KVM: arm64: Eagerly switch ZCR_EL{1,2}
Mathieu Desnoyers (1):
mm: add missing release barrier on PGDAT_RECLAIM_LOCKED unlock
Matt Johnston (1):
net: mctp: Set SOCK_RCU_FREE
Matthew Auld (1):
drm/amdgpu/dma_buf: fix page_link check
Matthew Majewski (1):
media: vim2m: print device name after registering device
Matthieu Baerts (NGI0) (2):
mptcp: only inc MPJoinAckHMacFailure for HMAC failures
mptcp: sockopt: fix getting IPV6_V6ONLY
Max Grobecker (1):
x86/cpu: Don't clear X86_FEATURE_LAHF_LM flag in init_amd_k8() on AMD when running in a virtual machine
Maxim Mikityanskiy (1):
ALSA: hda: intel: Fix Optimus when GPU has no sound
Maxime Chevallier (1):
net: ethtool: Don't call .cleanup_data when prepare_data fails
Meir Elisha (1):
md/raid1: Add check for missing source disk in process_checks()
Miao Li (2):
usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive
usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive
Miaoqian Lin (2):
scsi: iscsi: Fix missing scsi_host_put() in error path
phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function
Michael Ehrenreich (1):
USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe
Michal Pecio (1):
usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running
Michal Schmidt (1):
bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq
Mickaël Salaün (1):
landlock: Add the errata interface
Mikulas Patocka (1):
dm-integrity: set ti->error on memory allocation failure
Ming Lei (1):
selftests: ublk: fix test_stripe_04
Ming-Hung Tsai (1):
dm cache: fix flushing uninitialized delayed_work on cache_ctr error
Miquel Raynal (1):
spi: cadence-qspi: Fix probe on AM62A LP SK
Mostafa Saleh (1):
ubsan: Fix panic from test_ubsan_out_of_bounds
Murad Masimov (2):
media: streamzap: prevent processing IR data on URB failure
media: streamzap: fix race between device disconnection and urb callback
Myrrh Periwinkle (1):
x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions()
Namjae Jeon (1):
ksmbd: fix potencial out-of-bounds when buffer offset is invalid
Nathan Chancellor (4):
ACPI: platform-profile: Fix CFI violation when accessing sysfs files
riscv: Avoid fortify warning in syscall_get_arguments()
kbuild: Add '-fno-builtin-wcslen'
f2fs: Add inline to f2fs_build_fault_attr() stub
Nathan Lynch (1):
powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()
Nikita Zhandarovich (1):
drm/repaper: fix integer overflows in repeat functions
Niklas Cassel (1):
ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode
Niklas Söderlund (1):
media: i2c: adv748x: Fix test pattern selection mask
Ojaswin Mujoo (2):
ext4: protect ext4_release_dquot against freezing
ext4: make block validity check resistent to sb bh corruption
Oleg Nesterov (2):
fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats
sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP
Oleksij Rempel (1):
net: selftests: initialize TCP header and skb payload with zero
Oliver Neukum (6):
USB: storage: quirk for ADATA Portable HDD CH94
USB: VLI disk crashes if LPM is used
USB: wdm: handle IO errors in wdm_wwan_port_start
USB: wdm: close race between wdm_open and wdm_wwan_port_stop
USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context
USB: wdm: add annotation
Pali Rohár (1):
PCI: Assign PCI domain IDs by ida_alloc()
Paolo Abeni (1):
ipv6: release nexthop on device removal
Paulo Alcantara (5):
smb: client: fix potential UAF in cifs_dump_full_key()
smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
smb: client: fix NULL ptr deref in crypto_aead_setkey()
smb: client: fix potential deadlock when releasing mids
smb: client: fix potential UAF in cifs_stats_proc_show()
Pei Li (1):
jfs: Fix shift-out-of-bounds in dbDiscardAG
Peter Collingbourne (1):
string: Add load_unaligned_zeropad() code path to sized_strscpy()
Philip Yang (1):
drm/amdkfd: Fix pqm_destroy_queue race with GPU reset
Qingfang Deng (1):
net: phy: leds: fix memory leak
Qiuxu Zhuo (1):
selftests/mincore: Allow read-ahead pages to reach the end of the file
Qun-Wei Lin (1):
sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers
Rafael J. Wysocki (2):
cpufreq/sched: Fix the usage of CPUFREQ_NEED_UPDATE_LIMITS
cpufreq: Reference count policy in cpufreq_update_limits()
Ralph Siemsen (1):
usb: cdns3: Fix deadlock when using NCM gadget
Rand Deeb (2):
fs/jfs: cast inactags to s64 to prevent potential overflow
fs/jfs: Prevent integer overflow in AG size calculation
Remi Pommarel (2):
wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()
wifi: mac80211: Purge vif txq in ieee80211_do_stop()
Ricard Wanderlof (1):
ALSA: usb-audio: Fix CME quirk for UF series keyboards
Ricardo Cañuelo Navarro (1):
sctp: detect and prevent references to a freed transport in sendmsg
Rob Herring (1):
PCI: Fix use-after-free in pci_bus_release_domain_nr()
Rolf Eike Beer (1):
drm/sti: remove duplicate object names
Roman Li (1):
drm/amd/display: Fix gpu reset in multidisplay config
Roman Smirnov (1):
cifs: fix integer overflow in match_server()
Ross Lagerwall (1):
PCI: Release resource invalidated by coalescing
Ryan Roberts (1):
sparc/mm: disable preemption in lazy mmu mode
Ryo Takakura (2):
PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type
serial: sifive: lock port in startup()/shutdown() callbacks
Rémi Denis-Courmont (1):
phonet/pep: fix racy skb_queue_empty() use
Sakari Ailus (4):
media: i2c: ccs: Set the device's runtime PM status correctly in remove
media: i2c: ccs: Set the device's runtime PM status correctly in probe
media: i2c: ov7251: Set enable GPIO low in probe
media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO
Sam Protsenko (1):
soc: samsung: exynos-chipid: Pass revision reg offsets
Sean Christopherson (3):
iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE
KVM: SVM: Allocate IR data using atomic allocation
KVM: x86: Reset IRTE to host control if *new* route isn't postable
Sean Young (4):
media: streamzap: remove unnecessary ir_raw_event_reset and handle
media: streamzap: no need for usb pid/vid in device name
media: streamzap: less chatter
media: streamzap: remove unused struct members
Sebastian Andrzej Siewior (1):
xdp: Reset bpf_redirect_info before running a xdp's BPF prog.
Sergiu Cuciurean (1):
iio: adc: ad7768-1: Fix conversion result sign
Shay Drory (1):
RDMA/core: Silence oversized kvmalloc() warning
Shengjiu Wang (1):
ASoC: fsl_audmix: register card device depends on 'dais' property
Shuai Xue (1):
mm/hwpoison: do not send SIGBUS to processes with recovered clean pages
Si-Wei Liu (1):
vdpa/mlx5: Fix oversized null mkey longer than 32bit
Souradeep Chakrabarti (1):
net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup
Srinivas Kandagatla (2):
ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate
ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels
Srinivasan Shanmugam (2):
drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create'
drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing
Stanimir Varbanov (1):
PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe()
Stanislav Fomichev (1):
net: vlan: don't propagate flags on open
Stanley Chu (1):
i3c: master: svc: Use readsb helper for reading MDB
Stephan Gerhold (1):
pinctrl: qcom: Clear latched interrupt status when changing IRQ type
Steven Rostedt (1):
tracing: Fix filter string testing
T Pratham (1):
lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets
Thadeu Lima de Souza Cascardo (1):
i2c: cros-ec-tunnel: defer probe if parent EC is not present
Thierry Reding (1):
gpio: tegra186: Force one interrupt per bank
Thomas Bogendoerfer (1):
MIPS: cm: Fix warning if MIPS_CM is disabled
Thomas Weißschuh (3):
loop: properly send KOBJ_CHANGED uevent for disk device
loop: LOOP_SET_FD: send uevents for partitions
KVM: s390: Don't use %pK through tracepoints
Thorsten Leemhuis (1):
module: sign with sha512 instead of sha1 by default
Tim Huang (1):
drm/amd/display: fix double free issue during amdgpu module unload
Tom Lendacky (1):
crypto: ccp - Fix check for the primary ASP device
Tomasz Pakuła (3):
HID: pidff: Convert infinite length from Linux API to PID standard
HID: pidff: Do not send effect envelope if it's empty
HID: pidff: Fix null pointer dereference in pidff_find_fields
Trevor Woerner (1):
thermal/drivers/rockchip: Add missing rk3328 mapping entry
Trond Myklebust (2):
umount: Allow superblock owners to force umount
filemap: Fix bounds checking in filemap_read()
Tung Nguyen (2):
tipc: fix memory leak in tipc_link_xmit
tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
Tuo Li (1):
scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan()
Uwe Kleine-König (4):
pwm: rcar: Improve register calculation
pwm: fsl-ftm: Handle clk_get_rate() returning 0
auxdisplay: hd44780: Convert to platform remove callback returning void
backlight: led_bl: Convert to platform remove callback returning void
Vasiliy Kovalev (1):
hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key
Vikash Garodia (4):
media: venus: hfi: add a check to handle OOB in sfr region
media: venus: hfi: add check to handle incorrect queue size
media: venus: hfi_parser: add check to avoid out of bound access
media: venus: hfi_parser: refactor hfi packet parsing logic
Vinicius Costa Gomes (1):
dmaengine: dmatest: Fix dmatest waiting less when interrupted
Vitaly Prosyak (1):
drm/amdgpu: fix usage slab after free
Vladimir Oltean (2):
net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered
net: dsa: avoid refcount warnings when ds->ops->tag_8021q_vlan_del() fails
Wang Liang (1):
net: fix crash when config small gso_max_size/gso_ipv4_max_size
WangYuli (6):
riscv: KGDB: Do not inline arch_kgdb_breakpoint()
riscv: KGDB: Remove ".option norvc/.option rvc" for kgdb_compiled_break
nvmet-fc: Remove unused functions
MIPS: dec: Declare which_prom() as static
MIPS: cevt-ds1287: Add missing ds1287.h include
MIPS: ds1287: Match ds1287_set_base_clock() function types
Wentao Liang (3):
ata: sata_sx4: Add error handling in pdc20621_i2c_read()
mtd: inftlcore: Add error check for inftl_read_oob()
mtd: rawnand: Add status chack in r852_ready()
Willem de Bruijn (1):
bpf: support SKF_NET_OFF and SKF_LL_OFF on skb frags
Xiangsheng Hou (1):
virtiofs: add filesystem context source name check
Xiaogang Chen (1):
udmabuf: fix a buf size overflow issue during udmabuf creation
Xiaxi Shen (1):
ext4: fix timer use-after-free on failed mount
Xingui Yang (2):
scsi: hisi_sas: Enable force phy when SATA disk directly connected
scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes
Yu Kuai (2):
md/raid10: fix missing discard IO accounting
blk-cgroup: support to track if policy is online
Yu-Chun Lin (1):
parisc: PDT: Fix missing prototype warning
Yuan Can (1):
media: siano: Fix error handling in smsdvb_module_init()
Yue Haibing (1):
RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe()
Yunlong Xing (1):
loop: aio inherit the ioprio of original request
Zhang Xiaoxu (1):
cifs: Fix UAF in cifs_demultiplex_thread()
Zhikai Zhai (1):
drm/amd/display: Update Cursor request mode to the beginning prefetch always
Zhongqiu Han (2):
pm: cpupower: bench: Prevent NULL dereference on malloc failure
jfs: Fix uninit-value access of imap allocated in the diMount() function
Zijun Hu (3):
of/irq: Fix device node refcount leakages in of_irq_count()
of/irq: Fix device node refcount leakage in API irq_of_parse_and_map()
of/irq: Fix device node refcount leakages in of_irq_init()
zhoumin (1):
ftrace: Add cond_resched() to ftrace_graph_set_hash()
6 days, 2 hours
- 1
- 1
Linux 5.10.237
by Greg Kroah-Hartman
I'm announcing the release of the 5.10.237 kernel.
All users of the 5.10 kernel series must upgrade.
The updated 5.10.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Makefile | 5
arch/arm/mach-exynos/Kconfig | 1
arch/arm64/boot/dts/mediatek/mt8173.dtsi | 6
arch/arm64/include/asm/cputype.h | 4
arch/arm64/kernel/proton-pack.c | 1
arch/mips/dec/prom/init.c | 2
arch/mips/include/asm/ds1287.h | 2
arch/mips/include/asm/mips-cm.h | 22 +
arch/mips/kernel/cevt-ds1287.c | 1
arch/mips/kernel/mips-cm.c | 14 +
arch/parisc/kernel/pdt.c | 2
arch/powerpc/kernel/rtas.c | 4
arch/riscv/include/asm/kgdb.h | 9
arch/riscv/include/asm/syscall.h | 7
arch/riscv/kernel/kgdb.c | 6
arch/s390/kvm/trace-s390.h | 4
arch/sparc/mm/tlb.c | 5
arch/x86/entry/entry.S | 2
arch/x86/events/intel/ds.c | 8
arch/x86/events/intel/uncore_snbep.c | 49 ---
arch/x86/kernel/cpu/amd.c | 2
arch/x86/kernel/cpu/bugs.c | 8
arch/x86/kernel/e820.c | 17 -
arch/x86/kvm/svm/avic.c | 60 ++--
arch/x86/kvm/vmx/posted_intr.c | 28 --
arch/x86/platform/pvh/head.S | 7
block/blk-cgroup.c | 24 +
block/blk-iocost.c | 7
crypto/crypto_null.c | 39 +-
drivers/acpi/pptt.c | 4
drivers/ata/ahci.c | 2
drivers/ata/libata-eh.c | 11
drivers/ata/pata_pxa.c | 6
drivers/ata/sata_sx4.c | 118 +++-----
drivers/bluetooth/btrtl.c | 2
drivers/bluetooth/hci_ldisc.c | 19 +
drivers/bluetooth/hci_uart.h | 1
drivers/char/virtio_console.c | 7
drivers/clk/clk.c | 4
drivers/clocksource/timer-stm32-lp.c | 4
drivers/cpufreq/cpufreq.c | 8
drivers/cpufreq/scpi-cpufreq.c | 13
drivers/crypto/atmel-sha204a.c | 7
drivers/crypto/caam/qi.c | 6
drivers/crypto/ccp/sp-pci.c | 15 -
drivers/dma-buf/udmabuf.c | 2
drivers/dma/dmatest.c | 6
drivers/gpio/gpio-zynq.c | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c | 9
drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h | 3
drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c | 6
drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 10
drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 2
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 14 -
drivers/gpu/drm/amd/display/dc/dcn21/dcn21_resource.c | 2
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_thermal.c | 4
drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega10_thermal.c | 4
drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega20_thermal.c | 2
drivers/gpu/drm/drm_atomic_helper.c | 2
drivers/gpu/drm/drm_panel.c | 5
drivers/gpu/drm/drm_panel_orientation_quirks.c | 10
drivers/gpu/drm/i915/gt/intel_engine_cs.c | 7
drivers/gpu/drm/mediatek/mtk_dpi.c | 9
drivers/gpu/drm/nouveau/nouveau_bo.c | 3
drivers/gpu/drm/nouveau/nouveau_gem.c | 3
drivers/gpu/drm/sti/Makefile | 2
drivers/gpu/drm/tiny/repaper.c | 4
drivers/hid/usbhid/hid-pidff.c | 60 +++-
drivers/hsi/clients/ssi_protocol.c | 1
drivers/i2c/busses/i2c-cros-ec-tunnel.c | 3
drivers/i3c/master.c | 3
drivers/iio/adc/ad7768-1.c | 5
drivers/infiniband/core/umem_odp.c | 6
drivers/infiniband/hw/hns/hns_roce_main.c | 2
drivers/infiniband/hw/qib/qib_fs.c | 1
drivers/infiniband/hw/usnic/usnic_ib_main.c | 14 -
drivers/iommu/amd/iommu.c | 2
drivers/mcb/mcb-parse.c | 2
drivers/md/dm-cache-target.c | 24 +
drivers/md/dm-integrity.c | 3
drivers/md/raid1.c | 26 +
drivers/media/common/siano/smsdvb-main.c | 2
drivers/media/i2c/adv748x/adv748x.h | 2
drivers/media/i2c/ov7251.c | 4
drivers/media/platform/qcom/venus/Makefile | 3
drivers/media/platform/qcom/venus/core.c | 17 -
drivers/media/platform/qcom/venus/core.h | 41 ---
drivers/media/platform/qcom/venus/helpers.c | 60 ++--
drivers/media/platform/qcom/venus/helpers.h | 2
drivers/media/platform/qcom/venus/hfi.c | 18 +
drivers/media/platform/qcom/venus/hfi_parser.c | 159 +++++++++---
drivers/media/platform/qcom/venus/hfi_parser.h | 2
drivers/media/platform/qcom/venus/hfi_platform.c | 49 +++
drivers/media/platform/qcom/venus/hfi_platform.h | 61 ++++
drivers/media/platform/qcom/venus/hfi_platform_v4.c | 60 ++++
drivers/media/platform/qcom/venus/hfi_venus.c | 18 +
drivers/media/platform/qcom/venus/pm_helpers.c | 12
drivers/media/platform/qcom/venus/vdec.c | 8
drivers/media/platform/qcom/venus/venc.c | 91 ++++--
drivers/media/rc/streamzap.c | 135 ++++------
drivers/media/test-drivers/vim2m.c | 6
drivers/media/v4l2-core/v4l2-dv-timings.c | 4
drivers/mfd/ene-kb3930.c | 2
drivers/misc/mei/hw-me-regs.h | 1
drivers/misc/mei/pci-me.c | 1
drivers/misc/pci_endpoint_test.c | 6
drivers/mtd/inftlcore.c | 9
drivers/mtd/mtdpstore.c | 9
drivers/mtd/nand/raw/brcmnand/brcmnand.c | 2
drivers/mtd/nand/raw/r852.c | 3
drivers/net/dsa/b53/b53_common.c | 10
drivers/net/dsa/mv88e6xxx/chip.c | 25 +
drivers/net/ethernet/chelsio/cxgb4/cxgb4_ethtool.c | 1
drivers/net/ethernet/intel/igc/igc_main.c | 1
drivers/net/ethernet/intel/igc/igc_ptp.c | 7
drivers/net/ethernet/mellanox/mlx5/core/en/rep/neigh.c | 15 -
drivers/net/ethernet/mellanox/mlx5/core/en/rep/tc.c | 6
drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 33 ++
drivers/net/ethernet/mellanox/mlx5/core/en_tc.h | 3
drivers/net/phy/phy_led_triggers.c | 23 -
drivers/net/ppp/ppp_synctty.c | 5
drivers/net/wireless/ath/ath10k/sdio.c | 5
drivers/net/wireless/atmel/at76c50x-usb.c | 2
drivers/net/wireless/mediatek/mt76/mt76x2/usb.c | 1
drivers/net/wireless/ti/wl1251/tx.c | 4
drivers/ntb/hw/idt/ntb_hw_idt.c | 18 -
drivers/ntb/ntb_transport.c | 2
drivers/nvme/host/core.c | 10
drivers/nvme/target/fc.c | 14 -
drivers/nvme/target/fcloop.c | 2
drivers/of/irq.c | 13
drivers/pci/controller/pcie-brcmstb.c | 13
drivers/pci/pci.c | 103 ++++---
drivers/pci/probe.c | 58 +++-
drivers/pci/remove.c | 7
drivers/perf/arm_pmu.c | 8
drivers/phy/tegra/xusb.c | 2
drivers/pinctrl/qcom/pinctrl-msm.c | 12
drivers/platform/x86/asus-laptop.c | 9
drivers/platform/x86/intel_speed_select_if/isst_if_common.c | 2
drivers/pwm/pwm-fsl-ftm.c | 6
drivers/pwm/pwm-mediatek.c | 20 +
drivers/pwm/pwm-rcar.c | 24 -
drivers/s390/block/dasd.c | 5
drivers/scsi/lpfc/lpfc_hbadisc.c | 2
drivers/scsi/pm8001/pm8001_sas.c | 1
drivers/scsi/scsi_transport_iscsi.c | 7
drivers/scsi/st.c | 2
drivers/scsi/ufs/ufs_bsg.c | 1
drivers/soc/samsung/Kconfig | 12
drivers/soc/samsung/Makefile | 3
drivers/soc/samsung/exynos-asv.c | 45 ---
drivers/soc/samsung/exynos-asv.h | 2
drivers/soc/samsung/exynos-chipid.c | 137 ++++++++--
drivers/soc/ti/omap_prm.c | 2
drivers/spi/spi-cadence-quadspi.c | 6
drivers/staging/comedi/drivers/jr3_pci.c | 15 -
drivers/staging/rtl8723bs/core/rtw_mlme.c | 2
drivers/thermal/rockchip_thermal.c | 1
drivers/tty/serial/sifive.c | 6
drivers/usb/cdns3/gadget.c | 2
drivers/usb/core/quirks.c | 9
drivers/usb/dwc3/gadget.c | 6
drivers/usb/gadget/udc/aspeed-vhub/dev.c | 3
drivers/usb/host/max3421-hcd.c | 7
drivers/usb/host/ohci-pci.c | 23 +
drivers/usb/serial/ftdi_sio.c | 2
drivers/usb/serial/ftdi_sio_ids.h | 5
drivers/usb/serial/option.c | 3
drivers/usb/serial/usb-serial-simple.c | 7
drivers/usb/storage/unusual_uas.h | 7
drivers/vdpa/mlx5/core/mr.c | 7
drivers/vfio/pci/vfio_pci.c | 13
drivers/video/backlight/led_bl.c | 5
drivers/video/fbdev/omap2/omapfb/dss/dispc.c | 6
drivers/xen/xenfs/xensyms.c | 4
fs/Kconfig | 1
fs/btrfs/super.c | 3
fs/cifs/cifs_debug.c | 6
fs/cifs/cifsglob.h | 9
fs/cifs/cifsproto.h | 7
fs/cifs/connect.c | 2
fs/cifs/smb2misc.c | 11
fs/cifs/smb2ops.c | 48 ++-
fs/cifs/smb2pdu.c | 10
fs/cifs/transport.c | 43 +--
fs/ext4/block_validity.c | 5
fs/ext4/inode.c | 76 ++++-
fs/ext4/namei.c | 2
fs/ext4/super.c | 19 +
fs/ext4/xattr.c | 11
fs/f2fs/node.c | 9
fs/fuse/virtio_fs.c | 3
fs/hfs/bnode.c | 6
fs/hfsplus/bnode.c | 6
fs/isofs/export.c | 2
fs/jbd2/journal.c | 1
fs/jfs/jfs_dmap.c | 12
fs/jfs/jfs_imap.c | 2
fs/namespace.c | 3
fs/nfs/Kconfig | 2
fs/nfs/internal.h | 22 -
fs/nfs/nfs4session.h | 4
fs/nfsd/Kconfig | 1
fs/nfsd/nfs4state.c | 2
fs/nfsd/nfsfh.h | 7
fs/proc/array.c | 52 ++-
include/linux/backing-dev.h | 1
include/linux/blk-cgroup.h | 1
include/linux/filter.h | 4
include/linux/nfs.h | 13
include/linux/pci.h | 12
include/linux/soc/samsung/exynos-chipid.h | 6
include/net/net_namespace.h | 1
include/net/sctp/structs.h | 3
include/uapi/linux/kfd_ioctl.h | 2
include/xen/interface/xen-mca.h | 2
init/Kconfig | 3
kernel/bpf/helpers.c | 11
kernel/bpf/syscall.c | 17 -
kernel/dma/contiguous.c | 3
kernel/locking/lockdep.c | 3
kernel/resource.c | 41 ---
kernel/sched/cpufreq_schedutil.c | 18 +
kernel/trace/ftrace.c | 1
kernel/trace/trace.h | 4
kernel/trace/trace_events.c | 4
kernel/trace/trace_events_filter.c | 4
kernel/trace/trace_events_hist.c | 7
kernel/trace/trace_events_synth.c | 82 ++++++
kernel/trace/trace_synth.h | 1
lib/sg_split.c | 2
mm/memory.c | 4
mm/vmscan.c | 2
net/8021q/vlan_dev.c | 31 --
net/bluetooth/hci_event.c | 5
net/core/dev.c | 1
net/core/filter.c | 80 +++---
net/core/net_namespace.c | 21 +
net/core/page_pool.c | 8
net/ipv4/inet_connection_sock.c | 19 +
net/mac80211/iface.c | 3
net/mac80211/mesh_hwmp.c | 14 -
net/mptcp/protocol.c | 45 +++
net/mptcp/subflow.c | 15 -
net/netfilter/ipvs/ip_vs_ctl.c | 10
net/netfilter/nft_set_pipapo_avx2.c | 3
net/openvswitch/actions.c | 4
net/openvswitch/flow_netlink.c | 3
net/sched/sch_hfsc.c | 23 +
net/sctp/socket.c | 22 +
net/sctp/transport.c | 2
net/tipc/link.c | 1
net/tipc/monitor.c | 3
net/tls/tls_main.c | 6
sound/pci/hda/hda_intel.c | 15 +
sound/soc/codecs/wcd934x.c | 2
sound/soc/qcom/qdsp6/q6asm-dai.c | 19 -
sound/usb/midi.c | 80 +++++-
tools/objtool/check.c | 3
tools/power/cpupower/bench/parse.c | 4
tools/testing/selftests/mincore/mincore_selftest.c | 3
tools/testing/selftests/ublk/test_stripe_04.sh | 24 +
tools/testing/selftests/vm/charge_reserved_hugetlb.sh | 4
tools/testing/selftests/vm/hugetlb_reparenting_test.sh | 2
265 files changed, 2371 insertions(+), 1187 deletions(-)
Abdun Nihaal (3):
wifi: at76c50x: fix use after free access in at76_disconnect
wifi: wl1251: fix memory leak in wl1251_tx_work
cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path
Abhinav Kumar (1):
drm: allow encoder mode_set even when connectors change for crtc
Abhishek Sahu (1):
vfio/pci: fix memory leak during D3hot to D0 transition
Adam Xue (1):
USB: serial: option: add Sierra Wireless EM9291
Al Viro (1):
qibfs: fix _another_ leak
Alexander Stein (1):
usb: host: max3421-hcd: Add missing spi_device_id table
Alexander Usyskin (1):
mei: me: add panther lake H DID
Alexandra Diupina (1):
cifs: avoid NULL pointer dereference in dbg call
Alexandre Torgue (1):
clocksource/drivers/stm32-lptimer: Use wakeup capable instead of init wakeup
Alexey Klimov (1):
ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path
Andreas Gruenbacher (1):
writeback: fix false warning in inode_to_wb()
Andrew Wyatt (2):
drm: panel-orientation-quirks: Add support for AYANEO 2S
drm: panel-orientation-quirks: Add new quirk for GPD Win 2
Andrii Nakryiko (1):
bpf: avoid holding freeze_mutex during mmap operation
AngeloGioacchino Del Regno (1):
drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off
Ard Biesheuvel (1):
x86/pvh: Call C code via the kernel virtual mapping
Arnaud Lecomte (1):
net: ppp: Add bound checking for skb data on ppp_sync_txmung
Arnd Bergmann (2):
dma/contiguous: avoid warning about unused size_bytes
ntb: reduce stack usage in idt_scan_mws
Arseniy Krasnov (2):
Bluetooth: hci_uart: fix race during initialization
Bluetooth: hci_uart: Fix another race during initialization
Artem Sadovnikov (1):
ext4: fix off-by-one error in do_split
Ben Dooks (1):
bpf: Add endian modifiers to fix endian warnings
Bhupesh (1):
ext4: ignore xattrs past end
Boqun Feng (2):
locking/lockdep: Decrease nr_unused_locks if lock unused in zap_class()
PCI: Introduce domain_nr in pci_host_bridge
Chao Yu (1):
f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()
Chen Hanxiao (1):
ipvs: properly dereference pe in ip_vs_add_service
Chen-Yu Tsai (1):
arm64: dts: mediatek: mt8173: Fix disp-pwm compatible string
Chengchang Tang (1):
RDMA/hns: Fix wrong maximum DMA segment size
Chenyuan Yang (3):
mfd: ene-kb3930: Fix a potential NULL pointer dereference
soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()
usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
Chris Bainbridge (1):
drm/nouveau: prime: fix ttm_bo_delayed_delete oops
Chris Wilson (1):
drm/i915/gt: Cleanup partial engine discovery failures
Christopher S M Hall (2):
igc: handle the IGC_PTP_ENABLED flag correctly
igc: cleanup PTP module if probe fails
Chunguang Xu (1):
nvme: avoid double free special payload
Colin Ian King (1):
media: venus: Fix uninitialized variable count being checked for zero
Cong Wang (2):
net_sched: hfsc: Fix a UAF vulnerability in class handling
net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
Craig Hesling (1):
USB: serial: simple: add OWON HDS200 series oscilloscope support
Dan Carpenter (1):
Bluetooth: btrtl: Prevent potential NULL dereference
Daniel Golle (1):
pwm: mediatek: always use bus clock for PWM on MT7622
Daniel Kral (1):
ahci: add PCI ID for Marvell 88SE9215 SATA Controller
Daniel Wagner (1):
nvmet-fcloop: swap list_add_tail arguments
Dapeng Mi (1):
perf/x86/intel: Allow to update user space GPRs from PEBS records
David Yat Sin (1):
drm/amdkfd: clamp queue size to minimum
Denis Arefev (4):
asus-laptop: Fix an uninitialized variable
drm/amd/pm/powerplay: Prevent division by zero
drm/amd/pm/powerplay/hwmgr/smu7_thermal: Prevent division by zero
drm/amd/pm/powerplay/hwmgr/vega20_thermal: Prevent division by zero
Douglas Anderson (3):
arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD
arm64: cputype: Add MIDR_CORTEX_A76AE
arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list
Douglas Raillard (1):
tracing: Fix synth event printk format for str fields
Duoming Zhou (1):
drivers: staging: rtl8723bs: Fix deadlock in rtw_surveydone_event_callback()
Edward Adam Davis (3):
jfs: Prevent copying of nlink with value 0 from disk inode
jfs: add sanity check for agwidth in dbMount
isofs: Prevent the use of too small fid
Enzo Matsumiya (2):
smb: client: fix UAF in async decryption
cifs: print TIDs as hex
Eric Biggers (2):
ext4: reject casefold inode flag without casefold feature
nfs: add missing selections of CONFIG_CRC32
Eric Dumazet (1):
net: defer final 'struct net' free in netns dismantle
Fabien Parent (1):
pwm: mediatek: Always use bus clock
Fedor Pchelkin (1):
ntb: use 64-bit arithmetic for the MSI doorbell mask
Felix Huettner (1):
net: openvswitch: fix race on port output
Florian Westphal (1):
nft_set_pipapo: fix incorrect avx2 match of 5th field octet
Frode Isaksen (1):
usb: dwc3: gadget: check that event count does not exceed event buffer length
Gabriele Paoloni (1):
tracing: fix return value in __ftrace_event_enable_disable for TRACE_REG_UNREGISTER
Gang Yan (1):
mptcp: fix NULL pointer in can_accept_new_subflow
Gavrilov Ilia (1):
wifi: mac80211: fix integer overflow in hwmp_route_info_get()
Geert Uytterhoeven (1):
pwm: rcar: Simplify multiplication/shift logic
Greg Kroah-Hartman (1):
Linux 5.10.237
Gregory CLEMENT (1):
MIPS: cm: Detect CM quirks from device tree
Guixin Liu (1):
scsi: ufs: bsg: Set bsg_queue to NULL after removal
Halil Pasic (1):
virtio_console: fix missing byte order handling for cols and rows
Hannes Reinecke (4):
ata: sata_sx4: Drop pointless VPRINTK() calls and convert the remaining ones
nvme: requeue namespace scan on missed AENs
nvme: re-read ANA log page after ns scan completes
nvme: fixup scan failure for non-ANA multipath controllers
Hans de Goede (1):
drivers: staging: rtl8723bs: Fix locking in rtw_scan_timeout_handler()
Haoxiang Li (1):
mcb: fix a double free bug in chameleon_parse_gdd()
Heiko Stuebner (1):
clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec()
Henry Martin (2):
ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()
cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
Herbert Xu (2):
crypto: caam/qi - Fix drv_ctx refcount bug
crypto: null - Use spin lock instead of mutex
Hersen Wu (1):
drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links
Herve Codina (1):
backlight: led_bl: Hold led_access lock when calling led_sysfs_disable()
Hou Tao (1):
bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
Huacai Chen (1):
USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02)
Ian Abbott (1):
comedi: jr3_pci: Fix synchronous deletion of timer
Icenowy Zheng (1):
wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table
Igor Pylypiv (1):
scsi: pm80xx: Set phy_attached to zero when device is gone
Ilya Maximets (2):
net: openvswitch: fix nested key length validation in the set() action
openvswitch: fix lockup on tx to unregistering netdev with carrier
Jakub Kicinski (1):
net: tls: explicitly disallow disconnect
Jan Beulich (1):
xenfs/xensyms: respect hypervisor's "next" indication
Jan Kara (1):
jbd2: remove wrong sb->s_sequence check
Jann Horn (1):
ext4: don't treat fhandle lookup of ea_inode as FS corruption
Jason Xing (1):
page_pool: avoid infinite loop to schedule delayed worker
Jean-Marc Eurin (1):
ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls
Jeff Layton (1):
nfs: move nfs_fhandle_hash to common include file
Jiasheng Jiang (1):
mtd: Replace kcalloc() with devm_kcalloc()
Johannes Berg (1):
Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Johannes Kimmel (1):
btrfs: correctly escape subvol in btrfs_show_options()
Jonas Gorski (1):
net: b53: enable BPDU reception for management port
Jonathan Cameron (1):
iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check
Josh Poimboeuf (5):
pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()
objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler()
objtool: Stop UNRET validation on UD2
x86/bugs: Use SBPB in write_ibpb() if applicable
x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline
Kai Mäkisara (1):
scsi: st: Fix array overflow in st_setup()
Kai-Heng Feng (1):
PCI: Coalesce host bridge contiguous apertures
Kaixin Wang (1):
HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition
Kamal Dasu (1):
mtd: rawnand: brcmnand: fix PM resume warning
Kan Liang (2):
perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR
perf/x86/intel/uncore: Fix the scale of IIO free running counters on ICX
Kang Yang (1):
wifi: ath10k: avoid NULL pointer error during sdio remove
Karina Yankevich (1):
media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf()
Kees Cook (1):
xen/mcelog: Add __nonstring annotations for unterminated strings
Kirill A. Shutemov (1):
mm: fix apply_to_existing_page_range()
Krzysztof Kozlowski (5):
gpio: zynq: Fix wakeup source leaks on device unbind
soc: samsung: exynos-chipid: initialize later - with arch_initcall
soc: samsung: exynos-chipid: convert to driver and merge exynos-asv
soc: samsung: exynos-chipid: avoid soc_device_to_device()
soc: samsung: exynos-chipid: correct helpers __init annotation
Kunihiko Hayashi (3):
misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error
misc: pci_endpoint_test: Fix displaying 'irq_type' after 'request_irq' error
misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type
Kuniyuki Iwashima (1):
tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().
Kunwu Chan (1):
pmdomain: ti: Add a null pointer check to the omap_prm_domain_init
Lee Jones (1):
drm/amd/amdgpu/amdgpu_vram_mgr: Add missing descriptions for 'dev' and 'dir'
Leonid Arapov (1):
fbdev: omapfb: Add 'plane' value check
Li Lingfeng (1):
nfsd: decrease sc_count directly if fail to queue dl_recall
Li Nan (1):
blk-iocost: do not WARN if iocg was already offlined
Luca Ceresoli (1):
drm/bridge: panel: forbid initializing a panel with unknown connector type
Luiz Augusto von Dentz (1):
Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address
Ma Ke (2):
PCI: Fix reference leak in pci_alloc_child_bus()
PCI: Fix reference leak in pci_register_host_bridge()
Manjunatha Venkatesh (1):
i3c: Add NULL pointer check in i3c_master_queue_ibi()
Marek Behún (3):
net: dsa: mv88e6xxx: workaround RGMII transmit delay erratum for 6320 family
net: dsa: mv88e6xxx: fix VTU methods for 6320 family
crypto: atmel-sha204a - Set hwrng quality to lowest possible
Mark Brown (1):
selftests/mm: generate a temporary mountpoint for cgroup filesystem
Mark Rutland (1):
perf: arm_pmu: Don't disable counter in armpmu_add()
Mathieu Desnoyers (1):
mm: add missing release barrier on PGDAT_RECLAIM_LOCKED unlock
Matthew Auld (1):
drm/amdgpu/dma_buf: fix page_link check
Matthew Majewski (1):
media: vim2m: print device name after registering device
Matthieu Baerts (NGI0) (2):
mptcp: only inc MPJoinAckHMacFailure for HMAC failures
mptcp: sockopt: fix getting IPV6_V6ONLY
Max Grobecker (1):
x86/cpu: Don't clear X86_FEATURE_LAHF_LM flag in init_amd_k8() on AMD when running in a virtual machine
Maxim Mikityanskiy (1):
ALSA: hda: intel: Fix Optimus when GPU has no sound
Meir Elisha (1):
md/raid1: Add check for missing source disk in process_checks()
Miao Li (2):
usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive
usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive
Miaohe Lin (1):
kernel/resource: fix kfree() of bootmem memory again
Miaoqian Lin (2):
scsi: iscsi: Fix missing scsi_host_put() in error path
phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function
Michael Ehrenreich (1):
USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe
Mikulas Patocka (1):
dm-integrity: set ti->error on memory allocation failure
Ming Lei (1):
selftests: ublk: fix test_stripe_04
Ming-Hung Tsai (1):
dm cache: fix flushing uninitialized delayed_work on cache_ctr error
Miquel Raynal (1):
spi: cadence-qspi: Fix probe on AM62A LP SK
Miroslav Franc (1):
s390/dasd: fix double module refcount decrement
Murad Masimov (2):
media: streamzap: prevent processing IR data on URB failure
media: streamzap: fix race between device disconnection and urb callback
Myrrh Periwinkle (1):
x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions()
Nathan Chancellor (2):
riscv: Avoid fortify warning in syscall_get_arguments()
kbuild: Add '-fno-builtin-wcslen'
Nathan Lynch (1):
powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()
Nikita Zhandarovich (1):
drm/repaper: fix integer overflows in repeat functions
Niklas Cassel (1):
ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode
Niklas Söderlund (1):
media: i2c: adv748x: Fix test pattern selection mask
Ojaswin Mujoo (2):
ext4: protect ext4_release_dquot against freezing
ext4: make block validity check resistent to sb bh corruption
Oleg Nesterov (2):
fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats
sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP
Oliver Neukum (2):
USB: storage: quirk for ADATA Portable HDD CH94
USB: VLI disk crashes if LPM is used
Pali Rohár (1):
PCI: Assign PCI domain IDs by ida_alloc()
Paulo Alcantara (5):
smb: client: fix potential UAF in cifs_debug_files_proc_show()
smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
smb: client: fix potential deadlock when releasing mids
smb: client: fix potential UAF in cifs_stats_proc_show()
smb: client: fix NULL ptr deref in crypto_aead_setkey()
Pei Li (1):
jfs: Fix shift-out-of-bounds in dbDiscardAG
Philip Yang (1):
drm/amdkfd: Fix pqm_destroy_queue race with GPU reset
Qingfang Deng (1):
net: phy: leds: fix memory leak
Qiuxu Zhuo (1):
selftests/mincore: Allow read-ahead pages to reach the end of the file
Rafael J. Wysocki (2):
cpufreq/sched: Fix the usage of CPUFREQ_NEED_UPDATE_LIMITS
cpufreq: Reference count policy in cpufreq_update_limits()
Ralph Siemsen (1):
usb: cdns3: Fix deadlock when using NCM gadget
Ramesh Errabolu (1):
drm/amdgpu: Remove amdgpu_device arg from free_sgt api (v2)
Rand Deeb (2):
fs/jfs: cast inactags to s64 to prevent potential overflow
fs/jfs: Prevent integer overflow in AG size calculation
Remi Pommarel (2):
wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()
wifi: mac80211: Purge vif txq in ieee80211_do_stop()
Ricard Wanderlof (1):
ALSA: usb-audio: Fix CME quirk for UF series keyboards
Ricardo Cañuelo Navarro (1):
sctp: detect and prevent references to a freed transport in sendmsg
Rob Herring (1):
PCI: Fix use-after-free in pci_bus_release_domain_nr()
Rolf Eike Beer (1):
drm/sti: remove duplicate object names
Ryan Roberts (1):
sparc/mm: disable preemption in lazy mmu mode
Ryo Takakura (1):
serial: sifive: lock port in startup()/shutdown() callbacks
Sakari Ailus (2):
media: i2c: ov7251: Set enable GPIO low in probe
media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO
Sam Protsenko (1):
soc: samsung: exynos-chipid: Pass revision reg offsets
Sean Christopherson (3):
iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE
KVM: SVM: Allocate IR data using atomic allocation
KVM: x86: Reset IRTE to host control if *new* route isn't postable
Sean Young (4):
media: streamzap: remove unnecessary ir_raw_event_reset and handle
media: streamzap: no need for usb pid/vid in device name
media: streamzap: less chatter
media: streamzap: remove unused struct members
Sebastian Andrzej Siewior (1):
xdp: Reset bpf_redirect_info before running a xdp's BPF prog.
Sergiu Cuciurean (1):
iio: adc: ad7768-1: Fix conversion result sign
Shay Drory (1):
RDMA/core: Silence oversized kvmalloc() warning
Si-Wei Liu (1):
vdpa/mlx5: Fix oversized null mkey longer than 32bit
Srinivas Pandruvada (1):
platform/x86: ISST: Correct command storage data length
Srinivasan Shanmugam (1):
drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create'
Stanimir Varbanov (10):
PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe()
media: venus: venc: Init the session only once in queue_setup
media: venus: Limit HFI sessions to the maximum supported
media: venus: hfi: Correct session init return error
media: venus: pm_helpers: Check instance state when calculate instance frequency
media: venus: Create hfi platform and move vpp/vsp there
media: venus: Rename venus_caps to hfi_plat_caps
media: venus: hfi_plat: Add codecs and capabilities ops
media: venus: Get codecs and capabilities from hfi platform
media: venus: hfi_parser: Check for instance after hfi platform get
Stanislav Fomichev (1):
net: vlan: don't propagate flags on open
Stephan Gerhold (1):
pinctrl: qcom: Clear latched interrupt status when changing IRQ type
Steven Rostedt (1):
tracing: Fix filter string testing
Steven Rostedt (Google) (1):
tracing: Allow synthetic events to pass around stacktraces
T Pratham (1):
lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets
Thadeu Lima de Souza Cascardo (1):
i2c: cros-ec-tunnel: defer probe if parent EC is not present
Thomas Bogendoerfer (1):
MIPS: cm: Fix warning if MIPS_CM is disabled
Thomas Weißschuh (1):
KVM: s390: Don't use %pK through tracepoints
Thorsten Leemhuis (1):
module: sign with sha512 instead of sha1 by default
Tom Lendacky (1):
crypto: ccp - Fix check for the primary ASP device
Tomasz Pakuła (3):
HID: pidff: Convert infinite length from Linux API to PID standard
HID: pidff: Do not send effect envelope if it's empty
HID: pidff: Fix null pointer dereference in pidff_find_fields
Trevor Woerner (1):
thermal/drivers/rockchip: Add missing rk3328 mapping entry
Trond Myklebust (1):
umount: Allow superblock owners to force umount
Tung Nguyen (2):
tipc: fix memory leak in tipc_link_xmit
tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
Tuo Li (1):
scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan()
Uwe Kleine-König (2):
pwm: rcar: Improve register calculation
pwm: fsl-ftm: Handle clk_get_rate() returning 0
Vasiliy Kovalev (1):
hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key
Vikash Garodia (4):
media: venus: hfi: add a check to handle OOB in sfr region
media: venus: hfi: add check to handle incorrect queue size
media: venus: hfi_parser: add check to avoid out of bound access
media: venus: hfi_parser: refactor hfi packet parsing logic
Vinicius Costa Gomes (1):
dmaengine: dmatest: Fix dmatest waiting less when interrupted
Vlad Buslov (1):
net/mlx5e: Fix use-after-free of encap entry in neigh update handler
WangYuli (6):
riscv: KGDB: Do not inline arch_kgdb_breakpoint()
riscv: KGDB: Remove ".option norvc/.option rvc" for kgdb_compiled_break
nvmet-fc: Remove unused functions
MIPS: dec: Declare which_prom() as static
MIPS: cevt-ds1287: Add missing ds1287.h include
MIPS: ds1287: Match ds1287_set_base_clock() function types
Wentao Liang (3):
ata: sata_sx4: Add error handling in pdc20621_i2c_read()
mtd: inftlcore: Add error check for inftl_read_oob()
mtd: rawnand: Add status chack in r852_ready()
Willem de Bruijn (1):
bpf: support SKF_NET_OFF and SKF_LL_OFF on skb frags
Xiangsheng Hou (1):
virtiofs: add filesystem context source name check
Xiaogang Chen (1):
udmabuf: fix a buf size overflow issue during udmabuf creation
Xiaxi Shen (1):
ext4: fix timer use-after-free on failed mount
Yu Kuai (1):
blk-cgroup: support to track if policy is online
Yu-Chun Lin (1):
parisc: PDT: Fix missing prototype warning
Yuan Can (1):
media: siano: Fix error handling in smsdvb_module_init()
Yue Haibing (1):
RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe()
Zhang Xiaoxu (1):
cifs: Fix UAF in cifs_demultiplex_thread()
Zhongqiu Han (1):
pm: cpupower: bench: Prevent NULL dereference on malloc failure
Zijun Hu (3):
of/irq: Fix device node refcount leakages in of_irq_count()
of/irq: Fix device node refcount leakage in API irq_of_parse_and_map()
of/irq: Fix device node refcount leakages in of_irq_init()
zhoumin (1):
ftrace: Add cond_resched() to ftrace_graph_set_hash()
6 days, 2 hours
- 1
- 1
Linux 5.4.293
by Greg Kroah-Hartman
I'm announcing the release of the 5.4.293 kernel.
All users of the 5.4 kernel series must upgrade.
The updated 5.4.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Makefile | 5
arch/arm64/boot/dts/mediatek/mt8173.dtsi | 6
arch/arm64/include/asm/cputype.h | 2
arch/mips/dec/prom/init.c | 2
arch/mips/include/asm/ds1287.h | 2
arch/mips/include/asm/mips-cm.h | 22 ++
arch/mips/kernel/cevt-ds1287.c | 1
arch/mips/kernel/mips-cm.c | 14 +
arch/parisc/kernel/pdt.c | 2
arch/powerpc/kernel/Makefile | 1
arch/riscv/include/asm/syscall.h | 7
arch/s390/kvm/trace-s390.h | 4
arch/sparc/mm/tlb.c | 5
arch/x86/events/intel/ds.c | 8
arch/x86/events/intel/uncore_snbep.c | 16 -
arch/x86/kernel/cpu/amd.c | 2
arch/x86/kernel/cpu/bugs.c | 8
arch/x86/kernel/e820.c | 17 -
crypto/crypto_null.c | 39 ++-
drivers/acpi/pptt.c | 4
drivers/ata/ahci.c | 2
drivers/ata/libata-eh.c | 11 -
drivers/ata/pata_pxa.c | 6
drivers/ata/sata_sx4.c | 118 ++++--------
drivers/bluetooth/btrtl.c | 2
drivers/bluetooth/hci_ldisc.c | 19 +
drivers/bluetooth/hci_uart.h | 1
drivers/char/virtio_console.c | 7
drivers/clk/clk.c | 4
drivers/cpufreq/cpufreq.c | 8
drivers/cpufreq/scpi-cpufreq.c | 13 +
drivers/crypto/atmel-sha204a.c | 7
drivers/crypto/ccp/sp-pci.c | 15 -
drivers/dma-buf/udmabuf.c | 2
drivers/dma/dmatest.c | 6
drivers/gpio/gpio-zynq.c | 1
drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 10 +
drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 2
drivers/gpu/drm/amd/powerplay/hwmgr/vega20_thermal.c | 2
drivers/gpu/drm/drm_atomic_helper.c | 2
drivers/gpu/drm/drm_panel_orientation_quirks.c | 10 -
drivers/gpu/drm/mediatek/mtk_dpi.c | 9
drivers/gpu/drm/nouveau/nouveau_bo.c | 3
drivers/gpu/drm/nouveau/nouveau_gem.c | 3
drivers/gpu/drm/sti/Makefile | 2
drivers/gpu/drm/tiny/repaper.c | 4
drivers/hid/usbhid/hid-pidff.c | 60 ++++--
drivers/hsi/clients/ssi_protocol.c | 1
drivers/i2c/busses/i2c-cros-ec-tunnel.c | 3
drivers/i3c/master.c | 3
drivers/iio/adc/ad7768-1.c | 5
drivers/infiniband/hw/qib/qib_fs.c | 1
drivers/infiniband/hw/usnic/usnic_ib_main.c | 14 -
drivers/infiniband/ulp/srpt/ib_srpt.c | 8
drivers/mcb/mcb-parse.c | 2
drivers/md/dm-integrity.c | 3
drivers/md/raid1.c | 26 +-
drivers/media/common/siano/smsdvb-main.c | 2
drivers/media/i2c/adv748x/adv748x.h | 2
drivers/media/i2c/ov7251.c | 4
drivers/media/platform/qcom/venus/hfi_parser.c | 2
drivers/media/platform/qcom/venus/hfi_venus.c | 18 +
drivers/media/platform/vim2m.c | 6
drivers/media/rc/streamzap.c | 68 +++---
drivers/media/v4l2-core/v4l2-dv-timings.c | 4
drivers/misc/pci_endpoint_test.c | 36 ++-
drivers/mmc/host/cqhci.c | 2
drivers/mtd/inftlcore.c | 9
drivers/mtd/nand/raw/brcmnand/brcmnand.c | 2
drivers/mtd/nand/raw/r852.c | 3
drivers/net/dsa/b53/b53_common.c | 10 +
drivers/net/dsa/mv88e6xxx/chip.c | 25 ++
drivers/net/phy/phy_led_triggers.c | 23 +-
drivers/net/ppp/ppp_synctty.c | 5
drivers/net/virtio_net.c | 22 +-
drivers/net/wireless/atmel/at76c50x-usb.c | 2
drivers/net/wireless/mediatek/mt76/mt76x2/usb.c | 1
drivers/net/wireless/ti/wl1251/tx.c | 4
drivers/ntb/hw/idt/ntb_hw_idt.c | 18 -
drivers/ntb/ntb_transport.c | 2
drivers/nvme/target/fc.c | 14 -
drivers/of/irq.c | 13 +
drivers/pci/probe.c | 5
drivers/perf/arm_pmu.c | 8
drivers/platform/x86/asus-laptop.c | 9
drivers/platform/x86/intel_speed_select_if/isst_if_common.c | 2
drivers/pwm/pwm-fsl-ftm.c | 6
drivers/pwm/pwm-mediatek.c | 20 +-
drivers/scsi/pm8001/pm8001_sas.c | 1
drivers/scsi/scsi_transport_iscsi.c | 7
drivers/scsi/st.c | 2
drivers/staging/comedi/drivers/jr3_pci.c | 15 +
drivers/thermal/rockchip_thermal.c | 1
drivers/tty/serial/sifive.c | 6
drivers/usb/cdns3/gadget.c | 2
drivers/usb/core/quirks.c | 9
drivers/usb/dwc3/core.c | 11 -
drivers/usb/dwc3/gadget.c | 6
drivers/usb/gadget/udc/aspeed-vhub/dev.c | 3
drivers/usb/host/max3421-hcd.c | 7
drivers/usb/host/ohci-pci.c | 23 ++
drivers/usb/serial/ftdi_sio.c | 2
drivers/usb/serial/ftdi_sio_ids.h | 5
drivers/usb/serial/option.c | 3
drivers/usb/serial/usb-serial-simple.c | 7
drivers/usb/storage/unusual_uas.h | 7
drivers/video/fbdev/omap2/omapfb/dss/dispc.c | 6
drivers/xen/xenfs/xensyms.c | 4
fs/Kconfig | 1
fs/btrfs/super.c | 3
fs/ext4/dir.c | 12 -
fs/ext4/inode.c | 69 +++++--
fs/ext4/namei.c | 2
fs/ext4/super.c | 61 +++---
fs/ext4/xattr.c | 11 +
fs/fuse/virtio_fs.c | 3
fs/hfs/bnode.c | 6
fs/hfsplus/bnode.c | 6
fs/isofs/export.c | 2
fs/jbd2/journal.c | 1
fs/jfs/jfs_dmap.c | 10 -
fs/jfs/jfs_imap.c | 2
fs/nfs/Kconfig | 2
fs/nfs/internal.h | 22 --
fs/nfs/nfs4session.h | 4
fs/nfsd/Kconfig | 1
fs/nfsd/nfsfh.h | 12 -
include/linux/backing-dev.h | 1
include/linux/nfs.h | 13 +
include/linux/pci.h | 4
include/net/sctp/structs.h | 3
include/uapi/linux/kfd_ioctl.h | 2
include/uapi/linux/pcitest.h | 3
include/xen/interface/xen-mca.h | 2
init/Kconfig | 3
kernel/locking/lockdep.c | 3
kernel/trace/ftrace.c | 1
kernel/trace/trace_events.c | 4
lib/sg_split.c | 2
mm/vmscan.c | 2
net/8021q/vlan_dev.c | 31 ---
net/bluetooth/hci_event.c | 5
net/core/dev.c | 1
net/core/filter.c | 80 ++++----
net/core/page_pool.c | 8
net/ipv4/inet_connection_sock.c | 19 +
net/mac80211/iface.c | 3
net/mac80211/mesh_hwmp.c | 14 +
net/openvswitch/actions.c | 4
net/openvswitch/flow_netlink.c | 3
net/sched/sch_hfsc.c | 23 +-
net/sctp/socket.c | 22 +-
net/sctp/transport.c | 2
net/tipc/link.c | 1
net/tipc/monitor.c | 3
sound/pci/hda/hda_intel.c | 15 +
sound/usb/midi.c | 80 +++++++-
tools/power/cpupower/bench/parse.c | 4
tools/testing/selftests/ublk/test_stripe_04.sh | 24 ++
159 files changed, 1106 insertions(+), 545 deletions(-)
Abdun Nihaal (2):
wifi: at76c50x: fix use after free access in at76_disconnect
wifi: wl1251: fix memory leak in wl1251_tx_work
Abhinav Kumar (1):
drm: allow encoder mode_set even when connectors change for crtc
Acs, Jakub (1):
ext4: fix OOB read when checking dotdot dir
Adam Xue (1):
USB: serial: option: add Sierra Wireless EM9291
Al Viro (1):
qibfs: fix _another_ leak
Alexander Stein (1):
usb: host: max3421-hcd: Add missing spi_device_id table
Andreas Gruenbacher (1):
writeback: fix false warning in inode_to_wb()
Andrew Wyatt (2):
drm: panel-orientation-quirks: Add support for AYANEO 2S
drm: panel-orientation-quirks: Add new quirk for GPD Win 2
AngeloGioacchino Del Regno (1):
drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off
Arnaud Lecomte (1):
net: ppp: Add bound checking for skb data on ppp_sync_txmung
Arnd Bergmann (1):
ntb: reduce stack usage in idt_scan_mws
Arseniy Krasnov (2):
Bluetooth: hci_uart: fix race during initialization
Bluetooth: hci_uart: Fix another race during initialization
Artem Sadovnikov (1):
ext4: fix off-by-one error in do_split
Bart Van Assche (1):
RDMA/srpt: Support specifying the srpt_service_guid parameter
Ben Dooks (1):
bpf: Add endian modifiers to fix endian warnings
Bhupesh (1):
ext4: ignore xattrs past end
Bjorn Helgaas (1):
PCI: Rename PCI_IRQ_LEGACY to PCI_IRQ_INTX
Boqun Feng (1):
locking/lockdep: Decrease nr_unused_locks if lock unused in zap_class()
Chen-Yu Tsai (1):
arm64: dts: mediatek: mt8173: Fix disp-pwm compatible string
Chengguang Xu (1):
ext4: code cleanup for ext4_statfs_project()
Chenyuan Yang (1):
usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
Chris Bainbridge (1):
drm/nouveau: prime: fix ttm_bo_delayed_delete oops
Chuck Lever (1):
NFSD: Constify @fh argument of knfsd_fh_hash()
Cong Wang (2):
net_sched: hfsc: Fix a UAF vulnerability in class handling
net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
Craig Hesling (1):
USB: serial: simple: add OWON HDS200 series oscilloscope support
Damien Le Moal (1):
misc: pci_endpoint_test: Use INTX instead of LEGACY
Dan Carpenter (1):
Bluetooth: btrtl: Prevent potential NULL dereference
Daniel Golle (1):
pwm: mediatek: always use bus clock for PWM on MT7622
Daniel Kral (1):
ahci: add PCI ID for Marvell 88SE9215 SATA Controller
Dapeng Mi (1):
perf/x86/intel: Allow to update user space GPRs from PEBS records
David Yat Sin (1):
drm/amdkfd: clamp queue size to minimum
Denis Arefev (2):
asus-laptop: Fix an uninitialized variable
drm/amd/pm: Prevent division by zero
Douglas Anderson (1):
arm64: cputype: Add MIDR_CORTEX_A76AE
Edward Adam Davis (3):
jfs: Prevent copying of nlink with value 0 from disk inode
jfs: add sanity check for agwidth in dbMount
isofs: Prevent the use of too small fid
Eric Biggers (2):
ext4: reject casefold inode flag without casefold feature
nfs: add missing selections of CONFIG_CRC32
Fabien Parent (1):
pwm: mediatek: Always use bus clock
Fedor Pchelkin (1):
ntb: use 64-bit arithmetic for the MSI doorbell mask
Felix Huettner (1):
net: openvswitch: fix race on port output
Frode Isaksen (1):
usb: dwc3: gadget: check that event count does not exceed event buffer length
Gabriele Paoloni (1):
tracing: fix return value in __ftrace_event_enable_disable for TRACE_REG_UNREGISTER
Gavrilov Ilia (1):
wifi: mac80211: fix integer overflow in hwmp_route_info_get()
Greg Kroah-Hartman (1):
Linux 5.4.293
Gregory CLEMENT (1):
MIPS: cm: Detect CM quirks from device tree
Halil Pasic (1):
virtio_console: fix missing byte order handling for cols and rows
Hannes Reinecke (1):
ata: sata_sx4: Drop pointless VPRINTK() calls and convert the remaining ones
Haoxiang Li (1):
mcb: fix a double free bug in chameleon_parse_gdd()
Heiko Stuebner (1):
clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec()
Henry Martin (2):
ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()
cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
Herbert Xu (1):
crypto: null - Use spin lock instead of mutex
Huacai Chen (1):
USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02)
Ian Abbott (1):
comedi: jr3_pci: Fix synchronous deletion of timer
Icenowy Zheng (1):
wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table
Igor Pylypiv (1):
scsi: pm80xx: Set phy_attached to zero when device is gone
Ilya Maximets (2):
net: openvswitch: fix nested key length validation in the set() action
openvswitch: fix lockup on tx to unregistering netdev with carrier
Jan Beulich (1):
xenfs/xensyms: respect hypervisor's "next" indication
Jan Kara (2):
jbd2: remove wrong sb->s_sequence check
ext4: simplify checking quota limits in ext4_statfs()
Jann Horn (1):
ext4: don't treat fhandle lookup of ea_inode as FS corruption
Jason Xing (1):
page_pool: avoid infinite loop to schedule delayed worker
Jean-Marc Eurin (1):
ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls
Jeff Layton (1):
nfs: move nfs_fhandle_hash to common include file
Johannes Berg (1):
Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Johannes Kimmel (1):
btrfs: correctly escape subvol in btrfs_show_options()
Jonas Gorski (1):
net: b53: enable BPDU reception for management port
Jonathan Cameron (1):
iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check
Josh Poimboeuf (2):
pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()
x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline
Kai Mäkisara (1):
scsi: st: Fix array overflow in st_setup()
Kaixin Wang (1):
HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition
Kamal Dasu (1):
mtd: rawnand: brcmnand: fix PM resume warning
Kan Liang (1):
perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR
Karina Yankevich (1):
media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf()
Kees Cook (1):
xen/mcelog: Add __nonstring annotations for unterminated strings
Krzysztof Kozlowski (1):
gpio: zynq: Fix wakeup source leaks on device unbind
Kunihiko Hayashi (3):
misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error
misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type
misc: pci_endpoint_test: Fix displaying 'irq_type' after 'request_irq' error
Kuniyuki Iwashima (1):
tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().
Leonid Arapov (1):
fbdev: omapfb: Add 'plane' value check
Luiz Augusto von Dentz (1):
Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address
Ma Ke (1):
PCI: Fix reference leak in pci_alloc_child_bus()
Manjunatha Venkatesh (1):
i3c: Add NULL pointer check in i3c_master_queue_ibi()
Marek Behún (3):
net: dsa: mv88e6xxx: workaround RGMII transmit delay erratum for 6320 family
net: dsa: mv88e6xxx: fix VTU methods for 6320 family
crypto: atmel-sha204a - Set hwrng quality to lowest possible
Mark Rutland (1):
perf: arm_pmu: Don't disable counter in armpmu_add()
Martin Kepplinger (1):
usb: dwc3: support continuous runtime PM with dual role
Mathieu Desnoyers (1):
mm: add missing release barrier on PGDAT_RECLAIM_LOCKED unlock
Matthew Majewski (1):
media: vim2m: print device name after registering device
Max Grobecker (1):
x86/cpu: Don't clear X86_FEATURE_LAHF_LM flag in init_amd_k8() on AMD when running in a virtual machine
Maxim Mikityanskiy (1):
ALSA: hda: intel: Fix Optimus when GPU has no sound
Meir Elisha (1):
md/raid1: Add check for missing source disk in process_checks()
Miao Li (2):
usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive
usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive
Miaoqian Lin (1):
scsi: iscsi: Fix missing scsi_host_put() in error path
Michael Ehrenreich (1):
USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe
Mikulas Patocka (1):
dm-integrity: set ti->error on memory allocation failure
Ming Lei (1):
selftests: ublk: fix test_stripe_04
Murad Masimov (1):
media: streamzap: prevent processing IR data on URB failure
Myrrh Periwinkle (1):
x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions()
Nathan Chancellor (3):
riscv: Avoid fortify warning in syscall_get_arguments()
kbuild: Add '-fno-builtin-wcslen'
powerpc/prom_init: Use -ffreestanding to avoid a reference to bcmp
Nikita Zhandarovich (1):
drm/repaper: fix integer overflows in repeat functions
Niklas Cassel (1):
ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode
Niklas Söderlund (1):
media: i2c: adv748x: Fix test pattern selection mask
Ojaswin Mujoo (1):
ext4: protect ext4_release_dquot against freezing
Oleg Nesterov (1):
sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP
Oliver Neukum (2):
USB: storage: quirk for ADATA Portable HDD CH94
USB: VLI disk crashes if LPM is used
Philip Yang (1):
drm/amdkfd: Fix pqm_destroy_queue race with GPU reset
Qingfang Deng (1):
net: phy: leds: fix memory leak
Rafael J. Wysocki (1):
cpufreq: Reference count policy in cpufreq_update_limits()
Ralph Siemsen (1):
usb: cdns3: Fix deadlock when using NCM gadget
Rand Deeb (2):
fs/jfs: cast inactags to s64 to prevent potential overflow
fs/jfs: Prevent integer overflow in AG size calculation
Remi Pommarel (2):
wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()
wifi: mac80211: Purge vif txq in ieee80211_do_stop()
Ricard Wanderlof (1):
ALSA: usb-audio: Fix CME quirk for UF series keyboards
Ricardo Cañuelo Navarro (1):
sctp: detect and prevent references to a freed transport in sendmsg
Rolf Eike Beer (1):
drm/sti: remove duplicate object names
Ryan Roberts (1):
sparc/mm: disable preemption in lazy mmu mode
Ryo Takakura (1):
serial: sifive: lock port in startup()/shutdown() callbacks
Sakari Ailus (2):
media: i2c: ov7251: Set enable GPIO low in probe
media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO
Sergiu Cuciurean (1):
iio: adc: ad7768-1: Fix conversion result sign
Seunghwan Baek (1):
mmc: cqhci: Fix checking of CQHCI_HALT state
Srinivas Pandruvada (1):
platform/x86: ISST: Correct command storage data length
Stanislav Fomichev (1):
net: vlan: don't propagate flags on open
T Pratham (1):
lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets
Thadeu Lima de Souza Cascardo (1):
i2c: cros-ec-tunnel: defer probe if parent EC is not present
Theodore Ts'o (2):
ext4: don't over-report free space or inodes in statvfs
ext4: optimize __ext4_check_dir_entry()
Thomas Bogendoerfer (1):
MIPS: cm: Fix warning if MIPS_CM is disabled
Thomas Weißschuh (1):
KVM: s390: Don't use %pK through tracepoints
Thorsten Leemhuis (1):
module: sign with sha512 instead of sha1 by default
Tom Lendacky (1):
crypto: ccp - Fix check for the primary ASP device
Tomasz Pakuła (3):
HID: pidff: Convert infinite length from Linux API to PID standard
HID: pidff: Do not send effect envelope if it's empty
HID: pidff: Fix null pointer dereference in pidff_find_fields
Trevor Woerner (1):
thermal/drivers/rockchip: Add missing rk3328 mapping entry
Tung Nguyen (2):
tipc: fix memory leak in tipc_link_xmit
tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
Uwe Kleine-König (1):
pwm: fsl-ftm: Handle clk_get_rate() returning 0
Vasiliy Kovalev (1):
hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key
Vikash Garodia (3):
media: venus: hfi: add a check to handle OOB in sfr region
media: venus: hfi: add check to handle incorrect queue size
media: venus: hfi_parser: add check to avoid out of bound access
Vinicius Costa Gomes (1):
dmaengine: dmatest: Fix dmatest waiting less when interrupted
WangYuli (4):
nvmet-fc: Remove unused functions
MIPS: dec: Declare which_prom() as static
MIPS: cevt-ds1287: Add missing ds1287.h include
MIPS: ds1287: Match ds1287_set_base_clock() function types
Wentao Liang (3):
ata: sata_sx4: Add error handling in pdc20621_i2c_read()
mtd: inftlcore: Add error check for inftl_read_oob()
mtd: rawnand: Add status chack in r852_ready()
Willem de Bruijn (1):
bpf: support SKF_NET_OFF and SKF_LL_OFF on skb frags
Xiangsheng Hou (1):
virtiofs: add filesystem context source name check
Xiaogang Chen (1):
udmabuf: fix a buf size overflow issue during udmabuf creation
Xie Yongji (1):
virtio-net: Add validation for used length
Yu-Chun Lin (1):
parisc: PDT: Fix missing prototype warning
Yuan Can (1):
media: siano: Fix error handling in smsdvb_module_init()
Yue Haibing (1):
RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe()
Zhongqiu Han (1):
pm: cpupower: bench: Prevent NULL dereference on malloc failure
Zijun Hu (3):
of/irq: Fix device node refcount leakages in of_irq_count()
of/irq: Fix device node refcount leakage in API irq_of_parse_and_map()
of/irq: Fix device node refcount leakages in of_irq_init()
zhoumin (1):
ftrace: Add cond_resched() to ftrace_graph_set_hash()
6 days, 2 hours
- 1
- 1
[PATCH] iio: accel: fxls8962af: Fix temperature calculation
by Sean Nyekjaer
According to spec temperature should be returned in milli degrees Celsius.
Add in_temp_scale to calculate from Celsius to milli Celsius.
Fixes: a3e0b51884ee ("iio: accel: add support for FXLS8962AF/FXLS8964AF accelerometers")
Cc: stable(a)vger.kernel.org
Signed-off-by: Sean Nyekjaer <sean(a)geanix.com>
---
drivers/iio/accel/fxls8962af-core.c | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
diff --git a/drivers/iio/accel/fxls8962af-core.c b/drivers/iio/accel/fxls8962af-core.c
index bf1d3923a181798a1c884ee08b62d86ab5aed26f..30f08160eecdd1f9574c86baeeb17cc0ef1e7c60 100644
--- a/drivers/iio/accel/fxls8962af-core.c
+++ b/drivers/iio/accel/fxls8962af-core.c
@@ -133,7 +133,9 @@
#define FXLS8967AF_DEVICE_ID 0x87
/* Raw temp channel offset */
-#define FXLS8962AF_TEMP_CENTER_VAL 25
+#define FXLS8962AF_TEMP_CENTER_VAL 25000
+/* Raw temp channel scale */
+#define FXLS8962AF_TEMP_SCALE 1000
#define FXLS8962AF_AUTO_SUSPEND_DELAY_MS 2000
@@ -439,8 +441,16 @@ static int fxls8962af_read_raw(struct iio_dev *indio_dev,
*val = FXLS8962AF_TEMP_CENTER_VAL;
return IIO_VAL_INT;
case IIO_CHAN_INFO_SCALE:
- *val = 0;
- return fxls8962af_read_full_scale(data, val2);
+ switch (chan->type) {
+ case IIO_TEMP:
+ *val = FXLS8962AF_TEMP_SCALE;
+ return IIO_VAL_INT;
+ case IIO_ACCEL:
+ *val = 0;
+ return fxls8962af_read_full_scale(data, val2);
+ default:
+ return -EINVAL;
+ }
case IIO_CHAN_INFO_SAMP_FREQ:
return fxls8962af_read_samp_freq(data, val, val2);
default:
@@ -736,6 +746,7 @@ static const struct iio_event_spec fxls8962af_event[] = {
.type = IIO_TEMP, \
.address = FXLS8962AF_TEMP_OUT, \
.info_mask_separate = BIT(IIO_CHAN_INFO_RAW) | \
+ BIT(IIO_CHAN_INFO_SCALE) | \
BIT(IIO_CHAN_INFO_OFFSET),\
.scan_index = -1, \
.scan_type = { \
---
base-commit: 609bc31eca06c7408e6860d8b46311ebe45c1fef
change-id: 20250501-fxls-307ef3d6d065
Best regards,
--
Sean Nyekjaer <sean(a)geanix.com>
6 days, 2 hours
- 2
- 2
Please backport 980a573621ea to 6.12, 6.14
by Dionna Amalie Glaze
980a573621ea ("tpm: Make chip->{status,cancel,req_canceled} opt")
This is a dependent commit for the series of patches to add the AMD
SEV-SNP SVSM vTPM device driver. Kernel 6.11 added SVSM support, but
not support for the critical component for boot integrity that follows
the SEV-SNP threat model. That series
https://lore.kernel.org/all/20250410135118.133240-1-sgarzare@redhat.com/
is applied at tip but is not yet in the mainline.
I have confirmed that this patch applies cleanly. Stefano's patch
series needs a minor tweak to the first patch due to the changed
surrounding function declarations in arch/x86/include/asm/sev.h
https://github.com/deeglaze/amdese-linux/commits/vtpm612/
I've independently tested the patches.
--
-Dionna Glaze, PhD, CISSP, CCSP (she/her)
6 days, 3 hours
- 2
- 3
FAILED: patch "[PATCH] KVM: x86: Load DR6 with guest value only before entering" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x c2fee09fc167c74a64adb08656cb993ea475197e
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025021815-protract-greasily-cdea@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From c2fee09fc167c74a64adb08656cb993ea475197e Mon Sep 17 00:00:00 2001
From: Sean Christopherson <seanjc(a)google.com>
Date: Fri, 24 Jan 2025 17:18:33 -0800
Subject: [PATCH] KVM: x86: Load DR6 with guest value only before entering
.vcpu_run() loop
Move the conditional loading of hardware DR6 with the guest's DR6 value
out of the core .vcpu_run() loop to fix a bug where KVM can load hardware
with a stale vcpu->arch.dr6.
When the guest accesses a DR and host userspace isn't debugging the guest,
KVM disables DR interception and loads the guest's values into hardware on
VM-Enter and saves them on VM-Exit. This allows the guest to access DRs
at will, e.g. so that a sequence of DR accesses to configure a breakpoint
only generates one VM-Exit.
For DR0-DR3, the logic/behavior is identical between VMX and SVM, and also
identical between KVM_DEBUGREG_BP_ENABLED (userspace debugging the guest)
and KVM_DEBUGREG_WONT_EXIT (guest using DRs), and so KVM handles loading
DR0-DR3 in common code, _outside_ of the core kvm_x86_ops.vcpu_run() loop.
But for DR6, the guest's value doesn't need to be loaded into hardware for
KVM_DEBUGREG_BP_ENABLED, and SVM provides a dedicated VMCB field whereas
VMX requires software to manually load the guest value, and so loading the
guest's value into DR6 is handled by {svm,vmx}_vcpu_run(), i.e. is done
_inside_ the core run loop.
Unfortunately, saving the guest values on VM-Exit is initiated by common
x86, again outside of the core run loop. If the guest modifies DR6 (in
hardware, when DR interception is disabled), and then the next VM-Exit is
a fastpath VM-Exit, KVM will reload hardware DR6 with vcpu->arch.dr6 and
clobber the guest's actual value.
The bug shows up primarily with nested VMX because KVM handles the VMX
preemption timer in the fastpath, and the window between hardware DR6
being modified (in guest context) and DR6 being read by guest software is
orders of magnitude larger in a nested setup. E.g. in non-nested, the
VMX preemption timer would need to fire precisely between #DB injection
and the #DB handler's read of DR6, whereas with a KVM-on-KVM setup, the
window where hardware DR6 is "dirty" extends all the way from L1 writing
DR6 to VMRESUME (in L1).
L1's view:
==========
<L1 disables DR interception>
CPU 0/KVM-7289 [023] d.... 2925.640961: kvm_entry: vcpu 0
A: L1 Writes DR6
CPU 0/KVM-7289 [023] d.... 2925.640963: <hack>: Set DRs, DR6 = 0xffff0ff1
B: CPU 0/KVM-7289 [023] d.... 2925.640967: kvm_exit: vcpu 0 reason EXTERNAL_INTERRUPT intr_info 0x800000ec
D: L1 reads DR6, arch.dr6 = 0
CPU 0/KVM-7289 [023] d.... 2925.640969: <hack>: Sync DRs, DR6 = 0xffff0ff0
CPU 0/KVM-7289 [023] d.... 2925.640976: kvm_entry: vcpu 0
L2 reads DR6, L1 disables DR interception
CPU 0/KVM-7289 [023] d.... 2925.640980: kvm_exit: vcpu 0 reason DR_ACCESS info1 0x0000000000000216
CPU 0/KVM-7289 [023] d.... 2925.640983: kvm_entry: vcpu 0
CPU 0/KVM-7289 [023] d.... 2925.640983: <hack>: Set DRs, DR6 = 0xffff0ff0
L2 detects failure
CPU 0/KVM-7289 [023] d.... 2925.640987: kvm_exit: vcpu 0 reason HLT
L1 reads DR6 (confirms failure)
CPU 0/KVM-7289 [023] d.... 2925.640990: <hack>: Sync DRs, DR6 = 0xffff0ff0
L0's view:
==========
L2 reads DR6, arch.dr6 = 0
CPU 23/KVM-5046 [001] d.... 3410.005610: kvm_exit: vcpu 23 reason DR_ACCESS info1 0x0000000000000216
CPU 23/KVM-5046 [001] ..... 3410.005610: kvm_nested_vmexit: vcpu 23 reason DR_ACCESS info1 0x0000000000000216
L2 => L1 nested VM-Exit
CPU 23/KVM-5046 [001] ..... 3410.005610: kvm_nested_vmexit_inject: reason: DR_ACCESS ext_inf1: 0x0000000000000216
CPU 23/KVM-5046 [001] d.... 3410.005610: kvm_entry: vcpu 23
CPU 23/KVM-5046 [001] d.... 3410.005611: kvm_exit: vcpu 23 reason VMREAD
CPU 23/KVM-5046 [001] d.... 3410.005611: kvm_entry: vcpu 23
CPU 23/KVM-5046 [001] d.... 3410.005612: kvm_exit: vcpu 23 reason VMREAD
CPU 23/KVM-5046 [001] d.... 3410.005612: kvm_entry: vcpu 23
L1 writes DR7, L0 disables DR interception
CPU 23/KVM-5046 [001] d.... 3410.005612: kvm_exit: vcpu 23 reason DR_ACCESS info1 0x0000000000000007
CPU 23/KVM-5046 [001] d.... 3410.005613: kvm_entry: vcpu 23
L0 writes DR6 = 0 (arch.dr6)
CPU 23/KVM-5046 [001] d.... 3410.005613: <hack>: Set DRs, DR6 = 0xffff0ff0
A: <L1 writes DR6 = 1, no interception, arch.dr6 is still '0'>
B: CPU 23/KVM-5046 [001] d.... 3410.005614: kvm_exit: vcpu 23 reason PREEMPTION_TIMER
CPU 23/KVM-5046 [001] d.... 3410.005614: kvm_entry: vcpu 23
C: L0 writes DR6 = 0 (arch.dr6)
CPU 23/KVM-5046 [001] d.... 3410.005614: <hack>: Set DRs, DR6 = 0xffff0ff0
L1 => L2 nested VM-Enter
CPU 23/KVM-5046 [001] d.... 3410.005616: kvm_exit: vcpu 23 reason VMRESUME
L0 reads DR6, arch.dr6 = 0
Reported-by: John Stultz <jstultz(a)google.com>
Closes: https://lkml.kernel.org/r/CANDhNCq5_F3HfFYABqFGCA1bPd_%2BxgNj-iDQhH4tDk%2Bw…
Fixes: 375e28ffc0cf ("KVM: X86: Set host DR6 only on VMX and for KVM_DEBUGREG_WONT_EXIT")
Fixes: d67668e9dd76 ("KVM: x86, SVM: isolate vcpu->arch.dr6 from vmcb->save.dr6")
Cc: stable(a)vger.kernel.org
Cc: Jim Mattson <jmattson(a)google.com>
Tested-by: John Stultz <jstultz(a)google.com>
Link: https://lore.kernel.org/r/20250125011833.3644371-1-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc(a)google.com>
diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h
index c35550581da0..823c0434bbad 100644
--- a/arch/x86/include/asm/kvm-x86-ops.h
+++ b/arch/x86/include/asm/kvm-x86-ops.h
@@ -48,6 +48,7 @@ KVM_X86_OP(set_idt)
KVM_X86_OP(get_gdt)
KVM_X86_OP(set_gdt)
KVM_X86_OP(sync_dirty_debug_regs)
+KVM_X86_OP(set_dr6)
KVM_X86_OP(set_dr7)
KVM_X86_OP(cache_reg)
KVM_X86_OP(get_rflags)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index b15cde0a9b5c..0b7af5902ff7 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1696,6 +1696,7 @@ struct kvm_x86_ops {
void (*get_gdt)(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void (*set_gdt)(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void (*sync_dirty_debug_regs)(struct kvm_vcpu *vcpu);
+ void (*set_dr6)(struct kvm_vcpu *vcpu, unsigned long value);
void (*set_dr7)(struct kvm_vcpu *vcpu, unsigned long value);
void (*cache_reg)(struct kvm_vcpu *vcpu, enum kvm_reg reg);
unsigned long (*get_rflags)(struct kvm_vcpu *vcpu);
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 7640a84e554a..a713c803a3a3 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -1991,11 +1991,11 @@ static void new_asid(struct vcpu_svm *svm, struct svm_cpu_data *sd)
svm->asid = sd->next_asid++;
}
-static void svm_set_dr6(struct vcpu_svm *svm, unsigned long value)
+static void svm_set_dr6(struct kvm_vcpu *vcpu, unsigned long value)
{
- struct vmcb *vmcb = svm->vmcb;
+ struct vmcb *vmcb = to_svm(vcpu)->vmcb;
- if (svm->vcpu.arch.guest_state_protected)
+ if (vcpu->arch.guest_state_protected)
return;
if (unlikely(value != vmcb->save.dr6)) {
@@ -4247,10 +4247,8 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu,
* Run with all-zero DR6 unless needed, so that we can get the exact cause
* of a #DB.
*/
- if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))
- svm_set_dr6(svm, vcpu->arch.dr6);
- else
- svm_set_dr6(svm, DR6_ACTIVE_LOW);
+ if (likely(!(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT)))
+ svm_set_dr6(vcpu, DR6_ACTIVE_LOW);
clgi();
kvm_load_guest_xsave_state(vcpu);
@@ -5043,6 +5041,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = {
.set_idt = svm_set_idt,
.get_gdt = svm_get_gdt,
.set_gdt = svm_set_gdt,
+ .set_dr6 = svm_set_dr6,
.set_dr7 = svm_set_dr7,
.sync_dirty_debug_regs = svm_sync_dirty_debug_regs,
.cache_reg = svm_cache_reg,
diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c
index 2427f918e763..43ee9ed11291 100644
--- a/arch/x86/kvm/vmx/main.c
+++ b/arch/x86/kvm/vmx/main.c
@@ -61,6 +61,7 @@ struct kvm_x86_ops vt_x86_ops __initdata = {
.set_idt = vmx_set_idt,
.get_gdt = vmx_get_gdt,
.set_gdt = vmx_set_gdt,
+ .set_dr6 = vmx_set_dr6,
.set_dr7 = vmx_set_dr7,
.sync_dirty_debug_regs = vmx_sync_dirty_debug_regs,
.cache_reg = vmx_cache_reg,
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index f72835e85b6d..6c56d5235f0f 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -5648,6 +5648,12 @@ void vmx_sync_dirty_debug_regs(struct kvm_vcpu *vcpu)
set_debugreg(DR6_RESERVED, 6);
}
+void vmx_set_dr6(struct kvm_vcpu *vcpu, unsigned long val)
+{
+ lockdep_assert_irqs_disabled();
+ set_debugreg(vcpu->arch.dr6, 6);
+}
+
void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val)
{
vmcs_writel(GUEST_DR7, val);
@@ -7417,10 +7423,6 @@ fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, bool force_immediate_exit)
vmx->loaded_vmcs->host_state.cr4 = cr4;
}
- /* When KVM_DEBUGREG_WONT_EXIT, dr6 is accessible in guest. */
- if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))
- set_debugreg(vcpu->arch.dr6, 6);
-
/* When single-stepping over STI and MOV SS, we must clear the
* corresponding interruptibility bits in the guest state. Otherwise
* vmentry fails as it then expects bit 14 (BS) in pending debug
diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h
index ce3295a67c04..430773a5ef8e 100644
--- a/arch/x86/kvm/vmx/x86_ops.h
+++ b/arch/x86/kvm/vmx/x86_ops.h
@@ -73,6 +73,7 @@ void vmx_get_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void vmx_set_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void vmx_get_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void vmx_set_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
+void vmx_set_dr6(struct kvm_vcpu *vcpu, unsigned long val);
void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val);
void vmx_sync_dirty_debug_regs(struct kvm_vcpu *vcpu);
void vmx_cache_reg(struct kvm_vcpu *vcpu, enum kvm_reg reg);
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 8e77e61d4fbd..02159c967d29 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -10961,6 +10961,9 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu)
set_debugreg(vcpu->arch.eff_db[1], 1);
set_debugreg(vcpu->arch.eff_db[2], 2);
set_debugreg(vcpu->arch.eff_db[3], 3);
+ /* When KVM_DEBUGREG_WONT_EXIT, dr6 is accessible in guest. */
+ if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))
+ kvm_x86_call(set_dr6)(vcpu, vcpu->arch.dr6);
} else if (unlikely(hw_breakpoint_active())) {
set_debugreg(0, 7);
}
6 days, 10 hours
- 3
- 2
FAILED: patch "[PATCH] KVM: x86: Load DR6 with guest value only before entering" failed to apply to 6.6-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.6-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y
git checkout FETCH_HEAD
git cherry-pick -x c2fee09fc167c74a64adb08656cb993ea475197e
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025021809-census-mammal-224b@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From c2fee09fc167c74a64adb08656cb993ea475197e Mon Sep 17 00:00:00 2001
From: Sean Christopherson <seanjc(a)google.com>
Date: Fri, 24 Jan 2025 17:18:33 -0800
Subject: [PATCH] KVM: x86: Load DR6 with guest value only before entering
.vcpu_run() loop
Move the conditional loading of hardware DR6 with the guest's DR6 value
out of the core .vcpu_run() loop to fix a bug where KVM can load hardware
with a stale vcpu->arch.dr6.
When the guest accesses a DR and host userspace isn't debugging the guest,
KVM disables DR interception and loads the guest's values into hardware on
VM-Enter and saves them on VM-Exit. This allows the guest to access DRs
at will, e.g. so that a sequence of DR accesses to configure a breakpoint
only generates one VM-Exit.
For DR0-DR3, the logic/behavior is identical between VMX and SVM, and also
identical between KVM_DEBUGREG_BP_ENABLED (userspace debugging the guest)
and KVM_DEBUGREG_WONT_EXIT (guest using DRs), and so KVM handles loading
DR0-DR3 in common code, _outside_ of the core kvm_x86_ops.vcpu_run() loop.
But for DR6, the guest's value doesn't need to be loaded into hardware for
KVM_DEBUGREG_BP_ENABLED, and SVM provides a dedicated VMCB field whereas
VMX requires software to manually load the guest value, and so loading the
guest's value into DR6 is handled by {svm,vmx}_vcpu_run(), i.e. is done
_inside_ the core run loop.
Unfortunately, saving the guest values on VM-Exit is initiated by common
x86, again outside of the core run loop. If the guest modifies DR6 (in
hardware, when DR interception is disabled), and then the next VM-Exit is
a fastpath VM-Exit, KVM will reload hardware DR6 with vcpu->arch.dr6 and
clobber the guest's actual value.
The bug shows up primarily with nested VMX because KVM handles the VMX
preemption timer in the fastpath, and the window between hardware DR6
being modified (in guest context) and DR6 being read by guest software is
orders of magnitude larger in a nested setup. E.g. in non-nested, the
VMX preemption timer would need to fire precisely between #DB injection
and the #DB handler's read of DR6, whereas with a KVM-on-KVM setup, the
window where hardware DR6 is "dirty" extends all the way from L1 writing
DR6 to VMRESUME (in L1).
L1's view:
==========
<L1 disables DR interception>
CPU 0/KVM-7289 [023] d.... 2925.640961: kvm_entry: vcpu 0
A: L1 Writes DR6
CPU 0/KVM-7289 [023] d.... 2925.640963: <hack>: Set DRs, DR6 = 0xffff0ff1
B: CPU 0/KVM-7289 [023] d.... 2925.640967: kvm_exit: vcpu 0 reason EXTERNAL_INTERRUPT intr_info 0x800000ec
D: L1 reads DR6, arch.dr6 = 0
CPU 0/KVM-7289 [023] d.... 2925.640969: <hack>: Sync DRs, DR6 = 0xffff0ff0
CPU 0/KVM-7289 [023] d.... 2925.640976: kvm_entry: vcpu 0
L2 reads DR6, L1 disables DR interception
CPU 0/KVM-7289 [023] d.... 2925.640980: kvm_exit: vcpu 0 reason DR_ACCESS info1 0x0000000000000216
CPU 0/KVM-7289 [023] d.... 2925.640983: kvm_entry: vcpu 0
CPU 0/KVM-7289 [023] d.... 2925.640983: <hack>: Set DRs, DR6 = 0xffff0ff0
L2 detects failure
CPU 0/KVM-7289 [023] d.... 2925.640987: kvm_exit: vcpu 0 reason HLT
L1 reads DR6 (confirms failure)
CPU 0/KVM-7289 [023] d.... 2925.640990: <hack>: Sync DRs, DR6 = 0xffff0ff0
L0's view:
==========
L2 reads DR6, arch.dr6 = 0
CPU 23/KVM-5046 [001] d.... 3410.005610: kvm_exit: vcpu 23 reason DR_ACCESS info1 0x0000000000000216
CPU 23/KVM-5046 [001] ..... 3410.005610: kvm_nested_vmexit: vcpu 23 reason DR_ACCESS info1 0x0000000000000216
L2 => L1 nested VM-Exit
CPU 23/KVM-5046 [001] ..... 3410.005610: kvm_nested_vmexit_inject: reason: DR_ACCESS ext_inf1: 0x0000000000000216
CPU 23/KVM-5046 [001] d.... 3410.005610: kvm_entry: vcpu 23
CPU 23/KVM-5046 [001] d.... 3410.005611: kvm_exit: vcpu 23 reason VMREAD
CPU 23/KVM-5046 [001] d.... 3410.005611: kvm_entry: vcpu 23
CPU 23/KVM-5046 [001] d.... 3410.005612: kvm_exit: vcpu 23 reason VMREAD
CPU 23/KVM-5046 [001] d.... 3410.005612: kvm_entry: vcpu 23
L1 writes DR7, L0 disables DR interception
CPU 23/KVM-5046 [001] d.... 3410.005612: kvm_exit: vcpu 23 reason DR_ACCESS info1 0x0000000000000007
CPU 23/KVM-5046 [001] d.... 3410.005613: kvm_entry: vcpu 23
L0 writes DR6 = 0 (arch.dr6)
CPU 23/KVM-5046 [001] d.... 3410.005613: <hack>: Set DRs, DR6 = 0xffff0ff0
A: <L1 writes DR6 = 1, no interception, arch.dr6 is still '0'>
B: CPU 23/KVM-5046 [001] d.... 3410.005614: kvm_exit: vcpu 23 reason PREEMPTION_TIMER
CPU 23/KVM-5046 [001] d.... 3410.005614: kvm_entry: vcpu 23
C: L0 writes DR6 = 0 (arch.dr6)
CPU 23/KVM-5046 [001] d.... 3410.005614: <hack>: Set DRs, DR6 = 0xffff0ff0
L1 => L2 nested VM-Enter
CPU 23/KVM-5046 [001] d.... 3410.005616: kvm_exit: vcpu 23 reason VMRESUME
L0 reads DR6, arch.dr6 = 0
Reported-by: John Stultz <jstultz(a)google.com>
Closes: https://lkml.kernel.org/r/CANDhNCq5_F3HfFYABqFGCA1bPd_%2BxgNj-iDQhH4tDk%2Bw…
Fixes: 375e28ffc0cf ("KVM: X86: Set host DR6 only on VMX and for KVM_DEBUGREG_WONT_EXIT")
Fixes: d67668e9dd76 ("KVM: x86, SVM: isolate vcpu->arch.dr6 from vmcb->save.dr6")
Cc: stable(a)vger.kernel.org
Cc: Jim Mattson <jmattson(a)google.com>
Tested-by: John Stultz <jstultz(a)google.com>
Link: https://lore.kernel.org/r/20250125011833.3644371-1-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc(a)google.com>
diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h
index c35550581da0..823c0434bbad 100644
--- a/arch/x86/include/asm/kvm-x86-ops.h
+++ b/arch/x86/include/asm/kvm-x86-ops.h
@@ -48,6 +48,7 @@ KVM_X86_OP(set_idt)
KVM_X86_OP(get_gdt)
KVM_X86_OP(set_gdt)
KVM_X86_OP(sync_dirty_debug_regs)
+KVM_X86_OP(set_dr6)
KVM_X86_OP(set_dr7)
KVM_X86_OP(cache_reg)
KVM_X86_OP(get_rflags)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index b15cde0a9b5c..0b7af5902ff7 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1696,6 +1696,7 @@ struct kvm_x86_ops {
void (*get_gdt)(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void (*set_gdt)(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void (*sync_dirty_debug_regs)(struct kvm_vcpu *vcpu);
+ void (*set_dr6)(struct kvm_vcpu *vcpu, unsigned long value);
void (*set_dr7)(struct kvm_vcpu *vcpu, unsigned long value);
void (*cache_reg)(struct kvm_vcpu *vcpu, enum kvm_reg reg);
unsigned long (*get_rflags)(struct kvm_vcpu *vcpu);
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 7640a84e554a..a713c803a3a3 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -1991,11 +1991,11 @@ static void new_asid(struct vcpu_svm *svm, struct svm_cpu_data *sd)
svm->asid = sd->next_asid++;
}
-static void svm_set_dr6(struct vcpu_svm *svm, unsigned long value)
+static void svm_set_dr6(struct kvm_vcpu *vcpu, unsigned long value)
{
- struct vmcb *vmcb = svm->vmcb;
+ struct vmcb *vmcb = to_svm(vcpu)->vmcb;
- if (svm->vcpu.arch.guest_state_protected)
+ if (vcpu->arch.guest_state_protected)
return;
if (unlikely(value != vmcb->save.dr6)) {
@@ -4247,10 +4247,8 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu,
* Run with all-zero DR6 unless needed, so that we can get the exact cause
* of a #DB.
*/
- if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))
- svm_set_dr6(svm, vcpu->arch.dr6);
- else
- svm_set_dr6(svm, DR6_ACTIVE_LOW);
+ if (likely(!(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT)))
+ svm_set_dr6(vcpu, DR6_ACTIVE_LOW);
clgi();
kvm_load_guest_xsave_state(vcpu);
@@ -5043,6 +5041,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = {
.set_idt = svm_set_idt,
.get_gdt = svm_get_gdt,
.set_gdt = svm_set_gdt,
+ .set_dr6 = svm_set_dr6,
.set_dr7 = svm_set_dr7,
.sync_dirty_debug_regs = svm_sync_dirty_debug_regs,
.cache_reg = svm_cache_reg,
diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c
index 2427f918e763..43ee9ed11291 100644
--- a/arch/x86/kvm/vmx/main.c
+++ b/arch/x86/kvm/vmx/main.c
@@ -61,6 +61,7 @@ struct kvm_x86_ops vt_x86_ops __initdata = {
.set_idt = vmx_set_idt,
.get_gdt = vmx_get_gdt,
.set_gdt = vmx_set_gdt,
+ .set_dr6 = vmx_set_dr6,
.set_dr7 = vmx_set_dr7,
.sync_dirty_debug_regs = vmx_sync_dirty_debug_regs,
.cache_reg = vmx_cache_reg,
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index f72835e85b6d..6c56d5235f0f 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -5648,6 +5648,12 @@ void vmx_sync_dirty_debug_regs(struct kvm_vcpu *vcpu)
set_debugreg(DR6_RESERVED, 6);
}
+void vmx_set_dr6(struct kvm_vcpu *vcpu, unsigned long val)
+{
+ lockdep_assert_irqs_disabled();
+ set_debugreg(vcpu->arch.dr6, 6);
+}
+
void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val)
{
vmcs_writel(GUEST_DR7, val);
@@ -7417,10 +7423,6 @@ fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, bool force_immediate_exit)
vmx->loaded_vmcs->host_state.cr4 = cr4;
}
- /* When KVM_DEBUGREG_WONT_EXIT, dr6 is accessible in guest. */
- if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))
- set_debugreg(vcpu->arch.dr6, 6);
-
/* When single-stepping over STI and MOV SS, we must clear the
* corresponding interruptibility bits in the guest state. Otherwise
* vmentry fails as it then expects bit 14 (BS) in pending debug
diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h
index ce3295a67c04..430773a5ef8e 100644
--- a/arch/x86/kvm/vmx/x86_ops.h
+++ b/arch/x86/kvm/vmx/x86_ops.h
@@ -73,6 +73,7 @@ void vmx_get_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void vmx_set_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void vmx_get_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void vmx_set_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
+void vmx_set_dr6(struct kvm_vcpu *vcpu, unsigned long val);
void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val);
void vmx_sync_dirty_debug_regs(struct kvm_vcpu *vcpu);
void vmx_cache_reg(struct kvm_vcpu *vcpu, enum kvm_reg reg);
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 8e77e61d4fbd..02159c967d29 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -10961,6 +10961,9 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu)
set_debugreg(vcpu->arch.eff_db[1], 1);
set_debugreg(vcpu->arch.eff_db[2], 2);
set_debugreg(vcpu->arch.eff_db[3], 3);
+ /* When KVM_DEBUGREG_WONT_EXIT, dr6 is accessible in guest. */
+ if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))
+ kvm_x86_call(set_dr6)(vcpu, vcpu->arch.dr6);
} else if (unlikely(hw_breakpoint_active())) {
set_debugreg(0, 7);
}
6 days, 10 hours
- 3
- 2
FAILED: patch "[PATCH] KVM: x86: Load DR6 with guest value only before entering" failed to apply to 6.1-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.1-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y
git checkout FETCH_HEAD
git cherry-pick -x c2fee09fc167c74a64adb08656cb993ea475197e
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025021812-candied-hamper-7f08@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From c2fee09fc167c74a64adb08656cb993ea475197e Mon Sep 17 00:00:00 2001
From: Sean Christopherson <seanjc(a)google.com>
Date: Fri, 24 Jan 2025 17:18:33 -0800
Subject: [PATCH] KVM: x86: Load DR6 with guest value only before entering
.vcpu_run() loop
Move the conditional loading of hardware DR6 with the guest's DR6 value
out of the core .vcpu_run() loop to fix a bug where KVM can load hardware
with a stale vcpu->arch.dr6.
When the guest accesses a DR and host userspace isn't debugging the guest,
KVM disables DR interception and loads the guest's values into hardware on
VM-Enter and saves them on VM-Exit. This allows the guest to access DRs
at will, e.g. so that a sequence of DR accesses to configure a breakpoint
only generates one VM-Exit.
For DR0-DR3, the logic/behavior is identical between VMX and SVM, and also
identical between KVM_DEBUGREG_BP_ENABLED (userspace debugging the guest)
and KVM_DEBUGREG_WONT_EXIT (guest using DRs), and so KVM handles loading
DR0-DR3 in common code, _outside_ of the core kvm_x86_ops.vcpu_run() loop.
But for DR6, the guest's value doesn't need to be loaded into hardware for
KVM_DEBUGREG_BP_ENABLED, and SVM provides a dedicated VMCB field whereas
VMX requires software to manually load the guest value, and so loading the
guest's value into DR6 is handled by {svm,vmx}_vcpu_run(), i.e. is done
_inside_ the core run loop.
Unfortunately, saving the guest values on VM-Exit is initiated by common
x86, again outside of the core run loop. If the guest modifies DR6 (in
hardware, when DR interception is disabled), and then the next VM-Exit is
a fastpath VM-Exit, KVM will reload hardware DR6 with vcpu->arch.dr6 and
clobber the guest's actual value.
The bug shows up primarily with nested VMX because KVM handles the VMX
preemption timer in the fastpath, and the window between hardware DR6
being modified (in guest context) and DR6 being read by guest software is
orders of magnitude larger in a nested setup. E.g. in non-nested, the
VMX preemption timer would need to fire precisely between #DB injection
and the #DB handler's read of DR6, whereas with a KVM-on-KVM setup, the
window where hardware DR6 is "dirty" extends all the way from L1 writing
DR6 to VMRESUME (in L1).
L1's view:
==========
<L1 disables DR interception>
CPU 0/KVM-7289 [023] d.... 2925.640961: kvm_entry: vcpu 0
A: L1 Writes DR6
CPU 0/KVM-7289 [023] d.... 2925.640963: <hack>: Set DRs, DR6 = 0xffff0ff1
B: CPU 0/KVM-7289 [023] d.... 2925.640967: kvm_exit: vcpu 0 reason EXTERNAL_INTERRUPT intr_info 0x800000ec
D: L1 reads DR6, arch.dr6 = 0
CPU 0/KVM-7289 [023] d.... 2925.640969: <hack>: Sync DRs, DR6 = 0xffff0ff0
CPU 0/KVM-7289 [023] d.... 2925.640976: kvm_entry: vcpu 0
L2 reads DR6, L1 disables DR interception
CPU 0/KVM-7289 [023] d.... 2925.640980: kvm_exit: vcpu 0 reason DR_ACCESS info1 0x0000000000000216
CPU 0/KVM-7289 [023] d.... 2925.640983: kvm_entry: vcpu 0
CPU 0/KVM-7289 [023] d.... 2925.640983: <hack>: Set DRs, DR6 = 0xffff0ff0
L2 detects failure
CPU 0/KVM-7289 [023] d.... 2925.640987: kvm_exit: vcpu 0 reason HLT
L1 reads DR6 (confirms failure)
CPU 0/KVM-7289 [023] d.... 2925.640990: <hack>: Sync DRs, DR6 = 0xffff0ff0
L0's view:
==========
L2 reads DR6, arch.dr6 = 0
CPU 23/KVM-5046 [001] d.... 3410.005610: kvm_exit: vcpu 23 reason DR_ACCESS info1 0x0000000000000216
CPU 23/KVM-5046 [001] ..... 3410.005610: kvm_nested_vmexit: vcpu 23 reason DR_ACCESS info1 0x0000000000000216
L2 => L1 nested VM-Exit
CPU 23/KVM-5046 [001] ..... 3410.005610: kvm_nested_vmexit_inject: reason: DR_ACCESS ext_inf1: 0x0000000000000216
CPU 23/KVM-5046 [001] d.... 3410.005610: kvm_entry: vcpu 23
CPU 23/KVM-5046 [001] d.... 3410.005611: kvm_exit: vcpu 23 reason VMREAD
CPU 23/KVM-5046 [001] d.... 3410.005611: kvm_entry: vcpu 23
CPU 23/KVM-5046 [001] d.... 3410.005612: kvm_exit: vcpu 23 reason VMREAD
CPU 23/KVM-5046 [001] d.... 3410.005612: kvm_entry: vcpu 23
L1 writes DR7, L0 disables DR interception
CPU 23/KVM-5046 [001] d.... 3410.005612: kvm_exit: vcpu 23 reason DR_ACCESS info1 0x0000000000000007
CPU 23/KVM-5046 [001] d.... 3410.005613: kvm_entry: vcpu 23
L0 writes DR6 = 0 (arch.dr6)
CPU 23/KVM-5046 [001] d.... 3410.005613: <hack>: Set DRs, DR6 = 0xffff0ff0
A: <L1 writes DR6 = 1, no interception, arch.dr6 is still '0'>
B: CPU 23/KVM-5046 [001] d.... 3410.005614: kvm_exit: vcpu 23 reason PREEMPTION_TIMER
CPU 23/KVM-5046 [001] d.... 3410.005614: kvm_entry: vcpu 23
C: L0 writes DR6 = 0 (arch.dr6)
CPU 23/KVM-5046 [001] d.... 3410.005614: <hack>: Set DRs, DR6 = 0xffff0ff0
L1 => L2 nested VM-Enter
CPU 23/KVM-5046 [001] d.... 3410.005616: kvm_exit: vcpu 23 reason VMRESUME
L0 reads DR6, arch.dr6 = 0
Reported-by: John Stultz <jstultz(a)google.com>
Closes: https://lkml.kernel.org/r/CANDhNCq5_F3HfFYABqFGCA1bPd_%2BxgNj-iDQhH4tDk%2Bw…
Fixes: 375e28ffc0cf ("KVM: X86: Set host DR6 only on VMX and for KVM_DEBUGREG_WONT_EXIT")
Fixes: d67668e9dd76 ("KVM: x86, SVM: isolate vcpu->arch.dr6 from vmcb->save.dr6")
Cc: stable(a)vger.kernel.org
Cc: Jim Mattson <jmattson(a)google.com>
Tested-by: John Stultz <jstultz(a)google.com>
Link: https://lore.kernel.org/r/20250125011833.3644371-1-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc(a)google.com>
diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h
index c35550581da0..823c0434bbad 100644
--- a/arch/x86/include/asm/kvm-x86-ops.h
+++ b/arch/x86/include/asm/kvm-x86-ops.h
@@ -48,6 +48,7 @@ KVM_X86_OP(set_idt)
KVM_X86_OP(get_gdt)
KVM_X86_OP(set_gdt)
KVM_X86_OP(sync_dirty_debug_regs)
+KVM_X86_OP(set_dr6)
KVM_X86_OP(set_dr7)
KVM_X86_OP(cache_reg)
KVM_X86_OP(get_rflags)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index b15cde0a9b5c..0b7af5902ff7 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1696,6 +1696,7 @@ struct kvm_x86_ops {
void (*get_gdt)(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void (*set_gdt)(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void (*sync_dirty_debug_regs)(struct kvm_vcpu *vcpu);
+ void (*set_dr6)(struct kvm_vcpu *vcpu, unsigned long value);
void (*set_dr7)(struct kvm_vcpu *vcpu, unsigned long value);
void (*cache_reg)(struct kvm_vcpu *vcpu, enum kvm_reg reg);
unsigned long (*get_rflags)(struct kvm_vcpu *vcpu);
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 7640a84e554a..a713c803a3a3 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -1991,11 +1991,11 @@ static void new_asid(struct vcpu_svm *svm, struct svm_cpu_data *sd)
svm->asid = sd->next_asid++;
}
-static void svm_set_dr6(struct vcpu_svm *svm, unsigned long value)
+static void svm_set_dr6(struct kvm_vcpu *vcpu, unsigned long value)
{
- struct vmcb *vmcb = svm->vmcb;
+ struct vmcb *vmcb = to_svm(vcpu)->vmcb;
- if (svm->vcpu.arch.guest_state_protected)
+ if (vcpu->arch.guest_state_protected)
return;
if (unlikely(value != vmcb->save.dr6)) {
@@ -4247,10 +4247,8 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu,
* Run with all-zero DR6 unless needed, so that we can get the exact cause
* of a #DB.
*/
- if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))
- svm_set_dr6(svm, vcpu->arch.dr6);
- else
- svm_set_dr6(svm, DR6_ACTIVE_LOW);
+ if (likely(!(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT)))
+ svm_set_dr6(vcpu, DR6_ACTIVE_LOW);
clgi();
kvm_load_guest_xsave_state(vcpu);
@@ -5043,6 +5041,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = {
.set_idt = svm_set_idt,
.get_gdt = svm_get_gdt,
.set_gdt = svm_set_gdt,
+ .set_dr6 = svm_set_dr6,
.set_dr7 = svm_set_dr7,
.sync_dirty_debug_regs = svm_sync_dirty_debug_regs,
.cache_reg = svm_cache_reg,
diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c
index 2427f918e763..43ee9ed11291 100644
--- a/arch/x86/kvm/vmx/main.c
+++ b/arch/x86/kvm/vmx/main.c
@@ -61,6 +61,7 @@ struct kvm_x86_ops vt_x86_ops __initdata = {
.set_idt = vmx_set_idt,
.get_gdt = vmx_get_gdt,
.set_gdt = vmx_set_gdt,
+ .set_dr6 = vmx_set_dr6,
.set_dr7 = vmx_set_dr7,
.sync_dirty_debug_regs = vmx_sync_dirty_debug_regs,
.cache_reg = vmx_cache_reg,
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index f72835e85b6d..6c56d5235f0f 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -5648,6 +5648,12 @@ void vmx_sync_dirty_debug_regs(struct kvm_vcpu *vcpu)
set_debugreg(DR6_RESERVED, 6);
}
+void vmx_set_dr6(struct kvm_vcpu *vcpu, unsigned long val)
+{
+ lockdep_assert_irqs_disabled();
+ set_debugreg(vcpu->arch.dr6, 6);
+}
+
void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val)
{
vmcs_writel(GUEST_DR7, val);
@@ -7417,10 +7423,6 @@ fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, bool force_immediate_exit)
vmx->loaded_vmcs->host_state.cr4 = cr4;
}
- /* When KVM_DEBUGREG_WONT_EXIT, dr6 is accessible in guest. */
- if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))
- set_debugreg(vcpu->arch.dr6, 6);
-
/* When single-stepping over STI and MOV SS, we must clear the
* corresponding interruptibility bits in the guest state. Otherwise
* vmentry fails as it then expects bit 14 (BS) in pending debug
diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h
index ce3295a67c04..430773a5ef8e 100644
--- a/arch/x86/kvm/vmx/x86_ops.h
+++ b/arch/x86/kvm/vmx/x86_ops.h
@@ -73,6 +73,7 @@ void vmx_get_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void vmx_set_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void vmx_get_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
void vmx_set_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt);
+void vmx_set_dr6(struct kvm_vcpu *vcpu, unsigned long val);
void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val);
void vmx_sync_dirty_debug_regs(struct kvm_vcpu *vcpu);
void vmx_cache_reg(struct kvm_vcpu *vcpu, enum kvm_reg reg);
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 8e77e61d4fbd..02159c967d29 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -10961,6 +10961,9 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu)
set_debugreg(vcpu->arch.eff_db[1], 1);
set_debugreg(vcpu->arch.eff_db[2], 2);
set_debugreg(vcpu->arch.eff_db[3], 3);
+ /* When KVM_DEBUGREG_WONT_EXIT, dr6 is accessible in guest. */
+ if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))
+ kvm_x86_call(set_dr6)(vcpu, vcpu->arch.dr6);
} else if (unlikely(hw_breakpoint_active())) {
set_debugreg(0, 7);
}
6 days, 10 hours
- 3
- 2
Re: [PATCH] Handle Ice Lake MONITOR erratum
by Christian Ludloff
> [ICX143 in https://cdrdv2.intel.com/v1/dl/getContent/637780]
> There is no equivalent erratum for the "Xeon D" Ice Lakes so
> INTEL_ICELAKE_D is not affected.
There is ICXD80 in...
https://www.intel.com/content/www/us/en/content-details/714069/intel-xeon-d…
https://www.intel.com/content/www/us/en/content-details/714071/intel-xeon-d…
And although the ICL spec update...
https://edc.intel.com/content/www/us/en/design/ipla/software-development-pl…
...doesn't seem to have a MONITOR erratum, it might be a good
idea for Intel to double check.
--
Christian
6 days, 11 hours
- 2
- 1
[PATCH v5] Restrict devmem for confidential VMs
by Dan Williams
Changes since v3 [1] (note v4 was a partial re-roll, but more feedback
came in requiring a v5):
- Fix a kbuild robot report for a missing header include of cc_platform.h
- Switch to selecting STRICT_DEVMEM and IOSTRICT_DEVMEM rather than
"depends on". (Naveen)
- Clarify the "SEPT violation" vs "crash" and other changelog fixups for
devmem maintainers and other arch maintainers. (Dave)
- Drop patch numbering since patch2 is a fix and has no dependencies on
patch1
[1]: http://lore.kernel.org/174491711228.1395340.3647010925173796093.stgit@dwill…
---
The original response to Nikolay's report of a "crash" (unhandled SEPT
violation) triggered by /dev/mem access to private memory was "let's
just turn off /dev/mem".
After some machinations of x86_platform_ops to block a subset of
problematic access, spelunking the history of devmem_is_allowed()
returning "2" to enable some compatibility benefits while blocking
access, and discovering that userspace depends buggy kernel behavior for
mmap(2) of the first 1MB of memory on x86, the proposal has circled back
to "disable /dev/mem".
Require both STRICT_DEVMEM and IO_STRICT_DEVMEM for x86 confidential
guests to close /dev/mem hole while still allowing for userspace
mapping of PCI MMIO as long as the kernel and userspace are not mapping
the range at the same time.
The range_is_allowed() cleanup is not strictly necessary, but might as
well close a 17 year-old "TODO".
Dan Williams (2):
x86/devmem: Remove duplicate range_is_allowed() definition
x86/devmem: Drop /dev/mem access for confidential guests
arch/x86/Kconfig | 4 ++++
arch/x86/mm/pat/memtype.c | 31 ++++---------------------------
drivers/char/mem.c | 28 ++++++++++------------------
include/linux/io.h | 21 +++++++++++++++++++++
4 files changed, 39 insertions(+), 45 deletions(-)
base-commit: 0af2f6be1b4281385b618cb86ad946eded089ac8
--
2.49.0
6 days, 12 hours
- 4
- 10
[PATCH 6.1 00/16] xfs backports for 6.1.y from 6.10
by Leah Rumancik
Hello again,
This is the 6.1.y backports set from 6.10 which corresponds to the 6.6.y
backports set from here:
https://lore.kernel.org/all/20241002174108.64615-1-catherine.hoang@oracle.c…
The following patches were included:
f43bd357fde0 xfs: fix error returns from xfs_bmapi_write
4bcef72d96b5 xfs: fix xfs_bmap_add_extent_delay_real for partial conversions
c299188b443a xfs: remove a racy if_bytes check in xfs_reflink_end_cow_extent
c13c21f77824 xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item recovey
0934046e3392 xfs: check opcode and iovec count match in xlog_recover_attri_commit_pass2
9716cdcc2f9e xfs: validate recovered name buffers when recovering xattr items
20adb1e2f069 xfs: revert commit 44af6c7e59b12
f24ba2183148 xfs: match lock mode in xfs_buffered_write_iomap_begin()
0f726c17dfd8 xfs: make the seq argument to xfs_bmapi_convert_delalloc() optional
36081fd0ee37 xfs: make xfs_bmapi_convert_delalloc() to allocate the target offset
4c99f3026cf2 xfs: convert delayed extents to unwritten when zeroing post eof blocks
0aca73915dc1 xfs: allow symlinks with short remote targets
0e52b98bf041 xfs: make sure sb_fdblocks is non-negative
2bc2d49c36c2 xfs: fix freeing speculative preallocations for preallocated files
3eeac3311683 xfs: allow unlinked symlinks and dirs with zero size
9a0ab4fc28ed xfs: restrict when we try to align cow fork delalloc to cowextsz hints
The following patches were omitted:
cad051826d83 xfs: fix missing check for invalid attr flags
scrub
db460c26f0b0 xfs: check shortform attr entry flags specifically
scrub
5689d2345a01 xfs: enforce one namespace per attribute
doesn't cherry pick cleanly, it is some refactoring and isn't a
dependency for other patches, lets skip it for now
7c03b124353a xfs: use dontcache for grabbing inodes during scrub
scrub
740a427e8f45 xfs: fix unlink vs cluster buffer instantiation race
already in 6.1.y
No fixes were found on mainline for any of the patches being ported.
The auto group was run 1x on each of these configs:
xfs/4k
xfs/1k
xfs/logdev
xfs/realtime
xfs/quota
xfs/v4
xfs/dax
xfs/adv
xfs/dirblock_8k
and no regressions were seen. This set has already been ack'd on the
xfs-stable list.
Let me know if you see any issues. Thanks,
Leah
Christoph Hellwig (4):
xfs: fix error returns from xfs_bmapi_write
xfs: fix xfs_bmap_add_extent_delay_real for partial conversions
xfs: remove a racy if_bytes check in xfs_reflink_end_cow_extent
xfs: fix freeing speculative preallocations for preallocated files
Darrick J. Wong (7):
xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item
recovery
xfs: check opcode and iovec count match in
xlog_recover_attri_commit_pass2
xfs: validate recovered name buffers when recovering xattr items
xfs: revert commit 44af6c7e59b12
xfs: allow symlinks with short remote targets
xfs: allow unlinked symlinks and dirs with zero size
xfs: restrict when we try to align cow fork delalloc to cowextsz hints
Wengang Wang (1):
xfs: make sure sb_fdblocks is non-negative
Zhang Yi (4):
xfs: match lock mode in xfs_buffered_write_iomap_begin()
xfs: make the seq argument to xfs_bmapi_convert_delalloc() optional
xfs: make xfs_bmapi_convert_delalloc() to allocate the target offset
xfs: convert delayed extents to unwritten when zeroing post eof blocks
fs/xfs/libxfs/xfs_attr_remote.c | 1 -
fs/xfs/libxfs/xfs_bmap.c | 130 ++++++++++++++++++++++++++------
fs/xfs/libxfs/xfs_da_btree.c | 20 ++---
fs/xfs/libxfs/xfs_inode_buf.c | 47 ++++++++++--
fs/xfs/libxfs/xfs_sb.c | 7 +-
fs/xfs/scrub/attr.c | 5 ++
fs/xfs/xfs_aops.c | 54 ++++---------
fs/xfs/xfs_attr_item.c | 88 ++++++++++++++++++---
fs/xfs/xfs_bmap_util.c | 61 +++++++++------
fs/xfs/xfs_bmap_util.h | 2 +-
fs/xfs/xfs_dquot.c | 1 -
fs/xfs/xfs_icache.c | 2 +-
fs/xfs/xfs_inode.c | 14 +---
fs/xfs/xfs_iomap.c | 81 +++++++++++---------
fs/xfs/xfs_reflink.c | 20 -----
fs/xfs/xfs_rtalloc.c | 2 -
16 files changed, 342 insertions(+), 193 deletions(-)
--
2.49.0.906.g1f30a19c02-goog
6 days, 13 hours
- 2
- 32
[PATCH stable 6.6 00/10] bpf: track changes_pkt_data property for global functions
by Shung-Hsi Yu
Fix the bypassing of invalid packet pointer check in 6.6 by backporting
the entire "bpf: track changes_pkt_data property for global functions"
series[1], along with the follow up, "bpf: fix NPE when computing
changes_pkt_data of program w/o subprograms" series[2]; both from
Eduard.
I had ran the BPF selftests after backporting, confirmed that newly
added BPF selftests passes, and that no new failure observed in BPF
selftests (dummy_st_ops, ns_current_pid_tgid, test_bpf_ma, and
test_bpffs are failing even without this patchset applied). See [3] for
the full log.
#50/1 changes_pkt_data_freplace/changes_pkt_data_with_changes_pkt_data:OK
#50/2 changes_pkt_data_freplace/changes_pkt_data_with_does_not_change_pkt_data:OK
#50/3 changes_pkt_data_freplace/does_not_change_pkt_data_with_changes_pkt_data:OK
#50/4 changes_pkt_data_freplace/does_not_change_pkt_data_with_does_not_change_pkt_data:OK
#50/5 changes_pkt_data_freplace/main_changes_with_changes_pkt_data:OK
#50/6 changes_pkt_data_freplace/main_changes_with_does_not_change_pkt_data:OK
#50/7 changes_pkt_data_freplace/main_does_not_change_with_changes_pkt_data:OK
#50/8 changes_pkt_data_freplace/main_does_not_change_with_does_not_change_pkt_data:OK
#395/57 verifier_sock/invalidate_pkt_pointers_from_global_func:OK
#395/58 verifier_sock/invalidate_pkt_pointers_by_tail_call:OK
1: https://lore.kernel.org/all/20241210041100.1898468-1-eddyz87@gmail.com/
2: https://lore.kernel.org/all/20241212070711.427443-1-eddyz87@gmail.com/
3: https://github.com/shunghsiyu/libbpf/actions/runs/14747347842/job/413971041…
Eduard Zingerman (10):
bpf: add find_containing_subprog() utility function
bpf: refactor bpf_helper_changes_pkt_data to use helper number
bpf: track changes_pkt_data property for global functions
selftests/bpf: test for changing packet data from global functions
bpf: check changes_pkt_data property for extension programs
selftests/bpf: freplace tests for tracking of changes_packet_data
bpf: consider that tail calls invalidate packet pointers
selftests/bpf: validate that tail call invalidates packet pointers
bpf: fix null dereference when computing changes_pkt_data of prog w/o
subprogs
selftests/bpf: extend changes_pkt_data with cases w/o subprograms
include/linux/bpf.h | 1 +
include/linux/bpf_verifier.h | 1 +
include/linux/filter.h | 2 +-
kernel/bpf/core.c | 2 +-
kernel/bpf/verifier.c | 81 +++++++++++--
net/core/filter.c | 63 +++++------
.../bpf/prog_tests/changes_pkt_data.c | 107 ++++++++++++++++++
.../selftests/bpf/progs/changes_pkt_data.c | 39 +++++++
.../bpf/progs/changes_pkt_data_freplace.c | 18 +++
.../selftests/bpf/progs/verifier_sock.c | 56 +++++++++
10 files changed, 324 insertions(+), 46 deletions(-)
create mode 100644 tools/testing/selftests/bpf/prog_tests/changes_pkt_data.c
create mode 100644 tools/testing/selftests/bpf/progs/changes_pkt_data.c
create mode 100644 tools/testing/selftests/bpf/progs/changes_pkt_data_freplace.c
--
2.49.0
6 days, 13 hours
- 2
- 20
[PATCH 6.12.y 0/6] Bluetooth: btusb: add a bunch of USB device IDs for Qualcomm WCN785x
by Alexander Tsoy
This was tested on a device with USB ID 2c7c:0130
6 days, 13 hours
- 2
- 12
FAILED: patch "[PATCH] comedi: jr3_pci: Fix synchronous deletion of timer" failed to apply to 5.4-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.4-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y
git checkout FETCH_HEAD
git cherry-pick -x 44d9b3f584c59a606b521e7274e658d5b866c699
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025042808-vastly-armrest-7811@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 44d9b3f584c59a606b521e7274e658d5b866c699 Mon Sep 17 00:00:00 2001
From: Ian Abbott <abbotti(a)mev.co.uk>
Date: Tue, 15 Apr 2025 13:39:01 +0100
Subject: [PATCH] comedi: jr3_pci: Fix synchronous deletion of timer
When `jr3_pci_detach()` is called during device removal, it calls
`timer_delete_sync()` to stop the timer, but the timer expiry function
always reschedules the timer, so the synchronization is ineffective.
Call `timer_shutdown_sync()` instead. It does not matter that the timer
expiry function pointer is cleared, because the device is being removed.
Fixes: 07b509e6584a5 ("Staging: comedi: add jr3_pci driver")
Cc: stable <stable(a)kernel.org>
Signed-off-by: Ian Abbott <abbotti(a)mev.co.uk>
Link: https://lore.kernel.org/r/20250415123901.13483-1-abbotti@mev.co.uk
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
diff --git a/drivers/comedi/drivers/jr3_pci.c b/drivers/comedi/drivers/jr3_pci.c
index cdc842b32bab..75dce1ff2419 100644
--- a/drivers/comedi/drivers/jr3_pci.c
+++ b/drivers/comedi/drivers/jr3_pci.c
@@ -758,7 +758,7 @@ static void jr3_pci_detach(struct comedi_device *dev)
struct jr3_pci_dev_private *devpriv = dev->private;
if (devpriv)
- timer_delete_sync(&devpriv->timer);
+ timer_shutdown_sync(&devpriv->timer);
comedi_pci_detach(dev);
}
6 days, 13 hours
- 3
- 2
FAILED: patch "[PATCH] binder: fix offset calculation in debug log" failed to apply to 6.12-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.12-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y
git checkout FETCH_HEAD
git cherry-pick -x 170d1a3738908eef6a0dbf378ea77fb4ae8e294d
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025042803-deflected-overdue-01a5@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 170d1a3738908eef6a0dbf378ea77fb4ae8e294d Mon Sep 17 00:00:00 2001
From: Carlos Llamas <cmllamas(a)google.com>
Date: Tue, 25 Mar 2025 18:49:00 +0000
Subject: [PATCH] binder: fix offset calculation in debug log
The vma start address should be substracted from the buffer's user data
address and not the other way around.
Cc: Tiffany Y. Yang <ynaffit(a)google.com>
Cc: stable <stable(a)kernel.org>
Fixes: 162c79731448 ("binder: avoid user addresses in debug logs")
Signed-off-by: Carlos Llamas <cmllamas(a)google.com>
Reviewed-by: Tiffany Y. Yang <ynaffit(a)google.com>
Link: https://lore.kernel.org/r/20250325184902.587138-1-cmllamas@google.com
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index 76052006bd87..5fc2c8ee61b1 100644
--- a/drivers/android/binder.c
+++ b/drivers/android/binder.c
@@ -6373,7 +6373,7 @@ static void print_binder_transaction_ilocked(struct seq_file *m,
seq_printf(m, " node %d", buffer->target_node->debug_id);
seq_printf(m, " size %zd:%zd offset %lx\n",
buffer->data_size, buffer->offsets_size,
- proc->alloc.vm_start - buffer->user_data);
+ buffer->user_data - proc->alloc.vm_start);
}
static void print_binder_work_ilocked(struct seq_file *m,
6 days, 13 hours
- 3
- 2
[PATCH stable v6.6] riscv: kprobes: Fix wrong lengths passed to patch_text_nosync()
by Nam Cao
Unlike patch_text(), patch_text_nosync() takes the length in bytes, not
number of instructions. It is therefore wrong for arch_prepare_ss_slot() to
pass length=1 while patching one instruction.
This bug was introduced by commit b1756750a397 ("riscv: kprobes: Use
patch_text_nosync() for insn slots"). It has been fixed upstream by commit
51781ce8f448 ("riscv: Pass patch_text() the length in bytes"). However,
beside fixing this bug, this commit does many other things, making it
unsuitable for backporting.
Fix it by properly passing the lengths in bytes.
Fixes: b1756750a397 ("riscv: kprobes: Use patch_text_nosync() for insn slots")
Signed-off-by: Nam Cao <namcao(a)linutronix.de>
---
arch/riscv/kernel/probes/kprobes.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/riscv/kernel/probes/kprobes.c b/arch/riscv/kernel/probes/kprobes.c
index 4fbc70e823f0..dc431b965bc3 100644
--- a/arch/riscv/kernel/probes/kprobes.c
+++ b/arch/riscv/kernel/probes/kprobes.c
@@ -28,8 +28,8 @@ static void __kprobes arch_prepare_ss_slot(struct kprobe *p)
p->ainsn.api.restore = (unsigned long)p->addr + offset;
- patch_text_nosync(p->ainsn.api.insn, &p->opcode, 1);
- patch_text_nosync((void *)p->ainsn.api.insn + offset, &insn, 1);
+ patch_text_nosync(p->ainsn.api.insn, &p->opcode, offset);
+ patch_text_nosync((void *)p->ainsn.api.insn + offset, &insn, sizeof(insn));
}
static void __kprobes arch_prepare_simulate(struct kprobe *p)
--
2.39.5
6 days, 13 hours
- 3
- 4
FAILED: patch "[PATCH] comedi: jr3_pci: Fix synchronous deletion of timer" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x 44d9b3f584c59a606b521e7274e658d5b866c699
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025042807-vanquish-unbeaten-57ab@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 44d9b3f584c59a606b521e7274e658d5b866c699 Mon Sep 17 00:00:00 2001
From: Ian Abbott <abbotti(a)mev.co.uk>
Date: Tue, 15 Apr 2025 13:39:01 +0100
Subject: [PATCH] comedi: jr3_pci: Fix synchronous deletion of timer
When `jr3_pci_detach()` is called during device removal, it calls
`timer_delete_sync()` to stop the timer, but the timer expiry function
always reschedules the timer, so the synchronization is ineffective.
Call `timer_shutdown_sync()` instead. It does not matter that the timer
expiry function pointer is cleared, because the device is being removed.
Fixes: 07b509e6584a5 ("Staging: comedi: add jr3_pci driver")
Cc: stable <stable(a)kernel.org>
Signed-off-by: Ian Abbott <abbotti(a)mev.co.uk>
Link: https://lore.kernel.org/r/20250415123901.13483-1-abbotti@mev.co.uk
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
diff --git a/drivers/comedi/drivers/jr3_pci.c b/drivers/comedi/drivers/jr3_pci.c
index cdc842b32bab..75dce1ff2419 100644
--- a/drivers/comedi/drivers/jr3_pci.c
+++ b/drivers/comedi/drivers/jr3_pci.c
@@ -758,7 +758,7 @@ static void jr3_pci_detach(struct comedi_device *dev)
struct jr3_pci_dev_private *devpriv = dev->private;
if (devpriv)
- timer_delete_sync(&devpriv->timer);
+ timer_shutdown_sync(&devpriv->timer);
comedi_pci_detach(dev);
}
6 days, 13 hours
- 3
- 2